Posted on by Laszlo

Install Openstack Platform 14 Director on Red Hat Enterprise Linux 7.6

At first you have to create a named user stack.

useradd stack
passwd stack

echo "stack ALL=(root) NOPASSWD:ALL" | tee -a /etc/sudoers.d/stack
chmod 0440 /etc/sudoers.d/stack

Create folders for images and temlates.

su - stack
mkdir ~/images
mkdir ~/templates

Set hostname of this server.

sudo hostnamectl set-hostname director.cloud.laszlolaszlo.com
sudo hostnamectl set-hostname --transient director.cloud.laszlolaszlo.com

Register your server to RHSM and enable needed repositories.

sudo subscription-manager register \
--release=7.6 \
--username=YOURUSER \
--password=YOURPASS

sudo subscription-manager list --available --all --matches="Red Hat OpenStack"
sudo subscription-manager attach --pool=YOURPOOLID

sudo subscription-manager repos --disable=*
sudo subscription-manager repos \
--enable=rhel-7-server-rpms \
--enable=rhel-7-server-extras-rpms \
--enable=rhel-7-server-rh-common-rpms \
--enable=rhel-ha-for-rhel-7-server-rpms \
--enable=rhel-7-server-rhceph-3-tools-rpms \
--enable=rhel-7-server-openstack-14-rpms

sudo yum update -y
sudo reboot

You have to install python-tripleoclient and some other required packages depends on your environment. I use HPE BL460C Gen9 serveres in my lab so I need python-proliantutils extra package and its dependecies. I will install some usefull packages like telnet and tcpdump as well.

sudo yum install -y python-tripleoclient crudini ceph-ansible python-proliantutils ipmitool telnet tcpdump

Create Docker containers environment file (containers-prepare-parameter.yaml) for later use. I will use –local-push-destination parameter because I like to save Docker images to local registry on this server. Later overcloud nodes will able to connect to this local registry to save bandwith and time for deployment.

openstack tripleo container image prepare default \
--local-push-destination \
--output-env-file containers-prepare-parameter.yaml

Copy the sample undercloud.conf to stack user home directory.

cp /usr/share/python-tripleoclient/undercloud.conf.sample ~/undercloud.conf

Use crudini command to set up your undercloud.conf file. There’re several parameters with comments in the undercloud.conf.sample. 

crudini --set ~/undercloud.conf DEFAULT local_interface ens224
crudini --set ~/undercloud.conf DEFAULT local_ip 172.22.137.12/24
crudini --set ~/undercloud.conf DEFAULT overcloud_domain_name cloud.laszlolaszlo.com
crudini --set ~/undercloud.conf DEFAULT undercloud_admin_host 172.22.142.13
crudini --set ~/undercloud.conf DEFAULT undercloud_hostname director.cloud.laszlolaszlo.com
crudini --set ~/undercloud.conf DEFAULT undercloud_nameservers 172.22.137.11
crudini --set ~/undercloud.conf DEFAULT undercloud_ntp_servers 172.22.137.11
crudini --set ~/undercloud.conf DEFAULT undercloud_public_host 172.22.142.14
crudini --set ~/undercloud.conf DEFAULT certificate_generation_ca local
crudini --set ~/undercloud.conf DEFAULT generate_service_certificate true
crudini --set ~/undercloud.conf DEFAULT enable_ui true
crudini --set ~/undercloud.conf ctlplane-subnet cidr 172.22.137.0/24
crudini --set ~/undercloud.conf ctlplane-subnet dhcp_end 172.22.137.200
crudini --set ~/undercloud.conf ctlplane-subnet dhcp_start 172.22.137.180
crudini --set ~/undercloud.conf ctlplane-subnet gateway 172.22.137.12
crudini --set ~/undercloud.conf ctlplane-subnet masquerade true
crudini --set ~/undercloud.conf ctlplane-subnet inspection_iprange 172.22.137.201,172.22.137.220
crudini --set ~/undercloud.conf DEFAULT enable_telemetry false
crudini --set ~/undercloud.conf DEFAULT discovery_default_driver ilo
crudini --set ~/undercloud.conf DEFAULT enabled_hardware_types ilo,ipmi,redfish
crudini --set ~/undercloud.conf DEFAULT enable_node_discovery False
crudini --set ~/undercloud.conf DEFAULT ipxe_enabled True
crudini --set ~/undercloud.conf DEFAULT inspection_enable_uefi True
crudini --set ~/undercloud.conf DEFAULT hieradata_override haproxy-hiera-overrides.yaml

Override HAProxy default TLS settings.

cat <<EOF>~/haproxy-hiera-overrides.yaml
tripleo::haproxy::ssl_cipher_suite: ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
tripleo::haproxy::ssl_options: no-sslv3 no-tls-tickets no-tlsv10 no-tlsv11
EOF

Let’s install the Undercloud.

openstack undercloud install

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.