At first you have to create a named user stack.
useradd stack passwd stack echo "stack ALL=(root) NOPASSWD:ALL" | tee -a /etc/sudoers.d/stack chmod 0440 /etc/sudoers.d/stack
Create folders for images and temlates.
su - stack mkdir ~/images mkdir ~/templates
Set hostname of this server.
sudo hostnamectl set-hostname director.cloud.laszlolaszlo.com sudo hostnamectl set-hostname --transient director.cloud.laszlolaszlo.com
Register your server to RHSM and enable needed repositories.
sudo subscription-manager register \ --release=7.6 \ --username=YOURUSER \ --password=YOURPASS sudo subscription-manager list --available --all --matches="Red Hat OpenStack" sudo subscription-manager attach --pool=YOURPOOLID sudo subscription-manager repos --disable=* sudo subscription-manager repos \ --enable=rhel-7-server-rpms \ --enable=rhel-7-server-extras-rpms \ --enable=rhel-7-server-rh-common-rpms \ --enable=rhel-ha-for-rhel-7-server-rpms \ --enable=rhel-7-server-rhceph-3-tools-rpms \ --enable=rhel-7-server-openstack-14-rpms sudo yum update -y sudo reboot
You have to install python-tripleoclient and some other required packages depends on your environment. I use HPE BL460C Gen9 serveres in my lab so I need python-proliantutils extra package and its dependecies. I will install some usefull packages like telnet and tcpdump as well.
sudo yum install -y python-tripleoclient crudini ceph-ansible python-proliantutils ipmitool telnet tcpdump
Create Docker containers environment file (containers-prepare-parameter.yaml) for later use. I will use –local-push-destination parameter because I like to save Docker images to local registry on this server. Later overcloud nodes will able to connect to this local registry to save bandwith and time for deployment.
openstack tripleo container image prepare default \ --local-push-destination \ --output-env-file containers-prepare-parameter.yaml
Copy the sample undercloud.conf to stack user home directory.
cp /usr/share/python-tripleoclient/undercloud.conf.sample ~/undercloud.conf
Use crudini command to set up your undercloud.conf file. There’re several parameters with comments in the undercloud.conf.sample.
crudini --set ~/undercloud.conf DEFAULT local_interface ens224 crudini --set ~/undercloud.conf DEFAULT local_ip 172.22.137.12/24 crudini --set ~/undercloud.conf DEFAULT overcloud_domain_name cloud.laszlolaszlo.com crudini --set ~/undercloud.conf DEFAULT undercloud_admin_host 172.22.142.13 crudini --set ~/undercloud.conf DEFAULT undercloud_hostname director.cloud.laszlolaszlo.com crudini --set ~/undercloud.conf DEFAULT undercloud_nameservers 172.22.137.11 crudini --set ~/undercloud.conf DEFAULT undercloud_ntp_servers 172.22.137.11 crudini --set ~/undercloud.conf DEFAULT undercloud_public_host 172.22.142.14 crudini --set ~/undercloud.conf DEFAULT certificate_generation_ca local crudini --set ~/undercloud.conf DEFAULT generate_service_certificate true crudini --set ~/undercloud.conf DEFAULT enable_ui true crudini --set ~/undercloud.conf ctlplane-subnet cidr 172.22.137.0/24 crudini --set ~/undercloud.conf ctlplane-subnet dhcp_end 172.22.137.200 crudini --set ~/undercloud.conf ctlplane-subnet dhcp_start 172.22.137.180 crudini --set ~/undercloud.conf ctlplane-subnet gateway 172.22.137.12 crudini --set ~/undercloud.conf ctlplane-subnet masquerade true crudini --set ~/undercloud.conf ctlplane-subnet inspection_iprange 172.22.137.201,172.22.137.220 crudini --set ~/undercloud.conf DEFAULT enable_telemetry false crudini --set ~/undercloud.conf DEFAULT discovery_default_driver ilo crudini --set ~/undercloud.conf DEFAULT enabled_hardware_types ilo,ipmi,redfish crudini --set ~/undercloud.conf DEFAULT enable_node_discovery False crudini --set ~/undercloud.conf DEFAULT ipxe_enabled True crudini --set ~/undercloud.conf DEFAULT inspection_enable_uefi True crudini --set ~/undercloud.conf DEFAULT hieradata_override haproxy-hiera-overrides.yaml
Override HAProxy default TLS settings.
cat <<EOF>~/haproxy-hiera-overrides.yaml tripleo::haproxy::ssl_cipher_suite: ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS tripleo::haproxy::ssl_options: no-sslv3 no-tls-tickets no-tlsv10 no-tlsv11 EOF
Let’s install the Undercloud.
openstack undercloud install