Helion OpenStack 2.1 Example Cloud Deployment
It’s now time to start the deployment.
As I have protected the SSH key with a passphrase I need to execute the following commands to avoid having to enter the passphrase on every attempt by Ansible to connect to the client nodes (I have mentioned this earlier in the blog but it’s taken me several days, disconnects and reboots to get to this point in the blog and I need to do it again 😉 ):
If HOS 2.1 is behind a firewall and a proxy server is required to access the internet add the proxy details for Sherpa as follows:
[WORKAROUND] – There is currently an issue with the Elasticsearch name that requires that you change it in the logging configuration file before continuing in the installation.
If you need to encrypt your iLO passwords you can use the script provided in an earlier blog that will encrypt all the passwords at once in the servers.xml file as follows:
Now that all the configuration is complete we need to commit all the changes into the repository as follows:
Provisioning the bare metal nodes
The following command will verify that all the passwords are correct and that your configuration network (management network in this scenario) is communicating correctly with the IPMI network.
Deploying Cobbler on the HLM
You’ll be prompted for a password that will be used to initially access the nodes – [Note to self: I used “helion”].
Verify the list of nodes that are going to be built – you should not see the deployer/controller1 in this list.
Start a screen session if not working directly on the console –
Install screen and then run it as follows
Because I’ve used a passphrase on my SSH key I need to run the following commands to avoid repeatedly having to type the passphrase.
Now execute the following command to install the base hLinux on these nodes:
if it’s a re-install
Now we run the configuration processor which will effectively validate our model.
Once again we’ll be prompted for a password if we wish to encrypt the sensitive data processed by this step. I’ll use ‘H3lionhelion!’ for a change.
Now we will create a self-signed certificate to configure TLS on the public endpoints.
Note: In a production setup your Security/PKI team should be able to organise this for you.
Examine the ~/helion/my_cloud/info/address_info.yml file to get the ip address of the public endpoint
Now it’s necessary to combine the contents of my-public-cert.key and my-public-cert.crt into a single file which is used by the HLM installer and Copy it to ~/helion/my_cloud/config/tls/certs/
Modify the network_groups.yml file to include this new this new TLS configuration
Now we can re-commit everything and re-run the configuration processor.
Note: I’ve also added hos2.allthingscloud.eu to my /etc/hosts file as I’m not using a DNS server.
Now we’re finally ready to deploy the cloud
As these servers have been used for previous deployments I need to wipe all the existing drive configurations as follows:
We get a couple of fails for the compute nodes which is acceptable – they don’t have any spare drives assigned – if we wipe the OS drive I’d have to start again 🙂
Now let’s kick off the cloud deployment proper
I’ve never seen this warning before – hopefully it’s safe to ignore – looks like an Ansible best practise warning …
This looks like a successful installation.