From 32105a37925f3d6e134f6248804db9c54d274a82 Mon Sep 17 00:00:00 2001 From: Nicole Rappe Date: Mon, 9 Dec 2024 04:36:35 -0700 Subject: [PATCH] Update Servers/Virtualization/OpenStack/Ansible Openstack.md --- .../OpenStack/Ansible Openstack.md | 58 ++++++++++++++++++- 1 file changed, 57 insertions(+), 1 deletion(-) diff --git a/Servers/Virtualization/OpenStack/Ansible Openstack.md b/Servers/Virtualization/OpenStack/Ansible Openstack.md index cbcce31..bb0ee3a 100644 --- a/Servers/Virtualization/OpenStack/Ansible Openstack.md +++ b/Servers/Virtualization/OpenStack/Ansible Openstack.md @@ -84,4 +84,60 @@ sudo su git clone -b master https://opendev.org/openstack/openstack-ansible /opt/openstack-ansible cd /opt/openstack-ansible bash scripts/bootstrap-ansible.sh -``` \ No newline at end of file +``` + +### Disable Firewalld +The `firewalld` service is enabled on most CentOS systems by default and its default ruleset prevents OpenStack components from communicating properly. Stop the firewalld service and mask it to prevent it from starting. +```sh +systemctl stop firewalld +systemctl mask firewalld +``` + +## OpenStack Target Node (1/3) +Now we need to get the cluster/target nodes configured so that OpenStack can be deployed into them via the bootstrapper node later. [Original Target Node Documentation](https://docs.openstack.org/project-deploy-guide/openstack-ansible/latest/targethosts.html) + +### Disable SELinux +SELinux enabled is not currently supported in OpenStack-Ansible for CentOS/RHEL due to a lack of maintainers for the feature. +```sh +sudo sed -i 's/^SELINUX=enforcing/SELINUX=disabled/' /etc/sysconfig/selinux +``` + +### Disable Firewalld +The `firewalld` service is enabled on most CentOS systems by default and its default ruleset prevents OpenStack components from communicating properly. Stop the firewalld service and mask it to prevent it from starting. +```sh +systemctl stop firewalld +systemctl mask firewalld +``` + +### Install Necessary Software +```sh +dnf upgrade +dnf install -y iputils lsof openssh-server sudo tcpdump python3 +``` + +### Reduce Kernel Logging +Reduce the kernel log level by changing the printk value in your sysctls. +```sh +sudo echo "kernel.printk='4 1 7 4'" >> /etc/sysctl.conf +``` + +### Configure Local Cinder/Ceph Storage (Optional if using iSCSI) +At this point, we need to configure `/dev/sdb` as the local storage for Cinder. +```sh +pvcreate --metadatasize 2048 /dev/sdb +vgcreate cinder-volumes /dev/sdb +``` + +!!! note "`Cannot use /dev/sdb: device is partitioned`" + You may (in rare cases) see the following error when trying to run `pvcreate --metadatasize 2048 /dev/sdb`, if that happens, just use `lsblk` to get the drive of the expected disk. In my example, we want the 500GB disk located at `/dev/sda`, seen in the example below: + ```sh + [root@openstack-node-02 nicole]# lsblk + NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS + sda 8:0 0 500G 0 disk + sdb 8:16 0 250G 0 disk + ├─sdb1 8:17 0 600M 0 part /boot/efi + ├─sdb2 8:18 0 1G 0 part /boot + ├─sdb3 8:19 0 15.7G 0 part [SWAP] + └─sdb4 8:20 0 232.7G 0 part / + sr0 11:0 1 1024M 0 rom + ``` \ No newline at end of file