AKAI TSUKI

System development or Technical something

Try to prepare host for installation of OpenShift.

Docker OpenShift

ref:
https://docs.openshift.org/latest/install_config/install/host_preparation.html

Host list

Host Role
opshift01 master/node(infra)
opshift02 node(west)
opshift03 node(east)

Stop firewalld

at all node

[root@opshift01 ~]# systemctl stop firewalld
[root@opshift01 ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.
[root@opshift01 ~]#

Install the following base packages:

at all node

# yum install wget git net-tools bind-utils iptables-services \
bridge-utils bash-completion kexec-tools sos psacct

Install Ansible

install at master node.

# yum -y install \
    https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
# sed -i -e "s/^enabled=1/enabled=0/" /etc/yum.repos.d/epel.repo
# yum -y --enablerepo=epel install ansible pyOpenSSL

try to confirm version

# ansible --version
ansible 2.3.1.0
  config file = /etc/ansible/ansible.cfg
  configured module search path = Default w/o overrides
  python version = 2.7.5 (default, Nov  6 2016, 00:28:07) [GCC 4.8.5 20150623 (Red Hat 4.8.5-11)]
#

Get openshift-ansible

at master node.

# cd ~
# git clone https://github.com/openshift/openshift-ansible
Cloning into 'openshift-ansible'...
remote: Counting objects: 61775, done.
remote: Compressing objects: 100% (16/16), done.
remote: Total 61775 (delta 6), reused 15 (delta 4), pack-reused 61754
Receiving objects: 100% (61775/61775), 16.03 MiB | 1.66 MiB/s, done.
Resolving deltas: 100% (37890/37890), done.
# cd openshift-ansible

Install docker

at all node.

# yum install docker

check version

# docker -v
Docker version 1.12.6, build 88a4867/1.12.6
#

configure /etc/sysconfig/docker file.

# cp -p /etc/sysconfig/docker{,.org}
# vi /etc/sysconfig/docker
# diff /etc/sysconfig/docker{,.org}
4c4
< OPTIONS='--selinux-enabled --insecure-registry 172.30.0.0/16 --log-driver=journald --signature-verification=false'
---
> OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false'
#

check physical volume and volume group for docker.
and ref. Create Physical volume in Linux CentOS - AKAI TSUKI

# pvs
  PV         VG          Fmt  Attr PSize  PFree
  /dev/sda2  cl          lvm2 a--  37.00g     0
  /dev/sda3  cl          lvm2 a--  15.00g     0
  /dev/sda4  docker-data lvm2 a--  27.00g 27.00g
# vgs
  VG          #PV #LV #SN Attr   VSize  VFree
  cl            2   2   0 wz--n- 51.99g     0
  docker-data   1   0   0 wz--n- 27.00g 27.00g
#

setting up docker storage

# cat <<EOF > /etc/sysconfig/docker-storage-setup
> VG=docker-data
> EOF
#

check this file.

# cat /etc/sysconfig/docker-storage-setup
VG=docker-data
#

run script

# docker-storage-setup
  Using default stripesize 64.00 KiB.
  Rounding up size to full physical extent 28.00 MiB
  Logical volume "docker-pool" created.
  Logical volume docker-data/docker-pool changed.
#

and check

# cat /etc/sysconfig/docker-storage
DOCKER_STORAGE_OPTIONS="--storage-driver devicemapper --storage-opt dm.fs=xfs --storage-opt dm.thinpooldev=/dev/mapper/docker--data-docker--pool --storage-opt dm.use_deferred_removal=true "
# lvs
  LV          VG          Attr       LSize  Pool Origin Data%  Meta%  Move Log Cpy%Sync Convert
  root        cl          -wi-ao---- 49.99g
  swap        cl          -wi-ao----  2.00g
  docker-pool docker-data twi-a-t--- 10.74g             0.00   0.14
#

start docker

# systemctl is-active docker
unknown
# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
# systemctl start docker
#

Install docker-compose 1.14.0 on CentOS 7.3

Docker

install

$ sudo curl -L https://github.com/docker/compose/releases/download/1.14.0/docker-compose-`uname -s`-`uname -m` > ./docker-compose
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   617    0   617    0     0   2666      0 --:--:-- --:--:-- --:--:--  2670
100 8084k  100 8084k    0     0  3789k      0  0:00:02  0:00:02 --:--:-- 6580k
$ sudo mv ./docker-compose /usr/local/bin/docker-compose
$ sudo chmod +x /usr/local/bin/docker-compose
$ ls -l /usr/local/bin/docker-compose
-rwxrwxr-x 1 suzu suzu 8278112 Jul  8 05:35 /usr/local/bin/docker-compose
$

$ docker-compose -v
docker-compose version 1.14.0, build c7bdf9e
$

Use Google Chrome v59 Headless mode on CentOS 7.

Linux

Create a file chrome.repo

# vi /etc/yum.repos.d/chrome.repo
# cat /etc/yum.repos.d/chrome.repo
[google-chrome]
name=google-chrome
baseurl=http://dl.google.com/linux/chrome/rpm/stable/$basearch
enabled=1
gpgcheck=1
gpgkey=https://dl-ssl.google.com/linux/linux_signing_key.pub
#

Install google chrome

# yum info google-chrome-stable
*snip*
Available Packages
Name        : google-chrome-stable
Arch        : x86_64
Version     : 59.0.3071.104
Release     : 1
Size        : 58 M
Repo        : google-chrome/x86_64
Summary     : Google Chrome
*snip*
# yum install -y google-chrome-stable

Install mesa-libOSMesa and fonts

# yum install -y mesa-libOSMesa mesa-libOSMesa-devel gnu-free-sans-fonts
# yum install -y ipa-gothic-fonts ipa-pgothic-fonts
# find / -name "libOSMesa*" -type f
/usr/lib64/libOSMesa.so.8.0.0
# ln -s /usr/lib64/libOSMesa.so.8.0.0 /opt/google/chrome/libosmesa.so

use headless mode

# google-chrome --headless --print-to-pdf http://akai-tsuki.hatenablog.com/
# ls -1 output.pdf
output.pdf
#
# google-chrome --headless --screenshot --window-size=1024,2000 --hide-scrollbars http://akai-tsuki.hatenablog.com/
# ls -1 screenshot.png
screenshot.png
#

Create VM in OpenStack Ocata.

OpenStack

After these, Install OpenStack Ocata by Packstack on CentOS 7. - AKAI TSUKI
Check openstack service. - AKAI TSUKI

image

# openstack image list
+--------------------------------------+--------+--------+
| ID                                   | Name   | Status |
+--------------------------------------+--------+--------+
| b5e892b7-c8a5-44fc-83a7-5cafc43dabf8 | cirros | active |
+--------------------------------------+--------+--------+
#

network

# openstack network list
+--------------------------------------+---------+--------------------------------------+
| ID                                   | Name    | Subnets                              |
+--------------------------------------+---------+--------------------------------------+
| b2e1df72-d4cb-4474-ab9e-cb2d7c5acd1b | public  | 71ba8757-ca92-40c2-b85a-2dd5dc6d58c1 |
| cf8a77e6-2063-4db3-8fc9-a0c22c82a6b7 | private | c6db71fa-185b-4da9-bacc-31ae7e3a7f50 |
+--------------------------------------+---------+--------------------------------------+
#

flavor

# openstack flavor list
+----+-----------+-------+------+-----------+-------+-----------+
| ID | Name      |   RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+-----------+-------+------+-----------+-------+-----------+
| 1  | m1.tiny   |   512 |    1 |         0 |     1 | True      |
| 2  | m1.small  |  2048 |   20 |         0 |     1 | True      |
| 3  | m1.medium |  4096 |   40 |         0 |     2 | True      |
| 4  | m1.large  |  8192 |   80 |         0 |     4 | True      |
| 5  | m1.xlarge | 16384 |  160 |         0 |     8 | True      |
+----+-----------+-------+------+-----------+-------+-----------+
#

create server

# openstack server create --image cirros --flavor m1.tiny --nic net-id=cf8a77e6-2063-4db3-8fc9-a0c22c82a6b7 sample-vm
*snip*

# openstack server list
+--------------------------------------+-----------+--------+------------------+------------+
| ID                                   | Name      | Status | Networks         | Image Name |
+--------------------------------------+-----------+--------+------------------+------------+
| 7f61abf8-c070-4968-b1ab-4c3222eaff77 | sample-vm | ACTIVE | private=10.0.0.8 | cirros     |
+--------------------------------------+-----------+--------+------------------+------------+
#

Check openstack service.

OpenStack

After installation, Install OpenStack Ocata by Packstack on CentOS 7. - AKAI TSUKI

Let’s check status by openstack client command.

Service

# openstack service list
+----------------------------------+-----------+-----------------+
| ID                               | Name      | Type            |
+----------------------------------+-----------+-----------------+
| 00cfb41acb0543c1bec827a341917781 | cinder    | volume          |
| 02496e0b13b3489290d71bdfe454b1d6 | cinderv3  | volumev3        |
| 07a3c644cdfd49ebb85cf3f591d4837e | heat-cfn  | cloudformation  |
| 33a030563e6f45c8b9e8569036f47a0c | nova      | compute         |
| 39910fbcda6e4b37aee01557352895dc | placement | placement       |
| 56592739630f4686adabac81a4e2abb4 | heat      | orchestration   |
| 7ed8c0e762394c4abd0bfc30a28b581f | keystone  | identity        |
| 8200ecbba50f450895c01406f0f49c88 | neutron   | network         |
| b21cd3fc394d46d5a20704a5026f36d1 | cinderv2  | volumev2        |
| e6678c6d48f64c3596858222572d4ba6 | magnum    | container-infra |
| f9096b93a1ed4694b97cccdb5b7ff1d3 | glance    | image           |
+----------------------------------+-----------+-----------------+
#

Endpoint

# openstack endpoint list
+----------------------------------+-----------+--------------+-----------------+---------+-----------+---------------------------------------------+
| ID                               | Region    | Service Name | Service Type    | Enabled | Interface | URL                                         |
+----------------------------------+-----------+--------------+-----------------+---------+-----------+---------------------------------------------+
| 0a944f017b25431780663cbe044f4454 | RegionOne | heat-cfn     | cloudformation  | True    | internal  | http://172.16.10.25:8000/v1                 |
| 0ed7175134a742aead8a9f85e0ee6210 | RegionOne | placement    | placement       | True    | internal  | http://172.16.10.25:8778/placement          |
| 14c99551bf7a4c46909ca5491e918458 | RegionOne | heat         | orchestration   | True    | public    | http://172.16.10.25:8004/v1/%(tenant_id)s   |
| 191b140b64554f83a3add20100859c46 | RegionOne | heat         | orchestration   | True    | admin     | http://172.16.10.25:8004/v1/%(tenant_id)s   |
| 38a66ef6d2f54f049aee4613bc95b13c | RegionOne | nova         | compute         | True    | admin     | http://172.16.10.25:8774/v2.1/%(tenant_id)s |
| 41344a0fbaa546d48afed810a7ca5861 | RegionOne | cinderv2     | volumev2        | True    | internal  | http://172.16.10.25:8776/v2/%(tenant_id)s   |
| 4317cb47b64c44628152c47d190f714b | RegionOne | cinder       | volume          | True    | public    | http://172.16.10.25:8776/v1/%(tenant_id)s   |
| 4ada9ce8f21a445888f326bd29794137 | RegionOne | neutron      | network         | True    | public    | http://172.16.10.25:9696                    |
| 4c074c23d20d469b99344dadb2143e7b | RegionOne | glance       | image           | True    | internal  | http://172.16.10.25:9292                    |
| 547d143948b348d48ef4ebbe7fcc2052 | RegionOne | cinder       | volume          | True    | internal  | http://172.16.10.25:8776/v1/%(tenant_id)s   |
| 553e8689f41744a5a6a1944193950748 | RegionOne | glance       | image           | True    | public    | http://172.16.10.25:9292                    |
| 5e978da9ce004fbebe739873d69d2a93 | RegionOne | cinderv2     | volumev2        | True    | public    | http://172.16.10.25:8776/v2/%(tenant_id)s   |
| 77dbb5f4c4bb45a5b7158751fbe75e4d | RegionOne | cinder       | volume          | True    | admin     | http://172.16.10.25:8776/v1/%(tenant_id)s   |
| 7dc9631444424a4d957b6b65022ec97c | RegionOne | cinderv3     | volumev3        | True    | admin     | http://172.16.10.25:8776/v3/%(tenant_id)s   |
| 92a6343ef5634fb5a7b27813dc5c779d | RegionOne | keystone     | identity        | True    | internal  | http://172.16.10.25:5000/v3                 |
| 984d1b2676504988a11fd4c23b5cb87f | RegionOne | heat         | orchestration   | True    | internal  | http://172.16.10.25:8004/v1/%(tenant_id)s   |
| 9f30088714574594abbdb4b86f9bfb5f | RegionOne | neutron      | network         | True    | internal  | http://172.16.10.25:9696                    |
| a953d12487004364b63c0f1f63edd5a7 | RegionOne | magnum       | container-infra | True    | admin     | http://172.16.10.25:9511/v1                 |
| adc7090bc7594f089b1bb83e3e1545b0 | RegionOne | magnum       | container-infra | True    | internal  | http://172.16.10.25:9511/v1                 |
| af5830eba102465c83955f681b190a4b | RegionOne | heat-cfn     | cloudformation  | True    | admin     | http://172.16.10.25:8000/v1                 |
| af77088b57834b98b42253efd9ae232d | RegionOne | glance       | image           | True    | admin     | http://172.16.10.25:9292                    |
| beb3c9e5bb81407098dfe641dcc153c8 | RegionOne | nova         | compute         | True    | internal  | http://172.16.10.25:8774/v2.1/%(tenant_id)s |
| c1abbfc4a47048c6b6f0e2886e35ca9e | RegionOne | keystone     | identity        | True    | admin     | http://172.16.10.25:35357/v3                |
| c41fc831fadd4801947c428488213041 | RegionOne | magnum       | container-infra | True    | public    | http://172.16.10.25:9511/v1                 |
| c807e5d21e244bfc9514a2e1e6e8418c | RegionOne | neutron      | network         | True    | admin     | http://172.16.10.25:9696                    |
| dbfbd247fd374b23956cb076b5e8adf3 | RegionOne | nova         | compute         | True    | public    | http://172.16.10.25:8774/v2.1/%(tenant_id)s |
| df635a3c187b430da60f25403491c2f0 | RegionOne | cinderv3     | volumev3        | True    | public    | http://172.16.10.25:8776/v3/%(tenant_id)s   |
| e0ba54c694414b348921ab97dff71e41 | RegionOne | placement    | placement       | True    | public    | http://172.16.10.25:8778/placement          |
| e3891bbfdf9b4d8fa8c5176ec57df4f8 | RegionOne | keystone     | identity        | True    | public    | http://172.16.10.25:5000/v3                 |
| f2ee2198609a40f1959cf62e9ff34c2c | RegionOne | heat-cfn     | cloudformation  | True    | public    | http://172.16.10.25:8000/v1                 |
| f9bf7032b55d4057adb479e5c8a71218 | RegionOne | cinderv2     | volumev2        | True    | admin     | http://172.16.10.25:8776/v2/%(tenant_id)s   |
| fa0268f4b061455db82c21f1051454f8 | RegionOne | cinderv3     | volumev3        | True    | internal  | http://172.16.10.25:8776/v3/%(tenant_id)s   |
| ffa7ec15d72a4a8aa28cbe2650012ee4 | RegionOne | placement    | placement       | True    | admin     | http://172.16.10.25:8778/placement          |
+----------------------------------+-----------+--------------+-----------------+---------+-----------+---------------------------------------------+
#

Host

# openstack host list
+-----------+-------------+----------+
| Host Name | Service     | Zone     |
+-----------+-------------+----------+
| cent7op   | cert        | internal |
| cent7op   | conductor   | internal |
| cent7op   | scheduler   | internal |
| cent7op   | consoleauth | internal |
| cent7op   | compute     | nova     |
+-----------+-------------+----------+
#

Hypervisor

# openstack hypervisor list
+----+---------------------+-----------------+--------------+-------+
| ID | Hypervisor Hostname | Hypervisor Type | Host IP      | State |
+----+---------------------+-----------------+--------------+-------+
|  1 | cent7op             | QEMU            | 172.16.10.25 | up    |
+----+---------------------+-----------------+--------------+-------+
#