Chapter 5. Ansible-based overcloud registration
The director uses Ansible-based methods to register overcloud nodes to the Red Hat Customer Portal or a Red Hat Satellite 6 server.
5.1. Red Hat Subscription Manager (RHSM) composable service
The rhsm
composable service provides a method to register overcloud nodes through Ansible. Each role in the default roles_data
file contains a OS::TripleO::Services::Rhsm
resource, which is disabled by default. To enable the service, register the resource to the rhsm
composable service file:
resource_registry: OS::TripleO::Services::Rhsm: /usr/share/openstack-tripleo-heat-templates/extraconfig/services/rhsm.yaml
The rhsm
composable service accepts a RhsmVars
parameter, which allows you to define multiple sub-parameters relevant to your registration. For example:
parameter_defaults: RhsmVars: rhsm_repos: - rhel-7-server-rpms - rhel-7-server-extras-rpms - rhel-7-server-rh-common-rpms - rhel-ha-for-rhel-7-server-rpms - rhel-7-server-openstack-14-rpms - rhel-7-server-rhceph-3-osd-rpms - rhel-7-server-rhceph-3-mon-rpms - rhel-7-server-rhceph-3-tools-rpms rhsm_username: "myusername" rhsm_password: "p@55w0rd!" rhsm_org_id: "1234567"
You can also use the RhsmVars
parameter in combination with role-specific parameters (e.g. ControllerParameters
) to provide flexibility when enabling specific repositories for different nodes types.
The next section is a list of sub-parameters available to use with the RhsmVars
parameter for use with the rhsm
composable service.
5.2. RhsmVars sub-parameters
See the role documentation to learn about all Ansible parameters.
rhsm | Description |
---|---|
|
Choose the registration method. Either |
|
The organization to use for registration. To locate this ID, run |
|
The subscription pool ID to use. Use this if not auto-attaching subscriptions. To locate this ID, run |
|
The activation key to use for registration. Does not work when |
|
Automatically attach compatible subscriptions to this system. Set to |
| The base URL of the Satellite server to register Overcloud nodes. |
|
A list of repositories to enable. Does not work when |
| The username for registration. If possible, use activation keys for registration. |
| The password for registration. If possible, use activation keys for registration. |
|
The hostname for the HTTP proxy. For example: |
|
The port for HTTP proxy communication. For example: |
| The username to access the HTTP proxy. |
| The password to access the HTTP proxy. |
Now that you have an understanding of how the rhsm
composable service works and how to configure it, you can use the following procedures to configure your own registration details.
5.3. Registering the overcloud with the rhsm composable service
Use the following procedure to create an environment file that enables and configures the rhsm
composable service. The director uses this environment file to register and subscribe your nodes.
Procedure
-
Create an environment file (
templates/rhsm.yml
) to store the configuration. Include your configuration in the environment file. For example:
resource_registry: OS::TripleO::Services::Rhsm: /usr/share/openstack-tripleo-heat-templates/extraconfig/services/rhsm.yaml parameter_defaults: RhsmVars: rhsm_repos: - rhel-7-server-rpms - rhel-7-server-extras-rpms - rhel-7-server-rh-common-rpms - rhel-ha-for-rhel-7-server-rpms - rhel-7-server-openstack-14-rpms - rhel-7-server-rhceph-3-osd-rpms - rhel-7-server-rhceph-3-mon-rpms - rhel-7-server-rhceph-3-tools-rpms rhsm_username: "myusername" rhsm_password: "p@55w0rd!" rhsm_org_id: "1234567" rhsm_pool_ids: "1a85f9223e3d5e43013e3d6e8ff506fd" rhsm_method: "portal"
The
resource_registry
associates therhsm
composable service with theOS::TripleO::Services::Rhsm
resource, which is available on each role.The
RhsmVars
variable passes parameters to Ansible for configuring your Red Hat registration.- Save the environment file.
You can also provide registration details to specific overcloud roles. The next section provides an example of this.
5.4. Applying the rhsm composable service to different roles
You can apply the rhsm
composable service on a per-role basis. For example, you can apply one set of configuration to Controller nodes and a different set of configuration to Compute nodes.
Procedure
-
Create an environment file (
templates/rhsm.yml
) to store the configuration. Include your configuration in the environment file. For example:
resource_registry: OS::TripleO::Services::Rhsm: /usr/share/openstack-tripleo-heat-templates/extraconfig/services/rhsm.yaml parameter_defaults: ControllerParameters: RhsmVars: rhsm_repos: - rhel-7-server-rpms - rhel-7-server-extras-rpms - rhel-7-server-rh-common-rpms - rhel-ha-for-rhel-7-server-rpms - rhel-7-server-openstack-14-rpms - rhel-7-server-rhceph-3-osd-rpms - rhel-7-server-rhceph-3-mon-rpms - rhel-7-server-rhceph-3-tools-rpms rhsm_username: "myusername" rhsm_password: "p@55w0rd!" rhsm_org_id: "1234567" rhsm_pool_ids: "1a85f9223e3d5e43013e3d6e8ff506fd" rhsm_method: "portal" ComputeParameters: RhsmVars: rhsm_repos: - rhel-7-server-rpms - rhel-7-server-extras-rpms - rhel-7-server-rh-common-rpms - rhel-ha-for-rhel-7-server-rpms - rhel-7-server-openstack-14-rpms - rhel-7-server-rhceph-3-tools-rpms rhsm_username: "myusername" rhsm_password: "p@55w0rd!" rhsm_org_id: "1234567" rhsm_pool_ids: "1a85f9223e3d5e43013e3d6e8ff506fd" rhsm_method: "portal"
The
resource_registry
associates therhsm
composable service with theOS::TripleO::Services::Rhsm
resource, which is available on each role.Both
ControllerParameters
andComputeParameters
use their ownRhsmVars
parameter to pass subscription details to their respective roles.- Save the environment file.
These procedures enable and configure rhsm
on the overcloud. However, if you used the rhel-registration
method from previous Red Hat OpenStack Platform version, you must disable it and switch to the Ansible-based method. Use the following procedure to switch from the old rhel-registration
method to the Ansible-based method.
5.5. Switching to the rhsm composable service
The previous rhel-registration
method runs a bash script to handle the overcloud registration. The scripts and environment files for this method are located in the core Heat template collection at /usr/share/openstack-tripleo-heat-templates/extraconfig/pre_deploy/rhel-registration/
.
Complete the following steps to switch from the rhel-registration
method to the rhsm
composable service.
Procedure
Exclude the
rhel-registration
environment files from future deployments operations. In most cases, exclude the following files:-
rhel-registration/environment-rhel-registration.yaml
-
rhel-registration/rhel-registration-resource-registry.yaml
-
If you use a custom
roles_data
file, ensure that each role in yourroles_data
file contains theOS::TripleO::Services::Rhsm
composable service. For example:- name: Controller description: | Controller role that has all the controller services loaded and handles Database, Messaging and Network functions. CountDefault: 1 ... ServicesDefault: ... - OS::TripleO::Services::Rhsm ...
-
Add the environment file for
rhsm
composable service parameters to future deployment operations.
This method replaces the rhel-registration
parameters with the rhsm
service parameters and changes the Heat resource that enables the service from:
resource_registry: OS::TripleO::NodeExtraConfig: rhel-registration.yaml
To:
resource_registry: OS::TripleO::Services::Rhsm: /usr/share/openstack-tripleo-heat-templates/extraconfig/services/rhsm.yaml
You can also include the /usr/share/openstack-tripleo-heat-templates/environments/rhsm.yaml
environment file with your deployment to enable the service.
To help transition your details from the rhel-registration
method to the rhsm
method, use the following table to map the your parameters and their values.
5.6. rhel-registration to rhsm mappings
rhel-registration | rhsm / RhsmVars |
---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Now that you have configured the environment file for the rhsm
service, you can include it with your next overcloud deployment operation.
5.7. Deploying the overcloud with the rhsm composable service
This section shows how to apply your rhsm
configuration to the overcloud.
Procedure
Include
rhsm.yml
environment file with theopenstack overcloud deploy
:openstack overcloud deploy \ <other cli args> \ -e ~/templates/rhsm.yaml
This enables the Ansible configuration of the overcloud and the Ansible-based registration.
- Wait until the overcloud deployment completes.
Check the subscription details on your overcloud nodes. For example, log into a Controller node and run the following commands:
$ sudo subscription-manager status $ sudo subscription-manager list --consumed
In addition to the director-based registration method, you can also manually register after deployment.
5.8. Running Ansible-based registration manually
You can perform manual Ansible-based registration on a deployed overcloud. You accomplish this using the director’s dynamic inventory script to define node roles as host groups and then run a playbook against them using ansible-playbook
. The following example shows how to manually register Controller nodes using a playbook.
Procedure
Create a playbook with that using the
redhat_subscription
modules to register your nodes. For example, the following playbook applies to Controller nodes:--- - name: Register Controller nodes hosts: Controller become: yes vars: repos: - rhel-7-server-rpms - rhel-7-server-extras-rpms - rhel-7-server-rh-common-rpms - rhel-ha-for-rhel-7-server-rpms - rhel-7-server-openstack-13-rpms - rhel-7-server-rhceph-3-mon-rpms tasks: - name: Register system redhat_subscription: username: myusername password: p@55w0rd! org_id: 1234567 pool_ids: 1a85f9223e3d5e43013e3d6e8ff506fd - name: Disable all repos command: "subscription-manager repos --disable *" - name: Enable Controller node repos command: "subscription-manager repos --enable {{ item }}" with_items: "{{ repos }}"
This play contains three tasks:
- Register the node using an activation key.
- Disable any auto-enabled repositories.
-
Enable only the repositories relevant to the Controller node. The repositories are listed with the
repos
variable.
After deploying the overcloud, you can run the following command so that Ansible executes the playbook (
ansible-osp-registration.yml
) against your overcloud:$ ansible-playbook -i /usr/bin/tripleo-ansible-inventory ansible-osp-registration.yml
This command does the following:
- Runs the dynamic inventory script to get a list of host and their groups.
-
Applies the playbook tasks to the nodes in the group defined in the playbook’s
hosts
parameter, which in this case is the Controller group.