Red Hat SummitChapter 3. Deploying the undercloud for RHOSP dynamic routing
The undercloud is the node that controls the configuration, installation, and management of your final Red Hat OpenStack Platform (RHOSP) environment, which is called the overcloud. The undercloud uses OpenStack Platform component services, including the OVN BGP agent, that run in containers. These containerized services comprise a tool called RHOSP director, which you use to create and manage your overcloud.
The topic included in this section is:
3.1. Installing and configuring the undercloud for RHOSP dynamic routing
You use Red Hat OpenStack Platform (RHOSP) director to install and configure dynamic routing in the RHOSP undercloud. The high-level steps are:
-
(Optional) Set BGP configuration values for the undercloud in
frr-parameters.yaml. -
Set spine-leaf network topology configuration values for the undercloud in
undercloud.conf. -
Run the
openstack undercloud installcommand.
Procedure
-
Log in to the undercloud host as the
stackuser. Source the
stackrcundercloud credentials file:$ source ~/stackrc
If you plan to use BGP to reach the other racks and overcloud nodes, then configure FRRouting (FRR) to be installed on the undercloud by adding the following parameters to a custom heat environment file,
/home/stack/templates/frr-parameters.yaml.NoteRemember this path. You need it in a later step.
Example
parameter_defaults: ContainerFrrImage: registry.redhat.io/rhosp-17.1/openstack-frr-rhel9:17.1.1 FrrBfdEnabled: true FrrBgpEnabled: true FrrBgpAsn: 64999 FrrBgpUplinks: ['nic2', 'nic3'] FrrBgpUplinksScope: internal FrrLogLevel: debugging FrrBgpRouterID: 172.30.4.1 FrrBgpIpv4SrcIp: 172.30.4.1 FrrBgpIpv6SrcIp: fe80::5054:ff:fe74:73ce
TipFor more information, see Networking (neutron) Parameters in the Overcloud parameters guide.
FrrBfdEnabled-
When
true, enable Bidirectional Forwarding Detection (BFD). The default isfalse. FrrBgpEnabled-
When
true, enable Border Gateway Protocol (BGP). The default istrue. FrrBgpAsn-
The default ASN to be used within FRRouting. The default is
65000.FrrBgpAsncan be set to a different value for each role that is used. FrrBgpUplinks-
A comma-delimited list of uplink network interfaces. The default is
['nic1', 'nic2']. FrrBgpUplinksScope-
Either peer with internal (iBGP) or external (eBGP) neighbors. The default is
internal. FrrLogLevel-
Specifies the FRR log level using the set of values:
emergencies,alerts,critical,errors,warnings,notifications,informational,debugging. The default isinformational. FrrBgpRouterID-
The BGP
router_idto be used by FRR. FrrBgpIpv4SrcIp- The source IP address for IPv4 network traffic.
FrrBgpIpv6SrcIp- The source IP address for IPv6 network traffic.
tripleo_frr_bgp_peers- A role-specific parameter used to specify a list of IPs addresses or hostnames for Free Range Routing (FRR) to peer with.
tripleo_frr_ovn_bgp_agent_enable-
A role-specific parameter used to enable or disable the OVN BGP agent on RHOSP nodes where no data plane routes are exposed. The default value is
true.
If you do not already have an
undercloud.conffile, copy the sample template file:$ cp /usr/share/python-tripleoclient/undercloud.conf.sample \ ~/templates/undercloud.conf
In the
[DEFAULT]section, set the following general parameter values.Example
[DEFAULT] # General cleanup = false container_images_file=/home/stack/templates/ \containers-prepare-parameter.yaml overcloud_domain_name = {{ cloud_domain }} undercloud_timezone = UTC undercloud_hostname = undercloud-0.{{ cloud_domain }} # BGP on undercloud ... # TLS-e ... # Networking ... # Subnets ...TipFor more information, see Undercloud configuration parameters in the Installing and managing Red Hat OpenStack Platform with director guide.
overcloud_domain_name-
Specifies the DNS domain name that you want to use when you deploy the overcloud. In a subsequent step, you must ensure that this value matches the value of the overcloud
CloudDomainparameter. cleanup-
Delete temporary files. Set this to
falseto retain the temporary files used during deployment. The temporary files can help you debug the deployment if errors occur. container_images_file- Specifies the Heat environment file with container image information.
container_insecure_registries-
A list of insecure registries for
podmanto use. Use this parameter if you want to pull images from another source, such as a private container registry. custom_env_files- Additional environment files that you want to add to the undercloud installation.
undercloud_hostname- Defines the fully qualified host name for the undercloud. If set, the undercloud installation configures all system host name settings. If left unset, the undercloud uses the current host name, but you must configure all system host name settings appropriately.
undercloud_timezone- Host timezone for the undercloud. If you do not specify a timezone, director uses the existing timezone configuration.
If want to install BGP on the undercloud, then in the
[DEFAULT]section, enable FRR on the undercloud, and point to the custom environment file where you set the FRR parameter values in an earlier step.Example
[DEFAULT] # General ... # BGP on undercloud enable_frr=true custom_env_files=/home/stack/templates/frr-parameters.yaml # TLS-e ... # Networking ... # Subnets ...
If you are using TLS-everywhere, then in the
[DEFAULT]section, set the following TLS-everywhere parameter values:Example
[DEFAULT] # General ... # BGP on undercloud ... # TLS-e enable_novajoin = False undercloud_nameservers = {{ freeipa_ip }} generate_service_certificate = True ipa_otp = {{ undercloud_otp }} # Networking ... # Subnets ...TipFor more information, see Undercloud configuration parameters in the Installing and managing Red Hat OpenStack Platform with director guide.
enable_novajoin-
When
true, enables the novajoin service to deploy TLS. undercloud_nameservers-
Specifies the current IP addresses of the DNS servers for the undercloud nameserver. You can find this information in
/etc/resolv.conf. generate_service_certificate-
Defines whether to generate an SSL/TLS certificate during the undercloud installation, which is used for the
undercloud_service_certificateparameter. ipa_otp- Set FreeIPA OTP fact.
In the
[DEFAULT]section, set the following networking parameter values:Example
[DEFAULT] # General ... # BGP on undercloud ... # TLS-e ... # Networking local_interface = eth0 local_ip = {{ undercloud_ctlplane }}/24 undercloud_public_host = {{ undercloud_public_host }} undercloud_admin_host = {{ undercloud_admin_host }} # Subnets ...TipFor more information, see Undercloud configuration parameters in the Installing and managing Red Hat OpenStack Platform with director guide.
local_interface- Interface to bridge for the local network.
local_ip-
IP address for the undercloud on
leaf0. undercloud_public_host- Externally facing IP address of the undercloud.
undercloud_admin_host- Administration IP address of the undercloud. This IP address is usually on leaf0.
Create a new section for each subnet that you defined earlier in the
subnetsparameter.ImportantDirector cannot change the IP addresses for a subnet after director creates the subnet.
Example
[DEFAULT] # General ... # BGP on undercloud ... # TLS-e ... # Networking ... # Subnets [r1] # This subnet is used for overcloud nodes deployed on rack1. cidr = 192.168.1.0/24 dhcp_start = 192.168.1.150 dhcp_end = 192.168.1.170 inspection_iprange = 192.168.1.171,192.168.1.185 gateway = 192.168.1.1 masquerade = False [r2] # This subnet is used for overcloud nodes deployed on rack2. cidr = 192.168.2.0/24 dhcp_start = 192.168.2.150 dhcp_end = 192.168.2.170 inspection_iprange = 192.168.2.171,192.168.2.185 gateway = 192.168.2.1 masquerade = False [r3] # This subnet is used for overcloud nodes deployed on rack3. cidr = 192.168.3.0/24 dhcp_start = 192.168.3.150 dhcp_end = 192.168.3.170 inspection_iprange = 192.168.3.171,192.168.3.185 gateway = 192.168.3.1 masquerade = False [r4] # This subnet is used for the underloud node and potentially FreeIPA # that are deployed on rack4. cidr = 192.168.4.0/24 dhcp_start = {{ undercloud_dhcp_start }} dhcp_end = 192.168.4.170 inspection_iprange = 192.168.4.171,192.168.4.185 gateway = 192.168.4.1 masquerade = FalseTipFor more information, see Subnets in the Installing and managing Red Hat OpenStack Platform with director guide.
cidr-
The network that director uses to manage overcloud instances. This is the Provisioning network, which the undercloud
neutronservice manages. Leave this as the default192.168.24.0/24unless you use a different subnet for the Provisioning network. masqueradeDefines whether to masquerade the network defined in the
cidrfor external access. This provides the Provisioning network with network address translation (NAT) so that the Provisioning network has external access through director.NoteThe director configuration also enables IP forwarding automatically using the relevant sysctl kernel parameter.
dhcp_startanddhcp_end- The start and end of the DHCP allocation range for overcloud nodes. Ensure that this range contains enough IP addresses to allocate your nodes.
dhcp_exclude- IP addresses to exclude in the DHCP allocation range.
dns_nameservers-
DNS nameservers specific to the subnet. If no nameservers are defined for the subnet, the subnet uses nameservers defined in the
undercloud_nameserversparameter. gateway-
The gateway for the overcloud instances. This is the undercloud host, which forwards traffic to the External network. Leave this as the default
192.168.24.1unless you use a different IP address for director or want to use an external gateway directly.
Run the install command.
$ openstack undercloud install
Ensure that your undercloud has the correct network configuration including any additional network routes to reach each leaf and rack.
For more information, see Director configuration parameters in the Installing and managing Red Hat OpenStack Platform with director guide.
Verification
The director configuration script starts all of the services automatically. Confirm that the RHOSP service containers are running:
$ sudo podman ps -a --format "{{.Names}} {{.Status}}"Sample output
You should see output similar to the following that indicates that the RHOSP service containers are
Up:memcached Up 3 hours (healthy) haproxy Up 3 hours rabbitmq Up 3 hours (healthy) mysql Up 3 hours (healthy) iscsid Up 3 hours (healthy) keystone Up 3 hours (healthy) keystone_cron Up 3 hours (healthy) neutron_api Up 3 hours (healthy) logrotate_crond Up 3 hours (healthy) neutron_dhcp Up 3 hours (healthy) neutron_l3_agent Up 3 hours (healthy) neutron_ovs_agent Up 3 hours (healthy) ironic_api Up 3 hours (healthy) ironic_conductor Up 3 hours (healthy) ironic_neutron_agent Up 3 hours (healthy) ironic_pxe_tftp Up 3 hours (healthy) ironic_pxe_http Up 3 hours (unhealthy) ironic_inspector Up 3 hours (healthy) ironic_inspector_dnsmasq Up 3 hours (healthy) neutron-dnsmasq-qdhcp-30d628e6-45e6-499d-8003-28c0bc066487 Up 3 hours ...
Confirm that you can initialize the
stackuser to use the command line tools:$ source ~/stackrc
If the prompt displays
(undercloud), this indicates that OpenStack commands authenticate and execute against the undercloud:Sample output
(undercloud) [stack@director ~]$
The director installation is complete. You can now use the director command line tools.
Additional resources
- Undercloud configuration parameters in the Installing and managing Red Hat OpenStack Platform with director guide.
- Subnets in the Installing and managing Red Hat OpenStack Platform with director guide
- Networking (neutron) Parameters in the Overcloud parameters guide.
- Deployment command options in the Installing and managing Red Hat OpenStack Platform with director guide
