# login to bastion
$ ssh [email protected]

# create ssh keys
[[email protected] ~]$ ssh-keygen
#copy to undercloud node
[[email protected] ~]$ ssh-copy-id [email protected]

$ ssh [email protected]
# check hostname, ip, network

#create user
[[email protected] ~]# useradd stack
[[email protected] ~]# mkdir /home/stack/.ssh
[[email protected] ~]# cp /root/.ssh/authorized_keys /home/stack/.ssh/
[[email protected] ~]# chown -R stack:stack /home/stack/.ssh
[[email protected] ~]# echo 'stack ALL=(root) NOPASSWD:ALL' | tee -a /etc/sudoers.d/stack
[[email protected] ~]# chmod 0440 /etc/sudoers.d/stack

# login as stack
[[email protected] ~]$ ssh [email protected]
[[email protected] ~]$ sudo -i

# set channels
[[email protected] ~]# cat >/etc/yum.repos.d/open.repo <<\EOF
[rhel-8-for-x86_64-appstream-eus-rpms]
name=rhel-8-for-x86_64-appstream-eus-rpms
baseurl=http://192.0.2.253/repos/rhel-8-for-x86_64-appstream-eus-rpms
enabled=1
gpgcheck=0

[rhel-8-for-x86_64-baseos-eus-rpms]
name=rhel-8-for-x86_64-baseos-eus-rpms
baseurl=http://192.0.2.253/repos/rhel-8-for-x86_64-baseos-eus-rpms
enabled=1
gpgcheck=0

[rhel-8-for-x86_64-highavailability-eus-rpms]
name=rhel-8-for-x86_64-highavailability-eus-rpms
baseurl=http://192.0.2.253/repos/rhel-8-for-x86_64-highavailability-eus-rpms
enabled=1
gpgcheck=0

[openstack-16.1-for-rhel-8-x86_64-rpms]
name=openstack-16.1-for-rhel-8-x86_64-rpms
baseurl=http://192.0.2.253/repos/openstack-16.1-for-rhel-8-x86_64-rpms
enabled=1
gpgcheck=0

[fast-datapath-for-rhel-8-x86_64-rpms]
name=fast-datapath-for-rhel-8-x86_64-rpms
baseurl=http://192.0.2.253/repos/fast-datapath-for-rhel-8-x86_64-rpms
enabled=1
gpgcheck=0


[ansible-2.9-for-rhel-8-x86_64-rpms]
name=ansible-2.9-for-rhel-8-x86_64-rpms
baseurl=http://192.0.2.253/repos/ansible-2.9-for-rhel-8-x86_64-rpms
enabled=1
gpgcheck=0

[rhceph-4-tools-for-rhel-8-x86_64-rpms]
name=rhceph-4-tools-for-rhel-8-x86_64-rpms
baseurl=http://192.0.2.253/repos/rhceph-4-tools-for-rhel-8-x86_64-rpms
enabled=1
gpgcheck=0

EOF

[[email protected] ~]# yum makecache
[[email protected] ~]# yum repolist
[[email protected] ~]# yum -y update
[[email protected] ~]# reboot

Install Software

[[email protected] ~]# yum -y install python3-tripleoclient
[[email protected] ~]# yum -y install ceph-ansible

Configure Undercloud Installation

# sample : undercloud.conf file in the stack user’s home directory. Red Hat provides a sample template (/usr/share/python-tripleoclient/undercloud.conf.sample)

# create /home/stack/undercloud.conf
[DEFAULT]
undercloud_hostname = undercloud.example.com
container_images_file = containers-prepare-parameter.yaml
local_ip = 192.0.2.1/24
undercloud_public_host = 192.0.2.2
undercloud_admin_host = 192.0.2.3
undercloud_nameservers = 192.0.2.254
#undercloud_ntp_servers =
#overcloud_domain_name = example.com
subnets = ctlplane-subnet
local_subnet = ctlplane-subnet
#undercloud_service_certificate =
generate_service_certificate = true
certificate_generation_ca = local
local_interface = eth0
inspection_extras = false
undercloud_debug = false
enable_tempest = false
enable_ui = false
hieradata_override = /home/stack/hieradata.yaml

[auth]

[ctlplane-subnet]
cidr = 192.0.2.0/24
dhcp_start = 192.0.2.5
dhcp_end = 192.0.2.24
inspection_iprange = 192.0.2.100,192.0.2.120
gateway = 192.0.2.254
## create /home/stack/hieradata.yaml
ironic::config::ironic_config:
  ipmi/use_ipmitool_retries:
    value: True

Install Undercloud and Verify Installation

# Generate the containers-prepare-parameter.yaml
[[email protected] ~]$ openstack tripleo container image \
  prepare default  \
  --local-push-destination   \
  --output-env-file containers-prepare-parameter.yaml
# adjust the registry details and items as needed
# Install the undercloud:
[[email protected] ~]$ time openstack undercloud install

Check password and details

[[email protected] ~]$ cat ~/stackrc
[[email protected] ~]$ cat ~/undercloud-passwords.conf

[[email protected] ~]$ source ~/stackrc
(undercloud) [[email protected] ~]$ openstack catalog list

Network Configuration Changes

(undercloud) [[email protected] ~]$ ip a
(undercloud) [[email protected] ~]$ ip r
(undercloud) [[email protected] ~]$ sudo ovs-vsctl show
(undercloud) [[email protected] ~]$ cat /etc/os-net-config/config.json | python3 -m json.tool

Undercloud Neutron Subnet

(undercloud) [[email protected] ~]$ openstack network list
(undercloud) [[email protected] ~]$ openstack subnet list
(undercloud) [[email protected] ~]$ openstack subnet show ctlplane-subnet

OverCloud Images

(undercloud) [[email protected] ~]$ mkdir images
(undercloud) [[email protected] ~]$ mkdir -p templates/environments
(undercloud) [[email protected] ~]$ sudo yum -y install rhosp-director-images

(undercloud) [[email protected] ~]$ tar -C images -xvf /usr/share/rhosp-director-images/overcloud-full-latest.tar(undercloud) [[email protected] ~]$ tar -C images -xvf /usr/share/rhosp-director-images/ironic-python-agent-latest.tar

## upload image
(undercloud) [[email protected] ~]$ openstack overcloud image upload --image-path ~/images
## check images
(undercloud) [[email protected] ~]$ openstack image list
## check content of httpboot
(undercloud) [[email protected] ~]$ ls -al /var/lib/ironic/httpboot/
(undercloud) [[email protected] ~]$ cat /var/lib/ironic/httpboot/inspector.ipxe

Deploy Containerized Overcloud

## list repo
(undercloud) [[email protected] ~]$ curl -s -H "Accept: application/json" http://192.0.2.1:8787/v2/_catalog | python3 -m json.tool

Overcloud Deployment Preparation

## create nodes.json
{
    "nodes": [
        {
            "mac": [
                "2c:c2:60:01:02:02"
            ],
            "name": "ctrl01",
            "pm_addr": "192.0.2.221",
            "pm_password": "redhat",
            "pm_type": "pxe_ipmitool",
            "pm_user": "admin"
        },
        {
            "mac": [
                "2c:c2:60:01:02:03"
            ],
            "name": "ctrl02",
            "pm_addr": "192.0.2.222",
            "pm_password": "redhat",
            "pm_type": "pxe_ipmitool",
            "pm_user": "admin"
        },
        {
            "mac": [
                "2c:c2:60:01:02:04"
            ],
            "name": "ctrl03",
            "pm_addr": "192.0.2.223",
            "pm_password": "redhat",
            "pm_type": "pxe_ipmitool",
            "pm_user": "admin"
        },
        {
            "mac": [
                "2c:c2:60:01:02:05"
            ],
            "name": "compute01",
            "pm_addr": "192.0.2.224",
            "pm_password": "redhat",
            "pm_type": "pxe_ipmitool",
            "pm_user": "admin"
        },
        {
            "mac": [
                "2c:c2:60:01:02:06"
            ],
            "name": "compute02",
            "pm_addr": "192.0.2.225",
            "pm_password": "redhat",
            "pm_type": "pxe_ipmitool",
            "pm_user": "admin"
        }
    ]
}

## check if any baremetal
(undercloud) [[email protected] ~]$ openstack baremetal node list

## validate
(undercloud) [[email protected] ~]$ openstack overcloud node import --validate-only ~/nodes.json
## import nodes.json and perform interospection
(undercloud) [[email protected] ~]$ openstack overcloud node import --introspect --provide nodes.json

## check berametals again
(undercloud) [[email protected] ~]$ openstack baremetal node list
(undercloud) [[email protected] ~]$ openstack baremetal node show ctrl01
(undercloud) [[email protected] ~]$ openstack baremetal node show ctrl01 -f json -c driver_info
(undercloud) [[email protected] ~]$ openstack baremetal introspection list
(undercloud) [[email protected] ~]$ openstack baremetal node show ctrl01 -f json -c properties

## review all info
(undercloud) [[email protected] ~]$ openstack baremetal introspection data save ctrl01 | jq "."

Overcloud Templates Preparation

(undercloud) [[email protected] ~]$ mkdir -p ~/templates/environments

## create custom environment file - /home/stack/templates/environments/node-info.yaml
parameter_defaults:
  OvercloudControlFlavor: baremetal
  OvercloudComputeFlavor: baremetal
  ControllerCount: 3
  ComputeCount: 2

## prepare env file -/home/stack/templates/environments/fix-nova-reserved-host-memory.yaml
parameter_defaults:
  NovaReservedHostMemory: 1024

Create Custom Network Environment File

(undercloud) [[email protected] ~]$ THT=/usr/share/openstack-tripleo-heat-templates
(undercloud) [[email protected] ~]$ cp $THT/roles_data.yaml ~/templates
(undercloud) [[email protected] ~]$ cp $THT/network_data.yaml ~/templates

## replace content of ~/templates/network_data.yaml
- name: Storage
  vip: true
  vlan: 30
  name_lower: storage
  ip_subnet: '172.18.0.0/24'
  allocation_pools: [{'start': '172.18.0.11', 'end': '172.18.0.250'}]
  ipv6_subnet: 'fd00:fd00:fd00:3000::/64'
  ipv6_allocation_pools: [{'start': 'fd00:fd00:fd00:3000::10', 'end': 'fd00:fd00:fd00:3000:ffff:ffff:ffff:fffe'}]
- name: StorageMgmt
  name_lower: storage_mgmt
  vip: true
  vlan: 40
  ip_subnet: '172.19.0.0/24'
  allocation_pools: [{'start': '172.19.0.11', 'end': '172.19.0.250'}]
  ipv6_subnet: 'fd00:fd00:fd00:4000::/64'
  ipv6_allocation_pools: [{'start': 'fd00:fd00:fd00:4000::10', 'end': 'fd00:fd00:fd00:4000:ffff:ffff:ffff:fffe'}]
- name: InternalApi
  name_lower: internal_api
  vip: true
  vlan: 20
  ip_subnet: '172.17.0.0/24'
  allocation_pools: [{'start': '172.17.0.11', 'end': '172.17.0.250'}]
  ipv6_subnet: 'fd00:fd00:fd00:2000::/64'
  ipv6_allocation_pools: [{'start': 'fd00:fd00:fd00:2000::10', 'end': 'fd00:fd00:fd00:2000:ffff:ffff:ffff:fffe'}]
- name: Tenant
  vip: false  # Tenant network does not use VIPs
  name_lower: tenant
  vlan: 50
  ip_subnet: '172.16.0.0/24'
  allocation_pools: [{'start': '172.16.0.11', 'end': '172.16.0.250'}]
  # Note that tenant tunneling is only compatible with IPv4 addressing at this time.
  ipv6_subnet: 'fd00:fd00:fd00:5000::/64'
  ipv6_allocation_pools: [{'start': 'fd00:fd00:fd00:5000::10', 'end': 'fd00:fd00:fd00:5000:ffff:ffff:ffff:fffe'}]
- name: External
  vip: true
  name_lower: external
  vlan: 10
  ip_subnet: '10.0.0.0/24'
  allocation_pools: [{'start': '10.0.0.201', 'end': '10.0.0.250'}]
  gateway_ip: '10.0.0.251'
  ipv6_subnet: '2001:db8:fd00:1000::/64'
  ipv6_allocation_pools: [{'start': '2001:db8:fd00:1000::10', 'end': '2001:db8:fd00:1000:ffff:ffff:ffff:fffe'}]
  gateway_ipv6: '2001:db8:fd00:1000::1'
- name: Management
  # Management network is enabled by default for backwards-compatibility, but
  # is not included in any roles by default. Add to role definitions to use.
  enabled: true
  vip: false  # Management network does not use VIPs
  name_lower: management
  vlan: 60
  ip_subnet: '10.0.1.0/24'
  allocation_pools: [{'start': '10.0.1.4', 'end': '10.0.1.250'}]
  ipv6_subnet: 'fd00:fd00:fd00:6000::/64'
  ipv6_allocation_pools: [{'start': 'fd00:fd00:fd00:6000::10', 'end': 'fd00:fd00:fd00:6000:ffff:ffff:ffff:fffe'}]

## generate env
(undercloud) [[email protected] ~]$ mkdir ~/workplace
(undercloud) [[email protected] ~]$ mkdir ~/output
(undercloud) [stack[email protected] ~]$ cp -rp /usr/share/openstack-tripleo-heat-templates/* workplace
(undercloud) [[email protected] ~]$ cd workplace

## process TripleO Heat Templates
(undercloud) [[email protected] workplace]$ tools/process-templates.py -r ../templates/roles_data.yaml -n ../templates/network_data.yaml -o ../output

(undercloud) [[email protected] workplace]$ cd ../output
(undercloud) [[email protected] output]$ cat environments/network-environment.yaml

## copy network env file 
(undercloud) [[email protected] output]$ cp environments/network-environment.yaml ~/templates/environments

(undercloud) [[email protected] output]$ cd ~
(undercloud) [[email protected] ~]$ sed -i 's/single-nic-vlans/multiple-nics/' templates/environments/network-environment.yaml
(undercloud) [[email protected] ~]$ grep -A1 SoftwareConfig templates/environments/network-environment.yaml

Create Network Interface Configuration Templates

(undercloud) [[email protected] ~]$ mkdir -p ~/templates/network/config/multiple-nics/
(undercloud) [[email protected] ~]$ cp ~/output/network/config/multiple-nics/*.yaml ~/templates/network/config/multiple-nics/