Skip to main content

Describing TOAD - TripleO automated deployer

An overview of the TOAD framework and the advantages

What is TOAD?

What components make up TOAD?

Requirements to install TOAD

  • Two different use cases: virtualized and baremetal
  • Only one Jenkins+Nginx VM needed to spin up the platform (8gb at least) 
  • RHEL7 / Centos7 operating system

Virtualized deploys

  • One server for slave and virtualized TripleO deployment:
    • multi-core
    • 16GB mem (better 32GB)
    • 60GB disk
    • external network
  • Needs RHN subscription for OSP jobs.

Baremetal deploys

  • One server for slave and virtualized undercloud:
    • multi-core
    • 16GB mem
    • 60GB disk
    • external network
    • Needs RHN subscription for OSP jobs.
  • One server for controller and one for compute:
    • multi-core
    • 4GB memory
    • 60GB disk
    • IPMI support
    • independent NIC/VLANS for provisioning and administration.
Can be extended with more controller and computes for HA

How users benefit from TOAD?

  • Easy: perform full virtualized and baremetal deployments with one click
  • Automated: avoid manual steps that are prone to human errors
  • Repeatable: job definitions and configs stored in git repos, track changes
  • Battle tested: relies on TripleO quickstart, used for upstream CI
  • Complete: choose between different releases, and RDO/OSP deploys
  • Flexible: extend with customization scripts and templates. Consume local repos with pinned versions and custom packages
  • Visible: logs for all deployment steps are collected and published 

TOAD job deployment workflow 

Comments

  1. Nice blog... This blog is helpful for me to understand OpenStack development. Thanks for sharing information

    ReplyDelete

Post a Comment

Popular posts from this blog

Deploying and upgrading TripleO with local mirrors

Continued from http://teknoarticles.blogspot.com.es/2017/08/automating-local-mirrors-creation-in.html

In the previous blogpost, I explained how to automate the RHEL mirror creation using https://github.com/redhat-nfvpe/rhel-local-mirrors. Now we are going to learn how to deploy and upgrade TripleO using those.
Deploying TripleO Undercloud To use local mirrors in the undercloud, you simply need to get the generated osp<version>.repo that you generated with the rhel-local-mirrors playbook, and copy it to /etc/yum.repos.d/ , in the undercloud host:
sudo curl http://<local_mirror_ip>/osp<version>_repo/osp<version>.repo \ -o /etc/yum.repos.d/osp.repo Then proceed with the standard instructions for deploy.
Overcloud Each node from the overcloud (controllers, computes, etc...) needs to have a copy of the repository file from our server where we host the local mirrors. To achieve it, you can include an script that downloads the osp<version>.repo file when deployi…

Automating local mirrors creation in RHEL

Sometimes there is a need to consume RHEL mirrors locally, not using the Red Hat content delivery network. It may be needed to speed up some deployment, or due to network constraints.

I create an ansible playbook, rhel-local-mirrors (https://github.com/redhat-nfvpe/rhel-local-mirrors), that can help with that.
What does rhel-local-mirrors do? It is basically a tool that connects to the Red Hat CDN, and syncs the repositories locally, allowing to populate the desired mirrors, that can be accessed by other systems via HTTP.

The playbook is performing several tasks, that can be run together or independently:
register a system on the Red Hat Networkprepare the system to host mirrorscreate the specified mirrorsschedule automatic updates of the mirrors How to use it?It is an Ansible playbook, so start by installing it, in any prefered format. Then continue by cloning the playbook:
git clone https://github.com/redhat-nfvpe/rhel-local-mirrors.gitThis playbook expects a group of servers called

Build and use security hardened images with TripleO

Starting to apply since Pike Concept of security hardened images Normally the images used for overcloud deployment in TripleO are not security hardened. It means, the images lack all the extra security measures needed to accomplish with ANSSI requirements. These extra measures are needed to deploy TripleO in environments where security is an important feature.
The following recommendations are given to accomplish with security guidelines:
ensure that /tmp is mounted on a separate volume or partition, and that it is mounted with rw,nosuid,nodev,noexec,relatime flagsensure that /var, /var/log and /var/log/audit are mounted on separates volumes or partitions, and that are mounted with rw,relatime flags.ensure that /home is mounted on a separate partition or volume, and that it is mounted with rw,nodev,relatime flags.include extra kernel boot flag to enable auditing: add audit=1 to GRUB_CMDLINE_LINUX settingdisable kernel support for USB via bootloader configuration: add nousb to GRUB_CMD…