summaryrefslogtreecommitdiffstats
path: root/docs/release/userguide
diff options
context:
space:
mode:
authorAlexandru Avadanii <Alexandru.Avadanii@enea.com>2019-02-07 19:51:04 +0100
committerAlexandru Avadanii <Alexandru.Avadanii@enea.com>2019-02-14 16:58:51 +0100
commit58af9a94ef78bbcf3f0593d4170d32ebce721455 (patch)
tree895f9cd9620d4509b86d281fcfc5fce9a69a5e15 /docs/release/userguide
parent494c436572aed0b739bcfcc3fbf5b78ea34318b2 (diff)
[baremetal] Containerize MaaS
- replace mas01 VM with a Docker container; - drop `mcpcontrol` virsh-managed network, including special handling previously required for it across all scripts; - drop infrastructure VMs handling from scripts, the only VMs we still handle are cluster VMs for virtual and/or hybrid deployments; - drop SSH server from mas01; - stop running linux state on mas01, as all prerequisites are properly handled durin Docker build or via entrypoint.sh - for completeness, we still keep pillar data in sync with the actual contents of mas01 configuration, so running the state manually would still work; - make port 5240 available on the jumpserver for MaaS dashboard access; - docs: update diagrams and text to reflect the new changes; Change-Id: I6d9424995e9a90c530fd7577edf401d552bab929 Signed-off-by: Alexandru Avadanii <Alexandru.Avadanii@enea.com>
Diffstat (limited to 'docs/release/userguide')
-rw-r--r--docs/release/userguide/userguide.rst67
1 files changed, 36 insertions, 31 deletions
diff --git a/docs/release/userguide/userguide.rst b/docs/release/userguide/userguide.rst
index 25b5e13be..50acf6feb 100644
--- a/docs/release/userguide/userguide.rst
+++ b/docs/release/userguide/userguide.rst
@@ -29,7 +29,8 @@ Fuel uses several networks to deploy and administer the cloud:
| **PXE/admin** | Used for booting the nodes via PXE and/or Salt |
| | control network |
+------------------+----------------------------------------------------------+
-| **mcpcontrol** | Used to provision the infrastructure hosts (Salt & MaaS) |
+| **mcpcontrol** | Docker network used to provision the infrastructure |
+| | hosts (Salt & MaaS) |
+------------------+----------------------------------------------------------+
| **management** | Used for internal communication between |
| | OpenStack components |
@@ -45,20 +46,21 @@ Fuel uses several networks to deploy and administer the cloud:
These networks - except ``mcpcontrol`` - can be Linux bridges configured
before the deploy on the Jumpserver.
If they don't exists at deploy time, they will be created by the scripts as
-``libvirt`` managed networks.
+``libvirt`` managed networks (except ``mcpcontrol``, which will be handled by
+Docker using the ``bridge`` driver).
Network ``mcpcontrol``
~~~~~~~~~~~~~~~~~~~~~~
-``mcpcontrol`` is a virtual network, managed by libvirt. Its only purpose is to
+``mcpcontrol`` is a virtual network, managed by Docker. Its only purpose is to
provide a simple method of assigning an arbitrary ``INSTALLER_IP`` to the Salt
master node (``cfg01``), to maintain backwards compatibility with old OPNFV
Fuel behavior. Normally, end-users only need to change the ``INSTALLER_IP`` if
the default CIDR (``10.20.0.0/24``) overlaps with existing lab networks.
-``mcpcontrol`` has both NAT and DHCP enabled, so the Salt master (``cfg01``)
-and the MaaS VM (``mas01``, when present) get assigned predefined IPs (``.2``,
-``.3``, while the jumpserver bridge port gets ``.1``).
+``mcpcontrol`` uses the Docker bridge driver, so the Salt master (``cfg01``)
+and the MaaS containers (``mas01``, when present) get assigned predefined IPs
+(``.2``, ``.3``, while the jumpserver gets ``.1``).
+------------------+---------------------------+-----------------------------+
| Host | Offset in IP range | Default address |
@@ -346,6 +348,18 @@ To login as ``ubuntu`` user, use the RSA private key ``/var/lib/opnfv/mcp.rsa``:
jenkins@jumpserver:~$ docker exec -it fuel bash
root@cfg01:~$
+Accessing the MaaS Node (``mas01``)
+===================================
+
+Starting with the ``Hunter`` release, the MaaS node (``mas01``) is
+containerized and no longer runs a ``sshd`` server. To access it (from
+``jumpserver`` only):
+
+.. code-block:: console
+
+ jenkins@jumpserver:~$ docker exec -it maas bash
+ root@mas01:~$
+
Accessing Cluster Nodes
=======================
@@ -382,19 +396,10 @@ Accessing the ``MaaS`` Dashboard
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
``MaaS`` web-based dashboard is available at
-``http://<mas01 IP address>:5240/MAAS``, e.g.
-``http://172.16.10.12:5240/MAAS``.
+``http://<jumpserver IP address>:5240/MAAS``.
The administrator credentials are ``opnfv``/``opnfv_secret``.
-.. NOTE::
-
- ``mas01`` VM does not automatically get assigned an IP address in the
- public network segment. If ``MaaS`` dashboard should be accesiable from
- the public network, such an address can be manually added to the last
- VM NIC interface in ``mas01`` (which is already connected to the public
- network bridge).
-
Ensure Commission/Deploy Timeouts Are Not Too Small
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -446,30 +451,31 @@ Check Network Connectivity Between Nodes on the Jumpserver
``cfg01`` is a Docker container running on the ``jumpserver``, connected to
Docker networks (created by docker-compose automatically on container up),
which in turn are connected using veth pairs to their ``libvirt`` managed
-counterparts.
+counterparts (or manually created bridges).
-For example, the ``mcpcontrol`` network(s) should look like below.
+For example, the ``mgmt`` network(s) should look like below for a ``virtual``
+deployment.
.. code-block:: console
- jenkins@jumpserver:~$ brctl show mcpcontrol
+ jenkins@jumpserver:~$ brctl show mgmt
bridge name bridge id STP enabled interfaces
- mcpcontrol 8000.525400064f77 yes mcpcontrol-nic
- veth_mcp0
+ mgmt 8000.525400064f77 yes mgmt-nic
+ veth_mcp2
vnet8
jenkins@jumpserver:~$ docker network ls
NETWORK ID NAME DRIVER SCOPE
- 81a0fdb3bd78 docker-compose_docker-mcpcontrol macvlan local
+ 81a0fdb3bd78 docker-compose_mgmt macvlan local
[...]
- jenkins@jumpserver:~$ docker network inspect docker-compose_mcpcontrol
+ jenkins@jumpserver:~$ docker network inspect docker-compose_mgmt
[
{
- "Name": "docker-compose_mcpcontrol",
+ "Name": "docker-compose_mgmt",
[...]
"Options": {
- "parent": "veth_mcp1"
+ "parent": "veth_mcp3"
},
}
]
@@ -488,14 +494,13 @@ segment).
inet addr:172.16.10.2 Bcast:0.0.0.0 Mask:255.255.255.0
inet addr:192.168.11.2 Bcast:0.0.0.0 Mask:255.255.255.0
-For each network of interest (``mcpcontrol``, ``mgmt``, ``PXE/admin``), check
-that ``cfg01`` can ping the jumpserver IP in that network segment, as well as
-the ``mas01`` IP in that network.
+For each network of interest (``mgmt``, ``PXE/admin``), check
+that ``cfg01`` can ping the jumpserver IP in that network segment.
.. NOTE::
- ``mcpcontrol`` is set up at VM bringup, so it should always be available,
- while the other networks are configured by Salt as part of the
+ ``mcpcontrol`` is set up at container bringup, so it should always be
+ available, while the other networks are configured by Salt as part of the
``virtual_init`` STATE file.
.. code-block:: console
@@ -552,7 +557,7 @@ To confirm or rule out this possibility, monitor the serial console output of
one (or more) cluster nodes during ``MaaS`` commissioning. If the node is
properly configured to attempt PXE boot, yet it times out waiting for an IP
address from ``mas01`` ``DHCP``, it's worth checking that ``DHCP`` packets
-reach the ``jumpserver``, respectively the ``mas01`` VM.
+reach the ``jumpserver``, respectively the ``mas01`` container.
.. code-block:: console