These are the networking requirements for a successful OpenStack Autopilot run.
Internet access
MAAS and its nodes will need to be able to reach the internet, or at least these sites (http and https):
- maas.ubuntu.com
- cloud-images.ubuntu.com
- streams.canonical.com
- an Ubuntu archive (archive.ubuntu.com or a mirror)
- api.jujucharms.com
- manage.jujucharms.com
- jujucharms.com
- store.juju.ubuntu.com
- keyserver.ubuntu.com
- ppa.launchpad.net
- usn.ubuntu.com
If opening holes in a firewall, be mindful that these addresses may resolve to multiple IPs.
Network layout
There are two basic network layouts that we support. Let's call them "flat network" and "split network". In both these models, at least one node needs to have two network interfaces connected to networks that MAAS knows about. We will call them private and public networks.
Keep in mind that OpenStack floating IPs will always come from the public network.
In the following diagrams, the "cloud" that is above the router does not necessarily mean the Internet directly, just that eventually devices on this network can reach the Internet.
Flat network
The flat network model is the most basic one. Here we trick the system and simply say the public and private networks are the same and connect both NICs to it:
OpenStack floating IPs will come from the same network as MAAS node IPs in this scenario.
Split network
In the split network topology, we have two actual distinct networks:
MAAS only manages the private network, for which it will setup DNS and DHCP, but it has to know about the public one. An easy way to handle that automatically is to just hook up a second NIC to the MAAS machine and connect it to the public network as shown. MAAS will then automatically know about it.
Installing MAAS
This is how the MAAS server should be installed:
- Install Ubuntu server 14.04 LTS on the machine you want to use for MAAS
sudo add-apt-repository ppa:maas-maintainers/stable
sudo apt-get update
sudo apt-get install maas
- Access the MAAS UI at
http://maas.ip/MAAS/
and follow the instructions to create the administrator, then login with those credentials
- Import disk images for 14.04 LTS (Trusty) 64 bits. This will take a few minutes, depending on your bandwidth.
- Add your SSH key to your user profile -
http://maas.ip/MAAS/account/prefs/
- Go to the Networks tab in MAAS and verify that you have auto-created networks for each NIC of your MAAS server. You may have networks created for virtual interfaces like
lxcbr0
or virbr0
: we don't care about those, only about real physical interfaces.
- Fill in the missing details, like gateway and DNS, in the networks that were auto-created for each NIC
Configuring the MAAS cluster
- Click on the "Clusters" tab and then click on your cluster
- Choose a DNS zone name
- You should see a list of NICs on the machine. Click the edit symbol for the NIC that's connected to the private network, that is, the network where all the nodes are
- Set this NIC to manage DHCP and DNS.
- If needed, configure the IP, subnet mask, broadcast IP.
- Set the "Router IP" to the default gateway for this private network
- Carve up your network space into ranges like this:
- for the split network case: dynamic range and static range
- for the flat network case: dynamic range, static range and floating IP range
Where:
- dynamic range: used by all the NICs in the nodes while they enlist and commission.
- static range: used by nodes when they are allocated to a user
- floating IP range: used by OpenStack floating IPs. This is not a MAAS configuration, but you should leave room for them
Save the changes.
Enlist and commission machines
- Ensure all other machines are set to PXE boot, if possible disable all other boot options (including local disk) in the BIOS
- Enlist the machines by powering them on. This can usually be done by some sort of virtual console. Eventually they will all appear in the node list in MAAS and be powered down again.
- Edit each machine in the nodes list and fill in the Power type and power parameters so that MAAS can turn them on and off as needed
- Select all of the machines and, using the Bulk action dropdown, Commission them
- Wait until all machines are commissioned (i.e. in Ready state)
MAAS networks
- Go to the Networks tab and verify that you have the nodes listed in what is your private network and with their respective NICs selected
- If using the flat network topology, the node that has two NICs should have been automatically detected as having both NICs connected to the network. Just verify that this is the case.
- If using the split network topology, edit the public network and look for the node that has two NICs. Select the NIC that is connected to the public network.
Testing things
To make sure juju can drive MAAS and provision machines, let's take it for a spin. It's best to try it out now and fix any issues before more complex services like the Autopilot make use of it.
On the machine being used to drive the installation, run these commands:
sudo add-apt-repository ppa:juju/stable
sudo apt-get update
sudo apt-get install juju-core juju-deployer
- Follow Juju docs for configuring MAAS
The remainder of this document will assume that the MAAS Juju environment you just configured is the default one.
For a simple test, we will deploy Ubuntu to all nodes. On the machine that is driving the installation, run these commands:
juju bootstrap
this will use one of the MAAS nodes to bootstrap juju. It will take a few minutes to complete
juju deploy ubuntu -n N
deploy ubuntu
to all remaining nodes. Replace N
with the number of nodes minus one, which was used for the bootstrap above. This command returns after a few seconds, but it just starts the process.
- watch the nodes list in the MAAS UI. You should see nodes being allocated and deployed
- watch the output of
juju status
periodically until everything is started
- login into a random node via ssh and try to reach the internet from it. For example, try
juju ssh ubuntu/0
and wget http://www.ubuntu.com
from there
- if everything worked correctly, destroy the environment
juju destroy-environment $(juju env)
MAAS is setup and ready to be used by the OpenStack Autopilot.
You can juju ssh into landscape-server/0 without the long sudo line, that will get you into that node as "ubuntu" which can sudo to any other user without a password, including landscape.
Put the files where you want in landscape-server/0, make sure the landscape user can access them, then become the landscape user and set JUJU_HOME. Then you can juju scp them into any node in the inner cloud environment.
The landscape user doesn't have a shell by default, that's why that long sudo line you found runs the bash command in the end.
Best Answer
Similarly to: Landscape openstack juju management
You can use the following: