Creating OpenStack Provider Network for Use by a Single Project

October 30, 2018

OpenStack supports “provider” networks, which are networks that pre-exist in your physical infrastructure and are “provided” to the cloud users rather than created by the user. Only an admin is permitted to create a provider network.

A prequisite is the provider network must be plumbed to the external bridge on your controller and nova nodes.

Here is an Ansible playbook to create a project, place a unshared provider network and subnet in that project. Afterwards we will grant access to the members of this project using the openstack client. It does not appear that Ansible has a OpenStack network RBAC module at this time.

Ansible Playbook to Prepare for OpenShift Enterprise 3.1

December 12, 2015

This playbook is written for RHEL 7.2 and OSE v3.1. It will perform the following steps which should take place before running the openshift-ansible byo playbook.

Install prerequisite RPMs like docker, python, etc.
Persist the systemd journal for easier debugging
Setup docker ephemeral storage on 2nd disk
Turn off swap
Enable use of NFS in selinux

Prerequisites

See my Testing OpenShift Enterprise V3 post for the prereqs.

The Playbook

The lastest version is available here.

Ansible CMDB Inventory and Facts Reporting

December 6, 2015

You just deployed a complex multi-host app using Ansible. Wouldn’t it be helpful to see a overview of the deployment including hardware details?

I just found ansible-cmdb which combines info from the Ansible inventory and discovered facts to create a detailed HTML report akin to a Configuration Management Database.

To use it in your playbook dir, just create a directory to hold facts discovered by the setup module then generate the report.

Testing Openshift Origin V3 with Ansible and Vagrant on OS X

June 28, 2015

The OpenShift Origin project provides Ansible playbooks and roles for installing OpenShift on various infratructure. I’m going to try out the example using Vagrant and VirtualBox on my Mac. I’m not very familiar with Vagrant or OpenShift v3 yet, so I’m just going to think out loud and see how it goes. I’ve also recently started testing OpenShift Enterprise.

Some Background

OpenShift Origin is an opensource PaaS (platform as a service). It is the upstream project for Red Hat’s OpenShift Online and OpenShift Enterprise. Version 3 of the OpenShift platform is a complete rewrite just launched in June 2015. It now utilizes Docker as the container engine and Kubernetes as the orchestrator. The Enterprise edition uses Red Hat Atomic Enterprise Platform as the underlying OS. The example used in this post will create Vagrant CentOS boxes.

How To Scale Up Ansible Playbooks and Roles in a Managable Way

May 16, 2015

Ansible is Awesome! Ansible is a Mess!

So you found Ansible, and you were all Woah! Ansible is awesome! Ansibilize all the things! Then you created a git repo and started hacking.

Playbooks look in the current directory to find roles, libraries, and inventories, so naturally you put everything in one big git repo, right?

You tried to follow the best practices for writing playbooks, you created roles, and maybe you wrote a filter plugin or a custom module for configuring an application unique to your environment. Eventually you wound up with a big repo of playbooks and inventory files and buried roles and realized there must be a better way to do this.

Split an Ansible Git Repo and Retain the Commit History

March 15, 2015

Starting with a jumbled git repo of various Ansible roles, playbooks, inventories, group_vars, etc. I want to create a new repo out of a selection of the subdirectories and retain the commit history.

I have an ansible-test repo with a tree that looks roughly like this:

.
├── adhoc/
│   ├── rolling-reboot.yml
│   └── scripts/
├── README.md
└── runtime/
    ├── roles/
    │   ├── foo-role/
    │   └── zimbra/
    │       ├── ansible.cfg
    │       ├── hosts
    │       ├── tasks/
    │       └── ...
    ├── group_vars/
    │   ├── foo-group
    │   └── zimbra-prod
    ├── hosts
    ├── host_vars/
    ├── library/
    │   ├── foo-lib
    │   ├── zmlocalconfig
    │   └── zmprov
    ├── foo.yml
    └── zimbra-playbook.yml

I want to split that so that the Zimbra role, it’s playbook, and any ‘runtime’ context like group_vars, and libraries are managed together in a new repo called playbook-zimbra.

Tuning ext4 Creation and Mount Options for Zimbra

February 2, 2015

Zimbra is a email collaboration suite. Its various compontents perform MTA duties, message store, full text indexing. In a large environment, the number of files and I/O operations can really add up. How we ensure the filesystem is ready to support it?

Zimbra’s Recommendations

Zimbra offers some guidance for tuning the filesystem, with tips like:

Mount file systems with the noatime option.
It generally is not important to know the last access time of all the files, so the extra write ops are wasteful.
Continue reading

Using Ansible Filters to Customize the Order Of Hosts in a List

February 1, 2015

Zimbra is a email / collaboration suite that is typically deployed in a cluster or clusters of dedicated servers which fill roles like LDAP master, LDAP replica, Proxy, MTA, Mailstore, etc.

The LDAP servers are used by all the other servers to store configuration and provisioning data. Servers in the cluster understand where to find the LDAP master (read/write) and LDAP replicas (read only) though values defined in /opt/zimbra/conf/localconfig.xml.

There are 2 values relevant to LDAP server lists and they have values like this: