wip

AC · AC · commit 9e967d7009f4 · 2025-04-03T15:25:10.000+02:00
diff --git a/ocp/4.15/upi_proxmox/ansible/restart-node.yaml b/ocp/4.15/upi_proxmox/ansible/restart-node.yaml
diff --git a/ocp/4.15/upi_rhosp/README.adoc b/ocp/4.15/upi_rhosp/README.adoc
@@ -336,6 +336,18 @@ References:
 * https://docs.redhat.com/en/documentation/openshift_container_platform/4.15/html/operators/cluster-operators-ref#cluster-storage-operator_cluster-operators-ref
 * https://github.com/openshift/cluster-storage-operator/tree/release-4.15
 
+== Maintenance
+
+*Restart node*
+
+[source,bash]
+----
+ansible-playbook ocp/4.15/upi_rhosp/ansible/restart-node.yaml \
+  -e nodename=node-name \
+  -e rhosp_instance_name=rhosp-instance
+----
+[source,bash]
+----
 == References
 
 * https://docs.redhat.com/en/documentation/openshift_container_platform/4.11/html/installing/installing-on-openstack
diff --git a/ocp/4.15/upi_rhosp/ansible/20.14-rhosp-load-balancer.yaml b/ocp/4.15/upi_rhosp/ansible/20.14-rhosp-load-balancer.yaml
@@ -140,7 +140,7 @@
   #   vars:
   #     ipv4_fixed_address: "servers[0].addresses.{{ rhosp_network }}[?\"OS-EXT-IPS:type\" == 'fixed'].addr"
 
-  - name: "Collect ControlPlane host private IPV4 "
+  - name: "Collect ControlPlane host private IPV4"
     ansible.builtin.set_fact:
       # openstack_vm_ipv4_address: "{{ item.servers[0].addresses[rhosp_network] | community.general.json_query(ipv4_fixed_address) }}"
       rhosp_instance_cp_array: "{{ (rhosp_instance_cp_array | default([])) + [item.servers[0].addresses[rhosp_network] | community.general.json_query(ipv4_fixed_address) | combine ({ 'name' : item.servers[0].name })] }}"
diff --git a/ocp/4.15/upi_rhosp/ansible/20.19-rhosp-compute-node-instance.yaml b/ocp/4.15/upi_rhosp/ansible/20.19-rhosp-compute-node-instance.yaml
@@ -29,7 +29,10 @@
       auto_floating_ip: false
       # nics:
       # - port-name: "{{ os_port_controlplane }}"
-      meta: "{{ ocp_cluster_id_tag }}"
+      # meta: "{{ ocp_cluster_id_tag }}"
+      meta: 
+        openshiftClusterID: "{{ ocp_infra_id }}"
+        hostname: "{{ rhosp_compute_node_server_prefix }}-{{ item }}"
       # wait: false # due to TypeError: 'NoneType' object is not subscriptable
       security_groups:
       - default
@@ -120,4 +123,16 @@
   #       group: "{{ server_group_id }}"
   #     meta: "{{ ocp_cluster_id_tag }}"
   #   with_indexed_items: "{{ [os_cp_server_name] * os_cp_nodes_number }}"
+
+# Load Balancer
+  - name: "Add compute node to load balancer"
+    include_tasks: tasks/rhosp-loadbalancer-member.yaml
+    vars:
+      rhosp_lb_member_address: "{{ rhosp_public_lb_pool_members_item.addr }}"
+      rhosp_lb_member_name: "{{ rhosp_public_lb_pool_members_item.name }}"
+      rhosp_lb_member_pool: "{{ rhosp_loadbalancer_pool_name }}-public"
+      rhosp_lb_member_ports: "{{ rhosp_lb_public_ports }}"
+    loop: "{{ rhosp_instance_cp_array + rhosp_instance_bootstrap_array }}"
+    loop_control:
+      loop_var: rhosp_public_lb_pool_members_item
 ...
diff --git a/ocp/4.15/upi_rhosp/ansible/defaults/main.yaml b/ocp/4.15/upi_rhosp/ansible/defaults/main.yaml
@@ -11,7 +11,7 @@ rhosp_lb_private_ports:
 - {name: "api-int", port: 22623, protocol: "TCP"}
 - {name: "api-server", port: 6443, protocol: "TCP"}
 ocp_control_plane_count: 3
-ocp_compute_node_count: 5
+ocp_compute_node_count: 7
 
 
 rhosp_compute_node:
@@ -25,3 +25,7 @@ rhosp_compute_node:
     flavor: b3-16
   5:
     flavor: b3-16
+  6:
+    flavor: b3-16
+  7:
+    flavor: b3-16
diff --git a/ocp/4.15/upi_rhosp/ansible/restart-node.yaml b/ocp/4.15/upi_rhosp/ansible/restart-node.yaml
@@ -0,0 +1,89 @@
+---
+- name: "Cordon and drain node"
+  hosts: "localhost"
+  gather_facts: true
+
+  pre_tasks:
+  - name: "Check variables"
+    ansible.builtin.assert:
+      that:
+      - nodename is defined and nodename | length > 0
+      - rhosp_instance_name is defined and rhosp_instance_name | length > 0
+      fail_msg:
+      - "nodename must be defined with the OpenShift node name."
+      - "rhosp_instance_name must be defined with the name of the RHOSP instance."
+
+  tasks:
+  - name: "Cordon the node"
+    ansible.builtin.shell: |
+      oc adm cordon {{ nodename }}
+    register: oc_adm_cordon_res
+
+  - name: "Print cordon result"
+    ansible.builtin.debug:
+      var: oc_adm_cordon_res
+
+  - name: "Drain node"
+    ansible.builtin.shell: |
+      oc adm drain {{ nodename }}
+    register: oc_adm_drain_res
+    failed_when: false
+
+  - name: "Print drain result"
+    ansible.builtin.debug:
+      var: oc_adm_drain_res
+
+  - name: "Drain force"
+    ansible.builtin.shell: |
+      oc adm drain {{ nodename }} --delete-emptydir-data --ignore-daemonsets
+    when: oc_adm_drain_res.rc != 0
+    register: oc_adm_drain_force_res
+
+  - name: "Print drain force result"
+    ansible.builtin.debug:
+      var: oc_adm_drain_force_res
+    when: oc_adm_drain_force_res is defined
+
+  - name: "Stop the RHOSP instance"
+    openstack.cloud.server_action:
+      action: stop
+      server: "{{ rhosp_instance_name }}"
+      timeout: 200
+
+  - name: "Wait for the VM to stop"
+    openstack.cloud.server_info:
+      name: "{{ rhosp_instance_name }}"
+    register: rhosp_instance_info
+    until: "rhosp_instance_info.servers[0].status == 'SHUTOFF'"
+    retries: 30
+    delay: 2
+
+  - name: "Start the RHOSP instance"
+    openstack.cloud.server_action:
+      action: start
+      server: "{{ rhosp_instance_name }}"
+      timeout: 200
+
+  - name: "Wait for the VM to start"
+    openstack.cloud.server_info:
+      name: "{{ rhosp_instance_name }}"
+    register: rhosp_instance_info
+    until: "rhosp_instance_info.servers[0].status == 'ACTIVE'"
+    retries: 30
+    delay: 2
+
+  - name: "Print wait result"
+    ansible.builtin.debug:
+      msg: 
+      - "rhosp_instance_info: {{ rhosp_instance_info }}"
+      - "rhosp_instance_info: {{ rhosp_instance_info | to_json }}"
+
+  - name: "Uncordon the node"
+    ansible.builtin.shell: |
+      oc adm uncordon {{ nodename }}
+    register: oc_adm_uncordon_res
+
+  - name: "Print uncordon result"
+    ansible.builtin.debug:
+      var: oc_adm_uncordon_res
+...
diff --git a/ocp/storage/rook/ansible/10-cp-install.yaml b/ocp/storage/rook/ansible/10-cp-install.yaml
@@ -0,0 +1,65 @@
+---
+- name: "Collect information"
+  import_playbook: _common_rhosp.yaml
+
+- name: "Check required variables"
+  hosts: "localhost"
+  gather_facts: true
+
+- name: "Setup OpenStack Environment"
+  hosts: "localhost"
+  gather_facts: true
+
+  tasks:
+
+  - name: "Check if cluster image exists"
+    ansible.builtin.shell: |
+      oc create -f https://github.com/rook/rook/raw/refs/heads/{{ rook_release_tag }}/deploy/examples/crds.yaml
+      oc create -f https://github.com/rook/rook/raw/refs/heads/{{ rook_release_tag }}/deploy/examples/common.yaml
+
+  # Deployment violates PodSecurity #11755: https://github.com/rook/rook/issues/11755
+  - name: "Fix NS POD security"
+    ansible.builtin.shell: |
+      oc label ns rook-ceph pod-security.kubernetes.io/enforce=privileged
+
+  - name: "Deploy the Operator"
+    ansible.builtin.shell: |
+      oc create -f https://github.com/rook/rook/raw/refs/heads/{{ rook_release_tag }}/deploy/examples/operator-openshift.yaml
+  
+  - name: "Deploy Ceph Cluster"
+    ansible.builtin.shell: |
+      oc create -f https://github.com/rook/rook/raw/refs/heads/{{ rook_release_tag }}/deploy/examples/cluster.yaml
+
+  - name: "Deploy Object Storage"
+    ansible.builtin.shell: |
+      oc create -f https://github.com/rook/rook/raw/refs/heads/{{ rook_release_tag }}/deploy/examples/object-openshift.yaml
+
+# Dashboard
+  # - name: "Dashboard: deploy services"
+  #   ansible.builtin.shell: |
+  #     oc create -f https://github.com/rook/rook/raw/refs/heads/release-1.16/deploy/examples/dashboard-external-http.yaml
+  #     oc create -f https://github.com/rook/rook/raw/refs/heads/release-1.16/deploy/examples/dashboard-external-https.yaml
+  #     #oc create -f https://github.com/rook/rook/raw/refs/heads/release-1.16/deploy/examples/dashboard-loadbalancer.yaml
+
+  - name: "Create route for dashboard service"
+    ansible.builtin.shell: |
+      oc -n rook-ceph create route passthrough --service=rook-ceph-mgr-dashboard
+
+  - name: "Get the dashboard password"
+    ansible.builtin.shell: |
+      -n rook-ceph get secret rook-ceph-dashboard-password -o jsonpath="{['data']['password']}" | base64 --decode && echo
+    register: rook_dashboard_admin_pw_res
+
+  - name: "Print the dashboard credentials"
+    ansible.builtin.debug:
+      msg:
+      - "https://rook.io/docs/rook/latest-release/Storage-Configuration/Monitoring/ceph-dashboard/#login-credentials"
+      - "default user: admin"
+      - "password: {{ rook_dashboard_admin_pw_res.stdout }}"
+
+# Toolbox
+  - name: "Deploy Toolbox"
+    ansible.builtin.shell: |
+      oc create -f https://github.com/rook/rook/raw/refs/heads/{{ rook_release_tag }}/deploy/examples/toolbox.yaml
+
+...
diff --git a/ocp/storage/rook/ansible/10-cp-uninstall.yaml b/ocp/storage/rook/ansible/10-cp-uninstall.yaml
@@ -0,0 +1,23 @@
+---
+- name: "Collect information"
+  import_playbook: _common_rhosp.yaml
+
+- name: "Check required variables"
+  hosts: "localhost"
+  gather_facts: true
+
+- name: "Setup OpenStack Environment"
+  hosts: "localhost"
+  gather_facts: true
+
+  tasks:
+  - name: "Deploy the Operator"
+    ansible.builtin.shell: |
+      oc delete -f https://github.com/rook/rook/raw/refs/heads/release-1.16/deploy/examples/operator-openshift.yaml
+
+  - name: "Check if cluster image exists"
+    ansible.builtin.shell: |
+      oc delete -f https://github.com/rook/rook/raw/refs/heads/release-1.16/deploy/examples/common.yaml
+      oc delete -f https://github.com/rook/rook/raw/refs/heads/release-1.16/deploy/examples/crds.yaml
+
+...
diff --git a/ocp/storage/rook/ansible/README.adoc b/ocp/storage/rook/ansible/README.adoc
@@ -0,0 +1,68 @@
+= Rook on OpenShift
+Antonio C. <ac (at) trikorasolutions (dot) com>
+:revdate: {docdate}
+:icons: font
+:toc: left
+:toclevels: 3
+:toc-title: Table of Contents
+:description: Rook on OpenShift
+
+== Introduction
+
+[.lead]
+This document is WIP and describes the deployment of the OpenShift Data 
+ Foundation operator and a Ceph storage.
+
+== Storage
+
+References:
+
+* https://rook.io/docs/rook/latest-release/Getting-Started/quickstart/#storage
+
+=== Block Storage
+
+
+[source,bash]
+----
+oc create -f ocp/storage/rook/ansible/files/rook-ceph-blockstore.yaml
+----
+
+* Block Storage: https://rook.io/docs/rook/latest-release/Storage-Configuration/Block-Storage-RBD/block-storage/
+
+=== Shared File System
+
+[source,bash]
+----
+oc create -f ocp/storage/rook/ansible/files/rook-ceph-filesystem.yaml
+----
+
+Shared File System Storage class.
+
+[source,bash]
+----
+oc create -f ocp/storage/rook/ansible/files/rook-ceph-filesystem-sc.yaml
+----
+
+
+* Shared FS: https://rook.io/docs/rook/latest-release/Storage-Configuration/Shared-Filesystem-CephFS/filesystem-storage/
+
+
+=== Object Storage
+
+[source,bash]
+----
+oc create -f ocp/storage/rook/ansible/files/rook-ceph-objectstore.yaml
+----
+
+* Object Storage: https://rook.io/docs/rook/latest-release/Storage-Configuration/Object-Storage-RGW/object-storage/
+
+
+== References
+
+* https://rook.io/docs/rook/latest-release/Getting-Started/ceph-openshift/
+* https://rook.io/docs/rook/latest-release/Getting-Started/quickstart/
+* Dashboard: https://rook.io/docs/rook/latest-release/Getting-Started/quickstart/#ceph-dashboard
+Toolbox: https://rook.io/docs/rook/latest-release/Getting-Started/quickstart/#tools
+
+
+== Troubleshooting
diff --git a/ocp/storage/rook/ansible/defaults/main.yaml b/ocp/storage/rook/ansible/defaults/main.yaml
@@ -0,0 +1 @@
+rook_version_tag: release-1.16
diff --git a/ocp/storage/rook/ansible/files/rook-ceph-blockstore.yaml b/ocp/storage/rook/ansible/files/rook-ceph-blockstore.yaml
@@ -0,0 +1,71 @@
+apiVersion: ceph.rook.io/v1
+kind: CephBlockPool
+metadata:
+  name: replicapool
+  namespace: rook-ceph
+spec:
+  failureDomain: host
+  replicated:
+    size: 3
+---
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+   name: rook-ceph-block
+# Change "rook-ceph" provisioner prefix to match the operator namespace if needed
+provisioner: rook-ceph.rbd.csi.ceph.com
+parameters:
+    # clusterID is the namespace where the rook cluster is running
+    clusterID: rook-ceph
+    # Ceph pool into which the RBD image shall be created
+    pool: replicapool
+
+    # (optional) mapOptions is a comma-separated list of map options.
+    # For krbd options refer
+    # https://docs.ceph.com/docs/master/man/8/rbd/#kernel-rbd-krbd-options
+    # For nbd options refer
+    # https://docs.ceph.com/docs/master/man/8/rbd-nbd/#options
+    # mapOptions: lock_on_read,queue_depth=1024
+
+    # (optional) unmapOptions is a comma-separated list of unmap options.
+    # For krbd options refer
+    # https://docs.ceph.com/docs/master/man/8/rbd/#kernel-rbd-krbd-options
+    # For nbd options refer
+    # https://docs.ceph.com/docs/master/man/8/rbd-nbd/#options
+    # unmapOptions: force
+
+    # RBD image format. Defaults to "2".
+    imageFormat: "2"
+
+    # RBD image features
+    # Available for imageFormat: "2". Older releases of CSI RBD
+    # support only the `layering` feature. The Linux kernel (KRBD) supports the
+    # full complement of features as of 5.4
+    # `layering` alone corresponds to Ceph's bitfield value of "2" ;
+    # `layering` + `fast-diff` + `object-map` + `deep-flatten` + `exclusive-lock` together
+    # correspond to Ceph's OR'd bitfield value of "63". Here we use
+    # a symbolic, comma-separated format:
+    # For 5.4 or later kernels:
+    #imageFeatures: layering,fast-diff,object-map,deep-flatten,exclusive-lock
+    # For 5.3 or earlier kernels:
+    imageFeatures: layering
+
+    # The secrets contain Ceph admin credentials.
+    csi.storage.k8s.io/provisioner-secret-name: rook-csi-rbd-provisioner
+    csi.storage.k8s.io/provisioner-secret-namespace: rook-ceph
+    csi.storage.k8s.io/controller-expand-secret-name: rook-csi-rbd-provisioner
+    csi.storage.k8s.io/controller-expand-secret-namespace: rook-ceph
+    csi.storage.k8s.io/node-stage-secret-name: rook-csi-rbd-node
+    csi.storage.k8s.io/node-stage-secret-namespace: rook-ceph
+
+    # Specify the filesystem type of the volume. If not specified, csi-provisioner
+    # will set default as `ext4`. Note that `xfs` is not recommended due to potential deadlock
+    # in hyperconverged settings where the volume is mounted on the same node as the osds.
+    csi.storage.k8s.io/fstype: ext4
+
+# Delete the rbd volume when a PVC is deleted
+reclaimPolicy: Delete
+
+# Optional, if you want to add dynamic resize for PVC.
+# For now only ext3, ext4, xfs resize support provided, like in Kubernetes itself.
+allowVolumeExpansion: true
diff --git a/ocp/storage/rook/ansible/files/rook-ceph-filesystem-sc.yaml b/ocp/storage/rook/ansible/files/rook-ceph-filesystem-sc.yaml
diff --git a/ocp/storage/rook/ansible/files/rook-ceph-filesystem.yaml b/ocp/storage/rook/ansible/files/rook-ceph-filesystem.yaml
diff --git a/ocp/storage/rook/ansible/files/rook-ceph-objectstore-sc.yaml b/ocp/storage/rook/ansible/files/rook-ceph-objectstore-sc.yaml
diff --git a/ocp/storage/rook/ansible/files/rook-ceph-objectstore.yaml b/ocp/storage/rook/ansible/files/rook-ceph-objectstore.yaml
