Portal:Cloud VPS/Admin/Devstack magnum/Stable wallaby

From Wikitech


These are magnum install instructions for installing on devstack stable/wallaby


You will need a user with sudo access. Often this is the stack user, but any will do.

This was tested on Ubuntu 20.04


git clone https://github.com/openstack/devstack.git --branch stable/wallaby
cd devstack

cat <<EOF > local.conf

enable_plugin barbican https://opendev.org/openstack/barbican stable/wallaby
enable_plugin heat https://github.com/openstack/heat stable/wallaby

enable_service h-eng h-api h-api-cfn h-api-cw

source openrc
export OS_USERNAME='admin'
export OS_PASSWORD='secret'

cd ~
wget https://builds.coreos.fedoraproject.org/prod/streams/stable/builds/34.20210518.3.0/x86_64/fedora-coreos-34.20210518.3.0-openstack.x86_64.qcow2.xz
unxz fedora-coreos-34.20210518.3.0-openstack.x86_64.qcow2.xz 
openstack image create Fedora-CoreOS --file=fedora-coreos-34.20210518.3.0-openstack.x86_64.qcow2 --disk-format=qcow2 --container-format=bare --property os_distro='fedora-coreos' --public

ssh-keygen -f admin -P ""
openstack keypair create --public-key admin.pub admin

sudo mkdir /etc/magnum
cd ~
git clone https://git.openstack.org/openstack/magnum --branch stable/wallaby
cd magnum
sudo pip install -e .
sudo tox -egenconfig
sudo cp etc/magnum/api-paste.ini /etc/magnum/api-paste.ini

sudo sh -c 'cat <<EOF > /etc/magnum/magnum.conf
pybasedir = /usr/lib/python3/dist-packages/magnum
bindir = /usr/bin
state_path = /var/lib/magnum
transport_url = rabbit://magnum:secret@localhost:5672
host = <host ip>
cert_manager_type = barbican
region_name = RegionOne
api_version = 3
connection = mysql+pymysql://magnum:secret@localhost/magnum
memcached_servers = localhost:11211
auth_version = v3
www_authenticate_uri = http://localhost/identity
project_domain_id = default
user_domain_id = default
password = secret
auth_url = http://localhost/identity
auth_type = password
admin_user = magnum
admin_password = secret
admin_tenant_name = service
project_name = service
project_domain_name = default
username = magnum
user_domain_name = default
region_name = RegionOne
auth_type = password
lock_path = /var/lock/magnum
driver = log
trustee_domain_name = magnum
trustee_domain_admin_name = magnum_domain_admin
trustee_domain_admin_password = secret
trustee_keystone_interface = public

cd ~
git clone https://git.openstack.org/openstack/python-magnumclient --branch stable/wallaby
cd python-magnumclient
sudo pip install -e .

sudo vim /etc/magnum/magnum.conf # update host = <current ip>
openstack user create --domain default --password secret magnum
mysql -h -u root -psecret mysql <<EOF
CREATE USER 'magnum'@'%' IDENTIFIED BY 'secret';
GRANT ALL PRIVILEGES ON magnum.* TO 'magnum'@'%';

openstack role add --project service --user magnum admin
openstack service create --name magnum --description "OpenStack Container Infrastructure Management Service" container-infra
# note replace <host ip> below
openstack endpoint create --region RegionOne container-infra public http://<host ip>:9511/v1
openstack domain create --description "Owns users and projects created by magnum" magnum
openstack user create --domain magnum --password secret magnum_domain_admin
openstack role add --domain magnum --user-domain magnum --user magnum_domain_admin admin
# note replace <host ip> below
openstack endpoint create --region RegionOne keystone internal http://<host ip>/identity
openstack subnet set --dns-nameserver private-subnet

sudo rabbitmqctl add_user magnum secret
sudo rabbitmqctl set_permissions -p / magnum ".*" ".*" "."
sudo magnum-db-manage upgrade
sudo magnum-api # leave this running
sudo magnum-conductor # leave this running

openstack coe cluster template create my-template --image Fedora-CoreOS --external-network public --fixed-network private --fixed-subnet private-subnet --dns-nameserver --network-driver flannel --docker-storage-driver overlay2 --docker-volume-size 10 --master-flavor m1.small --flavor m1.small --coe kubernetes
openstack coe cluster create my-cluster --cluster-template my-template --master-count 1 --node-count 1 --keypair admin