It currently fully support the following workload:
- docker - A basic docker installation
- docker-swarm - A swarm installation (using latest docker version)
- docker-registry - A docker registry installation (using latest docker version)
- stable-docker - The current stable version of docker installation
- ha-docker-swarm - A high-availability docker swarm installation
- keepalived - A high-availability basic keepalived setup
- rancher - A rancher mode installation
- maas - A basic Ubuntu MaaS installation for inventory management
You can see the support details by clicking the workload name.
It really depends of the workload you want to deploy, but bundled, by default, you get :
- full dynamic inventory from OpenStack, allowing you to grow or shrink your deployment as needed
- unless specified otherwise, a specific ssh key to the deployment, ensuring only people having this key can access the deployed nodes
- a separation between 'public nodes' who are internet exposed and hardened to avoid any unneeded exposure and the 'private nodes' who are only communicating through the local customer-specific network
- a bridge (bastion technically), for you to be able to access the private nodes securely
- a proxy configuration, for the private nodes to be able to do updates and install new packages
Note: These are currently configured to be used with an Internap Agile Cloud account.
- First, install Ansible:
- On Ubuntu
sudo apt-get install ansible
- On CentOS
sudo yum install ansible
- On MacOSX (you need to have brew installed)
brew install ansible
- Clone this repo :
git clone https://github.com/internap/ansible-ansible-heat
-
Make sure your clouds.yaml file is configured properly:
cat ~/.config/openstack/clouds.yaml
it should look something like :
clouds: inap-AMSDemo1: profile: internap auth: auth_url: https://identity.api.cloud.iweb.com/v3 project_name: inap-12345 domain_name: default username: api-RANDOM_NUMBER_GIVENTOYOU password: YOUR_PASSWORD region_name: ams01
- To find your project name, user name and password
- Go to your Internap account (login.internap.com),
- Click the 'My Infrastructure > Horizon and API Access' tab in the menu on the top
- Your project name is displayed in the "Option 2 : API" description under the field 'Tenant Name'
- For your username and password
- If you never got any API Username and Password, you can click on the 'Get New API Credentials' button
- BEWARE : If you did but don't remember them, clicking that button will regenerate new credentials and expire the old one, blocking any other access with them, including any application that would use those old credentials
- When you click the button, simply copy and paste both information into your clouds.yaml file, do not forget to store those credentials somewhere where you can retrieve them later
- To find your project name, user name and password
-
Adapt your Openstack config file to your account and your needs:
cat config/openstack-config.yaml
it should look something like :openstack_config: image_name: Ubuntu 16.04 LTS (Xenial Xerus) #this is the OS image we'll be using flavor_name: A1.1 #this is the default flavor we'll be using controller_flavor: A1.1 #this is the flavor we'll be using for 'controller' node (see specifif role for details)
-
You can now launch the Ansible playbook using :
./openstack-ansible -e os_cloud=<MY_CLOUDS_YAML_PROFILE> -e role=<THE_WORKLOAD_NAME>
- node_count= the total number of node you want to create/maintain
- public_node_count= the number of node you want to be public facing
- action= a non-default action to trigger, that can be :
- delete: the script will then delete all existing instances
- delete_all: the script will delete instance, local config files and keys in OS
- delete_all_includinguserkey: the script will wipe keys and instances both in OS and locally
- skip_setup: the script will execute only the docker role and it's dependencies and skip all creation and setup of instance
- key_filename= explicit SSH key file name to use
- using Ansible:
./openstack-ansible -e os_cloud=<MY_CLOUDS_YAML_PROFILE> -e role=<THE_WORKLOAD_NAME> -e node_count=4 -e key_filename=/tmp/blabla
Feel free to raise issues and send some pull request, we'll be happy to look at them! We also would love to have other provider adding their own workload and configuration to make it a repository of generic, hardened, IaaS recipe.