##########################
# cert-30 - OpenStack all-in-one using Foreman (cert-23.pd.infn.it)
##########################

######################
1. Preliminary steps:
######################

#######
 - Various documentation mention that if only one NIC is available this should be in promiscuous mode:
#######

[root@cert-30 ~]# netstat -i
Kernel Interface table
Iface       MTU Met    RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0       1500   0    63617      0      0      0      210      0      0      0 BMRU
lo        16436   0       53      0      0      0       53      0      0      0 LRU
[root@cert-30 ~]# 

[root@cert-30 ~]# ifconfig eth0 promisc

[root@cert-30 ~]# dmesg |grep eth
eth0: no IPv6 routers present
device eth0 entered promiscuous mode

[root@cert-30 ~]# grep -i promisc /etc/sysconfig/network-scripts/ifcfg-eth0 
PROMISC=yes

#########
 - Again various documentation mention that in case of only 1 NIC a bridge should be defined "br100" (Ref: https://dl.dropboxusercontent.com/u/34258911/cloud_new/openstack-install-guide-yum-trunk_Sett2013.pdf, "Pre-configuring the network")
#########

[root@cert-30 ~]# service network status
Configured devices:
lo eth0
Currently active devices:
lo eth0

[root@cert-30 ~]# ifconfig 
eth0      Link encap:Ethernet  HWaddr 00:00:C1:CE:D2:21  
          inet addr:193.206.210.33  Bcast:193.206.210.255  Mask:255.255.255.0
          inet6 addr: fe80::200:c1ff:fece:d221/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:57505 errors:0 dropped:0 overruns:0 frame:0
          TX packets:164 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:12542121 (11.9 MiB)  TX bytes:21017 (20.5 KiB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:53 errors:0 dropped:0 overruns:0 frame:0
          TX packets:53 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:6304 (6.1 KiB)  TX bytes:6304 (6.1 KiB)

[root@cert-30 ~]# cat /etc/sysconfig/network-scripts/ifcfg-br100
DEVICE="br100"
TYPE="Bridge"
ONBOOT="yes"
DELAY=0
BOOTPROTO="static"
IPADDR=193.206.210.33
NETMASK=255.255.255.0

####################
2. As recommended for the RDO Openstack Install (Ref: http://openstack.redhat.com/Deploying_RDO_Using_Foreman)
####################

[root@cert-30 ~]# yum install -y http://repos.fedorapeople.org/repos/openstack/openstack-havana/rdo-release-havana-7.noarch.rpm	
[…]
Installed:
  rdo-release.noarch 0:havana-7                                                                                                                                              
Complete!

[root@cert-30 ~]# rpm -qa |grep epel
[root@cert-30 ~]# yum install -y http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
[…]
Installed:
  epel-release.noarch 0:6-8                                                                                                                                                  
Complete!

#############
2. Instalaltion&Configuration
#############

 - On Foreman Server:

[root@cert-23 ~]# cat ~/env_foreman 
export PRIVATE_CONTROLLER_IP=193.206.210.33
export PRIVATE_INTERFACE=eth0
export PRIVATE_NETMASK=193.206.210.0/23
export PUBLIC_CONTROLLER_IP=193.206.210.33
export PUBLIC_INTERFACE=eth0
export PUBLIC_NETMASK=193.206.210.0/23
export FOREMAN_GATEWAY=false
export FOREMAN_PROVISIONING=false

[root@cert-23 ~]# ./foreman_server.sh 2>&1 | tee /root/conf_foreman_openstack.`hostname -s`.`date +%Y%m%d-%H%M%S`.log
[…]
Foreman is installed and almost ready for setting up your OpenStack
First, you need to alter a few parameters in Foreman.
Visit: https://cert-23.pd.infn.it/hostgroups
From this list, click on each class that you plan to use
Go to the Smart Class Parameters tab and work though each of the parameters
in the left-hand column

Then copy /tmp/foreman_client.sh to your openstack client nodes
Run that script and visit the HOSTS tab in foreman. Pick some
host groups for your nodes based on the configuration you prefer
For further directions, see:
http://openstack.redhat.com/Deploying_RDO_Using_Foreman
Once puppet runs on the machines, OpenStack is ready!

[root@cert-23 ~]# scp /tmp/foreman_client.sh cert-30:.

#############
 - On cert-30:
#############

[root@cert-30 ~]# chmod a+x foreman_client.sh

[root@cert-30 ~]# ./foreman_client.sh 
[…]
Info: Loading facts in /var/lib/puppet/lib/facter/facter_dot_d.rb
Info: Loading facts in /var/lib/puppet/lib/facter/iptables_version.rb
Info: Loading facts in /var/lib/puppet/lib/facter/hamysql_active_node.rb
Info: Loading facts in /var/lib/puppet/lib/facter/netns_support.rb
Info: Loading facts in /var/lib/puppet/lib/facter/ip6tables_version.rb
Info: Loading facts in /var/lib/puppet/lib/facter/network.rb
Info: Loading facts in /var/lib/puppet/lib/facter/root_home.rb
Info: Loading facts in /var/lib/puppet/lib/facter/puppet_vardir.rb
Info: Loading facts in /var/lib/puppet/lib/facter/pe_version.rb
Info: Caching catalog for cert-30.pd.infn.it
Info: Applying configuration version '1384657819'
Info: Creating state file /var/lib/puppet/state/state.yaml
Notice: Finished catalog run in 0.17 seconds
Info: Retrieving plugin
Info: Loading facts in /var/lib/puppet/lib/facter/facter_dot_d.rb
Info: Loading facts in /var/lib/puppet/lib/facter/iptables_version.rb
Info: Loading facts in /var/lib/puppet/lib/facter/hamysql_active_node.rb
Info: Loading facts in /var/lib/puppet/lib/facter/netns_support.rb
Info: Loading facts in /var/lib/puppet/lib/facter/ip6tables_version.rb
Info: Loading facts in /var/lib/puppet/lib/facter/network.rb
Info: Loading facts in /var/lib/puppet/lib/facter/root_home.rb
Info: Loading facts in /var/lib/puppet/lib/facter/puppet_vardir.rb
Info: Loading facts in /var/lib/puppet/lib/facter/pe_version.rb
Info: Caching catalog for cert-30.pd.infn.it
Info: Applying configuration version '1384657819'
Notice: Finished catalog run in 0.16 seconds
Starting puppet agent:                                     [  OK  ]

###########
Configuring Puppet Classes & Parameters in the Foreman UI:
###########
- From the Foreman UI set the following:

- tab "Hosts"
- choose 'cert-30" - > "Edit" -> "Puppet Classes" tab -> from the list choose "openstack" then "openstack::all"
- then go to "Parameters" tab and "overwrite" all the ones present there, especially the ones with no default value

Important parameters to set:
- all the *_password ones
libvirt_type = qemu (recommended in case we are not using bare-metal, ADD reference)
private_interface = br100
bridge_interface = br100
public_address = 193.206.210.33 (IP cert-30)
public_interface = eth0

- Configuration can be done also following "More" -> "Configuration" -> "Smart Variables" -> Search: "openstack::all"

 - Once set the parameters - one can wait for the PuppetClient to trigger the update of the host (30min) or use "puppet agent -tv"
 
 - Example of errors in case not all needed parameters are set:
[root@cert-30 ~]# puppet agent -tv
Info: Retrieving plugin
Info: Loading facts in /var/lib/puppet/lib/facter/facter_dot_d.rb
Info: Loading facts in /var/lib/puppet/lib/facter/network.rb
Info: Loading facts in /var/lib/puppet/lib/facter/iptables_version.rb
Info: Loading facts in /var/lib/puppet/lib/facter/root_home.rb
Info: Loading facts in /var/lib/puppet/lib/facter/netns_support.rb
Info: Loading facts in /var/lib/puppet/lib/facter/pe_version.rb
Info: Loading facts in /var/lib/puppet/lib/facter/puppet_vardir.rb
Info: Loading facts in /var/lib/puppet/lib/facter/ip6tables_version.rb
Info: Loading facts in /var/lib/puppet/lib/facter/hamysql_active_node.rb
Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Received incomplete information - no value provided for parameter rabbit_password on node cert-30.pd.infn.it
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run
[root@cert-30 ~]# 
[root@cert-30 ~]# 
[root@cert-30 ~]# 
[root@cert-30 ~]# puppet agent -tv
Info: Retrieving plugin
Info: Loading facts in /var/lib/puppet/lib/facter/facter_dot_d.rb
Info: Loading facts in /var/lib/puppet/lib/facter/network.rb
Info: Loading facts in /var/lib/puppet/lib/facter/iptables_version.rb
Info: Loading facts in /var/lib/puppet/lib/facter/root_home.rb
Info: Loading facts in /var/lib/puppet/lib/facter/netns_support.rb
Info: Loading facts in /var/lib/puppet/lib/facter/pe_version.rb
Info: Loading facts in /var/lib/puppet/lib/facter/puppet_vardir.rb
Info: Loading facts in /var/lib/puppet/lib/facter/ip6tables_version.rb
Info: Loading facts in /var/lib/puppet/lib/facter/hamysql_active_node.rb
Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Local ip for ovs agent must be set when tunneling is enabled at /etc/puppet/environments/production/modules/neutron/manifests/agents/ovs.pp:28 on node cert-30.pd.infn.it
Warning: Not using cache on failed catalog
Error: Could not retrieve catalog; skipping run

 - 2 network restart were needed to complete installation (TO INVESTIGATE)
[…]
Notice: /Stage[main]/Neutron::Agents::Ovs/Neutron::Plugins::Ovs::Port[br-ex:br100]/Vs_port[br100]/ensure: created
Notice: /Stage[main]/Neutron::Agents::L3/Neutron_l3_agent_config[DEFAULT/periodic_fuzzy_delay]/ensure: created
Info: /Stage[main]/Neutron::Agents::L3/Neutron_l3_agent_config[DEFAULT/periodic_fuzzy_delay]: Scheduling refresh of Service[neutron-l3]
Notice: /Stage[main]/Neutron::Agents::L3/Neutron_l3_agent_config[DEFAULT/use_namespaces]/ensure: created
Info: /Stage[main]/Neutron::Agents::L3/Neutron_l3_agent_config[DEFAULT/use_namespaces]: Scheduling refresh of Service[neutron-l3]
Notice: /Stage[main]/Neutron::Agents::L3/Neutron_l3_agent_config[DEFAULT/enable_metadata_proxy]/ensure: created
Info: /Stage[main]/Neutron::Agents::L3/Neutron_l3_agent_config[DEFAULT/enable_metadata_proxy]: Scheduling refresh of Service[neutron-l3]
Notice: /Stage[main]/Neutron::Agents::L3/Neutron_l3_agent_config[DEFAULT/handle_internal_only_routers]/ensure: created
Info: /Stage[main]/Neutron::Agents::L3/Neutron_l3_agent_config[DEFAULT/handle_internal_only_routers]: Scheduling refresh of Service[neutron-l3]
Notice: /Stage[main]/Neutron::Agents::L3/Neutron_l3_agent_config[DEFAULT/interface_driver]/ensure: created
Info: /Stage[main]/Neutron::Agents::L3/Neutron_l3_agent_config[DEFAULT/interface_driver]: Scheduling refresh of Service[neutron-l3]
Write failed: Broken pipe

[…]
Notice: /Stage[main]/Neutron::Agents::Ovs/Neutron::Plugins::Ovs::Bridge[default:br-ex]/Vs_bridge[br-ex]/external_ids: external_ids changed '' to 'bridge-id=br-ex'
Write failed: Broken pipe
[…]
Info: /Stage[main]/Nova::Cert/Nova::Generic_service[cert]/Service[nova-cert]: Unscheduling refresh on Service[nova-cert]
Notice: /Stage[main]/Apache/Service[httpd]: Triggered 'refresh' from 2 events
Notice: Finished catalog run in 86.95 seconds


#####
before reboot:
[root@cert-30 ~]# uname -a
Linux cert-30.pd.infn.it 2.6.32-358.23.2.el6.x86_64 #1 SMP Wed Oct 16 11:13:47 CDT 2013 x86_64 x86_64 x86_64 GNU/Linux


after reboot
[root@cert-30 ~]# uname -a
Linux cert-30.pd.infn.it 2.6.32-358.23.2.el6.x86_64 #1 SMP Wed Oct 16 11:13:47 CDT 2013 x86_64 x86_64 x86_64 GNU/Linux

[root@cert-30 ~]# rpm -qa |grep kernel|sort
dracut-kernel-004-303.el6.noarch
erlang-kernel-R14B-04.2.el6.x86_64
kernel-2.6.32-358.23.2.el6.x86_64
kernel-2.6.32-358.el6.x86_64
kernel-firmware-2.6.32-358.23.2.el6.noarch