Skip to content

admiyo/rippowam

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Rippowam

Rippowam is an ansible playbook for setting up flavors of OpenStack on top of RPM based Operating systems. The current focus is on the RHEL-OSP12 release and RHEL 7.3 Base Operating system.

Rippowam creates an inventory file used to populate the initial variables and host entries to run Rippowam. An Example of the inventory file is at the bottom of this document. Ossipee uses $USER as the default name for the deployment, and many things make use of the name, such as the hostname and Kerberos Realm. You will see the strings yourname and YOURNAME in this document that are generated from the name.

Running

Because Rippowam needs OpenStack credentials to provision the systems, you should manage the clouds.yaml file locally.

To run Rippowam to provision:

cd $YOURPATH/rippowam

ansible-playbook playbooks/provision.yml ansible-playbook -e @$HOME/vault.yml playbooks/provision.yml

ansible-playbook -i ~/rippowam/deployments/yourname/inventory.ini ~/devel/rippowam/site.yml

ansible-playbook -i ~/rippowam/deployments/ayoung.rdusalab/inventory.ini -e @/home/ayoung/vault.yml --start-at-task "realm in standalone.xml" playbooks/websso.yml

Once the playbook completes, you should have a working IPA server and OpenStack deployment.

Hostnames

It is easiest to work with the machines via hostnames. Add entries to /.etc/hosts for the publically accessable IP addresses of the two hosts such as:

10.16.19.101 ipa.yourname.test 10.16.18.245 openstack.yourname.test

You should have ssh access to the hosts using an SSH keypair.

Kerberos

To enable Kerberos, scp the krb5.conf file from the ipa server:

scp ipa.yourname.test:/etc/krb5.conf /home/yourname/.ossipee/inventory/yourname.krb5.conf export KRB5_CONFIG=/home/yourname/.ossipee/inventory/yourname.krb5.conf kinit [email protected]

The password comes from the inventory file.

You should be able to ssh to the ipa server with

ssh -K ipa.yourname.test

To test the ipa web UI browse to

https://ipa.yourname.test

Sample inventory file

[openstack] 10.16.19.101

[openstack:vars] ipa_server_password=FreeIPA4All ipa_domain=yourname.test ipa_realm=YOURNAME.TEST cloud_user=cloud-user ipa_admin_user_password=FreeIPA4All ipa_forwarder=192.168.52.3 nameserver=192.168.52.4

[ipa] 10.16.18.245

[ipa:vars] ipa_server_password=FreeIPA4All ipa_domain=yourname.test ipa_realm=YOURNAME.TEST cloud_user=cloud-user ipa_admin_user_password=FreeIPA4All ipa_forwarder=192.168.52.3 nameserver=192.168.52.4

[ipa_clients] 10.16.19.101 [%ipa_clients:vars] ipa_server_password=FreeIPA4All ipa_domain=yourname.test ipa_realm=YOURNAME.TEST cloud_user=cloud-user ipa_admin_user_password=FreeIPA4All ipa_forwarder=192.168.52.3

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 81.4%
  • Shell 18.6%