Openshift 4.x — Automation of UPI deployment by Ansible — Tower and vSphere preparations.
Ansible Tower
First of all we downloaded the tar file from this website: ansible tower tar file.20 GB of dedicated hard disk space for Tower service nodes and for nodes containing a database 150 GB+ recommended. Mount this disks to /var in the node.After this we edited the inventory file to our needs.Then we run the ./setup.sh script and it installed ansible tower.Edit the /etc/ansible/ansible.cfg forks = <number that you want> (default is 5, we increased it to 100)Initially we need to install govc on the ansible tower server: guide to install GOVC.
For backup run the ./setup.sh -b script.
After installation License required to be able to complete initial configuration. We used https://store.ansible.com/redhat/tower_license/ — Ansible Enterprise license generator FOR RED HATTERS (need valid Red Hat email address — for internal use only), you will need your License accordingly.
Template creation in vSphere for Installer/helper VM
First we created in vSphere rhel 7.6 template that contains a minimal installation with some addons to it:
- We enabled the disk uuid option.
- Disabled the swap.
- Enabled Network Manager service.
- Enabled SElinux in enforced mode.
- Enabled the IP forwarding.
- We entered the public key of the ansible tower server in the authorized_keys file.
Created a private key of the root user of the ansible tower, because this is necessary for the ansible tower passwordless ssh access to managed hosts. When we start a job we need to choose which private key we want to use.
Template creation in vSphere for OCP4.2 VMs
For this purpose we downloaded the relevant RHCOS ova template from the RH Website https://cloud.redhat.com/openshift/install/vsphere/user-provisioned, in our case rhcos-4.2.0-x86_64-vmware.ova
After that we created OVF Template by going to vSphere → Clusters and Hosts Tab
On cluster level right click and choose “Deploy OVF Template”
Choose the relevant OVA that we downloaded in previous step
Provide the relevant name and choose according VM Folder
Choose the relevant Cluster
Review Details → Next
Select Storage → Choose the relevant Datastore and change to “Thin Provision”
Select Network → Next (After that we will remove the network)
Customize Template → Next (We will customize later per type of VM: bootstrap/master/worker)
Ready to complete → Finish
Important:
After creating template Go to “edit settings” and Remove Network card (It is crucial, otherwise you can’t provide custom MAC addresses to CoreOS Vms that will be created from this template)
Upload all relevant playbooks to GIT Repository
We are using part of ready playbooks, prepared for OCP 3.11 Deployment automation in vmware-ansible.git with little changes in playbooks.
Most playbooks for OCP 4.1 / 4.2 that we prepared uploaded to the ocp4-deployment.git Repository
Ansible Tower configurations and definitions
We created three projects:
- The first project was ocpprep which contains the content of a git repository ocp4-deployment repository:
- The second project was openshift-ansible which contains all the installation playbooks and it’s located locally on the tower server under /var/lib/awx/projects folder:
- The third project was vmware-ansible which contained the playbooks that created the Helper/Installer VM of the OCP cluster or destroy it vmware-ansible:
After that we created inventory for the jobs.
And it looked like this:
After this we created the groups of the hosts:
PSB all Vars, Groups, Group nesting, Group Members, Group Vars, Hosts
Inventory used in Tower
- Note: PullSecret value should be taken from the cloud.redhat.com/openshift/install/vsphere
After creating Projects and Inventory → Next step is Templates creation. We created Job Templates based on the relevant playbooks in Github and Workflow Template. This process explained in another article
Openshift 4.x — Automation of UPI deployment by Ansible