Applies to SUSE OpenStack Cloud 8

21 Installing SUSE CaaS Platform Heat Templates #

This chapter describes how to install SUSE CaaS Platform Heat template on SUSE OpenStack Cloud.

21.1 SUSE CaaS Platform Heat Installation Procedure #

Procedure 21.1: Preparation #

Download the latest SUSE CaaS Platform for OpenStack image (for example, SUSE-CaaS-Platform-3.0-OpenStack-Cloud.x86_64-1.0.0-GM.qcow2) from https://download.suse.com.

Upload the image to Glance:

openstack image create --public --disk-format qcow2 --container-format \
bare --file SUSE-CaaS-Platform-3.0-OpenStack-Cloud.x86_64-1.0.0-GM.qcow2 \
CaaSP-3

Install the caasp-openstack-heat-templates package on a machine with SUSE OpenStack Cloud repositories:
```
zypper in caasp-openstack-heat-templates
```
The installed templates are located in /usr/share/caasp-openstack-heat-templates.
Alternatively, you can get official Heat templates by cloning the appropriate Git repository:
```
git clone https://github.com/SUSE/caasp-openstack-heat-templates
```

Procedure 21.2: Installing Templates via Horizon #

In Horizon, go to Project › Stacks › Launch Stack.
Select File from the Template Source drop-down box and upload the caasp-stack.yaml file.
In the Launch Stack dialog, provide the required information (stack name, password, flavor size, external network of your environment, etc.).
Click Launch to launch the stack. This creates all required resources for running SUSE CaaS Platform in an OpenStack environment. The stack creates one Admin Node, one Master Node, and server worker nodes as specified.

Procedure 21.3: Install Templates from the Command Line #

Specify the appropriate flavor and network settings in the caasp-environment.yaml file.

Create a stack in Heat by passing the template, environment file, and parameters:

openstack stack create -t caasp-stack.yaml -e caasp-environment.yaml \
--parameter image=CaaSP-3 caasp-stack

Procedure 21.4: Accessing Velum SUSE CaaS Platform dashboard #

After the stack has been created, the Velum SUSE CaaS Platform dashboard runs on the Admin Node. You can access it using the Admin Node's floating IP address.
Create an account and follow the steps in the Velum SUSE CaaS Platform dashboard to complete the SUSE CaaS Platform installation.

When you have successfully accessed the admin node web interface via the floating IP, follow the instructions at https://documentation.suse.com/suse-caasp/3/single-html/caasp-deployment/ to continue the setup of SUSE CaaS Platform.

21.2 Installing SUSE CaaS Platform with Multiple Masters #

Note

A Heat stack with load balancing and multiple master nodes can only be created from the command line, because Horizon does not have support for nested Heat templates.

Install the caasp-openstack-heat-templates package on a machine with SUSE OpenStack Cloud repositories:

zypper in caasp-openstack-heat-templates

The installed templates are located in /usr/share/caasp-openstack-heat-templates.

A working load balancer is needed in your SUSE OpenStack Cloud deployment. SUSE OpenStack Cloud uses HAProxy.

Verify that load balancing with HAProxy is working correctly in your OpenStack installation by creating a load balancer manually and checking that the provisioning_status changes to Active.

ardana > openstack loadbalancer show
<LOAD_BALANCER_ID>

HAProxy is the default load balancer provider in SUSE OpenStack Cloud.

The steps below can be used to set up a network, subnet, router, security and IPs for a test lb_net1 network with lb_subnet1 subnet.

ardana > openstack network create lb_net1
  ardana > openstack subnet create --name lb_subnet1 lb_net1 \
--subnet-range 172.29.0.0/24 --gateway 172.29.0.2
ardana > openstack router create lb_router1
ardana > openstack router add subnet lb_router1 lb_subnet1
ardana > openstack router set lb_router1 --external-gateway ext-net
ardana > openstack network list

Procedure 21.5: Steps to Install SUSE CaaS Platform with Multiple Masters #

Specify the appropriate flavor and network settings in the caasp-multi-master-environment.yaml file.
Set master_count to the desired number in the caasp-multi-master-environment.yaml file. The master count must be set to an odd number of nodes.
```
master_count: 3
```

Create a stack in Heat by passing the template, environment file, and parameters:

ardana > openstack stack create -t caasp-multi-master-stack.yaml \
-e caasp-multi-master-environment.yaml --parameter image=CaaSP-3 caasp-multi-master-stack

Find the floating IP address of the load balancer. This is necessary for accessing the Velum SUSE CaaS Platform dashboard.

ardana > openstack loadbalancer list --provider

From the output, copy the id and enter it in the following command as shown in the following example:

ardana > openstack loadbalancer show id

+---------------------+------------------------------------------------+
| Field               | Value                                          |
+---------------------+------------------------------------------------+
| admin_state_up      | True                                           |
| description         |                                                |
| id                  | 0d973d80-1c79-40a4-881b-42d111ee9625           |
| listeners           | {"id": "c9a34b63-a1c8-4a57-be22-75264769132d"} |
|                     | {"id": "4fa2dae0-126b-4eb0-899f-b2b6f5aab461"} |
| name                | caasp-stack-master_lb-bhr66gtrx3ue             |
| operating_status    | ONLINE                                         |
| pools               | {"id": "8c011309-150c-4252-bb04-6550920e0059"} |
|                     | {"id": "c5f55af7-0a25-4dfa-a088-79e548041929"} |
| provider            | haproxy                                        |
| provisioning_status | ACTIVE                                         |
| tenant_id           | fd7ffc07400642b1b05dbef647deb4c1               |
| vip_address         | 172.28.0.6                                     |
| vip_port_id         | 53ad27ba-1ae0-4cd7-b798-c96b53373e8b           |
| vip_subnet_id       | 87d18a53-ad0c-4d71-b82a-050c229b710a           |
+---------------------+------------------------------------------------+

Search the floating IP list for vip_address

ardana > openstack floating ip list | grep 172.28.0.6
| d636f3...481b0c | fd7ff...deb4c1 | 172.28.0.6  | 10.84.65.37  | 53ad2...373e8b |

The load balancer floating ip address is 10.84.65.37

Accessing the Velum SUSE CaaS Platform Dashboard

After the stack has been created, the Velum SUSE CaaS Platform dashboard runs on the admin node. You can access it using the floating IP address of the admin node.

Create an account and follow the steps in the Velum SUSE CaaS Platform dashboard to complete the SUSE CaaS Platform installation.

SUSE CaaS Platform Admin Node Install: Screen 1

SUSE CaaS Platform Admin Node Install: Screen 2

SUSE CaaS Platform Admin Node Install: Screen 3

SUSE CaaS Platform Admin Node Install: Screen 4

SUSE CaaS Platform Admin Node Install: Screen 5

Set External Kubernetes API to LOADBALANCER_FLOATING_IP, External Dashboard FQDN to ADMIN_NODE_FLOATING_IP

SUSE CaaS Platform Admin Node Install: Screen 6

SUSE CaaS Platform Admin Node Install: Screen 7

21.3 Deploy SUSE CaaS Platform Stack Using Heat SUSE CaaS Platform Playbook #

Install the caasp-openstack-heat-templates package on a machine with SUSE OpenStack Cloud repositories:
```
ardana > zypper in caasp-openstack-heat-templates
```
The installed templates are located in /usr/share/caasp-openstack-heat-templates.
Run heat-caasp-deploy.yml on the Cloud Lifecycle Manager to create a SUSE CaaS Platform cluster with Heat templates from the caasp-openstack-heat-templates package.
```
ardana > cd ~/scratch/ansible/next/ardana/ansible
ardana > ansible-playbook -i hosts/localhost heat-caasp-deploy.yml
```
In a browser, navigate to the Horizon UI to determine the floating IP address assigned to the admin node.
Go to http://ADMIN-NODE-FLOATING-IP/ to bring up the Velum dashboard.
Follow the steps for bootstrap and add nodes to the cluster to bring up the SUSE CaaS Platform Kubernetes cluster.

21.4 Deploy SUSE CaaS Platform Cluster with Multiple Masters Using Heat CaasP Playbook #

Install the caasp-openstack-heat-templates package on a machine with SUSE OpenStack Cloud repositories:
```
ardana > zypper in caasp-openstack-heat-templates
```
The installed templates are located in /usr/share/caasp-openstack-heat-templates.

On the Cloud Lifecycle Manager, run the heat-caasp-deploy.yml playbook and pass parameters for caasp_stack_name, caasp_stack_yaml_file and caasp_stack_env_yaml_file.

ardana > ansible-playbook -i hosts/localhost heat-caasp-deploy.yml -e "caasp_stack_name=caasp_multi-master caasp_stack_yaml_file=caasp-multi-master-stack.yaml caasp_stack_env_yaml_file=caasp-multi-master-environment.yaml"

21.5 SUSE CaaS Platform OpenStack Image for Heat SUSE CaaS Platform Playbook #

By default the Heat SUSE CaaS Platform playbook downloads the SUSE CaaS Platform image from http://download.suse.de/install/SUSE-CaaSP-3-GM/SUSE-CaaS-Platform-3.0-for-OpenStack-Cloud.x86_64-3.0.0-GM.qcow2. If this URL is not accessible, the SUSE CaaS Platform image can be downloaded from https://download.suse.com/Download?buildid=z7ezhywXXRc and copied to the deployer.

To create a SUSE CaaS Platform cluster and pass the path to the downloaded image, run the following commands:

ardana > cd ~/scratch/ansible/next/ardana/ansible
ardana > ansible-playbook -i hosts/localhost heat-caasp-deploy.yml -e "caasp_image_tmp_path=~/SUSE-CaaS-Platform-3.0-for-OpenStack-Cloud.x86_64-3.0.0-GM.qcow2"

To create a SUSE CaaS Platform cluster with multiple masters and pass the path to the downloaded image, run the following commands:

ardana > cd ~/scratch/ansible/next/ardana/ansible
ardana > ansible-playbook -i hosts/localhost heat-caasp-deploy.yml -e "caasp_image_tmp_path=caasp_image_tmp_path=~/SUSE-CaaS-Platform-3.0-for-OpenStack-Cloud.x86_64-3.0.0-GM.qcow2
 caasp_stack_name=caasp_multi-master caasp_stack_yaml_file=caasp-multi-master-stack.yaml caasp_stack_env_yaml_file=caasp-multi-master-environment.yaml"

21.6 Enabling the Cloud Provider Integration (CPI) Feature #

When deploying a CaaaSP cluster using SUSE CaaS Platform OpenStack Heat templates, the following CPI parameters can be set in caasp-environment.yaml or caasp-multi-master-environment.yaml.

cpi_auth_url: The URL of the Keystone API used to authenticate the user. This value can be found on OpenStack Dashboard under Access and Security › API Access › Credentials (for example, https://api.keystone.example.net:5000/v3/)
cpi_domain_name: Name of the domain the user belongs to
cpi_tenant_name: Name of the project the user belongs to. This is the project where the resources will be created.
cpi_region: Name of the region to use when running a multi-region OpenStack cloud. The region is a general division of an OpenStack deployment.
cpi_username: Username of a valid user that has been set in Keystone. Default: admin
cpi_password: Password of a valid user that has been set in Keystone.
cpi_monitor_max_retries: Neutron load balancer monitoring max retries. Default: 3
cpi_bs_version: Cinder Block Storage API version. Possible values are v1, v2 , v3 or auto. Default: auto
cpi_ignore_volume_az: Ignore Cinder and Nova availability zones. Default: true

When the SUSE CaaS Platform cluster has been deployed by the Heat templates, the Velum dashboard on the admin node (https://ADMIN-NODE-IP/) will have entries for Cloud Provider Integration (CPI). The OpenStack settings form will show the values that were set in the caasp-environment.yaml or caasp-multi-master-environment.yaml files.

After the SUSE CaaS Platform cluster comes up, install the latest SUSE CaaS Platform 3.0 Maintenance Update using the following steps:

Spin up a SUSE CaaS Platform cluster using Heat templates following the instructions in Section 21.1, “SUSE CaaS Platform Heat Installation Procedure”. Do not go through the bootstrapping steps, because the SUSE CaaS Platform Maintenance Update (MU) must be applied first. After the maintenance update process below succeeds, return to the SUSE CaaS Platform installation instructions and follow the admin node bootstrapping steps.
Apply the SUSE CaaS Platform 3.0 Maintenance Update with the following steps:
1. Log in to each node and add the update repository.
```
ardana > sudo zypper ar http://nu.novell.com/SUSE/Updates/SUSE-CAASP/3.0/x86_64/update/ caasp_update
```
2. With root privileges, run transactional-update on each node.
3. Reboot each node
4. Verify that the Velum image packages were updated
```
ardana > zypper se --detail velum-image
i | sles12-velum-image | package    | 3.1.7-3.27.3  | x86_64 | update_caasp
```
Upload a valid trust certificate that can validate a certificate presented by Keystone at the specified keystone_auth_url in the system-wide certificate section of Velum. The certificate must be uploaded to avoid bootstrapping failure with a x509: certificate signed by unknown authority error message.
Get SUSE Root CA certificate with the following steps:
1. From the RPM provided in the repos:
  1. Add a repository for your distribution at http://download.suse.de/ibs/SUSE:/CA/. For example, with openSUSE Leap, use http://download.suse.de/ibs/SUSE:/CA/openSUSE_Leap_15.0/SUSE:CA.repo
  2. Install certificates and find the .pem file.
```
ardana > sudo zypper in ca-certificates-suse
ardana > rpm -ql ca-certificates-suse
```
    The path to the cert is /usr/share/pki/trust/anchors/SUSE_Trust_Root.crt.pem
2. In system wide certificate during setup in Velum, upload this certificate so you can bootstrap with CPI.
After the nodes come up, continue with the installation instructions in Section 21.1, “SUSE CaaS Platform Heat Installation Procedure” following the admin node cluster bootstrapping steps.

21.7 More Information about SUSE CaaS Platform #

More information about the SUSE CaaS Platform is available at https://documentation.suse.com/suse-caasp/3/single-html/caasp-deployment/