OpenStack: Magnum



# install OSC magnum client to fix "a bytes-like object is required, not 'str'"
echo "deb hirsute main restricted" > /etc/apt/sources.list.d/hirsute.list
apt update
apt install -y python3-magnumclient
# install kubectl
snap install kubectl --classic


openstack stack list
openstack stack show d8a1c3af-7993-4493-91be-19cfce38a870
openstack coe cluster update k8s-cluster replace node_count=2

Configure deployment kolla-ansible

# cat /etc/kolla/config/magnum.conf 
default_docker_volume_type = VT1
cluster_user_trust = True
#region_name = ch-zh1
region_name_for_services = RegionOne
# /etc/kolla/globals.yml 
# magnum_tag: ""
enable_magnum: "yes"

Redeploy / Reconfigure container

kolla-ansible -i /etc/kolla/inventory-hosts deploy -t magnum

Get Fedora AtomicHost images;O=D

# wget
xz -d Fedora-AtomicHost-29-20190429.0.x86_64.raw.xz
openstack image create "Fedora AtomicHost 29 (20190429.0)" \
  --file Fedora-AtomicHost-29-20190429.0.x86_64.raw.xz \
  --disk-format raw \
  --container-format=bare \
  --min-disk 10 \
  --min-ram 4096 \
  --public \
  --protected \
  --property hw_scsi_model=virtio-scsi \
  --property hw_disk_bus=scsi \
  --property hw_qemu_guest_agent=yes \
  --property os_distro=fedora-atomic \
  --property os_admin_user=fedora \
  --property os_version=20190429.0

Deploy kubernetes cluster

openstack keypair create --public-key ~/.ssh/ mykey
openstack flavor create m1.kubernetes \
  --disk 40 \
  --vcpu 2 \
  --ram 4096 \
  --public \
  --description "kubernetes flavor"
openstack coe cluster template create kubernetes-cluster-template \
  --image "Fedora AtomicHost 29" \
  --external-network public \
  --dns-nameserver \
  --master-flavor m1.kubernetes \
  --flavor m1.kubernetes \
  --coe kubernetes \
  --volume-driver cinder \
  --network-driver flannel \
  --docker-volume-size 40
  # --docker-storage-driver overlay
  # --tls-disabled
  # --floating-ip-disabled
# defile application credentials
export OS_CLOUD=dev-foo-app-unrestricted
# list avaiable cluster
openstack coe cluster template list
export OS_COE_TEMPLATE=k8s-1.15.3-no-floating-ips
export OS_USER_KEY=foo-key
# deploy single master cluster
openstack coe cluster create ${CLUSTER} \
  --cluster-template ${OS_COE_TEMPLATE} \
  --master-count 1 \
  --node-count 2 \
  --keypair ${OS_USER_KEY}

Get cluster configurations

cd ~/2.7.15
for CLUSTER in $(openstack coe cluster list -c name -f value); do
  mkdir -p ~/kubernetes/${CLUSTER}
  openstack coe cluster config ${CLUSTER} --dir ~/kubernetes/${CLUSTER} --force
  # export latest cluster config as default
  export KUBECONFIG=~/kubernetes/${CLUSTER}/config
# Fix taints
# kubernetes
kubectl get nodes -o wide
kubectl get pods --all-namespaces -o wide
# Configure persistent default cluster
echo "export KUBECONFIG=~/kubernetes/kubernetes-cluster1/config" >> ~/.bashrc
# optional: Route to dev public net trougth rally VM
sshuttle --remote


# operating system
systemctl list-units --failed
journalctl -f
journalctl -p err -b

Fix taints (deprected)

kubectl describe nodes | grep Taints
kubectl taint nodes --all
# kubectl taint nodes --all   dedicated=master:NoSchedule-

Repository - commits to rocky

# kolla-build.conf
type = git
location =
reference = stable/stein
# build
cd ./kolla && python tools/ --config-file /root/kolla-build.conf --tag magnum

Deploy Kubernetes UI

OpenStack Magnum / Kubernetes
openstackmagnum Docker registry:
kubernetes version:
latest tag:

k8scloudprovider Docker registry:
cloud provider version:
latest tag:

Get floating IP

openstack loadbalancer list
openstack loadbalancer show 301a787a-a0d4-4989-9d5a-e389330ff44e -c vip_address -f value
openstack floating ip list --fixed-ip-address  -c "Floating IP Address" -f value

Scale up

openstack loadbalancer pool list
openstack loadbalancer member list 922266b9-63b2-4e91-ae87-9a6f16525839
kubectl get nodes -o wide
openstack coe cluster update kubernetes-cluster1 replace node_count=4

Get cluster configuration

# specify OpenStack cloud
export OS_CLOUD=dev-foo
# Get all cluster configurations
for CLUSTER in $(openstack coe cluster list -c name -f value); do
  mkdir -p ~/kubernetes/${CLUSTER}
  openstack coe cluster config ${CLUSTER} --dir ~/kubernetes/${CLUSTER} --force
# Export cluster configuration as default
export KUBECONFIG=~/kubernetes/clusterX/config
# fix Failed to create trustee or trust for Cluster:
#use unrestriced application credentials 
# Define default Kubernetes cluster and load configuration on login
ln -fs ~/kubernetes/clusterX ~/kubernetes/cluster
echo "export KUBECONFIG=~/kubernetes/cluster/config" >> ~/.bashrc

Deploy test container

# deploy nginx
kubectl create deployment nginx --image=nginx
kubectl scale deployment --replicas 2 nginx
kubectl get deployments -o wide
kubectl get pods -o wide
kubectl expose deployment nginx --type=LoadBalancer --name=nginx --port=80
kubectl get services -o wide
# deploy apache
kubectl create deployment httpd2 --image=httpd


openstack coe cluster list -c uuid -c status -f value | awk '/FAILED/ {print $1}'

Deploy cluster with Ansible

- name: Create Kubernetes cluster
    cloud: "{{ os_cloud }}"
    name: "{{ os_user }}-k8s-1.15.3-floating-ips"
    cluster_template_id: k8s-1.15.3-floating-ips
    keypair: "{{ os_user }}-key"
    master_count: 1
    node_count: 2

Show COE service state

openstack coe service list

Next: Kubernetes

#openstack-containers channel - old Fedora Atomic host images (deprected?)