Ansible is helping to change the way admins look after their infrastructure. It is flexible, simple to use, and powerful. Ansible uses a modular structure to deploy controlled pieces of code against infrastructure, utilizing thousands of available modules, providing everything from server management to network switch configuration.

With recent releases of Red Hat OpenStack Platform access to Ansible is included directly within the Red Hat OpenStack Platform subscription and installed by default with Red Hat OpenStack Platform director.

In this three-part series you'll learn ways to use Ansible to perform powerful pre and post deployment validations against your Red Hat OpenStack environment, utilizing the special validation scripts that ship with recent Red Hat OpenStack Platform releases.

Ansible, briefly ...

Ansible modules are commonly grouped into concise, targeted actions called playbooks. Playbooks allow you to create complex orchestrations using simple syntax and execute them against a targeted set of hosts. Operations use SSH which removes the need for agents or complicated client installations. Ansible is easy to learn and allows you to replace most of your existing shell loops and one-off scripts with a structured language that is extensible and reusable.

Introducing … OpenStack TripleO Validations

Red Hat ships a collection of pre-written Ansible playbooks to make cloud validation easier. These playbooks come from the OpenStack TripleO Validations project (upstream, github). The project was created out of a desire to share a standard set of validations for TripleO-based OpenStack installs. Since most operators already have many of their own infrastructure tests, sharing them with the community in a uniform way was the next logical step.

On Red Hat OpenStack Platform director, the validations are provided by the openstack-tripleo-validations RPM installed during a director install. There are many different tests for all parts of a deployment: prep, pre-introspection, pre-deployment, post-deployment and so on. Validation can be run in three different ways: directly with ansible-playbook, via the Mistral workflow execution, and thought the director UI.

Let’s Get Started!

Red Hat OpenStack Platform ships with an Ansible dynamic inventory creation script called tripleo-ansible-inventory. With it you can dynamically include all Undercloud and Overcloud hosts in your Ansible inventory. Dynamic inventory of hosts makes it easier to do administrative and troubleshooting tasks against infrastructure in a repeatable way. This helps manage things like server restarts, log gathering and environment validation. Here’s an example script, run on the director node, to get Ansible’s dynamic inventory setup quickly.

#!/bin/bash pushd /home/stack # Create a directory for ansible mkdir -p ansible/inventory pushd ansible # create ansible.cfg cat << EOF > ansible.cfg [defaults] inventory = inventory library = /usr/share/openstack-tripleo-validations/validations/library EOF # Create a dynamic inventory script cat << EOF > inventory/hosts #!/bin/bash # Unset some things in case someone has a V3 environment loaded unset OS_IDENTITY_API_VERSION unset OS_PROJECT_ID unset OS_PROJECT_NAME unset OS_USER_DOMAIN_NAME unset OS_IDENTITY_API_VERSION source ~/stackrc DEFPLAN=overcloud PLAN_NAME=\$(openstack stack list -f csv -c 'Stack Name' | tail -n 1 | sed -e 's/"//g') export TRIPLEO_PLAN_NAME=\${PLAN_NAME:-\$DEFPLAN} /usr/bin/tripleo-ansible-inventory \$* EOF chmod 755 inventory/hosts # run inventory/hosts.sh --list for example output cat << EOF >> ~/.ssh/config Host * StrictHostKeyChecking no EOF chmod 600 ~/.ssh/config

This script sets up a working directory for your Ansible commands and creates an Ansible configuration file called ansible.cfg, which includes the openstack-tripleo-validations playbooks in the Ansible library. This helps with running the playbooks easily. Next, the script creates the dynamic inventory file (~/inventory/hosts) by using /usr/bin/tripleo-ansible-inventory executed against the Overcloud’s Heat stack name.

You can run the inventory file with the --list flag to see what has been discovered:

[stack@undercloud inventory]$ /home/stack/ansible/inventory/hosts --list | jq '.' { "compute": [ "192.168.0.25", "192.168.0.34", "192.168.0.39", "192.168.0.35" ], "undercloud": { "vars": { "ansible_connection": "local", "overcloud_admin_password": "AAABBBCCCXXXYYYZZZ", "overcloud_horizon_url": "http://10.12.48.100:80/dashboard" }, "hosts": [ "localhost" ] }, "controller": [ "192.168.0.23", "192.168.0.27", "192.168.0.33" ], "overcloud": { "vars": { "ansible_ssh_user": "heat-admin" }, "children": [ "controller", "compute" ] } }

We now have a dynamically generated inventory as required, including groups, using the director’s standard controller and compute node deployment roles.

We’re now ready to run the validations!

Ready to go deeper with Ansible? Check out the latest collection of Ansible eBooks, including free samples from every title!

This is the end of the first part of our series. Check out Part 2 to learn how you can use this dynamic inventory file with the included validations playbooks!

The “Operationalizing OpenStack” series features real-world tips, advice, and experiences from experts running and deploying OpenStack.