Basics
As with any Ansible playbook the CloudStack playbook is fairly self explanatory and self-documenting. In short the following will install Apache CloudStack version 4.3 or 4.4 with all required components as well as CloudMonkey for later configuration.
The playbook is written for CentOS base OS for all roles, with CloudStack using XenServer hypervisors and NFS storage.
The playbook relies on tags to separate the various tasks and roles, these are as follows:
- –tags=base:
- Installs and configures NTP.
- Configures SElinux.
- Configures both the CloudStack and EPEL yum repos.
- –tags=mysql:
- Installs and configures MySQL server.
- Appends CloudStack specific settings in /etc/my.cnf.
- Secures MySQL, i.e. carries out the same tasks as mysql_secure_installation.
- –tags=mysql3306:
- Opens iptables on tcp/3306, used when installing MySQL on separate node.
- –tags=csmanagement:
- Installs Apache CloudStack version 4.3 or 4.4 depending on prompted value at the start of the playbook run.
- Downloads and installs vhd-util on the CloudStack management host.
- Installs CloudMonkey on the Management server.
- Configures the CloudStack database.
- Completes management server installation (cloudstack-setup-management).
- Prepares secondary storage: mounts NFS share and populates system VM template as per prompted CloudStack version (4.3 / 4.4).
- –tags=csmanagementadd:
- Installs CloudStack management components on secondary and any further management servers.
- Repeats tasks from above which are relevant – in other words pretty much all of them apart from the DB configuration task.
For more background information on CloudStack installation please refer to the official CloudStack 4.3 or CloudStack 4.4 documentation.
Usage
First of all update the variables section at the start of the playbook:
- ManagementIP: IP address of the management server
- NFSHost: hostname or IP address of NFS secondary storage host
- NFSSecondaryShare: full path to exported secondary NFS share, e.g. /data/secondary1
The playbook is ran as normal with:
# ansible-playbook -i /etc/ansible/inventory/<ansible_inventory_file> --limit=<destination_host> /etc/ansible/cloudstack.yml --tags=base
Note on CloudStack 4.4
Although this playbook will successfully install CloudStack 4.4.2 I’ve not managed to get this working, the problem being with compatibility of vhd-util and possibly difference in the functionality between the Citrix installed vhd-util and the CloudStack installed version. Shanker Balan has some comments on this on his blog, but so far I’ve not managed to get it fully working due to problems with copying VM templates from secondary storage to primary XenServer SRs.
cloudstack.yml
Full code is maintained on Github – https://github.com/dagsonstebo/CloudStack-Ansible-Playbook.
--- ######################################################################################### # Copyright 2015 Dag Sonstebo # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. ######################################################################################### # # CLOUDSTACK INSTALLATION PLAYBOOK # # Installs and configures Apache CloudStack base components, MySQL, management # server and CloudMonkey, populates system VM templates for XenServer. # # Prereqs: # - CentOS management hosts and MySQL host(s), SSH keys in place for Ansible # - NFS secondary share # - Variables updated below. # # All roles combined in same playbook, run against different hosts using tags, e.g.: # # ansible-playbook -i <inventory_file> --limit=<target_host> cloudstack.yml --tags=base # # Playbook will prompt for: # - CS version (4.3 / 4.4). # - MySQL root password. # - Cloud DB password. # # Tags: # - base: Configures NTP, SElinux, CloudStack + EPEL repos, basics # - mysql: Installs, configures and secures MySQL, adds CS specific settings to my.cnf # - mysql3306: Enables MySQL tcp/3306 in iptables when running separate DB host. # - csmanagement: Installs and configures CloudStack. # - csmanagementadd: Used on secondary CloudStack management server. # # # v1.0 220115 DS ######################################################################################### - name: CloudStack Installation Playbook hosts: all ####################################################################################### # Prompt for CloudStack version + passwords # vars_prompt: - name: "CSVersion" prompt: "CloudStack version [4.3/4.4]" default: "4.3" private: no - name: "MySQLPass" prompt: "MySQL root password" private: yes - name: "CloudDBPass" prompt: "Cloud DB password" private: yes ####################################################################################### # Vars # vars: NTPServers: - 0.uk.pool.ntp.org - 1.uk.pool.ntp.org - 2.uk.pool.ntp.org - 3.uk.pool.ntp.org CSMySQL: MySQLRoot: root CloudDBUser: cloud CloudDBHost: localhost MaxConnections: 700 BindAddress: 0.0.0.0 CSManagement: ManagementIP: <management_IP_here> SecondaryMount: /secondary NFSHost: <NFS_hostname_or_IP_address_here> NFSSecondaryShare: <NFS_secondary_storage_share_here> SysTemplateURLurl43: http://download.cloud.com/templates/4.3/systemvm64template-2014-06-23-master-xen.vhd.bz2 SysTemplateURLurl44: http://cloudstack.apt-get.eu/systemvm/4.4/systemvm64template-4.4.1-7-kvm.qcow2.bz2 SysTemplateURLhv: xenserver VhdutilURL: http://download.cloud.com.s3.amazonaws.com/tools/vhd-util ####################################################################################### # Tasks # tasks: ####################################################### # Validate CS version and passwords # - name: Validate input - CloudStack version fail: msg="Incorrect CloudStack version." when: CSVersion not in [ "4.3", "4.4" ] tags: - csmanagement - name: Validate input - MySQL password fail: msg="Missing or incorrect MySQL password." when: MySQLPass is not defined or ( MySQLPass is defined and MySQLPass == "" ) tags: - mysql - name: Validate input - cloud DB password fail: msg="Missing or incorrect cloud DB password." when: CloudDBPass is not defined or ( CloudDBPass is defined and CloudDBPass == "" ) tags: - csmanagement - csmanagementadd ####################################################### # Fail if not ran on CentOS # Delete or comment out to bypass. # - name: Check guest OS version fail: msg="WARNING - CloudStack playbook written for CentOS (OS detected {{ ansible_distribution }})." when: ansible_distribution != "CentOS" tags: - base - mysql - csmanagement - csmanagementadd ####################################################### # Configure NTP # - name: Install NTP yum: name=ntp state=present tags: - ntp - base - name: Configure NTP file template: src=templates/ntp.conf.j2 dest=/etc/ntp.conf notify: restart ntp tags: - ntp - base - name: Start the NTP daemon service: name=ntpd state=started enabled=true tags: - ntp - base ####################################################### # Configure SElinux settings # - name: Set SELinux to permissive selinux: policy=targeted state=permissive tags: - selinux - base ####################################################### # Configure CloudStack yum repo # - name: Configure CloudStack repo template: src=templates/cloudstack.repo.j2 dest=/etc/yum.repos.d/cloudstack.repo mode=0644 tags: - base - yumrepo ####################################################### # Install additional RPMs: EPEL repo, python-pip # (required for cloudmonkey), vim # - name: Install EPEL repo / python-pip / vim yum: name={{ item }} state=present with_items: - epel-release - python-pip - vim tags: - epelrepo - base ####################################################### # Install and configure MySQL # - name: Install MySQL server yum: name=mysql-server state=present tags: - mysql - name: Install MySQL python module yum: name=MySQL-python state=present tags: - mysql ####################################################### # Append CloudStack specific settings to my.cnf # - name: Append CloudStack specific settings to my.cnf lineinfile: dest=/etc/my.cnf insertbefore="^\[mysqld_safe\]" line="# CloudStack MySQL settings\\ninnodb_rollback_on_timeout=1\\ninnodb_lock_wait_timeout=600\\nmax_connections={{ CSMySQL.MaxConnections }}\\nlog-bin=mysql-bin\\nbinlog-format = \\'ROW\\'\\nbind-address={{ CSMySQL.BindAddress }}\\n" state=present tags: - mysql ####################################################### # Start MySQL # - name: Start the MySQL daemon service: name=mysqld state=started enabled=true tags: - mysql ####################################################### # mysql_secure_installation # - name: Remove anonymous MySQL user for {{ ansible_hostname }} action: mysql_user user="" host="{{ ansible_hostname }}" state="absent" tags: - mysql - securemysql - name: Remove anonymous MySQL user for {{ ansible_fqdn }} action: mysql_user user="" host="{{ ansible_fqdn }}" state="absent" tags: - mysql - securemysql - name: Remove anonymous MySQL user for localhost action: mysql_user user="" state="absent" tags: - mysql - securemysql - name: Remove the MySQL test DB action: mysql_db db=test state=absent tags: - mysql - securemysql - name: Secure MySQL installation / change root user password mysql_user: login_user=root login_password='' name=root password={{ MySQLPass | mandatory }} priv=*.*:ALL,GRANT host={{ item }} with_items: - "{{ ansible_hostname }}" - "{{ ansible_fqdn }}" - 127.0.0.1 - ::1 - localhost tags: - mysql - securemysql ####################################################### # Open iptables port 3306, use when MySQL on separate server # - name: Open MySQL tcp 3306 shell: iptables -A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT notify: - save iptables tags: - mysql3306 ######################################################## # Install CloudStack Management server # - name: Confirm CloudStack installation debug: msg="Installing CloudStack {{ CSVersion | mandatory }}" tags: - csmanagement - csmanagementadd - name: Install CloudStack management server yum: name=cloudstack-management state=present tags: - csmanagement - csmanagementadd ####################################################### # Install vhd-util on management server # - name: Download vhd-util for Xenserver hypervisors get_url: url={{ CSManagement.VhdutilURL }} dest={{ item }} mode=0755 with_items: - /usr/share/cloudstack-common/scripts/vm/hypervisor/xenserver/ - /usr/share/cloudstack-common/scripts/vm/hypervisor/xenserver/xenserver60/ - /usr/share/cloudstack-common/scripts/vm/hypervisor/xenserver/xenserver62/ tags: - csmanagement - csmanagementadd ####################################################### # Install cloudmonkey # - name: Install CloudMonkey shell: pip install cloudmonkey tags: - csmanagement - csmanagementadd - cloudmonkey ####################################################### # Configure CloudStack DB # - name: Configure CloudStack database connectvity shell: cloudstack-setup-databases {{ CSMySQL.CloudDBUser }}:{{ CloudDBPass | mandatory }}@{{ CSMySQL.CloudDBHost }} --deploy-as={{ CSMySQL.MySQLRoot }}:{{ MySQLPass | mandatory }} -i {{ CSManagement.ManagementIP }}>> /root/cs_dbinstall.out 2>&1 tags: - csmanagement ####################################################### # Configure CloudStack DB on additional management server # - name: Configure CloudStack database connectvity on additional management server shell: cloudstack-setup-databases {{ CSMySQL.CloudDBUser }}:{{ CloudDBPass | mandatory }}@{{ CSMySQL.CloudDBHost }} -i {{ CSManagement.ManagementIP }}>> /root/cs_dbinstall.out 2>&1 tags: - csmanagementadd ####################################################### # Configure Management server - name: Configure CloudStack management server shell: cloudstack-setup-management >> /root/cs_mgmtinstall.out 2>&1 tags: - csmanagement - csmanagementadd ####################################################### # Mount secondary NFS share and install system VM # template. Check size of mounted folder before # installation to ensure previous data not being # overwritten. # - name: Mount NFS secondary storage mount: name={{ CSManagement.SecondaryMount }} src={{ CSManagement.NFSHost }}:{{ CSManagement.NFSSecondaryShare}} fstype=nfs state=mounted tags: - csmanagement - secstorage - name: Check size of mounted secondary storage template folder shell: du {{ CSManagement.SecondaryMount }}/template/ --max-depth=0 | awk '{print $1}' register: TemplateFolderSize tags: - csmanagement - secstorage ####################################################### # Download and install CS43 system VM template # - name: Download CloudStack 4.3 system VM template shell: /usr/share/cloudstack-common/scripts/storage/secondary/cloud-install-sys-tmplt -m {{ CSManagement.SecondaryMount }} -u {{ CSManagement.SysTemplateURLurl43 }} -h {{ CSManagement.SysTemplateURLhv }} -F when: TemplateFolderSize.stdout|int < 1024 and CSVersion == "4.3" tags: - csmanagement - secstorage ####################################################### # Download and install CS44 system VM template # - name: Download CloudStack 4.4 system template shell: /usr/share/cloudstack-common/scripts/storage/secondary/cloud-install-sys-tmplt -m {{ CSManagement.SecondaryMount }} -u {{ CSManagement.SysTemplateURLurl44 }} -h {{ CSManagement.SysTemplateURLhv }} -F when: TemplateFolderSize.stdout|int < 1024 and CSVersion == "4.4" tags: - csmanagement - secstorage ####################################################### # Unmount NFS share # - name: Umount NFS secondary storage mount: name={{ CSManagement.SecondaryMount }} src={{ CSManagement.NFSHost }}:{{ CSManagement.NFSSecondaryShare}} fstype=nfs state=absent tags: - csmanagement - secstorage ######################################################################################### # CloudStack handlers # handlers: # NTP restart - name: restart ntp service: name=ntpd state=restarted # Iptables restart - name: restart iptables service: name=iptables state=restarted # Save iptables - name: save iptables shell: /sbin/service iptables save notify: restart iptables
Templates
The templates are referenced in the /templates/ subfolder relative to where cloudstack.yml is stored.
ntp.conf.j2
# Ansible configured ntp.conf file. # {{ ansible_managed }} # driftfile /var/lib/ntp/drift restrict default kod nomodify notrap nopeer noquery restrict -6 default kod nomodify notrap nopeer noquery restrict 127.0.0.1 restrict -6 ::1 {% for ntp_host in NTPServers %} server {{ ntp_host }} iburst {% endfor %} includefile /etc/ntp/crypto/pw keys /etc/ntp/keys disable monitor
cloudstack.repo.j2
[cloudstack] name=cloudstack baseurl=http://cloudstack.apt-get.eu/rhel/{{ CSVersion }}/ enabled=1 gpgcheck=0
That’s it, have fun. CloudMonkey configuration playbook will follow shortly….