Merge pull request #6290 from tomassedovic/openstack-no-dns

Use IP addresses for OpenStack nodes

playbooks/openstack/README.md

@@ -6,7 +6,7 @@ etc.). The result is an environment ready for OpenShift installation
 via [openshift-ansible].
 
 We provide everything necessary to be able to install OpenShift on
-OpenStack (including the DNS and load balancer servers when
+OpenStack (including the load balancer servers when
 necessary). In addition, we work on providing integration with the
 OpenStack-native services (storage, lbaas, baremetal as a service,
 dns, etc.).
@@ -38,18 +38,6 @@ Optional:
 * External Neutron network with a floating IP address pool
 
 
-## DNS Requirements
-
-OpenShift requires DNS to operate properly. OpenStack supports DNS-as-a-service
-in the form of the Designate project, but the playbooks here don't support it
-yet. Until we do, you will need to provide a DNS solution yourself (or in case
-you are not running Designate when we do).
-
-If your server supports nsupdate, we will use it to add the necessary records.
-
-TODO(shadower): describe how to build a sample DNS server and how to configure
-our playbooks for nsupdate.
-
 
 ## Installation
 
@@ -57,14 +45,13 @@ There are four main parts to the installation:
 
 1. [Preparing Ansible and dependencies](#1-preparing-ansible-and-dependencies)
 2. [Configuring the desired OpenStack environment and OpenShift cluster](#2-configuring-the-openstack-environment-and-openshift-cluster)
-3. [Creating the OpenStack resources (VMs, networking, etc.)](#3-creating-the-openstack-resources-vms-networking-etc)
-4. [Installing OpenShift](#4-installing-openshift)
+3. [Creating the OpenStack Resources and Installing OpenShift](#3-creating-the-openstack-resources-and-installing-openshift)
 
 This guide is going to install [OpenShift Origin][origin]
 with [CentOS 7][centos7] images with minimal customisation.
 
-We will create the VMs for running OpenShift, in a new Neutron
-network, assign Floating IP addresses and configure DNS.
+We will create the VMs for running OpenShift, in a new Neutron network and
+assign Floating IP addresses.
 
 The OpenShift cluster will have a single Master node that will run
 `etcd`, a single Infra node and two App nodes.
@@ -156,14 +143,6 @@ $ vi inventory/group_vars/all.yml
 4. Set the `openshift_openstack_default_flavor` to the flavor you want your
    OpenShift VMs to use.
    - See `openstack flavor list` for the list of available flavors.
-5. Set the `openshift_openstack_dns_nameservers` to the list of the IP addresses
-   of the DNS servers used for the **private** address resolution.
-
-**NOTE ON DNS**: at minimum, the OpenShift nodes need to be able to access each
-other by their hostname.  OpenStack doesn't provide this by default, so you
-need to provide a DNS server. Put the address of that DNS server in
-`openshift_openstack_dns_nameservers` variable.
-
 
 
 
@@ -191,7 +170,7 @@ the [Sample OpenShift Inventory][sample-openshift-inventory] and
 the [advanced configuration][advanced-configuration].
 
 
-### 3. Creating the OpenStack resources (VMs, networking, etc.)
+### 3. Creating the OpenStack Resources and Installing OpenShift
 
 We provide an `ansible.cfg` file which has some useful defaults -- you should
 copy it to the directory you're going to run `ansible-playbook` from.
@@ -200,11 +179,11 @@ copy it to the directory you're going to run `ansible-playbook` from.
 $ cp openshift-ansible/ansible.cfg ansible.cfg
 ```
 
-Then run the provisioning playbook -- this will create the OpenStack
+Then run the provision + install playbook -- this will create the OpenStack
 resources:
 
 ```bash
-$ ansible-playbook --user openshift -i inventory openshift-ansible/playbooks/openstack/openshift-cluster/provision.yaml
+$ ansible-playbook --user openshift -i inventory openshift-ansible/playbooks/openstack/openshift-cluster/provision_install.yaml
 ```
 
 If you're using multiple inventories, make sure you pass the path to
@@ -214,15 +193,6 @@ If your SSH private key is not in `~/.ssh/id_rsa` use the `--private-key`
 option to specify the correct path.
 
 
-### 4. Installing OpenShift
-
-Run the `byo/config.yml` playbook on top of the OpenStack nodes we have
-prepared.
-
-```bash
-$ ansible-playbook -i inventory openshift-ansible/playbooks/byo/config.yml
-```
-
 
 ### Next Steps
 

playbooks/openstack/advanced-configuration.md

@@ -47,44 +47,42 @@ Otherwise, even if there are differences between the two versions, installation
 
 ## Accessing the OpenShift Cluster
 
-### Use the Cluster DNS
+### Configure DNS
 
-In addition to the OpenShift nodes, we created a DNS server with all
-the necessary entries. We will configure your *Ansible host* to use
-this new DNS and talk to the deployed OpenShift.
+OpenShift requires two DNS records to function fully. The first one points to
+the master/load balancer and provides the UI/API access. The other one is a
+wildcard domain that resolves app route requests to the infra node.
 
-First, get the DNS IP address:
+If you followed the default installation from the README section, there is no
+DNS configured. You should add two entries to the `/etc/hosts` file on the
+Ansible host (where you to do a quick validation. A real deployment will
+however require a DNS server with the following entries set.
 
-```bash
-$ openstack server show dns-0.openshift.example.com --format value --column addresses
-openshift-ansible-openshift.example.com-net=192.168.99.11, 10.40.128.129
-```
-
-Note the floating IP address (it's `10.40.128.129` in this case) -- if
-you're not sure, try pinging them both -- it's the one that responds
-to pings.
+First, run the `openstack server list` command and note the floating IP
+addresses of the *master* and *infra* nodes (we will use `10.40.128.130` for
+master and `10.40.128.134` for infra here).
 
-Next, edit your `/etc/resolv.conf` as root and put `nameserver DNS_IP` as your
-**first entry**.
-
-If your `/etc/resolv.conf` currently looks like this:
+Then add the following entries to your `/etc/hosts`:
 
 ```
-; generated by /usr/sbin/dhclient-script
-search openstacklocal
-nameserver 192.168.0.3
-nameserver 192.168.0.2
+10.40.128.130 console.openshift.example.com
+10.40.128.134 cakephp-mysql-example-test.apps.openshift.example.com
 ```
 
-Change it to this:
+This points the cluster domain (as defined in the
+`openshift_master_cluster_public_hostname` Ansible variable in `OSEv3`) to the
+master node and any routes for deployed apps to the infra node.
+
+If you deploy another app, it will end up with a different URL (e.g.
+myapp-test.apps.openshift.example.com) and you will need to add that too.  This
+is why a real deployment should always run a DNS where the second entry will be
+a wildcard `*.apps.openshift.example.com).
+
+This will be sufficient to validate the cluster here.
+
+Take a look at the [External DNS](#dns-configuration-variables) section for
+configuring a DNS service.
 
-```
-; generated by /usr/sbin/dhclient-script
-search openstacklocal
-nameserver 10.40.128.129
-nameserver 192.168.0.3
-nameserver 192.168.0.2
-```
 
 ### Get the `oc` Client
 

playbooks/openstack/sample-inventory/group_vars/OSEv3.yml

@@ -5,8 +5,7 @@ openshift_deployment_type: origin
 openshift_master_default_subdomain: "apps.{{ openshift_openstack_clusterid }}.{{ openshift_openstack_public_dns_domain }}"
 
 openshift_master_cluster_method: native
-openshift_master_cluster_hostname: "console.{{ openshift_openstack_clusterid }}.{{ openshift_openstack_public_dns_domain }}"
-openshift_master_cluster_public_hostname: "{{ openshift_master_cluster_hostname }}"
+openshift_master_cluster_public_hostname: "console.{{ openshift_openstack_clusterid }}.{{ openshift_openstack_public_dns_domain }}"
 
 osm_default_node_selector: 'region=primary'
 

playbooks/openstack/sample-inventory/group_vars/all.yml

@@ -10,7 +10,6 @@ openshift_openstack_dns_nameservers: []
 #openshift_openstack_node_hostname: "app-node"
 #openshift_openstack_lb_hostname: "lb"
 #openshift_openstack_etcd_hostname: "etcd"
-#openshift_openstack_dns_hostname: "dns"
 
 openshift_openstack_keypair_name: "openshift"
 openshift_openstack_external_network_name: "public"
@@ -34,7 +33,6 @@ openshift_openstack_external_network_name: "public"
 #openshift_openstack_node_image_name: "centos7"
 #openshift_openstack_lb_image_name: "centos7"
 #openshift_openstack_etcd_image_name: "centos7"
-#openshift_openstack_dns_image_name: "centos7"
 openshift_openstack_default_image_name: "centos7"
 
 openshift_openstack_num_masters: 1
@@ -49,7 +47,6 @@ openshift_openstack_num_nodes: 2
 #openshift_openstack_node_flavor: "m1.medium"
 #openshift_openstack_lb_flavor: "m1.medium"
 #openshift_openstack_etcd_flavor: "m1.medium"
-#openshift_openstack_dns_flavor: "m1.medium"
 openshift_openstack_default_flavor: "m1.medium"
 
 # # Numerical index of nodes to remove
@@ -62,7 +59,6 @@ openshift_openstack_default_flavor: "m1.medium"
 #openshift_openstack_docker_infra_volume_size: "15"
 #openshift_openstack_docker_node_volume_size: "15"
 #openshift_openstack_docker_etcd_volume_size: "2"
-#openshift_openstack_docker_dns_volume_size: "1"
 #openshift_openstack_docker_lb_volume_size: "5"
 openshift_openstack_docker_volume_size: "15"
 
@@ -110,7 +106,6 @@ openshift_openstack_subnet_prefix: "192.168.99"
 
 
 # # Roll-your-own DNS
-#openshift_openstack_num_dns: 0
 #openshift_openstack_external_nsupdate_keys:
 #  public:
 #    key_secret: 'SKqKNdpfk7llKxZ57bbxUnUDobaaJp9t8CjXLJPl+fRI5mPcSBuxTAyvJPa6Y9R7vUg9DwCy/6WTpgLNqnV4Hg=='
@@ -121,10 +116,6 @@ openshift_openstack_subnet_prefix: "192.168.99"
 #    key_algorithm: 'hmac-md5'
 #    server: '192.168.1.2'
 
-# # Customize DNS server security options
-#named_public_recursion: 'no'
-#named_private_recursion: 'yes'
-
 
 # NOTE(shadower): Do not change this value. The Ansible user is currently
 # hardcoded to `openshift`.

playbooks/openstack/sample-inventory/inventory.py

@@ -79,10 +79,19 @@ def build_inventory():
 
         public_v4 = server.public_v4 or server.private_v4
         if public_v4:
-            hostvars['public_v4'] = public_v4
+            hostvars['public_v4'] = server.public_v4
+            hostvars['openshift_public_ip'] = server.public_v4
         # TODO(shadower): what about multiple networks?
         if server.private_v4:
             hostvars['private_v4'] = server.private_v4
+            # NOTE(shadower): Yes, we set both hostname and IP to the private
+            # IP address for each node. OpenStack doesn't resolve nodes by
+            # name at all, so using a hostname here would require an internal
+            # DNS which would complicate the setup and potentially introduce
+            # performance issues.
+            hostvars['openshift_ip'] = server.private_v4
+            hostvars['openshift_hostname'] = server.private_v4
+        hostvars['openshift_public_hostname'] = server.name
 
         node_labels = server.metadata.get('node_labels')
         if node_labels: