How should I setup MAAS so that it can be used by the Canonical OpenStack Autopilot?

These are the networking requirements for a successful OpenStack Autopilot run.

Internet access

MAAS and its nodes will need to be able to reach the internet, or at least these sites (http and https):

  • maas.ubuntu.com
  • cloud-images.ubuntu.com
  • streams.canonical.com
  • an Ubuntu archive (archive.ubuntu.com or a mirror)
  • api.jujucharms.com
  • manage.jujucharms.com
  • jujucharms.com
  • store.juju.ubuntu.com
  • keyserver.ubuntu.com
  • ppa.launchpad.net
  • usn.ubuntu.com

If opening holes in a firewall, be mindful that these addresses may resolve to multiple IPs.

Network layout

There are two basic network layouts that we support. Let's call them "flat network" and "split network". In both these models, at least one node needs to have two network interfaces connected to networks that MAAS knows about. We will call them private and public networks.

Keep in mind that OpenStack floating IPs will always come from the public network.

In the following diagrams, the "cloud" that is above the router does not necessarily mean the Internet directly, just that eventually devices on this network can reach the Internet.

Flat network

The flat network model is the most basic one. Here we trick the system and simply say the public and private networks are the same and connect both NICs to it:

Flat network

OpenStack floating IPs will come from the same network as MAAS node IPs in this scenario.

Split network

In the split network topology, we have two actual distinct networks:

Split network

MAAS only manages the private network, for which it will setup DNS and DHCP, but it has to know about the public one. An easy way to handle that automatically is to just hook up a second NIC to the MAAS machine and connect it to the public network as shown. MAAS will then automatically know about it.

Installing MAAS

This is how the MAAS server should be installed:

  1. Install Ubuntu server 14.04 LTS on the machine you want to use for MAAS
  2. sudo add-apt-repository ppa:maas-maintainers/stable
  3. sudo apt-get update
  4. sudo apt-get install maas
  5. Access the MAAS UI at http://maas.ip/MAAS/ and follow the instructions to create the administrator, then login with those credentials
  6. Import disk images for 14.04 LTS (Trusty) 64 bits. This will take a few minutes, depending on your bandwidth.
  7. Add your SSH key to your user profile - http://maas.ip/MAAS/account/prefs/
  8. Go to the Networks tab in MAAS and verify that you have auto-created networks for each NIC of your MAAS server. You may have networks created for virtual interfaces like lxcbr0 or virbr0: we don't care about those, only about real physical interfaces.
  9. Fill in the missing details, like gateway and DNS, in the networks that were auto-created for each NIC

Configuring the MAAS cluster

  1. Click on the "Clusters" tab and then click on your cluster
  2. Choose a DNS zone name
  3. You should see a list of NICs on the machine. Click the edit symbol for the NIC that's connected to the private network, that is, the network where all the nodes are
  4. Set this NIC to manage DHCP and DNS.
  5. If needed, configure the IP, subnet mask, broadcast IP.
  6. Set the "Router IP" to the default gateway for this private network
  7. Carve up your network space into ranges like this:
    • for the split network case: dynamic range and static range
    • for the flat network case: dynamic range, static range and floating IP range

Where:

  • dynamic range: used by all the NICs in the nodes while they enlist and commission.
  • static range: used by nodes when they are allocated to a user
  • floating IP range: used by OpenStack floating IPs. This is not a MAAS configuration, but you should leave room for them

Save the changes.

Enlist and commission machines

  1. Ensure all other machines are set to PXE boot, if possible disable all other boot options (including local disk) in the BIOS
  2. Enlist the machines by powering them on. This can usually be done by some sort of virtual console. Eventually they will all appear in the node list in MAAS and be powered down again.
  3. Edit each machine in the nodes list and fill in the Power type and power parameters so that MAAS can turn them on and off as needed
  4. Select all of the machines and, using the Bulk action dropdown, Commission them
  5. Wait until all machines are commissioned (i.e. in Ready state)

MAAS networks

  1. Go to the Networks tab and verify that you have the nodes listed in what is your private network and with their respective NICs selected
  2. If using the flat network topology, the node that has two NICs should have been automatically detected as having both NICs connected to the network. Just verify that this is the case.
  3. If using the split network topology, edit the public network and look for the node that has two NICs. Select the NIC that is connected to the public network.

Testing things

To make sure juju can drive MAAS and provision machines, let's take it for a spin. It's best to try it out now and fix any issues before more complex services like the Autopilot make use of it.

On the machine being used to drive the installation, run these commands:

  1. sudo add-apt-repository ppa:juju/stable
  2. sudo apt-get update
  3. sudo apt-get install juju-core juju-deployer
  4. Follow Juju docs for configuring MAAS

The remainder of this document will assume that the MAAS Juju environment you just configured is the default one.

For a simple test, we will deploy Ubuntu to all nodes. On the machine that is driving the installation, run these commands:

  1. juju bootstrap this will use one of the MAAS nodes to bootstrap juju. It will take a few minutes to complete
  2. juju deploy ubuntu -n N deploy ubuntu to all remaining nodes. Replace N with the number of nodes minus one, which was used for the bootstrap above. This command returns after a few seconds, but it just starts the process.
  3. watch the nodes list in the MAAS UI. You should see nodes being allocated and deployed
  4. watch the output of juju status periodically until everything is started
  5. login into a random node via ssh and try to reach the internet from it. For example, try juju ssh ubuntu/0 and wget http://www.ubuntu.com from there
  6. if everything worked correctly, destroy the environment juju destroy-environment $(juju env)

MAAS is setup and ready to be used by the OpenStack Autopilot.