tripleo

RHSM integration via Ansible

Registered by Emilien Macchi

RHSM support in TripleO has been implemented as a pre_deploy task, run one time during an intial deployment.
It has some limitations:
- Operators can't run the task after an initial deployment. For example, if pools need to be changed, it's impossible to do it now, because the task is only run when we create the overcloud and when we scale it up (script is run on new nodes only).
- Operators can't define a list of pools per TripleO roles. With composable roles, we allowed operators to deploy complex architectures (e.g. HCI), but they need to configure multiple pool on the hyperconverged compute nodes. The task doesn't support it now.
- Operators can't run the task when they want, the task is executed by Heat only.

That said, we think there is an area for improvment:
- We could write an Ansible role in charge of RHSM.
- The role would cover all use-cases required on the field.
- The role would become the "best practice" to configure RHSM (and hopefuly help to reduce the efforts to achieve the same goal).
- TripleO could consume this role by executing some playbooks, using the config-download and external_deploy_tasks interfaces (see https://review.openstack.org/#/c/511272).
- In general, it would be highly desirable to support the use of Ansible roles with the installer. This would allow the playbooks in the Heat templates to be greatly simplified, it allow us to leverage existing Ansible roles, and it would allow us to create Ansible content in a way that is sharable to the greater community and not only usable withing TripleO.

Condition of satisfaction:
- extraconfig/pre_deploy/rhel-registration/rhel-registration.yaml interface would be deprecated in Queens and removed in Rocky
a new composable service would be provided, tested (in CI) and documented (we also want to document the transition from old template). This new service could take care automatically of RHSM configuration on TripleO nodes. The playbooks will be idempotent and run anytime that overcloud configuration is changed.
- operators could run the playbooks manually at wish, if any change is required.

Links:
https://github.com/samdoran/ansible-role-redhat-subscription
https://review.openstack.org/#/c/511272

Blueprint information

Status:
Complete
Approver:
Emilien Macchi
Priority:
Medium
Drafter:
Emilien Macchi
Direction:
Approved
Assignee:
Emilien Macchi
Definition:
Approved
Series goal:
Accepted for rocky
Implementation:
Implemented
Milestone target:
milestone icon rocky-1
Started by
Emilien Macchi
Completed by
Emilien Macchi

Related branches

Sprints

Whiteboard

[2017-12-08] Moving out to Rocky. Please request FFE if this is needed for Queens.

Work landed in Queens and documented: https://docs.openstack.org/tripleo-docs/latest/install/advanced_deployment/rhsm.html

(?)

Work Items

Nearby

This blueprint contains Public information 
Everyone can see this information.