SW Installation in Single Server Deployment
Cloud Execution Environment

Contents

1Introduction
1.1Prerequisites
1.2Time Required

2
Temporary pre-Installation Steps
2.1CEE Deployment Fails If No DNS Server and Gateway IP Is Defined on fuel_ctrl_sp (Pre-Installation)

3
Install CEE Software in Server System

4
Temporary post-Installation Steps
4.1Fix DNS Resolution (Post-Installation)
4.2Core Dumps Are Created for a Process during Deployment
4.3Configure CPU Cores Reserved for OVS PMD Threads

5
Post-Installation Activities

6
Error Handling
Appendix

7
CA and NBI Certificates for Secure HTTPS Access

Reference List

1   Introduction

This document is part of the installation flow for the Cloud Execution Environment (CEE) single server deployment and describes how to install CEE software in a CEE region. Complete this procedure when directed here from CEE Installation:

  1. Start the procedure in CEE Installation.
  2. Continue with this document when directed here from CEE Installation.
  3. Return to CEE Installation and carry out the remaining steps.

For the complete installation flow, refer to section Installation Flow in CEE Installation.

This instruction assumes that a kickstart server is used. For the installation and testing of the kickstart server, refer to Preparation of Kickstart Server.

1.1   Prerequisites

This section describes the prerequisites that must be fulfilled before CEE software can be installed.

1.1.1   Documents

Activities in the following documents must be performed before the steps in this instruction are performed:

1.1.2   Hardware and Software Required

The required software can be downloaded from the SW Gateway. If you have problems with the download procedure, contact the next level of support.

The following software is always required:

The recommended installation method described in this document is using a kickstart server with Linux OS. For more information, refer to Preparation of Kickstart Server.

1.1.3   Tools

The following hardware tools are required:

1.1.4   Installation Data

The following data is needed:

Table 1    Installation Data

Data Type

Description

Passwords

Initial vFuel server root user password is r00tme (used for installation only)

Certificates

Certificates for the vCIC and Atlas Northbound Interfaces (NBIs), see Section 7

yaml files

Site-specific config.yaml in /mnt/cee_config, refer to Preparation of Kickstart Server and Configuration File Guide

Host networking configuration file (CEE_RELEASE/host_net_templates/host_nw_dell-single_server.yaml)

Neutron configuration file (CEE_RELEASE/neutron/neutron_ericsson_user_spec.yaml)

IP addresses

The local version of IP and VLAN Plan updated with customer and site-specific values

IP address for the kickstart server

IP addresses for vFuel in networks fuel_ctrl_sp and subrack_ctrl_sp,refer to the site-specific IP and VLAN Plan

1.2   Time Required

The expected execution time for the installation procedure is around three hours, in case all prerequisites are available.

2   Temporary pre-Installation Steps

This section describes limitations and workarounds to be performed before the installation.

There are no pre-installation steps in the current release for single server deployment.

2.1   CEE Deployment Fails If No DNS Server and Gateway IP Is Defined on fuel_ctrl_sp (Pre-Installation)

Note:  
This workaround is applicable for HP C7000 BL 460c Gen8/Gen9, Dell R620/R630, BSP, single server (Dell R630), and Ericsson Hyperscale Datacenter System (HDS) hardware platforms.

If the DNS server IP is set to a dummy IP or a server IP that does not provide actual DNS service (for example, Internet accessibility), Fuel takes an extremely long time to reach ready state. This time exceeds 2 hours, causing installation through installcee.sh to hang.

Associated trouble report: HV22423

Workaround: Perform the below procedure.

  1. Use dummy IP for DNS server in config.yaml on Fuel. For example: 100.100.100.100
  2. Remove the following files:
    • /etc/yum.repos.d/mos.update
    • /etc/yum.repos.d/mos.security
  3. Continue with CEE installation.

After the installation, remove the dummy IP by following the instructions in Section 4.1.

3   Install CEE Software in Server System

This section describes how to install CEE in the server system.

  1. Log on to the kickstart server.
  2. Check that vFuel is running in the kickstart server:

    virsh list --all

    Examples:

       
    root@fuelhost:~# virsh list --all

     Id    Name                           State

    ----------------------------------------------------

     2     fuel_master                     running

    root@fuelhost:~# virsh list --all

     Id    Name                           State

    ----------------------------------------------------

     -     fuel_master               shut off

    In case vFuel is in shut off state, start vFuel and wait until booting is complete:

    virsh start fuel_master

  3. Log on to vFuel using SSH:

    ssh root@<Fuel IP address in network fuel_ctrl_sp>

  4. Verify that the correct timezone, time and date have been set by using the below command:

    date

  5. Change the working directory to /opt/ecs-fuel-utils with following command:

    cd /opt/ecs-fuel-utils

  6. To ensure that the installation process is not interrupted, you may use a Screen session:

    # screen -S installcee -L

    If the connection to vFuel is lost, log on to vFuel again and reattach the screen session with the below command:

    # screen -r installcee

    Note:  
    The nohup option can cause installation failure and must not be used.

  7. Execute the following:

    ./installcee.sh

    The time required for command execution is approximately two hours.

    Check that the printout is the following:

    Ericsson CEE installed successfully

4   Temporary post-Installation Steps

This section describes limitations and workarounds to be performed after the installation.

4.1   Fix DNS Resolution (Post-Installation)

Note:  
This workaround is applicable for HP C7000 BL 460c Gen8/Gen9, Dell R620/R630, BSP, single server (Dell R630), and HDS hardware platforms.

If the DNS server IP is set to a dummy IP or a server IP that does not provide actual DNS service (Internet accessibility), Fuel takes an extremely long time to be in ready state. This time exceeds 2 hours, causing installation through installcee.sh to hang.

Associated trouble report: HV22423

Workaround: After the installation, remove the dummy IP from all the vCICs and Fuel from /etc/resolv.conf.

4.2   Core Dumps Are Created for a Process during Deployment

Note:  
This workaround is applicable for HP C7000 BL 460c Gen8/Gen9, Dell R620/R630, Blade Server Platform (BSP), single server (Dell R630), and HDS hardware platforms.

Due to an internal software error, certain processes create core dumps during deployment. The affected processes are rsyslog, autolog, ovsdb-client, and multipathd.

Associated trouble reports: HV42182, HV36121

Workaround: The core dumps can be removed after installation. To remove the core dumps, follow these steps:

  1. Try to access the node with the core dump using SSH:
    ssh <user_id>@<name_of_the_node IP address>

    The name of the node can be found in the alarm. If the personal user ID does not work, use the ceeadm user ID.

  2. If the node can be accessed, proceed to Step 4 and carry out all subsequent steps.
  3. If the node cannot be accessed, follow the instructions of the alarm OPI Compute Host Failed or CIC Failed.
  4. Issue the following command on the node:
    rm <path_to_the_core_dump>

    The full path to the core dump file can be found in the alarm.

4.3   Configure CPU Cores Reserved for OVS PMD Threads

Note:  
This workaround is applicable for all hardware platforms.

The idle CPU or CPUs allocated for OVS PMD threads need to be added to the argument list in the configure-interrupts upstart task to prevent the CPUs from serving interrupt requests. For more information on the limitation, refer to the documents Configuration File Guide and the relevant System Dimensioning Guide.

Associated trouble report: HV45059

Do the following on all Compute hosts:

  1. Add the idle CPUs to the noirqs argument list in /etc/default/configure-interrupts.conf
    Note:  
    The idle CPU or CPUs are allocated to the owner: idle under reservedCPUs, in the config.yaml; refer to the Configuration File Guide.

    The following is an example of the edited file, with the added CPUs marked in bold:

    root@compute-0-4:~# cat /etc/default/configure-interrupts
# Ansible managed: /usr/share/ericsson-orchestration/playbooks/roles/infra_eri_environment/templates/configure-interrupts.j2 modified on 2016-11-22 22:47:33 by root on fuel.domain.tld
ENABLED="yes"
ARGS="--noirqs=2,23,26,47"

    root@compute-0-4:~# cat /etc/default/configure-interrupts
# Ansible managed: /usr/share/ericsson-orchestration/playbooks/⇒
roles/infra_eri_environment/templates/configure-interrupts.j2 ⇒
modified on 2016-11-22 22:47:33 by root on fuel.domain.tld
ENABLED="yes"
ARGS="--noirqs=2,23,26,47"

  2. Re-run the configure-interrupts upstart job by executing the following command:
    start configure-interrupts

    The following is an example of the command and the expected output when the task is finished:

    root@compute-0-4:~# start configure-interrupts
configure-interrupts stop/waiting

    Note:  
    The expected output status is stop/waiting, as this is a one-time task.

5   Post-Installation Activities

Execute the following steps after the installation:

  1. Verify the version of CEE by executing the command cat /etc/cee_version.txt on the Fuel master node.

    The output has the following format:

    RELEASE=CEE CXC1737883_4-<build_number>
NAME=Mitaka on Ubuntu 14.04
VERSION=R6-<R-state>-<specific_build_number>-9.0

    An example of the output is the following:

    [root@fuel ~]# cat /etc/cee_version.txt RELEASE=CEE CXC1737883_4-4280
NAME=Mitaka on Ubuntu 14.04
VERSION=R6-R4A02-35547a3-9.0

[root@fuel ~]#

    Verify the CEE version by comparing build_number and R-state to Product Revision Information.

  2. Continue with the relevant sections of CEE Installation.

6   Error Handling

In case of any errors during the installation procedure, follow the below steps:

  1. Check the console for failure messages or reference to any logs that possibly contain failure messages. Refer to the Configuration File Guide for the location of logs.
  2. Fix possible problems.
  3. Copy the original network templates to the /mnt/cee_config directory.
    Note:  
    If this step is missed, VLANs and interfaces from the previous run will be used, which causes the newer configuration options to be skipped.

    On the vFuel node issue the following command:

    cp CEE_RELEASE/host_net_templates/host_nw_*.yaml /mnt/cee_config/

  4. Rerun installcee.sh and collect logs:

    ./installcee.sh 2>&1 | tee <file_name>.log

    Note:  
    The installcee command does not automatically delete an existing CEE Region (Fuel environment), so installation attempts with an existing Fuel environment will fail. In this case reinstall CEE with the below command:

    /installcee.sh --force


  5. The following scenarios are possible:
    • The cause of failure is identified, fixed, or the install succeeds.

      In this case, exit this procedure.

    • Or the cause of failure is not identified, fixed, or the install still fails for presumably the same reason.

      In this case, proceed to Step 6.

  6. Perform data collection according to the Data Collection Guideline.
  7. Contact the next level of support.

Appendix

7   CA and NBI Certificates for Secure HTTPS Access

Certification Authority (CA) and Northbound Interface (NBI) certificates are required for secure HTTPS access to CEE.

Make sure to perform the following tasks before starting the installation process:

  1. Choose a unique hostname for the vCIC NBI.
  2. Choose a unique hostname for the Atlas NBI.
  3. Obtain certificates for the NBIs from an authorized Certification Authority (CA).

    The following certificate files are needed:

    • CA certificate (or chain of certificates) of the organization issuing the Atlas NBI
    • CA certificate (or chain of certificates) of the organization issuing the vCIC NBI
    • Atlas NBI certificate
    • vCIC NBI certificate
    Note:  
    Atlas and vCIC certificates can be issued by the same CA, or by two separate CAs.

    The Common Name (CN) and at least one DNS entry in the Subject Alternate Name (SAN) attribute must contain the publicly known hostname chosen for the NBI, so that the certificate refers to this publicly known hostname. The private key belonging to the certificate cannot be encrypted.

  4. Concatenate the vCIC NBI certificate and private key into a single PEM format under /mnt/cee_config on vFuel. Perform the same for the Atlas NBI.

    ASCII format is preferred for the individual certificates.

    Note:  
    The pkcs12 binary format is commonly used. This output format contains multiple entities in a single binary file and uses encryption. Issue the below command to convert it to PEM format:

    openssl pkcs12 -in <inputfile> -out <outputfile> -nodes

    -nodes is needed to save the private key in unencrypted format, as encrypted private keys are not supported.

    In case other binary formats need to be converted, refer to Reference [1] or Reference [2].


  5. Update the config.yaml file with the necessary information. Refer to the Configuration File Guide for updating the publicly known hostname and other relevant options in the config.yaml file.
  6. Update the DNS resolver to contain the hostname and IP address pairs for the NBI.

Reference List

[1] SSL Support. https://support.ssl.com/Knowledgebase/Article/View/19/0/der-vs-crt-vs-cer-vs-pem-certificates-and-how-to-convert-them
[2] Thawte Licensing. https://search.thawte.com/support/ssl-digital-certificates/index?page=content&id=SO26449


Copyright

© Ericsson AB 2016. All rights reserved. No part of this document may be reproduced in any form without the written permission of the copyright owner.

Disclaimer

The contents of this document are subject to revision without notice due to continued progress in methodology, design and manufacturing. Ericsson shall have no liability for any error or damage of any kind resulting from the use of this document.

Trademark List
All trademarks mentioned herein are the property of their respective owners. These are shown in the document Trademark Information.

    SW Installation in Single Server Deployment         Cloud Execution Environment