參考文檔:
Kolla-ansible自動化部署openstack - 小李222 - 博客園 (cnblogs.com)
https://docs.openstack.org/kolla-ansible/latest/user/quickstart.html#官方安裝手冊
Kolla-ansible自動化部署openstack
一、準備工作(模擬all-in-one部署)
eth0:? ?192.168.100.194
eth1:? ?10.0.0.202
hostnamectl set-hostname? kolla
systemctl stop firewalld && systemctl disable firewalld
systemctl stop NetworkManager && systemctl disable NetworkManager
setenforce 0
vi /etc/sysconfig/selinux
vi /etc/hosts
?192.168.100.194? kolla
ssh-keygen -t rsa(一直按回車)
ssh-copy-id kolla
vi /etc/resolv.conf
nameserver 114.114.114.114
二、環境準備
yum -y install vim wget net-tools
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum -y install python-devel libffi-devel gcc openssl-devel libselinux-python
yum -y install python-pip
mkdir ~/.pip
cat << EOF > ~/.pip/pip.conf
[global]
index-url = https://mirrors.aliyun.com/pypi/simple/
[install]
trusted-host=mirrors.aliyun.com
EOF
pip install --upgrade pip==20.3.4
pip install ansible==2.9.0
mkdir /etc/ansible/
cat << EOF > /etc/ansible/ansible.cfg
[defaults]
host_key_checking=False
pipelining=True
forks=100
EOF
1、安裝python環境相關依賴包
yum -y install python-devel libffi-devel gcc openssl-devel libselinux-python
yum -y install python-pip
mkdir ~/.pip
cat << EOF > ~/.pip/pip.conf
[global]
index-url = https://mirrors.aliyun.com/pypi/simple/
[install]
trusted-host=mirrors.aliyun.com
EOF
pip install --upgrade pip==20.3.4
yum install -y yum-utils device-mapper-persistent-data lvm2
yum -y install nfs-utils
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sudo sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
yum makecache fast
yum -y install docker-ce-20.10.5
systemctl enable docker && systemctl restart docker && systemctl status docker
所謂共享掛載即同一個目錄或設備可以掛載到多個不同的路徑并且能夠保持互相之間的共享可見性,類似于 mount --shared。在 OpenStack for Kolla 中,主要解決 Neutron 的 namespace 在不同 container 中得以保持實效性的問題。
mkdir -p /etc/systemd/system/docker.service.d
cat << EOF > /etc/systemd/system/docker.service.d/kolla.conf
[Service]
MountFlags=shared
EOF
systemctl daemon-reload && systemctl restart docker && systemctl status docker
mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<? EOF
{
? ? "registry-mirrors" : [
? ? "https://registry.docker-cn.com",
? ? "https://docker.mirrors.ustc.edu.cn",
? ? "http://hub-mirror.c.163.com",
? ? "https://cr.console.aliyun.com/"
? ]
}
EOF
systemctl daemon-reload && systemctl restart docker
三、部署openstack
pip install kolla-ansible==9.3.0 --ignore-installed PyYAML
注:官方推薦部署環境使用 pip install kolla-ansible 方式來安裝 kolla-ansible
? ? ? ? ? ? ? ? ? ? ##以上安裝出錯解決方法(依次試驗)
? ? ? ? ? ? ? ? ? ? ? ? ?????????????????????1. pip install -U prb
????????????????????如果出錯嘗試? ?2.? pip2 install --upgrade setuptools
????????????????????如果還出錯,就安裝以下軟件
? ? ? ? ?????????????????????????????????3.? ?pip2 install --upgrade pip
? ? ? ? ? ? ? ? ? ? ? ? ????????????????????????pip2 install django-import-export
cp -r /usr/share/kolla-ansible/etc_examples/kolla /etc/
cp /usr/share/kolla-ansible/ansible/inventory/multinode /etc/kolla/
ls /etc/kolla/
實現效果:
ls /etc/kolla
globals.yml multinode passwords.yml
kolla-genpwd
修改keystone和數據庫的密碼(163行)
vi /etc/kolla/passwords.yml
163 keystone_admin_password: HsPbEQHxTqmewKYNoRPpIOyQNdEYpHy36OX67TG3
164 keystone_database_password:7h1UDflKQmD1c6hQ9q7oyDdKfZTFlNAQYuXz148C
改為:
keystone_admin_password: 000000
keystone_database_password: 000000
注:這是登錄 Dashboard,admin 使用的密碼,你可以根據自己需要進行修改。密碼前注意空格
vi /etc/kolla/globals.yml
kolla_base_distro: "centos"
kolla_install_type: "binary"
openstack_release: "train"
node_custom_config: "/etc/kolla/config"
kolla_internal_vip_address: "192.168.100.55"? ?#--->不存在主機的IP地址
docker_namespace: "kolla"
network_interface: "eth0"? ? #--->管理網絡出口網卡
api_interface: "{{ network_interface }}"
neutron_external_interface: "eth1"? ? #--->外部網絡網卡
neutron_plugin_agent: "openvswitch"
enable_haproxy: "yes"
enable_ceph: "no"
enable_chrony: "no"
enable_cinder: "yes"
enable_grafana: "yes"
enable_heat: "no"
enable_mariabackup: "yes"
enable_neutron_dvr: "yes"
enable_neutron_fwaas: "yes"
enable_neutron_qos: "yes"
enable_neutron_provider_networks: "yes"
glance_backend_ceph: "no"
glance_enable_rolling_upgrade: "no"
cinder_backend_ceph: "no"
cinder_backup_driver: "nfs"
nova_backend_ceph: "no"
prometheus_cmdline_extras: "-storage.local.retention 720h"
nova_console: "novnc"
nova_compute_virt_type: "kvm"
enable_cinder_backup: "yes"
enable_cinder_backend_nfs: "yes"
enable_ceilometer: "yes"
enable_gnocchi: "yes"
enable_grafana: "yes"
enable_ceilometer_ipmi: "yes"
enable_horizon_zun: "{{ enable_zun | bool }}"
enable_zun: "yes"
enable_opendaylight: "yes"
enable_opendaylight_qos: "yes"
enable_opendaylight_l3: "yes"
enable_horizon_fwaas: "{{ enable_neutron_fwaas | bool }}"
enable_kuryr: "yes"
kolla_dev_mode: "yes"
heat_dev_mode: "yes"
修改為所有節點的主機名或IP地址,根據hosts來
我的主機名為:kolla
# These initial groups are the only groups required to be modified. The
# additional groups are for more control of the environment.
[control]
# These hostname must be resolvable from your deployment host
kolla
# The above can also be specified as follows:
#control[01:03] ansible_user=kolla
# The network nodes are where your l3-agent and loadbalancers will run
# This can be the same as a host in the control group
[network]
kolla
[compute]
kolla
[monitoring]
kolla
# When compute nodes and control nodes use different interfaces,
# you need to comment out "api_interface" and other interfaces from the globals.yml
# and specify like below:
#compute01 neutron_external_interface=eth0 api_interface=em1 storage_interface=em1 tunnel_interface=em1
[storage]
kolla
[deployment]
localhost ansible_connection=local
[baremetal:children]
control
network
compute
storage
monitoring
........
注:如果主機數較多可以使用正則表達式;例如:
[openstack-controller]
controller[01:03]
(1)檢查multinode配置是否正確,實現ping通各個主機
ansible -i /etc/kolla/multinode all -m ping
無報錯顯示
(2)部署檢查
kolla-ansible -i /etc/kolla/multinode bootstrap-servers
無報錯顯示結果
kolla-ansible -i /etc/kolla/multinode prechecks
無報錯顯示結果
1、創建好磁盤掛載目錄:mkdir -p /data/openstack/cinder
2、把磁盤掛載到目錄上:mount /dev/sdb /data
3、創建對接cinder磁盤的文件:mkdir -p /etc/kolla/config
vi ?/etc/kolla/config/nfs_shares
192.168.100.194:/data/openstack_data/cinder
vi /etc/exports
/data/openstack *(rw,no_root_squash)
先安裝版本不匹配的組件
pip install -I ipaddress
安裝openstack客戶端
pip install python-openstackclient
kolla-ansible -i /etc/kolla/multinode deploy
出現報錯error
TASK [Cloning neutron source repository for development] ***************************
fatal: [kolla]: FAILED! => {"changed": false, "cmd": "/usr/bin/git clone --origin origin https://opendev.org/openstack/neutron /opt/stack/neutron", "msg": "fatal: unable to access 'https://opendev.org/openstack/neutron/': Could not resolve host: opendev.org; Unknown error", "rc": 128, "stderr": "fatal: unable to access 'https://opendev.org/openstack/neutron/': Could not resolve host: opendev.org; Unknown error\n", "stderr_lines": ["fatal: unable to access 'https://opendev.org/openstack/neutron/': Could not resolve host: opendev.org; Unknown error"], "stdout": "Cloning into '/opt/stack/neutron'...\n", "stdout_lines": ["Cloning into '/opt/stack/neutron'..."]}
太晚了,未能解決
目前進度》》》》
kolla-ansible post-deploy
cat /etc/kolla/admin-openrc.sh
11、訪問openstack horizon需要使用vip地址,節點上可以看到由keepalived容器生成的vip
瀏覽器直接訪問該地址即可登錄到dashboard界面
http:vip地址
登錄賬號:admin
密碼:000000(根據passwords.yml中的keystone_admin_password: 000000)
kolla部署openstack完成
部分報錯
1問題:
[root@kolla ~]# pip install -U ansible
DEPRECATION: Python 2.7 reached the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 is no longer maintained. pip 21.0 will drop support for Python 2.7 in January 2021. More details about Python 2 support in pip can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support pip 21.0 will remove support for this functionality.
Collecting ansible
? Downloading ansible-4.10.0.tar.gz (36.8 MB)
? ? |████████████████████████████████| 36.8 MB 71 kB/s
? ? ERROR: Command errored out with exit status 1:
? ? command: /usr/bin/python -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-D1VBWD/ansible/setup.py'"'"'; __file__='"'"'/tmp/pip-install-D1VBWD/ansible/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' egg_info --egg-base /tmp/pip-pip-egg-info-ZKMLrq
? ? ? ? cwd: /tmp/pip-install-D1VBWD/ansible/
? ? Complete output (5 lines):
? ? /usr/lib64/python2.7/distutils/dist.py:267: UserWarning: Unknown distribution option: 'project_urls'
? ? ? warnings.warn(msg)
? ? /usr/lib64/python2.7/distutils/dist.py:267: UserWarning: Unknown distribution option: 'python_requires'
? ? ? warnings.warn(msg)
? ? error in ansible setup command: 'install_requires' must be a string or list of strings containing valid project/version requirement specifiers
? ? ----------------------------------------
ERROR: Command errored out with exit status 1: python setup.py egg_info Check the logs for full command output.
1解決:
yum install -y ansible
2問題:?
[root@kolla ~]# pip install -U pip
Collecting pip
? Using cached https://files.pythonhosted.org/packages/ba/19/e63fb4e0d20e48bd2167bb7e857abc0e21679e24805ba921a224df8977c0/pip-23.2.1.tar.gz
? ? Complete output from command python setup.py egg_info:
? ? Traceback (most recent call last):
? ? ? File "<string>", line 1, in <module>
? ? ? File "/tmp/pip-build-a7_xbA/pip/setup.py", line 7
? ? ? ? def read(rel_path: str) -> str:
? ? ? ? ? ? ? ? ? ? ? ? ^
? ? SyntaxError: invalid syntax
? ? ----------------------------------------
Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-build-a7_xbA/pip/
You are using pip version 8.1.2, however version 23.2.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
2解決:
python -m pip install --upgrade pip==20.3.4
3.問題:
[root@kolla ~]# pip install kolla-ansible -i https://pypi.tuna.tsinghua.edu.cn/simple --ignore-installed netaddr
cp -r /usr/share/kolla-ansible/etc_examples/kolla /etc/kolla/
cp /usr/share/kolla-ansible/ansible/inventory/* .DEPRECATION: Python 2.7 reached the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 is no longer maintained. pip 21.0 will drop support for Python 2.7 in January 2021. More details about Python 2 support in pip can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support pip 21.0 will remove support for this functionality.
Looking in indexes: https://pypi.tuna.tsinghua.edu.cn/simple
WARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)'),)': /simple/kolla-ansible/
WARNING: Retrying (Retry(total=3, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)'),)': /simple/kolla-ansible/
WARNING: Retrying (Retry(total=2, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)'),)': /simple/kolla-ansible/
WARNING: Retrying (Retry(total=1, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)'),)': /simple/kolla-ansible/
WARNING: Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)'),)': /simple/kolla-ansible/
Could not fetch URL https://pypi.tuna.tsinghua.edu.cn/simple/kolla-ansible/: There was a problem confirming the ssl certificate: HTTPSConnectionPool(host='pypi.tuna.tsinghua.edu.cn', port=443): Max retries exceeded with url: /simple/kolla-ansible/ (Caused by SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)'),)) - skipping
ERROR: Could not find a version that satisfies the requirement kolla-ansible (from versions: none)
ERROR: No matching distribution found for kolla-ansible
3解決:
以上提示沒有證書的問題,采用其他方法解決
pip install --upgrade pip
pip install kolla-ansible -i https://pypi.tuna.tsinghua.edu.cn/simple --trusted-host pypi.tuna.tsinghua.edu.cn --ignore-installed netaddr --cert /path/to/your/certificate.pem
4 問題:
fatal: [kolla]: FAILED! => {"changed": true, "msg": "'Traceback (most recent call last):\\n File \"/tmp/ansible_kolla_docker_payload_TYLEie/ansible_kolla_docker_payload.zip/ansible/modules/kolla_docker.py\", line 1027, in main\\n File \"/tmp/ansible_kolla_docker_payload_TYLEie/ansible_kolla_docker_payload.zip/ansible/modules/kolla_docker.py\", line 906, in ensure_image\\n File \"/tmp/ansible_kolla_docker_payload_TYLEie/ansible_kolla_docker_payload.zip/ansible/modules/kolla_docker.py\", line 571, in pull_image\\n File \"/usr/lib/python2.7/site-packages/docker/api/image.py\", line 430, in pull\\n self._raise_for_status(response)\\n File \"/usr/lib/python2.7/site-packages/docker/api/client.py\", line 270, in _raise_for_status\\n raise create_api_error_from_http_exception(e)\\n File \"/usr/lib/python2.7/site-packages/docker/errors.py\", line 31, in create_api_error_from_http_exception\\n raise cls(e, response=response, explanation=explanation)\\nImageNotFound: 404 Client Error for http+docker://localhost/v1.41/images/create?tag=train&fromImage=kolla%2Fcentos-sourse-fluentd: Not Found (\"pull access denied for kolla/centos-sourse-fluentd, repository does not exist or may require \\'docker login\\': denied: requested access to the resource is denied\")\\n'"}
4 解決:?
在kolla-ansible部署openstack中途出現該問題,原因是無法在dokcer hub中未能找到某鏡像(centos-sourse-fluentd),本人通過以下方法解決
將/etc/kolla/globals.yml內容切換再重新執行kolla-ansible -i /etc/kolla/multinode deploy? 應該能解決
vi /etc/kolla/globals.yml
kolla_base_distro: "centos"
kolla_install_type: "binary"
openstack_release: "train"
node_custom_config: "/etc/kolla/config"
kolla_internal_vip_address: "192.168.100.55"? ?#--->不存在主機的IP地址
docker_namespace: "kolla"
network_interface: "eth0"? ? #--->管理網絡出口網卡
api_interface: "{{ network_interface }}"
neutron_external_interface: "eth1"? ? #--->外部網絡網卡
neutron_plugin_agent: "openvswitch"
enable_haproxy: "yes"
enable_ceph: "no"
enable_chrony: "no"
enable_cinder: "yes"
enable_grafana: "yes"
enable_heat: "no"
enable_mariabackup: "yes"
enable_neutron_dvr: "yes"
enable_neutron_fwaas: "yes"
enable_neutron_qos: "yes"
enable_neutron_provider_networks: "yes"
glance_backend_ceph: "no"
glance_enable_rolling_upgrade: "no"
cinder_backend_ceph: "no"
cinder_backup_driver: "nfs"
nova_backend_ceph: "no"
prometheus_cmdline_extras: "-storage.local.retention 720h"
nova_console: "novnc"
nova_compute_virt_type: "kvm"
enable_cinder_backup: "yes"
enable_cinder_backend_nfs: "yes"
enable_ceilometer: "yes"
enable_gnocchi: "yes"
enable_grafana: "yes"
enable_ceilometer_ipmi: "yes"
enable_horizon_zun: "{{ enable_zun | bool }}"
enable_zun: "yes"
enable_opendaylight: "yes"
enable_opendaylight_qos: "yes"
enable_opendaylight_l3: "yes"
enable_horizon_fwaas: "{{ enable_neutron_fwaas | bool }}"
enable_kuryr: "yes"
kolla_dev_mode: "yes"
heat_dev_mode: "yes"
5 問題:
TASK [Cloning neutron source repository for development] ***************************
fatal: [kolla]: FAILED! => {"changed": false, "cmd": "/usr/bin/git clone --origin origin https://opendev.org/openstack/neutron /opt/stack/neutron", "msg": "fatal: unable to access 'https://opendev.org/openstack/neutron/': Could not resolve host: opendev.org; Unknown error", "rc": 128, "stderr": "fatal: unable to access 'https://opendev.org/openstack/neutron/': Could not resolve host: opendev.org; Unknown error\n", "stderr_lines": ["fatal: unable to access 'https://opendev.org/openstack/neutron/': Could not resolve host: opendev.org; Unknown error"], "stdout": "Cloning into '/opt/stack/neutron'...\n", "stdout_lines": ["Cloning into '/opt/stack/neutron'..."]}
5解決:?
錯誤提示是因為無法解析主機名opendev.org,可能是網絡連接問題或者DNS解析問題導致的
未能解決