kolla部署openstack

參考文檔:

Kolla-ansible自動化部署openstack - 小李222 - 博客園 (cnblogs.com)

https://docs.openstack.org/kolla-ansible/latest/user/quickstart.html#官方安裝手冊


Kolla-ansible自動化部署openstack

一、準備工作(模擬all-in-one部署)

1、配置好網卡IP(至少2張網卡)

eth0:? ?192.168.100.194

eth1:? ?10.0.0.202

2、修改主機名

hostnamectl set-hostname? kolla

3、關閉防火墻、NM服務、selinux

systemctl stop firewalld && systemctl disable firewalld

systemctl stop NetworkManager && systemctl disable NetworkManager

setenforce 0

vi /etc/sysconfig/selinux

4、把節點IP寫入hosts

vi /etc/hosts

?192.168.100.194? kolla

5、做主機信任

ssh-keygen -t rsa(一直按回車)

ssh-copy-id kolla

6、修改DNS

vi /etc/resolv.conf

nameserver 114.114.114.114

二、環境準備

(1)部署節點

1、安裝使用工具

yum -y install vim wget net-tools

2、更新base源和下載epel源

wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo

wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

3、安裝python環境相關依賴包

yum -y install python-devel libffi-devel gcc openssl-devel libselinux-python

4、安裝python-pip

yum -y install python-pip

5、配置國內的pip源

mkdir ~/.pip

cat << EOF > ~/.pip/pip.conf

[global]

index-url = https://mirrors.aliyun.com/pypi/simple/

[install]

trusted-host=mirrors.aliyun.com

EOF

6、升級pip

pip install --upgrade pip==20.3.4

7、安裝ansible

pip install ansible==2.9.0

8、修改ansible配置文件

mkdir /etc/ansible/

cat << EOF > /etc/ansible/ansible.cfg

[defaults]

host_key_checking=False

pipelining=True

forks=100

EOF

所有節點都做

1、安裝python環境相關依賴包

yum -y install python-devel libffi-devel gcc openssl-devel libselinux-python

2、安裝python-pip

yum -y install python-pip

3、配置國內的pip源

mkdir ~/.pip

cat << EOF > ~/.pip/pip.conf

[global]

index-url = https://mirrors.aliyun.com/pypi/simple/

[install]

trusted-host=mirrors.aliyun.com

EOF

4、升級pip

pip install --upgrade pip==20.3.4

5、安裝必要的部署工具

yum install -y yum-utils device-mapper-persistent-data lvm2

yum -y install nfs-utils

6、添加軟件源信息

yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

sudo sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo

7、更新并安裝Docker-CE

yum makecache fast

yum -y install docker-ce-20.10.5

systemctl enable docker && systemctl restart docker && systemctl status docker

8、配置docker共享掛載

所謂共享掛載即同一個目錄或設備可以掛載到多個不同的路徑并且能夠保持互相之間的共享可見性,類似于 mount --shared。在 OpenStack for Kolla 中,主要解決 Neutron 的 namespace 在不同 container 中得以保持實效性的問題。

mkdir -p /etc/systemd/system/docker.service.d

cat << EOF > /etc/systemd/system/docker.service.d/kolla.conf

[Service]

MountFlags=shared

EOF

systemctl daemon-reload && systemctl restart docker && systemctl status docker

9、配置docker鏡像加速器

mkdir -p /etc/docker

sudo tee /etc/docker/daemon.json <<? EOF

{

? ? "registry-mirrors" : [

? ? "https://registry.docker-cn.com",

? ? "https://docker.mirrors.ustc.edu.cn",

? ? "http://hub-mirror.c.163.com",

? ? "https://cr.console.aliyun.com/"

? ]

}

EOF

systemctl daemon-reload && systemctl restart docker

三、部署openstack

部署節點

1、安裝kolla-ansible

pip install kolla-ansible==9.3.0 --ignore-installed PyYAML

注:官方推薦部署環境使用 pip install kolla-ansible 方式來安裝 kolla-ansible

? ? ? ? ? ? ? ? ? ? ##以上安裝出錯解決方法(依次試驗)

? ? ? ? ? ? ? ? ? ? ? ? ?????????????????????1. pip install -U prb

????????????????????如果出錯嘗試? ?2.? pip2 install --upgrade setuptools

????????????????????如果還出錯,就安裝以下軟件

? ? ? ? ?????????????????????????????????3.? ?pip2 install --upgrade pip

? ? ? ? ? ? ? ? ? ? ? ? ????????????????????????pip2 install django-import-export

2、復制kolla-ansible相關配置文件

cp -r /usr/share/kolla-ansible/etc_examples/kolla /etc/

cp /usr/share/kolla-ansible/ansible/inventory/multinode /etc/kolla/

ls /etc/kolla/

實現效果:

ls /etc/kolla

globals.yml multinode passwords.yml

3、自動生成各服務的密碼文件

kolla-genpwd

修改keystone和數據庫的密碼(163行)

vi /etc/kolla/passwords.yml

163 keystone_admin_password: HsPbEQHxTqmewKYNoRPpIOyQNdEYpHy36OX67TG3

164 keystone_database_password:7h1UDflKQmD1c6hQ9q7oyDdKfZTFlNAQYuXz148C

改為:

keystone_admin_password: 000000

keystone_database_password: 000000

注:這是登錄 Dashboard,admin 使用的密碼,你可以根據自己需要進行修改。密碼前注意空格

4、全局配置文件globals.yml最后面添加下面內容

vi /etc/kolla/globals.yml

kolla_base_distro: "centos"

kolla_install_type: "binary"

openstack_release: "train"

node_custom_config: "/etc/kolla/config"

kolla_internal_vip_address: "192.168.100.55"? ?#--->不存在主機的IP地址

docker_namespace: "kolla"

network_interface: "eth0"? ? #--->管理網絡出口網卡

api_interface: "{{ network_interface }}"

neutron_external_interface: "eth1"? ? #--->外部網絡網卡

neutron_plugin_agent: "openvswitch"

enable_haproxy: "yes"

enable_ceph: "no"

enable_chrony: "no"

enable_cinder: "yes"

enable_grafana: "yes"

enable_heat: "no"

enable_mariabackup: "yes"

enable_neutron_dvr: "yes"

enable_neutron_fwaas: "yes"

enable_neutron_qos: "yes"

enable_neutron_provider_networks: "yes"

glance_backend_ceph: "no"

glance_enable_rolling_upgrade: "no"

cinder_backend_ceph: "no"

cinder_backup_driver: "nfs"

nova_backend_ceph: "no"

prometheus_cmdline_extras: "-storage.local.retention 720h"

nova_console: "novnc"

nova_compute_virt_type: "kvm"

enable_cinder_backup: "yes"

enable_cinder_backend_nfs: "yes"

enable_ceilometer: "yes"

enable_gnocchi: "yes"

enable_grafana: "yes"

enable_ceilometer_ipmi: "yes"

enable_horizon_zun: "{{ enable_zun | bool }}"

enable_zun: "yes"

enable_opendaylight: "yes"

enable_opendaylight_qos: "yes"

enable_opendaylight_l3: "yes"

enable_horizon_fwaas: "{{ enable_neutron_fwaas | bool }}"

enable_kuryr: "yes"

kolla_dev_mode: "yes"

heat_dev_mode: "yes"

5、修改multinode文件

修改為所有節點的主機名或IP地址,根據hosts來

我的主機名為:kolla

# These initial groups are the only groups required to be modified. The

# additional groups are for more control of the environment.

[control]

# These hostname must be resolvable from your deployment host

kolla

# The above can also be specified as follows:

#control[01:03] ansible_user=kolla

# The network nodes are where your l3-agent and loadbalancers will run

# This can be the same as a host in the control group

[network]

kolla

[compute]

kolla

[monitoring]

kolla

# When compute nodes and control nodes use different interfaces,

# you need to comment out "api_interface" and other interfaces from the globals.yml

# and specify like below:

#compute01 neutron_external_interface=eth0 api_interface=em1 storage_interface=em1 tunnel_interface=em1

[storage]

kolla

[deployment]

localhost ansible_connection=local

[baremetal:children]

control

network

compute

storage

monitoring

........

注:如果主機數較多可以使用正則表達式;例如:

[openstack-controller]

controller[01:03]

6、檢查

(1)檢查multinode配置是否正確,實現ping通各個主機

ansible -i /etc/kolla/multinode all -m ping

無報錯顯示

(2)部署檢查

kolla-ansible -i /etc/kolla/multinode bootstrap-servers

無報錯顯示結果

kolla-ansible -i /etc/kolla/multinode prechecks

無報錯顯示結果

7、做nfs與cinder-volumes的卷組對接

1、創建好磁盤掛載目錄:mkdir -p /data/openstack/cinder

2、把磁盤掛載到目錄上:mount /dev/sdb /data

3、創建對接cinder磁盤的文件:mkdir -p /etc/kolla/config

vi ?/etc/kolla/config/nfs_shares

192.168.100.194:/data/openstack_data/cinder

vi /etc/exports

/data/openstack *(rw,no_root_squash)

8、安裝openstack客戶端

先安裝版本不匹配的組件

pip install -I ipaddress

安裝openstack客戶端

pip install python-openstackclient

9、執行部署

kolla-ansible -i /etc/kolla/multinode deploy

出現報錯error

TASK [Cloning neutron source repository for development] ***************************

fatal: [kolla]: FAILED! => {"changed": false, "cmd": "/usr/bin/git clone --origin origin https://opendev.org/openstack/neutron /opt/stack/neutron", "msg": "fatal: unable to access 'https://opendev.org/openstack/neutron/': Could not resolve host: opendev.org; Unknown error", "rc": 128, "stderr": "fatal: unable to access 'https://opendev.org/openstack/neutron/': Could not resolve host: opendev.org; Unknown error\n", "stderr_lines": ["fatal: unable to access 'https://opendev.org/openstack/neutron/': Could not resolve host: opendev.org; Unknown error"], "stdout": "Cloning into '/opt/stack/neutron'...\n", "stdout_lines": ["Cloning into '/opt/stack/neutron'..."]}

太晚了,未能解決

目前進度》》》》


10、生成openrc文件,該文件中設置了管理員用戶的憑據

kolla-ansible post-deploy

cat /etc/kolla/admin-openrc.sh

11、訪問openstack horizon需要使用vip地址,節點上可以看到由keepalived容器生成的vip

瀏覽器直接訪問該地址即可登錄到dashboard界面

http:vip地址

登錄賬號:admin

密碼:000000(根據passwords.yml中的keystone_admin_password: 000000)

kolla部署openstack完成



部分報錯

1問題:

[root@kolla ~]# pip install -U ansible

DEPRECATION: Python 2.7 reached the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 is no longer maintained. pip 21.0 will drop support for Python 2.7 in January 2021. More details about Python 2 support in pip can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support pip 21.0 will remove support for this functionality.

Collecting ansible

? Downloading ansible-4.10.0.tar.gz (36.8 MB)

? ? |████████████████████████████████| 36.8 MB 71 kB/s

? ? ERROR: Command errored out with exit status 1:

? ? command: /usr/bin/python -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-D1VBWD/ansible/setup.py'"'"'; __file__='"'"'/tmp/pip-install-D1VBWD/ansible/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' egg_info --egg-base /tmp/pip-pip-egg-info-ZKMLrq

? ? ? ? cwd: /tmp/pip-install-D1VBWD/ansible/

? ? Complete output (5 lines):

? ? /usr/lib64/python2.7/distutils/dist.py:267: UserWarning: Unknown distribution option: 'project_urls'

? ? ? warnings.warn(msg)

? ? /usr/lib64/python2.7/distutils/dist.py:267: UserWarning: Unknown distribution option: 'python_requires'

? ? ? warnings.warn(msg)

? ? error in ansible setup command: 'install_requires' must be a string or list of strings containing valid project/version requirement specifiers

? ? ----------------------------------------

ERROR: Command errored out with exit status 1: python setup.py egg_info Check the logs for full command output.

1解決:

yum install -y ansible

2問題:?

[root@kolla ~]# pip install -U pip

Collecting pip

? Using cached https://files.pythonhosted.org/packages/ba/19/e63fb4e0d20e48bd2167bb7e857abc0e21679e24805ba921a224df8977c0/pip-23.2.1.tar.gz

? ? Complete output from command python setup.py egg_info:

? ? Traceback (most recent call last):

? ? ? File "<string>", line 1, in <module>

? ? ? File "/tmp/pip-build-a7_xbA/pip/setup.py", line 7

? ? ? ? def read(rel_path: str) -> str:

? ? ? ? ? ? ? ? ? ? ? ? ^

? ? SyntaxError: invalid syntax

? ? ----------------------------------------

Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-build-a7_xbA/pip/

You are using pip version 8.1.2, however version 23.2.1 is available.

You should consider upgrading via the 'pip install --upgrade pip' command.

2解決:

python -m pip install --upgrade pip==20.3.4

3.問題:

[root@kolla ~]# pip install kolla-ansible -i https://pypi.tuna.tsinghua.edu.cn/simple --ignore-installed netaddr

cp -r /usr/share/kolla-ansible/etc_examples/kolla /etc/kolla/

cp /usr/share/kolla-ansible/ansible/inventory/* .DEPRECATION: Python 2.7 reached the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 is no longer maintained. pip 21.0 will drop support for Python 2.7 in January 2021. More details about Python 2 support in pip can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support pip 21.0 will remove support for this functionality.

Looking in indexes: https://pypi.tuna.tsinghua.edu.cn/simple

WARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)'),)': /simple/kolla-ansible/

WARNING: Retrying (Retry(total=3, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)'),)': /simple/kolla-ansible/

WARNING: Retrying (Retry(total=2, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)'),)': /simple/kolla-ansible/

WARNING: Retrying (Retry(total=1, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)'),)': /simple/kolla-ansible/

WARNING: Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)'),)': /simple/kolla-ansible/

Could not fetch URL https://pypi.tuna.tsinghua.edu.cn/simple/kolla-ansible/: There was a problem confirming the ssl certificate: HTTPSConnectionPool(host='pypi.tuna.tsinghua.edu.cn', port=443): Max retries exceeded with url: /simple/kolla-ansible/ (Caused by SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)'),)) - skipping

ERROR: Could not find a version that satisfies the requirement kolla-ansible (from versions: none)

ERROR: No matching distribution found for kolla-ansible

3解決:

以上提示沒有證書的問題,采用其他方法解決

pip install --upgrade pip

pip install kolla-ansible -i https://pypi.tuna.tsinghua.edu.cn/simple --trusted-host pypi.tuna.tsinghua.edu.cn --ignore-installed netaddr --cert /path/to/your/certificate.pem

4 問題:

fatal: [kolla]: FAILED! => {"changed": true, "msg": "'Traceback (most recent call last):\\n File \"/tmp/ansible_kolla_docker_payload_TYLEie/ansible_kolla_docker_payload.zip/ansible/modules/kolla_docker.py\", line 1027, in main\\n File \"/tmp/ansible_kolla_docker_payload_TYLEie/ansible_kolla_docker_payload.zip/ansible/modules/kolla_docker.py\", line 906, in ensure_image\\n File \"/tmp/ansible_kolla_docker_payload_TYLEie/ansible_kolla_docker_payload.zip/ansible/modules/kolla_docker.py\", line 571, in pull_image\\n File \"/usr/lib/python2.7/site-packages/docker/api/image.py\", line 430, in pull\\n self._raise_for_status(response)\\n File \"/usr/lib/python2.7/site-packages/docker/api/client.py\", line 270, in _raise_for_status\\n raise create_api_error_from_http_exception(e)\\n File \"/usr/lib/python2.7/site-packages/docker/errors.py\", line 31, in create_api_error_from_http_exception\\n raise cls(e, response=response, explanation=explanation)\\nImageNotFound: 404 Client Error for http+docker://localhost/v1.41/images/create?tag=train&fromImage=kolla%2Fcentos-sourse-fluentd: Not Found (\"pull access denied for kolla/centos-sourse-fluentd, repository does not exist or may require \\'docker login\\': denied: requested access to the resource is denied\")\\n'"}

4 解決:?

在kolla-ansible部署openstack中途出現該問題,原因是無法在dokcer hub中未能找到某鏡像(centos-sourse-fluentd),本人通過以下方法解決

將/etc/kolla/globals.yml內容切換再重新執行kolla-ansible -i /etc/kolla/multinode deploy? 應該能解決

vi /etc/kolla/globals.yml

kolla_base_distro: "centos"

kolla_install_type: "binary"

openstack_release: "train"

node_custom_config: "/etc/kolla/config"

kolla_internal_vip_address: "192.168.100.55"? ?#--->不存在主機的IP地址

docker_namespace: "kolla"

network_interface: "eth0"? ? #--->管理網絡出口網卡

api_interface: "{{ network_interface }}"

neutron_external_interface: "eth1"? ? #--->外部網絡網卡

neutron_plugin_agent: "openvswitch"

enable_haproxy: "yes"

enable_ceph: "no"

enable_chrony: "no"

enable_cinder: "yes"

enable_grafana: "yes"

enable_heat: "no"

enable_mariabackup: "yes"

enable_neutron_dvr: "yes"

enable_neutron_fwaas: "yes"

enable_neutron_qos: "yes"

enable_neutron_provider_networks: "yes"

glance_backend_ceph: "no"

glance_enable_rolling_upgrade: "no"

cinder_backend_ceph: "no"

cinder_backup_driver: "nfs"

nova_backend_ceph: "no"

prometheus_cmdline_extras: "-storage.local.retention 720h"

nova_console: "novnc"

nova_compute_virt_type: "kvm"

enable_cinder_backup: "yes"

enable_cinder_backend_nfs: "yes"

enable_ceilometer: "yes"

enable_gnocchi: "yes"

enable_grafana: "yes"

enable_ceilometer_ipmi: "yes"

enable_horizon_zun: "{{ enable_zun | bool }}"

enable_zun: "yes"

enable_opendaylight: "yes"

enable_opendaylight_qos: "yes"

enable_opendaylight_l3: "yes"

enable_horizon_fwaas: "{{ enable_neutron_fwaas | bool }}"

enable_kuryr: "yes"

kolla_dev_mode: "yes"

heat_dev_mode: "yes"

5 問題:

TASK [Cloning neutron source repository for development] ***************************

fatal: [kolla]: FAILED! => {"changed": false, "cmd": "/usr/bin/git clone --origin origin https://opendev.org/openstack/neutron /opt/stack/neutron", "msg": "fatal: unable to access 'https://opendev.org/openstack/neutron/': Could not resolve host: opendev.org; Unknown error", "rc": 128, "stderr": "fatal: unable to access 'https://opendev.org/openstack/neutron/': Could not resolve host: opendev.org; Unknown error\n", "stderr_lines": ["fatal: unable to access 'https://opendev.org/openstack/neutron/': Could not resolve host: opendev.org; Unknown error"], "stdout": "Cloning into '/opt/stack/neutron'...\n", "stdout_lines": ["Cloning into '/opt/stack/neutron'..."]}

5解決:?

錯誤提示是因為無法解析主機名opendev.org,可能是網絡連接問題或者DNS解析問題導致的

未能解決

最后編輯于
?著作權歸作者所有,轉載或內容合作請聯系作者
平臺聲明:文章內容(如有圖片或視頻亦包括在內)由作者上傳并發布,文章內容僅代表作者本人觀點,簡書系信息發布平臺,僅提供信息存儲服務。

推薦閱讀更多精彩內容