参考文档:
Kolla-ansible自动化部署openstack - 小李222 - 博客园 (cnblogs.com)
https://docs.openstack.org/kolla-ansible/latest/user/quickstart.html#官方安装手册
Kolla-ansible自动化部署openstack
一、准备工作(模拟all-in-one部署)
eth0: 192.168.100.194
eth1: 10.0.0.202
hostnamectl set-hostname kolla
systemctl stop firewalld && systemctl disable firewalld
systemctl stop NetworkManager && systemctl disable NetworkManager
setenforce 0
vi /etc/sysconfig/selinux
vi /etc/hosts
192.168.100.194 kolla
ssh-keygen -t rsa(一直按回车)
ssh-copy-id kolla
vi /etc/resolv.conf
nameserver 114.114.114.114
二、环境准备
yum -y install vim wget net-tools
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum -y install python-devel libffi-devel gcc openssl-devel libselinux-python
yum -y install python-pip
mkdir ~/.pip
cat << EOF > ~/.pip/pip.conf
[global]
index-url = https://mirrors.aliyun.com/pypi/simple/
[install]
trusted-host=mirrors.aliyun.com
EOF
pip install --upgrade pip==20.3.4
pip install ansible==2.9.0
mkdir /etc/ansible/
cat << EOF > /etc/ansible/ansible.cfg
[defaults]
host_key_checking=False
pipelining=True
forks=100
EOF
1、安装python环境相关依赖包
yum -y install python-devel libffi-devel gcc openssl-devel libselinux-python
yum -y install python-pip
mkdir ~/.pip
cat << EOF > ~/.pip/pip.conf
[global]
index-url = https://mirrors.aliyun.com/pypi/simple/
[install]
trusted-host=mirrors.aliyun.com
EOF
pip install --upgrade pip==20.3.4
yum install -y yum-utils device-mapper-persistent-data lvm2
yum -y install nfs-utils
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
sudo sed -i 's+download.docker.com+mirrors.aliyun.com/docker-ce+' /etc/yum.repos.d/docker-ce.repo
yum makecache fast
yum -y install docker-ce-20.10.5
systemctl enable docker && systemctl restart docker && systemctl status docker
所谓共享挂载即同一个目录或设备可以挂载到多个不同的路径并且能够保持互相之间的共享可见性,类似于 mount --shared。在 OpenStack for Kolla 中,主要解决 Neutron 的 namespace 在不同 container 中得以保持实效性的问题。
mkdir -p /etc/systemd/system/docker.service.d
cat << EOF > /etc/systemd/system/docker.service.d/kolla.conf
[Service]
MountFlags=shared
EOF
systemctl daemon-reload && systemctl restart docker && systemctl status docker
mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json << EOF
{
"registry-mirrors" : [
"https://registry.docker-cn.com",
"https://docker.mirrors.ustc.edu.cn",
"http://hub-mirror.c.163.com",
"https://cr.console.aliyun.com/"
]
}
EOF
systemctl daemon-reload && systemctl restart docker
三、部署openstack
pip install kolla-ansible==9.3.0 --ignore-installed PyYAML
注:官方推荐部署环境使用 pip install kolla-ansible 方式来安装 kolla-ansible
##以上安装出错解决方法(依次试验)
1. pip install -U prb
如果出错尝试 2. pip2 install --upgrade setuptools
如果还出错,就安装以下软件
3. pip2 install --upgrade pip
pip2 install django-import-export
cp -r /usr/share/kolla-ansible/etc_examples/kolla /etc/
cp /usr/share/kolla-ansible/ansible/inventory/multinode /etc/kolla/
ls /etc/kolla/
实现效果:
ls /etc/kolla
globals.yml multinode passwords.yml
kolla-genpwd
修改keystone和数据库的密码(163行)
vi /etc/kolla/passwords.yml
163 keystone_admin_password: HsPbEQHxTqmewKYNoRPpIOyQNdEYpHy36OX67TG3
164 keystone_database_password:7h1UDflKQmD1c6hQ9q7oyDdKfZTFlNAQYuXz148C
改为:
keystone_admin_password: 000000
keystone_database_password: 000000
注:这是登录 Dashboard,admin 使用的密码,你可以根据自己需要进行修改。密码前注意空格
vi /etc/kolla/globals.yml
kolla_base_distro: "centos"
kolla_install_type: "binary"
openstack_release: "train"
node_custom_config: "/etc/kolla/config"
kolla_internal_vip_address: "192.168.100.55" #--->不存在主机的IP地址
docker_namespace: "kolla"
network_interface: "eth0" #--->管理网络出口网卡
api_interface: "{{ network_interface }}"
neutron_external_interface: "eth1" #--->外部网络网卡
neutron_plugin_agent: "openvswitch"
enable_haproxy: "yes"
enable_ceph: "no"
enable_chrony: "no"
enable_cinder: "yes"
enable_grafana: "yes"
enable_heat: "no"
enable_mariabackup: "yes"
enable_neutron_dvr: "yes"
enable_neutron_fwaas: "yes"
enable_neutron_qos: "yes"
enable_neutron_provider_networks: "yes"
glance_backend_ceph: "no"
glance_enable_rolling_upgrade: "no"
cinder_backend_ceph: "no"
cinder_backup_driver: "nfs"
nova_backend_ceph: "no"
prometheus_cmdline_extras: "-storage.local.retention 720h"
nova_console: "novnc"
nova_compute_virt_type: "kvm"
enable_cinder_backup: "yes"
enable_cinder_backend_nfs: "yes"
enable_ceilometer: "yes"
enable_gnocchi: "yes"
enable_grafana: "yes"
enable_ceilometer_ipmi: "yes"
enable_horizon_zun: "{{ enable_zun | bool }}"
enable_zun: "yes"
enable_opendaylight: "yes"
enable_opendaylight_qos: "yes"
enable_opendaylight_l3: "yes"
enable_horizon_fwaas: "{{ enable_neutron_fwaas | bool }}"
enable_kuryr: "yes"
kolla_dev_mode: "yes"
heat_dev_mode: "yes"
修改为所有节点的主机名或IP地址,根据hosts来
我的主机名为:kolla
# These initial groups are the only groups required to be modified. The
# additional groups are for more control of the environment.
[control]
# These hostname must be resolvable from your deployment host
kolla
# The above can also be specified as follows:
#control[01:03] ansible_user=kolla
# The network nodes are where your l3-agent and loadbalancers will run
# This can be the same as a host in the control group
[network]
kolla
[compute]
kolla
[monitoring]
kolla
# When compute nodes and control nodes use different interfaces,
# you need to comment out "api_interface" and other interfaces from the globals.yml
# and specify like below:
#compute01 neutron_external_interface=eth0 api_interface=em1 storage_interface=em1 tunnel_interface=em1
[storage]
kolla
[deployment]
localhost ansible_connection=local
[baremetal:children]
control
network
compute
storage
monitoring
........
注:如果主机数较多可以使用正则表达式;例如:
[openstack-controller]
controller[01:03]
(1)检查multinode配置是否正确,实现ping通各个主机
ansible -i /etc/kolla/multinode all -m ping
无报错显示
(2)部署检查
kolla-ansible -i /etc/kolla/multinode bootstrap-servers
无报错显示结果
kolla-ansible -i /etc/kolla/multinode prechecks
无报错显示结果
1、创建好磁盘挂载目录:mkdir -p /data/openstack/cinder
2、把磁盘挂载到目录上:mount /dev/sdb /data
3、创建对接cinder磁盘的文件:mkdir -p /etc/kolla/config
vi /etc/kolla/config/nfs_shares
192.168.100.194:/data/openstack_data/cinder
vi /etc/exports
/data/openstack *(rw,no_root_squash)
先安装版本不匹配的组件
pip install -I ipaddress
安装openstack客户端
pip install python-openstackclient
kolla-ansible -i /etc/kolla/multinode deploy
出现报错error
TASK [Cloning neutron source repository for development] ***************************
fatal: [kolla]: FAILED! => {"changed": false, "cmd": "/usr/bin/git clone --origin origin https://opendev.org/openstack/neutron /opt/stack/neutron", "msg": "fatal: unable to access 'https://opendev.org/openstack/neutron/': Could not resolve host: opendev.org; Unknown error", "rc": 128, "stderr": "fatal: unable to access 'https://opendev.org/openstack/neutron/': Could not resolve host: opendev.org; Unknown error\n", "stderr_lines": ["fatal: unable to access 'https://opendev.org/openstack/neutron/': Could not resolve host: opendev.org; Unknown error"], "stdout": "Cloning into '/opt/stack/neutron'...\n", "stdout_lines": ["Cloning into '/opt/stack/neutron'..."]}
太晚了,未能解决
目前进度》》》》
kolla-ansible post-deploy
cat /etc/kolla/admin-openrc.sh
11、访问openstack horizon需要使用vip地址,节点上可以看到由keepalived容器生成的vip
浏览器直接访问该地址即可登录到dashboard界面
http:vip地址
登录账号:admin
密码:000000(根据passwords.yml中的keystone_admin_password: 000000)
kolla部署openstack完成
部分报错
1问题:
[root@kolla ~]# pip install -U ansible
DEPRECATION: Python 2.7 reached the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 is no longer maintained. pip 21.0 will drop support for Python 2.7 in January 2021. More details about Python 2 support in pip can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support pip 21.0 will remove support for this functionality.
Collecting ansible
Downloading ansible-4.10.0.tar.gz (36.8 MB)
|████████████████████████████████| 36.8 MB 71 kB/s
ERROR: Command errored out with exit status 1:
command: /usr/bin/python -c 'import sys, setuptools, tokenize; sys.argv[0] = '"'"'/tmp/pip-install-D1VBWD/ansible/setup.py'"'"'; __file__='"'"'/tmp/pip-install-D1VBWD/ansible/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' egg_info --egg-base /tmp/pip-pip-egg-info-ZKMLrq
cwd: /tmp/pip-install-D1VBWD/ansible/
Complete output (5 lines):
/usr/lib64/python2.7/distutils/dist.py:267: UserWarning: Unknown distribution option: 'project_urls'
warnings.warn(msg)
/usr/lib64/python2.7/distutils/dist.py:267: UserWarning: Unknown distribution option: 'python_requires'
warnings.warn(msg)
error in ansible setup command: 'install_requires' must be a string or list of strings containing valid project/version requirement specifiers
----------------------------------------
ERROR: Command errored out with exit status 1: python setup.py egg_info Check the logs for full command output.
1解决:
yum install -y ansible
2问题:
[root@kolla ~]# pip install -U pip
Collecting pip
Using cached https://files.pythonhosted.org/packages/ba/19/e63fb4e0d20e48bd2167bb7e857abc0e21679e24805ba921a224df8977c0/pip-23.2.1.tar.gz
Complete output from command python setup.py egg_info:
Traceback (most recent call last):
File "<string>", line 1, in <module>
File "/tmp/pip-build-a7_xbA/pip/setup.py", line 7
def read(rel_path: str) -> str:
^
SyntaxError: invalid syntax
----------------------------------------
Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-build-a7_xbA/pip/
You are using pip version 8.1.2, however version 23.2.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
2解决:
python -m pip install --upgrade pip==20.3.4
3.问题:
[root@kolla ~]# pip install kolla-ansible -i https://pypi.tuna.tsinghua.edu.cn/simple --ignore-installed netaddr
cp -r /usr/share/kolla-ansible/etc_examples/kolla /etc/kolla/
cp /usr/share/kolla-ansible/ansible/inventory/* .DEPRECATION: Python 2.7 reached the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 is no longer maintained. pip 21.0 will drop support for Python 2.7 in January 2021. More details about Python 2 support in pip can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support pip 21.0 will remove support for this functionality.
Looking in indexes: https://pypi.tuna.tsinghua.edu.cn/simple
WARNING: Retrying (Retry(total=4, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)'),)': /simple/kolla-ansible/
WARNING: Retrying (Retry(total=3, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)'),)': /simple/kolla-ansible/
WARNING: Retrying (Retry(total=2, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)'),)': /simple/kolla-ansible/
WARNING: Retrying (Retry(total=1, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)'),)': /simple/kolla-ansible/
WARNING: Retrying (Retry(total=0, connect=None, read=None, redirect=None, status=None)) after connection broken by 'SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)'),)': /simple/kolla-ansible/
Could not fetch URL https://pypi.tuna.tsinghua.edu.cn/simple/kolla-ansible/: There was a problem confirming the ssl certificate: HTTPSConnectionPool(host='pypi.tuna.tsinghua.edu.cn', port=443): Max retries exceeded with url: /simple/kolla-ansible/ (Caused by SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)'),)) - skipping
ERROR: Could not find a version that satisfies the requirement kolla-ansible (from versions: none)
ERROR: No matching distribution found for kolla-ansible
3解决:
以上提示没有证书的问题,采用其他方法解决
pip install --upgrade pip
pip install kolla-ansible -i https://pypi.tuna.tsinghua.edu.cn/simple --trusted-host pypi.tuna.tsinghua.edu.cn --ignore-installed netaddr --cert /path/to/your/certificate.pem
4 问题:
fatal: [kolla]: FAILED! => {"changed": true, "msg": "'Traceback (most recent call last):\\n File \"/tmp/ansible_kolla_docker_payload_TYLEie/ansible_kolla_docker_payload.zip/ansible/modules/kolla_docker.py\", line 1027, in main\\n File \"/tmp/ansible_kolla_docker_payload_TYLEie/ansible_kolla_docker_payload.zip/ansible/modules/kolla_docker.py\", line 906, in ensure_image\\n File \"/tmp/ansible_kolla_docker_payload_TYLEie/ansible_kolla_docker_payload.zip/ansible/modules/kolla_docker.py\", line 571, in pull_image\\n File \"/usr/lib/python2.7/site-packages/docker/api/image.py\", line 430, in pull\\n self._raise_for_status(response)\\n File \"/usr/lib/python2.7/site-packages/docker/api/client.py\", line 270, in _raise_for_status\\n raise create_api_error_from_http_exception(e)\\n File \"/usr/lib/python2.7/site-packages/docker/errors.py\", line 31, in create_api_error_from_http_exception\\n raise cls(e, response=response, explanation=explanation)\\nImageNotFound: 404 Client Error for http+docker://localhost/v1.41/images/create?tag=train&fromImage=kolla%2Fcentos-sourse-fluentd: Not Found (\"pull access denied for kolla/centos-sourse-fluentd, repository does not exist or may require \\'docker login\\': denied: requested access to the resource is denied\")\\n'"}
4 解决:
在kolla-ansible部署openstack中途出现该问题,原因是无法在dokcer hub中未能找到某镜像(centos-sourse-fluentd),本人通过以下方法解决
将/etc/kolla/globals.yml内容切换再重新执行kolla-ansible -i /etc/kolla/multinode deploy 应该能解决
vi /etc/kolla/globals.yml
kolla_base_distro: "centos"
kolla_install_type: "binary"
openstack_release: "train"
node_custom_config: "/etc/kolla/config"
kolla_internal_vip_address: "192.168.100.55" #--->不存在主机的IP地址
docker_namespace: "kolla"
network_interface: "eth0" #--->管理网络出口网卡
api_interface: "{{ network_interface }}"
neutron_external_interface: "eth1" #--->外部网络网卡
neutron_plugin_agent: "openvswitch"
enable_haproxy: "yes"
enable_ceph: "no"
enable_chrony: "no"
enable_cinder: "yes"
enable_grafana: "yes"
enable_heat: "no"
enable_mariabackup: "yes"
enable_neutron_dvr: "yes"
enable_neutron_fwaas: "yes"
enable_neutron_qos: "yes"
enable_neutron_provider_networks: "yes"
glance_backend_ceph: "no"
glance_enable_rolling_upgrade: "no"
cinder_backend_ceph: "no"
cinder_backup_driver: "nfs"
nova_backend_ceph: "no"
prometheus_cmdline_extras: "-storage.local.retention 720h"
nova_console: "novnc"
nova_compute_virt_type: "kvm"
enable_cinder_backup: "yes"
enable_cinder_backend_nfs: "yes"
enable_ceilometer: "yes"
enable_gnocchi: "yes"
enable_grafana: "yes"
enable_ceilometer_ipmi: "yes"
enable_horizon_zun: "{{ enable_zun | bool }}"
enable_zun: "yes"
enable_opendaylight: "yes"
enable_opendaylight_qos: "yes"
enable_opendaylight_l3: "yes"
enable_horizon_fwaas: "{{ enable_neutron_fwaas | bool }}"
enable_kuryr: "yes"
kolla_dev_mode: "yes"
heat_dev_mode: "yes"
5 问题:
TASK [Cloning neutron source repository for development] ***************************
fatal: [kolla]: FAILED! => {"changed": false, "cmd": "/usr/bin/git clone --origin origin https://opendev.org/openstack/neutron /opt/stack/neutron", "msg": "fatal: unable to access 'https://opendev.org/openstack/neutron/': Could not resolve host: opendev.org; Unknown error", "rc": 128, "stderr": "fatal: unable to access 'https://opendev.org/openstack/neutron/': Could not resolve host: opendev.org; Unknown error\n", "stderr_lines": ["fatal: unable to access 'https://opendev.org/openstack/neutron/': Could not resolve host: opendev.org; Unknown error"], "stdout": "Cloning into '/opt/stack/neutron'...\n", "stdout_lines": ["Cloning into '/opt/stack/neutron'..."]}
5解决:
错误提示是因为无法解析主机名opendev.org,可能是网络连接问题或者DNS解析问题导致的
未能解决
