基于Ansible半自动化部署openstack

目录

1.IP规划

2.部署过程

2.1 初始化

2.2 ansible

 2.3 cinder

2.4 controller

2.5 基于openstack创建实例

---

1.IP规划

主机	IP	备注
ansible	10.5.20.30
controller	10.5.20.31	控制节点，双网卡
	20.1.1.31(隧道IP)
compute	10.5.20.32	计算节点，开启虚拟化，双网卡
	20.1.1.32(隧道IP)
cinbder	10.5.20.33	存储节点，添加若干硬盘

2.部署过程

2.1 初始化

#删除系统自带网络源，该源已不可用

rm -fr /etc/yum.repos.d/*

基础源（ansible）

# 使用curl获取华为源文件
curl -L https://mirrors.huaweicloud.com/repository/conf/CentOS-7-anon.repo -o /etc/yum.repos.d/CentOS-Base.repo

openstack源（cinder）

cat >> /etc/yum.repos.d/openstack.repo <<-EOF
[base]
name=base
baseurl=https://repo.huaweicloud.com/centos/7/os/x86_64/
enable=1
gpgcheck=0
[extras]
name=extrax
baseurl=https://repo.huaweicloud.com/centos/7/extras/x86_64/
enable=1
gpgcheck=0
[updates]
name=updates
baseurl=https://repo.huaweicloud.com/centos/7/updates/x86_64/
enable=1
gpgcheck=0
[queens]
name=queens
baseurl=https://repo.huaweicloud.com/centos/7/cloud/x86_64/openstack-queens/
enable=1
gpgcheck=0
[virt]
name=virt
baseurl=https://repo.huaweicloud.com/centos/7/virt/x86_64/kvm-common/
enable=1
gpgcheck=0
EOF

epel-relase源（ansible）

yum -y install epel-release

关闭防护

# 关闭SELinux
setenforce 0
# 关闭SELinux开机自启动
sed  "s/SELINUX=.*/SELINUX=disabled/" /etc/selinux/config
# 关闭防火墙
systemctl stop firewalld
# 关闭防火墙开机自启动
systemctl disable firewalld

ssh免密登录（ansible）

# 制作密钥
ssh-keygen
# 复制ssh-id
ssh-copy-id root@10.5.20.31
ssh-copy-id root@10.5.20.32
ssh-copy-id root@10.5.20.33

修改主机名

# controller
hostnamectl set-hostname controller
# compute
hostnamectl set-hostname compute
# cinder
hostnamectl set-hostname cinder

2.2 ansible

安装ansible

yum -y install ansible

将受管主机添加至ansible的hosts文件中

vim /etc/ansible/hosts
# 添加如下内容，添加所需的参数/变量
10.5.20.31 controller_ip="10.5.20.31" compute_ip="10.5.20.32" network="10.5.20.0/24" network_interface="eth0" vm_tunnal_ip="20.1.1.31"
10.5.20.32 controller_ip="10.5.20.31" compute_ip="10.5.20.32" vm_tunnal_ip="20.1.1.32"

上传shell脚本模版

installController.sh.j2

https://pan.baidu.com/s/1TLS1vovIyKoND64dlgv6Tw?pwd=1234https://pan.baidu.com/s/1TLS1vovIyKoND64dlgv6Tw?pwd=1234installCompute.sh.j2

https://pan.baidu.com/s/1qWO6iGlhsRpMciXrXBJN0Q?pwd=1234https://pan.baidu.com/s/1qWO6iGlhsRpMciXrXBJN0Q?pwd=1234上传压缩包

controller.zip

https://pan.baidu.com/s/1VO9dUwMZlWZweS4WCSjazg?pwd=1234https://pan.baidu.com/s/1VO9dUwMZlWZweS4WCSjazg?pwd=1234compute.zip

https://pan.baidu.com/s/1IcWcuyB13G07LLE8SFx06A?pwd=1234https://pan.baidu.com/s/1IcWcuyB13G07LLE8SFx06A?pwd=1234

编写ansible剧本

vim openstack.yaml
# 内容如下
- hosts: all
  tasks:
    - name: 复制压缩包至控制节点
      copy: src=controller.zip dest=/root/controller.zip
      when: ansible_fqdn == "controller"
    - name: 复制控制节点部署脚本
      template:
        src: installController.sh.j2
        dest: /root/installController.sh
      when: ansible_fqdn == "controller"
    - name: 解压controller.zip
      ansible.builtin.unarchive:
        src: /root/controller.zip
        dest: /root/
      when: ansible_fqdn == "controller"
    - name: 执行控制节点脚本
      shell: /bin/sh /root/installController.sh
      when: ansible_fqdn == "controller"
    - name: 复制压缩包至计算节点
      copy: src=compute.zip dest=/root/compute.zip
      when: ansible_fqdn == "compute"
    - name: 复制计算节点部署脚本
      template:
        src: installCompute.sh.j2
        dest: /root/installCompute.sh
      when: ansible_fqdn == "compute"
    - name: 解压compute.zip
      ansible.builtin.unarchive:
        src: /root/compute.zip
        dest: /root/
      when: ansible_fqdn == "compute"
    - name: 执行计算节点脚本
      shell: /bin/sh /root/installCompute.sh
      when: ansible_fqdn == "compute"
    - name: 在控制节点同步cell
      shell: nova-manage cell_v2 discover_hosts --verbose
      register: tf
      when: ansible_fqdn == "controller"
    - debug: msg="{{ tf.stdout_lines }}"
      when: ansible_fqdn == "controller"

执行剧本

ansible-playbook openstack.yaml

执行完剧本后，登录openstack

http://10.5.20.31/dashboard

用户名：admin，密码：000000

 

 2.3 cinder

hosts文件解析

vim /etc/hosts
# 添加如下内容
10.5.20.31 controller
10.5.20.32 compute
10.5.20.33 cinder

安装LVM组件及其他工具

yum -y install lvm2 device-mapper-persistent-data net-tools vim

启动服务并加入开机自启

systemctl enable lvm2-lvmetad --now

创建LVM物理逻辑卷

pvcreate /dev/sdb

创建cinder-volumes逻辑卷组

vgcreate cinder-volumes /dev/sdb

编辑lvm配置文件

vim /etc/lvm/lvm.conf
# 在指定位置添加内容
devices {
        filter = [ "a/vdb/", "r/.*/"]
}

安装cinder组件

yum -y install centos-release-openstack-queens openstack-cinder targetcli python-keystone

备份并优化cinder配置文件

# 备份
cp /etc/cinder/cinder.conf /etc/cinder/cinder.conf.bak
# 优化
cat /etc/cinder/cinder.conf.bak | grep -v ^# | uniq > /etc/cinder/cinder.conf

编辑cinder配置文件

vim /etc/cinder/cinder.conf
# 在指定选项添加内容
[DEFAULT]
transport_url = rabbit://openstack:000000@controller
auth_strategy = keystone
my_ip = 10.5.20.33
enabled_backends  =  lvm
glance_api_servers = http://controller:9292
[database]
connection = mysql+pymysql://cinder:000000@controller/cinder 
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_id = default
user_domain_id = default
project_name = service
username = cinder
password = 000000
[lvm]
volume_driver  =  cinder.volume.drivers.lvm.LVMVolumeDriver 
volume_group  =  cinder-volumes 
iscsi_protocol  =  iscsi 
iscsi_helper  =  lioadm
[oslo_concurrency]
lock_path = /var/lib/cinder/tmp

启动服务并加入开机自启

systemctl restart openstack-cinder-volume target
systemctl enable openstack-cinder-volume target

2.4 controller

hosts文件解析

echo "10.5.20.33 cinder" >> /etc/hosts

配置cinder数据库

mysql -u root -p000000
CREATE DATABASE cinder;
GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY '000000';
GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY '000000';

执行环境脚本

. openstack_admin

创建一个cinder用户，密码设置为000000

openstack user create --domain default --password 000000 cinder

添加admin角色到cinder用户

openstack role add --project service --user cinder admin

创建cinderv2和cinderv3服务实体

openstack service create --name cinderv2 --description "OpenStack Block Storage v2" volumev2
openstack service create --name cinderv3 --description "OpenStack Block Storage v3" volumev3

创建块存储服务API端点

openstack endpoint create --region RegionOne volumev2 public http://controller:8776/v2/%\(project_id\)s
openstack endpoint create --region RegionOne volumev2 internal http://controller:8776/v2/%\(project_id\)s
openstack endpoint create --region RegionOne volumev2 admin http://controller:8776/v2/%\(project_id\)s
openstack endpoint create --region RegionOne volumev3 public http://controller:8776/v3/%\(project_id\)s
openstack endpoint create --region RegionOne volumev3 internal http://controller:8776/v3/%\(project_id\)s
openstack endpoint create --region RegionOne volumev3 admin http://controller:8776/v3/%\(project_id\)s

安装cinder组件

yum -y install openstack-cinder

备份并优化cinder配置文件

# 备份
cp /etc/cinder/cinder.conf /etc/cinder/cinder.conf.bak
# 优化
cat /etc/cinder/cinder.conf.bak | grep -v ^# | uniq > /etc/cinder/cinder.conf

编辑cinder配置文件

vim /etc/cinder/cinder.conf
# 在指定选项添加内容
[DEFAULT]
transport_url = rabbit://openstack:000000@controller
auth_strategy = keystone
my_ip = 10.5.20.31
[database]
connection = mysql+pymysql://cinder:000000@controller/cinder 
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_id = default
user_domain_id = default
project_name = service
username = cinder
password = 000000
[oslo_concurrency]
lock_path = /var/lib/cinder/tmp

同步块存储数据库

su -s /bin/sh -c "cinder-manage db sync" cinder

配置计算服务使用块存储

vim /etc/nova/nova.conf
# 在选项[cinder]添加如下内容
[cinder]
os_region_name = RegionOne

启动/重启以下服务，将cinder服务加入开机自启

systemctl restart openstack-nova-api
systemctl restart openstack-cinder-api
systemctl restart openstack-cinder-scheduler
systemctl enable openstack-cinder-api
systemctl enable openstack-cinder-scheduler

2.5 基于openstack创建实例

创建项目

创建用户

 创建外部网络

使用新创建的用户登陆openstack

创建用户网络

 

创建路由

放行ssh

添加一个浮动IP

创建卷

 

创建实例类型

创建镜像

Index of / (cirros-cloud.net)https://download.cirros-cloud.net/

创建实例