参考资料
官方文档(错了看他)
OpenStack官方说明书:
https://docs.openstack.org/kolla-ansible/latest/user/quickstart.html#host-machine-requirements
基础环境配置
服务器基础配置
系统:centos8.3
内存:16G 最小8G
硬盘:100G 最小40G
网卡:双网卡 最少双网卡
cpu:16核
关闭防火墙
# vi /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
#临时关闭selinux
# setenforce 0
#关闭防火墙并设置开机不自启
# systemctl disable firewalld && systemctl stop firewalld
修改主机名并配置hosts文件
#设置主机名为openstack
[root@localhost ~]#hostnamectl set-hostname openstak
#设置本地映射
[root@localhost ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.128.10 openstack
修改IP地址
# cat /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=ea9f53c4-29dd-481d-a636-eed43df2f53c
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.128.20
NETMASK=255.255.255.0
GATEWAY=192.168.128.2
DNS1=114.114.114.114
DNS2=223.5.5.5
#重启网卡使配置生效
[root@openstack~]# nmcli c reload ens33
或
[root@openstak ~]# ifdown ens33 && ifup ens133
Connection 'ens33' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4)
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/5)
更新epel
yum -y install epel-release
配置yum源
#vi /etc/yum.repos.d/wangyi.repo
[wangyi] #阿里最近太卡 网易挺香,中科大也行。懂得都懂
name=wangyi
baseurl=http://mirrors.163.com/centos/8.3.2011/BaseOS/x86_64/os/
enbaled=1
gpgcheck=0
配置pip源
#mkdir ~/.pip
#cat > ~/.pip/pip.conf << EOF
> [global]
> trusted-host=mirrors.aliyun.com
> index-url=https://mirrors.aliyun.com/pypi/simple/
> EOF
上面如果执行不成功直接进入文件进行编辑一下内容
[root@openstak ~]# cat ~/.pip/pip.conf
[global]
trusted-host=mirrors.aliyun.com
index-url=https://mirrors.aliyun.com/pypi/simple/
卸载libvirt
#本地的libvirt会导致异常
[root@openstak kolla]# yum remove -y libvirt*
安装
安装基础软件
注:#centos8中默认的自动安装程序dnf,yum的升级版本,yum依旧可以使用
#dnf install python3-devel libffi-devel gcc openssl-devel python3-libselinux -y
#安装python3-pip
# dnf install python3-pip -y
#更新pip版本
[root@openstak ~]# pip3 install -U pip
#安装Kolla Ansible,至少需要Ansible2.9并最多支持2.10。
# dnf install ansible -y
#安装kolla-ansible及其依赖项pip。
# pip3 install kolla-ansible
#遇到错误
ERROR: Cannot uninstall 'PyYAML'. It is a distutils installed project and thus we cannot accurately determine which files belong to it which would lead to only a partial uninstall.
#忽略已经按照的PyYAML,重新按照PyYAML
# pip3 install PyYAML --ignore-installed PyYAML
#重新安装
# pip3 install kolla-ansible
#安装docker
#1、需要CentOS7或者8的维护版本
#2、需要卸载原来安装的:
yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine
#3、安装yum-tuils,一个管理repository及扩展包
yum install -y yum-utils
#4、添加repo仓库文件
yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo #默认国外镜像源,可以选择国内的。
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
#5、安装docker ce社区版本,ee企业版本,官方推荐社区版本。
yum install -y docker-ce docker-ce-cli containerd.io
#如果遇到错误
# dnf install -y docker-ce docker-ce-cli containerd.io
报错:
Last metadata expiration check: 0:00:56 ago on Tue 18 May 2021 10:54:55 AM EDT.
Error:
Problem 1: problem with installed package podman-2.0.5-5.module_el8.3.0+512+b3b58dca.x86_64
- package podman-2.0.5-5.module_el8.3.0+512+b3b58dca.x86_64 requires runc >= 1.0.0-57, but none of the providers can be installed
(try to add '--allowerasing' to command line to replace conflicting packages or '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages)
#执行以下命令,一路选择y
# yum erase podman buildah
#然后在重现之前的安装命令
#6、启动docker服务
systemctl start docker
#7、验证是否安装成功
docker --version
docker info
#配置docker加速
#1.创建一个目录
mkdir -p /etc/docker
#2.编写配置文件
tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://m6bpldf6.mirror.aliyuncs.com"]
}
EOF
#3.重启服务
systemctl daemon-reload
systemctl restart docker
配置
#创建目录并更改属主
# mkdir -p /etc/kolla
# chown $USER:$USER /etc/kolla
#复制文件到创建的目录
# cp -r /usr/local/share/kolla-ansible/etc_examples/kolla/* /etc/kolla
#复制规划文件到创建的目录
# cp /usr/local/share/kolla-ansible/ansible/inventory/* /etc/kolla/
#配置Ansible
# vim /etc/ansible/ansible.cfg
[defaults]
host_key_checking=False
pipelining=True
forks=100
#配置配置----克拉(Kolla)Ansible自带all-in-one(单机)和multinode(集群)例子清单文件
# vim /etc/kolla/all-in-one
# These initial groups are the only groups required to be modified. The
# additional groups are for more control of the environment.
[control]
openstack
[network]
openstack
[compute]
openstack
[storage]
openstack
[monitoring]
openstack
[deployment]
openstack
#其他保持不变
#配置shh无密码访问
# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): #回车
Enter passphrase (empty for no passphrase): #回车
Enter same passphrase again: #回车
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:nyuj8ux2DOgNj3Ve5kv4brBqizINhHSVBy0WvGE3mBI root@openstak
The key's randomart image is:
+---[RSA 3072]----+
| E++B |
| . o X = |
|... + * . |
|. . . |
| . . S |
| . o o ooo. |
| + * =.*+ |
| o =o= Boo. |
| o.*B= ==. |
+----[SHA256]-----+
# ssh-copy-id -i /root/.ssh/id_rsa.pub root@openstack
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@openstack's password: #输入服务器密码 #000000
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'root@openstack'"
and check to make sure that only the key(s) you wanted were added.
#检查配置文件是否正确
# cd /etc/kolla/
# ansible -i all-in-one all -m ping
[WARNING]: Invalid characters were found in group names but not replaced, use -vvvv to see details
openstack | SUCCESS => {
"ansible_facts": {
"discovered_interpreter_python": "/usr/libexec/platform-python"
},
"changed": false,
"ping": "pong"
}
#配置密码
# kolla-genpwd
#方便后续horizon登录,修改密码
# vim /etc/kolla/passwords.yml
keystone_admin_password: 000000
#kolla核心配置文件,globals.yml是Kolla Ansible的主要配置文件。部署Kolla Ansible需要一些选项
[root@openstack]#vim /etc/kolla/globals.yml
#kolla镜像基于不同linux发型版构建
kolla_base_distro: "centos"
#kolla镜像基于binary二进制和source源码两种类型构建
kolla_install_type: "source"
#openstack版本可自定义,会从dockerhub拉取对应版本的镜像
penstack_release: "train"
#OpenStack内部管理网络地址,通过该IP访问OpenStack Web页面进行管理。
kolla_internal_vip_address: "192.168.128.10"
#OpenStack内部管理网络地址的网卡接口
network_interface: "ens33"
#OpenStack外部(或公共)网络的网卡接口
neutron_external_interface: "ens34"
#关闭高可用
enable_haproxy: "no"
#指定nova-compute守护进程使用的虚拟化技术
nova_compute_virt_type: "qemu"
Docker options
#docker_registry: 默认从dockerhub拉取镜像,这里使用阿里云镜像仓库,也可以本地搭建仓库,提前推送镜像上去。
docker_registry: "registry.cn-hangzhou.aliyuncs.com"
#阿里云kolla镜像仓库所在的命名空间,dockerhub官网默认是kolla。
docker_namespace: "kollaimg"
部署
#安装bootstrap-servers部署OpenStack所需的依赖包。该包由kolla-ansible提供,包含docker。
[root@openstak]# kolla-ansible -i /etc/kolla/all-in-one bootstrap-servers
#对当前主机进行预部署(检测),直接看最后的统计即可。如果检测报错,可以查看前面的TASK:[precheck …]部分,可以快速定位到错误
# kolla-ansible -i /etc/kolla/all-in-one prechecks
#拉取镜像(可以不做,在部署的时候会自动拉取)
# kolla-ansible -i /etc/kolla/all-in-one pull
#拉取完成,查看镜像
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
kolla/centos-source-nova-compute victoria df01b9bb08d8 2 days ago 2.12GB
kolla/centos-source-neutron-server victoria e6aa3769f30a 2 days ago 1.18GB
kolla/centos-source-nova-libvirt victoria 5b7a773c1e40 2 days ago 1.41GB
kolla/centos-source-mariadb-server victoria 558e44d63b79 2 days ago 625MB
kolla/centos-source-kolla-toolbox victoria 157a600fe9d3 2 days ago 970MB
kolla/centos-source-mariadb-clustercheck victoria 1511a20029cc 2 days ago 583MB
kolla/centos-source-openvswitch-db-server victoria 7c35fba69416 2 days ago 507MB
kolla/centos-source-openvswitch-vswitchd victoria 5f0dc8964039 2 days ago 507MB
kolla/centos-source-fluentd victoria 7eb541de5475 2 days ago 600MB
kolla/centos-source-cron victoria 0963323b4d39 2 days ago 384MB
kolla/centos-source-chrony victoria 609e197f5642 2 days ago 385MB
kolla/centos-source-rabbitmq victoria dfaa91fa4bae 2 days ago 440MB
kolla/centos-source-memcached victoria 6036dde9f320 2 days ago 404MB
kolla/centos-source-nova-novncproxy victoria 31432c2417c3 9 days ago 1.27GB
kolla/centos-source-nova-ssh victoria f95d3fea6ebe 9 days ago 1.22GB
kolla/centos-source-nova-conductor victoria e21e9943e8d1 9 days ago 1.18GB
kolla/centos-source-nova-api victoria c244dc5b4bd4 9 days ago 1.18GB
kolla/centos-source-nova-scheduler victoria d77816a60046 9 days ago 1.18GB
kolla/centos-source-heat-api-cfn victoria b3047eff6c79 9 days ago 926MB
kolla/centos-source-heat-api victoria c7cd8a618aee 9 days ago 926MB
kolla/centos-source-heat-engine victoria f3bc59c56ff2 9 days ago 926MB
kolla/centos-source-neutron-l3-agent victoria e19a3344310d 9 days ago 1.21GB
kolla/centos-source-neutron-openvswitch-agent victoria 2db3342e0693 9 days ago 1.16GB
kolla/centos-source-neutron-metadata-agent victoria e5890cefe2cd 9 days ago 1.16GB
kolla/centos-source-neutron-dhcp-agent victoria 391de01664cb 9 days ago 1.16GB
kolla/centos-source-keystone victoria 446bd76574e6 9 days ago 1GB
kolla/centos-source-keystone-ssh victoria f2f01ac07ca4 9 days ago 1.01GB
kolla/centos-source-keystone-fernet victoria df09ece0edfc 9 days ago 1GB
kolla/centos-source-glance-api victoria cd7119d229c4 9 days ago 997MB
kolla/centos-source-placement-api victoria 81e88b5a2e2d 9 days ago 937MB
kolla/centos-source-horizon victoria 1915627e5579 9 days ago 1.07GB
#部署
# kolla-ansible -i /etc/kolla/all-in-one deploy
#部署成功可以登录查询
http://192.168.128.10
#生成admin-openrc.sh文件
# kolla-ansible -i /etc/kolla/all-in-one post-deploy