kolla安装 openstack

参考资料

官方文档（错了看他）
OpenStack官方说明书：

https://docs.openstack.org/kolla-ansible/latest/user/quickstart.html#host-machine-requirements

基础环境配置

服务器基础配置
系统：centos8.3
内存：16G 最小8G
硬盘：100G 最小40G
网卡：双网卡 最少双网卡
cpu：16核
关闭防火墙

# vi /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

#临时关闭selinux

# setenforce 0

#关闭防火墙并设置开机不自启

# systemctl disable firewalld && systemctl stop firewalld

修改主机名并配置hosts文件
#设置主机名为openstack

[root@localhost ~]#hostnamectl set-hostname openstak

#设置本地映射

[root@localhost ~]# cat /etc/hosts 
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.128.10 openstack

修改IP地址

# cat /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=ea9f53c4-29dd-481d-a636-eed43df2f53c
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.128.20
NETMASK=255.255.255.0
GATEWAY=192.168.128.2
DNS1=114.114.114.114
DNS2=223.5.5.5

#重启网卡使配置生效

[root@openstack~]# nmcli c reload ens33
或
[root@openstak ~]# ifdown ens33 && ifup ens133
Connection 'ens33' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/4)
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/5)

更新epel

yum -y install epel-release

配置yum源

#vi /etc/yum.repos.d/wangyi.repo

[wangyi]  #阿里最近太卡 网易挺香，中科大也行。懂得都懂
name=wangyi
baseurl=http://mirrors.163.com/centos/8.3.2011/BaseOS/x86_64/os/
enbaled=1
gpgcheck=0

配置pip源

#mkdir ~/.pip
#cat > ~/.pip/pip.conf << EOF 
> [global]
> trusted-host=mirrors.aliyun.com
> index-url=https://mirrors.aliyun.com/pypi/simple/
> EOF

上面如果执行不成功直接进入文件进行编辑一下内容

[root@openstak ~]# cat  ~/.pip/pip.conf
[global]
trusted-host=mirrors.aliyun.com
index-url=https://mirrors.aliyun.com/pypi/simple/

卸载libvirt
#本地的libvirt会导致异常

[root@openstak kolla]# yum remove -y libvirt*

安装
安装基础软件

注：#centos8中默认的自动安装程序dnf，yum的升级版本，yum依旧可以使用

#dnf install python3-devel libffi-devel gcc openssl-devel python3-libselinux -y 

#安装python3-pip

# dnf install python3-pip -y 

#更新pip版本

[root@openstak ~]# pip3 install -U pip

#安装Kolla Ansible，至少需要Ansible2.9并最多支持2.10。

# dnf install ansible -y

#安装kolla-ansible及其依赖项pip。

# pip3 install kolla-ansible 

#遇到错误

ERROR: Cannot uninstall 'PyYAML'. It is a distutils installed project and thus we cannot accurately determine which files belong to it which would lead to only a partial uninstall.

#忽略已经按照的PyYAML，重新按照PyYAML

# pip3 install PyYAML --ignore-installed PyYAML

#重新安装

# pip3 install kolla-ansible  

#安装docker

#1、需要CentOS7或者8的维护版本
#2、需要卸载原来安装的：
yum remove docker \
                  docker-client \
                  docker-client-latest \
                  docker-common \
                  docker-latest \
                  docker-latest-logrotate \
                  docker-logrotate \
                  docker-engine

#3、安装yum-tuils，一个管理repository及扩展包

yum install -y yum-utils

#4、添加repo仓库文件

yum-config-manager \
    --add-repo \
    https://download.docker.com/linux/centos/docker-ce.repo #默认国外镜像源，可以选择国内的。
    yum-config-manager     --add-repo     https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

#5、安装docker ce社区版本，ee企业版本，官方推荐社区版本。

yum install -y docker-ce docker-ce-cli containerd.io

#如果遇到错误

# dnf install -y docker-ce docker-ce-cli containerd.io     

报错：

Last metadata expiration check: 0:00:56 ago on Tue 18 May 2021 10:54:55 AM EDT.
Error: 
 Problem 1: problem with installed package podman-2.0.5-5.module_el8.3.0+512+b3b58dca.x86_64
  - package podman-2.0.5-5.module_el8.3.0+512+b3b58dca.x86_64 requires runc >= 1.0.0-57, but none of the providers can be installed
(try to add '--allowerasing' to command line to replace conflicting packages or '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages)

#执行以下命令，一路选择y

# yum erase podman buildah

#然后在重现之前的安装命令

#6、启动docker服务

systemctl start docker

#7、验证是否安装成功

docker --version 
docker info

#配置docker加速
#1.创建一个目录

mkdir -p /etc/docker

#2.编写配置文件

tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://m6bpldf6.mirror.aliyuncs.com"]
}
EOF

#3.重启服务

systemctl daemon-reload 
systemctl restart docker

配置
#创建目录并更改属主

# mkdir -p /etc/kolla
# chown $USER:$USER /etc/kolla

#复制文件到创建的目录

# cp -r /usr/local/share/kolla-ansible/etc_examples/kolla/* /etc/kolla

#复制规划文件到创建的目录

# cp /usr/local/share/kolla-ansible/ansible/inventory/* /etc/kolla/

#配置Ansible

# vim /etc/ansible/ansible.cfg 
[defaults]
host_key_checking=False
pipelining=True
forks=100

#配置配置----克拉（Kolla）Ansible自带all-in-one（单机）和multinode（集群）例子清单文件

# vim /etc/kolla/all-in-one 
# These initial groups are the only groups required to be modified. The
# additional groups are for more control of the environment.
[control]

openstack

[network]

openstack

[compute]

openstack

[storage]

openstack

[monitoring]

openstack

[deployment]

openstack
#其他保持不变

#配置shh无密码访问

# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): #回车
Enter passphrase (empty for no passphrase): #回车
Enter same passphrase again: #回车
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:nyuj8ux2DOgNj3Ve5kv4brBqizINhHSVBy0WvGE3mBI root@openstak
The key's randomart image is:
+---[RSA 3072]----+
|   E++B          |
| . o X =         |
|... + * .        |
|. .  .           |
| .   .  S        |
|  . o o ooo.     |
|   + * =.*+      |
|  o =o= Boo.     |
|   o.*B= ==.     |
+----[SHA256]-----+

# ssh-copy-id -i /root/.ssh/id_rsa.pub root@openstack
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@openstack's password: #输入服务器密码 #000000

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@openstack'"
and check to make sure that only the key(s) you wanted were added.

#检查配置文件是否正确

# cd /etc/kolla/

# ansible -i all-in-one all -m ping
[WARNING]: Invalid characters were found in group names but not replaced, use -vvvv to see details
openstack | SUCCESS => {
    "ansible_facts": {
        "discovered_interpreter_python": "/usr/libexec/platform-python"
    },
    "changed": false,
    "ping": "pong"
}

#配置密码

# kolla-genpwd

#方便后续horizon登录，修改密码

# vim /etc/kolla/passwords.yml 
keystone_admin_password: 000000

#kolla核心配置文件，globals.yml是Kolla Ansible的主要配置文件。部署Kolla Ansible需要一些选项

[root@openstack]#vim /etc/kolla/globals.yml 
#kolla镜像基于不同linux发型版构建
kolla_base_distro: "centos"

#kolla镜像基于binary二进制和source源码两种类型构建
kolla_install_type: "source"

#openstack版本可自定义，会从dockerhub拉取对应版本的镜像
penstack_release: "train"

#OpenStack内部管理网络地址，通过该IP访问OpenStack Web页面进行管理。
kolla_internal_vip_address: "192.168.128.10"

#OpenStack内部管理网络地址的网卡接口
network_interface: "ens33"

#OpenStack外部（或公共）网络的网卡接口
neutron_external_interface: "ens34"

#关闭高可用
enable_haproxy: "no"

#指定nova-compute守护进程使用的虚拟化技术
nova_compute_virt_type: "qemu"

Docker options

#docker_registry: 默认从dockerhub拉取镜像，这里使用阿里云镜像仓库，也可以本地搭建仓库，提前推送镜像上去。

docker_registry: "registry.cn-hangzhou.aliyuncs.com"

#阿里云kolla镜像仓库所在的命名空间，dockerhub官网默认是kolla。

docker_namespace: "kollaimg"

部署
#安装bootstrap-servers部署OpenStack所需的依赖包。该包由kolla-ansible提供，包含docker。

[root@openstak]# kolla-ansible -i /etc/kolla/all-in-one bootstrap-servers

#对当前主机进行预部署（检测），直接看最后的统计即可。如果检测报错，可以查看前面的TASK:[precheck …]部分，可以快速定位到错误

# kolla-ansible -i /etc/kolla/all-in-one prechecks

#拉取镜像（可以不做，在部署的时候会自动拉取）

# kolla-ansible -i /etc/kolla/all-in-one pull

#拉取完成，查看镜像

# docker images

REPOSITORY                                      TAG        IMAGE ID       CREATED      SIZE
kolla/centos-source-nova-compute                victoria   df01b9bb08d8   2 days ago   2.12GB
kolla/centos-source-neutron-server              victoria   e6aa3769f30a   2 days ago   1.18GB
kolla/centos-source-nova-libvirt                victoria   5b7a773c1e40   2 days ago   1.41GB
kolla/centos-source-mariadb-server              victoria   558e44d63b79   2 days ago   625MB
kolla/centos-source-kolla-toolbox               victoria   157a600fe9d3   2 days ago   970MB
kolla/centos-source-mariadb-clustercheck        victoria   1511a20029cc   2 days ago   583MB
kolla/centos-source-openvswitch-db-server       victoria   7c35fba69416   2 days ago   507MB
kolla/centos-source-openvswitch-vswitchd        victoria   5f0dc8964039   2 days ago   507MB
kolla/centos-source-fluentd                     victoria   7eb541de5475   2 days ago   600MB
kolla/centos-source-cron                        victoria   0963323b4d39   2 days ago   384MB
kolla/centos-source-chrony                      victoria   609e197f5642   2 days ago   385MB
kolla/centos-source-rabbitmq                    victoria   dfaa91fa4bae   2 days ago   440MB
kolla/centos-source-memcached                   victoria   6036dde9f320   2 days ago   404MB
kolla/centos-source-nova-novncproxy             victoria   31432c2417c3   9 days ago   1.27GB
kolla/centos-source-nova-ssh                    victoria   f95d3fea6ebe   9 days ago   1.22GB
kolla/centos-source-nova-conductor              victoria   e21e9943e8d1   9 days ago   1.18GB
kolla/centos-source-nova-api                    victoria   c244dc5b4bd4   9 days ago   1.18GB
kolla/centos-source-nova-scheduler              victoria   d77816a60046   9 days ago   1.18GB
kolla/centos-source-heat-api-cfn                victoria   b3047eff6c79   9 days ago   926MB
kolla/centos-source-heat-api                    victoria   c7cd8a618aee   9 days ago   926MB
kolla/centos-source-heat-engine                 victoria   f3bc59c56ff2   9 days ago   926MB
kolla/centos-source-neutron-l3-agent            victoria   e19a3344310d   9 days ago   1.21GB
kolla/centos-source-neutron-openvswitch-agent   victoria   2db3342e0693   9 days ago   1.16GB
kolla/centos-source-neutron-metadata-agent      victoria   e5890cefe2cd   9 days ago   1.16GB
kolla/centos-source-neutron-dhcp-agent          victoria   391de01664cb   9 days ago   1.16GB
kolla/centos-source-keystone                    victoria   446bd76574e6   9 days ago   1GB
kolla/centos-source-keystone-ssh                victoria   f2f01ac07ca4   9 days ago   1.01GB
kolla/centos-source-keystone-fernet             victoria   df09ece0edfc   9 days ago   1GB
kolla/centos-source-glance-api                  victoria   cd7119d229c4   9 days ago   997MB
kolla/centos-source-placement-api               victoria   81e88b5a2e2d   9 days ago   937MB
kolla/centos-source-horizon                     victoria   1915627e5579   9 days ago   1.07GB

#部署

# kolla-ansible -i /etc/kolla/all-in-one deploy

#部署成功可以登录查询

http://192.168.128.10

#生成admin-openrc.sh文件

# kolla-ansible -i /etc/kolla/all-in-one post-deploy