环境规划
192.168.8.141 | deploy(部署kolla-ansible加Harbor) | centos 8.3 |
192.168.8.142 | nova2 | centos 8.3 |
192.168.8.143 | ctrl | centos 8.3 |
192.168.8.144 | nova1 | centos 8.3 |
每台机器两个网卡ens33(network_interface)ens34(neutron_external_interface),所有机器做sshkey认证,配置NTP,关闭selinux,关闭firewalld.
yum update
yum install epel-release
yum install python3-pip gcc libffi-devel python3-devel openssl-devel
pip3 install --upgrade pip
pip3 install docker
pip3 install setuptools_rust
Harbor 安装
git clone https://github.com/goharbor/harbor.git
pip3 install docker-compose
修改harbor/harbor.yml
./install.sh
https 配置
cd /data/secret
openssl genrsa -out ca.key 4096
openssl req -x509 -new -nodes -sha512 -days 3650 -subj "/CN=192.168.8.141" -key ca.key -out ca.crt
openssl genrsa -out server.key 4096
openssl req -new -sha512 -subj "/CN=192.168.8.141" -key server.key -out server.csr
cat v3.ext
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[alt_names]
DNS.1=192.168.8.141
openssl x509 -req -sha512 -days 3650 -extfile v3.ext -CA ca.crt -CAkey ca.key -CAcreateserial -in server.csr -out server.crt
./install.sh
kolla-ansible
pip3 install kolla-ansible
yum install ansible
cd /etc/kolla/
cp /usr/local/share/kolla-ansible/ansible/inventory/* .
cp /usr/local/share/kolla-ansible/etc_examples/kolla/* .
[root@deploy kolla]# cat globals.yml |grep -v ^# |grep -v ^$
---
config_strategy: "COPY_ALWAYS"
kolla_base_distro: "centos"
kolla_install_type: "binary"
openstack_release: "victoria"
node_custom_config: "/etc/kolla/config"
kolla_internal_vip_address: "192.168.8.250"
docker_registry: 192.168.8.141
docker_registry_username: admin
docker_namespace: "kolla"
network_interface: "ens33"
neutron_external_interface: "ens34"
neutron_plugin_agent: "linuxbridge"
openstack_region_name: "RegionOne"
enable_mariadb: "yes"
enable_memcached: "yes"
enable_chrony: "yes"
enable_fluentd: "yes"
enable_neutron_provider_networks: "yes"
enable_nova_ssh: "yes"
nova_compute_virt_type: "qemu"
nova_console: "novnc"
tempest_image_id:
tempest_flavor_ref_id:
tempest_public_network_id:
kolla-ansible pull 下载image,之后把image推送到Harbor私有仓库.
kolla-ansible prechecks -i multinode
kolla-ansible deploy -i multinode