用kolla在docker容器里安装openstack

用kolla在容器里安装openstack

github地址:https://github.com/greatbsky/kolla-for-openstack-in-docker

OpenStack是一个开源的云计算管理平台项目,由几个主要的组件组合起来完成具体工作。OpenStack支持几乎所有类型的云环境,项目目标是提供实施简单、可大规模扩展、丰富、标准统一的云计算管理平台。OpenStack通过各种互补的服务提供了基础设施即服务(IaaS)的解决方案,每个服务提供API以进行集成。
Docker 是一个开源的应用容器引擎,让开发者可以打包他们的应用以及依赖包到一个可移植的容器中,然后发布到任何流行的 Linux 机器上,也可以实现虚拟化。容器是完全使用沙箱机制,相互之间不会有任何接口。

什么是kolla? Kolla可以把目前OpenStack项目用到的所有组件都容器化。

前段时间,为了便于服务器的管理、隔离、安全等,我在生产环境下为公司搭建了个私有云。运行一切正常

这个公开的文档是我部署测试环境下的,不是正式环境的,因文档是后来整理的,难免有些错误出入,比如id 或输出等的不匹配.

 

所用物理节点:

192.168.1.61    oscontroller
192.168.1.91    osnova1
192.168.1.92    osnova2

首先在所有物理节点配置初始环境

1.1 配置host names

vi /etc/hostname

vi /etc/hosts
# controller
192.168.1.61       oscontroller
# compute
192.168.1.91       osnova1
192.168.1.92       osnova2

1.2 验证所有节点是否相互连接.
ping oscontroller

ping osnova1
ping osnova2

1.3 更新系统安装你常用的软件

yum update

yum install yum-plugin-priorities -y

yum install epel-release -y

yum install wget -y

1.4 验证你的节点是否支持VT

[root@oscontroller ~]# egrep -c '(vmx|svm)' /proc/cpuinfo
2
[root@osnova1 ~]# egrep -c '(vmx|svm)' /proc/cpuinfo
4
[root@osnova2 ~]# egrep -c '(vmx|svm)' /proc/cpuinfo
4

1.5 配置节点之间免登录.

[root@oscontroller ~]# ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
[root@osnova1 ~]# ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
[root@osnova2 ~]# ssh-keygen -t rsa -P '' -f ~/.ssh/id_rsa
[root@oscontroller .ssh]# scp root@osnova1:~/.ssh/id_rsa.pub id_rsa.nova1.pub
[root@oscontroller .ssh]# scp root@osnova2:~/.ssh/id_rsa.pub id_rsa.nova2.pub
[root@oscontroller .ssh]# cat id_rsa.pub >> ~/.ssh/authorized_keys
[root@oscontroller .ssh]# cat id_rsa.nova1.pub >> ~/.ssh/authorized_keys
[root@oscontroller .ssh]# cat id_rsa.nova2.pub >> ~/.ssh/authorized_keys
[root@oscontroller .ssh]# less authorized_keys
[root@oscontroller .ssh]# less authorized_keys

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCvsqNEBby5QOlDwpTlL1CAtqnzgQJ96U1JlEXfJ11I4JUk617WriDfNtDsPewzBhf1NfyaXoHqN5Bl9S8Ap2Gov4LCuUsa35qTE9uGJSAfnuJc3zTp2ciX0SZwanoCORzzY4hPB38V1Tg6JFsvVFzJanWk6Lb2zPm5F6RmikY3O4PTvBJFsL1rTzpr9UH37qDEZJ97jonCHeFSmvVk0Y+uvgniU4ttVupJS6Yfr2ITWHmt0/WOTl9d7AW+hufkrMuPUUXLx3cT+wAMIGQ7+/aVWxonL7TFtFXFND/4BLyx1M3luQho8mHBENDt94bUQQZGVIrj1Bb1FfobKkb6eGWb root@oscontroller
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCUrNutfi4uhcThQL2pPbXmfZ2wSMv5W8tV5yzpeYLaCpSU9d+rCpcgBXPQA2v+on1JAFxFCC+J8A63OWiIoBtwn9FLzI4Takfr+HmOSetVJMshxolYZ+/S6Qjs+hxBLRL9Qwpwtu6c19qGhz14W8gaNeHEDFoD705kk/5PhdOsxYpL+v/GXIvUBlR4zF9OJGrxNJIA48bqHOGBqBtcZbM4Vbre3Q52aVFxI34Rs1N344YgSJSg4wnzlOIvW+Vq1CClwRT9QRms2wAPcrRb4pva7c30+6wCGncPM64rt4gw0vDc1cxR8Jp6Gs/KYWU5roqXdcl72lEgLdE8aM9qQLoZ root@osnova1
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDeT8fy3K8XVc51JRvM/cF9DaQHL/e30JMebPBjUCf+/YdMDXkbIwVLGurMhDf8RVA7F5F0VxAe10kYeTv1BugkP34VVSDb80yHAyT8R/TOfi8z2WTREtT2eeuUVfuJI3dPmT+r+/7JowLyznJm2awRm9G2IOtUHZBn46/fTksdEtd7RLaWR7upkR37mwNJ8Qc7f3s9bYdNyn/LC9RKdNQWCbLZdnVbRRx5ixzt7snCClfE4djlO7cdPzsR+fggk9SIz9MJT12ePSgaqRBaTZgMuo+0NhB41NBK6Dx1IqdmxBhQlHufGG8sXhPDg3yyUONC4zK+GSjaLet1dCd4SAa1 root@osnova2

[root@oscontroller .ssh]# scp authorized_keys root@osnova1:~/.ssh/authorized_keys
[root@oscontroller .ssh]# scp authorized_keys root@osnova2:~/.ssh/authorized_keys


1.6 配置节点网络

[root@oscontroller ~]# cat /etc/sysconfig/network-scripts/ifcfg-em1
TYPE=Ethernet
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
NAME=em1
UUID=74c4c813-646e-4de4-a45d-25770ae70d1e
DEVICE=em1
ONBOOT=yes
IPADDR=192.168.1.61
PREFIX=24
GATEWAY=192.168.1.1
DNS1=8.8.8.8
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_PRIVACY=no

[root@oscontroller ~]# cat /etc/sysconfig/network-scripts/ifcfg-em2                    #这个网卡是不能设置ip的, 否则创建的实例网络不通.
TYPE=Ethernet
BOOTPROTO=none
DEFROUTE=yes
NAME=em2
UUID=85095748-b497-455d-b94f-1ef1156ed9c3
DEVICE=em2
ONBOOT=yes

[root@osnova1 ~]# cat /etc/sysconfig/network-scripts/ifcfg-em1
TYPE=Ethernet
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
NAME=em1
UUID=ed52b5f3-1f6d-4fc6-a488-23ab19ab08e1
DEVICE=em1
ONBOOT=yes
IPADDR=192.168.1.91
PREFIX=24
GATEWAY=192.168.1.1
DNS1=8.8.8.8
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_PRIVACY=no

[root@osnova1 ~]# cat /etc/sysconfig/network-scripts/ifcfg-em2                   #不能设置ip
TYPE=Ethernet
BOOTPROTO=none
DEFROUTE=yes
NAME=em2
UUID=8e3f62a3-b878-4e96-ac80-c1456de7fa49
DEVICE=em2
ONBOOT=yes

[root@osnova2 ~]# cat /etc/sysconfig/network-scripts/ifcfg-em1
TYPE=Ethernet
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
NAME=em1
UUID=ac949101-9e4d-47e8-971f-b0e67b1b4f17
DEVICE=em1
ONBOOT=yes
IPADDR=192.168.1.92
PREFIX=24
GATEWAY=192.168.1.1
DNS1=8.8.8.8
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_PRIVACY=no

[root@osnova2 ~]# cat /etc/sysconfig/network-scripts/ifcfg-em2                   #不能设置ip
TYPE=Ethernet
BOOTPROTO=none
DEFROUTE=yes
NAME=em2
UUID=0920f7c0-a406-4170-9d70-706b65d485d6
DEVICE=em2
ONBOOT=yes

 

1.7 安装kolla的依赖

yum install python-pip -y
pip install -U pip
pip -V
[root@oscontroller ~]# yum install ansible1.9.noarch                    #或 pip install -U ansible==1.9.4 卸载pip uninstall ansbile 或yum remove ansible
[root@oscontroller ~]# ansible --version

ansible 1.9.6
  configured module search path = None

yum install gcc gcc-c++ -y
 

1.8 配置 NTP

yum install ntp -y
systemctl enable ntpd.service
systemctl start ntpd.service
yum install chrony -y
[root@oscontroller ~]# vi /etc/chrony.conf
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst

# Ignore stratum in source selection.
stratumweight 0

# Record the rate at which the system clock gains/losses time.
driftfile /var/lib/chrony/drift

# Enable kernel RTC synchronization.
rtcsync

# In first three updates step the system clock instead of slew
# if the adjustment is larger than 10 seconds.
makestep 10 3

# Allow NTP client access from local network.
#allow 192.168/16
allow 192.168.1.0/24

[root@osnova1 osnova2 ~]# vi /etc/chrony.conf
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst
server oscontroller iburst
systemctl enable chronyd.service
systemctl start chronyd.service
chronyc sources

1.9 配置防火墙

@oscontroller
firewall-cmd --permanent --zone=public --add-port=80/tcp
firewall-cmd --permanent --zone=public --add-port=443/tcp
firewall-cmd --permanent --zone=public --add-port=3306/tcp
firewall-cmd --permanent --zone=public --add-port=5672/tcp
firewall-cmd --permanent --zone=public --add-port=5000/tcp
firewall-cmd --permanent --zone=public --add-port=8082/tcp
firewall-cmd --permanent --zone=public --add-port=8773-8775/tcp
firewall-cmd --permanent --zone=public --add-port=8386/tcp
firewall-cmd --permanent --zone=public --add-port=9696/tcp
firewall-cmd --permanent --zone=public --add-port=35357/tcp

firewall-cmd --permanent --zone=public --add-port=6080-6082/tcp
firewall-cmd --permanent --zone=public --add-port=5900-5999/tcp
firewall-cmd --permanent --zone=public --add-port=9191/tcp
firewall-cmd --permanent --zone=public --add-port=9292/tcp
firewall-cmd --permanent --zone=public --add-port=8776/tcp
firewall-cmd --permanent --zone=public --add-port=8777/tcp
firewall-cmd --permanent --zone=public --add-port=8000/tcp
firewall-cmd --permanent --zone=public --add-port=8003/tcp
firewall-cmd --permanent --zone=public --add-port=8004/tcp
firewall-cmd --permanent --zone=public --add-port=6000-6002/tcp
firewall-cmd --permanent --zone=public --add-port=873/tcp
firewall-cmd --permanent --zone=public --add-port=3260/tcp
firewall-cmd --permanent --zone=public --add-port=8080/tcp

firewall-cmd --permanent --zone=public --add-port=90/tcp                    #nginx for images

firewall-cmd --reload
firewall-cmd --list-all
systemctl restart firewalld


@osnova1 & osnova2

firewall-cmd --permanent --zone=public --add-port=5900-5999/tcp                #Compute ports for access to virtual machine consoles
firewall-cmd --permanent --zone=public --add-port=8022/tcp

firewall-cmd --reload
firewall-cmd --list-all
systemctl restart firewalld

1.10 配置selinux

getenforce                            #要设置selinux=disable, 否则创建的实例网络不通
vi /etc/selinux/config

SELINUX=disabled

 

 

2. 源码安装kolla

[root@oscontroller ~]# yum install git -y
[root@oscontroller ~]# cd /data/Iaas/OpenStack/
[root@oscontroller OpenStack]# git clone https://git.openstack.org/openstack/kolla
[root@oscontroller OpenStack]# cd kolla/
[root@oscontroller kolla]# git checkout stable/mitaka                            # 切换branch, 目前我选择更稳定bug更少的table/mitaka.

Branch stable/mitaka set up to track remote branch stable/mitaka from origin.
Switched to a new branch 'stable/mitaka'

[root@oscontroller kolla]# cd ..
[root@oscontroller OpenStack]# pip install -r kolla/requirements.txt -r kolla/test-requirements.txt
[root@oscontroller OpenStack]# pip install kolla/
[root@oscontroller OpenStack]# cd kolla
[root@oscontroller kolla]# cp -r etc/kolla /etc/
[root@all ~]# yum install python-devel libffi-devel openssl-devel gcc -y
[root@oscontroller kolla]# pip install -U python-openstackclient python-neutronclient
[root@oscontroller kolla]# pip install tox
[root@oscontroller kolla]# tox -e genconfig

genconfig create: /data/Iaas/OpenStack/kolla/.tox/genconfig
genconfig installdeps: -r/data/Iaas/OpenStack/kolla/requirements.txt, -r/data/Iaas/OpenStack/kolla/test-requirements.txt
genconfig develop-inst: /data/Iaas/OpenStack/kolla
genconfig installed: appdirs==1.4.0,Babel==2.3.4,backports.ssl-match-hostname==3.5.0.1,bandit==1.1.0,bashate==0.5.1,beautifulsoup4==4.5.1,cliff==2.2.0,cmd2==0.6.8,debtcollector==1.8.0,docker-py==1.10.3,docker-pycreds==0.2.1,docutils==0.12,extras==1.0.0,fixtures==3.0.0,flake8==2.5.5,funcsigs==1.0.2,functools32==3.2.3.post2,futures==3.0.5,gitdb==0.6.4,GitPython==2.0.8,graphviz==0.5.1,hacking==0.11.0,ipaddress==1.0.17,iso8601==0.1.11,Jinja2==2.8,jsonpatch==1.14,jsonpointer==1.10,jsonschema==2.5.1,kazoo==2.2.1,keystoneauth1==2.12.1,-e git+https://git.openstack.org/openstack/kolla@99683643653f4859e47a157647463b6eed074b04#egg=kolla,linecache2==1.0.0,MarkupSafe==0.23,mccabe==0.2.1,mock==2.0.0,monotonic==1.2,mox3==0.18.0,msgpack-python==0.4.8,netaddr==0.7.18,netifaces==0.10.5,os-client-config==1.21.1,osc-lib==1.1.0,oslo.config==3.17.0,oslo.context==2.9.0,oslo.i18n==3.9.0,oslo.log==3.16.0,oslo.serialization==2.13.0,oslo.utils==3.16.0,oslosphinx==4.7.0,oslotest==2.10.0,pbr==1.10.0,pep8==1.5.7,positional==1.1.1,prettytable==0.7.2,pycrypto==2.6.1,pyflakes==0.8.1,Pygments==2.1.3,pyinotify==0.9.6,pyparsing==2.1.9,python-barbicanclient==4.1.0,python-ceilometerclient==2.6.1,python-cinderclient==1.9.0,python-dateutil==2.5.3,python-glanceclient==2.5.0,python-heatclient==1.4.0,python-keystoneclient==2.3.1,python-mimeparse==1.5.2,python-neutronclient==6.0.0,python-novaclient==6.0.0,python-subunit==1.2.0,python-swiftclient==3.1.0,pytz==2016.6.1,PyYAML==3.12,reno==1.8.0,requests==2.10.0,requestsexceptions==1.1.3,rfc3986==0.4.1,simplejson==3.8.2,six==1.10.0,smmap==0.9.0,Sphinx==1.2.3,stevedore==1.17.1,testrepository==0.0.20,testscenarios==0.5.0,testtools==2.2.0,traceback2==1.4.0,unicodecsv==0.14.1,unittest2==1.1.0,warlock==1.2.0,websocket-client==0.37.0,wrapt==1.10.8,zake==0.2.2
genconfig runtests: PYTHONHASHSEED='1214607384'
genconfig runtests: commands[0] | oslo-config-generator --config-file etc/oslo-config-generator/kolla-build.conf
WARNING:stevedore.named:Could not load kolla
__________________________________________________________________________________________________________________ summary __________________________________________________________________________________________________________________
  genconfig: commands succeeded
  congratulations :)

 

 

3.1 在所有节点安装docker

[root@all ~]# curl -sSL https://get.docker.com/ | sh
[root@all ~]# docker --version
[root@all ~]# usermod -aG docker root
[root@all ~]# tee /etc/sysconfig/docker  <<-'EOF'
DOCKER_OPTS="--insecure-registry 192.168.1.61:4000"
EOF
[root@all ~]# mkdir -p /etc/systemd/system/docker.service.d                        # Create the drop-in unit directory for docker.service
[root@all ~]# vi /etc/systemd/system/docker.service.d/kolla.conf
[Service]
MountFlags=shared
EnvironmentFile=-/etc/sysconfig/docker
#EnvironmentFile=-/etc/sysconfig/docker-storage
#EnvironmentFile=-/etc/sysconfig/docker-network
ExecStart=
ExecStart=/usr/bin/dockerd --insecure-registry 192.168.1.61:4000
#ExecStart=/usr/bin/dockerd $DOCKER_OPTS
[root@all ~]# systemctl daemon-reload
[root@all ~]# systemctl restart docker                                    # systemctl daemon-reload & systemctl restart docker
[root@all ~]# systemctl status docker.service
[root@all ~]# systemctl enable docker.service
[root@all ~]# yum install python-docker-py -y                                # or pip install -U docker-py

 

3.2 在oscontroller启动私有仓库

[root@oscontroller ~]# docker run -d -p 4000:5000 --restart=always -v /data/Iaas/Docker/Volumes/Registry:/var/lib/registry --name registry registry:2      # 设置 -v 参数是为了在/data/Iaas/Docker/Volumes/Registry存储images
[root@oscontroller docker]# docker stop registry
[root@oscontroller ~]# docker ps

CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
72f90844b386        registry:2          "/entrypoint.sh /etc/"   53 seconds ago      Up 52 seconds       0.0.0.0:4000->5000/tcp   registry

 

 

 

4. 修改kolla的配置文件


[root@oscontroller ~]# cp /usr/share/kolla/ansible/inventory/multinode /usr/share/kolla/ansible/inventory/multinode.bak
[root@oscontroller ~]# vi /usr/share/kolla/ansible/inventory/multinode

# These initial groups are the only groups required to be modified. The
# additional groups are for more control of the environment.
[control]
# These hostname must be resolvable from your deployment host
oscontroller

# The above can also be specified as follows:
#control[01:03]     ansible_ssh_user=kolla

# The network nodes are where your l3-agent and loadbalancers will run
# This can be the same as a host in the control group
[network]
oscontroller

[compute]
osnova1
osnova2

# When compute nodes and control nodes use different interfaces,
# you can specify "api_interface" and another interfaces like below:
#compute01 neutron_external_interface=eth0 api_interface=em1 storage_interface=em1 tunnel_interface=em1

[storage]
oscontroller

[root@oscontroller ~]# cp /usr/share/kolla/etc_examples/kolla/* /etc/kolla
[root@oscontroller ~]# kolla-genpwd                                            #The tool will populate all empty fields in the /etc/kolla/passwords.yml file using randomly generated values to secure the deployment.
[root@oscontroller ~]# vi /etc/kolla/globals.yml

kolla_internal_vip_address: "192.168.1.251"
network_interface: "em1"
neutron_external_interface: "em2"
docker_registry: "192.168.1.61:4000"
kolla_install_type: "source"

#kolla_internal_vip_address: "10.10.10.254"
#network_interface: "eth0"
#neutron_external_interface: "eth1"

[root@oscontroller ~]# cat /etc/kolla/passwords.yml | grep database
cinder_database_password: sWluY2iHtHviFZdfx9CFA3rdeghaqow1fwuf14QR
database_password: XI8EeKsOyhQaDYM2P6PK9nlyjbCjGEJwM1UuU9xy                         # 用这个密码你可以登录到mysql
glance_database_password: JubdRouJOTtNv0mIhSzgT9wRc3PuVEZFt9hkGCmX
heat_database_password: JGZaVXnlLtA0QWjpOLM1qEmu13sFBF5b8vSbtFK0
ironic_database_password: SumunjZPdSpZKcJYhZXjHHtMkR0Kp5Rg9aqD1ppv
keystone_database_password: 0LZuaRargoiSiGKi5JamKL5qgOGSYptf7s5vjx9J
magnum_database_password: O1RGvmCgnaYWnzcWxuSGBLLaRZyeF6FsKs7CRrga
manila_database_password: 3oyHotlkVIFW8caIfWL5ciJt7yTgEk6GpxdWOCMf
mistral_database_password: vnvT7HHjbOFFg6EaybWlslQA1AuVwDlss52kXGKY
murano_database_password: VX7Nmmn5RVyAkl5gdaUOI8fO5u5L0VrP26XoptYA
neutron_database_password: sFqiRFBENofc50leb9jWAPLkrKFn2fnfYeeQ2T8T
nova_api_database_password: t2jkrGzeIZ5s3UCxZIeTvZJeIeHsBjaSIhFADDqa
nova_database_password: ZZ5J8LjxoRVD0aRH1xyOd07E9d6jTo792SN1DDKX

 

 

5. 编译容器镜像

[root@oscontroller ~]# kolla-build --base centos --type source --registry 192.168.1.61:4000 --push              # 这个估计用几个小时
INFO:kolla.cmd.build:Found the docker image folder at /usr/share/kolla/docker
INFO:kolla.cmd.build:base:Building
INFO:kolla.cmd.build:base:Step 1 : FROM centos:latest
INFO:kolla.cmd.build:base: ---> 980e0e4c79ec
INFO:kolla.cmd.build:base:Step 2 : MAINTAINER Kolla Project (https://launchpad.net/kolla)
INFO:kolla.cmd.build:base: ---> Using cache
INFO:kolla.cmd.build:base: ---> 7da41b625814
INFO:kolla.cmd.build:base:Step 3 : LABEL kolla_version "2.0.3"
INFO:kolla.cmd.build:base: ---> Using cache
INFO:kolla.cmd.build:base: ---> 53059b0adec1
INFO:kolla.cmd.build:base:Step 4 : ENV KOLLA_BASE_DISTRO centos
INFO:kolla.cmd.build:base: ---> Using cache
INFO:kolla.cmd.build:base: ---> 214bda1795ab
INFO:kolla.cmd.build:base:Step 5 : ENV KOLLA_INSTALL_TYPE source
INFO:kolla.cmd.build:base: ---> Using cache
INFO:kolla.cmd.build:base: ---> fa008b8b4460
INFO:kolla.cmd.build:base:Step 6 : ENV KOLLA_INSTALL_METATYPE mixed
INFO:kolla.cmd.build:base: ---> Using cache
INFO:kolla.cmd.build:base: ---> 6ccb756d9fa3
INFO:kolla.cmd.build:base:Step 7 : COPY kolla_bashrc /tmp/
INFO:kolla.cmd.build:base: ---> Using cache
INFO:kolla.cmd.build:base: ---> d7aead56fdd8
.........................
.........................
INFO:kolla.cmd.build:mongodb:Total download size: 54 M
INFO:kolla.cmd.build:mongodb:Installed size: 165 M
INFO:kolla.cmd.build:mongodb:Downloading packages:
INFO:kolla.cmd.build:mongodb:http://mirror.centos.org/centos/7/cloud/x86_64/openstack-mitaka/common/mongodb-2.6.11-1.el7.x86_64.rpm: [Errno -1] Package does not match intended download. Suggestion: run yum --enablerepo=centos-openstack-mitaka clean metadata
INFO:kolla.cmd.build:mongodb:Trying other mirror.
INFO:kolla.cmd.build:mongodb:
INFO:kolla.cmd.build:mongodb:http://mirror.centos.org/centos/7/cloud/x86_64/openstack-mitaka/common/mongodb-server-2.6.11-1.el7.x86_64.rpm: [Errno -1] Package does not match intended download. Suggestion: run yum --enablerepo=centos-openstack-mitaka clean metadata
INFO:kolla.cmd.build:mongodb:Trying other mirror.
INFO:kolla.cmd.build:mongodb:
INFO:kolla.cmd.build:mongodb:
INFO:kolla.cmd.build:mongodb:Error downloading packages:
INFO:kolla.cmd.build:mongodb:  mongodb-server-2.6.11-1.el7.x86_64: [Errno 256] No more mirrors to try.
INFO:kolla.cmd.build:mongodb:  mongodb-2.6.11-1.el7.x86_64: [Errno 256] No more mirrors to try.
INFO:kolla.cmd.build:mongodb:
.........................
.........................
INFO:kolla.cmd.build:nova-consoleauth
INFO:kolla.cmd.build:designate-base
INFO:kolla.cmd.build:neutron-dhcp-agent
INFO:kolla.cmd.build:neutron-base
INFO:kolla.cmd.build:designate-mdns
INFO:kolla.cmd.build:ceilometer-notification
INFO:kolla.cmd.build:ironic-inspector
INFO:kolla.cmd.build:ironic-conductor
INFO:kolla.cmd.build:nova-scheduler
INFO:kolla.cmd.build:manila-base
INFO:kolla.cmd.build:manila-share
INFO:kolla.cmd.build:ceph-osd
INFO:kolla.cmd.build:mariadb
INFO:kolla.cmd.build:swift-account
INFO:kolla.cmd.build:nova-compute
INFO:kolla.cmd.build:neutron-metadata-agent
INFO:kolla.cmd.build:nova-compute-ironic
INFO:kolla.cmd.build:glance-base
INFO:kolla.cmd.build:ironic-pxe
INFO:kolla.cmd.build:gnocchi-statsd
INFO:kolla.cmd.build:trove-conductor
({}, {'aodh-expirer': 'built', 'nova-api': 'built', 'cinder-base': 'built', 'swift-container': 'built', 'designate-api': 'built', 'kolla-toolbox': 'built', 'heat-engine': 'built', 'gnocchi-base': 'built', 'openvswitch-vswitchd': 'built', 'nova-network': 'built', 'trove-base': 'built', 'heat-api-cfn': 'built', 'aodh-base': 'built', 'murano-engine': 'built', 'neutron-server': 'built', 'magnum-base': 'built', 'magnum-conductor': 'built', 'murano-api': 'built', 'mistral-executor': 'built', 'mesos-dns': 'built', 'nova-spicehtml5proxy': 'built', 'aodh-api': 'built', 'nova-libvirt': 'built', 'cinder-api': 'built', 'rabbitmq': 'built', 'manila-api': 'built', 'nova-base': 'built', 'zookeeper': 'built', 'kibana': 'built', 'cron': 'built', 'swift-proxy-server': 'built', 'aodh-evaluator': 'built', 'tempest': 'built', 'trove-guestagent': 'built', 'neutron-linuxbridge-agent': 'built', 'nova-ssh': 'built', 'magnum-api': 'built', 'keepalived': 'built', 'openstack-base': 'built', 'keystone': 'built', 'mongodb': 'built', 'ceph-mon': 'built', 'memcached': 'built', 'mesos-slave': 'built', 'heka': 'built', 'base': 'built', 'haproxy': 'built', 'ceilometer-collector': 'built', 'glance-api': 'built', 'swift-base': 'built', 'elasticsearch': 'built', 'horizon': 'built', 'cinder-scheduler': 'built', 'designate-sink': 'built', 'murano-base': 'built', 'dind': 'built', 'trove-api': 'built', 'designate-poolmanager': 'built', 'neutron-openvswitch-agent': 'built', 'ceilometer-compute': 'built', 'manila-scheduler': 'built', 'mesos-base': 'built', 'ceilometer-central': 'built', 'nova-novncproxy': 'built', 'mesos-master': 'built', 'designate-backend-bind9': 'built', 'gnocchi-api': 'built', 'ceilometer-base': 'built', 'heat-api': 'built', 'aodh-notifier': 'built', 'cinder-backup': 'built', 'nova-conductor': 'built', 'heat-base': 'built', 'designate-central': 'built', 'neutron-l3-agent': 'built', 'ironic-api': 'built', 'mistral-base': 'built', 'mistral-api': 'built', 'cinder-rpcbind': 'built', 'swift-object': 'built', 'openvswitch-base': 'built', 'ceph-base': 'built', 'cinder-volume': 'built', 'ceilometer-api': 'built', 'trove-taskmanager': 'built', 'swift-rsyncd': 'built', 'aodh-listener': 'built', 'glance-registry': 'built', 'mesosphere-base': 'built', 'openvswitch-db-server': 'built', 'ceph-rgw': 'built', 'chronos': 'built', 'marathon': 'built', 'ironic-base': 'built', 'mistral-engine': 'built', 'zaqar': 'built', 'nova-consoleauth': 'built', 'designate-base': 'built', 'neutron-dhcp-agent': 'built', 'neutron-base': 'built', 'designate-mdns': 'built', 'ceilometer-notification': 'built', 'ironic-inspector': 'built', 'ironic-conductor': 'built', 'nova-scheduler': 'built', 'manila-base': 'built', 'manila-share': 'built', 'ceph-osd': 'built', 'mariadb': 'built', 'swift-account': 'built', 'nova-compute': 'built', 'neutron-metadata-agent': 'built', 'nova-compute-ironic': 'built', 'glance-base': 'built', 'ironic-pxe': 'built', 'gnocchi-statsd': 'built', 'trove-conductor': 'built'}, {})

 

如果你比较幸运,你会看到所有的镜像都是 built 状态, 如果你看到某个镜像是 error或parent_error状态, 你必须重新编译下.

例如:

[root@oscontroller ~]# kolla-build --base centos --type source --registry 192.168.1.61:4000 --push ceph-base

在国内有时候会出现超时情况,你可以参考修改 Dockerfile.j2这个文件,多执行几次, eg:

[root@oscontroller docker]# vi /usr/share/kolla/docker/ceph/ceph-base/Dockerfile.j2
FROM {{ namespace }}/{{ image_prefix }}base:{{ tag }}
MAINTAINER {{ maintainer }}

{% if base_distro in ['centos', 'fedora', 'oraclelinux', 'rhel'] %}

RUN yum install centos-release-openstack-mitaka.noarch -y
RUN sed -i 's/mirror.centos.org/mirrors.aliyun.com/g' /etc/yum.repos.d/CentOS-OpenStack-mitaka.repo       # 在国内你可能需要这行

RUN yum -y install ceph
RUN yum -y install ceph-radosgw
RUN yum -y install parted \
        hdparm \
        btrfs-progs \
    && yum clean all
#RUN rpm -ivh http://ftp.riken.jp/Linux/centos/7/storage/x86_64/ceph-hammer/ceph-0.94.5-1.el7.x86_64.rpm

 

 

6. 部署Kolla

6.1 提前检查下

[root@oscontroller ~]# kolla-ansible prechecks -i /usr/share/kolla/ansible/inventory/multinode

Pre-deployment checking : ansible-playbook -i /usr/share/kolla/ansible/inventory/multinode -e @/etc/kolla/globals.yml -e @/etc/kolla/passwords.yml -e CONFIG_DIR=/etc/kolla  /usr/share/kolla/ansible/prechecks.yml

PLAY [all] ********************************************************************

GATHERING FACTS ***************************************************************
ok: [oscontroller]
ok: [osnova2]
ok: [osnova1]
...........
...........
TASK: [prechecks | Checking that libvirt is not running] **********************
skipping: [oscontroller]
ok: [osnova1]
ok: [osnova2]

TASK: [prechecks | Checking Docker version] ***********************************
ok: [oscontroller]
ok: [osnova2]
ok: [osnova1]

TASK: [prechecks | Checking if 'MountFlags' for docker service is set to 'shared'] ***
skipping: [osnova1]
skipping: [osnova2]
ok: [oscontroller]

TASK: [prechecks | Checking if '/run' mount flag is set to 'shared'] **********
skipping: [osnova1]
skipping: [osnova2]
skipping: [oscontroller]

TASK: [prechecks | Checking empty passwords in passwords.yml. Run kolla-genpwd if this task fails] ***
ok: [osnova2 -> 127.0.0.1]
ok: [oscontroller -> 127.0.0.1]
ok: [osnova1 -> 127.0.0.1]

TASK: [prechecks | Checking docker-py version] ********************************
ok: [oscontroller]
ok: [osnova1]
ok: [osnova2]

TASK: [prechecks | Checking Ansible version] **********************************
ok: [osnova1 -> 127.0.0.1]
ok: [osnova2 -> 127.0.0.1]
ok: [oscontroller -> 127.0.0.1]

PLAY RECAP ********************************************************************
osnova1                : ok=8    changed=0    unreachable=0    failed=0
osnova2                : ok=8    changed=0    unreachable=0    failed=0
oscontroller               : ok=64   changed=0    unreachable=0    failed=0

你应该看到所有节点都是ok的

6.2 验证所有节点都能获取到所有的docker镜像

[root@oscontroller ~]# kolla-ansible pull -i /usr/share/kolla/ansible/inventory/multinode

Pulling Docker images : ansible-playbook -i /usr/share/kolla/ansible/inventory/multinode -e @/etc/kolla/globals.yml -e @/etc/kolla/passwords.yml -e CONFIG_DIR=/etc/kolla  -e action=pull /usr/share/kolla/ansible/site.yml

PLAY [ceph-mon;ceph-osd;ceph-rgw] *********************************************

GATHERING FACTS ***************************************************************
ok: [oscontroller]

TASK: [common | Pulling kolla-toolbox image] **********************************
skipping: [oscontroller]

TASK: [common | Pulling heka image] *******************************************
skipping: [oscontroller]

TASK: [common | Pulling cron image] *******************************************
skipping: [oscontroller]

TASK: [common | Registering common role has run] ******************************
skipping: [oscontroller]

TASK: [ceph | Pulling ceph-mon image] *****************************************
skipping: [oscontroller]

TASK: [ceph | Pulling ceph-osd image] *****************************************
skipping: [oscontroller]

TASK: [ceph | Pulling ceph-rgw image] *****************************************
skipping: [oscontroller]

PLAY [elasticsearch] **********************************************************

GATHERING FACTS ***************************************************************
ok: [oscontroller]
.....................
.....................
.....................
PLAY [mongodb] ****************************************************************

GATHERING FACTS ***************************************************************
ok: [oscontroller]

TASK: [common | Pulling kolla-toolbox image] **********************************
skipping: [oscontroller]

TASK: [common | Pulling heka image] *******************************************
skipping: [oscontroller]

TASK: [common | Pulling cron image] *******************************************
skipping: [oscontroller]

TASK: [common | Registering common role has run] ******************************
skipping: [oscontroller]

TASK: [mongodb | Pulling mongodb image] ***************************************
skipping: [oscontroller]

PLAY [manila-api;manila-share;manila-scheduler;rabbitmq;memcached] ************

GATHERING FACTS ***************************************************************
ok: [oscontroller]

TASK: [common | Pulling kolla-toolbox image] **********************************
skipping: [oscontroller]

TASK: [common | Pulling heka image] *******************************************
skipping: [oscontroller]

TASK: [common | Pulling cron image] *******************************************
skipping: [oscontroller]

TASK: [common | Registering common role has run] ******************************
skipping: [oscontroller]

TASK: [manila | Pulling manila-api image] *************************************
skipping: [oscontroller]

TASK: [manila | Pulling manila-scheduler image] *******************************
skipping: [oscontroller]

TASK: [manila | Pulling manila-share image] ***********************************
skipping: [oscontroller]

PLAY RECAP ********************************************************************
osnova1                : ok=12   changed=9    unreachable=0    failed=0
osnova2                : ok=12   changed=9    unreachable=0    failed=0
oscontroller               : ok=49   changed=0    unreachable=0    failed=0

 

你应该看到所有节点都是ok的

 

6.3 正式开始deploy

[root@oscontroller ~]# kolla-ansible deploy -i /usr/share/kolla/ansible/inventory/multinode       # 这个可能差不多一个小时

Deploying Playbooks : ansible-playbook -i /usr/share/kolla/ansible/inventory/multinode -e @/etc/kolla/globals.yml -e @/etc/kolla/passwords.yml -e CONFIG_DIR=/etc/kolla  -e action=deploy /usr/share/kolla/ansible/site.yml

PLAY [ceph-mon;ceph-osd;ceph-rgw] *********************************************

GATHERING FACTS ***************************************************************
ok: [oscontroller]

TASK: [common | Ensuring config directories exist] ****************************
skipping: [oscontroller] => (item=heka)
skipping: [oscontroller] => (item=cron)
skipping: [oscontroller] => (item=cron/logrotate)

TASK: [common | Copying over config.json files for services] ******************
skipping: [oscontroller] => (item=heka)
skipping: [oscontroller] => (item=cron)

TASK: [common | Copying over heka config files] *******************************
skipping: [oscontroller] => (item={'enabled': u'no', 'name': 'elasticsearch'})
skipping: [oscontroller] => (item={'enabled': 'yes', 'name': 'global'})
skipping: [oscontroller] => (item={'enabled': u'yes', 'name': 'haproxy'})
skipping: [oscontroller] => (item={'enabled': u'yes', 'name': 'horizon'})
skipping: [oscontroller] => (item={'enabled': u'yes', 'name': 'keepalived'})
skipping: [oscontroller] => (item={'enabled': u'yes', 'name': 'keystone'})
skipping: [oscontroller] => (item={'enabled': u'yes', 'name': 'mariadb'})
skipping: [oscontroller] => (item={'enabled': 'yes', 'name': 'openstack'})
skipping: [oscontroller] => (item={'enabled': u'yes', 'name': 'rabbitmq'})
skipping: [oscontroller] => (item={'src': 'swift', 'enabled': u'no', 'name': 'swift-account-auditor'})
skipping: [oscontroller] => (item={'src': 'swift', 'enabled': u'no', 'name': 'swift-account-reaper'})
skipping: [oscontroller] => (item={'src': 'swift', 'enabled': u'no', 'name': 'swift-account-replicator'})
skipping: [oscontroller] => (item={'src': 'swift', 'enabled': u'no', 'name': 'swift-account-server'})
skipping: [oscontroller] => (item={'src': 'swift', 'enabled': u'no', 'name': 'swift-container-auditor'})
skipping: [oscontroller] => (item={'src': 'swift', 'enabled': u'no', 'name': 'swift-container-replicator'})
skipping: [oscontroller] => (item={'src': 'swift', 'enabled': u'no', 'name': 'swift-container-server'})
skipping: [oscontroller] => (item={'src': 'swift', 'enabled': u'no', 'name': 'swift-container-updater'})
skipping: [oscontroller] => (item={'src': 'swift', 'enabled': u'no', 'name': 'swift-object-auditor'})
skipping: [oscontroller] => (item={'src': 'swift', 'enabled': u'no', 'name': 'swift-object-expirer'})
skipping: [oscontroller] => (item={'src': 'swift', 'enabled': u'no', 'name': 'swift-object-replicator'})
skipping: [oscontroller] => (item={'src': 'swift', 'enabled': u'no', 'name': 'swift-object-server'})
skipping: [oscontroller] => (item={'src': 'swift', 'enabled': u'no', 'name': 'swift-object-updater'})
skipping: [oscontroller] => (item={'src': 'swift', 'enabled': u'no', 'name': 'swift-proxy-server'})
skipping: [oscontroller] => (item={'src': 'swift', 'enabled': u'no', 'name': 'swift-rsyncd'})

TASK: [common | Copying over cron logrotate config files] *********************
skipping: [oscontroller] => (item=ansible)
skipping: [oscontroller] => (item=cinder)
skipping: [oscontroller] => (item=glance)
skipping: [oscontroller] => (item=global)
skipping: [oscontroller] => (item=haproxy)
skipping: [oscontroller] => (item=heat)
skipping: [oscontroller] => (item=keepalived)
skipping: [oscontroller] => (item=keystone)
skipping: [oscontroller] => (item=magnum)
skipping: [oscontroller] => (item=manila)
skipping: [oscontroller] => (item=mariadb)
skipping: [oscontroller] => (item=mistral)
skipping: [oscontroller] => (item=murano)
skipping: [oscontroller] => (item=neutron)
skipping: [oscontroller] => (item=nova)
skipping: [oscontroller] => (item=rabbitmq)
skipping: [oscontroller] => (item=swift)
....................
....................
....................
TASK: [common | Starting kolla-toolbox container] *****************************
skipping: [oscontroller]

TASK: [common | Starting cron container] **************************************
skipping: [oscontroller]

TASK: [common | Registering common role has run] ******************************
skipping: [oscontroller]

TASK: [manila | Creating the Manila service and endpoint] *********************
skipping: [oscontroller] => (item={'interface': 'admin', 'url': u'http://192.168.1.251:8786/v1/%(tenant_id)s', 'service_type': 'share', 'service_name': 'manila'})
skipping: [oscontroller] => (item={'interface': 'internal', 'url': u'http://192.168.1.251:8786/v1/%(tenant_id)s', 'service_type': 'share', 'service_name': 'manila'})
skipping: [oscontroller] => (item={'interface': 'public', 'url': u'http://192.168.1.251:8786/v1/%(tenant_id)s', 'service_type': 'share', 'service_name': 'manila'})
skipping: [oscontroller] => (item={'interface': 'admin', 'url': u'http://192.168.1.251:8786/v2/%(tenant_id)s', 'service_type': 'sharev2', 'service_name': 'manilav2'})
skipping: [oscontroller] => (item={'interface': 'internal', 'url': u'http://192.168.1.251:8786/v2/%(tenant_id)s', 'service_type': 'sharev2', 'service_name': 'manilav2'})
skipping: [oscontroller] => (item={'interface': 'public', 'url': u'http://192.168.1.251:8786/v2/%(tenant_id)s', 'service_type': 'sharev2', 'service_name': 'manilav2'})

TASK: [manila | Creating the Manila project, user and role] *******************
skipping: [oscontroller]

TASK: [manila | Ensuring config directories exist] ****************************
skipping: [oscontroller] => (item=manila-api)
skipping: [oscontroller] => (item=manila-scheduler)
skipping: [oscontroller] => (item=manila-share)

TASK: [manila | Copying over config.json files for services] ******************
skipping: [oscontroller] => (item=manila-api)
skipping: [oscontroller] => (item=manila-scheduler)
skipping: [oscontroller] => (item=manila-share)

TASK: [manila | Copying over manila.conf] *************************************
skipping: [oscontroller] => (item=manila-api)
skipping: [oscontroller] => (item=manila-scheduler)
skipping: [oscontroller] => (item=manila-share)

TASK: [manila | Creating Manila database] *************************************
skipping: [oscontroller]

TASK: [manila | Reading json from variable] ***********************************
skipping: [oscontroller]

TASK: [manila | Creating Manila database user and setting permissions] ********
skipping: [oscontroller]

TASK: [manila | Running Manila bootstrap container] ***************************
skipping: [oscontroller]

TASK: [manila | Starting manila-api container] ********************************
skipping: [oscontroller]

TASK: [manila | Starting manila-scheduler container] **************************
skipping: [oscontroller]

TASK: [manila | Starting manila-share container] ******************************
skipping: [oscontroller]

PLAY RECAP ********************************************************************
osnova1                : ok=65   changed=43   unreachable=0    failed=0
osnova2                : ok=65   changed=43   unreachable=0    failed=0
oscontroller               : ok=299  changed=110  unreachable=0    failed=0

 

所有节点都应该是ok的.

如果你看到某个节点有失败,你需要重新部署, 重新部署前,你应该先执行:

[root@all  ~]# cd /data/kolla/tools/
[root@all tools]# ./cleanup-containers
[root@all tools]# ./cleanup-host

 

7. 更新

有时候你需要增加节点或删除节点, 你可以修改/usr/share/kolla/ansible/inventory/multinode, 然后执行:

kolla-ansible upgrade -i /usr/share/kolla/ansible/inventory/multinode

 

8.1 访问控制界面

[root@oscontroller ~]# cat /etc/kolla/passwords.yml | grep keystone_admin_password

keystone_admin_password: ynRZeY85GzGd4Fa5VK7UBB0lNbpNUXrXawQBmJCO

浏览器访问:http://192.168.1.61

login with:

domain: default    username:admin    pwd: ynRZeY85GzGd4Fa5VK7UBB0lNbpNUXrXawQBmJCO

8.2 创建openrc文件

[root@oscontroller ~]# kolla-ansible post-deploy

[root@oscontroller ~]# cat /etc/kolla/admin-openrc.sh
export OS_PROJECT_DOMAIN_ID=default
export OS_USER_DOMAIN_ID=default
export OS_PROJECT_NAME=admin
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=ynRZeY85GzGd4Fa5VK7UBB0lNbpNUXrXawQBmJCO
export OS_AUTH_URL=http://192.168.1.253:35357/v3
export OS_IDENTITY_API_VERSION=3

[root@oscontroller ~]# source /etc/kolla/admin-openrc.sh

 

8.3 初始化网络及glance(也可以通过horizon创建)

[root@oscontroller ~]# /data/Iaas/OpenStack/kolla/tools/init-runonce

 

执行后,你可以通过 http://192.168.1.61 查看你常见的网络.

 

有时候,你重新创建网络后,若网关不通,你可以试试重启相关节点,或重新分配接口给实例

 

一切顺利!

 

 

 

 

 

阅读更多
版权声明:问:什么是区块链?答:这就是区块链:■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■☜■∷∷∷∷哎吆!被你发现了!缘分呀~要打赏?打赏一分钱意思意思就行了!别赏多了哈!!!比特币地址:1AAmbhe7DKeux5yfuwioZLrM2brHsrt56x 以太币地址:。区块链(中国)技术QQ群:709620756 https://blog.csdn.net/vohyeah/article/details/52692400
个人分类: Openstack
上一篇支持android&ios高度自适应及JS相互调用的组件react-native-webview2
下一篇比特币全节点Go语言实现BTCD之地址编码解析
想对作者说点什么? 我来说一句

没有更多推荐了,返回首页

关闭
关闭
关闭