测试需求,两台装有Ubuntu 18.04 LTS的Server,一台为Controller,一台为Computer,通过Kolla-Ansible部署Openstack Queens
模拟环境,Virtualbox下的两个Ubuntu虚拟机,每个虚拟机设置了两块网卡,一块设置为NAT,一块设置为Host-Only
Controller:
hostname: kolla ip: 192.168.56.119
Computer:
hostname: computer ip: 192.168.56.118
在kolla的/etc/hosts文件添加如下内容
192.168.56.119 kolla kolla
192.168.56.118 computer computer
安装软件依赖:
apt update && apt install python-pip
修改pypi源(清华tuna源):
临时使用
pip install -i https://pypi.tuna.tsinghua.edu.cn/simple some-package
注意,simple
不能少, 是 https
而不是 http
设为默认
pip install pip -U
pip config set global.index-url https://pypi.tuna.tsinghua.edu.cn/simple
这个时候可能报错
root@xxx:~# pip config set global.index-url https://pypi.tuna.tsinghua.edu.cn/simple
Traceback (most recent call last):
File "/usr/bin/pip", line 9, in <module>
from pip import main
ImportError: cannot import name main
修改文件:
vim /usr/bin/pip
将
from pip import main
if __name__ == '__main__':
sys.exit(main())
改为
from pip import __main__
if __name__ == '__main__':
sys.exit(__main__._main())
重新执行 pip config set global.index-url https://pypi.tuna.tsinghua.edu.cn/simple
安装下列所需软件:
apt install python-dev libffi-dev gcc libssl-dev python-selinux python-setuptools build-essential net-tools
安装Ansible
apt install ansible
通过pip更新到新版ansible
pip install -U ansible
安装docker-ce,首先添加docker-ce清华tuna源:
如果你过去安装过 docker,先删掉:
sudo apt-get remove docker docker-engine docker.io
首先安装依赖:
sudo apt install apt-transport-https ca-certificates curl gnupg2 software-properties-common
信任 Docker 的 GPG 公钥:
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
对于 amd64 架构的计算机,添加软件仓库:
sudo add-apt-repository \
"deb [arch=amd64] https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu \
$(lsb_release -cs) \
stable"
最后安装
sudo apt-get update
sudo apt-get install docker-ce
之后,添加阿里云的docker仓库,先在阿里云注册一个账户,按照图示找到你自己的加速地址
针对Docker客户端版本大于 1.10.0 的用户
您可以通过修改daemon配置文件/etc/docker/daemon.json来使用加速器
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://xxxxx.mirror.aliyuncs.com"]
}
EOF
这里要注意,需要设置docker为mountflag=share(官方文档里没有提,但是prechecks的时候会报错)
mkdir /etc/systemd/system/docker.service.d
tee /etc/systemd/system/docker.service.d/kolla.conf << 'EOF'
[Service]
MountFlags=shared
EOF
之后重启docker服务
sudo systemctl daemon-reload
sudo systemctl restart docker
测试下自己能不能正常使用docker hub
docker search kolla
可以看到类似如下的显示
安装kolla-ansible
pip install kolla-ansible
将 globals.yml 和 passwords.yml 拷贝到 /etc/kolla directory.
cp -r /usr/local/share/kolla-ansible/etc_examples/kolla /etc/
将 all-in-one 和 multinode拷贝到当前目录.
cp /usr/local/share/kolla-ansible/ansible/inventory/* .
搭建Registry服务器
默认docker的registry是使用5000端口,对于OpenStack来说有端口冲突,所以将端口改成了4000:
root@kolla:/home/al# docker run -d -v /opt/registry:/var/lib/registry -p 4000:5000 \
> --restart=always --name registry registry:2
Unable to find image 'registry:2' locally
2: Pulling from library/registry
169185f82c45: Pull complete
046e2d030894: Pull complete
188836fddeeb: Pull complete
832744537747: Pull complete
7ceea07e80be: Pull complete
Digest: sha256:870474507964d8e7d8c3b53bcfa738e3356d2747a42adad26d0d81ef4479eb1b
Status: Downloaded newer image for registry:2
ae2524467118a204a1a8e4f17b1e2567562b97f5a3d994a670d27a3584dd0587
root@kolla:/home/al#
root@kolla:/home/al# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
ae2524467118 registry:2 "/entrypoint.sh /etc…" 14 seconds ago Up 12 seconds 0.0.0.0:4000->5000/tcp registry
root@kolla:/home/al# netstat -antl |grep 4000
tcp6 0 0 :::4000 :::* LISTEN
按照模板修改multinode内容
[control]
192.168.56.119 ansible_user:user ansible_password=admin123 ansible_become=true ansible_become_user=root ansible_become_pass=admimn123
[network:children]
control
[compute]
192.168.56.118 ansible_user=user ansible_password=admin123 ansible_become=true ansible_become_user=root ansible_become_pass=admin123
[monitoring]
192.168.56.119
[storage:children]
compute
[deployment]
localhost ansible_connection=local become=true
测试playbook:
apt install sshpass
ansible -i multinode all -m ping (computer server上要安装python(apt install python, 因为ubuntu 18.04默认没有安装python2))
配置kolla
生成密码文件
kolla-genpwd
编辑 /etc/kolla/passwords.yml
# vim /etc/kolla/passwords.yml
keystone_admin_password: admin12345
这是登录Dashboard,admin使用的密码,你可以根据自己需要进行修改,其他项目的密码可以暂时不用修改。
编辑/etc/kolla/globals.yml文件
# vim /etc/kolla/globals.yml
kolla_base_distro: "centos"
kolla_install_type: "source"
kolla_internal_vip_address: "192.168.56.200"
enable_haproxy: "no"
enable_cinder: "yes"
enable_cinder_backend_lvm: "yes"
openstack_release: "queens"
docker_registry: "192.168.56.119:4000"
docker_namespace: "kollatest"
network_interface: "enp0s8"
neutron_external_interface: "enp0s3"
#以下非必选,主要为研究容器网络提供环境
enable_barbican: "yes"
enable_etcd: "yes"
enable_kuryr: "yes"
enable_magnum: "yes"
enable_neutron_fwaas: "yes"
enable_neutron_qos: "yes"
enable_neutron_vpnaas: "yes"
enable_neutron_lbaas: "yes"
进行prechecks
kolla-ansible prechecks all-in-one
执行precheck时报错Cannot process volume group cinder-volumes
解决方案:手工建立卷
root@kolla:~# apt install lvm2
root@kolla:~# dd if=/dev/zero of=./disk.img count=4096 bs=1MB
4096+0 records in
4096+0 records out
4096000000 bytes (4.1 GB, 3.8 GiB) copied, 34.6973 s, 118 MB/s
root@kolla:~# losetup -f
/dev/loop7
root@kolla:~# losetup /dev/loop7 disk.img
root@kolla:~# pvcreate /dev/loop7
Physical volume "/dev/loop7" successfully created.
root@kolla:~# vgcreate cinder-volumes /dev/loop7
Volume group "cinder-volumes" successfully created
root@kolla:~# vgdisplay
--- Volume group ---
VG Name cinder-volumes
System ID
Format lvm2
Metadata Areas 1
Metadata Sequence No 1
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 0
Open LV 0
Max PV 0
Cur PV 1
Act PV 1
VG Size 3.81 GiB
PE Size 4.00 MiB
Total PE 976
Alloc PE / Size 0 / 0
Free PE / Size 976 / 3.81 GiB
VG UUID X8pMrt-g66k-H6ut-Eh3N-NdkF-BDrg-QnkF3E
-
Bootstrap servers with kolla deploy dependencies:
kolla-ansible -i ./multinode bootstrap-servers
-
Do pre-deployment checks for hosts:
kolla-ansible -i ./multinode prechecks
-
Finally proceed to actual OpenStack deployment:
kolla-ansible -i ./multinode deploy