总结一下近日玩的openstack kolla部署,第一篇ALL-IN-ONE。
以前自己写过用Docker 部署Openstack 控制节点 (ocata版本),官方kolla出来后一直没时间试玩,近日玩了一下,体会加深,准备生产环境部署。
开始:
安装环境物理机或虚拟机均可(双网卡,如是虚拟机,其中一块网卡为host-only类型,用于管理地址及主机Horizon WEB访问),操作系统Ubuntu 16.04,本机作为kolla master部署节点 、控制节点和计算节点多合一,后续可方便扩展为多节点部署。
步骤如下:
1、修改apt源。(可选)
cp /etc/apt/sources.list /etc/apt/sources.list.old echo ' ' > /etc/apt/sources.list nano /etc/apt/sources.list #粘贴如下 # deb cdrom:[Ubuntu 16.04 LTS _Xenial Xerus_ - Release amd64 (20160420.1)]/ xenial main restricted deb-src http://archive.ubuntu.com/ubuntu xenial main restricted #Added by software-properties deb http://mirrors.aliyun.com/ubuntu/ xenial main restricted deb-src http://mirrors.aliyun.com/ubuntu/ xenial main restricted multiverse universe #Added by software-properties deb http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted deb-src http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted multiverse universe #Added by software-properties deb http://mirrors.aliyun.com/ubuntu/ xenial universe deb http://mirrors.aliyun.com/ubuntu/ xenial-updates universe deb http://mirrors.aliyun.com/ubuntu/ xenial multiverse deb http://mirrors.aliyun.com/ubuntu/ xenial-updates multiverse deb http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse #Added by software-properties deb http://archive.canonical.com/ubuntu xenial partner deb-src http://archive.canonical.com/ubuntu xenial partner deb http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted deb-src http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted multiverse universe #Added by software-properties deb http://mirrors.aliyun.com/ubuntu/ xenial-security universe deb http://mirrors.aliyun.com/ubuntu/ xenial-security multiverse 保存 apt update apt upgrade
2、安装python pip ansible。
apt install python-pip pip install -U -i https://pypi.tuna.tsinghua.edu.cn/simple pip
apt install python-dev libffi-dev gcc libssl-dev python-selinux pip install -U -i https://pypi.tuna.tsinghua.edu.cn/simple ansible
3、安装ubuntu官方docker
apt install docker.io #修改docker挂载点共享,必须 mkdir -p /etc/systemd/system/docker.service.d tee /etc/systemd/system/docker.service.d/kolla.conf << EOF [Service] MountFlags=shared EOF #重启系统服务 systemctl daemon-reload systemctl restart docker #卸载系统lxd软件包 apt remove lxd #安装ntp服务 apt install ntp
4、安装kolla-ansible和openstack-client ,拷贝配置文件
pip install -i https://pypi.tuna.tsinghua.edu.cn/simple kolla-ansible pip install -i https://pypi.tuna.tsinghua.edu.cn/simple python-openstackclient #拷贝 globals.yml passwords.yml 到/etc cp -r /usr/local/share/kolla-ansible/etc_examples/kolla /etc/kolla/ #拷贝inventory files 到当前目录: cp /usr/local/share/kolla-ansible/ansible/inventory/* .
5、部署本地docker仓库,下载kolla镜像源。(可选,视具体网络速度。方便部署)
#本地仓库服务端口4000 docker run -d -v /opt/registry:/var/lib/registry -p 4000:5000 \ --restart=always --name registry registry.docker-cn.com/library/registry:2
wget http://tarballs.openstack.org/kolla/images/ubuntu-source-registry-pike.tar.gz tar zxvf ubuntu-source-registry-pike.tar.gz -C /opt/registry/ #需要记下下载的kolla版本: #查看http://<IP>:4000/v2/_catalog提供类别 #查看镜像的tag版本号 http://10.64.8.178:4000/v2/lokolla/ubuntu-source-aodh-api/tags/list 5.0.1
Pike版本的kolla镜像源有3.2G大,视具体网络速度酌情下载。
6、修改/etc/kolla/globals.yml配置文件
nano /etc/kolla/globals.yml
去掉需要修改关键字的注释:
kolla_base_distro: "ubuntu" kolla_install_type: "source" openstack_release: "5.0.1" docker_registry: "localhost:4000" #指定服务的网卡 network_interface: "enp9s0" #指定控制节点对外api服务虚拟地址,以后所有节点间的api访问都使用这个虚拟地址 kolla_internal_vip_address: "192.168.121.254" #我的配置实例不配置 neutron_external_interface 和外网口绑定,因为kolla安装会中断外网口访问,造成外网无法访问。 ######################## # Nova - Compute Options ######################## # Valid options are [ qemu, kvm, vmware ] #nova虚拟机缺省为kvm,如果kolla部署在虚机上改为qemu nova_compute_virt_type: "qemu" #缺省其他openstack组件看需要启用,一般试用可不安装
7、生成openstack密码
kolla-genpwd nano /etc/kolla/passwords.yml #查看生成的密码,可修改keystone_admin_password keystone_admin_password: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
8、配置文件检查
#之前需要在/etc/hosts文件 检查各接口地址是否有对应DNS主机名称 kolla-ansible prechecks -i `pwd`/all-in-one #如果prechecks预检查通过,可进入下一步。
9、kolla 各项服务启动前环境就绪
kolla-ansible -i `pwd`/all-in-one bootstrap-servers
10、部署kolla,openstack各组件容器
kolla-ansible deploy -i `pwd`/all-in-one #如果部署失败可运行kolla-ansible -i `pwd`/all-in-one destroy --yes-i-really-really-mean-it 清楚安装的组件容器
11、部署后需要运行的初始化:
kolla-ansible -i `pwd`/all-in-one post-deploy #demo虚拟机和demo网络创建,可选。 nano /usr/local/share/kolla-ansible/init-runonce . /etc/kolla/admin-openrc.sh /usr/local/share/kolla-ansible/init-runonce #查看openstack服务,如: openstack endpoint list (openstack) endpoint list +----------------------------------+-----------+--------------+----------------+---------+-----------+------------------------------------------------+ | ID | Region | Service Name | Service Type | Enabled | Interface | URL | +----------------------------------+-----------+--------------+----------------+---------+-----------+------------------------------------------------+ | 0bb942b54a274da081a4577bc2d079e2 | RegionOne | nova_legacy | compute_legacy | True | admin | http://192.168.121.254:8774/v2/%(tenant_id)s | | 1b8a5f39b37a4ee3aae224567cfd212d | RegionOne | keystone | identity | True | admin | http://192.168.121.254:35357 | | 232807771ea04d7f8eb4a2b0ebf2d9bc | RegionOne | nova | compute | True | public | http://222.46.121.14:8774/v2.1/%(tenant_id)s | | 30aefc5824ba4736863d3951d9325261 | RegionOne | nova | compute | True | internal | http://192.168.121.254:8774/v2.1/%(tenant_id)s | | 36ffc0cf11a64259972ae6a069c1daa1 | RegionOne | heat | orchestration | True | public | http://222.46.121.14:8004/v1/%(tenant_id)s | | 3cb1c3206a154a939f57619e0b6f7d3e | RegionOne | heat-cfn | cloudformation | True | public | http://222.46.121.14:8000/v1 | | 4632f66b06454205a28190aa62d327f4 | RegionOne | glance | image | True | public | http://222.46.121.14:9292 | | 577a3edad4be4a299dff84254468dea1 | RegionOne | heat | orchestration | True | admin | http://192.168.121.254:8004/v1/%(tenant_id)s | | 62bc5f3fecbd4de89c4a44dbc850b4c4 | RegionOne | heat | orchestration | True | internal | http://192.168.121.254:8004/v1/%(tenant_id)s | | 62e13981ed85491babe04917e5dd6ad7 | RegionOne | keystone | identity | True | public | http://222.46.121.14:5000 | | 67ec47151cba410e862ed9c1edfee484 | RegionOne | placement | placement | True | internal | http://192.168.121.254:8780 | | 75eb8164962946e18ac2a89a83a14db4 | RegionOne | nova_legacy | compute_legacy | True | public | http://222.46.121.14:8774/v2/%(tenant_id)s | | 7d1fa978e58d435f8801979e6e96a782 | RegionOne | nova | compute | True | admin | http://192.168.121.254:8774/v2.1/%(tenant_id)s | | 7d6f0de151a640df8cdebdaf99dd03e0 | RegionOne | glance | image | True | admin | http://192.168.121.254:9292 | | 99609050d7a24205b7e078597533f92b | RegionOne | glance | image | True | internal | http://192.168.121.254:9292 | | 9e632250fd7e4c44b9cde68240182749 | RegionOne | keystone | identity | True | internal | http://192.168.121.254:5000 | | a075fb01c1df450b99f1f33ed886e187 | RegionOne | neutron | network | True | public | http://222.46.121.14:9696 | | aeca6632068c4e679e1508280af39aa0 | RegionOne | heat-cfn | cloudformation | True | admin | http://192.168.121.254:8000/v1 | | b19ce717feb041f5b96c4c9f5ff327f6 | RegionOne | placement | placement | True | admin | http://192.168.121.254:8780 | | daccead80771453681cf84dca3722675 | RegionOne | neutron | network | True | internal | http://192.168.121.254:9696 | | e54ff14adfa1421a8959cbbeed88dfff | RegionOne | nova_legacy | compute_legacy | True | internal | http://192.168.121.254:8774/v2/%(tenant_id)s | | ec1f6301ea4e4191b35a0480fd68c527 | RegionOne | heat-cfn | cloudformation | True | internal | http://192.168.121.254:8000/v1 | | efe0b2f7115241d8a4e1c79a2ae65e6d | RegionOne | neutron | network | True | admin | http://192.168.121.254:9696 | | f20de569bd854987bca1940e660895bd | RegionOne | placement | placement | True | public | http://222.46.121.14:8780 | +----------------------------------+-----------+--------------+----------------+---------+-----------+------------------------------------------------+
12、至此简单的openstack单机服务已经就绪,可通过浏览器访问horizon进行web管理,访问地址为VIP地址(80端口,用户名admin,密码为/etc/kolla/passwords.yml内keystone_admin_password)。