【ironic】ironic 部署

零。介绍

集成keystone, nova, neutron, glance, swift等服务。

为什么使用bare metal?

高性能计算集群。


一。配置keystone

IRONIC_NODE_IP=$ip
openstack user create ironic --password password --domain default
openstack role add admin --user ironic --project service
openstack service create baremetal --name ironic --description "Ironic baremetal provisioning service"
openstack endpoint create baremetal admin http://$IRONIC_NODE_IP:6385 --region RegionOne
openstack endpoint create baremetal internal http://$IRONIC_NODE_IP:6385 --region RegionOne
openstack endpoint create baremetal public http://$IRONIC_NODE_IP:6385 --region RegionOne

二。配置DB
# mysql -u root -p
mysql> CREATE DATABASE ironic CHARACTER SET utf8;
mysql> GRANT ALL PRIVILEGES ON ironic.* TO 'ironic'@'localhost' \IDENTIFIED BY 'IRONIC_DBPASSWORD';
mysql> GRANT ALL PRIVILEGES ON ironic.* TO 'ironic'@'%' \IDENTIFIED BY 'IRONIC_DBPASSWORD';

# 必须指定 --config-file, 创建数据库表
ironic-dbsync --config-file /etc/ironic/ironic.conf create_schema

三。配置flavor
RAM_MB=102400
CPU=32
DISK_GB=100
ARCH=x86_64
baremetal_flavor=baremetal-flavor
nova flavor-create ${baremetal_flavor} auto $RAM_MB $DISK_GB $CPU

# add spec for all nova flavor
nova flavor-key ${vm_flavor} set capabilities:hypervisor_type=QEMU
nova flavor-show ${vm_flavor}

# add spec for all baremetal flavor
nova flavor-key ${baremetal_flavor} set capabilities:hypervisor_type=ironic
nova flavor-show ${baremetal_flavor}

四。准备部署镜像
glance image-create --name ironic-deploy.kernel --visibility public --disk-format aki --container-format aki < ironic-deploy.vmlinuz
glance image-create --name ironic-deploy.ramdisk --visibility public --disk-format ari --container-format ari < ironic-deploy.initramfs

# 用户镜像
disk-image-create centos7 vm dhcp-all-interfaces -o ironic-centos7-wdiglance image-create --name ironic-centos7-wdi --visibility public --disk-format qcow2 --container-format bare < ironic-centos7-wdi.qcow2

五。部署ironic
# 安装
yum install openstack-ironic-api openstack-ironic-conductor python-ironicclient
systemctl enable openstack-ironic-api openstack-ironic-conductor
systemctl start openstack-ironic-api openstack-ironic-conductor

# 配置[root@baremetal-128-234 yuankui]# cat /etc/ironic/ironic.conf
[DEFAULT]
enabled_network_interfaces=noop,flat,neutron
d efault_network_interface=neutron
auth_strategy=keystone
enabled_drivers=pxe_ipmitool
my_ip=$my_ip
debug=True
[agent]
deploy_logs_collect=always
[amt]
[api]
[cimc]
[cisco_ucs]
[conductor]
api_url=http://$my_ip:6385
clean_callback_timeout=0 #生产环境要配置超时时间,建议>>600
[console]
[cors]
[cors.subdomain][database]
connection=mysql+pymysql://ironic:$ironic_password@@mysqlserver:3308/ironic
max_pool_size=5
max_overflow=15
connection_trace=true
use_db_reconnect=true
[deploy]
shred_random_overwrite_iterations=0
shred_final_overwrite_with_zeros=False
[dhcp]
dhcp_provider=neutron
[disk_partitioner]
[disk_utils]
[glance]
glance_api_servers=http://keystone._ip:9292
auth_strategy=keystone
[iboot]
[ilo]
[inspector]
[ipmi]
retry_timeout=600
[irmc]
[ironic_lib]
[keystone]
region_name=RegionOne
[keystone_authtoken]
auth_uri=http://keystone_ip:35357/v2.0
admin_user=ironic
admin_password=password
admin_tenant_name=service
identity_uri=http://keystone_ip:35357
auth_version=v2.0
region_name=RegionOne
[matchmaker_redis]
[neutron]
url=http://baremetal-128-234.com:9696
auth_strategy=keystone
cleaning_network_uuid=d2a32993-48b4-4a02-95ea-0756b865a13f
provisioning_network_uuid=d2a32993-48b4-4a02-95ea-0756b865a13f
[oneview]
[oslo_concurrency]
[oslo_messaging_amqp]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
rabbit_hosts=rabbitmq-a:5672, rabbitmq-b:5672
rabbit_userid=rabbitmq
rabbit_password=rabbitmq_password
rabbit_ha_queues=true
heartbeat_timeout_threshold=0
[oslo_policy]
[pxe]
pxe_append_params=nofb nomodeset vga=normal console=tty0 console=ttyS0,115200n8
tftp_server=tftp_server
tftp_root=/tftpboot
tftp_master_path=/tftpboot/master_images
images_path=/ironic/images
instance_master_path=/ironic/master_images
[seamicro]
[snmp]
[ssh]
[ssl]
[swift]
[virtualbox]

# 初始化DB
ironic-dbsync --config-file /etc/ironic/ironic.conf
create_schema

# 重启服务
sudo systemctl restart openstack-ironic-api
sudo systemctl restart openstack-ironic-conductor

六。部署TFTP
# 安装xinetd
yum -y install xinetd
# 安装tftp
sudo mkdir -p /tftpboot
sudo chown -R ironic /tftpbootsudo
yum install tftp-server syslinux-tftpboot
# 配置tftp map file
echo 're ^(/tftpboot/) /tftpboot/\2' > /tftpboot/map-file
echo 're ^/tftpboot/ /tftpboot/' >> /tftpboot/map-file
echo 're ^(^/) /tftpboot/\1' >> /tftpboot/map-file
echo 're ^([^/]) /tftpboot/\1' >> /tftpboot/map-file
# 配置/etc/xinetd.d/tftp
server_args = -v -v -v -v -v --map-file /tftpboot/map-file /tftpboot
# 准备pxelinux.0
cp /var/lib/tftpboot/pxelinux.0 /tftpboot/
cp /var/lib/tftpboot/chain.c32 /tftpboot/
# 重启tftp服务
systemctl restart xinetd
ps aux|grep tftp
# 验证服务可用
echo 'test tftp' > /tftpboot/aaa #先在tftp server root dir下创建一个测试文件aaa
tftp $host -c get aaa #用tftp client从server端拉取指定文件aaa
cat aaa #确认拉取成功



七。配置nova(主要是ironic nova compute)
/etc/nova/nova.conf
# 安装
yum install openstack-nova-compute openstack-nova-common python-novaclient
# 配置
[DEFAULT]
compute_driver=ironic.IronicDriver
firewall_driver=nova.virt.firewall.NoopFirewallDriver
update_resources_interval=10
reserved_host_memory_mb=0
reserved_host_disk_mb=0
cpu_allocation_ratio=1.0
ram_allocation_ratio=1.0
disk_allocation_ratio=1.0
bandwidth_poll_interval=-1
[ironic]
api_endpoint=http://baremetal-128-234.com:6385
admin_url=http://keystone.com:5000
admin_username=ironic
admin_password=password
admin_tenant_name=service
[neutron]
url = http://baremetal-128-234.com:9696

# 重启服务
sudo service nova-compute restart

八。准备eth5及br-eth5网卡
重启网络服务,将自动建立 br-eth4
cat /etc/sysconfig/network-scripts/ifcfg-eth4

DEVICE=eth4
TYPE=OVSPort
DEVICETYPE=ovs
OVS_BRIDGE=br-eth4
ONBOOT=yes

cat /etc/sysconfig/network-scripts/ifcfg-br-eth4
DEVICE=br-eth4
DEVICETYPE=ovs
TYPE=OVS Bridge
BOOTPROTO=static
IPADDR=10.10.10.10
NETMASK=255.255.255.0
GATEWAY=10.10.10.1
ONBOOT=yes

九。部署ironic节点上neutron dhcp agent
重启ovsagent,将自动建立br-int,及相应的patch interface

# 安装neutron相关组件
yum install networking-plato openstack-neutron-openvswitch openstack-neutron-common openstack-neutron-rpc-server openstack-neutron python-neutron-lib python-neutronclient python-neutron

# 配置ml2 pulgin配置
vim /etc/neutron/plugin.ini

[ml2]
# type_drivers = flat # for flat
# tenant_network_types = flat # for flat
# mechanism_drivers = openvswitch # for flat
type_drivers = flat,vxlan # for multi-tenant
tenant_network_types = flat,vxlan # for multi-tenant
mechanism_drivers = networking-plugin # for multi-tenant

[ml2_type_flat]
flat_networks = physnet1

[ml2_type_vlan]
network_vlan_ranges = physnet1

[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
enable_security_group = True

[ovs]
bridge_mappings = physnet1:br-eth4

# # 配置ml2 pulgin ovs agent配置
# cat /etc/neutron/plugins/ml2/openvswitch_agent.ini
# [ovs]
# bridge_mappings = physnet1:br-eth4

# 准备虚拟网桥
ovs-vsctl add-br br-int
ovs-vsctl add-br br-eth4
ovs-vsctl add-port br-eth4 eth4

# 重启neutron ovs agent,使配置生效
service neutron-plugin-openvswitch-agent restart
service neutron-server restart

十。创建neutron cleaning network

dhcp-agent-uuid=d2a32993-48b4-4a02-95ea-0756b865a13f

n eutron net-create cleaning_network --provider:network_type flat --provider:physical_network physnet1 --shared

neutron subnet-create cleaning_network 10.248.128.0/24 --name cleaning_subnet --ip-version=4 --gateway=10.248.128.1 --allocation-pool start=10.248.128.181,end=10.248.128.199 --enable-dhcp # cleaning net需要开启 dhcp

neutron dhcp-agent-network-add $dhcp-agent-uuid $cleaning_network #让指定的dhcp agent管理指定的network

neutron net-list-on-dhcp-agent $dhcp-agent-uuid

十一。添加baremetal node

IRONIC_API_VERSION=1.20
cleaning_network=11111
deploy_kernel=222222
deploy_ramdisk=3333331
image_source=44444444
baremetal_flavor=baremetal-flavor
baremetal_name=baremetal_103
tenant_network=5555555
ironic_node_uuid=00000000-0000-0000-0000-000000000250
ironic_port_addr='fc:b9:01:9c:86:a0'
ipmi_address=10.10.100.10
ipmi_port=623
ipmi_username=ipmi_user
pmi_password=ipmi_password
switch_id='00:00:00:00:00:00'
switch_ip='10.200.200.200'
switch_port_id='xe-0/0/4'

echo "prepare ironic node"
ironic node-create -d pxe_ipmitool -u ${ironic_node_uuid}ironic
node-update ${ironic_node_uuid} add driver_info/ipmi_address=${ipmi_address}
ironic node-update ${ironic_node_uuid} add driver_info/ipmi_port=${ipmi_port}ironic
node-update ${ironic_node_uuid} add driver_info/ipmi_username=${ipmi_username}
ironic node-update ${ironic_node_uuid} add driver_info/ipmi_password=${ipmi_password}
ironic node-update ${ironic_node_uuid} add driver_info/deploy_kernel=${deploy_kernel}
ironic node-update ${ironic_node_uuid} add driver_info/deploy_ramdisk=${deploy_ramdisk}
ironic node-update ${ironic_node_uuid} add properties/cpus=32ironic
node-update ${ironic_node_uuid} add properties/memory_mb=204800ironic
node-update ${ironic_node_uuid} add properties/local_gb=1000ironic
node-update ${ironic_node_uuid} add properties/cpu_arch=x86_64
ironic node-update ${ironic_node_uuid} add instance_info/root_gb=1000
ironic node-update ${ironic_node_uuid} add instance_info/capabilities='{"boot_option":"local"}'

echo "prepare ironic node's port"
ironic port-create -n ${ironic_node_uuid} -a ${ironic_port_addr} -l switch_id=${switch_id} -l switch_info=${switch_ip} -l port_id=${switch_port_id}

ironic node-validate ${ironic_node_uuid}

00 Troubleshooting Ironic

1. No valid host was found
确保有足够的节点是available状态的,不能是maintenance模式,也不是被存在的实例实用的,可以使用命令如下检查:
ironic node-list --provision-state available --maintenance false --associated false

node是manageable状态的应该变成available的
ironic node-set-provision-state $uuid provide

ironic node-set-maintenance $uuid off


2. 属性JSON有合法的值
$ ironic node-show $uuid --fields properties
+------------+-----------------------------------------------------------------------+
| Property   | Value                                                                 |
+------------+-----------------------------------------------------------------------+
| properties | {u'memory_mb': 1024000, u'cpu_arch': u'x86_64', u'local_gb': 1024000, |
|            | u'cpus': 1000, u'capabilities': u'type:comm2'}                        |
+------------+-----------------------------------------------------------------------+

3. nova flavor匹配ironic节点
openstack flavor show

查看flavor属性
$ openstack flavor show stp-calc2-c24m102400d100r1 -c properties
+------------+------------------------------------------------------------------+
| Field      | Value                                                            |
+------------+------------------------------------------------------------------+
| properties | capabilities:hypervisor_type='ironic', capabilities:type='calc2' |
+------------+------------------------------------------------------------------+

查看ironic node节点属性
# ironic node-show 00000000-0000-0000-0000-010003024220 --fields properties
+------------+-----------------------------------------------------------------------+
| Property   | Value                                                                 |
+------------+-----------------------------------------------------------------------+
| properties | {u'memory_mb': 1024000, u'cpu_arch': u'x86_64', u'local_gb': 1024000, |
|            | u'cpus': 1000, u'capabilities': u'type:comm2'}                        |
+------------+-----------------------------------------------------------------------+







你可能感兴趣的:(openstack)