openstack（stein）部署安装

准备工作

• 关闭防火墙，关掉防火墙开机自启
• 关闭selinux
• 安装epel仓库
• 更新yum仓库包
• 安装python-pip python-devel libffi-devel gcc openssl-devel libselinux-python wget lvm2
• 升级pip
• 使用pip安装升级ansible
• 配置ansible
• 安装docker
• 配置阿里云加速

systemctl stop firewalld
systemctl disable firewalld
sed -i "s/SELINUX=enforcing/SELINUX=disabled/" /etc/selinux/config
setenforce 0
yum install epel-release -y
yum update -y
yum install python-pip python-devel libffi-devel gcc openssl-devel libselinux-python wget lvm2 -y
pip install -U pip
pip install -U ansible
mkdir /etc/ansible
cat > /etc/ansible/ansible.cfg << EOF
[defaults]
host_key_checking=False
pipelining=True
forks=100
EOF
wget -P /etc/yum.repos.d/ https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum install -y docker-ce
mkdir /etc/docker
cat > /etc/docker/daemon.json << EOF
{
"registry-mirrors": ["https://3nay7xz7.mirror.aliyuncs.com"]
}
EOF
systemctl start docker
systemctl enable docker

ansible os -m copy -a "src=/root/deploy.sh dest=/root/"

安装kolla-ansible==8.1.0（对应stein版本）部署openstack

• 安装kolla-ansible
• 配置kolla-ansible配置文件
  复制单节点配置文件和多节点配置文件到当前目录
  复制全局配置文件到/etc/kolla/下
  修改全局配置文件
  生成密码
• 部署openstack
• 安装openstack客户端
• 初始化
• 浏览器输入地址查看dashboard是否启动成功

pip install kolla-ansible==8.1.0
cp -r /usr/share/kolla-ansible/etc_examples/kolla /etc/
cp /usr/share/kolla-ansible/ansible/inventory/* ./
kolla-genpwd
sed -i 's/^keystone_admin_password.*/keystone_admin_password: admin/' /etc/kolla/passwords.yml
vi /etc/kolla/globals.yml
-------------------------------------------------
kolla_base_distro: "centos"
kolla_install_type: "source"
openstack_release: "stein"
kolla_internal_vip_address: "172.16.1.8" # 打开高可用才能用到，物理机网络内没有使用过的ip
network_interface: "ens32"  # 物理机ip地址对应的网卡名字
neutron_external_interface: "ens33" # 另外一块网卡的名字
enable_haproxy: "no" # 单节点关掉也行
-------------------------------------------------
kolla-ansible -i all-in-one bootstrap-servers
kolla-ansible -i all-in-one prechecks
kolla-ansible -i all-in-one pull
kolla-ansible -i all-in-one deploy
kolla-ansible post-deploy # 生成admin-openrc.sh
. /etc/kolla/admin-openrc.sh
. /usr/share/kolla-ansible/init-runonce  # 需要安装openstack客户端，作用是下载cirros和创建一个网络demo
------------------------------------------------------------------------------------
# 安装openstack客户端
pip install python-openstackclient python-glanceclient python-neutronclient --ignore-installed
# 日志路径
/var/lib/docker/volumes/kolla_logs/_data/
# 销毁搭建环境
kolla-ansible destroy -i all-in-one --yes-i-really-really-mean-it

使用cinder

• 部署前创建物理卷
• 部署前创建卷组，由一个或者多个物理卷组成

pvcreate /dev/sda2 
vgcreate cinder-volumes /dev/sda2

使用外部ceph

• 安装python3，ceph安装过程需要python3，所有需要部署的节点
• 搭建ceph集群
  1 配置阿里云的ceph仓库
  2 安装cephadm（官网推荐部署方法）
  3 创建ceph配置文件夹 mkdir -p /etc/ceph/
  4 部署第一台集群节点，指定ip，使用主机名字会需要手动配置网络
  5 将ceph的公钥拷贝到要部署的节点上
  6 安装ceph工具脚手架
  7 添加节点
  8 添加osd
• 创建并初始化openstack会用到的pool。
• 根据openstack访问需求生成可以访问这些pool的用户密钥
• 将秘钥和ceph.conf复制到kolla部署机上，在/etc/kolla/conf中完善ceph配置
• 配置kolla global.yml，配置完成后kolla-ansible部署即可

ansible os -m shell -a 'yum install python3 -y'

cat > /etc/yum.repos.d/ceph.repo << EOF
[ceph]
name=ceph
baseurl=https://mirrors.aliyun.com/ceph/rpm-octopus/el7/x86_64/
enable=1
gpgcheck=1
priority=1
gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc
EOF
yum install cephadm -y
mkdir -p /etc/ceph
cephadm bootstrap --mon-ip 10.3.12.228 # 需要使用ip地址，要不然需要手动配置网络
ssh-copy-id -f -i /etc/ceph/ceph.pub root@os1
cephadm install ceph-common
ceph orch host add os1
ceph orch host ls # 查看当前有哪些主机被添加
dmsetup remove_all    dmsetup ls # 去除已经添加过的ceph标签
ceph orch daemon add osd os1:/dev/sda2
ceph -s # 查看ceph情况

ceph osd pool create volumes
ceph osd pool create images
ceph osd pool create backups
ceph osd pool create vms
rbd pool init volumes
rbd pool init images
rbd pool init backups
rbd pool init vms
rdd ls images # 查看images中的镜像

ceph auth get-or-create client.glance mon 'profile rbd' osd 'profile rbd pool=images' mgr 'profile rbd pool=images'
ceph auth get-or-create client.cinder mon 'profile rbd' osd 'profile rbd pool=volumes, profile rbd pool=vms, profile rbd-read-only pool=images' mgr 'profile rbd pool=volumes, profile rbd pool=vms'
ceph auth get-or-create client.cinder-backup mon 'profile rbd' osd 'profile rbd pool=backups' mgr 'profile rbd pool=backups'
ceph auth get-or-create client.nova mon 'profile rbd' osd 'profile rbd pool=volumes, profile rbd pool=vms, profile rbd-read-only pool=images' mgr 'profile rbd pool=volumes, profile rbd pool=vms'

ceph auth get-or-create client.glance > /etc/ceph/ceph.client.glance.keyring
ceph auth get-or-create client.cinder > /etc/ceph/ceph.client.cinder.keyring
ceph auth get-or-create client.cinder-backup > /etc/ceph/ceph.client.cinder-backup.keyring
ceph auth get-or-create client.nova > /etc/ceph/ceph.client.nova.keyring

scp -r /etc/ceph os:/etc/ceph # 注意ceph.conf文件如果有制表符\t可能有问题
mkdir -p /etc/kolla/config/{glance,cinder,nova}
mkdir -p /etc/kolla/config/cinder/{cinder-backup,cinder-volume}
cp /etc/ceph/ceph.conf /etc/kolla/config/glance/
cp /etc/ceph/ceph.conf /etc/kolla/config/cinder/
cp /etc/ceph/ceph.conf /etc/kolla/config/cinder/cinder-volume/
cp /etc/ceph/ceph.conf /etc/kolla/config/cinder/cinder-backup/
cp /etc/ceph/ceph.conf /etc/kolla/config/nova/
cp /etc/ceph/ceph.client.glance.keyring /etc/kolla/config/glance/
cp /etc/ceph/ceph.client.cinder.keyring /etc/kolla/config/cinder/cinder-volume/
cp /etc/ceph/ceph.client.cinder.keyring /etc/kolla/config/cinder/cinder-backup/
cp /etc/ceph/ceph.client.cinder-backup.keyring /etc/kolla/config/cinder/cinder-backup/
cp /etc/ceph/ceph.client.nova.keyring /etc/kolla/config/nova/
cp /etc/ceph/ceph.client.cinder.keyring /etc/kolla/config/nova/

cat > /etc/kolla/config/glance/glance-api.conf << EOF
[glance_store]
stores = rbd
default_store = rbd
rbd_store_pool = images
rbd_store_user = glance
rbd_store_ceph_conf = /etc/ceph/ceph.conf
EOF
cat > /etc/kolla/config/cinder/cinder-backup.conf << EOF
[DEFAULT]
backup_ceph_conf=/etc/ceph/ceph.conf
backup_ceph_user=cinder-backup
backup_ceph_chunk_size = 134217728
backup_ceph_pool=backups
backup_driver = cinder.backup.drivers.ceph.CephBackupDriver
backup_ceph_stripe_unit = 0
backup_ceph_stripe_count = 0
restore_discard_excess_bytes = true
EOF
cat > /etc/kolla/config/cinder/cinder-volume.conf << EOF
[DEFAULT]
enabled_backends=rbd-1

[rbd-1]
rbd_ceph_conf=/etc/ceph/ceph.conf
rbd_user=cinder
backend_host=rbd:volumes
rbd_pool=volumes
volume_backend_name=rbd-1
volume_driver=cinder.volume.drivers.rbd.RBDDriver
# 在/etc/kolla/passwords.yml中可以找到，需要修改
rbd_secret_uuid=4a1206cb-aad8-4576-955c-b384b05d0344
EOF
cat > /etc/kolla/config/nova/nova-compute.conf << EOF
images_rbd_pool=vms
images_type=rbd
images_rbd_ceph_conf=/etc/ceph/ceph.conf
rbd_user=nova
EOF

vi /etc/kolla/globals.yml
----------------------------------------------
enable_ceph: "no"
enable_cinder: "yes"
glance_backend_ceph: "yes"
cinder_backend_ceph: "yes"
nova_backend_ceph: "yes"
# 如果在一个网段里装两个openstack集群，本质是因为keepalived。
keepalived_virtual_router_id:"55"

网卡配置

#  有网
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="none"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="enp175s0f0"
UUID="4cfb4d68-54e1-425e-83fd-0341263eedbe"
DEVICE="enp175s0f0"
ONBOOT="yes"
IPADDR="10.3.12.223"
PREFIX="24"
GATEWAY="10.3.12.254"
DNS1="114.114.114.114"
IPV6_PRIVACY="no"

# 没网
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=autoip
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=enp175s0f1
UUID=2ff0d124-7654-4f00-85fc-498e81afba06
DEVICE=enp175s0f1
ONBOOT=no
IPV6_PRIVACY=no

# 未初始化
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=dhcp
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=enp25s0f0
UUID=1007c870-a15b-4ab0-a3ef-1a89dcaae0c4
DEVICE=enp25s0f0
ONBOOT=no