本文为大概个人用kolla搭建openstack思路,有问题敬请指正
前期准备(其实就为连个ssh)
#!/bin/bash
sed -i's/^#\?PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config
sed -i's/^#\?PasswordAuthentication.*/PasswordAuthentication yes/g'/etc/ssh/sshd_config
service sshd restart
echo student | passwd --stdin root
sed -i "/^SELINUX/s/enforcing/disabled/g"/etc/selinux/config
hostnamectl set-hostname openstack
创建实例(带ssh秘钥)
安全组
ip route add 172.17.144.0/22 via10.10.10.254
172.17.147.32
mkdir .pip
vi .pip/pip.conf
内容为:
[global]
index-url =https://pypi.tuna.tsinghua.edu.cn/simple
[install]
trusted-host=mirrors.aliyun.com
vi key.pem
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEA4QOlN12/BIOmHScBTHdPyTh1Xnq6ursE7D97l7iC9zcNLP3j
RvLU17Qyh/nwehTWxFfv1hH044ZLbGUdgmPZPunryFU8Gm+7t1YGTEWJwLiZPxEV
rKdMFSjAC+F5DO+Q9f1v5/1QOHf88r0vjpvQIdWbckjApa8gwA0H6BSPIcUNvZpY
2XyTPsp0MZGe/r5Gj+y1VLnE+3lcBEUqGDlGiPqxxdsuAnpixJKWvWx/DtN7ZMzz
COWLKqfIc0P3YpEcoEwNhzcdrCyU02StkdnA4vppNo2XU5LHntzu2+50KURXBygH
0Jo+lfI0jLW9Ff0G42AEZH1ah6km8VPlLgzX3QIDAQABAoIBAD7EDo0QKF1w/6A4
JiOXUHk3t32gTIAT9P6VgrtCq72b7J/1PjWnPPnieQn3DT5wm6vvP6Z+IcppxpY4
6m9ZvNrQ04VxSS+ypTEx3NXfu9o3Y//0mxArJozsbg2iWmriVJRZmqKixYLK7ZMk
dKSaEAewFwldA+fznvYTbHYvbfGkCNT/462Sb1sjuO1Tt38e6LKcu83JLcEsrk7V
zQqnPmMEAn4e/97bpeahhedlaQnDdvNdHAMVOr/xbF3tcqYUnnKhYyDQUe3C/MD8
bWQEGtoNTsqFPzTZBdxN79ewf5Iagnx29UH7Gb4SysFuwcyXJr2m1YuNwSMnNHdC
egfHDj0CgYEA/4RsVfFTqEDIjFnl+wGeiQzG8yfk236PMRcVyQXfpgUNs+SxMbmv
SCz7qa0x2ODbOLgkw2ZePMs/B7waKFB3xfSk/7NyiTQGcyRlba/zMFTCb06ctlvU
7lMAWTc2ySAwNgcMqVZyxjgtDp1Tp/VI0EcRzrx3rOoKI94BzLkOXjsCgYEA4XB4
SoA5NIRijsA0lZhnguZe/ETR8yGpPXzx0i+9XDO8S0aSPhNHP89RZ5UFW/xq/vu/
n3N1goiiJjVvvB3NYCXAmZgtHtoTzsEr1O4+sPUrxGolXj4icNpSvrUODYAbslSK
3qOZj7xikK50iToQsEM/nXWszTWKoMqoITETSMcCgYAXLbMKJMca9y16FdmX6HCy
K/eMLS1Ef/mLUXXHc4HzNHgmvnMYeKie2n3FyZFBBDy+q22iUBHyX9mK4RRaXdpP
mb6x91xHd/Gx1jZhOdnMo5OztyTeIfxx1hOtBCYzHnlhHUiXv+DPfF8R+VGSZdzC
EABciZotlFlxIX12Tb8w6wKBgBmCmJoVmGOQ93Yf2dNzw4LUfrsdLoTMslH66YJX
VJ4yXIRIIBRWKiHWW+fUvR6Dmbfw1OY+MnXq8C5Sraoj1TGkE/9NcQ2kr8kdotAd
hYqQs7suJ7xaW5tZmTNrWYO9k2TCnFRFPwM81gp5M0a0A19uvKwcvMkb3ewEArJ+
0yfRAoGBALLJ84hnkvj5EsdAJh1tU0wpachIvLFzNVgxfm7D684brZH8fc8jFlMT
XlfMsxTQXfNASUZ/WrHjPd4GPS4ihzTsaZReehz6P/r6KriYmI1X4i5J/3M13Hk7
ywcA6AMlT7kpu91kNY2Cp61z2k2VsQIpaxRYlMj+ZyT/qh2Pagln
-----END RSA PRIVATE KEY-----
ssh -i key.pem [email protected]
通过kolla部署openstack(all-in-one)
参考:
kolla:
https://docs.openstack.org/project-deploy-guide/kolla-ansible/train/
docker:
https://docs.docker.com/install/linux/docker-ce/centos/
1 更新系统
yum update -y
reboot
2 安装docker-ce
21 追加路由(网关地址10.0.0.254根据实际网络修改)
ip route add 172.17.144.0/22 via 10.0.0.254
22 安装docker-ce
yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine -y
yum install -y yum-utils \
device-mapper-persistent-data \
lvm2 -y
yum-config-manager \
--add-repo \
https://download.docker.com/linux/centos/docker-ce.repo
yum install docker-ce docker-ce-cli containerd.io -y
systemctl start docker
systemctl enable docker
3 部署准备
31 修改主机名
hostnamectl set-hostname openstack
32 修改/etc/hosts
追加:
172.17.141.200 manager
10.0.0.167 openstack
#10.0.0.167根据实际地址修改
vi /etc/hosts
33 修改/etc/docker/daemon.json(配置使用本地镜像仓库)
[root@openstack~]#vi /etc/docker/daemon.json
[root@openstack~]#cat /etc/docker/daemon.json
{
"insecure-registries":[
"manager:5000"
],
"log-opts": {
"max-file": "5",
"max-size": "50m"
}
}
34 重启docker
systemctl restart docker
4 安装kolla and kolla-ansible
41 Install Python builddependencies
yum install python-devel libffi-devel gcc openssl-devellibselinux-python -y
easy_install pip
pip install -U pip
yum install ansible -y
pip install kolla-ansible
可能错误1:
Attempting uninstall: requests
Found existing installation: requests 2.6.0
ERROR:Cannot uninstall 'requests'. It is a distutils installed project and thus wecannot accurately determine which files belong to it which would lead to only apartial uninstall.
解决办法:卸载requests
rpm -qa|grep requests
yum erase python-requests -y
反馈信息如下:
ResolvingDependencies
-->Running transaction check
--->Package python-requests.noarch 0:2.6.0-8.el7_7 will be erased
-->Processing Dependency: python-requests for package:cloud-init-18.5-3.el7.centos.x86_64
-->Running transaction check
--->Package cloud-init.x86_64 0:18.5-3.el7.centos will be erased
-->Finished Dependency Resolution
DependenciesResolved
======================================================================================================================
Package Arch Version Repository Size
======================================================================================================================
Removing:
python-requests noarch 2.6.0-8.el7_7 @updates 344 k
Removingfor dependencies:
cloud-init x86_64 18.5-3.el7.centos @base 3.0 M
TransactionSummary
======================================================================================================================
Remove 1 Package (+1 Dependent package)
Installedsize: 3.3 M
Isthis ok [y/N]: y
Downloadingpackages:
Runningtransaction check
Runningtransaction test
Transactiontest succeeded
Runningtransaction
Erasing : cloud-init-18.5-3.el7.centos.x86_64 1/2
Erasing : python-requests-2.6.0-8.el7_7.noarch 2/2
Verifying : python-requests-2.6.0-8.el7_7.noarch 1/2
Verifying : cloud-init-18.5-3.el7.centos.x86_64 2/2
Removed:
python-requests.noarch 0:2.6.0-8.el7_7
DependencyRemoved:
cloud-init.x86_64 0:18.5-3.el7.centos
Complete!
重新执行安装:
pip install kolla-ansible
可能错误2:
Attempting uninstall: PyYAML
Found existing installation: PyYAML 3.10
ERROR:Cannot uninstall 'PyYAML'. It is a distutils installed project and thus we cannotaccurately determine which files belong to it which would lead to only apartial uninstall.
解决办法:卸载PyYAML
rpm -qa|grep PyYAML
yum erase PyYAML
...
Removed:
PyYAML.x86_64 0:3.10-11.el7
DependencyRemoved:
ansible.noarch 0:2.4.2.0-2.el7
再次重新执行安装:
pip install kolla-ansible
...
Successfullyinstalled PyYAML-5.3 cffi-1.14.0 cryptography-2.8 iso8601-0.1.12 jmespath-0.9.5kolla-ansible-9.0.1 monotonic-1.5 netaddr-0.7.19 netifaces-0.10.9oslo.config-7.0.0 oslo.utils-3.42.1 pyparsing-2.4.6 rfc3986-1.3.2setuptools-44.0.0
46 ReInstall ansible
pip install ansible
...
Successfullyinstalled ansible-2.9.6
可见从原来的2.4.2.0-2.el7更新为ansible-2.9.6
5 创建配置文件夹、拷贝文件
51 Create the /etc/kolladirectory and change owner
mkdir -p /etc/kolla
chown $USER:$USER /etc/kolla
52 Copy globals.yml andpasswords.yml to /etc/kolla directory.
cp -r /usr/share/kolla-ansible/etc_examples/kolla/* /etc/kolla
53 Copy all-in-one and multinodeinventory files to the current directory.
cp /usr/share/kolla-ansible/ansible/inventory/* .
6 配置Configure Ansible
61
修改/etc/ansible/ansible.cfg,追加如下内容:
mkdir /etc/ansible
vi /etc/ansible/ansible.cfg
[defaults]
host_key_checking=False
pipelining=True
forks=100
62 Inventory
63 Kolla passwords
执行如下命令,创建密码文件:
kolla-genpwd
查看生成的密码文件:
cat/etc/kolla/passwords.yml
修改密码文件:
vi /etc/kolla/passwords.yml
通过/快速定位修改。
为方便后续管理,可修改相关用户密码。
比如:
database_password: student
keystone_admin_password: student
rabbitmq_password: student
64 Kolla globals.yml
vi /etc/kolla/globals.yml
需要修改的配置选项解释:
#Image
options(配置发行版本)
kolla_base_distro: "centos"
kolla_install_type: "source"
openstack_release: "train"
#配置镜像仓库:
docker_registry: "manager:5000"
docker_registry_insecure: "yes"
配置网络接口:
network_interface: "eth0"
neutron_external_interface: "eth1"
#配置额外支持的服务
enable_cinder:
"no"
#配置openstack核心服务(默认支持)
enable_openstack_core: "yes"
#配置虚拟ip
kolla_internal_vip_address: "10.0.0.167"
#These roles are required for Kolla to be operation, however a savvy deployer
#could disable some of these required roles and run their own services.
#enable_glance:"{{ enable_openstack_core | bool }}"
#all-in-one安装,禁用haproxy
enable_haproxy: "no"
#Valid options are [ qemu, kvm, vmware, xenapi ]
#由于嵌套虚拟化(在虚拟机里部署openstack),配置
nova_compute_virt_type: "qemu"
修改配置文件,按上述解读配置相关选项:
vi /etc/kolla/globals.yml
7 部署Deployment
Afterconfiguration is set, we can proceed to the deployment phase. First we need tosetup basic host-level dependencies, like docker.
Kolla-Ansibleprovides a playbook that will install all required services in the correctversions.
Thefollowing assumes the use of the multinode inventory. If using a differentinventory, such as all-in-one, replace the -i argument accordingly.
For deployment or evaluation, run:
针对部署或测试环境,执行如下命令:
#Bootstrap servers with kolladeploy dependencies:
#安装部署依赖包
#定位all-in-one文件
locate all-in-one
yum installmlocate -y
updatedb
locate all-in-one
拷贝文件all-in-one到当前目录:
cp/usr/share/kolla-ansible/ansible/inventory/all-in-one .
kolla-ansible -i ./all-in-one bootstrap-servers
#Dopre-deployment checks for hosts:
#部署前检查
kolla-ansible -i ./all-in-one prechecks
#Finally proceed to actualOpenStack deployment:
#部署
kolla-ansible -i ./all-in-one deploy
8 完成部署并使用openstack
81#Install the OpenStack CLIclient:
yuminstall centos-release-openstack-train -y
yuminstall python-openstackclient -y
kolla-ansible post-deploy
. /etc/kolla/admin-openrc.sh
82创建网络、镜像、规格等
. /usr/share/kolla-ansible/init-runonce
83创建虚拟机
openstack server create\
--image cirros \
--flavor m1.tiny \
--key-name mykey \
--network demo-net \
demo1
失败
[if !vml]
[endif]
原因:MTU
补充配置:(在安装配置网络服务时,需要在控制节点补充如下配置)
由于openstack in openstack部署,网络mtu需要设置,将默认的mtu=1500改为1450.
修改配置文件/etc/kolla/neutron-openvswitch-agent/neutron.conf
vi/etc/kolla/neutron-openvswitch-agent/neutron.conf
[DEFAULT]
global_physnet_mtu =1450
[if !vml]
[endif]
修改配置文件/etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
path_mtu = 1450
[if !vml]
[endif]
将修改好的文件复制到/etc/kolla/neutron-server文件夹下
cp /etc/kolla/neutron-openvswitch-agent/neutron.conf /etc/kolla/neutron-server/
cp /etc/kolla/neutron-openvswitch-agent/ ml2_conf.ini /etc/kolla/neutron-server/
重启neutron_server和neutron_openvswitch_agent容器
docker restartneutron_server
docker restartneutron_openvswitch_agent
重新部署实例
openstackserver create \
--image cirros \
--flavor m1.tiny \
--key-name mykey \
--network demo-net \
demo1
[if !vml]
[endif]
84运维
查看相关资源
openstack service list
openstack image list
openstack network list
openstack server list
或者浏览器访问
http://10.0.0.167
查看日志log:
cd /var/log/kolla
查看配置文件Config:
cd /etc/kolla/
1 vi.pip/pip.conf
2 ls
3 mkdir .pip
4 vi .pip/pip.conf
5 yum remove docker docker-client docker-client-latest docker-common docker-latest docker-latest-logrotate docker-logrotate docker-engine -y
6 yum install -y yum-utils device-mapper-persistent-data lvm2 -y
7 yum-config-manager --add-repohttps://download.docker.com/linux/centos/docker-ce.repo
8 yum install docker-cedocker-ce-cli containerd.io -y
9 systemctl start docker
10 hostnamectl set-hostnameopenstack
11 vi /etc/hosts
12 vi /etc/docker/daemon.json
13 systemctl restart docker
14 yum install python-devellibffi-devel gcc openssl-devel libselinux-python -y
15 easy_install pip
16 pip install -U pip
17 pip install kolla-ansible
18 rpm -qa|grep requests
19 yum erase python-requests -y
20 pip install kolla-ansible
21 rpm -qa|grep PyYAML
22 yum erase PyYAML
23 pip install kolla-ansible
24 pip install ansible
25 mkdir -p /etc/kolla
26 chown $USER:$USER /etc/kolla
27 cp -r/usr/share/kolla-ansible/etc_examples/kolla/* /etc/kolla
28 cp/usr/share/kolla-ansible/ansible/inventory/* .
29 vi /etc/ansible/ansible.cfg
30 mkdir /etc/ansible
31 vi /etc/ansible/ansible.cfg
32 kolla-genpwd
33 vi /etc/kolla/passwords.yml
34 vi /etc/kolla/globals.yml
35 locate all-in-one
36 yum install mlocate -y
37 updatedb
38 locate all-in-one
39 cp /usr/share/kolla-ansible/ansible/inventory/all-in-one.
40 ls
41 kolla-ansible -i ./all-in-onebootstrap-servers
42 kolla-ansible -i ./all-in-oneprechecks
43 vi /etc/kolla/passwords.yml
44 vi /etc/kolla/globals.yml
45 kolla-ansible -i ./all-in-oneprechecks
46 kolla-ansible -i ./all-in-onedeploy
47 yum installcentos-release-openstack-train -y
48 yum installpython-openstackclient -y
49 kolla-ansible post-deploy
50 . /etc/kolla/admin-openrc.sh
51 . /usr/share/kolla-ansible/init-runonce
52 openstack server create --image cirros --flavor m1.tiny --key-name mykey --network demo-net demo1
53 openstack server list
54 history
[centos@openstack ~]$ cat/etc/kolla/globals.yml
---
# You can use this file to override _any_variable throughout Kolla.
# Additional options can be found in the
#'kolla-ansible/ansible/group_vars/all.yml' file. Default value of all the
# commented parameters are shown here, Tooverride the default value uncomment
# the parameter and change its value.
###############
# Kolla options
###############
# Valid options are [ COPY_ONCE,COPY_ALWAYS ]
#config_strategy: "COPY_ALWAYS"
# Valid options are ['centos', 'debian','rhel', 'ubuntu']
kolla_base_distro: "centos"
# Valid options are [ binary, source ]
kolla_install_type: "source"
# Valid option is Docker repository tag
openstack_release: "train"
# Location of configuration overrides
#node_custom_config:"/etc/kolla/config"
# This should be a VIP, an unused IP onyour network that will float between
# the hosts running keepalived forhigh-availability. If you want to run an
# All-In-One without haproxy andkeepalived, you can set enable_haproxy to no
# in "OpenStack options" section,and set this value to the IP of your
# 'network_interface' as set in theNetworking section below.p.
kolla_internal_vip_address: "10.0.0.227"
# This is the DNS name that maps to thekolla_internal_vip_address VIP. By
# default it is the same askolla_internal_vip_address.
#kolla_internal_fqdn: "{{kolla_internal_vip_address }}"
# This should be a VIP, an unused IP onyour network that will float between
# the hosts running keepalived forhigh-availability. It defaults to the
# kolla_internal_vip_address, allowinginternal and external communication to
# share the same address. Specify a kolla_external_vip_address toseparate
# internal and external requests betweentwo VIPs.
#kolla_external_vip_address: "{{kolla_internal_vip_address }}"
# The Public address used to communicatewith OpenStack as set in the public_url
# for the endpoints that will be created.This DNS name should map to
# kolla_external_vip_address.
#kolla_external_fqdn: "{{kolla_external_vip_address }}"
################
# Docker options
################
# Below is an example of a privaterepository with authentication. Note the
# Docker registry password can also be setin the passwords.yml file.
docker_registry: "manager:5000"
#docker_namespace: "companyname"
docker_registry_insecure: "yes"
#docker_registry_username: "sam"
#docker_registry_password: "correcthorsebatterystaple"
# Docker client timeout in seconds.
#docker_client_timeout: 120
#docker_configure_for_zun: "no"
###################
# Messaging options
###################
# Below is an example of an separatebackend that provides brokerless
# messaging for oslo.messaging RPCcommunications
#om_rpc_transport: "amqp"
#om_rpc_user: "{{ qdrouterd_user}}"
#om_rpc_password: "{{qdrouterd_password }}"
#om_rpc_port: "{{ qdrouterd_port}}"
#om_rpc_group: "qdrouterd"
##############################
# Neutron - Networking Options
##############################
# This interface is what all your apiservices will be bound to by default.
# Additionally, all vxlan/tunnel andstorage network traffic will go over this
# interface by default. This interface mustcontain an IP address.
# It is possible for hosts to havenon-matching names of interfaces - these can
# be set in an inventory file per host orper group or stored separately, see
# http://docs.ansible.com/ansible/intro_inventory.html
# Yet another way to workaround the namingproblem is to create a bond for the
# interface on all hosts and give the bondname here. Similar strategy can be
# followed for other types of interfaces.
network_interface: "eth0"
# These can be adjusted for even morecustomization. The default is the same as
# the 'network_interface'. These interfacesmust contain an IP address.
#kolla_external_vip_interface: "{{network_interface }}"
#api_interface: "{{ network_interface}}"
#storage_interface: "{{network_interface }}"
#cluster_interface: "{{network_interface }}"
#swift_storage_interface: "{{storage_interface }}"
#swift_replication_interface: "{{swift_storage_interface }}"
#tunnel_interface: "{{network_interface }}"
#dns_interface: "{{ network_interface}}"
#octavia_network_interface: "{{api_interface }}"
# Configure the address family (AF) pernetwork.
# Valid options are [ ipv4, ipv6 ]
#network_address_family: "ipv4"
#api_address_family: "{{network_address_family }}"
#storage_address_family: "{{network_address_family }}"
#cluster_address_family: "{{network_address_family }}"
#swift_storage_address_family: "{{storage_address_family }}"
#swift_replication_address_family: "{{swift_storage_address_family }}"
#migration_address_family: "{{network_address_family }}"
#tunnel_address_family: "{{network_address_family }}"
#octavia_network_address_family: "{{api_address_family }}"
#bifrost_network_address_family: "{{network_address_family }}"
#dns_address_family: "{{network_address_family }}"
# This is the raw interface given toneutron as its external network port. Even
# though an IP address can exist on thisinterface, it will be unusable in most
# configurations. It is recommended thisinterface not be configured with any IP
# addresses for that reason.
neutron_external_interface:"eth1"
# Valid options are [ openvswitch,linuxbridge, vmware_nsxv, vmware_nsxv3, vmware_dvs, opendaylight ]
# if vmware_nsxv3 is selected,enable_openvswitch MUST be set to "no" (default is yes)
#neutron_plugin_agent:"openvswitch"
# Valid options are [ internal, infoblox ]
#neutron_ipam_driver: "internal"
# Configure Neutron upgrade option,currently Kolla support
# two upgrade ways for Neutron:legacy_upgrade and rolling_upgrade
# The variable"neutron_enable_rolling_upgrade: yes" is meaning rolling_upgrade
# were enabled and opposite
# Neutron rolling upgrade were enable bydefault
#neutron_enable_rolling_upgrade:"yes"
####################
# keepalived options
####################
# Arbitrary unique number from 0..255
# This should be changed from the defaultin the event of a multi-region deployment
# where the VIPs of different regionsreside on a common subnet.
#keepalived_virtual_router_id:"51"
###################
# Dimension options
###################
# This is to provide an extra option todeploy containers with Resource constraints.
# We call it dimensions here.
# The dimensions for each container aredefined by a mapping, where each dimension value should be a
# string.
# Reference_Docs
# https://docs.docker.com/config/containers/resource_constraints/
# eg:
# _dimensions:
# blkio_weight:
# cpu_period:
# cpu_quota:
# cpu_shares:
# cpuset_cpus:
# cpuset_mems:
# mem_limit:
# mem_reservation:
# memswap_limit:
# kernel_memory:
# ulimits:
#############
# TLS options
#############
# To provide encryption and authenticationon the kolla_external_vip_interface,
# TLS can be enabled. When TLS is enabled, certificates must beprovided to
# allow clients to perform authentication.
#kolla_enable_tls_internal: "no"
#kolla_enable_tls_external: "{{kolla_enable_tls_internal if kolla_same_external_internal_vip | bool else 'no'}}"
#kolla_external_fqdn_cert: "{{node_config }}/certificates/haproxy.pem"
#kolla_internal_fqdn_cert: "{{node_config }}/certificates/haproxy-internal.pem"
#kolla_external_fqdn_cacert: "{{node_config }}/certificates/haproxy-ca.crt"
#kolla_internal_fqdn_cacert: "{{node_config }}/certificates/haproxy-ca-internal.crt"
################
# Region options
################
# Use this option to change the name ofthis region.
#openstack_region_name:"RegionOne"
# Use this option to define a list ofregion names - only needs to be configured
# in a multi-region deployment, and thenonly in the *first* region.
#multiple_regions_names: ["{{openstack_region_name }}"]
##############
# OpenDaylight
##############
#enable_opendaylight_qos: "no"
#enable_opendaylight_l3: "yes"
###################
# OpenStack options
###################
# Use these options to set the various loglevels across all OpenStack projects
# Valid options are [ True, False ]
#openstack_logging_debug: "False"
# Enable core OpenStack services. Thisincludes:
# glance, keystone, neutron, nova, heat,and horizon.
enable_openstack_core: "yes"
# These roles are required for Kolla to beoperation, however a savvy deployer
# could disable some of these requiredroles and run their own services.
#enable_glance: "{{enable_openstack_core | bool }}"
enable_haproxy: "no"
#enable_keepalived: "{{ enable_haproxy| bool }}"
#enable_keystone: "{{enable_openstack_core | bool }}"
#enable_mariadb: "yes"
#enable_memcached: "yes"
#enable_neutron: "{{enable_openstack_core | bool }}"
#enable_nova: "{{enable_openstack_core | bool }}"
#enable_rabbitmq: "{{ 'yes' ifom_rpc_transport == 'rabbit' or om_notify_transport == 'rabbit' else 'no'}}"
#enable_outward_rabbitmq: "{{enable_murano | bool }}"
# OpenStack services can be enabled ordisabled with these options
#enable_aodh: "no"
#enable_barbican: "no"
#enable_blazar: "no"
# NOTE: This variable has been deprecatedand will be removed in the U cycle.
#enable_cadf_notifications: "no"
#enable_ceilometer: "no"
#enable_ceilometer_ipmi: "no"
#enable_cells: "no"
#enable_central_logging: "no"
#enable_ceph: "no"
#enable_ceph_mds: "no"
#enable_ceph_rgw: "no"
#enable_ceph_nfs: "no"
#enable_ceph_dashboard: "{{enable_ceph | bool }}"
#enable_chrony: "yes"
enable_cinder: "no"
#enable_cinder_backup: "yes"
#enable_cinder_backend_hnas_nfs:"no"
#enable_cinder_backend_iscsi: "{{enable_cinder_backend_lvm | bool or enable_cinder_backend_zfssa_iscsi | bool}}"
#enable_cinder_backend_lvm: "no"
#enable_cinder_backend_nfs: "no"
#enable_cinder_backend_zfssa_iscsi: "no"
#enable_cinder_backend_quobyte:"no"
#enable_cloudkitty: "no"
#enable_collectd: "no"
#enable_congress: "no"
#enable_cyborg: "no"
#enable_designate: "no"
#enable_destroy_images: "no"
#enable_elasticsearch: "{{ 'yes' ifenable_central_logging | bool or enable_osprofiler | bool or enable_skydive |bool or enable_monasca | bool else 'no' }}"
#enable_etcd: "no"
#enable_fluentd: "yes"
#enable_freezer: "no"
#enable_gnocchi: "no"
#enable_grafana: "no"
#enable_heat: "{{enable_openstack_core | bool }}"
#enable_horizon: "{{enable_openstack_core | bool }}"
#enable_horizon_blazar: "{{enable_blazar | bool }}"
#enable_horizon_cloudkitty: "{{enable_cloudkitty | bool }}"
#enable_horizon_congress: "{{enable_congress | bool }}"
#enable_horizon_designate: "{{enable_designate | bool }}"
#enable_horizon_fwaas: "{{enable_neutron_fwaas | bool }}"
#enable_horizon_freezer: "{{enable_freezer | bool }}"
#enable_horizon_heat: "{{ enable_heat| bool }}"
#enable_horizon_ironic: "{{ enable_ironic| bool }}"
#enable_horizon_karbor: "{{enable_karbor | bool }}"
#enable_horizon_magnum: "{{enable_magnum | bool }}"
#enable_horizon_manila: "{{enable_manila | bool }}"
#enable_horizon_masakari: "{{enable_masakari | bool }}"
#enable_horizon_mistral: "{{enable_mistral | bool }}"
#enable_horizon_murano: "{{enable_murano | bool }}"
#enable_horizon_neutron_vpnaas: "{{enable_neutron_vpnaas | bool }}"
#enable_horizon_octavia: "{{enable_octavia | bool }}"
#enable_horizon_qinling: "{{enable_qinling | bool }}"
#enable_horizon_sahara: "{{enable_sahara | bool }}"
#enable_horizon_searchlight: "{{enable_searchlight | bool }}"
#enable_horizon_senlin: "{{enable_senlin | bool }}"
#enable_horizon_solum: "{{enable_solum | bool }}"
#enable_horizon_tacker: "{{enable_tacker | bool }}"
#enable_horizon_trove: "{{enable_trove | bool }}"
#enable_horizon_vitrage: "{{enable_vitrage | bool }}"
#enable_horizon_watcher: "{{enable_watcher | bool }}"
#enable_horizon_zun: "{{ enable_zun |bool }}"
#enable_hyperv: "no"
#enable_influxdb: "{{ enable_monasca |bool or (enable_cloudkitty | bool and cloudkitty_storage_backend == 'influxdb')}}"
#enable_ironic: "no"
#enable_ironic_ipxe: "no"
#enable_ironic_neutron_agent: "{{enable_neutron | bool and enable_ironic | bool }}"
#enable_ironic_pxe_uefi: "no"
#enable_iscsid: "{{ (enable_cinder |bool and enable_cinder_backend_iscsi | bool) or enable_ironic | bool }}"
#enable_karbor: "no"
#enable_kafka: "{{ enable_monasca |bool }}"
#enable_kibana: "{{ 'yes' ifenable_central_logging | bool or enable_monasca | bool else 'no' }}"
#enable_kuryr: "no"
#enable_magnum: "no"
#enable_manila: "no"
#enable_manila_backend_generic:"no"
#enable_manila_backend_hnas: "no"
#enable_manila_backend_cephfs_native:"no"
#enable_manila_backend_cephfs_nfs:"no"
#enable_mariabackup: "no"
#enable_masakari: "no"
#enable_mistral: "no"
#enable_monasca: "no"
#enable_mongodb: "no"
#enable_multipathd: "no"
#enable_murano: "no"
#enable_neutron_vpnaas: "no"
#enable_neutron_sriov: "no"
#enable_neutron_dvr: "no"
#enable_neutron_fwaas: "no"
#enable_neutron_qos: "no"
#enable_neutron_agent_ha: "no"
#enable_neutron_bgp_dragent: "no"
#enable_neutron_provider_networks:"no"
#enable_neutron_segments: "no"
#enable_neutron_sfc: "no"
#enable_neutron_metering: "no"
#enable_neutron_infoblox_ipam_agent:"no"
#enable_neutron_port_forwarding:"no"
#enable_nova_serialconsole_proxy:"no"
#enable_nova_ssh: "yes"
#enable_octavia: "no"
#enable_onos: "no"
#enable_opendaylight: "no"
#enable_openvswitch: "{{enable_neutron | bool and neutron_plugin_agent != 'linuxbridge' }}"
#enable_ovs_dpdk: "no"
#enable_osprofiler: "no"
#enable_panko: "no"
#enable_placement: "{{ enable_nova |bool or enable_zun | bool }}"
#enable_prometheus: "no"
#enable_qdrouterd: "{{ 'yes' ifom_rpc_transport == 'amqp' else 'no' }}"
#enable_qinling: "no"
#enable_rally: "no"
#enable_redis: "no"
#enable_sahara: "no"
#enable_searchlight: "no"
#enable_senlin: "no"
#enable_skydive: "no"
#enable_solum: "no"
#enable_storm: "{{ enable_monasca |bool }}"
#enable_swift: "no"
#enable_swift_s3api: "no"
#enable_tacker: "no"
#enable_telegraf: "no"
#enable_tempest: "no"
#enable_trove: "no"
#enable_trove_singletenant: "no"
#enable_vitrage: "no"
#enable_vmtp: "no"
#enable_watcher: "no"
#enable_zookeeper: "{{ enable_kafka |bool }}"
#enable_zun: "no"
##################
# RabbitMQ options
##################
# Options passed to RabbitMQ server startupscript via the
# RABBITMQ_SERVER_ADDITIONAL_ERL_ARGSenvironment var.
# See Kolla Ansible docs RabbitMQ sectionfor details.
# These are appended to args alreadyprovided by Kolla Ansible
# to configure IPv6 in RabbitMQ server.
#rabbitmq_server_additional_erl_args:""
##############
# Ceph options
##############
# Ceph can be setup with a caching toimprove performance. To use the cache you
# must provide separate disks than thosefor the OSDs
#ceph_enable_cache: "no"
# Set to no if using external Ceph withoutcephx.
#external_ceph_cephx_enabled:"yes"
# Ceph is not able to determine the size ofa cache pool automatically,
# so the configuration on the absolute sizeis required here, otherwise the flush/evict will not work.
#ceph_target_max_bytes: ""
#ceph_target_max_objects: ""
# Valid options are [ forward, none,writeback ]
#ceph_cache_mode: "writeback"
# A requirement for using the erasure-codedpools is you must setup a cache tier
# Valid options are [ erasure, replicated ]
#ceph_pool_type: "replicated"
# Integrate ceph rados object gateway withopenstack keystone
#enable_ceph_rgw_keystone: "no"
# Set the pgs and pgps for pool
# WARNING! These values are dependant onthe size and shape of your cluster -
# the default values are not suitable forproduction use. Please refer to the
# Kolla Ceph documentation for moreinformation.
#ceph_pool_pg_num: 8
#ceph_pool_pgp_num: 8
#############################
# Keystone - Identity Options
#############################
# Valid options are [ fernet ]
#keystone_token_provider: 'fernet'
#keystone_admin_user: "admin"
#keystone_admin_project: "admin"
# Interval to rotate fernet keys by (inseconds). Must be an interval of
# 60(1 min), 120(2 min), 180(3 min), 240(4min), 300(5 min), 360(6 min),
# 600(10 min), 720(12 min), 900(15 min),1200(20 min), 1800(30 min),
# 3600(1 hour), 7200(2 hour), 10800(3hour), 14400(4 hour), 21600(6 hour),
# 28800(8 hour), 43200(12 hour), 86400(1day), 604800(1 week).
#fernet_token_expiry: 86400
########################
# Glance - Image Options
########################
# Configure image backend.
#glance_backend_ceph: "no"
#glance_backend_file: "yes"
#glance_backend_swift: "no"
#glance_backend_vmware: "no"
#enable_glance_image_cache: "no"
# Configure glance upgrade option.
# Due to this feature being experimental inglance,
# the default value is "no".
#glance_enable_rolling_upgrade:"no"
####################
# Osprofiler options
####################
# valid values: ["elasticsearch","redis"]
#osprofiler_backend:"elasticsearch"
##################
# Barbican options
##################
# Valid options are [ simple_crypto,p11_crypto ]
#barbican_crypto_plugin:"simple_crypto"
#barbican_library_path:"/usr/lib/libCryptoki2_64.so"
################
## Panko options
################
# Valid options are [ mongodb, mysql ]
#panko_database_type: "mysql"
#################
# Gnocchi options
#################
# Valid options are [ file, ceph ]
#gnocchi_backend_storage: "{{ 'ceph'if enable_ceph|bool else 'file' }}"
# Valid options are [redis, '']
#gnocchi_incoming_storage: "{{ 'redis'if enable_redis | bool else '' }}"
################################
# Cinder - Block Storage Options
################################
# Enable / disable Cinder backends
#cinder_backend_ceph: "{{ enable_ceph}}"
#cinder_backend_vmwarevc_vmdk:"no"
#cinder_volume_group:"cinder-volumes"
# Valid options are [ '', redis, etcd ]
#cinder_coordination_backend: "{{'redis' if enable_redis|bool else 'etcd' if enable_etcd|bool else '' }}"
# Valid options are [ nfs, swift, ceph ]
#cinder_backup_driver: "ceph"
#cinder_backup_share: ""
#cinder_backup_mount_options_nfs:""
#######################
# Cloudkitty options
#######################
# Valid option is gnocchi
#cloudkitty_collector_backend:"gnocchi"
# Valid options are 'sqlalchemy' or'influxdb'. The default value is
# 'influxdb', which matches the default inCloudkitty since the Stein release.
# When the backend is "influxdb",we also enable Influxdb.
# Also, when using 'influxdb' as thebackend, we trigger the configuration/use
# of Cloudkitty storage backend version 2.
#cloudkitty_storage_backend:"influxdb"
###################
# Designate options
###################
# Valid options are [ bind9 ]
#designate_backend: "bind9"
#designate_ns_record:"sample.openstack.org"
# Valid options are [ '', redis, etcd ]
#designate_coordination_backend: "{{'redis' if enable_redis|bool else 'etcd' if enable_etcd|bool else '' }}"
########################
# Nova - Compute Options
########################
#nova_backend_ceph: "{{ enable_ceph}}"
# Valid options are [ qemu, kvm, vmware,xenapi ]
nova_compute_virt_type: "qemu"
# The number of fake driver per computenode
#num_nova_fake_per_node: 5
# The flag "nova_safety_upgrade"need to be consider when
# "nova_enable_rolling_upgrade"is enabled. The "nova_safety_upgrade"
# controls whether the nova services areall stopped before rolling
# upgrade to the new version, for thesafety and availability.
# If "nova_safety_upgrade" is"yes", that will stop all nova services (except
# nova-compute) for no failed APIoperations before upgrade to the
# new version. And opposite.
#nova_safety_upgrade: "no"
# Valid options are [ none, novnc, spice,rdp ]
#nova_console: "novnc"
#################
# Hyper-V options
#################
# Hyper-V can be used as hypervisor
#hyperv_username: "user"
#hyperv_password: "password"
#vswitch_name: "vswitch"
# URL from which Nova Hyper-V MSI isdownloaded
#nova_msi_url:"https://www.cloudbase.it/downloads/HyperVNovaCompute_Beta.msi"
#############################
# Horizon - Dashboard Options
#############################
#horizon_backend_database: "{{enable_murano | bool }}"
#############################
# Ironic options
#############################
# dnsmasq bind interface for IronicInspector, by default is network_interface
#ironic_dnsmasq_interface: "{{network_interface }}"
# The following value must be set whenenabling ironic,
# the value format is"192.168.0.10,192.168.0.100".
#ironic_dnsmasq_dhcp_range:
# PXE bootloader file for Ironic Inspector,relative to /tftpboot.
#ironic_dnsmasq_boot_file:"pxelinux.0"
# Configure ironic upgrade option, due tocurrently kolla support
# two upgrade ways for ironic:legacy_upgrade and rolling_upgrade
# The variable"ironic_enable_rolling_upgrade: yes" is meaning rolling_upgrade
# were enabled and opposite
# Rolling upgrade were enable by default
#ironic_enable_rolling_upgrade:"yes"
# List of extra kernel parameters passed tothe kernel used during inspection
#ironic_inspector_kernel_cmdline_extras: []
######################################
# Manila - Shared File Systems Options
######################################
# HNAS backend configuration
#hnas_ip:
#hnas_user:
#hnas_password:
#hnas_evs_id:
#hnas_evs_ip:
#hnas_file_system_name:
################################
# Swift - Object Storage Options
################################
# Swift expects block devices to be availablefor storage. Two types of storage
# are supported: 1 - storage device with aspecial partition name and filesystem
# label, 2 - unpartitioned disk with a filesystem. The label of thisfilesystem
# is used to detect the disk which Swiftwill be using.
# Swift support two matching modes, validoptions are [ prefix, strict ]
#swift_devices_match_mode:"strict"
# This parameter defines matching pattern:if "strict" mode was selected,
# for swift_devices_match_mode thenswift_device_name should specify the name of
# the special swift partition for example:"KOLLA_SWIFT_DATA", if "prefix" mode was
# selected then swift_devices_name shouldspecify a pattern which would match to
# filesystems' labels prepared for swift.
#swift_devices_name:"KOLLA_SWIFT_DATA"
# Configure swift upgrade option, due tocurrently kolla support
# two upgrade ways for swift:legacy_upgrade and rolling_upgrade
# The variable"swift_enable_rolling_upgrade: yes" is meaning rolling_upgrade
# were enabled and opposite
# Rolling upgrade were enable by default
#swift_enable_rolling_upgrade:"yes"
################################################
# Tempest - The OpenStack Integration TestSuite
################################################
# The following values must be set whenenabling tempest
#tempest_image_id:
#tempest_flavor_ref_id:
#tempest_public_network_id:
#tempest_floating_network_name:
# tempest_image_alt_id: "{{tempest_image_id }}"
# tempest_flavor_ref_alt_id: "{{tempest_flavor_ref_id }}"
###################################
# VMware - OpenStack VMware support
###################################
#vmware_vcenter_host_ip:
#vmware_vcenter_host_username:
#vmware_vcenter_host_password:
#vmware_datastore_name:
#vmware_vcenter_name:
#vmware_vcenter_cluster_name:
#######################################
# XenAPI - Support XenAPI for XenServer
#######################################
# XenAPI driver use HIMN(Host InternalManagement Network)
# to communicate with XenServer host.
#xenserver_himn_ip:
#xenserver_username:
#xenserver_connect_protocol:
############
# Prometheus
############
#enable_prometheus_haproxy_exporter:"{{ enable_haproxy | bool }}"
#enable_prometheus_mysqld_exporter:"{{ enable_mariadb | bool }}"
#enable_prometheus_node_exporter: "{{enable_prometheus | bool }}"
#enable_prometheus_cadvisor: "{{enable_prometheus | bool }}"
#enable_prometheus_memcached: "{{enable_prometheus | bool }}"
#enable_prometheus_alertmanager: "{{enable_prometheus | bool }}"
#enable_prometheus_ceph_mgr_exporter:"{{ enable_prometheus | bool and enable_ceph | bool }}"
#enable_prometheus_openstack_exporter:"{{ enable_prometheus | bool }}"
#enable_prometheus_elasticsearch_exporter:"{{ enable_prometheus | bool and enable_elasticsearch | bool }}"
#enable_prometheus_blackbox_exporter:"{{ enable_prometheus | bool }}"
# List of extra parameters passed toprometheus. You can add as many to the list.
#prometheus_cmdline_extras:
#########
# Freezer
#########
# Freezer can utilize two differentdatabase backends, elasticsearch or mariadb.
# Elasticsearch is preferred, however it isnot compatible with the version deployed
# by kolla-ansible. You must first setup anexternal elasticsearch with 2.3.0.
# By default, kolla-ansible deployedmariadb is the used database backend.
#freezer_database_backend:"mariadb"
##########
# Telegraf
##########
# Configure telegraf to use the dockerdaemon itself as an input for
# telemetry data.
#telegraf_enable_docker_input: "no"
[centos@openstack ~]$