通过kolla部署openstack(all-in-one)

本文为大概个人用kolla搭建openstack思路,有问题敬请指正

前期准备(其实就为连个ssh)

#!/bin/bash

sed -i's/^#\?PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config

sed -i's/^#\?PasswordAuthentication.*/PasswordAuthentication yes/g'/etc/ssh/sshd_config

service sshd restart

echo student | passwd --stdin root

sed -i "/^SELINUX/s/enforcing/disabled/g"/etc/selinux/config

hostnamectl set-hostname openstack

创建实例(带ssh秘钥)

安全组


ip route add 172.17.144.0/22 via10.10.10.254


172.17.147.32



mkdir .pip

vi .pip/pip.conf

内容为:

[global]

index-url =https://pypi.tuna.tsinghua.edu.cn/simple


[install]

trusted-host=mirrors.aliyun.com





vi key.pem


-----BEGIN RSA PRIVATE KEY-----

MIIEowIBAAKCAQEA4QOlN12/BIOmHScBTHdPyTh1Xnq6ursE7D97l7iC9zcNLP3j

RvLU17Qyh/nwehTWxFfv1hH044ZLbGUdgmPZPunryFU8Gm+7t1YGTEWJwLiZPxEV

rKdMFSjAC+F5DO+Q9f1v5/1QOHf88r0vjpvQIdWbckjApa8gwA0H6BSPIcUNvZpY

2XyTPsp0MZGe/r5Gj+y1VLnE+3lcBEUqGDlGiPqxxdsuAnpixJKWvWx/DtN7ZMzz

COWLKqfIc0P3YpEcoEwNhzcdrCyU02StkdnA4vppNo2XU5LHntzu2+50KURXBygH

0Jo+lfI0jLW9Ff0G42AEZH1ah6km8VPlLgzX3QIDAQABAoIBAD7EDo0QKF1w/6A4

JiOXUHk3t32gTIAT9P6VgrtCq72b7J/1PjWnPPnieQn3DT5wm6vvP6Z+IcppxpY4

6m9ZvNrQ04VxSS+ypTEx3NXfu9o3Y//0mxArJozsbg2iWmriVJRZmqKixYLK7ZMk

dKSaEAewFwldA+fznvYTbHYvbfGkCNT/462Sb1sjuO1Tt38e6LKcu83JLcEsrk7V

zQqnPmMEAn4e/97bpeahhedlaQnDdvNdHAMVOr/xbF3tcqYUnnKhYyDQUe3C/MD8

bWQEGtoNTsqFPzTZBdxN79ewf5Iagnx29UH7Gb4SysFuwcyXJr2m1YuNwSMnNHdC

egfHDj0CgYEA/4RsVfFTqEDIjFnl+wGeiQzG8yfk236PMRcVyQXfpgUNs+SxMbmv

SCz7qa0x2ODbOLgkw2ZePMs/B7waKFB3xfSk/7NyiTQGcyRlba/zMFTCb06ctlvU

7lMAWTc2ySAwNgcMqVZyxjgtDp1Tp/VI0EcRzrx3rOoKI94BzLkOXjsCgYEA4XB4

SoA5NIRijsA0lZhnguZe/ETR8yGpPXzx0i+9XDO8S0aSPhNHP89RZ5UFW/xq/vu/

n3N1goiiJjVvvB3NYCXAmZgtHtoTzsEr1O4+sPUrxGolXj4icNpSvrUODYAbslSK

3qOZj7xikK50iToQsEM/nXWszTWKoMqoITETSMcCgYAXLbMKJMca9y16FdmX6HCy

K/eMLS1Ef/mLUXXHc4HzNHgmvnMYeKie2n3FyZFBBDy+q22iUBHyX9mK4RRaXdpP

mb6x91xHd/Gx1jZhOdnMo5OztyTeIfxx1hOtBCYzHnlhHUiXv+DPfF8R+VGSZdzC

EABciZotlFlxIX12Tb8w6wKBgBmCmJoVmGOQ93Yf2dNzw4LUfrsdLoTMslH66YJX

VJ4yXIRIIBRWKiHWW+fUvR6Dmbfw1OY+MnXq8C5Sraoj1TGkE/9NcQ2kr8kdotAd

hYqQs7suJ7xaW5tZmTNrWYO9k2TCnFRFPwM81gp5M0a0A19uvKwcvMkb3ewEArJ+

0yfRAoGBALLJ84hnkvj5EsdAJh1tU0wpachIvLFzNVgxfm7D684brZH8fc8jFlMT

XlfMsxTQXfNASUZ/WrHjPd4GPS4ihzTsaZReehz6P/r6KriYmI1X4i5J/3M13Hk7

ywcA6AMlT7kpu91kNY2Cp61z2k2VsQIpaxRYlMj+ZyT/qh2Pagln

-----END RSA PRIVATE KEY-----



ssh -i key.pem [email protected]


 

通过kolla部署openstack(all-in-one)

参考:

kolla:

https://docs.openstack.org/project-deploy-guide/kolla-ansible/train/

docker:

https://docs.docker.com/install/linux/docker-ce/centos/


1 更新系统

yum update -y

reboot


2 安装docker-ce

21 追加路由(网关地址10.0.0.254根据实际网络修改)

ip route add 172.17.144.0/22 via 10.0.0.254


22 安装docker-ce

yum remove docker \

                 docker-client \

                 docker-client-latest \

                 docker-common \

                 docker-latest \

                 docker-latest-logrotate \

                 docker-logrotate \

                 docker-engine  -y


yum install -y yum-utils \

 device-mapper-persistent-data \

  lvm2 -y


yum-config-manager \

    --add-repo \

https://download.docker.com/linux/centos/docker-ce.repo


yum install docker-ce docker-ce-cli containerd.io -y

systemctl start docker

systemctl enable docker

3 部署准备

31 修改主机名

hostnamectl set-hostname openstack

32 修改/etc/hosts

追加:

172.17.141.200 manager

10.0.0.167   openstack

#10.0.0.167根据实际地址修改

vi /etc/hosts


33 修改/etc/docker/daemon.json(配置使用本地镜像仓库)

[root@openstack~]#vi /etc/docker/daemon.json

[root@openstack~]#cat /etc/docker/daemon.json

{

    "insecure-registries":[

       "manager:5000"

    ],

    "log-opts": {

        "max-file": "5",

        "max-size": "50m"

    }

}


34 重启docker

 

systemctl restart docker


4 安装kolla and kolla-ansible

41 Install Python builddependencies

yum install python-devel libffi-devel gcc openssl-devellibselinux-python -y

 

easy_install pip


pip install -U pip


yum install ansible -y


pip install kolla-ansible

可能错误1:

  Attempting uninstall: requests

    Found existing installation: requests 2.6.0

ERROR:Cannot uninstall 'requests'. It is a distutils installed project and thus wecannot accurately determine which files belong to it which would lead to only apartial uninstall.

解决办法:卸载requests

rpm -qa|grep requests

yum erase python-requests -y

反馈信息如下:

ResolvingDependencies

-->Running transaction check

--->Package python-requests.noarch 0:2.6.0-8.el7_7 will be erased

-->Processing Dependency: python-requests for package:cloud-init-18.5-3.el7.centos.x86_64

-->Running transaction check

--->Package cloud-init.x86_64 0:18.5-3.el7.centos will be erased

-->Finished Dependency Resolution


DependenciesResolved


======================================================================================================================

 Package                        Arch                  Version                           Repository               Size

======================================================================================================================

Removing:

 python-requests                noarch                2.6.0-8.el7_7                     @updates                344 k

Removingfor dependencies:

 cloud-init                     x86_64                18.5-3.el7.centos                 @base                   3.0 M


TransactionSummary

======================================================================================================================

Remove  1 Package (+1 Dependent package)


Installedsize: 3.3 M

Isthis ok [y/N]: y

Downloadingpackages:

Runningtransaction check

Runningtransaction test

Transactiontest succeeded

Runningtransaction

  Erasing   : cloud-init-18.5-3.el7.centos.x86_64                                                               1/2

  Erasing   : python-requests-2.6.0-8.el7_7.noarch                                                               2/2

  Verifying : python-requests-2.6.0-8.el7_7.noarch                                                              1/2

  Verifying : cloud-init-18.5-3.el7.centos.x86_64                                                                2/2


Removed:

  python-requests.noarch 0:2.6.0-8.el7_7                                                                             


DependencyRemoved:

  cloud-init.x86_64 0:18.5-3.el7.centos                                                                               


Complete!

重新执行安装:

pip install kolla-ansible

可能错误2:

  Attempting uninstall: PyYAML

    Found existing installation: PyYAML 3.10

ERROR:Cannot uninstall 'PyYAML'. It is a distutils installed project and thus we cannotaccurately determine which files belong to it which would lead to only apartial uninstall.

解决办法:卸载PyYAML

rpm -qa|grep PyYAML

yum erase PyYAML

...

Removed:

  PyYAML.x86_64 0:3.10-11.el7                                                                                        

DependencyRemoved:

  ansible.noarch 0:2.4.2.0-2.el7  

再次重新执行安装:

pip install kolla-ansible

...

Successfullyinstalled PyYAML-5.3 cffi-1.14.0 cryptography-2.8 iso8601-0.1.12 jmespath-0.9.5kolla-ansible-9.0.1 monotonic-1.5 netaddr-0.7.19 netifaces-0.10.9oslo.config-7.0.0 oslo.utils-3.42.1 pyparsing-2.4.6 rfc3986-1.3.2setuptools-44.0.0

46  ReInstall ansible

pip install ansible

...

Successfullyinstalled ansible-2.9.6

可见从原来的2.4.2.0-2.el7更新为ansible-2.9.6


5 创建配置文件夹、拷贝文件

51 Create the /etc/kolladirectory and change owner

mkdir -p /etc/kolla

chown $USER:$USER /etc/kolla


52 Copy globals.yml andpasswords.yml to /etc/kolla directory.

cp -r /usr/share/kolla-ansible/etc_examples/kolla/* /etc/kolla


53 Copy all-in-one and multinodeinventory files to the current directory.

cp /usr/share/kolla-ansible/ansible/inventory/*  .


6 配置Configure Ansible

61

修改/etc/ansible/ansible.cfg,追加如下内容:

mkdir /etc/ansible

vi /etc/ansible/ansible.cfg

[defaults]

host_key_checking=False

pipelining=True

forks=100


62 Inventory

63 Kolla passwords

执行如下命令,创建密码文件:

kolla-genpwd

查看生成的密码文件:

cat/etc/kolla/passwords.yml

修改密码文件:

vi /etc/kolla/passwords.yml

通过/快速定位修改。

为方便后续管理,可修改相关用户密码。

比如:

database_password: student

keystone_admin_password: student

rabbitmq_password: student

64 Kolla globals.yml

vi /etc/kolla/globals.yml

 

需要修改的配置选项解释:

#Image

options(配置发行版本)

kolla_base_distro: "centos"

kolla_install_type: "source"

openstack_release: "train"

#配置镜像仓库:

docker_registry: "manager:5000"


docker_registry_insecure: "yes"

配置网络接口:

network_interface: "eth0"

neutron_external_interface: "eth1"


#配置额外支持的服务

enable_cinder:

"no"


#配置openstack核心服务(默认支持)

enable_openstack_core: "yes"

#配置虚拟ip

kolla_internal_vip_address: "10.0.0.167"



#These roles are required for Kolla to be operation, however a savvy deployer

#could disable some of these required roles and run their own services.

#enable_glance:"{{ enable_openstack_core | bool }}"

#all-in-one安装,禁用haproxy

enable_haproxy: "no"


#Valid options are [ qemu, kvm, vmware, xenapi ]

#由于嵌套虚拟化(在虚拟机里部署openstack),配置

nova_compute_virt_type: "qemu"


修改配置文件,按上述解读配置相关选项:

vi /etc/kolla/globals.yml


7 部署Deployment

Afterconfiguration is set, we can proceed to the deployment phase. First we need tosetup basic host-level dependencies, like docker.


Kolla-Ansibleprovides a playbook that will install all required services in the correctversions.


Thefollowing assumes the use of the multinode inventory. If using a differentinventory, such as all-in-one, replace the -i argument accordingly.


    For deployment or evaluation, run:

针对部署或测试环境,执行如下命令:

#Bootstrap servers with kolladeploy dependencies:

#安装部署依赖包

#定位all-in-one文件

locate all-in-one

yum installmlocate -y

updatedb

locate all-in-one

拷贝文件all-in-one到当前目录:

cp/usr/share/kolla-ansible/ansible/inventory/all-in-one .

kolla-ansible -i ./all-in-one bootstrap-servers

#Dopre-deployment checks for hosts:

#部署前检查

kolla-ansible -i ./all-in-one prechecks

#Finally proceed to actualOpenStack deployment:

#部署

kolla-ansible -i ./all-in-one deploy

8 完成部署并使用openstack

81#Install the OpenStack CLIclient:

yuminstall centos-release-openstack-train -y

yuminstall python-openstackclient -y

kolla-ansible post-deploy

. /etc/kolla/admin-openrc.sh


 82创建网络、镜像、规格等    

  . /usr/share/kolla-ansible/init-runonce

 83创建虚拟机

  openstack server create\

    --image cirros \

    --flavor m1.tiny \

    --key-name mykey \

    --network demo-net \

demo1

失败

[if !vml]

[endif]

原因:MTU

补充配置:(在安装配置网络服务时,需要在控制节点补充如下配置)

由于openstack in openstack部署,网络mtu需要设置,将默认的mtu=1500改为1450.

修改配置文件/etc/kolla/neutron-openvswitch-agent/neutron.conf

vi/etc/kolla/neutron-openvswitch-agent/neutron.conf


[DEFAULT]

global_physnet_mtu =1450

[if !vml]

[endif]

修改配置文件/etc/neutron/plugins/ml2/ml2_conf.ini


[ml2]

path_mtu = 1450

[if !vml]

[endif]

将修改好的文件复制到/etc/kolla/neutron-server文件夹下

cp /etc/kolla/neutron-openvswitch-agent/neutron.conf /etc/kolla/neutron-server/

cp  /etc/kolla/neutron-openvswitch-agent/ ml2_conf.ini /etc/kolla/neutron-server/

重启neutron_server和neutron_openvswitch_agent容器

docker restartneutron_server

docker restartneutron_openvswitch_agent

重新部署实例

openstackserver create \

    --image cirros \

    --flavor m1.tiny \

    --key-name mykey \

    --network demo-net \

demo1

[if !vml]

[endif]

 84运维

  查看相关资源

  openstack service list

  openstack image list

  openstack network list

  openstack server list

  或者浏览器访问

  http://10.0.0.167



  查看日志log:     

cd /var/log/kolla

查看配置文件Config:

cd /etc/kolla/







1  vi.pip/pip.conf

   2  ls

   3  mkdir .pip

   4  vi .pip/pip.conf

   5  yum remove docker                   docker-client                   docker-client-latest                   docker-common                   docker-latest                   docker-latest-logrotate                   docker-logrotate                   docker-engine  -y

   6  yum install -y yum-utils   device-mapper-persistent-data   lvm2 -y

   7  yum-config-manager     --add-repohttps://download.docker.com/linux/centos/docker-ce.repo

   8  yum install docker-cedocker-ce-cli containerd.io -y

   9  systemctl start docker

  10  hostnamectl set-hostnameopenstack

  11  vi /etc/hosts

  12  vi /etc/docker/daemon.json

  13  systemctl restart docker

  14  yum install python-devellibffi-devel gcc openssl-devel libselinux-python -y

  15  easy_install pip

  16  pip install -U pip

  17  pip install kolla-ansible

  18  rpm -qa|grep requests

  19  yum erase python-requests -y

  20  pip install kolla-ansible

  21  rpm -qa|grep PyYAML

  22  yum erase PyYAML

  23  pip install kolla-ansible

  24  pip install ansible

  25  mkdir -p /etc/kolla

  26  chown $USER:$USER /etc/kolla

  27  cp -r/usr/share/kolla-ansible/etc_examples/kolla/* /etc/kolla

  28  cp/usr/share/kolla-ansible/ansible/inventory/* .

  29  vi /etc/ansible/ansible.cfg

  30  mkdir /etc/ansible

  31  vi /etc/ansible/ansible.cfg

  32  kolla-genpwd

  33  vi /etc/kolla/passwords.yml

  34  vi /etc/kolla/globals.yml

  35  locate all-in-one

  36  yum install mlocate -y

  37  updatedb

  38  locate all-in-one

  39  cp /usr/share/kolla-ansible/ansible/inventory/all-in-one.

  40  ls

  41  kolla-ansible -i ./all-in-onebootstrap-servers

  42  kolla-ansible -i ./all-in-oneprechecks

  43  vi /etc/kolla/passwords.yml

  44  vi /etc/kolla/globals.yml

  45  kolla-ansible -i ./all-in-oneprechecks

  46  kolla-ansible -i ./all-in-onedeploy

  47  yum installcentos-release-openstack-train -y

  48  yum installpython-openstackclient -y

  49  kolla-ansible post-deploy

  50  .  /etc/kolla/admin-openrc.sh

  51  . /usr/share/kolla-ansible/init-runonce

  52  openstack server create     --image cirros     --flavor m1.tiny     --key-name mykey     --network demo-net     demo1

  53  openstack server list

  54  history



[centos@openstack ~]$ cat/etc/kolla/globals.yml

---

# You can use this file to override _any_variable throughout Kolla.

# Additional options can be found in the

#'kolla-ansible/ansible/group_vars/all.yml' file. Default value of all the

# commented parameters are shown here, Tooverride the default value uncomment

# the parameter and change its value.


###############

# Kolla options

###############

# Valid options are [ COPY_ONCE,COPY_ALWAYS ]

#config_strategy: "COPY_ALWAYS"


# Valid options are ['centos', 'debian','rhel', 'ubuntu']

kolla_base_distro: "centos"


# Valid options are [ binary, source ]

kolla_install_type: "source"


# Valid option is Docker repository tag

openstack_release: "train"


# Location of configuration overrides

#node_custom_config:"/etc/kolla/config"


# This should be a VIP, an unused IP onyour network that will float between

# the hosts running keepalived forhigh-availability. If you want to run an

# All-In-One without haproxy andkeepalived, you can set enable_haproxy to no

# in "OpenStack options" section,and set this value to the IP of your

# 'network_interface' as set in theNetworking section below.p.

kolla_internal_vip_address: "10.0.0.227"


# This is the DNS name that maps to thekolla_internal_vip_address VIP. By

# default it is the same askolla_internal_vip_address.

#kolla_internal_fqdn: "{{kolla_internal_vip_address }}"


# This should be a VIP, an unused IP onyour network that will float between

# the hosts running keepalived forhigh-availability. It defaults to the

# kolla_internal_vip_address, allowinginternal and external communication to

# share the same address.  Specify a kolla_external_vip_address toseparate

# internal and external requests betweentwo VIPs.

#kolla_external_vip_address: "{{kolla_internal_vip_address }}"


# The Public address used to communicatewith OpenStack as set in the public_url

# for the endpoints that will be created.This DNS name should map to

# kolla_external_vip_address.

#kolla_external_fqdn: "{{kolla_external_vip_address }}"


################

# Docker options

################

# Below is an example of a privaterepository with authentication. Note the

# Docker registry password can also be setin the passwords.yml file.


docker_registry: "manager:5000"

#docker_namespace: "companyname"

docker_registry_insecure: "yes"

#docker_registry_username: "sam"

#docker_registry_password: "correcthorsebatterystaple"

# Docker client timeout in seconds.

#docker_client_timeout: 120


#docker_configure_for_zun: "no"


###################

# Messaging options

###################

# Below is an example of an separatebackend that provides brokerless

# messaging for oslo.messaging RPCcommunications


#om_rpc_transport: "amqp"

#om_rpc_user: "{{ qdrouterd_user}}"

#om_rpc_password: "{{qdrouterd_password }}"

#om_rpc_port: "{{ qdrouterd_port}}"

#om_rpc_group: "qdrouterd"



##############################

# Neutron - Networking Options

##############################

# This interface is what all your apiservices will be bound to by default.

# Additionally, all vxlan/tunnel andstorage network traffic will go over this

# interface by default. This interface mustcontain an IP address.

# It is possible for hosts to havenon-matching names of interfaces - these can

# be set in an inventory file per host orper group or stored separately, see

#    http://docs.ansible.com/ansible/intro_inventory.html

# Yet another way to workaround the namingproblem is to create a bond for the

# interface on all hosts and give the bondname here. Similar strategy can be

# followed for other types of interfaces.

network_interface: "eth0"


# These can be adjusted for even morecustomization. The default is the same as

# the 'network_interface'. These interfacesmust contain an IP address.

#kolla_external_vip_interface: "{{network_interface }}"

#api_interface: "{{ network_interface}}"

#storage_interface: "{{network_interface }}"

#cluster_interface: "{{network_interface }}"

#swift_storage_interface: "{{storage_interface }}"

#swift_replication_interface: "{{swift_storage_interface }}"

#tunnel_interface: "{{network_interface }}"

#dns_interface: "{{ network_interface}}"

#octavia_network_interface: "{{api_interface }}"


# Configure the address family (AF) pernetwork.

# Valid options are [ ipv4, ipv6 ]

#network_address_family: "ipv4"

#api_address_family: "{{network_address_family }}"

#storage_address_family: "{{network_address_family }}"

#cluster_address_family: "{{network_address_family }}"

#swift_storage_address_family: "{{storage_address_family }}"

#swift_replication_address_family: "{{swift_storage_address_family }}"

#migration_address_family: "{{network_address_family }}"

#tunnel_address_family: "{{network_address_family }}"

#octavia_network_address_family: "{{api_address_family }}"

#bifrost_network_address_family: "{{network_address_family }}"

#dns_address_family: "{{network_address_family }}"


# This is the raw interface given toneutron as its external network port. Even

# though an IP address can exist on thisinterface, it will be unusable in most

# configurations. It is recommended thisinterface not be configured with any IP

# addresses for that reason.

neutron_external_interface:"eth1"


# Valid options are [ openvswitch,linuxbridge, vmware_nsxv, vmware_nsxv3, vmware_dvs, opendaylight ]

# if vmware_nsxv3 is selected,enable_openvswitch MUST be set to "no" (default is yes)

#neutron_plugin_agent:"openvswitch"


# Valid options are [ internal, infoblox ]

#neutron_ipam_driver: "internal"


# Configure Neutron upgrade option,currently Kolla support

# two upgrade ways for Neutron:legacy_upgrade and rolling_upgrade

# The variable"neutron_enable_rolling_upgrade: yes" is meaning rolling_upgrade

# were enabled and opposite

# Neutron rolling upgrade were enable bydefault

#neutron_enable_rolling_upgrade:"yes"



####################

# keepalived options

####################

# Arbitrary unique number from 0..255

# This should be changed from the defaultin the event of a multi-region deployment

# where the VIPs of different regionsreside on a common subnet.

#keepalived_virtual_router_id:"51"


###################

# Dimension options

###################

# This is to provide an extra option todeploy containers with Resource constraints.

# We call it dimensions here.

# The dimensions for each container aredefined by a mapping, where each dimension value should be a

# string.

# Reference_Docs

# https://docs.docker.com/config/containers/resource_constraints/

# eg:

# _dimensions:

#   blkio_weight:

#   cpu_period:

#   cpu_quota:

#   cpu_shares:

#   cpuset_cpus:

#   cpuset_mems:

#   mem_limit:

#   mem_reservation:

#   memswap_limit:

#    kernel_memory:

#   ulimits:



#############

# TLS options

#############

# To provide encryption and authenticationon the kolla_external_vip_interface,

# TLS can be enabled.  When TLS is enabled, certificates must beprovided to

# allow clients to perform authentication.

#kolla_enable_tls_internal: "no"

#kolla_enable_tls_external: "{{kolla_enable_tls_internal if kolla_same_external_internal_vip | bool else 'no'}}"

#kolla_external_fqdn_cert: "{{node_config }}/certificates/haproxy.pem"

#kolla_internal_fqdn_cert: "{{node_config }}/certificates/haproxy-internal.pem"

#kolla_external_fqdn_cacert: "{{node_config }}/certificates/haproxy-ca.crt"

#kolla_internal_fqdn_cacert: "{{node_config }}/certificates/haproxy-ca-internal.crt"


################

# Region options

################

# Use this option to change the name ofthis region.

#openstack_region_name:"RegionOne"


# Use this option to define a list ofregion names - only needs to be configured

# in a multi-region deployment, and thenonly in the *first* region.

#multiple_regions_names: ["{{openstack_region_name }}"]


##############

# OpenDaylight

##############

#enable_opendaylight_qos: "no"

#enable_opendaylight_l3: "yes"


###################

# OpenStack options

###################

# Use these options to set the various loglevels across all OpenStack projects

# Valid options are [ True, False ]

#openstack_logging_debug: "False"


# Enable core OpenStack services. Thisincludes:

# glance, keystone, neutron, nova, heat,and horizon.

enable_openstack_core: "yes"


# These roles are required for Kolla to beoperation, however a savvy deployer

# could disable some of these requiredroles and run their own services.

#enable_glance: "{{enable_openstack_core | bool }}"

enable_haproxy: "no"

#enable_keepalived: "{{ enable_haproxy| bool }}"

#enable_keystone: "{{enable_openstack_core | bool }}"

#enable_mariadb: "yes"

#enable_memcached: "yes"

#enable_neutron: "{{enable_openstack_core | bool }}"

#enable_nova: "{{enable_openstack_core | bool }}"

#enable_rabbitmq: "{{ 'yes' ifom_rpc_transport == 'rabbit' or om_notify_transport == 'rabbit' else 'no'}}"

#enable_outward_rabbitmq: "{{enable_murano | bool }}"


# OpenStack services can be enabled ordisabled with these options

#enable_aodh: "no"

#enable_barbican: "no"

#enable_blazar: "no"

# NOTE: This variable has been deprecatedand will be removed in the U cycle.

#enable_cadf_notifications: "no"

#enable_ceilometer: "no"

#enable_ceilometer_ipmi: "no"

#enable_cells: "no"

#enable_central_logging: "no"

#enable_ceph: "no"

#enable_ceph_mds: "no"

#enable_ceph_rgw: "no"

#enable_ceph_nfs: "no"

#enable_ceph_dashboard: "{{enable_ceph | bool }}"

#enable_chrony: "yes"

enable_cinder: "no"

#enable_cinder_backup: "yes"

#enable_cinder_backend_hnas_nfs:"no"

#enable_cinder_backend_iscsi: "{{enable_cinder_backend_lvm | bool or enable_cinder_backend_zfssa_iscsi | bool}}"

#enable_cinder_backend_lvm: "no"

#enable_cinder_backend_nfs: "no"

#enable_cinder_backend_zfssa_iscsi: "no"

#enable_cinder_backend_quobyte:"no"

#enable_cloudkitty: "no"

#enable_collectd: "no"

#enable_congress: "no"

#enable_cyborg: "no"

#enable_designate: "no"

#enable_destroy_images: "no"

#enable_elasticsearch: "{{ 'yes' ifenable_central_logging | bool or enable_osprofiler | bool or enable_skydive |bool or enable_monasca | bool else 'no' }}"

#enable_etcd: "no"

#enable_fluentd: "yes"

#enable_freezer: "no"

#enable_gnocchi: "no"

#enable_grafana: "no"

#enable_heat: "{{enable_openstack_core | bool }}"

#enable_horizon: "{{enable_openstack_core | bool }}"

#enable_horizon_blazar: "{{enable_blazar | bool }}"

#enable_horizon_cloudkitty: "{{enable_cloudkitty | bool }}"

#enable_horizon_congress: "{{enable_congress | bool }}"

#enable_horizon_designate: "{{enable_designate | bool }}"

#enable_horizon_fwaas: "{{enable_neutron_fwaas | bool }}"

#enable_horizon_freezer: "{{enable_freezer | bool }}"

#enable_horizon_heat: "{{ enable_heat| bool }}"

#enable_horizon_ironic: "{{ enable_ironic| bool }}"

#enable_horizon_karbor: "{{enable_karbor | bool }}"

#enable_horizon_magnum: "{{enable_magnum | bool }}"

#enable_horizon_manila: "{{enable_manila | bool }}"

#enable_horizon_masakari: "{{enable_masakari | bool }}"

#enable_horizon_mistral: "{{enable_mistral | bool }}"

#enable_horizon_murano: "{{enable_murano | bool }}"

#enable_horizon_neutron_vpnaas: "{{enable_neutron_vpnaas | bool }}"

#enable_horizon_octavia: "{{enable_octavia | bool }}"

#enable_horizon_qinling: "{{enable_qinling | bool }}"

#enable_horizon_sahara: "{{enable_sahara | bool }}"

#enable_horizon_searchlight: "{{enable_searchlight | bool }}"

#enable_horizon_senlin: "{{enable_senlin | bool }}"

#enable_horizon_solum: "{{enable_solum | bool }}"

#enable_horizon_tacker: "{{enable_tacker | bool }}"

#enable_horizon_trove: "{{enable_trove | bool }}"

#enable_horizon_vitrage: "{{enable_vitrage | bool }}"

#enable_horizon_watcher: "{{enable_watcher | bool }}"

#enable_horizon_zun: "{{ enable_zun |bool }}"

#enable_hyperv: "no"

#enable_influxdb: "{{ enable_monasca |bool or (enable_cloudkitty | bool and cloudkitty_storage_backend == 'influxdb')}}"

#enable_ironic: "no"

#enable_ironic_ipxe: "no"

#enable_ironic_neutron_agent: "{{enable_neutron | bool and enable_ironic | bool }}"

#enable_ironic_pxe_uefi: "no"

#enable_iscsid: "{{ (enable_cinder |bool and enable_cinder_backend_iscsi | bool) or enable_ironic | bool }}"

#enable_karbor: "no"

#enable_kafka: "{{ enable_monasca |bool }}"

#enable_kibana: "{{ 'yes' ifenable_central_logging | bool or enable_monasca | bool else 'no' }}"

#enable_kuryr: "no"

#enable_magnum: "no"

#enable_manila: "no"

#enable_manila_backend_generic:"no"

#enable_manila_backend_hnas: "no"

#enable_manila_backend_cephfs_native:"no"

#enable_manila_backend_cephfs_nfs:"no"

#enable_mariabackup: "no"

#enable_masakari: "no"

#enable_mistral: "no"

#enable_monasca: "no"

#enable_mongodb: "no"

#enable_multipathd: "no"

#enable_murano: "no"

#enable_neutron_vpnaas: "no"

#enable_neutron_sriov: "no"

#enable_neutron_dvr: "no"

#enable_neutron_fwaas: "no"

#enable_neutron_qos: "no"

#enable_neutron_agent_ha: "no"

#enable_neutron_bgp_dragent: "no"

#enable_neutron_provider_networks:"no"

#enable_neutron_segments: "no"

#enable_neutron_sfc: "no"

#enable_neutron_metering: "no"

#enable_neutron_infoblox_ipam_agent:"no"

#enable_neutron_port_forwarding:"no"

#enable_nova_serialconsole_proxy:"no"

#enable_nova_ssh: "yes"

#enable_octavia: "no"

#enable_onos: "no"

#enable_opendaylight: "no"

#enable_openvswitch: "{{enable_neutron | bool and neutron_plugin_agent != 'linuxbridge' }}"

#enable_ovs_dpdk: "no"

#enable_osprofiler: "no"

#enable_panko: "no"

#enable_placement: "{{ enable_nova |bool or enable_zun | bool }}"

#enable_prometheus: "no"

#enable_qdrouterd: "{{ 'yes' ifom_rpc_transport == 'amqp' else 'no' }}"

#enable_qinling: "no"

#enable_rally: "no"

#enable_redis: "no"

#enable_sahara: "no"

#enable_searchlight: "no"

#enable_senlin: "no"

#enable_skydive: "no"

#enable_solum: "no"

#enable_storm: "{{ enable_monasca |bool }}"

#enable_swift: "no"

#enable_swift_s3api: "no"

#enable_tacker: "no"

#enable_telegraf: "no"

#enable_tempest: "no"

#enable_trove: "no"

#enable_trove_singletenant: "no"

#enable_vitrage: "no"

#enable_vmtp: "no"

#enable_watcher: "no"

#enable_zookeeper: "{{ enable_kafka |bool }}"

#enable_zun: "no"


##################

# RabbitMQ options

##################

# Options passed to RabbitMQ server startupscript via the

# RABBITMQ_SERVER_ADDITIONAL_ERL_ARGSenvironment var.

# See Kolla Ansible docs RabbitMQ sectionfor details.

# These are appended to args alreadyprovided by Kolla Ansible

# to configure IPv6 in RabbitMQ server.

#rabbitmq_server_additional_erl_args:""


##############

# Ceph options

##############

# Ceph can be setup with a caching toimprove performance. To use the cache you

# must provide separate disks than thosefor the OSDs

#ceph_enable_cache: "no"


# Set to no if using external Ceph withoutcephx.

#external_ceph_cephx_enabled:"yes"


# Ceph is not able to determine the size ofa cache pool automatically,

# so the configuration on the absolute sizeis required here, otherwise the flush/evict will not work.

#ceph_target_max_bytes: ""

#ceph_target_max_objects: ""


# Valid options are [ forward, none,writeback ]

#ceph_cache_mode: "writeback"


# A requirement for using the erasure-codedpools is you must setup a cache tier

# Valid options are [ erasure, replicated ]

#ceph_pool_type: "replicated"


# Integrate ceph rados object gateway withopenstack keystone

#enable_ceph_rgw_keystone: "no"


# Set the pgs and pgps for pool

# WARNING! These values are dependant onthe size and shape of your cluster -

# the default values are not suitable forproduction use. Please refer to the

# Kolla Ceph documentation for moreinformation.

#ceph_pool_pg_num: 8

#ceph_pool_pgp_num: 8


#############################

# Keystone - Identity Options

#############################


# Valid options are [ fernet ]

#keystone_token_provider: 'fernet'


#keystone_admin_user: "admin"


#keystone_admin_project: "admin"


# Interval to rotate fernet keys by (inseconds). Must be an interval of

# 60(1 min), 120(2 min), 180(3 min), 240(4min), 300(5 min), 360(6 min),

# 600(10 min), 720(12 min), 900(15 min),1200(20 min), 1800(30 min),

# 3600(1 hour), 7200(2 hour), 10800(3hour), 14400(4 hour), 21600(6 hour),

# 28800(8 hour), 43200(12 hour), 86400(1day), 604800(1 week).

#fernet_token_expiry: 86400



########################

# Glance - Image Options

########################

# Configure image backend.

#glance_backend_ceph: "no"

#glance_backend_file: "yes"

#glance_backend_swift: "no"

#glance_backend_vmware: "no"

#enable_glance_image_cache: "no"

# Configure glance upgrade option.

# Due to this feature being experimental inglance,

# the default value is "no".

#glance_enable_rolling_upgrade:"no"


####################

# Osprofiler options

####################

# valid values: ["elasticsearch","redis"]

#osprofiler_backend:"elasticsearch"


##################

# Barbican options

##################

# Valid options are [ simple_crypto,p11_crypto ]

#barbican_crypto_plugin:"simple_crypto"

#barbican_library_path:"/usr/lib/libCryptoki2_64.so"


################

## Panko options

################

# Valid options are [ mongodb, mysql ]

#panko_database_type: "mysql"


#################

# Gnocchi options

#################

# Valid options are [ file, ceph ]

#gnocchi_backend_storage: "{{ 'ceph'if enable_ceph|bool else 'file' }}"


# Valid options are [redis, '']

#gnocchi_incoming_storage: "{{ 'redis'if enable_redis | bool else '' }}"


################################

# Cinder - Block Storage Options

################################

# Enable / disable Cinder backends

#cinder_backend_ceph: "{{ enable_ceph}}"

#cinder_backend_vmwarevc_vmdk:"no"

#cinder_volume_group:"cinder-volumes"

# Valid options are [ '', redis, etcd ]

#cinder_coordination_backend: "{{'redis' if enable_redis|bool else 'etcd' if enable_etcd|bool else '' }}"


# Valid options are [ nfs, swift, ceph ]

#cinder_backup_driver: "ceph"

#cinder_backup_share: ""

#cinder_backup_mount_options_nfs:""


#######################

# Cloudkitty options

#######################

# Valid option is gnocchi

#cloudkitty_collector_backend:"gnocchi"

# Valid options are 'sqlalchemy' or'influxdb'. The default value is

# 'influxdb', which matches the default inCloudkitty since the Stein release.

# When the backend is "influxdb",we also enable Influxdb.

# Also, when using 'influxdb' as thebackend, we trigger the configuration/use

# of Cloudkitty storage backend version 2.

#cloudkitty_storage_backend:"influxdb"


###################

# Designate options

###################

# Valid options are [ bind9 ]

#designate_backend: "bind9"

#designate_ns_record:"sample.openstack.org"

# Valid options are [ '', redis, etcd ]

#designate_coordination_backend: "{{'redis' if enable_redis|bool else 'etcd' if enable_etcd|bool else '' }}"


########################

# Nova - Compute Options

########################

#nova_backend_ceph: "{{ enable_ceph}}"


# Valid options are [ qemu, kvm, vmware,xenapi ]

nova_compute_virt_type: "qemu"


# The number of fake driver per computenode

#num_nova_fake_per_node: 5


# The flag "nova_safety_upgrade"need to be consider when

# "nova_enable_rolling_upgrade"is enabled. The "nova_safety_upgrade"

# controls whether the nova services areall stopped before rolling

# upgrade to the new version, for thesafety and availability.

# If "nova_safety_upgrade" is"yes", that will stop all nova services (except

# nova-compute) for no failed APIoperations before upgrade to the

# new version. And opposite.

#nova_safety_upgrade: "no"


# Valid options are [ none, novnc, spice,rdp ]

#nova_console: "novnc"


#################

# Hyper-V options

#################

# Hyper-V can be used as hypervisor

#hyperv_username: "user"

#hyperv_password: "password"

#vswitch_name: "vswitch"

# URL from which Nova Hyper-V MSI isdownloaded

#nova_msi_url:"https://www.cloudbase.it/downloads/HyperVNovaCompute_Beta.msi"


#############################

# Horizon - Dashboard Options

#############################

#horizon_backend_database: "{{enable_murano | bool }}"


#############################

# Ironic options

#############################

# dnsmasq bind interface for IronicInspector, by default is network_interface

#ironic_dnsmasq_interface: "{{network_interface }}"

# The following value must be set whenenabling ironic,

# the value format is"192.168.0.10,192.168.0.100".

#ironic_dnsmasq_dhcp_range:

# PXE bootloader file for Ironic Inspector,relative to /tftpboot.

#ironic_dnsmasq_boot_file:"pxelinux.0"


# Configure ironic upgrade option, due tocurrently kolla support

# two upgrade ways for ironic:legacy_upgrade and rolling_upgrade

# The variable"ironic_enable_rolling_upgrade: yes" is meaning rolling_upgrade

# were enabled and opposite

# Rolling upgrade were enable by default

#ironic_enable_rolling_upgrade:"yes"


# List of extra kernel parameters passed tothe kernel used during inspection

#ironic_inspector_kernel_cmdline_extras: []


######################################

# Manila - Shared File Systems Options

######################################

# HNAS backend configuration

#hnas_ip:

#hnas_user:

#hnas_password:

#hnas_evs_id:

#hnas_evs_ip:

#hnas_file_system_name:


################################

# Swift - Object Storage Options

################################

# Swift expects block devices to be availablefor storage. Two types of storage

# are supported: 1 - storage device with aspecial partition name and filesystem

# label, 2 - unpartitioned disk  with a filesystem. The label of thisfilesystem

# is used to detect the disk which Swiftwill be using.


# Swift support two matching modes, validoptions are [ prefix, strict ]

#swift_devices_match_mode:"strict"


# This parameter defines matching pattern:if "strict" mode was selected,

# for swift_devices_match_mode thenswift_device_name should specify the name of

# the special swift partition for example:"KOLLA_SWIFT_DATA", if "prefix" mode was

# selected then swift_devices_name shouldspecify a pattern which would match to

# filesystems' labels prepared for swift.

#swift_devices_name:"KOLLA_SWIFT_DATA"


# Configure swift upgrade option, due tocurrently kolla support

# two upgrade ways for swift:legacy_upgrade and rolling_upgrade

# The variable"swift_enable_rolling_upgrade: yes" is meaning rolling_upgrade

# were enabled and opposite

# Rolling upgrade were enable by default

#swift_enable_rolling_upgrade:"yes"



################################################

# Tempest - The OpenStack Integration TestSuite

################################################

# The following values must be set whenenabling tempest

#tempest_image_id:

#tempest_flavor_ref_id:

#tempest_public_network_id:

#tempest_floating_network_name:


# tempest_image_alt_id: "{{tempest_image_id }}"

# tempest_flavor_ref_alt_id: "{{tempest_flavor_ref_id }}"


###################################

# VMware - OpenStack VMware support

###################################

#vmware_vcenter_host_ip:

#vmware_vcenter_host_username:

#vmware_vcenter_host_password:

#vmware_datastore_name:

#vmware_vcenter_name:

#vmware_vcenter_cluster_name:


#######################################

# XenAPI - Support XenAPI for XenServer

#######################################

# XenAPI driver use HIMN(Host InternalManagement Network)

# to communicate with XenServer host.

#xenserver_himn_ip:

#xenserver_username:

#xenserver_connect_protocol:


############

# Prometheus

############

#enable_prometheus_haproxy_exporter:"{{ enable_haproxy | bool }}"

#enable_prometheus_mysqld_exporter:"{{ enable_mariadb | bool }}"

#enable_prometheus_node_exporter: "{{enable_prometheus | bool }}"

#enable_prometheus_cadvisor: "{{enable_prometheus | bool }}"

#enable_prometheus_memcached: "{{enable_prometheus | bool }}"

#enable_prometheus_alertmanager: "{{enable_prometheus | bool }}"

#enable_prometheus_ceph_mgr_exporter:"{{ enable_prometheus | bool and enable_ceph | bool }}"

#enable_prometheus_openstack_exporter:"{{ enable_prometheus | bool }}"

#enable_prometheus_elasticsearch_exporter:"{{ enable_prometheus | bool and enable_elasticsearch | bool }}"

#enable_prometheus_blackbox_exporter:"{{ enable_prometheus | bool }}"


# List of extra parameters passed toprometheus. You can add as many to the list.

#prometheus_cmdline_extras:


#########

# Freezer

#########

# Freezer can utilize two differentdatabase backends, elasticsearch or mariadb.

# Elasticsearch is preferred, however it isnot compatible with the version deployed

# by kolla-ansible. You must first setup anexternal elasticsearch with 2.3.0.

# By default, kolla-ansible deployedmariadb is the used database backend.

#freezer_database_backend:"mariadb"


##########

# Telegraf

##########

# Configure telegraf to use the dockerdaemon itself as an input for

# telemetry data.

#telegraf_enable_docker_input: "no"

[centos@openstack ~]$

你可能感兴趣的:(通过kolla部署openstack(all-in-one))