上传这篇实战性文档是因为一个同行想让我手把手地教他部署OpenStack平台。
用Kolla-Ansible在线部署OpenStack平台,其实就像用 yum 或 apt 在线安装Linux的软件包一样,只不过Kolla-Ansible作为一个部署工具用到的是 Python 小工具罢了。
这次实验的底本是我去年研究Kolla项目时用到的一个参考案例,因为当时没做记录忘记那篇博客的作者是谁了,自己的是在cnblog上的。
本次文档正文的内容如下:
一 OS基础环境准备
[googlebigtable@localhost Downloads]$ whoami
googlebigtable
[googlebigtable@localhost Downloads]$ pwd -P
/home/googlebigtable/Downloads
[googlebigtable@localhost Downloads]$ echo $PATH
/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin:/home/googlebigtable/.local/bin:/home/googlebigtable/bin
[googlebigtable@localhost Downloads]$ su root
Password:
[root@localhost Downloads]# whoami
root
[root@localhost Downloads]# pwd -P
/home/googlebigtable/Downloads
[root@localhost Downloads]# echo $PATH
/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin:/home/googlebigtable/.local/bin:/home/googlebigtable/bin
[root@localhost Downloads]# ls -F
initCentOS7aliYUM.sh* VMwareTools-10.3.10-13959562.tar.gz vmware-tools-distrib/
[root@localhost Downloads]# ll
total 55116
-rwxrwxrwx. 1 googlebigtable googlebigtable 1252 Jun 16 23:13 initCentOS7aliYUM.sh
-rw-rw-r--. 1 googlebigtable googlebigtable 56431201 Jun 13 2019 VMwareTools-10.3.10-13959562.tar.gz
drwxr-xr-x. 9 googlebigtable googlebigtable 145 Jun 13 2019 vmware-tools-distrib
[root@localhost Downloads]#
[root@localhost Downloads]# ./initCentOS7aliYUM.sh
[root@localhost Downloads]# ifconfig
ens33: flags=4163
inet 192.168.207.173 netmask 255.255.255.0 broadcast 192.168.207.255
inet6 fe80::cd7f:e05c:e677:a2c1 prefixlen 64 scopeid 0x20
ether 00:0c:29:f0:61:86 txqueuelen 1000 (Ethernet)
RX packets 923 bytes 1168039 (1.1 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 435 bytes 33553 (32.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens38: flags=4163
inet 192.168.207.174 netmask 255.255.255.0 broadcast 192.168.207.255
inet6 fe80::610f:959e:7c4e:1ddf prefixlen 64 scopeid 0x20
ether 00:0c:29:f0:61:90 txqueuelen 1000 (Ethernet)
RX packets 45 bytes 6499 (6.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 35 bytes 5004 (4.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
virbr0: flags=4099
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether 52:54:00:8e:f4:fc txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost Downloads]# hostnamectl set-hostname queens
[root@localhost Downloads]# hostnamectl status
Static hostname: queens
Icon name: computer-vm
Chassis: vm
Machine ID: 4967404345494f5fbfb2194fce499588
Boot ID: 5fa3effb5624421287d6fe6cc12691c2
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-1127.18.2.el7.x86_64
Architecture: x86-64
[root@localhost Downloads]#
[root@localhost Downloads]# systemctl stop NetworkManager
[root@localhost Downloads]# systemctl disable NetworkManager
Removed symlink /etc/systemd/system/multi-user.target.wants/NetworkManager.service.
Removed symlink /etc/systemd/system/dbus-org.freedesktop.NetworkManager.service.
Removed symlink /etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service.
Removed symlink /etc/systemd/system/network-online.target.wants/NetworkManager-wait-online.service.
[root@localhost Downloads]# systemctl status NetworkManager
● NetworkManager.service - Network Manager
Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; disabled; vendor preset: enabled)
Active: inactive (dead) since Thu 2020-08-06 14:18:05 CST; 14s ago
Docs: man:NetworkManager(8)
Process: 3395 ExecStart=/usr/sbin/NetworkManager --no-daemon (code=exited, status=0/SUCCESS)
Main PID: 3395 (code=exited, status=0/SUCCESS)
Aug 06 14:18:05 queens NetworkManager[3395]:
Aug 06 14:18:05 queens NetworkManager[3395]:
Aug 06 14:18:05 queens NetworkManager[3395]:
Aug 06 14:18:05 queens NetworkManager[3395]:
Aug 06 14:18:05 queens NetworkManager[3395]:
Aug 06 14:18:05 queens NetworkManager[3395]:
Aug 06 14:18:05 queens NetworkManager[3395]:
Aug 06 14:18:05 queens NetworkManager[3395]:
Aug 06 14:18:05 queens NetworkManager[3395]:
Aug 06 14:18:05 queens systemd[1]: Stopped Network Manager.
[root@localhost Downloads]#
[root@localhost Downloads]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
[root@localhost Downloads]# /usr/sbin/sestatus -v
SELinux status: disabled
【查看本机虚拟化支持状态,用一下任一命令即可】
[root@localhost Downloads]# egrep "vmx|svm" /proc/cpuinfo
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc art rep_good nopl tsc_reliable nonstop_tsc extd_apicid eagerfpu pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw perfctr_core retpoline_amd ssbd ibpb vmmcall fsgsbase bmi1 avx2 smep bmi2 rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec clzero arat npt svm_lock nrip_save vmcb_clean flushbyasid decodeassists overflow_recov succor
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc art rep_good nopl tsc_reliable nonstop_tsc extd_apicid eagerfpu pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw perfctr_core retpoline_amd ssbd ibpb vmmcall fsgsbase bmi1 avx2 smep bmi2 rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec clzero arat npt svm_lock nrip_save vmcb_clean flushbyasid decodeassists overflow_recov succor
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc art rep_good nopl tsc_reliable nonstop_tsc extd_apicid eagerfpu pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw perfctr_core retpoline_amd ssbd ibpb vmmcall fsgsbase bmi1 avx2 smep bmi2 rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec clzero arat npt svm_lock nrip_save vmcb_clean flushbyasid decodeassists overflow_recov succor
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc art rep_good nopl tsc_reliable nonstop_tsc extd_apicid eagerfpu pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw perfctr_core retpoline_amd ssbd ibpb vmmcall fsgsbase bmi1 avx2 smep bmi2 rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec clzero arat npt svm_lock nrip_save vmcb_clean flushbyasid decodeassists overflow_recov succor
[root@localhost Downloads]# grep -E -o 'vmx|svm' /proc/cpuinfo
svm
svm
svm
svm
svm
svm
svm
svm
[root@localhost Downloads]# lsmod | grep kvm
kvm_amd 2177304 0
kvm 636965 1 kvm_amd
irqbypass 13503 1 kvm
[root@localhost Downloads]# grep "flags" /proc/cpuinfo
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc art rep_good nopl tsc_reliable nonstop_tsc extd_apicid eagerfpu pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw perfctr_core retpoline_amd ssbd ibpb vmmcall fsgsbase bmi1 avx2 smep bmi2 rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec clzero arat npt svm_lock nrip_save vmcb_clean flushbyasid decodeassists overflow_recov succor
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc art rep_good nopl tsc_reliable nonstop_tsc extd_apicid eagerfpu pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw perfctr_core retpoline_amd ssbd ibpb vmmcall fsgsbase bmi1 avx2 smep bmi2 rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec clzero arat npt svm_lock nrip_save vmcb_clean flushbyasid decodeassists overflow_recov succor
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc art rep_good nopl tsc_reliable nonstop_tsc extd_apicid eagerfpu pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw perfctr_core retpoline_amd ssbd ibpb vmmcall fsgsbase bmi1 avx2 smep bmi2 rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec clzero arat npt svm_lock nrip_save vmcb_clean flushbyasid decodeassists overflow_recov succor
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc art rep_good nopl tsc_reliable nonstop_tsc extd_apicid eagerfpu pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw perfctr_core retpoline_amd ssbd ibpb vmmcall fsgsbase bmi1 avx2 smep bmi2 rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec clzero arat npt svm_lock nrip_save vmcb_clean flushbyasid decodeassists overflow_recov succor
[root@localhost Downloads]# egrep -s "(vmx|svm)" /proc/cpuinfo
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc art rep_good nopl tsc_reliable nonstop_tsc extd_apicid eagerfpu pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw perfctr_core retpoline_amd ssbd ibpb vmmcall fsgsbase bmi1 avx2 smep bmi2 rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec clzero arat npt svm_lock nrip_save vmcb_clean flushbyasid decodeassists overflow_recov succor
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc art rep_good nopl tsc_reliable nonstop_tsc extd_apicid eagerfpu pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw perfctr_core retpoline_amd ssbd ibpb vmmcall fsgsbase bmi1 avx2 smep bmi2 rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec clzero arat npt svm_lock nrip_save vmcb_clean flushbyasid decodeassists overflow_recov succor
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc art rep_good nopl tsc_reliable nonstop_tsc extd_apicid eagerfpu pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw perfctr_core retpoline_amd ssbd ibpb vmmcall fsgsbase bmi1 avx2 smep bmi2 rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec clzero arat npt svm_lock nrip_save vmcb_clean flushbyasid decodeassists overflow_recov succor
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc art rep_good nopl tsc_reliable nonstop_tsc extd_apicid eagerfpu pni pclmulqdq ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw perfctr_core retpoline_amd ssbd ibpb vmmcall fsgsbase bmi1 avx2 smep bmi2 rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec clzero arat npt svm_lock nrip_save vmcb_clean flushbyasid decodeassists overflow_recov succor
[root@localhost Downloads]#
二 安装Kolla-Ansible-OpenStack的必要依赖软件包
[root@localhost Downloads]# yum install epel-release
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
100%[===========================================================================================================>] 2,640 --.-K/s in 0s
2020-08-06 14:38:15 (1.07 GB/s) - ‘/etc/yum.repos.d/docker-ce.repo’ saved [2640/2640]
[root@localhost Downloads]# yum install -y docker-ce
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
Dependencies Resolved
Installing:
docker-ce x86_64 3:19.03.12-3.el7 docker-ce-stable 24 M
Installing for dependencies:
container-selinux noarch 2:2.119.2-1.911c772.el7_8 extras 40 k
containerd.io x86_64 1.2.13-3.2.el7 docker-ce-stable 25 M
docker-ce-cli x86_64 1:19.03.12-3.el7 docker-ce-stable 38 M
Install 1 Package (+3 Dependent packages)
Total 5.7 MB/s | 88 MB 00:00:15
Retrieving key from https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
Importing GPG key 0x621E9F35:
Userid : "Docker Release (CE rpm)
Fingerprint: 060a 61c5 1b55 8a7f 742b 77aa c52f eb6b 621e 9f35
From : https://mirrors.aliyun.com/docker-ce/linux/centos/gpg
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : 2:container-selinux-2.119.2-1.911c772.el7_8.noarch 1/4
setsebool: SELinux is disabled.
Installing : containerd.io-1.2.13-3.2.el7.x86_64 2/4
Installing : 1:docker-ce-cli-19.03.12-3.el7.x86_64 3/4
Installing : 3:docker-ce-19.03.12-3.el7.x86_64 4/4
Verifying : 1:docker-ce-cli-19.03.12-3.el7.x86_64 1/4
Verifying : 3:docker-ce-19.03.12-3.el7.x86_64 2/4
Verifying : containerd.io-1.2.13-3.2.el7.x86_64 3/4
Verifying : 2:container-selinux-2.119.2-1.911c772.el7_8.noarch 4/4
Installed:
docker-ce.x86_64 3:19.03.12-3.el7
Dependency Installed:
container-selinux.noarch 2:2.119.2-1.911c772.el7_8 containerd.io.x86_64 0:1.2.13-3.2.el7 docker-ce-cli.x86_64 1:19.03.12-3.el7
Complete!
[root@localhost Downloads]#
【配置docker】
[root@localhost Downloads]# mkdir /etc/systemd/system/docker.service.d
[root@localhost Downloads]# tee /etc/systemd/system/docker.service.d/kolla.conf << 'EOF'
[Service]
MountFlags=shared
EOF
[Service]
MountFlags=shared
[root@localhost Downloads]# gedit /usr/lib/systemd/system/docker.service
[root@localhost Downloads]# cat -n /usr/lib/systemd/system/docker.service | grep "ExecStart=/usr/bin/dockerd"
14 # ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
15 ExecStart=/usr/bin/dockerd --registry-mirror=http://f2d6cb40.m.daocloud.io --storage-driver=overlay2
[root@localhost Downloads]#
[root@localhost Downloads]# systemctl daemon-reload
[root@localhost Downloads]# systemctl restart docker
[root@localhost Downloads]# systemctl enable docker
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[root@localhost Downloads]# systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/docker.service.d
└─kolla.conf
Active: active (running) since Thu 2020-08-06 14:47:41 CST; 19s ago
Docs: https://docs.docker.com
Main PID: 15049 (dockerd)
CGroup: /system.slice/docker.service
└─15049 /usr/bin/dockerd --registry-mirror=http://f2d6cb40.m.daocloud.io --storage-driver=overlay2
Aug 06 14:47:41 queens dockerd[15049]: time="2020-08-06T14:47:41.122083617+08:00" level=info msg="scheme \"unix\" not registered, fallback...ule=grpc
Aug 06 14:47:41 queens dockerd[15049]: time="2020-08-06T14:47:41.122097173+08:00" level=info msg="ccResolverWrapper: sending update to cc:...ule=grpc
Aug 06 14:47:41 queens dockerd[15049]: time="2020-08-06T14:47:41.122125886+08:00" level=info msg="ClientConn switching balancer to \"pick_...ule=grpc
Aug 06 14:47:41 queens dockerd[15049]: time="2020-08-06T14:47:41.141777295+08:00" level=info msg="Loading containers: start."
Aug 06 14:47:41 queens dockerd[15049]: time="2020-08-06T14:47:41.301905206+08:00" level=info msg="Default bridge (docker0) is assigned wit...address"
Aug 06 14:47:41 queens dockerd[15049]: time="2020-08-06T14:47:41.348066992+08:00" level=info msg="Loading containers: done."
Aug 06 14:47:41 queens dockerd[15049]: time="2020-08-06T14:47:41.365263970+08:00" level=info msg="Docker daemon" commit=48a66213fe graphdr...19.03.12
Aug 06 14:47:41 queens dockerd[15049]: time="2020-08-06T14:47:41.365539161+08:00" level=info msg="Daemon has completed initialization"
Aug 06 14:47:41 queens dockerd[15049]: time="2020-08-06T14:47:41.382483505+08:00" level=info msg="API listen on /var/run/docker.sock"
Aug 06 14:47:41 queens systemd[1]: Started Docker Application Container Engine.
Hint: Some lines were ellipsized, use -l to show in full.
[root@localhost Downloads]# docker info
Client:
Debug Mode: false
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 19.03.12
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 7ad184331fa3e55e52b890ea95e65ba581ae3429
runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-1127.18.2.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 7.62GiB
Name: queens
ID: Q7XP:46UW:WMHX:L25B:7XVZ:QX5Q:CZ2D:EBE3:HQ3J:X5DK:YDZN:KBS7
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Registry Mirrors:
http://f2d6cb40.m.daocloud.io/
Live Restore Enabled: false
[root@localhost Downloads]#
三 安装ansible
[root@localhost Downloads]# pip install --upgrade pip
Collecting pip
Downloading https://files.pythonhosted.org/packages/bd/b1/56a834acdbe23b486dea16aaf4c27ed28eb292695b90d01dff96c96597de/pip-20.2.1-py2.py3-none-any.whl (1.5MB)
100% |████████████████████████████████| 1.5MB 54kB/s
Installing collected packages: pip
Found existing installation: pip 8.1.2
Uninstalling pip-8.1.2:
Successfully uninstalled pip-8.1.2
Successfully installed pip-20.2.1
[root@localhost Downloads]# yum -y install ansible
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
Dependencies Resolved
Installing:
ansible noarch 2.9.10-1.el7 epel 17 M
Installing for dependencies:
python-babel noarch 0.9.6-8.el7 base 1.4 M
python-jinja2 noarch 2.7.2-4.el7 base 519 k
python-markupsafe x86_64 0.11-10.el7 base 25 k
python-paramiko noarch 2.1.1-9.el7 base 269 k
python2-httplib2 noarch 0.18.1-3.el7 epel 125 k
python2-jmespath noarch 0.9.4-2.el7 epel 41 k
sshpass x86_64 1.06-2.el7 extras 21 k
Install 1 Package (+7 Dependent packages)
Total 5.1 MB/s | 20 MB 00:00:03
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : sshpass-1.06-2.el7.x86_64 1/8
Installing : python2-httplib2-0.18.1-3.el7.noarch 2/8
Installing : python-babel-0.9.6-8.el7.noarch 3/8
Installing : python2-jmespath-0.9.4-2.el7.noarch 4/8
Installing : python-paramiko-2.1.1-9.el7.noarch 5/8
Installing : python-markupsafe-0.11-10.el7.x86_64 6/8
Installing : python-jinja2-2.7.2-4.el7.noarch 7/8
Installing : ansible-2.9.10-1.el7.noarch 8/8
Verifying : python-markupsafe-0.11-10.el7.x86_64 1/8
Verifying : ansible-2.9.10-1.el7.noarch 2/8
Verifying : python-paramiko-2.1.1-9.el7.noarch 3/8
Verifying : python2-jmespath-0.9.4-2.el7.noarch 4/8
Verifying : python-babel-0.9.6-8.el7.noarch 5/8
Verifying : python2-httplib2-0.18.1-3.el7.noarch 6/8
Verifying : sshpass-1.06-2.el7.x86_64 7/8
Verifying : python-jinja2-2.7.2-4.el7.noarch 8/8
Installed:
ansible.noarch 0:2.9.10-1.el7
Dependency Installed:
python-babel.noarch 0:0.9.6-8.el7 python-jinja2.noarch 0:2.7.2-4.el7 python-markupsafe.x86_64 0:0.11-10.el7
python-paramiko.noarch 0:2.1.1-9.el7 python2-httplib2.noarch 0:0.18.1-3.el7 python2-jmespath.noarch 0:0.9.4-2.el7
sshpass.x86_64 0:1.06-2.el7
Complete!
[root@localhost Downloads]#
[root@localhost Downloads]# git clone https://github.com/openstack/kolla-ansible -b stable/queens
Cloning into 'kolla-ansible'...
remote: Enumerating objects: 908, done.
remote: Counting objects: 100% (908/908), done.
remote: Compressing objects: 100% (627/627), done.
remote: Total 112062 (delta 514), reused 453 (delta 276), pack-reused 111154
Receiving objects: 100% (112062/112062), 20.60 MiB | 327.00 KiB/s, done.
Resolving deltas: 100% (73466/73466), done.
[root@localhost Downloads]# ls -F
epel-release-latest-7.noarch.rpm initCentOS7aliYUM.sh* VMwareTools-10.3.10-13959562.tar.gz
google-chrome-stable_current_x86_64.rpm kolla-ansible/ vmware-tools-distrib/
[root@localhost Downloads]# cd kolla-ansible/
[root@localhost kolla-ansible]# ls -F
ansible/ contrib/ doc/ kolla_ansible/ README.rst requirements.txt setup.py test-requirements.txt tools/
bindep.txt deploy-guide/ etc/ LICENSE releasenotes/ setup.cfg specs/ tests/ tox.ini
[root@localhost kolla-ansible]#
[root@localhost kolla-ansible]# tree -L 2 etc/
etc/
└── kolla
├── globals.yml
└── passwords.yml
1 directory, 2 files
[root@localhost kolla-ansible]#
[root@localhost kolla-ansible]# cp -r etc/kolla/ /etc/kolla/
[root@localhost kolla-ansible]# ls -F /etc/ | grep "kolla"
kolla/
[root@localhost kolla-ansible]# tree -L 3 /etc/k
kdump.conf kernel/ kolla/ krb5.conf krb5.conf.d/ ksmtuned.conf
[root@localhost kolla-ansible]# tree -L 3 /etc/kolla/
/etc/kolla/
├── globals.yml
└── passwords.yml
0 directories, 2 files
[root@localhost kolla-ansible]#
[root@localhost kolla-ansible]# cat -n ./requirements.txt
1 # The order of packages is significant, because pip processes them in the order
2 # of appearance. Changing the order has an impact on the overall integration
3 # process, which may cause wedges in the gate later.
4 pbr!=2.1.0,>=2.0.0 # Apache-2.0
5 docker>=2.4.2 # Apache-2.0
6 Jinja2!=2.9.0,!=2.9.1,!=2.9.2,!=2.9.3,!=2.9.4,>=2.8 # BSD License (3 clause)
7 six>=1.10.0 # MIT
8 oslo.config>=5.1.0 # Apache-2.0
9 oslo.utils>=3.33.0 # Apache-2.0
10 setuptools!=24.0.0,!=34.0.0,!=34.0.1,!=34.0.2,!=34.0.3,!=34.1.0,!=34.1.1,!=34.2.0,!=34.3.0,!=34.3.1,!=34.3.2,!=36.2.0,>=16.0 # PSF/ZPL
11 PyYAML>=3.10 # MIT
12 netaddr>=0.7.18 # BSD
13 cryptography!=2.0,>=1.9 # BSD/Apache-2.0
14 jmespath>=0.9.0 # MIT
[root@localhost kolla-ansible]#
[root@localhost kolla-ansible]# find / -name pip.conf
find: ‘/run/user/1000/gvfs’: Permission denied
/root/.config/pip/pip.conf
[root@localhost kolla-ansible]# cat -n /root/.config/pip/pip.conf
1 [global]
2 index-url = https://pypi.tuna.tsinghua.edu.cn/simple
3
[root@localhost kolla-ansible]#
[root@localhost kolla-ansible]# pip install . -i https://pypi.tuna.tsinghua.edu.cn/simple
....................................................................................................
ERROR: Cannot uninstall 'requests'. It is a distutils installed project and thus we cannot accurately determine which files belong to it which would lead to only a partial uninstall.
[root@localhost kolla-ansible]# pip install . -i https://pypi.tuna.tsinghua.edu.cn/simple --ignore-installed requests
....................................................................................................................
ERROR: After October 2020 you may experience errors when installing or updating packages. This is because pip will change the way that it resolves dependency conflicts.
We recommend you use --use-feature=2020-resolver to test your packages with the new resolver before it becomes the default.
rtslib-fb 2.1.69 requires pyudev>=0.16.1, but you'll have pyudev 0.15 which is incompatible.
ipapython 4.6.6 requires dnspython>=1.15, but you'll have dnspython 1.12.0 which is incompatible.
ipapython 4.6.6 requires python-ldap>=3.0.0b1, but you'll have python-ldap 2.4.15 which is incompatible.
Successfully installed Babel-2.8.0 Jinja2-2.11.2 MarkupSafe-1.1.1 PyYAML-5.3.1 backports.ssl-match-hostname-3.7.0.1 certifi-2020.6.20 cffi-1.14.1 chardet-3.0.4 contextlib2-0.6.0.post1 cryptography-3.0 debtcollector-1.22.0 docker-4.2.2 enum34-1.1.10 funcsigs-1.0.2 idna-2.10 importlib-resources-3.0.0 ipaddress-1.0.23 iso8601-0.1.12 jmespath-0.10.0 kolla-ansible-6.2.4.dev4 monotonic-1.5 netaddr-0.8.0 netifaces-0.10.9 oslo.config-7.0.0 oslo.i18n-3.25.1 oslo.utils-3.42.1 pathlib2-2.3.5 pbr-5.4.5 pycparser-2.20 pyparsing-2.4.7 pytz-2020.1 requests-2.24.0 rfc3986-1.4.0 scandir-1.10.0 setuptools-44.1.1 singledispatch-3.4.0.3 six-1.15.0 stevedore-1.32.0 typing-3.7.4.3 urllib3-1.25.10 websocket-client-0.57.0 wrapt-1.12.1 zipp-1.2.0
[root@localhost kolla-ansible]# pip install . -i https://pypi.tuna.tsinghua.edu.cn/simple --use-feature=2020-resolver
.....................................................................................................................
equirement already satisfied: ipaddress in /usr/lib/python2.7/site-packages (from cryptography!=2.0,>=1.9->kolla-ansible==6.2.4.dev4) (1.0.23)
Requirement already satisfied: six>=1.10.0 in /usr/lib/python2.7/site-packages (from kolla-ansible==6.2.4.dev4) (1.15.0)
[root@localhost kolla-ansible]#
四 配置/etc/kolla/globals.yml
[root@localhost kolla-ansible]# cp /etc/kolla/globals.yml{,.original}
[root@localhost kolla-ansible]# ls -F /etc/kolla/
globals.yml globals.yml.original passwords.yml
[root@localhost kolla-ansible]# gedit /etc/kolla/globals.yml
[root@localhost kolla-ansible]# grep "^\s[^# \t].$" /etc/kolla/globals.yml | cat -n
1 ---
2 kolla_base_distro: "centos"
3 kolla_install_type: "source"
4 openstack_release: "queens"
5 kolla_internal_vip_address: "10.89.127.123"
6 docker_namespace: "kolla"
7 network_interface: "ens33"
8 neutron_external_interface: "ens38"
9 enable_haproxy: "no"
10 nova_compute_virt_type: "qemu"
11 enable_freezer:"yes"
12 enable_heat:"yes"
13 enable_horizon_freezer:"{{ enable_freezer | bool }}"
14 enable_cinder: "yes"
[root@localhost kolla-ansible]#
【注意:如果是在虚拟机里安装 Kolla,希望可以在 OpenStack 平台上创建虚拟机,那么你需要在 globals.yml 文件中把 nova_compute_virt_type 配置项设置为 qemu,默认是 KVM。】
五 配置/etc/kolla/config/ceph.conf
[root@localhost kolla-ansible]# cat -n /etc/kolla/config/ceph.conf
cat: /etc/kolla/config/ceph.conf: No such file or directory
[root@localhost kolla-ansible]# touch /etc/kolla/config/ceph.conf
touch: cannot touch ‘/etc/kolla/config/ceph.conf’: No such file or directory
[root@localhost kolla-ansible]# mkdir -p /etc/kolla/config
[root@localhost kolla-ansible]# touch /etc/kolla/config/ceph.conf
[root@localhost kolla-ansible]# gedit /etc/kolla/config/ceph.conf
[root@localhost kolla-ansible]# grep "^\s[^# \t].$" /etc/kolla/config/ceph.conf | cat -n
1 [global]
2 osd pool default size = 1
3 osd pool default min size = 1
4 lsblk
5 parted /dev/sdc -s -- mklabel gpt mkpart KOLLA_CEPH_OSD_BOOTSTRAP 1 -1
[root@localhost kolla-ansible]#
[root@localhost kolla-ansible]# grep "^\s[^# \t].$" /etc/kolla/globals.yml | cat -n
1 ---
2 kolla_base_distro: "centos"
3 kolla_install_type: "source"
4 openstack_release: "queens"
5 kolla_internal_vip_address: "10.89.127.123"
6 docker_namespace: "kolla"
7 network_interface: "ens33"
8 neutron_external_interface: "ens38"
9 enable_haproxy: "no"
10 nova_compute_virt_type: "qemu"
11 enable_cinder: "yes"
12 enable_ceph: "yes"
13 enable_ceph_rgw: "yes"
14 enable_ceph_rgw_keystone: "yes"
[root@localhost kolla-ansible]#
六 安装kolla
[root@localhost kolla-ansible]# kolla-genpwd
/usr/lib64/python2.7/site-packages/cryptography/init.py:39: CryptographyDeprecationWarning: Python 2 is no longer supported by the Python core team. Support for it is now deprecated in cryptography, and will be removed in a future release.
CryptographyDeprecationWarning,
[root@localhost kolla-ansible]# cat -n /etc/kolla/passwords.yml
1 aodh_database_password: NGEJvWpwBREFW9It7WEmcCt8DF3RAs1vhwH4HbSo
2 aodh_keystone_password: hd0FTunq04VQnIMJtcMKIUp94gQFBcPsTgnyjwiG
.......................................................................................................................................
545 zun_keystone_password: q34MbRzy8tTj1jWtvgR1Qz6cKYalHf9yf5uV50sH
[root@localhost kolla-ansible]# cp /etc/kolla/passwords.yml{,.original}
[root@localhost kolla-ansible]# ls -F /etc/kolla/
config/ globals.yml globals.yml.original passwords.yml passwords.yml.original
[root@localhost kolla-ansible]#
[root@localhost kolla-ansible]# echo "keystone_admin_password: password" >> /etc/kolla/passwords.yml
[root@localhost kolla-ansible]# tail -5 /etc/kolla/passwords.yml
xenserver_password: sNUydA65P0sfsWjiCxvpp2Kqe64edV6F9huFkhjC
zfssa_iscsi_password: lTBzCUCeAW5UDFcKO4C2vRFU8wr5SrtZDQSmSYiE
zun_database_password: 4ZxKh2D4cb30tiFkx9FrQMPNnTYIsbbUHsvQsi3F
zun_keystone_password: q34MbRzy8tTj1jWtvgR1Qz6cKYalHf9yf5uV50sH
keystone_admin_password: password
[root@localhost kolla-ansible]#
[root@localhost kolla-ansible]# kolla-ansible pull
Pulling Docker images : ansible-playbook -i /usr/share/kolla-ansible/ansible/inventory/all-in-one -e @/etc/kolla/globals.yml -e @/etc/kolla/passwords.yml -e CONFIG_DIR=/etc/kolla -e action=pull /usr/share/kolla-ansible/ansible/site.yml
/usr/lib64/python2.7/site-packages/cryptography/init.py:39: CryptographyDeprecationWarning: Python 2 is no longer supported by the Python core team. Support for it is now deprecated in cryptography, and will be removed in a future release.
....................................................................................................................................
TASK [Pulling memcached image] **
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Unknown error message: error pulling image configuration: Get https://production.cloudflare.docker.com/registry-v2/docker/registry/v2/blobs/sha256/ef/efa2f72f0dbea5644004dedf92d38d0866aafb56924ff383c979b7bfc5abb695/data?verify=1596710186-INAoHEa9f2j8h5eBOR5UlwqQx5c%3D: net/http: TLS handshake timeout"}
PLAY RECAP **
localhost : ok=3 changed=0 unreachable=0 failed=1 skipped=41 rescued=0 ignored=0
Command failed ansible-playbook -i /usr/share/kolla-ansible/ansible/inventory/all-in-one -e @/etc/kolla/globals.yml -e @/etc/kolla/passwords.yml -e CONFIG_DIR=/etc/kolla -e action=pull /usr/share/kolla-ansible/ansible/site.yml
[root@localhost kolla-ansible]# kolla-ansible deploy
......................................................................................................
{#创建环境变量,文件在/etc/kolla中
kolla-ansible post-deploy}
七 安装OpenStack的客户端工具python-openstackclient
[root@localhost kolla-ansible]# pip install python-openstackclient
DEPRECATION: Python 2.7 reached the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 is no longer maintained. pip 21.0 will drop support for Python 2.7 in January 2021. More details about Python 2 support in pip can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support
Looking in indexes: https://pypi.tuna.tsinghua.edu.cn/simple
Collecting python-openstackclient
Downloading https://pypi.tuna.tsinghua.edu.cn/packages/56/e9/eb6e88074b8c1f20a622b7cc7f7d1e4be0e81ddf22ceb49949f414bd52c6/python-openstackclient-5.2.1.tar.gz (722 kB)
|████████████████████████████████| 722 kB 1.7 MB/s
Requirement already satisfied: pbr!=2.1.0,>=2.0.0 in /usr/lib/python2.7/site-packages (from python-openstackclient) (5.4.5)
Requirement already satisfied: six>=1.10.0 in /usr/lib/python2.7/site-packages (from python-openstackclient) (1.15.0)
Requirement already satisfied: Babel!=2.4.0,>=2.3.4 in /usr/lib/python2.7/site-packages (from python-openstackclient) (2.8.0)
Collecting cliff!=2.9.0,>=2.8.0
Downloading https://pypi.tuna.tsinghua.edu.cn/packages/55/2f/f1484035545a36de978c686b90a6d81c0b09a8e3002faf761737eef54cdc/cliff-2.18.0-py2.py3-none-any.whl (79 kB)
|████████████████████████████████| 79 kB 2.5 MB/s
...................................................................................................................................
Successfully installed PrettyTable-0.7.2 appdirs-1.4.4 backports.functools-lru-cache-1.6.1 cliff-2.18.0 cmd2-0.8.9 decorator-4.4.2 dogpile.cache-0.9.2 jsonpatch-1.26 jsonpointer-2.0 keystoneauth1-4.0.1 msgpack-1.0.0 munch-2.5.0 openstacksdk-0.45.0 os-service-types-1.7.0 osc-lib-2.0.0 oslo.serialization-2.29.2 pyperclip-1.8.0 python-cinderclient-6.0.0 python-keystoneclient-3.22.0 python-novaclient-16.0.0 python-openstackclient-5.2.1 requestsexceptions-1.4.0 simplejson-3.17.2 unicodecsv-0.14.1 wcwidth-0.2.5
[root@localhost kolla-ansible]#
八 编辑/usr/share/kolla-ansible/init-runonce
[root@localhost kolla-ansible]# cp /usr/share/kolla-ansible/init-runonce{,.original}
[root@localhost kolla-ansible]# ls -F /usr/share/kolla-ansible/
ansible/ doc/ etc_examples/ init-runonce init-runonce.original init-**** openrc-example setup.cfg tools/
[root@localhost kolla-ansible]# gedit /usr/share/kolla-ansible/init-runonce
[root@localhost kolla-ansible]# cat -n /usr/share/kolla-ansible/init-runonce | grep "EXT_NET"
15 # This EXT_NET_CIDR is your public network,that you want to connect to the internet via.
16 EXT_NET_CIDR='10.89.127.0/24'
17 EXT_NET_RANGE='start=10.89.127.110,end=10.89.127.250'
18 EXT_NET_GATEWAY='10.89.127.254'
75 --allocation-pool ${EXT_NET_RANGE} --network public1 \
76 --subnet-range ${EXT_NET_CIDR} --gateway ${EXT_NET_GATEWAY} public1-subnet
[root@localhost kolla-ansible]#
九 加载OpenStack CLI所需的环境变量
source /etc/kolla/admin-openrc.sh
十 初始化部署
cd /usr/share/kolla-ansible/ && ./init-runonce
用浏览器访问Dashboard