体系结构:x86 vmware虚拟机
拟机内存大小:8G
磁盘大小:50G
网络:两个网卡,一个NAT模式网卡ens33,一个网桥模式ens37
操作系统:CentOS Linux release 7.9.2009 (Core)(最小化安装)
内核:3.10.0-1160.el7.x86_64
python版本:2.7.5
openstack版本:train
ansible版本:2.9.0
kolla-ansible版本:9.3.0
docker版本:20.10.0
pip版本:20.3.4
OpenStack部署模式:all-in-one
修改主机名称为op
hostnamectl set-hostname op
设置ssh的无密码连接到本地,执行
ssh-keygen
生成密钥,出现的需要填写的位置全部默认回车即可
ssh-copy-id op
选项输入yes,然后输入op的密码,即可实现无密码连接到本地。
关闭selinux
修改/etc/selinux/config文件中
SELINUX=disabled
并重启虚拟机
此时执行getenforce命令能够看到状态为
disabled
(不修改/etc/selinux/config文件也可以,可以执行setenforce 0来临时关闭selinux,关闭后getenforce的状态是Permissive)
关闭防火墙
systemctl stop firewalld
下次重启默认不开启防火墙
systemctl disable firewalld
yum install python2-pip
修改pip源(使用国内源替换默认源,加速包的下载。如果没有/root/.pip目录需要自己创建)
vim /root/.pip/pip.conf
[global] index-url = http://mirrors.aliyun.com/pypi/simple/ [install] trusted-host = mirrors.aliyun.com
升级pip
pip install ansible==20.3.4
查看pip版本
pip -V
pip install ansible==2.9.0
查看ansible版本
ansible --version
pip install kolla-ansible==9.3.0
可能会出现错误:Could not find suitable distribution for Requirement.parse('pbr>=2.0.0')
解决方法可参考下文错误1
可能会出现错误:error in netaddr setup command: 'install_requires' must be a string or list of strings containing valid project/version requirement specifiers
解决方法可参考下文错误2
可能会出现错误:ERROR: Cannot uninstall 'requests'. It is a distutils installed project and thus we cannot accurately determine which files belong to it which would lead to only a partial uninstall.
解决方法可参考下文错误3
可能会出现错误:ERROR: Cannot uninstall 'netaddr'. It is a distutils installed project and thus we cannot accurately determine which files belong to it which would lead to only a partial uninstall.
解决方法可参考下文错误4
可能会出现错误:ERROR: Cannot uninstall 'PyYAML'. It is a distutils installed project and thus we cannot accurately determine which files belong to it which would lead to only a partial uninstall.
解决方法可参考下文错误5,后续类似错误均可按照上述解决方法执行
可以使用国内阿里云的源来下载docker
yum-config-manager --add-repo https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum install docker-ce
启动docker服务
systemctl start docker
令docker服务开机自启动
systemctl enable docker
可以通过docker info查看是否已经生效
all-in-one模式是单机部署openstack,所有的服务均存在于当前单节点
创建kolla配置目录
mkdir /etc/kolla
拷贝配置文件
cp /usr/share/kolla-ansible/etc_examples/kolla/globals.yml /etc/kolla/
cp /usr/share/kolla-ansible/etc_examples/kolla/passwords.yml /etc/kolla/
修改/etc/kolla/globals.yml文件,配置文件如下(由于我们关闭enable_haproxy,因此kolla_internal_vip_address设置为本机地址,最少需要两个网卡,network_interface和neutron_external_interface必须是不同的网卡,如果需要使用自己搭建的docker registry,可以在globals.yml中添加docker_registry: "192.168.10.158:4000" docker_registry_insecure: "yes"两个字段)
kolla_base_distro:"centos"
kolla_install_type:"binary"
openstack_release:"train"
kolla_internal_vip_address:"192.168.10.158"
network_interface:"ens33"
neutron_external_interface:"ens37"
enable_haproxy:"no"
#如果需要使用自己搭建的registry仓库,可以设置下面两个参数
#docker_registry: 192.168.10.158:4000 #这里的端口要注意,不要使用5000端口,会与keystone冲突
#docker_registry_insecure: yes
拷贝all-in-one文件到当前目录
cp /usr/share/kolla-ansible/ansible/inventory/all-in-one .
生成密码
kolla-genpwd
如果需要修改openstack admin用户的登录密码,可以执行完上述命令后在/etc/kolla/passwords.yml中修改keystone_admin_password字段对应的值
部署检查
kolla-ansible -i all-in-one bootstrap-servers
kolla-ansible -i all-in-one prechecks
检查无错误即可
执行部署操作
kolla-ansible -i all-in-one deploy
可能会出现错误:dial tcp 34.194.164.123:443: i/o timeout")\n'
解决方法参考下文错误6,后续类似错误均可按照上述方法解决
部署完成后可以查看openstack的docker镜像是否都成功运行
docker ps
执行如下命令生成/etc/kolla/admin-openrc.sh文件
kolla-ansible -i all-in-one post-deploy
通过浏览器登录到192.168.10.158页面能够使用admin-openrc.sh文件中提供的密码登录openstack控制台
安装openstack客户端(使用pip安装openstack客户端存在问题)
yum install centos-release-openstack-train.noarch
yum install python2-openstackclient
执行
source /etc/kolla/admin-openrc.sh
即可通过openstack命令进行操作
例如执行查看用户命令
如果需要移除当前的openstack环境,可以执行
kolla-ansible -i all-in-one destroy all --yes-i-really-really-mean-it
执行后所有的docker镜像都会被删除
错误1:Could not find suitable distribution for Requirement.parse('pbr>=2.0.0')
在执行pip install kolla-ansible==9.3.0的时候报错
需要先安装pbr包
pip install pbr
然后再执行
pip install kolla-ansible==9.3.0
错误2:error in netaddr setup command: 'install_requires' must be a string or list of strings containing valid project/version requirement specifiers
在执行pip install kolla-ansible==9.3.0的时候报错
原因是setuptools包的版本太低了,需要升级setuptools包
然后再执行pip install kolla-ansible==9.3.0
错误3:ERROR: Cannot uninstall 'requests'. It is a distutils installed project and thus we cannot accurately determine which files belong to it which would lead to only a partial uninstall.
在执行pip install kolla-ansible==9.3.0的时候报错
解决方法是重新安装requests
pip install --ignore-installed requests
错误4:ERROR: Cannot uninstall 'netaddr'. It is a distutils installed project and thus we cannot accurately determine which files belong to it which would lead to only a partial uninstall.
在执行pip install kolla-ansible==9.3.0的时候报错
解决方法是重新安装netaddr
pip install --ignore-installed netaddr
错误5:ERROR: Cannot uninstall 'PyYAML'. It is a distutils installed project and thus we cannot accurately determine which files belong to it which would lead to only a partial uninstall.
在执行pip install kolla-ansible==9.3.0的时候报错
解决方法是重新安装PyYAML
pip install --ignore-installed PyYAML
错误6:TASK [common : Ensure fluentd image is present for label check] **************************************************************************
fatal: [localhost]: FAILED! => {"changed": true, "msg": "'Traceback (most recent call last):\n File "/tmp/ansible_kolla_docker_payload_gP5Zkt/ansible_kolla_docker_payload.zip/ansible/modules/kolla_docker.py", line 1027, in main\n File "/tmp/ansible_kolla_docker_payload_gP5Zkt/ansible_kolla_docker_payload.zip/ansible/modules/kolla_docker.py", line 906, in ensure_image\n File "/tmp/ansible_kolla_docker_payload_gP5Zkt/ansible_kolla_docker_payload.zip/ansible/modules/kolla_docker.py", line 571, in pull_image\n File "/usr/lib/python2.7/site-packages/docker/api/image.py", line 430, in pull\n self._raise_for_status(response)\n File "/usr/lib/python2.7/site-packages/docker/api/client.py", line 270, in _raise_for_status\n raise create_api_error_from_http_exception(e)\n File "/usr/lib/python2.7/site-packages/docker/errors.py", line 31, in create_api_error_from_http_exception\n raise cls(e, response=response, explanation=explanation)\nAPIError: 500 Server Error for http+docker://localhost/v1.43/images/create?tag=train&fromImage=kolla%2Fcentos-binary-fluentd: Internal Server Error ("Head "https://registry-1.docker.io/v2/kolla/centos-binary-fluentd/manifests/train": dial tcp 34.194.164.123:443: i/o timeout")\n'"}
在执行kolla-ansible -i all-in-one deploy时报错
解决方法是手动下载对应的镜像(可能存在网络问题需要多试几次)
docker pull kolla/centos-binary-heat-api:train
需要的镜像包括如下,均可以提前下载准备好
docker pull kolla/centos-binary-heat-api:train
docker pull kolla/centos-binary-heat-engine:train
docker pull kolla/centos-binary-heat-api-cfn:train
docker pull kolla/centos-binary-glance-api:train
docker pull kolla/centos-binary-nova-compute:train
docker pull kolla/centos-binary-keystone-ssh:train
docker pull kolla/centos-binary-keystone-fernet:train
docker pull kolla/centos-binary-keystone:train
docker pull kolla/centos-binary-placement-api:train
docker pull kolla/centos-binary-nova-scheduler:train
docker pull kolla/centos-binary-nova-api:train
docker pull kolla/centos-binary-nova-ssh:train
docker pull kolla/centos-binary-nova-conductor:train
docker pull kolla/centos-binary-nova-novncproxy:train
docker pull kolla/centos-binary-neutron-server:train
docker pull kolla/centos-binary-neutron-openvswitch-agent:train
docker pull kolla/centos-binary-horizon:train
docker pull kolla/centos-binary-neutron-l3-agent:train
docker pull kolla/centos-binary-neutron-dhcp-agent:train
docker pull kolla/centos-binary-neutron-metadata-agent:train
docker pull kolla/centos-binary-openvswitch-db-server:train
docker pull kolla/centos-binary-openvswitch-vswitchd:train
docker pull kolla/centos-binary-kolla-toolbox:train
docker pull kolla/centos-binary-rabbitmq:train
docker pull kolla/centos-binary-nova-libvirt:train
docker pull kolla/centos-binary-keepalived:train
docker pull kolla/centos-binary-mariadb:train
docker pull kolla/centos-binary-fluentd:train
docker pull kolla/centos-binary-cron:train
docker pull kolla/centos-binary-haproxy:train
docker pull kolla/centos-binary-memcached:train
docker pull kolla/centos-binary-chrony:train
错误7:"Unable to restart service docker“
在执行kolla-ansible -i all-in-one bootstrap-servers可能会产生如下错误,
这是因为如果采用自定的仓库配置,在/etc/docker/daemon.json文件中添加了
"insecure-registries": [ "192.168.10.158:4000" ],
需要将/usr/lib/systemd/system/docker.service文件中添加的--insecure-registry 192.168.10.158:4000参数去掉
然后重启docker
systemctl daemon-reload
systemctl restart docker