Ansible部署先电openstack
一,规划节点:
|
主机名 |
IP |
节点 |
|
|
ansible |
192.168.238.11 |
ansible节点 |
2核/4G内存/40G硬盘 |
|
controller |
192.168.238.12 |
controller节点 |
4核/8G内存/100G硬盘 |
|
compute |
192.168.238.13 |
compute节点 |
4核/8G内存/100G硬盘+50G临时磁盘 |
二,基础准备:
使用OpenStack平台创建三台云主机进行实验,云主机镜像使用提供的CentOS_7.9_x86_64_XD.qcow2镜像,将chinaskills_cloud_iaas.iso镜像上传到ansible节点的/root目录下,controller节点和compute节点各配置两张网卡分别为NAT模式和仅主机模式。
三,环境准备
配置网络并修改主机名
在所有节点执行
ip地址设置以实际环境为准
hostnamectl set-hostname ansible
hostnamectl set-hostname controller
hostnamectl set-hostname compute
安装ansible和ftp服务
只在ansible节点执行
yum install epel-release -y
yum install ansible -y ##这里选择网络源安装ansible
systemctl stop firewalld && systemctl disable firewalld
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config ##关闭防火墙和selinux
mkdir /opt/{centos,iaas}
mount /dev/sr0 /opt/centos
mount /root/chinaskills_cloud_iaas.iso /opt/iaas -o loop
cat /etc/yum.repos.d/ansible.repo
[centos]
name=centos
baseurl=file:///opt/centos
enabled=1
gpgcheck=0
[iaas]
name=iaas
baseurl=file:///opt/iaas/iaas-repo
enabled=1
gpgcheck=0
yum clean all
yum repolist ##配置本地镜像源
yum install vsftpd -y
echo 'anon_root=/opt' >> /etc/vsftpd/vsftpd.conf
systemctl restart vsftpd && systemctl enable vsftpd
##安装ftp设置匿名访问目录
配置免密登录
只在ansible节点执行
ssh-keygen
ssh-copy-id root@192.168.238.12
ssh-copy-id root@192.168.238.13
四,目录结构
项目目录
mkdir /opt/openstack_ansible
创建角色
mkdir -p /opt/openstack_ansible/roles/{init,mariadb,keystone,glance,placement,nova-controller,nova-compute,neutron-controller,neutron-compute,dashboard,swift-controller,swift-compute,cinder-controller,cinder-compute,heat}/{taska,files,templates,meta,handlers,vars}
## 在每个角色目录下面都有一样的目录,这些目录中的task目录一般是一定会用到的,其他的目录视情况而定来使用
创建group_vars目录
在项目目录/opt/openstack_ansible下创建group_vars目录,并在该目录下创建all文件,该目录用来存放变量声明文件all
mkdir /opt/openstack_ansible/group_vars
cd /opt/openstack_ansible/group_vars
touch all
init角色
该角色的任务是用来部署controller和compute的基础环境,包括配置yum源,安装openstack-iaas脚本,安装iaas-pre-host脚本
- 在roles/init/tasks目录下,创建main.yaml文件
cat /opt/openstack_ansible/roles/init/tasks/main.yml
- name: move repos
shell: mv /etc/yum.repos.d/* /media
- name: create local.repo
copy: src=local.repo dest=/etc/yum.repos.d/
- name: install iaas-xiandian
yum: name=iaas-xiandian state=present
- name: openrc.sh
template: src=openrc.sh.j2 dest=/etc/openstack/openrc.sh
- name: install pre-host
shell: iaas-pre-host.sh
- 在该init角色剧本中,把local.repo文件拷贝至init/files目录下,把openrc.sh.j2文件拷贝至init/templates目录下。
cat /opt/openstack_ansible/roles/init/filea/local.repo
[centos]
name=centos
baseurl=ftp://ansible节点ip地址/centos
enabled=1
gpgcheck=0
[iaas]
name=iaas
baseurl=ftp://ansible节点ip地址/iaas/iaas-repo
enabled=1
gpgcheck=0
cat /opt/openstack_ansible/roles/init/templates/openrc.sh.j2
##--------------------system Config--------------------##
##Controller Server Manager IP. example:x.x.x.x
HOST_IP={{controller_ip}}
##Controller HOST Password. example:000000
HOST_PASS={{PASSWD}}
##Controller Server hostname. example:controller
HOST_NAME={{controller_name}}
##Compute Node Manager IP. example:x.x.x.x
HOST_IP_NODE={{compute_ip}}
##Compute HOST Password. example:000000
HOST_PASS_NODE={{PASSWD}}
##Compute Node hostname. example:compute
HOST_NAME_NODE={{compute_name}}
##--------------------Chrony Config-------------------##
##Controller network segment IP. example:x.x.0.0/16(x.x.x.0/24)
network_segment_IP={{network_segment_IP}}/24
##--------------------Rabbit Config ------------------##
##user for rabbit. example:openstack
RABBIT_USER=openstack
##Password for rabbit user .example:000000
RABBIT_PASS={{PASSWD}}
##--------------------MySQL Config---------------------##
##Password for MySQL root user . exmaple:000000
DB_PASS={{PASSWD}}
##--------------------Keystone Config------------------##
##Password for Keystore admin user. exmaple:000000
DOMAIN_NAME=demo
ADMIN_PASS={{PASSWD}}
DEMO_PASS={{PASSWD}}
##Password for Mysql keystore user. exmaple:000000
KEYSTONE_DBPASS={{PASSWD}}
##--------------------Glance Config--------------------##
##Password for Mysql glance user. exmaple:000000
GLANCE_DBPASS={{PASSWD}}
##Password for Keystore glance user. exmaple:000000
GLANCE_PASS={{PASSWD}}
##--------------------Nova Config----------------------##
##Password for Mysql nova user. exmaple:000000
NOVA_DBPASS={{PASSWD}}
##Password for Keystore nova user. exmaple:000000
NOVA_PASS={{PASSWD}}
##--------------------Neturon Config-------------------##
##Password for Mysql neutron user. exmaple:000000
NEUTRON_DBPASS={{PASSWD}}
##Password for Keystore neutron user. exmaple:000000
NEUTRON_PASS={{PASSWD}}
##metadata secret for neutron. exmaple:000000
METADATA_SECRET={{PASSWD}}
##Tunnel Network Interface. example:x.x.x.x
{% if ansible_fqdn == "controller" %}
INTERFACE_IP={{controller_ip}}
{% elif ansible_fqdn == "compute" %}
INTERFACE_IP={{compute_ip}}
{% endif %}
##External Network Interface. example:eth1
INTERFACE_NAME={{External_Network}}
##External Network The Physical Adapter. example:provider
Physical_NAME={{Physical_NAME}}
##First Vlan ID in VLAN RANGE for VLAN Network. exmaple:101
minvlan=1
##Last Vlan ID in VLAN RANGE for VLAN Network. example:200
maxvlan=4000
##--------------------Cinder Config--------------------##
##Password for Mysql cinder user. exmaple:000000
CINDER_DBPASS={{PASSWD}}
##Password for Keystore cinder user. exmaple:000000
CINDER_PASS={{PASSWD}}
##Cinder Block Disk. example:md126p3
BLOCK_DISK={{cinder_disk}}
##--------------------Swift Config---------------------##
##Password for Keystore swift user. exmaple:000000
SWIFT_PASS={{PASSWD}}
##The NODE Object Disk for Swift. example:md126p4.
OBJECT_DISK={{swift_disk}}
##The NODE IP for Swift Storage Network. example:x.x.x.x.
STORAGE_LOCAL_NET_IP= {{STORAGE_LOCAL_NET_IP}}
##--------------------Heat Config----------------------##
##Password for Mysql heat user. exmaple:000000
HEAT_DBPASS={{PASSWD}}
##Password for Keystore heat user. exmaple:000000
HEAT_PASS={{PASSWD}}
##--------------------Zun Config-----------------------##
##Password for Mysql Zun user. exmaple:000000
ZUN_DBPASS={{PASSWD}}
##Password for Keystore Zun user. exmaple:000000
ZUN_PASS={{PASSWD}}
##Password for Mysql Kuryr user. exmaple:000000
KURYR_DBPASS={{PASSWD}}
##Password for Keystore Kuryr user. exmaple:000000
KURYR_PASS={{PASSWD}}
##--------------------Ceilometer Config----------------##
##Password for Gnocchi ceilometer user. exmaple:000000
CEILOMETER_DBPASS={{PASSWD}}
##Password for Keystore ceilometer user. exmaple:000000
CEILOMETER_PASS={{PASSWD}}
##--------------------AODH Config----------------##
##Password for Mysql AODH user. exmaple:000000
AODH_DBPASS={{PASSWD}}
##Password for Keystore AODH user. exmaple:000000
AODH_PASS={{PASSWD}}
##--------------------Barbican Config----------------##
##Password for Mysql Barbican user. exmaple:000000
BARBICAN_DBPASS={{PASSWD}}
##Password for Keystore Barbican user. exmaple:000000
BARBICAN_PASS={{PASSWD}}
- 在/opt/openstack_ansible/group_vars/all声明变量
cat /opt/openstack_ansible/group_vars/all
controller_ip: 192.168.238.12
controller_name: controller
compute_ip: 192.168.238.13
compute_name: compute
PASSWD: '000000'
cinder_disk: vdb1
swift_disk: vdb2
network_segment_IP: 172.30.18.0
External_Network: ens33
Physical_NAME: provider
STORAGE_LOCAL_NET_IP: 192.168.238.13
其他角色
其他角色的作用是执行安装openstack的脚本,根据需要编写
编写剧本入口文件
install_openstack.yaml文件为执行剧本的入口文件,需要将调用roles的顺序及哪些主机调用哪些roles在这个文件中体现出来
cat /opt/openstack_ansible/install_openstack.yaml
---
- hosts: controller
remote_user: root
roles:
- init
- mariadb
- keystone
- glance
- nova-controller
- neutron-controller
- dashboard
- cinder-controller
- swift-controller
- heat
- hosts: compute
remote_user: root
roles:
- init
- nova-compute
- neutron-compute
- cinder-compute
- swift-compute
五,执行playbook剧本
修改ansible主机清单
cat /etc/ansible/hosts
[controller]
192.168.238.12
[compute]
192.168.238.13
执行剧本
ansible-playbook install_openstack.yaml --syntax-check ##检查剧本语法错误
cd /opt/openstack_ansible
ansible-playbook install_openstack.yaml
