OpenStack(二)——使用Kolla部署OpenStack-allinone云平台

(1).Kolla概述

  Kolla是OpenStack下用于自动化部署的一个项目,它基于docker和ansible来实现,其中docker主要负责镜像制作和容器管理,ansible主要负责环境的部署和管理。

  Kolla实际上分为两部分:Kolla部分提供了生产环境级别的镜像,涵盖了OpenStack用到的各个服务;Kolla-ansible部分提供了自动化的部署。最开始这两部分是在一个项目中的(即Kolla),OpenStack从O开头的版本开始被独立开来,这才有了用于构建所有服务镜像的Kolla项目,以及用于执行自动化部署的Kolla-ansible。

(2).Linux系统硬件配置

  需要一台高配VMware虚拟机,内存12G,硬盘200G(swap分区4G,boot分区200M,剩下全给根目录),CPU开启虚拟化支持,双网卡桥接模式。

(3).准备工作

  如果是最小化安装,那么按<Tab>键是不会自动补全的,所以此时需要安装bash-completion。另外还需要安装vim和net-tools工具

[root@Openstack240 ~]# yum -y install bash-completion vim net-tools

  关闭SELinux和firewalld

[root@Openstack240 ~]# vi /etc/selinux/config
SELINUX=disabled
[root@Openstack240 ~]# setenforce 0
[root@Openstack240 ~]# getenforce
Permissive
[root@Openstack240 ~]# systemctl disable firewalld && systemctl stop firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@Openstack240 ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
   Active: inactive (dead)
     Docs: man:firewalld(1)

11月 23 00:06:05 Openstack systemd[1]: Starting firewalld - dynamic firewal....
11月 23 00:06:07 Openstack systemd[1]: Started firewalld - dynamic firewall....
11月 23 00:38:02 Openstack systemd[1]: Stopping firewalld - dynamic firewal....
11月 23 00:38:04 Openstack systemd[1]: Stopped firewalld - dynamic firewall....
Hint: Some lines were ellipsized, use -l to show in full.

  配置/etc/hosts

[root@Openstack240 ~]# vim /etc/hosts
192.168.128.240 OpenStack

  下载epel源

[root@Openstack240 ~]# yum -y install epel-release

  配置网卡信息

IP地址 网络类型 网卡 在OpenStack网络中的作用
192.168.128.240 bridge(桥接) ens32

OpenStack内部管理网络(management network),Horizon web界面访问就是通过该网卡

无(不能配置IP地址) bridge(桥接) ens33 外部网络(external network),让neutron(OpenStack中的网络组件)的br-ex绑定使用,OpenStack中的虚拟机是通过该网卡与外网通信
[root@Openstack240 ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens32
//修改以下几行,如果不存在则添加
BOOTPROTO=none  //将dhcp改为none,使自动获取改为静态获取
ONBOOT=yes  //启动用该网卡
IPADDR=192.168.128.240  //设置IPv4地址
NETMASK=255.255.255.0  //设置子网掩码
GATEWAY=192.168.128.254  //设置默认网关
DNS1=61.177.7.1  //设置DNS
[root@Openstack240 ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
//修改以下几行,并将其移动到文件开头,如果不存在则添加。
TYPE=Ethernet
NAME=ens33
DEVICE=ens33  //如果是开启虚拟机后添加网卡,需要手动编辑以上三行
BOOTPROTO=none  //将dhcp改为none,使自动获取改为静态获取
ONBOOT=yes  //启用该网卡
[root@OpenStack240 ~]# systemctl restart network

  安装基础包

//安装基础包
[root@Openstack240 ~]# yum -y install python-devel libffi-devel gcc openssl-devel git python-pip
//配置pip镜像源,方便快速下载python库(默认从国外下载)
[root@Openstack240 ~]# mkdir .pip
[root@Openstack240 ~]# tee .pip/pip.conf << EOF  //不知道为什么cat失败,所以用了tee
> [global]
> index-url=http://mirrors.aliyun.com/pypi/simple/
> [install]
> trusted-host=mirrors.aliyun.com
> EOF
//升级pip
[root@Openstack240 ~]# pip install -U pip

(4).安装kolla-ansible

 1)使用pip安装ansible,注意不要使用yum安装,否则会与kolla中的YAML包冲突

[root@Openstack240 ~]# pip install ansible

 2)使用pip安装kolla-ansible

[root@Openstack240 ~]# pip install kolla-ansible

  如果出现如下错误

//已经存在PyYAML3.10导致不能安装PyYAML
Found existing installation: PyYAML 3.10
Cannot uninstall 'PyYAML'. It is a distutils installed project and thus we cannot accurately determine which files belong to it
 which would lead to only a partial uninstall.
//出现如上错误,请执行以下步骤
[root@Openstack240 ~]# pip install PyYAML --ignore-installed PyYAML  //忽略已经安装的PyYAML,安装PyYAML
[root@Openstack240 ~]# pip install kolla-ansible  //重新安装kolla-ansible

 3)复制kolla-ansible的相关配置文件

[root@Openstack240 ~]# cp -r /usr/share/kolla-ansible/etc_examples/kolla /etc/
[root@Openstack240 ~]# ls /etc/kolla/
globals.yml  passwords.yml
[root@Openstack240 ~]# cp /usr/share/kolla-ansible/ansible/inventory/* /etc/kolla/
[root@Openstack240 ~]# ls /etc/kolla/
all-in-one  globals.yml  multinode  passwords.yml

  文件说明:all-in-one是安装单节点OpenStack的ansible自动安装配置文件;multinode是安装多节点OpenStack的ansible自动安装配置文件;globals.yml是OpenStack部署的自定义配置文件;passwords.yml是OpenStack中各个服务的密码文件。

(5).编辑kolla-ansible的配置文件,用于自定义安装OpenStack

  生成OpenStack各个服务的密码文件,并修改Web页面登录密码

[root@Openstack240 ~]# kolla-genpwd
[root@Openstack240 ~]# vim /etc/kolla/passwords.yml
//修改第165行,这是登录Dashboard(web界面控制台)的密码。正常情况下也不能太简单,可以截取一段自动生成的密码
keystone_admin_password: 123456

  编辑/etc/kolla/global.yml自定义OpenStack中的部署事项

[root@Openstack240 ~]# vim /etc/kolla/globals.yml
//第14行和第15行,选择下载的基础镜像,5选1
# Valid options are ['centos', 'debian', 'oraclelinux', 'rhel', 'ubuntu']
kolla_base_distro: "centos"

//第17行和第18行,选择的安装方法,2选1。binary二进制安装,source源码安装
# Valid options are [ binary, source ]
kolla_install_type: "source"

//第20行和第21行,选择OpenStack的版本标签,详细请看:https://releases.openstack.org/
# Valid option is Docker repository tag
openstack_release: "stein"  //注意版本必须小写,后期下载的OpenStack相关的docker镜像标签也为stein。我是train版本失败,才换成stein

//第23行和第24行,存放配置文件的位置
# Location of configuration overrides
#node_custom_config: "/etc/kolla/config"  //默认存放地址

//第31行,OpenStack内部管理网络地址,通过该IP访问OpenStack Web页面进行管理。如果启用了高可用,需要设置为VIP(漂移IP)
kolla_internal_vip_address: "192.168.128.240"

//第87行,OpenStack内部管理网络地址的网卡接口
network_interface: "ens32"

//第105行,OpenStack外部(或公共)网络的网卡接口,可以是vlan模式或flat模式。
//此网卡应该在没有IP地址的情况下处于活动,如果不是,那么OpenStack云平台中的云主机实例将无法访问外部网络。(存在IP时br-ex桥接就不成功)
neutron_external_interface: "ens33"

//第190行,关闭高可用
enable_haproxy: "no"

//第213行,关闭cinder(块存储)
#enable_cinder: "no"

//第443行和第444行,指定nova-compute守护进程使用的虚拟化技术。(kvm好像有点问题,大家可以试试,看看你们能不能过nova下载)
//nova-compute是一个非常重要的守护进程,负责创建和终止虚拟机实例,即管理虚拟机实例的生命周期
# Valid options are [ qemu, kvm, vmware, xenapi ]
nova_compute_virt_type: "qemu"

(6).基于kolla-ansible安装OpenStack私有云

  生成ssh key,并给自己授权

[root@Openstack240 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:AF8aHj/NlA0doFaR/ZOM6HParDKP0o4YH40rzDoEPnY root@Openstack
The key's randomart image is:
+---[RSA 2048]----+
|    . o . *X..   |
|     + * *o +    |
|      = = o. + . |
|.      o .. . =  |
|..      S.     . |
| +.E   o  o .    |
|..oo. o..  *     |
|  . ++.++.. o    |
|  .o..+oo+o.     |
+----[SHA256]-----+
[root@Openstack240 ~]# ssh-copy-id -i /root/.ssh/id_rsa.pub root@OpenStack
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'openstack (192.168.128.240)' can't be established.
ECDSA key fingerprint is SHA256:bIVBUnAgb1EBEW0igBEyamtibqEMjhkfrwHyjXHjnq4.
ECDSA key fingerprint is MD5:86:b5:64:9c:5f:19:23:26:20:56:60:9d:ce:27:f7:33.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@openstack's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@OpenStack'"
and check to make sure that only the key(s) you wanted were added.

  配置单节点清单文件

[root@Openstack240 ~]# vim /etc/kolla/all-in-one
//修改第3行到第19行,将localhost       ansible_connection=local改为OpenStack
//可以使用替换命令":1,$s/localhost       ansible_connection=local/OpenStack/"
[control]
OpenStack

[network]
OpenStack

[compute]
OpenStack

[storage]
OpenStack

[monitoring]
OpenStack

[deployment]
OpenStack

  开始部署OpenStack。注意:我在使用阿里云的epel源时,在安装bootstrap-server时会卡在TASK [baremetal : Install yum packages]这一步。而系统安装的epel源只等待了5分钟左右。

//安装bootstrap-servers部署OpenStack所需的依赖包。该包由kolla-ansible提供,包含docker。
[root@Openstack240 ~]# kolla-ansible -i /etc/kolla/all-in-one bootstrap-servers
//对当前主机进行预部署(检测),直接看最后的统计即可。如果检测报错,可以查看前面的TASK:[precheck ...]部分,可以快速定位到错误
[root@Openstack240 ~]# kolla-ansible -i /etc/kolla/all-in-one prechecks
PLAY RECAP *********************************************************************
OpenStack : ok=66 changed=0 unreachable=0 failed=0 skipped=42 rescued=0 ignored=0
//查看docker volume卷挂载方式
[root@Openstack240 ~]# vim /etc/systemd/system/docker.service.d/kolla.conf
[Service]
MountFlags=shared  //添加该行,后期docker宿主机新增分区时,docker服务不用重启,方便主机增加磁盘。
ExecStart=
ExecStart=/usr/bin/dockerd --log-opt max-file=5 --log-opt max-size=50m
//指定docker加速器,阿里云免费的申请一下即可
[root@Openstack240 ~]# tee /etc/docker/daemon.json << 'EOF'
> {
> "registry-mirrors": ["https://xxxxxxx.mirror.aliyuncs.com"]
> }
> EOF
[root@Openstack240 ~]# systemctl daemon-reload
[root@Openstack240 ~]# systemctl restart docker
//拉取镜像,时间有点长
[root@Openstack240 ~]# kolla-ansible -i /etc/kolla/all-in-one pull
//查看拉取下来的镜像
[root@OpenStack240 ~]# docker images
REPOSITORY                                      TAG                 IMAGE ID            CREATED             SIZE
kolla/centos-source-horizon                     stein               0dadc35b6b9c        44 hours ago        1.04GB
kolla/centos-source-nova-compute                stein               ea536cdda37b        44 hours ago        1.85GB
kolla/centos-source-neutron-server              stein               75c62223bc3a        44 hours ago        1.03GB
kolla/centos-source-neutron-l3-agent            stein               3f9175b4f55c        44 hours ago        1.04GB
kolla/centos-source-neutron-dhcp-agent          stein               3137270d1bd0        44 hours ago        1GB
kolla/centos-source-neutron-metadata-agent      stein               bfd4bbeefc3f        44 hours ago        1GB
kolla/centos-source-neutron-openvswitch-agent   stein               908cfd43c296        44 hours ago        1GB
kolla/centos-source-nova-api                    stein               8521127528ce        44 hours ago        1.09GB
kolla/centos-source-nova-ssh                    stein               cbbf57d9ac9c        44 hours ago        1.06GB
kolla/centos-source-glance-api                  stein               2e0c01c9facc        44 hours ago        910MB
kolla/centos-source-nova-consoleauth            stein               85e5522095c9        44 hours ago        1.03GB
kolla/centos-source-nova-conductor              stein               c35ede1279bc        44 hours ago        1.03GB
kolla/centos-source-nova-scheduler              stein               817f1ec1367f        44 hours ago        1.03GB
kolla/centos-source-nova-novncproxy             stein               ee5441c6a2a1        44 hours ago        1.06GB
kolla/centos-source-keystone-ssh                stein               15ea9c492264        44 hours ago        921MB
kolla/centos-source-keystone                    stein               e973f2e7094d        44 hours ago        920MB
kolla/centos-source-keystone-fernet             stein               f50e58bbf72c        44 hours ago        920MB
kolla/centos-source-placement-api               stein               1556e06c1058        44 hours ago        920MB
kolla/centos-source-heat-api                    stein               21e4e2ba3acf        44 hours ago        894MB
kolla/centos-source-heat-engine                 stein               720f1fc35901        44 hours ago        894MB
kolla/centos-source-heat-api-cfn                stein               91991bd99c45        44 hours ago        894MB
kolla/centos-source-mariadb                     stein               61ff92627c80        44 hours ago        594MB
kolla/centos-source-nova-libvirt                stein               8e3beb6eec8b        44 hours ago        1.2GB
kolla/centos-source-fluentd                     stein               b148a90b28b7        44 hours ago        539MB
kolla/centos-source-openvswitch-vswitchd        stein               651b5161a446        44 hours ago        423MB
kolla/centos-source-openvswitch-db-server       stein               693789d40516        44 hours ago        423MB
kolla/centos-source-chrony                      stein               e2e4a9fa7f63        44 hours ago        407MB
kolla/centos-source-memcached                   stein               7af3c04e37b3        44 hours ago        407MB
kolla/centos-source-kolla-toolbox               stein               d6718bf60842        44 hours ago        687MB
kolla/centos-source-rabbitmq                    stein               2135cb353c35        44 hours ago        486MB
kolla/centos-source-cron                        stein               83f979d850d9        44 hours ago        406MB
//部署OpenStack
[root@OpenStack240 ~]# kolla-ansible -i /etc/kolla/all-in-one deploy
PLAY RECAP *****************************************************************************************************
OpenStack : ok=279 changed=168 unreachable=0 failed=0 skipped=116 rescued=0 ignored=0
//验证部署,并且生成/etc/kolla/admin-openrc.sh
[root@OpenStack240 ~]# kolla-ansible -i /etc/kolla/all-in-one post-deploy
PLAY RECAP *****************************************************************************************************
localhost : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
[root@OpenStack240 ~]# cat /etc/kolla/admin-openrc.sh
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_TENANT_NAME=admin
export OS_USERNAME=admin  //在该文件中可以看到OpenStack的Web页面账号密码
export OS_PASSWORD=123456
export OS_AUTH_URL=http://192.168.128.240:35357/v3
export OS_INTERFACE=internal
export OS_IDENTITY_API_VERSION=3
export OS_REGION_NAME=RegionOne
export OS_AUTH_PLUGIN=password

  报错1:拉取镜像失败。

  首先重复尝试几次拉取镜像操作。如果还是失败,先检测/etc/kolla/globals.yml中第21行版本号是否正确。在版本号正确的情况下再次拉取镜像还是报错,那么向前退一个版本尝试拉取镜像。(我就是train版本无法使用,退回到stein版本)注意清理其他版本的镜像

  报错2:部署失败(我没遇到,有待测试)

    如果部署时报以下错误:

RUNNING HANDLER [common : Initializing toolbox container using normal user] ****
fatal: [HOSTNAME]: FAILED! => {"changed": false, "cmd": ["docker", "exec", "-t", "kolla_toolbox", "/usr/bin/ansible", "--version"],
 "delta": "0:00:01.251727", "end": "2018-08-29 22:52:03.283733", "msg": "non-zero return code", "rc": 126, 
"start": "2018-08-29 22:52:02.032006", "stderr": "", "stderr_lines": [], 
"stdout": "OCI runtime exec failed: exec failed: container_linux.go:348:

    可以尝试重新部署,会自动解决该问题。

  使用内网的Windows测试

 

(7).重启服务器后来带的问题

  kolla部署的OpenStack-allinone云平台自带开机自启,就是启动稍微有点慢。 但是在我重启过后发现少启动了一个镜像,一番查找之下发现缺少了kolla/centos-source-nova-scheduler:stein镜像(nova-scheduler)。以下为重启之后的操作,如有不能启动的镜像可以照此操作

[root@OpenStack240 ~]# docker ps | grep nova-scheduler
[root@OpenStack240 ~]# docker ps -a | grep nova-scheduler
a3d73b4b5ac8        kolla/centos-source-nova-scheduler:stein              "dumb-init --single-…"   23 hours ago        Exited (137) 7 minutes ago                       nova_scheduler
[root@OpenStack240 ~]# docker restart a3d73b

  然后再重启就又可以开机自启了,不知道为什么。

 

参考:https://blog.csdn.net/dolphinsz/article/details/83049521

   https://blog.51cto.com/9025736/2440391

posted @ 2019-11-30 12:00  苦逼运维  阅读(7675)  评论(13编辑  收藏  举报