openstack 2023.2 Bobcat 本地安装部署

admin

一、系统环境
% w' C" N: b2 F% X- {' @: a! ?% s3 |root@server:~# cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=22.04
  T0 S6 v( L, P- K* sDISTRIB_CODENAME=jammy
- a2 A; U  V5 F8 A: nDISTRIB_DESCRIPTION="Ubuntu 22.04.5 LTS"

root@server:~# python3 --version
Python 3.10.12
. w1 J4 P# P' `+ s2 n
root@server:~# pip --version
pip 22.0.2 from /usr/lib/python3/dist-packages/pip (python 3.10)
& y- G. A# Y9 Z: |$ E
root@server:~# pip3 --version
pip 22.0.2 from /usr/lib/python3/dist-packages/pip (python 3.10)

root@server:~# docker --version
Docker version 27.2.1, build 9e34c9b
+ X4 N& t5 A. ^- P3 i6 A 最小硬件要求

2 network interfaces
. ^; n  D, k! k) |! ^# O
: s0 a- [. u4 N3 P( m5 Z2 A8GB main memory

40GB disk space
二、openstack版本时间列表
2 b" t/ M+ F. |) T0 H) }. `请阅览
5 b8 X. o/ |7 S官方文档：OpenStack Releases: OpenStack Releases
7 n  p6 h+ X6 o7 c2 P
" D+ y/ O. ~9 B# P三、安装步骤
1、更新安装源
# p& e7 R; o6 W% J; j2 A' \sudo apt update
2、安装python依赖库
sudo apt install git python3-dev libffi-dev gcc libssl-dev -y
*在第二步安装完成后，官方文档建议使用python虚拟环境
9 [. w; q2 p4 |
python3-venv
$ Q4 e3 L" Y6 [5 d. Z# }! W& r实际安装中，启用虚拟环境会出现一些文件和依赖库找不到的情况，有科学上网的情况下不使用python虚拟环境更容易成功。
3、更新Pip
5 Q6 ~0 d5 j9 p& t; b; \( c' _pip install -U pip
4、安装ansible，*此步有版本兼容要求 ，详细查看官方文档
+ l/ j& a) [$ O: {2 D! o) r% npip install 'ansible-core>=2.14,<2.16'
+ H4 p8 U- g9 E4 R0 J8 b
3 a$ i2 U! v/ a2 }7 ^5、 安装kolla-ansible，*有科学上网速度更快，更易成功。
pip install git+https://opendev.org/openstack/kolla-ansible@stable/2023.2
验证
% y4 s/ x# a) o( G# U# Y
9 p  z4 q# ?& b2 O0 n6 |root@server:~# kolla-ansible --version
17.5.1
4 b( F2 P; u' T9 N
5 T! E1 o4 W; g! J+ |5 A0 F# }6、创建/etc/kolla目录
sudo mkdir -p /etc/kolla
sudo chown $USER:$USER /etc/kolla
: _" M+ z/ F/ P% h 7、复制globals.yml和passwords.yml至/etc/kolla目录。
cp -r /usr/local/share/kolla-ansible/etc_examples/kolla/* /etc/kolla
7 @' ?. }, X' c( r# `+ X
8、将存文件all-in-one复制到当前目录
) J+ t" Z  M  l4 d$ Ycp /usr/local/share/kolla-ansible/ansible/inventory/all-in-one .
9、安装 Ansible Galaxy 依赖项
kolla-ansible install-deps
0 V) S& p! z* C8 |1 f10、准备初始配置
; |4 f4 L- o  Hkolla-genpwd
; j3 \7 K( J, F2 l$ S. Y* d 此命令会自动在/etc/kolla/passwords.yml文件中生成需用到的密码，手动改成我们容易记忆的密码

vim /etc/kolla/passwords.yml
0 ?1 Y8 e. y' ^5 a; |4 R" A ironic_database_password: OP51scqsHjnnhyrcNP78EgrueWfCZqLsWsAxr6vY
1 I6 z/ g! b( n: X' ]8 l  Dironic_inspector_database_password: wFGxG2AGUObjFfAgjTik6xKyy45u1q82wJaM9Cpa
4 t3 d) @. Q  u" _9 z5 X, Y9 Jironic_inspector_keystone_password: 3oO8YGp0C3lLdCWe9po2KlLuLUtZAlbDS5grxAjn
ironic_keystone_password: LnnnShk6HEM8THNgGrng9wqVFzFGtKNSIIzCfYMd
keepalived_password: NzQGRdKBrw3WP9FFbAG0cwHpUNpDMEUolzEWn2Dm
keystone_admin_password: 【登入密码】例如：root1234.
keystone_database_password: xaYRCMsOtfPBs27upLeeC8Ve2VuZcmhuKEXvxXFE
keystone_federation_openid_crypto_password: U5q5RIrkZawlGtR0sgHWWMYjO36UJtPWBPnC1vx2

: G" V0 S+ B( p; o1 o修改/etc/kolla/globals.yml文件
/ `/ t  I) W: D
vim /etc/kolla/globals.yml
网络部分:

9 f! e' ~3 z  [$ `  ?3 R5 n#**********
kolla_internal_vip_address: "192.168.8.88"
0 B1 B0 m1 r2 I  c' ~  \
#**************
network_interface: "ens160"
2 Y  V6 j3 @! C% Q: h: m& U% L' k
neutron_external_interface: "ens190"
*network_interface设备正常连接，并配IP4可正常上网和科学上网，和192.168.8.88在同一网段。

*neutron_external_interface 设备为启用，但不连接状态

启用裸金属配置

#enable_influxdb: "{{ enable_cloudkitty | bool and cloudkitty_storage_backend == 'influxdb' }}"
enable_ironic: "yes"
#enable_ironic_neutron_agent: "{{ enable_neutron | bool and enable_ironic | bool }}"
9 o2 V% a+ F: e5 Q2 n 裸金属配置部分
4 V. W( ~  W& j6 ~7 Y
& U2 Z/ W/ U; {! Y$ \( ^#############################
" @* L, q' e1 E% l; H& {, M! Q, L# Ironic options
& D$ M8 H/ O1 R3 }. ~#############################
# dnsmasq bind interface for Ironic Inspector, by default is network_interface
#ironic_dnsmasq_interface: "{{ network_interface }}"
4 r  y6 ]4 E1 X& V' g0 Aironic_cleaning_network: "public1"
# The following value must be set when enabling ironic, the value format is a
# list of ranges - at least one must be configured, for example:
# - range: 192.168.0.10,192.168.0.100
/ x! w: f$ W. ~- @- F# See Kolla Ansible docs on Ironic for details.
' ?0 e0 w8 Q3 M" x#ironic_dnsmasq_dhcp_ranges:
# PXE bootloader file for Ironic Inspector, relative to /var/lib/ironic/tftpboot.
#ironic_dnsmasq_boot_file: "pxelinux.0"

# PXE bootloader file for Ironic Inspector, relative to /tftpboot.
8 h2 Y8 A; W4 E* x& Z2 I1 y, _2 fironic_dnsmasq_dhcp_ranges:
2 T. M( R  w4 \  - range: "192.168.6.100,192.168.6.120,255.255.255.0"
4 l' W. N5 c0 n! o% b$ y    routers: "192.168.6.1"
# # PXE bootloader file for Ironic Inspector, relative to /tftpboot.
ironic_dnsmasq_boot_file: "pxelinux.0"
ironic_cleaning_network: "public1"
4 C' X% H4 E/ J  v% Uironic_dnsmasq_default_gateway: 192.168.6.1
* S1 b' {! l" Z/ f" x. z11、 带有 kolla 部署依赖项的引导服务检查
: O* L' l- U6 I/ [4 c7 f9 X1 kkolla-ansible -i ./all-in-one bootstrap-servers
' h7 O1 J1 V! x此过程中，可能遇到的问题
9 o/ ]* a0 f4 Z
1、无法下载docker gpg key文件
1 `6 p1 Z4 }+ \+ h7 L
! y2 ?% @: ^8 a$ V0 \3 E/ KTASK [openstack.kolla.docker : Install docker apt gpg key] ******************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "dest": "/etc/apt/keyrings/docker.asc", "elapsed": 0, "msg": "Request failed: <urlopen error [Errno 104] Connection reset by peer>", "url": "https://download.docker.com/linux/ubuntu/gpg"}
( u$ f& c4 y' C% ?
$ ]: ?6 F4 K+ a( o3 _# i; |* VPLAY RECAP ******************************************************************************************************************************************************************************************************
localhost                  : ok=15   changed=4    unreachable=0    failed=1    skipped=4    rescued=0    ignored=0   
kolla-ansible无法安装docker官网的gpg文件，可用科学上网或是代理方法手工导入。例如
. L: i/ x& D/ \( I' l
" I4 K! S  w* y2 Rcurl  -x http://103.41.117.2:912 -U username:password  -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
2、设置apt repository错误
/ `, f/ u; B+ r1 D& C
TASK [openstack.kolla.docker : Enable docker apt repository] ****************************************************************************************************************************************************
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: apt_pkg.Error: E:Conflicting values set for option Signed-By regarding source https://download.docker.com/linux/ubuntu/ jammy: /usr/share/keyrings/docker-archive-keyring.gpg != /etc/apt/keyrings/docker.asc, E:The list of sources could not be read.
fatal: [localhost]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\n  File \"/root/.ansible/tmp/ansible-tmp-1726959353.5827672-18889-136818767683024/AnsiballZ_apt_repository.py\", line 107, in <module>\n    _ansiballz_main()\n  File \"/root/.ansible/tmp/ansible-tmp-1726959353.5827672-18889-136818767683024/AnsiballZ_apt_repository.py\", line 99, in _ansiballz_main\n    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n  File \"/root/.ansible/tmp/ansible-tmp-1726959353.5827672-18889-136818767683024/AnsiballZ_apt_repository.py\", line 47, in invoke_module\n    runpy.run_module(mod_name='ansible.modules.apt_repository', init_globals=dict(_module_fqn='ansible.modules.apt_repository', _modlib_path=modlib_path),\n  File \"/usr/lib/python3.10/runpy.py\", line 224, in run_module\n    return _run_module_code(code, init_globals, run_name, mod_spec)\n  File \"/usr/lib/python3.10/runpy.py\", line 96, in _run_module_code\n    _run_code(code, mod_globals, init_globals,\n  File \"/usr/lib/python3.10/runpy.py\", line 86, in _run_code\n    exec(code, run_globals)\n  File \"/tmp/ansible_apt_repository_payload_hw0whgee/ansible_apt_repository_payload.zip/ansible/modules/apt_repository.py\", line 765, in <module>\n  File \"/tmp/ansible_apt_repository_payload_hw0whgee/ansible_apt_repository_payload.zip/ansible/modules/apt_repository.py\", line 742, in main\n  File \"/usr/lib/python3/dist-packages/apt/cache.py\", line 152, in __init__\n    self.open(progress)\n  File \"/usr/lib/python3/dist-packages/apt/cache.py\", line 214, in open\n    self._cache = apt_pkg.Cache(progress)\napt_pkg.Error: E:Conflicting values set for option Signed-By regarding source https://download.docker.com/linux/ubuntu/ jammy: /usr/share/keyrings/docker-archive-keyring.gpg != /etc/apt/keyrings/docker.asc, E:The list of sources could not be read.\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}
科学上网可以解决，或者可以手工导入docker官方源

sudo tee /etc/apt/sources.list.d/docker.list <<EOF
3 E* }2 o( H- h3 ?4 r: V( ~# adeb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable
- q1 Z1 E1 @3 ^$ qEOF
12、对主机进行部署前检查
kolla-ansible -i ./all-in-one prechecks
/ @  h! X) o) }2 b" Y+ g) Z  I 13、实际的OpenStack部署
0 y1 \8 Z- H7 k/ k4 N5 Y' tkolla-ansible -i ./all-in-one deploy
部署成功后，裸金属向导界面为

6 f9 b) R! Z4 a3 z! p* m0 H& {. }2 Q! q1 J

% L( \/ i  F+ Z4 _2 ]1 h注册节点驱动属性增加http下载

0 A" a; a4 \3 N% k2 G' T

7 ~8 x8 \9 r) f/ D: |0 m6 v) u( Y& J

四、其他问题
! L2 ^! m5 E0 ~* ?1 e1、部署出问题时，摧毁所有系统配置。
kolla-ansible destroy -i ./all-in-one --yes-i-really-really-mean-it

5 R  p9 g9 Q4 k3 }. {2、安装CLI客户端
pip install python-openstackclient -c https://releases.openstack.org/constraints/upper/2023.2
% _; t1 N5 c- V/ l: \$ [" B
) b% V2 m7 A% A* ^% e. y3、生成管理员认证访问凭据文件
% \5 [, O  l: w/ G: t, i$ lkolla-ansible post-deploy

3 p" y! }3 `! T- @3 Xcp /etc/kolla/admin-openrc.sh .
/ S7 M1 ~( Z! m, N# U8 t 使用CLI访问时，可先启用
( E8 _/ b. l, P, i( k4 N% K
- R/ h+ Q& b& a- J0 L2 t. admin-openrc.sh
运行测试
2 v7 M7 E3 |& k7 S
root@odoo16e-server:~# . admin-openrc.sh
root@odoo16e-server:~# openstack compute service list
+--------------------------------------+----------------+-----------------------+----------+---------+-------+----------------------------+
8 D! d9 I4 d1 D  c0 s! P/ u| ID                                   | Binary         | Host                  | Zone     | Status  | State | Updated At                 |
; ~$ c1 A8 j3 ?+--------------------------------------+----------------+-----------------------+----------+---------+-------+----------------------------+
1 J  y, m, P; ~8 s| 67f25603-5d6e-4327-a9d2-b0fd341876f3 | nova-conductor | odoo16e-server        | internal | enabled | up    | 2024-09-19T03:31:17.000000 |
| f49326e1-1608-4546-bed0-123dd2e52af8 | nova-compute   | odoo16e-server        | nova     | enabled | up    | 2024-09-19T03:31:13.000000 |
| b26f35c0-bb02-4151-8df4-e30d65eb6e4a | nova-compute   | odoo16e-server-ironic | nova     | enabled | up    | 2024-09-19T03:31:19.000000 |
* H3 U  s3 P% ^| 9b988858-bcbf-4fce-8b55-c0c01e30a463 | nova-scheduler | odoo16e-server        | internal | enabled | up    | 2024-09-19T03:31:19.000000 |
' j! L: a  d5 H) L3 b7 l( V1 |+--------------------------------------+----------------+-----------------------+----------+---------+-------+----------------------------+
3 g" D. Q+ K8 ]- }" N
; B/ \6 q1 k" g+ ~6 r" w3 }8 n
7 n# ?9 |6 n6 z5 g