|
|
一、系统环境, w; ] I& I2 ^7 g/ Q
root@server:~# cat /etc/lsb-release
* Q* s T% l9 a/ n- u5 YDISTRIB_ID=Ubuntu+ ~8 j& x V' i* w
DISTRIB_RELEASE=22.04+ A& r* ]1 l4 G. ^
DISTRIB_CODENAME=jammy- Z. O2 _# k& @) {; G. |
DISTRIB_DESCRIPTION="Ubuntu 22.04.5 LTS"
3 }. G/ Q1 x( {7 \; p
. \% ]; T) s/ F7 r: }- s3 Oroot@server:~# python3 --version# q1 _& |, N7 J1 t4 }: N
Python 3.10.12
" `1 K- E' p1 B5 w+ |& P* l* ~6 ~
& _& }6 B! ^' F! x1 Rroot@server:~# pip --version
5 K% x) m7 z3 l2 v }# J8 Mpip 22.0.2 from /usr/lib/python3/dist-packages/pip (python 3.10)
! i+ n% l, Q7 Y" G9 R1 @" V. n) u0 _+ c
root@server:~# pip3 --version
3 [' M# B" V6 I) T& I: gpip 22.0.2 from /usr/lib/python3/dist-packages/pip (python 3.10), P+ O8 c* `1 \* t% o" q
$ q, q3 T, e9 s4 Z) P; mroot@server:~# docker --version) `- G2 t" v2 J' p2 n4 B
Docker version 27.2.1, build 9e34c9b
% O% \# Q1 H: t2 k% a7 t: @; b 最小硬件要求
6 U. y* S9 M/ {* M: v/ c5 K) i+ J: B. A' [4 z
2 network interfaces
8 S, e. O2 o: G- \
; @ N9 v1 U: }3 `- y; |; C, q. g8GB main memory! o8 N4 ~/ u$ j
. U7 b c- f; u5 T$ i' K
40GB disk space
( R9 _3 B( q7 Z" [二、openstack版本时间列表
6 L T4 |5 j% t$ U请阅览: y% p4 s# I' _8 q
官方文档:OpenStack Releases: OpenStack Releases. _8 s2 R0 Q3 `& B+ `
2 W4 l* r5 s- L$ S9 a三、安装步骤9 Y, P: c O5 J6 a% B2 Q
1、更新安装源
" _! i3 h) j/ O# q- w2 [sudo apt update8 u [! ~0 N6 u, O2 X
2、安装python依赖库
" ?3 ~% C9 W: c/ C: g# fsudo apt install git python3-dev libffi-dev gcc libssl-dev -y
4 d" V8 Z" b% V5 u& K *在第二步安装完成后,官方文档建议使用python虚拟环境
" x1 R6 d+ Y# R. r" H0 E4 x0 x# o$ S) ~6 N
python3-venv
2 x3 z! ^- V* A) h P% Q; G实际安装中,启用虚拟环境会出现一些文件和依赖库找不到的情况,有科学上网的情况下不使用python虚拟环境更容易成功。
' Q! z3 Q* t% \5 y) r7 t5 A3、更新Pip
% ~/ C e* d6 O$ c& {/ \9 O8 xpip install -U pip# y* Q* f1 b8 A# b' G( _) A6 n
4、安装ansible,*此步有版本兼容要求 ,详细查看官方文档5 }6 K" |! h! o
pip install 'ansible-core>=2.14,<2.16'
; w _2 s7 i* T, _! x! i- O
8 n. O' F) f2 x) y/ A/ G5、 安装kolla-ansible,*有科学上网速度更快,更易成功。
$ e) b+ h5 d/ ppip install git+https://opendev.org/openstack/kolla-ansible@stable/2023.2
Z" k) B0 {8 ~9 V验证
* g) N1 w9 t2 _* A8 h2 c
3 P- H. q) l P& Troot@server:~# kolla-ansible --version, ? b- U" \) \+ t3 i
17.5.1: h2 U& M4 T4 x; A, J' f
& ]3 D$ m: V, [$ j8 H6、创建/etc/kolla目录- P) s- E# T1 m5 Z( E% ^; k
sudo mkdir -p /etc/kolla/ `2 d8 B) i* y* H3 p# u
sudo chown $USER:$USER /etc/kolla; {% k, p& d. r- T! ]2 ^: L- m
7、复制globals.yml和passwords.yml至/etc/kolla目录。
v" j9 L1 ?+ E. C9 R: ucp -r /usr/local/share/kolla-ansible/etc_examples/kolla/* /etc/kolla) b8 N$ O( U- O4 i9 z* e d
# s8 K% J" S8 ~4 E: c
8、将存文件all-in-one复制到当前目录
4 @5 J. }3 G) P, m- D+ fcp /usr/local/share/kolla-ansible/ansible/inventory/all-in-one .& e2 @2 }3 W( @5 b$ Q
9、安装 Ansible Galaxy 依赖项+ H) p' p0 N# R! Y& [( t
kolla-ansible install-deps1 k' I% t; l. ]3 M6 ^
10、准备初始配置1 q+ N' u, {) E- q. m
kolla-genpwd) c# @6 ]0 t- _
此命令会自动在/etc/kolla/passwords.yml文件中生成需用到的密码,手动改成我们容易记忆的密码1 R& E. J4 O1 K' a2 r
- Y6 p+ a0 T$ [ hvim /etc/kolla/passwords.yml% q9 z4 `9 ^, r
ironic_database_password: OP51scqsHjnnhyrcNP78EgrueWfCZqLsWsAxr6vY8 W/ h2 O/ U D5 |7 F, D; i
ironic_inspector_database_password: wFGxG2AGUObjFfAgjTik6xKyy45u1q82wJaM9Cpa* H, B+ `: ?3 y" M- x' o$ m
ironic_inspector_keystone_password: 3oO8YGp0C3lLdCWe9po2KlLuLUtZAlbDS5grxAjn: H }. o7 y7 n, e
ironic_keystone_password: LnnnShk6HEM8THNgGrng9wqVFzFGtKNSIIzCfYMd' k0 F- U: |- H" R6 Q1 P
keepalived_password: NzQGRdKBrw3WP9FFbAG0cwHpUNpDMEUolzEWn2Dm
, t. a9 M2 b/ x6 k5 j Kkeystone_admin_password: 【登入密码】例如:root1234.
" M' k' p8 U! s1 r# ?keystone_database_password: xaYRCMsOtfPBs27upLeeC8Ve2VuZcmhuKEXvxXFE, k1 B: H h% q; D
keystone_federation_openid_crypto_password: U5q5RIrkZawlGtR0sgHWWMYjO36UJtPWBPnC1vx2+ b8 D7 ]3 s; J
+ r, O: J5 `. y+ b0 y* r/ v
修改/etc/kolla/globals.yml文件& i/ a9 A$ Y; z% ^+ l0 ~$ V
$ M1 P, y" M1 \- s J( _
vim /etc/kolla/globals.yml: g! ]8 K! V; |) y- o7 e* R
网络部分:( _- z2 B$ \/ _, A2 e9 u. m0 v7 t
" G: h/ X" b- K/ J6 Q( s" h( Z& S# S
#**********
' x, C7 K$ h6 dkolla_internal_vip_address: "192.168.8.88"4 c7 `/ @5 V. J. ~. }: \
1 y) E% z2 o# `7 W#**************4 {6 [9 b6 S5 g" I1 ?. \7 Q
network_interface: "ens160"
7 B9 j8 F) k$ H
% h i: h$ `1 Y0 d8 D2 hneutron_external_interface: "ens190"4 L; j( j, c+ @" a
*network_interface设备正常连接,并配IP4可正常上网和科学上网,和192.168.8.88在同一网段。 + s3 h4 [6 [# [; C- }1 G. o- |
5 v1 G7 K8 E5 F* J) N2 ~*neutron_external_interface 设备为启用,但不连接状态* X, j8 X: h z7 o, X
$ k0 c) C) k" g2 M7 v
启用裸金属配置
* ]2 f# E. A9 ^$ X9 k
1 [) L5 I- T6 r/ t& M4 H5 t6 b#enable_influxdb: "{{ enable_cloudkitty | bool and cloudkitty_storage_backend == 'influxdb' }}"# T+ P9 O) O/ F7 Q3 j
enable_ironic: "yes") @: ?( o4 h# u! j2 K: u" H* a
#enable_ironic_neutron_agent: "{{ enable_neutron | bool and enable_ironic | bool }}"/ g5 }, I; [4 p/ ]- u
裸金属配置部分
6 {6 g" x; O- F4 J- q* z3 V' E$ |
4 U# A9 l: u1 v#############################
/ V3 c- [+ D7 f1 G$ N# Ironic options. ?- e7 [& A: }8 j1 Z1 u) B
#############################
! Q7 P* [& S3 ^( H) N# F4 _2 \ Y# dnsmasq bind interface for Ironic Inspector, by default is network_interface. v4 K: K( q- e2 ]% a9 z
#ironic_dnsmasq_interface: "{{ network_interface }}"0 u7 O/ X$ L' g7 E9 U: l' Q* @
ironic_cleaning_network: "public1"- l$ D6 d' M4 n- i. ?7 q$ K
# The following value must be set when enabling ironic, the value format is a
^: o; f) p4 E3 @& D# list of ranges - at least one must be configured, for example:* z! `+ e; X+ R* d3 m% ?
# - range: 192.168.0.10,192.168.0.100
0 A" D n4 r y% U/ c5 F/ J# See Kolla Ansible docs on Ironic for details.
2 b$ a: E# W, P! ^/ N#ironic_dnsmasq_dhcp_ranges:1 |; @; A6 Z& |: @4 A, `
# PXE bootloader file for Ironic Inspector, relative to /var/lib/ironic/tftpboot./ @0 ]' _9 y/ M; l8 O
#ironic_dnsmasq_boot_file: "pxelinux.0"
2 c+ x5 M" w. d8 K) ] O% o: y0 u
" H/ k6 Q% C0 B) x6 `( e8 G5 H# PXE bootloader file for Ironic Inspector, relative to /tftpboot.7 s. S6 C$ T* h9 A* _0 E& N% M
ironic_dnsmasq_dhcp_ranges:# n+ d) `4 i* S9 C& D
- range: "192.168.6.100,192.168.6.120,255.255.255.0"
6 g( w5 Y) e' M& [1 j2 P/ I routers: "192.168.6.1"9 K1 o" O: U- y; d5 {3 y7 s3 W
# # PXE bootloader file for Ironic Inspector, relative to /tftpboot.
' l* n4 g0 l5 h" J5 r4 r. v' v) [* o) Yironic_dnsmasq_boot_file: "pxelinux.0"
7 N; B9 x; R0 ^7 ?ironic_cleaning_network: "public1"5 m6 w% `: P H; Z4 E! M
ironic_dnsmasq_default_gateway: 192.168.6.1
& e* i5 P0 Z( d8 q11、 带有 kolla 部署依赖项的引导服务检查! e/ Z5 M7 `0 b) g
kolla-ansible -i ./all-in-one bootstrap-servers
6 h8 t/ C* u4 e1 g0 F" F此过程中,可能遇到的问题# c; b; u$ g1 { O) A# C
+ M2 ?) J2 r, ]/ D0 h. Q' c1、无法下载docker gpg key文件
! @, u$ Y! }3 R; t' q& R( `
, ~: C$ t3 \1 g* |" iTASK [openstack.kolla.docker : Install docker apt gpg key] ******************************************************************************************************************************************************
2 N# q3 y0 N; v8 Tfatal: [localhost]: FAILED! => {"changed": false, "dest": "/etc/apt/keyrings/docker.asc", "elapsed": 0, "msg": "Request failed: <urlopen error [Errno 104] Connection reset by peer>", "url": "https://download.docker.com/linux/ubuntu/gpg"}: F& p- w1 ^$ P& u) ]/ S
8 p. X! F+ ` X0 {PLAY RECAP ******************************************************************************************************************************************************************************************************
/ A- V8 m' X; ilocalhost : ok=15 changed=4 unreachable=0 failed=1 skipped=4 rescued=0 ignored=0
! p, T6 y5 x) b( ] kolla-ansible无法安装docker官网的gpg文件,可用科学上网或是代理方法手工导入。例如
3 g$ g- U G! g T0 W5 L1 c9 _
+ x L! M, k- \curl -x http://103.41.117.2:912 -U username:password -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
) E/ e0 b- G6 E3 N( C3 }9 b1 k% A2、设置apt repository错误
3 T7 m. B* R5 z! t, p3 v0 F
0 W! {. Q: ^. c5 e3 a3 rTASK [openstack.kolla.docker : Enable docker apt repository] ****************************************************************************************************************************************************% n1 ^6 e! B0 B4 U
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: apt_pkg.Error: E:Conflicting values set for option Signed-By regarding source https://download.docker.com/linux/ubuntu/ jammy: /usr/share/keyrings/docker-archive-keyring.gpg != /etc/apt/keyrings/docker.asc, E:The list of sources could not be read.
) S' e) h' F8 ?4 R6 u2 D7 hfatal: [localhost]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\n File \"/root/.ansible/tmp/ansible-tmp-1726959353.5827672-18889-136818767683024/AnsiballZ_apt_repository.py\", line 107, in <module>\n _ansiballz_main()\n File \"/root/.ansible/tmp/ansible-tmp-1726959353.5827672-18889-136818767683024/AnsiballZ_apt_repository.py\", line 99, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/root/.ansible/tmp/ansible-tmp-1726959353.5827672-18889-136818767683024/AnsiballZ_apt_repository.py\", line 47, in invoke_module\n runpy.run_module(mod_name='ansible.modules.apt_repository', init_globals=dict(_module_fqn='ansible.modules.apt_repository', _modlib_path=modlib_path),\n File \"/usr/lib/python3.10/runpy.py\", line 224, in run_module\n return _run_module_code(code, init_globals, run_name, mod_spec)\n File \"/usr/lib/python3.10/runpy.py\", line 96, in _run_module_code\n _run_code(code, mod_globals, init_globals,\n File \"/usr/lib/python3.10/runpy.py\", line 86, in _run_code\n exec(code, run_globals)\n File \"/tmp/ansible_apt_repository_payload_hw0whgee/ansible_apt_repository_payload.zip/ansible/modules/apt_repository.py\", line 765, in <module>\n File \"/tmp/ansible_apt_repository_payload_hw0whgee/ansible_apt_repository_payload.zip/ansible/modules/apt_repository.py\", line 742, in main\n File \"/usr/lib/python3/dist-packages/apt/cache.py\", line 152, in __init__\n self.open(progress)\n File \"/usr/lib/python3/dist-packages/apt/cache.py\", line 214, in open\n self._cache = apt_pkg.Cache(progress)\napt_pkg.Error: E:Conflicting values set for option Signed-By regarding source https://download.docker.com/linux/ubuntu/ jammy: /usr/share/keyrings/docker-archive-keyring.gpg != /etc/apt/keyrings/docker.asc, E:The list of sources could not be read.\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}
9 ]% P& |* H6 q A$ t/ { `8 j$ F 科学上网可以解决,或者可以手工导入docker官方源3 D' t0 K# J8 H# C6 M# C2 v2 C0 j
3 ?! e6 }* k+ o3 s Ksudo tee /etc/apt/sources.list.d/docker.list <<EOF
) y$ S- q/ a3 F3 S3 ], [# W2 H G8 jdeb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable
2 R8 p ]. Y: |3 L+ H4 D# IEOF
" y/ J; E$ a: c- d12、对主机进行部署前检查
1 O$ a0 ]) w/ D9 C# pkolla-ansible -i ./all-in-one prechecks
. Z( g1 | N+ Z! y- L8 g 13、实际的OpenStack部署
2 [( ?8 o9 _% o, r8 bkolla-ansible -i ./all-in-one deploy
0 u; |3 a( f" h$ `部署成功后,裸金属向导界面为$ E) i5 |+ C/ Q
8 W. @: M$ R8 [3 h- [5 U
6 U2 m9 O2 _. G. s; `1 r) b9 v
, f' Y1 {+ t- K0 a5 S注册节点驱动属性增加http下载
/ @, v* o8 S& k6 w
5 K; {5 b/ D! z: o7 D& K) e
" n0 H; ?5 t5 R; g( N) G- x$ p
2 t7 m' _2 `1 F1 l6 H" T) \2 A; K& W( m3 B
; N( H7 N0 {3 h) ?+ R5 b8 m% G
四、其他问题; a1 ?0 }, b) I
1、部署出问题时,摧毁所有系统配置。
+ g# L8 ^" M0 s: x& \* Hkolla-ansible destroy -i ./all-in-one --yes-i-really-really-mean-it7 f0 ~0 m8 c# I; D O2 s) I
+ Q: m j4 c6 ?# q6 l v
2、安装CLI客户端
& } \9 |7 E4 `) C; }& u1 Spip install python-openstackclient -c https://releases.openstack.org/constraints/upper/2023.2
# j' H$ o! l( u; s9 S
" v, o5 ~* V( q* N& ]; F3、生成管理员认证访问凭据文件
- h! B: w, }; Zkolla-ansible post-deploy- l3 Q# b. h7 I: m( p7 j
) B6 \+ k W/ L" \/ G# _% B7 p( A! j
cp /etc/kolla/admin-openrc.sh .
3 \6 h( y8 O& c' T N 使用CLI访问时,可先启用0 _" J0 `/ m0 }$ H e5 t
6 O( m% i( l- J. admin-openrc.sh
( ]# t* j6 x% ?( _: q* F$ [ 运行测试
+ q& Q4 K" i& b, P8 P3 u
; I$ X1 Y( _4 z! _; u" ?root@odoo16e-server:~# . admin-openrc.sh
. I0 p& r; X [/ Z1 hroot@odoo16e-server:~# openstack compute service list4 Z% e1 t9 a* Z! P3 E/ H
+--------------------------------------+----------------+-----------------------+----------+---------+-------+----------------------------+
! q/ S$ n8 O% t0 K| ID | Binary | Host | Zone | Status | State | Updated At |0 a; x# o3 b7 T
+--------------------------------------+----------------+-----------------------+----------+---------+-------+----------------------------+6 M8 D' _+ G" _' B3 ]
| 67f25603-5d6e-4327-a9d2-b0fd341876f3 | nova-conductor | odoo16e-server | internal | enabled | up | 2024-09-19T03:31:17.000000 |
) N: W6 m u* x o' H| f49326e1-1608-4546-bed0-123dd2e52af8 | nova-compute | odoo16e-server | nova | enabled | up | 2024-09-19T03:31:13.000000 |8 R- A! B p l
| b26f35c0-bb02-4151-8df4-e30d65eb6e4a | nova-compute | odoo16e-server-ironic | nova | enabled | up | 2024-09-19T03:31:19.000000 |# s0 Q1 W4 o8 U5 I* j& _
| 9b988858-bcbf-4fce-8b55-c0c01e30a463 | nova-scheduler | odoo16e-server | internal | enabled | up | 2024-09-19T03:31:19.000000 |
$ \+ \" U/ C; b3 {7 t+--------------------------------------+----------------+-----------------------+----------+---------+-------+----------------------------+
6 L+ ~ T4 T' G L* B/ |5 C& x6 u* `! L) [+ e( B& E' Y
6 M3 O3 w8 B1 q4 C! L: J
|
|
发表于 2025-3-17 10:00:02