- 积分
- 16843
在线时间 小时
最后登录1970-1-1
|
马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。
您需要 登录 才可以下载或查看,没有账号?开始注册
x
一、系统环境5 X# f) i3 l8 `" B e
root@server:~# cat /etc/lsb-release
0 ?5 z1 L1 R7 f7 ?- A0 |) G q! GDISTRIB_ID=Ubuntu/ C& ]! k4 g0 d; `6 R- K0 x: E
DISTRIB_RELEASE=22.04
1 A; M+ J# C" E0 d3 z L! oDISTRIB_CODENAME=jammy
- @( O- G ^' K4 }$ |DISTRIB_DESCRIPTION="Ubuntu 22.04.5 LTS"
% J& c7 M# I" ]" T! K6 z* d6 h1 B4 k# e& f
root@server:~# python3 --version
; v& z0 N- ^) @4 w5 Y- j& qPython 3.10.12
2 b; E- c- @# j" z: o5 H/ P. `5 y6 k. ^) O; o
root@server:~# pip --version7 X; d7 {% ~6 V3 h
pip 22.0.2 from /usr/lib/python3/dist-packages/pip (python 3.10)" A( K* G4 w6 N1 Z/ ^, y3 z
# d, G9 e' I9 \. R
root@server:~# pip3 --version. L9 r1 W- X3 g @
pip 22.0.2 from /usr/lib/python3/dist-packages/pip (python 3.10)
! u! h0 \ c: o, B% l0 N( `( E$ W- L1 g9 i
root@server:~# docker --version. X/ ^* G- P: R N
Docker version 27.2.1, build 9e34c9b+ m3 J% Q' L; M( k* b
最小硬件要求
1 ?2 i$ E5 k( ?9 x2 H% [) T* C
* v( w' G" }$ Z7 d" ^9 a2 network interfaces ^) H1 n! L7 Z: x% V* z' [
% M3 ?: ^; c: A7 V q6 Y! Y8GB main memory) ^# o5 o( e+ g, J
( w3 H# U8 w& f' R q
40GB disk space
/ k$ j; f8 e( \" w6 m二、openstack版本时间列表
9 @$ l0 o5 [& u6 r; R( ]请阅览
! {4 T4 \% b& I9 P2 |官方文档:OpenStack Releases: OpenStack Releases- D m* k2 f& W! ?1 K
K, [' Z. F( e2 z3 V
三、安装步骤* G: B! K8 _% v- n! I, {% A& J8 T# Z
1、更新安装源9 C& o1 t4 s- z1 K
sudo apt update* ]; q, o& O& O* _8 p9 l& y
2、安装python依赖库
6 j) W( b2 {6 E5 psudo apt install git python3-dev libffi-dev gcc libssl-dev -y0 u) R% n3 T. H7 R
*在第二步安装完成后,官方文档建议使用python虚拟环境& o* g: W2 Z/ a' _ }- ^
$ ^! Y( D* E/ `& }python3-venv
8 Y8 A0 h2 z; y实际安装中,启用虚拟环境会出现一些文件和依赖库找不到的情况,有科学上网的情况下不使用python虚拟环境更容易成功。+ O: y) `' E/ x' r
3、更新Pip) p; h! Y0 ]( N! g/ L. A
pip install -U pip
& {* B1 P) C" Z4、安装ansible,*此步有版本兼容要求 ,详细查看官方文档
7 Y% Y8 ~: }, Apip install 'ansible-core>=2.14,<2.16'
/ Z3 m6 `+ I: i1 ~" ^. k3 C- M9 s( u3 U) k( w) W, F
5、 安装kolla-ansible,*有科学上网速度更快,更易成功。
' W, V8 g! t4 m; r5 x% jpip install git+https://opendev.org/openstack/kolla-ansible@stable/2023.2
8 F) i4 |) n$ E; Y/ e/ W+ z: u验证
( a; }, ]. \* `$ t$ Q3 z( _$ R$ C1 N0 \0 y+ I- N, t; p- L
root@server:~# kolla-ansible --version
' d, W& J# r) z$ I ?/ f- V17.5.1% R% k% }7 c# h# E+ M
- U1 U/ i" c& \ [1 r1 f6、创建/etc/kolla目录. ^7 d* |, t! W$ s( E
sudo mkdir -p /etc/kolla$ H5 C' J8 g% W& a' [/ n, J
sudo chown $USER:$USER /etc/kolla
) Q; u* {2 b% k3 Z! k 7、复制globals.yml和passwords.yml至/etc/kolla目录。
3 D A) B V% c+ W8 Q7 ncp -r /usr/local/share/kolla-ansible/etc_examples/kolla/* /etc/kolla
2 ? O. ?8 o, L& p* {" ~- G$ u/ d" W. p7 T) B* \
8、将存文件all-in-one复制到当前目录
) h4 O2 U2 c( {4 Q1 }cp /usr/local/share/kolla-ansible/ansible/inventory/all-in-one .
) S8 d6 q' d1 I% h" ]7 H9、安装 Ansible Galaxy 依赖项
6 _* Y/ ~! j0 Z: ^1 Ekolla-ansible install-deps9 X* \9 S# a% J6 m5 ?4 F* _
10、准备初始配置" i+ U8 Z, _+ ?; }6 k# K
kolla-genpwd
5 l2 B' z4 l) ]" }' r, ?- q0 P 此命令会自动在/etc/kolla/passwords.yml文件中生成需用到的密码,手动改成我们容易记忆的密码
4 Z0 @5 Q; z0 G+ {
3 K+ I. P# q& _0 |vim /etc/kolla/passwords.yml
5 Y4 C, w! S6 S) X- A3 @ ironic_database_password: OP51scqsHjnnhyrcNP78EgrueWfCZqLsWsAxr6vY
* U: @4 {, y& U8 b: [4 uironic_inspector_database_password: wFGxG2AGUObjFfAgjTik6xKyy45u1q82wJaM9Cpa
1 L: ~+ z: ~8 P3 ^+ W+ s: i$ Cironic_inspector_keystone_password: 3oO8YGp0C3lLdCWe9po2KlLuLUtZAlbDS5grxAjn$ G/ s# p- D l5 j- `5 {
ironic_keystone_password: LnnnShk6HEM8THNgGrng9wqVFzFGtKNSIIzCfYMd
) e2 }$ F. I5 w) G! lkeepalived_password: NzQGRdKBrw3WP9FFbAG0cwHpUNpDMEUolzEWn2Dm
' y% r, Z% \( P- I( p* mkeystone_admin_password: 【登入密码】例如:root1234.. R' |- O$ ~. |4 k; _. S9 \
keystone_database_password: xaYRCMsOtfPBs27upLeeC8Ve2VuZcmhuKEXvxXFE
% O" w4 i) R2 y( D0 ekeystone_federation_openid_crypto_password: U5q5RIrkZawlGtR0sgHWWMYjO36UJtPWBPnC1vx2
. x6 u; k+ ]% h$ n1 r' A5 Z2 w: s- I. Z% h" ?7 C2 X4 P
修改/etc/kolla/globals.yml文件' B+ k" j3 g; u$ s; `
. M) ?7 K" v5 q" Mvim /etc/kolla/globals.yml& b8 @' N. C/ M- h. p& O, w
网络部分:' ]& n [8 D% ]* X
4 {8 \8 r3 B8 L+ C q6 Q+ c#**********' C% ]8 Q9 z+ z$ N. ?$ J
kolla_internal_vip_address: "192.168.8.88" D4 N! J4 V9 k) S, ]; c( d
; s7 H& j, K' M" S. a
#**************2 K' u3 [% b) P2 e& _
network_interface: "ens160"
6 Z- b( z% K& Q! |' p7 }& L! A. Y' P. a% F" U# J
neutron_external_interface: "ens190"
# ^7 [+ ]& R: Q9 ` Z, X; F2 N*network_interface设备正常连接,并配IP4可正常上网和科学上网,和192.168.8.88在同一网段。
2 e6 l8 _: L5 C: E
) i2 U+ j+ n& X, s' B d*neutron_external_interface 设备为启用,但不连接状态
( O6 r" J6 _& C2 Z# _. Z* D- L+ R0 H
启用裸金属配置( q! `$ E% Z, K9 i4 F4 o
0 V9 q* N5 m; Y5 D/ l1 e3 F; I
#enable_influxdb: "{{ enable_cloudkitty | bool and cloudkitty_storage_backend == 'influxdb' }}"& D4 Y; x/ C, E* I2 V0 b
enable_ironic: "yes"
' G' ]" V( z4 ?+ f, D#enable_ironic_neutron_agent: "{{ enable_neutron | bool and enable_ironic | bool }}"
% W( N7 w0 j7 {& y' j4 H& S, u I 裸金属配置部分
& [3 l8 U6 W* Z) f
+ V. S* c5 O: Q) Q/ ?#############################
' x' Z# { a9 a0 J# Ironic options
r/ z5 d" \$ C7 `- \& H$ T#############################
; j. O" w" E- N* H. _# dnsmasq bind interface for Ironic Inspector, by default is network_interface( j; E2 Z4 O$ ]# c, g# i0 {0 F+ M8 \' p$ V
#ironic_dnsmasq_interface: "{{ network_interface }}"
4 ?& k+ i# B G2 ~6 T3 _& Eironic_cleaning_network: "public1"
# }' w) B7 V9 z+ t1 z& x& \# The following value must be set when enabling ironic, the value format is a
7 C+ u+ g4 c# m+ M8 r" E* i' c: x# list of ranges - at least one must be configured, for example:
1 k. p" Z; F9 k2 n( H9 }$ o) b; C4 U# - range: 192.168.0.10,192.168.0.1007 O& J! A2 H3 v! r' X4 b
# See Kolla Ansible docs on Ironic for details.
5 x1 O7 u& ~# G1 ?) n% A/ u. {#ironic_dnsmasq_dhcp_ranges:$ S$ L7 `/ l' ~! }7 a: }) z9 d
# PXE bootloader file for Ironic Inspector, relative to /var/lib/ironic/tftpboot.! X1 L$ o; G) G) _2 U) G. a$ x
#ironic_dnsmasq_boot_file: "pxelinux.0"
* K% ^& [5 Y- d; U
5 o* u# G4 Z8 Q S# PXE bootloader file for Ironic Inspector, relative to /tftpboot.
( W: |9 |- K6 E$ |ironic_dnsmasq_dhcp_ranges:
+ J) Y9 ]* [3 V/ L! _ - range: "192.168.6.100,192.168.6.120,255.255.255.0"# l5 `7 |/ Y d1 A9 h
routers: "192.168.6.1"
0 p% a8 }$ r% J7 r5 k# # PXE bootloader file for Ironic Inspector, relative to /tftpboot.
7 E o. p* T3 L6 q0 R. ~/ L- t4 xironic_dnsmasq_boot_file: "pxelinux.0" h" a* t) O! A) v" q( R
ironic_cleaning_network: "public1"# S y* s, g, [1 s3 L G
ironic_dnsmasq_default_gateway: 192.168.6.1
. w, m8 I" B# z' f11、 带有 kolla 部署依赖项的引导服务检查
! }7 T# W1 m1 hkolla-ansible -i ./all-in-one bootstrap-servers5 A `1 o# O4 s. I! g
此过程中,可能遇到的问题
* Q' A+ S; k+ N. \
$ [1 Z& H2 l# c/ J- \7 r1、无法下载docker gpg key文件3 `5 B6 M3 t! L' W0 ]: M
3 {& u6 A. e1 S% k4 `
TASK [openstack.kolla.docker : Install docker apt gpg key] ******************************************************************************************************************************************************6 F% O! \6 B' G2 |1 T
fatal: [localhost]: FAILED! => {"changed": false, "dest": "/etc/apt/keyrings/docker.asc", "elapsed": 0, "msg": "Request failed: <urlopen error [Errno 104] Connection reset by peer>", "url": "https://download.docker.com/linux/ubuntu/gpg"}
& V; a! b: i( i; v- g
* T% T, d* X M3 O, m" k- }2 `PLAY RECAP ******************************************************************************************************************************************************************************************************* L# m; v \! m8 y4 c* u! M
localhost : ok=15 changed=4 unreachable=0 failed=1 skipped=4 rescued=0 ignored=0
& R9 n1 I* @; j. B! e: M7 U( `& z! R kolla-ansible无法安装docker官网的gpg文件,可用科学上网或是代理方法手工导入。例如4 @% ]' K$ W5 T8 h% s
! W2 i! R8 @6 E9 a! Y r- lcurl -x http://103.41.117.2:912 -U username:password -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -3 r. O6 I7 L5 a. ^! H4 \0 e0 m" C' j
2、设置apt repository错误
# l- G$ L* U9 ^) F w! _5 p
5 Z- R5 V8 J* u" x8 d }# p" a- BTASK [openstack.kolla.docker : Enable docker apt repository] ****************************************************************************************************************************************************: `# U# K0 I1 q" ^9 ^; _5 x9 p
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: apt_pkg.Error: E:Conflicting values set for option Signed-By regarding source https://download.docker.com/linux/ubuntu/ jammy: /usr/share/keyrings/docker-archive-keyring.gpg != /etc/apt/keyrings/docker.asc, E:The list of sources could not be read.
# F( i( s C) \8 ?. V# jfatal: [localhost]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):\n File \"/root/.ansible/tmp/ansible-tmp-1726959353.5827672-18889-136818767683024/AnsiballZ_apt_repository.py\", line 107, in <module>\n _ansiballz_main()\n File \"/root/.ansible/tmp/ansible-tmp-1726959353.5827672-18889-136818767683024/AnsiballZ_apt_repository.py\", line 99, in _ansiballz_main\n invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n File \"/root/.ansible/tmp/ansible-tmp-1726959353.5827672-18889-136818767683024/AnsiballZ_apt_repository.py\", line 47, in invoke_module\n runpy.run_module(mod_name='ansible.modules.apt_repository', init_globals=dict(_module_fqn='ansible.modules.apt_repository', _modlib_path=modlib_path),\n File \"/usr/lib/python3.10/runpy.py\", line 224, in run_module\n return _run_module_code(code, init_globals, run_name, mod_spec)\n File \"/usr/lib/python3.10/runpy.py\", line 96, in _run_module_code\n _run_code(code, mod_globals, init_globals,\n File \"/usr/lib/python3.10/runpy.py\", line 86, in _run_code\n exec(code, run_globals)\n File \"/tmp/ansible_apt_repository_payload_hw0whgee/ansible_apt_repository_payload.zip/ansible/modules/apt_repository.py\", line 765, in <module>\n File \"/tmp/ansible_apt_repository_payload_hw0whgee/ansible_apt_repository_payload.zip/ansible/modules/apt_repository.py\", line 742, in main\n File \"/usr/lib/python3/dist-packages/apt/cache.py\", line 152, in __init__\n self.open(progress)\n File \"/usr/lib/python3/dist-packages/apt/cache.py\", line 214, in open\n self._cache = apt_pkg.Cache(progress)\napt_pkg.Error: E:Conflicting values set for option Signed-By regarding source https://download.docker.com/linux/ubuntu/ jammy: /usr/share/keyrings/docker-archive-keyring.gpg != /etc/apt/keyrings/docker.asc, E:The list of sources could not be read.\n", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}( f& X& i2 l0 R/ {0 f9 H" I
科学上网可以解决,或者可以手工导入docker官方源
! V; k: }2 ^. f: L& c
% l. _6 P. h7 F0 csudo tee /etc/apt/sources.list.d/docker.list <<EOF
2 ^2 ]- o: k* V, @ c8 Ldeb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable
b7 y: D: _) tEOF
( Q6 |0 C8 }( Y( C12、对主机进行部署前检查
`' T9 o+ B# E; W9 i; D$ Ikolla-ansible -i ./all-in-one prechecks: f1 Q/ z5 M5 y( O
13、实际的OpenStack部署
; G" k* L) K( j6 Z ?. c- t9 lkolla-ansible -i ./all-in-one deploy
! u, E+ a3 d; c# K7 N$ N* `4 k3 p部署成功后,裸金属向导界面为( M, q' M7 K7 [4 S. x5 A6 L
: H6 V8 j: K9 A* @8 k; \$ w/ p% h0 a: i
) V. |! m6 ^$ b. n, h) F- X, ~ v
注册节点驱动属性增加http下载/ r. j! v% a- a, v. C- D
# ~% u8 Z7 ~$ L+ ?- e$ t$ @ [! H2 \& p6 i( W
- G7 t6 D7 m: Z, f3 L# ~
% k) x6 |& e3 c) v' t; r
4 W) k- e- i; D3 n }- [! ?3 m% V四、其他问题8 F3 n4 o$ I7 }2 I- G
1、部署出问题时,摧毁所有系统配置。4 D3 X) b+ D, [9 ^8 s0 e ^- O
kolla-ansible destroy -i ./all-in-one --yes-i-really-really-mean-it
6 D& T- C# W* j; W3 {- p
* B$ {4 M* `+ m5 w3 [. U0 S2、安装CLI客户端' [ V R% H* T8 k: E* T, Z+ x$ E
pip install python-openstackclient -c https://releases.openstack.org/constraints/upper/2023.2: T$ g6 _! p2 k& f( L
# U' L* ~% L, V" X7 K( Q/ O5 d3、生成管理员认证访问凭据文件
6 X4 W' @- R" n; u" q) q- E$ g3 b( tkolla-ansible post-deploy* i! q4 |# l% R( y3 V0 \
/ D" W4 k0 \5 ]& Y! R- S! ecp /etc/kolla/admin-openrc.sh .6 i4 b$ x& j1 {
使用CLI访问时,可先启用
3 q& Q0 G: ^5 ^4 m* j. d5 N) m# R% \6 I
. admin-openrc.sh
, n& B0 W6 w9 G Z 运行测试
+ u! ~$ l/ u v7 l% i' g+ Y5 E( J! C1 \
root@odoo16e-server:~# . admin-openrc.sh
/ I) v9 z6 N1 froot@odoo16e-server:~# openstack compute service list% G7 w+ b C* y8 U% e/ _$ _
+--------------------------------------+----------------+-----------------------+----------+---------+-------+----------------------------+
: J% s: k2 x& j) g| ID | Binary | Host | Zone | Status | State | Updated At |
$ D9 s- s& o2 _& k% s$ k+--------------------------------------+----------------+-----------------------+----------+---------+-------+----------------------------+1 q7 t$ G. s! t# E w
| 67f25603-5d6e-4327-a9d2-b0fd341876f3 | nova-conductor | odoo16e-server | internal | enabled | up | 2024-09-19T03:31:17.000000 |( w% _: @! V f4 M- P
| f49326e1-1608-4546-bed0-123dd2e52af8 | nova-compute | odoo16e-server | nova | enabled | up | 2024-09-19T03:31:13.000000 |! S+ P9 k& Q. d, a% o2 o0 i
| b26f35c0-bb02-4151-8df4-e30d65eb6e4a | nova-compute | odoo16e-server-ironic | nova | enabled | up | 2024-09-19T03:31:19.000000 |
% |! J9 S& o9 l- I| 9b988858-bcbf-4fce-8b55-c0c01e30a463 | nova-scheduler | odoo16e-server | internal | enabled | up | 2024-09-19T03:31:19.000000 |: \2 I5 E* g9 i0 v( l( d% I% G
+--------------------------------------+----------------+-----------------------+----------+---------+-------+----------------------------+: ~/ }6 E( B, U+ p0 H l& u
- j* g, B8 N$ Y7 w6 W3 q0 s" A: _. b6 ~. d6 _7 Z' h& X( ^- x( y
|
|
/4 
|返回首页|Archiver|小黑屋|易陆发现技术论坛
( 蜀ICP备2026014127号-1 )
窥视卡
雷达卡
发表于 2025-3-17 10:00:02
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
照妖镜