CentOS 8 2004 用 Kolla-Ansible 部署OpenStack Ussuri

在准备好OS环境的初始化后，配置Python工具及docker的国内源来升级并安装Python工具及docker环境，而后用OpenStack官方源安装Kolla-Ansible部署工具。

不得不吐槽一句：最近的国际通道网速很感人呀，从America ship的软件包经常中断传输，建议目前还有Sino-US ship的同道赶紧对OpenStack的相关项目在China Mainland做一个共享mirror，否则依赖公网在线安装OpenStack平台，能否成功全凭运气呀！

以下是踩坑过程：

[[email protected] Downloads]# mkdir -pv /etc/systemd/system/docker.service.d/

mkdir: created directory '/etc/systemd/system/docker.service.d/'

[[email protected] Downloads]# tee /etc/systemd/system/docker.service.d/kolla.conf << EOF

[Service]

MountFlags=shared

EOF

[Service]

MountFlags=shared

[[email protected] Downloads]# mkdir -pv ~/.pip

mkdir: created directory '/root/.pip'

[[email protected] Downloads]# tee /root/.pip/pip.conf << EOF

[global]

index-url = https://mirrors.aliyun.com/pypi/simple/

[install]

trusted-host=mirrors.aliyun.com

EOF

[global]

index-url = https://mirrors.aliyun.com/pypi/simple/

[install]

trusted-host=mirrors.aliyun.com

[[email protected] Downloads]#

[[email protected] Downloads]# pip3 install kolla-ansible==10

Looking in indexes: https://mirrors.aliyun.com/pypi/simple/

ERROR: Could not find a version that satisfies the requirement kolla-ansible==10 (from versions: 4.0.0.0b2, 4.0.0.0b3, 4.0.0.0rc1, 4.0.0.0rc2, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 5.0.0.0b2, 5.0.0.0b3, 5.0.0.0rc1, 5.0.0.0rc2, 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.0.4, 5.0.5, 5.0.6, 6.0.0.0b2, 6.0.0.0b3, 6.0.0.0rc1, 6.0.0.0rc2, 6.0.0, 6.1.0, 6.1.1, 6.2.0, 6.2.1, 6.2.2, 6.2.3, 7.0.0.0b2, 7.0.0.0b3, 7.0.0.0rc1, 7.0.0.0rc2, 7.0.0.0rc3, 7.0.0, 7.0.1, 7.1.0, 7.1.1, 7.1.2, 7.2.0, 7.2.1, 8.0.0.0b1, 8.0.0.0rc1, 8.0.0.0rc2, 8.0.0, 8.0.1, 8.1.0, 8.1.1, 8.2.0, 9.0.0.0rc1, 9.0.0.0rc2, 9.0.0.0rc3, 9.0.0, 9.0.1, 9.1.0, 9.2.0, 10.0.0.0rc1, 10.0.0.0rc2, 10.0.0, 10.1.0)

ERROR: No matching distribution found for kolla-ansible==10*

[[email protected] Downloads]# pip3 install kolla-ansible==10.1.0

Looking in indexes: https://mirrors.aliyun.com/pypi/simple/

Collecting kolla-ansible==10.1.0

Downloading https://mirrors.aliyun.com/pypi/packages/e6/2e/52ed77a4e180fbab693aed2074cfa2b31e9022b86ec98d112c7b183190bd/kolla_ansible-10.1.0-py3-none-any.whl (1.4 MB)

|████████████████████████████████| 1.4 MB 3.7 MB/s

Collecting oslo.config>=5.2.0

Downloading https://mirrors.aliyun.com/pypi/packages/d9/51/4f25881ecd5715a0e4ff175ce256e33cc975203f5fddd60edc62f2a651a4/oslo.config-8.3.1-py3-none-any.whl (119 kB)

|████████████████████████████████| 119 kB 4.0 MB/s

Requirement already satisfied: PyYAML>=3.12 in /usr/lib64/python3.6/site-packages (from kolla-ansible==10.1.0) (3.12)

Collecting jmespath>=0.9.3

Downloading https://mirrors.aliyun.com/pypi/packages/07/cb/5f001272b6faeb23c1c9e0acc04d48eaaf5c862c17709d20e3469c6e0139/jmespath-0.10.0-py2.py3-none-any.whl (24 kB)

Requirement already satisfied: Jinja2>=2.10 in /usr/local/lib/python3.6/site-packages (from kolla-ansible==10.1.0) (2.11.2)

Collecting oslo.utils>=3.33.0

Downloading https://mirrors.aliyun.com/pypi/packages/c8/48/81d3ef6d6233f22256f0b5f7084c23e6ba2250379649dde565a42caa7d52/oslo.utils-4.4.0-py3-none-any.whl (95 kB)

|████████████████████████████████| 95 kB 5.5 MB/s

Collecting pbr!=2.1.0,>=2.0.0

Downloading https://mirrors.aliyun.com/pypi/packages/96/ba/aa953a11ec014b23df057ecdbc922fdb40ca8463466b1193f3367d2711a6/pbr-5.4.5-py2.py3-none-any.whl (110 kB)

|████████████████████████████████| 110 kB 6.4 MB/s

Requirement already satisfied: cryptography>=2.1 in /usr/lib64/python3.6/site-packages (from kolla-ansible==10.1.0) (2.3)

Collecting oslo.i18n>=3.15.3

Downloading https://mirrors.aliyun.com/pypi/packages/45/7d/dfe3783932540eb382b244efbdc8df8a6aa09dff4d6644653bb642c81f92/oslo.i18n-5.0.0-py3-none-any.whl (46 kB)

|████████████████████████████████| 46 kB 6.0 MB/s

Requirement already satisfied: netaddr>=0.7.18 in /usr/lib/python3.6/site-packages (from oslo.config>=5.2.0->kolla-ansible==10.1.0) (0.7.19)

Collecting rfc3986>=1.2.0

Downloading https://mirrors.aliyun.com/pypi/packages/78/be/7b8b99fd74ff5684225f50dd0e865393d2265656ef3b4ba9eaaaffe622b8/rfc3986-1.4.0-py2.py3-none-any.whl (31 kB)

Collecting importlib-metadata>=1.7.0; python_version < "3.8"

Downloading https://mirrors.aliyun.com/pypi/packages/8e/58/cdea07eb51fc2b906db0968a94700866fc46249bdc75cac23f9d13168929/importlib_metadata-1.7.0-py2.py3-none-any.whl (31 kB)

Collecting debtcollector>=1.2.0

Downloading https://mirrors.aliyun.com/pypi/packages/8e/50/07a7ccf4dbbe90b58e96f97b747ff98aef9d8c841d2616c48cc05b07db33/debtcollector-2.2.0-py3-none-any.whl (20 kB)

Collecting stevedore>=1.20.0

Downloading https://mirrors.aliyun.com/pypi/packages/d6/f4/041afc90e684f2b7d00a7f49abcbaf0b8c03e916bbc398ce49dce2a3c408/stevedore-3.2.0-py3-none-any.whl (42 kB)

|████████████████████████████████| 42 kB 4.3 MB/s

Requirement already satisfied: requests>=2.18.0 in /usr/lib/python3.6/site-packages (from oslo.config>=5.2.0->kolla-ansible==10.1.0) (2.20.0)

Requirement already satisfied: MarkupSafe>=0.23 in /usr/local/lib64/python3.6/site-packages (from Jinja2>=2.10->kolla-ansible==10.1.0) (1.1.1)

Requirement already satisfied: pytz>=2013.6 in /usr/lib/python3.6/site-packages (from oslo.utils>=3.33.0->kolla-ansible==10.1.0) (2017.2)

Requirement already satisfied: netifaces>=0.10.4 in /usr/lib64/python3.6/site-packages (from oslo.utils>=3.33.0->kolla-ansible==10.1.0) (0.10.6)

Requirement already satisfied: six>=1.10.0 in /usr/lib/python3.6/site-packages (from oslo.utils>=3.33.0->kolla-ansible==10.1.0) (1.11.0)

Collecting iso8601>=0.1.11

Downloading https://mirrors.aliyun.com/pypi/packages/5c/dc/44e9065ac128f89c6abe0ed6dc1726b6a8a6f3a59cbbdc986bd42000964d/iso8601-0.1.12-py3-none-any.whl (12 kB)

Collecting packaging>=20.4

Downloading https://mirrors.aliyun.com/pypi/packages/46/19/c5ab91b1b05cfe63cccd5cfc971db9214c6dd6ced54e33c30d5af1d2bc43/packaging-20.4-py2.py3-none-any.whl (37 kB)

Requirement already satisfied: pyparsing>=2.1.0 in /usr/lib/python3.6/site-packages (from oslo.utils>=3.33.0->kolla-ansible==10.1.0) (2.1.10)

Requirement already satisfied: idna>=2.1 in /usr/lib/python3.6/site-packages (from cryptography>=2.1->kolla-ansible==10.1.0) (2.5)

Requirement already satisfied: asn1crypto>=0.21.0 in /usr/lib/python3.6/site-packages (from cryptography>=2.1->kolla-ansible==10.1.0) (0.24.0)

Requirement already satisfied: cffi!=1.11.3,>=1.7 in /usr/lib64/python3.6/site-packages (from cryptography>=2.1->kolla-ansible==10.1.0) (1.11.5)

Collecting zipp>=0.5

Downloading https://mirrors.aliyun.com/pypi/packages/b2/34/bfcb43cc0ba81f527bc4f40ef41ba2ff4080e047acb0586b56b3d017ace4/zipp-3.1.0-py3-none-any.whl (4.9 kB)

Collecting wrapt>=1.7.0

Downloading https://mirrors.aliyun.com/pypi/packages/82/f7/e43cefbe88c5fd371f4cf0cf5eb3feccd07515af9fd6cf7dbf1d1793a797/wrapt-1.12.1.tar.gz (27 kB)

Requirement already satisfied: chardet<3.1.0,>=3.0.2 in /usr/lib/python3.6/site-packages (from requests>=2.18.0->oslo.config>=5.2.0->kolla-ansible==10.1.0) (3.0.4)

Requirement already satisfied: urllib3<1.25,>=1.21.1 in /usr/lib/python3.6/site-packages (from requests>=2.18.0->oslo.config>=5.2.0->kolla-ansible==10.1.0) (1.24.2)

Requirement already satisfied: pycparser in /usr/lib/python3.6/site-packages (from cffi!=1.11.3,>=1.7->cryptography>=2.1->kolla-ansible==10.1.0) (2.14)

Using legacy 'setup.py install' for wrapt, since package 'wheel' is not installed.

Installing collected packages: pbr, oslo.i18n, rfc3986, zipp, importlib-metadata, wrapt, debtcollector, stevedore, oslo.config, jmespath, iso8601, packaging, oslo.utils, kolla-ansible

Running setup.py install for wrapt ... done

Successfully installed debtcollector-2.2.0 importlib-metadata-1.7.0 iso8601-0.1.12 jmespath-0.10.0 kolla-ansible-10.1.0 oslo.config-8.3.1 oslo.i18n-5.0.0 oslo.utils-4.4.0 packaging-20.4 pbr-5.4.5 rfc3986-1.4.0 stevedore-3.2.0 wrapt-1.12.1 zipp-3.1.0

[[email protected] Downloads]#

[[email protected] Downloads]# tree -L 3 /usr/local/share/kolla-ansible/etc_examples/

/usr/local/share/kolla-ansible/etc_examples/

└── kolla

├── globals.yml

└── passwords.yml

1 directory, 2 files

[[email protected] Downloads]# cp -r /usr/local/share/kolla-ansible/etc_examples/kolla /etc/

[[email protected] Downloads]# tree -L 2 /etc/kolla/

/etc/kolla/

├── globals.yml

└── passwords.yml

0 directories, 2 files

[[email protected] Downloads]#

[[email protected] Downloads]# ls -F /usr/local/share/kolla-ansible/ansible/

action_plugins/ destroy.yml group_vars/ library/ nova.yml roles/

bifrost.yml filter_plugins/ inventory/ mariadb_backup.yml post-deploy.yml site.yml

certificates.yml gather-facts.yml kolla-host.yml mariadb_recovery.yml prune-images.yml

[[email protected] Downloads]# tree -L 3 /usr/local/share/kolla-ansible/ansible/inventory/

/usr/local/share/kolla-ansible/ansible/inventory/

├── all-in-one

└── multinode

0 directories, 2 files

[[email protected] Downloads]# cp /usr/local/share/kolla-ansible/ansible/inventory/* /etc/kolla/

[[email protected] Downloads]# ls -F /etc/kolla/

all-in-one globals.yml multinode passwords.yml

[[email protected] Downloads]# tree -L 2 /etc/kolla/

/etc/kolla/

├── all-in-one

├── globals.yml

├── multinode

└── passwords.yml

0 directories, 4 files

[[email protected] Downloads]#

[[email protected] Downloads]# kolla-genpwd

[[email protected] Downloads]# cp /etc/kolla/passwords.yml{,.original}

[[email protected] Downloads]# gedit /etc/kolla/passwords.yml

[[email protected] Downloads]# cat -n /etc/kolla/passwords.yml | grep keystone_admin_password

161 keystone_admin_password: qwertyuiop

[[email protected] Downloads]#

[[email protected] Downloads]# cp /etc/kolla/globals.yml{,.original}

[[email protected] Downloads]# gedit /etc/kolla/globals.yml

[[email protected] Downloads]# grep "^\s[^# \t].$" /etc/kolla/globals.yml | cat -n

1 ---

2 kolla_base_distro: "centos"

3 kolla_install_type: "source"

4 openstack_release: "ussuri"

5 node_custom_config: "/etc/kolla/config"

6 kolla_internal_vip_address: "10.10.10.254"

7 network_interface: "ens33"

8 kolla_external_vip_interface: "{{ network_interface }}"

9 api_interface: "{{ network_interface }}"

10 storage_interface: "{{ network_interface }}"

11 cluster_interface: "{{ network_interface }}"

12 swift_storage_interface: "{{ storage_interface }}"

13 swift_replication_interface: "{{ swift_storage_interface }}"

14 dns_interface: "{{ network_interface }}"

15 octavia_network_interface: "{{ api_interface }}"

16 enable_haproxy: "no"

[[email protected] Downloads]#

[[email protected] Downloads]# ssh-keygen

Generating public/private rsa key pair.

Enter file in which to save the key (/root/.ssh/id_rsa):

Created directory '/root/.ssh'.

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /root/.ssh/id_rsa.

Your public key has been saved in /root/.ssh/id_rsa.pub.

The key fingerprint is:

SHA256:H4bn8pAMCnPQL6bS1NmrVZrnB4DvVNQ2zeRF/yDLBuQ [email protected]

The key's randomart image is:

+---[RSA 3072]----+

| ..+..o |

| . .o+.o. . |

| . .. . .E.o . .|

| o.+. .. o o ..|

| + .+oS + + .|

| o ooB. o |

|. o .o= .o |

| . o.o +. |

| . ... |

+----[SHA256]-----+

[[email protected] Downloads]# ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected]

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"

The authenticity of host '192.168.207.175 (192.168.207.175)' can't be established.

ECDSA key fingerprint is SHA256:PCC5ImQusDxIw1fbRVv73nmWQl3KKlUW8naEOiYCCbc.

Are you sure you want to continue connecting (yes/no/[fingerprint])? yes

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

[email protected]'s password:

Number of key(s) added: 1

Now try logging into the machine, with: "ssh '[email protected]'"

and check to make sure that only the key(s) you wanted were added.

[[email protected] Downloads]# ssh [email protected]

Activate the web console with: systemctl enable --now cockpit.socket

Last login: Tue Aug 11 00:58:08 2020

[[email protected] ~]# exit

logout

Connection to 192.168.207.175 closed.

[[email protected] Downloads]# ssh '[email protected]'

Activate the web console with: systemctl enable --now cockpit.socket

Last login: Tue Aug 11 01:40:56 2020 from 192.168.207.175

[[email protected] ~]# exit

logout

Connection to 192.168.207.175 closed.

[[email protected] Downloads]#

[[email protected] Downloads]# echo "192.168.207.175 OpenStack" >> /etc/hosts

[[email protected] Downloads]# cat -n /etc/hosts

1 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4

2 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6

3 192.168.207.175 OpenStack

[[email protected] Downloads]#

[[email protected] Downloads]# cp /etc/kolla/all-in-one{,.original}

[[email protected] Downloads]# sed -i 's|localhost ansible_connection=local|OpenStack|g' /etc/kolla/all-in-one

[[email protected] Downloads]# grep "^\s[^# \t].$" /etc/kolla/all-in-one | cat -n

1 [control]

2 OpenStack

3 [network]

4 OpenStack

5 [compute]

6 OpenStack

7 [storage]

8 OpenStack

9 [monitoring]

10 OpenStack

.........................................................................................................................

488 ovn-database

489 [ovn-sb-db:children]

490 ovn-database

[[email protected] Downloads]#

[email protected] Downloads]# cat -n /usr/local/share/kolla-ansible/ansible/roles/baremetal/vars/main.yml

1 ---

2 docker_config:

3 log-opts:

4 max-file: "{{ docker_log_max_file }}"

5 max-size: "{{ docker_log_max_size }}"

6

7 cni_config_dir: /etc/cni/net.d

8 cni_bin_dir: /opt/cni/bin

[[email protected] Downloads]# cp /usr/local/share/kolla-ansible/ansible/roles/baremetal/vars/main.yml{,.original}

[[email protected] Downloads]# gedit /usr/local/share/kolla-ansible/ansible/roles/baremetal/vars/main.yml

[[email protected] Downloads]# grep "^\s[^# \t].$" /usr/local/share/kolla-ansible/ansible/roles/baremetal/vars/main.yml | cat -n

1 ---

2 docker_config:

3 log-opts:

4 max-file: "{{ docker_log_max_file }}"

5 max-size: "{{ docker_log_max_size }}"

6 registry-mirrors: ["https://hub-mirror.c.163.com/"]

7 cni_config_dir: /etc/cni/net.d

8 cni_bin_dir: /opt/cni/bin

[[email protected] Downloads]#

[[email protected] Downloads]# cat -n /etc/docker/daemon.json

cat: /etc/docker/daemon.json: No such file or directory

[[email protected] Downloads]# mkdir -pv /etc/docker

mkdir: created directory '/etc/docker'

[[email protected] Downloads]# vim /etc/docker/daemon.json

[[email protected] Downloads]# cat -n /etc/docker/daemon.json

1 "registry-mirrors": ["https://i2kldsde.mirror.aliyuncs.com"]

[[email protected] Downloads]#

[[email protected] Downloads]# kolla-ansible -i /etc/kolla/all-in-one bootstrap-servers

Bootstrapping servers : ansible-playbook -i /etc/kolla/all-in-one -e @/etc/kolla/globals.yml -e @/etc/kolla/passwords.yml -e CONFIG_DIR=/etc/kolla -e kolla_action=bootstrap-servers /usr/local/share/kolla-ansible/ansible/kolla-host.yml

..............................................................................................................

OpenStack : ok=38 changed=20 unreachable=0 failed=0 skipped=33 rescued=0 ignored=0

[[email protected] Downloads]#

[[email protected] Downloads]# kolla-ansible -i /etc/kolla/all-in-one prechecks

Pre-deployment checking : ansible-playbook -i /etc/kolla/all-in-one -e @/etc/kolla/globals.yml -e @/etc/kolla/passwords.yml -e CONFIG_DIR=/etc/kolla -e kolla_action=precheck /usr/local/share/kolla-ansible/ansible/site.yml

..............................................................................................................................................

OpenStack : ok=72 changed=2 unreachable=0 failed=0 skipped=83 rescued=0 ignored=0

[[email protected] Downloads]#

[[email protected] Downloads]# kolla-ansible -i /etc/kolla/all-in-one pull

Pulling Docker images : ansible-playbook -i /etc/kolla/all-in-one -e @/etc/kolla/globals.yml -e @/etc/kolla/passwords.yml -e CONFIG_DIR=/etc/kolla -e kolla_action=pull /usr/local/share/kolla-ansible/ansible/site.yml

.......................................................................................................................................................

【遭遇到镜像拉取失败就多试几次吧，没有 Sino-US ship 的加持，image 能否被 pull 回来全凭运气。待执行成功后继续执行以下命令】

[[email protected] Downloads]# kolla-ansible -i /etc/kolla/all-in-one deploy

[[email protected] Downloads]# kolla-ansible -i /etc/kolla/all-in-one post-deploy

[[email protected] Downloads]# ll /etc/kolla/admin-openrc.sh

[[email protected] Downloads]# cat -n /etc/kolla/admin-openrc.sh | grep -E "OS_AUTH_URL|OS_USERNAME|OS_PASSWORD"

7 export OS_USERNAME=admin

8 export OS_PASSWORD=123456

9 export OS_AUTH_URL=http://192.168.207.175:35357/v3

[[email protected] Downloads]# pip3 install python-openstackclient

[[email protected] Downloads]# pip3 install python-neutronclient

[[email protected] Downloads]# /usr/local/share/kolla-ansible/init-runonce