準備工作

• 關閉防火墻，關掉防火墻開機自啟
• 關閉selinux
• 安裝epel倉庫
• 更新yum倉庫包
• 安裝python-pip python-devel libffi-devel gcc openssl-devel libselinux-python wget lvm2
• 升級pip
• 使用pip安裝升級ansible
• 配置ansible
• 安裝docker
• 配置阿里云加速

systemctl stop firewalld
systemctl disable firewalld
sed -i "s/SELINUX=enforcing/SELINUX=disabled/" /etc/selinux/config
setenforce 0
yum install epel-release -y
yum update -y
yum install python-pip python-devel libffi-devel gcc openssl-devel libselinux-python wget lvm2 -y
pip install -U pip
pip install -U ansible
mkdir /etc/ansible
cat > /etc/ansible/ansible.cfg << EOF
[defaults]
host_key_checking=False
pipelining=True
forks=100
EOF
wget -P /etc/yum.repos.d/ https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum install -y docker-ce
mkdir /etc/docker
cat > /etc/docker/daemon.json << EOF
{
"registry-mirrors": ["https://3nay7xz7.mirror.aliyuncs.com"]
}
EOF
systemctl start docker
systemctl enable docker

ansible os -m copy -a "src=/root/deploy.sh dest=/root/"

安裝kolla-ansible==8.1.0（對應stein版本）部署openstack

• 安裝kolla-ansible
• 配置kolla-ansible配置文件
  復制單節(jié)點配置文件和多節(jié)點配置文件到當前目錄
  復制全局配置文件到/etc/kolla/下
  修改全局配置文件
  生成密碼
• 部署openstack
• 安裝openstack客戶端
• 初始化
• 瀏覽器輸入地址查看dashboard是否啟動成功

pip install kolla-ansible==8.1.0
cp -r /usr/share/kolla-ansible/etc_examples/kolla /etc/
cp /usr/share/kolla-ansible/ansible/inventory/* ./
kolla-genpwd
sed -i 's/^keystone_admin_password.*/keystone_admin_password: admin/' /etc/kolla/passwords.yml
vi /etc/kolla/globals.yml
-------------------------------------------------
kolla_base_distro: "centos"
kolla_install_type: "source"
openstack_release: "stein"
kolla_internal_vip_address: "172.16.1.8" # 打開高可用才能用到，物理機網絡內沒有使用過的ip
network_interface: "ens32"  # 物理機ip地址對應的網卡名字
neutron_external_interface: "ens33" # 另外一塊網卡的名字
enable_haproxy: "no" # 單節(jié)點關掉也行
-------------------------------------------------
kolla-ansible -i all-in-one bootstrap-servers
kolla-ansible -i all-in-one prechecks
kolla-ansible -i all-in-one pull
kolla-ansible -i all-in-one deploy
kolla-ansible post-deploy # 生成admin-openrc.sh
. /etc/kolla/admin-openrc.sh
. /usr/share/kolla-ansible/init-runonce  # 需要安裝openstack客戶端，作用是下載cirros和創(chuàng)建一個網絡demo
------------------------------------------------------------------------------------
# 安裝openstack客戶端
pip install python-openstackclient python-glanceclient python-neutronclient --ignore-installed
# 日志路徑
/var/lib/docker/volumes/kolla_logs/_data/
# 銷毀搭建環(huán)境
kolla-ansible destroy -i all-in-one --yes-i-really-really-mean-it

使用cinder

• 部署前創(chuàng)建物理卷
• 部署前創(chuàng)建卷組，由一個或者多個物理卷組成

pvcreate /dev/sda2 
vgcreate cinder-volumes /dev/sda2

使用外部ceph

• 安裝python3，ceph安裝過程需要python3，所有需要部署的節(jié)點
• 搭建ceph集群
  1 配置阿里云的ceph倉庫
  2 安裝cephadm（官網推薦部署方法）
  3 創(chuàng)建ceph配置文件夾 mkdir -p /etc/ceph/
  4 部署第一臺集群節(jié)點，指定ip，使用主機名字會需要手動配置網絡
  5 將ceph的公鑰拷貝到要部署的節(jié)點上
  6 安裝ceph工具腳手架
  7 添加節(jié)點
  8 添加osd
• 創(chuàng)建并初始化openstack會用到的pool。
• 根據openstack訪問需求生成可以訪問這些pool的用戶密鑰
• 將秘鑰和ceph.conf復制到kolla部署機上，在/etc/kolla/conf中完善ceph配置
• 配置kolla global.yml，配置完成后kolla-ansible部署即可

ansible os -m shell -a 'yum install python3 -y'

cat > /etc/yum.repos.d/ceph.repo << EOF
[ceph]
name=ceph
baseurl=https://mirrors.aliyun.com/ceph/rpm-octopus/el7/x86_64/
enable=1
gpgcheck=1
priority=1
gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc
EOF
yum install cephadm -y
mkdir -p /etc/ceph
cephadm bootstrap --mon-ip 10.3.12.228 # 需要使用ip地址，要不然需要手動配置網絡
ssh-copy-id -f -i /etc/ceph/ceph.pub root@os1
cephadm install ceph-common
ceph orch host add os1
ceph orch host ls # 查看當前有哪些主機被添加
dmsetup remove_all    dmsetup ls # 去除已經添加過的ceph標簽
ceph orch daemon add osd os1:/dev/sda2
ceph -s # 查看ceph情況

ceph osd pool create volumes
ceph osd pool create images
ceph osd pool create backups
ceph osd pool create vms
rbd pool init volumes
rbd pool init images
rbd pool init backups
rbd pool init vms
rdd ls images # 查看images中的鏡像

ceph auth get-or-create client.glance mon 'profile rbd' osd 'profile rbd pool=images' mgr 'profile rbd pool=images'
ceph auth get-or-create client.cinder mon 'profile rbd' osd 'profile rbd pool=volumes, profile rbd pool=vms, profile rbd-read-only pool=images' mgr 'profile rbd pool=volumes, profile rbd pool=vms'
ceph auth get-or-create client.cinder-backup mon 'profile rbd' osd 'profile rbd pool=backups' mgr 'profile rbd pool=backups'
ceph auth get-or-create client.nova mon 'profile rbd' osd 'profile rbd pool=volumes, profile rbd pool=vms, profile rbd-read-only pool=images' mgr 'profile rbd pool=volumes, profile rbd pool=vms'

ceph auth get-or-create client.glance > /etc/ceph/ceph.client.glance.keyring
ceph auth get-or-create client.cinder > /etc/ceph/ceph.client.cinder.keyring
ceph auth get-or-create client.cinder-backup > /etc/ceph/ceph.client.cinder-backup.keyring
ceph auth get-or-create client.nova > /etc/ceph/ceph.client.nova.keyring

scp -r /etc/ceph os:/etc/ceph # 注意ceph.conf文件如果有制表符\t可能有問題
mkdir -p /etc/kolla/config/{glance,cinder,nova}
mkdir -p /etc/kolla/config/cinder/{cinder-backup,cinder-volume}
cp /etc/ceph/ceph.conf /etc/kolla/config/glance/
cp /etc/ceph/ceph.conf /etc/kolla/config/cinder/
cp /etc/ceph/ceph.conf /etc/kolla/config/cinder/cinder-volume/
cp /etc/ceph/ceph.conf /etc/kolla/config/cinder/cinder-backup/
cp /etc/ceph/ceph.conf /etc/kolla/config/nova/
cp /etc/ceph/ceph.client.glance.keyring /etc/kolla/config/glance/
cp /etc/ceph/ceph.client.cinder.keyring /etc/kolla/config/cinder/cinder-volume/
cp /etc/ceph/ceph.client.cinder.keyring /etc/kolla/config/cinder/cinder-backup/
cp /etc/ceph/ceph.client.cinder-backup.keyring /etc/kolla/config/cinder/cinder-backup/
cp /etc/ceph/ceph.client.nova.keyring /etc/kolla/config/nova/
cp /etc/ceph/ceph.client.cinder.keyring /etc/kolla/config/nova/

cat > /etc/kolla/config/glance/glance-api.conf << EOF
[glance_store]
stores = rbd
default_store = rbd
rbd_store_pool = images
rbd_store_user = glance
rbd_store_ceph_conf = /etc/ceph/ceph.conf
EOF
cat > /etc/kolla/config/cinder/cinder-backup.conf << EOF
[DEFAULT]
backup_ceph_conf=/etc/ceph/ceph.conf
backup_ceph_user=cinder-backup
backup_ceph_chunk_size = 134217728
backup_ceph_pool=backups
backup_driver = cinder.backup.drivers.ceph.CephBackupDriver
backup_ceph_stripe_unit = 0
backup_ceph_stripe_count = 0
restore_discard_excess_bytes = true
EOF
cat > /etc/kolla/config/cinder/cinder-volume.conf << EOF
[DEFAULT]
enabled_backends=rbd-1

[rbd-1]
rbd_ceph_conf=/etc/ceph/ceph.conf
rbd_user=cinder
backend_host=rbd:volumes
rbd_pool=volumes
volume_backend_name=rbd-1
volume_driver=cinder.volume.drivers.rbd.RBDDriver
# 在/etc/kolla/passwords.yml中可以找到，需要修改
rbd_secret_uuid=4a1206cb-aad8-4576-955c-b384b05d0344
EOF
cat > /etc/kolla/config/nova/nova-compute.conf << EOF
images_rbd_pool=vms
images_type=rbd
images_rbd_ceph_conf=/etc/ceph/ceph.conf
rbd_user=nova
EOF

vi /etc/kolla/globals.yml
----------------------------------------------
enable_ceph: "no"
enable_cinder: "yes"
glance_backend_ceph: "yes"
cinder_backend_ceph: "yes"
nova_backend_ceph: "yes"
# 如果在一個網段里裝兩個openstack集群，本質是因為keepalived。
keepalived_virtual_router_id:"55"

網卡配置

#  有網
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="none"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="enp175s0f0"
UUID="4cfb4d68-54e1-425e-83fd-0341263eedbe"
DEVICE="enp175s0f0"
ONBOOT="yes"
IPADDR="10.3.12.223"
PREFIX="24"
GATEWAY="10.3.12.254"
DNS1="114.114.114.114"
IPV6_PRIVACY="no"

# 沒網
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=autoip
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=enp175s0f1
UUID=2ff0d124-7654-4f00-85fc-498e81afba06
DEVICE=enp175s0f1
ONBOOT=no
IPV6_PRIVACY=no

# 未初始化
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=dhcp
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=enp25s0f0
UUID=1007c870-a15b-4ab0-a3ef-1a89dcaae0c4
DEVICE=enp25s0f0
ONBOOT=no