未分类
利用kolla快速搭建openstack-pike多节点
准备工作 系统:Centos7 服务器:两台 物理机 配置:内存:188GB | 硬盘: 19T | CPU: 39 core 部署步骤: 环境准备: 更改主机名,此处有个坑,之前装时设置的域名是:openstack-master1-iuap-idc-yycloud.yonyouiuap.com, 结果导致rabbitmq服务启不来,网上查的是有两个原因, 一个可能是端口被占用, 另一个是主机名设置的问题, 此处设置为短名, openstack1和openstack2:
|
1 |
hostnamectl set-hostname openstack1.yonyouiuap.com |
网络配置: 网卡一, 用于openstack自身容器服务及VIP对外服务:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
HWADDR=6C:92:BF:4A:36:4C TYPE=Ethernet BOOTPROTO=static DEFROUTE=yes PEERDNS=yes PEERROUTES=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_PEERDNS=yes IPV6_PEERROUTES=yes IPV6_FAILURE_FATAL=no NAME=eno1 UUID=951a1ef0-bee5-477f-8f3f-4ada0b1e0a9b ONBOOT=yes IPADDR=172.x.x.128 PREFIX=24 GATEWAY=172.x.x.1 DNS1=10.x.x.14 DNS2=10.x.x.15 |
网卡二, 用于在openstack上跑的云主机对外访问和远程访问云主机, 不用配置IP地址:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
HWADDR=6C:92:BF:4A:36:4D TYPE=Ethernet BOOTPROTO=static DEFROUTE=no PEERDNS=yes PEERROUTES=no IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_PEERDNS=yes IPV6_PEERROUTES=yes IPV6_FAILURE_FATAL=no NAME=eno2 UUID=1890c055-f6bd-47d0-83ee-dddffdcf544f ONBOOT=yes |
安装NTP服务 CentOS系统
|
1 2 3 4 5 6 7 8 9 10 11 |
$ yum install -y chrony 配置NTP服务: $ \cp -f /usr/share/zoneinfo/Asia/Shanghai /etc/localtime $ vim /etc/chrony.conf server 0.cn.pool.ntp.org iburst server 1.cn.pool.ntp.org iburst server 2.cn.pool.ntp.org iburst server 3.cn.pool.ntp.org iburst #重启NTP服务: $ systemctl enable chronyd.service $ systemctl restart chronyd.service |
在所有节点配置hosts文件:
|
1 2 3 4 5 6 7 8 9 |
[root@openstack1 lokolla]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 172.20.23.128 openstack1.yonyouiuap.com openstack1 172.20.23.129 openstack2.yonyouiuap.com openstack2 172.20.23.191 openstack3.yonyouiuap.com openstack3 172.20.23.193 openstack4.yonyouiuap.com openstack4 172.20.23.195 openstack5.yonyouiuap.com openstack5 |
|
1 2 3 4 5 6 7 8 9 10 |
所有节点关闭防火墙 salt "*" cmd.run "systemctl stop firewalld" salt "*" cmd.run "systemctl disable firewalld" 所有节点关闭selinux并重启 [root@master1 yum.repos.d]# cat /etc/selinux/config |grep -v ^#|awk NF SELINUX=disabled SELINUXTYPE=targeted 所有节点关闭NetworkManager salt "*" cmd.run "systemctl stop NetworkManager" salt "*" cmd.run "systemctl disable NetworkManager" 所有节点关闭libvirted salt "*" cmd.run "systemctl stop libvirtd.service" salt "*" cmd.run "systemctl disable libvirtd.service" 所有节点加载rbd模块 salt "*" cmd.run "modprobe rbd" salt "*" cmd.run "lsmod|grep rbd" |
在所有节点配置ssh密钥互通:
|
1 2 |
ssh-keygen ssh-copy-id root@172.x.x.128 |
安装docker基础配置:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 |
[root@openstack1 ~]# cat /etc/sysconfig/selinux | grep -i '^selinux=' SELINUX=disabled [root@openstack1 ~]# setenforce 0 [root@openstack1 ~]# systemctl stop firewalld [root@openstack1 ~]# systemctl disable firewalld ##关闭NetworkManager systemctl stop NetworkManager systemctl disable NetworkManager [root@openstack1 ~]# yum install epel-release ##安装系统中常用的必要组件 [root@openstack1 ~]# yum install -y tree net-tools bind-utils tree sysstat vim-en* \ lrzsz NetworkManager-tui ntp ntpdate iftop tcpdump telnet traceroute python-devel \ libffi-devel gcc openssl-devel git python-setuptools [root@openstack1 ~]# curl -sSL https://get.docker.io | bash //注:这条命令安装的是最新版的docker,会默认下载docker源 # 或者选择yum安装方式: [root@openstack1 ~]# tee /etc/yum.repos.d/docker.repo << 'EOF' [dockerrepo] name=Docker Repository baseurl=https://yum.dockerproject.org/repo/main/centos/$releasever/ enabled=1 gpgcheck=1 gpgkey=https://yum.dockerproject.org/gpg EOF [root@openstack1 ~]# yum install -y docker-engine [root@openstack1 ~]# mkdir -p /etc/systemd/system/docker.service.d [root@openstack1 ~]# tee /etc/systemd/system/docker.service.d/kolla.conf <<-'EOF' [Service] MountFlags=shared #EnvironmentFile=/etc/sysconfig/docker ExecStart= ExecStart=/usr/bin/dockerd --insecure-registry 0.0.0.0/0 EOF [root@openstack1 ~]# systemctl daemon-reload [root@openstack1 ~]# systemctl restart docker [root@openstack1 ~]# systemctl enable docker.service |
|
1 2 3 4 |
[root@openstack1 ~]# pip install --upgrade pip [root@openstack1 ~]# pip install -U docker #安装Docker Python服务 [root@openstack1 ~]# pip install kolla ##安装kolla [root@openstack1 ~]# pip install kolla-ansible #安装Kolla Ansible服务 |
拷贝配置文件
|
1 2 3 |
$ cp -r /usr/share/kolla-ansible/etc_examples/kolla /etc/kolla $ mkdir -p /openstack/kolla-deploy $ cp /usr/share/kolla-ansible/ansible/inventory/* /openstack/kolla-deploy/ |
生成密码
|
1 2 3 4 5 |
##生成密码,更改的配置文件为/etc/kolla/passwords.yml; $ kolla-genpwd ##自定密码: $ vim /etc/kolla/passwords.yml keystone_admin_password: admin |
下载build好的镜像,建立私有仓库,这里,下载使用Kolla社区的pike版本镜像(免去在本地环境docker build的过程,大大加快安装时间)。Ocata版本是4.0.3, pike版本是5.0.1, 事实证明Ocata版本有Bug, 装完后会导致centos-source-cinder-api和centos-source-fluentd两个容器启动失败。
|
1 2 3 4 5 6 7 8 9 10 |
[root@openstack1 ~]# wget http://tarballs.openstack.org/kolla/images/centos-source-registry-pike.tar.gz [root@openstack1 ~]# docker load -i centos-source-registry-pike.tar.gz [root@openstack1 ~]# mkdir /opt/registry [root@openstack1 ~]# tar -xf centos-source-registry-ocata.tar.gz -C /opt/registry/ [root@openstack1 ~]# docker run -d -v /opt/registry:/var/lib/registry -p 4000:5000 --restart=always --name registry registry:2 ## /opt/registry是宿主机的目录,默认docker的registry是使用5000端口,对于OpenStack来说,有端口冲突,所以改成4000 [root@openstack1 ~]# curl http://127.0.0.1:4000/v2/_catalog #可以通过curl来访问验证本地Registry是否正常,检查镜像解压到regisrty是否有效 仓库里面存在的镜像 查看该镜像的tag curl -XGET http://127.0.0.1:4000/v2/kolla/centos-binary-nova-compute/tags/list |
如果是在虚拟机里装kolla,希望可以虚拟机中再启动云主机,那么你需要把virt_type=qemu
|
1 2 3 4 5 6 7 |
# egrep -c '(vmx|svm)' /proc/cpuinfo # mkdir -p /etc/kolla/config/nova //服务器默认就是kvm,无需操作该步骤。 cat << EOF > /etc/kolla/config/nova/nova-compute.conf [libvirt] virt_type=qemu cpu_mode = none EOF |
配置Kolla 下面是我的配置,此处要注意,kolla_internal_vip_address是配置的没有使用的IP,如果配置的IP已经被使用的话会报错 Read more…