可用的操作系统:
Debian11(bullseye)
Ubuntu 22.04或20.04
CentOS Stream 9 或 Rocky Linux 9
系统必备的软件:
支持公钥访问的SSH
Python 3.8.x or 3.10.x
系统语言en_US.UTF-8 as the locale
cpu推荐:硬件辅助虚拟化功能,多核心处理器
磁盘大小:每台至少100GB
网络推荐:1G或10G网卡;聚合网卡;网卡可以划分VLAN;Jumbo架构(网络包携带更多数据)
机器准备
部署节点:Rocky linux 9,4C8G+100GB,内网ip:192.168.0.10
目标节点:Rocky linux 9,8C16G+100GB+100GB+100GB,内网ip:192.168.0.11+12+13
配置静态ip
dnf config-manager --enable devel
dnf -y update
dnf install -y network-scripts
systemctl enable network.service --now
# 禁用NetworkManager
systemctl disable NetworkManager --now
# 静态ip(如果这个不会,说明底子太薄,还不适合维护openstack)
vim /etc/sysconfig/network-scripts/ifcfg-enp1s0
-----------------------------------------------
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=eui64
NAME=enp1s0
DEVICE=enp1s0
ONBOOT=yes
UUID=75d44a82-e738-48eb-80d7-0c4f1ee32bf7
IPADDR=192.168.0.10
PREFIX=24
GATEWAY=192.168.0.1
# 重启网卡
systemctl restart network
生成ssh公钥,实现deployment机器到其他机器的免密登录
ssh-keygen -t rsa
# 一路回车,最后生成 ~/.ssh/id_rsa.pub
根据官方文档的指示,下载必要包
dnf upgrade
reboot
dnf install git chrony openssh-server python3-devel sudo
dnf group install "Development Tools"
systemctl stop firewalld
systemctl mask firewalld
pip加速
# 创建.pip隐藏目录
mkdir ~/.pip
# 配置文件加入国内源
vim ~/.pip/pip.conf
-------------------------------------------
[global]
index-url = https://pypi.mirrors.ustc.edu.cn/simple/
trusted-host=pypi.tuna.tsinghua.edu.cn
timeout = 120
下载openstack-ansible及其依赖
# 两个仓库二选一,克隆openstack-ansible源码
git clone -b 26.1.2 https://opendev.org/openstack/openstack-ansible /opt/openstack-ansible
git clone -b 26.1.2 https://github.com/openstack/openstack-ansible.git /opt/openstack-ansible
# 安装依赖
cd /opt/openstack-ansible/
scripts/bootstrap-ansible.sh
最终显示System is bootstrapped and ready for use.表示成功
升级系统包
dnf upgrade
关闭selinux
systemctl disable firewalld --now
setenforce 0
vim /etc/selinux/config
-----------------------------------------
SELINUX=disabled
安装软件包
dnf install iputils lsof openssh-server sudo tcpdump python3
降低内核日志打印等级并重启
echo "kernel.printk='4 1 7 4'" >> /etc/sysctl.conf
reboot
复制deployment的公钥到控制节点。在deployment机器上执行以下命令
ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.0.11
创建LVM存储
OpenStack-Ansible automatically configures LVM on the nodes, and overrides any existing LVM configuration. If you had a customized LVM configuration, edit the generated configuration file as needed.
OpenStack-Ansible会自动在节点上配置LVM,并覆盖已有的LVM。如果你想保留已有的LVM配置,请自行修改openstack-ansible里的配置文件。
创建一个名叫cinder-volumes的卷组。
pvcreate --metadatasize 2048 /dev/sdb /dev/sdc
vgcreate cinder-volumes /dev/sdb /dev/sdc
Bridge name | Best configured on | With a static IP |
---|---|---|
br-mgmt | On every node | Always |
br-storage | On every storage node | When component is deployed on metal |
On every compute node | Always | |
br-vxlan | On every network node | When component is deployed on metal |
On every compute node | Always | |
br-vlan | On every network node | Never |
On every compute node | Never |
Host network bridges information¶
# 禁用NetworkManager,启动Networking服务
dnf config-manager --enable devel
dnf -y update
dnf install -y network-scripts
systemctl enable network.service --now
# 禁用NetworkManager
systemctl disable NetworkManager --now
# 物理网卡配置,调成dhcp模式并桥接到
vim /etc/sysconfig/network-scripts/ifcfg-enp1s0
---------------------------------------------
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=dhcp
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=enp1s0
DEVICE=enp1s0
ONBOOT=yes # 网卡开机自启动
BRIDGE=br-mgmt # 网口桥接到网桥上
BRIDGE=br-storage # 网口桥接到网桥上
BRIDGE=br-vxlan # 网口桥接到网桥上
# br-mgmt网桥配置
vim /etc/sysconfig/network-scripts/ifcfg-br-mgmt
----------------------------------------------------
TYPE="Bridge"
DEVICE="br-mgmt" #网桥的名字
ONBOOT="yes"
BOOTPROTO="static"
IPADDR="192.168.0.11" #网桥的ip地址
NETMASK="255.255.255.0" #网桥所在子网的子网掩码
GATEWAY="192.168.0.1" #网桥所在子网的网关
# br-storage网桥配置
vim /etc/sysconfig/network-scripts/ifcfg-br-storage
-------------------------------------------
TYPE="Bridge"
DEVICE="br-storage" #网桥的名字
ONBOOT="yes"
BOOTPROTO="static"
IPADDR="192.168.0.12" #网桥的ip地址
NETMASK="255.255.255.0" #网桥所在子网的子网掩码
GATEWAY="192.168.0.1" #网桥所在子网的网关
# br-vxlan网桥配置
vim /etc/sysconfig/network-scripts/ifcfg-br-vxlan
-------------------------------------------
TYPE="Bridge"
DEVICE="br-vxlan" #网桥的名字
ONBOOT="yes"
BOOTPROTO="static"
IPADDR="192.168.0.12" #网桥的ip地址
NETMASK="255.255.255.0" #网桥所在子网的子网掩码
GATEWAY="192.168.0.1" #网桥所在子网的网关
# br-vlan网桥配置
vim /etc/sysconfig/network-scripts/ifcfg-br-vlan
-------------------------------------------
TYPE="Bridge"
DEVICE="br-vlan" #网桥的名字
ONBOOT="yes"
BOOTPROTO="none"
cp -R /opt/openstack-ansible/etc/openstack_deploy /etc/
cd /etc/openstack_deploy/
cp openstack_user_config.yml.example /etc/openstack_deploy/openstack_user_config.yml
# 检查openstack_user_config.yml
# 检查user_variables.yml,重点关注install_method变量,source和distro更关注distro
# 添加额外服务etc/openstack_deploy/conf.d
生成密码文件
cd /opt/openstack-ansible
# ./scripts/pw-token-gen.py --file /etc/openstack_deploy/user_secrets.yml
setup-hosts.yml,相当于bootstrap server
setup-infrastructure.yml,安装memcached、rabbitmq、mysql
setup-openstack.yml,安装ops服务
执行安装
cd /etc/openstack-ansible
openstack-ansible setup-infrastructure.yml --syntax-check