openstack kolla 入门
[TOC]
#openstack kolla 入门
##kolla 使命
To provide production-ready containers and deployment tools for operating OpenStack clouds
##快速开始
[官方文档all-in-one](https://docs.openstack.org/developer/kolla-ansible/quickstart.html)
[多节点部署](https://docs.openstack.org/developer/kolla-ansible/multinode.html)
[手动构建容器镜像](https://docs.openstack.org/developer/kolla/image-building.html)
###基础环境
**裸机/虚拟机(ubuntu,centos,oracle linux,container OS platforms)*
**root 用户操作**
|配置|最低要求|
|:----------|------:|
|网卡|2个|
|内存|8G|
|存储|40G|
###安装前检查
>ip addr show
如果第二块网卡未启动
ip link set ens* up
###安装依赖
**升级内核到最新**
>[ubuntu]
>apt-get install linux-image-generic-lts-wily
>[centos]
>N/A
**安装升级pip**
>[ubuntu]
>apt-get update
apt-get install python-pip
pip install -U pip
>[centos]
>yum install epel-release
yum install python-pip
pip install -U pip
**编译,pip包管理依赖**
>[ubuntu]
>apt-get install python-dev libffi-dev gcc libssl-dev
>[centos]
>yum install python-devel libffi-devel gcc openssl-devel
###版本要求
**mitaka**
|组件|最低|最高|说明|
|:-----|-----|------|-----:|
|ansible|1.9.4|<2.0.0|部署主机|
|docker|1.10.0|none|目标节点|
|docker python|1.6.0|none|目标节点|
|python jinja2|2.6.0|none|部署主机|
**newton**
|组件|最低|最高|说明|
|:-----|-----|------|-----:|
|ansible|2.0.0|<2.0.0|部署主机|
|docker|1.10.0|none|目标节点|
|docker python|1.6.0|none|目标节点|
|python jinja2|2.8.0|none|部署主机|
**安装ansible**
>[CentOS or RHEL systems]
>yum install ansible
>[DEB based systems]
>pip install -U ansible
**安装配置docker**
>curl -sSL https://get.docker.io | bash
>docker --version
**systemd**
>\# Create the drop-in unit directory for docker.service
>mkdir -p /etc/systemd/system/docker.service.d
>\# Create the drop-in unit file
>tee /etc/systemd/system/docker.service.d/kolla.conf <<-'EOF'
>[Service]
>MountFlags=shared
>EOF
**restart docker server**
\# Run these commands to reload the daemon
systemctl daemon-reload
systemctl restart docker
**升级docker py**
>pip install -U docker-py
**安装配置NTP**
> yum install ntp
>[centos]
systemctl enable ntpd.service
systemctl start ntpd.service
更新本地时间
ntpdate asia.pool.ntp.org
**关闭libvirt**
>[CentOS 7]
systemctl stop libvirtd.service
systemctl disable libvirtd.service
[ubunut]
service libvirt-bin stop
update-rc.d libvirt-bin disable
##安装kolla 和kolla-ansible
>pip install kolla-ansible
pip install kolla(官方未给出)
**拷贝配置和资源文件**
[CentOS]
cp -r /usr/share/kolla/etc_examples/kolla /etc/kolla/
[Ubuntu]
cp -r /usr/local/share/kolla/etc_examples/kolla /etc/kolla/
[CentOS]
cp /usr/share/kolla/ansible/inventory/* .
[Ubuntu]
cp /usr/local/share/kolla/ansible/inventory/* .
**为安装openstack 做准备**
修改全局配置
>/etc/kolla/globals.yml
>network_interface: "ens3"
neutron_external_interface: "ens4"
kolla_base_distro
kolla_install_type
kolla_internal_vip_address:
all-in-one 则修改成第一个网卡的ip(注意)
**关闭HAporxy--官方未说明**
/usr/share/kolla/ansible/group_vars/all.yml
enable_haproxy: "no"
**修改docker 重启策略--官方未说明**
/usr/share/kolla/ansible/group_vars/all.yml
docker_restart_policy:"on-failure"
**自动生成密码**
kolla-genpwd
**修改登陆页面密码**
>keystone_admin_password: password
>快速准备
kolla-ansible -i all-in-one bootstrap
**拉取官方镜像**
kolla-ansible pull (时间1个小时左右 可能会网络问题 重新拉取即可)
docker images 获取镜像列表
**使用kolla 部署前端口占用检查**
kolla-ansible prechecks -i all-in-one
##完成部署
>kolla-ansible deploy -i all-in-one
kolla-ansible post-deploy
**测试部署结果**
>source /etc/kolla/admin-openrc.sh
[centos]
cd /usr/share/kolla
./init-runonce
[ubuntu]
cd /usr/local/share/kolla
./init-runonce
##遇到问题
**单节点部署问题**
>1.预先安装的docker软件包版本同bootstrap的准备配置冲突
解决办法:删除冲突的软件包
rpm -erase pkg
修改/usr/share/kolla/ansible/roles/baremetal/default/main.yml 中对应任务的软件包版本同本机相同
>2.导入gpg 超时
rpm --import https://yum.dockerproject.org/gpg
可以导入即可继续
>3.docker 服务启动失败:
/etc/systemd/system/docker.service.d 配置被修改错误
修改模板配置模板 则可以正常启动
/usr/share/kolla/ansible/roles/baremetal/templates/ docker_systemd_service.j2 删除第二行之后所有内容
>4.ubuntu 16.04安装最新docker 失败
curl: (35) gnutls_handshake() failed: The TLS connection was non-properly terminated.
没有安装 软件包curl
安装则解决 docker 失败问题
**多节点部署问题**
1.多节点ansible 管理 ssh没有权限问题
Failed to connect to the host via ssh: Permission denied (publickey,password
根因:ssh 无密码登陆没有 对本机 和其他节点 配置
解决:
ssh-copy-id 配置所有节点对应用户无密码输入 可直接ssh
**docker 重启策略问题(偶现)**
问题
```fatal: [localhost]: FAILED! => {"changed": true, "failed": true, "msg": "'Traceback (most recent call last):\\n File \"/tmp/ansible_XIOIpx/ansible_module_kolla_docker.py\", line 742, in main\\n result = bool(getattr(dw, module.params.get(\\'action\\'))())\\n File \"/tmp/ansible_XIOIpx/ansible_module_kolla_docker.py\", line 567, in start_container\\n self.create_container()\\n File \"/tmp/ansible_XIOIpx/ansible_module_kolla_docker.py\", line 555, in create_container\\n self.dc.create_container(**options)\\n File \"/usr/local/lib/python2.7/dist-packages/docker/api/container.py\", line 135, in create_container\\n return self.create_container_from_config(config, name)\\n File \"/usr/local/lib/python2.7/dist-packages/docker/api/container.py\", line 146, in create_container_from_config\\n return self._result(res, True)\\n File \"/usr/local/lib/python2.7/dist-packages/docker/client.py\", line 178, in _result\\n self._raise_for_status(response)\\n File \"/usr/local/lib/python2.7/dist-packages/docker/client.py\", line 174, in _raise_for_status\\n raise errors.APIError(e, response, explanation=explanation)\\nAPIError: 500 Server Error: Internal Server Error (\"{\"message\":\"maximum retry count cannot be used with restart policy \\'unless-stopped\\'\"}\")\\n’"}
```
参考社区修改
https://review.openstack.org/#/c/424114/2/ansible/library/kolla_docker.py
问题:社区已经修改但实际部署过程并未修改 当前看问题并未解决。
**部署后openstack服务日志存放目录**
/var/lib/docker/volumes/kolla_logs/_data/
**docker 问题定位**
>docker exec -it heka bash
docker logs container-name
**优化**:
配置阿里云 docker 镜像加速仓库
1)注册个帐号
https://dev.aliyun.com/search.html
阿里云会自动为用户分配一个镜像加速器的地址,登录后进入"管理中心"-->"加速器",里面有分配给你的镜像加速器的地址以及各个环境的使用说明。
镜像加速器地址:https://xxxxx.mirror.aliyuncs.com
2)配置docker
sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
"registry-mirrors": ["https://zt13pwpr.mirror.aliyuncs.com"]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker
##涉及技术点及成果
[docker 构建镜像](https://docs.docker.com/engine/getstarted/step_four/)
[kolla-ansible 构建镜像](https://docs.openstack.org/developer/kolla/image-building.html)
[kolla 镜像仓库](https://hub.docker.com/u/kolla/)
[docker 服务配置](https://docs.docker.com/engine/admin/systemd/)
[问题debug](https://docs.openstack.org/developer/kolla-ansible/troubleshooting.html)
