Through Kolla-Ansible and container-based deployment of OpenStack

Posted on by Gene Kuo
透過 Kolla-Ansible 跟 Container 部署 OpenStack

OpenStack has long been complex and challenging to deploy, but with the rise of DevOps and container concepts in recent years, the OpenStack community has seen a growing trend toward deploying OpenStack using containers and Ansible. This approach is realized through Kolla and Kolla-Ansible. Kolla provides Dockerfiles to build the Docker images required by OpenStack, while Kolla-Ansible offers Ansible playbooks to deploy these containers. This article will explain how to quickly deploy a production-ready, high-availability OpenStack environment (current version: Queens) using this solution.

Basic Architecture

A high-availability OpenStack environment requires at least 4 nodes: 3 controller nodes (including Ceph nodes) plus at least one compute node. Each node must have at least two network interfaces.

Kolla-Ansible divides OpenStack networking into several categories.

  • API interface is the boundary for internal components of OpenStack to communicate and access the database, recommended to use internal network.
  • External VIP Interface is the endpoint for OpenStack to external services.
  • Storage Interface is the boundary for OpenStack VMs to communicate with Ceph, recommended to use 10G or higher network.
  • Cluster Interface is the network interface for internal Ceph replication, also recommended to use 10G or higher network.
  • Tunnel Interface is the boundary for OpenStack VM-to-VM network communication.
  • Neutron External Interface provides external network access for VMs, flat/vlan network for floating IPs also goes through this interface.IP cannot be used on the introduction page

In addition to the Neutron external interface requiring a separate interface, other networks can share the interface, with the default value for network_interface set to.

Preparation

This example uses the official image uploaded to DockerHub; if you need to modify the image yourself, you must set up a Docker Registry.

First, download the Kolla-Ansible code onto the machine to be deployed, and then.

git clone https://github.com/openstack/kolla-ansible -b stable/queens
pip install -U ansible

Place the kolla-ansible configuration file into /etc/kolla the root directory.

cp kolla-ansible/etc/kolla/ /etc/kolla

Install Ansible

Ansible can be installed directly using the package manager of the Linux distribution.

CentOS

sudo yum install epel-release
sudo yum install ansible

Ubuntu

sudo apt install ansible

Environment Setup

All Kolla-Ansible configurations will be placed in /etc/kolla/globals.yml the directory.

When editing, remember to remove the comment before the line you're editing; the initial value entered is the default value.

Kolla Options

kolla_install_type refers to the method of installing OpenStack code—binary means using the pre-packaged binary files provided by each distribution, while source means using the OpenStack upstream source code. The choice here is subjective, but most users prefer installing via the source method.

openstack_release is essentially the Docker repository tag used by Kolla Image; this example uses the queens version on DockerHub, so it is left as-is. queens

# Valid option is Docker repository tag
openstack_release: "queens"

kolla_internal_vip_address and kolla_internal_fqdn are the IP address and FQDN used internally by OpenStack services; since each environment differs, the IP address will vary accordingly. This IP address must be in the same CIDR as the API interface and must be an unused IP.

kolla_external_vip_address and kolla_external_fqdn are the IP address and FQDN used by OpenStack services for public users.

kolla_internal_vip_address: "192.168.113.0"

#kolla_internal_fqdn: "{{ kolla_internal_vip_address }}"

kolla_external_vip_address: "140.113.0.1"

kolla_external_fqdn: "openstack.igene.tw"

Docker Options

The Docker Options section includes some registry authentication and location settings. Since this example directly uses images from DockerHub, leaving the defaults is sufficient.

Network Options

The Network Options section requires defining the network interfaces used by each network type. The interface names here should be adjusted based on the actual interface names on the host machine. If network configurations differ across locations, overrides can be made in the Ansible inventory.

#kolla_external_vip_interface: "eth0"
#api_interface: "{{ network_interface }}"
#storage_interface: "enp2s0f0"
#cluster_interface: "enp2s0f1"
#tunnel_interface: "{{ network_interface }}"
#dns_interface: "{{ network_interface }}"

#neutron_external_interface: "eth1"

OpenStack Option

This section allows selecting which OpenStack services to deploy. This tutorial will additionally deploy Ceph and Cinder.

enable_ceph: "yes"
enable_ceph_rgw: "yes"
enable_cinder: "yes"

Glance - Image Options

Since Ceph is being used, we expect OpenStack images to be stored directly in Ceph, so the Ceph backend must be set accordingly.

glance_backend_file: "no"
glance_backend_ceph: "yes"

Cinder - Block Storage Options

Cinder Volume and Cinder Backup will also be provided by Ceph, so the backend must be changed to Ceph.

cinder_backend_ceph: "yes"

cinder_backup_driver: "ceph"

Nova – Compute Options

Nova’s storage component is also changed to use Ceph.

nova_backend_ceph: "yes"

Most of the configuration has now been completed. In actual production deployments, minor adjustments can be made based on individual requirements.
If any individual service configuration file needs to be modified or debugged, this guide can be referenced. Using Custom Config in Kolla-Ansible

Ansible Inventory Configuration

Ansible Inventory is populated with the hostnames or IP addresses of each node as selected. This example includes three controller nodes. control01, control02 control03` 和一台 compute node `compute01The controller node also serves as a Ceph storage node, so the controller node’s hostname is also included in the storage section.

[control]
control01
control02
control03

[network]
control01
control02
control03

[inner-compute]

[external-compute]
compute01

[compute:children]
inner-compute
external-compute

[monitoring]
control01
control02
control03

[storage]
control01
control02
control03

Real-time Deployment

Kolla-Ansible deployment is very simple after configuration, requiring only four commands to run.

cd kolla-ansible
tools/generate_passwords.py

generate_passwords` 這個 script 將會產生 OpenStack 使用的密碼並且填入 `/etc/kolla/passwords.yml this file.

tools/kolla-ansible -i ansible/inventory/multinode bootstrap-servers

bootstrap-servers Basic setup tasks will be performed on the nodes to be deployed, such as installing required packages and Docker.

tools/kolla-ansible -i ansible/inventory/multinode prechecks

prechecks The system will perform a basic check to verify if the required configuration files are in place, such as whether VIP and port are properly set up, etc.

tools/kolla-ansible -i ansible/inventory/multinode deploy

deploy The system will deploy an OpenStack environment in real time, including pulling images, running images, and completing OpenStack configuration—all handled by this playbook. Deployment time depends on network speed and deployment scale, but a fully functional, production-ready, high-availability OpenStack environment can be set up in as little as 20 minutes.

If deploy there are no issues after completion, you can access the OpenStack dashboard directly via your browser using the kolla_internal_vip_address or kolla_internal_fqdn.

Finally, use the account admin along with /etc/kolla/passwords.yml" 中的 `keystone_admin_password you can log in to the dashboard.

Reference

Kolla-Ansible User Guide

Copyright Notice: All articles in this blog are licensed under CC BY-NC-SA 4.0 unless stated otherwise.

No comments yet
Ansible IaaS Kolla Kolla-Ansible OpenStack

Leave a Reply