A. Environment Diagram
Diagram
System Specification
Key | Value |
---|
Hostname | fb-node-aio |
Operating System | Ubuntu 22.04 LTS |
NIC 1 - Openstack network | 192.168.1.11/24 |
NIC 2 - Floating IPs | 10.0.0.0/24 |
Boot Disk | 64 GB |
Disk 1 (Glance & Nova) | 128 GB |
Disk 2 (Cinder Volumes) | 128 GB |
Kolla Ansible Version | 15.2.1 |
Openstack Version | Zed |
B. General Preparation
All steps are done in root
Update hostname
1
| hostnamectl set-hostname fb-node01
|
Update root password
Update Timezone
1
| timedatectl set-timezone Asia/Jakarta
|
Update hosts file
1
2
3
4
5
| cat<< EOF >> /etc/hosts
192.168.1.10 aio.openstack.lab
192.168.1.11 fb-node-aio fb-node-aio.aio.openstack.lab
EOF
|
Update repository and upgrade all packages
1
| apt update && apt upgrade -y
|
Install essential packages
1
| apt install net-tools dns-utils tree
|
Reboot to apply all updates
Generate SSH key for user root
C. Prepare Disks
Create Volume Group for Cinder
Create Volume Group openstack_cinder
1
2
3
4
| parted -s -a opt /dev/vdb mklabel gpt mkpart primary 0% 100%
set 1 lvm on
pvcreate /dev/vdb1
vgcreate openstack_cinder /dev/vdb1
|
Create Partition for Glance and Nova
- Create Logical Volume
openstack_data
1
2
3
4
5
| parted -s -a opt /dev/vdc mklabel gpt mkpart primary 0% 100%
set 1 lvm on
pvcreate /dev/vdc1
vgcreate openstack_data /dev/vdc1
lvcreate -l 100%FREE -n openstack_data openstack_data
|
- Format partition openstack_data
1
| mkfs.xfs /dev/openstack_data/openstack_data
|
- Mount partition
1
2
3
4
5
6
7
8
9
10
| mkdir /openstack_data
cat<< EOF >> /etc/fstab
/dev/mapper/openstack_data-openstack_data /openstack_data xfs defaults 0 0
EOF
mount -a
mkdir -p /openstack_data/nova
mkdir -p /openstack_data/glance
|
D. Install Dependencies
- Install python packages
1
2
3
| apt install -y python3-dev libffi-dev gcc libssl-dev python3-venv python3-pip
pip3 install -U pip
pip3 install docker
|
- Configure Ansible
1
2
3
4
5
6
7
8
9
10
| mkdir -p /etc/ansible
cat<<EOF | sudo tee /etc/ansible/ansible.cfg
[defaults]
host_key_checking=False
pipelining=True
forks=100
interpreter_python=/usr/bin/python3
timeout=60
EOF
|
- Create python virtual environment
1
2
3
| mkdir /root/openstack && cd /root/openstack
python3 -m venv os-venv
source /root/openstack/os-venv/bin/activate
|
- Install Kolla Ansible
1
2
3
4
5
| pip install -U pip
pip install -U 'ansible>=4,<6'
pip install python-openstackclient
pip install git+https://opendev.org/openstack/kolla-ansible@stable/zed
kolla-ansible install-deps
|
- Copy configuration files
1
2
3
4
| mkdir /etc/kolla
chown $USER:$USER /etc/kolla
cp /root/openstack/os-venv/share/kolla-ansible/etc_examples/kolla/* /etc/kolla/
cp /root/openstack/os-venv/share/kolla-ansible/ansible/inventory/all-in-one .
|
1
| nano /etc/kolla/globals.yml
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
| # BASE
config_strategy: "COPY_ALWAYS"
kolla_base_distro: "ubuntu"
kolla_install_type: "source"
openstack_release: "zed"
prechecks_enable_host_os_checks: "false"
# NETWORKS
kolla_external_vip_address: 192.168.1.10
kolla_external_fqdn: "aio.openstack.lab"
kolla_internal_vip_address: 192.168.1.10
kolla_internal_fqdn: "aio.openstack.lab"
network_interface: "ens3"
neutron_external_interface: "ens4"
neutron_plugin_agent: "ovn"
enable_neutron_provider_networks: "yes"
# SERVICES
enable_openstack_core: "yes"
enable_keystone: "yes"
keystone_token_provider: "fernet"
enable_horizon: "yes"
enable_haproxy: "yes"
enable_mariabackup: "yes"
enable_octavia: "no"
enable_cinder: "yes"
enable_cinder_backup: "no"
enable_cinder_backend_lvm: "yes"
cinder_volume_group: "openstack_cinder"
enable_glance: "yes"
glance_backend_file: "yes"
glance_file_datadir_volume: "/openstack_data/glance/"
enable_nova: "yes"
nova_compute_virt_type: "kvm"
nova_instance_datadir_volume: "/openstack_data/nova/"
# TLS
kolla_enable_tls_internal: "yes"
kolla_enable_tls_external: "yes"
kolla_copy_ca_into_containers: "yes"
kolla_enable_tls_backend: "yes"
openstack_cacert: "/etc/ssl/certs/ca-certificates.crt"
kolla_admin_openrc_cacert: "/etc/ssl/certs/ca-certificates.crt"
# MONITORING
enable_fluentd: "no"
enable_prometheus: "yes"
enable_grafana: "yes"
|
F. Deploy Openstack
- Generate password
- Generate self signed certificates
1
| kolla-ansible certificates
|
- Bootstrap server
1
| kolla-ansible -v -i all-in-one bootstrap-servers
|
- Precheck server
1
| kolla-ansible -v -i all-in-one prechecks
|
- Pull container images
1
| kolla-ansible -v -i all-in-one pull
|
- Deploy services
1
| kolla-ansible -v -i all-in-one deploy
|
G. Post Deployment
Generate openrc file
1
| kolla-ansible -v -i all-in-one post-deploy
|
1
2
3
4
| nano /etc/kolla/admin-openrc.sh
---
source /root/openstack/os-venv/bin/activate
|
Verify Deployment
1
| source /etc/kolla/admin-openrc.sh
|
1
2
3
4
5
6
| openstack endpoint list
openstack service list --long
openstack hypervisor list --long
openstack compute service list
openstack network agent list
openstack volume service list
|
H. Operational Test
Monitoring Stack
Access Openstack Grafana on https://aio.openstack.lab:3000. Openstack Grafana password can be obtained from:
1
| grep grafana_admin_password /etc/kolla/passwords.yml
|
Create Internal Network
Create internal network
1
| openstack network create internal-net
|
Create internal network subnet
1
2
3
4
5
| openstack subnet create --subnet-range 172.16.0.0/24 \
--network internal-net \
--gateway 172.16.0.1 \
--dns-nameserver 1.1.1.1 \
internal-subnet
|
Create External Network
Create external network
1
2
3
4
| openstack network create --share --external \
--provider-physical-network physnet1 \
--provider-network-type flat \
public-net
|
Create external network subnet
1
2
3
4
5
6
| openstack subnet create --no-dhcp \
--allocation-pool 'start=10.0.0.2,end=10.0.0.254' \
--network public-net \
--subnet-range 10.0.0.0/24 \
--gateway 10.0.0.1 \
public-subnet
|
Create Router
Create router
1
| openstack router create public-router
|
Add internal network to router
1
| openstack router add subnet public-router internal-subnet
|
Set router default gateway
1
| openstack router set --external-gateway public-net public-router
|
Create Security Group
Create security group allow-all
1
| openstack security group create allow-all
|
Create security group rule to allow all connection
1
2
3
4
| openstack security group rule create --ingress --ethertype IPv4 --protocol icmp allow-all
openstack security group rule create --ingress --ethertype IPv4 --protocol tcp --dst-port 22 allow-all
openstack security group rule create --ingress --ethertype IPv4 --protocol tcp --dst-port 1:65535 allow-all
openstack security group rule create --ingress --ethertype IPv4 --protocol udp --dst-port 1:65535 allow-all
|
Add Public Key to Nova
Do on corresponding nodes
1
| openstack keypair create --public-key ~/.ssh/id_rsa.pub openstack-node-key
|
Create Default Flavor
1
2
3
4
5
6
| openstack flavor create --id 1 --ram 512 --disk 1 --vcpus 1 tiny
openstack flavor create --id 2 --ram 1024 --disk 10 --vcpus 1 mini
openstack flavor create --id 3 --ram 2048 --disk 20 --vcpus 1 small
openstack flavor create --id 4 --ram 4096 --disk 40 --vcpus 2 medium
openstack flavor create --id 5 --ram 8192 --disk 80 --vcpus 4 large
openstack flavor create --id 6 --ram 16384 --disk 160 --vcpus 8 xlarge
|
Create Glance Images
1
2
| mkdir /root/images
cd /root/images
|
Cirros
Download and Create Glance Image for Cirros
1
2
3
4
5
6
7
8
9
| wget https://download.cirros-cloud.net/0.6.2/cirros-0.6.2-x86_64-disk.img
openstack image create \
--public \
--container-format bare \
--disk-format qcow2 \
--property os_type=linux \
--file /root/images/cirros-0.6.2-x86_64-disk.img \
Cirros-0.6.2
|
Ubuntu 20.04
Download and Create Glance Image for Ubuntu 20.04
1
2
3
4
5
6
7
8
9
| wget http://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img
openstack image create \
--public \
--container-format bare \
--disk-format qcow2 \
--property os_type=linux \
--file /root/images/jammy-server-cloudimg-amd64.img \
Ubuntu-22.04
|
List Openstack Images
Deploy VM tester to Openstack
Create VM
1
2
3
4
5
6
7
| openstack server create \
--image Cirros-0.6.2 \
--flavor tiny \
--key-name openstack-node-key \
--network internal-net \
--security-group allow-all \
demo-cirros
|
Add Floating IP to VM
1
2
| openstack floating ip create --floating-ip-address 10.0.0.123 public-net
openstack server add floating ip demo-cirros 10.0.0.123
|
Access VM
Login to Openstack Horizon
Get admin password
1
| grep keystone_admin_password /etc/kolla/passwords.yml
|
Open https://aio.openstack.lab and insert admin for username and keystone_admin_password
value for password
I. References
Comments powered by Disqus.