openstack-ansible Chapter 4. Deployment configuration
2024-08-23 07:23:43
Initial environment configuration
- Copy the contents of the /opt/openstack-ansible/etc/openstack_deploy directory to the/etc/openstack_deploy directory.
- Change to the /etc/openstack_deploy directory.
- Copy the openstack_user_config.yml.example file to/etc/openstack_deploy/openstack_user_config.yml.
shared-infra_hosts有哪些物理机器上可以运行容器来运行openstack服务如databases, memcached, and RabbitMQ,
For details about how the inventory is generated from the environment configuration, seeOpenStack-Ansible Inventory.
Affinity
OpenStack-Ansible 会动态的把容器分布到部署机器上,Using shared-infra_hosts as an example
shared-infra_hosts:
infra1:
ip: 172.29.236.101
infra2:
ip: 172.29.236.102
infra3:
ip: 172.29.236.103
那么,每台机器都会部署a single database container, a single memcached container, and a single RabbitMQ。
如果不需要部署RabbitMQ:
shared-infra_hosts:
infra1:
affinity:
rabbit_mq_container:
ip: 172.29.236.101
infra2:
affinity:
rabbit_mq_container:
ip: 172.29.236.102
infra3:
affinity:
rabbit_mq_container:
ip: 172.29.236.103
Configuring target host networking
在cidr_networks section配置每个网络的IP address ranges
cidr_networks:
# Management (same range as br-mgmt on the target hosts)
container: CONTAINER_MGMT_CIDR
# Tunnel endpoints for VXLAN tenant networks
# (same range as br-vxlan on the target hosts)
tunnel: TUNNEL_CIDR
#Storage (same range as br-storage on the target hosts)
storage: STORAGE_CIDR
比如:203.0.113.0/24
Configure the existing IP addresses in the used_ips section:
used_ips:
- EXISTING_IP_ADDRESSES
使用过的IP包括前面manually configured on target hosts, internal load balancers, service network bridge, deployment hosts
Configure load balancing in the global_overrides section:
global_overrides:
# Internal load balancer VIP address
internal_lb_vip_address: INTERNAL_LB_VIP_ADDRESS
# External (DMZ) load balancer VIP address
external_lb_vip_address: EXTERNAL_LB_VIP_ADDRESS
# Container network bridge device
management_bridge: "MGMT_BRIDGE"
# Tunnel network bridge device
tunnel_bridge: "TUNNEL_BRIDGE"
Configure the management network in the provider_networks subsection:
provider_networks:
- network:
group_binds:
- all_containers
- hosts
type: "raw"
container_bridge: "br-mgmt"
container_interface: "eth1"
container_type: "veth"
ip_from_q: "container"
is_container_address: true
is_ssh_address: true
比如要配置可选的storage network:
provider_networks:
- network:
group_binds:
- glance_api
- cinder_api
- cinder_volume
- nova_compute
type: "raw"
container_bridge: "br-storage"
container_type: "veth"
container_interface: "eth2"
ip_from_q: "storage"
Configure OpenStack Networking VXLAN tunnel/overlay networks in the provider_networkssubsection:
provider_networks:
- network:
group_binds:
- neutron_linuxbridge_agent
container_bridge: "br-vxlan"
container_type: "veth"
container_interface: "eth10"
ip_from_q: "tunnel"
type: "vxlan"
range: "TUNNEL_ID_RANGE"
net_name: "vxlan"
Configure OpenStack Networking flat (untagged) and VLAN (tagged) networks in theprovider_networks subsection:
provider_networks:
- network:
group_binds:
- neutron_linuxbridge_agent
container_bridge: "br-vlan"
container_type: "veth"
container_interface: "eth12"
host_bind_override: "PHYSICAL_NETWORK_INTERFACE"
type: "flat"
net_name: "flat"
- network:
group_binds:
- neutron_linuxbridge_agent
container_bridge: "br-vlan"
container_type: "veth"
container_interface: "eth11"
type: "vlan"
range: VLAN_ID_RANGE
net_name: "vlan"
Adding static routes to network interfaces
可选,每个route都需要a destination network in CIDR notation and a gateway,比如:
provider_networks:
- network:
group_binds:
- glance_api
- cinder_api
- cinder_volume
- nova_compute
type: "raw"
container_bridge: "br-storage"
container_interface: "eth2"
container_type: "veth"
ip_from_q: "storage"
static_routes:
- cidr: 10.176.0.0/
gateway: 172.29.248.1
效果是其在/etc/network/interfaces.d/eth2.cfg增加了
post-up ip route add 10.176.0.0/ via 172.29.248.1 || true
Setting an MTU on a network interface
对于存储网络很有用:
provider_networks:
- network:
group_binds:
- glance_api
- cinder_api
- cinder_volume
- nova_compute
type: "raw"
container_bridge: "br-storage"
container_interface: "eth2"
container_type: "veth"
container_mtu: ""
ip_from_q: "storage"
static_routes:
- cidr: 10.176.0.0/
gateway: 172.29.248.1
The example above enables jumbo frames by setting the MTU on the storage network to 9000
Configuring target hosts
Configure a list containing at least three infrastructure target hosts in the shared-infra_hostssection:
shared-infra_hosts:
infra01:
ip: INFRA01_IP_ADDRESS
infra02:
ip: INFRA02_IP_ADDRESS
infra03:
ip: INFRA03_IP_ADDRESS
infra04: ...
Configure a list containing at least two infrastructure target hosts in the os-infra_hostssection (you can reuse previous hosts as long as their name and ip is consistent):
os-infra_hosts:
infra01:
ip: INFRA01_IP_ADDRESS
infra02:
ip: INFRA02_IP_ADDRESS
infra03:
ip: INFRA03_IP_ADDRESS
infra04: ...
Configure a list of at least one keystone target host in the identity_hosts section:
identity_hosts:
infra1:
ip: IDENTITY01_IP_ADDRESS
infra2: ...
Configure a list containing at least one compute target host in the compute_hosts section:
compute_hosts:
compute001:
ip: COMPUTE001_IP_ADDRESS
compute002: ...
。。。。。。。
Configuring service credentials
Configuring the Compute (nova) service (optional)
Configuring the Image (glance) service
Configuring the Block (cinder) storage service (optional)
Configuring HAProxy (optional)
最好使用硬件HA在配置服务HA
To deploy HAProxy within your OpenStack-Ansible environment, define target hosts to run HAProxy:
haproxy_hosts:
infra1:
ip: 172.29.236.101
infra2:
ip: 172.29.236.102
infra3:
ip: 172.29.236.103
Configuring the Telemetry (ceilometer) service (optional)
Configuring the Identity service (keystone) (optional)
Overriding OpenStack configuration defaults
Overriding .conf files
比如要在nova.conf设置
[DEFAULT]
remove_unused_original_minimum_age_seconds = [libvirt]
cpu_mode = host-model
disk_cachemodes = file=directsync,block=none [database]
idle_timeout =
max_pool_size =
可以在/etc/openstack_deploy/user_variables.yml配置:
nova_nova_conf_overrides:
DEFAULT:
remove_unused_original_minimum_age_seconds:
libvirt:
cpu_mode: host-model
disk_cachemodes: file=directsync,block=none
database:
idle_timeout:
max_pool_size:
如果是对特定的server配置:
compute_hosts:
-compute001:
ip: 192.0.2.10
host_vars:
nova_nova_conf_overrides:
DEFAULT:
remove_unused_original_minimum_age_seconds:
libvirt:
cpu_mode: host-model
disk_cachemodes: file=directsync,block=none
database:
idle_timeout:
max_pool_size:
Overriding .json files
用来adjust the default policies
/etc/openstack_deploy/user_variables.yml:
keystone_policy_overrides:
identity:foo: "rule:admin_required"
identity:bar: "rule:admin_required"
Currently available overrides
Galera:
galera_client_my_cnf_overrides
galera_my_cnf_overrides
galera_cluster_cnf_overrides
galera_debian_cnf_overrides
Ceilometer:
ceilometer_policy_overrides
ceilometer_ceilometer_conf_overrides
ceilometer_api_paste_ini_overrides
ceilometer_event_definitions_yaml_overrides
ceilometer_event_pipeline_yaml_overrides
ceilometer_pipeline_yaml_overrides
Cinder:
cinder_policy_overrides
cinder_rootwrap_conf_overrides
cinder_api_paste_ini_overrides
cinder_cinder_conf_overrides
Glance:
glance_glance_api_paste_ini_overrides
glance_glance_api_conf_overrides
glance_glance_cache_conf_overrides
glance_glance_manage_conf_overrides
glance_glance_registry_paste_ini_overrides
glance_glance_registry_conf_overrides
glance_glance_scrubber_conf_overrides
glance_glance_scheme_json_overrides
glance_policy_overrides
Heat:
heat_heat_conf_overrides
heat_api_paste_ini_overrides
heat_default_yaml_overrides
heat_aws_cloudwatch_alarm_yaml_overrides
heat_aws_rds_dbinstance_yaml_overrides
heat_policy_overrides
Keystone:
keystone_keystone_conf_overrides
keystone_keystone_default_conf_overrides
keystone_keystone_paste_ini_overrides
keystone_policy_overrides
Neutron:
neutron_neutron_conf_overrides
neutron_ml2_conf_ini_overrides
neutron_dhcp_agent_ini_overrides
neutron_api_paste_ini_overrides
neutron_rootwrap_conf_overrides
neutron_policy_overrides
neutron_dnsmasq_neutron_conf_overrides
neutron_l3_agent_ini_overrides
neutron_metadata_agent_ini_overrides
neutron_metering_agent_ini_overrides
Nova:
nova_nova_conf_overrides
nova_rootwrap_conf_overrides
nova_api_paste_ini_overrides
nova_policy_overrides
Swift:
swift_swift_conf_overrides
swift_swift_dispersion_conf_overrides
swift_proxy_server_conf_overrides
swift_account_server_conf_overrides
swift_account_server_replicator_conf_overrides
swift_container_server_conf_overrides
swift_container_server_replicator_conf_overrides
swift_object_server_conf_overrides
swift_object_server_replicator_conf_overrides
Tempest:
tempest_tempest_conf_overrides
pip:
pip_global_conf_overrides
Configuring Identity service (keystone) federation (optional)
最新文章
- Android利用canvas画各种图形(点、直线、弧、圆、椭圆、文字、矩形、多边形、曲线、圆角矩形) .
- Vagrant 快速入门
- C#打开mdb文件,获取文件下的所有表格,以及获取表格下的所有字段
- windows server 2008 R2 远程连接用户数修改
- Arduino M0 的一个坑(2015-12-25)
- As3.0 TextField
- Quartz 2D 初步
- xcode调试
- Android -- 从源码解析Handle+Looper+MessageQueue机制
- curl学习之curl_setopt参数设置大总结
- 【CSS3】浏览器内核、私有前缀
- JavaScript(第十六天)【BOM基础】
- 土制Excel导入导出及相关问题探讨
- cdh启动datanode报错
- 使用Nginx实现服务器反向代理和负载均衡
- 深入浅出的webpack构建工具---webpack基本配置(一)
- Day18-前端和后端怎么区分
- STM32 Seminar 2007 -- Timer
- sql左外连接、右外连接、group by、distinct(区别)、intersect(交叉)、通配符、having
- win7无线网络共享