实战案例——Ansible部署高可用OpenStack平台
案例描述
1、了解高可用OpenStack平台架构
2、了解Ansible部署工具的使用
3、使用Ansible工具部署OpenStack平台
案例目标
1、部署架构
Dashboard访问采用负载均衡方式,提供VIP地址,平台访问通过VIP地址进行访问,当其中一台控制节点异常时,别一台控制节点可以继续正常工作;MariaDB数据库采用集群式部署,控制节点间数据库相互进行同步。
2、节点规划
Ansible部署高可用OpenStack平台节点规划
| IP地址 | 主机名 | 节点 |
| 172.30.14.10 | controller01 | 控制节点1 |
| 172.30.14.11 | controller02 | 控制节点2 |
| 172.30.14.12 | compute01 | 计算节点1 |
| 172.30.14.13 | compute02 | 计算节点2 |
| 192.168.1.109 | server | Ansible |
3、解压提供的server_bak.zip,通过哦VMware Workstation软件打开server_bak虚拟机,其作为Ansible节点。手动最小化安装4台CentOS 7.2系统的服务器,作为OpensStack节点。
【前期准备】
实施步骤
1、基础环境配置
【IP地址配置】
server_bak节点的IP地址
[root@server ~]# ifconfig eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 172.30.14.20 netmask 255.255.255.0 broadcast 172.30.14.255 inet6 fe80::20c:29ff:fe7e:4486 prefixlen 64 scopeid 0x20<link> ether 00:0c:29:7e:44:86 txqueuelen 1000 (Ethernet) RX packets 391 bytes 29646 (28.9 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 138 bytes 14205 (13.8 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.1.117 netmask 255.255.255.0 broadcast 192.168.1.255 inet6 fe80::20c:29ff:fe7e:4490 prefixlen 64 scopeid 0x20<link> ether 00:0c:29:7e:44:90 txqueuelen 1000 (Ethernet) RX packets 152 bytes 14224 (13.8 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 28 bytes 2602 (2.5 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 eth2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.1.0.253 netmask 255.255.255.0 broadcast 10.1.0.255 inet6 fe80::20c:29ff:fe7e:449a prefixlen 64 scopeid 0x20<link> ether 00:0c:29:7e:44:9a txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 12 bytes 888 (888.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 0 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@server ~]# ping -c 5 baidu.com PING baidu.com (220.181.38.148) 56(84) bytes of data. 64 bytes from 220.181.38.148: icmp_seq=1 ttl=49 time=26.6 ms 64 bytes from 220.181.38.148: icmp_seq=2 ttl=49 time=26.4 ms 64 bytes from 220.181.38.148: icmp_seq=3 ttl=49 time=27.0 ms 64 bytes from 220.181.38.148: icmp_seq=4 ttl=49 time=26.7 ms 64 bytes from 220.181.38.148: icmp_seq=5 ttl=49 time=27.0 ms --- baidu.com ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4051ms rtt min/avg/max/mdev = 26.433/26.782/27.084/0.275 ms [root@server ~]#
controller01节点IP地址
[root@controller01 ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:19:55:0d brd ff:ff:ff:ff:ff:ff inet 172.30.14.10/24 brd 172.30.14.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe19:550d/64 scope link valid_lft forever preferred_lft forever [root@controller01 ~]#
controller02节点的IP地址
[root@controller02 ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:93:a2:40 brd ff:ff:ff:ff:ff:ff inet 172.30.14.11/24 brd 172.30.14.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe93:a240/64 scope link valid_lft forever preferred_lft forever [root@controller02 ~]#
compute01节点的IP地址
[root@compute01 ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:60:aa:8e brd ff:ff:ff:ff:ff:ff inet 172.30.14.12/24 brd 172.30.14.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe60:aa8e/64 scope link valid_lft forever preferred_lft forever [root@compute01 ~]#
compute02节点的IP地址
[root@compute02 ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:87:88:b4 brd ff:ff:ff:ff:ff:ff inet 172.30.14.13/24 brd 172.30.14.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe87:88b4/64 scope link valid_lft forever preferred_lft forever [root@compute02 ~]#
2、Ansible安装OpenStack平台
【修改Ansible环境配置】
[root@server ~]# cd /opt/xd-cloud-simple/ [root@server xd-cloud-simple]# ll total 44 -rwxr-xr-x 1 root root 5964 Sep 28 2019 add_compute_node.sh -rwxr-xr-x 1 root root 1648 Oct 18 22:31 configuration.cfg -rwxr-xr-x 1 root root 158 Jun 30 2017 hosts -rwxr-xr-x 1 root root 0 Jun 20 2017 hosts_ansible -rwxr-xr-x 1 root root 9740 Sep 27 2019 install.sh drwxr-xr-x 5 root root 4096 Oct 19 15:52 module -rwxr-xr-x 1 root root 173 Jun 19 2017 passwd -rwxr-xr-x 1 root root 1512 Sep 28 2019 roach.sh -rwxr-xr-x 1 root root 201 Sep 27 2019 test.sh [root@server xd-cloud-simple]#
编辑configuration.cfg 环境配置文件,根据实际地址和参数进行修改变量。
[root@server xd-cloud-simple]# vim configuration.cfg
# Xiandian Cloud Platform Installation Script # taicai. #----------------------------------------------- # Basic Authentication #----------------------------------------------- REGION_NAME=xiandian DOMAIN_NAME=domain MGMT_NET_CIDR=172.30.14.0/24 DATA_NET_CIDR=172.30.14.0/24 #----------------------------------------------- # System Config # Controller Node #----------------------------------------------- CON_IS_HA=yes CON_VIP_IP=172.30.14.100 CON_HOST_NAME=controller01,controller02 CON_MGMT_DEV_NAME=eth0 CON_MGMT_DEV_IP=172.30.14.10,172.30.14.11 CON_DATA_DEV_NAME=eth0 CON_DATA_DEV_IP=172.30.14.10,172.30.14.11 #----------------------------------------------- # Compute Node #----------------------------------------------- COM_MGMT_DEV_NAME=eth0 COM_MGMT_DEV_IP=172.30.14.12,172.30.14.13 COM_HOST_NAME=compute01,compute02 COM_DATA_DEV_NAME=eth0 COM_DATA_DEV_IP=172.30.14.12,172.30.14.13 COM_PRI_DEV_NAME=eth1 COM_EXT_DEV_NAME=eth1 NEUTRON_MIN_VLAN_NAME=114 NEUTRON_MAX_VLAN_NAME=120 #----------------------------------------------- # Storage Node #----------------------------------------------- #STORAGE_MGMT_DEV_NAME=enp9s0 #STORAGE_MGMT_DEV_IP=10.0.1.1,10.0.1.2,10.0.1.3,10.0.1.4 #STORAGE_HOST_NAME=node-1,node-2,node-3,node-4 #STORAGE_DISK_NAME="/dev/sda /dev/sdb" #STORAGE_DATA_DEV_NAME=enp10s0 #STORAGE_DATA_DEV_IP=10.0.1.1,10.0.1.2,10.0.1.3,10.0.1.4 #----------------------------------------------- # yum repo config #----------------------------------------------- NAME1=centos7 URL1=ftp://172.30.14.20/centos7.2/ NAME2=iaas URL2=ftp://172.30.14.20/iaas/iaas-repo/ ALL_SERVER_ROOT_PASSWORD=000000
在Ansible脚本目录下执行test.sh脚本,清空原始文件。
[root@server xd-cloud-simple]# ./test.sh removed ‘/root/.ssh/id_rsa’ removed ‘/root/.ssh/id_rsa.pub’ removed ‘/root/.ssh/known_hosts’ removed ‘/root/.ssh/authorized_keys’ removed directory: ‘/root/.ssh’ [root@server xd-cloud-simple]#
【一键安装平台】
[root@server xd-cloud-simple]# ./install.s
【查询登录名、密码】
[root@server module]# pwd /opt/xd-cloud-simple/module [root@server module]# cat passwd OPENSTACK_SERVICE_NAME_PASS=tINfSr5aTz7kgukAfIF7 OPENSTACK_SERVICE_PASS=rilgrqK6eEJilk3HSUDs OPENSTACK_METADATA_KEY_PASS=4gvjRuWQy2F6zbPIZ1OR OPENSTACK_KEYSTONE_TOKEN_PASS=L2qIYZaKQPWgvrwEqYM1 DATABASE_PASS=RyEgk2voacCHVzzZRXCv ADMINISTRATOR_NAME=admin ADMINISTRATOR_PASS=cAUk6Pv9WZKTw5a3x2Lg REGION_NAME=xiandian DOMAIN_NAME=domain MGMT_NET_CIDR=172.30.14.0/24 DATA_NET_CIDR=172.30.14.0/24 NEUTRON_MIN_VLAN_NAME=114 NEUTRON_MAX_VLAN_NAME=120 NAME1=centos7 URL1=ftp://172.30.14.20/centos7.2/ NAME2=iaas URL2=ftp://172.30.14.20/iaas/iaas-repo/ ALL_SERVER_ROOT_PASSWORD=000000 CONTROLLER_VIP_IP=172.30.14.100 CONTROLLER_NUM=2 CONTROLLER_VIP_IP=172.30.14.100 CONTROLLER_NODE1_IP=172.30.14.10 CONTROLLER_NODE1_NAME=controller01 CONTROLLER_NODE2_IP=172.30.14.11 CONTROLLER_NODE2_NAME=controller02 COMPUTE_NUM=2 COMPUTE_NODE1_IP=172.30.14.12 COMPUTE_NODE1_NAME=compute01 COMPUTE_NODE2_IP=172.30.14.13 COMPUTE_NODE2_NAME=compute02 MGMT_DEV_NAME=br-mgmt DATA_DEV_NAME=br-storage PRI_DEV_NAME=br-prv EXT_DEV_NAME=br-ex CON_MGMT_DEV_NAME_1=eth0 CON_MGMT_DEV_IP_NODE_1=172.30.14.10 CON_MGMT_DEV_IP_NODE_2=172.30.14.11 CON_DATA_DEV_NAME_1=eth0 CON_DATA_DEV_IP_NODE_1=172.30.14.10 CON_DATA_DEV_IP_NODE_2=172.30.14.11 COM_MGMT_DEV_NAME_1=eth0 COM_MGMT_DEV_IP_NODE_1=172.30.14.12 COM_MGMT_DEV_IP_NODE_2=172.30.14.13 COM_DATA_DEV_NAME_1=eth0 COM_DATA_DEV_IP_NODE_1=172.30.14.12 COM_DATA_DEV_IP_NODE_2=172.30.14.13 COM_PRI_DEV_NAME_1=eth1 COM_EXT_DEV_NAME_1=eth1 [root@server module]#
【查看控制节点1的地址】
[root@controller01 ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master ovs-system state UP qlen 1000 link/ether 00:0c:29:19:55:0d brd ff:ff:ff:ff:ff:ff inet6 fe80::20c:29ff:fe19:550d/64 scope link valid_lft forever preferred_lft forever 3: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN link/ether 1a:81:15:8f:e0:50 brd ff:ff:ff:ff:ff:ff 4: br-mgmt: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/ether 00:0c:29:19:55:0d brd ff:ff:ff:ff:ff:ff inet 172.30.14.10/24 brd 172.30.14.255 scope global br-mgmt valid_lft forever preferred_lft forever inet 172.30.14.100/32 scope global br-mgmt valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe19:550d/64 scope link valid_lft forever preferred_lft forever 5: br-int: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN link/ether 5a:69:a0:d2:76:49 brd ff:ff:ff:ff:ff:ff [root@controller01 ~]#
【查看控制节点2的地址】
[root@controller02 ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master ovs-system state UP qlen 1000 link/ether 00:0c:29:93:a2:40 brd ff:ff:ff:ff:ff:ff inet6 fe80::20c:29ff:fe93:a240/64 scope link valid_lft forever preferred_lft forever 3: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN link/ether be:e0:c3:ba:35:3a brd ff:ff:ff:ff:ff:ff 4: br-mgmt: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/ether 00:0c:29:93:a2:40 brd ff:ff:ff:ff:ff:ff inet 172.30.14.11/24 brd 172.30.14.255 scope global br-mgmt valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe93:a240/64 scope link valid_lft forever preferred_lft forever 5: br-int: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN link/ether 26:9b:7b:4f:e3:44 brd ff:ff:ff:ff:ff:ff [root@controller02 ~]#
当controller01节点异常时或者关闭,VIP将自动切换至controller02节点,实现HA控制节点HA服务。
现在,关闭controller01,查看web界面是否还能正常访问。
[root@controller01 ~]# shutdown -h now
【controller01节点异常或者关闭后,controller02节点的IP地址变化情况】
[root@controller02 ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master ovs-system state UP qlen 1000 link/ether 00:0c:29:93:a2:40 brd ff:ff:ff:ff:ff:ff inet6 fe80::20c:29ff:fe93:a240/64 scope link valid_lft forever preferred_lft forever 3: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN link/ether be:e0:c3:ba:35:3a brd ff:ff:ff:ff:ff:ff 4: br-mgmt: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN link/ether 00:0c:29:93:a2:40 brd ff:ff:ff:ff:ff:ff inet 172.30.14.11/24 brd 172.30.14.255 scope global br-mgmt valid_lft forever preferred_lft forever inet 172.30.14.100/32 scope global br-mgmt valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe93:a240/64 scope link valid_lft forever preferred_lft forever 5: br-int: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN link/ether 26:9b:7b:4f:e3:44 brd ff:ff:ff:ff:ff:ff
【从新登录dashboard,查看是否能够正常访问
