kolla安装openstack

kolla all-in-one

all-in-one在一台主机上安装openstack。

官方指南：

https://docs.openstack.org/kolla-ansible/latest/user/quickstart.html

环境

VMWare虚拟机，4核，8G内存，两块网卡：桥接VMnet0和仅主机模式VMnet3。

VMWare虚拟网络编辑器：

系统信息，ubuntu 24.04.2桌面版。

$ cat /etc/os-release 
PRETTY_NAME="Ubuntu 24.04.2 LTS"
NAME="Ubuntu"
VERSION_ID="24.04"
VERSION="24.04.2 LTS (Noble Numbat)"
VERSION_CODENAME=noble
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=noble
LOGO=ubuntu-logo

两个网卡地址分别为192.168.5.144和192.168.10.131，都是dhcp方式获得。

kai@kolla-allinone:~$ ip a
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:0c:29:71:0c:3e brd ff:ff:ff:ff:ff:ff
    altname enp2s1
    inet 192.168.5.144/24 brd 192.168.5.255 scope global dynamic noprefixroute ens33
       valid_lft 26393sec preferred_lft 26393sec
    inet6 fe80::be9f:5889:25c4:3345/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: ens34: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:0c:29:71:0c:48 brd ff:ff:ff:ff:ff:ff
    altname enp2s2
    inet 192.168.10.131/24 brd 192.168.10.255 scope global dynamic noprefixroute ens34
       valid_lft 1194sec preferred_lft 1194sec
    inet6 fe80::20c:29ff:fe71:c48/64 scope link 
       valid_lft forever preferred_lft forever

安装基础工具

安装open-vm-tools，openssh-server，vim。

sudo apt -y install open-vm-tools openssh-server vim

安装kolla依赖

创建一个工作目录work，和一个python虚拟环境目录work/kolla：

kai@kolla-allinone:~$ mkdir work
kai@kolla-allinone:~$ 
kai@kolla-allinone:~$ mkdir -p  work/kolla

安装需要的依赖包：

kai@kolla-allinone:~/work$ sudo apt -y install git python3-dev libffi-dev gcc libssl-dev libdbus-glib-1-dev python3-venv curl

创建并激活python虚拟环境，更新pip：

kai@kolla-allinone:~/work$ python3 -m venv ./kolla/
kai@kolla-allinone:~/work$ source ./kolla/bin/activate
(kolla) kai@kolla-allinone:~/work$ pip install -U pip

安装kolla-ansible：

(kolla) kai@kolla-allinone:~/work$ pip install git+https://opendev.org/openstack/kolla-ansible@master

创建/etc/kolla目录，修改所有者为当前用户。

(kolla) kai@kolla-allinone:~/work$ sudo mkdir /etc/kolla
(kolla) kai@kolla-allinone:~/work$ sudo chown $USER:$USER /etc/kolla

拷贝globals.yml和passwords.yml两个文件到/etc/kolla目录。拷贝all-in-one文件到当前工作目录。

(kolla) kai@kolla-allinone:~/work$ cp -r ./kolla/share/kolla-ansible/etc_examples/kolla/* /etc/kolla  
(kolla) kai@kolla-allinone:~/work$ cp ./kolla/share/kolla-ansible/ansible/inventory/all-in-one . 

安装kolla-ansible的依赖 ：

(kolla) kai@kolla-allinone:~/work$ kolla-ansible install-deps

初始配置

全局globals.yml配置文件修改前后的对比如下。主要有四处修改，

kolla_base_distro修改为ubuntu；

kolla_internal_vip_address修改为192.168.5.223； //确保此IP地址没有被使用，后续安装也会对此进行检查。

network_interface修改为ens33；

neutron_external_interface修改为ens34.

kai@kolla-allinone:~/work/kolla/share/kolla-ansible$ diff -bup etc_examples/kolla/globals.yml /etc/kolla/globals.yml 
--- etc_examples/kolla/globals.yml      2025-05-11 20:21:23.870603037 +0800
+++ /etc/kolla/globals.yml      2025-05-12 10:06:08.496580152 +0800
@@ -43,7 +43,7 @@ workaround_ansible_issue_8743: yes
 #config_strategy: "COPY_ALWAYS"
 
 # Valid options are ['centos', 'debian', 'rocky', 'ubuntu']
-#kolla_base_distro: "rocky"
+kolla_base_distro: "ubuntu"
 
 # Do not override this unless you know what you are doing.
 #openstack_release: "master"
@@ -62,7 +62,7 @@ workaround_ansible_issue_8743: yes
 # All-In-One without haproxy and keepalived, you can set enable_haproxy to no
 # in "OpenStack options" section, and set this value to the IP of your
 # 'network_interface' as set in the Networking section below.
-#kolla_internal_vip_address: "10.10.10.254"
+kolla_internal_vip_address: "192.168.5.223"
 
 # This is the DNS name that maps to the kolla_internal_vip_address VIP. By
 # default it is the same as kolla_internal_vip_address.
@@ -133,7 +133,7 @@ workaround_ansible_issue_8743: yes
 # Yet another way to workaround the naming problem is to create a bond for the
 # interface on all hosts and give the bond name here. Similar strategy can be
 # followed for other types of interfaces.
-#network_interface: "eth0"
+network_interface: "ens33"
 
 # These can be adjusted for even more customization. The default is the same as
 # the 'network_interface'. These interfaces must contain an IP address.
@@ -158,7 +158,7 @@ workaround_ansible_issue_8743: yes
 # though an IP address can exist on this interface, it will be unusable in most
 # configurations. It is recommended this interface not be configured with any IP
 # addresses for that reason.
-#neutron_external_interface: "eth1"
+neutron_external_interface: "ens34"

自动生成/etc/kolla/passwords.yml文件中的密码。

(kolla) kai@kolla-allinone:~/work$ kolla-genpwd

部署

增加如下行到/etc/sudoers文件中：

kai  ALL=(ALL) NOPASSWD:ALL

由于在bootstrap-servers需要使用sudo，以上设置在执行sudo时免除密码。

TASK [openstack.kolla.etc_hosts : Ensure localhost in /etc/hosts] ***************************************
fatal: [localhost]: FAILED! => {"changed": false, "module_stderr": "sudo: a password is required\n", "module_stdout": "", "msg": "MODULE FAILURE: No start of json char found\nSee stdout/stderr for the exact error", "rc": 1}

使用all-in-one文件中的配置启动服务器：

(kolla) kai@kolla-allinone:~/work$ kolla-ansible bootstrap-servers -i ./all-in-one

检查：

(kolla) kai@kolla-allinone:~/work$ kolla-ansible prechecks -i ./all-in-one

如果遇到如下错误：

TASK [prechecks : Checking docker SDK version] **********************************************************
fatal: [localhost]: FAILED! => {"changed": false, "cmd": ["/home/kai/work/kolla/bin/python3.12", "-c", "import docker; print(docker.__version__)"], "delta": "0:00:00.029741", "end": "2025-05-11 20:50:55.685868", "failed_when_result": true, "msg": "non-zero return code", "rc": 1, "start": "2025-05-11 20:50:55.656127", "stderr": "Traceback (most recent call last):\n  File \"<string>\", line 1, in <module>\nModuleNotFoundError: No module named 'docker'", "stderr_lines": ["Traceback (most recent call last):", "  File \"<string>\", line 1, in <module>", "ModuleNotFoundError: No module named 'docker'"], "stdout": "", "stdout_lines": []}

PLAY RECAP **********************************************************************************************
localhost                  : ok=14   changed=0    unreachable=0    failed=1    skipped=9    rescued=0    ignored=0   

Kolla Ansible playbook(s) /home/kai/work/kolla/share/kolla-ansible/ansible/site.yml exited 2

手动安装docker和dbus-python。

(kolla) kai@kolla-allinone:~/work$ pip3 install docker

(kolla) kai@kolla-allinone:~/work$ pip3 install dbus-python

再次执行prechecks。

(kolla) kai@kolla-allinone:~/work$ kolla-ansible prechecks -i ./all-in-one

prechecks检查完成之后，部署openstack：

(kolla) kai@kolla-allinone:~/work$ kolla-ansible deploy -i ./all-in-one

使用

安装openstack cli客户端：

(kolla) kai@kolla-allinone:~/work$ pip install python-openstackclient -c https://releases.openstack.org/constraints/upper/master

生成admin用户的凭证文件clouds.yml：

(kolla) kai@kolla-allinone:~/work$ mkdir -p /etc/kolla/ansible/inventory/all-in-one 

(kolla) kai@kolla-allinone:~/work$ kolla-ansible post-deploy

拷贝到openstack中。

(kolla) kai@kolla-allinone:~/work$ sudo mkdir /etc/openstack
(kolla) kai@kolla-allinone:~/work$ 
(kolla) kai@kolla-allinone:~/work$ sudo cp /etc/kolla/clouds.yaml /etc/openstack/

至此，openstack已经可以使用。访问kolla_internal_vip_address设置的地址：192.168.5.223，即可登录horizon控制页面。

kolla-ansible提供了init-runonce脚本，生成示例的网络、cirros镜像等。

(kolla) kai@kolla-allinone:~/work$ ./kolla/share/kolla-ansible/init-runonce