环境说明
题目要求：
1. 配置ansible无秘钥登录
2.创建角色目录
- (1)创建各个组件的roles
- (2)配置init角色
  - (2.1)openrc.sh.j2文件
  - (2.2)存放变量的文件
3.编写各个角色的playbook
4.编写引入文件
5.目录结构：
6.验证，执行
疑问？

环境说明

name	ip	备注
ansible	192.168.200.3	用来执行ansible的主机
controller	192.168.200.23	管理节点
compute	192.168.200.6	计算节点

题目要求：

使用OpenStack平台创建三台云主机进行实验，云主机镜像使用提供的CentOS_7.5_x86_64_XD.qcow2镜像，Ansible节点flavor使用2核/4G内存/40G硬盘；controller节点flavor使用4核/8G内存/100G硬盘；compute接点flavor使用4核/8G内存/100G硬盘+50G临时磁盘。节点规划表中的IP地址为作者的IP地址，在进行实操案例的时候，按照自己的环境规划网络与IP地址。Ansible节点安装好Ansible服务。然后做好Ansible节点对controller和compute节点的无秘钥访问操作。

1. 配置ansible无秘钥登录

配置Ansible节点无秘钥登录controller和compute节点。配置完无秘钥登录后，使用Ansible节点ssh连接测试。（若云主机已是无秘钥访问的，则不用配置无秘钥）

在ansible的工作目录下/root/openstack（默认情况是/etc/ansible）下设置：

[root@ansible openstack]# cat  ansible.cfg 
[defaults]
inventory  = /root/openstack/hosts
remote_user = root
host_key_checking = False
[root@ansible openstack]# cat hosts 
[controller]
controller ansible_user=root ansible_ssh_pass=000000
[compute]
compute    ansible_user=root ansible_ssh_pass=000000

2.创建角色目录

安装好ansible在工作目录下创建roles目录并进入

(1)创建各个组件的roles

[root@ansible roles]# ansible-galaxy init init                                #此文件用来初始化
[root@ansible roles]# ansible-galaxy init mysql
[root@ansible roles]# ansible-galaxy init keystone
[root@ansible roles]# ansible-galaxy init glance
[root@ansible roles]# ansible-galaxy init nova-controller
[root@ansible roles]# ansible-galaxy init nova-compute
[root@ansible roles]# ansible-galaxy init neutron-controller
[root@ansible roles]# ansible-galaxy init neutron-compute
[root@ansible roles]# ansible-galaxy init cinder-controller
[root@ansible roles]# ansible-galaxy init cinder-compute
[root@ansible roles]# ansible-galaxy init swift-controller
[root@ansible roles]# ansible-galaxy init swift-compute
[root@ansible roles]# ansible-galaxy init dashboard
[root@ansible roles]# ansible-galaxy init

(2)配置init角色

init角色是关键的一环要谨慎，进入init这个角色进行添加所需的模板文件和repo文件
下面这个文件是作为模板文件里面的值作为变量然后在group_vars内的all文件赋值

[root@ansible init]# ls
defaults  files  handlers  meta  README.md  tasks  templates  tests  vars
[root@ansible init]# ls templates/                                    #将这个模板文件存放在这里并改为j2
openrc.sh.j2

(2.1)openrc.sh.j2文件

# vi  openrc.sh.j2
#--------------------system Config--------------------##
 #Controller Server Manager IP. example:x.x.x.x
 HOST_IP={{controller_ip}}
 #Controller HOST Password. example:000000
 HOST_PASS={{password}}
 #Controller Server hostname. example:controller
 HOST_NAME={{controller_name}}
 #Compute Node Manager IP. example:x.x.x.x
 HOST_IP_NODE={{compute_ip}}
 #Compute HOST Password. example:000000
 HOST_PASS_NODE={{password}}
 #Compute Node hostname. example:compute
 HOST_NAME_NODE={{compute_name}}
 #--------------------Chrony Config-------------------##
 #Controller network segment IP.  example:x.x.0.0/16(x.x.x.0/24)
 network_segment_IP={{network_segment_ip}}/24
 #--------------------Rabbit Config ------------------##
 #user for rabbit. example:openstack
 RABBIT_USER=openstack
 #Password for rabbit user .example:000000
 RABBIT_PASS={{password}}
 #--------------------MySQL Config---------------------##
 #Password for MySQL root user . exmaple:000000
 DB_PASS={{password}}
 #--------------------Keystone Config------------------##
 #Password for Keystore admin user. exmaple:000000
 DOMAIN_NAME=demo
 ADMIN_PASS={{password}}
 DEMO_PASS={{password}}
 #Password for Mysql keystore user. exmaple:000000
 KEYSTONE_DBPASS={{password}}
 #--------------------Glance Config--------------------##
 #Password for Mysql glance user. exmaple:000000
 GLANCE_DBPASS={{password}}
 #Password for Keystore glance user. exmaple:000000
 GLANCE_PASS={{password}}
 #--------------------Nova Config----------------------##
 #Password for Mysql nova user. exmaple:000000
 NOVA_DBPASS={{password}}
 #Password for Keystore nova user. exmaple:000000
 NOVA_PASS={{password}}
 #--------------------Neturon Config-------------------##
 #Password for Mysql neutron user. exmaple:000000
 NEUTRON_DBPASS={{password}}
 #Password for Keystore neutron user. exmaple:000000
 NEUTRON_PASS={{password}}
 #metadata secret for neutron. exmaple:000000
 METADATA_SECRET={{password}}
 #Tunnel Network Interface. example:x.x.x.x
 #INTERFACE_IP=
 {% if ansible_fqdn == "controller" %}
 INTERFACE_IP={{controller_ip}}
 {% elif ansible_fqdn == "compute" %}
 INTERFACE_IP={{compute_ip}}
 {% endif %}
 #External Network Interface. example:eth1
 INTERFACE_NAME={{external_network}}
 #External Network The Physical Adapter. example:provider
 Physical_NAME={{physical_name}}
 #First Vlan ID in VLAN RANGE for VLAN Network. exmaple:101
 minvlan=2
 #Last Vlan ID in VLAN RANGE for VLAN Network. example:200
 maxvlan=200
 #--------------------Cinder Config--------------------##
 #Password for Mysql cinder user. exmaple:000000
 CINDER_DBPASS={{password}}
 #Password for Keystore cinder user. exmaple:000000
 CINDER_PASS={{password}}
 #Cinder Block Disk. example:md126p3
 BLOCK_DISK={{cider_name}}
 #--------------------Swift Config---------------------##
 #Password for Keystore swift user. exmaple:000000
 SWIFT_PASS={{password}}
 #The NODE Object Disk for Swift. example:md126p4.
 OBJECT_DISK={{swift_name}}
 #The NODE IP for Swift Storage Network. example:x.x.x.x.
 STORAGE_LOCAL_NET_IP={{storage_local_net_ip}}
 #--------------------Heat Config----------------------##
 #Password for Mysql heat user. exmaple:000000
 HEAT_DBPASS={{password}}
 #Password for Keystore heat user. exmaple:000000
 HEAT_PASS={{password}}
 #--------------------Zun Config-----------------------##
 #Password for Mysql Zun user. exmaple:000000
 ZUN_DBPASS={{password}}
 #Password for Keystore Zun user. exmaple:000000
 ZUN_PASS={{password}}
 #Password for Mysql Kuryr user. exmaple:000000
 KURYR_DBPASS={{password}}
 #Password for Keystore Kuryr user. exmaple:000000
 KURYR_PASS={{password}}
 #--------------------Ceilometer Config----------------##
 #Password for Gnocchi ceilometer user. exmaple:000000
 CEILOMETER_DBPASS={{password}}
 #Password for Keystore ceilometer user. exmaple:000000
 CEILOMETER_PASS={{password}}
 #--------------------AODH Config----------------##
 #Password for Mysql AODH user. exmaple:000000
 AODH_DBPASS={{password}}
 #Password for Keystore AODH user. exmaple:000000
 AODH_PASS={{password}}
 #--------------------Barbican Config----------------##
 #Password for Mysql Barbican user. exmaple:000000
 BARBICAN_DBPASS={{password}}
 #Password for Keystore Barbican user. exmaple:000000
 BARBICAN_PASS={{password}}

(2.2)存放变量的文件

[root@ansible openstack]# cd group_vars/
[root@ansible group_vars]# cat all 
controller_ip: 192.168.200.23
controller_name: controller
compute_ip: 192.168.200.6
compute_name: compute
password: '000000'
cider_name: vda1 
swift_name: vdb
network_segment_ip: 192.168.200.0
external_network: eth1
physical_name: provider
storage_local_net_ip: 192.168.200.3

3.编写各个角色的playbook

(3.1)init的main文件

[root@ansible roles]# cd init/tasks/
[root@ansible tasks]# cat main.yml 
- name: remote old repo
  shell: 'rm -rf /etc/yum.repos.d/*'
- name: add new repo
  copy: src=/root/xiandian.repo dest=/etc/yum.repos.d/
- name: yum install iaas-xiandian
  yum: name=iaas-xiandian
- name: template openrc.sh
  template: src=openrc.sh.j2 dest=/etc/xiandian/openrc.sh
- name: install iaas-pre-host.sh
  shell: iaas-pre-host.sh

(3.2)glance的main文件

[root@ansible roles]# cd glance/tasks/
[root@ansible tasks]# cat main.yml 
- name: install glance
  shell: iaas-install-glance.sh

(3.3)mysql的main文件

[root@ansible roles]# cd mariadb/tasks/
[root@ansible tasks]# cat main.yml 
- name: install mariadb
  shell: iaas-install-mysql.sh

(3.4)keystone的main文件

root@ansible roles]# cd keyston/tasks/
[root@ansible tasks]# cat main.yml 
- name: install keystone
  shell: iaas-install-keystone.sh

(3.5)nova的main文件

[root@ansible roles]# cat nova-controller/tasks/main.yml 
- name: install nova-controller
  shell: iaas-install-nova-controller.sh  
[root@ansible roles]# cat nova-compute/tasks/main.yml 
- name: install nova-compute
  shell: iaas-install-nova-compute.sh

(3.6)neutron的main文件

[root@ansible roles]# cat neutron-controller/tasks/main.yml 
- name: install neutron-controller
  shell: iaas-install-neutron-controller.sh
[root@ansible roles]# cat neutron-compute/tasks/main.yml 
- name: install neutron-compute
  shell: iaas-install-neutron-compute.sh

(3.7)cinder的main文件

[root@ansible roles]# cat cinder-controller/tasks/main.yml 
- name:  install cinder-controller
  shell: iaas-install-cinder-controller.sh  
[root@ansible roles]# cat cinder-compute/tasks/main.yml 
- name: install cinder-compute
  shell: iaas-install-cinder-compute.sh

(3.8)swift的main文件

[root@ansible roles]# cat swift-controller/tasks/main.yml 
- name: install swift-controller
  shell: iaas-install-swift-controller.sh
[root@ansible roles]# cat swift-compute/tasks/main.yml 
- name: install swift-compute
  shell: iaas-install-swift-compute.sh

(3.9)heat的main文件

[root@ansible roles]# cat heat/tasks/main.yml 
- name: instal heat
  shell: iaas-install-heat.sh

(3.10)dashboard的main文件

[root@ansible roles]# cat dashboard/tasks/main.yml 
- name: install dashboard
  shell: iaas-install-dashboard.sh

4.编写引入文件

[root@ansible openstack]# ll
total 12
-rw-r--r--  1 root root  95 Nov 11 00:13 ansible.cfg
drwxr-xr-x  2 root root  17 Nov 10 23:44 group_vars
-rw-r--r--  1 root root 129 Nov 10 21:18 hosts
-rw-r--r--  1 root root 337 Nov 11 01:05 install_openstack.yml
drwxr-xr-x 16 root root 275 Nov 10 21:14 roles
[root@ansible openstack]# cat  install_openstack.yml 
---
- hosts: controller
  remote_user: root
  roles: 
  - init
  - mariadb
  - keyston
  - glance
  - nova-controller
  - neutron-controller
  - dashboard
  - cinder-controller
  - swift-controller
  - heat
- hosts: compute
  remote_user: root
  roles:
  - init
  - nova-compute
  - neutron-compute
  - cinder-compute

5.目录结构：

最终的目录结构为这样：

[root@ansible openstack]# tree 
.
├── ansible.cfg
├── group_vars
│   └── all
├── hosts
├── install_openstack.yml
└── roles                                                                                        #下面的目录我删除了一些不然太长了
    ├── cinder-compute
    │   ├── defaults
    │   │   └── main.yml
    │   └── vars
    │       └── main.yml
    ├── cinder-controller
    │   ├── default
    │       └── main.yml
    ├── dashboard
    │   ├── defaults
    │   └── vars
    │       └── main.yml
    ├── glance
    │   ├── defaults
    │   │   └── main.yml
    │   └── vars
    │       └── main.yml
    ├── heat
    │   ├── defaults
    │   │   └── main.yml
    │   └── vars
    │       └── main.yml
    ├── init
    │   ├── defaults
    │       └── main.yml
    ├── keyston
    │   ├── defaults
    │       └── main.yml
    ├── mariadb
    │   ├── defaults
    │       └── main.yml
    ├── neutron-compute
    │   ├── defaults
    │       └── main.yml
    ├── neutron-controller
    │   ├── defaults
    │       └── main.yml
    ├── nova-compute
    │   ├── defaults
    │       └── main.yml
    ├── nova-controller
    │   ├── defaults
    │       └── main.yml
    ├── swift-compute
    │   ├── defaults
    │       └── main.yml
    └── swift-controller
        ├── defaults
        │   └── main.yml
            └── main.yml

6.验证，执行

[root@ansible openstack]# ansible-playbook --syntax-check install_openstack.yml   #验证
[WARNING]: Found both group and host with same name: controller
[WARNING]: Found both group and host with same name: compute
playbook: install_openstack.yml
[root@ansible openstack]# ansible-playbook install_openstack.yml           #执行

…………………….
……………………………..
……………………………………其实我没做出来

疑问？

主机第二块网卡
compute的磁盘
在init这个角色内运行iaas-pre-host.sh 这个脚本后重启问题

learing space

ansible搭建openstack平台