High Availability OpenStack (Tutorial)

Topologi

Topologi Jaringan

Prasyarat

6 Node (3 controller+network, 3 compute+storage)
4 Network (management, provider, ceph public, ceph cluster)

1. Persiapan Lab sebelum masuk ke langkah-langkah inti

*Jalankan perintah dibawah pada setiap node
1) Update setiap VM

root@ar-os-controller1:~# apt update -y

2) Definisikan setiap alamat IP Node pada /etc/hosts

127.0.0.1 localhost
10.11.2.40 ar-os-controller1
10.11.2.41 ar-os-controller2
10.11.2.42 ar-os-controller3

10.11.2.43 ar-os-compute1
10.11.2.44 ar-os-compute2
10.11.2.45 ar-os-compute3

10.11.2.50 internal.rozaqi.lab # Pastikan IP tidak digunakan
10.11.2.51 external.rozaqi.lab # Pastikan IP tidak digunakan

3) Uji komunikasi dengan node lain

root@ar-os-controller1:~# ping -c1 <hosts>

4) Generate public key dan private key kemudian distribusikan pada node lain *Jalankan perintah dibawah pada node controller1/deployer

root@ar-os-controller1:~# ssh-keygen

root@ar-os-controller1:~# ssh-copy-id -i ~/.ssh/id_rsa.pub <hosts>

2. Instalasi Ceph menggunakan Ansible

*Jalankan perintah dibawah pada setiap node
1) Install pip3

root@ar-os-controller1:~# apt-get install python3-pip -y

2) Clone Repository ceph-ansible

root@ar-os-controller1:~# git clone https://github.com/ceph/ceph-ansible.git

3) Mengubah versi ceph-ansible menjadi versi octopus

root@ar-os-controller1:~# git checkout stable-5.0

4) Install dependensi ceph-ansible

root@ar-os-controller1:~# pip3 install -r requirements.txt

5) Salin file konfigurasi Ceph-Ansible

root@ar-os-controller1:~/ceph-ansible# cp site.yml.sample site.yml
root@ar-os-controller1:~/ceph-ansible/group_vars# cd group_vars/
root@ar-os-controller1:~/ceph-ansible/group_vars# cp all.yml.sample all.yml
root@ar-os-controller1:~/ceph-ansible/group_vars# cp mons.yml.sample mons.yml
root@ar-os-controller1:~/ceph-ansible/group_vars# cp osds.yml.sample osds.yml
root@ar-os-controller1:~/ceph-ansible/group_vars# cp mgrs.yml.sample mgrs.yml

6) Membuat konfigurasi all.yml dan disesuaikan dengan topologi

ntp_daemon_type: timesyncd  
ceph_origin: repository  
ceph_repository: community  
ceph_stable_release: octopus  
monitor_interface: ens5  
public_network: 10.11.11.0/24  
cluster_network: 10.50.50.0/24  
osd_objectstore: bluestore  
dashboard_enabled: True  
dashboard_admin_user: admin  
dashboard_admin_password: UYSM/6iI5+pQHJB0mAi3aASJYP87iKTFGsTirWTgfMM=  
grafana_admin_user: admin  
grafana_admin_password: UYSM/6iI5+pQHJB0mAi3aASJYP87iKTFGsTirWTgfMM=

pada bagian dashboard_admin_user dan grafana_admin_user bisa di generate dengan perintah openssl rand -base64
7) Membuat konfigurasi osds.yml untuk disk yang nantinya akan digunakan sebagai OSD

devices:
 - /dev/vdb
 - /dev/vdc
osd_auto_discovery: false

8) Tambahkan opsi inventory pada ansible.cfg

[defaults]   
inventory=hosts

9) Membuat ansible inventory untuk ceph

root@ar-os-controller1:~# nano hosts  

[mons]
ar-os-controller[1:3]

[mgrs]
ar-os-controller[1:3]

[osds]
ar-os-compute[1:3]

[grafana-server]
ar-os-controller[1:3]

10) Menguji koneksi host ceph-ansible

root@ar-os-controller1:~# ansible -m ping all

11) Jalankan site.yml playbook untuk deploy ceph

root@ar-os-controller1:~/ceph-ansible# ansible-playbook site.yml

Apabila sudah berhasil cek status ceph

12) Membuat pool openstack

root@ar-os-controller1:~# ceph osd pool create volumes
root@ar-os-controller1:~# ceph osd pool create images  
root@ar-os-controller1:~# ceph osd pool create backups
root@ar-os-controller1:~# ceph osd pool create vms

13) Set pool tersebut untuk rbd

root@ar-os-controller1:~# rbd pool init volumes
root@ar-os-controller1:~# rbd pool init images
root@ar-os-controller1:~# rbd pool init backups
root@ar-os-controller1:~# rbd pool init vms

14) Membuat keyring yang nantinya digunakan untuk autentikasi service openstack ke pool ceph

root@ar-os-controller1:~# ceph auth get-or-create client.glance mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=images' -o /etc/ceph/ceph.client.glance.keyring  
root@ar-os-controller1:~# ceph auth get-or-create client.cinder mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=volumes, allow rwx pool=images' -o /etc/ceph/ceph.client.cinder.keyring  
root@ar-os-controller1:~# ceph auth get-or-create client.nova mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=vms, allow rx pool=images' -o /etc/ceph/ceph.client.nova.keyring  
root@ar-os-controller1:~# ceph auth get-or-create client.cinder-backup mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=backups' -o /etc/ceph/ceph.client.cinder-backup.keyring

3. Instalasi OpenStack

1) Instalasi Dependensi yang dibutuhkan

root@ar-os-controller1:~# apt-get install python3-dev libffi-dev gcc libssl-dev python3-selinux python3-setuptools -y

2) Instalasi kolla-ansible versi 10.2.0

root@ar-os-controller1:~# pip3 install kolla-ansible==10.2.0

3) Membuat direcktory openstack (untuk tempat inventory)

root@ar-os-controller1:~# mkdir ~/openstack  
root@ar-os-controller1:~# cd ~/openstack

4) Salin konfigurasi kolla Globals.yaml dan password.yaml ke direktori kolla

root@ar-os-controller1:~# cp -r /usr/local/share/kolla-ansible/etc_examples/kolla/* /etc/kolla

5) Salin inventory ke direktori OpenStack

root@ar-os-controller1:~# cp /usr/local/share/kolla-ansible/ansible/inventory/* .

6) Membuat konfigurasi pada ansible.cfg

root@ar-os-controller1:~# mkdir /etc/ansible  
root@ar-os-controller1:~# nano /etc/ansible/ansible.cfg  

[defaults]  
host_key_checking=False  
pipelining=True  
forks=100  
interpreter_python=/usr/bin/python3

7) Membuat konfigurasi inventory multinode

root@ar-os-controller1:~/openstack# nano hosts

[control]  
ar-os-controller[1:3]  
[network]  
ar-os-controller[1:3]  
[compute]  
ar-os-compute[1:3]  
[monitoring]  
ar-os-controller[1:3]  
[storage]  
ar-os-controller[1:3]  
[deployment]  
localhost ansible_connection=local

8) Menguji koneksi host yang ada di multinode

root@ar-os-controller1:~# ansible -i multinode all -m ping

9) Akan ada beberapa password untuk service dan user yang dibuat oleh kolla selama instalasi. Generate password menggunakan perintah kolla-genpwd

root@ar-os-controller1:~# kolla-genpwd

10) Mengubah konfigurasi globals dan disesuaikan dengan topologi yang sudah dibuat

root@ar-os-controller1:~# nano /etc/kolla/globals.yml 

kolla_base_distro: "ubuntu"  
kolla_install_type: "source"  
openstack_release: "ussuri"  
kolla_internal_vip_address: "10.11.2.50"  
kolla_external_vip_address: "10.11.2.51"  
kolla_external_fqdn: "external.rozaqi.lab"  
network_interface: "ens3"  
neutron_external_interface: "ens4"  
neutron_plugin_agent: "ovn"  
kolla_enable_tls_internal: "yes"  
kolla_enable_tls_external: "yes"  
kolla_admin_openrc_cacert: "/etc/ssl/certs/ca-certificates.crt"  
kolla_copy_ca_into_containers: "yes"  
kolla_enable_tls_backend: "yes"  
openstack_cacert: "/etc/ssl/certs/ca-certificates.crt"  
enable_openstack_core: "yes"   
enable_cinder: "yes"  
enable_fluentd: "no"  
enable_neutron_provider_networks: "yes"  
ceph_glance_keyring: "ceph.client.glance.keyring"  
ceph_cinder_keyring: "ceph.client.cinder.keyring"  
ceph_cinder_backup_keyring: "ceph.client.cinder-backup.keyring"  
ceph_nova_keyring: "ceph.client.nova.keyring"  
glance_backend_ceph: "yes"  
cinder_backend_ceph: "yes"  
nova_backend_ceph: "yes"  
nova_compute_virt_type: "kvm"  
enable_docker_repo: false  
docker_apt_package: docker.io

11) Generate certificate yang nantinya akan digunakan untuk autentikasi TLS

root@ar-os-controller1:~/openstack kolla-ansible -i multinode certificates

12) Membuat direktori konfigurasi kolla-ansible

root@ar-os-controller1:~# mkdir /etc/kolla/config  
root@ar-os-controller1:~# mkdir /etc/kolla/config/nova  
root@ar-os-controller1:~# mkdir /etc/kolla/config/glance  
root@ar-os-controller1:~# mkdir -p /etc/kolla/config/cinder/cinder-volume  
root@ar-os-controller1:~# mkdir /etc/kolla/config/cinder/cinder-backup

13) Salin ceph.conf dan keyring ke direktori config pada kolla

root@ar-os-controller1:~# cp /etc/ceph/ceph.conf /etc/kolla/config/cinder/  
root@ar-os-controller1:~# cp /etc/ceph/ceph.conf /etc/kolla/config/nova/  
root@ar-os-controller1:~# cp /etc/ceph/ceph.conf /etc/kolla/config/glance/  
root@ar-os-controller1:~# cp /etc/ceph/ceph.client.glance.keyring /etc/kolla/config/glance/  
root@ar-os-controller1:~# cp /etc/ceph/ceph.client.nova.keyring /etc/kolla/config/nova/  
root@ar-os-controller1:~# cp /etc/ceph/ceph.client.cinder.keyring /etc/kolla/config/nova/  
root@ar-os-controller1:~# cp /etc/ceph/ceph.client.cinder.keyring /etc/kolla/config/cinder/cinder-volume/  
root@ar-os-controller1:~# cp /etc/ceph/ceph.client.cinder.keyring /etc/kolla/config/cinder/cinder-backup/  
root@ar-os-controller1:~# cp /etc/ceph/ceph.client.cinder-backup.keyring /etc/kolla/config/cinder/cinder-backup/

14) Setelah semuanya sudah dikonfigurasi, jalankan bootstrap node untuk menginstall semua prasyarat yang dibutuhkan

root@ar-os-controller1:~# kolla-ansible -i ./multinode bootstrap-servers

15) Sebelum deploy Openstack lakukan pemeriksaan untuk memastikan tidak ada error

root@ar-os-controller1:~# kolla-ansible -i ./multinode prechecks

16) Deploy Openstack

root@ar-os-controller1:~# kolla-ansible -i ./multinode deploy

17) Jalankan post-deploy untuk menghasilkan file konfigurasi yang berisikan kredensial untuk terhubung ke Openstack

root@ar-os-controller1:~# kolla-ansible -i ./multinode post-deploy

18) Tambahkan certificate yang sudah digenerate ke ca-certificates

root@ar-os-controller1:~# cat /etc/kolla/certificates/ca/root.crt | sudo tee -a /etc/ssl/certs/ca-certificates.crt

19) Instalasi python virtual environment

root@ar-os-controller1:~# apt install python3-venv

20) Membuat virtual environment dengan direktori osclient

root@ar-os-controller1:~# python3 -m venv osclient

21) Aktifkan virtual environment

root@ar-os-controller1:~# source osclient/bin/activate

22) Instalasi OpenStack client

root@ar-os-controller1:~# pip3 install python-openstackclient

Disini biasanya terjadi error, untuk solvenya dengan meng-upgrade versi pip dan kemudian coba ulangi lagi instalasi OpenStack client

root@ar-os-controller1:~# python -m pip install --upgrade pip

23) Inisialisasi kredensial untuk bisa mengakses OpenStack melalui CLI

root@ar-os-controller1:~# source /etc/kolla/admin-openrc.sh

24) Mengakses OpenStack dengan menampilkan tiap layanannya

root@ar-os-controller1:~# openstack service list
root@ar-os-controller1:~# openstack compute service list

Menampilkan layanan OpenStack

Menampilkan layanan compute OpenStack

High Availability OpenStack (Tutorial)

Table of contents

Topologi

Topologi Jaringan

Prasyarat

1. Persiapan Lab sebelum masuk ke langkah-langkah inti

2. Instalasi Ceph menggunakan Ansible

3. Instalasi OpenStack

Did you find this article valuable?

High Availability OpenStack (Tutorial)

.css-nhzlhj{margin-right:1.25rem;height:1.25rem;width:1.25rem;fill:currentColor;opacity:0.5;}.css-ria9xh{margin-right:1.25rem;height:1.25rem;width:1.25rem;fill:currentColor;opacity:0.5;}Table of contents

Topologi

Topologi Jaringan

Prasyarat

1. Persiapan Lab sebelum masuk ke langkah-langkah inti

2. Instalasi Ceph menggunakan Ansible

3. Instalasi OpenStack

Did you find this article valuable?

Table of contents