Topologi
Topologi Jaringan
Prasyarat
6 Node (3 controller+network, 3 compute+storage)
4 Network (management, provider, ceph public, ceph cluster)
1. Persiapan Lab sebelum masuk ke langkah-langkah inti
*Jalankan perintah dibawah pada setiap node
1) Update setiap VM
root@ar-os-controller1:~# apt update -y
2) Definisikan setiap alamat IP Node pada /etc/hosts
127.0.0.1 localhost
10.11.2.40 ar-os-controller1
10.11.2.41 ar-os-controller2
10.11.2.42 ar-os-controller3
10.11.2.43 ar-os-compute1
10.11.2.44 ar-os-compute2
10.11.2.45 ar-os-compute3
10.11.2.50 internal.rozaqi.lab # Pastikan IP tidak digunakan
10.11.2.51 external.rozaqi.lab # Pastikan IP tidak digunakan
3) Uji komunikasi dengan node lain
root@ar-os-controller1:~# ping -c1 <hosts>
4) Generate public key dan private key kemudian distribusikan pada node lain *Jalankan perintah dibawah pada node controller1/deployer
root@ar-os-controller1:~# ssh-keygen
root@ar-os-controller1:~# ssh-copy-id -i ~/.ssh/id_rsa.pub <hosts>
2. Instalasi Ceph menggunakan Ansible
*Jalankan perintah dibawah pada setiap node
1) Install pip3
root@ar-os-controller1:~# apt-get install python3-pip -y
2) Clone Repository ceph-ansible
root@ar-os-controller1:~# git clone https://github.com/ceph/ceph-ansible.git
3) Mengubah versi ceph-ansible menjadi versi octopus
root@ar-os-controller1:~# git checkout stable-5.0
4) Install dependensi ceph-ansible
root@ar-os-controller1:~# pip3 install -r requirements.txt
5) Salin file konfigurasi Ceph-Ansible
root@ar-os-controller1:~/ceph-ansible# cp site.yml.sample site.yml
root@ar-os-controller1:~/ceph-ansible/group_vars# cd group_vars/
root@ar-os-controller1:~/ceph-ansible/group_vars# cp all.yml.sample all.yml
root@ar-os-controller1:~/ceph-ansible/group_vars# cp mons.yml.sample mons.yml
root@ar-os-controller1:~/ceph-ansible/group_vars# cp osds.yml.sample osds.yml
root@ar-os-controller1:~/ceph-ansible/group_vars# cp mgrs.yml.sample mgrs.yml
6) Membuat konfigurasi all.yml dan disesuaikan dengan topologi
ntp_daemon_type: timesyncd
ceph_origin: repository
ceph_repository: community
ceph_stable_release: octopus
monitor_interface: ens5
public_network: 10.11.11.0/24
cluster_network: 10.50.50.0/24
osd_objectstore: bluestore
dashboard_enabled: True
dashboard_admin_user: admin
dashboard_admin_password: UYSM/6iI5+pQHJB0mAi3aASJYP87iKTFGsTirWTgfMM=
grafana_admin_user: admin
grafana_admin_password: UYSM/6iI5+pQHJB0mAi3aASJYP87iKTFGsTirWTgfMM=
pada bagian dashboard_admin_user dan grafana_admin_user bisa di generate dengan perintah openssl rand -base64
7) Membuat konfigurasi osds.yml untuk disk yang nantinya akan digunakan sebagai OSD
devices:
- /dev/vdb
- /dev/vdc
osd_auto_discovery: false
8) Tambahkan opsi inventory pada ansible.cfg
[defaults]
inventory=hosts
9) Membuat ansible inventory untuk ceph
root@ar-os-controller1:~# nano hosts
[mons]
ar-os-controller[1:3]
[mgrs]
ar-os-controller[1:3]
[osds]
ar-os-compute[1:3]
[grafana-server]
ar-os-controller[1:3]
10) Menguji koneksi host ceph-ansible
root@ar-os-controller1:~# ansible -m ping all
11) Jalankan site.yml playbook untuk deploy ceph
root@ar-os-controller1:~/ceph-ansible# ansible-playbook site.yml
Apabila sudah berhasil cek status ceph
12) Membuat pool openstack
root@ar-os-controller1:~# ceph osd pool create volumes
root@ar-os-controller1:~# ceph osd pool create images
root@ar-os-controller1:~# ceph osd pool create backups
root@ar-os-controller1:~# ceph osd pool create vms
13) Set pool tersebut untuk rbd
root@ar-os-controller1:~# rbd pool init volumes
root@ar-os-controller1:~# rbd pool init images
root@ar-os-controller1:~# rbd pool init backups
root@ar-os-controller1:~# rbd pool init vms
14) Membuat keyring yang nantinya digunakan untuk autentikasi service openstack ke pool ceph
root@ar-os-controller1:~# ceph auth get-or-create client.glance mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=images' -o /etc/ceph/ceph.client.glance.keyring
root@ar-os-controller1:~# ceph auth get-or-create client.cinder mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=volumes, allow rwx pool=images' -o /etc/ceph/ceph.client.cinder.keyring
root@ar-os-controller1:~# ceph auth get-or-create client.nova mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=vms, allow rx pool=images' -o /etc/ceph/ceph.client.nova.keyring
root@ar-os-controller1:~# ceph auth get-or-create client.cinder-backup mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=backups' -o /etc/ceph/ceph.client.cinder-backup.keyring
3. Instalasi OpenStack
1) Instalasi Dependensi yang dibutuhkan
root@ar-os-controller1:~# apt-get install python3-dev libffi-dev gcc libssl-dev python3-selinux python3-setuptools -y
2) Instalasi kolla-ansible versi 10.2.0
root@ar-os-controller1:~# pip3 install kolla-ansible==10.2.0
3) Membuat direcktory openstack (untuk tempat inventory)
root@ar-os-controller1:~# mkdir ~/openstack
root@ar-os-controller1:~# cd ~/openstack
4) Salin konfigurasi kolla Globals.yaml dan password.yaml ke direktori kolla
root@ar-os-controller1:~# cp -r /usr/local/share/kolla-ansible/etc_examples/kolla/* /etc/kolla
5) Salin inventory ke direktori OpenStack
root@ar-os-controller1:~# cp /usr/local/share/kolla-ansible/ansible/inventory/* .
6) Membuat konfigurasi pada ansible.cfg
root@ar-os-controller1:~# mkdir /etc/ansible
root@ar-os-controller1:~# nano /etc/ansible/ansible.cfg
[defaults]
host_key_checking=False
pipelining=True
forks=100
interpreter_python=/usr/bin/python3
7) Membuat konfigurasi inventory multinode
root@ar-os-controller1:~/openstack# nano hosts
[control]
ar-os-controller[1:3]
[network]
ar-os-controller[1:3]
[compute]
ar-os-compute[1:3]
[monitoring]
ar-os-controller[1:3]
[storage]
ar-os-controller[1:3]
[deployment]
localhost ansible_connection=local
8) Menguji koneksi host yang ada di multinode
root@ar-os-controller1:~# ansible -i multinode all -m ping
9) Akan ada beberapa password untuk service dan user yang dibuat oleh kolla selama instalasi. Generate password menggunakan perintah kolla-genpwd
root@ar-os-controller1:~# kolla-genpwd
10) Mengubah konfigurasi globals dan disesuaikan dengan topologi yang sudah dibuat
root@ar-os-controller1:~# nano /etc/kolla/globals.yml
kolla_base_distro: "ubuntu"
kolla_install_type: "source"
openstack_release: "ussuri"
kolla_internal_vip_address: "10.11.2.50"
kolla_external_vip_address: "10.11.2.51"
kolla_external_fqdn: "external.rozaqi.lab"
network_interface: "ens3"
neutron_external_interface: "ens4"
neutron_plugin_agent: "ovn"
kolla_enable_tls_internal: "yes"
kolla_enable_tls_external: "yes"
kolla_admin_openrc_cacert: "/etc/ssl/certs/ca-certificates.crt"
kolla_copy_ca_into_containers: "yes"
kolla_enable_tls_backend: "yes"
openstack_cacert: "/etc/ssl/certs/ca-certificates.crt"
enable_openstack_core: "yes"
enable_cinder: "yes"
enable_fluentd: "no"
enable_neutron_provider_networks: "yes"
ceph_glance_keyring: "ceph.client.glance.keyring"
ceph_cinder_keyring: "ceph.client.cinder.keyring"
ceph_cinder_backup_keyring: "ceph.client.cinder-backup.keyring"
ceph_nova_keyring: "ceph.client.nova.keyring"
glance_backend_ceph: "yes"
cinder_backend_ceph: "yes"
nova_backend_ceph: "yes"
nova_compute_virt_type: "kvm"
enable_docker_repo: false
docker_apt_package: docker.io
11) Generate certificate yang nantinya akan digunakan untuk autentikasi TLS
root@ar-os-controller1:~/openstack kolla-ansible -i multinode certificates
12) Membuat direktori konfigurasi kolla-ansible
root@ar-os-controller1:~# mkdir /etc/kolla/config
root@ar-os-controller1:~# mkdir /etc/kolla/config/nova
root@ar-os-controller1:~# mkdir /etc/kolla/config/glance
root@ar-os-controller1:~# mkdir -p /etc/kolla/config/cinder/cinder-volume
root@ar-os-controller1:~# mkdir /etc/kolla/config/cinder/cinder-backup
13) Salin ceph.conf dan keyring ke direktori config pada kolla
root@ar-os-controller1:~# cp /etc/ceph/ceph.conf /etc/kolla/config/cinder/
root@ar-os-controller1:~# cp /etc/ceph/ceph.conf /etc/kolla/config/nova/
root@ar-os-controller1:~# cp /etc/ceph/ceph.conf /etc/kolla/config/glance/
root@ar-os-controller1:~# cp /etc/ceph/ceph.client.glance.keyring /etc/kolla/config/glance/
root@ar-os-controller1:~# cp /etc/ceph/ceph.client.nova.keyring /etc/kolla/config/nova/
root@ar-os-controller1:~# cp /etc/ceph/ceph.client.cinder.keyring /etc/kolla/config/nova/
root@ar-os-controller1:~# cp /etc/ceph/ceph.client.cinder.keyring /etc/kolla/config/cinder/cinder-volume/
root@ar-os-controller1:~# cp /etc/ceph/ceph.client.cinder.keyring /etc/kolla/config/cinder/cinder-backup/
root@ar-os-controller1:~# cp /etc/ceph/ceph.client.cinder-backup.keyring /etc/kolla/config/cinder/cinder-backup/
14) Setelah semuanya sudah dikonfigurasi, jalankan bootstrap node untuk menginstall semua prasyarat yang dibutuhkan
root@ar-os-controller1:~# kolla-ansible -i ./multinode bootstrap-servers
15) Sebelum deploy Openstack lakukan pemeriksaan untuk memastikan tidak ada error
root@ar-os-controller1:~# kolla-ansible -i ./multinode prechecks
16) Deploy Openstack
root@ar-os-controller1:~# kolla-ansible -i ./multinode deploy
17) Jalankan post-deploy untuk menghasilkan file konfigurasi yang berisikan kredensial untuk terhubung ke Openstack
root@ar-os-controller1:~# kolla-ansible -i ./multinode post-deploy
18) Tambahkan certificate yang sudah digenerate ke ca-certificates
root@ar-os-controller1:~# cat /etc/kolla/certificates/ca/root.crt | sudo tee -a /etc/ssl/certs/ca-certificates.crt
19) Instalasi python virtual environment
root@ar-os-controller1:~# apt install python3-venv
20) Membuat virtual environment dengan direktori osclient
root@ar-os-controller1:~# python3 -m venv osclient
21) Aktifkan virtual environment
root@ar-os-controller1:~# source osclient/bin/activate
22) Instalasi OpenStack client
root@ar-os-controller1:~# pip3 install python-openstackclient
Disini biasanya terjadi error, untuk solvenya dengan meng-upgrade versi pip dan kemudian coba ulangi lagi instalasi OpenStack client
root@ar-os-controller1:~# python -m pip install --upgrade pip
23) Inisialisasi kredensial untuk bisa mengakses OpenStack melalui CLI
root@ar-os-controller1:~# source /etc/kolla/admin-openrc.sh
24) Mengakses OpenStack dengan menampilkan tiap layanannya
root@ar-os-controller1:~# openstack service list
root@ar-os-controller1:~# openstack compute service list
Menampilkan layanan OpenStack
Menampilkan layanan compute OpenStack
Did you find this article valuable?
Support Abdul Rozaqi W by becoming a sponsor. Any amount is appreciated!