Table of contents
In this article I will show you how to deploy OpenStack all-in-one using kolla-ansible. The meaning of all-in-one is that all OpenStack components that are usually divided into 2, namely the controller node and compute node will be deployed on single node, this is suitable for local testing. I use Kolla-Ansible to perform automatic deployment with the provided Ansible playbook, Kolla-Ansible will deploy the OpenStack components in the container so that there is no dependency conflict.
So, let's get started…
Environment
| Hostname | at-openstack-aio |
| Operating System | Ubuntu 22.04 (Jammy) |
| vCPU | 8 |
| Memory | 12 GB |
| Disk 1 | 40 GB |
| Disk 2 | 40 GB |
| Internal Network | 10.10.11.0/24 |
| Internal IP Address | 10.10.11.11 |
| Provider Network | 10.10.12.0/24 |
OpenStack Deployment
- Update package
apt-get update
- Install python build dependencies
apt-get install git python3-dev libffi-dev gcc libssl-dev python3-selinux python3-setuptools libglib2.0-dev libdbus-1-dev
- Install virtual environment
apt-get install python3-venv
- Create virtual environment
python3 -m venv os-venv
source os-venv/bin/activate
- Install latest version pip
pip install -U pip
- Install and configure ansible
pip install 'ansible-core>=2.15,<2.16.99'
mkdir -p /etc/ansible
nano /etc/ansible/ansible.cfg
---
[defaults]
host_key_checking=False
pipelining=True
forks=100
- Install kolla-ansible
pip install git+https://opendev.org/openstack/kolla-ansible@stable/2024.1
- Create kolla directory
mkdir -p /etc/kolla
chown $USER:$USER /etc/kolla
- Copy kolla configuration example
cp -r os-venv/share/kolla-ansible/etc_examples/kolla/* /etc/kolla/
- Copy all-in-one inventory
cp os-venv/share/kolla-ansible/ansible/inventory/all-in-one .
- Install ansible galaxy dependencies
kolla-ansible install-deps
- Generate kolla password
kolla-genpwd
- Configure kolla main configuration
nano /etc/kolla/globals.yml
---
## BASE
kolla_base_distro: "ubuntu"
kolla_install_type: "source"
openstack_release: "2024.1"
## NETWORK
kolla_internal_vip_address: "10.10.11.100"
kolla_internal_fqdn: "internal.at.lab"
kolla_external_vip_address: "10.10.11.200"
kolla_external_fqdn: "public.at.lab"
network_interface: "ens3"
neutron_external_interface: "ens4"
enable_openstack_core: "yes"
enable_haproxy: "yes"
neutron_plugin_agent: "ovn"
enable_neutron_provider_networks: "yes"
## SERVICE
enable_cinder: "yes"
enable_cinder_backend_lvm: "yes"
enable_cinder_backup: "no"
cinder_volume_group: "cinder-volumes"
## TLS
kolla_enable_tls_internal: "yes"
kolla_enable_tls_external: "yes"
kolla_copy_ca_into_containers: "yes"
kolla_enable_tls_backend: "yes"
openstack_cacert: "/etc/ssl/certs/ca-certificates.crt"
kolla_admin_openrc_cacert: "/etc/ssl/certs/ca-certificates.crt"
workaround_ansible_issue_8743: yes
- Create volume group cinder
pvcreate /dev/vdb
vgcreate cinder-volumes /dev/vdb
vgs
- Mapping hosts
nano /etc/hosts
---
10.10.11.100 internal.at.lab
10.10.11.200 public.at.lab
- Test ping
ansible -i ./all-in-one all -m ping
- Generate and trust cert
kolla-ansible -i ./all-in-one certificates
cat /etc/kolla/certificates/ca/root.crt >> /etc/ssl/certs/ca-certificates.crt
- Bootstrap servers
kolla-ansible -i ./all-in-one bootstrap-servers
- Pre-deployment check
kolla-ansible -i ./all-in-one prechecks
If you get the error
“ModuleNotFoundError: No module named ‘docker’, you can define ansible_python_interpreter to use python venv in inventory, since docker python installed on venv.
nano all-in-one
---
[deployment]
localhost ansible_connection=local ansible_python_interpreter=/root/os-venv/bin/python
# run again
kolla-ansible -i ./all-in-one prechecks
- Openstack deployment
kolla-ansible -i ./all-in-one deploy
- Generate credentials for admin
kolla-ansible -i ./all-in-one post-deploy
Operational Test
- Install openstack client
pip install python-openstackclient -c https://releases.openstack.org/constraints/upper/2024.1
- Openstack verification
source /etc/kolla/admin-openrc.sh
openstack endpoint list
openstack network agent list
openstack compute service list
openstack volume service list
- Container verification
docker ps -a
- Openstack operational test
# Internal Network
openstack network create internal-net
openstack subnet create --subnet-range 10.0.0.0/24 --network internal-net --gateway 10.0.0.1 --dns-nameserver 8.8.8.8 internal-subnet
# Public Network
openstack network create --share --external --provider-physical-network physnet1 --provider-network-type flat public-net
openstack subnet create --no-dhcp --allocation-pool 'start=10.10.12.2,end=10.10.12.250' --network public-net --subnet-range 10.10.12.0/24 --gateway 10.10.12.1 public-subnet
# Router
openstack router create public-router
openstack router add subnet public-router internal-subnet
openstack router set --external-gateway public-net public-router
# Image
wget http://download.cirros-cloud.net/0.5.2/cirros-0.5.2-x86_64-disk.img
openstack image create --disk-format qcow2 \
--container-format bare --public \
--file ./cirros-0.5.2-x86_64-disk.img cirros-0.5.2-image
# Keypair
openstack keypair create --public-key /root/.ssh/id_rsa.pub at-openstack-aio-key
# Security Group
openstack security group create allow-all
openstack security group rule create --ingress --ethertype IPv4 --protocol icmp allow-all
openstack security group rule create --ingress --ethertype IPv4 --protocol tcp --dst-port 22 allow-all
openstack security group rule create --ingress --ethertype IPv4 --protocol tcp --dst-port 1:65535 allow-all
openstack security group rule create --ingress --ethertype IPv4 --protocol udp --dst-port 1:65535 allow-all
# Flavor
openstack flavor create --id 1 --ram 1024 --disk 10 --vcpus 1 tiny
# Instance
openstack server create --image cirros-0.5.2-image --flavor tiny --key-name at-openstack-aio-key --network internal-net --security-group allow-all vm-cirros
openstack floating ip create --floating-ip-address 10.10.12.30 public-net
openstack server add floating ip vm-cirros 10.10.12.30
openstack server list
ssh -o 'PubkeyAcceptedKeyTypes +ssh-rsa' cirros@10.10.12.30
