概要

apt使用本地源,pip使用本地源

网络环境

物理机环境

网络名 网络地址 VLAN
br-ex 192.168.200.250/24 90
br-mgmt 92.0.0.100/24 92

ansible控制主机配置

主机类型 操作系统 配置 角色
KVM虚拟机 ubuntu 16.04 TLS server 内存:2GB 磁盘:30GB 网卡:ens3(br-ex) ens4(br-mgmt) deploy

| 网络名 | 网络地址 | VLAN | IP |

| ------------ | ------------ | ------------ |

| 管理网络 | 172.29.236.0/22 | 10 | 172.29.236.10/22 |

| 内网网络 | 172.29.248.0/22 | 10 | 172.29.248.10/22 |

| 外网 | 192.168.200.0/24 | - | 192.168.200.13/24 |

  • 网络配置
# vim /etc/network/interfaces

source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback auto ens3
iface ens3 inet static
address 192.168.200.10
netmask 255.255.255.0
gateway 192.168.200.1
dns-nameserver 114.114.114.114 auto ens4
iface ens4 inet manual auto ens4.10
iface ens4.10 inet manual
vlan-raw-device ens4 auto br-mgmt
iface br-mgmt inet static
address 172.29.236.10
netmask 255.255.252.0
bridge_ports ens4.10 auto br-vlan
iface br-vlan inet static
address 172.29.248.10
netmask 255.255.252.0
bridge_ports ens4
  • 设置阿里源
# vim sources.list
deb http://mirrors.aliyun.com/ubuntu/ xenial main restricted
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted
deb http://mirrors.aliyun.com/ubuntu/ xenial universe
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates universe
deb http://mirrors.aliyun.com/ubuntu/ xenial multiverse
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates multiverse
deb http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted
deb http://mirrors.aliyun.com/ubuntu/ xenial-security universe
deb http://mirrors.aliyun.com/ubuntu/ xenial-security multiverse # apt-get install aptitude build-essential git ntp ntpdate openssh-server python python-dev sudo debootstrap bridge-utils vlan lxc
# reboot
  • 安装openstack-ansible
# git clone -b 14.1.0 https://git.openstack.org/openstack/openstack-ansible /opt/openstack-ansible
# cd /opt/openstack-ansible
### 编辑脚本修改export ANSIBLE_PACKAGE="ansible==2.1.4"
# vim scripts/bootstrap-ansible.sh
# scripts/bootstrap-ansible.sh
# ssh-keygen -t rsa
# cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
# chmod 600 /root/.ssh/authorized_keys
  • 设置配置文件
# cp -r /opt/openstack-ansible/etc/openstack_deploy/  /etc/

### 生成openstack服务配置文件
# cp /etc/openstack_deploy/openstack_user_config.yml.test.example /etc/openstack_deploy/openstack_user_config.yml
# sed -i -e "s/host_bind_override: \"eth12\"/host_bind_override: \"ens3\"/g" /etc/openstack_deploy/openstack_user_config.yml
# sed -i -e "s/external_lb_vip_address:.*/external_lb_vip_address: 192\.168\.200\.11/g" /etc/openstack_deploy/openstack_user_config.yml ### 用户自定义配置文件
# vim /etc/openstack_deploy/user_variables.yml
openstack_service_publicuri_proto: http ### 使用apt下载rabbitmq-server软件包
rabbitmq_install_method: "distro" ### 使用apt下载Perconah和Qpress软件包
use_percona_upstream: true
galera_server_percona_distro_packages:
- qpress
- percona-xtrabackup-22 ### 自动生成密码配置文件
# python /opt/openstack-ansible/scripts/pw-token-gen.py --file /etc/openstack_deploy/user_secrets.yml
  • GIT缓存制作
### 用户自定义配置文件
# vim /etc/openstack_deploy/user_variables.yml
repo_build_git_cache: /opt/git/openstack/ ### 脚本详见问题处理---"git缓存相关脚本"
### 克隆代码
# mkdir -p /opt/git/openstack
# python gitclone.py
### 切换分支
# python gitcheckout.py ### 关闭任务- name: Clone git repositories asynchronously的git模块的update
# vim /etc/ansible/roles/repo_build/tasks/repo_clone_git.yml
update: no
  • LXC容器模板制作
### 下载容器模板
# apt install lxc
# /usr/bin/lxc-create --name LXC_NAME --template download --bdev dir -- --dist ubuntu --release xenial --arch amd64 --force-cache --server images.linuxcontainers.org --keyserver hkp://keyserver.ubuntu.com:80 ### 在"- name: Stat the prepared LXC cache"和"- include: lxc_cache.yml"任务之间添加如下内容
# vim /etc/ansible/roles/lxc_hosts/tasks/main.yml
- name: Synchronise the contents of the LXC cache to the LXC host
synchronize:
src: "{{ lxc_container_cache_path }}/"
dest: "{{ lxc_container_cache_path }}"
when:
- "{{ not lxc_cache_stat.stat.exists
or (lxc_cache_stat.stat.exists
and lxc_cache_stat.stat.mtime > lxc_cache_timeout) }}"
tags:
- always
  • 本地源搭建

将repo服务安装在ansible主机上

# vim /opt/openstack-ansible/playbooks/inventory/env.d/pkg_repo.yml
component_skel:
pkg_repo:
belongs_to:
- repo_all container_skel:
repo_container:
belongs_to:
- repo-infra_containers
contains:
- pkg_repo
properties:
service_name: repo
is_metal: true # vim /etc/openstack_deploy/openstack_user_config.yml
repo-infra_hosts:
repo:
ip: 172.29.236.10

在ansible控制主机上构建本地源

# vim /etc/openstack_deploy/user_variables.yml
repo_pkg_cache_enabled: false # cd /opt/openstack-ansible/playbooks/
# openstack-ansible repo-install.yml

修改源相关配置文件

### 注释 - include: repo-install.yml
# vim /opt/openstack-ansible/playbooks/setup-infrastructure.yml ### 设置源地址
# vim /etc/openstack_deploy/user_variables.yml
pip_get_pip_options: "--index-url http://172.29.248.10:{{ repo_server_port }}/pools --trusted-host 172.29.248.10"
pip_install_options: "--no-index --find-links http://172.29.248.10:{{ repo_server_port }}/links --trusted-host 172.29.248.10" openstack_repo_url: "http://172.29.248.10:{{ repo_server_port }}"
openstack_repo_git_url: "git://172.29.248.10" ### 删除galera_client的源检测动作
# sed -i -e "/when: add_repo | changed/d" /etc/ansible/roles/galera_client/tasks/galera_client_install_apt.yml
  • 搭建部分软件APT源镜像

查询openstack-ansible需要添加的额外的apt源

# find /etc/ansible/roles -name "ubuntu-16.04.yml" -o -name "debian.yml" | xargs grep -i ".*repo: \"deb "

### 最终找出的需要添加的apt源
# vim /etc/apt/source.list
deb http://download.ceph.com/debian-hammer/ xenial main
deb http://ubuntu-cloud.archive.canonical.com/ubuntu/ xenial-updates/newton main
deb http://mirror.rackspace.com/mariadb/repo/10.0/ubuntu xenial main
deb http://repo.percona.com/apt xenial main ### 去掉,手动下载deb

查询openstack-ansible需要安装的deb包

# find /etc/ansible/roles -name "ubuntu-16.04.yml" -o -name "debian.yml" | xargs -i awk '/.*_distro_packages:$/ {while(getline){ if($1 == "-") {print $0} else {break} }}' {} | sort -u -o dists.txt
# sed -i -e 's/#.*$//g' dists.txt
# sed -i -e 's/^[ -]*//g' dists.txt
# sed -i -e 's/"{{ galera_mariadb_apt_server_package }}"/mariadb-galera-server/g' dists.txt
# sed -i -e 's/{{ ansible_kernel }}/4\.4\.0-72-generic/g' dists.txt
# awk '{print $1,$2}' dists.txt | sort -u | grep -v nginx-extra | grep -v pvm-novalink > packages.txt

找一台干净的ubuntu server 16.04 TLS对应版本容器内安装debs.txt中的软件并打包缓存

# apt install ubuntu-cloud-keyring

### 添加以下APT源和APT KEY
# vim /etc/apt/source.list
deb http://download.ceph.com/debian-hammer/ xenial main
deb http://ubuntu-cloud.archive.canonical.com/ubuntu/ xenial-updates/newton main
deb http://mirror.rackspace.com/mariadb/repo/10.0/ubuntu xenial main
deb http://repo.percona.com/apt xenial main ### galera_client_gpg_keys:
# apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv F1656F24C74CD1D8 ### ceph_gpg_keys:
# apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv e84ac2c0460f3994 ### galera_gpg_keys:
# apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 9334a25f8507efa5 # apt update ### 方法一(此方式废弃)
# cat packages.txt | xargs -i apt install -y {}
# cd /var/cache/apt/
# tar -acf dists.tar.gz archives ### 方法二
# mkdir archives
# cd archives
# apt install apt-rdepends
# cat packages.txt | xargs apt-rdepends | grep -v ^\ | xargs apt download
# cd ..
# tar -acf dists.tar.gz archives

拷贝打包文件到ansible控制主机,并解压到APT源镜像目录

# mkdir -p /var/www/ubuntu-repo/
# tar -zxf dists.tar.gz
# find archives/ -name *.deb | xargs -i cp {} /var/www/ubuntu-repo/
### 有些软件包apt install不会缓存deb,需要自己手动下载(详见问题处理---"本地APT镜像源deb包缺失")

配置nginx

# cd /etc/nginx/sites-enabled
# ln -s /etc/nginx/sites-available/default defalut
server {
listen 80;
server_name ubuntu-repo;
access_log /var/log/nginx/openstack-repo.access.log;
error_log /var/log/nginx/openstack-repo.error.log;
location / {
root /var/www/ubuntu-repo/;
autoindex on;
expires 5h;
}
}
# systemctl restart nginx

创建GPG KEY

### 生成随机数
# apt install rng-tools
# rngd -r /dev/urandom ### 创建密钥
# gpg --gen-key
gpg (GnuPG) 1.4.20; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. gpg: directory `/root/.gnupg' created
gpg: new configuration file `/root/.gnupg/gpg.conf' created
gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/root/.gnupg/secring.gpg' created
gpg: keyring `/root/.gnupg/pubring.gpg' created
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection? 4
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 1024
Requested keysize is 1024 bits
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>" Real name: nocsys
Email address:
Comment:
You selected this USER-ID:
"nocsys" Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key. We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
....+++++
.+++++
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 48763DD3 marked as ultimately trusted
public and secret key created and signed. gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
pub 1024R/48763DD3 2017-04-14
Key fingerprint = C12C C3A9 6A9D ABDE FC01 CDA9 857F D33B 4876 3DD3
uid nocsys Note that this key cannot be used for encryption. You may want to use
the command "--edit-key" to generate a subkey for this purpose.

导出key文件

# cd /var/www/ubuntu-repo
# gpg --list-keys
/root/.gnupg/pubring.gpg
------------------------
pub 1024R/D4CB6DF1 2017-04-14
uid nocsys
# gpg --output keyFile --armor --export D4CB6DF1

生成Packages.gz、Release、InRelease、Release.gpg文件

### 后期如果需要添加新deb包,将deb包放入/var/www/ubuntu-repo后重新执行下面命令即可
# cd /var/www/ubuntu-repo
# 生成索引文件
# apt-ftparchive packages . > Packages
# gzip -c Packages > Packages.gz
# apt-ftparchive release . > Release
### 输入前面设置的GPG KEY密码
# gpg --clearsign -o InRelease Release
# gpg -abs -o Release.gpg Release
  • 修改haproxy转发方式
### 用户自定义配置文件
# vim /etc/openstack_deploy/user_variables.yml
haproxy_ssl: false ### 将haproxy转发方式由http全部改成tcp,详见问题处理---"haproxy tcp转发配置"
  • 软件包缓存制作

HATop软件包缓存

### 用户自定义配置文件
# vim /etc/openstack_deploy/user_variables.yml
haproxy_hatop_download_url: "http://172.29.248.10:{{ repo_server_port }}/extra/hatop-0.7.7.tar.gz"

下载HATop

# mkdir -p /var/www/repo/extra
# cd /var/www/repo/extra
# wget https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/hatop/hatop-0.7.7.tar.gz
  • horizon设置

horizon启用https

### 用户自定义配置文件
# vim /etc/openstack_deploy/user_variables.yml
horizon_external_ssl: false

托管主机模板制作

主机类型 操作系统 配置 主机名
KVM虚拟机 ubuntu 16.04 TLS server 内存:4GB 磁盘:80GB 网卡:ens3(br-mgmt) ubuntu

| 网络名 | 网络地址 | VLAN | IP |

| ------------ | ------------ | ------------ |

| 管理网络 | 172.29.236.0/22 | 10 | 172.29.236.254/22 |

| 内网网络 | 172.29.248.0/22 | 10 | 172.29.248.254/22 |

  • 网络配置
# vim /etc/network/interfaces

auto ens3
iface ens3 inet static
address 172.29.248.254
netmask 255.255.252.0 # reboot
  • 设置ssh免密码登入
# scp root@172.29.248.10:/root/.ssh/id_rsa.pub ./
# cat id_rsa.pub >> ~/.ssh/authorized_keys
# chmod 600 ~/.ssh/authorized_keys

设置软件源

# wget http://172.29.248.10/keyFile
# apt-key add keyFile
# vim /etc/apt/sources.list
deb http://172.29.248.10/ ./ # apt-get install vlan bridge-utils python
  • 重新配置网络
# vim /etc/network/interfaces
auto ens3
iface ens3 inet manual auto ens3.10
iface ens3.10 inet manual
vlan-raw-device ens3 auto ens3.20
iface ens3.20 inet manual
vlan-raw-device ens3 auto ens3.30
iface ens3.30 inet manual
vlan-raw-device ens3 auto br-mgmt
iface br-mgmt inet static
address 172.29.236.254
netmask 255.255.252.0
bridge_ports ens3.10 auto br-storage
iface br-storage inet static
address 172.29.244.254
netmask 255.255.252.0
bridge_ports ens3.20 auto br-vxlan
iface br-vxlan inet static
address 172.29.240.254
netmask 255.255.252.0
bridge_ports ens3.30 auto br-vlan
iface br-vlan inet static
address 172.29.248.254
netmask 255.255.252.0
bridge_ports ens3 # reboot
  • 备份虚拟机
### 拷贝当前虚拟机qcow2文件
# halt

ansible托管节点环境

主机类型 操作系统 配置 主机名
KVM虚拟机 ubuntu 16.04 TLS server 内存:4GB 磁盘:30GB 网卡:ens3(br-mgmt) infra1
KVM虚拟机 ubuntu 16.04 TLS server 内存:4GB 磁盘:30GB 网卡:ens3(br-mgmt) compute1
KVM虚拟机 ubuntu 16.04 TLS server 内存:2GB 磁盘:30GB 网卡:ens3(br-mgmt) storage1

sched节点配置

| 网络名 | 网络地址 | VLAN | IP |

| ------------ | ------------ | ------------ |

| 管理网络 | 172.29.236.0/22 | 10 | 172.29.236.11/22 |

| 存储网络 | 172.29.244.0/22 | 20 | 172.29.244.11/22 |

| 隧道网络VXLAN | 172.29.240.0/22 | 30 | 172.29.240.11/22 |

| 内网网络 | 172.29.248.0/22 | - | 172.29.248.11/22 |

| 外网网络 | 192.168.200.0/22 | - | 192.168.200.11/22 |

### 使用托管主机模板创建虚拟机,并修改172.29.*.254 => 172.29.*.11

nova节点配置

| 网络名 | 网络地址 | VLAN | IP |

| ------------ | ------------ | ------------ |

| 管理网络 | 172.29.236.0/22 | 10 | 172.29.236.12/22 |

| 存储网络 | 172.29.244.0/22 | 20 | 172.29.244.12/22 |

| 隧道网络VXLAN | 172.29.240.0/22 | 30 | 172.29.240.12/22 |

| 内网网络 | 172.29.248.0/22 | - | 172.29.248.12/22 |

### 使用托管主机模板创建虚拟机,并修改172.29.*.254 => 172.29.*.11

storage节点配置

| 网络名 | 网络地址 | VLAN | IP |

| ------------ | ------------ | ------------ |

| 管理网络 | 172.29.236.0/22 | 10 | 172.29.236.13/22 |

| 存储网络 | 172.29.244.0/22 | 20 | 172.29.244.13/22 |

| 隧道网络VXLAN | 172.29.240.0/22 | 30 | 172.29.240.13/22 |

| 内网网络 | 172.29.248.0/22 | - | 172.29.248.13/22 |

### 使用托管主机模板创建虚拟机,并修改172.29.*.254 => 172.29.*.11

执行openstack-ansible

查询openstack-ansible添加额外软件源的任务位置

### 带文件名
# find /etc/ansible/roles -name "*\.yml"| grep -v "yum" | xargs grep -h -i -e "[a-z|-]*-apt-keys$" -e "[a-z|-]*-repos$" | sort -u
### 不带文件名
# find /etc/ansible/roles -name "*\.yml"| grep -v "yum" | xargs grep -h -i -e "[a-z|-]*-apt-keys$" -e "[a-z|-]*-repos$" | sort -u
- bird-repos
- ceph-apt-keys
- ceph-repos
- etcd-apt-keys
- etcd-repos
- galera-apt-keys
- galera-client-apt-keys
- galera-client-repos
- galera-repos
- haproxy-apt-keys
- haproxy-repos
- keepalived-apt-keys
- lxc-cache-apt-keys ### 去掉,不可skip
- novalink-apt-keys
- percona-repos
- rabbitmq-apt-keys
- rabbitmq-repos
- repo-clone-repos
- add-repo-keys ### 新增
- add-uca-repo ### 新增

执行安装

### 使用vnc连入ansible控制主机,断开网络连接
# ifdown ens3
# openstack-ansible setup-hosts.yml --skip-tags "add-repo-keys,add-uca-repo"
# openstack-ansible setup-infrastructure.yml --skip-tags "bird-repos,ceph-apt-keys,ceph-repos,etcd-apt-keys,etcd-repos,galera-apt-keys,galera-repos,galera-client-apt-keys,galera-client-repos,haproxy-apt-keys,haproxy-repos,percona-repos,rabbitmq-apt-keys,rabbitmq-repos,repo-clone-repos,add-repo-keys,add-uca-repo"
# openstack-ansible setup-openstack.yml --skip-tags "bird-repos,ceph-apt-keys,ceph-repos,etcd-apt-keys,etcd-repos,galera-apt-keys,galera-repos,galera-client-apt-keys,galera-client-repos,haproxy-apt-keys,haproxy-repos,percona-repos,rabbitmq-apt-keys,rabbitmq-repos,repo-clone-repos,add-repo-keys,add-uca-repo"

验证安装

# lxc-attach -n infra1_utility_container-72d28be9
# source openrc
# wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img
# openstack image create "cirros" --file cirros-0.3.5-x86_64-disk.img --disk-format qcow2 --container-format bare --public
# openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano
# openstack network create selfservice
# openstack subnet create --network selfservice --dns-nameserver 114.114.114.114 --gateway 40.0.0.1 --subnet-range 40.0.0.0/24 subnet-selfservice
# openstack network list
# openstack server create --flavor m1.nano --image cirros --nic net-id=5bbf071e-0540-41a3-8318-38903397484b test
# openstack server list ### 直接访问https://192.168.200.11

问题处理

  • apt update告警
W: GPG error: http://ubuntu-cloud.archive.canonical.com/ubuntu xenial-updates/newton Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 5EDB1B62EC4926EA
E: The repository 'http://ubuntu-cloud.archive.canonical.com/ubuntu xenial-updates/newton Release' is not signed.

解决办法

# apt install ubuntu-cloud-keyring
  • git缓存相关脚本
### 克隆脚本
# cat gitclone.py
import os,yaml,subprocess,logging
yml_path="/opt/openstack-ansible/playbooks/defaults/repo_packages/"
git_path="/opt/git/openstack/" def exec_clone(url, path):
if url:
print(yml_path+path)
#if subprocess.call("git clone " + url + " " + git_path + path, shell=True):
# logging.error(url + " git clone failed!") def analysis_dict(data):
for value in data.values():
if isinstance(value, str):
if value.startswith("https://git"):
exec_clone(value, value[value.rfind("/") + 1:]) def analysis_yml(name):
for datas in yaml.load_all(file(yml_path + name, 'r')):
if isinstance(datas, dict):
analysis_dict(datas)
elif isinstance(datas, list):
for data in datas:
analysis_dict(data)
else:
print(name, " error fomat") if __name__ == '__main__':
logging.basicConfig(filename='error.log')
for name in os.listdir(yml_path):
if name.endswith(".yml"):
analysis_yml(name) ### 分支切换脚本
# cat gitcheckout.py
import os,logging,subprocess git_path = "/opt/git/openstack/" dirs_stable = [
"ceilometer",
"nova-lxd",
"ironic-ui",
"keystone",
"cinder",
"requirements",
"neutron-vpnaas",
"nova-powervm",
"neutron-lbaas",
"ironic",
"magnum-ui",
"glance",
"sahara-dashboard",
"heat",
"horizon",
"aodh",
"sahara",
"neutron-fwaas",
"neutron",
"neutron-dynamic-routing",
"nova",
"swift",
"magnum"] dirs_master = [
"felix",
"gnocchi",
"neutron-lbaas-dashboard",
"tempest",
"rally",
"networking-calico",
"novnc",
"spice-html5"] def exec_checkout(name, master):
if master:
if name == 'gnocchi':
print("git checkout stable/3.0 " + name)
if subprocess.call("cd "+ git_path + name + " && git checkout stable/3.0", shell=True):
logging.error(" git checkout stable/3.0 " + name +" failed!")
elif name == 'felix':
print("git checkout 1.4.x-series " + name)
if subprocess.call("cd "+ git_path + name + " && git checkout 1.4.x-series", shell=True):
logging.error(" git checkout 1.4.x-series " + name +" failed!")
else:
print("git checkout master " + name)
if subprocess.call("cd "+ git_path + name + " && git checkout master", shell=True):
logging.error(" git checkout master " + name +" failed!") else:
print("git checkout stable/newton " + name)
if subprocess.call("cd "+ git_path + name + " && git checkout stable/newton", shell=True):
logging.error(" git checkout stable/newton " + name +" failed!") if __name__ == '__main__':
logging.basicConfig(filename='error.log')
for name in dirs_master:
exec_checkout(name, True)
for name in dirs_stable:
exec_checkout(name, False)
  • 本地APT镜像源deb包缺失

方法一: 使用命令apt-get download $(apt-rdepends "${package}" | grep -v ^\ )自动下载,使用软件名替换"${package}"

方法二: 自己手动wget

查询地址

  • Search package directories栏输入软件包关键字,然后点击搜索
  • 在搜索结果页面的软件包 XXX列表选择对应ubuntu版本
  • 在软件包页面的下载 XXX栏选择对应的硬件架构
  • 最后就可以知道软件的下载子目录,例如 pool/main/g/gdbm/
  • 然后找一台空机器apt install XXX下查看系统安装的软件版本
### 补充缺失的deb包
# cd /var/www/ubuntu-repo/
# wget http://mirrors.aliyun.com/ubuntu/pool/main/a/audit/auditd_2.4.5-1ubuntu2_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/a/audit/libauparse0_2.4.5-1ubuntu2_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/universe/a/audit/audispd-plugins_2.4.5-1ubuntu2_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/universe/libp/libprelude/libprelude2v5_1.0.0-11.7ubuntu1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/a/aide/aide_0.16~a2.git20130520-3_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/libl/liblockfile/liblockfile1_1.09-6ubuntu1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/libl/liblockfile/liblockfile-bin_1.09-6ubuntu1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/s/ssl-cert/ssl-cert_1.0.37_all.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/p/postfix/postfix_3.1.0-3_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/b/bsd-mailx/bsd-mailx_8.1.2-0.20160123cvs-2_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/a/aide/aide-common_0.16~a2.git20130520-3_all.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/universe/t/timelimit/timelimit_1.8.1-1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/universe/libt/libtomcrypt/libtomcrypt0_1.17-7_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/universe/c/chrony/chrony_2.1.1-1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/libt/libtommath/libtommath0_0.42.0-1.2_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/universe/libf/libfile-fnmatch-perl/libfile-fnmatch-perl_0.02-2build2_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/universe/d/debsums/debsums_2.1.2_all.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/l/logrotate/logrotate_3.8.7-2ubuntu2_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/a/apparmor/apparmor-profiles_2.10.95-0ubuntu2.6_all.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/universe/u/ubuntu-cloud-keyring/ubuntu-cloud-keyring_2012.08.14_all.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/p/python-apt/python-apt-common_1.1.0~beta1build1_all.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/i/iso-codes/iso-codes_3.65-1_all.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/x/xz-utils/xz-utils_5.1.1alpha%2b20120614-2ubuntu2_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/libe/libevent/libevent-2.0-5_2.0.21-stable-2ubuntu0.16.04.1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/p/perl/perl_5.22.1-9_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/p/perl/perl-modules-5.22_5.22.1-9_all.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/p/perl/libperl5.22_5.22.1-9_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/r/rename/rename_0.20-4_all.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/g/gdbm/libgdbm3_1.8.3-13.1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/m/mpfr4/libmpfr4_3.1.4-1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/d/dpkg/dpkg-dev_1.18.4ubuntu1.1_all.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/p/patch/patch_2.7.5-1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/r/readline5/libreadline5_5.2%2bdfsg-3build1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/p/pygobject/python3-gi_3.20.0-0ubuntu1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/g/gobject-introspection/gir1.2-glib-2.0_1.46.0-3ubuntu1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/d/dbus-python/python3-dbus_1.2.0-3_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/p/python-apt/python3-apt_1.1.0~beta1build1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/g/gobject-introspection/libgirepository-1.0-1_1.46.0-3ubuntu1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/g/glib2.0/libglib2.0-0_2.48.2-0ubuntu1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/d/dbus/libdbus-1-3_1.10.6-1ubuntu3.3_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/d/dbus-glib/libdbus-glib-1-2_0.106-1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/p/psmisc/psmisc_22.21-2.1build1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/g/gawk/gawk_4.1.3%2bdfsg-0.1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/l/lsof/lsof_4.89%2bdfsg-0.1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/r/rsync/rsync_3.1.1-3ubuntu1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/libs/libsigsegv/libsigsegv2_2.10-4_amd64.deb
# wget http://repo.percona.com/apt/pool/main/q/qpress/qpress_11-1.xenial_amd64.deb
# wget http://repo.percona.com/apt/pool/main/p/percona-xtrabackup-22/percona-xtrabackup-22_2.2.13-1.vivid_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/universe/e/erlang/erlang-base-hipe_18.3-dfsg-1ubuntu3_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/e/erlang/erlang-crypto_18.3-dfsg-1ubuntu3_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/e/erlang/erlang-syntax-tools_18.3-dfsg-1ubuntu3_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/l/lksctp-tools/libsctp1_1.0.16%2bdfsg-3_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/c/curl/curl_7.47.0-1ubuntu2.2_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/g/git/git_2.7.4-0ubuntu1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/g/git/git-man_2.7.4-0ubuntu1_all.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/libe/liberror-perl/liberror-perl_0.17-1.2_all.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/g/gettext/gettext-base_0.19.7-2ubuntu3_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/libx/libxml2/libxml2_2.9.3%2bdfsg1-1ubuntu0.2_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/i/icu/libicu55_55.1-7ubuntu0.1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/g/gettext/libasprintf0v5_0.19.7-2ubuntu3_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/libp/libpipeline/libpipeline1_1.4.1-2_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/b/bsdmainutils/bsdmainutils_9.0.6ubuntu3_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/g/groff/groff-base_1.22.3-7_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/s/sgml-base/sgml-base_1.26%2bnmu4ubuntu1_all.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/x/xml-core/xml-core_0.13%2bnmu2_all.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/libn/libnetfilter-conntrack/libnetfilter-conntrack3_1.0.5-1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/libn/libnl3/libnl-3-200_3.2.27-1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/libn/libnl3/libnl-genl-3-200_3.2.27-1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/n/net-snmp/libsnmp30_5.7.3%2bdfsg-1ubuntu4_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/p/pciutils/libpci3_3.3.1-1.1ubuntu1.1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/p/pycurl/python3-pycurl_7.43.0-1ubuntu1_amd64.deb
# wget http://mirrors.aliyun.com/ubuntu/pool/main/m/man-db/man-db_2.7.5-1_amd64.deb
  • haproxy tcp转发配置
# cat /opt/openstack-ansible/playbooks/vars/configs/haproxy_config.yml

haproxy_default_services:
- service:
haproxy_service_name: galera
haproxy_backend_nodes: "{{ [groups['galera_all'][0]] | default([]) }}" # list expected
haproxy_backup_nodes: "{{ groups['galera_all'][1:] | default([]) }}"
haproxy_port: 3306
haproxy_balance_type: tcp
haproxy_timeout_client: 5000s
haproxy_timeout_server: 5000s
haproxy_backend_options:
- "mysql-check user {{ galera_monitoring_user }}"
haproxy_whitelist_networks: "{{ haproxy_galera_whitelist_networks }}"
- service:
haproxy_service_name: glance_api
haproxy_backend_nodes: "{{ groups['glance_api'] | default([]) }}"
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_port: 9292
haproxy_balance_type: tcp
haproxy_backend_options:
- tcp-check
- service:
haproxy_service_name: glance_registry
haproxy_backend_nodes: "{{ groups['glance_registry'] | default([]) }}"
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_port: 9191
haproxy_balance_type: tcp
haproxy_backend_options:
- tcp-check
haproxy_whitelist_networks: "{{ haproxy_glance_registry_whitelist_networks }}"
- service:
haproxy_service_name: gnocchi
haproxy_backend_nodes: "{{ groups['gnocchi_all'] | default([]) }}"
haproxy_port: 8041
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_balance_type: tcp
haproxy_backend_options:
- tcp-check
- service:
haproxy_service_name: heat_api_cfn
haproxy_backend_nodes: "{{ groups['heat_api_cfn'] | default([]) }}"
haproxy_port: 8000
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_balance_type: tcp
haproxy_backend_options:
- tcp-check
- service:
haproxy_service_name: heat_api_cloudwatch
haproxy_backend_nodes: "{{ groups['heat_api_cloudwatch'] | default([]) }}"
haproxy_port: 8003
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_balance_type: tcp
haproxy_backend_options:
- tcp-check
- service:
haproxy_service_name: heat_api
haproxy_backend_nodes: "{{ groups['heat_api'] | default([]) }}"
haproxy_port: 8004
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_balance_type: tcp
haproxy_backend_options:
- tcp-check
- service:
haproxy_service_name: keystone_service
haproxy_backend_nodes: "{{ groups['keystone_all'] | default([]) }}"
haproxy_port: 5000
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_balance_type: tcp
haproxy_backend_options:
- tcp-check
- service:
haproxy_service_name: keystone_admin
haproxy_backend_nodes: "{{ groups['keystone_all'] | default([]) }}"
haproxy_port: 35357
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_balance_type: tcp
haproxy_backend_options:
- tcp-check
haproxy_whitelist_networks: "{{ haproxy_keystone_admin_whitelist_networks }}"
- service:
haproxy_service_name: neutron_server
haproxy_backend_nodes: "{{ groups['neutron_server'] | default([]) }}"
haproxy_port: 9696
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_balance_type: tcp
haproxy_backend_options:
- tcp-check
- service:
haproxy_service_name: nova_api_metadata
haproxy_backend_nodes: "{{ groups['nova_api_metadata'] | default([]) }}"
haproxy_port: 8775
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_balance_type: tcp
haproxy_backend_options:
- tcp-check
haproxy_whitelist_networks: "{{ haproxy_nova_metadata_whitelist_networks }}"
- service:
haproxy_service_name: nova_api_os_compute
haproxy_backend_nodes: "{{ groups['nova_api_os_compute'] | default([]) }}"
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_port: 8774
haproxy_balance_type: tcp
haproxy_backend_options:
- tcp-check
- service:
haproxy_service_name: nova_console
haproxy_backend_nodes: "{{ groups['nova_console'] | default([]) }}"
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_port: "{{ nova_console_port }}"
haproxy_balance_type: tcp
haproxy_timeout_client: 60m
haproxy_timeout_server: 60m
haproxy_balance_alg: source
haproxy_backend_options:
- tcp-check
- service:
haproxy_service_name: cinder_api
haproxy_backend_nodes: "{{ groups['cinder_api'] | default([]) }}"
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_port: 8776
haproxy_balance_type: tcp
haproxy_backend_options:
- tcp-check
- service:
haproxy_service_name: horizon
haproxy_backend_nodes: "{{ groups['horizon_all'] | default([]) }}"
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_port: 443
haproxy_balance_type: tcp
haproxy_balance_alg: source
haproxy_backend_options:
- tcp-check
- service:
haproxy_service_name: sahara_api
haproxy_backend_nodes: "{{ groups['sahara_api'] | default([]) }}"
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_balance_alg: source
haproxy_port: 8386
haproxy_balance_type: tcp
haproxy_backend_options:
- tcp-check
- service:
haproxy_service_name: swift_proxy
haproxy_backend_nodes: "{{ groups['swift_proxy'] | default([]) }}"
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_balance_alg: source
haproxy_port: 8080
haproxy_balance_type: tcp
haproxy_backend_options:
- tcp-check
- service:
haproxy_service_name: ceilometer_api
haproxy_backend_nodes: "{{ groups['ceilometer_api_container'] | default([]) }}"
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_port: 8777
haproxy_balance_type: tcp
haproxy_backend_options:
- tcp-check
- service:
haproxy_service_name: aodh_api
haproxy_backend_nodes: "{{ groups['aodh_api'] | default([]) }}"
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_port: 8042
haproxy_balance_type: tcp
haproxy_backend_options:
- tcp-check
- service:
haproxy_service_name: ironic_api
haproxy_backend_nodes: "{{ groups['ironic_api'] | default([]) }}"
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_port: 6385
haproxy_balance_type: tcp
haproxy_backend_options:
- "httpchk GET /"
- service:
haproxy_service_name: rabbitmq_mgmt
haproxy_backend_nodes: "{{ groups['rabbitmq'] | default([]) }}"
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_port: 15672
haproxy_balance_type: tcp
haproxy_backend_options:
- tcp-check
haproxy_whitelist_networks: "{{ haproxy_rabbitmq_management_whitelist_networks }}"
- service:
haproxy_service_name: magnum
haproxy_backend_nodes: "{{ groups['magnum_all'] | default([]) }}"
haproxy_ssl: "{{ haproxy_ssl }}"
haproxy_port: 9511
haproxy_balance_type: tcp
haproxy_backend_options:
- tcp-check
  • 虚拟机创建失败
### 提示No valid host was found. There are not enough hosts available.

解决办法

### 1.openstack的主机名不能相同,要和/etc/openstack_deploy/openstack_user_config.yml里面设置的主机名保持一致,例如infra1、compute1、storage1(感觉可以一样,待验证)
# lxc-attach -n infra1-utility-container-9976aa24
### 确保服务和资源都满足条件,比如内存分配是否充沛
# nova service-list
# nova hypervisor-stats

ansible无网络安装openstack(Newton)的更多相关文章

  1. devstack安装openstack newton版本

    准备使用devstack安装openstack N版,搞一套开发环境出来.一连整了4天,遇到各种问题,各种错误,一直到第4天下午4点多才算完成. 在这个过程中感觉到使用devstack搭建openst ...

  2. R语言无网络安装R包,彻底解决依赖问题!

    R version: 3.5.3, 3.6.3 更新日期: 2020-9-10 大家测试后多提建议哈, 有问题我会持续更新的 在工作中,我们使用的服务器通常是不能联外网的,这在安装R包的时候产生了巨大 ...

  3. 内网机(无网络安装 .NET Core win开发环境

    1.安装 vs2015 update3 2.按顺序安装以下包 DotNetCore.1.0.0-SDK.Preview2-x64.exe aspnetcoremodule_x64_en_rc2_14. ...

  4. 无网络安装mysql步骤

    1. 先安装Microsoft Visual C++ 2010 运行环境,运行vcredist_x86.exe文件: 2. 安装MySql数据库,运行mysql-installer-community ...

  5. CentOS生产环境无网络安装percona-xtrabackup2.4【RPM安装教程】

    Percona XtraBackup 8.0不支持对在MySQL 8.0之前的版本,Percona Server for MySQL或 Percona XtraDB Cluster中创建的数据库进行备 ...

  6. OpenWRT AR9331 mjpg-streamer 网络安装和离线ipk安装

    OpenWRT  AR9331 固件 我的摄像头ID为: root@Off-1CD0:/# lsusb Bus 001 Device 002: ID 1871:0101 OpenWRT支持的UVV摄像 ...

  7. CentOS7安装OpenStack(Rocky版)-06.安装Neutron网络服务(控制节点)

    上一章介绍了独立的nova计算节点的安装方法,本章分享openstack的网络服务neutron的安装配制方法 ------------------- 完美的分割线 ----------------- ...

  8. [转帖]无网络离线安装 vs2017

    无网络离线安装 vs2017 公司电脑禁止,只有一个老的vs2017的安装目录(之前通过 --layout 安装时生成的离线文件).找了一圈百度,没能解决问题,最后,问bing,查微软的官方网站命令, ...

  9. [转]无网络环境,在Windows Server 2008 R2和SQL Server 2008R2环境安装SharePoint2013 RT

    无网络环境,在Windows Server 2008 R2和SQL Server 2008R2环境安装SharePoint2013 RT,这个还有点麻烦,所以记录一下,下次遇到省得绕弯路.进入正题: ...

随机推荐

  1. 在非OnPaint里应该使用ClientDC来画图

    import wx class Example(wx.Frame): def __init__(self, parent, title): super(Example, self).__init__( ...

  2. 【题解】P3796【模板】AC自动机(加强版)

    [题解]P3796 [模板]AC自动机(加强版) 记录当前\(cnt\)是第几个"星".记录第几个串是对应着第几个星. 这里补充一点对于\(AC\)自动机的理解.可能一直有个问题我 ...

  3. linux c编程:make编译一

    一个工程中的源文件不计其数,按照不同的功能分类在若干的目录里面,makefile定义了一系列的规则,来制定那些文件需要先编译,那些文件后编译,那些文件重新编译.makefile最大的好处就是自动化编译 ...

  4. Java for LeetCode 127 Word Ladder

    Given two words (beginWord and endWord), and a dictionary, find the length of shortest transformatio ...

  5. 跳转appStore评分

    跳转到AppStore让用户能够给我们的应用进行评分,有两种方法,一种是跳出应用,跳转到AppStore,进行评分.另一种是在应用内,内置AppStore进行评分. PS:appleID在https: ...

  6. js作用域总结

    一.在ES5中,js 的作用域 js作用域,只有全局作用域与函数作用域,没有块级作用域. 1.全局作用域 var a = 10; function aaa() {alert(a) } function ...

  7. ESP8266串口模块的基本使用【转】

    本文转载自:http://www.shaoguoji.cn/2017/01/15/ESP8266-usage/ ESP8266是一款超低功耗的UART-WiFi 透传模块,拥有业内极富竞争力的封装尺寸 ...

  8. 《机器学习实战》学习笔记第二章 —— K-近邻算法

    主要内容: 一.算法概述 二.距离度量 三.k值的选择 四.分类决策规则 五.利用KNN对约会对象进行分类 六.利用KNN构建手写识别系统 七.KNN之线性扫描法的不足 八.KD树 一.算法概述 1. ...

  9. JAVA-三大语句(选择语句、条件语句、循环语句)

    跳出指定的for循环体,和goto很像 1 K:for(int i=0;i<3;i++){//给这个for循环体取一个名字为K 2 for(int j=0;j<3;j++){ 3 if(j ...

  10. php设计模式课程---5、责任链模式是什么

    php设计模式课程---5.责任链模式是什么 一.总结 一句话总结: 自己权限不够,就交给上级处理 1.选择结构怎么做到面向对象开闭原则? 也就是说if,都可以用接口的实现来实现,这样就避免了更新的时 ...