Installation and Setup

This guide will cover the installation and setup of OpenStack using Kolla-Ansible. It will run through a basic reference deployment.

As you go through these steps, you can always reference the official upstream documentation for Kolla-Ansible at https://docs.openstack.org/kolla-ansible/latest/.

This installation will cover Deploying Kolla-Ansible using Rocky Linux OS and Containers.

Installing the Operating System

Rocky Linux is a derivative of Red Hat Enterprise Linux (RHEL). It is a free and open-source operating system that is binary compatible with RHEL. It is a great choice for running OpenStack because it is free and open-source and does not require any licensing fees.

There are several ways you can install Rocky Linux to your server. You can:

• Download the latest version from https://rockylinux.org/download using an ISO download
• Install Rocky Linux 9 using netboot.xyz using the installer kernels

If this is your first time installing Rocky Linux, you can follow the official installation guide at https://docs.rockylinux.org/guides/installation/.

tip

Once you install the operating system on the first node, if you check the /root directory after the installation you will see a kickstart file named anaconda-ks.cfg. This file contains all of the settings you used during the installation. You can use this file to create additional nodes using kickstart automation. This goes back to keeping things consistent and helps you build out automation for your environment. You can use this file to build on and continue to reduce time spent on installing additional nodes.

Kickstart Samples

If you are interested in viewing pre-built kickstart files, you can check out the following repositories:

• TBA

Pre Deployment

Install Dependencies

Once you have installed an Operating System, you will need to install some dependencies for Kolla-Ansible. To start:

dnf update -y
dnf install -y git python3-devel libffi-devel gcc openssl-devel python3-libselinux

Install Kolla-Ansible Release

Determine which release you will be deploying. We recommend using the latest stable release as more bleeding edge may introduce problems setting up the environment:

2023.2 Bobcat (Stable)

pip install -U pip
pip install git+https://opendev.org/openstack/kolla-ansible@stable/2023.2
pip install 'ansible-core>=2.14,<2.16'

2024.1 Caracal (Stable)

pip install -U pip
pip install git+https://opendev.org/openstack/kolla-ansible@stable/2024.1
pip install 'ansible-core>=2.15,<2.16.99'

Bleeding Edge (master)

pip install -U pip
pip install git+https://opendev.org/openstack/kolla-ansible@master
pip install 'ansible-core>=2.15,<2.16.99'

Install Kolla-Ansible Requirements

kolla-ansible install-deps

Prepare Kolla-Ansible Configuration

Create the /etc/kolla directory that will contain the configuration files:

sudo mkdir -p /etc/kolla
sudo chown $USER:$USER /etc/kolla

Copy globals.yml and passwords.yml to /etc/kolla directory:

sudo cp -r /usr/local/share/kolla-ansible/etc_examples/kolla/* /etc/kolla

Copy the example inventory files to the current directory:

sudo cp /usr/local/share/kolla-ansible/ansible/inventory/all-in-one .
sudo cp /usr/local/share/kolla-ansible/ansible/inventory/multinode .

Generate the passwords which are stored in /etc/kolla/passwords.yml:

kolla-genpwd

Configure the Kolla globals.yml

One of the main configuration files for Kolla-Ansible is the globals.yml which tells Kolla Ansible how to deploy OpenStack. It is located in /etc/kolla/globals.yml.

The following are the main configuration options that you will need to set in globals.yml:

kolla_base_distro: "rocky" # This is the base OS that Kolla will use to build the containers
network_interface: "eth0" # This is the interface that Kolla will use for the OpenStack network
neutron_external_interface: "eth1" # This is the interface that Kolla will use for the external network
kolla_internal_vip_address: "10.0.100.20" # This is the virtual IP address that will be used for the OpenStack API

warning

If you are running multiple clusters on the same common subnet, make sure to change keepalived_virtual_router_id to something unique for each deployment. Otherwise you will have keepalived conflicts between multiple clusters.

By default enable_openstack_core is enabled which will enable the core services such as Glance, Keystone, Neutron, Nova, Heat, and Horizon. If you are just getting started, these are the main services you will want to enable. If you want to enable additional services, you can uncomment that service and change from no to yes. You can always redeploy and enable additional options later.

Deploying Kolla-Ansible

Once you have configured the globals.yml file, you can start the deployment. Make sure to leverage the inventory file you copied earlier and set up.

Kolla-Ansible Tool

Kolla-Ansible comes with a wrapper tool around Ansible that makes it easier to run the various commands. You can see the help for the tool by running:

[root@control1 ~]# kolla-ansible --help
Usage: /usr/local/bin/kolla-ansible COMMAND [options]

Options:
    --inventory, -i <inventory_path>   Specify path to ansible inventory file. Can be specified multiple times to pass multiple inventories.
    --playbook, -p <playbook_path>     Specify path to ansible playbook file
    --configdir <config_path>          Specify path to directory with globals.yml
    --key -k <key_path>                Specify path to ansible vault keyfile
    --help, -h                         Show this usage information
    --tags, -t <tags>                  Only run plays and tasks tagged with these values
    --skip-tags <tags>                 Only run plays and tasks whose tags do not match these values
    --extra, -e <ansible variables>    Set additional variables as key=value or YAML/JSON passed to ansible-playbook
    --passwords <passwords_path>       Specify path to the passwords file
    --limit <host>                     Specify host to run plays
    --forks <forks>                    Number of forks to run Ansible with
    --vault-id <@prompt or path>       Specify @prompt or password file (Ansible >=  2.4)
    --ask-vault-pass                   Ask for vault password
    --vault-password-file <path>       Specify password file for vault decrypt
    --check, -C                        Don't make any changes and try to predict some of the changes that may occur instead
    --diff, -D                         Show differences in ansible-playbook changed tasks
    --verbose, -v                      Increase verbosity of ansible-playbook
    --version                          Show version

Environment variables:
    EXTRA_OPTS                         Additional arguments to pass to ansible-playbook

Commands:
    install-deps         Install Ansible Galaxy dependencies
    prechecks            Do pre-deployment checks for hosts
    mariadb_recovery     Recover a completely stopped mariadb cluster
    mariadb_backup       Take a backup of MariaDB databases
                             --full (default)
                             --incremental
    monasca_cleanup      Remove unused containers for the Monasca service
    bootstrap-servers    Bootstrap servers with kolla deploy dependencies
    destroy              Destroy Kolla containers, volumes and host configuration
                             --include-images to also destroy Kolla images
                             --include-dev to also destroy dev mode repos
    deploy               Deploy and start all kolla containers
    deploy-bifrost       Deploy and start bifrost container
    deploy-servers       Enroll and deploy servers with bifrost
    deploy-containers    Only deploy and start containers (no config updates or bootstrapping)
    gather-facts         Gather Ansible facts
    post-deploy          Do post deploy on deploy node
    pull                 Pull all images for containers (only pulls, no running container changes)
    rabbitmq-reset-state Force reset the state of RabbitMQ
    reconfigure          Reconfigure OpenStack service
    stop                 Stop Kolla containers
    certificates         Generate self-signed certificate for TLS *For Development Only*
    octavia-certificates Generate certificates for octavia deployment
    upgrade              Upgrades existing OpenStack Environment
    upgrade-bifrost      Upgrades an existing bifrost container
    genconfig            Generate configuration files for enabled OpenStack services
    validate-config      Validate configuration files for enabled OpenStack services
    prune-images         Prune orphaned Kolla images
    nova-libvirt-cleanup Clean up disabled nova_libvirt containers

Generate a SSH Key Pair

You will need to generate a SSH key pair that will be used to access the servers. You can do this by running the following command:

ssh-keygen

It will generate a private key in /root/.ssh/id_rsa and a public key in /root/.ssh/id_rsa.pub. You will need to copy the id_rsa.pub key to the authorized_keys file on each server you will be deploying OpenStack to.

### Bootstrap servers with Kolla-Ansible Dependencies

This will install docker, python, and other dependencies on the servers:

```bash
export ANSIBLE_HOST_KEY_CHECKING=False # This will disable host key checking for the first run
kolla-ansible -i ./inventory-file bootstrap-servers

Pre-deployment checks for hosts

This will run a series of checks to ensure that the hosts are ready for deployment:

kolla-ansible -i ./inventory-file prechecks

Deploy Kolla-Ansible

This will kick off the deployment process. It will download all of the containers, generate the configuration files, bootstrap the database, and start the services:

kolla-ansible -i ./inventory-file deploy

Post Deployment

Once deploy has completed, you can run the following commands to finalize the deployment.

Install OpenStack CLI Client

Set up the OpenStack CLI so that you can talk to your OpenStack environment using the CLI tooling:

pip install python-openstackclient -c https://releases.openstack.org/constraints/upper/master

The CLI uses a clouds.yaml to load the credentials for your enviornmnet. You can generate a clouds.yaml file by running the following command:

kolla-ansible post-deploy

info

The file will be generated in /etc/kolla/clouds.yaml, you can use it by copying it to /etc/openstack or ~/.config/openstack, or by setting the OS_CLIENT_CONFIG_FILE environment variable.

Accessing Horizon

Horizon is the web interface for OpenStack. You can access it by going to the VIP address or any of the control nodes of your OpenStack environment in a web browser.

The password for the admin user is stored in /etc/kolla/passwords.yml:

grep keystone_admin_password /etc/kolla/passwords.yml

You can then log into Horizon using the admin user and the password you just retrieved.

tip

Skyline is another newer and more modern front-end interface. You can enable it in globals.yml by setting enable_skyline: yes. By default it is installed at VIP_IP:9999

That covers a lot of the beginning set up and deployment of OpenStack using Kolla-Ansible. You can now start to explore the environment and start to learn more about OpenStack in the next few sections.