从 OpenStack GUI 收集信息以配置 Ansible
我们的 openstack 租户已经设置好了:
- 虚拟局域网为实例提供私有 IP
- 虚拟路由器将公共 IP 映射到私有 IP
- 已生成安全密钥
- 我们有 ssh 和端口 80 的默认防火墙配置
- 我们能够通过 OpenStack Web 界面启动实例
让我们从这个 Web 界面收集所有需要的信息。
可以在 openstack.rc 文件中找到身份验证信息。可以使用[access and security / API Access]中的 OpenStack Web 界面下载此文件。
$cat openstack.rc
#!/bin/bash
# To use an OpenStack cloud you need to authenticate against the Identity
# service named keystone, which returns a **Token** and **Service Catalog**.
# The catalog contains the endpoints for all services the user/tenant has
# access to - such as Compute, Image Service, Identity, Object Storage, Block
# Storage, and Networking (code-named nova, glance, keystone, swift,
# cinder, and neutron).
#
# *NOTE*: Using the 2.0 *Identity API* does not necessarily mean any other
# OpenStack API is version 2.0. For example, your cloud provider may implement
# Image API v1.1, Block Storage API v2, and Compute API v2.0. OS_AUTH_URL is
# only for the Identity API served through keystone.
export OS_AUTH_URL=https://openstack-identity.mycompany.com/v3
# With the addition of Keystone we have standardized on the term **tenant**
# as the entity that owns the resources.
export OS_TENANT_ID=1ac99fef77ee40148d7d5ba3e070caae
export OS_TENANT_NAME="TrainingIC"
export OS_PROJECT_NAME="TrainingIC"
# In addition to the owning entity (tenant), OpenStack stores the entity
# performing the action as the **user**.
export OS_USERNAME="UserTrainingIC"
# With Keystone you pass the keystone password.
echo "Please enter your OpenStack Password: "
read -sr OS_PASSWORD_INPUT
export OS_PASSWORD=$OS_PASSWORD_INPUT
# If your configuration has multiple regions, we set that information here.
# OS_REGION_NAME is optional and only valid in certain environments.
export OS_REGION_NAME="fr"
# Don't leave a blank variable, unset it if it was empty
if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi
我们得到 OS_AUTH_URL,OS_TENANT_NAME,OS_USERNAME。
身份验证 API 版本:OS_AUTH_URL
注意身份验证 API 版本。默认情况下,v3 已激活,但 ansible 需要 v2.0。我们得到 url 并设置 V2.0 而不是 V3: https : //openstack-identity.mycompany.com/v2.0
VM 信息
使用 OpenStack Web 界面创建实例,并获取图像,flavor,密钥,网络,安全组的名称。
使用所有必需的信息创建 ./group_vars/all 文件。
$vi ./group_vars/all
# Authentication
AuthUserName: UserTrainingIC
AuthPassword: PasswordTrainingIC
TenantName: TrainingIC
# VM infos
ImageName: CentOS-7-x86_64-GenericCloud-1607
FlavorName: m1.1cpu.1gb
InfraKey: KeyTrainingIC
NetworkName: NetPrivateTrainingIC
SecurityGroup: default