1. StackOverflow 文件
  2. Ansible 教程
  3. 在 OpenStack 中使用 Ansible
  4. 從 OpenStack GUI 收集資訊以配置 Ansible

從 OpenStack GUI 收集資訊以配置 Ansible

Created: November-22, 2018

我們的 openstack 租戶已經設定好了:

  • 虛擬區域網為例項提供私有 IP
  • 虛擬路由器將公共 IP 對映到私有 IP
  • 已生成安全金鑰
  • 我們有 ssh 和埠 80 的預設防火牆配置
  • 我們能夠通過 OpenStack Web 介面啟動例項

讓我們從這個 Web 介面收集所有需要的資訊。

可以在 openstack.rc 檔案中找到身份驗證資訊。可以使用[access and security / API Access]中的 OpenStack Web 介面下載此檔案。

$cat openstack.rc
#!/bin/bash
 
# To use an OpenStack cloud you need to authenticate against the Identity
# service named keystone, which returns a **Token** and **Service Catalog**.
# The catalog contains the endpoints for all services the user/tenant has
# access to - such as Compute, Image Service, Identity, Object Storage, Block
# Storage, and Networking (code-named nova, glance, keystone, swift,
# cinder, and neutron).
#
# *NOTE*: Using the 2.0 *Identity API* does not necessarily mean any other
# OpenStack API is version 2.0. For example, your cloud provider may implement
# Image API v1.1, Block Storage API v2, and Compute API v2.0. OS_AUTH_URL is
# only for the Identity API served through keystone.
export OS_AUTH_URL=https://openstack-identity.mycompany.com/v3

# With the addition of Keystone we have standardized on the term **tenant**
# as the entity that owns the resources.
export OS_TENANT_ID=1ac99fef77ee40148d7d5ba3e070caae
export OS_TENANT_NAME="TrainingIC"
export OS_PROJECT_NAME="TrainingIC"

# In addition to the owning entity (tenant), OpenStack stores the entity
# performing the action as the **user**.
export OS_USERNAME="UserTrainingIC"

# With Keystone you pass the keystone password.
echo "Please enter your OpenStack Password: "
read -sr OS_PASSWORD_INPUT
export OS_PASSWORD=$OS_PASSWORD_INPUT

# If your configuration has multiple regions, we set that information here.
# OS_REGION_NAME is optional and only valid in certain environments.
export OS_REGION_NAME="fr"
# Don't leave a blank variable, unset it if it was empty
if [ -z "$OS_REGION_NAME" ]; then unset OS_REGION_NAME; fi

我們得到 OS_AUTH_URL,OS_TENANT_NAME,OS_USERNAME。

身份驗證 API 版本:OS_AUTH_URL

注意身份驗證 API 版本。預設情況下,v3 已啟用,但 ansible 需要 v2.0。我們得到 url 並設定 V2.0 而不是 V3: https//openstack-identity.mycompany.com/v2.0

VM 資訊

使用 OpenStack Web 介面建立例項,並獲取影象,flavor,金鑰,網路,安全組的名稱。

使用所有必需的資訊建立 ./group_vars/all 檔案。

$vi ./group_vars/all
# Authentication
AuthUserName: UserTrainingIC
AuthPassword: PasswordTrainingIC
TenantName: TrainingIC

# VM infos
ImageName: CentOS-7-x86_64-GenericCloud-1607
FlavorName: m1.1cpu.1gb
InfraKey: KeyTrainingIC
NetworkName: NetPrivateTrainingIC
SecurityGroup: default