Kolla-Ansible OpenStack
Install OpenStack Multinode Cluster
Intro
OpenStack has matured into one of the de facto standards for open source cloud infrastructure. In its evolution, the project has shifted toward containerized deployments to improve maintainability, upgradeability, and operational efficiency. Kolla-Ansible is one of the flagship tools in this modernization effort: it enables deployment of OpenStack services in Docker containers, using Ansible playbooks for orchestration.
In this tutorial, we walk through step by step how to install OpenStack using Kolla-Ansible, covering the Flamingo, Epoxy, and Dalmatian release series. Starting from host preparation and configuration, through dependency installation, inventory and configuration setup, all the way to deploying and verifying your cloud — this guide aims to be practical and hands-on. Whether you’re building a test lab or planning a production rollout, you’ll gain the context and commands needed to make your OpenStack deployment reliable.
We assume you have basic familiarity with Linux server administration, Ansible, and container concepts (e.g. Docker). We’ll highlight version-specific caveats, networking setup, and service dependencies. By the end, your environment should host a working OpenStack control plane and at least basic compute and networking services.
Screenshots
Reference Documents
https://docs.openstack.org/install-guide/openstack-services.html
https://docs.openstack.org/kolla-ansible/latest/user/quickstart.html
Installation Environments
VMware Workstation (17.6.4)
7 VMs: 2 CPUs / 8GB RAM / 50GB Disk / 2 NICs / Ubuntu-22.04
NIC#1: ens33 / Brdige Type / 192.168.35.0/24 / Floating+Public Network
NIC#2: ens37 / Host-Only Type / 10.10.10.0/24 / MGMT+API Network
Release: 2024.2(Dalmatian) with Ubuntu-22.04 (This Tutorial)
Release: 2025.1(Epoxy) with Ubuntu-24.04
“For convenience, we proceed as the root user.”
“If needed, you can also add a dedicated VM for Neutron.”
Hostname/IP
$ cat /etc/hosts
10.10.10.201 Controller01
10.10.10.202 Controller02
10.10.10.203 Controller03
10.10.10.204 Compute01
10.10.10.205 Compute02
10.10.10.206 Compute03
10.10.10.207 Strorage01
Network Configuration
$ cat /etc/netplan/50-cloud-init.yaml
network:
ethernets:
ens33: {}
ens37:
addresses:
- 10.10.10.201/24
nameservers:
addresses:
- 8.8.8.8
- 1.1.1.1
search: []
routes:
- to: default
via: 10.10.10.2
version: 2
Prepare OS
<On All Hosts>
$ apt update
$ apt upgrade -y
$ reboot
$ apt update
$ apt install -y nfs-common rsyslog iputils-ping chrony
$ systemctl enable --now rsyslog chrony
Setup Kolla-Ansible
<On Controller01>
$ apt update
$ apt install -y git python3-dev libffi-dev gcc libssl-dev python3-venv python3-dbus libdbus-1-dev libdbus-glib-1-dev
$ cd ~
$ python3 -m venv venv
$ echo 'source ~/venv/bin/activate' >> ~/.bashrc
$ source ~/venv/bin/activate
$ pip install -U pip
$ pip install -U 'ansible-core>=2.16'
$ vi ~/ansible.cfg
[defaults]
host_key_checking=False
pipelining=True
forks=100
$ ssh-keygen
$ for i in 10.10.10.201 10.10.10.202 10.10.10.203 10.10.10.204 10.10.10.205 10.10.10.206 10.10.10.207; do ssh-copy-id root@$i; done
$ for i in 10.10.10.201 10.10.10.202 10.10.10.203 10.10.10.204 10.10.10.205 10.10.10.206 10.10.10.207; do ssh root@$i hostname; done
$ pip install docker dbus-python
# Dalmatian=2024.2, Epoxy=2025.1
$ pip install git+https://opendev.org/openstack/kolla-ansible@stable/2024.2
$ mkdir /etc/kolla
$ cp -a ~/venv/share/kolla-ansible/etc_examples/kolla/* /etc/kolla/
$ chmod 600 /etc/kolla/passwords.yml
$ cp ~/venv/share/kolla-ansible/ansible/inventory/multinode /etc/kolla/
$ ls -al /etc/kolla/
total 60
drwxr-xr-x 2 root root 4096 Oct 6 16:57 .
drwxr-xr-x 82 root root 4096 Oct 6 16:56 ..
-rw-r--r-- 1 root root 33532 Oct 6 16:56 globals.yml
-rw-r--r-- 1 root root 7902 Oct 6 16:57 multinode
-rw------- 1 root root 4931 Oct 6 16:56 passwords.yml
$ kolla-ansible install-deps
$ kolla-genpwd
$ vi /etc/kolla/passwords.yml
$ cp -a /etc/kolla/globals.yml /etc/kolla/globals.yml.default
$ vi /etc/kolla/globals.yml
---
workaround_ansible_issue_8743: yes
kolla_base_distro: "ubuntu"
# Dalmatian=2024.2, Epoxy=2025.1
openstack_release: "2024.2"
# kolla_internal_vip_address : api_interface 에 지정된 대역에 포함된 IP이어야 함.
kolla_internal_vip_address: "10.10.10.100"
network_interface: "ens37"
network_address_family: "ipv4"
neutron_external_interface: "ens33"
enable_aodh: "yes"
enable_ceilometer: "yes"
enable_cinder: "yes"
enable_cinder_backup: "yes"
enable_cinder_backend_nfs: "yes"
enable_gnocchi: "yes"
enable_gnocchi_statsd: "yes"
enable_grafana: "yes"
enable_prometheus: "yes"
cinder_backup_driver: "nfs"
cinder_backup_share: "10.10.10.207:/kolla_nfs"
nova_compute_virt_type: "qemu"
$ mkdir /etc/kolla/config
$ vi /etc/kolla/config/nfs_shares
10.10.10.207:/kolla_nfs
$ vi /etc/kolla/multinode
[control]
Controller01 ansible_host=10.10.10.201
Controller02 ansible_host=10.10.10.202
Controller03 ansible_host=10.10.10.203
[network]
Controller01 ansible_host=10.10.10.201
Controller02 ansible_host=10.10.10.202
Controller03 ansible_host=10.10.10.203
[compute]
Compute01 ansible_host=10.10.10.204
Compute02 ansible_host=10.10.10.205
Compute03 ansible_host=10.10.10.206
[monitoring]
Controller03 ansible_host=10.10.10.203
[storage]
Strorage01 ansible_host=10.10.10.207
Run Kolla-Ansible
<On Controller01>
$ kolla-ansible bootstrap-servers -i /etc/kolla/multinode
$ kolla-ansible prechecks -i /etc/kolla/multinode
# (Optional) "To work around the 'password cannot be longer than 72 bytes' error (which occurs in bcrypt version 5.0.0), we pin the bcrypt package to an earlier stable version."
$ pip install bcrypt==4.3.0
$ kolla-ansible deploy -i /etc/kolla/multinode
$ kolla-ansible post-deploy -i /etc/kolla/multinode
Post-Setup
<On Controller01>
$ pip install python-openstackclient -c https://releases.openstack.org/constraints/upper/2024.2
# (Optional) if using the admin project as the default project
$ vi ~/.bashrc
export OS_CLIENT_CONFIG_FILE=/etc/kolla/clouds.yaml
export OS_CLOUD=kolla-admin
$ source ~/.bashrc
$ ./venv/share/kolla-ansible/init-runonce
Customize Router/Subnet/Network
<On Controller01>
(NOTE) First, log in to the OpenStack Dashboard Web UI, and delete all routers, subnets, and networks that were automatically created by the init-runonce script.
Create Networks
$ openstack network create \
--share \
--external \
--provider-network-type flat \
--provider-physical-network physnet1 \
public-external-net
$ openstack network create private-net
Create Subnets
$ openstack subnet create public-external-subnet \
--network public-external-net \
--gateway 192.168.35.1 \
--allocation-pool start=192.168.35.151,end=192.168.35.200 \
--dns-nameserver 8.8.8.8 \
--dns-nameserver 1.1.1.1 \
--no-dhcp \
--subnet-range 192.168.35.0/24
$ openstack subnet create private-subnet \
--network private-net \
--subnet-range 10.40.40.0/24 \
--gateway 10.40.40.1 \
--dns-nameserver 8.8.8.8 \
--dns-nameserver 1.1.1.1 \
--allocation-pool start=10.40.40.100,end=10.40.40.200
Create Router
$ openstack router create router-public
$ openstack router set router-public --external-gateway public-external-net
$ openstack router add subnet router-public private-subnet
Customize Glance Images (Optional)
<On Controller01>
First, delete the cirros image that was created by the init-runonce script.
$ wget https://download.cirros-cloud.net/0.6.2/cirros-0.6.2-x86_64-disk.img -O /root/cirros-0.6.2-x86_64-disk.img
openstack image create cirros-0.6.2-x86_64 --file /root/cirros-0.6.2-x86_64-disk.img --disk-format qcow2 --container-format bare --public
$ wget https://cloud-images.ubuntu.com/releases/24.04/release/ubuntu-24.04-server-cloudimg-amd64.img -O /root/ubuntu-24.04-cloudimg-amd64.img
openstack image create ubuntu-24-04 --file /root/ubuntu-24.04-cloudimg-amd64.img --disk-format qcow2 --container-format bare --public
$ wget https://dl.rockylinux.org/pub/rocky/9/images/x86_64/Rocky-9-GenericCloud-Base.latest.x86_64.qcow2 -O /root/Rocky-9-GenericCloud-Base.latest.x86_64.qcow2
openstack image create rockylinux-9 --file /root/Rocky-9-GenericCloud-Base.latest.x86_64.qcow2 --disk-format qcow2 --container-format bare --public
Appendix
Commands of skolla-ansible
$ kolla-ansible --help
usage: kolla-ansible [--version] [-v | -q] [--log-file LOG_FILE] [-h] [--debug]
Kolla Ansible Command Line Interface (CLI)
options:
--version show program's version number and exit
-v, --verbose Increase verbosity of output. Can be repeated.
-q, --quiet Suppress output except warnings and errors.
--log-file LOG_FILE
Specify a file to log output. Disabled by default.
-h, --help Show help message and exit.
--debug Show tracebacks on errors.
Commands:
bootstrap-servers Bootstrap servers with Kolla Ansible deploy dependencies
certificates Generate self-signed certificate for TLS *For Development Only*
complete print bash completion command (cliff)
deploy Generate config, bootstrap and start all Kolla Ansible containers
deploy-bifrost Deploy and start bifrost container
deploy-containers Only deploy and start containers (no config updates or bootstrapping)
deploy-servers Enroll and deploy servers with bifrost
destroy Destroy Kolla Ansible containers, volumes and host configuration!
gather-facts Gather Ansible facts on hosts
genconfig Generate configuration files for services. No container changes!
help print detailed help for another command (cliff)
install-deps Install Ansible Galaxy dependencies
mariadb-backup Take a backup of MariaDB databases. See help for options
mariadb-recovery Recover a completely stopped MariaDB cluster
nova-libvirt-cleanup Clean up disabled nova_libvirt containers
octavia-certificates Generate certificates for octavia deployment
post-deploy Do post deploy on deploy node
prechecks Do pre-deployment checks for hosts
prune-images Prune orphaned Kolla Ansible docker images
pull Pull all images for containers. Only pulls, no container changes
rabbitmq-reset-state Force reset the state of RabbitMQ
reconfigure Reconfigure enabled OpenStack service
stop Stop Kolla Ansible containers
upgrade Upgrades existing OpenStack Environment
upgrade-bifrost Upgrades an existing bifrost container
validate-config Validate configuration files for enabled OpenStack services
Restart(Stop/Start) OpenStack Cluster
<Stop>
$ kolla-ansible stop -i /etc/kolla/multinode --yes-i-really-really-mean-it
<Start>
$ kolla-ansible mariadb-recovery -i /etc/kolla/multinode
$ kolla-ansible deploy-containers -i /etc/kolla/multinode
Gnocchi Client Install & Usage
$ pip install gnocchiclient -c https://releases.openstack.org/constraints/upper/2024.2
$ openstack metric list
+--------------------------------------+---------------------+-------------------------------+---------+--------------------------------------+
| id | archive_policy/name | name | unit | resource_id |
+--------------------------------------+---------------------+-------------------------------+---------+--------------------------------------+
| 0236fb46-ac56-4611-abe3-033d67356696 | ceilometer-low | image.download | B | 1243c275-d2f3-4d64-b040-da319ee4120f |
| 062ddac1-71b0-4842-a400-220435b237e6 | ceilometer-low-rate | network.outgoing.packets | packet | dfd50ada-bd30-51b6-821f-42f0fa60bb9a |
| 0bda4864-f287-429e-9376-853d24ca679b | ceilometer-low | identity.authenticate.failure | user | ffda4b88-965e-4715-8fc7-46dca1a67123 |
| 0cf953e6-1ee2-489c-95e3-74d66eeabb1f | ceilometer-low | vcpus | vcpu | 948d27ce-63bf-43b7-911b-933010b1c346 |
| 180c213c-02e7-43d9-8f5a-70556c014257 | ceilometer-low-rate | disk.device.read.requests | request | 2540214d-7fa2-555a-b50a-65be3161d3f4 |
| 1f809578-c569-49a7-92f6-f9027c77d4cc | ceilometer-low | memory | MB | 217fab8e-581b-41f5-8f7c-492fa2c57200 |
(omitted…)
$ openstack metric list
+--------------------------------------+---------------------+-------------------------------+---------+--------------------------------------+
| id | archive_policy/name | name | unit | resource_id |
+--------------------------------------+---------------------+-------------------------------+---------+--------------------------------------+
| 0236fb46-ac56-4611-abe3-033d67356696 | ceilometer-low | image.download | B | 1243c275-d2f3-4d64-b040-da319ee4120f |
| 062ddac1-71b0-4842-a400-220435b237e6 | ceilometer-low-rate | network.outgoing.packets | packet | dfd50ada-bd30-51b6-821f-42f0fa60bb9a |
| 0bda4864-f287-429e-9376-853d24ca679b | ceilometer-low | identity.authenticate.failure | user | ffda4b88-965e-4715-8fc7-46dca1a67123 |
| 0cf953e6-1ee2-489c-95e3-74d66eeabb1f | ceilometer-low | vcpus | vcpu | 948d27ce-63bf-43b7-911b-933010b1c346 |
| 180c213c-02e7-43d9-8f5a-70556c014257 | ceilometer-low-rate | disk.device.read.requests | request | 2540214d-7fa2-555a-b50a-65be3161d3f4 |
| 1f809578-c569-49a7-92f6-f9027c77d4cc | ceilometer-low | memory | MB | 217fab8e-581b-41f5-8f7c-492fa2c57200 |
(생략...)
$(venv) openstack metric show 062ddac1-71b0-4842-a400-220435b237e6
+--------------------------------+-----------------------------------------------------------------------+
| Field | Value |
+--------------------------------+-----------------------------------------------------------------------+
| archive_policy/name | ceilometer-low-rate |
| creator | ddcf90d519fe4253975abef4d36ee131:9c42eccaea6e43e889d6f3ed2965e76e |
| id | 062ddac1-71b0-4842-a400-220435b237e6 |
| name | network.outgoing.packets |
| resource/created_by_project_id | 9c42eccaea6e43e889d6f3ed2965e76e |
| resource/created_by_user_id | ddcf90d519fe4253975abef4d36ee131 |
| resource/creator | ddcf90d519fe4253975abef4d36ee131:9c42eccaea6e43e889d6f3ed2965e76e |
| resource/ended_at | None |
| resource/id | dfd50ada-bd30-51b6-821f-42f0fa60bb9a |
| resource/original_resource_id | instance-0000000d-948d27ce-63bf-43b7-911b-933010b1c346-tap25493c5e-7a |
| resource/project_id | e2643c6f29104f0c9911d0ec181515dc |
| resource/revision_end | None |
| resource/revision_start | 2025-10-07T16:57:53.258060+00:00 |
| resource/started_at | 2025-10-07T16:57:53.258054+00:00 |
| resource/type | instance_network_interface |
| resource/user_id | ffda4b88965e47158fc746dca1a67123 |
| unit | packet |
+--------------------------------+-----------------------------------------------------------------------+
$ openstack metric resource list -c id,type
+--------------------------------------+-------------------------------+
| id | type |
+--------------------------------------+-------------------------------+
| a5e1ce7b-a26d-47ce-a1c5-975a02c12945 | generic |
| 0ae45984-8dca-59bb-965a-c516436c73b8 | instance_network_interface |
| a19f2ec6-de3e-5dc1-8a45-0a1f8a8ede42 | instance_disk |
| cfc6d7f7-bb49-4aa9-a6e4-f7a88f82ec28 | instance |
(omitted…)
$ openstack metric resource show cfc6d7f7-bb49-4aa9-a6e4-f7a88f82ec28
+-----------------------+---------------------------------------------------------------------+
| Field | Value |
+-----------------------+---------------------------------------------------------------------+
| created_by_project_id | 9c42eccaea6e43e889d6f3ed2965e76e |
| created_by_user_id | ddcf90d519fe4253975abef4d36ee131 |
| creator | ddcf90d519fe4253975abef4d36ee131:9c42eccaea6e43e889d6f3ed2965e76e |
| ended_at | 2025-10-07T16:15:15.595839+00:00 |
| id | cfc6d7f7-bb49-4aa9-a6e4-f7a88f82ec28 |
| metrics | compute.instance.booting.time: 5044347a-392e-4920-a07f-d664510696df |
| | cpu: cfc189f7-467e-4027-8a28-9446adbc5c0c |
| | disk.ephemeral.size: 7b2c7e36-4944-4f55-9ce4-b56426125246 |
| | disk.root.size: e60c1462-6de4-4fbf-9c20-48ea71bb49b3 |
| | memory.usage: 30050567-138d-424d-a06d-5842cdb7eaf6 |
| | memory: 39a20f75-8e4d-47aa-84c9-8bf4ec1ce324 |
| | vcpus: be6987ac-7bca-42bd-a631-38718826b4a6 |
| original_resource_id | cfc6d7f7-bb49-4aa9-a6e4-f7a88f82ec28 |
| project_id | e2643c6f29104f0c9911d0ec181515dc |
| revision_end | None |
| revision_start | 2025-10-07T16:15:22.837965+00:00 |
| started_at | 2025-10-07T15:44:28.458304+00:00 |
| type | instance |
| user_id | ffda4b88965e47158fc746dca1a67123 |
+-----------------------+---------------------------------------------------------------------+
$ openstack metric measures show --resource-id cfc6d7f7-bb49-4aa9-a6e4-f7a88f82ec28 cpu
+---------------------------+-------------+---------------+
| timestamp | granularity | value |
+---------------------------+-------------+---------------+
| 2025-10-07T15:50:00+00:00 | 300.0 | 38840000000.0 |
| 2025-10-07T16:10:00+00:00 | 300.0 | 46700000000.0 |
+---------------------------+-------------+---------------+
$ openstack metric measures show --resource-id cfc6d7f7-bb49-4aa9-a6e4-f7a88f82ec28 memory.usage
+---------------------------+-------------+------------+
| timestamp | granularity | value |
+---------------------------+-------------+------------+
| 2025-10-07T15:50:00+00:00 | 300.0 | 47.6953125 |
+---------------------------+-------------+------------+
