word手册下载地址:https://download.zhoufengjie.cn/document/software/cloud/PUB-Opentstack-CentOS7.4-Queen-INSTALL-v1.0-20180327.docx
设备ip:10.1.0.6,主机名:openstack,controller
密码:¶
| Password name | Description |
|---|---|
| Database password (no variable used) | Root password for the database |
ADMIN_PASS |
Password of user admin |
CINDER_DBPASS |
Database password for the Block Storage service |
CINDER_PASS |
Password of Block Storage service user cinder |
DASH_DBPASS |
Database password for the Dashboard |
DEMO_PASS |
Password of user demo |
GLANCE_DBPASS |
Database password for Image service |
GLANCE_PASS |
Password of Image service user glance |
KEYSTONE_DBPASS |
Database password of Identity service |
METADATA_SECRET |
Secret for the metadata proxy |
NEUTRON_DBPASS |
Database password for the Networking service |
NEUTRON_PASS |
Password of Networking service user neutron |
NOVA_DBPASS |
Database password for Compute service |
NOVA_PASS |
Password of Compute service user nova |
PLACEMENT_PASS |
Password of the Placement service user placement |
RABBIT_PASS |
Password of RabbitMQ user openstack |
openstack服务器:
| Service | Project name | Description |
|---|---|---|
| Dashboard | Horizon | Provides a web-based self-service portal to interact with underlying OpenStack services, such as launching an instance, assigning IP addresses and configuring access controls. |
| Compute service | Nova | Manages the lifecycle of compute instances in an OpenStack environment. Responsibilities include spawning, scheduling and decommissioning of virtual machines on demand. |
| Networking service | Neutron | Enables Network-Connectivity-as-a-Service for other OpenStack services, such as OpenStack Compute. Provides an API for users to define networks and the attachments into them. Has a pluggable architecture that supports many popular networking vendors and technologies. |
| Object Storage service | Swift | Stores and retrieves arbitrary unstructured data objects via a RESTful, HTTP based API. It is highly fault tolerant with its data replication and scale-out architecture. Its implementation is not like a file server with mountable directories. In this case, it writes objects and files to multiple drives, ensuring the data is replicated across a server cluster. |
| Block Storage service | Cinder | Provides persistent block storage to running instances. Its pluggable driver architecture facilitates the creation and management of block storage devices. |
| Identity service | Keystone | Provides an authentication and authorization service for other OpenStack services. Provides a catalog of endpoints for all OpenStack services. |
| Image service | Glance | Stores and retrieves virtual machine disk images. OpenStack Compute makes use of this during instance provisioning. |
| Telemetry service | Ceilometer | Monitors and meters the OpenStack cloud for billing, benchmarking, scalability, and statistical purposes. |
| Orchestration service | Heat | Orchestrates multiple composite cloud applications by using either the native HOT template format or the AWS CloudFormation template format, through both an OpenStack-native REST API and a CloudFormation-compatible Query API. |
| Database service | Trove | Provides scalable and reliable Cloud Database-as-a-Service functionality for both relational and non-relational database engines. |
| Data Processing service | Sahara | Provides capabilities to provision and scale Hadoop clusters in OpenStack by specifying parameters like Hadoop version, cluster topology and nodes hardware details. |
0、安装yum源【在所有设备执行,这里我们使用queen源安装】
yum install -y yum-plugin-priorities #yum优先级选择插件,可以不装
安装时钟同步:
yum install chrony -y
vim /etc/chrony.conf
##as control ,config allow ip
#allow 10.0.0.0/8
##as other ,config
#server controller iburst
systemctl enable chronyd.service
systemctl start chronyd.service
yum install centos-release-openstack-queens -y
yum upgrade -y #如果有内核的更新,则需要reboot重启一下系统
yum install python-openstackclient openstack-selinux -y
yum install mariadb mariadb-server python2-PyMySQL -y
cat > /etc/my.cnf.d/openstack.cnf << EOF
[mysqld]
bind-address = 10.1.0.6
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
EOF
systemctl enable mariadb
systemctl start mariadb
mysql_secure_installation #这步不执行也可以:
yum install rabbitmq-server -y
systemctl enable rabbitmq-server.service
systemctl start rabbitmq-server.service
rabbitmqctl add_user openstack RABBIT_PASS #创建rabbit用户名openstack,密码为:RABBIT_PASS
rabbitmqctl set_permissions openstack “.*” “.*” “.*” #配置rabbit用户openstack的配置、读、写权限
yum install memcached python-memcached -y
编辑:/etc/sysconfig/memcached配置
#OPTIONS=”-l 127.0.0.1,::1,controller” #增加controller的主机名
systemctl enable memcached.service
systemctl start memcached.service
yum install etcd -y
编辑:/etc/etcd/etcd.conf file 并设置 ETCD_INITIAL_CLUSTER, ETCD_INITIAL_ADVERTISE_PEER_URLS, ETCD_ADVERTISE_CLIENT_URLS, ETCD_LISTEN_CLIENT_URLS的参数
#############配置开始#############
#[Member]
ETCD_DATA_DIR=”/var/lib/etcd/default.etcd”
ETCD_LISTEN_PEER_URLS=”http://10.1.0.6:2380″
ETCD_LISTEN_CLIENT_URLS=”http://10.1.0.6:2379″
ETCD_NAME=”controller”
#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS=”http://10.1.0.6:2380″
ETCD_ADVERTISE_CLIENT_URLS=”http://10.1.0.6:2379″
ETCD_INITIAL_CLUSTER=”controller=http://10.1.0.6:2380″
ETCD_INITIAL_CLUSTER_TOKEN=”etcd-cluster-01″
ETCD_INITIAL_CLUSTER_STATE=”new”
#############配置结束#############
systemctl enable etcd
systemctl start etcd
1、安装keystone【基础认证服务】:
1.1、mariadb配置:
mysql -u root -p
MariaDB [(none)]> CREATE DATABASE keystone;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@’localhost’ IDENTIFIED BY ‘KEYSTONE_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@’%’ IDENTIFIED BY ‘KEYSTONE_DBPASS';
MariaDB [(none)]> flush privileges;
1.2、安装keystone:
yum install openstack-keystone httpd mod_wsgi -y
yum install openstack-utils -y #包含配置openstack-config命令,如果按照官方教程通过该文件方式做配置的话可以不装此组件
编辑/etc/keystone/keystone.conf写入配置,这里使用命令做配置:
openstack-config –set /etc/keystone/keystone.conf database connection mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone
openstack-config –set /etc/keystone/keystone.conf token provider fernet
创建初始化keystone数据库:
su -s /bin/sh -c “keystone-manage db_sync” keystone
初始化key:
keystone-manage fernet_setup –keystone-user keystone –keystone-group keystone
keystone-manage credential_setup –keystone-user keystone –keystone-group keystone
bootstrap服务,用于api访问等:
keystone-manage bootstrap –bootstrap-password ADMIN_PASS –bootstrap-admin-url http://controller:35357/v3/ –bootstrap-internal-url http://controller:5000/v3/ –bootstrap-public-url http://controller:5000/v3/ –bootstrap-region-id RegionOne
1.3、配置apache的httpd服务
vim /etc/httpd/conf/httpd.conf
修改ServerName controller
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
systemctl enable httpd.service
systemctl start httpd.service
1.4、声明变量:用于管理,管理前执行source admin-openrc
cat > admin-openrc << EOF
export OS_USERNAME=admin
export OS_PASSWORD=ADMIN_PASS
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3
export PS1=”[\u@\h OpenStack-Admin \W] #>”
EOF
source admin-openrc
1.5、创建一个域,项目,用户和角色
创建域:
[root@controller OpenStack-Admin ~] #>openstack domain create –description “An Example Domain” example
+————-+———————————-+
| Field | Value |
+————-+———————————-+
| description | An Example Domain |
| enabled | True |
| id | 207367c12f634a6c9a620c520b6a0fd9 |
| name | example |
| tags | [] |
+————-+———————————-+
创建服务:
[root@controller OpenStack-Admin ~] #>openstack project create –domain default –description “Service Project” service
+————-+———————————-+
| Field | Value |
+————-+———————————-+
| description | Service Project |
| domain_id | default |
| enabled | True |
| id | 8732a8d33ab346379f9910f87b5c62ed |
| is_domain | False |
| name | service |
| parent_id | default |
| tags | [] |
+————-+———————————-+
创建demo项目:
[root@controller OpenStack-Admin ~] #>openstack project create –domain default –description “Demo Project” demo
+————-+———————————-+
| Field | Value |
+————-+———————————-+
| description | Demo Project |
| domain_id | default |
| enabled | True |
| id | ae33e47f0b67488cbf7351be848586a8 |
| is_domain | False |
| name | demo |
| parent_id | default |
| tags | [] |
+————-+———————————-+
创建demo用户:【密码配置输入为:DEMO_PASS】
[root@controller OpenStack-Admin ~] #>openstack user create –domain default –password-prompt demo
User Password:
Repeat User Password:
+———————+———————————-+
| Field | Value |
+———————+———————————-+
| domain_id | default |
| enabled | True |
| id | 5c78c043e6164147addc5379c7f9a9d9 |
| name | demo |
| options | {} |
| password_expires_at | None |
+———————+———————————-+
创建用户规则【角色】:
[root@controller OpenStack-Admin ~] #>openstack role create user
+———–+———————————-+
| Field | Value |
+———–+———————————-+
| domain_id | None |
| id | 187d89c1abf74f9db503ac402ce93325 |
| name | user |
+———–+———————————-+
将用户规则user附加给用户demo:
openstack role add –project demo –user demo user
1.6、验证操作:
此操作为了验证确保其它组件安装正常,确定的话可以不做
unset OS_AUTH_URL OS_PASSWORD
获取admin用户的令牌:【密码为上面配置的:ADMIN_PASS】
[root@controller OpenStack-Admin ~] #>openstack –os-auth-url http://controller:35357/v3 \
> –os-project-domain-name Default –os-user-domain-name Default \
> –os-project-name admin –os-username admin token issue
Password:
+————+—————————————————————————————————————————————————————————————–+
| Field | Value |
+————+—————————————————————————————————————————————————————————————–+
| expires | 2018-03-20T03:58:31+0000 |
| id | gAAAAABasHjXwa-WmLJAp1pz4UAB6CtZKzR2a4UpyzuFPzQBnvI6RR-CQ50XTVy_YHBy3tfXh33C02zQMJEcrjlrQ0QeyScRNk9NcZL9s3nQnETTgD1GVvnd5RpnjSPw2LPVKaEzVPwizIqlnBMIJdcM6e9QVKBl8pg2v7GH-CvUImzXon-j6us |
| project_id | 82e2298abccc4f5bb2dccb6154cc9e02 |
| user_id | 924330bde0294cd6acc7c01136daad65 |
+————+—————————————————————————————————————————————————————————————–+
获取demo用户的令牌:【密码为上面配置的:DEMO_PASS】
[root@controller OpenStack-Admin ~] #>openstack –os-auth-url http://controller:5000/v3 \
> –os-project-domain-name Default –os-user-domain-name Default \
> –os-project-name demo –os-username demo token issue
Password:
+————+—————————————————————————————————————————————————————————————–+
| Field | Value |
+————+—————————————————————————————————————————————————————————————–+
| expires | 2018-03-20T03:59:25+0000 |
| id | gAAAAABasHkNAjBzfNEVgi8YhaoaRF4y7d2tD6toAKM-HS7p0ss2JUVvim62qQSFCosAT0qqqiZyHD4pC2W2c-QVa41OHpRYin9GsDqv7Vsw_xBX_jId283MM7ahhZLK2RH_w8VIQoBVYElOysHPRMZ9_seoYT-gPzLZlbJjhkZ2gzcBWhp3eYw |
| project_id | ae33e47f0b67488cbf7351be848586a8 |
| user_id | 5c78c043e6164147addc5379c7f9a9d9 |
+————+—————————————————————————————————————————————————————————————–+
2、安装glance【Image镜像服务】
2.1、配置数据库:
mysql -u root -p
MariaDB [(none)]> CREATE DATABASE glance;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO ‘glance’@’localhost’ IDENTIFIED BY ‘GLANCE_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO ‘glance’@’%’ IDENTIFIED BY ‘GLANCE_DBPASS';
MariaDB [(none)]> flush privileges;
2.2、创建服务凭证
. admin-openrc
在keystone的数据库上(这里是装在controller上)创建默认域default的用户glance以及密码【设置为:GLANCE_PASS】
[root@glance OpenStack-Admin ~] #>openstack user create –domain default –password-prompt glance
User Password:
Repeat User Password:
+———————+———————————-+
| Field | Value |
+———————+———————————-+
| domain_id | default |
| enabled | True |
| id | 6fded0b678244ff7a928ccba073c3c28 |
| name | glance |
| options | {} |
| password_expires_at | None |
+———————+———————————-+
配置glance是service的admin用户
openstack role add –project service –user glance admin
创建glance服务:
[root@glance OpenStack-Admin ~] #>openstack service create –name glance –description “OpenStack Image” image
+————-+———————————-+
| Field | Value |
+————-+———————————-+
| description | OpenStack Image |
| enabled | True |
| id | cb4ecbd31ed843eab227413f85a462f5 |
| name | glance |
| type | image |
+————-+———————————-+
创建api的endpoint
[root@glance OpenStack-Admin ~] #>openstack endpoint create –region RegionOne image public http://controller:9292
+————–+———————————-+
| Field | Value |
+————–+———————————-+
| enabled | True |
| id | b636c92c0fa2407f93b015a0b93910c8 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | cb4ecbd31ed843eab227413f85a462f5 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+————–+———————————-+
[root@glance OpenStack-Admin ~] #>openstack endpoint create –region RegionOne image internal http://controller:9292
+————–+———————————-+
| Field | Value |
+————–+———————————-+
| enabled | True |
| id | d91c2031d93b4e5f998278dfcec8f330 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | cb4ecbd31ed843eab227413f85a462f5 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+————–+———————————-+
[root@glance OpenStack-Admin ~] #>openstack endpoint create –region RegionOne image admin http://controller:9292
+————–+———————————-+
| Field | Value |
+————–+———————————-+
| enabled | True |
| id | 5f8538ecc32848c98921cf1d7fc542d3 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | cb4ecbd31ed843eab227413f85a462f5 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+————–+———————————-+
2.3、安装配置glance
yum install openstack-glance -y
yum install openstack-utils -y #如果用命令修改配置的话,安装此包,按照官方教程改配置文件则不用
配置glance的api文件:
openstack-config –set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:GLANCE_DBPASS@controller/glance
openstack-config –set /etc/glance/glance-api.conf keystone_authtoken auth_uri http://controller:5000
openstack-config –set /etc/glance/glance-api.conf keystone_authtoken auth_url http://controller:35357
openstack-config –set /etc/glance/glance-api.conf keystone_authtoken memcached_servers controller:11211
openstack-config –set /etc/glance/glance-api.conf keystone_authtoken auth_type password
openstack-config –set /etc/glance/glance-api.conf keystone_authtoken project_domain_name default
openstack-config –set /etc/glance/glance-api.conf keystone_authtoken user_domain_name default
openstack-config –set /etc/glance/glance-api.conf keystone_authtoken project_name service
openstack-config –set /etc/glance/glance-api.conf keystone_authtoken username glance
openstack-config –set /etc/glance/glance-api.conf keystone_authtoken password GLANCE_PASS
openstack-config –set /etc/glance/glance-api.conf paste_deploy flavor keystone
openstack-config –set /etc/glance/glance-api.conf glance_store stores file,http
openstack-config –set /etc/glance/glance-api.conf glance_store default_store file
openstack-config –set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /var/lib/glance/images/
配置glance的registry文件
openstack-config –set /etc/glance/glance-registry.conf database connection mysql+pymysql://glance:GLANCE_DBPASS@controller/glance
openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken auth_uri http://controller:5000
openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken auth_url http://controller:35357
openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken memcached_servers controller:11211
openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken auth_type password
openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken project_domain_name default
openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken user_domain_name default
openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken project_name service
openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken username glance
openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken password GLANCE_PASS
openstack-config –set /etc/glance/glance-registry.conf paste_deploy flavor keystone
2.4、初始化数据库并启动服务:
su -s /bin/sh -c “glance-manage db_sync” glance
启动服务:
systemctl enable openstack-glance-api.service openstack-glance-registry.service
systemctl start openstack-glance-api.service openstack-glance-registry.service
2.5、验证配置上传镜像:
. admin-openrc
wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img
[root@glance OpenStack-Admin ~] #>openstack image create “cirros” –file cirros-0.3.5-x86_64-disk.img –disk-format qcow2 –container-format bare –public
+——————+——————————————————+
| Field | Value |
+——————+——————————————————+
| checksum | f8ab98ff5e73ebab884d80c9dc9c7290 |
| container_format | bare |
| created_at | 2018-03-20T10:23:44Z |
| disk_format | qcow2 |
| file | /v2/images/a8f3ca72-8c5a-41ea-8d7b-d6f74a3f9040/file |
| id | a8f3ca72-8c5a-41ea-8d7b-d6f74a3f9040 |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros |
| owner | 82e2298abccc4f5bb2dccb6154cc9e02 |
| protected | False |
| schema | /v2/schemas/image |
| size | 13267968 |
| status | active |
| tags | |
| updated_at | 2018-03-20T10:23:45Z |
| virtual_size | None |
| visibility | public |
+——————+——————————————————+
查看image列表:
[root@glance OpenStack-Admin ~] #>openstack image list
+————————————–+——–+——–+
| ID | Name | Status |
+————————————–+——–+——–+
| a8f3ca72-8c5a-41ea-8d7b-d6f74a3f9040 | cirros | active |
+————————————–+——–+——–+
3、安装nova【计算节点】:
3.1、安装nova控制节点:
3.1.1、配置数据库:
mysql -u root -p
MariaDB [(none)]> CREATE DATABASE nova_api;
MariaDB [(none)]> CREATE DATABASE nova;
MariaDB [(none)]> CREATE DATABASE nova_cell0;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO ‘nova’@’localhost’ IDENTIFIED BY ‘NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO ‘nova’@’%’ IDENTIFIED BY ‘NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO ‘nova’@‘localhost’ IDENTIFIED BY ‘NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO ‘nova’@’%’ IDENTIFIED BY ‘NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO ‘nova’@’localhost’ IDENTIFIED BY ‘NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO ‘nova’@’%’ IDENTIFIED BY ‘NOVA_DBPASS';
MariaDB [(none)]> flush privileges;
3.1.2、修改配置:
. admin-openrc
创建nova用户,密码为:NOVA_PASS
[root@nova-controller OpenStack-Admin ~] #>openstack user create –domain default –password-prompt nova
User Password:
Repeat User Password:
+———————+———————————-+
| Field | Value |
+———————+———————————-+
| domain_id | default |
| enabled | True |
| id | 91c48ac109494919861c026931dda378 |
| name | nova |
| options | {} |
| password_expires_at | None |
+———————+———————————-+
添加nova为管理员权限:
openstack role add –project service –user nova admin
创建nova服务:
[root@nova-controller OpenStack-Admin ~] #>openstack service create –name nova –description “OpenStack Compute” compute
+————-+———————————-+
| Field | Value |
+————-+———————————-+
| description | OpenStack Compute |
| enabled | True |
| id | 71ed06f740214b978b51d816caf4a52d |
| name | nova |
| type | compute |
+————-+———————————-+
创建nova的api的endpoint:
[root@nova-controller OpenStack-Admin ~] #>openstack endpoint create –region RegionOne compute public http://controller:8774/v2.1
+————–+———————————-+
| Field | Value |
+————–+———————————-+
| enabled | True |
| id | 8244740c8c26488097e4d7f03b715747 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 71ed06f740214b978b51d816caf4a52d |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+————–+———————————-+
[root@nova-controller OpenStack-Admin ~] #>openstack endpoint create –region RegionOne compute internal http://controller:8774/v2.1
+————–+———————————-+
| Field | Value |
+————–+———————————-+
| enabled | True |
| id | 8be17a4dae76431d947cb8ab386d0b91 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 71ed06f740214b978b51d816caf4a52d |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+————–+———————————-+
[root@nova-controller OpenStack-Admin ~] #>openstack endpoint create –region RegionOne compute admin http://controller:8774/v2.1
+————–+———————————-+
| Field | Value |
+————–+———————————-+
| enabled | True |
| id | ea98a494618f43a080248cbc3826def1 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 71ed06f740214b978b51d816caf4a52d |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+————–+———————————-+
创建一个nova用户,密码为:PLACEMENT_PASS
[root@nova-controller OpenStack-Admin ~] #>openstack user create –domain default –password-prompt placement
User Password:
Repeat User Password:
+———————+———————————-+
| Field | Value |
+———————+———————————-+
| domain_id | default |
| enabled | True |
| id | 88fe13927c1d4058a90ec8370a180444 |
| name | placement |
| options | {} |
| password_expires_at | None |
+———————+———————————-+
设置nova用户placement为管理员:
openstack role add –project service –user placement admin
为用户placement绑定服务:
[root@nova-controller OpenStack-Admin ~] #>openstack service create –name placement –description “Placement API” placement
+————-+———————————-+
| Field | Value |
+————-+———————————-+
| description | Placement API |
| enabled | True |
| id | fc499e9420674e51a35f2876c16a593b |
| name | placement |
| type | placement |
+————-+———————————-+
注册到控制端端口:
[root@nova-controller OpenStack-Admin ~] #>openstack endpoint create –region RegionOne placement public http://controller:8778
+————–+———————————-+
| Field | Value |
+————–+———————————-+
| enabled | True |
| id | 9f4a2047a4e8407c8c0437e7f6e58f61 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | fc499e9420674e51a35f2876c16a593b |
| service_name | placement |
| service_type | placement |
| url | http://controller:8778 |
+————–+———————————-+
[root@nova-controller OpenStack-Admin ~] #>openstack endpoint create –region RegionOne placement internal http://controller:8778
+————–+———————————-+
| Field | Value |
+————–+———————————-+
| enabled | True |
| id | 0c4c8b21b3734fd495179a05fe4b26f3 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | fc499e9420674e51a35f2876c16a593b |
| service_name | placement |
| service_type | placement |
| url | http://controller:8778 |
+————–+———————————-+
[root@nova-controller OpenStack-Admin ~] #>openstack endpoint create –region RegionOne placement admin http://controller:8778
+————–+———————————-+
| Field | Value |
+————–+———————————-+
| enabled | True |
| id | 49d5bfd99a7648f5be540d1cbd102e3f |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | fc499e9420674e51a35f2876c16a593b |
| service_name | placement |
| service_type | placement |
| url | http://controller:8778 |
+————–+———————————-+
3.2、安装nova控制计算节点:
yum install openstack-nova-api openstack-nova-conductor openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler openstack-nova-placement-api -y
yum install openstack-utils -y #如果用命令修改配置的话,安装此包,按照官方教程改配置文件则不用
3.2.1、修改nova-controller的配置:
openstack-config –set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
openstack-config –set /etc/nova/nova.conf api_database connection mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api
openstack-config –set /etc/nova/nova.conf database connection mysql+pymysql://nova:NOVA_DBPASS@controller/nova
openstack-config –set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@controller
openstack-config –set /etc/nova/nova.conf api auth_strategy keystone
openstack-config –set /etc/nova/nova.conf keystone_authtoken auth_uri http://controller:5000
openstack-config –set /etc/nova/nova.conf keystone_authtoken auth_url http://controller:35357
openstack-config –set /etc/nova/nova.conf keystone_authtoken memcached_servers controller:11211
openstack-config –set /etc/nova/nova.conf keystone_authtoken auth_type password
openstack-config –set /etc/nova/nova.conf keystone_authtoken project_domain_name default
openstack-config –set /etc/nova/nova.conf keystone_authtoken user_domain_name default
openstack-config –set /etc/nova/nova.conf keystone_authtoken project_name service
openstack-config –set /etc/nova/nova.conf keystone_authtoken username nova
openstack-config –set /etc/nova/nova.conf keystone_authtoken password NOVA_PASS
openstack-config –set /etc/nova/nova.conf DEFAULT my_ip 10.1.0.6
openstack-config –set /etc/nova/nova.conf DEFAULT use_neutron True
openstack-config –set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
openstack-config –set /etc/nova/nova.conf vnc enabled true
openstack-config –set /etc/nova/nova.conf vnc vncserver_listen $my_ip
openstack-config –set /etc/nova/nova.conf vnc vncserver_proxyclient_address $my_ip
openstack-config –set /etc/nova/nova.conf glance api_servers http://controller:9292
openstack-config –set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
openstack-config –set /etc/nova/nova.conf placement os_region_name RegionOne
openstack-config –set /etc/nova/nova.conf placement project_domain_name Default
openstack-config –set /etc/nova/nova.conf placement project_name service
openstack-config –set /etc/nova/nova.conf placement auth_type password
openstack-config –set /etc/nova/nova.conf placement user_domain_name Default
openstack-config –set /etc/nova/nova.conf placement auth_url http://controller:35357/v3
openstack-config –set /etc/nova/nova.conf placement username placement
openstack-config –set /etc/nova/nova.conf placement password PLACEMENT_PASS
3.2.2、修改http的配置文件:【官方教程内容不够,见:https://ask.openstack.org/en/question/107864/nova-status-upgrade-check-fail/】
cat > /etc/httpd/conf.d/00-nova-placement-api.conf << EOF
Listen 8778
<VirtualHost *:8778>
WSGIProcessGroup nova-placement-api
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
WSGIDaemonProcess nova-placement-api processes=3 threads=1 user=nova group=nova
WSGIScriptAlias / /usr/bin/nova-placement-api
<IfVersion >= 2.4>
ErrorLogFormat “%M”
</IfVersion>
ErrorLog /var/log/nova/nova-placement-api.log
#SSLEngine On
#SSLCertificateFile …
#SSLCertificateKeyFile …
</VirtualHost>
Alias /nova-placement-api /usr/bin/nova-placement-api
<Location /nova-placement-api>
SetHandler wsgi-script
Options +ExecCGI
WSGIProcessGroup nova-placement-api
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
</Location>
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
EOF
systemctl restart httpd
3.2.3、初始化nova数据库:
su -s /bin/sh -c “nova-manage api_db sync” nova
su -s /bin/sh -c “nova-manage cell_v2 map_cell0″ nova
su -s /bin/sh -c “nova-manage cell_v2 create_cell –name=cell1 –verbose” nova
#5bb67644-d94b-40de-b880-6ef394ad8c3b
su -s /bin/sh -c “nova-manage db sync” nova
查看是否成功:
[root@nova-controller OpenStack-Admin ~] #>nova-manage cell_v2 list_cells
exception.NotSupportedWarning
+——-+————————————–+————————————+————————————————-+
| 名称 | UUID | Transport URL | 数据库连接 |
+——-+————————————–+————————————+————————————————-+
| cell0 | 00000000-0000-0000-0000-000000000000 | none:/ | mysql+pymysql://nova:****@controller/nova_cell0 |
| cell1 | 5bb67644-d94b-40de-b880-6ef394ad8c3b | rabbit://openstack:****@controller | mysql+pymysql://nova:****@controller/nova |
+——-+————————————–+————————————+————————————————-+
3.2.4、启动服务:
systemctl enable openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
systemctl start openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
3.3、安装nova普通节点:
3.3.1、安装软件包:
yum install openstack-nova-compute -y
yum install openstack-utils -y #如果用命令修改配置的话,安装此包,按照官方教程改配置文件则不用
3.3.2、配置nova-compute节点:
配置/etc/nova/nova.conf
#############配置开始#############
openstack-config –set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
openstack-config –set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@controller
openstack-config –set /etc/nova/nova.conf api auth_strategy keystone
openstack-config –set /etc/nova/nova.conf keystone_authtoken auth_uri http://controller:5000
openstack-config –set /etc/nova/nova.conf keystone_authtoken auth_url http://controller:35357
openstack-config –set /etc/nova/nova.conf keystone_authtoken memcached_servers controller:11211
openstack-config –set /etc/nova/nova.conf keystone_authtoken auth_type password
openstack-config –set /etc/nova/nova.conf keystone_authtoken project_domain_name default
openstack-config –set /etc/nova/nova.conf keystone_authtoken user_domain_name default
openstack-config –set /etc/nova/nova.conf keystone_authtoken project_name service
openstack-config –set /etc/nova/nova.conf keystone_authtoken username nova
openstack-config –set /etc/nova/nova.conf keystone_authtoken password NOVA_PASS
openstack-config –set /etc/nova/nova.conf DEFAULT my_ip 10.1.0.7
openstack-config –set /etc/nova/nova.conf DEFAULT use_neutron True
openstack-config –set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
openstack-config –set /etc/nova/nova.conf vnc enabled True
openstack-config –set /etc/nova/nova.conf vnc vncserver_listen 0.0.0.0
openstack-config –set /etc/nova/nova.conf vnc vncserver_proxyclient_address $my_ip
openstack-config –set /etc/nova/nova.conf vnc novncproxy_base_url http://controller:6080/vnc_auto.html
openstack-config –set /etc/nova/nova.conf glance api_servers http://controller:9292
openstack-config –set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
openstack-config –set /etc/nova/nova.conf placement os_region_name RegionOne
openstack-config –set /etc/nova/nova.conf placement project_domain_name Default
openstack-config –set /etc/nova/nova.conf placement project_name service
openstack-config –set /etc/nova/nova.conf placement auth_type password
openstack-config –set /etc/nova/nova.conf placement user_domain_name Default
openstack-config –set /etc/nova/nova.conf placement auth_url http://controller:35357/v3
openstack-config –set /etc/nova/nova.conf placement username placement
openstack-config –set /etc/nova/nova.conf placement password PLACEMENT_PASS
如下为选填:
egrep -c ‘(vmx|svm)’ /proc/cpuinfo #如果没有输出或者输出0,说明不支持虚拟化,需要使用libvirt而不能用kvm了,如果这样的话更改如下配置;
openstack-config –set /etc/nova/nova.conf libvirt virt_type qemu
#############配置结束#############
3.3.3、启动nova-compute:
systemctl enable libvirtd.service openstack-nova-compute.service
systemctl start libvirtd.service openstack-nova-compute.service
3.3.4、到controller上注册nova:
openstack hypervisor list #查看当前的hypervisor列表为空
发现compute列表:
[root@nova-controller OpenStack-Admin ~] #>su -s /bin/sh -c “nova-manage cell_v2 discover_hosts –verbose” nova
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) [‘use_tpool’] not supported
exception.NotSupportedWarning
Found 2 cell mappings.
Skipping cell0 since it does not contain hosts.
Getting compute nodes from cell ‘cell1′: 5bb67644-d94b-40de-b880-6ef394ad8c3b
Found 1 unmapped computes in cell: 5bb67644-d94b-40de-b880-6ef394ad8c3b
Checking host mapping for compute host ‘compute1′: 2aa0f002-4ad0-4493-9dbb-701e0c4346ac
Creating host mapping for compute host ‘compute1′: 2aa0f002-4ad0-4493-9dbb-701e0c4346ac
再次查看,发现设备:
[root@nova-controller OpenStack-Admin ~] #>openstack hypervisor list
+—-+———————+—————–+———-+——-+
| ID | Hypervisor Hostname | Hypervisor Type | Host IP | State |
+—-+———————+—————–+———-+——-+
| 1 | compute1 | QEMU | 10.1.0.7 | up |
+—-+———————+—————–+———-+——-+
配置设备自动发现:
openstack-config –set /etc/nova/nova.conf scheduler discover_hosts_in_cells_interval 300
3.4、在controller上面做验证:
. admin-openrc
[root@nova-controller OpenStack-Admin ~] #>openstack compute service list
+—-+——————+—————–+———-+———+——-+—————————-+
| ID | Binary | Host | Zone | Status | State | Updated At |
+—-+——————+—————–+———-+———+——-+—————————-+
| 5 | nova-conductor | nova-controller | internal | enabled | up | 2018-03-21T13:22:38.000000 |
| 7 | nova-consoleauth | nova-controller | internal | enabled | up | 2018-03-21T13:22:34.000000 |
| 8 | nova-scheduler | nova-controller | internal | enabled | up | 2018-03-21T13:22:40.000000 |
| 9 | nova-compute | compute1 | nova | enabled | up | 2018-03-21T13:22:42.000000 |
+—-+——————+—————–+———-+———+——-+—————————-+
查看api列表:
[root@nova-controller OpenStack-Admin ~] #>openstack catalog list
+———–+———–+—————————————–+
| Name | Type | Endpoints |
+———–+———–+—————————————–+
| nova | compute | RegionOne |
| | | public: http://controller:8774/v2.1 |
| | | RegionOne |
| | | internal: http://controller:8774/v2.1 |
| | | RegionOne |
| | | admin: http://controller:8774/v2.1 |
| | | |
| keystone | identity | RegionOne |
| | | admin: http://controller:35357/v3/ |
| | | RegionOne |
| | | internal: http://controller:5000/v3/ |
| | | RegionOne |
| | | public: http://controller:5000/v3/ |
| | | |
| glance | image | RegionOne |
| | | admin: http://controller:9292 |
| | | RegionOne |
| | | public: http://controller:9292 |
| | | RegionOne |
| | | internal: http://controller:9292 |
| | | |
| placement | placement | RegionOne |
| | | internal: http://controller:8778 |
| | | RegionOne |
| | | admin: http://controller:8778 |
| | | RegionOne |
| | | public: http://controller:8778 |
| | | |
+———–+———–+—————————————–+
查看image列表:
[root@nova-controller OpenStack-Admin ~] #>openstack image list
+————————————–+——–+——–+
| ID | Name | Status |
+————————————–+——–+——–+
| a8f3ca72-8c5a-41ea-8d7b-d6f74a3f9040 | cirros | active |
+————————————–+——–+——–+
[root@nova-controller OpenStack-Admin ~] #>nova-status upgrade check
+——————————————————————-+
| Upgrade Check Results |
+——————————————————————-+
| Check: Cells v2 |
| Result: Success |
| Details: None |
+——————————————————————-+
| Check: Placement API |
| Result: Success |
| Details: None |
+——————————————————————-+
| Check: Resource Providers |
| Result: Warning |
| Details: There are no compute resource providers in the Placement |
| service but there are 1 compute nodes in the deployment. |
| This means no compute nodes are reporting into the |
| Placement service and need to be upgraded and/or fixed. |
| See |
| https://docs.openstack.org/nova/latest/user/placement.html |
| for more details. |
4、安装neutron【网络服务】
mysql -u root -p
MariaDB [(none)]> CREATE DATABASE neutron;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO ‘neutron’@’localhost’ IDENTIFIED BY ‘NEUTRON_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO ‘neutron’@’%’ IDENTIFIED BY ‘NEUTRON_DBPASS';
MariaDB [(none)]> flush privileges;
4.2、初始化:
. admin-openrc
创建用户:密码为:NEUTRON_PASS
[root@nova-controller OpenStack-Admin ~] #>openstack user create –domain default –password-prompt neutron
User Password:
Repeat User Password:
+———————+———————————-+
| Field | Value |
+———————+———————————-+
| domain_id | default |
| enabled | True |
| id | b433d94b91294603b5cdda777f9c1474 |
| name | neutron |
| options | {} |
| password_expires_at | None |
+———————+———————————-+
openstack role add –project service –user neutron admin
创建服务:
[root@nova-controller OpenStack-Admin ~] #>openstack service create –name neutron –description “OpenStack Networking” network
+————-+———————————-+
| Field | Value |
+————-+———————————-+
| description | OpenStack Networking |
| enabled | True |
| id | dab922d9f4fd4f7f9746b6c5b73bc34c |
| name | neutron |
| type | network |
+————-+———————————-+
创建endpoint的api:
[root@nova-controller OpenStack-Admin ~] #>openstack endpoint create –region RegionOne network public http://controller:9696
+————–+———————————-+
| Field | Value |
+————–+———————————-+
| enabled | True |
| id | 2486ef57edb44128aab7e0fb4c5cfc6f |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | dab922d9f4fd4f7f9746b6c5b73bc34c |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+————–+———————————-+
[root@nova-controller OpenStack-Admin ~] #>openstack endpoint create –region RegionOne network internal http://controller:9696
+————–+———————————-+
| Field | Value |
+————–+———————————-+
| enabled | True |
| id | ccdc651c44ff4aa48f842cd55508dd77 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | dab922d9f4fd4f7f9746b6c5b73bc34c |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+————–+———————————-+
[root@nova-controller OpenStack-Admin ~] #>openstack endpoint create –region RegionOne network admin http://controller:9696
+————–+———————————-+
| Field | Value |
+————–+———————————-+
| enabled | True |
| id | ca258ca205a24818860dab8e778b12e7 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | dab922d9f4fd4f7f9746b6c5b73bc34c |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+————–+———————————-+
4.2、controller配置使用自助服务网络(Self-service networks方案)
4.2.1、在控制端配置:
yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y
yum install openstack-utils -y #如果用命令修改配置的话,安装此包,按照官方教程改配置文件则不用
配置neutron:
openstack-config –set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:NEUTRON_DBPASS@controller/neutron
openstack-config –set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
openstack-config –set /etc/neutron/neutron.conf DEFAULT service_plugins router
openstack-config –set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips true
openstack-config –set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@controller
openstack-config –set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://controller:5000
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken auth_url http://controller:35357
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken memcached_servers controller:11211
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken auth_type password
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken project_name service
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken username neutron
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken password NEUTRON_PASS
openstack-config –set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes true
openstack-config –set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes true
openstack-config –set /etc/neutron/neutron.conf nova auth_url http://controller:35357
openstack-config –set /etc/neutron/neutron.conf nova auth_type password
openstack-config –set /etc/neutron/neutron.conf nova project_domain_name default
openstack-config –set /etc/neutron/neutron.conf nova user_domain_name default
openstack-config –set /etc/neutron/neutron.conf nova region_name RegionOne
openstack-config –set /etc/neutron/neutron.conf nova project_name service
openstack-config –set /etc/neutron/neutron.conf nova username nova
openstack-config –set /etc/neutron/neutron.conf nova password NOVA_PASS
openstack-config –set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
配置二层插件:
openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan,vxlan
openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types vxlan
openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers linuxbridge,l2population
openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security
openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks provider
openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan vni_ranges 1:1000
openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset true
配置桥接网络:
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:eth0
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan true
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip 10.1.0.6
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population true
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group true
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
配置三层网络:
openstack-config –set /etc/neutron/l3_agent.ini DEFAULT interface_driver linuxbridge
配置dhcp客户端:
openstack-config –set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver linuxbridge
openstack-config –set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
openstack-config –set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata true
4.2.2、配置metadata客户端:
openstack-config –set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_ip controller
openstack-config –set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret METADATA_SECRET
4.2.3、配置compute服务使用网络
openstack-config –set /etc/nova/nova.conf neutron url http://controller:9696
openstack-config –set /etc/nova/nova.conf neutron auth_url http://controller:35357
openstack-config –set /etc/nova/nova.conf neutron auth_type password
openstack-config –set /etc/nova/nova.conf neutron project_domain_name default
openstack-config –set /etc/nova/nova.conf neutron user_domain_name default
openstack-config –set /etc/nova/nova.conf neutron region_name RegionOne
openstack-config –set /etc/nova/nova.conf neutron project_name service
openstack-config –set /etc/nova/nova.conf neutron username neutron
openstack-config –set /etc/nova/nova.conf neutron password NEUTRON_PASS
openstack-config –set /etc/nova/nova.conf neutron service_metadata_proxy true
openstack-config –set /etc/nova/nova.conf neutron metadata_proxy_shared_secret METADATA_SECRET
4.2.4、最后的配置初始化:
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
su -s /bin/sh -c “neutron-db-manage –config-file /etc/neutron/neutron.conf –config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head” neutron
重启nova的api:
systemctl restart openstack-nova-api.service
启动服务:
systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl enable neutron-l3-agent.service
systemctl start neutron-l3-agent.service
4.3、安装compute的node的网络:
4.3.1、安装软件:
yum install -y openstack-neutron-linuxbridge ebtables ipset
4.3.2、配置nova文件 :
openstack-config –set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@controller
openstack-config –set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://controller:5000
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken auth_url http://controller:35357
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken memcached_servers controller:11211
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken auth_type password
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken project_name service
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken username neutron
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken password NEUTRON_PASS
openstack-config –set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
4.3.3、安装配置网络【Self-service networks模式】:https://docs.openstack.org/neutron/queens/install/compute-install-option2-rdo.html
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:eth0
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan true
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip 10.1.0.7
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population true
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group true
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
4.3.4、配置nova的网络服务
openstack-config –set /etc/nova/nova.conf neutron url http://controller:9696
openstack-config –set /etc/nova/nova.conf neutron auth_url http://controller:35357
openstack-config –set /etc/nova/nova.conf neutron auth_type password
openstack-config –set /etc/nova/nova.conf neutron project_domain_name default
openstack-config –set /etc/nova/nova.conf neutron user_domain_name default
openstack-config –set /etc/nova/nova.conf neutron region_name RegionOne
openstack-config –set /etc/nova/nova.conf neutron project_name service
openstack-config –set /etc/nova/nova.conf neutron username neutron
openstack-config –set /etc/nova/nova.conf neutron password NEUTRON_PASS
4.3.5、启动服务:
重启nova客户端:
systemctl restart openstack-nova-compute.service
启动网络服务:
systemctl enable neutron-linuxbridge-agent.service
systemctl start neutron-linuxbridge-agent.service
5、安装dashboard管理界面:
系统要求[先安装dashboard,其它组件之后装]:https://docs.openstack.org/horizon/queens/install/system-requirements.html
yum install openstack-dashboard -y
配置:/etc/openstack-dashboard/local_settings
#############配置开始【修改如下项目】#############
OPENSTACK_HOST = “controller”
ALLOWED_HOSTS = [‘horizon.example.com’, ‘localhost’,’openstack.sinocache.net’,’10.1.0.6′]
SESSION_ENGINE = ‘django.contrib.sessions.backends.cache’
CACHES = {
‘default': {
‘BACKEND': ‘django.core.cache.backends.memcached.MemcachedCache’,
‘LOCATION': ‘controller:11211′,
}
}
OPENSTACK_KEYSTONE_URL = “http://%s:5000/v3″ % OPENSTACK_HOST
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_API_VERSIONS = {
“identity”: 3,
“image”: 2,
“volume”: 2,
}
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = “Default”
OPENSTACK_KEYSTONE_DEFAULT_ROLE = “user”
OPENSTACK_NEUTRON_NETWORK = {
…
‘enable_router': False,
‘enable_quotas': False,
‘enable_distributed_router': False,
‘enable_ha_router': False,
‘enable_lb': False,
‘enable_firewall': False,
‘enable_vpn': False,
‘enable_fip_topology_check': False,
}
TIME_ZONE = “Asia/Shanghai”
#############配置结束#############
mv /usr/sbin/suexec{,.bak} #默认安装的启用了suexec校验
修改:/etc/httpd/conf.d/openstack-dashboard.conf添加一行配置:
WSGIApplicationGroup %{GLOBAL}
重启服务,配置生效:
systemctl restart httpd.service memcached.service
然后就可以访问了:http://openstack.sinocache.net/
6、安装Cinder块存储:
6.1、创建存储节点:
6.1.1、安装启动服务:
yum install lvm2 device-mapper-persistent-data -y
systemctl enable lvm2-lvmetad.service
systemctl start lvm2-lvmetad.service
6.1.2、创建逻辑卷
pvcreate /dev/vdb
vgcreate cinder-volumes /dev/vdb
编辑:/etc/lvm/lvm.conf
devices {
…
…
filter = [ “a/sdb/”, “r/.*/”]
未完待续……
博主写的很仔细,但是我还有问题。
1.就是我做了一个queens的本地源不连接外网搭建,搭建好之后查询服务很慢,返回需要两三分钟,最后查出问题是地址解析问题但是到现在还没解决,求帮助。
2.就是queens的的API有问题,搭建好之后能用但是查询服务端点的API就会出现Eorro,请问是什么问题
目前我还在内部测试环境使用,未大规模使用,在这方面投入精力当前还较少