共计 39945 个字符,预计需要花费 100 分钟才能阅读完成。
前言:openstack 真是一个庞然大物,想要吃透还真不容易,所以在对 openstack 大概有了一个了解的时候,就应该是部署,虽然 openstack 的安装方式有 rdo 或者 devstack 等一键安装工具,但是最好浅尝辄止,有了大概的使用经验之后就应该是从头到尾的安装一遍了,不然对于那些报错,以及故障的解决一定是不够气定神闲的,因此,当你有了 openstack 的基本认识后,开始安装吧~
注:openstack 的官方文档写得真的是,好的不要不要的,但是看英文总是感觉有点不溜,因此在官方文档的基础上写得这篇笔记。
参考:http://docs.openstack.org/mitaka/install-guide-rdo/
下面是小编为你精选的 Openstack 相关知识,看看是否有你喜欢的:
在 Ubuntu 12.10 上安装部署 Openstack http://www.linuxidc.com/Linux/2013-08/88184.htm
Ubuntu 12.04 OpenStack Swift 单节点部署手册 http://www.linuxidc.com/Linux/2013-08/88182.htm
OpenStack 云计算快速入门教程 http://www.linuxidc.com/Linux/2013-08/88186.htm
企业部署 OpenStack:该做与不该做的事 http://www.linuxidc.com/Linux/2013-09/90428.htm
CentOS 6.5 x64bit 快速安装 OpenStack http://www.linuxidc.com/Linux/2014-06/103775.htm
首先应该是大概的规划,需要几个节点,选择什么操作系统,网络怎么划分~
下面是我的大概规划
节点数:2 (控制节点,计算节点)
操作系统:CentOS Linux release 7.2.1511 (Core)
网络配置:
控制节点:10.0.0.101 192.168.15.101
结算节点:10.0.0.102 192.168.15.102
先决条件:
The following minimum requirements should support a proof-of-concept environment with core services and several CirrOS instances:
Controller Node: 1 processor, 4 GB memory, and 5 GB storage
Compute Node: 1 processor, 2 GB memory, and 10 GB storage
官方建议概念验证的最小硬件需求。
控制节点 1 处理器,4 GB 内存,5 GB 硬盘
计算节点 1 处理器,2 GB 内存,10 GB 硬盘
参考:http://docs.openstack.org/mitaka/install-guide-rdo/environment.html
注:如果你是用手动一步一步的创建操作系统,配置网络,那么笔者就得好好的鄙视你了~~ 研究研究 vagrant 吧,通过下面的配置文件你就能一条命令生成两个虚拟机,并配置好网络了,vagrant 简易教程参考:http://youerning.blog.51cto.com/10513771/1745102
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure(2) do |config|
config.vm.box = “centos7”
node_servers = {:control => [‘10.0.0.101′,’192.168.15.101’],
:compute => [‘10.0.0.102′,’192.168.15.102’]
}
node_servers.each do |node_name,node_ip|
config.vm.define node_name do |node_config|
node_config.vm.host_name = node_name.to_s
node_config.vm.network :private_network,ip: node_ip[0]
node_config.vm.network :private_network,ip: node_ip[1],virtualbox_inet: true
config.vm.boot_timeout = 300
node_config.vm.provider “virtualbox” do |v|
v.memory = 4096
v.cpus = 1
end
end
end
end
通过 vagrant up 一条命令,稍等一会,两个热腾腾的虚拟机就出炉了,我们的环境就 OK 了~~
环境如下
操作系统:CentOS Linux release 7.2.1511 (Core)
网络配置:
控制节点:10.0.0.101 192.168.15.101
结算节点:10.0.0.102 192.168.15.102
注意:上面的 config.vm.box = “centos7″,首先需要有个 centos7 的 box
在开始部署前,我们先捋一捋 openstack 安装步骤
首先是软件环境准备,我们需要将一些通用的软件以及源仓库等进行配置,基本如下
NTP 服务器
控制节点,其他节点
openstack 安装包仓库
通用组件:
SQL 数据库 ===> MariaDB
NoSQL 数据库 ==> MongoDB(基本组件不需要,)
消息队列 ==> RabbitMQ
Memcached
再就是 openstack 整个框架下的各个组件,基本组件如下
认证服务 ===> Keystone
镜像服务 ===> Glance
计算资源服务 ===> Nova
网络资源服务 ===> Neutron
Dashboard ===> Horizon
块存储服务 ===> Cinder
其他存储服务,如下
文件共享服务 ===> Manila
对象存储服务 ===> Swift
其他组件,如下
编排服务 ===> Heat
遥测服务 ===> Ceilometer
数据库服务 ===> Trove
环境准备
域名解析:
在各个节点编辑 hosts 文件, 加入以下配置
10.0.0.101 controller
10.0.0.102 compute
ntp 时间服务器
控制节点
1) 安装 chrony 软件包
yum install chrony
2) 编辑配置文件 /etc/chrony.conf,添加以下内容,202.108.6.95 可根据自己需求自行更改。
server 202.108.6.95 iburst
allow 10.0.0.0/24
3)加入自启动,并启动
# systemctl enable chronyd.service
# systemctl start chronyd.service
其他节点
1) 安装 chrony 软件包
yum install chrony
2) 编辑配置文件 /etc/chrony.conf,添加以下内容
server controller iburst
allow 10.0.0.0/24
3)加入自启动,并启动
# systemctl enable chronyd.service
# systemctl start chronyd.service
验证:
控制节点
chronyc sources
210 Number of sources = 2
MS Name/IP address Stratum Poll Reach LastRx Last sample
=============================================================
^- 192.0.2.11 2 7 12 137 -2814us[-3000us] +/- 43ms
^* 192.0.2.12 2 6 177 46 +17us[-23us] +/- 68ms
其他节点
# chronyc sources
210 Number of sources = 1
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* controller 3 9 377 421 +15us[-87us] +/- 15ms
openstack 安装包仓库
安装相应 openstack 版本 yum 源
yum install centos-release-openstack-mitaka
系统更新
yum upgrade
注:如果系统内核有更新,需要重启
安装 openstackclient,openstack-selinux
yum install python-openstackclient
yum install openstack-selinux
注:如果报什么 Package does not match intended download,则 yum clean all 或者直接下载 rpm 包安装吧。
参考下载地址:http://ftp.usf.edu/pub/centos/7/cloud/x86_64/openstack-kilo/common/
SQL 数据库
安装
1 yum install mariadb mariadb-server python2-PyMySQL
创建 /etc/my.cnf.d/openstack.cnf 配置文件,加入以下内容
# 绑定 IP
[mysqld]
bind-address = 10.0.0.11
# 设置字符集等
default-storage-engine = innodb .
innodb_file_per_table
collation-server = utf8_general_ci
character-set-server = utf8
配置启动项,启动等
systemctl enable mariadb.service
systemctl start mariadb.service
数据库初始化,创建 root 密码等,操作如下
mysql_secure_installation
Enter current password for root (enter for none):[Enter]
Set root password? [Y/n] Y
New password: openstack
Re-enter new password:openstack
Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] n
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y
消息队列 rabbitmq
安装
yum install rabbitmq-server
配置启动项,启动
systemctl enable rabbitmq-server.service
systemctl start rabbitmq-server.service
添加 openstack 用户
rabbitmqctl add_user openstack RABBIT_PASS
设置 openstack 用户的权限,依次分别为写,读,访问
rabbitmqctl set_permissions openstack “.*””.*””.*”
NoSQL Mongodb
安装
yum install mongodb-server mongodb
配置 /etc/mongod.conf 配置文件
bind_ip = 10.0.0.11
#smallfile=true 可选
smallfiles = true
配置启动项,启动
# systemctl enable mongod.service
# systemctl start mongod.service
Memcached
安装
# yum install memcached python-memcached
配置启动项,启动
# systemctl enable memcached.service
# systemctl start memcached.service
至此,openstack 整个框架的软件环境基本搞定,下面就是各组件了。
安装各组件很有意思,除了 keystone 基本上是差不多的步骤,唯一的区别就是创建时指定的名字不同而已,基本是一般以下步骤。
1)配置数据库
create database xxx
GRANT ALL PRIVILEGES ON keystone.* TO ‘xxxx’@’localhost’ \
IDENTIFIED BY ‘XXXX_DBPASS’;
GRANT ALL PRIVILEGES ON keystone.* TO ‘xxxx’@’%’ \
IDENTIFIED BY ‘XXXX_DBPASS’;
2)安装
yum install xxx
3)配置文件
配置各项服务的连接, 比如数据库,rabbitmq 等
认证配置
特定配置
5)数据库同步
创建需要的表
4)加入启动项,启动
# systemctl enable openstack-xxx.service
# systemctl start openstack-xxxx.service
5)创建用户,service,endpoint 等
openstack user create xxx
openstack service create xxx
openstack endpoint create xxx
6)验证服务是否成功
注:配置文件的配置建议首先备份,然后为了省略不必要的篇幅,在此说明配置文件的编辑方式,如下。
[DEFAULT]
…
admin_token = ADMIN_TOKEN
上面的内容,指明在 [DEFAULT] 的段落加入 admin_token = ADMIN_TOKEN 内容。
各组件安装
认证服务 Keystone
配置数据库
$ mysql -u root -p
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@’localhost’ \
IDENTIFIED BY ‘KEYSTONE_DBPASS’;
GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@’%’ \
IDENTIFIED BY ‘KEYSTONE_DBPASS’;
安装
# yum install openstack-keystone httpd mod_wsgi
配置文件 /etc/keystone/keystone.conf
admin 令牌
[DEFAULT]
…
admin_token = ADMIN_TOKEN
数据库
[database]
…
connection = mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone
令牌生成方式
[token]
…
provider = fernet
注:上面的 ADMIN_TOKEN 可用 openssl rand -hex 10 命令生成,或者填入一串自定义的字符串
数据库同步
# su -s /bin/sh -c “keystone-manage db_sync” keystone
初始化 fernet 秘钥。
令牌的生成方式参考:http://blog.csdn.net/miss_yang_cloud/article/details/49633719
# keystone-manage fernet_setup –keystone-user keystone –keystone-group keystone
配置 Apache
编辑 /etc/httpd/conf/httpd.conf
更改一下内容
ServerName controller
创建 /etc/httpd/conf.d/wsgi-keystone.conf 配置文件,加入以下内容
Listen 5000
Listen 35357
<VirtualHost *:5000>
WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-public
WSGIScriptAlias / /usr/bin/keystone-wsgi-public
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
ErrorLogFormat “%{cu}t %M”
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
<Directory /usr/bin>
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:35357>
WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-admin
WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
ErrorLogFormat “%{cu}t %M”
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
<Directory /usr/bin>
Require all granted
</Directory>
</VirtualHost>
配置启动项,启动
# systemctl enable httpd.service
# systemctl start httpd.service
创建 service,API endpoint
为了避免不必要的篇幅,将 admin_token,endpoint url 配置到环境变量。
$ export OS_TOKEN=ADMIN_TOKEN
$ export OS_URL=http://controller:35357/v3
$ export OS_IDENTITY_API_VERSION=3
创建 service
$ openstack service create \
–name keystone –description “OpenStack Identity” identity
创建 endpoint,依次有 public,internal,admin
$ openstack endpoint create –region RegionOne \
identity public http://controller:5000/v3
$ openstack endpoint create –region RegionOne \
identity internal http://controller:5000/v3
$ openstack endpoint create –region RegionOne \
identity admin http://controller:35357/v3
创建域,项目,用户,角色 domain,project,user,role
创建 domain
openstack domain create –description “Default Domain” default
创建 project
openstack user create –domain default \
–password-prompt admin
创建 admin role
openstack role create admin
将 admin 角色加入 admin 项目中
openstack role add –project admin –user admin admin
创建 service 项目
openstack project create –domain default \
–description “Service Project” service
创建 demo 项目
openstack project create –domain default \
–description “Demo Project” demo
创建 demo 用户
openstack user create –domain default \
–password-prompt demo
创建 user 角色
openstack role create user
将 user 角色加入到 demo 项目中
openstack role add –project demo –user demo user
注:记住创建用户时的密码。
验证 admin 用户
unset OS_TOKEN OS_URL
openstack –os-auth-url http://controller:35357/v3 \
–os-project-domain-name default –os-user-domain-name default \
–os-project-name admin –os-username admin token issue
Password:
+————+—————————————————————–+
| Field | Value |
+————+—————————————————————–+
| expires | 2016-02-12T20:14:07.056119Z |
| id | gAAAAABWvi7_B8kKQD9wdXac8MoZiQldmjEO643d-e_j-XXq9AmIegIbA7UHGPv |
| | atnN21qtOMjCFWX7BReJEQnVOAj3nclRQgAYRsfSU_MrsuWb4EDtnjU7HEpoBb4 |
| | o6ozsA_NmFWEpLeKy0uNn_WeKbAhYygrsmQGA49dclHVnz-OMVLiyM9ws |
| project_id | 343d245e850143a096806dfaefa9afdc |
| user_id | ac3377633149401296f6c0d92d79dc16 |
+————+—————————————————————–+
验证 demo 用户
$ openstack –os-auth-url http://controller:5000/v3 \
–os-project-domain-name default –os-user-domain-name default \
–os-project-name demo –os-username demo token issue
Password:
+————+—————————————————————–+
| Field | Value |
+————+—————————————————————–+
| expires | 2016-02-12T20:15:39.014479Z |
| id | gAAAAABWvi9bsh7vkiby5BpCCnc-JkbGhm9wH3fabS_cY7uabOubesi-Me6IGWW |
| | yQqNegDDZ5jw7grI26vvgy1J5nCVwZ_zFRqPiz_qhbq29mgbQLglbkq6FQvzBRQ |
| | JcOzq3uwhzNxszJWmzGC7rJE_H0A_a3UFhqv8M4zMRYSbS2YF0MyFmp_U |
| project_id | ed0b60bf607743088218b0a533d5943f |
| user_id | 58126687cbcc4888bfa9ab73a2256f27 |
+————+—————————————————————–+
如果有以上格式返回,验证通过
admin,demo 用户的环境变量脚本
正常情况下,当然吧诸如 os-xxxx 的参数放在环境变量中,为了更快的在 admin,demo 用户之间切换,创建环境脚本
创建 admin-openrc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=ADMIN_PASS
export OS_AUTH_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
创建 demo-openrc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=DEMO_PASS
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
在此验证 admin
首先 . admin-openrc
$ openstack token issue
+————+—————————————————————–+
| Field | Value |
+————+—————————————————————–+
| expires | 2016-02-12T20:44:35.659723Z |
| id | gAAAAABWvjYj-Zjfg8WXFaQnUd1DMYTBVrKw4h3fIagi5NoEmh21U72SrRv2trl |
| | JWFYhLi2_uPR31Igf6A8mH2Rw9kv_bxNo1jbLNPLGzW_u5FC7InFqx0yYtTwa1e |
| | eq2b0f6-18KZyQhs7F3teAta143kJEWuNEYET-y7u29y0be1_64KYkM7E |
| project_id | 343d245e850143a096806dfaefa9afdc |
| user_id | ac3377633149401296f6c0d92d79dc16 |
+————+—————————————————————–+
镜像服务 Glance
配置数据库
$ mysql -u root -p
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO ‘glance’@’localhost’ \
IDENTIFIED BY ‘GLANCE_DBPASS’;
GRANT ALL PRIVILEGES ON glance.* TO ‘glance’@’%’ \
IDENTIFIED BY ‘GLANCE_DBPASS’;
创建 service,user,role
$ . admin-openrc
$ openstack user create –domain default –password-prompt glance
$ openstack role add –project service –user glance admin
创建 endpoint,依次有 public,internal,admin
$ openstack service create –name glance \
–description “OpenStack Image” image
$ openstack endpoint create –region RegionOne \
image public http://controller:9292
$ openstack endpoint create –region RegionOne \
image internal http://controller:9292
$ openstack endpoint create –region RegionOne \
image admin http://controller:9292
安装
# yum install openstack-glance
配置文件 /etc/glance/glance-api.conf
数据库
[database]
…
connection = mysql+pymysql://glance:GLANCE_DBPASS@controller/glance
keystone 认证
[keystone_authtoken]
…
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = GLANCE_PASS
[paste_deploy]
…
flavor = keystone
glance 存储
[glance_store]
…
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
配置文件 /etc/glance/glance-registry.conf
数据库
[database]
…
connection = mysql+pymysql://glance:GLANCE_DBPASS@controller/glance
keystone 认证
[keystone_authtoken]
…
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = GLANCE_PASS
[paste_deploy]
…
flavor = keystone
同步数据库
# su -s /bin/sh -c “glance-manage db_sync” glance
启动
# systemctl enable openstack-glance-api.service \
openstack-glance-registry.service
# systemctl start openstack-glance-api.service \
openstack-glance-registry.service
验证
$ . admin-openrc
下载 cirros 镜像
$ wget
http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
创建镜像
$ openstack image create “cirros” \
–file cirros-0.3.4-x86_64-disk.img \
–disk-format qcow2 –container-format bare \
–public
如果执行以下命令,显示如下,则成功
$ openstack image list
+————————————–+——–+
| ID | Name |
+————————————–+——–+
| 38047887-61a7-41ea-9b49-27987d5e8bb9 | cirros |
+————————————–+——–+
计算资源服务 nova
控制节点
数据库
$ mysql -u root -p
CREATE DATABASE nova_api;
CREATE DATABASE nova;
GRANT ALL PRIVILEGES ON nova_api.* TO ‘nova’@’localhost’ \
IDENTIFIED BY ‘NOVA_DBPASS’;
GRANT ALL PRIVILEGES ON nova_api.* TO ‘nova’@’%’ \
IDENTIFIED BY ‘NOVA_DBPASS’;
GRANT ALL PRIVILEGES ON nova.* TO ‘nova’@’localhost’ \
IDENTIFIED BY ‘NOVA_DBPASS’;
GRANT ALL PRIVILEGES ON nova.* TO ‘nova’@’%’ \
IDENTIFIED BY ‘NOVA_DBPASS’;
创建 service,user,role
$ . admin-openrc
$ openstack user create –domain default \
–password-prompt nova
$ openstack role add –project service –user nova admin
$ openstack service create –name nova \
–description “OpenStack Compute” compute
创建 endpoint,依次有 public,internal,admin
$ openstack endpoint create –region RegionOne \
compute public http://controller:8774/v2.1/%\(tenant_id\)s
$ openstack endpoint create –region RegionOne \
compute internal http://controller:8774/v2.1/%\(tenant_id\)s
$ openstack endpoint create –region RegionOne \
compute admin http://controller:8774/v2.1/%\(tenant_id\)s
安装
# yum install openstack-nova-api openstack-nova-conductor \
openstack-nova-console openstack-nova-novncproxy \
openstack-nova-scheduler
配置文件 /etc/nova/nova.conf
启用的 api
[DEFAULT]
…
enabled_apis = osapi_compute,metadata
[api_database]
…
connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api
数据库
[database]
…
connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova
rabbitmq 队列
[DEFAULT]
…
rpc_backend = rabbit
[oslo_messaging_rabbit]
…
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = RABBIT_PASS
keystone 认证
[DEFAULT]
…
auth_strategy = keystone
[keystone_authtoken]
…
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = NOVA_PASS
绑定 ip
[DEFAULT]
…
my_ip = 10.0.0.101
支持 neutron
[DEFAULT]
…
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
vnc 配置
[vnc]
…
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ip
glance 配置
[glance]
…
api_servers = http://controller:9292
并发锁
[oslo_concurrency]
…
lock_path = /var/lib/nova/tmp
同步数据库
# su -s /bin/sh -c “nova-manage api_db sync” nova
# su -s /bin/sh -c “nova-manage db sync” nova
启动
# systemctl enable openstack-nova-api.service \
openstack-nova-consoleauth.service openstack-nova-scheduler.service \
openstack-nova-conductor.service openstack-nova-novncproxy.service
# systemctl start openstack-nova-api.service \
openstack-nova-consoleauth.service openstack-nova-scheduler.service \
openstack-nova-conductor.service openstack-nova-novncproxy.service
更多详情见请继续阅读下一页的精彩内容:http://www.linuxidc.com/Linux/2016-05/130933p2.htm
计算节点
安装
yum install openstack-neutron-linuxbridge ebtables
配置文件 /etc/neutron/neutron.conf
rabbitmq 队列
[DEFAULT]
…
rpc_backend = rabbit
[oslo_messaging_rabbit]
…
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = RABBIT_PASS
keystone 认证
[DEFAULT]
…
auth_strategy = keystone
[keystone_authtoken]
…
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = NEUTRON_PASS
并发锁
[oslo_concurrency]
…
lock_path = /var/lib/neutron/tmp
配置文件 /etc/nova/nova.conf
[neutron]
…
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = NEUTRON_PASS
重启 nova-compute
# systemctl restart openstack-nova-compute.service
启动
# systemctl enable neutron-linuxbridge-agent.service
# systemctl start neutron-linuxbridge-agent.service
验证
$ . admin-openrc
$ neutron ext-list
+—————————+———————————————–+
| alias | name |
+—————————+———————————————–+
| default-subnetpools | Default Subnetpools |
| network-ip-availability | Network IP Availability |
| network_availability_zone | Network Availability Zone |
| auto-allocated-topology | Auto Allocated Topology Services |
| ext-gw-mode | Neutron L3 Configurable external gateway mode |
| binding | Port Binding |
…………
Dashboard horizon
注:必须在控制节点
安装
# yum install openstack-dashboard
配置文件 /etc/openstack-dashboard/local_settings
OPENSTACK_HOST = “controller”
ALLOWED_HOSTS = [‘*’,]
SESSION_ENGINE = ‘django.contrib.sessions.backends.cache’
CACHES = {
‘default’: {
‘BACKEND’: ‘django.core.cache.backends.memcached.MemcachedCache’,
‘LOCATION’: ‘controller:11211’,
}
}
OPENSTACK_KEYSTONE_URL = “http://%s:5000/v3” % OPENSTACK_HOST
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_API_VERSIONS = {
“identity”: 3,
“image”: 2,
“volume”: 2,
}
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = “default”
OPENSTACK_KEYSTONE_DEFAULT_ROLE = “user”
OPENSTACK_NEUTRON_NETWORK = {
…
‘enable_router’: False,
‘enable_quotas’: False,
‘enable_distributed_router’: False,
‘enable_ha_router’: False,
‘enable_lb’: False,
‘enable_firewall’: False,
‘enable_vpn’: False,
‘enable_fip_topology_check’: False,
}
TIME_ZONE = “Asia/Shanghai”
启动
# systemctl restart httpd.service memcached.service
验证
访问 http://controller/dashboard
块存储 cinder
数据库
$ mysql -u root -p
CREATE DATABASE cinder;
GRANT ALL PRIVILEGES ON cinder.* TO ‘cinder’@’localhost’ \
IDENTIFIED BY ‘CINDER_DBPASS’;
GRANT ALL PRIVILEGES ON cinder.* TO ‘cinder’@’%’ \
IDENTIFIED BY ‘CINDER_DBPASS’;
创建 service,user,role
$ . admin-openrc
$ openstack user create –domain default –password-prompt cinder
$ openstack role add –project service –user cinder admin
注意,这里创建两个 service
$ openstack service create –name cinder \
–description “OpenStack Block Storage” volume
$ openstack service create –name cinderv2 \
–description “OpenStack Block Storage” volumev2
创建 endpoint,依次有 public,internal,admin
$ openstack endpoint create –region RegionOne \
volume public http://controller:8776/v1/%\(tenant_id\)s
$ openstack endpoint create –region RegionOne \
volume internal http://controller:8776/v1/%\(tenant_id\)s
$ openstack endpoint create –region RegionOne \
volume admin http://controller:8776/v1/%\(tenant_id\)s
注意,每个 service 对应三个 endpoint
$ openstack endpoint create –region RegionOne \
volumev2 public http://controller:8776/v2/%\(tenant_id\)s
$ openstack endpoint create –region RegionOne \
volumev2 internal http://controller:8776/v2/%\(tenant_id\)s
$ openstack endpoint create –region RegionOne \
volumev2 admin http://controller:8776/v2/%\(tenant_id\)s
安装
控制节点
# yum install openstack-cinder
配置文件 /etc/cinder/cinder.conf
数据库
[database]
…
connection = mysql+pymysql://cinder:CINDER_DBPASS@controller/cinder
rabbitmq 队列
[DEFAULT]
…
rpc_backend = rabbit
[oslo_messaging_rabbit]
…
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = RABBIT_PASS
keystone 认证
[DEFAULT]
…
auth_strategy = keystone
[keystone_authtoken]
…
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = cinder
password = CINDER_PASS
绑定 ip
[DEFAULT]
…
my_ip = 10.0.0.11
并行锁
[oslo_concurrency]
…
lock_path = /var/lib/cinder/tmp
同步数据库
# su -s /bin/sh -c “cinder-manage db sync” cinder
配置文件 /etc/nova/nova.conf
[cinder]
os_region_name = RegionOne
重启 nova-api
# systemctl restart openstack-nova-api.service
启动
# systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service
# systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service
其他节点,可在计算节点加一块硬盘
注:需要另外一块硬盘
安装
# yum install lvm2
# systemctl enable lvm2-lvmetad.service
# systemctl start lvm2-lvmetad.service
创建逻辑卷
# pvcreate /dev/sdb
Physical volume “/dev/sdb” successfully created
# vgcreate cinder-volumes /dev/sdb
Volume group “cinder-volumes” successfully created
配置文件 /etc/lvm/lvm.conf
devices {
…
filter = [“a/sdb/”, “r/.*/”]
注:新添加的硬盘一般为 sdb,如果有 sdc,sde 等,则为 filter = [“a/sdb/”, “a/sdb/”,”a/sdb/”,”r/.*/”],以此类推
安装
# yum install openstack-cinder targetcli
配置文件 /etc/cinder/cinder.conf
数据库
1
2
3 [database]
…
connection = mysql+pymysql://cinder:CINDER_DBPASS@controller/cinder
rabbitmq 队列
[DEFAULT]
…
rpc_backend = rabbit
[oslo_messaging_rabbit]
…
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = RABBIT_PASS
keystone 认证
[DEFAULT]
…
auth_strategy = keystone
[keystone_authtoken]
…
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = cinder
password = CINDER_PASS
绑定 ip
[DEFAULT]
…
my_ip = 10.0.0.102
增加 [lvm] 及其内容
[lvm]
…
volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver
volume_group = cinder-volumes
iscsi_protocol = iscsi
iscsi_helper = lioadm
后端启用 lvm
[DEFAULT]
…
enabled_backends = lvm
配置 Glance API
1
2
3 [DEFAULT]
…
glance_api_servers = http://controller:9292
并行锁
[oslo_concurrency]
…
lock_path = /var/lib/cinder/tmp
启动
# systemctl enable openstack-cinder-volume.service target.service
# systemctl start openstack-cinder-volume.service target.service
验证
$ . admin-openrc
$ cinder service-list
+——————+————+——+———+——-+—————————-+—————–+
| Binary | Host | Zone | Status | State | Updated_at | Disabled Reason |
+——————+————+——+———+——-+—————————-+—————–+
| cinder-scheduler | controller | nova | enabled | up | 2014-10-18T01:30:54.000000 | None |
| cinder-volume | block1@lvm | nova | enabled | up | 2014-10-18T01:30:57.000000 | None |
至此。基本上完成了,所有的安装,你可以在 dashboard 上首先用 admin 用户创建一个网络,然后用新建一个实例
后记:虽然手动安装一整套实在有点夸张,这里还是用 yum 的呢~ 但是至少得这么手动来一次,其他时候就脚本或者安装工具吧,复制粘贴都把我复制的眼花了~
其他组件就另起一篇文章了,值得注意的是,官方文档才是最好的文档
更多 CentOS 相关信息见CentOS 专题页面 http://www.linuxidc.com/topicnews.aspx?tid=14
本文永久更新链接地址:http://www.linuxidc.com/Linux/2016-05/130933.htm
前言:openstack 真是一个庞然大物,想要吃透还真不容易,所以在对 openstack 大概有了一个了解的时候,就应该是部署,虽然 openstack 的安装方式有 rdo 或者 devstack 等一键安装工具,但是最好浅尝辄止,有了大概的使用经验之后就应该是从头到尾的安装一遍了,不然对于那些报错,以及故障的解决一定是不够气定神闲的,因此,当你有了 openstack 的基本认识后,开始安装吧~
注:openstack 的官方文档写得真的是,好的不要不要的,但是看英文总是感觉有点不溜,因此在官方文档的基础上写得这篇笔记。
参考:http://docs.openstack.org/mitaka/install-guide-rdo/
下面是小编为你精选的 Openstack 相关知识,看看是否有你喜欢的:
在 Ubuntu 12.10 上安装部署 Openstack http://www.linuxidc.com/Linux/2013-08/88184.htm
Ubuntu 12.04 OpenStack Swift 单节点部署手册 http://www.linuxidc.com/Linux/2013-08/88182.htm
OpenStack 云计算快速入门教程 http://www.linuxidc.com/Linux/2013-08/88186.htm
企业部署 OpenStack:该做与不该做的事 http://www.linuxidc.com/Linux/2013-09/90428.htm
CentOS 6.5 x64bit 快速安装 OpenStack http://www.linuxidc.com/Linux/2014-06/103775.htm
首先应该是大概的规划,需要几个节点,选择什么操作系统,网络怎么划分~
下面是我的大概规划
节点数:2 (控制节点,计算节点)
操作系统:CentOS Linux release 7.2.1511 (Core)
网络配置:
控制节点:10.0.0.101 192.168.15.101
结算节点:10.0.0.102 192.168.15.102
先决条件:
The following minimum requirements should support a proof-of-concept environment with core services and several CirrOS instances:
Controller Node: 1 processor, 4 GB memory, and 5 GB storage
Compute Node: 1 processor, 2 GB memory, and 10 GB storage
官方建议概念验证的最小硬件需求。
控制节点 1 处理器,4 GB 内存,5 GB 硬盘
计算节点 1 处理器,2 GB 内存,10 GB 硬盘
参考:http://docs.openstack.org/mitaka/install-guide-rdo/environment.html
注:如果你是用手动一步一步的创建操作系统,配置网络,那么笔者就得好好的鄙视你了~~ 研究研究 vagrant 吧,通过下面的配置文件你就能一条命令生成两个虚拟机,并配置好网络了,vagrant 简易教程参考:http://youerning.blog.51cto.com/10513771/1745102
# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure(2) do |config|
config.vm.box = “centos7”
node_servers = {:control => [‘10.0.0.101′,’192.168.15.101’],
:compute => [‘10.0.0.102′,’192.168.15.102’]
}
node_servers.each do |node_name,node_ip|
config.vm.define node_name do |node_config|
node_config.vm.host_name = node_name.to_s
node_config.vm.network :private_network,ip: node_ip[0]
node_config.vm.network :private_network,ip: node_ip[1],virtualbox_inet: true
config.vm.boot_timeout = 300
node_config.vm.provider “virtualbox” do |v|
v.memory = 4096
v.cpus = 1
end
end
end
end
通过 vagrant up 一条命令,稍等一会,两个热腾腾的虚拟机就出炉了,我们的环境就 OK 了~~
环境如下
操作系统:CentOS Linux release 7.2.1511 (Core)
网络配置:
控制节点:10.0.0.101 192.168.15.101
结算节点:10.0.0.102 192.168.15.102
注意:上面的 config.vm.box = “centos7″,首先需要有个 centos7 的 box
在开始部署前,我们先捋一捋 openstack 安装步骤
首先是软件环境准备,我们需要将一些通用的软件以及源仓库等进行配置,基本如下
NTP 服务器
控制节点,其他节点
openstack 安装包仓库
通用组件:
SQL 数据库 ===> MariaDB
NoSQL 数据库 ==> MongoDB(基本组件不需要,)
消息队列 ==> RabbitMQ
Memcached
再就是 openstack 整个框架下的各个组件,基本组件如下
认证服务 ===> Keystone
镜像服务 ===> Glance
计算资源服务 ===> Nova
网络资源服务 ===> Neutron
Dashboard ===> Horizon
块存储服务 ===> Cinder
其他存储服务,如下
文件共享服务 ===> Manila
对象存储服务 ===> Swift
其他组件,如下
编排服务 ===> Heat
遥测服务 ===> Ceilometer
数据库服务 ===> Trove
环境准备
域名解析:
在各个节点编辑 hosts 文件, 加入以下配置
10.0.0.101 controller
10.0.0.102 compute
ntp 时间服务器
控制节点
1) 安装 chrony 软件包
yum install chrony
2) 编辑配置文件 /etc/chrony.conf,添加以下内容,202.108.6.95 可根据自己需求自行更改。
server 202.108.6.95 iburst
allow 10.0.0.0/24
3)加入自启动,并启动
# systemctl enable chronyd.service
# systemctl start chronyd.service
其他节点
1) 安装 chrony 软件包
yum install chrony
2) 编辑配置文件 /etc/chrony.conf,添加以下内容
server controller iburst
allow 10.0.0.0/24
3)加入自启动,并启动
# systemctl enable chronyd.service
# systemctl start chronyd.service
验证:
控制节点
chronyc sources
210 Number of sources = 2
MS Name/IP address Stratum Poll Reach LastRx Last sample
=============================================================
^- 192.0.2.11 2 7 12 137 -2814us[-3000us] +/- 43ms
^* 192.0.2.12 2 6 177 46 +17us[-23us] +/- 68ms
其他节点
# chronyc sources
210 Number of sources = 1
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* controller 3 9 377 421 +15us[-87us] +/- 15ms
openstack 安装包仓库
安装相应 openstack 版本 yum 源
yum install centos-release-openstack-mitaka
系统更新
yum upgrade
注:如果系统内核有更新,需要重启
安装 openstackclient,openstack-selinux
yum install python-openstackclient
yum install openstack-selinux
注:如果报什么 Package does not match intended download,则 yum clean all 或者直接下载 rpm 包安装吧。
参考下载地址:http://ftp.usf.edu/pub/centos/7/cloud/x86_64/openstack-kilo/common/
SQL 数据库
安装
1 yum install mariadb mariadb-server python2-PyMySQL
创建 /etc/my.cnf.d/openstack.cnf 配置文件,加入以下内容
# 绑定 IP
[mysqld]
bind-address = 10.0.0.11
# 设置字符集等
default-storage-engine = innodb .
innodb_file_per_table
collation-server = utf8_general_ci
character-set-server = utf8
配置启动项,启动等
systemctl enable mariadb.service
systemctl start mariadb.service
数据库初始化,创建 root 密码等,操作如下
mysql_secure_installation
Enter current password for root (enter for none):[Enter]
Set root password? [Y/n] Y
New password: openstack
Re-enter new password:openstack
Remove anonymous users? [Y/n] Y
Disallow root login remotely? [Y/n] n
Remove test database and access to it? [Y/n] Y
Reload privilege tables now? [Y/n] Y
消息队列 rabbitmq
安装
yum install rabbitmq-server
配置启动项,启动
systemctl enable rabbitmq-server.service
systemctl start rabbitmq-server.service
添加 openstack 用户
rabbitmqctl add_user openstack RABBIT_PASS
设置 openstack 用户的权限,依次分别为写,读,访问
rabbitmqctl set_permissions openstack “.*””.*””.*”
NoSQL Mongodb
安装
yum install mongodb-server mongodb
配置 /etc/mongod.conf 配置文件
bind_ip = 10.0.0.11
#smallfile=true 可选
smallfiles = true
配置启动项,启动
# systemctl enable mongod.service
# systemctl start mongod.service
Memcached
安装
# yum install memcached python-memcached
配置启动项,启动
# systemctl enable memcached.service
# systemctl start memcached.service
至此,openstack 整个框架的软件环境基本搞定,下面就是各组件了。
安装各组件很有意思,除了 keystone 基本上是差不多的步骤,唯一的区别就是创建时指定的名字不同而已,基本是一般以下步骤。
1)配置数据库
create database xxx
GRANT ALL PRIVILEGES ON keystone.* TO ‘xxxx’@’localhost’ \
IDENTIFIED BY ‘XXXX_DBPASS’;
GRANT ALL PRIVILEGES ON keystone.* TO ‘xxxx’@’%’ \
IDENTIFIED BY ‘XXXX_DBPASS’;
2)安装
yum install xxx
3)配置文件
配置各项服务的连接, 比如数据库,rabbitmq 等
认证配置
特定配置
5)数据库同步
创建需要的表
4)加入启动项,启动
# systemctl enable openstack-xxx.service
# systemctl start openstack-xxxx.service
5)创建用户,service,endpoint 等
openstack user create xxx
openstack service create xxx
openstack endpoint create xxx
6)验证服务是否成功
注:配置文件的配置建议首先备份,然后为了省略不必要的篇幅,在此说明配置文件的编辑方式,如下。
[DEFAULT]
…
admin_token = ADMIN_TOKEN
上面的内容,指明在 [DEFAULT] 的段落加入 admin_token = ADMIN_TOKEN 内容。
各组件安装
认证服务 Keystone
配置数据库
$ mysql -u root -p
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@’localhost’ \
IDENTIFIED BY ‘KEYSTONE_DBPASS’;
GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@’%’ \
IDENTIFIED BY ‘KEYSTONE_DBPASS’;
安装
# yum install openstack-keystone httpd mod_wsgi
配置文件 /etc/keystone/keystone.conf
admin 令牌
[DEFAULT]
…
admin_token = ADMIN_TOKEN
数据库
[database]
…
connection = mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone
令牌生成方式
[token]
…
provider = fernet
注:上面的 ADMIN_TOKEN 可用 openssl rand -hex 10 命令生成,或者填入一串自定义的字符串
数据库同步
# su -s /bin/sh -c “keystone-manage db_sync” keystone
初始化 fernet 秘钥。
令牌的生成方式参考:http://blog.csdn.net/miss_yang_cloud/article/details/49633719
# keystone-manage fernet_setup –keystone-user keystone –keystone-group keystone
配置 Apache
编辑 /etc/httpd/conf/httpd.conf
更改一下内容
ServerName controller
创建 /etc/httpd/conf.d/wsgi-keystone.conf 配置文件,加入以下内容
Listen 5000
Listen 35357
<VirtualHost *:5000>
WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-public
WSGIScriptAlias / /usr/bin/keystone-wsgi-public
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
ErrorLogFormat “%{cu}t %M”
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
<Directory /usr/bin>
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:35357>
WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-admin
WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
ErrorLogFormat “%{cu}t %M”
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
<Directory /usr/bin>
Require all granted
</Directory>
</VirtualHost>
配置启动项,启动
# systemctl enable httpd.service
# systemctl start httpd.service
创建 service,API endpoint
为了避免不必要的篇幅,将 admin_token,endpoint url 配置到环境变量。
$ export OS_TOKEN=ADMIN_TOKEN
$ export OS_URL=http://controller:35357/v3
$ export OS_IDENTITY_API_VERSION=3
创建 service
$ openstack service create \
–name keystone –description “OpenStack Identity” identity
创建 endpoint,依次有 public,internal,admin
$ openstack endpoint create –region RegionOne \
identity public http://controller:5000/v3
$ openstack endpoint create –region RegionOne \
identity internal http://controller:5000/v3
$ openstack endpoint create –region RegionOne \
identity admin http://controller:35357/v3
创建域,项目,用户,角色 domain,project,user,role
创建 domain
openstack domain create –description “Default Domain” default
创建 project
openstack user create –domain default \
–password-prompt admin
创建 admin role
openstack role create admin
将 admin 角色加入 admin 项目中
openstack role add –project admin –user admin admin
创建 service 项目
openstack project create –domain default \
–description “Service Project” service
创建 demo 项目
openstack project create –domain default \
–description “Demo Project” demo
创建 demo 用户
openstack user create –domain default \
–password-prompt demo
创建 user 角色
openstack role create user
将 user 角色加入到 demo 项目中
openstack role add –project demo –user demo user
注:记住创建用户时的密码。
验证 admin 用户
unset OS_TOKEN OS_URL
openstack –os-auth-url http://controller:35357/v3 \
–os-project-domain-name default –os-user-domain-name default \
–os-project-name admin –os-username admin token issue
Password:
+————+—————————————————————–+
| Field | Value |
+————+—————————————————————–+
| expires | 2016-02-12T20:14:07.056119Z |
| id | gAAAAABWvi7_B8kKQD9wdXac8MoZiQldmjEO643d-e_j-XXq9AmIegIbA7UHGPv |
| | atnN21qtOMjCFWX7BReJEQnVOAj3nclRQgAYRsfSU_MrsuWb4EDtnjU7HEpoBb4 |
| | o6ozsA_NmFWEpLeKy0uNn_WeKbAhYygrsmQGA49dclHVnz-OMVLiyM9ws |
| project_id | 343d245e850143a096806dfaefa9afdc |
| user_id | ac3377633149401296f6c0d92d79dc16 |
+————+—————————————————————–+
验证 demo 用户
$ openstack –os-auth-url http://controller:5000/v3 \
–os-project-domain-name default –os-user-domain-name default \
–os-project-name demo –os-username demo token issue
Password:
+————+—————————————————————–+
| Field | Value |
+————+—————————————————————–+
| expires | 2016-02-12T20:15:39.014479Z |
| id | gAAAAABWvi9bsh7vkiby5BpCCnc-JkbGhm9wH3fabS_cY7uabOubesi-Me6IGWW |
| | yQqNegDDZ5jw7grI26vvgy1J5nCVwZ_zFRqPiz_qhbq29mgbQLglbkq6FQvzBRQ |
| | JcOzq3uwhzNxszJWmzGC7rJE_H0A_a3UFhqv8M4zMRYSbS2YF0MyFmp_U |
| project_id | ed0b60bf607743088218b0a533d5943f |
| user_id | 58126687cbcc4888bfa9ab73a2256f27 |
+————+—————————————————————–+
如果有以上格式返回,验证通过
admin,demo 用户的环境变量脚本
正常情况下,当然吧诸如 os-xxxx 的参数放在环境变量中,为了更快的在 admin,demo 用户之间切换,创建环境脚本
创建 admin-openrc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=ADMIN_PASS
export OS_AUTH_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
创建 demo-openrc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=DEMO_PASS
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
在此验证 admin
首先 . admin-openrc
$ openstack token issue
+————+—————————————————————–+
| Field | Value |
+————+—————————————————————–+
| expires | 2016-02-12T20:44:35.659723Z |
| id | gAAAAABWvjYj-Zjfg8WXFaQnUd1DMYTBVrKw4h3fIagi5NoEmh21U72SrRv2trl |
| | JWFYhLi2_uPR31Igf6A8mH2Rw9kv_bxNo1jbLNPLGzW_u5FC7InFqx0yYtTwa1e |
| | eq2b0f6-18KZyQhs7F3teAta143kJEWuNEYET-y7u29y0be1_64KYkM7E |
| project_id | 343d245e850143a096806dfaefa9afdc |
| user_id | ac3377633149401296f6c0d92d79dc16 |
+————+—————————————————————–+
镜像服务 Glance
配置数据库
$ mysql -u root -p
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO ‘glance’@’localhost’ \
IDENTIFIED BY ‘GLANCE_DBPASS’;
GRANT ALL PRIVILEGES ON glance.* TO ‘glance’@’%’ \
IDENTIFIED BY ‘GLANCE_DBPASS’;
创建 service,user,role
$ . admin-openrc
$ openstack user create –domain default –password-prompt glance
$ openstack role add –project service –user glance admin
创建 endpoint,依次有 public,internal,admin
$ openstack service create –name glance \
–description “OpenStack Image” image
$ openstack endpoint create –region RegionOne \
image public http://controller:9292
$ openstack endpoint create –region RegionOne \
image internal http://controller:9292
$ openstack endpoint create –region RegionOne \
image admin http://controller:9292
安装
# yum install openstack-glance
配置文件 /etc/glance/glance-api.conf
数据库
[database]
…
connection = mysql+pymysql://glance:GLANCE_DBPASS@controller/glance
keystone 认证
[keystone_authtoken]
…
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = GLANCE_PASS
[paste_deploy]
…
flavor = keystone
glance 存储
[glance_store]
…
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
配置文件 /etc/glance/glance-registry.conf
数据库
[database]
…
connection = mysql+pymysql://glance:GLANCE_DBPASS@controller/glance
keystone 认证
[keystone_authtoken]
…
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = GLANCE_PASS
[paste_deploy]
…
flavor = keystone
同步数据库
# su -s /bin/sh -c “glance-manage db_sync” glance
启动
# systemctl enable openstack-glance-api.service \
openstack-glance-registry.service
# systemctl start openstack-glance-api.service \
openstack-glance-registry.service
验证
$ . admin-openrc
下载 cirros 镜像
$ wget
http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
创建镜像
$ openstack image create “cirros” \
–file cirros-0.3.4-x86_64-disk.img \
–disk-format qcow2 –container-format bare \
–public
如果执行以下命令,显示如下,则成功
$ openstack image list
+————————————–+——–+
| ID | Name |
+————————————–+——–+
| 38047887-61a7-41ea-9b49-27987d5e8bb9 | cirros |
+————————————–+——–+
计算资源服务 nova
控制节点
数据库
$ mysql -u root -p
CREATE DATABASE nova_api;
CREATE DATABASE nova;
GRANT ALL PRIVILEGES ON nova_api.* TO ‘nova’@’localhost’ \
IDENTIFIED BY ‘NOVA_DBPASS’;
GRANT ALL PRIVILEGES ON nova_api.* TO ‘nova’@’%’ \
IDENTIFIED BY ‘NOVA_DBPASS’;
GRANT ALL PRIVILEGES ON nova.* TO ‘nova’@’localhost’ \
IDENTIFIED BY ‘NOVA_DBPASS’;
GRANT ALL PRIVILEGES ON nova.* TO ‘nova’@’%’ \
IDENTIFIED BY ‘NOVA_DBPASS’;
创建 service,user,role
$ . admin-openrc
$ openstack user create –domain default \
–password-prompt nova
$ openstack role add –project service –user nova admin
$ openstack service create –name nova \
–description “OpenStack Compute” compute
创建 endpoint,依次有 public,internal,admin
$ openstack endpoint create –region RegionOne \
compute public http://controller:8774/v2.1/%\(tenant_id\)s
$ openstack endpoint create –region RegionOne \
compute internal http://controller:8774/v2.1/%\(tenant_id\)s
$ openstack endpoint create –region RegionOne \
compute admin http://controller:8774/v2.1/%\(tenant_id\)s
安装
# yum install openstack-nova-api openstack-nova-conductor \
openstack-nova-console openstack-nova-novncproxy \
openstack-nova-scheduler
配置文件 /etc/nova/nova.conf
启用的 api
[DEFAULT]
…
enabled_apis = osapi_compute,metadata
[api_database]
…
connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api
数据库
[database]
…
connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova
rabbitmq 队列
[DEFAULT]
…
rpc_backend = rabbit
[oslo_messaging_rabbit]
…
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = RABBIT_PASS
keystone 认证
[DEFAULT]
…
auth_strategy = keystone
[keystone_authtoken]
…
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = NOVA_PASS
绑定 ip
[DEFAULT]
…
my_ip = 10.0.0.101
支持 neutron
[DEFAULT]
…
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
vnc 配置
[vnc]
…
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ip
glance 配置
[glance]
…
api_servers = http://controller:9292
并发锁
[oslo_concurrency]
…
lock_path = /var/lib/nova/tmp
同步数据库
# su -s /bin/sh -c “nova-manage api_db sync” nova
# su -s /bin/sh -c “nova-manage db sync” nova
启动
# systemctl enable openstack-nova-api.service \
openstack-nova-consoleauth.service openstack-nova-scheduler.service \
openstack-nova-conductor.service openstack-nova-novncproxy.service
# systemctl start openstack-nova-api.service \
openstack-nova-consoleauth.service openstack-nova-scheduler.service \
openstack-nova-conductor.service openstack-nova-novncproxy.service
更多详情见请继续阅读下一页的精彩内容:http://www.linuxidc.com/Linux/2016-05/130933p2.htm