前言:
本次安装主要使用的软件以及工具:

  • VMware
  • Xshell
  • WinSCP
  • Edge浏览器

参考的文档:

  • openstack官方文档

https://docs.openstack.org/install-guide/

  • openstack官方中文文档(这个虽然不是Queens版本,但是还是可以参考的,英文看的迷糊朋友们的福利)

https://docs.openstack.org/mitaka/zh_CN/install-guide-rdo/

  • centos7部署openstack(queens) --zerchin


一、创建虚拟机以及基础网络环境的搭建

1.1 创建虚拟机

创建两个虚拟机,一个做为控制节点controller,另一个做为一个计算节点。
在两个虚拟机中分别添加一个网卡(网络适配器):

  1. 右击虚拟机,点击设置。
  2. 点击添加,添加一个网络适配器
  3. 之后将添加的网卡的网络连接设置为仅主机模式。点击确定。

1.2 配置虚拟机的网络环境

(1)、 更改虚拟机内外网的IP地址

外网:
ens33
controller节点:192.168.74.12
compute节点:192.168.74.13
内网:
ens37
controller节点:192.168.56.12
compute节点:192.168.56.13

  • 在虚拟机的桌面上,点击左上角的应用程序,选择系统工具–设置,选择网络,在以太网右边的设置按钮中设置IPV4,选择手动。
  • 在设置中的网络中设置IP地址,注意在ens37(内网中的名称可能是其他名称,这里我们要将其修改),在身份中进行修改。

修改完毕后建议重启一下虚拟机,再进行Xshell的连接。

(2)、配置网络、主机名

配置网络
新建或着修改/etc/sysconfig/network-scripts/ifcfg-Name(具体的网卡的名称,这里是ens33,ens37)文件。
controller节点
ifcfg-ens33:

DEVICE=ens33
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.74.12
PREFIX=24
GATEWAY=192.168.74.2
NETMASK=255.255.255.0
DNS1=8.8.8.8

ifcfg-ens37:

DEVICE=ens37
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.56.12
PREFIX=24

compute节点
ifcfg-ens33:

DEVICE=ens33
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.74.13
PREFIX=24
GATEWAY=192.168.74.2
NETMASK=255.255.255.0
DNS1=8.8.8.8

ifcfg-ens37:

DEVICE=ens37
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.56.13
PREFIX=24

修改主机名
controller节点:

hostnamectl set-hostname controller

compute节点:

hostnamectl set-hostname compute

更改后按Ctrl+D退出登陆,重新连接。

1.3 配置域名解析

在controller节点和compute节点上的/etc/hosts文件中添加以下内容

192.168.74.12 controller
192.168.74.13 compute

1.4 关闭防火墙、Selinux

(1)、关闭Selinux
在controller节点和compute节点上修改selinux文件,将SELINUX=enforcing改为SELINUX=disabled

vi /etc/selinux/config
 SELINUX=disabled

(2)、关闭防火墙
在controller节点与compute节点上关闭防火墙,并设置为开机不自启。

systemctl stop firewalld
systemctl disable firewalld

1.5 验证基本网络环境的搭建

在controller节点和compute节点上重启网卡

service network restart

验证内网的互通性:

在controller节点上

ping compute

在conpute节点上

ping controller

验证外网是否连通

ping baidu.com

如果全部ping通,则基本环境搭建完毕。

二、基础软件、服务的搭建

2.1 安装网络时间协议服务(chrony服务)

在controller节点和compute节点上安装chrony服务

yum install -y chrony

配置chrony服务

编辑/etc/chrony.conf文件
controller:

server controller iburst
allow 192.168.0.0/16

compute:

server controller iburst

启动chrony服务
在controller节点和compute节点上启动:

systemctl start chronyd
systemctl enable chronyd

验证chrony服务
在controller节点和compute节点上上验证是否同步:

chronyc sources

Openstack安装部署手册 openstack安装文档_openstack

2.2 安装openstack存储库包

在controller节点和compute节点上安装

yum install -y centos-release-openstack-queens

** controller和compute节点升级软件包**

yum upgrade

controller和compute节点上安装openstack客户端和openstack-selinux服务

yum install python-openstackclient openstack-selinux -y

重启虚拟机
controller节点和compute节点完成安装后,重启系统。

reboot

2.3 安装Mysql数据库服务

在controller节点安装mysql服务

yum install -y mariadb mariadb-server python2-PyMySQL

修改数据库配置文件
在controller节点上新建/etc/my.cnf.d/openstack.cnf文件,添加以下内容

[mysqld]

bind-address = 192.168.74.12
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8

启动数据库服务

systemctl enable mariadb.service
 systemctl start mariadb.service

设置数据库密码

mysql_secure_installation

执行mysql_secure_installation命令设置密码,其中要输入密码000000,除去Disallow root login remotely? [Y/n] 输入n外其他输入y。

In order to log into MariaDB to secure it, we’ll need the current
password for the root user. If you’ve just installed MariaDB, and you
haven’t set the root password yet, the password will be blank, so you
should just press enter here.

Enter current password for root (enter for none): !!这里直接点击回车,不需要输入
OK, successfully
used password, moving on…

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y
New password: 000000
Re-enter new password: 000000
Password updated successfully! Reloading privilege tables… …
Success!

By default, a MariaDB installation has an anonymous user, allowing
anyone to log into MariaDB without having to have a user account
created for them. This is intended only for testing, and to make the
installation go a bit smoother. You should remove them before moving
into a production environment.

Remove anonymous users? [Y/n] y
… Success!

Normally, root should only be allowed to connect from ‘localhost’.
This ensures that someone cannot guess at the root password from the
network.

Disallow root login remotely? [Y/n] n
… skipping.

By default, MariaDB comes with a database named ‘test’ that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y

  • Dropping test database… … Success!
  • Removing privileges on test database… … Success!

Reloading the privilege tables will ensure that all changes made so
far will take effect immediately.

Reload privilege tables now? [Y/n] y
… Success!

Cleaning up…

All done! If you’ve completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

2.4 安装消息队列服务

在controller节点安装rabbitmq-server

yum install -y rabbitmq-server -y

启动消息队列服务

systemctl start rabbitmq-server.service
systemctl enable rabbitmq-server.service

添加openstack用户到rabbitMQ中

rabbitmqctl add_user openstack 000000

** 设置openstack用户最高权限**

rabbitmqctl set_permissions openstack ".*" ".*" ".*"

2.5 安装etcd服务

etcd作为一个受到ZooKeeper与doozer启发而催生的项目,除了拥有与之类似的功能外,更专注于以下四点。

  • 简单:基于HTTP+JSON的API让你用curl就可以轻松使用。
  • 安全:可选SSL客户认证机制。 快速:每个实例每秒支持一千次写操作。
  • 可信:使用Raft算法充分实现了分布式。
    在controller节点上安装etcd服务
yum install etcd -y

修改/etc/etcd/etcd.conf配置文件

#[Member]
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS=“http://192.168.74.12:2380”
ETCD_LISTEN_CLIENT_URLS=“http://192.168.74.12:2379”
ETCD_NAME=“controller”
#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS=“http://192.168.74.12:2380”
ETCD_ADVERTISE_CLIENT_URLS=“http://192.168.74.12:2379”
ETCD_INITIAL_CLUSTER=“controller=http://192.168.74.12:2380”
ETCD_INITIAL_CLUSTER_TOKEN=“etcd-cluster-01”
ETCD_INITIAL_CLUSTER_STATE=“new”

启动etcd服务

systemctl start etcd
 systemctl enable etcd

2.6 安装Memcached服务

下载安装包

yum install memcached python-memcached

修改 /etc/sysconfig/memcached 文件

OPTIONS="-l 127.0.0.1,::1,controller"

启动服务

systemctl enable memcached.service
systemctl start memcached.service

三、安装openstack服务

3.1 安装Keystone服务

Keystone服务只在controller节点上安装

创建keystone数据库,授予数据库权限

mysql -uroot -p000000
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '000000';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '000000';

按Ctrl+C退出数据库操作界面

安装keystone服务软件包

yum install openstack-keystone httpd mod_wsgi -y

修改/etc/keystone/keystone.conf配置文件

[database]
connection =mysql+pymysql://keystone:000000@controller/keystone

[token]
provider = fernet

同步身份认证的数据库

su -s /bin/sh -c "keystone-manage db_sync" keystone

初始化密钥存储库

keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

重启keystone服务

keystone-manage bootstrap --bootstrap-password ADMIN_PASS \
  --bootstrap-admin-url http://controller:35357/v3/ \
  --bootstrap-internal-url http://controller:5000/v3/ \
  --bootstrap-public-url http://controller:5000/v3/ \
  --bootstrap-region-id RegionOne

配置HTTP服务

修改 /etc/httpd/conf/httpd.conf 配置文件
新增配置:

ServerName controller

创建wsgi-keystone.conf文件连接

ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/

启动HTTP服务

systemctl enable httpd.service
systemctl start httpd.service

设置环境变量

[root@controller ~]# export OS_USERNAME=admin

[root@controller ~]# export OS_PASSWORD=000000

[root@controller ~]# export OS_PROJECT_NAME=admin

[root@controller ~]# export OS_USER_DOMAIN_NAME=Default

[root@controller ~]# export OS_PROJECT_DOMAIN_NAME=Default

[root@controller ~]# export OS_AUTH_URL=http://controller:35357/v3

[root@controller ~]# export OS_IDENTITY_API_VERSION=3

创建service项目

openstack project create --domain default --description "Service Project" service

Openstack安装部署手册 openstack安装文档_云计算_02


创建demo项目

openstack project create --domain default --description "Demo Project" demo

Openstack安装部署手册 openstack安装文档_openstack_03


创建demo用户

openstack user create --domain default --password-prompt demo

Openstack安装部署手册 openstack安装文档_mysql_04


此处密码设置为000000

创建user角色

openstack role create user

Openstack安装部署手册 openstack安装文档_Openstack安装部署手册_05

添加user角色到demo项目和用户

openstack role add --project demo --user demo user

验证操作
取消设置临时OS_AUTH_URL和OS_PASSWORD环境变量

unset OS_AUTH_URL OS_PASSWORD

作为 admin 用户,请求认证令牌

openstack --os-auth-url http://controller:35357/v3 \
  --os-project-domain-name Default --os-user-domain-name Default \
  --os-project-name admin --os-username admin token issue

Openstack安装部署手册 openstack安装文档_数据库_06

作为demo 用户,请求认证令牌

openstack --os-auth-url http://controller:5000/v3 \
  --os-project-domain-name Default --os-user-domain-name Default \
  --os-project-name demo --os-username demo token issue

Openstack安装部署手册 openstack安装文档_mysql_07


创建脚本

创建 admin-openrc 文件,添加以下内容:

export OS_PROJECT_DOMAIN_NAME=Default

export OS_USER_DOMAIN_NAME=Default

export OS_PROJECT_NAME=admin

export OS_USERNAME=admin

export OS_PASSWORD=000000

export OS_AUTH_URL=http://controller:5000/v3

export OS_IDENTITY_API_VERSION=3

export OS_IMAGE_API_VERSION=2

创建demo-openrc 文件,添加以下内容:

export OS_PROJECT_DOMAIN_NAME=Default

export OS_USER_DOMAIN_NAME=Default

export OS_PROJECT_NAME=demo

export OS_USERNAME=demo

export OS_PASSWORD=000000

export OS_AUTH_URL=http://controller:5000/v3

export OS_IDENTITY_API_VERSION=3

export OS_IMAGE_API_VERSION=2

验证环境变量

. admin-openrc
openstack token issue

Openstack安装部署手册 openstack安装文档_mysql_08

3.2 安装glance服务

glance服务只在controller节点上安装
创建glance数据库,授予数据库权限

mysql -uroot -p000000
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost'  IDENTIFIED BY '000000';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%'    IDENTIFIED BY '000000';

按Ctrl+C退出数据库操作界面
创建glance用户

openstack user create --domain default --password-prompt glance

Openstack安装部署手册 openstack安装文档_mysql_09


添加admin角色到glance用户和service项目中

openstack role add --project service --user glance admin

创建glance服务实体

openstack service create --name glance  --description "OpenStack Image" image

Openstack安装部署手册 openstack安装文档_Openstack安装部署手册_10


创建glance服务端点

openstack endpoint create --region RegionOne image public http://controller:9292

Openstack安装部署手册 openstack安装文档_Openstack安装部署手册_11

openstack endpoint create --region RegionOne image internal http://controller:9292

Openstack安装部署手册 openstack安装文档_数据库_12

openstack endpoint create --region RegionOne  image admin http://controller:9292

Openstack安装部署手册 openstack安装文档_Openstack安装部署手册_13


安装glance软件包

yum install openstack-glance -y

修改 /etc/glance/glance-api.conf 配置文件

[database]
connection = mysql+pymysql://glance:000000@controller/glance

[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = 000000

[paste_deploy]
flavor = keystone

[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/

修改 /etc/glance/glance-registry.conf 配置文件

[database]
connection = mysql+pymysql://glance:000000@controller/glance

[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = 000000

[paste_deploy]
flavor = keystone

同步数据库

su -s /bin/sh -c "glance-manage db_sync" glance

启动服务

systemctl enable openstack-glance-api.service \
  openstack-glance-registry.service
systemctl start openstack-glance-api.service \
  openstack-glance-registry.service

验证操作

获取权限

. admin-openrc

下载镜像

wget http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img

上传镜像

glance image-create --name cirros --disk-format qcow2 --container-format bare --progress < cirros-0.4.0-x86_64-disk.img

Openstack安装部署手册 openstack安装文档_mysql_14

确认镜像的上传并验证属性

openstack image list

Openstack安装部署手册 openstack安装文档_openstack_15

3.3 安装Nova服务

nova服务在controller节点和compute节点都要安装

在controller节点安装

创建nova,nova_api,nova_cell0数据库,并给予对应的权限

mysql -u root -p000000
CREATE DATABASE nova_api;
CREATE DATABASE nova;
CREATE DATABASE nova_cell0;
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY '000000';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%'    IDENTIFIED BY '000000';      
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost'  IDENTIFIED BY '000000';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%'    IDENTIFIED BY '000000';        
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost'  IDENTIFIED BY '000000';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%'    IDENTIFIED BY '000000';

** 创建nova用户**

openstack user create --domain default --password-prompt nova

Openstack安装部署手册 openstack安装文档_mysql_16


添加admin角色到nova用户

openstack role add --project service --user nova admin

创建nova服务实体

openstack service create --name nova --description "OpenStack Compute" compute

Openstack安装部署手册 openstack安装文档_云计算_17


创建nova服务端点

openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1

Openstack安装部署手册 openstack安装文档_mysql_18

openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1

Openstack安装部署手册 openstack安装文档_openstack_19

openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1

Openstack安装部署手册 openstack安装文档_mysql_20


创建placement用户

openstack user create --domain default --password-prompt placement

Openstack安装部署手册 openstack安装文档_云计算_21


添加admin角色到placement用户

openstack role add --project service --user placement admin

创建placement服务实体

openstack service create --name placement --description "Placement API" placement

Openstack安装部署手册 openstack安装文档_数据库_22


创建 placement服务端点

openstack endpoint create --region RegionOne placement public http://controller:8778

Openstack安装部署手册 openstack安装文档_mysql_23

openstack endpoint create --region RegionOne placement internal http://controller:8778

Openstack安装部署手册 openstack安装文档_mysql_24

openstack endpoint create --region RegionOne placement admin http://controller:8778

Openstack安装部署手册 openstack安装文档_Openstack安装部署手册_25


安装nova软件包

yum install openstack-nova-api openstack-nova-conductor openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler openstack-nova-placement-api -y

修改 /etc/nova/nova.conf 配置文件,添加以下内容

[DEFAULT]
enabled_apis = osapi_compute,metadata

[api_database]
connection =mysql+pymysql://nova:000000@controller/nova_api

[database]
connection = mysql+pymysql://nova:000000@controller/nova

[DEFAULT]
transport_url = rabbit://openstack:000000@controller

[api]
auth_strategy = keystone

[keystone_authtoken]
auth_uri = http://controller:5000
auth_url =http://controller:35357
memcached_servers = controller:11211
auth_type= password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = 000000

[DEFAULT]
my_ip = 192.168.74.12

[DEFAULT]
use_neutron = True
firewall_driver =nova.virt.firewall.NoopFirewallDriver

[vnc]
enabled = true
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ip

[glance]
api_servers =http://controller:9292

[oslo_concurrency]
lock_path = /var/lib/nova/tmp

[placement]
os_region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:35357/v3
username = placement password = 000000

修改 /etc/httpd/conf.d/00-nova-placement-api.conf 文件,添加以下内容

<Directory /usr/bin>
   <IfVersion >= 2.4>
      Require all granted
   </IfVersion>
   <IfVersion < 2.4>
      Order allow,deny
      Allow from all
   </IfVersion>
</Directory>

重启HTTP服务

systemctl restart httpd

同步nova_api数据库

su -s /bin/sh -c "nova-manage api_db sync" nova

注册cell0数据库

su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova

创建cell1单元格

su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova

同步nova数据库

su -s /bin/sh -c "nova-manage db sync" nova

验证nova cell0和cell1是否注册正确

nova-manage cell_v2 list_cells

Openstack安装部署手册 openstack安装文档_mysql_26


启动服务

systemctl enable openstack-nova-api.service \
  openstack-nova-consoleauth.service openstack-nova-scheduler.service \
  openstack-nova-conductor.service openstack-nova-novncproxy.service

systemctl start openstack-nova-api.service \
  openstack-nova-consoleauth.service openstack-nova-scheduler.service \
  openstack-nova-conductor.service openstack-nova-novncproxy.service

在compute节点安装

在compute节点上安装nova服务软件包

yum install openstack-nova-compute -y

修改 /etc/nova/nova.conf 配置文件

[DEFAULT]

[DEFAULT]
enabled_apis = osapi_compute,metadata

[DEFAULT]
transport_url = rabbit://openstack:000000@controller

[api]
auth_strategy = keystone

[keystone_authtoken]
auth_uri = http://controller:5000
auth_url =http://controller:35357
memcached_servers = controller:11211
auth_type= password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = 000000

[DEFAULT]
my_ip = 192.168.74.13

[DEFAULT]
use_neutron = True
firewall_driver =nova.virt.firewall.NoopFirewallDriver

[vnc]
enabled = True
vncserver_listen = 0.0.0.0
vncserver_proxyclient_address = $my_ip
novncproxy_base_url =http://controller:6080/vnc_auto.html

[glance]
api_servers = http://controller:9292

[oslo_concurrency]
lock_path = /var/lib/nova/tmp

[placement]
os_region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:35357/v3
username = placement password =000000

验证系统是否支持硬件加速
输出大于0证明支持

egrep -c '(vmx|svm)' /proc/cpuinfo

否则需要在/etc/nova/nova.conf配置文件的[libvirt]部分添加

virt_type = qemu

启动服务

systemctl enable libvirtd.service openstack-nova-compute.service
 systemctl start libvirtd.service openstack-nova-compute.service

在controller节点添加compute到cell数据库中

在controller节点进行操作
查看compute机

openstack compute service list --service nova-compute

这里如果报这个错:

Openstack安装部署手册 openstack安装文档_数据库_27


输入以下代码即可:

source admin-openrc

之后重新查看。
添加到数据库中

su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova

Openstack安装部署手册 openstack安装文档_云计算_28

3.4 安装Neutron服务

Neutron服务在controller节点和compute节点上都需要安装

在controller节点上安装Neutron服务

创建neutron服务数据库

mysql -u root -p000000
CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '000000';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%'    IDENTIFIED BY '000000';

创建neutron用户

. admin-openrc
openstack user create --domain default --password-prompt neutron

Openstack安装部署手册 openstack安装文档_数据库_29


添加admin角色到neutron用户

openstack role add --project service --user neutron admin

创建服务实体

openstack service create --name neutron --description "OpenStack Networking" network

Openstack安装部署手册 openstack安装文档_mysql_30


创建服务端口

openstack endpoint create --region RegionOne network public http://controller:9696

Openstack安装部署手册 openstack安装文档_mysql_31

openstack endpoint create --region RegionOne  network internal http://controller:9696

Openstack安装部署手册 openstack安装文档_mysql_32

openstack endpoint create --region RegionOne  network admin http://controller:9696

Openstack安装部署手册 openstack安装文档_mysql_33


安装neutron服务相关的软件包

这里选择了Self-service networks的网络模式

yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y

编辑 /etc/neutron/neutron.conf 配置文件

[DEFAULT]

[database]
connection =mysql+pymysql://neutron:000000@controller/neutron

[DEFAULT]
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = true

[DEFAULT]
transport_url = rabbit://openstack:000000@controller

[DEFAULT]
auth_strategy = keystone

[keystone_authtoken]
auth_uri = http://controller:5000
auth_url =http://controller:35357
memcached_servers = controller:11211
auth_type= password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = 000000

[DEFAULT]
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true

[nova]
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name =RegionOne
project_name = service
username = nova
password = 000000

[oslo_concurrency]
lock_path = /var/lib/neutron/tmp

编辑 /etc/neutron/plugins/ml2/ml2_conf.ini 配置文件

[DEFAULT]

[ml2]
type_drivers = flat,vlan,vxlan

[ml2]
tenant_network_types = vxlan

[ml2]
mechanism_drivers = linuxbridge,l2population

[ml2]
extension_drivers = port_security

[ml2_type_flat]
flat_networks = provider

[ml2_type_vxlan]
vni_ranges = 1:1000

[securitygroup]
enable_ipset = true

编辑 /etc/neutron/plugins/ml2/linuxbridge_agent.ini 网桥代理配置文件

[DEFAULT]

[linux_bridge]
physical_interface_mappings = provider:ens37

[vxlan]
enable_vxlan = true
local_ip = 192.168.56.12
l2_population =true

[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

编辑 /etc/neutron/l3_agent.ini 文件

[DEFAULT]
interface_driver = linuxbridge

编辑 /etc/neutron/dhcp_agent.ini 文件

[DEFAULT]
interface_driver = linuxbridge
dhcp_driver =neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true

编辑 /etc/neutron/metadata_agent.ini 文件

[DEFAULT]
nova_metadata_host = controller
metadata_proxy_shared_secret = 000000

编辑/etc/nova/nova.conf文件,添加以下内容

[neutron]
url = http://controller:9696
auth_url =http://controller:35357
auth_type = password
project_domain_name =default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = 000000
service_metadata_proxy = true
metadata_proxy_shared_secret = 000000

创建连接

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

同步数据库

su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf  --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

Openstack安装部署手册 openstack安装文档_openstack_34


重启nova-api服务

systemctl restart openstack-nova-api.service

启动neutron服务

systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
 systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service

在compute节点上安装neutron服务

安装neutron服务相关软件包

yum install openstack-neutron-linuxbridge ebtables ipset -y

编辑 /etc/neutron/neutron.conf 配置文件

[DEFAULT]

[DEFAULT]
transport_url = rabbit://openstack:000000@controller

[DEFAULT]
auth_strategy = keystone

[keystone_authtoken]
auth_uri = http://controller:5000
auth_url =http://controller:35357
memcached_servers = controller:11211
auth_type= password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = 000000

[oslo_concurrency]
lock_path = /var/lib/neutron/tmp

编辑 /etc/neutron/plugins/ml2/linuxbridge_agent.ini 文件

[linux_bridge]
physical_interface_mappings = provider:ens37

[vxlan]
enable_vxlan = true
local_ip = 192.168.56.13
l2_population = true

[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

编辑/etc/nova/nova.conf文件

[neutron]
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = 000000

重启nova-compute服务

systemctl restart openstack-nova-compute.service

启动网桥代理服务

systemctl start neutron-linuxbridge-agent.service
systemctl enable neutron-linuxbridge-agent.service

验证neutron服务是否成功安装
在controller节点上验证

openstack network agent list

Openstack安装部署手册 openstack安装文档_openstack_35

3.5 安装dashboard组件

这个组件时安装在controller节点上的
安装dashboard组件

yum install openstack-dashboard -y

编辑 /etc/openstack-dashboard/local_settings 文件
注意这里不能直接添加,在文件中找到修改。

OPENSTACK_HOST = "controller"

ALLOWED_HOSTS = ['*',]

SESSION_ENGINE = 'django.contrib.sessions.backends.cache'

CACHES = {
    'default': {
         'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',

         'LOCATION': 'controller:11211',

    }

}

OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST

OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True

OPENSTACK_API_VERSIONS = {
    "identity": 3,

    "image": 2,

    "volume": 2,

}

OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"

OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"

编辑 /etc/httpd/conf.d/openstack-dashboard.conf 文件,添加以下内容

WSGIApplicationGroup %{GLOBAL}

重启web服务

systemctl restart httpd.service memcached.service

浏览器访问

浏览器打开 http://192.168.74.12/dashboard

Openstack安装部署手册 openstack安装文档_云计算_36

安装完成

感谢各位客官的观看,小弟初来乍到,如果安装过程有错,希望能够包含,并向我提出意见。谢谢各位。