安装步骤

  • OpenStack简介
  • 准备工作
  • 安装NTP服务
  • 安装yum库(所有节点)
  • 提前设置一下环境变量
  • 安装MySQL
  • 安装RabbitMQ
  • 安装Menmcached:
  • 安装etcd:
  • 安装OpenStack Service:需要安装 Keystone、Glance、Placement、Nova、Neutron 和 Horizon
  • 安装keystone
  • 安装Glance
  • 安装Placement
  • 安装Nova
  • 先在test-1安装控制节点
  • 在test-2安装Nova计算节点
  • 验证Nova安装
  • 安装Neutron
  • 在test-1上安装控制节点
  • 在test-2上安装计算节点
  • 验证
  • 安装Dashboard
  • 创建镜像测试
  • 总结


OpenStack简介

OpenStack:是一个开源软件,它提供了开放源码,可以建立公有和私有云,目的在于帮助组织运行虚拟计算或服务存储的云。

一般分为四个节点
控制节点:对其余节点的控制,包括虚拟机建立,迁移,网络分配等
计算节点:负责虚拟机的运行
网络节点:负责对外网络与内网络之间的通信
存储节点:负责对虚拟机的额外存储管理

核心组件及可选组件如下:

OpenStack单节点搭 openstack单节点安装_OpenStack单节点搭


控制节点包括以下服务:

管理支持服务:
MySQL:存储其他服务的基本信息以及产生的数据
Qpid:消息代理(也称消息中间件)为其他各种服务之间提供了统一的消息通信服务(RabbitMQ)

管理基础服务:
keystone:认证管理服务,提供了其余所有组件的认证信息/令牌的管理、创建、修改等。
Glance:镜像管理服务,提供了对虚拟机部署的时候所能提供的镜像的管理,包含镜像的导入,格式以及制作的模板。
Nova:计算管理服务,提供了对计算节点的Nova的管理,使用Nova-api进行通信
Neutron:网络管理服务,提供了对网络节点的网络拓扑管理
Horizon:控制台服务,以web形式对所有节点的所有服务的管理,一般称为dashboard

扩展管理服务:Cinder,Swift,Trove,Heat,Centimeter五个服务

准备工作

两台机器
操作系统为centos7
安装好并且配置固定ip
修改主机名为test-1,test-2
设test-1位控制节点,test-2位计算节点
然后vi /etc/hosts 加入如下内容:

59.64.78.64		test-1
59.64.78.65		test-2

之后需要能互相ping通且能通ping外网

关闭selinux

sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/sysconfig/selinux
setenforce 0

关闭防火墙

systemctl stop firewalld.service

安装NTP服务

在test-1上

yum install chrony -y
vi /etc/chrony.conf
注释掉
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
添加
server ntp.aliyun.com iburst #使用阿里ntp
allow 59.64.78.64/24 #允许网段其他节点同步时间

保存退出之后

systemctl enable chronyd.service
systemctl start chronyd.service
chronyc sources

在test-2上

yum install chrony -y
vi /etc/chrony.conf
注释掉
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
添加
server controller iburst #同步test-1节点

保存退出之后

systemctl enable chronyd.service
systemctl start chronyd.service
chronyc sources

安装yum库(所有节点)

在test-1,test-2都安装

yum install centos-release-openstack-train -y
yum install https://rdoproject.org/repos/rdo-release.rpm -y
yum upgrade -y
yum install python-openstackclient -y #客户端安装

提前设置一下环境变量

在test-1上设置
先在命令行输入openssl rand -hex 10,生成一个随机密码
然后

export ADMIN_PASS=fc05e1929b2c057a4098
export CINDER_DBPASS=BBDERS1@bbdops.com
export CINDER_PASS=fc05e1929b2c057a4098
export DASH_DBPASS=fc05e1929b2c057a4098
export DEMO_PASS=fc05e1929b2c057a4098
export GLANCE_DBPASS=BBDERS1@bbdops.com
export GLANCE_PASS=fc05e1929b2c057a4098
export KEYSTONE_DBPASS=BBDERS1@bbdops.com
export METADATA_SECRET=fc05e1929b2c057a4098
export NEUTRON_DBPASS=BBDERS1@bbdops.com
export NEUTRON_PASS=fc05e1929b2c057a4098
export NOVA_DBPASS=BBDERS1@bbdops.com
export NOVA_PASS=fc05e1929b2c057a4098
export PLACEMENT_PASS=fc05e1929b2c057a4098
export RABBIT_PASS=fc05e1929b2c057a4098

source /etc/profile使之生效

安装MySQL

查看 rpm -qa | grep mariadb 如果有东西出现就rpm -e --nodeps mariadb….. 我这里是rpm -e --nodeps mariadb-config-3:10.3.20-3.el7.0.0.rdo1.x86_64做了一个删除操作

下载MySQL

wget https://repo.mysql.com/mysql80-community-release-el7-3.noarch.rpm

yum本地安装

sudo yum localinstall mysql80-community-release-el7-3.noarch.rpm

sudo yum install mysql-community-server -y

启动mysql并设置开机启动

sudo systemctl enable mysqld
sudo systemctl start mysqld

查看初始密码

grep 'temporary password'  /var/log/mysqld.log

进入命令行

mysql -u root -p

输入刚才查到的密码
进入到mysql命令行

修改密码

mysql> ALTER USER root@localhost identified by '8sVQxyAzym-w';

最后那部分为自定的密码

退出MySQL:ctrl+z

设置免密登录:vim /etc/my.cnf 添加

[client]
host=127.0.0.1
user=root
password=8sVQxyAzym-w

输入mysql

OpenStack单节点搭 openstack单节点安装_5e_02


配置参数:

set global max_connections=300;
show variables like '%max_connections%';
show status like 'Threads%';

其中Threads_connected 是当前连接数,Threads_running 是并发数。

安装RabbitMQ

yum install rabbitmq-server

启动RabbitMQ并设置开机启动:

systemctl enable rabbitmq-server.service
systemctl start rabbitmq-server.service

添加用户:

rabbitmqctl add_user openstack $RABBIT_PASS

为 openstack 用户添加配置、读、写权限:

rabbitmqctl set_permissions openstack ".*" ".*" ".*"

查看:

rabbitmqctl list_user_permissions openstack

OpenStack单节点搭 openstack单节点安装_5e_03

安装Menmcached:

yum install memcached python-memcached

修改配置文件

vi /etc/sysconfig/memcached
将OPTIONS="-l 127.0.0.1,::1"改为OPTIONS=""

启动:

systemctl enable memcached.service
systemctl start memcached.service

安装etcd:

yum install etcd

修改配置文件:vi /etc/etcd/etcd.conf

ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="http://59.64.78.64:2380"
ETCD_LISTEN_CLIENT_URLS=http://59.64.78.64:2379
ETCD_NAME="controller"

ETCD_INITIAL_ADVERTISE_PEER_URLS="http://59.64.78.64:2380"
ETCD_ADVERTISE_CLIENT_URLS=http://59.64.78.64:2379
ETCD_INITIAL_CLUSTER="controller=http://59.64.78.64:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"
ETCD_INITIAL_CLUSTER_STATE="new"

启动:

systemctl enable etcd
systemctl start etcd

安装OpenStack Service:需要安装 Keystone、Glance、Placement、Nova、Neutron 和 Horizon

安装keystone

创建mysql用户及库:

mysql> CREATE DATABASE keystone;
mysql> CREATE USER keystone IDENTIFIED BY 'BBDERS1@bbdops.com';
mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%';
mysql> FLUSH PRIVILEGES;

在test-1上安装keystone:

yum install openstack-keystone httpd mod_wsgi

修改配置文件vi /etc/keystone/keystone.conf

[Default]
admin_token = <None>

[database]
connection = mysql+pymysql://keystone:BBDERS1%40bbdops.com@test-1/keystone

[token]
provider = fernet

填充服务数据库:

su -s /bin/sh -c "keystone-manage db_sync" keystone

初始化Fernet密钥存储库:

keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone

keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

启动keystone服务:

keystone-manage bootstrap --bootstrap-password $ADMIN_PASS \
  --bootstrap-admin-url http://test-1:5000/v3/ \
  --bootstrap-internal-url http://test-1:5000/v3/ \
  --bootstrap-public-url http://test-1:5000/v3/ \
  --bootstrap-region-id RegionOne

修改httpd配置文件:vi /etc/httpd/conf/httpd.conf 把ServerName改成自己的主机名

ServerName test-1

创建软连接:

ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/

启动 httpd 服务:

systemctl enable httpd.service
systemctl start httpd.service

配置环境变量(test-1,test-2):

export OS_USERNAME=admin
export OS_PASSWORD=fc05e1929b2c057a4098
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://test-1:5000/v3

使之生效

source /etc/profile

创建默认domain:

openstack domain create --description "An Example Domain" example

创建service项目:

openstack project create --domain default --description "Service Project" service

OpenStack单节点搭 openstack单节点安装_OpenStack安装_04


创建myproject procect:

openstack project create --domain default --description "Demo Project" myproject

OpenStack单节点搭 openstack单节点安装_centos_05


创建myuser用户(password我设置的是123456):

openstack user create --domain default --password-prompt myuser

OpenStack单节点搭 openstack单节点安装_OpenStack安装_06


创建myrole权限:

openstack role create myrole

把 myrole 权限加入到 myproject 和 myuser 中:

openstack role add --project myproject --user myuser myrole

验证:

openstack --os-auth-url http://test-1:5000/v3 \
  --os-project-domain-name Default --os-user-domain-name Default \
  --os-project-name admin --os-username admin token issue

如果要求输入密码,就是之前设置好的OS_AUTH_URL OS_PASSWORD

再验证 myproject:

openstack --os-auth-url http://test-1:5000/v3 \
  --os-project-domain-name Default --os-user-domain-name Default \
  --os-project-name myproject --os-username myuser token issue

密码为123456

创建admin-openrc文件vi admin-openrc,然后添加如下内容

export OS_USERNAME=admin
export OS_PASSWORD=fc05e1929b2c057a4098
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://test-1:5000/v3
export OS_IDENTITY_API_VERSION=3

创建demo-openrc文件vi demo-openrc,然后添加如下内容

export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=myproject
export OS_USERNAME=myuser
export OS_PASSWORD=123456
export OS_AUTH_URL=http://test-1:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

使之生效. admin-openrc

请求认证token:

openstack token issue

OpenStack单节点搭 openstack单节点安装_5e_07

安装Glance

在test-1上安装:

创建mysql用户及库:

mysql> CREATE DATABASE glance;
mysql> CREATE USER glance IDENTIFIED BY 'BBDERS1@bbdops.com';
mysql> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%';
mysql> FLUSH PRIVILEGES;

创建glance用户:

openstack user create --domain default --password-prompt glance

密码为GLANCE_PASS 即fc05e1929b2c057a4098.

为glance用户添加admin权限:

openstack role add --project service --user glance admin

创建glance service:

openstack service create --name glance --description "OpenStack Image" image

创建 Image service API endpoints:

openstack endpoint create --region RegionOne image public http://test-1:9292
openstack endpoint create --region RegionOne image internal http://test-1:9292
openstack endpoint create --region RegionOne image admin http://test-1:9292

安装glance组件:

yum install openstack-glance

修改文件:vi /etc/glance/glance-api.conf

[database]
connection = mysql+pymysql://glance:BBDERS1%40bbdops.com@test-1/glance

[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/

[keystone_authtoken]
www_authenticate_uri  = http://test-1:5000
auth_url = http://test-1:5000
memcached_servers = test-1:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = fc05e1929b2c057a4098

[paste_deploy]
flavor = keystone

初始化数据库:

su -s /bin/sh -c "glance-manage db_sync" glance

启动Glance服务:

systemctl enable openstack-glance-api.service
systemctl start openstack-glance-api.service

安装Placement

在test-1上安装

创建mysql:

mysql> CREATE DATABASE placement;
mysql> CREATE USER placement IDENTIFIED BY 'BBDERS1@bbdops.com';
mysql> GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%';
mysql> FLUSH PRIVILEGES;

创建用户:

openstack user create --domain default --password-prompt placement

密码为PLACEMENT_PASS 即fc05e1929b2c057a4098

添加placement service:
openstack role add --project service --user placement admin

在这里插入代码片

创建placement API entry:

openstack service create --name placement --description "Placement API" placement

创建Placement API service endpoints :

openstack endpoint create --region RegionOne placement public http://test-1:8778
openstack endpoint create --region RegionOne placement internal http://test-1:8778
openstack endpoint create --region RegionOne placement admin http://test-1:8778

安装Placement组件:

yum install openstack-placement-api

修改文件 vi /etc/placement/placement.conf

[api]
auth_strategy = keystone

[keystone_authtoken]
auth_url = http://test-1:5000/v3
memcached_servers = test-1:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = placement
password = fc05e1929b2c057a4098

[placement_database]
connection = mysql+pymysql://placement:BBDERS1%40bbdops.com@test-1/placement

初始化数据库:

su -s /bin/sh -c "placement-manage db sync" placement

检查pip是否存在:

pip -V

OpenStack单节点搭 openstack单节点安装_OpenStack单节点搭_08


如果没有上图,就现安装一个

wget https://bootstrap.pypa.io/pip/2.7/get-pip.py
python get-pip.py

验证并安装:

placement-status upgrade check
pip install osc-placement

修改文件 vi /etc/httpd/conf.d/00-placement-api.conf<VirtualHost *:8778> 内部加入以下代码:

<Directory /usr/bin>
    <IfVersion >= 2.4>
      Require all granted
    </IfVersion>
    <IfVersion < 2.4>
      Order allow,deny
      Allow from all
    </IfVersion>
  </Directory>

重启httpd:

systemctl restart httpd

继续验证:

openstack --os-placement-api-version 1.2 resource class list --sort-column name
openstack --os-placement-api-version 1.6 trait list --sort-column name

安装Nova

先在test-1安装控制节点

创建mysql:

mysql> CREATE DATABASE nova_api;
mysql> CREATE DATABASE nova;
mysql> CREATE DATABASE nova_cell0;
mysql> CREATE USER nova IDENTIFIED BY 'BBDERS1@bbdops.com';
mysql> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%';
mysql> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%';
mysql> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%';
mysql> FLUSH PRIVILEGES;

创建nova用户:

openstack user create --domain default --password-prompt nova

密码为NOVA_PASS 即fc05e1929b2c057a4098

为nova添加admin权限:

openstack role add --project service --user nova admin

创建 nova service entity:

openstack service create --name nova --description "OpenStack Compute" compute

创建 Compute API service endpoints:

openstack endpoint create --region RegionOne compute public http://test-1:8774/v2.1
openstack endpoint create --region RegionOne compute internal http://test-1:8774/v2.1
openstack endpoint create --region RegionOne compute admin http://test-1:8774/v2.1

安装nova:

yum install openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler

修改文件 vi /etc/nova/nova.conf

[DEFAULT]
enabled_apis=osapi_compute,metadata
block_device_allocate_retries=300
block_device_allocate_retries_interval=3
transport_url=rabbit://openstack:fc05e1929b2c057a4098@test-1:5672/
my_ip=59.64.78.64 # 替换成自己的test-1的ip
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver

[api]
auth_strategy = keystone

[api_database]
connection = mysql+pymysql://nova:BBDERS1%40bbdops.com@test-1/nova_api

[database]
connection = mysql+pymysql://nova:BBDERS1%40bbdops.com@test-1/nova

[keystone_authtoken]
www_authenticate_uri = http://test-1:5000/
auth_url = http://test-1:5000/
memcached_servers = test-1:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = fc05e1929b2c057a4098

[glance]
api_servers=http://test-1:9292

[oslo_concurrency]
lock_path = /var/lib/nova/tmp

[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://test-1:5000/v3
username = placement
password = fc05e1929b2c057a4098

[vnc]
enabled = true
server_listen = $my_ip
server_proxyclient_address = $my_ip

初始化数据库:

su -s /bin/sh -c "nova-manage api_db sync" nova

注册cell0数据库:

su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova

注册cell1数据库:

su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova

填充nove数据库:

su -s /bin/sh -c "nova-manage db sync" nova

验证 cell0 和 cell1 是否被注册了:

su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova

OpenStack单节点搭 openstack单节点安装_OpenStack单节点搭_09


启动 nova:

systemctl enable \
    openstack-nova-api.service \
    openstack-nova-scheduler.service \
    openstack-nova-conductor.service \
    openstack-nova-novncproxy.service
systemctl start \
    openstack-nova-api.service \
    openstack-nova-scheduler.service \
    openstack-nova-conductor.service \
    openstack-nova-novncproxy.service

检查更新:

nova-status upgrade check

OpenStack单节点搭 openstack单节点安装_OpenStack单节点搭_10


如果controller节点安装完,重新连接之后报了一大堆错误:

OpenStack单节点搭 openstack单节点安装_centos_11


解决方法:yum install -y libibverbs

在test-2安装Nova计算节点

在test-2上安装:

yum install openstack-nova-compute

修改文件 vi /etc/nova/nova.conf

[DEFAULT]
enabled_apis = osapi_compute,metadata
block_device_allocate_retries=300
block_device_allocate_retries_interval=3
transport_url=rabbit://openstack:fc05e1929b2c057a4098@test-1
my_ip=59.64.78.65 # 替换成自己的test-2的ip
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver

[api]
auth_strategy = keystone

[glance]
api_servers=http://test-1:9292

[keystone_authtoken]
www_authenticate_uri = http://test-1:5000/
auth_url = http://test-1:5000/
memcached_servers = test-1:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = fc05e1929b2c057a4098

[oslo_concurrency]
lock_path = /var/lib/nova/tmp

[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://test-1:5000/v3
username = placement
password = fc05e1929b2c057a4098

[vnc]
enabled = true
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://test-1:6080/vnc_auto.html

执行:egrep -c '(vmx|svm)' /proc/cpuinfo

如果返回0,则需要在刚才的文档里加配置:

[libvirt]
virt_type=qemu
启动 Nova 计算节点:
systemctl enable libvirtd.service openstack-nova-compute.service
systemctl start libvirtd.service openstack-nova-compute.service

以下在test-1上执行:

. admin-openrc
openstack compute service list --service nova-compute

OpenStack单节点搭 openstack单节点安装_OpenStack单节点搭_12


发现计算主机:

su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova

每次添加新的计算节点的时候,都要运行上述命令

验证Nova安装

openstack catalog list

OpenStack单节点搭 openstack单节点安装_centos_13


openstack compute service list

OpenStack单节点搭 openstack单节点安装_mysql_14


nova-status upgrade check

OpenStack单节点搭 openstack单节点安装_5e_15

安装Neutron

在test-1上安装控制节点

创建mysql库和用户:

mysql> CREATE DATABASE neutron;
mysql> CREATE USER neutron IDENTIFIED BY 'BBDERS1@bbdops.com';
mysql> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%';
mysql> FLUSH PRIVILEGES;

创建neutron用户:

openstack user create --domain default --password-prompt neutron

密码为: fc05e1929b2c057a4098

添加admin权限:

openstack role add --project service --user neutron admin

创建neutron service entity:

openstack service create --name neutron --description "OpenStack Networking" network

创建 Networking service API endpoints:

openstack endpoint create --region RegionOne network public http://test-1:9696
openstack endpoint create --region RegionOne network internal http://test-1:9696
openstack endpoint create --region RegionOne network admin http://test-1:9696

安装:

yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables

配置网络:vi /etc/neutron/neutron.conf

[DEFAULT]
transport_url=rabbit://openstack:fc05e1929b2c057a4098@test-1
auth_strategy = keystone
core_plugin = ml2
service_plugins =
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true

[database]
connection = mysql+pymysql://neutron:BBDERS1%40bbdops.com@test-1/neutron

[keystone_authtoken]
www_authenticate_uri = http://test-1:5000
auth_url = http://test-1:5000
memcached_servers = test-1:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = fc05e1929b2c057a4098

[nova]
auth_url = http://test-1:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = fc05e1929b2c057a4098

[oslo_concurrency]
lock_path = /var/lib/neutron/tmp

配置ml2插件:vi /etc/neutron/plugins/ml2/ml2_conf.ini

[ml2]
type_drivers = flat,vlan
tenant_network_types =
mechanism_drivers = linuxbridge
extension_drivers = port_security

[ml2_type_flat]
flat_networks = provider

[securitygroup]
enable_ipset = true

配置linux网桥:vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini

[linux_bridge]
physical_interface_mappings = provider:eno1 #(这里写第一个网卡的名字)

[vxlan]
enable_vxlan = true
local_ip = 192.168.229.131
l2_population = true

[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

配置dhcp:vi /etc/neutron/dhcp_agent.ini

interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true

配置元数据代理:vi /etc/neutron/metadata_agent.ini

[DEFAULT]
nova_metadata_host = test-1
metadata_proxy_shared_secret = fc05e1929b2c057a4098

配置nova使用网络服务:vi /etc/nova/nova.conf

[neutron]
auth_url = http://test-1:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = fc05e1929b2c057a4098
service_metadata_proxy = true
metadata_proxy_shared_secret = fc05e1929b2c057a4098

启动neutron:

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
  --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

systemctl restart openstack-nova-api.service

systemctl enable neutron-server.service \
  neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
  neutron-metadata-agent.service

systemctl start neutron-server.service \
  neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
  neutron-metadata-agent.service

创建网络:

. admin-openrc
openstack network create  --share --external \
  --provider-physical-network provider \
  --provider-network-type flat provider

创建子网:

openstack subnet create --network provider \
  --allocation-pool start=59.64.78.100,end=59.64.78.200 \
  --dns-nameserver 8.8.8.8 --gateway 59.64.78.1 \
  --subnet-range 59.64.78.0/24 extent-subnet

在test-2上安装计算节点

yum install openstack-neutron-linuxbridge ebtables ipset

修改文件vi /etc/neutron/neutron.conf

[DEFAULT]
transport_url=rabbit://openstack:fc05e1929b2c057a4098@test-1
auth_strategy = keystone


[keystone_authtoken]
www_authenticate_uri = http://test-1:5000
auth_url = http://test-1:5000
memcached_servers = test-1:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = fc05e1929b2c057a4098

[oslo_concurrency]
lock_path = /var/lib/neutron/tmp

修改网桥文件:vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini

[linux_bridge]
physical_interface_mappings = provider: eno1 #(这里写第一个网卡的名字)

[vxlan]
enable_vxlan = true
local_ip = 192.168.229.132
l2_population = true

[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

修改nova文件:vi /etc/nova/nova.conf

[neutron]
url = http://test-1:9696
auth_url = http://test-1:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = fc05e1929b2c057a4098

重启计算服务:

systemctl restart openstack-nova-compute.service

启动网络计算服务:

systemctl enable neutron-linuxbridge-agent.service
systemctl start neutron-linuxbridge-agent.service

验证

. admin-openrc
openstack extension list --network

查看网络节点列表:

openstack network agent list

OpenStack单节点搭 openstack单节点安装_centos_16

安装Dashboard

在test-1上安装:

yum install openstack-dashboard

配置文件 vi /etc/openstack-dashboard/local_settings

OPENSTACK_HOST = "test-1"
ALLOWED_HOSTS = ['*']
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
CACHES = {
    'default': {
         'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
         'LOCATION': 'test-1:11211',
    }
}

TIME_ZONE = "Asia/Shanghai"

OPENSTACK_NEUTRON_NETWORK = {
    'enable_auto_allocated_network': False,
    'enable_distributed_router': False,
    'enable_fip_topology_check': True,
    'enable_ha_router': False,
    'enable_ipv6': True,
    # TODO(amotoki): Drop OPENSTACK_NEUTRON_NETWORK completely from here.
    # enable_quotas has the different default value here.
    'enable_quotas': False,
    'enable_rbac_policy': True,
    'enable_router': True,
    'enable_lb': False,
    'enable_firewall': False,
    'enable_vpn': False,

    'default_dns_nameservers': [],
    'supported_provider_types': ['*'],
    'segmentation_id_range': {},
    'extra_provider_types': {},
    'supported_vnic_types': ['*'],
    'physical_networks': [],

}


OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_API_VERSIONS = {
    "identity": 3,
    "image": 2,
    "volume": 2,
}
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"

WEBROOT = "/dashboard/"

vi /etc/httpd/conf.d/openstack-dashboard.conf 添加

WSGIApplicationGroup %{GLOBAL}

重启httpd和缓存服务:

systemctl restart httpd.service memcached.service

测试访问:http:test-1/dashboard

填写域名(default),用户名,密码。

OpenStack单节点搭 openstack单节点安装_mysql_17

创建镜像测试

下载测试镜像cirros

wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img

上传到glance

openstack image create "cirros" --disk-format qcow2 --container-format bare --public < cirros-0.3.4-x86_64-disk.img

创建实例类型:
创建名为 flavor1、ID 为 1234、内存为 512MB、硬盘为 1GB、虚拟内核数量为 1 的云主机类型;

. admin-openrc
nova flavor-create flavor1 1234 512 1 1

然后从用户界面->管理员->计算->实例类型查看

OpenStack单节点搭 openstack单节点安装_OpenStack单节点搭_18


创建实例 名称为kdl1:

openstack network list

找到这个id

OpenStack单节点搭 openstack单节点安装_centos_19

openstack server create --flavor flavor1 --image cirros \
 --nic net-id=dd2affc7-7b26-46e9-af01-d5125c12c95a kdl1

OpenStack单节点搭 openstack单节点安装_OpenStack安装_20

总结

OpenStack的安装步骤非常多,且官方文档也不一定是完全对的(毕竟版本一直在更替,但安装文档他们可能忘记更新了),因此中间遇到问题是很正常的事情,本文也踩了不少坑,如果有一些奇奇怪怪的问题也欢迎联系,一起讨论问题并解决(当然Google一下大概率解决的更快)