安装步骤
- OpenStack简介
- 准备工作
- 安装NTP服务
- 安装yum库(所有节点)
- 提前设置一下环境变量
- 安装MySQL
- 安装RabbitMQ
- 安装Menmcached:
- 安装etcd:
- 安装OpenStack Service:需要安装 Keystone、Glance、Placement、Nova、Neutron 和 Horizon
- 安装keystone
- 安装Glance
- 安装Placement
- 安装Nova
- 先在test-1安装控制节点
- 在test-2安装Nova计算节点
- 验证Nova安装
- 安装Neutron
- 在test-1上安装控制节点
- 在test-2上安装计算节点
- 验证
- 安装Dashboard
- 创建镜像测试
- 总结
OpenStack简介
OpenStack:是一个开源软件,它提供了开放源码,可以建立公有和私有云,目的在于帮助组织运行虚拟计算或服务存储的云。
一般分为四个节点
控制节点:对其余节点的控制,包括虚拟机建立,迁移,网络分配等
计算节点:负责虚拟机的运行
网络节点:负责对外网络与内网络之间的通信
存储节点:负责对虚拟机的额外存储管理
核心组件及可选组件如下:
控制节点包括以下服务:
管理支持服务:
MySQL:存储其他服务的基本信息以及产生的数据
Qpid:消息代理(也称消息中间件)为其他各种服务之间提供了统一的消息通信服务(RabbitMQ)
管理基础服务:
keystone:认证管理服务,提供了其余所有组件的认证信息/令牌的管理、创建、修改等。
Glance:镜像管理服务,提供了对虚拟机部署的时候所能提供的镜像的管理,包含镜像的导入,格式以及制作的模板。
Nova:计算管理服务,提供了对计算节点的Nova的管理,使用Nova-api进行通信
Neutron:网络管理服务,提供了对网络节点的网络拓扑管理
Horizon:控制台服务,以web形式对所有节点的所有服务的管理,一般称为dashboard
扩展管理服务:Cinder,Swift,Trove,Heat,Centimeter五个服务
准备工作
两台机器
操作系统为centos7
安装好并且配置固定ip
修改主机名为test-1,test-2
设test-1位控制节点,test-2位计算节点
然后vi /etc/hosts
加入如下内容:
59.64.78.64 test-1
59.64.78.65 test-2
之后需要能互相ping通且能通ping外网
关闭selinux
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/sysconfig/selinux
setenforce 0
关闭防火墙
systemctl stop firewalld.service
安装NTP服务
在test-1上
yum install chrony -y
vi /etc/chrony.conf
注释掉
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
添加
server ntp.aliyun.com iburst #使用阿里ntp
allow 59.64.78.64/24 #允许网段其他节点同步时间
保存退出之后
systemctl enable chronyd.service
systemctl start chronyd.service
chronyc sources
在test-2上
yum install chrony -y
vi /etc/chrony.conf
注释掉
#server 0.centos.pool.ntp.org iburst
#server 1.centos.pool.ntp.org iburst
#server 2.centos.pool.ntp.org iburst
#server 3.centos.pool.ntp.org iburst
添加
server controller iburst #同步test-1节点
保存退出之后
systemctl enable chronyd.service
systemctl start chronyd.service
chronyc sources
安装yum库(所有节点)
在test-1,test-2都安装
yum install centos-release-openstack-train -y
yum install https://rdoproject.org/repos/rdo-release.rpm -y
yum upgrade -y
yum install python-openstackclient -y #客户端安装
提前设置一下环境变量
在test-1上设置
先在命令行输入openssl rand -hex 10
,生成一个随机密码
然后
export ADMIN_PASS=fc05e1929b2c057a4098
export CINDER_DBPASS=BBDERS1@bbdops.com
export CINDER_PASS=fc05e1929b2c057a4098
export DASH_DBPASS=fc05e1929b2c057a4098
export DEMO_PASS=fc05e1929b2c057a4098
export GLANCE_DBPASS=BBDERS1@bbdops.com
export GLANCE_PASS=fc05e1929b2c057a4098
export KEYSTONE_DBPASS=BBDERS1@bbdops.com
export METADATA_SECRET=fc05e1929b2c057a4098
export NEUTRON_DBPASS=BBDERS1@bbdops.com
export NEUTRON_PASS=fc05e1929b2c057a4098
export NOVA_DBPASS=BBDERS1@bbdops.com
export NOVA_PASS=fc05e1929b2c057a4098
export PLACEMENT_PASS=fc05e1929b2c057a4098
export RABBIT_PASS=fc05e1929b2c057a4098
source /etc/profile
使之生效
安装MySQL
查看 rpm -qa | grep mariadb
如果有东西出现就rpm -e --nodeps mariadb…..
我这里是rpm -e --nodeps mariadb-config-3:10.3.20-3.el7.0.0.rdo1.x86_64
做了一个删除操作
下载MySQL
wget https://repo.mysql.com/mysql80-community-release-el7-3.noarch.rpm
yum本地安装
sudo yum localinstall mysql80-community-release-el7-3.noarch.rpm
sudo yum install mysql-community-server -y
启动mysql并设置开机启动
sudo systemctl enable mysqld
sudo systemctl start mysqld
查看初始密码
grep 'temporary password' /var/log/mysqld.log
进入命令行
mysql -u root -p
输入刚才查到的密码
进入到mysql命令行
修改密码
mysql> ALTER USER root@localhost identified by '8sVQxyAzym-w';
最后那部分为自定的密码
退出MySQL:ctrl+z
设置免密登录:vim /etc/my.cnf
添加
[client]
host=127.0.0.1
user=root
password=8sVQxyAzym-w
输入mysql
配置参数:
set global max_connections=300;
show variables like '%max_connections%';
show status like 'Threads%';
其中Threads_connected 是当前连接数,Threads_running 是并发数。
安装RabbitMQ
yum install rabbitmq-server
启动RabbitMQ并设置开机启动:
systemctl enable rabbitmq-server.service
systemctl start rabbitmq-server.service
添加用户:
rabbitmqctl add_user openstack $RABBIT_PASS
为 openstack 用户添加配置、读、写权限:
rabbitmqctl set_permissions openstack ".*" ".*" ".*"
查看:
rabbitmqctl list_user_permissions openstack
安装Menmcached:
yum install memcached python-memcached
修改配置文件
vi /etc/sysconfig/memcached
将OPTIONS="-l 127.0.0.1,::1"改为OPTIONS=""
启动:
systemctl enable memcached.service
systemctl start memcached.service
安装etcd:
yum install etcd
修改配置文件:vi /etc/etcd/etcd.conf
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="http://59.64.78.64:2380"
ETCD_LISTEN_CLIENT_URLS=http://59.64.78.64:2379
ETCD_NAME="controller"
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://59.64.78.64:2380"
ETCD_ADVERTISE_CLIENT_URLS=http://59.64.78.64:2379
ETCD_INITIAL_CLUSTER="controller=http://59.64.78.64:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"
ETCD_INITIAL_CLUSTER_STATE="new"
启动:
systemctl enable etcd
systemctl start etcd
安装OpenStack Service:需要安装 Keystone、Glance、Placement、Nova、Neutron 和 Horizon
安装keystone
创建mysql用户及库:
mysql> CREATE DATABASE keystone;
mysql> CREATE USER keystone IDENTIFIED BY 'BBDERS1@bbdops.com';
mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%';
mysql> FLUSH PRIVILEGES;
在test-1上安装keystone:
yum install openstack-keystone httpd mod_wsgi
修改配置文件vi /etc/keystone/keystone.conf
[Default]
admin_token = <None>
[database]
connection = mysql+pymysql://keystone:BBDERS1%40bbdops.com@test-1/keystone
[token]
provider = fernet
填充服务数据库:
su -s /bin/sh -c "keystone-manage db_sync" keystone
初始化Fernet密钥存储库:
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
启动keystone服务:
keystone-manage bootstrap --bootstrap-password $ADMIN_PASS \
--bootstrap-admin-url http://test-1:5000/v3/ \
--bootstrap-internal-url http://test-1:5000/v3/ \
--bootstrap-public-url http://test-1:5000/v3/ \
--bootstrap-region-id RegionOne
修改httpd配置文件:vi /etc/httpd/conf/httpd.conf
把ServerName改成自己的主机名
ServerName test-1
创建软连接:
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
启动 httpd 服务:
systemctl enable httpd.service
systemctl start httpd.service
配置环境变量(test-1,test-2):
export OS_USERNAME=admin
export OS_PASSWORD=fc05e1929b2c057a4098
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://test-1:5000/v3
使之生效
source /etc/profile
创建默认domain:
openstack domain create --description "An Example Domain" example
创建service项目:
openstack project create --domain default --description "Service Project" service
创建myproject procect:
openstack project create --domain default --description "Demo Project" myproject
创建myuser用户(password我设置的是123456):
openstack user create --domain default --password-prompt myuser
创建myrole权限:
openstack role create myrole
把 myrole 权限加入到 myproject 和 myuser 中:
openstack role add --project myproject --user myuser myrole
验证:
openstack --os-auth-url http://test-1:5000/v3 \
--os-project-domain-name Default --os-user-domain-name Default \
--os-project-name admin --os-username admin token issue
如果要求输入密码,就是之前设置好的OS_AUTH_URL OS_PASSWORD
再验证 myproject:
openstack --os-auth-url http://test-1:5000/v3 \
--os-project-domain-name Default --os-user-domain-name Default \
--os-project-name myproject --os-username myuser token issue
密码为123456
创建admin-openrc文件vi admin-openrc
,然后添加如下内容
export OS_USERNAME=admin
export OS_PASSWORD=fc05e1929b2c057a4098
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://test-1:5000/v3
export OS_IDENTITY_API_VERSION=3
创建demo-openrc文件vi demo-openrc,然后添加如下内容
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=myproject
export OS_USERNAME=myuser
export OS_PASSWORD=123456
export OS_AUTH_URL=http://test-1:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
使之生效. admin-openrc
请求认证token:
openstack token issue
安装Glance
在test-1上安装:
创建mysql用户及库:
mysql> CREATE DATABASE glance;
mysql> CREATE USER glance IDENTIFIED BY 'BBDERS1@bbdops.com';
mysql> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%';
mysql> FLUSH PRIVILEGES;
创建glance用户:
openstack user create --domain default --password-prompt glance
密码为GLANCE_PASS 即fc05e1929b2c057a4098.
为glance用户添加admin权限:
openstack role add --project service --user glance admin
创建glance service:
openstack service create --name glance --description "OpenStack Image" image
创建 Image service API endpoints:
openstack endpoint create --region RegionOne image public http://test-1:9292
openstack endpoint create --region RegionOne image internal http://test-1:9292
openstack endpoint create --region RegionOne image admin http://test-1:9292
安装glance组件:
yum install openstack-glance
修改文件:vi /etc/glance/glance-api.conf
[database]
connection = mysql+pymysql://glance:BBDERS1%40bbdops.com@test-1/glance
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
[keystone_authtoken]
www_authenticate_uri = http://test-1:5000
auth_url = http://test-1:5000
memcached_servers = test-1:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = fc05e1929b2c057a4098
[paste_deploy]
flavor = keystone
初始化数据库:
su -s /bin/sh -c "glance-manage db_sync" glance
启动Glance服务:
systemctl enable openstack-glance-api.service
systemctl start openstack-glance-api.service
安装Placement
在test-1上安装
创建mysql:
mysql> CREATE DATABASE placement;
mysql> CREATE USER placement IDENTIFIED BY 'BBDERS1@bbdops.com';
mysql> GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%';
mysql> FLUSH PRIVILEGES;
创建用户:
openstack user create --domain default --password-prompt placement
密码为PLACEMENT_PASS 即fc05e1929b2c057a4098
添加placement service:
openstack role add --project service --user placement admin
在这里插入代码片
创建placement API entry:
openstack service create --name placement --description "Placement API" placement
创建Placement API service endpoints :
openstack endpoint create --region RegionOne placement public http://test-1:8778
openstack endpoint create --region RegionOne placement internal http://test-1:8778
openstack endpoint create --region RegionOne placement admin http://test-1:8778
安装Placement组件:
yum install openstack-placement-api
修改文件 vi /etc/placement/placement.conf
[api]
auth_strategy = keystone
[keystone_authtoken]
auth_url = http://test-1:5000/v3
memcached_servers = test-1:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = placement
password = fc05e1929b2c057a4098
[placement_database]
connection = mysql+pymysql://placement:BBDERS1%40bbdops.com@test-1/placement
初始化数据库:
su -s /bin/sh -c "placement-manage db sync" placement
检查pip是否存在:
pip -V
如果没有上图,就现安装一个
wget https://bootstrap.pypa.io/pip/2.7/get-pip.py
python get-pip.py
验证并安装:
placement-status upgrade check
pip install osc-placement
修改文件 vi /etc/httpd/conf.d/00-placement-api.conf
在<VirtualHost *:8778>
内部加入以下代码:
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
重启httpd:
systemctl restart httpd
继续验证:
openstack --os-placement-api-version 1.2 resource class list --sort-column name
openstack --os-placement-api-version 1.6 trait list --sort-column name
安装Nova
先在test-1安装控制节点
创建mysql:
mysql> CREATE DATABASE nova_api;
mysql> CREATE DATABASE nova;
mysql> CREATE DATABASE nova_cell0;
mysql> CREATE USER nova IDENTIFIED BY 'BBDERS1@bbdops.com';
mysql> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%';
mysql> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%';
mysql> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%';
mysql> FLUSH PRIVILEGES;
创建nova用户:
openstack user create --domain default --password-prompt nova
密码为NOVA_PASS 即fc05e1929b2c057a4098
为nova添加admin权限:
openstack role add --project service --user nova admin
创建 nova service entity:
openstack service create --name nova --description "OpenStack Compute" compute
创建 Compute API service endpoints:
openstack endpoint create --region RegionOne compute public http://test-1:8774/v2.1
openstack endpoint create --region RegionOne compute internal http://test-1:8774/v2.1
openstack endpoint create --region RegionOne compute admin http://test-1:8774/v2.1
安装nova:
yum install openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler
修改文件 vi /etc/nova/nova.conf
[DEFAULT]
enabled_apis=osapi_compute,metadata
block_device_allocate_retries=300
block_device_allocate_retries_interval=3
transport_url=rabbit://openstack:fc05e1929b2c057a4098@test-1:5672/
my_ip=59.64.78.64 # 替换成自己的test-1的ip
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api]
auth_strategy = keystone
[api_database]
connection = mysql+pymysql://nova:BBDERS1%40bbdops.com@test-1/nova_api
[database]
connection = mysql+pymysql://nova:BBDERS1%40bbdops.com@test-1/nova
[keystone_authtoken]
www_authenticate_uri = http://test-1:5000/
auth_url = http://test-1:5000/
memcached_servers = test-1:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = fc05e1929b2c057a4098
[glance]
api_servers=http://test-1:9292
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://test-1:5000/v3
username = placement
password = fc05e1929b2c057a4098
[vnc]
enabled = true
server_listen = $my_ip
server_proxyclient_address = $my_ip
初始化数据库:
su -s /bin/sh -c "nova-manage api_db sync" nova
注册cell0数据库:
su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
注册cell1数据库:
su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
填充nove数据库:
su -s /bin/sh -c "nova-manage db sync" nova
验证 cell0 和 cell1 是否被注册了:
su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova
启动 nova:
systemctl enable \
openstack-nova-api.service \
openstack-nova-scheduler.service \
openstack-nova-conductor.service \
openstack-nova-novncproxy.service
systemctl start \
openstack-nova-api.service \
openstack-nova-scheduler.service \
openstack-nova-conductor.service \
openstack-nova-novncproxy.service
检查更新:
nova-status upgrade check
如果controller节点安装完,重新连接之后报了一大堆错误:
解决方法:yum install -y libibverbs
在test-2安装Nova计算节点
在test-2上安装:
yum install openstack-nova-compute
修改文件 vi /etc/nova/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata
block_device_allocate_retries=300
block_device_allocate_retries_interval=3
transport_url=rabbit://openstack:fc05e1929b2c057a4098@test-1
my_ip=59.64.78.65 # 替换成自己的test-2的ip
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api]
auth_strategy = keystone
[glance]
api_servers=http://test-1:9292
[keystone_authtoken]
www_authenticate_uri = http://test-1:5000/
auth_url = http://test-1:5000/
memcached_servers = test-1:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = fc05e1929b2c057a4098
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://test-1:5000/v3
username = placement
password = fc05e1929b2c057a4098
[vnc]
enabled = true
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://test-1:6080/vnc_auto.html
执行:egrep -c '(vmx|svm)' /proc/cpuinfo
如果返回0,则需要在刚才的文档里加配置:
[libvirt]
virt_type=qemu
启动 Nova 计算节点:
systemctl enable libvirtd.service openstack-nova-compute.service
systemctl start libvirtd.service openstack-nova-compute.service
以下在test-1上执行:
. admin-openrc
openstack compute service list --service nova-compute
发现计算主机:
su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
每次添加新的计算节点的时候,都要运行上述命令
验证Nova安装
openstack catalog list
openstack compute service list
nova-status upgrade check
安装Neutron
在test-1上安装控制节点
创建mysql库和用户:
mysql> CREATE DATABASE neutron;
mysql> CREATE USER neutron IDENTIFIED BY 'BBDERS1@bbdops.com';
mysql> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%';
mysql> FLUSH PRIVILEGES;
创建neutron用户:
openstack user create --domain default --password-prompt neutron
密码为: fc05e1929b2c057a4098
添加admin权限:
openstack role add --project service --user neutron admin
创建neutron service entity:
openstack service create --name neutron --description "OpenStack Networking" network
创建 Networking service API endpoints:
openstack endpoint create --region RegionOne network public http://test-1:9696
openstack endpoint create --region RegionOne network internal http://test-1:9696
openstack endpoint create --region RegionOne network admin http://test-1:9696
安装:
yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables
配置网络:vi /etc/neutron/neutron.conf
[DEFAULT]
transport_url=rabbit://openstack:fc05e1929b2c057a4098@test-1
auth_strategy = keystone
core_plugin = ml2
service_plugins =
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
[database]
connection = mysql+pymysql://neutron:BBDERS1%40bbdops.com@test-1/neutron
[keystone_authtoken]
www_authenticate_uri = http://test-1:5000
auth_url = http://test-1:5000
memcached_servers = test-1:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = fc05e1929b2c057a4098
[nova]
auth_url = http://test-1:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = fc05e1929b2c057a4098
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
配置ml2插件:vi /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
type_drivers = flat,vlan
tenant_network_types =
mechanism_drivers = linuxbridge
extension_drivers = port_security
[ml2_type_flat]
flat_networks = provider
[securitygroup]
enable_ipset = true
配置linux网桥:vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:eno1 #(这里写第一个网卡的名字)
[vxlan]
enable_vxlan = true
local_ip = 192.168.229.131
l2_population = true
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
配置dhcp:vi /etc/neutron/dhcp_agent.ini
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true
配置元数据代理:vi /etc/neutron/metadata_agent.ini
[DEFAULT]
nova_metadata_host = test-1
metadata_proxy_shared_secret = fc05e1929b2c057a4098
配置nova使用网络服务:vi /etc/nova/nova.conf
[neutron]
auth_url = http://test-1:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = fc05e1929b2c057a4098
service_metadata_proxy = true
metadata_proxy_shared_secret = fc05e1929b2c057a4098
启动neutron:
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
systemctl restart openstack-nova-api.service
systemctl enable neutron-server.service \
neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service
systemctl start neutron-server.service \
neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service
创建网络:
. admin-openrc
openstack network create --share --external \
--provider-physical-network provider \
--provider-network-type flat provider
创建子网:
openstack subnet create --network provider \
--allocation-pool start=59.64.78.100,end=59.64.78.200 \
--dns-nameserver 8.8.8.8 --gateway 59.64.78.1 \
--subnet-range 59.64.78.0/24 extent-subnet
在test-2上安装计算节点
yum install openstack-neutron-linuxbridge ebtables ipset
修改文件vi /etc/neutron/neutron.conf
[DEFAULT]
transport_url=rabbit://openstack:fc05e1929b2c057a4098@test-1
auth_strategy = keystone
[keystone_authtoken]
www_authenticate_uri = http://test-1:5000
auth_url = http://test-1:5000
memcached_servers = test-1:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = fc05e1929b2c057a4098
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
修改网桥文件:vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider: eno1 #(这里写第一个网卡的名字)
[vxlan]
enable_vxlan = true
local_ip = 192.168.229.132
l2_population = true
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
修改nova文件:vi /etc/nova/nova.conf
[neutron]
url = http://test-1:9696
auth_url = http://test-1:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = fc05e1929b2c057a4098
重启计算服务:
systemctl restart openstack-nova-compute.service
启动网络计算服务:
systemctl enable neutron-linuxbridge-agent.service
systemctl start neutron-linuxbridge-agent.service
验证
. admin-openrc
openstack extension list --network
查看网络节点列表:
openstack network agent list
安装Dashboard
在test-1上安装:
yum install openstack-dashboard
配置文件 vi /etc/openstack-dashboard/local_settings
OPENSTACK_HOST = "test-1"
ALLOWED_HOSTS = ['*']
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION': 'test-1:11211',
}
}
TIME_ZONE = "Asia/Shanghai"
OPENSTACK_NEUTRON_NETWORK = {
'enable_auto_allocated_network': False,
'enable_distributed_router': False,
'enable_fip_topology_check': True,
'enable_ha_router': False,
'enable_ipv6': True,
# TODO(amotoki): Drop OPENSTACK_NEUTRON_NETWORK completely from here.
# enable_quotas has the different default value here.
'enable_quotas': False,
'enable_rbac_policy': True,
'enable_router': True,
'enable_lb': False,
'enable_firewall': False,
'enable_vpn': False,
'default_dns_nameservers': [],
'supported_provider_types': ['*'],
'segmentation_id_range': {},
'extra_provider_types': {},
'supported_vnic_types': ['*'],
'physical_networks': [],
}
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_API_VERSIONS = {
"identity": 3,
"image": 2,
"volume": 2,
}
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"
WEBROOT = "/dashboard/"
vi /etc/httpd/conf.d/openstack-dashboard.conf
添加
WSGIApplicationGroup %{GLOBAL}
重启httpd和缓存服务:
systemctl restart httpd.service memcached.service
测试访问:http:test-1/dashboard
填写域名(default),用户名,密码。
创建镜像测试
下载测试镜像cirros
wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
上传到glance
openstack image create "cirros" --disk-format qcow2 --container-format bare --public < cirros-0.3.4-x86_64-disk.img
创建实例类型:
创建名为 flavor1、ID 为 1234、内存为 512MB、硬盘为 1GB、虚拟内核数量为 1 的云主机类型;
. admin-openrc
nova flavor-create flavor1 1234 512 1 1
然后从用户界面->管理员->计算->实例类型查看
创建实例 名称为kdl1:
openstack network list
找到这个id
openstack server create --flavor flavor1 --image cirros \
--nic net-id=dd2affc7-7b26-46e9-af01-d5125c12c95a kdl1
总结
OpenStack的安装步骤非常多,且官方文档也不一定是完全对的(毕竟版本一直在更替,但安装文档他们可能忘记更新了),因此中间遇到问题是很正常的事情,本文也踩了不少坑,如果有一些奇奇怪怪的问题也欢迎联系,一起讨论问题并解决(当然Google一下大概率解决的更快)