openstack的安装（二） 安装nova服务同时建立计算节点

nova的安装

准备网络

1.启用网络接口的promisc功能

ip link set eth0 promisc on

确认开启primisc功能

ip link show eth0

2.创建桥接接口br100

yum -y install bridge-utils

yum -y install libvirt

service libvirtd restart

chkconfig libvirtd on

virsh iface-bridge eth0 br100

创建桥接设备 方法二

禁用NetworkManager

创建桥接设备

创建一个名为br100的桥接设置，并将其桥接在eth0网卡上，两步即可完成：首先创建一个桥接类型的设备，为其制定地址的获取方式、ip地址等属性，类似于管理一个正常的网络接口，只是类型为brige，其次，为eth0接口指定其桥接至刚刚定义的桥接设备即可，eth0此接口不再需要配置ip地址等属性

vim /etc/sysconfig/network-scripts/ifcfg-br100

DEVICE=br100

BOOTPROTO=none

DNS1=192.168.253.1

GATEWAY=192.168.253.1

IPADDR=192.168.253.139

NETMASK=255.255.255.0

NM_CONTROLLED=no

ONBOOT=yes

TYPE=Brige

USERCTL=no

DELAY=0

vim /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE="eth0"

BOOTPROTO="none"

NM_CONTROLLED="no"

ONBOOT="yes"

TYPE=Ethernet

HWADDR=00:0C:29:83:A4:B5

IPV6INIT=no

USERCTL=no

BRIDGE=br100

重启启动网络服务

brctl show

bridge name     bridge id          STP enabled     interfaces

br100          8000.000c2983a4b5     yes          eth0

virbr0          8000.5254003986f3     yes          virbr0-nic

启动messagebus服务

service messagebus start

chkconfig messagebus on

安装nova

yum -y install openstack-utils memcached qpid-cpp-server

yum -y install openstack-nova

初始化nova数据库，同时建立用户、密码

openstack-db --init --service nova --password nova

为nova创建数据库的相关的用户

grant all privileges on nova.* to nova@localhost identified by 'nova';

grant all privileges on nova.* to nova@'%' identified by 'nova';

flush privileges;

配置nova连接数据库

vim /etc/nova/nova.conf

# AUTHENTICATION

auth_strategy=keystone

# LOGS/STATE

verbose=True

logdir=/var/log/nova

state_path=/var/lib/nova

lock_path=/var/lock/nova

rootwrap_config=/etc/nova/rootwrap.conf

# SCHEDULER

compute_scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler

# VOLUMES

volume_driver=nova.volume.driver.ISCSIDriver

volume_group=nova-volume

volume_name_template=volume-%08x

iscsi_helper=tgtadm

# DATABASE

sql_connection=mysql://nova:nova@192.168.0.100/nova

# COMPUTE

libvirt_type=qemu

compute_driver=libvirt.LibvirtDriver

instance_name_template=instance-%08x

api_paste_config=/etc/nova/api-paste.ini

# set the instances path

# instances_path=/nova/instances

# New add

libvirt_nonblocking = True

libvirt_inject_partition = -1

# COMPUTE/APIS: if you have separate configs for separate services

# this flag is required for both nova-api and nova-compute

allow_resize_to_same_host=True

# APIS

osapi_compute_extension=nova.api.openstack.compute.contrib.standard_extensions

ec2_dmz_host=192.168.0.100

s3_host=192.168.0.100

# Qpid

rpc_backend = nova.openstack.common.rpc.impl_qpid

qpid_hostname = 192.168.0.100

# GLANCE

p_w_picpath_service=nova.p_w_picpath.glance.GlanceImageService

glance_api_servers=192.168.0.100:9292

# NETWORK

network_manager=nova.network.manager.FlatDHCPManager

force_dhcp_release=True

dhcpbridge_flagfile=/etc/nova/nova.conf

# New Add

dhcpbridge = /usr/bin/nova-dhcpbridge

firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver

# Change my_ip to match each Compute host

my_ip=192.168.0.100

public_interface=eth0

vlan_interface=eth0

flat_network_bridge=br100

flat_interface=eth0

fixed_range=192.168.0.0/24

# NOVNC CONSOLE

novncproxy_base_url=http://192.168.0.100:6080/vnc_auto.html

# Change vncserver_proxyclient_address and vncserver_listen to match each compute host

vncserver_proxyclient_address=192.168.0.100

vncserver_listen=192.168.0.100

[keystone_authtoken]

auth_host = 192.168.0.100

auth_port = 35357

auth_protocol = http

admin_tenant_name = service

admin_user = nova

admin_password = nova

signing_dirname = /tmp/keystone-signing-nova

安装libguestfs-tools

yum -y instrall libguestfs-tools

设置livirt类型为qemu

openstack-config --set /etc/nova/nova.conf DEFAULT libvirt_type qemu

为qemu-kvm创建所需要的连接

ln -sv /usr/libexec/qemu-kvm /usr/bin/qemu

重启libvirtd服务

service libvirtd restart

导入或迁移nova数据库

nova-manage db sync

安装配置qpid队列服务

vim /etc/qpidd.conf

auth=no

service qpidd restart

chkconfig qpidd on

启动nova服务

首先创建nova所文件目录

mkdir /var/lock/nova

chown -R nova.nova /var/lo

ck/nova/

启动nova相关服务，并设置开机自启

compute、api、network、scheduler、console、cert

for svc in api compute network scheduler cert console;do service openstack-nova-$svc restart;chkconfig openstack-nova-$svc on; done

查看服务运行状态

nova-manage service list

查看日志

grep -i error /var/log/nova/*

创建nova网络

nova-manage network create  --label=private --multi_host=T --fixed_range_v4=192.168.0.0/24 --bridge_interface=eth0 --bridge=br100 --num_networks=1 --network_size=256

nova-manage network list

在keystone中注册nova  compute API（要以keystone的管理员admin身份运行，所以执行环境变量）

keystone service-create --name=nova --type=compute --description="Nova Compute Service"

+-------------+----------------------------------+

|   Property  |              Value               |

+-------------+----------------------------------+

| description |       Nova Compute Service       |

|      id     | 875164c08b7c43b0b0d3116007655942 |

|     name    |               nova               |

|     type    |             compute              |

+-------------+----------------------------------+

创建端点

keystone endpoint-create --service-id 875164c08b7c43b0b0d3116007655942 --publicurl "http://192.168.0.100:8774/v1.1/\$(tenant_id)s" --adminurl "http://192.168.0.100:8774/v1.1/\$(tenant_id)s" --internalurl "http://192.168.0.100:8774/v1.1/\$(tenant_id)s"

+-------------+----------------------------------------------+

|   Property  |                    Value                     |

+-------------+----------------------------------------------+

|   adminurl  | http://192.168.0.100:8774/v1.1/$(tenant_id)s |

|      id     |       cbac1b85c41349c8ac49a819e43385a7       |

| internalurl | http://192.168.0.100:8774/v1.1/$(tenant_id)s |

|  publicurl  | http://192.168.0.100:8774/v1.1/$(tenant_id)s |

|    region   |                  regionOne                   |

|  service_id |       875164c08b7c43b0b0d3116007655942       |

+-------------+----------------------------------------------+

运行vm实例

安全组default

nova secgroup-list 查看安全组

nova secgroup-list

+---------+-------------+

| Name    | Description |

+---------+-------------+

| default | default     |

+---------+-------------+

nova secgroup-add-rule 可用于安全组定义访问规则，下面命令就实现了允许所有ip地址通过tcp协议的22端口访问关联的vm实例

nova secgroup-add-rule default tcp 22 22 0.0.0.0/0

+-------------+-----------+---------+-----------+--------------+

| IP Protocol | From Port | To Port | IP Range  | Source Group |

+-------------+-----------+---------+-----------+--------------+

| tcp         | 22        | 22      | 0.0.0.0/0 |              |

+-------------+-----------+---------+-----------+--------------+

允许所有主机发起ping请求，开放icmp协议

nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0

+-------------+-----------+---------+-----------+--------------+

| IP Protocol | From Port | To Port | IP Range  | Source Group |

+-------------+-----------+---------+-----------+--------------+

| icmp        | -1        | -1      | 0.0.0.0/0 |              |

+-------------+-----------+---------+-----------+--------------+

ssh公钥注入

nova-keypair-add命令生成一对密钥，并将其公钥保存在compute服务

ssh-keygen -t rsa -P ''

nova keypair-add  --pub-key /root/.ssh/id_rsa.pub testkey

显示添加的密钥信息

nova keypair-list

+---------+-------------------------------------------------+

| Name    | Fingerprint                                     |

+---------+-------------------------------------------------+

| testkey | 7a:34:18:49:1d:60:30:29:18:66:69:d2:c4:c6:c0:2b |

+---------+-------------------------------------------------+

查看本地的密钥文件

ssh-keygen -l -f /root/.ssh/id_rsa.pub

确保每个节点都正常运行

查看虚拟机实例

nova flavor-list

创建一个虚拟机实例

nova flavor-create --swap 256 flavor.cirros 6 128 2 2

查看p_w_picpath映像文件

nova p_w_picpath-list

+--------------------------------------+---------------------+--------+--------+

| ID                                   | Name                | Status | Server |

+--------------------------------------+---------------------+--------+--------+

| b8964ced-5702-4be1-9644-32b14d9ebc25 | cirros-0.3.0-i386   | ACTIVE |        |

| edc31b1b-d3bf-4c76-885c-1f56a9eee3bc | cirros-0.3.0-x86_64 | ACTIVE |        |

+--------------------------------------+---------------------+--------+--------+

加载映像文件，启动一个实例

nova boot --flavor 1 --p_w_picpath edc31b1b-d3bf-4c76-885c-1f56a9eee3bc --key_name testkey --security_group default cirros1

查看所启动的虚拟机的状态

+--------------------------------------+---------+--------+---------------------+

| ID                                   | Name    | Status | Networks            |

+--------------------------------------+---------+--------+---------------------+

| 1a09d053-ea12-4b16-ace0-e1ec8d842360 | cirros1 | ACTIVE | private=192.168.0.2 |

+--------------------------------------+---------+--------+---------------------+

登录测试

nova console-log cirros1

wget: server returned error: HTTP/1.1 404 Not Found

cloud-userdata: failed to read user data url: http://169.254.169.254/2009-04-04/user-data

WARN: /etc/rc3.d/S99-cloud-userdata failed

 ____               ____  ____

/ __/ __ ____ ____ / __ \/ __/

/ /__ / // __// __// /_/ /\ \

\___//_//_/  /_/   \____/___/

http://launchpad.net/cirros

login as 'cirros' user. default password: 'cubswin:)'. use 'sudo' for root.

cirros login:

会闪退，使用以下方式登录

ssh -l cirros 192.168.0.2

注意事项

brctl not found

解决办法：yum install bridge-utils