CentOS部署OpenStack-Stein全過(guò)程

基本信息

dashboard

控制節(jié)點(diǎn)
|--server_nme:ops-ctr
|--manage_ip:192.168.122.11
|--external_ip:192.168.0.111
|--service
|--NTP
|--memcached
|--port:11211
|--etcd
|--port:2379/2380
|--placement
|--server_name:placement
|--server_user:placement
|--db_name:placement
|--db-user:plcm_db
|--port:8778
|--keystone
|--service_name:keystone
|--service_user:keystone
|--db_name:keystone
|--db_user:kst_db
|--port:5000
|--glance
|--service_name:glance
|--service_user:glance
|--db_name:glance
|--db_user:glc_db
|--port:9292
|--nova
|--service_name:nova
|--server_user:nova
|--db_name:nova/nova_api/nova_cell0
|--db_user:nva_db
|--port:8774/6080
vice_user:nova
|--db_name:nova/nova_api/nova_cell0
|--db_user:nva_db
|--neutron
|--service_name:neutron
|--service_user:neutron
|--db_name:neutron
|--db_user:ntr_db
|--port:9696
|--horizon
|--mariadb
|--port:3306
|--cinder
|--service_name:cinder
|--server_user:cinder
|--db_user:cid_db
|--db_name:cinder
|--port:8776

計(jì)算節(jié)點(diǎn)
|--server_name:ops-cmp
|--manage_ip:192.168.122.12
|--external_ip:192.168.0.112
|--service
|--NTP
|--nova
|--service_name:nova
|--service_user:nova
|--db_name:nova/nova_api/nova_cell0
|--db_user:nva_db
|--port:8774
|--neutron
|--service_name:neutron
|--service_user:neutron
|--db_name:neutron
|--db_user:ntr_db
塊存儲(chǔ)節(jié)點(diǎn)
|--server_name:ops-cid
|--manage_ip:192.168.122.13
|--external_ip:192.168.0.113
|--volume_group:cinder

安裝

  1. 安裝openstack-stein軟件源
    yum install centos-release-openstack-stein -y
  2. 安裝NTP服務(wù)
    yum install chrony -y
  3. 安裝openstack客戶端
    yum install python-openstackclient openstack-selinux -y

安裝數(shù)據(jù)庫(kù)1

  1. 安裝mariadb-server pyhont2-pymysql
yum install mariadb mariadb-server python2-pymysql -y
  1. 配置數(shù)據(jù)庫(kù)
vi /etc/my.cnf.d/mariadb-server.cnf
# modify
[mysqld]
bind-address=192.168.122.11
default-storage-engine=innodb
innodb_file_per_table=on
max_connections=4096
collation-server=utf8_general_ci
character-set-server=utf8
  1. 啟動(dòng)服務(wù)并執(zhí)行安全檢查
systemctl start mariadb 
systemctl enable mariadb
mysql_secure_installation
  1. 添加開放端口
    firewall-cmd --zone=internal --add-port=3306/tcp --permanent

安裝消息服務(wù)rabbit2

  1. 安裝
    yum install rabbitmq-server -y
  2. 啟動(dòng)服務(wù)
systemctl start rabbitmq-server
systemctl enable rabbitmq-server
  1. 創(chuàng)建消息服務(wù)用戶
    rabbitmqctl add_user rbtmq user_passwd
  2. 授權(quán)用戶讀寫權(quán)限
    rabbitmqctl set_permissions rbtmq ".*" ".*" ".*"
  3. 添加開放端口
    firewall-cmd --zone=internal --add-port=5672/tcp --permanent

安裝認(rèn)證緩存memcached3

  1. 安裝
    yum install memcached python-memcached -y
  2. 配置
vi /etc/sysconfig/memecached 
## modify
OPTION="-l 127.0.0.1,::1,ops-ctr"
  1. 啟動(dòng)服務(wù)
systemctl start memecached
systemctl enable memecached
# add firewall rule
firewall-cmd --zone=internal --add-port=11211 --permanent

安裝etcd服務(wù)4

  1. 安裝
    yum install etcd -y
  2. 配置
vi /etc/etcd/etcd.conf
# modify
#[Member]
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="http://192.168.122.11:2380"
ETCD_LISTEN_CLIENT_URLS="http://192.168.122.11:2379"
ETCD_NAME="controller"
#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.122.11:2380"
ETCD_ADVERTISE_CLIENT_URLS="http://192.168.122.11:2379"
ETCD_INITIAL_CLUSTER="controller=http://192.168.122.11:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"
ETCD_INITIAL_CLUSTER_STATE="new"
  1. 啟動(dòng)服務(wù)
systemctl start etcd
systemctl enabl etcd
  1. 添加開放端口
firewall-cmd --zone=internal --add-port=2379/tcp --permanent
firewall-cmd --zone=internal --add-port=2380/tcp --permanent

安裝placement服務(wù)10

  1. 數(shù)據(jù)庫(kù)
create database placement;
grant all on placement.* to 'plcm_db'@'localhost' identified by 'passwd';
grant all on placement.* to 'plcm_db'@'%' identified by 'passwd';
  1. 創(chuàng)建用戶
openstack user create --domain default \
--password-prompt placement
openstackk role add --project service --user placement admin
  1. 創(chuàng)建服務(wù)實(shí)體
openstack service --name placement \
--description "OpenStack Placement" placement
  1. 創(chuàng)建endpoint
openstack endpoint create --region RegionOne \
placement public http://ops-ctr:8778
# create internal admin endpoint like public
  1. 安裝組件
    yum install openstack-placement-api -y
  2. 配置
vi /etc/placement/placement.conf
[placement_database]
connection=mysql+pymysql://plcm_db:passwd@ops-ctr/placement
[api]
auth_strategy=keystone
[keystone_authtoken]
auth_url=http://ops-ctr:5000/v3
memcached_servers=ops-ctr:11211
auth_type=password
project_domain_name=default
user_domain_name=default
project_name=service
username=placement
password=passwd
vi /etc/httpd/conf.d/00-placement-api.conf
# add
<Directory /usr/bin>
    <IfVersion >= 2.4>
        Require all granted
    </IfVersion>
    <IfVersion < 2.4>
        Order allow,deny
        Allow from all
    </IfVersion>
</Directory>
  1. 同步數(shù)據(jù)庫(kù)
    /bin/sh -c "placement-manage db sync" placement
  2. 重啟httpd服務(wù)
    systemctl restart httpd

安裝openstack服務(wù)

安裝認(rèn)證服務(wù)keystone5

  1. 數(shù)據(jù)庫(kù)服務(wù)
# create database
create database keystone;
# set permission
grant all on keystone.* to 'kst_db'@'localhost' identified by '';
grant all on keystone.* to 'kst_db'@'%' identified by '';
  1. 安裝keystone組件
    yum install openstack-keystone httpd mod_wsgi -y
  2. 配置
vi /etc/keystone/keystone.conf
[database]
connection=mysql+pymysql://kst_db:passwd@ops-cont/keystone
[token]
provider=fernet
[signing]
enable=true
certfile=/etc/pki/tls/private/pub.pem
keyfile=/etc/pki/tls/private/key.pem
ca_certs=/etc/pki/tls/certs/cert.pem
cert_required=true
  1. 同步數(shù)據(jù)庫(kù)
    /bin/sh -c "keystone-manage db_sync" keystone
  2. 初始化fernet
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group=keystone
  1. 創(chuàng)建bootstrap服務(wù)
keystone-manage bootstrap --bootstrap-password passwd \
--bootstrap-admin-url http://ops-ctr:5000/v3 \
--bootstrap-internal-url http://ops-ctr:5000/v3 \
--bootstrap-public-url http://ops-ctr:5000/v3 \
--bootstrap-region-id RegionOne
  1. 配置httpd服務(wù)
vi /etc/httpd/conf/httpd.conf
# add
ServerName ops-ctr
# configure /etc/httpd/conf.d/wsgi-keystone.conf
Listen 5000
<VirtualHost *:5000>
    # SSLEngine on
    # SSLCertificateKeyFile /etc/pki/tls/private/key.pem
    # SSLCertificateFile /etc/pki/tls/private/cert.pem
    WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
    WSGIProcessGroup keystone-public
    WSGIScriptAlias / /usr/bin/keystone-wsgi-public
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
    ErrorLogFormat "%{cu}t %M"
    ErrorLog /var/log/apache2/keystone.log
    CustomLog /var/log/apache2/keystone_access.log combined

    <Directory /usr/bin>
        Require all granted
    </Directory>
</VirtualHost>
# create link
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/

  1. 啟用ssl加密鏈接,參考Apache enable ssl on centos

  2. 設(shè)置環(huán)境變量

export OS_USERNAME=admin
export OS_PASSWORD=passwd
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_DOMAIN_NAME=default
export OS_AUTH_URL=https://ops-ctr:5000/v3
export OS_IDENTITY_API_VERSION=3
  1. 創(chuàng)建服務(wù)用戶、角色、項(xiàng)目和域
# create domain if need
openstack domain create --description "mystack" mystack
# create project
openstack project create --domain default \
--description "Service Project" service
openstack project create --domain default \
--description "Demo Project" demo
# create user
openstack user create --domain default \
--password-prompt demo
# create role
openstack role create demo
# set role for user
openstack role add --project service --user demo demo
  1. 驗(yàn)證操作
# unset 
unset OS_AUTH_URL OS_PASSWORD
# request new auth token
openstack --os-auth-url https://ops-ctr:5000/v3 \
--os-project-domain-name default \
--os-user-domain-name default \
--os-project-name admin \
--os-username admin token issue
openstack --os-auth-url https://ops-ctr:5000/v3 \
--os-project-domain-name default \
--os-user-domain-name default \
--os-project-name demo \
--os-username demo token issue
  1. 分別創(chuàng)建用戶admin和demo的環(huán)境腳本
admin-openrc
---
export OS_USERNAME=admin
export OS_PASSWORD=passwd
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_DOMAIN_NAME=default
export OS_AUTH_URL=http://ops-ctr:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

demo-openrc
---
export OS_USERNAME=demo
export OS_PASSWORD=passwd
export OS_PROJECT_NAME=demo
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_DOMAIN_NAME=default
export OS_AUTH_URL=http://ops-ctr:5000/v3
export OS_IDENTITY_API_VERSION=3

安裝鏡像服務(wù)glance6

  1. 數(shù)據(jù)庫(kù)
create database glance;
# set permission to glc_db on glance like keystone
  1. 創(chuàng)建用戶
openstack user create --domain default \
--password-prompt glance
openstack role add --project service --user glance admin
  1. 創(chuàng)建服務(wù)實(shí)體
openstack service create \
--name glance \
--description "OpenStack Image" image
  1. 創(chuàng)建服務(wù)endpoint
openstack endpoint create --region RegionOne \
image public http://ops-ctr:9292
# create admin internal endpoint like public
# add port 9292 by firewall-cmd
  1. 安裝glance組件
    yum install openstack-glance -y
  2. 配置
vi /etc/glance/glance-api.conf
[database]
connection=mysql+pymysql://glc_db:passwd@ops-ctr/glance
[keystone_authtoken]
www_authenticate_uri=http://ops-ctr:5000
auth_url=http://ops-ctr:5000
memcached_servers=ops-ctr:11211
auth_type=password
project_domain_name=default
user_domain_name=default
project_name=service
username=glance
password=passwd
[paste_deploy]
flavor=keystone
[glance_store]
stores=file,http
default_store=file
filesystem_store_datadir=/var/lib/glance/images/
vi /etc/glance/glance-registry.conf
[database]
connection=mysql+pymysql://glc_db:passwd@ops-ctr/glance
www_authenticate_uri=http://ops-ctr:5000
auth_url=http://ops-ctr:5000
memcached_servers=ops-ctr:11211
auth_type=password
project_domain_name=default
user_domain_name=default
project_name=service
username=glance
password=passwd
[paste_deploy]
flavor=keystone
  1. 同步數(shù)據(jù)庫(kù)
    glance-manage db_sync glance
  2. 啟動(dòng)服務(wù)
systemctl start openstack-glance-api openstack-glance-registry
systemctl enable openstack-glance-api openstack-glance-registry

如果glance-api服務(wù)啟動(dòng)失敗,嘗試修改/var/lib/glance/images/var/log/glance/api.log的所屬用戶和組為glance:glance

  1. 驗(yàn)證操作
. admin-openrc
# create image use cirros.img
openstack image create "cirros" \
--file /home/user/cirros-0.4.0-x86_64-disk.img \
--disk-format qcow2 \
--container-format bare \
--public
# show image
openstack image list

安裝計(jì)算服務(wù)nova8

控制節(jié)點(diǎn)中安裝nova服務(wù)

  1. 數(shù)據(jù)庫(kù)
# create database
create database nova;
create database nova_api;
create database nova_cell0;
# set permission like others
grant all on nova.* to 'nva_db'@'localhost' identified by 'passwd';
  1. 創(chuàng)建用戶
openstack user create --domain default \
--password-prompt nova
openstack role add --project service --user nova admin
  1. 創(chuàng)建服務(wù)實(shí)體
openstack service create --name nova \
--description "OpenStack Compute" compute
  1. 創(chuàng)建endpoint
openstack endpoint create --region RegionOne \
compute public http://ops-ctr:8774/v2.1
# create internal admin endpoint like public
# add port to firewall
  1. 安裝nova組件
    yum install openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler openstack-nova-console -y
  2. 配置組件
vi /etc/nova/nova.conf
[DEFAULT]
enabled_apis=osapi_compute,metadata
transport_url=rabbit://rbtmq:paswd@ops-ctr
my_ip=192.168.122.11
use_neutron=true
firewall_driver=nova.virt.firewall.NoopFirewallDriver
[database]
connection=mysql+pymysql://nva_db:passwd@ops-ctr/nova
[api_database]
connection=mysql+pymysql://nva_db:passwd@ops-ctr/nova_api
[api]
auth_strategy=keystone
[keystone_authtoken]
auth_url=http://ops-ctr:5000/v3
memcached_servers=ops-ctr:11211
auth_type=password
project_domain_name=default
user_domain_name=default
project_name=service
username=nova
password=passwd
[vnc]
enabled=true
server_listen=$my_ip
server_proxyclient_address=$my_ip
[glance]
api_servers=http://ops-ctr:9292
[oslo_concurrency]
lock_path=/var/lib/nova/tmp
[placement]
region_name=RegionOne
auth_url=http://ops-ctr:5000/v3
auth_type=password
project_domain_name=default
user_domain_name=default
project_name=service
username=placement
password=passwd
[scheduler]
discover_hosts_in_cells_interval=300
  1. 同步數(shù)據(jù)庫(kù)
/bin/sh -c "nova-manage api_db sync" nova
/bin/sh -c "nova-manage cell_v2 map_cell0" nova
/bin/sh -c "nova-manage cell_v2 create_cell --name cell1 --verbose" nova
/bin/sh -c "nova-manage db sync" nova
# show cells
nova-manage cell_v2 list_cells nova
  1. 啟動(dòng)服務(wù)
systemctl start openstack-nova-api openstack-nova-consoleauth openstack-nova-scheduler openstack-nova-conductor openstack-nova-novncproxy
systemctl enable openstack-nova-api openstack-nova-consoleauth openstack-nova-scheduler openstack-nova-conductor openstack-nova-novncproxy
  1. 將計(jì)算節(jié)點(diǎn)添加到cell數(shù)據(jù)庫(kù)
# show compute service
openstack compute service list 
# discover compute node
/bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
  1. 確認(rèn)操作
# show endpoint
openstack catalog list
# show image
openstack image list
nova-status upgrade check

計(jì)算節(jié)點(diǎn)中安裝nova服務(wù)9

  1. 安裝組件
    yum install openstack-nova-compute -y
  2. 配置
vi /etc/nova/nova.conf
[DEFAULT]
enabled_apis=osapi_compute,metadata
transport_url=rabbit://rbtmq:passwd@ops-ctr
my_ip=192.168.122.12
use_neutron=true
firewall_driver=nova.virt.firewall.NoopFirewallDriver
[api]
auth_strategy-keystone
[keystone_authtoken]
auth_url=http://ops-ctr:5000/v3
memcached_servers=ops-ctr:11211
auth_type=password
project_domain_name=default
user_domain_name=default
project_name=service
username=nova
password=passwd
[vnc]
enabled=true
server_listen=0.0.0.0
server_proxyclient_address=$my_ip
novncproxy_base_url=http://ops-ctr:6080/vnc_auto.html
[glance]
api_servers=http://ops-ctr:9292
[oslo_concurrency]
lock_path=/var/lib/nova/tmp
[placement]
region_name=RegionOne
auth_url=http://ops-ctr:5000/v3
auth_type=password
project_domain_name=default
user_domain_name=default
project_name=service
username=placement
password=passwd
[libvirt]
virt_type=qemu
  1. 啟用虛擬化
egrep -c '(vmx|svm)' /proc/cpuinfo
結(jié)果:0-qemu
  1. 啟動(dòng)服務(wù)
systemctl start lilbvirtd openstack-nova-compute
systemctl enable lilbvirtd openstack-nova-compute

安裝網(wǎng)絡(luò)服務(wù)neutron

控制節(jié)點(diǎn)

  1. 數(shù)據(jù)庫(kù)
create database neutron;
grant all on neutron.* to 'ntr_db'@'localhost' identified by 'passwd';
grant all on neutron.* to 'ntr_db'@'%' identified by 'passwd';
  1. 創(chuàng)建用戶
openstack user create --domain default \
--password-prompt neutron
openstack role add --project service --user neutron admin
  1. 創(chuàng)建服務(wù)實(shí)體和endpoint
  2. 創(chuàng)建網(wǎng)絡(luò)
  • 私有網(wǎng)絡(luò)
    1. 安裝組件
      yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linux-bridge ebtables -y
    2. 配置
    vi /etc/neutron/neutron.conf
[DEFAULT]
core_plugin=ml2
service_plugins=router
allow_overlapping_ips=true
transport_url=rabbit://rbtmq:passwd@ops-ctr
auth_strategy=keystone
notify_nova_on_port_status_changes=true
notify_nova_on_port_data_changes=true
[database]
connection=mysql+pymysql://ntr_db:passwd@ops-ctr/neutron
[keystone_authtoken]
www_authenticate_uri=http://ops-ctr:5000
auth_url=http://ops-ctr:5000
memcached_servers=ops-ctr:11211
auth_type=password
project_domain_name=default
user_domain_name=default
project_name=service
username=neutron
password=passwd
[nova]
auth_url=http://ops-ctr:5000
auth_type=password
project_domain_name=default
user_domain_name=default
project_name=service
username=neutron
password=passwd
[oslo_concurrency]
lock_path=/var/lib/neutron/tmp
vi /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
type_drivers=flat,vlan,vxlan
tenant_network_types=vxlan
mechanism_drivers=linuxbridge,l2population
extension_drivers=pot_security
[ml2_type_flat]
flat_networks=provider
[ml2_type_vxlan]
vni_ranges=1:1000
[securitygroup]
enable_ipset=true
vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings=provider:eth1
[vxlan]
enable_vxlan=true
local_ip=192.168.122.11
l2_population=true
[securitygroup]
enable_security_group=true
firewall_driver=neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
vi /etc/neutron/l3_agent.ini
[DEFAULT]
interface_driver=linuxbridge
vi /etc/neutron/dhcp_agent.ini
[DEFAULT]
interface_driver=linuxbridge
dhcp_driver=neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata=true
  1. 配置元數(shù)據(jù)
vi /etc/neutron/metadata_agent.ini
[DEFAULT]
nova_metadata_host=ops-ctr
metadata_proxy_shared_secret=passwd
  1. 配置nova服務(wù)
vi /etc/nova/nova.conf
[neutron]
url=http://ops-ctr:9696
auth_url=http://ops-ctr:5000
auth_type=password
project_domain_name=default
user_domain_name=default
project_name=service
username=neutron
password=passwd
service_metadata_proxy=true
metadata_proxy_shared_secret=passwd
  1. 同步數(shù)據(jù)庫(kù)
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
/bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
  1. 啟動(dòng)服務(wù)
systemctl restart openstack-nova-api
systemctl start neutron-server neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent neutron-l3-agent
systemctl enable neutron-server neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent neutron-l3-agent
  1. 驗(yàn)證操作
    openstack network agent list
    計(jì)算節(jié)點(diǎn)有1個(gè)服務(wù),控制節(jié)點(diǎn)有4個(gè)服務(wù)

計(jì)算節(jié)點(diǎn)

  1. 安裝組件
    yum install openstack-neutron-linuxbridge ebtables ipset -y
  2. 配置
vi /etc/neutron/neutron.conf
[DEFAULT]
transport_url=rabbit://rbtmq:passwd@ops-ctr
auth_strategy=keystone
[keystone_authtoken]
www_authenticate_uri=http://ops-ctr:5000
auth_url=http://ops-ctr:5000
memcached_servers=ops-ctr:11211
auth_type=password
project_domain_name=default
user_domain_name=default
project_name=service
username=neutron
password=passwd
[oslo_concurrency]
lock_path=/var/lib/neutron/tmp
vi /etc/nova/nova.conf
[neutron]
url=http://ops-ctr:9696
auth_url=http://ops-ctr:5000
auth_type=password
project_domain_name=default
user_domain_name=default
project_name=service
username=neutron
password=passwd
vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings=provider:eth1
[vxlan]
enable_vxlan=true
local_ip=192.168.122.12
l2_population=true
[securitygroup]
enable_security_group=true
firewall_driver=neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
  1. 啟動(dòng)服務(wù)
systemctl restart openstack-nova-compute
systemctl start neutron-linuxbridge-agent
systemctl enable neutron-linuxbridge-agent

安裝UI服務(wù)horizon12

  1. 安裝組件
    yum install openstack-dashboard -y
  2. 配置
vi /etc/openstack-dashboard/local_settings
OPENSTACK_HOST="ops-ctr'
ALLOW_HOSTS=['*', ]
SESSION_ENGINE='django.contrib.sessions.backends.cache'
CACHE={
    'default':{
        'BACKEND':'django.core.cache.backends.memcached.MemcachedCache',
        'LOCALTION':'ops-ctr:11211',
    }
}
OPENSTACK_KEYSTONE_URL="http://%s:5000/v3 % OPENSTACK_HOST"
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT=True
# True要使用大寫,用小寫會(huì)報(bào)錯(cuò)
OPENSTACK_VERSIONS={
    "identity":3,
    "image":2,
    "volume":3,
}
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN="default"
OPENSTACK_KEYSTONE_DEFAULT_ROLE="demo"
TIME_ZONE="Asia/Shanghai"
vi /etc/httpd/conf.d/openstack-dashboard.conf
# add
WSGIApplicationGroup %{GLOBAL}
  1. 重啟服務(wù)
systemctl restart httpd memcached

添加一個(gè)存儲(chǔ)節(jié)點(diǎn)

控制節(jié)點(diǎn)13

  1. 數(shù)據(jù)庫(kù)
create database cinder;
grant all on cinder.* to 'cid_db'@'localhost' identified by 'passwd';
  1. 創(chuàng)建用戶、角色、endpoint和2個(gè)服務(wù):
  1. 安裝組件
    yum install openstack-cinder -y
  2. 配置
vi /etc/cinder/cinder.conf
[DEFAULT]
transport_url=rabbit://rbtmq:passwd@ops-ctr
auth_strategy=keystone
my_ip=192.168.122.11
[database]
connection=mysql+pymysql://cid_db:passwd@ops-ctr/cinder
[keystone_authtoken]
www_authenticate_uri=http://ops-ctr:5000
auth_url=http://ops-ctr:5000
memcached_servers=ops-ctr:11211
auth_type=password
project_domain_name=default
user_domain_name=default
project_name=service
username=cinder
password=passwd
[oslo_concurrency]
lock_path=/var/lib/cinder/tmp
  1. 同步數(shù)據(jù)庫(kù)
    /bin/sh -c "cinder-manage db sync" cinder
  2. 配置計(jì)算服務(wù)使用塊存儲(chǔ)
vi /etc/nova/nova.conf
# add
[cinder]
os_region_name=RegionOne
  1. 啟動(dòng)服務(wù)
systemctl restart openstack-nova-api
systemctl start openstack-cinder-api openstack-cinder-scheduler
systemctl enable openstack-cinder-api openstack-cinder-scheduler
  1. 檢查操作
    openstack volume service list

存儲(chǔ)節(jié)點(diǎn)

  1. 安裝組件
    yum install lvm2 device-mapper-persistent-data -y
  2. 創(chuàng)建邏輯分區(qū)
    pvcreate /dev/vdb
  3. 創(chuàng)建邏輯卷組
    vgcreate cinder /dev/vdb
  4. 添加過(guò)濾器
vi /etc/lvm/lvm.conf
filter=["a/dev/vda/","a/dev/vdb/","r/.*/"]
  1. 安裝cinder組件
    yum install openstack-cinder targetcli python-keystone -y
  2. 配置
vi /etc/cinder/cinder.conf
[DEFAULT]
transport_url=rabbit://rbtmq:passwd@ops-ctr
auth_strategy=keytone
my_ip=192.168.122.13
enabled_backends=lvm
glance_api_servers=http://ops-ctr:9292
[database]
connection=mysql+pymysql://cid_db:passwd@ops-ctr/cinder
[keystone_authtoken]
www_authenticate_uri=http://ops-ctr:5000
auth_url=http://ops-ctr:5000
memcached_servers=ops-ctr:11211
auth_type=password
project_domain_name=default
user_domain_name=default
project_name=service
username=cinder
password=passwd
[lvm]
volume_driver=cinder.volume.drivers.lvm.LVMVolumeDriver
volume_group=cinder
target_protocol=iscsi
target_helper=lioadm
[oslo_concurrency]
lock_path=/var/lib/cinder/tmp
  1. 啟動(dòng)服務(wù)
systemctl start openstack-cinder-volume target
systemctl enable openstack-cinder-volume target

創(chuàng)建實(shí)例

創(chuàng)建公有網(wǎng)絡(luò)15

  1. 創(chuàng)建網(wǎng)絡(luò)
. admin-openrc
# 使用provider創(chuàng)建1個(gè)flat類型的網(wǎng)絡(luò),名稱為provider
openstack network create \
--share --external \
--provider-physical-network provider \
--provider-network-type flat provider
  1. 創(chuàng)建子網(wǎng)
使用創(chuàng)建的provider網(wǎng)絡(luò),創(chuàng)建1個(gè)192.168.0.200-240范圍的子網(wǎng)
openstack subnet create \
--network provider \
--allocation-pool start=192.168.0.200,end=192.168.0.240 \
--dns-nameserver 192.168.0.1 \
--gateway 192.168.0.1 \
--subnet-range 192.168.0.0/24 provider

創(chuàng)建私有網(wǎng)絡(luò)16

  1. 創(chuàng)建網(wǎng)絡(luò)
. demo-openrc

openstack network create selfservice
  1. 創(chuàng)建子網(wǎng)
openstack subnet create \
--network selfservice \
--dns-nameserver 192.168.0.1 \
--gateway 192.168.100.1 \
--subnet-range 192.168.100.0/24 selfservice
  1. 創(chuàng)建路由
    openstack router create self-router
  2. 將selfservice網(wǎng)絡(luò)添加到路由中
    openstack router add subnet self-router selservice
  3. 在路由中設(shè)置公網(wǎng)網(wǎng)關(guān)
    openstack router set self-router --external-gateway provider
  4. 檢查操作
. admin-openrc
ip netns
openstack port list --router self-router

創(chuàng)建實(shí)例

  1. 創(chuàng)建最小規(guī)格的主機(jī),內(nèi)存64M,硬盤1G,名稱m1.nano
    openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano
  2. 添加密鑰對(duì)
    openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey
  3. 添加安全規(guī)則到default安全組中
# allow ping
openstack security group rule create --proto icmp default
# allow ssh 
openstack security group rule create --proto tcp --dst-port 22 default

創(chuàng)建主機(jī)

  1. 私網(wǎng)主機(jī)17 
. demo-openrc
openstack server create --flavor m1.nano \
--image cirros \
--nic net-id=c34add94-6f4d-4312-92f9-ac4ad426bce7 \
--security-group default \
--key-name mykey self-host
  1. 查看創(chuàng)建的主機(jī)
    openstack server list
  2. 虛擬終端訪問(wèn)主機(jī)
    openstack console url show self-host
    show-host

    vnc-console
  3. 遠(yuǎn)程訪問(wèn)主機(jī)
# create float ip
openstack floating ip create provider
# associate floating ip with self-host
openstack server add floating ip self-host 192.168.0.234
# show server list
openstack server list
create-floating-ip

associate-floating-ip

參考

  1. install database on centos
  2. install rabbitmq-server on centos
  3. install memcached on centos
  4. install etcd on centos
  5. install keystone on centos
  6. install glance on centos
  7. enable ssl on keystone
  8. install nova on centos
  9. compute server install nova
  10. install placement on centos
  11. incell neutron on centos
  12. install horizon on centos
  13. install cinder on centos for controller
  14. install cinder on centos for storage
  15. create provider network
  16. create self-service network
  17. create self-host in selfservice
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容