目录
1.IP规划
主机 | IP | 备注 |
ansible | 10.5.20.30 | |
controller | 10.5.20.31 | 控制节点,双网卡 |
20.1.1.31(隧道IP) | ||
compute | 10.5.20.32 | 计算节点,开启虚拟化,双网卡 |
20.1.1.32(隧道IP) | ||
cinbder | 10.5.20.33 | 存储节点,添加若干硬盘 |
2.部署过程
2.1 初始化
#删除系统自带网络源,该源已不可用
rm -fr /etc/yum.repos.d/*
基础源(ansible)
# 使用curl获取华为源文件
curl -L https://mirrors.huaweicloud.com/repository/conf/CentOS-7-anon.repo -o /etc/yum.repos.d/CentOS-Base.repo
openstack源(cinder)
cat >> /etc/yum.repos.d/openstack.repo <<-EOF
[base]
name=base
baseurl=https://repo.huaweicloud.com/centos/7/os/x86_64/
enable=1
gpgcheck=0
[extras]
name=extrax
baseurl=https://repo.huaweicloud.com/centos/7/extras/x86_64/
enable=1
gpgcheck=0
[updates]
name=updates
baseurl=https://repo.huaweicloud.com/centos/7/updates/x86_64/
enable=1
gpgcheck=0
[queens]
name=queens
baseurl=https://repo.huaweicloud.com/centos/7/cloud/x86_64/openstack-queens/
enable=1
gpgcheck=0
[virt]
name=virt
baseurl=https://repo.huaweicloud.com/centos/7/virt/x86_64/kvm-common/
enable=1
gpgcheck=0
EOF
epel-relase源(ansible)
yum -y install epel-release
关闭防护
# 关闭SELinux
setenforce 0
# 关闭SELinux开机自启动
sed "s/SELINUX=.*/SELINUX=disabled/" /etc/selinux/config
# 关闭防火墙
systemctl stop firewalld
# 关闭防火墙开机自启动
systemctl disable firewalld
ssh免密登录(ansible)
# 制作密钥
ssh-keygen
# 复制ssh-id
ssh-copy-id root@10.5.20.31
ssh-copy-id root@10.5.20.32
ssh-copy-id root@10.5.20.33
修改主机名
# controller
hostnamectl set-hostname controller
# compute
hostnamectl set-hostname compute
# cinder
hostnamectl set-hostname cinder
2.2 ansible
安装ansible
yum -y install ansible
将受管主机添加至ansible的hosts文件中
vim /etc/ansible/hosts
# 添加如下内容,添加所需的参数/变量
10.5.20.31 controller_ip="10.5.20.31" compute_ip="10.5.20.32" network="10.5.20.0/24" network_interface="eth0" vm_tunnal_ip="20.1.1.31"
10.5.20.32 controller_ip="10.5.20.31" compute_ip="10.5.20.32" vm_tunnal_ip="20.1.1.32"
上传shell脚本模版
installController.sh.j2
https://pan.baidu.com/s/1TLS1vovIyKoND64dlgv6Tw?pwd=1234https://pan.baidu.com/s/1TLS1vovIyKoND64dlgv6Tw?pwd=1234installCompute.sh.j2
controller.zip
编写ansible剧本
vim openstack.yaml
# 内容如下
- hosts: all
tasks:
- name: 复制压缩包至控制节点
copy: src=controller.zip dest=/root/controller.zip
when: ansible_fqdn == "controller"
- name: 复制控制节点部署脚本
template:
src: installController.sh.j2
dest: /root/installController.sh
when: ansible_fqdn == "controller"
- name: 解压controller.zip
ansible.builtin.unarchive:
src: /root/controller.zip
dest: /root/
when: ansible_fqdn == "controller"
- name: 执行控制节点脚本
shell: /bin/sh /root/installController.sh
when: ansible_fqdn == "controller"
- name: 复制压缩包至计算节点
copy: src=compute.zip dest=/root/compute.zip
when: ansible_fqdn == "compute"
- name: 复制计算节点部署脚本
template:
src: installCompute.sh.j2
dest: /root/installCompute.sh
when: ansible_fqdn == "compute"
- name: 解压compute.zip
ansible.builtin.unarchive:
src: /root/compute.zip
dest: /root/
when: ansible_fqdn == "compute"
- name: 执行计算节点脚本
shell: /bin/sh /root/installCompute.sh
when: ansible_fqdn == "compute"
- name: 在控制节点同步cell
shell: nova-manage cell_v2 discover_hosts --verbose
register: tf
when: ansible_fqdn == "controller"
- debug: msg="{{ tf.stdout_lines }}"
when: ansible_fqdn == "controller"
执行剧本
ansible-playbook openstack.yaml
执行完剧本后,登录openstack
http://10.5.20.31/dashboard
用户名:admin,密码:000000
2.3 cinder
hosts文件解析
vim /etc/hosts
# 添加如下内容
10.5.20.31 controller
10.5.20.32 compute
10.5.20.33 cinder
安装LVM组件及其他工具
yum -y install lvm2 device-mapper-persistent-data net-tools vim
启动服务并加入开机自启
systemctl enable lvm2-lvmetad --now
创建LVM物理逻辑卷
pvcreate /dev/sdb
创建cinder-volumes逻辑卷组
vgcreate cinder-volumes /dev/sdb
编辑lvm配置文件
vim /etc/lvm/lvm.conf
# 在指定位置添加内容
devices {
filter = [ "a/vdb/", "r/.*/"]
}
安装cinder组件
yum -y install centos-release-openstack-queens openstack-cinder targetcli python-keystone
备份并优化cinder配置文件
# 备份
cp /etc/cinder/cinder.conf /etc/cinder/cinder.conf.bak
# 优化
cat /etc/cinder/cinder.conf.bak | grep -v ^# | uniq > /etc/cinder/cinder.conf
编辑cinder配置文件
vim /etc/cinder/cinder.conf
# 在指定选项添加内容
[DEFAULT]
transport_url = rabbit://openstack:000000@controller
auth_strategy = keystone
my_ip = 10.5.20.33
enabled_backends = lvm
glance_api_servers = http://controller:9292
[database]
connection = mysql+pymysql://cinder:000000@controller/cinder
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_id = default
user_domain_id = default
project_name = service
username = cinder
password = 000000
[lvm]
volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver
volume_group = cinder-volumes
iscsi_protocol = iscsi
iscsi_helper = lioadm
[oslo_concurrency]
lock_path = /var/lib/cinder/tmp
启动服务并加入开机自启
systemctl restart openstack-cinder-volume target
systemctl enable openstack-cinder-volume target
2.4 controller
hosts文件解析
echo "10.5.20.33 cinder" >> /etc/hosts
配置cinder数据库
mysql -u root -p000000
CREATE DATABASE cinder;
GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY '000000';
GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY '000000';
执行环境脚本
. openstack_admin
创建一个cinder用户,密码设置为000000
openstack user create --domain default --password 000000 cinder
添加admin角色到cinder用户
openstack role add --project service --user cinder admin
创建cinderv2和cinderv3服务实体
openstack service create --name cinderv2 --description "OpenStack Block Storage v2" volumev2
openstack service create --name cinderv3 --description "OpenStack Block Storage v3" volumev3
创建块存储服务API端点
openstack endpoint create --region RegionOne volumev2 public http://controller:8776/v2/%\(project_id\)s
openstack endpoint create --region RegionOne volumev2 internal http://controller:8776/v2/%\(project_id\)s
openstack endpoint create --region RegionOne volumev2 admin http://controller:8776/v2/%\(project_id\)s
openstack endpoint create --region RegionOne volumev3 public http://controller:8776/v3/%\(project_id\)s
openstack endpoint create --region RegionOne volumev3 internal http://controller:8776/v3/%\(project_id\)s
openstack endpoint create --region RegionOne volumev3 admin http://controller:8776/v3/%\(project_id\)s
安装cinder组件
yum -y install openstack-cinder
备份并优化cinder配置文件
# 备份
cp /etc/cinder/cinder.conf /etc/cinder/cinder.conf.bak
# 优化
cat /etc/cinder/cinder.conf.bak | grep -v ^# | uniq > /etc/cinder/cinder.conf
编辑cinder配置文件
vim /etc/cinder/cinder.conf
# 在指定选项添加内容
[DEFAULT]
transport_url = rabbit://openstack:000000@controller
auth_strategy = keystone
my_ip = 10.5.20.31
[database]
connection = mysql+pymysql://cinder:000000@controller/cinder
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_id = default
user_domain_id = default
project_name = service
username = cinder
password = 000000
[oslo_concurrency]
lock_path = /var/lib/cinder/tmp
同步块存储数据库
su -s /bin/sh -c "cinder-manage db sync" cinder
配置计算服务使用块存储
vim /etc/nova/nova.conf
# 在选项[cinder]添加如下内容
[cinder]
os_region_name = RegionOne
启动/重启以下服务,将cinder服务加入开机自启
systemctl restart openstack-nova-api
systemctl restart openstack-cinder-api
systemctl restart openstack-cinder-scheduler
systemctl enable openstack-cinder-api
systemctl enable openstack-cinder-scheduler
2.5 基于openstack创建实例
创建项目
创建用户
创建外部网络
使用新创建的用户登陆openstack
创建用户网络
创建路由
放行ssh
添加一个浮动IP
创建卷
创建实例类型
创建镜像
Index of / (cirros-cloud.net)https://download.cirros-cloud.net/
创建实例