我安装的拓扑如下:
为了简便我每个节点只用了一个nic。使用provide network和Linux bridge的方式
注:A. vi编辑文本时没有的要加上去。不要改动原文件里的内容,除非我注明要把之前的【**】下面的东西删掉再加
B.10.0.0.11是controller的interface
C.参考官网文章http://docs.openstack.org/liberty/install-guide-ubuntu/
个人密码设置:
Glance用户密码是glance
Demo用户密码是demo
Nova 用户密码是nova
Neutron用户密码是neutron
其他密码按照官网的
开始
在每个节点上编辑/etc/hosts
# controller
10.0.0.11 controller
# compute1
10.0.0.31 compute1
# object1
10.0.0.51 object1
# object2
10.0.0.52 object2
确保ping外网和openstack.org可以ping通
# ping -c 4 openstack.org
PING openstack.org (174.143.194.225) 56(84) bytes of data.
64 bytes from 174.143.194.225: icmp_seq=1 ttl=54 time=18.3 ms
64 bytes from 174.143.194.225: icmp_seq=2 ttl=54 time=17.5 ms
64 bytes from 174.143.194.225: icmp_seq=3 ttl=54 time=17.5 ms
64 bytes from 174.143.194.225: icmp_seq=4 ttl=54 time=17.4 ms
--- openstack.org ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3022ms
rtt min/avg/max/mdev = 17.489/17.715/18.346/0.364 ms
# ping -c 4 compute1
PING compute1 (10.0.0.31) 56(84) bytes of data.
64 bytes from compute1 (10.0.0.31): icmp_seq=1 ttl=64 time=0.263 ms
64 bytes from compute1 (10.0.0.31): icmp_seq=2 ttl=64 time=0.202 ms
64 bytes from compute1 (10.0.0.31): icmp_seq=3 ttl=64 time=0.203 ms
64 bytes from compute1 (10.0.0.31): icmp_seq=4 ttl=64 time=0.202 ms
--- compute1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3000ms
rtt min/avg/max/mdev = 0.202/0.217/0.263/0.030 ms
在controller上配置NTP
# apt-get install chrony
编辑 /etc/chrony/chrony.conf
server NTP_SERVER iburst
重启服务
service chrony restart
配置其他node NTP:
重复controller的三个步骤,在/etc/chrony/chrony.conf里把
server NTP_SERVER iburst改成
server controller iburst
重启服务
验证NTP:
# chronyc sources
210 Number of sources = 2
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^- 192.0.2.11 2 7 12 137 -2814us[-3000us] +/- 43ms
^* 192.0.2.12 2 6 177 46 +17us[ -23us] +/- 68ms
安装openstack依赖包(每个node都需要)
# apt-get install software-properties-common
# add-apt-repository cloud-archive:liberty
apt-get update && apt-get dist-upgrade
# apt-get install python-openstackclient
controller安装SQL database
# apt-get install mariadb-server python-pymysql
编辑/etc/mysql/conf.d/mysqld_openstack.cnf
[mysqld]
...
bind-address = 10.0.0.11
[mysqld]
...
default-storage-engine = innodb
innodb_file_per_table
collation-server = utf8_general_ci
init-connect = 'SET NAMES utf8'
character-set-server = utf8
重启数据库
# service mysql restart
controller安装NoSQL database
apt-get install mongodb-server mongodb-clients python-pymongo
编辑/etc/mongodb.conf
bind_ip = 10.0.0.11
完成安装
# service mongodb stop
# rm /var/lib/mongodb/journal/prealloc.*
# service mongodb start
controller安装消息队列
注:Creating user “openstack” …等是console的信息
这里的密码或者下文出现的密码可以自己改,但是不能混淆
# apt-get install rabbitmq-server
rabbitmqctl add_user openstack RABBIT_PASS
Creating user "openstack" ...
rabbitmqctl set_permissions openstack ".*" ".*" ".*"
Setting permissions for user "openstack" in vhost "/" ...
controller安装keystone
$ mysql -u root -p
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
IDENTIFIED BY 'KEYSTONE_DBPASS';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
IDENTIFIED BY 'KEYSTONE_DBPASS';
退出数据库,创建一个administration token,记下出来的一串数字
openssl rand -hex 10
echo "manual" > /etc/init/keystone.override
apt-get install keystone apache2 libapache2-mod-wsgi \
memcached python-memcache
编辑/etc/keystone/keystone.conf
这个ADMIN_TOKEN就填刚刚的那串数字
[DEFAULT]
...
admin_token = ADMIN_TOKEN
[database]
...
connection = mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone
[memcache]
...
servers = localhost:11211
[token]
...
provider = uuid
driver = memcache
[revoke]
...
driver = sql
[DEFAULT]
...
verbose = True
同步数据库:
# su -s /bin/sh -c "keystone-manage db_sync" keystone
出现下面的log,如果在root下就去掉su -s
配置Apache HTTP server
ServerName controller
创建/etc/apache2/sites-available/wsgi-keystone.conf
Listen 5000
Listen 35357
<VirtualHost *:5000>
WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{
GROUP}
WSGIProcessGroup keystone-public
WSGIScriptAlias / /usr/bin/keystone-wsgi-public
WSGIApplicationGroup %{
GLOBAL}
WSGIPassAuthorization On
<IfVersion >= 2.4>
ErrorLogFormat "%{cu}t %M"
</IfVersion>
ErrorLog /var/log/apache2/keystone.log
CustomLog /var/log/apache2/keysto