Openstack Q版安装(all in one )

已于 2023-04-28 13:20:47 修改
阅读量452 收藏 1
点赞数
分类专栏: linux学习记录 文章标签: memcached 数据库
于 2021-08-30 10:27:16 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/m0_51974644/article/details/119991701
版权

openstack Q版 all in one 手动安装

基础信息

准备

RabbitMQ集群

Memcached集群

Keystone

Glance集群

Nova控制节点集群

Nova计算服务

Horizon集群

部署使用openstack是因为之前kvm虚拟机起的比较多和管理成本,以及对未来考量.这里记录一下openstack的部署安装过程

基础信息

Mysql数据库

ip: 192.168.1.1

User:user

Pwd:Passwd

Openstack集群可用ip

192.168.1.1/255.255.255.0/192.168.1.154

虚拟机可用ip

openstack_dhcp_pool: 192.168.8.1/255.255.252.0/192.168.11.254

准备

1.配置安装openstack yum源

mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup

curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

yum clean all

2.安装openstack client端

通过salt对openstack机器安装openstack client端

yum install python-openstackclient -y

数据库安装

yum install mariadb mariadb-server python2-PyMySQL -y

创建并编辑文件/etc/my.cnf.d/openstack.cnf

[mysqld]

bind-address = 192.168.1.1

default-storage-engine = innodb

innodb_file_per_table = on

max_connections = 4096

collation-server = utf8_general_ci

character-set-server = utf8

启动

systemctl enable mariadb.service

systemctl start mariadb.service

数据库设置密码

mysql_secure_installation

RabbitMQ集群

Rabbitmq部署在openstack001.test.com

1.安装rabbitmq

 [root@openstack001 ~]# yum install erlang rabbitmq-server -y

2.启动并设置开机启动

[root@openstack001 ~]# systemctl enable rabbitmq-server.service

[root@openstack001 ~]# systemctl start rabbitmq-server.service

3.创建rabbitmq账号

[root@openstack001 ~]# rabbitmqctl add_user openstack Passwd

设置新建账号的状态

[root@openstack001 ~]# rabbitmqctl set_user_tags openstack administrator

设置新建账号的权限

[root@openstack001 ~]# rabbitmqctl set_permissions -p "/" openstack ".*" ".*" ".*"

查看账号

[root@openstack001 ~]# rabbitmqctl list

4.

安装web插件

安装web管理插件,

[root@openstack001 ~]# rabbitmq-plugins enable rabbitmq_management

浏览器访问,如:http://192.168.1.1:15672

用户名: openstack

密码:Passwd

Memcached集群

1.安装memcached

[root@openstack001 ~]# yum install memcached python-memcached -y

2.配置memcached

在全部安装memcached服务的节点设置服务监听地址```javascript

[root@openstack001 ~]# sed -i 's|127.0.0.1,::1|0.0.0.0|g' /etc/sysconfig/memcached

3.设置开机启动

systemctl enable memcached.service

systemctl start memcached.service

systemctl status memcached.service

Keystone

1.

创建keystone数据库

创建数据库,数据库自动同步

CREATE DATABASE keystone;

2.安装keystone

[root@openstack001 ~]# yum install openstack-keystone httpd mod_wsgi mod_ssl -y

3.配置keystone.conf/etc/keystone/keystone.conf

[root@openstack001.test.com ~]# cat /etc/keystone/keystone.conf

[DEFAULT]

admin_token = 3220926717d6a2d33771

[application_credential]

[assignment]

[auth]

[cache]

backend = oslo_cache.memcache_pool

enabled = true

memcache_servers = openstack001.test.com:11211

[catalog]

[cors]

[credential]

[database]

connection = mysql+pymysql://user:Passwd@192.168.1.1/keystone

[domain_config]

[endpoint_filter]

[endpoint_policy]

[eventlet_server]

[federation]

[fernet_tokens]

[healthcheck]

[identity]

[identity_mapping]

[ldap]

[matchmaker_redis]

[memcache]

[oauth1]

[oslo_messaging_amqp]

[oslo_messaging_kafka]

[oslo_messaging_notifications]

[oslo_messaging_rabbit]

[oslo_messaging_zmq]

[oslo_middleware]

[oslo_policy]

[paste_deploy]

[policy]

[profiler]

[resource]

[revoke]

[role]

[saml]

[security_compliance]

[shadow_users]

[signing]

[token]

provider = fernet

[tokenless_auth]

[trust]

[unified_limit]

4.同步keystone数据库

[root@openstack001 ~]# su -s /bin/sh -c "keystone-manage db_sync" keyston

查看验证

[root@openstack001 ~]# mysql -h 192.168.1.1 -uuser -pPasswd  -e "use keystone;show tables;"

5.初始化fernet秘钥

选定任意控制节点(openstack001)做fernet秘钥初始化,在/etc/keystone/生成相关秘钥及目录

[root@openstack001 ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone

[root@openstack001 ~]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

6.配置httpd.conf

[root@openstack001 ~]# cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.bak

[root@openstack001 ~]# sed -i "s/#ServerName www.example.com:80/ServerName ${HOSTNAME}/" /etc/httpd/conf/httpd.conf

[root@openstack001 ~]# sed -i "s/Listen\ 80/Listen\ 192.168.1.1:80/g" /etc/httpd/conf/httpd.conf

7.配置wsgi-keystone.conf

复制wsgi-keystone.conf文件;或者针对wsgi-keystone.conf创建软链接

[root@openstack001 ~]# cp /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/

修改wsgi-keystone.conf文件,注意各节点对应的ip地址或主机名等

sed -i "s/Listen\ 5000/Listen\ 192.168.1.1:5000/g" /etc/httpd/conf.d/wsgi-keystone.conf

sed -i "s/Listen\ 35357/Listen\ 192.168.1.1:35357/g" /etc/httpd/conf.d/wsgi-keystone.conf

sed -i "s/*:5000/192.168.1.1:5000/g" /etc/httpd/conf.d/wsgi-keystone.conf

sed -i "s/*:35357/192.168.1.1:35357/g" /etc/httpd/conf.d/wsgi-keystone.conf

8.认证引导

初始化admin用户(管理用户)与密码,3种api端点,服务实体可用区等

[root@openstack001 ~]# keystone-manage bootstrap --bootstrap-password Passwd \

  --bootstrap-admin-url http://openstack001.test.com:35357/v3/ \

  --bootstrap-internal-url http://openstack001.test.com:5000/v3/ \

  --bootstrap-public-url http://openstack001.test.com:5000/v3/ \

  --bootstrap-region-id Test

9.启动服务

 systemctl enable httpd.service

 systemctl restart httpd.service

 systemctl status httpd.service

10.配置环境变量

export OS_USERNAME=admin

export OS_PASSWORD=Passwd

export OS_PROJECT_NAME=admin

export OS_USER_DOMAIN_NAME=Default

export OS_PROJECT_DOMAIN_NAME=Default

export OS_AUTH_URL=http://openstack001.test.com:35357/v3

export OS_IDENTITY_API_VERSION=3

11.创建domain, projects, users, 与roles

[root@openstack001 ~]# openstack domain list

[root@openstack001 ~]# openstack project create --domain default --description "Demo Project" demo

[root@openstack001 ~]# openstack user create --domain default --password=Passwd demo

[root@openstack001 ~]# openstack role create user

[root@openstack001 ~]# openstack role add --project demo --user demo user

[root@openstack001 ~]# openstack user list

[root@openstack001 ~]# openstack role list

[root@openstack001 ~]# openstack role assignment list

12.openstack client 环境变量脚本

admin-openrc

openstack client环境脚本定义client调用openstack api环境变量,以方便api的调用(不必在命令行中携带环境变量); 根据不同的用户角色,需要定义不同的脚本;这里以"认证引导"章节定义的admin用户为例,设置其环境脚本,再根据需要分发到需要运行openstack client工具的节点;

一般将脚本创建在用户主目录

[root@openstack001 ~]# touch admin-openrc

[root@openstack001 ~]# chmod u+x admin-openrc

[root@openstack001 ~]# vim admin-openrc

export OS_PROJECT_DOMAIN_NAME=Default

export OS_USER_DOMAIN_NAME=Default

export OS_PROJECT_NAME=admin

export OS_USERNAME=admin

export OS_PASSWORD=Passwd

export OS_AUTH_URL=http://openstack001.test.com:5000/v3

export OS_IDENTITY_API_VERSION=3

export OS_IMAGE_API_VERSION=2

验证

[root@openstack001 ~]# openstack token issue

demo-openrc,同admin-openrc,注意project/user/password的区别

[root@openstack001 ~]# touch demo-openrc

[root@openstack001 ~]# chmod u+x demo-openrc

[root@openstack001 ~]# vim demo-openrc

export OS_PROJECT_DOMAIN_NAME=Default

export OS_USER_DOMAIN_NAME=Default

export OS_PROJECT_NAME=demo

export OS_USERNAME=demo

export OS_PASSWORD=Passwd

export OS_AUTH_URL=http://openstack001.test.com:5000/v3

export OS_IDENTITY_API_VERSION=3

export OS_IMAGE_API_VERSION=2

验证

[root@openstack001 ~]# openstack token issue

Glance集群

1.创建glance数据库

   创建数据库,后台数据自动同步

CREATE DATABASE glance;

2.创建glance-api

在,;调用keystone服务需要认证信息,加载环境变量脚本即可

[root@openstack001 ~]# . admin-openrc

创建service项目

创建1个project,glance/nova/neutron等服务加入到此project; service项目在"default" domain中

[root@openstack001 ~]# openstack project create --domain default --description "Service Project" service

创建glance用户glance用户在"default" domain中

[root@openstack001 ~]# openstack user create --domain default --password=Passwd glance

glance用户赋权为glance用户赋予admin权限

[root@openstack001 ~]# openstack role add --project service --user glance admin

创建glance服务实体服务实体类型"image"

[root@openstack001 ~]# openstack service create --name glance --description "OpenStack Image" image

创建glance-api注意--region与初始化admin用户时生成的region一致;api地址统一采用vip,如果public/internal/admin分别使用不同的vip,请注意区分;服务类型为image;

 [root@openstack001 ~]# openstack endpoint create --region Test image public http://openstack001.test.com:9292

 [root@openstack001 ~]# openstack endpoint create --region Test image internal http://openstack001.test.com:9292

 [root@openstack001 ~]# openstack endpoint create --region Test image admin http://openstack001.test.com:9292

3.安装glance

[root@openstack001 ~]# yum install openstack-glance python-glance python-glanceclient -y

4.配置glance-api.conf

注意"bind_host"参数,根据节点修改;注意glance-api.conf文件的权限:root:glance

cp /etc/glance/glance-api.conf /etc/glance/glance-api.conf.bak

[root@openstack001.test.com ~]# cat /etc/glance/glance-api.conf

[DEFAULT]

enable_v1_api = false

bind_host = 192.168.1.1

[cors]

[database]

connection = mysql+pymysql://user:Passwd@192.168.1.1/glance

[glance_store]

stores = file,http

default_store = file

filesystem_store_datadir = /data/glance/images/

[image_format]

[keystone_authtoken]

auth_uri = http://openstack001.test.com:5000

auth_url = http://openstack001.test.com:35357

memcache_servers = openstack001.test.com:11211

auth_type = password

project_domain_name = default

user_domain_name = default

project_name = service

username = glance

password = Passwd

[matchmaker_redis]

[oslo_concurrency]

[oslo_messaging_amqp]

[oslo_messaging_kafka]

[oslo_messaging_notifications]

[oslo_messaging_rabbit]

[oslo_messaging_zmq]

[oslo_middleware]

[oslo_policy]

[paste_deploy]

flavor = keystone

[profiler]

[store_type_location_strategy]

[task]

[taskflow_executor]

创建镜像存储目录并赋权限;

[root@openstack001 ~]# mkdir -p /data/glance/images/

[root@openstack001 ~]# chown glance:glance /data/glance/images/

5.配置glance-registry.conf(optional)

注意glance-registry.conf文件的权限:root:glance

[root@openstack001.test.com ~]# cat /etc/glance/glance-registry.conf

[DEFAULT]

bind_host = 192.168.1.1

[database]

connection = mysql+pymysql://user:Passwd@192.168.1.1/glance

[keystone_authtoken]

auth_uri = http://openstack001.test.com:5000

auth_url = http://openstack001.test.com:35357

memcache_servers = openstack001.test.com:11211

auth_type = password

project_domain_name = default

user_domain_name = default

project_name = service

username = glance

password = Passwd

[matchmaker_redis]

[oslo_messaging_amqp]

[oslo_messaging_kafka]

[oslo_messaging_notifications]

[oslo_messaging_rabbit]

[oslo_messaging_zmq]

[oslo_policy]

[paste_deploy]

flavor = keystone

[profiler]

6.同步glance数据库

忽略输出的"deprecated"信息

[root@openstack001 ~]# su -s /bin/sh -c "glance-manage db_sync" glance

查看验证

[root@openstack001 ~]# mysql -h 192.168.1.1 -uuser -pPasswd  -e "use glance;show tables;"

7.启动服务

 [root@openstack001 ~]# systemctl enable openstack-glance-api.service openstack-glance-registry.service

[root@openstack001 ~]# systemctl restart openstack-glance-api.service openstack-glance-registry.service

查看服务状态

[root@openstack001 ~]# systemctl status openstack-glance-api.service openstack-glance-registry.service

查看端口

[root@openstack001 ~]# netstat -tunlp | grep python2

8.验证测试

下载镜像

[root@openstack001 ~]# wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img

上传镜像

"上传"指将已下载的原始镜像经过一定的格式转换上传到image服务;格式指定为qcow2,bare;设置public权限;镜像生成后,在指定的存储目录下生成以镜像id命名的镜像文件

[root@openstack001 ~]# . admin-openrc

[root@openstack001 ~]# openstack image create "cirros-qcow2" \

  --file ~/cirros-0.3.5-x86_64-disk.img \

  --disk-format qcow2 --container-format bare \

  --public

查看镜像

[root@openstack001 ~]# openstack image list

Nova控制节点集群

1.

创建nova相关数据库

创建数据库,后台数据自动同步,;nova服务含4个数据库,统一授权到nova用户;

placement主要涉及资源统筹,较常用的api接口是获取备选资源与claim资源等.

CREATE DATABASE nova_api;

CREATE DATABASE nova;

CREATE DATABASE nova_cell0;

CREATE DATABASE nova_placement;

2.创建nova/placement-api

调用nova相关服务需要认证信息,加载环境变量脚本

[root@openstack001 ~]# . admin-openrc

创建nova/plcement用户

nova/placement用户在"default" domain中

[root@openstack001 ~]# openstack user create --domain default --password=Passwd nova

[root@openstack001 ~]# openstack user create --domain default --password=Passwd placement

nova/placement赋权

为nova/placement用户赋予admin权限

[root@openstack001 ~]# openstack role add --project service --user nova admin

[root@openstack001 ~]# openstack role add --project service --user placement admin

创建nova/placement服务实体nova服务实体类型"compute";placement服务实体类型"placement"

[root@openstack001 ~]# openstack service create --name nova --description "OpenStack Compute" compute

[root@openstack001 ~]# openstack service create --name placement --description "Placement API" placement

创建nova/placement-api

 [root@openstack001 ~]# openstack endpoint create --region Test compute public http://openstack001.test.com:8774/v2.1

 [root@openstack001 ~]# openstack endpoint create --region Test compute internal http://openstack001.test.com:8774/v2.1

 [root@openstack001 ~]# openstack endpoint create --region Test compute admin http://openstack001.test.com:8774/v2.1

 [root@openstack001 ~]# openstack endpoint create --region Test placement public http://openstack001.test.com:8778

 [root@openstack001 ~]# openstack endpoint create --region Test placement internal http://openstack001.test.com:8778

 [root@openstack001 ~]# openstack endpoint create --region Test placement admin http://openstack001.test.com:8778

4.安装nova

安装nova相关服务,

[root@openstack001 ~]# yum install openstack-nova-api openstack-nova-conductor \

   openstack-nova-console openstack-nova-novncproxy \

   openstack-nova-scheduler openstack-nova-placement-api -y

5.

配置nova.conf

注意本次安装控制节点服务和计算节点在一起,nova.conf文件的权限:root:nova

[root@openstack001.test.com ~]# cat  /etc/nova/nova.conf

[DEFAULT]

my_ip=192.168.1.1

osapi_compute_listen=$my_ip

osapi_compute_listen_port=8774

metadata_listen=$my_ip

metadata_listen_port=8775

enabled_apis = osapi_compute,metadata

transport_url=rabbit://openstack:Passwd@openstack001.test.com:5672

use_neutron = True

firewall_driver = nova.virt.firewall.NoopFirewallDriver

instances_path=/data/nova/instances

allow_resize_to_same_host=true

dhcp_domain=test.com

reserved_host_disk_mb=10240

reserved_host_memory_mb=4096

cpu_allocation_ratio=3.0

ram_allocation_ratio=1.0

service_down_time=120

rpc_response_timeout = 300

[api]

auth_strategy=keystone

[api_database]

connection = mysql+pymysql://user:Passwd@192.168.1.1/nova_api

[barbican]

[cache]

backend=oslo_cache.memcache_pool

enabled=True

memcache_servers = openstack001.test.com:11211

[cells]

[cinder]

[compute]

[conductor]

[console]

[consoleauth]

[cors]

[crypto]

[database]

connection = mysql+pymysql://user:Passwd@192.168.1.1/nova

[devices]

[ephemeral_storage_encryption]

[filter_scheduler]

enabled_filters=RetryFilter,AvailabilityZoneFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter

[glance]

api_servers = http://openstack001.test.com:9292

[guestfs]

[healthcheck]

[hyperv]

[ironic]

[key_manager]

[keystone]

[keystone_authtoken]

auth_uri = http://openstack001.test.com:5000

auth_url = http://openstack001.test.com:35357

memcached_servers = openstack001.test.com:11211,openstack001.test.com:11211,openstack-master002.test.com:11211

auth_type = password

project_domain_name = default

user_domain_name = default

project_name = service

username = nova

password = Passwd

[libvirt]

virt_type=kvm

[matchmaker_redis]

[metrics]

[mks]

[neutron]

url = http://openstack001.test.com:9696

auth_url = http://openstack001.test.com:35357

auth_type = password

project_domain_name = default

user_domain_name = default

region_name = Test

project_name = service

username = neutron

password = Passwd

service_metadata_proxy = true

metadata_proxy_shared_secret = Passwd

[notifications]

[osapi_v21]

[oslo_concurrency]

lock_path = /var/lib/nova/tmp

[oslo_messaging_amqp]

[oslo_messaging_kafka]

[oslo_messaging_notifications]

[oslo_messaging_rabbit]

[oslo_messaging_zmq]

[oslo_middleware]

[oslo_policy]

[pci]

[placement]

region_name = Test

project_domain_name = Default

project_name = service

auth_type = password

user_domain_name = Default

auth_url = http://openstack001.test.com:35357/v3

username = placement

password = Passwd

[quota]

[rdp]

[remote_debug]

[scheduler]

[serial_console]

[service_user]

[spice]

[upgrade_levels]

[vault]

[vendordata_dynamic_auth]

[vmware]

[vnc]

enabled=true

server_listen=$my_ip

server_proxyclient_address=$my_ip

#novncproxy_base_url=http://openstack001.test.com:6080/vnc_auto.html

#novncproxy_base_url=http://$my_ip:6080/vnc_auto.html

novncproxy_host=$my_ip

vncserver_listen=0.0.0.0

vncserver_proxyclient_address=192.168.1.1

novncproxy_base_url=http://192.168.1.1:6080/vnc_auto.html

[workarounds]

[wsgi]

[xenserver]

[xvp]

6. 配置00-nova-placement-api.conf

[root@openstack001 ~]# cp /etc/httpd/conf.d/00-nova-placement-api.conf /etc/httpd/conf.d/00-nova-placement-api.conf.bak

[root@openstack001 ~]# sed -i "s/Listen\ 8778/Listen\ 192.168.1.1:8778/g" /etc/httpd/conf.d/00-nova-placement-api.conf

[root@openstack001 ~]# sed -i "s/*:8778/192.168.1.1:8778/g" /etc/httpd/conf.d/00-nova-placement-api.conf

[root@openstack001 ~]# echo "

#Placement API

<Directory /usr/bin>

   <IfVersion >= 2.4>

      Require all granted

   </IfVersion>

   <IfVersion < 2.4>

      Order allow,deny

      Allow from all

   </IfVersion>

</Directory>

" >> /etc/httpd/conf.d/00-nova-placement-api.conf

```javascript

重启httpd服务,启动placement-api监听端口

```javascript

[root@openstack001 ~]# systemctl restart httpd

6.同步nova相关数据库

[root@openstack001 ~]# su -s /bin/sh -c "nova-manage api_db sync" nova

注册cell0数据库

[root@openstack001 ~]# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova

创建cell1 cell

[root@openstack001 ~]# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova

同步nova数据库, 忽略"deprecated"信息

[root@openstack001 ~]# su -s /bin/sh -c "nova-manage db sync" nova

注意:

同步数据库报错:此版本在向数据库同步导入数据表时,报错:/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) [‘use_tpool’] not supported

exception.NotSupportedWarning

解决方案如下:

bug:https://bugs.launchpad.net/nova/+bug/1746530

pacth:https://github.com/openstack/oslo.db/commit/c432d9e93884d6962592f6d19aaec3f8f66ac3a2

7.验证

cell0与cell1注册正确

[root@openstack001 ~]# nova-manage cell_v2 list_cells

查看数据表

[root@openstack001 ~]# mysql -h 192.168.1.1 -uuser -pPasswd  -e "use nova_api;show tables;"

[root@openstack001 ~]# mysql -h 192.168.1.1 -uuser -pPasswd  -e "use nova;show tables;"

[root@openstack001 ~]# mysql -h 192.168.1.1 -uuser -pPasswd  -e "use nova_cell0;show tables;"

8.启动服务

systemctl enable openstack-nova-api.service \

openstack-nova-consoleauth.service \

openstack-nova-scheduler.service \

openstack-nova-conductor.service \

openstack-nova-novncproxy.service

启动

 systemctl restart openstack-nova-api.service

 systemctl restart openstack-nova-consoleauth.service

 systemctl restart openstack-nova-scheduler.service

 systemctl restart openstack-nova-conductor.service

 systemctl restart openstack-nova-novncproxy.service

查看状态

systemctl status openstack-nova-api.service \

openstack-nova-consoleauth.service \

openstack-nova-scheduler.service \

openstack-nova-conductor.service \

openstack-nova-novncproxy.service

查看端口

[root@openstack001 ~]# netstat -tunlp | egrep '8774|8775|8778|6080'

9.验证

[root@openstack001 ~]# . admin-openrc

列出各服务组件,查看状态;也可使用命令" nova service-list"

[root@openstack001 ~]# openstack compute service list

展示api端点

[root@openstack001 ~]# openstack catalog list

检查cell与placement api运行正常

[root@openstack001 ~]# nova-status upgrade check

Nova计算服务

1.安装nova-compute

安装nova-compute服务,

[root@openstack001 ~]# yum install python-openstackclient openstack-utils openstack-selinux -y

[root@openstack001 ~]# yum install openstack-nova-compute -y

由于控制节点和计算节点都在一台机器上,所以配置已在配置控制节点服务时配置.

创建磁盘镜像存储目录并赋权限;/data/nova/instances

[root@openstack001 ~]# mkdir -p /data/nova/instances

[root@openstack001 ~]# chown nova:nova /data/nova/instances

2.启动服务

[root@openstack001 ~]# systemctl enable libvirtd.service openstack-nova-compute.service

启动

[root@openstack001 ~]# systemctl restart libvirtd.service

[root@openstack001 ~]# systemctl restart openstack-nova-compute.service

查看状态

systemctl status libvirtd.service

systemctl status openstack-nova-compute.service

3.向cell数据库添加计算节点

[root@openstack001 ~]# . admin-openrc

[root@openstack001 ~]# openstack compute service list --service nova-compute

手工发现计算节点主机,即添加到cell数据库

[root@openstack001 ~]# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova

``

## Neutron服务

注意本次安装网络服务都在一个节点上

1. 创建neutron数据库

Neutron只部署在openstack001节点,挂载haproxy下面,api使用192.168.1.1 vip.

```javascript

 CREATE DATABASE neutron;

4.创建neutron-api

调用neutron服务需要认证信息,加载环境变量脚本即可

[root@openstack001 ~]# . admin-openrc

创建neutron用户neutron用户在"default" domain中

[root@openstack001 ~]# openstack user create --domain default --password=Passwd neutron

neutron赋权,为neutron用户赋予admin权限

[root@openstack001 ~]# openstack role add --project service --user neutron admin

创建neutron服务实体,neutron服务实体类型"network"

[root@openstack001 ~]# openstack service create --name neutron --description "Test OpenStack Networking" network

[root@openstack001 ~]# openstack endpoint create --region Test network public http://openstack001.test.com:9696

 [root@openstack001 ~]# openstack endpoint create --region Test network internal http://openstack001.test.com:9696

 [root@openstack001 ~]# openstack endpoint create --region Test network admin http://openstack001.test.com:9696

5.安装neutron

[root@openstack001 ~]# yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge python-neutronclient ebtables ipset -y

6.配置neutron.conf注意neutron.conf文件的权限:root:neutron

[root@openstack001.test.com ~]# cat /etc/neutron/neutron.conf

[DEFAULT]

bind_host = 192.168.1.1

auth_strategy = keystone

core_plugin = ml2

service_plugins = router

notify_nova_on_port_status_changes = true

notify_nova_on_port_data_changes = true

dhcp_agents_per_network = 1

transport_url = rabbit://openstack:Passwd@openstack001.test.com:5672

[agent]

[cors]

[database]

connection = mysql+pymysql://user:Passwd@192.168.1.1/neutron

[keystone_authtoken]

auth_uri = http://openstack001.test.com:5000

auth_url = http://openstack001.test.com:35357

memcache_servers = openstack001.test.com:11211

auth_type = password

project_domain_name = default

user_domain_name = default

project_name = service

username = neutron

password = Passwd

[matchmaker_redis]

[nova]

auth_url = http://openstack001.test.com:35357

auth_type = password

project_domain_name = default

user_domain_name = default

region_name = Test

project_name = service

username = nova

password = Passwd

[oslo_concurrency]

lock_path = /var/lib/neutron/tmp

[oslo_messaging_amqp]

[oslo_messaging_kafka]

[oslo_messaging_notifications]

[oslo_messaging_rabbit]

[oslo_messaging_zmq]

[oslo_middleware]

[oslo_policy]

[quotas]

[ssl]

7.配置ml2_conf.ini

[root@openstack001.test.com ~]#  cat /etc/neutron/plugins/ml2/ml2_conf.ini

[DEFAULT]

[l2pop]

[ml2]

type_drivers = local,flat,vlan

tenant_network_types = local,flat,vlan

mechanism_drivers = linuxbridge

extension_drivers = port_security

[ml2_type_flat]

flat_networks = external

[ml2_type_geneve]

[ml2_type_gre]

[ml2_type_vlan]

network_vlan_ranges = external:100:3500

[ml2_type_vxlan]

[securitygroup]

enable_ipset = true

服务初始化调用ml2_conf.ini中的配置,但指向/etc/neutron/olugin.ini文件

[root@openstack001 ~]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

8.配置linuxbridge_agent.ini

[root@openstack001.test.com ~]# cat /etc/neutron/plugins/ml2/linuxbridge_agent.ini

[DEFAULT]

[agent]

[linux_bridge]

physical_interface_mappings = external:bond0

[network_log]

[securitygroup]

enable_security_group = True

firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

[vxlan]

enable_vxlan = false

配置内核参数bridge:是否允许桥接;如果"sysctl -p"加载不成功,报" No such file or directory"错误,需要加载内核模块"br_netfilter";

命令"modinfo br_netfilter"查看内核模块信息;命令"modprobe br_netfilter"加载内核模块

 echo "# bridge" >> /etc/sysctl.conf

 echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf

 echo "net.bridge.bridge-nf-call-ip6tables = 1" >> /etc/sysctl.conf

 sysctl -p

9.配置dhcp_agent.ini

[root@openstack001.test.com ~]# cat  /etc/neutron/dhcp_agent.ini

[DEFAULT]

interface_driver = linuxbridge

dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq

enable_isolated_metadata = True

dhcp_lease_duration = -1

[agent]

[ovs]

10.配置metadata_agent.inimetadata_proxy_shared_secret:与/etc/nova/nova.conf文件中参数一致;

cat /etc/neutron/metadata_agent.ini

[DEFAULT]

nova_metadata_host = openstack001.test.com

metadata_proxy_shared_secret = Passwd

[agent]

[cache]

memcache_servers = openstack001.test.com:11211

11.

配置nova.conf

配置只涉及nova.conf的"[neutron]"字段; metadata_proxy_shared_secret:与/etc/neutron/metadata_agent.ini文件中参数一致,

cat /etc/neutron/metadata_agent.ini

[neutron]

url = http://openstack001.test.com:9696

auth_url = http://openstack001.test.com:35357

auth_type = password

project_domain_name = default

user_domain_name = default

region_name = Test

project_name = service

username = neutron

password = Passwd

service_metadata_proxy = true

metadata_proxy_shared_secret = Passwd

12.同步neutron数据库

[root@openstack001 ~]# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

验证

[root@openstack001 ~]# mysql -h 192.168.1.1 -uuser -pPasswd  -e "use neutron;show tables;"

13.启动服务

变更nova配置文件,首先需要重启nova服务

[root@openstack001 ~]# systemctl restart openstack-nova-api.service

开机启动

[root@openstack001 ~]# systemctl enable neutron-server.service \

neutron-linuxbridge-agent.service \

neutron-dhcp-agent.service \

neutron-metadata-agent.service

启动

systemctl restart neutron-server.service

systemctl restart neutron-linuxbridge-agent.service

systemctl restart neutron-dhcp-agent.service

systemctl restart neutron-metadata-agent.service

检查

systemctl status neutron-server.service \

neutron-linuxbridge-agent.service \

neutron-dhcp-agent.service \

neutron-metadata-agent.service

15.验证

[root@openstack001 ~]# . admin-openrc

[root@openstack001 ~]# openstack extension list --network

查看agent服务

[root@openstack001 ~]# openstack network agent list

Horizon集群

1.安装dashboard

[root@openstack001 ~]# yum install openstack-dashboard -y

2.配置local_settings

[root@openstack001 ~]# cp /etc/openstack-dashboard/local_settings /etc/openstack-dashboard/local_settings.bak

编辑/etc/openstack-dashboard/local_settings

[root@openstack001 ~]# vim /etc/openstack-dashboard/local_settings

# 允许所有主机访问

38  ALLOWED_HOSTS = ['*', 'localhost']

# 强制使用相应版本的api

64  OPENSTACK_API_VERSIONS = {

65  #    "data-processing": 1.1,

66      "identity": 3,

67      "image": 2,

68      "volume": 2,

69  #    "compute": 2,

70  }

# 在多域模式运行时开启,登陆时除账号/密码外还需要输入域

75  OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True

# 取消注释

97  OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'Default'

# 取消158~163行注释,并使用memcached集群

158  CACHES = {

159      'default': {

160          'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',

161          'LOCATION': 'openstack001.test.com:11211'

162      },

163  }

# 注释165~169行

165  #CACHES = {

166  #    'default': {

167  #        'BACKEND': 'django.core.cache.backends.locmem.LocMemCache',

168  #    },

169  #}

# 监听地址使用vip;

# keystone认证使用v3;

# 设置通过dashboard创建的用户具有"user"角色权限,"user"角色在keystone章节已创建

188  OPENSTACK_HOST = "openstack001.test.com"

189  OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST

190  OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"

OPENSTACK_NEUTRON_NETWORK = {

    'enable_router': False,

    'enable_quotas': False,

    'enable_distributed_router': False,

    'enable_ha_router': False,

    'enable_lb': False,

    'enable_firewall': False,

    'enable_vpn': False,

    'enable_fip_topology_check': False,

}

# 修改时区

463  TIME_ZONE = "Asia/Shanghai"

3.配置openstack-dashboard.conf在全部节点编辑/etc/httpd/conf.d/openstack-dashboard.conf,在第3行后新增" WSGIApplicationGroup %{GLOBAL}"

[root@openstack001 ~]# cp /etc/httpd/conf.d/openstack-dashboard.conf /etc/httpd/conf.d/openstack-dashboard.conf.bak

[root@openstack001 ~]# sed -i '3a WSGIApplicationGroup\ %{GLOBAL}' /etc/httpd/conf.d/openstack-dashboard.conf

4.启动服务

[root@openstack001 ~]# systemctl restart httpd.service memcached.service

5.验证

登陆:http://192.168.1.1/dashboard

域:default

用户:admin

密码:Passwd

花小智
关注
  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 打赏
    打赏
  • 0
    评论
专栏目录
Openstack all-in-one_ironic 部署测试
zuopiezia的博客
05-26 201
虚拟环境变量需要在inventory中增加下面配置。
OpenStack部署(三)
weixin_44099173的博客
02-28 661
Image Service 图像服务glance 一、先决条件 在安装和配置映像服务之前,必须创建数据库、服务凭据和API端点。 1.创建数据库root访问数据库 [root@localhost /]# mysql -u root -p Enter password: Welcome to the MariaDB monitor. 创建glance数据库 MariaDB [(none)]> CREATE DATABASE glance; Query OK, 1 row affected (0.0
OpenStack 初探(一) -- All-In-One模式部署(初学OpenStack必备)
热门推荐
Mr.H的专栏
12-04 3万+
一、操作前需了解:     1. OpenStack提供IaaS(基础设施即服务)服务,它是开源的云计算平台。(个人理解:将多台硬件设备虚拟化成一个池,然后在池子里放虚拟机,放存储(对象和块)集群,所有整合一起提供云计算基础服务,会想到VMWARE的ESX(i))     2. 通常OpenStack是由许多硬件节点组合而成的,包括控制节点Controller,计算节点Compute,网络
CentOS7下手动安装OpenStack All in one
zyqash的博客
08-14 877
Open Stack的官方安装手册参考以下网址,如在安装过程中如有与本手册有不一致的地方以官方手册为准。
openstack(queens)All-in-One安装教程.pdf
10-12
包含完整虚拟机配置、Ubuntu安装、利用devstack搭建Openstack以及常见20种错误汇总
openstack-q本镜像下载地址.txt
05-11
openstack-q本镜像下载地址
openstack同步数据库报错!!
qq_47902942的博客
03-22 790
openstack同步数据库操作su -s /bin/sh -c "keystone-manage db_sync" keystone
OpenStack Victoria安装部署实例教程
03-07
本文档详细介绍了openstack Victoria安装部署过程,包括网络环境设置、控制节点、计算节点、存储节点配置方法,Keystone、Glance、Placement、Nova、Neutron、Horizon、Cinder等组件配置方法及常见问题处理。
OpenStack-train安装手册
最新发布
11-20
OpenStack-train安装手册,包含环境介绍、环境安装安装Spice控制台、实例热迁移的libvirt、实例调整实例大小、负载均衡即服、务网络QoS等
openstack Swift All in one 搭建手册1
08-08
OpenStack Swift All in One 搭建手册 OpenStack Swift 是一种分布式对象存储系统,用于存储和检索大规模数据。基于 OpenStack Swift,我们可以构建高可用、高性能的存储系统。本文将指导您完成 OpenStack Swift ...
OpenStack—Q 环境部署
Zcoder`Blog
10-15 2757
环境部署一、基本配置要求二、配置主机映射三、配置阿里yum源四、安装NTP时钟服务五、安装QOpenStack六、安装SQL database七、安装RabbitMQ(消息队列)组件八、Etcd服务安装 一、基本配置要求 配置: VMware-14、Centos7.5、双节点 Controller节点:4G运行内存、2个处理器、50G硬盘 Compute 节点:2G运行内存、2个处理、50G硬盘...
部署openstack Q
比你牛逼的人比你更努力!
01-11 2618
环境 controller compute [root@controller ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhos...
手动安装libertyopenstack环境(allinone)---环境准备
吴业亮的专栏
11-24 8682
作者:【吴业亮】云计算开发工程师 博客:http://blog.csdn.net/wylfengyujiancheng 一、网络拓扑及网卡配置 二、建议硬件配置: vcpu: 2+ 内存:4G+ 硬盘:10G+ 操作系统:CentOS7.1 否则在安装过程中会报一些服务起不来错误 三、创建centos7.0操作系统 1、使用CentOS-7-x86_64-DVD-
Openstack 之 系统环境
ywmack
08-09 197
openstack Q 服务器系统centos7 控制端IP:192.168.50.31 计算端IP:192.168.50.32 网卡就一块 (也可以两块 后面会有多块网卡教程) # 网卡配置 TYPE=Ethernet BOOTPROTO=static IPADDR=192.168.50.31 NETMASK=255.255.255.0 GATEWAY=192.168.50.1 D...
OpenStack(Queens)详细安装部署(三)-镜像服务(glance)安装
塔尖草的博客
05-02 3660
本文为扶艾原创文章,权所有,禁止转载! 本篇文章是本系列的第三篇文章,将继续进行OpenStack镜像服务的安装 四、安装镜像服务 4.1 (控制节点)配置镜像数据库 连接数据库 # mysql -u root -pfuai123 创建glance数据库并设置访问权限 MariaDB [(none)]&gt; CREATE DATABASE glance; M...
OpenStack的q安装操作手册
guoshaoliang789的专栏
07-12 1165
OpenStack的q安装操作手册 1、 架构图: 2、基础环境准备: systemctl disable firewalld systemctl disable NetworkManager vim /etc/selinux/config SELINUX=disabled 2.2 安装常用命令 yum install -y vim wget tree lrzsz gcc gcc-c...
OpenStack L安装 All In One 之 基础环境搭建
shuningzhang的专栏
11-28 2970
OpenStack如火如荼,现在Liberty本已经发布,下面本文将一步一步详细介绍一下该本的单机部署。当然如果有多个服务器,也可以按照该教程进行分布式部署。本文假设读者对OpenStack的架构和基本组件有基本的了解。首先介绍一下基础环境的安装。所谓基础环境,是运行OpenStack所必须的软件组件,包含NTP服务,数据库和消息队列等软件模块。
OpenStack 初探 -- All-In-one在Centos中部署
Serene MA的博客
05-11 1479
#搭建AllInOne模式的OpenStack 真实环境下的OpenStack是搭建在真实硬件上的,出于研究目的,本文将会在VMWARE虚拟机(目前最新的CentOs 7.4.1708 minimal)上搭建OpenStack。由于过程中有一些步骤容易出错,所以建议在安装之前给操作系统打好快照,以便后续出现莫名错误时能回退操作系统。 OpenStack all-in-one模式会将OpenStac...
CentOS 7 安装 Openstack Rocky 本 - 创建实例
Elegant Coding
01-03 148
推广博客: CentOS 7 安装 Openstack Rocky 本 - 创建实例
openstack all in one
03-31
OpenStack all-in-one refers to a deployment model in which all the OpenStack services are installed and run on a single node, either physical or virtual. This type of deployment is often used for ...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

花小智

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值