CentOS Stream 8 基于 packstacl工具安装 openstack(V版)
文章目录
1.环境表
节点名称 | CPU/内存/磁盘 | IP | 角色 |
---|---|---|---|
controller | 4U/8G/100G | 10.10.0.11/24 | 控制/计算节点 |
compute | 4U/8G/100G | 10.10.0.12/24 | 计算节点 |
2.各节点网卡、防火墙、selinux 设置
controller控制节点 网卡配置:
[root@comtroller ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens160
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes
NAME=ens160
DEVICE=ens160
ONBOOT=yes
IPADDR=10.10.0.11
PREFIX=24
GATEWAY=10.10.0.2
DNS1=8.8.8.8
[root@comtroller ~]#
controller节点 关闭防火墙:
[root@controller ~]# systemctl stop firewalld
[root@controller ~]# systemctl disable firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@controller ~]#
controller节点 关闭selinux:
[root@controller ~]# setenforce 0
[root@controller ~]# cat /etc/selinux/config | grep SELINUX=disabled
SELINUX=disabled
[root@controller ~]#
CentOS 8 版本默认使用 NetworkManager 管理网络,但此服务会和 openstack 网络组件产生冲突,从而导致告警或错误,告警如下:
Warning: NetworkManager is active on comtroller ip, compute ip.
OpenStack networking currently does not work on systems that have the Network Manager service enabled.
所以,这里使用 network 服务管理网络,停用默认使用 NetworkManager 管理网络
安装 network 组件:
[root@controller ~]# yum install -y network-scripts
查看软件包
[root@controller ~]# yum list network-scripts
Last metadata expiration check: 0:00:21 ago on Thu 03 Aug 2023 12:08:48 AM EDT.
Installed Packages
network-scripts.x86_64 10.00.18-1.el8 @baseos
[root@controller ~]#
启用并开机自启 network 服务
[root@controller ~]# systemctl start network
[root@controller ~]# systemctl enable network
network.service is not a native service, redirecting to systemd-sysv-install.
Executing: /usr/lib/systemd/systemd-sysv-install enable network
[root@controller ~]#
停用、开机关闭 NetworkManager 服务
[root@controller ~]# systemctl stop NetworkManager
[root@controller ~]# systemctl disable NetworkManager
Removed /etc/systemd/system/multi-user.target.wants/NetworkManager.service.
Removed /etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service.
Removed /etc/systemd/system/network-online.target.wants/NetworkManager-wait-online.service.
[root@controller ~]#
compute计算节点 网卡配置:
[root@compute ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens160
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes
NAME=ens160
DEVICE=ens160
ONBOOT=yes
IPADDR=10.10.0.12
PREFIX=24
GATEWAY=10.10.0.2
DNS1=8.8.8.8
[root@compute ~]#
compute节点 关闭防火墙:
[root@compute ~]# systemctl stop firewalld
[root@compute ~]# systemctl disable firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@compute ~]#
compute节点 关闭selinux:
[root@compute ~]# setenforce 0
[root@compute ~]# cat /etc/selinux/config | grep SELINUX=disabled
SELINUX=disabled
[root@compute ~]#
compute节点 安装 network 组件:
[root@compute ~]# yum install -y network-scripts
查看软件包
[root@compute ~]# yum list network-scripts
Last metadata expiration check: 0:00:21 ago on Thu 03 Aug 2023 12:08:48 AM EDT.
Installed Packages
network-scripts.x86_64 10.00.18-1.el8 @baseos
[root@comtroller ~]#
启用并开机自启 network 服务
[root@compute ~]# systemctl start network
[root@compute ~]# systemctl enable network
network.service is not a native service, redirecting to systemd-sysv-install.
Executing: /usr/lib/systemd/systemd-sysv-install enable network
[root@compute ~]#
停用、开机关闭 NetworkManager 服务:
[root@compute ~]# systemctl stop NetworkManager
[root@compute ~]# systemctl disable NetworkManager
Removed /etc/systemd/system/multi-user.target.wants/NetworkManager.service.
Removed /etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service.
Removed /etc/systemd/system/network-online.target.wants/NetworkManager-wait-online.service.
[root@comtroller ~]#
3.编辑ip 主机映射表
controller节点:
[root@controller ~]# cat /etc/hosts #再此文件末尾加上对应的映射关系
10.10.0.11controller
10.10.0.12compute [root@comtroller ~]#
将 controller节点 的 hosts文件 拷贝到 compute节点 上
[root@controller ~]# scp /etc/hosts compute:/etc/hosts
The authenticity of host 'compute (10.10.0.12)' can't be established.
ECDSA key fingerprint is SHA256:Ykw1Y3r2JjRrkEkHAMKRo/NE2iB9ybcQroxaXMCgYtM.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes #输入yes
Warning: Permanently added 'compute,10.10.0.12' (ECDSA) to the list of known hosts.
root@compute's password: #输入compute节点密码
hosts 100% 199 19.8KB/s 00:00
[root@controller ~]#
4.各节点安装基础软件包
controller节点:
[root@controller ~]# yum install -y vim bash-completion chrony centos-release-openstack-victoria.noarch
compute节点:
[root@compute ~]# yum install -y vim bash-completion chrony centos-release-openstack-victoria.noarch
5.chrony时间同步服务器:
controller控制节点:
[root@controller ~]# vim /etc/chrony.conf
编辑以下内容:
#pool 2.centos.pool.ntp.org iburst
server ntp.aliyun.com iburst
# Allow NTP client access from local network.
allow 10.10.0.0/24
chrony启动、开机自启服务
[root@controller ~]# systemctl start chronyd
[root@controller ~]# systemctl enable chronyd
查看 ntp_server 状态:
[root@controller ~]# chronyc sourcestats -v
.- Number of sample points in measurement set.
/ .- Number of residual runs with same sign.
| / .- Length of measurement set (time).
| | / .- Est. clock freq error (ppm).
| | | / .- Est. error in freq.
| | | | / .- Est. offset.
| | | | | | On the -.
| | | | | | samples. \
| | | | | | |
Name/IP Address NP NR Span Frequency Freq Skew Offset Std Dev
==============================================================================
203.107.6.88 7 4 200 -6.272 52.365 -199us 1596us
[root@controller ~]#
6.配置各节点的 YUM源
controller控制节点:
[root@controller ~]# mv /etc/yum.repos.d/* /media/ #备份原有的网络yum源
执行以下命令添加 yum 源
注意:
这里所使用的网络源均开启gpgcheck,key在centos-release-openstack-victoria.noarch中包含,可自行关闭gpgcheck
cat <<EOF > /etc/yum.repos.d/aliyun.repo
> [highavailability]
> name=CentOS Stream 8 - HighAvailability
> baseurl=https://mirrors.aliyun.com/centos/8-stream/HighAvailability/x86_64/os/
> gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
> gpgcheck=1
> repo_gpgcheck=0
> metadata_expire=6h
> countme=1
> enabled=1
>
> [nfv]
> name=CentOS Stream 8 - NFV
> baseurl=https://mirrors.aliyun.com/centos/8-stream/NFV/x86_64/os/
> gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
> gpgcheck=1
> repo_gpgcheck=0
> metadata_expire=6h
> countme=1
> enabled=1
>
> [rt]
> name=CentOS Stream 8 - RT
> baseurl=https://mirrors.aliyun.com/centos/8-stream/RT/x86_64/os/
> gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
> gpgcheck=1
> repo_gpgcheck=0
> metadata_expire=6h
> countme=1
> enabled=1
>
> [resilientstorage]
> name=CentOS Stream 8 - ResilientStorage
> baseurl=https://mirrors.aliyun.com/centos/8-stream/ResilientStorage/x86_64/os/
> gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
> gpgcheck=1
> repo_gpgcheck=0
> metadata_expire=6h
> countme=1
> enabled=1
>
> [extras-common]
> name=CentOS Stream 8 - Extras packages
> baseurl=https://mirrors.aliyun.com/centos/8-stream/extras/x86_64/extras-common/
> gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Extras-SHA512
> gpgcheck=1
> repo_gpgcheck=0
> metadata_expire=6h
> countme=1
> enabled=1
>
> [extras]
> name=CentOS Stream $releasever - Extras
> mirrorlist=http://mirrorlist.centos.org/?release=$stream&arch=$basearch&repo=extras&infra=$infra
> #baseurl=http://mirror.centos.org/$contentdir/$stream/extras/$basearch/os/
> baseurl=https://mirrors.aliyun.com/centos/8-stream/extras/x86_64/os/
> gpgcheck=1
> enabled=1
> gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
>
> [centos-ceph-pacific]
> name=CentOS - Ceph Pacific
> baseurl=https://mirrors.aliyun.com/centos/8-stream/storage/x86_64/ceph-pacific/
> gpgcheck=0
> enabled=1
> gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Storage
>
> [centos-rabbitmq-38]
> name=CentOS-8 - RabbitMQ 38
> baseurl=https://mirrors.aliyun.com/centos/8-stream/messaging/x86_64/rabbitmq-38/
> gpgcheck=1
> enabled=1
> gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Messaging
>
> [centos-nfv-openvswitch]
> name=CentOS Stream 8 - NFV OpenvSwitch
> baseurl=https://mirrors.aliyun.com/centos/8-stream/nfv/x86_64/openvswitch-2/
> gpgcheck=1
> enabled=1
> gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-NFV
> module_hotfixes=1
>
> [baseos]
> name=CentOS Stream 8 - BaseOS
> baseurl=https://mirrors.aliyun.com/centos/8-stream/BaseOS/x86_64/os/
> gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
> gpgcheck=1
> repo_gpgcheck=0
> metadata_expire=6h
> countme=1
> enabled=1
>
> [appstream]
> name=CentOS Stream 8 - AppStream
> baseurl=https://mirrors.aliyun.com/centos/8-stream/AppStream/x86_64/os/
> gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
> gpgcheck=1
> repo_gpgcheck=0
> metadata_expire=6h
> countme=1
> enabled=1
>
> [centos-openstack-victoria]
> name=CentOS 8 - OpenStack victoria
> baseurl=https://mirrors.aliyun.com/centos/8-stream/cloud/x86_64/openstack-victoria/
> #baseurl=https://repo.huaweicloud.com/centos/8-stream/cloud/x86_64/openstack-yoga/
> gpgcheck=1
> enabled=1
> gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Cloud
> module_hotfixes=1
>
> [powertools]
> name=CentOS Stream 8 - PowerTools
> #mirrorlist=http://mirrorlist.centos.org/?release=$stream&arch=$basearch&repo=PowerTools&infra=$infra
> baseurl=https://mirrors.aliyun.com/centos/8-stream/PowerTools/x86_64/os/
> gpgcheck=1
> enabled=1
> gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
> EOF
>
清除原有yum缓存
[root@controller ~]# yum clean all
27 files removed
查看已启用的仓库
[root@controller ~]# yum repolist all
repo id repo name status
appstream CentOS Stream 8 - AppStream enabled
baseos CentOS Stream 8 - BaseOS enabled
centos-ceph-pacific CentOS - Ceph Pacific enabled
centos-nfv-openvswitch CentOS Stream 8 - NFV OpenvSwitch enabled
centos-openstack-victoria CentOS 8 - OpenStack victoria enabled
centos-rabbitmq-38 CentOS-8 - RabbitMQ 38 enabled
extras CentOS Stream - Extras enabled
extras-common CentOS Stream 8 - Extras packages enabled
highavailability CentOS Stream 8 - HighAvailability enabled
nfv CentOS Stream 8 - NFV enabled
powertools CentOS Stream 8 - PowerTools enabled
resilientstorage CentOS Stream 8 - ResilientStorage enabled
rt CentOS Stream 8 - RT enabled
生成yum缓存
[root@controller ~]# yum makecache
CentOS Stream 8 - HighAvailability 1.9 MB/s | 5.3 MB 00:02
CentOS Stream 8 - NFV 7.0 MB/s | 14 MB 00:01
CentOS Stream 8 - RT 12 MB/s | 19 MB 00:01
CentOS Stream 8 - ResilientStorage 775 kB/s | 4.9 MB 00:06
CentOS Stream 8 - Extras packages 8.8 kB/s | 6.6 kB 00:00
CentOS Stream - Extras 2.4 kB/s | 18 kB 00:07
CentOS - Ceph Pacific 410 kB/s | 522 kB 00:01
CentOS-8 - RabbitMQ 38 7.0 kB/s | 80 kB 00:11
CentOS Stream 8 - NFV OpenvSwitch 233 kB/s | 252 kB 00:01
CentOS Stream 8 - BaseOS 5.4 MB/s | 41 MB 00:07
CentOS Stream 8 - AppStream 11 MB/s | 31 MB 00:02
CentOS 8 - OpenStack victoria 433 kB/s | 3.3 MB 00:07
CentOS Stream 8 - PowerTools 3.7 MB/s | 6.3 MB 00:01
Metadata cache created.
compute节点配置yum源:
[root@compute ~]# mv /etc/yum.repos.d/* /media/
将 comtroller节点的yum配置文件,拷贝至compute节点中
[root@comtroller ~]# scp /etc/yum.repos.d/aliyun.repo compute:/etc/yum.repos.d/aliyun.repo
7.使用应答文件安装openstack
controller控制节点安装 packstacl 工具:
[root@controller ~]# yum install -y openstack-packstack
生成应答文件:
[root@controller ~]# packstack -h |grep ans
--gen-answer-file=GEN_ANSWER_FILE
Generate a template of an answer file.
--validate-answer-file=VALIDATE_ANSWER_FILE
Check if answerfile contains unexpected options.
--answer-file=ANSWER_FILE
answerfile will also be generated and should be used
-o, --options Print details on options available in answer file(rst
Packstack a second time with the same answer file and
attribute where "y" means an account is disabled.
--manila-netapp-transport-type=MANILA_NETAPP_TRANSPORT_TYPE
The transport protocol used when communicating with
[root@controller ~]# packstack --gen-answer-file=openstack.txt
Packstack changed given value to required value /root/.ssh/id_rsa.pub
Additional information:
* Parameter CONFIG_NEUTRON_L2_AGENT: You have chosen OVN Neutron backend. Note that this backend does not support the VPNaaS plugin. Geneve will be used as the encapsulation method for tenant networks
[root@comtroller ~]#
编辑应答文件:
[root@controller ~]# vim openstack.txt
编辑以下内容:
CONFIG_COMPUTE_HOSTS=10.10.0.11,10.10.0.12
CONFIG_KEYSTONE_ADMIN_PW=password
CONFIG_PROVISION_DEMO=n
CONFIG_HEAT_INSTALL=y
CONFIG_NEUTRON_OVN_BRIDGE_IFACES=br-ex:ens160
注意:
设置参数 CONFIG_NEUTRON_OVN_BRIDGE_IFACES ,OVN 会自动创建 br-ex 虚拟交换机并使 ens160 桥接到 br-ex 虚拟交换机上,未来云主机通过 br-ex 可以连通外部网络
执行应答文件安装:
[root@controller ~]# packstack --answer-file=openstack.txt
Welcome to the Packstack setup utility
The installation log file is available at: /var/tmp/packstack/20230803-011535-gdme9qmo/openstack-setup.log
Installing:
Clean Up [ DONE ]
Discovering ip protocol version [ DONE ]
root@10.10.0.12's password: #输入节点密码
root@10.10.0.11's password: #输入节点密码
Setting up ssh keys [ DONE ]
Preparing servers [ DONE ]
Pre installing Puppet and discovering hosts' details [ DONE ]
Preparing pre-install entries [ DONE ]
Setting up CACERT [ DONE ]
Preparing AMQP entries [ DONE ]
Preparing MariaDB entries [ DONE ]
Fixing Keystone LDAP config parameters to be undef if empty[ DONE ]
Preparing Keystone entries [ DONE ]
Preparing Glance entries [ DONE ]
Checking if the Cinder server has a cinder-volumes vg[ DONE ]
Preparing Cinder entries [ DONE ]
Preparing Nova API entries [ DONE ]
Creating ssh keys for Nova migration [ DONE ]
Gathering ssh host keys for Nova migration [ DONE ]
Preparing Nova Compute entries [ DONE ]
Preparing Nova Scheduler entries [ DONE ]
Preparing Nova VNC Proxy entries [ DONE ]
Preparing OpenStack Network-related Nova entries [ DONE ]
Preparing Nova Common entries [ DONE ]
Preparing Neutron API entries [ DONE ]
Preparing Neutron L3 entries [ DONE ]
Preparing Neutron L2 Agent entries [ DONE ]
Preparing Neutron DHCP Agent entries [ DONE ]
Preparing Neutron Metering Agent entries [ DONE ]
Checking if NetworkManager is enabled and running [ DONE ]
Preparing OpenStack Client entries [ DONE ]
Preparing Horizon entries [ DONE ]
Preparing Swift builder entries [ DONE ]
Preparing Swift proxy entries [ DONE ]
Preparing Swift storage entries [ DONE ]
Preparing Heat entries [ DONE ]
Preparing Heat CloudFormation API entries [ DONE ]
Preparing Gnocchi entries [ DONE ]
Preparing Redis entries [ DONE ]
Preparing Ceilometer entries [ DONE ]
Preparing Aodh entries [ DONE ]
Preparing Puppet manifests [ DONE ]
Copying Puppet modules and manifests [ DONE ]
Applying 10.10.0.11_controller.pp
10.10.0.11_controller.pp: [ DONE ]
Applying 10.10.0.11_network.pp
10.10.0.11_network.pp: [ DONE ]
Applying 10.10.0.12_compute.pp
Applying 10.10.0.11_compute.pp
10.10.0.11_compute.pp: [ DONE ]
10.10.0.12_compute.pp: [ DONE ]
Applying Puppet manifests [ DONE ]
Finalizing [ DONE ]
**** Installation completed successfully ******
Additional information:
* Parameter CONFIG_NEUTRON_L2_AGENT: You have chosen OVN Neutron backend. Note that this backend does not support the VPNaaS plugin. Geneve will be used as the encapsulation method for tenant networks
* Time synchronization installation was skipped. Please note that unsynchronized time on server instances might be problem for some OpenStack components.
* File /root/keystonerc_admin has been created on OpenStack client host 10.10.0.11. To use the command line tools you need to source the file.
* To access the OpenStack Dashboard browse to http://10.10.0.11/dashboard .
Please, find your login credentials stored in the keystonerc_admin in your home directory.
* The installation log file is available at: /var/tmp/packstack/20230803-011535-gdme9qmo/openstack-setup.log
* The generated manifests are available at: /var/tmp/packstack/20230803-011535-gdme9qmo/manifests
8.使用浏览器登录面板测试
http://10.10.0.11/dashboard
http:// ip /dashboard
输入账号密码
默认管理员账号:admin
以及在应答文件中设置的密码