注:OpenStack-T官网地址:Environment — Installation Guide documentation
我这里采用的时billbill的视频教程,详情地址:
openstack-T版搭建运维全套视频_哔哩哔哩_bilibili
开始安装
准备两台虚拟机,我这里用的是两台centos7版本的
- 控制节点: 1 处理器, 4 GB 内存, 及5 GB 存储
- 计算节点: 1 处理器, 2 GB 内存, 及10 GB 存储
每台虚拟机准备两张网卡:
我两台都用的nat模式,其他模式也可尝试下,这里就先用nat
1、配置网络
计算节点:compute1
控制节点:controller
2、修改hostname(两边都要)
vim /etc/hostname
将原内容删掉
在两个节点分别对应着改名:
controller、和compute1
# vim /etc/hosts
因为一些发行版本在``/etc/hosts``文件中添加了附加条目解析实际主机名到另一个IP地址如 127.0.1.1
。为了防止域名解析问题,你必须注释或者删除这些条目。不要删除127.0.0.1条目。
# controller
10.0.0.11 controller
# compute1
10.0.0.31 compute1
3、测试连通性
从 controller 节点,测试到*compute* 节点管理网络是否连通:
# ping -c 4 compute1
PING compute1 (10.0.0.31) 56(84) bytes of data.
64 bytes from compute1 (10.0.0.31): icmp_seq=1 ttl=64 time=0.263 ms
64 bytes from compute1 (10.0.0.31): icmp_seq=2 ttl=64 time=0.202 ms
64 bytes from compute1 (10.0.0.31): icmp_seq=3 ttl=64 time=0.203 ms
64 bytes from compute1 (10.0.0.31): icmp_seq=4 ttl=64 time=0.202 ms
--- compute1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3000ms
rtt min/avg/max/mdev = 0.202/0.217/0.263/0.030 ms
从 compute 节点,测试到*controller* 节点管理网络是否连通:
# ping -c 4 controller
PING controller (10.0.0.11) 56(84) bytes of data.
64 bytes from controller (10.0.0.11): icmp_seq=1 ttl=64 time=0.263 ms
64 bytes from controller (10.0.0.11): icmp_seq=2 ttl=64 time=0.202 ms
64 bytes from controller (10.0.0.11): icmp_seq=3 ttl=64 time=0.203 ms
64 bytes from controller (10.0.0.11): icmp_seq=4 ttl=64 time=0.202 ms
--- controller ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3000ms
rtt min/avg/max/mdev = 0.202/0.217/0.263/0.030 ms
再分别ping www.baidu.com测试是否嫩连接到Internet
4、关闭selinux、防火墙(两边都要)
进入 /etc/selinux/config,将此处修改为disabled
关闭防火墙
# systemctl stop firewalld
# systemctl disable firewalld
再使用setenforce 0 彻底关闭selinux
可以使用getenforce查看
5、使用yum命令查看OpenStack文件
[root@localhost ~]# yum list | grep openstack*
ansible-openstack-modules.noarch 0-20140902git79d751a.el7 epel
centos-release-openstack-queens.noarch 1-2.el7.centos extras
centos-release-openstack-rocky.noarch 1-1.el7.centos extras
centos-release-openstack-stein.noarch 1-1.el7.centos extras
centos-release-openstack-train.noarch 1-1.el7.centos extras
resalloc-openstack.noarch 8-1.el7 epel
这里可以看到这里有自带的OpenStack各个版本,我们这里安装t版
(两边都可以查的到)
6、配置时间服务器
控制节点:
安装软件包:
# yum install chrony
编辑“/etc/chrony.conf”文件并在你的环境需要的情况下增加、修改或者删除这些键zhe
这里用的是阿里云的,比官方给的快点
将原有的server删掉,加上阿里云的时间服务器
将allow那儿改成allow all
将local stratum 10的注释去掉
启动 时间 服务并将其配置为随系统启动:
# systemctl enable chronyd.service
# systemctl start chronyd.service
# systemctl restart chronyd
# systemctl status chronyd 查看时间服务器的状态
● chronyd.service - NTP client/server
Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)
Active: active (running) since 二 2022-03-29 15:08:14 CST; 7s ago
Docs: man:chronyd(8)
man:chrony.conf(5)
Process: 5262 ExecStartPost=/usr/libexec/chrony-helper update-daemon (code=exited, status=0/SUCCESS)
Process: 5258 ExecStart=/usr/sbin/chronyd $OPTIONS (code=exited, status=0/SUCCESS)
Tasks: 1
CGroup: /system.slice/chronyd.service
└─5260 /usr/sbin/chronyd
3月 29 15:08:14 localhost systemd[1]: Starting NTP client/server...
3月 29 15:08:14 localhost chronyd[5260]: chronyd version 3.4 starting (+CMDMON +N...G)
3月 29 15:08:14 localhost chronyd[5260]: Frequency 42.500 +/- 0.693 ppm read from...ft
3月 29 15:08:14 localhost systemd[1]: Permission denied while opening PID file or...id
3月 29 15:08:14 localhost systemd[1]: Started NTP client/server.
3月 29 15:08:18 localhost chronyd[5260]: Selected source 10.0.0.11
Hint: Some lines were ellipsized, use -l to show in full.
出现以上结果即为成功
[root@localhost ~]# chronyc sources -v
210 Number of sources = 1
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 203.107.6.88 2 6 17 62 -543us[-1237us] +/- 34ms
再使用chronyc sources -v去查看是否同步阿里云时间,上图即为成功!
计算节点 :
安装软件包:
# yum install chrony
编辑``/etc/chrony.conf`` 文件并删除原有的``server`` 内容。
修改它去解析控制节点:
其他的不用改
启动 时间 服务并将其配置为随系统启动
# systemctl enable chronyd.service
# systemctl start chronyd.service
# systemctl restart chronyd
# systemctl status chronyd 查看时间服务器的状态
● chronyd.service - NTP client/server
Loaded: loaded (/usr/lib/systemd/system/chronyd.service; enabled; vendor preset: enabled)
Active: active (running) since 二 2022-03-29 15:08:14 CST; 8min ago
Docs: man:chronyd(8)
man:chrony.conf(5)
Process: 5262 ExecStartPost=/usr/libexec/chrony-helper update-daemon (code=exited, status=0/SUCCESS)
Process: 5258 ExecStart=/usr/sbin/chronyd $OPTIONS (code=exited, status=0/SUCCESS)
Tasks: 1
CGroup: /system.slice/chronyd.service
└─5260 /usr/sbin/chronyd
3月 29 15:08:14 localhost systemd[1]: Starting NTP client/server...
3月 29 15:08:14 localhost chronyd[5260]: chronyd version 3.4 starting (+CMDMON +N...G)
3月 29 15:08:14 localhost chronyd[5260]: Frequency 42.500 +/- 0.693 ppm read from...ft
3月 29 15:08:14 localhost systemd[1]: Permission denied while opening PID file or...id
3月 29 15:08:14 localhost systemd[1]: Started NTP client/server.
3月 29 15:08:18 localhost chronyd[5260]: Selected source 10.0.0.11
Hint: Some lines were ellipsized, use -l to show in full.
再使用chronyd sources -v去查看同步状态,同步到控制节点即为成功!
[root@localhost ~]# chronyc sources -v
210 Number of sources = 1
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* controller 3 6 377 23 +463us[ +835us] +/- 34ms
如果未同步成功执行以下命令:
# systemctl restart chronyd.service
再去验证即可
7、启用 OpenStack 存储库
千万不能配置epel源,因为有些包可能有冲突
yum install centos-release-openstack-train -y #两边都要
安装完后可以看见,在yum.repos.d中多了很多文件
[root@localhost ~]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# ll
总用量 52
-rw-r--r--. 1 root root 1664 9月 5 2019 CentOS-Base.repo
-rw-r--r--. 1 root root 956 6月 19 2019 CentOS-Ceph-Nautilus.repo
-rw-r--r--. 1 root root 1309 9月 5 2019 CentOS-CR.repo
-rw-r--r--. 1 root root 649 9月 5 2019 CentOS-Debuginfo.repo
-rw-r--r--. 1 root root 314 9月 5 2019 CentOS-fasttrack.repo
-rw-r--r--. 1 root root 630 9月 5 2019 CentOS-Media.repo
-rw-r--r--. 1 root root 717 3月 24 2020 CentOS-NFS-Ganesha-28.repo
-rw-r--r--. 1 root root 1290 10月 23 2019 CentOS-OpenStack-train.repo
-rw-r--r--. 1 root root 612 2月 1 2019 CentOS-QEMU-EV.repo
-rw-r--r--. 1 root root 1331 9月 5 2019 CentOS-Sources.repo
-rw-r--r--. 1 root root 353 7月 31 2018 CentOS-Storage-common.repo
-rw-r--r--. 1 root root 6639 9月 5 2019 CentOS-Vault.repo
为您的版本安装适当的 OpenStack 客户端,并安装 openstack-selinux
软件包以自动管理 OpenStack 服务的安全策略:
# yum install python-openstackclient openstack-selinux -y #两边都要
8、安装SQL数据库
数据库通常在控制器节点上运行
按照软件包:
yum install mariadb mariadb-server python2-PyMySQL
创建和编辑/etc/my.cnf.d/openstack.cnf
文件
[mysqld]
bind-address = 10.0.0.11 #也可以使用域名controller
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
在启动数据库服务并加入开机项
# systemctl enable mariadb.service
Created symlink from /etc/systemd/system/mysql.service to /usr/lib/systemd/system/mariadb.service.
Created symlink from /etc/systemd/system/mysqld.service to /usr/lib/systemd/system/mariadb.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
# systemctl start mariadb.service
mysql_secure_installation
通过运行脚本保护数据库服务,具体而言,请为数据库帐户选择合适的密码
# mysql_secure_installation
[root@localhost yum.repos.d]# mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
会显示叫你输入密码,因为安装时我们并没有设置密码,所以我们之间按enter键
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n]
接着会问你是否要设置密码,直接y
我这里设置123
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n]
又问是否要移除匿名用户,我们选择移除
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n]
问是否不允许其他用户登录,这里选n,选y则其他用户登录不上
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
问是否要移除test数据库,这里选择移除
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n]
又问是否重新加载特权表,选择是
用命令测试SQL
[root@localhost yum.repos.d]# mysql -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 16
Server version: 10.3.20-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]>
MariaDB [(none)]> quit
Bye
9、安装消息队列
在控制节点上安装
安装包:
# yum install rabbitmq-server
启动消息队列服务并将其配置为在系统启动时启动:
# systemctl enable rabbitmq-server.service
Created symlink from /etc/systemd/system/multi-user.target.wants/rabbitmq-server.service to /usr/lib/systemd/system/rabbitmq-server.service.
# systemctl start rabbitmq-server.service
用systemctl status rabbitmq-server.service查看服务状态
如出现fail,请参考下面的解决方法:
添加OpenStack用户并设置密码
# rabbitmqctl add_user openstack 后面接密码 #建议自己设置密码
[root@localhost ~]# rabbitmqctl add_user openstack openstack123
Creating user "openstack"
我这里设置openstack123
如果出现Error: unable to connect to node rabbit@localhost: nodedown
解决方法:解决RabbitMQ报错 Error: unable to connect to node rabbit@localhost: nodedown_梦回西游戏天真~的博客-CSDN博客
可以参考其他博主的解决方法
允许用户进行配置、写入和读取访问 openstack
:
# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
设置权限,直接设置最大化权限即可
然后可以使用
[root@localhost yum.repos.d]# rabbitmqctl list_users
Listing users
openstack []
guest [administrator]
查看是否创建用户成功(administrator为超级用户)
使用rabbitmq-plugins list查看所有服务
[root@localhost yum.repos.d]# rabbitmq-plugins list
Configured: E = explicitly enabled; e = implicitly enabled
| Status: * = running on rabbit@localhost
|/
[ ] amqp_client 3.6.16
[ ] cowboy 1.0.4
[ ] cowlib 1.0.2
[ ] rabbitmq_amqp1_0 3.6.16
[ ] rabbitmq_auth_backend_ldap 3.6.16
[ ] rabbitmq_auth_mechanism_ssl 3.6.16
[ ] rabbitmq_consistent_hash_exchange 3.6.16
[ ] rabbitmq_event_exchange 3.6.16
[ ] rabbitmq_federation 3.6.16
[ ] rabbitmq_federation_management 3.6.16
[ ] rabbitmq_jms_topic_exchange 3.6.16
[ ] rabbitmq_management 3.6.16
[ ] rabbitmq_management_agent 3.6.16
[ ] rabbitmq_management_visualiser 3.6.16
[ ] rabbitmq_mqtt 3.6.16
[ ] rabbitmq_random_exchange 3.6.16
[ ] rabbitmq_recent_history_exchange 3.6.16
[ ] rabbitmq_sharding 3.6.16
[ ] rabbitmq_shovel 3.6.16
[ ] rabbitmq_shovel_management 3.6.16
[ ] rabbitmq_stomp 3.6.16
[ ] rabbitmq_top 3.6.16
[ ] rabbitmq_tracing 3.6.16
[ ] rabbitmq_trust_store 3.6.16
[ ] rabbitmq_web_dispatch 3.6.16
[ ] rabbitmq_web_mqtt 3.6.16
[ ] rabbitmq_web_mqtt_examples 3.6.16
[ ] rabbitmq_web_stomp 3.6.16
[ ] rabbitmq_web_stomp_examples 3.6.16
[ ] sockjs 0.3.4
使用下面的命令开启图形化界面:
# rabbitmq-plugins enable rabbitmq_management rabbitmq_management_agent
The following plugins have been enabled:
amqp_client
cowlib
cowboy
rabbitmq_web_dispatch
rabbitmq_management_agent
rabbitmq_management
Applying plugin configuration to rabbit@localhost... started 6 plugins.
开启后我们可以访问下消息管理系统的图形界面
[root@localhost yum.repos.d]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 127.0.0.1:631 *:*
LISTEN 0 128 *:15672 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 *:25672 *:*
LISTEN 0 128 10.0.0.11:3306 *:*
LISTEN 0 128 *:111 *:*
LISTEN 0 128 *:4369 *:*
LISTEN 0 5 192.168.122.1:53 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 128 [::1]:631 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
LISTEN 0 128 [::]:5672 [::]:*
LISTEN 0 128 [::]:111 [::]:*
LISTEN 0 128 [::]:22 [::]:*
[root@localhost yum.repos.d]# hostname -I
10.0.0.11 192.168.132.130 192.168.122.1
在网页中访问http://192.168.132.130:15672/#/(ip加端口号)
可以进入,账号密码都是guest
10、配置缓存
在控制节点中配置
# yum install memcached python-memcached
编辑/etc/sysconfig/memcached
文件
# vim /etc/sysconfig/memcached
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="1024"
OPTIONS="-l 127.0.0.1,::1,controller"
启动 Memcached 服务并将其配置为在系统启动时启动
# systemctl enable memcached.service
# systemctl start memcached.service
用命令查看是否开启
[root@localhost yum.repos.d]# systemctl status memcached.service
● memcached.service - memcached daemon
Loaded: loaded (/usr/lib/systemd/system/memcached.service; enabled; vendor preset: disabled)
Active: active (running) since 二 2022-03-29 16:46:54 CST; 3min 5s ago
Main PID: 62598 (memcached)
Tasks: 10
CGroup: /system.slice/memcached.service
└─62598 /usr/bin/memcached -p 11211 -u memcached -m 1024 ...
3月 29 16:46:54 controller systemd[1]: Started memcached daemon.
11、etcd暂时不需要装
在目前的学习阶段不用到etcd