本文是一篇详尽的OpenStack部署教程,涵盖了从环境准备到各个关键组件的配置,包括Keystone、Glance、Nova、Neutron、Cinder、Dashboard、Designate和Heat的详细步骤。讲解了OpenStack云平台的创建流程,从云主机的诞生过程,到各个服务的安装、配置和验证。适合想要部署OpenStack环境的技术人员参考。
简单讲讲这个鬼东西
简单点来说就是一个云,一个属于自己的云平台,openstack的原版是亚马逊云,可以说openstack就是Rackspace和NASA的抄袭产物。
官方点说一个云平台管理的项目,它不是一个软件。这个项目由几个主要的组件组合起来完成一些具体的工作。帮助服务商和企业内部实现类似于 Amazon ec2和S3的云基础架构服务(Infrastructure as a Service)。 Openstack包括两个主要模块:Nova和 Swift。前者是NASA开发的虚拟服务器部署和业务计算模块;后者是 Backpack开发的分布式云存储模块,两者可以一起用,也可以分开单独用。 Openstack是开源项目,除了有 Rackspace和NASA的大力支持外,后面还有包括Dell、 Citrix、 Cisco Canonical这些重量级公司的贡献和支持,发展速度非常快,有取代另一个业界领先开源云台 Eucalyptus的态势。
抄袭的还能这么火,我也是醉了,没办法谁火就写谁… 嘻嘻~
食用成分
OpenStack覆盖了网络、虚拟化、操作系统、服务器等各个方面。它是一个正在开发中的云计算平台项目,根据成熟及重要程度的不同,被分解成核心项目、孵化项目,以及支持项目和相关项目。每个项目都有自己的委员会和项目技术主管,而且每个项目都不是一成不变的,孵化项目可以根据发展的成熟度和重要性,转变为核心项目。
- 身份服务(Identity Service):Keystone。为OpenStack其他服务提供身份验证、服务规则和服务令牌的功能,管理Domains、Projects、Users、Groups、Roles。自Essex版本集成到项目中。
- 计算(Compute):Nova。一套控制器,用于为单个用户或使用群组管理虚拟机实例的整个生命周期,根据用户需求来提供虚拟服务。负责虚拟机创建、开机、关机、挂起、暂停、调整、迁移、重启、销毁等操作,配置CPU、内存等信息规格。自Austin版本集成到项目中。
- 网络&地址管理(Network):Neutron。提供云计算的网络虚拟化技术,为OpenStack其他服务提供网络连接服务。为用户提供接口,可以定义Network、Subnet、Router,配置DHCP、DNS、负载均衡、L3服务,网络支持GRE、VLAN。插件架构支持许多主流的网络厂家和技术,如OpenvSwitch。自Folsom版本集成到项目中。
- 对象存储(Object Storage):Swift。一套用于在大规模可扩展系统中通过内置冗余及高容错机制实现对象存储的系统,允许进行存储或者检索文件。可为Glance提供镜像存储,为Cinder提供卷备份服务。自Austin版本集成到项目中。
- 镜像服务(Image Service):Glance。一套虚拟机镜像查找及检索系统,支持多种虚拟机镜像格式(AKI、AMI、ARI、ISO、QCOW2、Raw、VDI、VHD、VMDK),有创建上传镜像、删除镜像、编辑镜像基本信息的功能。自Bexar版本集成到项目中。
- 块存储 (Block Storage):Cinder。为运行实例提供稳定的数据块存储服务,它的插件驱动架构有利于块设备的创建和管理,如创建卷、删除卷,在实例上挂载和卸载卷。自Folsom版本集成到项目中。
- UI 界面(Dashboard):Horizon。OpenStack中各种服务的Web管理门户,用于简化用户对服务的操作,例如:启动实例、分配IP地址、配置访问控制等。自Essex版本集成到项目中。
- 测量 (Metering):Ceilometer。像一个漏斗一样,能把OpenStack内部发生的几乎所有的事件都收集起来,然后为计费和监控以及其它服务提供数据支撑。自Havana版本集成到项目中。
- 部署编排 (Orchestration):Heat。提供了一种通过模板定义的协同部署方式,实现云基础设施软件运行环境(计算、存储和网络资源)的自动化部署。自Havana版本集成到项目中。
- 数据库服务(Database Service):Trove。为用户在OpenStack的环境提供可扩展和可靠的关系和非关系数据库引擎服务。自Icehouse版本集成到项目中。
其中最重要的是Keystone、Nova、Neutron,当然还有其他的辅助如:MySQL、RabbitMQ等
云主机的创建流程
为了更好的理解整个OpenStack的框架,理解好一台云主机的诞生过程是极其重要的,这里展开说说
第一阶段
- 用户通过Dashboard UI界面或者命令行(CLI)进行对Openstack操控,但是在操控之前需要向Keystone进行验证,验证成功之后Keystone将返回一个auth_token给用户,用户将拿着auth_token进行下一步操作
- 用户拿着auth_token请求nova_api创建云主机
- nova_api将收到的用户auth_token发送到Keystone进行验证,确保有效,待Keystone验证此令牌有效之后才会进行下一步操作
第二阶段
- nova_api将受到的创建云主机请求记录到nova数据库中,其中包含云主机的信息,如实例CPU大小、内存大小、磁盘空间、镜像的使用等等
- nova_api以rpc_call的方式向RabbitMQ消息队列传递信息,进行队列请求
- nova_scheduler将监听到RabbitMQ消息队列中的nova_api请求
- nova_scheduler接收到RabbitMQ消息队列中的nova_api请求后,将去nova数据库中进行查询相关信息,然后进行调度
- nova_scheduler调度信息确认后,信息会明确哪台nova_compute负责,会将信息发送到RabbitMQ
- nova_compute将监听到RabbitMQ消息队列中的nova_scheduler调度信息
- nova_compute将到nova_conductor询问云主机相关信息,等待回复
- nova_conductor去nova数据库中进行查询相关信息,将信息返回RabbitMQ消息队列中
- nova_compute在RabbitMQ消息队列中获取到nova_conductor的回复消息
第三阶段
- nova_compute向Glance发起api请求,拿取镜像
- Glance将收到的api请求拿去Keystone进行验证,验证完成后将返回镜像信息
- nova_compute向Neutron发起api请求,拿取网络接口
- Neutron将收到的api请求拿去Keystone进行验证,验证完成后将返回接口信息
- nova_compute向Cinder发起api请求,拿取云盘
- Cinder将收到的api请求拿去Keystone进行验证,验证完成后将返回云盘信息
- nova_compute拿取到资源后将调用底层hypervisor生成云主机
- nova_api将在nova_compute创建云主机的时候不断的轮询状态,直至云主机完成
*注:为了防止nova_compute直接访问数据库,所以需要nova_conductor帮忙进行查询
食用教程—环境准备
本教程食用的是Openstack Queens版本,其他版本也大致与之相同
配置控制节点域名解析
[root@openstack ~]# vim /etc/hosts
[root@openstack ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.31.4 openstack.if010.com
192.168.31.5 openstack-node01.if010.com
配置计算节点域名解析
[root@openstack-node01 ~]# vim /etc/hosts
[root@openstack-node01 ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.31.4 openstack.if010.com
192.168.31.5 openstack-node01.if010.com
关闭控制节点selinux和防火墙
[root@openstack ~]# vim /etc/sysconfig/selinux
SELINUX=disabled
SELINUXTYPE=targeted
[root@openstack ~]# systemctl stop firewalld.service
关闭计算节点selinux和防火墙
[root@openstack-node01 ~]# vim /etc/sysconfig/selinux
SELINUX=disabled
SELINUXTYPE=targeted
[root@openstack-node01 ~]# systemctl stop firewalld.service
安装与配置控制节点的时间同步服务
[root@openstack ~]# yum install -y chrony
[root@openstack ~]# vim /etc/chrony.conf
[root@openstack ~]# cat /etc/chrony.conf | grep -v "#" | grep -v "^$"
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst
driftfile /var/lib/chrony/drift
makestep 1.0 3
rtcsync
allow 192.168.31.0/24
logdir /var/log/chrony
[root@openstack ~]# systemctl enable chronyd.service
[root@openstack ~]# systemctl start chronyd.service
[root@openstack ~]# timedatectl set-timezone Asia/Shanghai
[root@openstack ~]# date
2022年 06月 04日 星期六 21:51:55 CST
安装与配置计算节点的时间同步服务
[root@openstack-node01 ~]# yum install -y chrony
[root@openstack-node01 ~]# vim /etc/chrony.conf
[root@openstack-node01 ~]# cat /etc/chrony.conf | grep -v "#" | grep -v "^$"
server openstack.if010.com
[root@openstack-node01 ~]# systemctl enable chronyd.service
[root@openstack-node01 ~]# systemctl start chronyd.service
[root@openstack-node01 ~]# timedatectl set-timezone Asia/Shanghai
[root@openstack-node01 ~]# date
2022年 06月 04日 星期六 21:51:55 CST
在控制节点上执行这个命令验证时间同步服务
[root@openstack ~]# chronyc sources
210 Number of sources = 4
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 139.199.215.251 2 10 375 994 +2175us[+2316us] +/- 18ms
^- time.cloudflare.com 3 10 377 170m +9674us[ +10ms] +/- 75ms
^- a.chl.la 2 10 377 1059 -884us[ -743us] +/- 123ms
^+ time.neu.edu.cn 1 10 377 289 +17ms[ +17ms] +/- 50ms
在计算节点执行命令验证时间同步服务
[root@openstack-node01 ~]# chronyc sources
210 Number of sources = 1
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* openstack.if010.com 3 9 377 421 +15us[ -87us] +/- 15ms
添加yum源
#计算节点
[root@openstack ~]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
[root@openstack ~]# yum install -y centos-release-openstack-queens.noarch
#控制节点
[root@openstack-node01 ~]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
[root@openstack-node01 ~]# yum install -y centos-release-openstack-queens.noarch
安装MySQL数据库服务并配置
[root@openstack ~]# yum install -y mariadb mariadb-server MySQL-python
[root@openstack ~]# cp /usr/share/mysql/my-medium.cnf /etc/my.cnf
[root@openstack ~]# cat /etc/my.cnf | grep -v "#" | grep -v "^$"
[client]
port = 3306
socket = /var/lib/mysql/mysql.sock
[mysqld]
default-storage-engine = innodb #使用innodb引擎
innodb_file_per_table #使用独享的表空间
max_connections = 4096 #设置最大连接数
collation-server = utf8_general_ci #设置校对字符集
init-connect = 'SET NAMES utf8' #设置连接初始化的字符集
character-set-server = utf8 #设置数据库的字符集
port = 3306
socket = /var/lib/mysql/mysql.sock
skip-external-locking
key_buffer_size = 16M
max_allowed_packet = 1M
table_open_cache = 64
sort_buffer_size = 512K
net_buffer_length = 8K
read_buffer_size = 256K
read_rnd_buffer_size = 512K
myisam_sort_buffer_size = 8M
log-bin=mysql-bin
binlog_format=mixed
server-id = 1
[mysqldump]
quick
max_allowed_packet = 16M
[mysql]
no-auto-rehash
[myisamchk]
key_buffer_size = 20M
sort_buffer_size = 20M
read_buffer = 2M
write_buffer = 2M
[mysqlhotcopy]
interactive-timeout
[root@openstack ~]# systemctl enable mariadb.service
[root@openstack ~]# systemctl start mariadb.service
为了保证数据库服务的安全性,运行mysql_secure_installation脚本。特别需要说明的是,为数据库的root用户设置一个适当的密码,可以使用openssl rand -hex 10生成一个10位的密码
[root@openstack ~]# openssl rand -hex 10
38ad89f42d765b1eb3b0
[root@openstack ~]# mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none): #输入root密码,刚刚安装是没有密码的,所以直接回车即可
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] Y #设置root密码
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] Y #是否移除匿名用户
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] Y #是否禁止root远程登录
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] Y #是否移除test数据库
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] Y #是否刷新权限表
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
安装RabbitMQ消息队列并配置
[root@openstack ~]# yum install -y rabbitmq-server
[root@openstack ~]# systemctl enable rabbitmq-server.service
[root@openstack ~]# systemctl start rabbitmq-server.service
[root@openstack ~]# rabbitmqctl add_user openstack 1735e32955b2ef18362e
Creating user "openstack" ...
...done.
[root@openstack ~]# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
Setting permissions for user "openstack" in vhost "/" ...
...done.
#启用web管理模块
[root@openstack ~]# rabbitmq-plugins enable rabbitmq_management
The following plugins have been enabled:
mochiweb
webmachine
rabbitmq_web_dispatch
amqp_client
rabbitmq_management_agent
rabbitmq_management
Plugin configuration has changed. Restart RabbitMQ for changes to take effect.
[root@openstack ~]# systemctl restart rabbitmq-server.service
浏览器访问配置,Admin->Update this user,将openstack用户打上Administrator组标签
http://192.168.31.4:15672
默认管理账号密码: guest/guest
食用教程—KeyStone
创建KeyStone数据库并授权
[root@openstack ~]# openssl rand -hex 10
9b7976d96ef6ecadccce
[root@openstack ~]# mysql -u root -p
MariaDB [(none)]> CREATE DATABASE keystone;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '9b7976d96ef6ecadccce';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '9b7976d96ef6ecadccce';
yum安装KeyStone和Memcached
[root@openstack ~]# yum install -y openstack-keystone python-openstackclient httpd mod_wsgi memcached python-memcached
启动Memcached并设置开机自启
[root@openstack ~]# systemctl enable memcached.service
[root@openstack ~]# systemctl start memcached.service
生成一个admin_token
[root@openstack keystone]# openssl rand -hex 10
58d48e8481d5f01b6ca0
配置keystone.conf文件
[root@openstack ~]# vim /etc/keystone/keystone.conf
[DEFAULT] #定义初始管理令牌的值
admin_token = 58d48e8481d5f01b6ca0
[database] #配置数据库访问
connection = mysql+pymysql://keystone:9b7976d96ef6ecadccce@127.0.0.1/keystone
[revoke] #配置回滚驱动
driver = sql
[token] #配置Fernet UUID令牌的提供者
provider = fernet
初始化身份认证服务的数据库
[root@openstack ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone
初始化Fernet keys
[root@openstack ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
配置Apache HTTP服务器
[root@openstack ~]# vim /etc/httpd/conf/httpd.conf
ServerName controller
[root@openstack ~]# vim /etc/httpd/conf.d/wsgi-keystone.conf
Listen 5000
Listen 35357
<VirtualHost *:5000>
WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-public
WSGIScriptAlias / /usr/bin/keystone-wsgi-public
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
ErrorLogFormat "%{cu}t %M"
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
<Directory /usr/bin>
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:35357>
WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-admin
WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
ErrorLogFormat "%{cu}t %M"
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
<Directory /usr/bin>
Require all granted
</Directory>
</VirtualHost>
启动Apache HTTP并设置开机自启
[root@openstack ~]# systemctl enable httpd.service
[root@openstack ~]# systemctl start httpd.service
设置OpenStack环境变量
[root@openstack ~]# export OS_TOKEN=58d48e8481d5f01b6ca0
[root@openstack ~]# export OS_URL=http://openstack.if010.com:35357/v3
[root@openstack ~]# export OS_IDENTITY_API_VERSION=3
创建服务实体和身份认证服务
[root@openstack ~]# openstack service create --name keystone --description "OpenStack Identity" identity
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Identity |
| enabled | True |
| id | 4ddaae90388b4ebc9d252ec2252d8d10 |
| name | keystone |
| type | identity |
+-------------+----------------------------------+
创建认证服务的 API 端点
[root@openstack ~]# openstack endpoint create --region RegionOne identity public http://openstack.if010.com:5000/v3
+--------------+------------------------------------+
| Field | Value |
+--------------+------------------------------------+
| enabled | True |
| id | 30fff543e7dc4b7d9a0fb13791b78bf4 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 8c8c0927262a45ad9066cfe70d46892c |
| service_name | keystone |
| service_type | identity |
| url | http://openstack.if010.com:5000/v3 |
+--------------+------------------------------------+
[root@openstack ~]# openstack endpoint create --region RegionOne identity internal http://openstack.if010.com:5000/v3
+--------------+------------------------------------+
| Field | Value |
+--------------+------------------------------------+
| enabled | True |
| id | 57cfa543e7dc4b712c0ab137911bc4fe |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 6f8de927262ac12f6066cfe70d99ac51 |
| service_name | keystone |
| service_type | identity |
| url | http://openstack.if010.com:5000/v3 |
+--------------+------------------------------------+
[root@openstack ~]# openstack endpoint create --region RegionOne identity admin http://openstack.if010.com:35357/v3
+--------------+-------------------------------------+
| Field | Value |
+--------------+-------------------------------------+
| enabled | True |
| id | 78c3dfa3e7dc44c98ab1b1379122ecb1 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 34ab3d27262ac449cba6cfe704dbc11f |
| service_name | keystone |
| service_type | identity |
| url | http://openstack.if010.com:35357/v3 |
+--------------+-------------------------------------+
创建default域
[root@openstack ~]# openstack domain create --description "Default Domain" default
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Default Domain |
| enabled | True |
| id | e0353a670a9e496da891347c589539e9 |
| name | default |
+-------------+----------------------------------+
创建admin项目
[root@openstack ~]# openstack project create --domain default --description "Admin Project" admin
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Admin Project |
| domain_id | e0353a670a9e496da891347c589539e9 |
| enabled | True |
| id | 343d245e850143a096806dfaefa9afdc |
| is_domain | False |
| name | admin |
| parent_id | None |
+-------------+----------------------------------+
创建admin用户并设置密码
[root@openstack ~]# openstack user create --domain default --password-prompt admin
User Password:
Repeat User Password:
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | e0353a670a9e496da891347c589539e9 |
| enabled | True |
| id | ac3377633149401296f6c0d92d79dc16 |
| name | admin |
+-----------+----------------------------------+
创建admin角色
[root@openstack ~]# openstack role create admin
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | None |
| id | cd2cb9a39e874ea69e5d4b896eb16128 |
| name | admin |
+-----------+----------------------------------+
添加admin角色到admin项目和用户上
[root@openstack ~]# openstack role add --project admin --user admin admin
创建service项目
[root@openstack ~]# openstack project create --domain default --description "Service Project" service
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Service Project |
| domain_id | e0353a670a9e496da891347c589539e9 |
| enabled | True |
| id | 894cdfa366d34e9d835d3de01e752262 |
| is_domain | False |
| name | service |
| parent_id | None |
+-------------+----------------------------------+
创建demo项目
[root@openstack ~]# openstack project create --domain default --description "Demo Project" demo
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Demo Project |
| domain_id | e0353a670a9e496da891347c589539e9 |
| enabled | True |
| id | ed0b60bf607743088218b0a533d5943f |
| is_domain | False |
| name | demo |
| parent_id | None |
+-------------+----------------------------------+
创建demo用户并设置密码
[root@openstack ~]# openstack user create --domain default --password-prompt demo
User Password:
Repeat User Password:
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | e0353a670a9e496da891347c589539e9 |
| enabled | True |
| id | 58126687cbcc4888bfa9ab73a2256f27 |
| name | demo |
+-----------+----------------------------------+
创建user角色
[root@openstack ~]# openstack role create user
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | None |
| id | 997ce8d05fc143ac97d83fdfb5998552 |
| name | user |
+-----------+----------------------------------+
添加user角色到demo项目和用户
[root@openstack ~]# openstack role add --project demo --user demo user
验证操作
#进行验证作为admin用户,请求认证令牌
[root@openstack ~]# unset OS_TOKEN OS_URL
[root@openstack ~]# openstack --os-auth-url http://openstack.if010.com:35357/v3 --os-project-domain-name default --os-user-domain-name default --os-project-name admin --os-username admin token issue
Password:
+------------+-----------------------------------------------------------------+
| Field | Value |
+------------+-----------------------------------------------------------------+
| expires | 2016-02-12T20:14:07.056119Z |
| id | gAAAAABWvi7_B8kKQD9wdXac8MoZiQldmjEO643d-e_j-XXq9AmIegIbA7UHGPv |
| | atnN21qtOMjCFWX7BReJEQnVOAj3nclRQgAYRsfSU_MrsuWb4EDtnjU7HEpoBb4 |
| | o6ozsA_NmFWEpLeKy0uNn_WeKbAhYygrsmQGA49dclHVnz-OMVLiyM9ws |
| project_id | 343d245e850143a096806dfaefa9afdc |
| user_id | ac3377633149401296f6c0d92d79dc16 |
+------------+-----------------------------------------------------------------+
# 作为demo用户,请求认证令牌
[root@openstack ~]# openstack --os-auth-url http://controller:5000/v3 \
--os-project-domain-name default --os-user-domain-name default \
--os-project-name demo --os-username demo token issue
Password:
+------------+-----------------------------------------------------------------+
| Field | Value |
+------------+-----------------------------------------------------------------+
| expires | 2016-02-12T20:15:39.014479Z |
| id | gAAAAABWvi9bsh7vkiby5BpCCnc-JkbGhm9wH3fabS_cY7uabOubesi-Me6IGWW |
| | yQqNegDDZ5jw7grI26vvgy1J5nCVwZ_zFRqPiz_qhbq29mgbQLglbkq6FQvzBRQ |
| | JcOzq3uwhzNxszJWmzGC7rJE_H0A_a3UFhqv8M4zMRYSbS2YF0MyFmp_U |
| project_id | ed0b60bf607743088218b0a533d5943f |
| user_id | 58126687cbcc4888bfa9ab73a2256f27 |
+------------+-----------------------------------------------------------------+
创建 OpenStack 客户端环境脚本
[root@openstack keystone]# vim admin-openrc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=yy99..
export OS_AUTH_URL=http://openstack.if010.com:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
[root@openstack keystone]# vim demo-openrc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=demo
export 
最低0.47元/天 解锁文章
扫一扫
2291
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
