一、环境准备
内存大于2G
磁盘空间大于5G
注:计算节点和控制节点不要在一起
主机名 操作系统 IP地址 备注
controller CentOS-7.4-x86_64 172.16.10.33 控制节点
compute CentOS-7.4-x86_64 172.16.10.35 计算节点
关闭虚拟机防火墙以及selinux
systemctl disable firewalld.service
systemctl stop firewalld.service
vim /etc/sysconfig/selinux
SELINUX=disable //将enforcing修改为disable,永久关闭
setenforce 0
二、搭建openstack
环境准备
在接下来的操作中若无特别说明,则表示在三台主机上均进行相同操作
配置域名解析
修改主机名:
hostnamectl set-hostname 三台虚拟机都要做,然后重启生效
修改所有hosts文件
vim /etc/hosts
172.16.10.33 controller
172.16.10.35 compute
hosts文件内容一致
测试各节点连通性
ping -c 4 openstack.org //是否ping通官网
ping -c 4 compute //各节点间测试
配置阿里云yum源
下载最新yum源
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum -y install epel-release
安装配置NTP服务
在controller节点安装配置chrony
yum install chrony -y
vim /etc/chrony.conf
server controller iburst 所有节点向controller节点同步时间
allow 172.16.10.0/24 设置时间同步网段
systemctl enable chronyd
systemctl restart chronyd
在compute节点安装配置chrony
yum install chrony -y
vim /etc/chrony.conf
server controller iburst
systemctl enable chronyd
systemctl restart chronyd
在cinder节点安装配置chrony
yum install chrony -y
vim /etc/chrony.conf
server controller iburst
systemctl enable chronyd
systemctl restart chronyd
验证时钟同步服务
chronyc sources
启用OpenStack库
yum install centos-release-openstack-queens -y
yum upgrade -y //在主机上升级包
yum install python-openstackclient -y //安装openstack客户端
yum install openstack-selinux -y //安装openstack-selinux,便于自动管理openstack的安全策略
MySQL数据库部署(controller)
软件包安装
yum install mariadb mariadb-server python2-PyMySQL -y
配置文件修改
vim /etc/my.cnf.d/mariadb-server.cnf
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
log-error=/var/log/mariadb/mariadb.log
pid-file=/var/run/mariadb/mariadb.pid
bind-address = 172.16.10.33 //修改为控制节点IP,使其他节点可以通过管理网络访问数据库
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
启动服务并设置为开机自启
systemctl enable mariadb.service
systemctl start mariadb.service
对数据库进行安全加固
mysql_secure_installation
安装配置Messaging server-RabbitMQ
OpenStack使用message queue协调操作和各服务器的状态信息。消息队列服务一般运行在控制节点上。
在controller节点安装RabbitMQ
yum install rabbitmq-server -y
开启服务并设置为开机自启
systemctl enable rabbitmq-server.service
systemctl start rabbitmq-server.service
netstat -ntap | grep 5672
添加openstack用户
如果在添加用户时报错,就检查是否修改了主机名,或者是在之前的操作中修改主机名之后未重启,重启即可解决创建用户报错
rabbitmqctl add_user openstack 123456 创建用户openstack,密码为123456
rabbitmqctl set_permissions openstack ".*" ".*" ".*" 授予新建用户权限
部署memcached服务(controller)
安装软件
yum install memcached python-memcached -y
修改配置文件
vim /etc/sysconfig/memcached
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="64"
OPTIONS="-l 172.16.10.33,::1"
开启服务并设置为开机自启
systemctl enable memcached.service
systemctl start memcached.service
部署etcd服务(controller)
etcd是一个分布式,一致的键值存储,用于共享配置和服务发现,特点是,安全,具有可选客户端证书身份验证的自动TLS;
快速,基准测试10,000次/秒;可靠,使用Raft正确分发。
安装软件
yum install etcd -y
修改配置文件
vim /etc/etcd/etcd.conf
ETCD_INITIAL_CLUSTER
ETCD_INITIAL_ADVERTISE_PEER_URLS
ETCD_ADVERTISE_CLIENT_URLS
ETCD_LISTEN_CLIENT_URLS
#[Member]
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="http://172.16.10.33:2380"
ETCD_LISTEN_CLIENT_URLS="http://172.16.10.33:2379"
ETCD_NAME="controller"
#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://172.16.10.33:2380"
ETCD_ADVERTISE_CLIENT_URLS="http://172.16.10.33:2379"
ETCD_INITIAL_CLUSTER="controller=http://172.16.10.33:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"
ETCD_INITIAL_CLUSTER_STATE="new"
开启服务并设置为开机自启
systemctl enable etcd.service
systemctl start etcd.service
keystone服务的安装配置
在controller节点上操作
配置MySQL数据库及授权
mysql -uroot -p //登陆数据库
CREATE DATABASE keystone; //创建keystone数据库
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '123456';
//授权本地登陆
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '123456';
//授权任意地址登陆
FLUSH PRIVILEGES;
安装软件包
yum install openstack-keystone httpd mod_wsgi -y
修改配置文件(keystone.conf)
vim /etc/keystone/keystone.conf
[database]
connection = mysql&