文章目录
- 1.准备工作
- 1.1 安装虚拟机
- 1.2 关闭防火墙
- 1.3 查看IP 并用MobaXterm连接Ubuntu
- 1.4 vim出现问题
- 1.5 配置网络
- 1.6 更新ubuntu中的软件
- 1.7更换安装源
- 1.8 安装时钟同步软件
- 1.9 安装数据库
- 1.10 安装消息队列
- 1.11 安装 Memcached 工具
- 1.12 设置 OpenStack 的安装源,并安装 OpenStack 客户端工具
- 1.13 安装 OpenStack 的认证服务:keystone
- 1.14 初始化 Fernet 密钥存储库:
- 1.15 初始化身份认证服务:
- 1.16 配置 apache:
- 1.17 创建域、项目、keystone 用户和角色
- 3.安装镜像服务:glance
- 4. 安装计算服务:nova
- 5. 检查 cell 和 placement API 是否工作正常。
- 失败信息记录
1.准备工作
1.1 安装虚拟机
1.2 关闭防火墙
Ubuntu 系统进去以后需要自己设置root用户的密码:如下
1.3 查看IP 并用MobaXterm连接Ubuntu
开启Ubuntu的ssh服务
查看ip
MobaXterm连接Ubuntu
连接成功
1.4 vim出现问题
解决:
又遇到新的问题
上面问题解决完毕,继续解决
安装vim工具
1.5 配置网络
vim /etc/network/interfaces
表明 虚拟机连接网络已联通
1.6 更新ubuntu中的软件
apt update -y && apt upgrade -y
1.7更换安装源
vim /etc/apt/sources.list
#deb包
deb http://mirrors.aliyun.com/ubuntu/ xenial main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse
##测试版源
deb http://mirrors.aliyun.com/ubuntu/ xenial-proposed main restricted universe multiverse
# 源码
deb-src http://mirrors.aliyun.com/ubuntu/ xenial main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-backports main restricted universe multiverse
##测试版源
deb-src http://mirrors.aliyun.com/ubuntu/ xenial-proposed main restricted universe multiverse
# Canonical 合作伙伴和附加
deb http://archive.canonical.com/ubuntu/ xenial partner
deb http://extras.ubuntu.com/ubuntu/ xenial main
- 执行更新:
sudo apt-get update
- 复损坏的软件包,尝试卸载出错的包,重新安装正确版本的:
sudo apt-get -f install
- 更新软件:
sudo apt-get upgrade
1.8 安装时钟同步软件
apt install chrony -y
如果安装不了 去掉-y
systemctl restart chrony
1.9 安装数据库
apt install mariadb-server python-pymysql
systemctl restart mysql
mysql_secure_installation
数据库是tttttt
1.10 安装消息队列
apt install rabbitmq-server -y
-
创建消息队列用户 OpenStack,并设置密码 RABBIT_PASS:
-
赋予用户 OpenStack 配置、读、写任何资源的权限:
-
赋予用户 OpenStack 配置、读、写任何资源的权限
1.11 安装 Memcached 工具
apt install memcached python-memcache
vim etc/memcached.conf
1.12 设置 OpenStack 的安装源,并安装 OpenStack 客户端工具
apt install software-properties-common
add-apt-repository cloud-archive:queens
apt update && apt dist-upgrade
apt install python-OpenStackclient
系统显示没有该文件的安装包
所以 我下载了python3的apt install python3-openstackclient
1.13 安装 OpenStack 的认证服务:keystone
1.14 初始化 Fernet 密钥存储库:
root@allone:/# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
root@allone:/# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
1.15 初始化身份认证服务:
root@allone:/# keystone-manage bootstrap --bootstrap-password ADMIN_PASS \
> --bootstrap-admin-url http://allone:5000/v3/ \
> --bootstrap-internal-url http://allone:5000/v3/ \
> --bootstrap-public-url http://allone:5000/v3/ \
> --bootstrap-region-id RegionOne
注意这里不能有空格
1.16 配置 apache:
vim /etc/apache2/apache2.conf
修改serverName为你的主机名
修改完毕进行重启systemctl restart apache2
- 配置 keystone 管理员的环境变量:
root@allone:/# export OS_USERNAME=admin
root@allone:/# export OS_PASSWORD=ADMIN_PASS
root@allone:/# export OS_PROJECT_NAME=admin
root@allone:/# export OS_USER_DOMAIN_NAME=Default
root@allone:/# export OS_PROJECT_DOMAIN_NAME=Default
root@allone:/# export OS_AUTH_URL=http://allone:5000/v3
root@allone:/# export OS_IDENTITY_API_VERSION=3
1.17 创建域、项目、keystone 用户和角色
keystone 中默认存在 default 域,允许创建更多的域,比如下面的命令创建 example 域:
openstack domain create --description "An Example Domain" example
- 在 default 域中创建 service 项目用于存放全部的服务:
openstack project create --domain default --description "Service Project" service
- 创建一个普通项目 demo 和 keystone 用户 demo,用于完成普通的任务:
openstack project create --domain default --description "Demo Project" demo
openstack user create --domain default --password-prompt demo
User Password:DEMO_PASS
openstack role create user
- 完成授权:即在 demo 项目中授予 demo 用户 user 角色。
openstack role add --project demo --user demo user
- (4) 验证 keystone
先删除几个环境变量:
unset OS_AUTH_URL OS_PASSWORD
获取 keystone 管理员的令牌:
openstack --os-auth-url http://allone:5000/v3 \--os-project-domain-name Default --os-user-domain-name Default \--os-project-name admin --os-username admin token issue
Password:ADMIN_PASS
应该是又有问题了。。。
输入的问题 将中间的空格去掉即可
- 创建生成环境变量的脚本文件
- 产生 admin 用户的环境变量的脚本文件 admin-openrc:
vim admin-openrc
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=ADMIN_PASS
export OS_AUTH_URL=http://allone:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
- 产生 demo 用户的环境变量的脚本文件 demo-openrc:
vim demo-openrc
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=DEMO_PASS
export OS_AUTH_URL=http://allone:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
以后就可以“点”执行这些文件来快速产生环境变量,如:
命令“. admin-openrc”就是“点”执行一个脚本文件,这样脚本文件中定义的环境变量
3.安装镜像服务:glance
3.1 创建数据库、数据库用户和授权
root@allone:/# mysql -uroot -pMYSQL_PASS
MariaDB [(none)]> CREATE DATABASE glance;
Query OK, 1 row affected (0.01 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'GLANCE_DBPASS';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY
-> 'GLANCE_DBPASS';
Query OK, 0 rows affected (0.00 sec)
3.2 创建 keystone 用户及授权
root@allone:/# . admin-openrc
root@allone:/# openstack user create --domain default --password-prompt glance
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 8fa55aa56aa8496ea1d2a96bfa98be08 |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
root@allone:/# openstack role add --project service --user glance admin
root@allone:/# openstack service create --name glance --description "OpenStack Image" image
OpenStack 中的服务类型有 compute(计算服务)、image(镜像服务)、identity(身份认证
服务)、volume(卷服务)、network(网络服务)和 placement(计算资源调度)等。
3.3 创建镜像服务的调用端点
root@allone:/# openstack endpoint create --region RegionOne image public http://allone:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | c0f3c24f0d1f4590bac9d0c68227bc40 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | f6d456fcf61e4f9a9edb6d4976366727 |
| service_name | glance |
| service_type | image |
| url | http://allone:9292 |
+--------------+----------------------------------+
root@allone:/# openstack endpoint create --region RegionOne image internal http://allone:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | cf09687c19014d7ba33a483d8c813125 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | f6d456fcf61e4f9a9edb6d4976366727 |
| service_name | glance |
| service_type | image |
| url | http://allone:9292 |
+--------------+----------------------------------+
root@allone:/# openstack endpoint create --region RegionOne image admin http://allone:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 7ae1f129e22141c29f0b0c578db04093 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | f6d456fcf61e4f9a9edb6d4976366727 |
| service_name | glance |
| service_type | image |
| url | http://allone:9292 |
+--------------+----------------------------------+
根据权限的不同,OpenStack 把调用端点(endpoint)分为三类,分别是 public、internal 和
admin。
3.4 安装并配置相关软件
apt install glance -y
vim /etc/glance/glance-api.conf
修改配置文件
[database]
# 配置 glance 服务如何访问数据库。
connection = mysql+pymysql://glance:GLANCE_DBPASS@allone/glance
[glance_store]
# 配置镜像文件格式和存放位置:普通文件(file),存放在/var/lib/glance/images。
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
[keystone_authtoken]
# glance 用户如何访问 keystone。
auth_uri = http://allone:5000
auth_url = http://allone:5000
memcached_servers = allone:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = GLANCE_PASS
[paste_deploy]
flavor = keystone
vim /etc/glance/glance-registry.conf
[database]
# 配置 glance 服务如何访问数据库。
connection = mysql+pymysql://glance:GLANCE_DBPASS@allone/glance
[keystone_authtoken]
# glance 用户如何访问 keystone。
auth_uri = http://allone:5000
auth_url = http://allone:5000
memcached_servers = allone:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = GLANCE_PASS
[paste_deploy]
flavor = keystone
3.5 向数据库中导入 glance 的数据
su -s /bin/sh -c "glance-manage db_sync" glance
3.6 启动 glance 服务
root@allone:/# systemctl restart glance-api
root@allone:/# systemctl restart glance-registry
3.7 验证
root@allone:/# . admin-openrc
把文件 cirros-0.4.0-x86_64-disk.img 下载到当前目录中
root@allone:/# wget http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img
使用刚刚下载的文件创建镜像 cirros。
root@allone:/# openstack image create "cirros" --file cirros-0.4.0-x86_64-disk.img --disk-format qcow2 --container-format bare --public
openstack image list
验证成功 glance 服务成功安装。
4. 安装计算服务:nova
4.1 创建数据库、数据库用户并授权
root@allone:/# mysql -uroot -pMYSQL_PASS
MariaDB [(none)]> CREATE DATABASE nova_api;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> CREATE DATABASE nova;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> CREATE DATABASE nova_cell0;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> Ctrl-C -- exit!
Aborted
4.2 建立 nova 用户及授权
“点”执行脚本程序 admin-openrc,从而输出里面定义的环境变量。如果没有注销 Linux 的用户,环境变量一直存在,也可以不“点”执行。
root@allone:/# . admin-openrc
root@allone:/# openstack user create --domain default --password-prompt nova
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | b04d44a600004c11ac9204841221417f |
| name | nova |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
root@allone:/# openstack role add --project service --user nova admin
root@allone:/# openstack service create --name nova --description "OpenStack Compute" compute
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Compute |
| enabled | True |
| id | c9c8f63125ee4db4a82067ea91ecea4c |
| name | nova |
| type | compute |
+-------------+----------------------------------+
4.3 创建计算服务的调用端点
root@allone:/# openstack endpoint create --region RegionOne compute public http://allone:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | e804e85e383a459a94df09307c85f8ab |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | c9c8f63125ee4db4a82067ea91ecea4c |
| service_name | nova |
| service_type | compute |
| url | http://allone:8774/v2.1 |
+--------------+----------------------------------+
root@allone:/# openstack endpoint create --region RegionOne compute internal http://allone:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | d8fd98e5bb6f42d2b96c53e2961d4335 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | c9c8f63125ee4db4a82067ea91ecea4c |
| service_name | nova |
| service_type | compute |
| url | http://allone:8774/v2.1 |
+--------------+----------------------------------+
root@allone:/# openstack endpoint create --region RegionOne compute admin http://allone:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 613a3699efd14ea09367e51f8966bf20 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | c9c8f63125ee4db4a82067ea91ecea4c |
| service_name | nova |
| service_type | compute |
| url | http://allone:8774/v2.1 |
+--------------+----------------------------------+
4.4 建立 placement 用户及授权
# 在 keystone 中创建用户 placement,密码为 PLACEMENT_PASS。
root@allone:~# openstack user create --domain default --password-prompt placement
User Password:PALCEMENT_PASS
Repeat User Password:PLACEMENT_PASS
# 在 service 项目中给用户 placement 授于管理员权限 admin。
root@allone:~# openstack role add --project service --user placement admin
# 创建服务类型为 placement 的实体 placement。
root@allone:~# openstack service create --name placement --description "Placement API" placement
4.5 创建相应的调用端点
# 为 placement 服务类型创建公开(public)的调用端点。
root@allone:~# openstack endpoint create --region RegionOne placement public http://allone:8778
# 为 placement 服务类型创建内部(internal)的调用端点。
root@allone:~# openstack endpoint create --region RegionOne placement internal http://allone:8778
# 为 placement 服务类型创建管理(admin)的调用端点。
root@allone:~# openstack endpoint create --region RegionOne placement admin http://allone:8778
4.6 安装并配置相关软件
apt install nova-api nova-conductor nova-consoleauth nova-novncproxy nova-scheduler nova-placement-api nova-compute -y
root@allone:~# vim /etc/nova/nova.conf
[DEFAULT]
lock_path = /var/lock/nova
state_path = /var/lib/nova
transport_url = rabbit://OpenStack:RABBIT_PASS@allone
my_ip = 192.168.88.110
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api]
auth_strategy = keystone
[api_database]
connection = mysql+pymysql://nova:NOVA_DBPASS@allone/nova_api
[cells]
enable = False
[database]
connection = mysql+pymysql://nova:NOVA_DBPASS@allone/nova
[glance]
api_servers = http://allone:9292
[keystone_authtoken]
auth_url = http://allone:5000/v3
memcached_servers = allone:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = NOVA_PASS
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://allone:5000/v3
username = placement
password = PLACEMENT_PASS
[vnc]
enabled = true
server_listen = $my_ip
server_proxyclient_address = $my_ip
novncproxy_base_url = http://allone:6080/vnc_auto.html
4.7 向数据库中导入 nova、nova_api、nova_cell0 相关的数据
root@allone:/# su -s /bin/sh -c "nova-manage api_db sync" nova
root@allone:/# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
root@allone:/# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
9a09268f-1089-4a89-949f-373b11f37b47
root@allone:/# su -s /bin/sh -c "nova-manage db sync" nova
/usr/lib/python2.7/dist-packages/pymysql/cursors.py:165: Warning: (1831, u'Duplicate index `block_device_mapping_instance_uuid_virtual_name_device_name_idx`. This is deprecated and will be disallowed in a future release.')
result = self._query(query)
/usr/lib/python2.7/dist-packages/pymysql/cursors.py:165: Warning: (1831, u'Duplicate index `uniq_instances0uuid`. This is deprecated and will be disallowed in a future release.')
result = self._query(query)
root@allone:/# nova-manage cell_v2 list_cells
+-------+--------------------------------------+--------------------------------+---------------------------------------------+
| Name | UUID | Transport URL | Database Connection |
+-------+--------------------------------------+--------------------------------+---------------------------------------------+
| cell0 | 00000000-0000-0000-0000-000000000000 | none:/ | mysql+pymysql://nova:****@allone/nova_cell0 |
| cell1 | 9a09268f-1089-4a89-949f-373b11f37b47 | rabbit://OpenStack:****@allone | mysql+pymysql://nova:****@allone/nova |
+-------+--------------------------------------+--------------------------------+---------------------------------------------+
root@allone:/#
检查 cell0 和 cell1 是否注册成功
4.8 检查机器的 CPU 是否支持虚拟化
egrep -c '(vmx|svm)' /proc/cpuinfo
结果不大0则不支持 虚拟化
4.9 修改文件/etc/nova/novacompute.conf
如果4.8 返回结果大于0 则不用这一步骤
vim /etc/nova/nova-compute.conf
- 重启 nova-compute服务
4.10 把计算节点添加到 cell 数据库
. admin-openrc
openstack compute service list --service nova-compute
这里 出错了 还没找到 未解决
4.11 重启所有 nova 服务。
root@allone:~# systemctl stop nova-api
root@allone:~# systemctl stop nova-consoleauth
root@allone:~# systemctl stop nova-scheduler
root@allone:~# systemctl stop nova-conductor
root@allone:~# systemctl stop nova-novncproxy
root@allone:~# systemctl stop nova-compute
root@allone:~# rm /var/log/nova/*
root@allone:~# systemctl start nova-api
root@allone:~# systemctl start nova-consoleauth
root@allone:~# systemctl start nova-scheduler
root@allone:~# systemctl start nova-conductor
root@allone:~# systemctl start nova-novncproxy
root@allone:~# systemctl start nova-compute
root@allone:~# grep ERROR /var/log/nova/*
最后一条 是查看是否有错误,如果没有错误,不会有输出信息,这里出现了错误,未解决
如果看到上面最后一条命令有输出,说明 nova 的某些服务存在问题,需要根据具体的日
志排查。最常见的错误是 nova-compute 服务与消息队列连接失败。排查的命令有 rabbitmqctl
list_permissions(查看消息队列的用户和权限)、OpenStack user list(列出 keystone 中的用户)、
OpenStack service list(列出 keystone 中的服务)、OpenStack endpoint list(列出全部的调用端
点)。
- 正常的输出:
rabbitmqctl list_permissions
root@allone:/# . admin-openrc
root@allone:/# openstack user list
+----------------------------------+-----------+
| ID | Name |
+----------------------------------+-----------+
| 4d28fdefd67a49bc811f6dbac9564599 | admin |
| 5ab5ab26bafe4789bcffd3d4764715a7 | placement |
| 8fa55aa56aa8496ea1d2a96bfa98be08 | glance |
| b04d44a600004c11ac9204841221417f | nova |
| fe951339813f4378864e2a94ab3d75c5 | demo |
+----------------------------------+-----------+
root@allone:/# openstack service list
+----------------------------------+-----------+-----------+
| ID | Name | Type |
+----------------------------------+-----------+-----------+
| 19bc21c1d08049b588e13fceef043ddd | placement | placement |
| 1edecf602a0c45f5b76c302fe97f1fe9 | nova | compute |
| 2bda37b87d2e460399bea9b0153f98ec | placement | placement |
| 59458f4d0ff54aa3922045141750747e | keystone | identity |
| c9c8f63125ee4db4a82067ea91ecea4c | nova | compute |
| f6d456fcf61e4f9a9edb6d4976366727 | glance | image |
+----------------------------------+-----------+-----------+
root@allone:/# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+-------------------------+
| ID | Region | Service Name | Service Type | Enabled | Interface | URL |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-------------------------+
| 2af5e3cda6e542d2920c9871298d5a48 | RegionOne | placement | placement | True | internal | http://allone:8778 |
| 4125ab95e2d04041a13f7fac7ec2c940 | RegionOne | keystone | identity | True | admin | http://allone:5000/v3/ |
| 5969bd3f8e4244a59561076db11c9bde | RegionOne | placement | placement | True | admin | http://allone:8778 |
| 613a3699efd14ea09367e51f8966bf20 | RegionOne | nova | compute | True | admin | http://allone:8774/v2.1 |
| 7ae1f129e22141c29f0b0c578db04093 | RegionOne | glance | image | True | admin | http://allone:9292 |
| b831d7660dc843f5b56c059d4803ecf8 | RegionOne | placement | placement | True | public | http://allone:8778 |
| bcbc6bcfc79d485dbb160312e0552e4f | RegionOne | keystone | identity | True | internal | http://allone:5000/v3/ |
| c0f3c24f0d1f4590bac9d0c68227bc40 | RegionOne | glance | image | True | public | http://allone:9292 |
| cf09687c19014d7ba33a483d8c813125 | RegionOne | glance | image | True | internal | http://allone:9292 |
| d8fd98e5bb6f42d2b96c53e2961d4335 | RegionOne | nova | compute | True | internal | http://allone:8774/v2.1 |
| e804e85e383a459a94df09307c85f8ab | RegionOne | nova | compute | True | public | http://allone:8774/v2.1 |
| e947c65c6f6740d29c3ab18c9bc8d2c2 | RegionOne | keystone | identity | True | public | http://allone:5000/v3/ |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-------------------------+
# 下面这条命令列出电脑中正在被监听的端口号,必须要包含上面那条命令输出的最后一列中的端口
号。
root@allone:/# netstat -tnulp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:8774 0.0.0.0:* LISTEN 59531/python2
tcp 0 0 0.0.0.0:8775 0.0.0.0:* LISTEN 59531/python2
tcp 0 0 0.0.0.0:9191 0.0.0.0:* LISTEN 15036/python2
tcp 0 0 0.0.0.0:25672 0.0.0.0:* LISTEN 1178/beam.smp
tcp 0 0 192.168.1.167:3306 0.0.0.0:* LISTEN 7699/mysqld
tcp 0 0 192.168.1.167:11211 0.0.0.0:* LISTEN 1171/memcached
tcp 0 0 0.0.0.0:9292 0.0.0.0:* LISTEN 15011/python2
tcp 0 0 0.0.0.0:4369 0.0.0.0:* LISTEN 1396/epmd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1201/sshd
tcp 0 0 127.0.0.1:6010 0.0.0.0:* LISTEN 51747/0
tcp 0 0 127.0.0.1:6011 0.0.0.0:* LISTEN 41663/1
tcp 0 0 127.0.0.1:6013 0.0.0.0:* LISTEN 9462/3
tcp 0 0 0.0.0.0:6080 0.0.0.0:* LISTEN 59637/python2
tcp6 0 0 :::5000 :::* LISTEN 8560/apache2
tcp6 0 0 :::5672 :::* LISTEN 1178/beam.smp
tcp6 0 0 :::8778 :::* LISTEN 8560/apache2
tcp6 0 0 :::80 :::* LISTEN 8560/apache2
tcp6 0 0 :::4369 :::* LISTEN 1396/epmd
tcp6 0 0 :::22 :::* LISTEN 1201/sshd
tcp6 0 0 ::1:6010 :::* LISTEN 51747/0
tcp6 0 0 ::1:6011 :::* LISTEN 41663/1
tcp6 0 0 ::1:6013 :::* LISTEN 9462/3
udp 0 0 0.0.0.0:67 0.0.0.0:* 23021/dnsmasq
udp 0 0 127.0.0.1:323 0.0.0.0:* 1292/chronyd
udp6 0 0 ::1:323 :::* 1292/chronyd
# 列出全部的计算服务。
root@allone:/# openstack compute service list
+----+------------------+--------+----------+---------+-------+----------------------------+
| ID | Binary | Host | Zone | Status | State | Updated At |
+----+------------------+--------+----------+---------+-------+----------------------------+
| 4 | nova-consoleauth | allone | internal | enabled | up | 2021-05-08T12:32:08.000000 |
| 5 | nova-scheduler | allone | internal | enabled | up | 2021-05-08T12:32:08.000000 |
| 6 | nova-conductor | allone | internal | enabled | up | 2021-05-08T12:32:07.000000 |
| 7 | nova-compute | allone | nova | enabled | up | 2021-05-08T12:32:10.000000 |
+----+------------------+--------+----------+---------+-------+----------------------------+
root@allone:/# openstack catalog list
+-----------+-----------+-------------------------------------+
| Name | Type | Endpoints |
+-----------+-----------+-------------------------------------+
| placement | placement | RegionOne |
| | | internal: http://allone:8778 |
| | | RegionOne |
| | | admin: http://allone:8778 |
| | | RegionOne |
| | | public: http://allone:8778 |
| | | |
| nova | compute | |
| placement | placement | |
| keystone | identity | RegionOne |
| | | admin: http://allone:5000/v3/ |
| | | RegionOne |
| | | internal: http://allone:5000/v3/ |
| | | RegionOne |
| | | public: http://allone:5000/v3/ |
| | | |
| nova | compute | RegionOne |
| | | admin: http://allone:8774/v2.1 |
| | | RegionOne |
| | | internal: http://allone:8774/v2.1 |
| | | RegionOne |
| | | public: http://allone:8774/v2.1 |
| | | |
| glance | image | RegionOne |
| | | admin: http://allone:9292 |
| | | RegionOne |
| | | public: http://allone:9292 |
| | | RegionOne |
| | | internal: http://allone:9292 |
| | | |
+-----------+-----------+-------------------------------------+
# 检查 cell 和 placement API 是否工作正常。
root@allone:/# nova-status upgrade check
Option "enable" from group "cells" is deprecated for removal (Cells v1 is being replaced with Cells v2.). Its value may be silently ignored in the future.
+-------------------------------------------------------------------+
| Upgrade Check Results |
+-------------------------------------------------------------------+
| Check: Cells v2 |
| Result: Failure |
| Details: No host mappings found but there are compute nodes. Run |
| command 'nova-manage cell_v2 simple_cell_setup' and then |
| retry. |
+-------------------------------------------------------------------+
| Check: Placement API |
| Result: Failure |
| Details: Placement service credentials do not work. |
+-------------------------------------------------------------------+
| Check: Resource Providers |
| Result: Warning |
| Details: There are no compute resource providers in the Placement |
| service but there are 1 compute nodes in the deployment. |
| This means no compute nodes are reporting into the |
| Placement service and need to be upgraded and/or fixed. |
| See |
| https://docs.openstack.org/nova/latest/user/placement.html |
| for more details. |
+-------------------------------------------------------------------+
| Check: Ironic Flavor Migration |
| Result: Success |
| Details: None |
+-------------------------------------------------------------------+
| Check: API Service Version |
| Result: Success |
| Details: None |
+-------------------------------------------------------------------+
5. 检查 cell 和 placement API 是否工作正常。
5.1 创建数据库、数据库用户和授权
root@allone:~# mysql -uroot -pMYSQL_PASS
MariaDB [(none)]> CREATE DATABASE neutron;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY
'NEUTRON_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY
'NEUTRON_DBPASS';
5.2 建立 keystone 用户及授权
# “点”执行脚本程序 admin-openrc,从而输出里面定义的环境变量。
root@allone:~# . admin-openrc
# 在 keystone 中创建用户 neutron,密码为 NEUTRON_PASS。
root@allone:~# openstack user create --domain default --password-prompt neutron
User Password:NEUTRON_PASS
Repeat User Password:NEUTRON_PASS
# 在 service 项目中给用户 neutron 授于管理员权限 admin。
root@allone:~# openstack role add --project service --user neutron admin
# 创建服务类型为 network 的实体 neutron。
root@allone:~# openstack service create --name neutron --description "OpenStack Networking" network
5.3 创建镜像服务的调用端点
# 为 network 服务类型创建公开(public)的调用端点。
root@allone:~# openstack endpoint create --region RegionOne network public http://allone:9696
# 为 network 服务类型创建内部(internal)的调用端点。
root@allone:~# openstack endpoint create --region RegionOne network internal http://allone:9696
# 为 network 服务类型创建管理(admin)的调用端点。
root@allone:~# openstack endpoint create --region RegionOne network admin http://allone:9696
本实验采用 provider network(供应商网络)模式和 Linux 自带的网桥,所以虚拟机的 ip 地 址就取自物理机所在的局域网。其他的选项还有 self-service network(租户网络)模式、 openvswitch 网桥等。
5.4 安装并配置相关软件
root@allone:~# apt install neutron-server neutron-plugin-ml2 neutron linuxbridge-agent neutron-dhcp-agent
neutron-metadata-agent -y
root@allone:~# vim /etc/neutron/neutron.conf
[DEFAULT]
core_plugin = ml2service_plugins =
transport_url = rabbit://OpenStack:RABBIT_PASS@allone
auth_strategy = keystone
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
[database]
# 配置 neutron 服务如何访问数据库。
connection = mysql+pymysql://neutron:NEUTRON_DBPASS@allone/neutron
[keystone_authtoken]
# neutron 用户如何访问 keystone。
auth_uri = http://allone:5000
auth_url = http://allone:5000
memcached_servers = allone:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = NEUTRON_PASS
[nova]
auth_url = http://allone:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = NOVA_PASS
vim /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
type_drivers = local,flat,vlan
tenant_network_type =
mechanism_drivers = linuxbridge
extension_drivers = port_security
[ml2_type_flat]
flat_networks = my_physical_net
[securitygroup]
enable_ipset = true
配置 linux 桥接
vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = my_physical_net:ens33
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
[vxlan]
enable_vxlan = false
在 provider network 模式下,dhcp 主要用于完成虚拟机访问元数据
root@allone:~# vim /etc/neutron/dhcp_agent.ini
[DEFAULT]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true
配置管理元数据的服务器和访问密码。
root@allone:~# vim /etc/neutron/metadata_agent.ini
[DEFAULT]
nova_metadata_host = allone
metadata_proxy_shared_secret = METADATA_PASS
配置计算服务访问网络服务。
root@allone:~# vim /etc/nova/nova.conf
[neutron]
url = http://allone:9696
auth_url = http://allone:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = NEUTRON_PASS
service_metadata_proxy = true
metadata_proxy_shared_secret = METADATA_PASS
5.5 开启 Linux 内核的桥接功能
确保 Linux 内核参数 net.bridge.bridge-nf-call-iptables、net.bridge.bridge-nf-call-ip6tables 的值为 1。
#如果不为 1,就采用下面的命令修改。
root@allone:~# sysctl -w net.bridge.bridge-nf-call-iptables=1
root@allone:~# sysctl -w net.bridge.bridge-nf-call-ip6tables=1
5.6 向数据库中导入 neutron 的数据
root@allone:~# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file
/etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
5.7 启动有关服务
root@allone:~# systemctl restart nova-api
root@allone:~# systemctl restart nova-compute
root@allone:~# systemctl stop neutron-server
root@allone:~# systemctl stop neutron-linuxbridge-agent
root@allone:~# systemctl stop neutron-dhcp-agent
root@allone:~# systemctl stop neutron-metadata-agent
root@allone:~# rm /var/log/neutron/*
root@allone:~# systemctl start neutron-server
root@allone:~# systemctl start neutron-linuxbridge-agent
root@allone:~# systemctl start neutron-dhcp-agent
root@allone:~# systemctl start neutron-metadata-agent
root@allone:~# openstack network agent list
失败信息记录
1.Job for rabbitmq-server.service failed because the control process exited with
解决 vim ./etc/hosts
在hosts文件中加入一条主机名与ip地址的映射关系