https://docs.openstack.org/install-guide/environment-sql-database-rdo.html :mariadb 安装目录
https://docs.openstack.org/install-guide/environment-packages-rdo.html :openstack 安装目录
https://docs.openstack.org/install-guide/environment-messaging-rdo.html :安装消息队列 rabbitmq
https://docs.openstack.org/install-guide/environment-memcached-rdo.html :memcached 安装目录
https://docs.openstack.org/keystone/stein/install/keystone-install-rdo.html keystone 安装配置目录
https://docs.openstack.org/glance/stein/install/install-rdo.html :glance安装配置目录
https://docs.openstack.org/glance/stein/install/verify.html :相继glance启动之后的镜像上传
https://docs.openstack.org/glance/stein/install/verify.html :安装wget
管理端 控制节点 服务器端 192.168.40.129(130.131)
安装后,会生成openstack yum源:
yum install centos-release-openstack-stein.noarch
而后管理端和计算节点上安装:
yum install python-openstackclient openstack-selinux
三台主机都要安装
在第三台节点服务器上安装mariadb数据库
yum install mariadb mariadb-server -y
mysql_secure_installation : 数据库初始化设置
vim /etc/my.cnf.d/openstack.cnf
[mysqld]
bind-address = 10.0.0.11
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
设置监听节点
openstack服务 消息对列
yum install rabbitmq-server
创建设置账户名密码
rabbitmqctl add_user openstack opensatck123
rabbitmqctl set_permissions openstack ".*" ".*" ".*" #:设置权限
在控制端安装
yum install python-memcached python2-PyMySQL
在 131(第三台主机) 上 安装 yum install memcached
修改配置文件 并且启动 设置卡机启动
vim /etc/sysconfig/memcached
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="1024"
OPTIONS="-l 0.0.0.1,::1"
systemctl start memcached.service
登录第三台主机 数据库
mysql -uroot -p123 -h127.0.0.1
MariaDB [(none)]> CREATE DATABASE keystone;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'keystone123';
#:在控制端可不可以连接打数据库
控制端:yum install openstack-keystone httpd mod_wsgi
添加/etc/hosts
192.168.40.131 openstack-vip.magedu.net
修改配置文件; /etc/keystone/keystone.conf
[database]
connection = mysql+pymysql://keystone:123@controller/keystone
[token]
# ...
provider = fernet
# :会生成两个key文件
# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
修改httpd配置文件:ServerName 192.168.40.129:80
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/ :配置软链接
初始化数据库:su -s /bin/sh -c “keystone-manage db_sync” keystone
openssl rand -hex 10 生成一个值写入 /etck/eystone/keystone.conf : admin_token
然后 :su -s /bin/sh -c “keystone-manage db_sync” keystone
修改 :/etc/keystone/keystone.conf
生成环境变量:
生成 admin_token:openssl rand -hex 10
export OS_TOKEN=6ccd632051e5e42d7b9a
export OS_URL=http://192.168.40.129:5000/v3
export OS_IDENTITY_API_VERSION=3
创建域:
openstack domain create --description "Default Domain" default
創建admin项目
openstack project create --domain default --description “Admin Project” admin
创建密码:openstack user create --domain default --password-prompt admin
创建角色:openstack role create admin
授权:openstack role add --project admin --user admin admin
创建demo项目
openstack project create --domain default --description “Demo Project” demo
设置密码:openstack user create --domain default --password-prompt demo
把demo设置成demo项目的user账户:openstack role create user
openstack role add --project demo --user demo user
创建service
openstack project create --domain default --description “Service Project” service
创建一个keystone认证服务
openstack service create --name keystone --description “Openstack Identity” identity
OpenStack service list (查看)
創建:
openstack endpoint create --region RegionOne identity public http://openstack-vip.magedu.net:5000/v3
openstack endpoint create --region RegionOne identity admin http://openstack-vip.magedu.net:5000/v3
openstack endpoint create --region RegionOne identity internal http://openstack-vip.magedu.net:5000/v3
openstack endpoint list(查看必須全部都是五千端口)
openstack endpoint delete 1a50bab6b09642ee9a6ef9f8f1cdc38c (可刪除ID)
打开一个新的xhell 窗口:
测试keystone是否可以做用户验证:
(1)定义变量: export OS_IDENTITY_API_VERSION=3
openstack --os-auth-url http://openstack-vip.magedu.net:5000/v3 --os-project-domain-name Default --os-user-domain-name Default --os-project-name admin --os-username admin token issue
在root下创建 scrippts目录 :
mkdir scripts
cd scripts/
vim admin-stien.sh
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=ADMIN_PASS
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
vim demo-stein.sh
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=myproject
export OS_USERNAME=myuser
export OS_PASSWORD=MYUSER_PASS
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
source scripts/admin-stein.sh
source scripts/demo-stein.sh
openstack token issue
glanc
在第三台服务器的数据库:
CREATE DATABASE glance;
節點服務器數據庫創建:GRANT ALL PRIVILEGES ON glance.* TO ‘glance’@’%’ IDENTIFIED BY ‘glance123’;
必须在控制端连接成功
创建glance账号密码
source 、scipts/admin-stein.sh
:openstack user create --domain default --password-prompt glance
共用项目:
openstack role add --project service --user glance admin
给service这个项目设置glance 给他分配一个admin角色
创建service实际:openstack service create --name glance
–description “OpenStack Image” image
注册后端api:
openstack endpoint create --region RegionOne image public http://openstack-vip.magedu.net:9292
openstack endpoint create --region RegionOne image internal http://openstack-vip.magedu.net:9292
openstack endpoint create --region RegionOne image admin http://openstack-vip.magedu.net:9292
安装:
yum install openstack-glance
在控制端和第三台服务器上安装
yum install nfs-utils
在第三台创建共享文件
mkdir /data/openstack/image *
vim /etc/exports
/data/openstack/image *(rw,no_root_squash)
修改配置文件:
vim /etc/glance/glance-api.conf
[database]
# ...
connection = mysql+pymysql://glance:glance123@openstack-vip.magedu.net/glance
[keystone_authtoken]
# ...
www_authenticate_uri = http://openstack-vip.magedu.net:5000
auth_url = http://openstack-vip.magedu.net:5000
memcached_servers = openstack-vip.magedu.net:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = glance123
[paste_deploy]
# ...
flavor = keystone
[glance_store]
# ...
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
vim /etc/glance/glance-registry.conf
[database]
# ...
connection = mysql+pymysql://glance:glance123@openstack-vip.mageud.net/glance
[keystone_authtoken]
# ...
www_authenticate_uri = http://openstack-vip.magedu.net:5000
auth_url = http://openstack-vip.magedu.net:5000
memcached_servers = openstack-vip.magedu.net:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = glance123
[paste_deploy]
# ...
flavor = keystone
取消注释 : 1795行 92%:
# flavor = keystone
初始化数据库:su -s /bin/sh -c "glance-manage db_sync" glance
启动:
systemctl start openstack-glance-api.service openstack-glance-registry.service
然后:先停止glance服务 挂载 在启动
挂载 131主机目录到控制端:mount -t nfs 192.168.40.131:/data/openstack/image /var/lib/glance/images
挂载至文件/etc/fstab
192.168.40.131:/data/openstack/image /var/lib/glance/images nfs defaults,_netdev 0 0
# :当挂载到网络的话 要加defaults,_netdev 不然挂不上
chown glance.glance /var/lib/glance/images/ -R
在控制端:
wget http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img