测试环境
节点 | 网卡1(vm1) | 网卡2(vm8) | 内存CPU |
---|---|---|---|
controller | 192.168.100.10 | 192.168.200.10 | 5G 6CPU |
compute | 192.168.100.20 | 192.168.200.20 | 8G 8CPU |
部署过程
环境准备
修改主机名称
[root@localhost ~]# hostnamectl set-hostname controller
[root@localhost ~]# hostnamectl set-hostname compute
关闭防火墙selinux
controller 和 compute节点操作一致
[root@controller ~]# systemctl stop firewalld
[root@controller ~]# systemctl disable firewalld
[root@controller ~]# vi /etc/selinux/config
......
SELINUX=disabled
......
[root@controller ~]# setenforce 0
修改本地hosts文件
[root@controller ~]# vi /etc/hosts
192.168.100.10 controller
192.168.100.20 compute
发送到compute节点
[root@controller ~]# scp /etc/hosts root@compute:/etc/hosts
配置本地yum源
在controller节点上传如下两个镜像
XianDian-IaaS-v2.2.iso
CentOS-7-x86_64-DVD-1511.iso
创建对应的目录然后进行挂载操作
[root@controller ~]# mkdir /opt/centos
[root@controller ~]# mkdir /opt/iaas
[root@controller ~]# mount -o loop CentOS-7-x86_64-DVD-1511.iso /opt/centos/
mount: /dev/loop0 is write-protected, mounting read-only
[root@controller ~]# mount -o loop XianDian-IaaS-v2.2.iso /opt/iaas/
mount: /dev/loop1 is write-protected, mounting read-only
配置yum源
[root@controller ~]# rm -rf /etc/yum.repos.d/*
[root@controller ~]# vi /etc/yum.repos.d/local.repo
[centos]
name=centos
baseurl=file:///opt/centos
gpgcheck=0
enabled=1
[iaas]
name=iaas
baseurl=file:///opt/iaas/iaas-repo
gpgcheck=0
enabled=1
安装vsftpd服务
[root@controller ~]# yum install -y vsftpd
[root@controller ~]# vi /etc/vsftpd/vsftpd.conf
anon_root=/opt
[root@controller ~]# systemctl start vsftpd
[root@controller ~]# systemctl enable vsftpd
compute节点配置yum源
[root@compute ~]# rm -rf /etc/yum.repos.d/*
[root@compute ~]# vi /etc/yum.repos.d/ftp.repo
[centos]
name=centos
baseurl=ftp://controller/centos
gpgcheck=0
enabled=1
[iaas]
name=iaas
baseurl=ftp://controller/iaas/iaas-repo
gpgcheck=0
enabled=1
[root@compute ~]# yum repolist
Loaded plugins: fastestmirror
centos | 3.6 kB 00:00:00
iaas | 2.9 kB 00:00:00
(1/3): centos/group_gz | 155 kB 00:00:00
(2/3): iaas/primary_db | 2.3 MB 00:00:00
(3/3): centos/primary_db | 2.8 MB 00:00:00
Determining fastest mirrors
repo id repo name status
centos centos 3,723
iaas iaas 1,688
repolist: 5,411
安装环境变量脚本
controller节点操作
安装两个节点都要执行
[root@controller ~]# yum install -y iaas-xiandian
[root@controller ~]# sed -i 's/^.//g' /etc/xiandian/openrc.sh
[root@controller ~]# sed -i 's/PASS=/PASS=000000/g' /etc/xiandian/openrc.sh
然后编辑脚本文件
[root@controller ~]# vi /etc/xiandian/openrc.sh
#--------------------system Config--------------------##
#Controller Server Manager IP. example:x.x.x.x
HOST_IP=192.168.100.10
#Controller Server hostname. example:controller
HOST_NAME=controller
#Compute Node Manager IP. example:x.x.x.x
HOST_IP_NODE=192.168.100.20
#Compute Node hostname. example:compute
HOST_NAME_NODE=compute
#--------------------Rabbit Config ------------------##
#user for rabbit. example:openstack
RABBIT_USER=openstack
#Password for rabbit user .example:000000
RABBIT_PASS=000000
#--------------------MySQL Config---------------------##
#Password for MySQL root user . exmaple:000000
DB_PASS=000000
#--------------------Keystone Config------------------##
#Password for Keystore admin user. exmaple:000000
DOMAIN_NAME=demo
ADMIN_PASS=000000
DEMO_PASS=000000
#Password for Mysql keystore user. exmaple:000000
KEYSTONE_DBPASS=000000
#--------------------Glance Config--------------------##
#Password for Mysql glance user. exmaple:000000
GLANCE_DBPASS=000000
#Password for Keystore glance user. exmaple:000000
GLANCE_PASS=000000
#--------------------Nova Config----------------------##
#Password for Mysql nova user. exmaple:000000
NOVA_DBPASS=000000
#Password for Keystore nova user. exmaple:000000
NOVA_PASS=000000
#--------------------Neturon Config-------------------##
#Password for Mysql neutron user. exmaple:000000
NEUTRON_DBPASS=000000
#Password for Keystore neutron user. exmaple:000000
NEUTRON_PASS=000000
#metadata secret for neutron. exmaple:000000
METADATA_SECRET=000000
#External Network Interface. example:eth1
INTERFACE_NAME=eth1
#First Vlan ID in VLAN RANGE for VLAN Network. exmaple:101
minvlan=101
#Last Vlan ID in VLAN RANGE for VLAN Network. example:200
maxvlan=200
#--------------------Cinder Config--------------------##
#Password for Mysql cinder user. exmaple:000000
CINDER_DBPASS=000000
#Password for Keystore cinder user. exmaple:000000
CINDER_PASS=000000
#Cinder Block Disk. example:md126p3
BLOCK_DISK=sdb1
#--------------------Trove Config--------------------##
#Password for Mysql Trove User. exmaple:000000
TROVE_DBPASS=000000
#Password for Keystore Trove User. exmaple:000000
TROVE_PASS=000000
#--------------------Swift Config---------------------##
#Password for Keystore swift user. exmaple:000000
SWIFT_PASS=000000
#The NODE Object Disk for Swift. example:md126p4.
OBJECT_DISK=sdb2
#The NODE IP for Swift Storage Network. example:x.x.x.x.
STORAGE_LOCAL_NET_IP=192.168.100.20
#--------------------Heat Config----------------------##
#Password for Mysql heat user. exmaple:000000
HEAT_DBPASS=000000
#Password for Keystore heat user. exmaple:000000
HEAT_PASS=000000
#--------------------Ceilometer Config----------------##
#Password for Mysql ceilometer user. exmaple:000000
CEILOMETER_DBPASS=000000
#Password for Keystore ceilometer user. exmaple:000000
CEILOMETER_PASS=000000
#--------------------AODH Config----------------##
#Password for Mysql AODH user. exmaple:000000
AODH_DBPASS=000000
#Password for Keystore AODH user. exmaple:000000
AODH_PASS=000000
然后执行该脚本
[root@controller ~]# source /etc/xiandian/openrc.sh
[root@controller ~]# scp /etc/xiandian/openrc.sh root@compute:/etc/xiandian/openrc.sh
拷贝到compute节点后一样要source一下使之生效
安装对应的服务
两个节点执行以下命令
[root@controller ~]# iaas-pre-host.sh
[root@compute ~]# iaas-pre-host.sh
执行完成以后记得重启,否则rabbitmq会报错
controller节点执行以下命令
[root@controller ~]# iaas-install-mysql.sh
[root@controller ~]# iaas-install-keystone.sh
[root@controller ~]# iaas-install-glance.sh
[root@controller ~]# iaas-install-nova-controller.sh
[root@controller ~]# iaas-install-neutron-controller.sh
[root@controller ~]# iaas-install-dashboard.sh
以上脚本根据题目要求进行执行即可
iaas-install-neutron-controller-flat.sh 将平台网络设置为flat
iaas-install-neutron-controller-gre.sh 将平台网络设置为gre
iaas-install-neutron-controller-vlan.sh 将平台网络设置为vlan
compute节点执行以下命令
[root@compute ~]# iaas-install-nova-compute.sh
[root@compute ~]# iaas-install-neutron-compute.sh
浏览器访问测试
创建云主机操作
命令行的方式创建云主机
创建镜像
[root@controller ~]# source /etc/keystone/admin-openrc.sh
[root@controller ~]# glance image-create --name cirros --disk-format qcow2 --container-format bare --progress < /root/cirros-0.3.4-x86_64-disk.img
创建外部网络
先执行这个代码,将平台的网络设置为flat
[root@controller ~]# iaas-install-neutron-controller-gre.sh
[root@compute ~]# iaas-install-neutron-compute-gre.sh
然后进行创建外部网络操作
[root@controller ~]# neutron net-create --router:external=true ext-net
创建外部网络的子网
[root@controller ~]# neutron subnet-create --name ext-subnet --allocation-pool start=192.168.200.100,end=192.168.200.200 --gateway 192.168.200.1 --enable-dhcp ext-net 192.168.200.0/24
创建内部网络
[root@controller ~]# neutron net-create inside
创建内部网络的子网
[root@controller ~]# neutron subnet-create --name inside-subnet --gateway 10.0.0.1 --enable-dhcp inside 10.0.0.0/24
浏览器查看创建的网络
创建路由
[root@controller ~]# openstack router create route
路由绑定外部网络
[root@controller ~]# neutron router-gateway-set route ext-net
Set gateway for router route
route 为我们创建的路由名称
路由连接内部网络
[root@controller ~]# neutron router-interface-add route inside-subnet
Added interface c42a6714-bda7-4ce4-b800-af13e1cd81ca to router route.
浏览器查看是否成功
安全组的创建
[root@controller ~]# neutron security-group-create all
放行TCP UDP ICMP 协议
[root@controller ~]# neutron security-group-rule-create --direction ingress --protocol tcp all
[root@controller ~]# neutron security-group-rule-create --direction egress --protocol tcp all
[root@controller ~]# neutron security-group-rule-create --direction ingress --protocol udp all
[root@controller ~]# neutron security-group-rule-create --direction egress --protocol udp all
[root@controller ~]# neutron security-group-rule-create --direction ingress --protocol icmp all
[root@controller ~]# neutron security-group-rule-create --direction egress --protocol icmp all
浏览器查看效果
创建flavor规则
系统默认存在以下的,可以不用创建
[root@controller ~]# openstack flavor list
+----+-----------+-------+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+-----------+-------+------+-----------+-------+-----------+
| 1 | m1.tiny | 512 | 1 | 0 | 1 | True |
| 2 | m1.small | 2048 | 20 | 0 | 1 | True |
| 3 | m1.medium | 4096 | 40 | 0 | 2 | True |
| 4 | m1.large | 8192 | 80 | 0 | 4 | True |
| 5 | m1.xlarge | 16384 | 160 | 0 | 8 | True |
+----+-----------+-------+------+-----------+-------+-----------+
创建云主机
[root@controller ~]# openstack server create --image cirros --flavor 1 --nic net-id=aff61e47-10d9-40b6-adce-7ed317d38960,v4-fixed-ip=10.0.0.15 --security-group all cirros
创建浮动IP
[root@controller ~]# neutron floatingip-create ext-net --floating-ip-address 192.168.200.150
云主机绑定浮动IP
[root@controller ~]# nova add-floating-ip cirros 192.168.200.150
浏览器查看效果
使用SecureCRT连接测试
用户名:cirros
密码: cubswin:)
登录成功后的界面如下