一、定义
Iaas 开源项目,用来实现云平台搭建
二、模块
dashboard Horizon 基于Openstack API接口使用Django开发的Web管理
compute Nova 通过虚拟化技术提供计算资源池
Networking Neutron 实现虚拟机的网络资源管理
storage存储
Object Storage swift 对象存储,适用于’一次写入,多次读取‘
Block Storage Clinder 块存储,提供存储资源池
共享服务
Identify Service Keystone 认证模块
image Service Glance 提供虚拟镜像的注册和存储管理
三、安装部署
[root@compute ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.7.2 compute.ykyk.com compute
172.16.7.3 controller.ykyk.com controller
openstack-pike
1、时间同步
1 [root@controller ~]# vi /etc/chrony.conf 2 3 # Please consider joining the pool (http://www.pool.ntp.org/join.html). 4 server 0.centos.pool.ntp.org iburst 5 server 1.centos.pool.ntp.org iburst 6 server 2.centos.pool.ntp.org iburst 7 server 3.centos.pool.ntp.org iburst 8 server 172.16.7.3 iburst 9 10 11 # Allow NTP client access from local network. 12 allow 172.16.0.0/16 13 14 [root@controller ~]# systemctl start chronyd.service 15 [root@controller ~]# systemctl enable chronyd.service 16 17 [root@controller ~]# chronyc sources 18 210 Number of sources = 5 19 MS Name/IP address Stratum Poll Reach LastRx Last sample 20 =============================================================================== 21 ^* controller.ykyk.com 10 6 377 578 +227ns[-4836ns] +/- 11us 22 ^+ ntp.wdc1.us.leaseweb.net 2 6 377 57 +2968us[+2968us] +/- 336ms 23 ^- leontp.ccgs.wa.edu.au 1 6 377 58 -16ms[ -16ms] +/- 122ms 24 ^- 120.25.115.19 2 6 377 58 +2509us[+2509us] +/- 28ms 25 ^- ntp6.flashdance.cx 2 6 375 114 -7124us[-7124us] +/- 183ms 26 27 [root@compute ~]# chronyc sources 28 210 Number of sources = 1 29 MS Name/IP address Stratum Poll Reach LastRx Last sample 30 =============================================================================== 31 ^* controller.ykyk.com 11 6 377 28 +2104ns[+3027ns] +/- 6443us 32 33
2、安装
1 [root@controller ~]# yum install centos-release-openstack-pike 2 3 [root@controller ~]# yum install https://rdoproject.org/repos/rdo-release.rpm 4 5 [root@controller ~]# yum install python-openstackclient 6 7 [root@controller ~]# yum install openstack-selinux 8 9 [root@controller ~]# yum install mariadb mariadb-server python2-PyMySQL 10 11 [root@controller my.cnf.d]# vi openstack.conf 12 13 [mysqld] 14 bind-address = 172.16.7.3 15 16 default-storage-engine = innodb 17 innodb_file_per_table = on 18 max_connections = 4096 19 collation-server = utf8_general_ci 20 character-set-server = utf8 21 ~ 22 [root@controller my.cnf.d]# systemctl start mariadb.service 23 [root@controller my.cnf.d]# systemctl enable mariadb.service 24 25 [root@controller my.cnf.d]# mysql_secure_installation 26 27 NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB 28 SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! 29 30 In order to log into MariaDB to secure it, we'll need the current 31 password for the root user. If you've just installed MariaDB, and 32 you haven't set the root password yet, the password will be blank, 33 so you should just press enter here. 34 35 Enter current password for root (enter for none): 36 ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES) 37 Enter current password for root (enter for none): 38 OK, successfully used password, moving on... 39 40 Setting the root password ensures that nobody can log into the MariaDB 41 root user without the proper authorisation. 42 43 Set root password? [Y/n] y 44 New password: 45 Re-enter new password: 46 Password updated successfully! 47 Reloading privilege tables.. 48 ... Success! 49 50 51 By default, a MariaDB installation has an anonymous user, allowing anyone 52 to log into MariaDB without having to have a user account created for 53 them. This is intended only for testing, and to make the installation 54 go a bit smoother. You should remove them before moving into a 55 production environment. 56 57 Remove anonymous users? [Y/n] y 58 ... Success! 59 60 Normally, root should only be allowed to connect from 'localhost'. This 61 ensures that someone cannot guess at the root password from the network. 62 63 Disallow root login remotely? [Y/n] n 64 ... skipping. 65 66 By default, MariaDB comes with a database named 'test' that anyone can 67 access. This is also intended only for testing, and should be removed 68 before moving into a production environment. 69 70 Remove test database and access to it? [Y/n] y 71 - Dropping test database... 72 ... Success! 73 - Removing privileges on test database... 74 ... Success! 75 76 Reloading the privilege tables will ensure that all changes made so far 77 will take effect immediately. 78 79 Reload privilege tables now? [Y/n] y 80 ... Success! 81 82 Cleaning up... 83 84 All done! If you've completed all of the above steps, your MariaDB 85 installation should now be secure. 86 87 Thanks for using MariaDB!
1 [root@controller ~]# yum install rabbitmq-server 2 3 [root@controller ~]# systemctl enable rabbitmq-server.service 4 Created symlink from /etc/systemd/system/multi-user.target.wants/rabbitmq-server.service to /usr/lib/systemd/system/rabbitmq-server.service. 5 [root@controller ~]# systemctl start rabbitmq-server.service 6 7 [root@controller ~]# rabbitmqctl add_user openstack young319 8 Creating user "openstack" ... 9 10 [root@controller ~]# rabbitmqctl set_permissions openstack ".*" ".*" 11 ".*" 12 Setting permissions for user "openstack" in vhost "/" ... 13 14
memcache
1 2 [root@controller ~]# yum install memcached python-memcached 3 4 [root@controller ~]# vi /etc/sysconfig/memcached 5 6 PORT="11211" 7 USER="memcached" 8 MAXCONN="1024" 9 CACHESIZE="64" 10 OPTIONS="-l 127.0.0.1,::1,controller"
[root@controller ~]# systemctl enable memcached.service
Created symlink from /etc/systemd/system/multi-user.target.wants/memcached.service to /usr/lib/systemd/system/memcached.service.
[root@controller ~]# systemctl start memcached.service
etcd
1 [root@controller ~]# yum install etcd 2 3 [root@controller ~]# vi /etc/etcd/etcd.conf 4 [root@controller ~]# cat !$ 5 cat /etc/etcd/etcd.conf 6 # [member] 7 ETCD_NAME=default 8 ETCD_DATA_DIR="/var/lib/etcd/default.etcd" 9 #ETCD_WAL_DIR="" 10 #ETCD_SNAPSHOT_COUNT="10000" 11 #ETCD_HEARTBEAT_INTERVAL="100" 12 #ETCD_ELECTION_TIMEOUT="1000" 13 ETCD_LISTEN_PEER_URLS="http://172.16.7.3:2380" 14 ETCD_LISTEN_CLIENT_URLS="http://172.16.7.3:2379" 15 ETCD_NAME="controller" 16 #ETCD_MAX_SNAPSHOTS="5" 17 #ETCD_MAX_WALS="5" 18 #ETCD_CORS="" 19 # 20 #[cluster] 21 ETCD_INITIAL_ADVERTISE_PEER_URLS="http://172.16.7.3:2380" 22 # if you use different ETCD_NAME (e.g. test), set ETCD_INITIAL_CLUSTER value for this name, i.e. "test=http://..." 23 ETCD_INITIAL_CLUSTER="controller=http://172.16.7.3:2380" 24 ETCD_INITIAL_CLUSTER_STATE="new" 25 ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01" 26 ETCD_ADVERTISE_CLIENT_URLS="http://172.16.7.3:2379" 27 28 29 30 [root@controller ~]# systemctl enable etcd 31 Created symlink from /etc/systemd/system/multi-user.target.wants/etcd.service to /usr/lib/systemd/system/etcd.service. 32 [root@controller ~]# systemctl start etcd
(一)keystone
1 [root@controller ~]# mysql -u root -p 2 Enter password: 3 4 MariaDB [(none)]> create database keystone; 5 Query OK, 1 row affected (0.00 sec) 6 7 MariaDB [(none)]> grant all privileges on keystone.* to 'keystone'@'localhost' identified by 'keystone'; 8 Query OK, 0 rows affected (0.00 sec) 9 10 MariaDB [(none)]> grant all privileges on keystone.* to 'keystone'@'%' identified by 'keystone'; 11 Query OK, 0 rows affected (0.00 sec) 12 13 14 [root@controller ~]# yum install openstack-keystone httpd mod_wsgi -y 15 16 17 18 [root@controller ~]# vi /etc/keystone/keystone.conf 19 20 [database] 21 connection = mysql+pymysql://keystone:keystone@controller/keystone 22 [token] 23 provider = fernet 24 25 26 [root@controller ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone 27 [root@controller ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone 28 [root@controller ~]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone 29 [root@controller ~]# keystone-manage bootstrap --bootstrap-password openstack \ 30 > --bootstrap-admin-url http://controller:35357/v3/ \ 31 > --bootstrap-internal-url http://controller:5000/v3/ \ 32 > --bootstrap-public-url http://controller:5000/v3/ \ 33 > --bootstrap-region-id RegionOne 34 35 [root@controller ~]# vi /etc/httpd/conf/httpd.conf 36 37 ServerName controller 38 39 40 [root@controller ~]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/ 41 42 [root@controller ~]# systemctl enable httpd 43 Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service. 44 [root@controller ~]# systemctl start httpd 45 46 [root@controller ~]# vi /etc/profile.d/admin 47 export OS_USERNAME=admin 48 export OS_PASSWORD=openstack 49 export OS_PROJECT_NAME=admin 50 export OS_USER_DOMAIN_NAME=Default 51 export OS_PROJECT_DOMAIN_NAME=Default 52 export OS_AUTH_URL=http://controller:35357/v3 53 export OS_IDENTITY_API_VERSION=3 54 55 56 57 58 59 60 61 [root@controller ~]# source /etc/profile.d/admin 62 [root@controller ~]# openstack project create --domain default \ 63 > --description "Service Project" service 64 +-------------+----------------------------------+ 65 | Field | Value | 66 +-------------+----------------------------------+ 67 | description | Service Project | 68 | domain_id | default | 69 | enabled | True | 70 | id | 806da57932b6496d84c129db220cd18b | 71 | is_domain | False | 72 | name | service | 73 | parent_id | default | 74 | tags | [] | 75 +-------------+----------------------------------+ 76 77 [root@controller ~]# openstack domain list 78 +---------+---------+---------+--------------------+ 79 | ID | Name | Enabled | Description | 80 +---------+---------+---------+--------------------+ 81 | default | Default | True | The default domain | 82 +---------+---------+---------+--------------------+ 83 [root@controller ~]# openstack project list 84 +----------------------------------+---------+ 85 | ID | Name | 86 +----------------------------------+---------+ 87 | 4958add57fbf4921bf3babe3e50bb831 | admin | 88 | 806da57932b6496d84c129db220cd18b | service | 89 +----------------------------------+---------+ 90 91 [root@controller ~]# openstack project create --domain default \ 92 > --description "Demo Project" demo 93 +-------------+----------------------------------+ 94 | Field | Value | 95 +-------------+----------------------------------+ 96 | description | Demo Project | 97 | domain_id | default | 98 | enabled | True | 99 | id | 62d52b341ad148a99566642ffcfd9dd4 | 100 | is_domain | False | 101 | name | demo | 102 | parent_id | default | 103 | tags | [] | 104 +-------------+----------------------------------+ 105 [root@controller ~]# openstack user create --domain default \ 106 > --password-prompt demo 107 User Password: 108 Repeat User Password: 109 +---------------------+----------------------------------+ 110 | Field | Value | 111 +---------------------+----------------------------------+ 112 | domain_id | default | 113 | enabled | True | 114 | id | 420f19349f7946dfb373587259d86af9 | 115 | name | demo | 116 | options | {} | 117 | password_expires_at | None | 118 +---------------------+----------------------------------+ 119 [root@controller ~]# openstack role create user 120 +-----------+----------------------------------+ 121 | Field | Value | 122 +-----------+----------------------------------+ 123 | domain_id | None | 124 | id | bb845a0fef874618ad78939450e7974c | 125 | name | user | 126 +-----------+----------------------------------+ 127 [root@controller ~]# openstack role add --project demo --user demo u 128 ser 129 130 131 [root@controller ~]# unset OS_AUTH_URL OS_PASSWORD 132 133 [root@controller ~]# openstack --os-auth-url http://controller:35357/v3 \ 134 > --os-project-domain-name Default --os-user-domain-name Default \ 135 > --os-project-name admin --os-username admin token issue 136 Password: 137 +------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ 138 | Field | Value | 139 +------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ 140 | expires | 2018-03-20T10:04:54+0000 | 141 | id | gAAAAABasM62Y8LfUCSgrrW9KP3ILZELBp1IvmutB61uCWHetxP7MezdqZun_aGXBH5-ncpWX9-rNh_SqB1necXxKoPqgl2aG7L44jC3VgotcLe_ybACzBxGHDHVlRMICe2c1J4Uk7Aigs6I7yI0EHi6yW0rOzkFE0j4Bx39Mnyi5AV7FEIT9Ng | 142 | project_id | 4958add57fbf4921bf3babe3e50bb831 | 143 | user_id | a2b582b43a5d4990833c844b6af83247 | 144 +------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ 145 146 [root@controller ~]# openstack --os-auth-url http://controller:5000/v3 --os-project-domain-name Default --os-user-domain-name Default --os-project-name demo --os-username demo token issue 147 Password: 148 +------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ 149 | Field | Value | 150 +------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ 151 | expires | 2018-03-20T10:29:45+0000 | 152 | id | gAAAAABasNSJyy7lmHOhkd0ktLORrWFi_AQc-4xj9PwOe7uqeh2uhBfWGbltcYgQ9dEXKZbMy5rjM8Y97ehMNjryYFzo1jZkf39qMmDa0lQ9u2jKtZtoN-vcfFAXWEW4vM1gD_-IVWFQ6cKgASJYIiqd5pSz2H8hSWciJcbiRoA3CzB5KI2lIL8 | 153 | project_id | 62d52b341ad148a99566642ffcfd9dd4 | 154 | user_id | 420f19349f7946dfb373587259d86af9 | 155 +------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ 156 157 158 159 [root@controller profile.d]# source admin-openrc 160 [root@controller profile.d]# openstack token issue 161 +------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ 162 | Field | Value | 163 +------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ 164 | expires | 2018-03-20T10:34:26+0000 | 165 | id | gAAAAABasNWiP4fOlsRK5TuNECkmN2nF5Kmc8lGAKn_VwCRec9mkf3ZQVdfZxeZIDSiROQmJ0Rl1L40K7yL-CqHHVny6e2c-DHUxJKiga0gQZL1tpLjONyRBIpfDvXWMGPJBUvkeaIGXoQOUDiwEG_pL-932UJmARw08bLE1-eQWaxHhdNPz9y0 | 166 | project_id | 4958add57fbf4921bf3babe3e50bb831 | 167 | user_id | a2b582b43a5d4990833c844b6af83247 | 168 +------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ 169 170 171 [root@controller profile.d]# source demo-openrc 172 [root@controller profile.d]# openstack token issue 173 +------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ 174 | Field | Value | 175 +------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ 176 | expires | 2018-03-20T10:35:10+0000 | 177 | id | gAAAAABasNXOpdlBKUW1S4Q8qE__n7XHJcLLe-C7VbDP9rlO1n4SzMwavDnKkSzQEKCaaP1UU9hs26UYXeLjS4IAMbwjn7Bd42xx3vCiGBZamHMGrevqMYrIMuaMtfdaGnil4THnGhyr_X_TU05rqDmaRvhlA28_k3OSkC7AYRR73h_ZbWR-HRU | 178 | project_id | 62d52b341ad148a99566642ffcfd9dd4 | 179 | user_id | 420f19349f7946dfb373587259d86af9 | 180 +------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ 181
(二)glance
1 MariaDB [(none)]> create database glance; 2 Query OK, 1 row affected (0.00 sec) 3 4 MariaDB [(none)]> grant all privileges on glance.* to 'glance'@'localhost' identified by 'glance'; 5 Query OK, 0 rows affected (0.01 sec) 6 7 MariaDB [(none)]> grant all privileges on glance.* to 'glance'@'%' identified by 'glance'; 8 Query OK, 0 rows affected (0.00 sec) 9 10 11 [root@openstack ~]# source /etc/profile.d/admin-openrc 12 [root@openstack ~]# openstack user create --domain default --passwor 13 d-prompt glance 14 User Password: 15 Repeat User Password: 16 +---------------------+----------------------------------+ 17 | Field | Value | 18 +---------------------+----------------------------------+ 19 | domain_id | default | 20 | enabled | True | 21 | id | 7606f7b47338463cafa34a135b61f0a0 | 22 | name | glance | 23 | options | {} | 24 | password_expires_at | None | 25 +---------------------+----------------------------------+ 26 27 28 29 [root@openstack ~]# openstack role add --project service --user glance admin 30 [root@openstack ~]# openstack service create --name glance \ 31 > --description "OpenStack Image" image 32 +-------------+----------------------------------+ 33 | Field | Value | 34 +-------------+----------------------------------+ 35 | description | OpenStack Image | 36 | enabled | True | 37 | id | 2f0de89281e84e499501cf040115282c | 38 | name | glance | 39 | type | image | 40 +-------------+----------------------------------+ 41 [root@openstack ~]# openstack endpoint create --region RegionOne \ 42 > image public http://controller:9292 43 +--------------+----------------------------------+ 44 | Field | Value | 45 +--------------+----------------------------------+ 46 | enabled | True | 47 | id | a91a30fc94ac4e34a994431727a849b0 | 48 | interface | public | 49 | region | RegionOne | 50 | region_id | RegionOne | 51 | service_id | 2f0de89281e84e499501cf040115282c | 52 | service_name | glance | 53 | service_type | image | 54 | url | http://controller:9292 | 55 +--------------+----------------------------------+ 56 [root@openstack ~]# openstack endpoint create --region RegionOne \ 57 > image internal http://controller:9292 58 +--------------+----------------------------------+ 59 | Field | Value | 60 +--------------+----------------------------------+ 61 | enabled | True | 62 | id | 7d275b18ce574b169c909e59cee0fa05 | 63 | interface | internal | 64 | region | RegionOne | 65 | region_id | RegionOne | 66 | service_id | 2f0de89281e84e499501cf040115282c | 67 | service_name | glance | 68 | service_type | image | 69 | url | http://controller:9292 | 70 +--------------+----------------------------------+ 71 [root@openstack ~]# openstack endpoint create --region RegionOne image admin http://controller:9292 72 +--------------+----------------------------------+ 73 | Field | Value | 74 +--------------+----------------------------------+ 75 | enabled | True | 76 | id | 709f26598c3945c79fe6254b415c73bf | 77 | interface | admin | 78 | region | RegionOne | 79 | region_id | RegionOne | 80 | service_id | 2f0de89281e84e499501cf040115282c | 81 | service_name | glance | 82 | service_type | image | 83 | url | http://controller:9292 | 84 +--------------+----------------------------------+ 85 86 87 [root@openstack ~]# yum install openstack-glance 88 89 [root@openstack ~]# vi /etc/glance/glance-api.conf 90 [keystone_authtoken] 91 #... 92 auth_uri = http:// controller:5000 93 auth_url = http:// controller:35357 94 memcached_servers = controller:11211 95 auth_type = password 96 project_domain_name = default 97 user_domain_name = default 98 project_name = service 99 username = glance 100 password = GLANCE_PASS 101 102 [paste_deploy ] 103 #... 104 flavor = keystone 105 106 [glance_store] 107 108 stores = file,http 109 default_store = file 110 filesystem_store_datadir = /var/lib/glance/images/ 111 112 [root@openstack ~]# vi /etc/glance/glance-registry.conf 113 114 [database] 115 116 connection = mysql+pymysql://glance:glance@controller/glance 117 118 [keystone_authtoken] 119 120 auth_uri = http://controller:5000 121 auth_url = http://controller:35357 122 memcached_servers = controller:11211 123 auth_type = password 124 project_domain_name = default 125 user_domain_name = defaultproject_name = service 126 username = glance 127 password = glance 128 129 [paste_deploy] 130 131 flavor = keystone 132 133 [root@openstack ~]# su -s /bin/sh -c "glance-manage db_sync" glance 134 135 [root@openstack ~]# systemctl enable openstack-glance-api.service \ 136 > openstack-glance-registry.service 137 Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-api.service to /usr/lib/systemd/system/openstack-glance-api.service. 138 Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-registry.service to /usr/lib/systemd/system/openstack-glance-registry.service. 139 [root@openstack ~]# systemctl start openstack-glance-api.service \ 140 > openstack-glance-registry.service
(三)nova
1 MariaDB [(none)]> create database nova_api; 2 Query OK, 1 row affected (0.00 sec) 3 4 MariaDB [(none)]> create database nova; 5 Query OK, 1 row affected (0.00 sec) 6 7 MariaDB [(none)]> create database nova_cell0; 8 Query OK, 1 row affected (0.00 sec) 9 10 11 MariaDB [(none)]> grant all privileges on nova_api.* to 'nova'@'localhost' identified by 'novaapi'; 12 Query OK, 0 rows affected (0.00 sec) 13 14 MariaDB [(none)]> grant all privileges on nova_api.* to 'nova'@'%' identified by 'novaapi'; 15 Query OK, 0 rows affected (0.00 sec) 16 17 MariaDB [(none)]> grant all privileges on nova.* to 'nova'@'localhost' identified by 'novaapi'; 18 Query OK, 0 rows affected (0.00 sec) 19 20 MariaDB [(none)]> grant all privileges on nova.* to 'nova'@'%' identiified by 'novaapi'; 21 Query OK, 0 rows affected (0.00 sec) 22 23 MariaDB [(none)]> grant all privileges on nova_cell0.* to 'nova'@'%' identified by 'novaapi'; 24 Query OK, 0 rows affected (0.00 sec) 25 26 MariaDB [(none)]> grant all privileges on nova_cell0.* to 'nova'@'localhost' identified by 'novaapi'; 27 Query OK, 0 rows affected (0.00 sec) 28 29 30 [root@openstack ~]# openstack user create --domain default --passwor 31 d-prompt nova 32 User Password: 33 Repeat User Password: 34 +---------------------+----------------------------------+ 35 | Field | Value | 36 +---------------------+----------------------------------+ 37 | domain_id | default | 38 | enabled | True | 39 | id | 299bc0afef084defb62876770202dad0 | 40 | name | nova | 41 | options | {} | 42 | password_expires_at | None | 43 +---------------------+----------------------------------+ 44 [root@openstack ~]# openstack role add --project service --user nova admin 45 46 47 [root@openstack ~]# openstack service create --name nova --description "OpenStack Compute" compute 48 +-------------+----------------------------------+ 49 | Field | Value | 50 +-------------+----------------------------------+ 51 | description | OpenStack Compute | 52 | enabled | True | 53 | id | 1f5372223e574e839312a24b6a1a1f98 | 54 | name | nova | 55 | type | compute | 56 +-------------+----------------------------------+ 57 [root@openstack ~]# openstack endpoint create --region RegionOne \ 58 > compute public http://controller:8774/v2.1 59 +--------------+----------------------------------+ 60 | Field | Value | 61 +--------------+----------------------------------+ 62 | enabled | True | 63 | id | 3b8247b8186f4ffc876422eb155b583d | 64 | interface | public | 65 | region | RegionOne | 66 | region_id | RegionOne | 67 | service_id | 1f5372223e574e839312a24b6a1a1f98 | 68 | service_name | nova | 69 | service_type | compute | 70 | url | http://controller:8774/v2.1 | 71 +--------------+----------------------------------+ 72 [root@openstack ~]# openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1 73 +--------------+----------------------------------+ 74 | Field | Value | 75 +--------------+----------------------------------+ 76 | enabled | True | 77 | id | 5db2d9dcb8ca4e35ad7a496c1a6b22ce | 78 | interface | internal | 79 | region | RegionOne | 80 | region_id | RegionOne | 81 | service_id | 1f5372223e574e839312a24b6a1a1f98 | 82 | service_name | nova | 83 | service_type | compute | 84 | url | http://controller:8774/v2.1 | 85 +--------------+----------------------------------+ 86 [root@openstack ~]# openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1 87 +--------------+----------------------------------+ 88 | Field | Value | 89 +--------------+----------------------------------+ 90 | enabled | True | 91 | id | 66fd48466317457aba234da1c43a2451 | 92 | interface | admin | 93 | region | RegionOne | 94 | region_id | RegionOne | 95 | service_id | 1f5372223e574e839312a24b6a1a1f98 | 96 | service_name | nova | 97 | service_type | compute | 98 | url | http://controller:8774/v2.1 | 99 +--------------+----------------------------------+ 100 101 102 103 [root@openstack ~]# openstack user create --domain default --passwor 104 d-prompt placement 105 User Password: 106 Repeat User Password: 107 +---------------------+----------------------------------+ 108 | Field | Value | 109 +---------------------+----------------------------------+ 110 | domain_id | default | 111 | enabled | True | 112 | id | 67ea53cfbdf645a5b0f32818b279fbbf | 113 | name | placement | 114 | options | {} | 115 | password_expires_at | None | 116 +---------------------+----------------------------------+ 117 118 pass:placement 119 120 121 [root@openstack ~]# openstack role add --project service --user placement admin 122 123 [root@openstack ~]# openstack service create --name placement --description "Placement API" placement 124 +-------------+----------------------------------+ 125 | Field | Value | 126 +-------------+----------------------------------+ 127 | description | Placement API | 128 | enabled | True | 129 | id | 46847dc1ae7f49b18cf8dc0abeb71d78 | 130 | name | placement | 131 | type | placement | 132 +-------------+----------------------------------+ 133 134 135 [root@openstack ~]# openstack endpoint create --region RegionOne placement public http://controller:8778 136 +--------------+----------------------------------+ 137 | Field | Value | 138 +--------------+----------------------------------+ 139 | enabled | True | 140 | id | 8c47361eeaa94b49856ed0fbc6b89d65 | 141 | interface | public | 142 | region | RegionOne | 143 | region_id | RegionOne | 144 | service_id | 46847dc1ae7f49b18cf8dc0abeb71d78 | 145 | service_name | placement | 146 | service_type | placement | 147 | url | http://controller:8778 | 148 +--------------+----------------------------------+ 149 150 151 [root@openstack ~]# openstack endpoint create --region RegionOne placement internal http://controller:8778 152 +--------------+----------------------------------+ 153 | Field | Value | 154 +--------------+----------------------------------+ 155 | enabled | True | 156 | id | dba97b317ed54290aed45bcef5f169b5 | 157 | interface | internal | 158 | region | RegionOne | 159 | region_id | RegionOne | 160 | service_id | 46847dc1ae7f49b18cf8dc0abeb71d78 | 161 | service_name | placement | 162 | service_type | placement | 163 | url | http://controller:8778 | 164 +--------------+----------------------------------+ 165 [root@openstack ~]# openstack endpoint create --region RegionOne placement admin http://controller:8778 166 +--------------+----------------------------------+ 167 | Field | Value | 168 +--------------+----------------------------------+ 169 | enabled | True | 170 | id | 2c096490717e4fc59c277b00f2823375 | 171 | interface | admin | 172 | region | RegionOne | 173 | region_id | RegionOne | 174 | service_id | 46847dc1ae7f49b18cf8dc0abeb71d78 | 175 | service_name | placement | 176 | service_type | placement | 177 | url | http://controller:8778 | 178 +--------------+----------------------------------+ 179 180 yum install openstack-nova-api openstack-nova-conductor \ 181 openstack-nova-console openstack-nova-novncproxy \ 182 openstack-nova-scheduler openstack-nova-placement-api 183 184 [root@openstack ~]# vi /etc/nova/nova.conf 185 [DEFAULT] 186 enabled_apis = osapi_compute,metadata 187 188 [api_database] 189 connection = mysql+pymysql://nova:novaapi@controller/nova_api 190 191 [database] 192 193 connection = mysql+pymysql://nova:novaapi@controller/nova 194 195 [DEFAULT] 196 enabled_apis = osapi_compute,metadata 197 transport_url = rabbit://openstack:openstack@controller 198 199 [api] 200 auth_strategy = keystone 201 202 [keystone_authtoken] 203 204 auth_uri = http://controller:5000 205 auth_url = http://controller:35357 206 memcached_servers = controller:11211 207 auth_type = password 208 project_domain_name = default 209 user_domain_name = default 210 project_name = service 211 username = nova 212 password = novaapi 213 214 215 [DEFAULT] 216 enabled_apis = osapi_compute,metadata 217 transport_url = rabbit://openstack:openstack@controller 218 my_ip:172.16.7.3 219 user_neutron = True 220 firewall_driver = nova.virt.firewall.NoopFirewallDriver 221 222 [vnc] 223 enabled = true 224 vncserver_listen = $my_ip 225 vncserver_proxyclient_address = $my_ip 226 [glance] 227 api_servers = http://controller:9292 228 229 [oslo_concurrency] 230 lock_path = /var/lib/nova/tmp 231 232 [placement] 233 234 os_region_name = RegionOne 235 project_domain_name = Default 236 project_name = service 237 auth_type = password 238 user_domain_name = Default 239 auth_url = http://controller:35357/v3 240 username = placement 241 password = placement 242 243 244 [root@openstack ~]# vi /etc/httpd/conf.d/00-nova-placement-api.conf 245 <Directory /usr/bin> 246 <IfVersion >= 2.4> 247 Require all granted 248 </IfVersion> 249 <IfVersion < 2.4> 250 Order allow,deny 251 Allow from all 252 </IfVersion> 253 </Directory>