Iaas云基础平台搭建
分别安装两台最小化的centos 6.5系统。要求配置双网卡,打开虚拟化。
安装系统
安装过程
正在安装包
在安装的过程中,将计算机名分别改为controller和compute
设置controller的eth0为10.0.0.10 255.0.0.0 10.0.0.1
Controler 的eth1 为 192.168.0.10 255.255.255.0 192.168.0.1
Compute的eth0 为10.0.0.11 255.0.0.0 10.0.0.1
Compute 的eth1为192.168.0.11 255.255.255.0 192.168.0.1
做计算机名解析
测试控制节点和计算节点直接的通信
将centos 光盘里的内容复制到/opt 目录下,此外还要复制脚本script和repo p_w_picpaths,我们可以使用工具传输
接下来将传输过来的光盘里面的文件,制作一个本地yum源,然后搭建一个ftp服务,用于后期我们的计算节点和控制节点之间的文件传输。
删除/etc/yum.repos.d/ 下原有的yum 仓库。新建一个base的base.repo文件
切换到/opt/centos 6.5/Packages 目录下,手动安装createrepo-0.9.9-18.el6.noarch.rpm 包
[root@controller Packages]# rpm -ivh createrepo-0.9.9-18.el6.noarch.rpm
warning: createrepo-0.9.9-18.el6.noarch.rpm: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY
error: Failed dependencies:
libxml2-python is needed by createrepo-0.9.9-18.el6.noarch
python-deltarpm is needed by createrepo-0.9.9-18.el6.noarch
根据提示,我们需要安装它的依赖包,所以要手动安装依赖包
[root@controller Packages]# rpm -ivh libxml2-python-2.7.6-14.el6.x86_64.rpm
warning: libxml2-python-2.7.6-14.el6.x86_64.rpm: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY
Preparing... ########################################### [100%]
1:libxml2-python ########################################### [100%]
[root@controller Packages]# rpm -ivh python-deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm
warning: python-deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID c105b9de: NOKEY
error: Failed dependencies:
deltarpm = 3.5-0.5.20090913git.el6 is needed by python-deltarpm-3.5-0.5.20090913git.el6.x86_64
[root@controller Packages]# rpm -ivh deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm
warning: deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID c105b9de: NOKEY
Preparing... ########################################### [100%]
1:deltarpm ########################################### [100%]
[root@controller Packages]# rpm -ivh python-deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm
warning: python-deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID c105b9de: NOKEY
Preparing... ########################################### [100%]
1:python-deltarpm ########################################### [100%]
[root@controller Packages]# rpm -ivh createrepo-0.9.9-18.el6.noarch.rpm
warning: createrepo-0.9.9-18.el6.noarch.rpm: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEY
Preparing... ########################################### [100%]
1:createrepo ########################################### [100%]
[root@controller Packages]#
到此为止,我们已经安装好了依赖包。
执行命令
[root@controller Packages]# createrepo -v /opt/centos
链接库文件
库文件链接过程
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Starting other db creation: Thu Jul 10 23:55:11 2014
Ending other db creation: Thu Jul 10 23:55:13 2014
Starting filelists db creation: Thu Jul 10 23:55:14 2014
Ending filelists db creation: Thu Jul 10 23:55:21 2014
Starting primary db creation: Thu Jul 10 23:55:21 2014
Ending primary db creation: Thu Jul 10 23:55:26 2014
Sqlite DBs complete
库文件链接完成。
配置base.repo内容如下:
[base]
name=centos
baseurl=file:///opt/centos/
enabled=1
gpgcheck=0
这样本地yum就配好了,安装vsftpd 服务,在编辑vsftpd.conf 配置文件,在末尾加入anon_root=/opt
[root@controller yum.repos.d]# yum install vsftpd -y
重启服务,设置开机启动。
这里还要修改一下base.repo文件,改成从ftp 获取,如下如
因为计算机点还要从控制节点获包。
接下来就开始配置另外几个yum仓库了。
所有的仓库配置文件可以参考下面的文件:
[root@controller yum.repos.d]# cat *.repo
[base]
name=centos
baseurl=ftp://10.0.0.10/centos/
enabled=1
gpgcheck=0
[centos]
name=centos
baseurl=ftp://10.0.0.10/repo/centos6.5/
enabled=1
gpgcheck=0
[epel]
name=epel
baseurl=ftp://10.0.0.10/repo/epel6/mirrors.hustunique.com/epel/6/x86_64/
enabled=1
gpgcheck=0
[foreman]
name=foreman
baseurl=ftp://10.0.0.10/repo/foreman/yum.theforeman.org/release/1.3/el6/x86_64/
enabled=1
gpgcheck=0
[openstack]
name=openstack
baseurl=ftp://10.0.0.10/repo/openstack-havana/
enabled=1
gpgcheck=0
[puppetlabs]
name=puppetlabs
baseurl=ftp://10.0.0.10/repo/puppetlabs/yum.puppetlabs.com/el/6/products/x86_64/
enabled=1
gpgcheck=0
编辑openrc.sh 设置环境变量
export OS_USERNAME=admin
export OS_PASSWORD=secrete
export OS_TENANT_NAME=admin
export OS_AUTH_URL=http://controller:35357/v2.0
export HOST_IP=10.0.0.10
export HOST_EXT_IP=192.168.1.10
export FIX_RANGE=192.168.1.129/25
export IMAGES_DIR=/var/lig/glance/p_w_picpaths
export FTP_IMAGES_URL=ftp://10.0.0.10/p_w_picpaths
export IMAGE_NAME_LINUX=centos-6.5-20140117.0x86_64.qcow2
export LINUX_IMAGE_LABEL=centos
export LINUX_IAMGE_FILE_FORMAT=qcow2
export KEYSTONE_DBPASS=keystone
export DB_PASS=openstack
export ADMIN_PASS=secrete
export GLANCE_DBPASS=glance
export GLANCE_PASS=service
export NOVA_DBPASS=nova
export NOVA_PASS=service
export DASH_DBPASS=service
export CINDER_DBPASS=service
export CINDER_PASS=service
export DEMO_PASS=demo
export MAIL_ADMIN_ADDR=admin@example.com
export MAIL_DEMO_ADDR=demo@example.com
export MAIL_GLANCE_ADDR=admin@example.com
export MAIL_NOVA_ADDR=admin@example.com
配置完成后追加至/root/.bash_profile中
[root@controller script]# cat openrc.sh > /root/.bash_profile
执行 source /root/.bash_profile 生效
[root@controller script]# source /root/.bash_profile
[root@controller script]# echo $DB_PASS
Openstack
查看是否生效
接下啦安装ntp时钟服务,我们可以调用写好的脚本文件
首先我们看一下,有哪些脚本文件
[root@controller script]# ll
total 100
-rw-r--r--. 1 root root 16320 Apr 3 17:49 dnsmasq-utils-2.48-13.el6.x86_64.rpm
-rw-r--r--. 1 root root 2496 Apr 3 08:05 iaas-config-glance.sh
-rw-r--r--. 1 root root 1070 Apr 3 17:18 iaas-config-node.sh
-rw-r--r--. 1 root root 2127 Apr 3 08:58 iaas-config-nova.sh
-rw-r--r--. 1 root root 359 Apr 3 07:58 iaas-config-stone.sh
-rw-r--r--. 1 root root 138 Apr 3 09:06 iaas-create-network.sh
-rw-r--r--. 1 root root 1088 Apr 3 07:43 iaas-define-stone.sh
-rw-r--r--. 1 root root 195 Apr 3 07:55 iaas-install-db.sh
-rw-r--r--. 1 root root 342 Apr 3 08:03 iaas-install-glance.sh
-rw-r--r--. 1 root root 2183 Apr 3 17:20 iaas-install-node.sh
-rw-r--r--. 1 root root 288 Apr 3 08:42 iaas-install-nova.sh
-rw-r--r--. 1 root root 242 Apr 3 07:39 iaas-install-stone.sh
-rw-r--r--. 1 root root 284 Apr 3 07:28 iaas-pre-controller.sh
-rw-r--r--. 1 root root 363 Apr 3 16:42 iaas-pre-node.sh
-rw-r--r--. 1 root root 245 Apr 3 08:40 iaas-verify-glance.sh
-rw-r--r--. 1 root root 16 Apr 3 08:59 iaas-verify-nova.sh
-rw-r--r--. 1 root root 278 Apr 3 07:47 iaas-verify-stone.sh
-rw-r--r--. 1 root root 394 Apr 3 18:08 noderc.sh
-rw-r--r--. 1 root root 886 Jul 11 01:03 openrc.sh
-rw-r--r--. 1 root root 101 Apr 3 08:02 source
-rw-r--r--. 1 root root 101 Apr 3 08:02 sourcecon
-rw-r--r--. 1 root root 139 Apr 3 16:39 sourcenode
首先执行脚本iaas-pre-controller.sh
看一下脚本内容:
[root@controller script]# cat iaas-pre-controller.sh
yum install -y ntp
service ntpd restart
chkconfig ntpd on
yum install -y qpid-cpp-server memcached
service qpidd restart
chkconfig qpidd on
yum install -y openstack-utils
yum install -y openstack-selinux
sed -i '/^SELINUX=/s/enforcing/permissive/g' /etc/selinux/config
yum -y upgrade
执行脚本
[root@controller script]# sh iaas-pre-controller.sh
成功的标志
Updated:
ca-certificates.noarch 0:2013.1.95-65.1.el6_5 centos-release.x86_64 0:6-5.el6.centos.11.2 coreutils.x86_64 0:8.4-31.el6_5.1 coreutils-libs.x86_64 0:8.4-31.el6_5.1
dracut.noarch 0:004-336.el6_5.2 dracut-kernel.noarch 0:004-336.el6_5.2 ethtool.x86_64 2:3.5-1.2.el6_5 glib2.x86_64 0:2.26.1-7.el6_5
grep.x86_64 0:2.6.3-4.el6_5.1 initscripts.x86_64 0:9.03.40-2.el6.centos.1 iproute.x86_64 0:2.6.32-130.el6ost.netns.2 kernel-firmware.noarch 0:2.6.32-431.11.2.el6
mysql-libs.x86_64 0:5.1.73-3.el6_5 nspr.x86_64 0:4.10.2-1.el6_5 nss.x86_64 0:3.15.3-6.el6_5 nss-sysinit.x86_64 0:3.15.3-6.el6_5
nss-tools.x86_64 0:3.15.3-6.el6_5 nss-util.x86_64 0:3.15.3-1.el6_5 openldap.x86_64 0:2.4.23-34.el6_5.1 openssl.x86_64 0:1.0.1e-16.el6_5.4
p11-kit.x86_64 0:0.18.5-2.el6_5.2 p11-kit-trust.x86_64 0:0.18.5-2.el6_5.2 postfix.x86_64 2:2.6.6-6.el6_5 psmisc.x86_64 0:22.6-19.el6_5
python.x86_64 0:2.6.6-52.el6 python-libs.x86_64 0:2.6.6-52.el6 selinux-policy.noarch 0:3.7.19-231.el6_5.1 selinux-policy-targeted.noarch 0:3.7.19-231.el6_5.1
tzdata.noarch 0:2014b-1.el6 upstart.x86_64 0:0.6.5-13.el6_5.3 yum.noarch 0:3.2.29-43.el6.centos yum-plugin-fastestmirror.noarch 0:1.1.30-17.el6_5
Complete!
接下来手动重启
这时候你会发现一个问题,/etc/yum.repo 下又多了几个文件,这是升级内核导致的,所以要将多余的.repo文件删除
第二步就是安装数据库服务端
执行脚本iaas-install-db.sh
脚本内容:
yum install -y mysql mysql-server MySQL-python
sed -i "/^symbolic-links/a\bind-address=$HOST_IP" /etc/my.cnf
service mysqld restart
chkconfig mysqld on
mysql_install_db
mysql_secure_installation
安装过程中会提示
Enter current password for root (enter for none): //直接回车
Set root password? [Y/n]
New password:
Re-enter new password:
这里的密码是openrc.sh 中的DB_PASS中的参数
Remove anonymous users? [Y/n] y
Disallow root login remotely? [Y/n] n
Remove test database and access to it? [Y/n] y
Reload privilege tables now? [Y/n] y
接下来就是身份服务安装与配置
执行脚本iaas-install-stone.sh
脚本内容:
yum install -y openstack-keystone python-keystoneclient
openstack-config --set /etc/keystone/keystone.conf sql connection mysql://keystone:$KEYSTONE_DBPASS@$HOSTNAME/keystone
openstack-db --init --service keystone --password $KEYSTONE_DBPASS
提示输入密码,级前面输的密码
Please enter the password for the 'root' MySQL user:
配置身份服务,执行脚本 iaas-config-stone.sh
脚本内容:
ADMIN_TOKEN=$(openssl rand -hex 10)
echo $ADMIN_TOKEN
openstack-config --set /etc/keystone/keystone.conf DEFAULT admin_token $ADMIN_TOKEN
keystone-manage pki_setup --keystone-user keystone --keystone-group keystone
chown -R keystone:keystone /etc/keystone/* /var/log/keystone/keystone.log
service openstack-keystone restart
chkconfig openstack-keystone on
结果:
接下来定义身份用户
执行脚本: iaas-define-stone.sh
脚本内容:
export ADMIN_TOKEN=`openstack-config --get /etc/keystone/keystone.conf DEFAULT admin_token`
export OS_SERVICE_TOKEN=$ADMIN_TOKEN
export OS_SERVICE_ENDPOINT=http://$HOSTNAME:35357/v2.0
keystone user-create --name=admin --pass=$ADMIN_PASS --email=$MAIL_ADMIN_ADDR
keystone role-create --name=admin
keystone tenant-create --name=admin --description="Admin Tenant"
keystone user-role-add --user=admin --tenant=admin --role=admin
keystone user-role-add --user=admin --role=_member_ --tenant=admin
keystone user-create --name=demo --pass=$DEMO_PASS --email=$MAIL_DEMO_ADDR
keystone tenant-create --name=demo --description="Demo Tenant"
keystone user-role-add --user=demo --role=_member_ --tenant=demo
keystone tenant-create --name=service --description="Service Tenant"
keystone service-create --name=keystone --type=identity --description="OpenStack Identity Service"
keystone endpoint-create --service-id=$(keystone service-list | awk '/ identity / {print $2}') --publicurl=http://$HOSTNAME:5000/v2.0 --internalurl=http://$HOSTNAME:5000/v2.0 --adminurl=http://$HOSTNAME:35357/v2.0
结果:
接下来验证身份服务
执行脚本:iaas-verify-stone.sh
脚本内容:
keystone --os-username=admin --os-password=$ADMIN_PASS --os-auth-url=http://$HOSTNAME:35357/v2.0 token-get
keystone --os-username=admin --os-password=$ADMIN_PASS --os-tenant-name=admin --os-auth-url=http://$HOSTNAME:35357/v2.0 token-get
keystone token-get
keystone user-list
结果:
glance 服务安装于配置
安装glance服务
执行安装脚本:iaas-install-glance.sh
脚本内容:
yum install -y openstack-glance
openstack-config --set /etc/glance/glance-api.conf DEFAULT sql_connection mysql://glance:$GLANCE_DBPASS@$HOSTNAME/glance
openstack-config --set /etc/glance/glance-registry.conf DEFAULT sql_connection mysql://glance:$GLANCE_DBPASS@$HOSTNAME/glance
openstack-db --init --service glance --password $GLANCE_DBPASS
提示输密码:
Please enter the password for the 'root' MySQL user:
成功的标志:
接下来配置glance服务
执行脚本:iaas-config-glance.sh
脚本内容:
keystone user-create --name=glance --pass=$GLANCE_PASS --email=$MAIL_GLANCE_ADDR
keystone user-role-add --user=glance --tenant=service --role=admin
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_uri http://$HOSTNAME:5000
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_host $HOSTNAME
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_tenant_name service
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_user glance
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_password $GLANCE_PASS
openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_uri http://$HOSTNAME:5000
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_host $HOSTNAME
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_tenant_name service
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_user glance
cp /usr/share/glance/glance-api-dist-paste.ini /etc/glance/glance-api-paste.ini
cp /usr/share/glance/glance-registry-dist-paste.ini /etc/glance/glance-registry-paste.ini
openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken auth_host $HOSTNAME
openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_password $GLANCE_PASS
openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_user glance
openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_tenant_name service
openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken auth_host $HOSTNAME
openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_password $GLANCE_PASS
openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_user glance
openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_tenant_name service
keystone service-create --name=glance --type=p_w_picpath --description="Glance Image Service"
keystone endpoint-create --service-id=$(keystone service-list | awk '/ p_w_picpath / {print $2}') --publicurl=http://controller:9292 --internalurl=http://controller:9292 --adminurl=http://controller:9292
service openstack-glance-api restart
service openstack-glance-registry restart
chkconfig openstack-glance-api on
chkconfig openstack-glance-registry on
结果:
验证glance服务
执行脚本: iaas-verify-glance.sh
脚本内容:
yum install -y wget
wget ftp://10.0.0.120/p_w_picpaths/centos-6.5-20140117.0.x86_64.qcow2
glance p_w_picpath-create --name=CentOS-6.5-x86_64 --disk-format=qcow2 --container-format=bare --is-public=true < centos-6.5-20140117.0.x86_64.qcow2
glance p_w_picpath-list
结果:
由于还没有上传镜像,所以提示没有
接下来就是安装nova计算服务。不过在安装之前先要手动安装dnsmasq-utils-2.48-13.el6.x86_64.rpm 包
执行脚本:iaas-install-nova.sh
脚本内容:
yum install -y openstack-nova python-novaclient
openstack-config --set /etc/nova/nova.conf database connection mysql://nova:$NOVA_DBPASS@$HOSTNAME/nova
openstack-config --set /etc/nova/nova.conf DEFAULT qpid_hostname $HOSTNAME
openstack-db --init --service nova --password $NOVA_DBPASS
结果,要输入密码
计算服务配置
执行脚本:iaas-config-nova.sh
脚本内容:
keystone user-create --name=nova --pass=$NOVA_PASS --email=$MAIL_NOVA_ADDR
openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_host $HOSTNAME
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_protocol http
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_port 35357
openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_user nova
openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_tenant_name service
openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_password $NOVA_PASS
openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_host $HOSTNAME
openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_port 35357
openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_protocol http
openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_uri $OS_AUTH_URL
openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_tenant_name service
openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_user nova
openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_password $NOVA_PASS
keystone user-role-add --user=nova --tenant=service --role=admin
keystone service-create --name=nova --type=compute --description="Nova Compute service"
keystone endpoint-create --service-id=$(keystone service-list | awk '/ compute / {print $2}') --publicurl=http://$HOSTNAME:8774/v2/%\(tenant_id\)s --internalurl=http://$HOSTNAME:8774/v2/%\(tenant_id\)s --adminurl=http://$HOSTNAME:8774/v2/%\(tenant_id\)s
service openstack-nova-api restart
service openstack-nova-cert restart
service openstack-nova-consoleauth restart
service openstack-nova-scheduler restart
service openstack-nova-conductor restart
service openstack-nova-novncproxy restart
chkconfig openstack-nova-api on
chkconfig openstack-nova-cert on
chkconfig openstack-nova-consoleauth on
chkconfig openstack-nova-scheduler on
chkconfig openstack-nova-conductor on
chkconfig openstack-nova-novncproxy on
结果:
验证nova的配置:
执行脚本:iaas-verify-nova.sh
脚本内容:
nova p_w_picpath-list
因为没有上传镜像,所以现在无法验证。等到后面,可以手动上传镜像。
接下来进入计算节点,配置计算节点的yum 客户端。参考如下
[root@compute ~]# cd /etc/yum.repos.d/ ;cat *.repo
[base]
name=centos
baseurl=ftp://10.0.0.10/centos/
enabled=1
gpgcheck=0
[centos]
name=centos
baseurl=ftp://10.0.0.10/repo/centos6.5/
enabled=1
gpgcheck=0
[epel]
name=epel
baseurl=ftp://10.0.0.10/repo/epel6/mirrors.hustunique.com/epel/6/x86_64/
enabled=1
gpgcheck=0
[foreman]
name=foreman
baseurl=ftp://10.0.0.10/repo/foreman/yum.theforeman.org/release/1.3/el6/x86_64/
enabled=1
gpgcheck=0
[openstack]
name=openstack
baseurl=ftp://10.0.0.10/repo/openstack-havana/
enabled=1
gpgcheck=0
[puppetlabs]
name=puppetlabs
baseurl=ftp://10.0.0.10/repo/puppetlabs/yum.puppetlabs.com/el/6/products/x86_64/
enabled=1
gpgcheck=0
接下来编辑noderc.sh 文件
export HOSTNAME_CONT=controller
export NOVA_DBPASS=nova
export NOVA_PASS=service
export HOST_IP_NODE1=10.0.0.11
export EXTERNAL_NIC=eth0
export FIX_RANGE=192.168.1.129/25
export OS_USERNAME=admin
export OS_TENANT_NAME=admin
export OS_PASSWORD=secrete
export OS_AUTH_URL=http://10.0.0.10:5000/v2.0
export SERVICE_ENDPOINT=http://10.0.0.10:35357/v2.0
export SERVICE_TOKEN=87dbbbe96a346d6bcf31
保存并将文件追加至/root/.bash_profile
[root@compute script]# cat noderc.sh > /root/.bash_profile
生效
[root@compute script]# source /root/.bash_profile
查看一下
[root@compute script]# echo $OS_PASSWORD
Secrete
可以看到已经生效
接下来执行预安装脚本
执行脚本:iaas-pre-node.sh
脚本内容:
service NetworkManager stop
service network start
chkconfig NetworkManager off
chkconfig network on
service firewalld stop
service iptables start
chkconfig firewalld off
chkconfig iptables on
yum install -y ntp
service ntpd restart
chkconfig ntpd on
yum install -y mysql MySQL-python
yum install -y openstack-utils
yum install -y openstack-selinux
yum -y upgrade
成功标志:
手动重启服务器
也要注意删除多余的.repo文件
接下来安装计算节点服务
执行脚本:iaas-install-node.sh
脚本内容:
yum install -y openstack-nova-compute
openstack-config --set /etc/nova/nova.conf database connection mysql://nova:$NOVA_DBPASS@$HOSTNAME_CONT/nova
openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_host $HOSTNAME_CONT
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_protocol http
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_port 35357
openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_user nova
openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_tenant_name service
openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_password $NOVA_PASS
openstack-config --set /etc/nova/nova.conf DEFAULT rpc_backend nova.openstack.common.rpc.impl_qpid
openstack-config --set /etc/nova/nova.conf DEFAULT qpid_hostname $HOSTNAME_CONT
openstack-config --set /etc/nova/nova.conf DEFAULT my_ip $HOST_IP_NODE1
openstack-config --set /etc/nova/nova.conf DEFAULT vnc_enabled True
openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_listen 0.0.0.0
openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_proxyclient_address $HOST_IP_NODE1
openstack-config --set /etc/nova/nova.conf DEFAULT novncproxy_base_url http://$HOSTNAME_CONT:6080/vnc_auto.html
openstack-config --set /etc/nova/nova.conf DEFAULT glance_host $HOSTNAME_CONT
openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_host $HOSTNAME_CONT
openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_port 35357
openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_protocol http
openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_tenant_name service
openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_user nova
openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_password $NOVA_PASS
service libvirtd restart
service messagebus restart
chkconfig libvirtd on
chkconfig messagebus on
service openstack-nova-compute start
chkconfig openstack-nova-compute on
yum install -y openstack-nova-network
yum install -y openstack-nova-api
在此之前,要先安装dnsmasq-utils-2.48-13.el6.x86_64.rpm
之后再执行脚本
结果:
接下来就是配置计算节点服务
执行脚本:iaas-config-node.sh
脚本内容:
openstack-config --set /etc/nova/nova.conf DEFAULT network_manager nova.network.manager.FlatDHCPManager
openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.libvirt.firewall.IptablesFirewallDriver
openstack-config --set /etc/nova/nova.conf DEFAULT network_size 254
openstack-config --set /etc/nova/nova.conf DEFAULT allow_same_net_traffic False
openstack-config --set /etc/nova/nova.conf DEFAULT multi_host True
openstack-config --set /etc/nova/nova.conf DEFAULT send_arp_for_ha True
openstack-config --set /etc/nova/nova.conf DEFAULT share_dhcp_address True
openstack-config --set /etc/nova/nova.conf DEFAULT force_dhcp_release True
openstack-config --set /etc/nova/nova.conf DEFAULT flat_interface $EXTERNAL_NIC
openstack-config --set /etc/nova/nova.conf DEFAULT flat_network_bridge br100
openstack-config --set /etc/nova/nova.conf DEFAULT public_interface $EXTERNAL_NIC
service openstack-nova-metadata-api restart
chkconfig openstack-nova-metadata-api on
service openstack-nova-network restart
chkconfig openstack-nova-network on
结果:
接下来我们要回到控制节点创建网络
执行脚本; iaas-create-network.sh
脚本内容:
yum install -y bridge-utils
echo fix_range=$FIX_RANGE
nova network-create vmnet --fixed-range-v4=$FIX_RANGE --bridge=br100 --multi-host=T
接下来安装dashboard web前端控制台
执行命令:
yum install -y memcached python-memcached mod_wsgi openstack-dashboard
编辑/etc/openstack-dashboard/local_settings
CACHES = {
'default': {
'BACKEND' : 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION' : '127.0.0.1:11211',
}
}
打开注释。修改
ALLOWED_HOSTS = ['horizon.example.com', 'localhost']为ALLOWED_HOSTS = ['10.0.0.10', 'localhost']
修改127.0.0.1为controller
OPENSTACK_HOST = "127.0.0.1" OPENSTACK_HOST = "controller"
重启httpd 服务 memcached 服务 并设置开机启动
到此为止,云平台基础架构服务平台搭建告一段落,接下来就可以用浏览器访问了。
界面如下:
用户名为nova 密码为service
登陆后界面如下:
自己就可以创建云主机类型并启动云主机了。
转载于:https://blog.51cto.com/520yatou/1436883
2162
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
