云服务、什么是云服务
动态的,按需服务
基于互联网的相关服务的增加、使用和交付模式
这种模式提供可用的、便捷的、按需的网络访问
进入配置的计算资源共享池(资源包括网络,服务器,存储,应用软件,服务)
这些资源能被快速提供,只需投入很少的管理工作,或与服务服务供应商时行很少的交互
通常涉及通过互联网来提供动态易扩展且经常是虚拟化的资源
IaaS(Infrastructure as a Service),即基础设施服务
提供给消费者的服务是对所有基础设施的利用,包括处理CPU、内存、存储、网络和其它基本的计算资源,用户能够部署和运行任意软件,包括操作系统和应用程序
消费者不管理或控制任何云计算基础设施,但能控制操作系统的选择、存储空间、部署的应用
IaaS通常分为三两种用法:公有云的和、私有云的和混合云
PaaS
PaaS是Platform-as-Service的缩写,意思是平台即服务
云计算时代相应的服务器平台或者开发环境作为服务时行提供就成为了PaaS
PaaS运营商所需要提供的服务,不仅仅是单纯的基础平台,而且包括针对该平台的
技术支持服务,甚至针对该平台而时行的应用系统开发、优化等服务
简单地说,PaaS平台就是指云环境中的应用基础设施服务,也可以说是中间件即服务
SaaS
SaaS是Software-as-a-Service(软件即服务)的简称
它是一种通过Internet提供软件的模式,厂商将应用软件统一部署在自己的服务器上,
客户可以根据自己实际需求,通过互联网向厂商定购所需的应用软件服务
用户不用再购买软件,而改用向提供商租用基于Web的软件,来管理企业经营活动,且无
需对软件进行维护,服务提供商会全权管理和维护软件,软件厂商在向客户提供互联网应用的同时,也提供软件的离线操作和本地数据存储,让用户随时随地都可以使用其定购的软件和服务
什么是Openstack
• OpenStack是一个由NASA(美国国家航空航天局)
和Rackspace合作研发并发起的项目
• OpenStack是一套IaaS解决方案
• OpenStack是一个开源的云计算管理平台
• 以Apache许可证为授权Openstack主要组件
• Horizon
– 用于管理Openstack各种服务的、基于web的管理接
口
– 通过图形界面实现创建用户、管理网络、启劢实例等
操作Openstack主要组件(续1)
• Keystone
– 为其他服务提供认证和授权的集中身份管理服务
– 也提供了集中的目录服务
– 支持多种身份认证模式,如果密码认证、令牌认证、
以及AWS(亚马逊Web服务)登陆
– 为用户和其他服务提供了SSO认证服务Openstack主要组件(续2)
• Neutron
– 一种软件定义网络服务
– 用于创建网络、子网、路由器、管理浮劢IP地址
– 可以实现虚拟交换机、虚拟路由器
– 可用于在项目中创建VPNOpenstack主要组件(续3)
• Cinder
– 为虚拟机管理存储卷的服务
– 为运行在Nova中的实例提供永久的块存储
– 可以通过快照迚行数据备份
– 经常应用在实例存储环境中,如果数据库文件Openstack主要组件(续4)
• Nova
– 在节点上用于管理虚拟机的服务
– Nova是一个分布式的服务,能够不Keystone交互实现
认证,不Glance交互实现镜像管理
– Nova被设计成在标准硬件上能够迚行水平扩展
– 启劢实例时,如果有需要则下载镜像Openstack主要组件(续5)
• Glance
– 扮演虚拟机镜像注册的角色
– 允许用户为直接存储拷贝服务器镜像
– 这些镜像可以用于新建虚拟机的模板
Openstack
997 vim /etc/fstab
998 mount -a
999 df -h
1000 cd /etc/yum.repos.d/
1001 ls
1002 vim openstack.repo
1003 yum clean all
1004 yum repolist
1005 vim openstack.repo
1006 yum clean all
1007 yum repolist
1008 ls
1009 scp ./openstack.repo root@192.168.6.114:/etc/yum.repos.d/
1010 scp ./openstack.repo root@192.168.6.108:/etc/yum.repos.d/
1011 history
[root@rootroom9pc01 yum.repos.d]# cat openstack.repo
[openstack_extras]
name=openstack extras
baseurl="ftp://192.168.6.254/openstack-ext"
enabled=1
gpgcheck=0
[rhel-7-server-openstack-10-devtools-rpms]
name=rhel-7-server-openstack-10-devtools-rpms
baseurl=ftp://192.168.6.254/openstack/rhel-7-server-openstack-10-devtools-rpms
enabled=1
gpgcheck=0
[rhel-7-server-openstack-10-optools-rpms]
name=rhel-7-server-openstack-10-optools-rpms
baseurl=ftp://192.168.6.254/openstack/rhel-7-server-openstack-10-optools-rpms
enabled=1
gpgcheck=0
[rhel-7-server-openstack-10-rpms]
name=rhel-7-server-openstack-10-rpms
baseurl=ftp://192.168.6.254/openstack/rhel-7-server-openstack-10-rpms
enabled=1
gpgcheck=0
[rhel-7-server-openstack-10-tools-rpms]
name=rhel-7-server-openstack-10-tools-rpms
baseurl=ftp://192.168.6.254/openstack/rhel-7-server-openstack-10-tools-rpms
enabled=1
gpgcheck=0
[rhel-7-server-rhceph-2-mon-rpms]
name=rhel-7-server-rhceph-2-mon-rpms
baseurl=ftp://192.168.6.254/openstack/rhel-7-server-rhceph-2-mon-rpms
enabled=1
gpgcheck=0
[rhel-7-server-rhceph-2-osd-rpms]
name=rhel-7-server-rhceph-2-osd-rpms
baseurl=ftp://192.168.6.254/openstack/rhel-7-server-rhceph-2-osd-rpms
enabled=1
gpgcheck=0
[rhel-7-server-rhceph-2-tools-rpms]
name=rhel-7-server-rhceph-2-tools-rpms
baseurl=ftp://192.168.6.254/openstack/rhel-7-server-rhceph-2-tools-rpms
enabled=1
gpgcheck=0
[rhel-7-server-rhscon-2-agent-rpms]
name=rhel-7-server-rhscon-2-agent-rpms
baseurl=ftp://192.168.6.254/openstack/rhel-7-server-rhscon-2-agent-rpms
enabled=1
gpgcheck=0
[rhel-7-server-rhscon-2-installer-rpms]
name=rhel-7-server-rhscon-2-installer-rpms
baseurl=ftp://192.168.6.254/openstack/rhel-7-server-rhscon-2-installer-rpms
enabled=1
gpgcheck=0
[rhel-7-server-rhscon-2-main-rpms]
name=rhel-7-server-rhscon-2-main-rpms
baseurl=ftp://192.168.6.254/openstack/rhel-7-server-rhscon-2-main-rpms
enabled=1
gpgcheck=0
[root@rootroom9pc01 yum.repos.d]# cat /etc/fstab
#
# /etc/fstab
# Created by anaconda on Thu Apr 26 20:19:37 2018
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/sda2 / ext4 defaults 0 0
/dev/sda1 /var/lib/libvirt/images ext4 defaults 0 0
/var/lib/libvirt/images/iso/rhel-server-7.4-x86_64-dvd.iso /var/www/html/rhel7 iso9660 defaults 0 0
/home/swap2 swap swap defaults 0 0
#/home/swap2 swap swap defaults 0 oi
#/iso/CentOS7-1708.iso /var/www/html/rhel71 iso9660 defaults 0 0
/root/桌面/CentOS7-1708.iso /var/ftp/centos7 iso9660 defaults 0 0
#/iso/rhel-server-7.4-x86_64-dvd.iso /var/www/html/rh7dvd iso9660 loop,ro 0 0
/root/桌面/RHEL7OSP-10.iso /var/ftp/openstack iso9660 defaults 0 0
/root/桌面/RHEL7-extras.iso /var/ftp/openstack-ext iso9660 defaults 0 0
[root@rootroom9pc01 yum.repos.d]# ls /var/ftp/
centos7 ceph openstack openstack-ext pub public rhel7 share
[root@node4 yum.repos.d]# ls
local.repo openstack.repo
96 yum clean all
97 yum repolist
[root@node5 yum.repos.d]# ls
local.repo openstack.repo
96 yum clean all
97 yum repolist
DNS域名解析、ntp时间
真机:
安装 bind(dns)服务
安装 chrond(ntp)服务
虚拟机:
//DNS域名解析指向192.168.4.254真机然后进行路由转发来连接外网访问
[root@rootroom9pc01 ~]# yum install -y bind bind-chroot //真机
[root@rootroom9pc01 ~]# vim /etc/named.conf
listen-on port 53 { 192.168.4.254; };
#listen-on-v6 port 53 { ::1; };
allow-query { any; };
forwarders { 192.168.1.1; };
dnssec-enable no;
dnssec-validation no;
[root@rootroom9pc01 ~]# systemctl restart named
[root@rootroom9pc01 ~]# systemctl enable named
[root@node4 yum.repos.d]# cat /etc/resolv.conf //虚拟机指定DNS解析服务器,指向真机为DNS服务器
; generated by /usr/sbin/dhclient-script
search private1
Nameserver 192.168.4.254
[root@node5 yum.repos.d]# cat /etc/resolv.conf
; generated by /usr/sbin/dhclient-script
search private1
Nameserver 192.168.4.254
[root@rootroom9pc01 ~]# cat /etc/chrony.conf //时间服务器
server ntp1.aliyun.com iburst
bindacqaddress 0.0.0.0
allow 0/0
虚拟机:
/etc/chrony.conf 配置指向真机的IP
Server 192.168.4.254 iburst
验证: route add default gw 192.168.6.254 //如果ping不通要加入网关
Ping www.baidu.com
[root@node4 yum.repos.d]# nslookup www.baidu.com
-bash: nslookup: 未找到命令
[root@node4 yum.repos.d]# yum provides nslookup
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
local_source/filelists_db | 6.7 MB 00:00
openstack_extras/filelists_db | 49 kB 00:00
rhel-7-server-openstack-10-devtools-rpms/filelists_db | 4.1 kB 00:00
rhel-7-server-openstack-10-optools-rpms/filelists_db | 37 kB 00:00
rhel-7-server-openstack-10-rpms/filelists_db | 822 kB 00:00
rhel-7-server-openstack-10-tools-rpms/filelists_db | 54 kB 00:00
rhel-7-server-rhceph-2-mon-rpms/filelists_db | 110 kB 00:00
rhel-7-server-rhceph-2-osd-rpms/filelists_db | 9.6 kB 00:00
rhel-7-server-rhceph-2-tools-rpms/filelists_db | 12 kB 00:00
rhel-7-server-rhscon-2-agent-rpms/filelists_db | 21 kB 00:00
rhel-7-server-rhscon-2-installer-rpms/filelists_db | 43 kB 00:00
rhel-7-server-rhscon-2-main-rpms/filelists_db | 83 kB 00:00
32:bind-utils-9.9.4-50.el7.x86_64 : Utilities for querying DNS name servers
源 :local_source
匹配来源:
文件名 :/usr/bin/nslookup
[root@node4 yum.repos.d]# nslookup www.baidu.com
-bash: nslookup: 未找到命令
[root@node4 yum.repos.d]# yum -y install bind-utils-9.9.4-50.el7.x86_64
[root@node4 yum.repos.d]# nslookup www.baidu.com
Server: 192.168.4.254
Address: 192.168.4.254#53
** server can't find www.baidu.com.private1: REFUSED
[root@rootroom9pc01 ~]# systemctl restart named
[root@rootroom9pc01 ~]# systemctl enable named
[root@rootroom9pc01 ~]# ss -tulp | grep named
udp UNCONN 0 0 192.168.4.254:domain *:* users:(("named",pid=20193,fd=515),("named",pid=20193,fd=514),("named",pid=20193,fd=513),("named",pid=20193,fd=512))
tcp LISTEN 0 10 192.168.4.254:domain *:* users:(("named",pid=20193,fd=21))
tcp LISTEN 0 128 127.0.0.1:rndc *:* users:(("named",pid=20193,fd=22))
tcp LISTEN 0 128 ::1:rndc :::* users:(("named",pid=20193,fd=23))
[root@rootroom9pc01 ~]#
[root@node4 yum.repos.d]# ping www.baidu.com
PING www.a.shifen.com (14.215.177.39) 56(84) bytes of data.
64 bytes from 14.215.177.39 (14.215.177.39): icmp_seq=1 ttl=52 time=10.2 ms
64 bytes from 14.215.177.39 (14.215.177.39): icmp_seq=2 ttl=52 time=6.82 ms
[root@node5 yum.repos.d]# yum provides ntpdate
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
ntpdate-4.2.6p5-25.el7.centos.2.x86_64 : Utility to set the date and time via
: NTP
源 :local_source
[root@node4 yum.repos.d]# yum -y install ntpdate-4.2.6p5-25.el7.centos.2.x86_64
[root@node4 yum.repos.d]# ntpdate 192.168.4.254
20 Jul 12:06:35 ntpdate[3963]: adjust time server 192.168.4.254 offset 0.000235 sec
[root@node4 yum.repos.d]# date
2018年 07月 20日 星期五 12:06:40 CST
[root@rootroom9pc01 ~]# date
2018年 07月 20日 星期五 12:06:46 CST
[root@node4 yum.repos.d]# chronyc sources -v
210 Number of sources = 1
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 192.168.4.254 3 6 377 23 -148us[ -210us] +/- 3772us
[root@node4 yum.repos.d]#
[root@openstack ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth1
# Generated by dracut initrd
DEVICE=eth1
ONBOOT=yes
IPV6INIT=no
BOOTPROTO=static
IPADDR=192.168.4.159
PREFIX=24
TYPE=Ethernet
[root@openstack ~]# halt -p
[root@openstack ~]#yum -y install lvm2
[root@openstack ~]# pvcreate /dev/vdb
[root@openstack ~]# vgcreate cinder-volumes /dev/vdb
[root@openstack ~]# vgs
VG #PV #LV #SN Attr VSize VFree
cinder-volumes 1 0 0 wz--n- <20.00g <20.00g
openstack, nova: //都要安装
[root@openstack ~]# ping www.baidu.com
[root@openstack ~]# sestatus
[root@openstack ~]# rpm -qa | grep firewalld
[root@openstack ~]# rpm -qa | grep NetworkManager
[root@openstack ~]# ping 192.168.4.254
[root@openstack ~]# yum repolist
[root@openstack ~]# cat /etc/yum.repos.d/local.repo
[root@openstack ~]#yum install -y qemu-kvm libvirt-client libvirt-daemon libvirt-daemon-driver-qemu python-setuptools
openstack:
yum install -y openstack-packstack
packstack --gen-answer-file answer.ini
[root@openstack ~] ping www.baidu.com
[root@openstack ~] cat /etc/sysconfig/network-scripts/ifcfg-eth1
[root@openstack ~] yum install -y openstack-packstack
[root@openstack ~] packstack --gen-answer-file answer.ini
编辑 answer.ini
[root@openstack ~] vim answer.ini
11: CONFIG_DEFAULT_PASSWORD=Taren1
42: CONFIG_SWIFT_INSTALL=n
75: CONFIG_NTP_SERVERS=192.168.6.254
98: CONFIG_COMPUTE_HOSTS=192.168.6.144
102: CONFIG_NETWORK_HOSTS=192.168.6.144
554: CONFIG_CINDER_VOLUMES_CREATE=n
840: CONFIG_NEUTRON_ML2_TYPE_DRIVERS=flat,vxlan
876: CONFIG_NEUTRON_ML2_VXLAN_GROUP=239.1.1.5
910: CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=physnet1:br-ex
921: CONFIG_NEUTRON_OVS_BRIDGE_IFACES=br-ex:eth0
936: CONFIG_NEUTRON_OVS_TUNNEL_IF=eth1
1179:CONFIG_PROVISION_DEMO=n
保持配置文件,安装 openstack
[root@openstack ~] packstack --answer-file=answer.ini
**** Installation completed successfully ******
访问:
[root@openstack ~]# vim /etc/httpd/conf.d/15-horizon_vhost.conf
WSGIApplicationGroup %{GLOBAL}
WSGIScriptAlias /dashboard "/usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi"
</VirtualHost>
[root@openstack ~]# apachectl graceful
[root@openstack ~]# cat keystonerc_admin
unset OS_SERVICE_TOKEN
export OS_USERNAME=admin
export OS_PASSWORD=9446c02c31ad443e
export OS_AUTH_URL=http://192.168.6.114:5000/v2.0
export PS1='[\u@\h \W(keystone_admin)]\$ '
export OS_TENANT_NAME=admin
export OS_REGION_NAME=RegionOne
[root@openstack ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1
# Generated by dracut initrd
DEVICE=eth1
ONBOOT=yes
IPV6INIT=no
BOOTPROTO=static
IPADDR=192.168.4.156
PREFIX=24
TYPE=Ethernet
[root@openstack ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
NAME=eth0
DEVICETYPE=ovs
TYPE=OVSPort
OVS_BRIDGE=br-ex
ONBOOT=yes
BOOTPROTO=none
[root@openstack ~]# cat /etc/sysconfig/network-scripts/ifcfg-br-ex
ONBOOT=yes
IPADDR=192.168.6.126
PREFIX=24
DEVICE=br-ex
NAME=br-ex
DEVICETYPE=ovs
OVSBOOTPROTO=static
TYPE=OVSBridge
[root@nova ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
# Generated by dracut initrd
DEVICE=eth0
ONBOOT=yes
IPV6INIT=no
BOOTPROTO=static
IPADDR=192.168.6.164
PREFIX=24
TYPE=Ethernet
DNS=192.168.6.254
[root@nova ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1
# Generated by dracut initrd
DEVICE=eth1
ONBOOT=yes
IPV6INIT=no
BOOTPROTO=static
IPADDR=192.168.4.126
PREFIX=24
TYPE=Ethernet
[root@nova ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default gateway 0.0.0.0 UG 0 0 0 eth0
192.168.4.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.6.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
[root@openstack ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default gateway 0.0.0.0 UG 0 0 0 br-ex
192.168.4.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.6.0 0.0.0.0 255.255.255.0 U 0 0 0 br-ex
761
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
