OpenStack-Q版实战部署技术指导手册详情-让你轻松掌握-黑夜青儿

最新推荐文章于 2021-05-19 15:45:45 发布

黑夜青儿

最新推荐文章于 2021-05-19 15:45:45 发布

阅读量4.1k

点赞数 3

本文链接：https://blog.csdn.net/weixin_41711331/article/details/83992040

版权

OPENSTACK指导手册
公开

配置主机网络和主机名
1.1 控制节点
1.2计算节点
1.3 计算节点
1.4 块存储节点
1.5 验证
认证服务 8
2.1 创建数据库：
2.2 安全并配置组件
2.3 配置 Apache HTTP 服务器
2.4 完成安装，启动httpd
2.5 创建服务实体和API端点
2.5.1 配置认证令牌
2.5.2 创建服务实体和API端点
2.5.3 服务验证操作
镜像服务
3.1 安装和配置
3.2 安全并配置组件
3.3 完成安装
3.4 验证操作
计算服务安装
4.1 安装并配置控制节点
4.2 安全并配置组件
4.3 完成安装
4.4 安装和配置计算节点
4.5 完成安装
4.6 验证操作
安装网络（控制节点）
5.1 安装并配置控制节点
5.2 安装网络选项1：公共网络
5.3 完成安装
5.4 安装计算节点网络
5.5 配置网络选项
5.6 为计算节点配置网络服务
5.7 完成安装
5.8 在控制节点验证网络
Dashboard
6.1 安装和配置
6.2 验证操作
安装块存储
7.1 安装并配置控制节点
7.2 安全并配置组件
7.3 配置计算节点使用块存储
7.4 完成安装
7.5 安装并配置一个存储节点
7.6 安装并配置组件
7.7 完成安装
7.8 验证操作
Dashboard页面操作
环境规划

1.1. 硬件规划

IP	                           主机名	                  配置

172.26.128.126 controller 双网卡：ens160,ens192
172.26.128.166 compute-04 双网卡：enp3s0f0, enp3s0f1
172.26.128.167 compute-05 双网卡：enp3s0f0, enp3s0f1
172.26.128.168 compute-06

1.2. 软件规划
名称类型版本
CentOS 系统软件 7.5 126为：7.4
Mysql 数据库 15.1 Distrib 10.1.20-MariaDB
Etcd 3.2
Memcached 1.5.6
Rabbitmq 3.6.5
Apache 2.4
OpenStack Queens

1.3. 组件规划
角色组件 Ip 用户备注
controller Mysql：单节点
rabbitmq-server：单节点
Memcached：单节点
etcd：单节点
apache(keystone,Horizon)：单节点
nova-api
nova-consoleauth
nova-conductor
nova-scheduler
nova-novncproxy
glance-api
glance-registry
cinder-api
cinder-scheduler
neutron-server
neutron-linuxbridge-agent
neutron-dhcp-agent
neutron-metadata-agent 172.26.128.126 root 控制节点

compute04 libvirtd
openstack-nova-compute
neutron-linuxbridge-agent 172.26.128.166

compute05 nova-compute
neutron-linuxbridge-agent
cinder-volume 172.26.128.167

compute06 libvirtd
openstack-nova-compute
neutron-linuxbridge-agent 172.26.128.168

1.4. 部署拓扑图

配置主机网络和主机名
2.1. 172.26.128.126
2.1.1. 主机网络配置
/etc/sysconfig/network-scripts/ifcfg-ens160更改配置
HWADDR=00:50:56:9a:74:f7
NAME=ens160
GATEWAY=172.26.128.1
DNS1=172.20.3.44
DNS2=172.20.3.45
DEVICE=ens160
TYPE=Ethernet
ONBOOT=yes
USERCTL=no
BOOTPROTO=none
NETMASK=255.255.255.0
IPADDR=172.26.128.126
PEERDNS=no
IPV6INIT=yes
IPV6_AUTOCONF=yes

2.1.2. 主机名配置
配置文件：/etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 controller
172.26.128.126 controller
172.26.128.166 compute04
172.26.128.167 compute05s
172.26.128.168 compute06

2.2. 172.26.128.166
2.2.1. 主机网络配置
配置文件：/etc/sysconfig/network-scripts/ ifcfg-enp3s0f0
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=enp3s0f0
UUID=13e08b29-dd4d-4286-a4e8-4700cdb9ed11
DEVICE=enp3s0f0
ONBOOT=yes
IPADDR=172.26.128.166
GATEWAY=172.26.128.1
NETMASK=255.255.255.0
DNS1=172.20.3.44

2.2.2. 主机名配置
配置文件：/etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.26.128.126 controller
172.26.128.166 compute04
172.26.128.167 compute05
172.26.128.168 compute06

2.3. 172.26.128.167
2.3.1. 主机网络配置
配置文件：/etc/sysconfig/network-scripts/ ifcfg-enp3s0f0更改配置
BOOTPROTO=static
IPADDR=172.26.128.167
PREFIX=24
GATEWAY=172.26.128.1
DNS1=172.20.3.44
NAME=enp3s0f0
DEVICE=enp3s0f0
ONBOOT=yes
DEFROUTE=yes
TYPE=Ethernet

2.3.2. 主机名配置
编辑主机名/etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.26.128.126 controller
172.26.128.160 compute03
172.26.128.166 compute04
172.26.128.167 compute05
172.26.128.168 compute06

2.4. 172.26.128.168
2.4.1. 主机网络配置
配置文件：/etc/sysconfig/network-scripts/ifcfg-ens126
TYPE=Ethernet
BOOTPROTO=none
IPADDR=172.26.128.168
PREFIX=24
GATEWAY=172.26.128.1
DNS1=172.20.3.44
DEFROUTE=yes
NAME=eno1
ONBOOT=yes
DEVICE=eno1
IPV4_FAILURE_FATAL=no
IPV6INIT=no

2.4.2. 主机名配置
编辑主机名/etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.26.128.126 controller
172.26.128.166 compute04
172.26.128.167 compute05
172.26.128.168 compute06

 IP地址：172.26.128.167

2.5. 验证
在控制节点上ping计算节点主机是否通
[root@controller ~]# ping -c 4 compute04
PING compute01 (172.26.128.166) 56(84) bytes of data.
64 bytes from compute04 (172.26.128.166): icmp_seq=1 ttl=64 time=0.779 ms
64 bytes from compute04 (172.26.128.166): icmp_seq=2 ttl=64 time=0.450 ms
64 bytes from compute04 (172.26.128.166): icmp_seq=3 ttl=64 time=0.391 ms
64 bytes from compute04 (172.26.128.166): icmp_seq=4 ttl=64 time=0.381 ms

[root@controller ~]# ping -c 4 compute06
PING compute02 (172.26.128.168) 56(84) bytes of data.
64 bytes from compute06 (172.26.128.168): icmp_seq=1 ttl=64 time=1.60 ms
64 bytes from compute06 (172.26.128.168): icmp_seq=2 ttl=64 time=1.57 ms
64 bytes from compute06 (172.26.128.168): icmp_seq=3 ttl=64 time=1.47 ms
64 bytes from compute06 (172.26.128.168): icmp_seq=4 ttl=64 time=0.641 ms

在计算节点上ping控制节点

[root@compute04 ~]# ping -c 4 controller
PING controller (172.26.128.126) 56(84) bytes of data.
64 bytes from controller (172.26.128.126): icmp_seq=1 ttl=64 time=0.508 ms
64 bytes from controller (172.26.128.126): icmp_seq=2 ttl=64 time=1.70 ms
64 bytes from controller (172.26.128.126): icmp_seq=3 ttl=64 time=0.483 ms
64 bytes from controller (172.26.128.126): icmp_seq=4 ttl=64 time=1.36 ms

2.6. Openstack Q版环境配置
https://www.cnblogs.com/xiongyoutom/p/9663607.html

认证服务

3.1. 创建数据库：

安装软件包：
yum install mariadb mariadb-server python2-PyMySQL mongodb-server mongodb rabbitmq-server memcached python-memcached

用数据库连接客户端以 root 用户连接到数据库服务器：
mysql -u root –p1qaz2wsx

创建 keystone 数据库
CREATE DATABASE keystone;

对keystone数据库授权
GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@‘localhost’ \ IDENTIFIED BY ‘1qaz2wsx ‘;
GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@’%’
IDENTIFIED BY ‘1qaz2wsx’;

 生成管理员令牌。
openssl rand -hex
107e5805560f848c2fcbd6

3.2. 安全并配置组件
yum install openstack-keystone httpd mod_wsgi

修改配置文件

[root@controller ]# vi /etc/keystone/keystone.conf
[DEFAULT]
admin_token = 7e5805560f848c2fcbd6
[database]
connection = mysql+pymysql://keystone:1qaz2wsx@172.26.128.126/keystone
[token]
provider = fernet

初始化身份认证服务的数据库
[root@controller]# su -s /bin/sh -c “keystone-manage db_sync” keystone
[root@controller]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
[root@controller]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

[root@controller]# keystone-manage bootstrap --bootstrap-password 1qaz2wsx \

–bootstrap-admin-url http://172.26.128.126:35357/v3/
–bootstrap-internal-url http://172.26.128.126:5000/v3/
–bootstrap-public-url http://172.26.128.126:5000/v3/
–bootstrap-region-id RegionOne

3.3. 配置 Apache HTTP 服务器
[root@controller]# vi /etc/httpd/conf/httpd.conf
修改ServerName 172.26.128.126

[root@controller]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
[root@controller ~]# cat /etc/httpd/conf.d/wsgi-keystone.conf
Listen 5000
Listen 35357
<VirtualHost *:5000>
WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-public
WSGIScriptAlias / /usr/bin/keystone-wsgi-public
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
LimitRequestBody 114688
= 2.4>
ErrorLogFormat “%{cu}t %M”

ErrorLog /var/log/httpd/keystone.log
CustomLog /var/log/httpd/keystone_access.log combined

<Directory /usr/bin>
    <IfVersion >= 2.4>
        Require all granted
    </IfVersion>
    <IfVersion < 2.4>
        Order allow,deny
        Allow from all
    </IfVersion>
</Directory>

<VirtualHost *:35357>
WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-admin
WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
LimitRequestBody 114688
= 2.4>
ErrorLogFormat “%{cu}t %M”

ErrorLog /var/log/httpd/keystone.log
CustomLog /var/log/httpd/keystone_access.log combined

<Directory /usr/bin>
    <IfVersion >= 2.4>
        Require all granted
    </IfVersion>
    <IfVersion < 2.4>
        Order allow,deny
        Allow from all
    </IfVersion>
</Directory>

Alias /identity /usr/bin/keystone-wsgi-public
<Location /identity>
SetHandler wsgi-script
Options +ExecCGI

WSGIProcessGroup keystone-public
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On

Alias /identity_admin /usr/bin/keystone-wsgi-admin
<Location /identity_admin>
SetHandler wsgi-script
Options +ExecCGI

WSGIProcessGroup keystone-admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
</Location>

3.4. 完成安装，启动httpd

[root@controller ]# systemctl enable httpd.service
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
 启动httpd
[root@controller ]# systemctl start httpd.service

3.5. 创建服务实体和API端点
3.5.1. 配置认证令牌
[root@controller ]# export OS_USERNAME=admin
[root@controller ]# export OS_PASSWORD=1qaz2wsx
[root@controller ]# export OS_PROJECT_NAME=admin
[root@controller ]# export OS_USER_DOMAIN_NAME=Default
[root@controller ]# export OS_PROJECT_DOMAIN_NAME=Default
[root@controller ]# export OS_AUTH_URL=http://172.26.128.126:35357/v3
[root@controller ]# export OS_IDENTITY_API_VERSION=3
创建认证令牌脚本：http://www.cnblogs.com/xiongyoutom/p/9668603.html
3.5.2. 创建服务实体和API端点
[root@controller ]# openstack domain create --description “An Example Domain” example
±------------±---------------------------------+| Field | Value |±------------±---------------------------------+| description | An Example Domain || enabled | True || id | 2f4f80574fd84fe6ba9067228ae0a50c || name | example |±------------±---------------------------------+

[root@controller ]# openstack project create --domain default \

–description “Service Project” service
±------------±---------------------------------+
| Field | Value |
±------------±---------------------------------+
| description | Service Project |
| domain_id | default |
| enabled | True |
| id | 37debf5709704578a2f8e7994602a11a |
| is_domain | False |
| name | service |
| parent_id | default |
| tags | [] |
±------------±---------------------------------+

[root@controller ]# openstack project create --domain default \

–description “Demo Project” demo

[root@controller ]# openstack user create --domain default \

–password-prompt demo
User Password:1qaz2wsx
Repeat User Password:1qaz2wsx
±--------------------±---------------------------------+
| Field | Value |
±--------------------±---------------------------------+
| domain_id | default |
| enabled | True |
| id | 8d986172b093472db4c15af54df09ff1 |
| name | demo |
| options | {} |
| password_expires_at | None |
±--------------------±---------------------------------+

[root@controller ]# openstack role add --project demo --user demo user
3.5.3. 服务验证操作

[root@controller ]# unset OS_AUTH_URL OS_PASSWORD
[root@controller ]# openstack --os-auth-url http://172.26.128.126:35357/v3 --os-project-domain-name default --os-user-domain-name default --os-project-name admin --os-username admin token issue
Password: 1qaz2wsx
±-----------±----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
±-----------±----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires | 2018-07-10T08:25:29+0000 |
| id | gAAAAABbRF9pvkU6NSpvzpxYFgFerrVm9u_N3B2GZzXec69TI9nJLEm6BiA3VPvAPLb2SJLeXSraGjGa613dq-YTNqnZmlQk4M6wdn3HcfHFQnEBTPtXpQNMBebfPiGtzE7VHWTKys0Dj2AOjIjqq3usYWHrys2XzgdXIIV1s2fey7WwNgMk3c0 |
| project_id | e72e49df612d4923a7d348c0b8c92bb3 |
| user_id | da4ea040435446d8b05287015215e688 |
±-----------±----------------------------------------------------------------------------------------------------------------

[root@controller ]# openstack --os-auth-url http://controller:5000/v3 \

–os-project-domain-name default --os-user-domain-name default
–os-project-name demo --os-username demo token issue
Password: 1qaz2wsx
±-----------±----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
±-----------±----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires | 2018-07-10T08:26:31+0000 |
| id | gAAAAABbRF-nTTr8TgeDb7980JKNvB1RxPzLVFHo7q41sbKJVkw6tmqh-ji-OfAE5kF9te7OzSRrIOZi7AFvk4aNsscFmio4JOORWyABxdEgFESd42rl2TAezLTuo0uzZ_xaGmSDaRvxcrSgisxxJ8CmN-P_6o_6F0Zu2qnFjN3lgOc-tr0gzyQ |
| project_id | 0ad117fbe42a411aa59bb940e48cd1d9 |
| user_id | 8d986172b093472db4c15af54df09ff1 |
±-----------±-------------------------------------------------------------------------------------------------------------

[root@controller opt]#
[root@controller opt]# cat admin-openrc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=1qaz2wsx
export OS_AUTH_URL=http://172.26.128.126:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

[root@controller opt]# . admin-openrc
[root@controller opt]# openstack token issue
±-----------±----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
±-----------±----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires | 2018-07-10T08:28:24+0000 |
| id | gAAAAABbRGAYGi-vM-vOnDZdfox0eYqeHz9dlozHoeB3_4RyshXcsxbiU4Gvz5Au-kdESjb5u3jgPntffifrew3LnM9xZfacGTkzRqSJa4zSmSgIOR7DREc26h04uo8FgZhvwk4OtXf3XE9jH4wtPkN-wE1t8HV_IAEcSqzwoceAG_nO4Nb_b_4 |
| project_id | e72e49df612d4923a7d348c0b8c92bb3 |
| user_id | da4ea040435446d8b05287015215e688 |
±-----------±----------------------------------------------------------------------------------------------------------------

镜像服务
4.1. 安装和配置
 用数据库连接客户端以 root 用户连接到数据库服务器：
[root@controller opt]# mysql -u root -p1qaz2wsx
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 19
Server version: 10.1.20-MariaDB MariaDB Server

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.

MariaDB [(none)]> CREATE DATABASE glance;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO ‘glance’@‘localhost’
-> IDENTIFIED BY ‘1qaz2wsx’;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO ‘glance’@’%’
-> IDENTIFIED BY ‘1qaz2wsx’;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> quit
Bye

 创建 glance 用户：
[root@controller opt]# openstack user create --domain default --password-prompt glance
User Password:
Repeat User Password:
±--------------------±---------------------------------+
| Field | Value |
±--------------------±---------------------------------+
| domain_id | default |
| enabled | True |
| id | d7caa3d513934c88a683cba4acf56fd7 |
| name | glance |
| options | {} |
| password_expires_at | None |
±--------------------±---------------------------------+

 添加 admin 角色到 glance 用户和 service 项目上。
[root@controller opt]# openstack role add --project service --user glance admin
 创建glance服务实体：
[root@controller opt]# openstack service create --name glance \

–description “OpenStack Image” image
±------------±---------------------------------+
| Field | Value |
±------------±---------------------------------+
| description | OpenStack Image |
| enabled | True |
| id | f89982ad38ec4f948f5ce5f5b2d8d174 |
| name | glance |
| type | image |
±------------±---------------------------------+

 创建镜像服务的 API 端点：
[root@controller opt]# openstack endpoint create --region RegionOne \

image public http://172.26.128.126:9292
±-------------±---------------------------------+
| Field | Value |
±-------------±---------------------------------+
| enabled | True |
| id | ab859f7396d64d70bd623200d22e0315 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | f89982ad38ec4f948f5ce5f5b2d8d174 |
| service_name | glance |
| service_type | image |
| url | http://172.26.128.126:9292 |
±-------------±---------------------------------+
您在 /var/spool/mail/root 中有新邮件

[root@controller opt]# openstack endpoint create --region RegionOne \

image internal http://172.26.128.126:9292
±-------------±---------------------------------+
| Field | Value |
±-------------±---------------------------------+
| enabled | True |
| id | affade8a24e54dada0e8272fa73585f7 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | f89982ad38ec4f948f5ce5f5b2d8d174 |
| service_name | glance |
| service_type | image |
| url | http://172.26.128.126:9292 |
±-------------±---------------------------------+

[root@controller opt]# openstack endpoint create --region RegionOne \

image admin http://172.26.128.126:9292
±-------------±---------------------------------+
| Field | Value |
±-------------±---------------------------------+
| enabled | True |
| id | 6804ae24b5de496ab6ae735742a3edd2 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | f89982ad38ec4f948f5ce5f5b2d8d174 |
| service_name | glance |
| service_type | image |
| url | http://172.26.128.126:9292 |

4.2. 安全并配置组件
 安装软件包：

yum install openstack-glance

 在 [glance_store] 部分，配置本地文件系统存储和镜像文件位置：
[root@controller opt]# vi /etc/glance/glance-api.conf
 在 [database] 部分，配置数据库访问：
[root@controller opt]# vi /etc/glance/glance-registry.conf
 写入镜像服务数据库：
[root@controller opt]# su -s /bin/sh -c “glance-manage db_sync” glance
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:1336: OsloDBDeprecationWarning: EngineFacade is deprecated; please use oslo_db.sqlalchemy.enginefacade
expire_on_commit=expire_on_commit, _conf=conf)
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Running upgrade -> liberty, liberty initial
INFO [alembic.runtime.migration] Running upgrade liberty -> mitaka01, add index on created_at and updated_at columns of ‘images’ table
INFO [alembic.runtime.migration] Running upgrade mitaka01 -> mitaka02, update metadef os_nova_server
INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_expand01, add visibility to images
INFO [alembic.runtime.migration] Running upgrade ocata_expand01 -> pike_expand01, empty expand for symmetry with pike_contract01
INFO [alembic.runtime.migration] Running upgrade pike_expand01 -> queens_expand01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Upgraded database to: queens_expand01, current revision(s): queens_expand01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Database migration is up to date. No migration needed.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_contract01, remove is_public from images
INFO [alembic.runtime.migration] Running upgrade ocata_contract01 -> pike_contract01, drop glare artifacts tables
INFO [alembic.runtime.migration] Running upgrade pike_contract01 -> queens_contract01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Upgraded database to: queens_contract01, current revision(s): queens_contract01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Database is synced successfully.

4.3. 完成安装
 启动镜像服务、配置他们随机启动：
[root@controller opt]# systemctl enable openstack-glance-api.service \

openstack-glance-registry.service
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-api.service to /usr/lib/systemd/system/openstack-glance-api.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-registry.service to /usr/lib/systemd/system/openstack-glance-registry.service.

[root@controller opt]# systemctl start openstack-glance-api.service \

openstack-glance-registry.service
4.4. 验证操作
 下载镜像
wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img

计算服务安装
5.1. 安装并配置控制节点
 用数据库连接客户端以 root 用户连接到数据库服务器
MariaDB [glance]> CREATE DATABASE nova_api;
Query OK, 1 row affected (0.00 sec)

MariaDB [glance]> CREATE DATABASE nova;
Query OK, 1 row affected (0.00 sec)

MariaDB [glance]> CREATE DATABASE nova_cell0;
Query OK, 1 row affected (0.01 sec)

 对数据库进行正确的授权：

MariaDB [glance]> GRANT ALL PRIVILEGES ON nova_api.* TO ‘nova’@‘localhost’
-> IDENTIFIED BY ‘1qaz2wsx’;
Query OK, 0 rows affected (0.00 sec)

MariaDB [glance]> GRANT ALL PRIVILEGES ON nova_api.* TO ‘nova’@’%’
-> IDENTIFIED BY ‘1qaz2wsx’;
Query OK, 0 rows affected (0.00 sec)

MariaDB [glance]>
MariaDB [glance]> GRANT ALL PRIVILEGES ON nova.* TO ‘nova’@‘localhost’
-> IDENTIFIED BY ‘1qaz2wsx’;
Query OK, 0 rows affected (0.00 sec)

MariaDB [glance]> GRANT ALL PRIVILEGES ON nova.* TO ‘nova’@’%’
-> IDENTIFIED BY ‘1qaz2wsx’;
Query OK, 0 rows affected (0.00 sec)

MariaDB [glance]>
MariaDB [glance]> GRANT ALL PRIVILEGES ON nova_cell0.* TO ‘nova’@‘localhost’
-> IDENTIFIED BY ‘1qaz2wsx’;
Query OK, 0 rows affected (0.00 sec)

MariaDB [glance]> GRANT ALL PRIVILEGES ON nova_cell0.* TO ‘nova’@’%’
-> IDENTIFIED BY ‘1qaz2wsx’;
Query OK, 0 rows affected (0.00 sec)

 创建 nova 用户：
[root@controller opt]# openstack user create --domain default --password-prompt nova
User Password:
Repeat User Password:
±--------------------±---------------------------------+
| Field | Value |
±--------------------±---------------------------------+
| domain_id | default |
| enabled | True |
| id | d24815b487164615935dd423246fa6ca |
| name | nova |
| options | {} |
| password_expires_at | None |
±--------------------±---------------------------------+

 给 nova 用户添加 admin 角色:
[root@controller opt]# openstack role add --project service --user nova admin
 创建 nova 服务实体：
[root@controller opt]# openstack service create --name nova \

–description “OpenStack Compute” compute
±------------±---------------------------------+
| Field | Value |
±------------±---------------------------------+
| description | OpenStack Compute |
| enabled | True |
| id | 598b667a89724097890609640237267b |
| name | nova |
| type | compute |

 创建 Compute 服务 API 端点：

[root@controller opt]# openstack endpoint create --region RegionOne \

compute public http://172.26.128.126:8774/v2.1
±-------------±---------------------------------+
| Field | Value |
±-------------±---------------------------------+
| enabled | True |
| id | 7832e851720f4554b4d7322082cef5be |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 598b667a89724097890609640237267b |
| service_name | nova |
| service_type | compute |
| url | http://172.26.128.126:8774/v2.1 |
±-------------±---------------------------------+

[root@controller opt]# openstack endpoint create --region RegionOne \

compute internal http://172.26.128.126:8774/v2.1

[root@controller opt]# openstack endpoint create --region RegionOne \

compute admin http://172.26.128.126:8774/v2.1
±-------------±---------------------------------+
| Field | Value |
±-------------±---------------------------------+
| enabled | True |
| id | 07b16490e9724605881b880cbcc5ff96 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 598b667a89724097890609640237267b |
| service_name | nova |
| service_type | compute |
| url | http://172.26.128.126:8774/v2.1 |
±-------------±---------------------------------+

 创建用户
[root@controller opt]# openstack user create --domain default --password-prompt placement
User Password:
Repeat User Password:
±--------------------±---------------------------------+
| Field | Value |
±--------------------±---------------------------------+
| domain_id | default |
| enabled | True |
| id | 9367f86b6d8b4fd9aadfffc536b17224 |
| name | placement |
| options | {} |
| password_expires_at | None |
±--------------------±---------------------------------+

5.2. 安全并配置组件
 安装软件包
yum install openstack-nova-api openstack-nova-conductor
openstack-nova-console openstack-nova-novncproxy \ openstack-nova-scheduler openstack-nova-placement-api
 编辑/etc/nova/nova.conf文件并完成下面的操作
[root@controller opt]# vi /etc/nova/nova.conf
 配置/etc/httpd/conf.d/00-nova-placement-api.conf:
[root@controller opt]# cat /etc/httpd/conf.d/00-nova-placement-api.conf
Listen 8778

<VirtualHost *:8778>
WSGIProcessGroup nova-placement-api
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
WSGIDaemonProcess nova-placement-api processes=3 threads=1 user=nova group=nova
WSGIScriptAlias / /usr/bin/nova-placement-api
= 2.4>
ErrorLogFormat “%M”

ErrorLog /var/log/nova/nova-placement-api.log
#SSLEngine On
#SSLCertificateFile …
#SSLCertificateKeyFile …

Alias /nova-placement-api /usr/bin/nova-placement-api
<Location /nova-placement-api>
SetHandler wsgi-script
Options +ExecCGI
WSGIProcessGroup nova-placement-api
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On

<Directory /usr/bin>
= 2.4>
Require all granted

<IfVersion < 2.4>
Order allow,deny
Allow from all

 重新启动httpd
[root@controller opt]# systemctl restart httpd
 刷新nova到数据库
[root@controller opt]# su -s /bin/sh -c “nova-manage api_db sync” nova
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) [‘use_tpool’] not supported
exception.NotSupportedWarning
解决方法：
根据报错信息找到对应的文件，注释第325、329、330、331、332和333行的配置。
[root@linux-node1 ~]# sed -n ‘325,333p’ /usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py

if not_supported:

        # would like to raise ValueError here, but there are just
        # too many unrecognized (obsolete?) configuration options
        # coming in from projects

warnings.warn(

“Configuration option(s) %r not supported” %

sorted(not_supported),

exception.NotSupportedWarning

)

 注册cell0数据库
[root@controller opt]# su -s /bin/sh -c “nova-manage cell_v2 map_cell0” nova
 创建cell1 cell
[root@controller opt]# su -s /bin/sh -c “nova-manage cell_v2 create_cell --name=cell1 --verbose” nova
58e6ba8e-2f49-4148-aa45-4cfb0ab4a1d5
 初始化nova数据库
[root@controller opt]# su -s /bin/sh -c “nova-manage db sync” nova
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) [‘use_tpool’] not supported
exception.NotSupportedWarning
/usr/lib/python2.7/site-packages/pymysql/cursors.py:166: Warning: (1831, u’Duplicate index block_device_mapping_instance_uuid_virtual_name_device_name_idx. This is deprecated and will be disallowed in a future release.’)
result = self._query(query)
/usr/lib/python2.7/site-packages/pymysql/cursors.py:166: Warning: (1831, u’Duplicate index uniq_instances0uuid. This is deprecated and will be disallowed in a future release.’)
result = self._query(query)
 验证nova cell0 和 cell1 已经注册
[root@controller opt]# nova-manage cell_v2 list_cells
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) [‘use_tpool’] not supported
exception.NotSupportedWarning
±------±-------------------------------------±---------------------------------------±---------------------------------
| 名称 |UUID | Transport URL | 数据库连接 |±------±--------------------------
|cell0|00000000-0000-0000-0000-000000000000|none:/ | mysql+pymysql://nova:@172.26.128.126/nova_cell0 |
| cell1 | 58e6ba8e-2f49-4148-aa45-4cfb0ab4a1d5 | rabbit://openstack:@172.26.128.126 | mysql+pymysql://nova:****@172.26.128.126/nova|
±------±-------------------------------------±---------------------------------------±---------------------------------
5.3. 完成安装
 启动 Compute 服务并将其设置为随系统启动
[root@controller opt]# systemctl enable openstack-nova-api.service \

openstack-nova-consoleauth.service openstack-nova-scheduler.service
openstack-nova-conductor.service openstack-nova-novncproxy.service
[root@controller opt]# systemctl start openstack-nova-api.service
openstack-nova-consoleauth.service openstack-nova-scheduler.service
openstack-nova-conductor.service openstack-nova-novncproxy.service

5.4. 安装和配置计算节点
 安装并配置组件
[root@compute02 ~]#yum install openstack-nova-compute –y
 编辑/etc/nova/nova.conf文件并完成下面的操作：
[root@compute02 ~]# cat /etc/nova/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:1qaz2wsx@172.26.128.126
my_ip = 172.26.128.168
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver

[api]
auth_strategy = keystone

[keystone_authtoken]
auth_url = http://172.26.128.126:5000/v3
memcached_servers = 172.26.128.126:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = 1qaz2wsx

[vnc]
enabled = True
vncserver_listen = 0.0.0.0
vncserver_proxyclient_address = $my_ip
novncproxy_base_url = http://172.26.128.126:6080/vnc_auto.html

[oslo_concurrency]
lock_path = /var/lib/nova/tmp

[glance]
api_servers = http://172.26.128.126:9292

[placement]
os_region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://172.26.128.126:5000/v3
username = placement
password = 1qaz2wsx

[neutron]
url = http://172.26.128.126:9696
auth_url = http://172.26.128.126:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = 1qaz2wsx
[libvirt]
Virt type = kvm

5.5. 完成安装
 启动计算服务及其依赖，并将其配置为随系统自动启动：
[root@compute02 ~]# systemctl enable libvirtd.service openstack-nova-compute.service
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-compute.service to /usr/lib/systemd/system/openstack-nova-compute.service.
[root@compute02 ~]# systemctl start libvirtd.service openstack-nova-compute.service
[root@compute02 ~]# systemctl status libvirtd.service openstack-nova-compute.service
libvirtd.service - Virtualization daemon
Loaded: loaded (/usr/lib/systemd/system/libvirtd.service; enabled; vendor preset: enabled)
Active: active (running) since 二 2018-07-10 16:54:00 CST; 9min ago
Docs: man:libvirtd(8)
https://libvirt.org
Main PID: 30595 (libvirtd)
Tasks: 17 (limit: 32768)
CGroup: /system.slice/libvirtd.service
└─30595 /usr/sbin/libvirtd

7月 10 16:54:00 compute02 systemd[1]: Starting Virtualization daemon…
7月 10 16:54:00 compute02 systemd[1]: Started Virtualization daemon.

● openstack-nova-compute.service - OpenStack Nova Compute Server
Loaded: loaded (/usr/lib/systemd/system/openstack-nova-compute.service; enabled; vendor preset: disabled)
Active: active (running) since 二 2018-07-10 17:03:17 CST; 26s ago
Main PID: 30852 (nova-compute)
Tasks: 22

5.6. 验证操作
[root@controller opt]# openstack compute service list --service nova-compute
±—±-------------±----------±-----±--------±------±---------------------------+
| ID | Binary | Host | Zone | Status | State | Updated At |
±—±-------------±----------±-----±--------±------±---------------------------+
| 7 | nova-compute | compute02 | nova | enabled | up | 2018-07-10T09:06:38.000000 |
±—±-------------±----------±-----±--------±------±---------------------------+
[root@controller opt]# su -s /bin/sh -c “nova-manage cell_v2 discover_hosts --verbose” nova
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) [‘use_tpool’] not supported
exception.NotSupportedWarning
Found 2 cell mappings.
Skipping cell0 since it does not contain hosts.
Getting computes from cell ‘cell1’: 58e6ba8e-2f49-4148-aa45-4cfb0ab4a1d5
Checking host mapping for compute host ‘compute02’: 1422a1c2-4e29-4dee-b5e1-0592e73dcf9f
Creating host mapping for compute host ‘compute02’: 1422a1c2-4e29-4dee-b5e1-0592e73dcf9f
Found 1 unmapped computes in cell: 58e6ba8e-2f49-4148-aa45-4cfb0ab4a1d5

安装网络（控制节点）
6.1. 安装并配置控制节点
 用数据库连接客户端以 root 用户连接到数据库服务器：
MariaDB [glance]> CREATE DATABASE neutron;
Query OK, 1 row affected (0.00 sec)
MariaDB [glance]> GRANT ALL PRIVILEGES ON neutron.* TO ‘neutron’@‘localhost’ \ -> IDENTIFIED BY ‘1qaz2wsx’;
Query OK, 0 rows affected (0.00 sec)
MariaDB [glance]> GRANT ALL PRIVILEGES ON neutron.* TO ‘neutron’@’%’
-> IDENTIFIED BY ‘1qaz2wsx’;
Query OK, 0 rows affected (0.01 sec)

 创建neutron用户：
[root@controller opt]# openstack user create --domain default --password-prompt neutron
User Password:
Repeat User Password:
±--------------------±---------------------------------+
| Field | Value |
±--------------------±---------------------------------+
| domain_id | default |
| enabled | True |
| id | c406b32693094cc19b95c7b4bcfeed85 |
| name | neutron |
| options | {} |
| password_expires_at | None |
±--------------------±---------------------------------+
您在 /var/spool/mail/root 中有新邮件

 添加admin 角色到neutron 用户：
[root@controller opt]# openstack role add --project service --user neutron admin
 创建neutron服务实体：
[root@controller opt]# openstack service create --name neutron \

–description “OpenStack Networking” network
±------------±---------------------------------+
| Field | Value |
±------------±---------------------------------+
| description | OpenStack Networking |
| enabled | True |
| id | c65300cc7e6c4d8cb61fcd168c7bf298 |
| name | neutron |
| type | network |
±------------±---------------------------------+
 创建网络服务API端点：
[root@controller opt]# openstack endpoint create --region RegionOne
network public http://172.26.128.126:9696
±-------------±---------------------------------+
| Field | Value |
±-------------±---------------------------------+
| enabled | True |
| id | 93a7a2acba3b4d22b9dbceb327af40ec |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | c65300cc7e6c4d8cb61fcd168c7bf298 |
| service_name | neutron |
| service_type | network |
| url | http://172.26.128.126:9696 |
±-------------±---------------------------------+

[root@controller opt]# openstack endpoint create --region RegionOne \

network internal http://172.26.128.126:9696
±-------------±---------------------------------+
| Field | Value |
±-------------±---------------------------------+
| enabled | True |
| id | 97efb7cfc036478096adbdb0c2d2953c |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | c65300cc7e6c4d8cb61fcd168c7bf298 |
| service_name | neutron |
| service_type | network |
| url | http://172.26.128.126:9696 |
±-------------±---------------------------------+

[root@controller opt]# openstack endpoint create --region RegionOne \

network admin http://172.26.128.126:9696
±-------------±---------------------------------+
| Field | Value |
±-------------±---------------------------------+
| enabled | True |
| id | 9625977e2df94ca192c8ce1d04d27e39 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | c65300cc7e6c4d8cb61fcd168c7bf298 |
| service_name | neutron |
| service_type | network |
| url | http://172.26.128.126:9696 |
±-------------±---------------------------------+

6.2. 安装网络选项1：公共网络
 安装组件
 此文档安装是直连模式，选择网络模式一
[root@controller opt]#yum install openstack-neutron openstack-neutron-ml2 \ openstack-neutron-linuxbridge ebtables
 配置组件
[root@controller opt]# vi /etc/neutron/neutron.conf
[root@controller ~]# cat /etc/neutron/neutron.conf
[DEFAULT]
core_plugin = ml2
service_plugins =
auth_strategy = keystone
transport_url = rabbit://openstack:1qaz2wsx@172.26.128.126
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
dns_domain = efivestar.fcp.

[database]
connection = mysql+pymysql://neutron:1qaz2wsx@172.26.128.126/neutron

[keystone_authtoken]
auth_url = http://172.26.128.126:35357
memcached_servers = 172.26.128.126:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = 1qaz2wsx

[nova]
auth_url = http://172.26.128.126:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = 1qaz2wsx

[oslo_concurrency]
lock_path = /var/lib/neutron/tmp

[root@controller opt]# vi /etc/neutron/plugins/ml2/ml2_conf.ini
[root@controller ~]# cat /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
type_drivers = flat,vlan,vxlan,vlan,local,gre
tenant_network_types = flat
mechanism_drivers = linuxbridge
extension_drivers = port_security

[ml2_type_flat]
flat_networks = default
[securitygroup]
enable_ipset = true

[ml2_type_vlan]
vni_ranges = 1:1000

[ml2_type_vlan]
network_vlan_ranges = ens160:1001:2000
[root@controller opt]# vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[root@controller ~]# cat /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[DEFAULT]

[agent]

[linux_bridge]
physical_interface_mappings = default:ens160

[network_log]

[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

[vxlan]
enable_vxlan = false

[root@controller opt]# vi /etc/neutron/dhcp_agent.ini
[root@controller ~]# cat /etc/neutron/dhcp_agent.ini
[DEFAULT]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true
dnsmasq_local_resolv = true
dnsmasq_dns_servers = 172.20.3.44,114.114.114.114
[agent]
[ovs]

[root@controller opt]# vi /etc/neutron/metadata_agent.ini
[root@controller ~]# cat /etc/neutron/metadata_agent.ini
[DEFAULT]
nova_metadata_host = 172.26.128.126
metadata_proxy_shared_secret = 1qaz2wsx

[agent]

[cache]

[root@controller opt]# vi /etc/nova/nova.conf
[root@controller ~]# cat /etc/nova/nova.conf
[DEFAULT]
auth_strategy = keystone
enabled_apis = osapi_compute,metadata
rpc_backend = rabbit
my_ip = 172.26.128.126
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
transport_url=rabbit://openstack:1qaz2wsx@172.26.128.126

[api_database]
connection = mysql+pymysql://nova:1qaz2wsx@172.26.128.126/nova_api

[api]
auth_strategy = keystone

[database]
connection = mysql+pymysql://nova:1qaz2wsx@172.26.128.126/nova

#[oslo_messaging_rabbit]
#rabbit_host = 172.26.128.126
#rabbit_userid = openstack
#rabbit_password = 1qaz@WSX

[vnc]
enabled = true
server_listen = $my_ip
server_proxyclient_address = $my_ip

[glance]
api_servers = http://172.26.128.126:9292

[oslo_concurrency]
lock_path = /var/lib/nova/tmp

service_metadata_proxy = true
metadata_proxy_shared_secret = 1qaz2wsx
service_quantum_metadata_proxy=True

[cinder]
os_region_name = RegionOne
6.3. 完成安装
[root@controller opt]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

 同步数据库：
[root@controller opt]# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \

–config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
正在对 neutron 运行 upgrade…
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Running upgrade -> kilo, kilo_initial
INFO [alembic.runtime.migration] Running upgrade kilo -> 354db87e3225, nsxv_vdr_metadata.py
INFO [alembic.runtime.migration] Running upgrade 354db87e3225 -> 599c6a226151, neutrodb_ipam
INFO [alembic.runtime.migration] Running upgrade 599c6a226151 -> 52c5312f6baf, Initial operations in support of address scopes
INFO [alembic.runtime.migration] Running upgrade 52c5312f6baf -> 313373c0ffee, Flavor framework
INFO [alembic.runtime.migration] Running upgrade 313373c0ffee -> 8675309a5c4f, network_rbac
INFO [alembic.runtime.migration] Running upgrade 8675309a5c4f -> 45f955889773, quota_usage
INFO [alembic.runtime.migration] Running upgrade 45f955889773 -> 26c371498592, subnetpool hash
INFO [alembic.runtime.migration] Running upgrade 26c371498592 -> 1c844d1677f7, add order to dnsnameservers
INFO [alembic.runtime.migration] Running upgrade 1c844d1677f7 -> 1b4c6e320f79, address scope support in subnetpool
INFO [alembic.runtime.migration] Running upgrade 1b4c6e320f79 -> 48153cb5f051, qos db changes
INFO [alembic.runtime.migration] Running upgrade 48153cb5f051 -> 9859ac9c136, quota_reservations
INFO [alembic.runtime.migration] Running upgrade 9859ac9c136 -> 34af2b5c5a59, Add dns_name to Port
INFO [alembic.runtime.migration] Running upgrade 34af2b5c5a59 -> 59cb5b6cf4d, Add availability zone
INFO [alembic.runtime.migration] Running upgrade 59cb5b6cf4d -> 13cfb89f881a, add is_default to subnetpool
INFO [alembic.runtime.migration] Running upgrade 13cfb89f881a -> 32e5974ada25, Add standard attribute table
INFO [alembic.runtime.migration] Running upgrade 32e5974ada25 -> ec7fcfbf72ee, Add network availability zone
INFO [alembic.runtime.migration] Running upgrade ec7fcfbf72ee -> dce3ec7a25c9, Add router availability zone
INFO [alembic.runtime.migration] Running upgrade dce3ec7a25c9 -> c3a73f615e4, Add ip_version to AddressScope
INFO [alembic.runtime.migration] Running upgrade c3a73f615e4 -> 659bf3d90664, Add tables and attributes to support external DNS integration
INFO [alembic.runtime.migration] Running upgrade 659bf3d90664 -> 1df244e556f5, add_unique_ha_router_agent_port_bindings
INFO [alembic.runtime.migration] Running upgrade 1df244e556f5 -> 19f26505c74f, Auto Allocated Topology - aka Get-Me-A-Network
INFO [alembic.runtime.migration] Running upgrade 19f26505c74f -> 15be73214821, add dynamic routing model data
INFO [alembic.runtime.migration] Running upgrade 15be73214821 -> b4caf27aae4, add_bgp_dragent_model_data
INFO [alembic.runtime.migration] Running upgrade b4caf27aae4 -> 15e43b934f81, rbac_qos_policy
INFO [alembic.runtime.migration] Running upgrade 15e43b934f81 -> 31ed664953e6, Add resource_versions row to agent table
INFO [alembic.runtime.migration] Running upgrade 31ed664953e6 -> 2f9e956e7532, tag support
INFO [alembic.runtime.migration] Running upgrade 2f9e956e7532 -> 3894bccad37f, add_timestamp_to_base_resources
INFO [alembic.runtime.migration] Running upgrade 3894bccad37f -> 0e66c5227a8a, Add desc to standard attr table
INFO [alembic.runtime.migration] Running upgrade 0e66c5227a8a -> 45f8dd33480b, qos dscp db addition
INFO [alembic.runtime.migration] Running upgrade 45f8dd33480b -> 5abc0278ca73, Add support for VLAN trunking
INFO [alembic.runtime.migration] Running upgrade 5abc0278ca73 -> d3435b514502, Add device_id index to Port
INFO [alembic.runtime.migration] Running upgrade d3435b514502 -> 30107ab6a3ee, provisioning_blocks.py
INFO [alembic.runtime.migration] Running upgrade 30107ab6a3ee -> c415aab1c048, add revisions table
INFO [alembic.runtime.migration] Running upgrade c415aab1c048 -> a963b38d82f4, add dns name to portdnses
INFO [alembic.runtime.migration] Running upgrade kilo -> 30018084ec99, Initial no-op Liberty contract rule.
INFO [alembic.runtime.migration] Running upgrade 30018084ec99 -> 4ffceebfada, network_rbac
INFO [alembic.runtime.migration] Running upgrade 4ffceebfada -> 5498d17be016, Drop legacy OVS and LB plugin tables
INFO [alembic.runtime.migration] Running upgrade 5498d17be016 -> 2a12683502f3, Metaplugin removal
INFO [alembic.runtime.migration] Running upgrade 2a12683502f3 -> 2e5352a0ad4d, Add missing foreign keys
INFO [alembic.runtime.migration] Running upgrade 2e5352a0ad4d -> 11926bcfe72d, add geneve ml2 type driver
INFO [alembic.runtime.migration] Running upgrade 11926bcfe72d -> 4af11ca47297, Drop cisco monolithic tables
INFO [alembic.runtime.migration] Running upgrade 4af11ca47297 -> 1b294093239c, Drop embrane plugin table
INFO [alembic.runtime.migration] Running upgrade 1b294093239c -> 8a6d8bdae39, standardattributes migration
INFO [alembic.runtime.migration] Running upgrade 8a6d8bdae39 -> 2b4c2465d44b, DVR sheduling refactoring
INFO [alembic.runtime.migration] Running upgrade 2b4c2465d44b -> e3278ee65050, Drop NEC plugin tables
INFO [alembic.runtime.migration] Running upgrade e3278ee65050 -> c6c112992c9, rbac_qos_policy
INFO [alembic.runtime.migration] Running upgrade c6c112992c9 -> 5ffceebfada, network_rbac_external
INFO [alembic.runtime.migration] Running upgrade 5ffceebfada -> 4ffceebfcdc, standard_desc
INFO [alembic.runtime.migration] Running upgrade 4ffceebfcdc -> 7bbb25278f53, device_owner_ha_replicate_int
INFO [alembic.runtime.migration] Running upgrade 7bbb25278f53 -> 89ab9a816d70, Rename ml2_network_segments table
INFO [alembic.runtime.migration] Running upgrade a963b38d82f4 -> 3d0e74aa7d37, Add flavor_id to Router
INFO [alembic.runtime.migration] Running upgrade 3d0e74aa7d37 -> 030a959ceafa, uniq_routerports0port_id
INFO [alembic.runtime.migration] Running upgrade 030a959ceafa -> a5648cfeeadf, Add support for Subnet Service Types
INFO [alembic.runtime.migration] Running upgrade a5648cfeeadf -> 0f5bef0f87d4, add_qos_minimum_bandwidth_rules
INFO [alembic.runtime.migration] Running upgrade 0f5bef0f87d4 -> 67daae611b6e, add standardattr to qos policies
INFO [alembic.runtime.migration] Running upgrade 89ab9a816d70 -> c879c5e1ee90, Add segment_id to subnet
INFO [alembic.runtime.migration] Running upgrade c879c5e1ee90 -> 8fd3918ef6f4, Add segment_host_mapping table.
INFO [alembic.runtime.migration] Running upgrade 8fd3918ef6f4 -> 4bcd4df1f426, Rename ml2_dvr_port_bindings
INFO [alembic.runtime.migration] Running upgrade 4bcd4df1f426 -> b67e765a3524, Remove mtu column from networks.
INFO [alembic.runtime.migration] Running upgrade 67daae611b6e -> 6b461a21bcfc, uniq_floatingips0floating_network_id0fixed_port_id0fixed_ip_addr
INFO [alembic.runtime.migration] Running upgrade 6b461a21bcfc -> 5cd92597d11d, Add ip_allocation to port
INFO [alembic.runtime.migration] Running upgrade 5cd92597d11d -> 929c968efe70, add_pk_version_table
INFO [alembic.runtime.migration] Running upgrade 929c968efe70 -> a9c43481023c, extend_pk_with_host_and_add_status_to_ml2_port_binding
INFO [alembic.runtime.migration] Running upgrade a9c43481023c -> 804a3c76314c, Add data_plane_status to Port
INFO [alembic.runtime.migration] Running upgrade 804a3c76314c -> 2b42d90729da, qos add direction to bw_limit_rule table
INFO [alembic.runtime.migration] Running upgrade 2b42d90729da -> 62c781cb6192, add is default to qos policies
INFO [alembic.runtime.migration] Running upgrade 62c781cb6192 -> c8c222d42aa9, logging api
INFO [alembic.runtime.migration] Running upgrade c8c222d42aa9 -> 349b6fd605a6, Add dns_domain to portdnses
INFO [alembic.runtime.migration] Running upgrade 349b6fd605a6 -> 7d32f979895f, add mtu for networks
INFO [alembic.runtime.migration] Running upgrade 7d32f979895f -> 594422d373ee, fip qos
INFO [alembic.runtime.migration] Running upgrade b67e765a3524 -> a84ccf28f06a, migrate dns name from port
INFO [alembic.runtime.migration] Running upgrade a84ccf28f06a -> 7d9d8eeec6ad, rename tenant to project
INFO [alembic.runtime.migration] Running upgrade 7d9d8eeec6ad -> a8b517cff8ab, Add routerport bindings for L3 HA
INFO [alembic.runtime.migration] Running upgrade a8b517cff8ab -> 3b935b28e7a0, migrate to pluggable ipam
INFO [alembic.runtime.migration] Running upgrade 3b935b28e7a0 -> b12a3ef66e62, add standardattr to qos policies
INFO [alembic.runtime.migration] Running upgrade b12a3ef66e62 -> 97c25b0d2353, Add Name and Description to the networksegments table
INFO [alembic.runtime.migration] Running upgrade 97c25b0d2353 -> 2e0d7a8a1586, Add binding index to RouterL3AgentBinding
INFO [alembic.runtime.migration] Running upgrade 2e0d7a8a1586 -> 5c85685d616d, Remove availability ranges.
确定

 重启计算API 服务：
[root@controller opt]# systemctl restart openstack-nova-api.service
[root@controller opt]# systemctl status openstack-nova-api.service
● openstack-nova-api.service - OpenStack Nova API Server
Loaded: loaded (/usr/lib/systemd/system/openstack-nova-api.service; enabled; vendor preset: disabled)
Active: active (running) since 二 2018-07-10 17:38:12 CST; 12s ago
Main PID: 1931 (nova-api)
CGroup: /system.slice/openstack-nova-api.service
├─1931 /usr/bin/python2 /usr/bin/nova-api
├─1958 /usr/bin/python2 /usr/bin/nova-api
├─1959 /usr/bin/python2 /usr/bin/nova-api
├─1960 /usr/bin/python2 /usr/bin/nova-api
├─1961 /usr/bin/python2 /usr/bin/nova-api
├─1962 /usr/bin/python2 /usr/bin/nova-api
├─1963 /usr/bin/python2 /usr/bin/nova-api
├─1964 /usr/bin/python2 /usr/bin/nova-api
├─1965 /usr/bin/python2 /usr/bin/nova-api
├─1974 /usr/bin/python2 /usr/bin/nova-api
├─1975 /usr/bin/python2 /usr/bin/nova-api
├─1976 /usr/bin/python2 /usr/bin/nova-api
├─1977 /usr/bin/python2 /usr/bin/nova-api
├─1978 /usr/bin/python2 /usr/bin/nova-api
├─1979 /usr/bin/python2 /usr/bin/nova-api
├─1980 /usr/bin/python2 /usr/bin/nova-api
└─1981 /usr/bin/python2 /usr/bin/nova-api

7月 10 17:37:27 controller systemd[1]: Starting OpenStack Nova API Server…
7月 10 17:37:39 controller nova-api[1931]: /usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) [‘use_tpool’] not supported
7月 10 17:37:39 controller nova-api[1931]: exception.NotSupportedWarning
7月 10 17:38:12 controller systemd[1]: Started OpenStack Nova API Server.

 当系统启动时，启动 Networking 服务并配置它启动
[root@controller opt]# systemctl enable neutron-server.service \

neutron-linuxbridge-agent.service neutron-dhcp-agent.service
neutron-metadata-agent.service

Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-server.service to /usr/lib/systemd/system/neutron-server.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-linuxbridge-agent.service to /usr/lib/systemd/system/neutron-linuxbridge-agent.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-dhcp-agent.service to /usr/lib/systemd/system/neutron-dhcp-agent.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-metadata-agent.service to /usr/lib/systemd/system/neutron-metadata-agent.service.

[root@controller opt]# systemctl start neutron-server.service \

neutron-linuxbridge-agent.service neutron-dhcp-agent.service
neutron-metadata-agent.service

6.4. 安装计算节点网络
 安装组件172.26.128.166/162
[root@compute02 opt]# yum install openstack-neutron-linuxbridge ebtables ipset
 编辑/etc/neutron/neutron.conf 文件并完成如下操作
[root@compute02 opt]# cat /etc/neutron/neutron.conf
[DEFAULT]
auth_strategy = keystone
transport_url = rabbit://openstack:1qaz2wsx@172.26.128.126

[keystone_authtoken]
auth_uri = http://172.26.128.126:5000
auth_url = http://172.26.128.126:35357
memcached_servers = 172.26.128.126:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = 1qaz2wsx

[oslo_concurrency]
lock_path = /var/lib/neutron/tmp

[root@compute02 opt]# cat /etc/neutron/neutron.conf
[DEFAULT]
auth_strategy = keystone
transport_url = rabbit://openstack:1qaz2wsx@172.26.128.126

[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
[root@compute02 opt]# vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[root@compute02 opt]# cat /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[DEFAULT]

[agent]

[linux_bridge]
physical_interface_mappings = provider:ens126

[network_log]

[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

[vxlan]
enable_vxlan = false

[root@compute02 opt]# cat /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[DEFAULT]

[agent]

[linux_bridge]
physical_interface_mappings = provider:1qaz2wsx

[network_log]

[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

[vxlan]
enable_vxlan = false
[root@compute02 opt]# vi /etc/nova/nova.conf
[root@compute02 opt]# cat /etc/nova/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:1qaz2wsx@172.26.128.126
my_ip = 172.26.128.168
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver

[api]
auth_strategy = keystone

[vnc]
enabled = True
vncserver_listen = 0.0.0.0
vncserver_proxyclient_address = $my_ip
novncproxy_base_url = http://172.26.128.126:6080/vnc_auto.html

[oslo_concurrency]
lock_path = /var/lib/nova/tmp

[glance]
api_servers = http://172.26.128.126:9292

6.5. 配置网络选项
 网络选项1：公共网络
 编辑/etc/neutron/plugins/ml2/linuxbridge_agent.ini文件并且完成以下操作
[root@compute02 opt]# /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[DEFAULT]

[agent]

[linux_bridge]
physical_interface_mappings = default:ens160

[network_log]

[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

[vxlan]
enable_vxlan = false
6.6. 为计算节点配置网络服务
 编辑/etc/nova/nova.conf文件并完成下面的操作：
[neutron] url = http://172.26.128.126:9696 auth_url = http:// 172.26.128.126:35357 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password =1qaz2wsx
6.7. 完成安装
 重启计算服务：
[root@compute02 opt]# systemctl restart openstack-nova-compute.service
 启动Linuxbridge代理并配置它开机自启动：
[root@compute02 opt]# systemctl enable neutron-linuxbridge-agent.service
Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-linuxbridge-agent.service to /usr/lib/systemd/system/neutron-linuxbridge-agent.service.

[root@compute02 opt]# systemctl start neutron-linuxbridge-agent.service

Dashboard
7.1. 安装和配置
 安装软件包：（在控制节点上操作）
yum install openstack-dashboard
 编辑 /etc/openstack-dashboard/local_settings 添加如下
OPENSTACK_HOST = “172.26.128.126”
CACHES = {
‘default’: {
‘BACKEND’: ‘django.core.cache.backends.memcached.MemcachedCache’,
‘LOCATION’: ‘172.26.128.126:11211’,
},
}
OPENSTACK_KEYSTONE_URL = “http://%s:5000/v3” % OPENSTACK_HOST
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_API_VERSIONS = { “identity”: 3, “image”: 2, “volume”: 2, }
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = “Default”
OPENSTACK_KEYSTONE_DEFAULT_ROLE = “user”
OPENSTACK_NEUTRON_NETWORK = { … ‘enable_router’: False, ‘enable_quotas’: False, ‘enable_distributed_router’: False, ‘enable_ha_router’: False, ‘enable_lb’: False, ‘enable_firewall’: False, ‘enable_vpn’: False, ‘enable_fip_topology_check’: False, }
TIME_ZONE = “TIME_ZONE”

 编辑 /etc/httpd/conf.d/openstack-dashboard.conf添加

WSGIApplicationGroup %{GLOBAL}
 重启httpd、memcaceh。
systemctl restart httpd.service memcached.service
7.2. 验证操作
 在浏览器中输入 http://172.26.128.126/dashboard访问仪表盘。

安装块存储
8.1. 安装并配置控制节点
 在控制节点上安装权限
mysql -u root -p
Create the cinder database:
MariaDB [(none)]> CREATE DATABASE cinder;
Grant proper access to the cinder database:
MariaDB [(none)]> GRANT ALL PRIVILEGES ON cinder.* TO ‘cinder’@‘localhost’
IDENTIFIED BY ‘CINDER_DBPASS’;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON cinder.* TO ‘cinder’@’%’
IDENTIFIED BY ‘CINDER_DBPASS’;
Replace CINDER_DBPASS with a suitable password.
Exit the database access client.
Source the admin credentials to gain access to admin-only CLI commands:
MariaDB [(none)]> CREATE DATABASE cinder;
Query OK, 1 row affected (0.01 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON cinder.* TO ‘cinder’@‘localhost’
-> IDENTIFIED BY ‘1qaz2wsx’;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON cinder.* TO ‘cinder’@’%’
-> IDENTIFIED BY ‘1qaz2wsx’;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> quit
Bye

 创建一个 cinder 用户
[root@controller opt]# openstack user create --domain default --password-prompt cinder
User Password:
Repeat User Password:

±--------------------±---------------------------------+
| Field | Value |
±--------------------±---------------------------------+
| domain_id | default |
| enabled | True |
| id | 999814d07c554f61b230d903e41839d0 |
| name | cinder |
| options | {} |
| password_expires_at | None |
±--------------------±---------------------------------+

 添加 admin 角色到 cinder 用户上。
[root@controller opt]# openstack role add --project service --user cinder admin
 创建 cinder 和 cinderv2 服务实体
[root@controller opt]# openstack service create --name cinderv2 \

–description “OpenStack Block Storage” volumev2
±------------±---------------------------------+
| Field | Value |
±------------±---------------------------------+
| description | OpenStack Block Storage |
| enabled | True |
| id | 8bb715e725ec4e63849cccc3919e8152 |
| name | cinderv2 |
| type | volumev2 |
±------------±---------------------------------+

[root@controller opt]# openstack service create --name cinderv3 \

–description “OpenStack Block Storage” volumev3
±------------±---------------------------------+
| Field | Value |
±------------±---------------------------------+
| description | OpenStack Block Storage |
| enabled | True |
| id | 80824557f147439fad48f4c36da45595 |
| name | cinderv3 |
| type | volumev3 |
±------------±---------------------------------+

 创建块设备存储服务的 API 入口点：
[root@controller opt]# openstack endpoint create --region RegionOne \

volumev2 public http://172.26.128.126:8776/v2/%(project_id)s
±-------------±---------------------------------------------+
| Field | Value |
±-------------±---------------------------------------------+
| enabled | True |
| id | ccab2aeb262a4064bffbc53d5c5e11e5 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 8bb715e725ec4e63849cccc3919e8152 |
| service_name | cinderv2 |
| service_type | volumev2 |
| url | http://172.26.128.126:8776/v2/%(project_id)s |
±-------------±---------------------------------------------+

[root@controller opt]# openstack endpoint create --region RegionOne \

volumev2 internal http://172.26.128.126:8776/v2/%(project_id)s
±-------------±---------------------------------------------+
| Field | Value |
±-------------±---------------------------------------------+
| enabled | True |
| id | d195d6fbd9bc466aa2ae00c8dcbc9569 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 8bb715e725ec4e63849cccc3919e8152 |
| service_name | cinderv2 |
| service_type | volumev2 |
| url | http://172.26.128.126:8776/v2/%(project_id)s |
±-------------±---------------------------------------------+

[root@controller opt]# openstack endpoint create --region RegionOne \

volumev2 admin http://172.26.128.126:8776/v2/%(project_id)s
±-------------±---------------------------------------------+
| Field | Value |
±-------------±---------------------------------------------+
| enabled | True |
| id | efbce7bc8db6476b818cfe0f8ce3a383 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 8bb715e725ec4e63849cccc3919e8152 |
| service_name | cinderv2 |
| service_type | volumev2 |
| url | http://172.26.128.126:8776/v2/%(project_id)s |
±-------------±---------------------------------------------+

[root@controller opt]# openstack endpoint create --region RegionOne \

volumev3 public http://172.26.128.126:8776/v3/%(project_id)s
±-------------±---------------------------------------------+
| Field | Value |
±-------------±---------------------------------------------+
| enabled | True |
| id | 7f497ec42def460faade68b859b6c0fb |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 80824557f147439fad48f4c36da45595 |
| service_name | cinderv3 |
| service_type | volumev3 |
| url | http://172.26.128.126:8776/v3/%(project_id)s |
±-------------±---------------------------------------------+

[root@controller opt]# openstack endpoint create --region RegionOne \

volumev3 internal http://172.26.128.126:8776/v3/%(project_id)s
±-------------±---------------------------------------------+
| Field | Value |
±-------------±---------------------------------------------+
| enabled | True |
| id | 2d725075860048cca1336c205cfa9d83 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 80824557f147439fad48f4c36da45595 |
| service_name | cinderv3 |
| service_type | volumev3 |
| url | http://172.26.128.126:8776/v3/%(project_id)s |
±-------------±---------------------------------------------+

[root@controller opt]# openstack endpoint create --region RegionOne \

volumev3 admin http://172.26.128.126:8776/v3/%(project_id)s
±-------------±---------------------------------------------+
| Field | Value |
±-------------±---------------------------------------------+
| enabled | True |
| id | 65043872506f40b2a87d718573006e33 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 80824557f147439fad48f4c36da45595 |
| service_name | cinderv3 |
| service_type | volumev3 |
| url | http://172.26.128.126:8776/v3/%(project_id)s |

8.2. 安全并配置组件
[root@controller opt]# yum install openstack-cinder
 编辑 /etc/cinder/cinder.conf，同时完成如下动作：
[root@controller opt]# vi /etc/cinder/cinder.conf
[DEFAULT]
transport_url = rabbit://openstack:1qaz2wsx@172.26.128.126
auth_strategy = keystone
my_ip = 172.26.128.126

[database]
connection = mysql+pymysql://cinder:1qaz2wsx@172.26.128.126/cinder

[keystone_authtoken]
auth_uri = http://172.26.128.126:5000
auth_url = http://172.26.128.126:35357
memcached_servers = 172.26.128.126:11211
auth_type = password
project_domain_id = default
user_domain_id = default
project_name = service
username = cinder
password = 1qaz2wsx

[oslo_concurrency]
lock_path = /var/lib/cinder/tmp

 初始化块设备服务的数据库：
su -s /bin/sh -c “cinder-manage db sync” cinder
8.3. 配置计算节点使用块存储
 编辑文件 /etc/nova/nova.conf 并添加如下到其中：
[cinder]
os_region_name = RegionOne
8.4. 完成安装
 重启计算API服务
[root@controller opt]# systemctl restart openstack-nova-api.service
 启动块设备存储服务，并将其配置为开机自启：
[root@controller opt]# systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-cinder-api.service to /usr/lib/systemd/system/openstack-cinder-api.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-cinder-scheduler.service to /usr/lib/systemd/system/openstack-cinder-scheduler.service.

[root@controller opt]# systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service

8.5. 安装并配置一个存储节点
 安装块存储（172.26.128.167）
yum install lvm2 device-mapper-persistent-data
 启动LVM的metadata服务并且设置该服务随系统启动：

systemctl enable lvm2-lvmetad.service # systemctl start lvm2-lvmetad.service

 创建LVM 物理卷 /dev/sdb：

pvcreate /dev/sdb Physical volume “/dev/sdb” successfully created

 创建 LVM 卷组 cinder-volumes：

vgcreate cinder-volumes /dev/sdb Volume group “cinder-volumes” successfully created

 在devices部分，添加一个过滤器，只接受/dev/sdb设备，拒绝其他所有设备：
Devices{
filter = [ “a/sdb”,“r/.*/”]
8.6. 安装并配置组件
 安装软件包：
yum install openstack-cinder targetcli python-keystone
 编辑 /etc/cinder/cinder.conf，同时完成如下动作
[root@block01 ]# cat /etc/cinder/cinder.conf
[DEFAULT]
transport_url = rabbit://openstack:1qaz2wsx@172.26.128.126
auth_strategy = keystone
my_ip = 172.26.128.126
enabled_backends = lvm
glance_api_servers = http://172.26.128.126:9292

[database]
connection = mysql+pymysql://cinder:1qaz2wsx@172.26.128.126/cinder

[keystone_authtoken]
auth_uri = http://172.26.128.126:5000
auth_url = http://172.26.128.126:35357
memcached_servers = 172.26.128.126:11211
auth_type = password
project_domain_id = default
user_domain_id = default
project_name = service
username = cinder
password = 1qaz2wsx

[lvm]
volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver
volume_group = cinder-volumes
iscsi_protocol = iscsi
iscsi_helper = lioadm

[oslo_concurrency]
lock_path = /var/lib/cinder/tmp

8.7. 完成安装
 启动块存储卷服务及其依赖的服务，并将其配置为随系统启动： # systemctl enable openstack-cinder-volume.service target.service # systemctl start openstack-cinder-volume.service target.service

8.8. 验证操作
 在控制节点上验证（172.26.128.126）

Dashboard页面操作
9.1. 用户登录
项值备注
URL http:// 172.26.128.126/dashboard
域名 default
用户名 admin
密码 1234567890

登录首页

9.2. 项目模块功能介绍
项目下包含四部分内容：
 访问API
 计算
 卷
 网络
9.2.1. 访问API
 概要
显示了OpenStack中Compute、Identity、Image、Network等不同服务的服务端点；可查看项目的凭据、下载OpenStack RC文件

9.2.2. 计算
计算包括如下及部分功能：
 概况
 实例
 卷
 网络
9.2.2.1. 概况
利用图形化界面向用户具体的展现集群的上限摘要、使用情况摘要。

9.2.2.2. 实例
实例包括主要功能如下：
 创建实例
通过界面配置完成虚机创建；
 实例列表
 实例详情查询
 删除实例
 启动实例
 停止实例

9.2.2.2.1. 创建实例
创建实例步骤如下：
点击右上角”创建实例”

填写实例名称、描述；选择可用域、数量；点击下一项。


选择源：镜像、实例快照、卷、卷快照。（这里演示的源为镜像）；调整卷大小；选择下列可用的镜像文件；点击下一项。

选择可用的实例类型；点击下一项。


分配可用网络端口；点击下一项。


选择可用网络端口（可以不选择）；点击下一项。


选择安全组（可使用默认default或选择别的）；点击下一步。


选择密钥对；点击下一步。


在配置选项卡中，可选择为实例添加定制脚本；选择磁盘分区方式；选择是否配置驱动；点击下一项。


在服务器选项卡中，选择划分的服务器组；点击下一项。


在scheduler hint选项卡中，拖动左边框的项目到右边框来制定scheduler hint；点击下一项。


在元数据选项卡中，把左侧条目移到右侧来制定实例的元数据；点击创建实例。

点击“创建实例”后完成实例创建。

9.2.2.2.2. 删除实例
删除实例步骤如下：
勾选需要删除的实例

点击右上角删除实例，弹出删除实力确认框，点击删除。

9.2.2.3. 镜像
镜像包括功能如下：
 镜像上传
 镜像删除
 镜像查询

9.2.2.3.1. 创建镜像
点击右上角创建镜像

在镜像详情选项卡中，填写镜像名称、镜像描述；选择镜像文件、文件格式；点击创建镜像。

点击创建镜像，镜像创建成功。
9.2.2.4. 密钥对
密钥对功能包括如下
 密钥对的创建
 密钥对的删除
 公钥的导入

9.2.3. 卷
卷的主要功能包括如下：
 存储卷的创建
 存储卷的接受转转让
 存储卷的删除

9.2.3.1. 卷的编辑
卷编辑主要实现的功能如下：
 扩展卷
 管理连接
 创建快照
 修改卷类型
 创建转让
 删除卷
 更新元数据

9.2.3.2. 创建卷
创建卷步骤如下：
点击右上角的创建卷；

填写卷名称、描述；选择卷来源、选择卷为源；点击创建卷。

点击创建卷，卷创建成功。

9.2.3.3. 删除卷
删除卷步骤如下：
勾选需要删除的卷。

点击卷后放的下拉列表，选择删除，弹出提示框。

点击删除卷，卷已成功删除
9.2.4. 网络
网络主要组成包括：
 网络拓扑
 网络
 安全组

9.2.4.1. 创建网络
点击右上角创建网络

填写网络名称；默认勾选启动管理员状态、创建子网，可根据实际需求进行勾选；点击下一步。



填写子网名称、网络IP地址、网关IP；点击下一步。


填写分配的地址池、DNS服务器、主机路由；点击创建网络

点击创建网络，网络创建成功。

9.3. 管理员模块功能介绍
管理员模块功能主要包括如下：
 概况
 计算
 卷
 网络
 系统
9.3.1. 概况
功能：详细的向用户展示了目前实际使用情况摘要。

9.3.2. 计算
计算主要包括功能如下：
 虚拟机管理器
 主机聚合
 实例
 实例类型
 镜像

9.3.2.1. 主机聚合
主机聚合步骤如下：
点击右上角创建主机聚合

在主机聚合信息中，填写名称、可用域；

在管理聚合内的主机中，为主机添加到这个聚合中；点击创建聚合。

9.3.2.2. 实例的启动、快照、挂起
实例编辑、启动、快照、挂起等功能的实现如下
勾选某一个实例

点击实例后面的下拉下拉列表；分别点击启动实例、挂起实例、创建快照。

9.3.3. 系统
系统的主要功能主城如下：
 默认值
 元数据定义
 系统信息

9.3.3.1. 默认值
详细展示了各种配额的最高上限值。

9.3.3.2. 导入命名空间
导入命名空间方法如下：
点击系统——元数据定义——右上角导入命名空间——选择元数据定义文件——勾选“公有”或者”受保护”前——点击导入命名空间

点击导入命名空间。导入命名空间成功
9.4. 身份管理模块功能介绍
身份管理模块功能主要包括如下：
 项目
 用户
 组
 角色
9.4.1. 项目
9.4.1.1. 项目的专项管理的实现
方法：勾线项目——点击管理成员——选择相应功能选项。

9.4.1.2. 创建项目
创建项目方法如下：
点击右上角创建项目

在项目信息中，填写项目名称、描述。


在项目成员中，为项目添加成员


在项目组中，为项目添加组。


在配额中，为项目调整配置的限制；点击创建项目。

9.4.2. 创建用户
创建用户方法如下：
点击右上角创建用户。

填写用户名、描述、邮箱、密码、确认密码；选择主项目；点击创建用户。

9.4.3. 创建组
创建组的步骤如下：
点击右上角创建组

填写名称、描述；创建组。

9.4.4. 创建角色
角色创建方法如下：
点击右上角创建角色

填写名称；点击提交。

黑夜青儿

关注

3
点赞
踩
0

收藏

觉得还不错? 一键收藏
1
评论
复制链接

分享到 QQ

分享到新浪微博

扫一扫