OpenStack--环境准备

1、安装 openstack 基础组件准备：

本次选择 ocata 版本安装，因为最新版的 pike 版本还没有完全作为正式版本提供：
官方ocata版的中文安装文档：https://docs.openstack.org/ocata/zh_CN/install-guide-rdo/

#1：查看 openstack yum 版本:
[root@linux-host1 ~]# yum list centos-release-openstack*

#2：各服务器安装 ocata 的 yum 源：
#负载服务、数据库、memcache、rabbitMQ 服务器除外，即只安装 openstack 控制节点和计算节点。
[root@linux-host1 ~]# yum install –y centos-release-openstack-ocata.noarch
[root@linux-host1 ~]# yum install -y https://rdoproject.org/repos/rdo-release.rpm

#3：各服务器安装 openstack 客户端：
[root@linux-host1 ~]# yum install -y python-openstackclient

#4：各服务器安装 openstack SElinux 管理包：
#如果 agent 开启了selinux 会自动进行 selinux 权限的相关设置：
[root@linux-host1 ~]# yum install -y openstack-selinux

2、安装数据库服务器：

可以单独安装至其他服务器，openstack 的各组件都要使用数据库保存数据，除nova 使用API 与其他组件进行调用外：
MySQL 官方下载地址：https://dev.mysql.com/downloads/

#1：控制端安装python，连接数据库模块： 
[root@linux-host1 ~]# yum install -y mariadb python2-PyMySQL 

#2：安装 mariadb：
[root@linux-host4 ~]# yum install mariadb mariadb-server

#3：配置数据库：
[root@linux-host4 ~]# vim /etc/my.cnf.d/openstack.cnf
[mysqld]
bind-address = 192.168.10.204 #指定监听地址
default-storage-engine = innodb #默认引擎
innodb_file_per_table = on #开启每个表都有独立表空间
max_connections = 4096 #最大连接数
collation-server = utf8_general_ci #不区分大小写排序
character-set-server = utf8 #设置编码

#4：配置 my.cnf：
[root@linux-host4 ~]# cat /etc/my.cnf
[mysqld]
socket=/var/lib/mysql/mysql.sock
user=mysql
symbolic-links=0
datadir=/data/mysql
innodb_file_per_table=1
#skip-grant-tables
relay-log = /data/mysql
server-id=10
log-error= /data/mysql-log/mysql_error.txt
log-bin=/data/mysql-binlog/master-log
#general_log=ON
#general_log_file=/data/general_mysql.log
long_query_time=5
slow_query_log=1
slow_query_log_file= /data/mysql-log/slow_mysql.txt
max_connections=1000
bind-address=192.168.10.204
[client]
port=3306
socket=/var/lib/mysql/mysql.sock
[mysqld_safe]
log-error=/data/mysql-log/mysqld-safe.log
pid-file=/var/lib/mysql/mysql.sock

#5：创建数据目录并授权：
[root@linux-host4 ~]# mkdir -pv /data/{mysql,mysql-log,mysql-binlog}
mkdir: created directory ‘/data’
mkdir: created directory ‘/data/mysql’
mkdir: created directory ‘/data/mysql-log’
mkdir: created directory ‘/data/mysql-binlog’
[root@linux-host4 ~]# chown mysql.mysql /data/ -

#6：启动 Mariadb 并验证：
[root@linux-host4 ~]# systemctl start mariadb
[root@linux-host4 ~]# systemctl enable mariadb
[root@linux-host4 ~]# mysql_secure_installation #初始化设置

3、部署 keepalived：

#1：在两台负载服务器同时执行以下操作：
[root@linux-host4 src]# wget http://www.keepalived.org/software/keepalived-1.3.6.tar.gz
[root@linux-host4 src]# tar xvf keepalived-1.3.6.tar.gz
[root@linux-host4 src]# cd keepalived-1.3.6
[root@linux-host4 src]#yum install libnfnetlink-devel libnfnetlink ipvsadm libnl libnl-devel libnl3 libnl3-devel lm_sensors-libs net-snmp-agent-libs net-snmp-libs openssh-server openssh-clients openssl openssl-devel tree sudo psmisc lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute
[root@linux-host4 keepalived-1.3.6]# ./configure --prefix=/usr/local/keepalived --disable-fwmark && make && make install
[root@linux-host4 keepalived-1.3.6]# cp /usr/local/src/keepalived-1.3.6/keepalived/etc/init.d/keepalived.rh.init /etc/sysconfig/keepalived.sysconfig
[root@linux-host4 keepalived-1.3.6]# cp /usr/local/src/keepalived-1.3.6/keepalived/keepalived.service /usr/lib/systemd/system/
cp: overwrite ‘/usr/lib/systemd/system/keepalived.service’? y
[root@linux-host4 keepalived-1.3.6]# cp /usr/local/src/keepalived-1.3.6/bin/keepalived /usr/sbin/

#2：准备 keepalived 配置文件：
#2.1：master 服务器： 
[root@linux-host4 ~]# mkdir /etc/keepalived
[root@linux-host4 ~]# cat /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
 state MASTER
 interface eth0
 virtual_router_id 1
 priority 100
 advert_int 1
 unicast_src_ip 192.168.10.204
 unicast_peer {
 192.168.10.205
 }
 authentication {
 auth_type PASS
 auth_pass 123456
 }
 virtual_ipaddress {
 192.168.10.100/24 dev eth0 label eth0:0
 } }
[root@linux-host4 ~]# systemctl start keepalived
[root@linux-host4 ~]# systemctl enable keepalived
#2.2：backup 服务器： 
[root@linux-host5 ~]# mkdir /etc/keepalived
[root@linux-host5 ~]# cat /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
 state BACKUP
 interface eth0
 virtual_router_id 1
 priority 50
 advert_int 1
 unicast_src_ip 192.168.10.205
 unicast_peer {
 192.168.10.204
 }
 authentication {
 auth_type PASS
 auth_pass 123456
 }
 virtual_ipaddress {
 192.168.10.100/24 dev eth0 label eth0:0
 } }
[root@linux-host5 ~]# systemctl start keepalived
[root@linux-host5 ~]# systemctl enable keepalived

#3：验证：

4、部署 haproxy：

分别在两台负载服务器同时执行以下操作安装 haproxy：

#1：下载并安装 haproxy：
[root@linux-host4 src]# wget http://www.haproxy.org/download/1.7/src/haproxy-1.7.9.tar.gz
[root@linux-host4 src]# tar xvf haproxy-1.7.9.tar.gz
[root@linux-host4 src]# cd haproxy-1.7.9
[root@linux-host4 haproxy-1.7.9]# make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy
[root@linux-host4 haproxy-1.7.9]# make install PREFIX=/usr/local/haproxy

#2：准备 haproxy 启动脚本：
[root@linux-host4 haproxy-1.7.9]# cat /usr/lib/systemd/system/haproxy.service 
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target
[Service]
EnvironmentFile=/etc/sysconfig/haproxy
ExecStart=/usr/sbin/haproxy-systemd-wrapper -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid 
$OPTIONS
ExecReload=/bin/kill -USR2 $MAINPID
[Install]
WantedBy=multi-user.target
[root@linux-host4 haproxy-1.7.9]# cp ./haproxy-systemd-wrapper /usr/sbin/haproxy-systemd-wrapper
[root@linux-host4 haproxy-1.7.9]# cp ./haproxy /usr/sbin/haproxy

#3：准备系统配置文件：
[root@linux-host4 haproxy-1.7.9]# cat /etc/sysconfig/haproxy
# Add extra options to the haproxy daemon here. This can be useful for
# specifying multiple configuration files with multiple -f options.
# See haproxy(1) for a complete list of options.
OPTIONS=""

#4：配置主配置文件：
[root@linux-host4 haproxy-1.7.9]# mkdir /var/lib/haproxy
[root@linux-host4 haproxy-1.7.9]# mkdir /etc/haproxy
[root@linux-host4 haproxy-1.7.9]# vim /etc/haproxy/haproxy.cfg
global
maxconn 100000
uid 99
gid 99
daemon
nbproc 1
log 127.0.0.1 local0 info
chroot /usr/local/haproxy
stats socket /var/lib/haproxy/haproxy.socket mode 600 level admin
defaults
option redispatch #当 serverId 对应的服务器挂掉后，强制定向到其他健康的服务器 
option abortonclose #当服务器负载很高的时候，自动结束掉当前队列处理比较久的链接
option http-keep-alive
option forwardfor
maxconn 100000
mode http
timeout connect 10s #连接到一台服务器的最长等待时间
timeout client 20s #连接客户端发送数据最长等待时间
timeout server 30s #服务器回应客户端发送数据最长等待时间
timeout check 5s #对后端服务器的检测超时时间
listen stats
mode http
bind 0.0.0.0:9999
stats enable
log global
stats uri /haproxy-status
stats auth haadmin:3344521
#xxx================================================================
frontend test
 bind 192.168.10.100:80
 mode http
 default_backend test_http_nodes
backend test_http_nodes 
 mode http
 balance source
server 127.0.0.1 127.0.0.1:80 check inter 2000 fall 3 rise 5

#5：各负载服务器配置内核参数：
[root@linux-host4 haproxy-1.7.9]# vim /etc/sysctl.conf
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1
[root@linux-host4 haproxy-1.7.9]# sysctl -p

#6：启动 haproxy 并验证：
[root@linux-host4 ~]# systemctl start haproxy
[root@linux-host4 ~]# systemctl enable haproxy

5、安装 rabbitMQ 服务器：

#1：可以单独安装至其他服务器：
#各组件通过消息发送与接收是实现组件之间的通信：
[root@linux-host5 ~]# yum install rabbitmq-server –y

#2：启动并设置为开机启动：
[root@linux-host5 ~]# systemctl enable rabbitmq-server.service
Created symlink from /etc/systemd/system/multi-user.target.wants/rabbitmq-server.service to 
/usr/lib/systemd/system/rabbitmq-server.service.
[root@linux-host5 ~]# systemctl start rabbitmq-server.service

#3：验证端口：

#4：添加 rabbitMQ 客户端用户并设置密码：
[root@linux-host5 ~]# rabbitmqctl add_user openstack 123456
Creating user "openstack" ...

#5：赋予 openstack 用户读写权限：
[root@linux-host5 ~]# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
Setting permissions for user "openstack" in vhost "/" ...

#6：打开 rabbitMQ 的 web 插件：
[root@linux-host5 ~]# rabbitmq-plugins enable rabbitmq_management
[root@linux-host5 ~]# rabbitmq-plugins list #查看插件

#7：访问 rabbitMQ 的 web 界面：
#默认用户名密码都是 guest，可以更改，web 访问端口为 15672：

#8：web 界面：

6、安装 memcached：

用于缓存 openstack 各服务的身份认证令牌信息

#1：安装 memcached：
[root@linux-host5 ~]# yum install memcached
#openstack 安装 python 模块
[root@linux-host1 ~]# yum install python-memcached –y 

#2：编辑配置文件：
[root@linux-host5 ~]# cat /etc/sysconfig/memcached 
PORT="11212" #避免和 haproxy 监听的 11211 冲突
USER="memcached"
MAXCONN="1024"
CACHESIZE="512"
OPTIONS="-l 192.168.10.205"

#3：启动并设置为开机启动：
[root@linux-host5 ~]# systemctl start memcached
[root@linux-host5 ~]# systemctl enable memcached

#4：验证端口