1、安装 openstack 基础组件准备:
本次选择 ocata 版本安装,因为最新版的 pike 版本还没有完全作为正式版本提供:
官方ocata版的中文安装文档:https://docs.openstack.org/ocata/zh_CN/install-guide-rdo/
#1:查看 openstack yum 版本:
[root@linux-host1 ~]# yum list centos-release-openstack*
#2:各服务器安装 ocata 的 yum 源:
#负载服务、数据库、memcache、rabbitMQ 服务器除外,即只安装 openstack 控制节点和计算节点。
[root@linux-host1 ~]# yum install –y centos-release-openstack-ocata.noarch
[root@linux-host1 ~]# yum install -y https://rdoproject.org/repos/rdo-release.rpm
#3:各服务器安装 openstack 客户端:
[root@linux-host1 ~]# yum install -y python-openstackclient
#4:各服务器安装 openstack SElinux 管理包:
#如果 agent 开启了selinux 会自动进行 selinux 权限的相关设置:
[root@linux-host1 ~]# yum install -y openstack-selinux
2、安装数据库服务器:
可以单独安装至其他服务器,openstack 的各组件都要使用数据库保存数据,除nova 使用API 与其他组件进行调用外:
MySQL 官方下载地址:https://dev.mysql.com/downloads/
#1:控制端安装python,连接数据库模块:
[root@linux-host1 ~]# yum install -y mariadb python2-PyMySQL
#2:安装 mariadb:
[root@linux-host4 ~]# yum install mariadb mariadb-server
#3:配置数据库:
[root@linux-host4 ~]# vim /etc/my.cnf.d/openstack.cnf
[mysqld]
bind-address = 192.168.10.204 #指定监听地址
default-storage-engine = innodb #默认引擎
innodb_file_per_table = on #开启每个表都有独立表空间
max_connections = 4096 #最大连接数
collation-server = utf8_general_ci #不区分大小写排序
character-set-server = utf8 #设置编码
#4:配置 my.cnf:
[root@linux-host4 ~]# cat /etc/my.cnf
[mysqld]
socket=/var/lib/mysql/mysql.sock
user=mysql
symbolic-links=0
datadir=/data/mysql
innodb_file_per_table=1
#skip-grant-tables
relay-log = /data/mysql
server-id=10
log-error= /data/mysql-log/mysql_error.txt
log-bin=/data/mysql-binlog/master-log
#general_log=ON
#general_log_file=/data/general_mysql.log
long_query_time=5
slow_query_log=1
slow_query_log_file= /data/mysql-log/slow_mysql.txt
max_connections=1000
bind-address=192.168.10.204
[client]
port=3306
socket=/var/lib/mysql/mysql.sock
[mysqld_safe]
log-error=/data/mysql-log/mysqld-safe.log
pid-file=/var/lib/mysql/mysql.sock
#5:创建数据目录并授权:
[root@linux-host4 ~]# mkdir -pv /data/{mysql,mysql-log,mysql-binlog}
mkdir: created directory ‘/data’
mkdir: created directory ‘/data/mysql’
mkdir: created directory ‘/data/mysql-log’
mkdir: created directory ‘/data/mysql-binlog’
[root@linux-host4 ~]# chown mysql.mysql /data/ -
#6:启动 Mariadb 并验证:
[root@linux-host4 ~]# systemctl start mariadb
[root@linux-host4 ~]# systemctl enable mariadb
[root@linux-host4 ~]# mysql_secure_installation #初始化设置
3、部署 keepalived:
#1:在两台负载服务器同时执行以下操作:
[root@linux-host4 src]# wget http://www.keepalived.org/software/keepalived-1.3.6.tar.gz
[root@linux-host4 src]# tar xvf keepalived-1.3.6.tar.gz
[root@linux-host4 src]# cd keepalived-1.3.6
[root@linux-host4 src]#yum install libnfnetlink-devel libnfnetlink ipvsadm libnl libnl-devel libnl3 libnl3-devel lm_sensors-libs net-snmp-agent-libs net-snmp-libs openssh-server openssh-clients openssl openssl-devel tree sudo psmisc lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute
[root@linux-host4 keepalived-1.3.6]# ./configure --prefix=/usr/local/keepalived --disable-fwmark && make && make install
[root@linux-host4 keepalived-1.3.6]# cp /usr/local/src/keepalived-1.3.6/keepalived/etc/init.d/keepalived.rh.init /etc/sysconfig/keepalived.sysconfig
[root@linux-host4 keepalived-1.3.6]# cp /usr/local/src/keepalived-1.3.6/keepalived/keepalived.service /usr/lib/systemd/system/
cp: overwrite ‘/usr/lib/systemd/system/keepalived.service’? y
[root@linux-host4 keepalived-1.3.6]# cp /usr/local/src/keepalived-1.3.6/bin/keepalived /usr/sbin/
#2:准备 keepalived 配置文件:
#2.1:master 服务器:
[root@linux-host4 ~]# mkdir /etc/keepalived
[root@linux-host4 ~]# cat /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 1
priority 100
advert_int 1
unicast_src_ip 192.168.10.204
unicast_peer {
192.168.10.205
}
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
192.168.10.100/24 dev eth0 label eth0:0
} }
[root@linux-host4 ~]# systemctl start keepalived
[root@linux-host4 ~]# systemctl enable keepalived
#2.2:backup 服务器:
[root@linux-host5 ~]# mkdir /etc/keepalived
[root@linux-host5 ~]# cat /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 1
priority 50
advert_int 1
unicast_src_ip 192.168.10.205
unicast_peer {
192.168.10.204
}
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
192.168.10.100/24 dev eth0 label eth0:0
} }
[root@linux-host5 ~]# systemctl start keepalived
[root@linux-host5 ~]# systemctl enable keepalived
#3:验证:
4、部署 haproxy:
分别在两台负载服务器同时执行以下操作安装 haproxy:
#1:下载并安装 haproxy:
[root@linux-host4 src]# wget http://www.haproxy.org/download/1.7/src/haproxy-1.7.9.tar.gz
[root@linux-host4 src]# tar xvf haproxy-1.7.9.tar.gz
[root@linux-host4 src]# cd haproxy-1.7.9
[root@linux-host4 haproxy-1.7.9]# make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=/usr/local/haproxy
[root@linux-host4 haproxy-1.7.9]# make install PREFIX=/usr/local/haproxy
#2:准备 haproxy 启动脚本:
[root@linux-host4 haproxy-1.7.9]# cat /usr/lib/systemd/system/haproxy.service
[Unit]
Description=HAProxy Load Balancer
After=syslog.target network.target
[Service]
EnvironmentFile=/etc/sysconfig/haproxy
ExecStart=/usr/sbin/haproxy-systemd-wrapper -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid
$OPTIONS
ExecReload=/bin/kill -USR2 $MAINPID
[Install]
WantedBy=multi-user.target
[root@linux-host4 haproxy-1.7.9]# cp ./haproxy-systemd-wrapper /usr/sbin/haproxy-systemd-wrapper
[root@linux-host4 haproxy-1.7.9]# cp ./haproxy /usr/sbin/haproxy
#3:准备系统配置文件:
[root@linux-host4 haproxy-1.7.9]# cat /etc/sysconfig/haproxy
# Add extra options to the haproxy daemon here. This can be useful for
# specifying multiple configuration files with multiple -f options.
# See haproxy(1) for a complete list of options.
OPTIONS=""
#4:配置主配置文件:
[root@linux-host4 haproxy-1.7.9]# mkdir /var/lib/haproxy
[root@linux-host4 haproxy-1.7.9]# mkdir /etc/haproxy
[root@linux-host4 haproxy-1.7.9]# vim /etc/haproxy/haproxy.cfg
global
maxconn 100000
uid 99
gid 99
daemon
nbproc 1
log 127.0.0.1 local0 info
chroot /usr/local/haproxy
stats socket /var/lib/haproxy/haproxy.socket mode 600 level admin
defaults
option redispatch #当 serverId 对应的服务器挂掉后,强制定向到其他健康的服务器
option abortonclose #当服务器负载很高的时候,自动结束掉当前队列处理比较久的链接
option http-keep-alive
option forwardfor
maxconn 100000
mode http
timeout connect 10s #连接到一台服务器的最长等待时间
timeout client 20s #连接客户端发送数据最长等待时间
timeout server 30s #服务器回应客户端发送数据最长等待时间
timeout check 5s #对后端服务器的检测超时时间
listen stats
mode http
bind 0.0.0.0:9999
stats enable
log global
stats uri /haproxy-status
stats auth haadmin:3344521
#xxx================================================================
frontend test
bind 192.168.10.100:80
mode http
default_backend test_http_nodes
backend test_http_nodes
mode http
balance source
server 127.0.0.1 127.0.0.1:80 check inter 2000 fall 3 rise 5
#5:各负载服务器配置内核参数:
[root@linux-host4 haproxy-1.7.9]# vim /etc/sysctl.conf
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1
[root@linux-host4 haproxy-1.7.9]# sysctl -p
#6:启动 haproxy 并验证:
[root@linux-host4 ~]# systemctl start haproxy
[root@linux-host4 ~]# systemctl enable haproxy
5、安装 rabbitMQ 服务器:
#1:可以单独安装至其他服务器:
#各组件通过消息发送与接收是实现组件之间的通信:
[root@linux-host5 ~]# yum install rabbitmq-server –y
#2:启动并设置为开机启动:
[root@linux-host5 ~]# systemctl enable rabbitmq-server.service
Created symlink from /etc/systemd/system/multi-user.target.wants/rabbitmq-server.service to
/usr/lib/systemd/system/rabbitmq-server.service.
[root@linux-host5 ~]# systemctl start rabbitmq-server.service
#3:验证端口:
#4:添加 rabbitMQ 客户端用户并设置密码:
[root@linux-host5 ~]# rabbitmqctl add_user openstack 123456
Creating user "openstack" ...
#5:赋予 openstack 用户读写权限:
[root@linux-host5 ~]# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
Setting permissions for user "openstack" in vhost "/" ...
#6:打开 rabbitMQ 的 web 插件:
[root@linux-host5 ~]# rabbitmq-plugins enable rabbitmq_management
[root@linux-host5 ~]# rabbitmq-plugins list #查看插件
#7:访问 rabbitMQ 的 web 界面:
#默认用户名密码都是 guest,可以更改,web 访问端口为 15672:
#8:web 界面:
6、安装 memcached:
用于缓存 openstack 各服务的身份认证令牌信息
#1:安装 memcached:
[root@linux-host5 ~]# yum install memcached
#openstack 安装 python 模块
[root@linux-host1 ~]# yum install python-memcached –y
#2:编辑配置文件:
[root@linux-host5 ~]# cat /etc/sysconfig/memcached
PORT="11212" #避免和 haproxy 监听的 11211 冲突
USER="memcached"
MAXCONN="1024"
CACHESIZE="512"
OPTIONS="-l 192.168.10.205"
#3:启动并设置为开机启动:
[root@linux-host5 ~]# systemctl start memcached
[root@linux-host5 ~]# systemctl enable memcached
#4:验证端口