安装openstack
更换pip源
mkdir ~/.pip
sudo vi ~/.pip/pip.conf
输入以下内容:
[global]
index-url = https://pypi.tuna.tsinghua.edu.cn/simple
trusted-host = pypi.tuna.tsinghua.edu.cn
安装软件
apt-get install bridge-utils git vim python3-pip -y
创建stack用户
sudo useradd -s /bin/bash -d /opt/stack -m stack
echo "stack ALL=(ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/stack
切换到stack下
sudo su stack
添加github的host
sudo vi /etc/hosts
#github
140.82.113.4 github.com
199.232.5.194 github.global.ssl.fastly.net
下载devstack[victoria版本]
sudo git clone https://github.com/openstack-dev/devstack.git --branch stable/victoria /opt/devstack
sudo chown -R stack:stack /opt/devstack
sudo chmod -R 777 /opt/devstack
进行devstack配置
cd /opt/devstack
vim local.conf
[[local|localrc]]
ADMIN_PASSWORD=123456
DATABASE_PASSWORD=$ADMIN_PASSWORD
RABBIT_PASSWORD=$ADMIN_PASSWORD
SERVICE_PASSWORD=$ADMIN_PASSWORD
#Use mirror
GIT_BASE=http://git.trystack.cn
NOVNC_REPO=http://git.trystack.cn/kanaka/noVNC.git
SPICE_REPO=http://git.trystack.cn/git/spice/spice-html5.git
安装
./stack.sh
成功显示
然后vim /opt/devstack/admin-openrc.sh
添加
export OS_USERNAME=admin
export OS_PASSWORD=123456
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://192.168.100.10/identity
export OS_IDENTITY_API_VERSION=3
然后使生效source admin-openrc.sh
输入命令openstack compute service list --service nova-compute
安装terraform
通过apt更新系统安装包
sudo apt update
sudo apt upgrade
将 Terraform 的 GPG 密钥添加到系统中
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
将安装包列表拉取
sudo apt-add-repository "deb [arch=$(dpkg --print-architecture)] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
更新apt并安装 Terraform
sudo apt update
sudo apt install terraform
是否安装成功
terraform -v
创建terraform实例
创建了新的安全组
terraform {
required_providers {
openstack = {
source = "terraform-provider-openstack/openstack"
version = "1.34.0"
}
}
}
provider "openstack" {
user_name = "admin"
tenant_name = "admin"
password = "123456"
auth_url = "http://192.168.100.10/identity"
domain_name = "Default"
}
# Acces group, open input port 80 and ssh port
resource "openstack_compute_secgroup_v2" "http" {
name = "http"
description = "Open input http port"
rule {
from_port = 80
to_port = 80
ip_protocol = "tcp"
cidr = "0.0.0.0/0"
}
}
# Open mariadb port
resource "openstack_compute_secgroup_v2" "db" {
name = "db"
description = "Open input db port"
rule {
from_port = 3306
to_port = 3306
ip_protocol = "tcp"
cidr = "0.0.0.0/0"
}
}
# Open Apache2 port
resource "openstack_compute_secgroup_v2" "ssh" {
name = "ssh"
description = "Open input ssh port"
rule {
from_port = 22
to_port = 22
ip_protocol = "tcp"
cidr = "0.0.0.0/0"
}
}
查看认证URL,用于terraform调用OpenStack认证
openstack endpoint list --service keystone
查看安全组
openstack security group list