前往小程序,Get更优阅读体验!
立即前往
首页
学习
活动
专区
工具
TVP
发布
社区首页 >专栏 >使用openstack搭建私有云[通俗易懂]

使用openstack搭建私有云[通俗易懂]

作者头像
全栈程序员站长
发布2022-09-14 21:21:20
31.7K0
发布2022-09-14 21:21:20
举报
文章被收录于专栏:全栈程序员必看

大家好,又见面了,我是你们的朋友全栈君。

OpenStack 部署

一、环境准备

版本介绍

CentOS Linux release 7.6.1810 (Core) 内核版本:3.10.0-957.el7.x86_64

代码语言:javascript
复制
$ openstack versions show
+-------------+--------------+---------+-----------+------------------------------+------------------+------------------+
| Region Name | Service Type | Version | Status    | Endpoint                     | Min Microversion | Max Microversion |
+-------------+--------------+---------+-----------+------------------------------+------------------+------------------+
| RegionOne   | compute      | 2.0     | SUPPORTED | http://controller:8774/v2/   | None             | None             |
| RegionOne   | compute      | 2.1     | CURRENT   | http://controller:8774/v2.1/ | 2.1              | 2.65             |
| RegionOne   | image        | 2.0     | SUPPORTED | http://controller:9292/v2/   | None             | None             |
| RegionOne   | image        | 2.1     | SUPPORTED | http://controller:9292/v2/   | None             | None             |
| RegionOne   | image        | 2.2     | SUPPORTED | http://controller:9292/v2/   | None             | None             |
| RegionOne   | image        | 2.3     | SUPPORTED | http://controller:9292/v2/   | None             | None             |
| RegionOne   | image        | 2.4     | SUPPORTED | http://controller:9292/v2/   | None             | None             |
| RegionOne   | image        | 2.5     | SUPPORTED | http://controller:9292/v2/   | None             | None             |
| RegionOne   | image        | 2.6     | SUPPORTED | http://controller:9292/v2/   | None             | None             |
| RegionOne   | image        | 2.7     | CURRENT   | http://controller:9292/v2/   | None             | None             |
| RegionOne   | placement    | 1.0     | CURRENT   | http://controller:8778/      | 1.0              | 1.29             |
| RegionOne   | network      | 2.0     | CURRENT   | http://controller:9696/v2.0/ | None             | None             |
| RegionOne   | identity     | 3.11    | CURRENT   | http://controller:5000/v3/   | None             | None             |
+-------------+--------------+---------+-----------+------------------------------+------------------+------------------+

1、网络环境

主机

IP

controller

10.0.0.51

compute1

10.0.0.61

修改hosts文件 cat /etc/hosts 10.0.0.51 controller 10.0.0.61 compute1

关闭selinux、firewalld

代码语言:javascript
复制
cat env_set.sh 
#!/bin/bash

systemctl  stop firewalld
systemctl  disable firewalld

setenforce 0
sed  -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
yum install -y wget

配置yum源

代码语言:javascript
复制
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

手动配置源

代码语言:javascript
复制
[centotack-rocky]
name=openstack-rocky
baseurl=https://mirrors.aliyun.com/centos/7/cloud/x86_64/openstack-rocky/
enabled=1
gpgcheck=0

[qume-kvm]
name=qemu-kvm
baseurl= https://mirrors.aliyun.com/centos/7/virt/x86_64/kvm-common/
enabled=1
gpgcheck=0

安装openstack客户端和openstack-selinux yum install python-openstackclient openstack-selinux -y

2、同步时间

安装相关软件 yum install chrony vim net-tools lsof -y

#controller节点 allow 10.0.0.0/24

#其他节点 server 10.0.0.51 iburst 重启服务

代码语言:javascript
复制
systemctl enable chronyd.service
systemctl start chronyd.service

3、部署mariadb数据库

数据库节点

代码语言:javascript
复制
yum install mariadb mariadb-server python2-PyMySQL -y

修改数据库配置文件 /etc/my.cnf

代码语言:javascript
复制
bind-address = 10.0.0.51
default-storage-engine = innodb
innodb_file_per_table		#innodb使用独立的表结构
max_connections = 4096		#最大的连接数
collation-server = utf8_general_ci	#使用utf-8字符集
character-set-server = utf8

启动数据库

代码语言:javascript
复制
systemctl enable mariadb
systemctl start mariadb

数据库安全初始化

代码语言:javascript
复制
mysql_secure_installation
	#回车 n y y y y

4、消息队列RabbitMQ

安装rabbit

代码语言:javascript
复制
yum install rabbitmq-server
systemctl enable rabbitmq-server.service
systemctl start rabbitmq-server.service
代码语言:javascript
复制
#添加openstack用户,设置密码
rabbitmqctl add_user openstack RABBIT_PASS
	Creating user "openstack" ...
#给openstack用户配置写和读权限
rabbitmqctl set_permissions openstack ".*" ".*" ".*"
		Setting permissions for user "openstack" in vhost "/" ...

Rabbitmq默认会开启25672和5672端口 验证:

代码语言:javascript
复制
# netstat -antplu|grep 5672
tcp        0      0 0.0.0.0:25672           0.0.0.0:*               LISTEN      11226/beam.smp      
tcp6       0      0 :::5672                 :::*                    LISTEN      11226/beam.smp

开启插件,监控. 端口:15672

代码语言:javascript
复制
rabbitmq-plugins enable rabbitmq_management
代码语言:javascript
复制
# netstat -antplu|grep 5672
tcp        0      0 0.0.0.0:25672           0.0.0.0:*               LISTEN      11226/beam.smp      
tcp        0      0 0.0.0.0:15672           0.0.0.0:*               LISTEN      11226/beam.smp
tcp6       0      0 :::5672                 :::*                    LISTEN      11226/beam.smp

5、配置memcached

代码语言:javascript
复制
	yum install -y memcached python-memcached 
	#默认监听需要修改
	sed -i 's/127.0.0.1/10.0.0.51/g' /etc/sysconfig/memcached
	systemctl  restart memcached.service

验证:

代码语言:javascript
复制
# netstat -anpl|grep 11211
tcp        0      0 10.0.0.51:11211         0.0.0.0:*               LISTEN      12152/memcached 

6、openstack服务安装的通用步骤:

代码语言:javascript
复制
1.创库授权
2.在keystone创建用户,关联角色
3.在keystone上注册服务,注册api
4.安装服务相关的软件包
5.修改配置文件 		数据库的连接信息 		rabbitmq的连接信息 		keystone认证授权信息
6.同步数据库,创建表
7.启动服务

二、keystone服务的安装

1、创库授权

代码语言:javascript
复制
create DATABASE keystone;
GRANT ALL PRIVILEGES on keystone.* to 'keystone'@'localhost'  identified by 'KEYSTONE_DBPASS';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'KEYSTONE_DBPASS';

2、安装keystone相关软件包

代码语言:javascript
复制
yum install -y openstack-keystone httpd mod_wsgi

修改配置文件

代码语言:javascript
复制
cp /etc/keystone/keystone.conf{ 
   ,.back}
grep -Ev '^$|^#' /etc/keystone/keystone.conf.back > /etc/keystone/keystone.conf
cat /etc/keystone/keystone.conf
[DEFAULT]
admin_token = ADMIN_TOKEN

connection = mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone

[token]
provider = fernet


#同步数据库
su -s /bin/sh -c "keystone-manage db_sync" keystone

#初始化fernet
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
#验证
ll /etc/keystone

3、配置httpd

代码语言:javascript
复制
echo "ServerName controller" >>/etc/httpd/conf/httpd.conf
cat /etc/httpd/conf.d/wsgi-keystone.conf
Listen 5000
Listen 35357

<VirtualHost *:5000>
    WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{ 
   GROUP}
    WSGIProcessGroup keystone-public
    WSGIScriptAlias / /usr/bin/keystone-wsgi-public
    WSGIApplicationGroup %{ 
   GLOBAL}
    WSGIPassAuthorization On
    ErrorLogFormat "%{cu}t %M"
    ErrorLog /var/log/httpd/keystone-error.log
    CustomLog /var/log/httpd/keystone-access.log combined

    <Directory /usr/bin>
        Require all granted
    </Directory>
</VirtualHost>

<VirtualHost *:35357>
    WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{ 
   GROUP}
    WSGIProcessGroup keystone-admin
    WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
    WSGIApplicationGroup %{ 
   GLOBAL}
    WSGIPassAuthorization On
    ErrorLogFormat "%{cu}t %M"
    ErrorLog /var/log/httpd/keystone-error.log
    CustomLog /var/log/httpd/keystone-access.log combined

    <Directory /usr/bin>
        Require all granted
    </Directory>
</VirtualHost>

重启 systemctl enable httpd.service systemctl restart httpd.service

4、创建服务和注册api:

代码语言:javascript
复制
#配置认证令牌:
export OS_TOKEN=ADMIN_TOKEN
#配置端点URL:
export OS_URL=http://controller:35357/v3
#配置认证 API 版本:
export OS_IDENTITY_API_VERSION=3

openstack service create \
  --name keystone --description "OpenStack Identity" identity

openstack endpoint create --region RegionOne \
  identity public http://controller:5000/v3

openstack endpoint create --region RegionOne \
  identity internal http://controller:5000/v3

openstack endpoint create --region RegionOne \
  identity admin http://controller:35357/v3

创建域、项目、用户、角色

代码语言:javascript
复制
openstack domain create --description "Default Domain" default

openstack project create --domain default \
  --description "Admin Project" admin

openstack user create --domain default \
  --password ADMIN_PASS admin

openstack role create admin

openstack role add --project admin --user admin admin

openstack project create --domain default \
  --description "Service Project" service

退出bash 给定初始变量

代码语言:javascript
复制
# cat admin-openrc 
export OS_AUTH_URL=http://controller:35357/v3 
export OS_PROJECT_DOMAIN_NAME=default 
export OS_USER_DOMAIN_NAME=default 
export OS_PROJECT_NAME=admin 
export OS_USERNAME=admin 
export OS_IMAGE_API_VERSION=2
export OS_IDENTITY_API_VERSION=3
export OS_PASSWORD=ADMIN_PASS
source admin-openrc

echo 'source admin-openrc'  >> /etc/bashrc

验证:

代码语言:javascript
复制
openstack token issue
openstack user list
openstack service list
openstack endpoint list

三、镜像服务 glance

1、创库授权

代码语言:javascript
复制
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' \
  IDENTIFIED BY 'GLANCE_DBPASS';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' \
  IDENTIFIED BY 'GLANCE_DBPASS';

2、在keystone创建用户,关联角色

代码语言:javascript
复制
openstack user create --domain default --password GLANCE_PASS glance
openstack role add --project service --user glance admin

3、在keystone上注册服务,注册api

代码语言:javascript
复制
openstack endpoint create --region RegionOne \
  image public http://controller:9292
openstack endpoint create --region RegionOne \
  image internal http://controller:9292
openstack endpoint create --region RegionOne \
  image admin http://controller:9292

4、安装服务相关的软件包

代码语言:javascript
复制
yum install openstack-glance -y

5、修改配置文件

代码语言:javascript
复制
cp /etc/glance/glance-api.conf{ 
   ,.back}
grep -Ev '^$|#' /etc/glance/glance-api.conf.back > /etc/glance/glance-api.conf

cp /etc/glance/glance-registry.conf{ 
   ,.back}
grep -Ev '^$|#'  /etc/glance/glance-registry.conf.back >/etc/glance/glance-registry.conf

# cat /etc/glance/glance-api.conf
[DEFAULT]
[cors]
[database]
connection = mysql+pymysql://glance:GLANCE_DBPASS@controller/glance
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
[image_format]
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = GLANCE_PASS
[matchmaker_redis]
[oslo_concurrency]
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_messaging_zmq]
[oslo_middleware]
[oslo_policy]
[paste_deploy]
flavor = keystone
[profiler]
[store_type_location_strategy]
[task]
[taskflow_executor]


# cat /etc/glance/glance-registry.conf
[DEFAULT]
[database]
connection = mysql+pymysql://glance:GLANCE_DBPASS@controller/glance
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = GLANCE_PASS
[matchmaker_redis]
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_messaging_zmq]
[oslo_policy]
[paste_deploy]
flavor = keystone
[profiler]

6、同步数据库,创建表

代码语言:javascript
复制
# su -s /bin/sh -c "glance-manage db_sync" glance

启动镜像服务、配置他们随机启动:

代码语言:javascript
复制
 systemctl enable openstack-glance-api.service \
  openstack-glance-registry.service
 systemctl start openstack-glance-api.service \
  openstack-glance-registry.service

四、nova的安装

1、创库授权

代码语言:javascript
复制
CREATE DATABASE nova_api;
CREATE DATABASE nova;
CREATE DATABASE nova_cell0;
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' \
  IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' \
  IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' \
  IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' \
  IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' \
  IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' \
  IDENTIFIED BY 'NOVA_DBPASS';

2、在keystone创建用户,关联角色

代码语言:javascript
复制
openstack user create --domain default   --password NOVA_PASS nova
openstack role add --project service --user nova admin

openstack user create --domain default --password PLACEMENT_PASS placement
openstack role add --project service --user placement admin

3、在keystone上注册服务,注册api

代码语言:javascript
复制
openstack service create --name nova   --description "OpenStack Compute" compute
openstack endpoint create --region RegionOne   compute public http://controller:8774/v2.1/%\(tenant_id\)s
openstack endpoint create --region RegionOne   compute internal http://controller:8774/v2.1/%\(tenant_id\)s
openstack endpoint create --region RegionOne   compute admin http://controller:8774/v2.1/%\(tenant_id\)s
#解决版本兼容
openstack service create --name placement --description "Placement API" placement

openstack endpoint create --region RegionOne placement public http://controller:8778
openstack endpoint create --region RegionOne placement internal http://controller:8778
openstack endpoint create --region RegionOne placement admin http://controller:8778

4、安装服务相关的软件包

代码语言:javascript
复制
yum install openstack-nova-api openstack-nova-conductor   openstack-nova-console openstack-nova-novncproxy   openstack-nova-scheduler -y

5、修改配置文件

代码语言:javascript
复制
# cat /etc/nova/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata
rpc_backend = rabbit
auth_strategy = keystone
my_ip = 10.0.0.51
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
transport_url = rabbit://openstack:RABBIT_PASS@controller
[api]
[api_database]
connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api
[barbican]
[cache]
[cells]
[cinder]
[compute]
[conductor]
[console]
[consoleauth]
[cors]
[database]
connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova
[devices]
[ephemeral_storage_encryption]
[filter_scheduler]
[glance]
api_servers = http://controller:9292
[guestfs]
[healthcheck]
[hyperv]
[ironic]
[key_manager]
[keystone]
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = NOVA_PASS
[libvirt]
virt_type = qemu
cpu_mode = none 
[matchmaker_redis]
[metrics]
[mks]
[neutron]
[notifications]
[osapi_v21]
[oslo_concurrency]

[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = RABBIT_PASS
[oslo_messaging_zmq]
[oslo_middleware]
[oslo_policy]
[pci]
[placement]
os_region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:35357/v3
username = placement
password = PLACEMENT_PASS
[placement_database]
[powervm]
[profiler]
[quota]
[rdp]
[remote_debug]
[scheduler]
[serial_console]
[service_user]
[spice]
[upgrade_levels]
[vault]
[vendordata_dynamic_auth]
[vmware]
[vnc]
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ip
[workarounds]
[wsgi]
[xenserver]
[xvp]
[zvm]


tail  /etc/httpd/conf.d/00-nova-placement-api.conf
<Directory /usr/bin>
   <IfVersion >= 2.4>
      Require all granted
   </IfVersion>
   <IfVersion < 2.4>
      Order allow,deny
      Allow from all
   </IfVersion>
</Directory>

重启httpd service systemctl restart httpd

6、同步数据库,创建表

代码语言:javascript
复制
su -s /bin/sh -c "nova-manage api_db sync" nova
su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
su -s /bin/sh -c "nova-manage db sync" nova
#验证
nova-manage cell_v2 list_cells

7、启动服务

代码语言:javascript
复制
systemctl enable openstack-nova-api.service \
  openstack-nova-consoleauth.service openstack-nova-scheduler.service \
  openstack-nova-conductor.service openstack-nova-novncproxy.service
systemctl start openstack-nova-api.service \
  openstack-nova-consoleauth.service openstack-nova-scheduler.service \
  openstack-nova-conductor.service openstack-nova-novncproxy.service

四(2)、计算节点

1、软件安装

代码语言:javascript
复制
yum install openstack-nova-compute

配置文件

代码语言:javascript
复制
# cat /etc/nova/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:RABBIT_PASS@controller
my_ip = 10.0.0.61
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api]
auth_strategy = keystone
[api_database]
[barbican]
[cache]
[cells]
[cinder]
[compute]
[conductor]
[console]
[consoleauth]
[cors]
[database]
[devices]
[ephemeral_storage_encryption]
[filter_scheduler]
[glance]
api_servers = http://controller:9292
[guestfs]
[healthcheck]
[hyperv]
[ironic]
[key_manager]
[keystone]
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = NOVA_PASS
[libvirt]
virt_type = qemu
cpu_mode = none
[matchmaker_redis]
[metrics]
[mks]
[neutron]
[notifications]
[osapi_v21]
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_messaging_zmq]
[oslo_middleware]
[oslo_policy]
[pci]
[placement]
[placement_database]
[powervm]
[profiler]
[quota]
[rdp]
[remote_debug]
[scheduler]
[serial_console]
[service_user]
[spice]
[upgrade_levels]
[vault]
[vendordata_dynamic_auth]
[vmware]
[vnc]
enabled = True
vncserver_listen = 0.0.0.0
vncserver_proxyclient_address = $my_ip
novncproxy_base_url = http://controller:6080/vnc_auto.html
[workarounds]
[wsgi]
[xenserver]
[xvp]
[zvm]
[placement]
os_region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:35357/v3
username = placement
password = PLACEMENT_PASS

openstack hypervisor list su -s /bin/sh -c “nova-manage cell_v2 discover_hosts –verbose” nova

启动服务 systemctl enable libvirtd.service openstack-nova-compute.service systemctl start libvirtd.service openstack-nova-compute.service

五、neutron网络服务

控制节点

1.创库授权

代码语言:javascript
复制
CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \
  IDENTIFIED BY 'NEUTRON_DBPASS';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \
  IDENTIFIED BY 'NEUTRON_DBPASS';

2.在keystone创建用户,关联角色

代码语言:javascript
复制
openstack user create --domain default --password NEUTRON_PASS neutron
openstack role add --project service --user neutron admin

3.在keystone上注册服务,注册api

代码语言:javascript
复制
openstack service create --name neutron \
  --description "OpenStack Networking" network

openstack endpoint create --region RegionOne \
  network public http://controller:9696
openstack endpoint create --region RegionOne \
  network internal http://controller:9696
openstack endpoint create --region RegionOne \
  network admin http://controller:9696

4.安装服务相关的软件包

代码语言:javascript
复制
 yum install openstack-neutron openstack-neutron-ml2 \
  openstack-neutron-linuxbridge ebtables -y

5.修改配置文件

代码语言:javascript
复制
cp  /etc/neutron/neutron.conf{ 
   ,.back}
grep -Ev '^$|#' /etc/neutron/neutron.conf.back > /etc/neutron/neutron.conf


cp /etc/neutron/dhcp_agent.ini{ 
   ,.back}
grep -Ev '^$|#' /etc/neutron/dhcp_agent.ini.back > /etc/neutron/dhcp_agent.ini

cp /etc/neutron/metadata_agent.ini{ 
   ,.back}
grep -Ev '^$|#' /etc/neutron/metadata_agent.ini.back > /etc/neutron/metadata_agent.ini

cp /etc/neutron/plugins/ml2/ml2_conf.ini{ 
   ,.back}
grep -Ev '^$|#' /etc/neutron/plugins/ml2/ml2_conf.ini.back > /etc/neutron/plugins/ml2/ml2_conf.ini

cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini{ 
   ,.back}
grep -Ev '^$|#' /etc/neutron/plugins/ml2/linuxbridge_agent.ini.back > /etc/neutron/plugins/ml2/linuxbridge_agent.ini


#编辑/etc/nova/nova.conf
[neutron]
...
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = NEUTRON_PASS

service_metadata_proxy = True
metadata_proxy_shared_secret = METADATA_SECRET

6.同步数据库,创建表

代码语言:javascript
复制
#网络服务初始化脚本
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
 su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \ --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

7.启动服务

代码语言:javascript
复制
systemctl restart openstack-nova-api.service

systemctl enable neutron-server.service \
  neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
  neutron-metadata-agent.service
systemctl start neutron-server.service \
  neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
  neutron-metadata-agent.service

计算节点

安装

代码语言:javascript
复制
yum install openstack-neutron-linuxbridge ebtables ipset -y

修改配置文件

代码语言:javascript
复制
cp /etc/neutron/neutron.conf{ 
   ,.back}
grep -Ev '^$|#' /etc/neutron/neutron.conf.back > /etc/neutron/neutron.conf

cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini{ 
   ,.back}
grep -Ev '^$|#' /etc/neutron/plugins/ml2/linuxbridge_agent.ini.back > /etc/neutron/plugins/ml2/linuxbridge_agent.ini

启动服务

代码语言:javascript
复制
systemctl restart openstack-nova-compute.service

systemctl enable neutron-linuxbridge-agent.service
systemctl start neutron-linuxbridge-agent.service

六、Dashboard

安装

代码语言:javascript
复制
yum install openstack-dashboard -y

配置文件

代码语言:javascript
复制
egrep -v '^$|#' /etc/openstack-dashboard/local_settings  
import os
from django.utils.translation import ugettext_lazy as _
from openstack_dashboard import exceptions
from openstack_dashboard.settings import HORIZON_CONFIG
DEBUG = False
TEMPLATE_DEBUG = DEBUG
WEBROOT = '/dashboard/'
ALLOWED_HOSTS = ['*', ]
OPENSTACK_API_VERSIONS = { 
   
    "identity": 3,
    "image": 2,
    "volume": 2,
    "compute": 2,
}
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'default'
LOCAL_PATH = '/tmp'
SECRET_KEY='65941f1393ea1c265ad7'
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
CACHES = { 
   
    'default': { 
   
        'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
        'LOCATION': 'controller:11211',
    },
}
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
OPENSTACK_HOST = "controller"
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"
OPENSTACK_KEYSTONE_BACKEND = { 
   
    'name': 'native',
    'can_edit_user': True,
    'can_edit_group': True,
    'can_edit_project': True,
    'can_edit_domain': True,
    'can_edit_role': True,
}
OPENSTACK_HYPERVISOR_FEATURES = { 
   
    'can_set_mount_point': False,
    'can_set_password': False,
    'requires_keypair': False,
}
OPENSTACK_CINDER_FEATURES = { 
   
    'enable_backup': False,
}
OPENSTACK_NEUTRON_NETWORK = { 
   
    'enable_router': False,
    'enable_quotas': False,
    'enable_ipv6': False,
    'enable_distributed_router': False,
    'enable_ha_router': False,
    'enable_lb': False,
    'enable_firewall': False,
    'enable_vpn': False,
    'enable_fip_topology_check': False,
    'default_ipv4_subnet_pool_label': None,
    'default_ipv6_subnet_pool_label': None,
    'profile_support': None,
    'supported_provider_types': ['*'],
    'supported_vnic_types': ['*'],
}
OPENSTACK_HEAT_STACK = { 
   
    'enable_user_pass': True,
}
IMAGE_CUSTOM_PROPERTY_TITLES = { 
   
    "architecture": _("Architecture"),
    "kernel_id": _("Kernel ID"),
    "ramdisk_id": _("Ramdisk ID"),
    "image_state": _("Euca2ools state"),
    "project_id": _("Project ID"),
    "image_type": _("Image Type"),
}
IMAGE_RESERVED_CUSTOM_PROPERTIES = []
API_RESULT_LIMIT = 1000
API_RESULT_PAGE_SIZE = 20
SWIFT_FILE_TRANSFER_CHUNK_SIZE = 512 * 1024
DROPDOWN_MAX_ITEMS = 30
TIME_ZONE = "Asia/Shanghai"
POLICY_FILES_PATH = '/etc/openstack-dashboard'
LOGGING = { 
   
    'version': 1,
    'disable_existing_loggers': False,
    'handlers': { 
   
        'null': { 
   
            'level': 'DEBUG',
            'class': 'logging.NullHandler',
        },
        'console': { 
   
            'level': 'INFO',
            'class': 'logging.StreamHandler',
        },
    },
    'loggers': { 
   
        'django.db.backends': { 
   
            'handlers': ['null'],
            'propagate': False,
        },
        'requests': { 
   
            'handlers': ['null'],
            'propagate': False,
        },
        'horizon': { 
   
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'openstack_dashboard': { 
   
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'novaclient': { 
   
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'cinderclient': { 
   
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'keystoneclient': { 
   
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'glanceclient': { 
   
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'neutronclient': { 
   
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'heatclient': { 
   
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'ceilometerclient': { 
   
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'swiftclient': { 
   
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'openstack_auth': { 
   
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'nose.plugins.manager': { 
   
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'django': { 
   
            'handlers': ['console'],
            'level': 'DEBUG',
            'propagate': False,
        },
        'iso8601': { 
   
            'handlers': ['null'],
            'propagate': False,
        },
        'scss': { 
   
            'handlers': ['null'],
            'propagate': False,
        },
    },
}
SECURITY_GROUP_RULES = { 
   
    'all_tcp': { 
   
        'name': _('All TCP'),
        'ip_protocol': 'tcp',
        'from_port': '1',
        'to_port': '65535',
    },
    'all_udp': { 
   
        'name': _('All UDP'),
        'ip_protocol': 'udp',
        'from_port': '1',
        'to_port': '65535',
    },
    'all_icmp': { 
   
        'name': _('All ICMP'),
        'ip_protocol': 'icmp',
        'from_port': '-1',
        'to_port': '-1',
    },
    'ssh': { 
   
        'name': 'SSH',
        'ip_protocol': 'tcp',
        'from_port': '22',
        'to_port': '22',
    },
    'smtp': { 
   
        'name': 'SMTP',
        'ip_protocol': 'tcp',
        'from_port': '25',
        'to_port': '25',
    },
    'dns': { 
   
        'name': 'DNS',
        'ip_protocol': 'tcp',
        'from_port': '53',
        'to_port': '53',
    },
    'http': { 
   
        'name': 'HTTP',
        'ip_protocol': 'tcp',
        'from_port': '80',
        'to_port': '80',
    },
    'pop3': { 
   
        'name': 'POP3',
        'ip_protocol': 'tcp',
        'from_port': '110',
        'to_port': '110',
    },
    'imap': { 
   
        'name': 'IMAP',
        'ip_protocol': 'tcp',
        'from_port': '143',
        'to_port': '143',
    },
    'ldap': { 
   
        'name': 'LDAP',
        'ip_protocol': 'tcp',
        'from_port': '389',
        'to_port': '389',
    },
    'https': { 
   
        'name': 'HTTPS',
        'ip_protocol': 'tcp',
        'from_port': '443',
        'to_port': '443',
    },
    'smtps': { 
   
        'name': 'SMTPS',
        'ip_protocol': 'tcp',
        'from_port': '465',
        'to_port': '465',
    },
    'imaps': { 
   
        'name': 'IMAPS',
        'ip_protocol': 'tcp',
        'from_port': '993',
        'to_port': '993',
    },
    'pop3s': { 
   
        'name': 'POP3S',
        'ip_protocol': 'tcp',
        'from_port': '995',
        'to_port': '995',
    },
    'ms_sql': { 
   
        'name': 'MS SQL',
        'ip_protocol': 'tcp',
        'from_port': '1433',
        'to_port': '1433',
    },
    'mysql': { 
   
        'name': 'MYSQL',
        'ip_protocol': 'tcp',
        'from_port': '3306',
        'to_port': '3306',
    },
    'rdp': { 
   
        'name': 'RDP',
        'ip_protocol': 'tcp',
        'from_port': '3389',
        'to_port': '3389',
    },
}
REST_API_REQUIRED_SETTINGS = ['OPENSTACK_HYPERVISOR_FEATURES',
                              'LAUNCH_INSTANCE_DEFAULTS']
代码语言:javascript
复制
# ll /etc/openstack-dashboard/local_settings 
-rw-r-----. 1 root apache 26505 Apr 28 21:56 /etc/openstack-dashboard/local_settings

对域的修改

代码语言:javascript
复制
vim /etc/httpd/conf.d/openstack-dashboard.conf
   WSGIApplicationGroup %{ 
   GLOBAL}
   systemctl  restart httpd

七、创建一个实例

1、创建网路

代码语言:javascript
复制
neutron net-create --shared --provider:physical_network provider \
  --provider:network_type flat ouzhenet
  
 neutron subnet-create --name ouzhe1 \
  --allocation-pool start=10.0.0.101,end=10.0.0.200 \
  --dns-nameserver 114.114.114.114 --gateway 10.0.0.2 \
  ouzhenet 10.0.0.0/24

2、创建m1.nano规格的主机

代码语言:javascript
复制
openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano

3、生成和添加秘钥对

代码语言:javascript
复制
ssh-keygen -q -N "" -f ~/.ssh/id_rsa
openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey

4、增加安全组规则

代码语言:javascript
复制
openstack security group rule create --proto icmp default
openstack security group rule create --proto tcp --dst-port 22 default

5、创建主机

代码语言:javascript
复制
neutron net-list
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
+--------------------------------------+----------+----------------------------------+--------------------------------------------------+
| id                                   | name     | tenant_id                        | subnets                                          |
+--------------------------------------+----------+----------------------------------+--------------------------------------------------+
| cae26611-d5d1-4465-a352-c35a014e6f08 | ouzhenet | fd444319c4874e908d66d1c91e07c42d | 29281230-6848-4397-bfec-241c5e8c9e65 10.0.0.0/24 |
+--------------------------------------+----------+----------------------------------+--------------------------------------------------+

openstack server create --flavor m1.nano --image cirros \
  --nic net-id=cae26611-d5d1-4465-a352-c35a014e6f08 --security-group default \
  --key-name mykey ouzhe001

验证创建的虚拟机

在这里插入图片描述
在这里插入图片描述

验证是否有IP地址,能否上外网

在这里插入图片描述
在这里插入图片描述

搭建时的一些下错误

Host ‘compute1’ is not mapped to any cell

解决方案

代码语言:javascript
复制
su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova

参考文档:

https://docs.openstack.org/mitaka/install-guide-rdo/ https://blog.51cto.com/egon09/1845226

发布者:全栈程序员栈长,转载请注明出处:https://javaforall.cn/159894.html原文链接:https://javaforall.cn

本文参与 腾讯云自媒体同步曝光计划,分享自作者个人站点/博客。
如有侵权请联系 cloudcommunity@tencent.com 删除

本文分享自 作者个人站点/博客 前往查看

如有侵权,请联系 cloudcommunity@tencent.com 删除。

本文参与 腾讯云自媒体同步曝光计划  ,欢迎热爱写作的你一起参与!

评论
登录后参与评论
0 条评论
热度
最新
推荐阅读
目录
  • 一、环境准备
    • 版本介绍
      • 1、网络环境
      • 2、同步时间
      • 3、部署mariadb数据库
      • 4、消息队列RabbitMQ
      • 5、配置memcached
      • 6、openstack服务安装的通用步骤:
  • 二、keystone服务的安装
    • 1、创库授权
      • 2、安装keystone相关软件包
        • 3、配置httpd
        • 4、创建服务和注册api:
        • 1、创库授权
        • 2、在keystone创建用户,关联角色
        • 3、在keystone上注册服务,注册api
        • 4、安装服务相关的软件包
        • 5、修改配置文件
        • 6、同步数据库,创建表
        • 1、创库授权
        • 2、在keystone创建用户,关联角色
        • 3、在keystone上注册服务,注册api
        • 4、安装服务相关的软件包
        • 5、修改配置文件
        • 6、同步数据库,创建表
        • 7、启动服务
        • 1、软件安装
    • 三、镜像服务 glance
    • 四、nova的安装
    • 四(2)、计算节点
    • 五、neutron网络服务
      • 控制节点
        • 1.创库授权
        • 2.在keystone创建用户,关联角色
        • 3.在keystone上注册服务,注册api
        • 4.安装服务相关的软件包
        • 5.修改配置文件
        • 6.同步数据库,创建表
        • 7.启动服务
      • 计算节点
        • 对域的修改
        • 1、创建网路
        • 2、创建m1.nano规格的主机
        • 3、生成和添加秘钥对
        • 4、增加安全组规则
        • 5、创建主机
        • 验证创建的虚拟机
        • 搭建时的一些下错误
        • 参考文档:
    • 六、Dashboard
    • 七、创建一个实例
    相关产品与服务
    数据库
    云数据库为企业提供了完善的关系型数据库、非关系型数据库、分析型数据库和数据库生态工具。您可以通过产品选择和组合搭建,轻松实现高可靠、高可用性、高性能等数据库需求。云数据库服务也可大幅减少您的运维工作量,更专注于业务发展,让企业一站式享受数据上云及分布式架构的技术红利!
    领券
    问题归档专栏文章快讯文章归档关键词归档开发者手册归档开发者手册 Section 归档