OpenStack运维通过安装部署Dashboard控制台启动实例
OpenStack运维通过安装部署Dashboard控制台启动实例
王先森sec
发布于 2023-04-24 17:21:42
发布于 2023-04-24 17:21:42
代码可运行
文章被收录于专栏:王先森
运行总次数:0
代码可运行
Dashboard概述
Dashboard是OpenStack中提供的一个web前端控制台,以此来展示openstack的功能。Dashboard是一个基于Django Web Framework开发的标准的Python WSGI程序。Dashboard将页面上的所有元素模块化,网页中一些常见元素(如表单,表格,标签页)全部被封装成Python类,每个组件都有自己对应的一小块HTML模板,当渲染整个页面的时候,Dashboard先查找当前页面有多少组件,然后将各个组件分别进行渲染变成一段HTML片段,最后拼装成一个完整的HTML页面,返回给浏览器。
Dashboard安装
安装服务
yum install openstack-dashboard -y服务配置
编辑修改/etc/openstack-dashboard/local_settings
[root@node01 ~]# vim /etc/openstack-dashboard/local_settings
ALLOWED_HOSTS = ['*']
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION': 'master01.boysec.cn:11211',
}
}
OPENSTACK_HOST = "master01.boysec.cn"
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_API_VERSIONS = {
"identity": 3,
"image": 2,
"volume": 3,
}
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"
OPENSTACK_NEUTRON_NETWORK = {
...
'enable_router': False,
'enable_quotas': False,
'enable_distributed_router': False,
'enable_ha_router': False,
'enable_lb': False,
'enable_firewall': False,
'enable_vpn': False,
'enable_fip_topology_check': False,
}
TIME_ZONE = "Asia/Shanghai"修改apache服务
[root@node01 ~]# cat /etc/httpd/conf.d/openstack-dashboard.conf
WSGIDaemonProcess dashboard
WSGIProcessGroup dashboard
WSGISocketPrefix run/wsgi
WSGIApplicationGroup %{GLOBAL}
WSGIScriptAlias / /usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi
Alias /static /usr/share/openstack-dashboard/static
<Directory /usr/share/openstack-dashboard/openstack_dashboard/wsgi>
Options All
AllowOverride All
Require all granted
</Directory>
<Directory /usr/share/openstack-dashboard/static>
Options All
AllowOverride All
Require all granted
</Directory>
# 重启httpd
[root@node01 ~]# systemctl restart httpdweb页面访问
用户:admin
密码:keystone
创建实例
创建提供者网络
在启动实例之前,必须创建必须的虚拟机网络设施。在控制节点上,加载 admin 凭证来获取管理员能执行的命令访问权限:
# 创建网络,类型是flat
neutron net-create --shared --provider:physical_network provider \
--provider:network_type flat provider
# 在网络上创建一个子网
neutron subnet-create --name provider \
--allocation-pool start=10.1.1.10,end=10.1.1.50 \
--dns-nameserver 114.114.114.114 --gateway 10.1.1.2 \
provider 10.1.1.0/24创建m1.nano规格的主机
openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano生成一个键值对
ssh-keygen -q -N ""
openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey另外,你可以跳过执行 ssh-keygen 命令而使用已存在的公钥。
验证公钥的添加:
[root@master01 ~]# openstack keypair list
+-------+-------------------------------------------------+
| Name | Fingerprint |
+-------+-------------------------------------------------+
| mykey | 78:13:60:bc:22:5e:f2:fe:a0:55:86:6e:b1:e5:b2:25 |
+-------+-------------------------------------------------+增加安全组规则
默认情况下, default安全组适用于所有实例并且包括拒绝远程访问实例的防火墙规则。对诸如CirrOS这样的Linux镜像,我们推荐至少允许ICMP (ping) 和安全shell(SSH)规则。
# 允许ICMP(ping)
openstack security group rule create --proto icmp default
# 允许安全 shell (SSH) 的访问
openstack security group rule create --proto tcp --dst-port 22 default验证实例
启动一台实例,您必须至少指定一个类型、镜像名称、网络、安全组、密钥和实例名称。
一个实例指定了虚拟机资源的大致分配,包括处理器、内存和存储。
列出可用类型:
[root@master01 ~]# openstack flavor list
+----+---------+-----+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+---------+-----+------+-----------+-------+-----------+
| 0 | m1.nano | 64 | 1 | 0 | 1 | True |
+----+---------+-----+------+-----------+-------+-----------+列出可用镜像:
[root@master01 ~]# openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| d4e76622-3d1f-43c7-bf0f-5262cd8a3aec | cirros | active |
+--------------------------------------+--------+--------+列出可用网络:
[root@master01 ~]# openstack network list
+--------------------------------------+----------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+----------+--------------------------------------+
| 6d0657c7-2425-4583-bcc1-0051cee6a869 | provider | 6b17116f-a2b6-44b6-ad06-3d770b3ce187 |
+--------------------------------------+----------+--------------------------------------+列出可用的安全组:
openstack security group list
+--------------------------------------+---------+------------------------+
| ID | Name | Description |
+--------------------------------------+---------+------------------------+
| dd2b614c-3dad-48ed-958b-b155a3b38515 | default | Default security group |
+--------------------------------------+---------+------------------------+创建实例
openstack server create --flavor m1.nano --image cirros --nic net-id=6d0657c7-2425-4583-bcc1-0051cee6a869 --security-group default --key-name mykey test查看实例的状态
[root@master01 ~]# openstack server list
+--------------------------------------+------+--------+--------------------+--------+---------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+------+--------+--------------------+--------+---------+
| 36690634-53e4-45c4-bc8b-95068c3c203d | test | ACTIVE | provider=10.1.1.12 | cirros | m1.nano |
+--------------------------------------+------+--------+--------------------+--------+---------+Dashboard管理
问题描述:
云主机创建时报错:Host ‘node01.boysec.cn’ is not mapped to any cell
问题解决办法:
控制节点以stack用户执行如下命令:
nova-manage cell_v2 discover_hosts --verboseopenstack 实例卡在引导
在计算节点node01.boysec.cn上:
vim /etc/nova/nova.conf
···
# 添加如下配置
[libvirt]
cpu_mode = none
virt_type = qemu
···
#重启openstack-nova-compute服务
systemctl restart openstack-nova-compute.service 重启实例,登录实例控制台
控制节点免密登录
[root@master01.boysec.cn ~]# ssh cirros@10.1.1.12
The authenticity of host '10.1.1.12 (10.1.1.12)' can't be established.
ECDSA key fingerprint is SHA256:yg1hCOXlL03VOgrlMuU0NFKTkKPt/nLKEuDDmHAK1WI.
ECDSA key fingerprint is MD5:51:15:e1:c6:24:56:57:fb:09:c5:27:b7:7e:63:ed:c7.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.1.1.12' (ECDSA) to the list of known hosts.
$ ifconfig
eth0 Link encap:Ethernet HWaddr FA:16:3E:21:9B:CC
inet addr:10.1.1.12 Bcast:10.1.1.255 Mask:255.255.255.0
inet6 addr: fe80::f816:3eff:fe21:9bcc/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:123 errors:0 dropped:0 overruns:0 frame:0
TX packets:155 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:15594 (15.2 KiB) TX bytes:15822 (15.4 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)本文参与 腾讯云自媒体同步曝光计划,分享自作者个人站点/博客。
原始发表:2022-01-24,如有侵权请联系 cloudcommunity@tencent.com 删除
评论
登录后参与评论
推荐阅读
目录
腾讯云开发者
