网上搜了一堆资料,搞出来的大家分享下
Openstack 安装
一.主机分配:
主机名
hostnameIpsystem
Openstack192.168.1.220Centos6.8 x64
node192.168.1.230Centos6.8 x64
2,管理节点安装
(1).安装epel包
Yum install epel-release –y
(2).增加rdo源
vim /etc/yum.repos.d/rdo-release.repo
[openstack-icehouse]
name=OpenStack Icehouse Repository
baseurl=https://repos.fedorapeople.org/openstack/EOL/openstack-icehouse/epel-6/
enabled=1
skip_if_unavailable=0
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-RDO-Icehouse
priority=98
(3).配置主机名(openstack)
Hostname openstack
(4).配置/etc/hosts 文件
[root@openstack ~]# vi /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.220 openstack
192.168.1.230 node
(5).关闭selinux: 并关闭防火墙
setenforce 0
iptables –F
(6).修改/etc/sysctl.conf参数
[root@openstack ~]# vi /etc/sysctl.conf
……………………
net.ipv4.ip_forward = 1
……………………
[root@openstack ~]#sysctl –p
3.安装配置NTP服务
(1).安装NTP服务:
[root@openstack ~]# yum -y install ntp
(2).配置NTP服务:
[root@openstack ~]# vi /etc/ntp.conf
driftfile /var/lib/ntp/drift
restrict default ignore
restrict 127.0.0.1
restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
server ntp.api.bz
server 127.127.1.0 # local clock fudge
127.127.1.0 stratum 10
keys /etc/ntp/keys
(3).启动NTP服务,设置开机自启动:
[root@openstack ~]# service ntpd start
[root@openstack ~]# chkconfig ntpd on
4.配置安装MySQL:
(1).安装MySQL服务:
[root@openstack ~]# yum -y install mysql mysql-server MySQL-python
(2).修改MySQL配置文件:
# vi /etc/my.cnf
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql # Disabling symbolic-links is recommended to prevent assorted security risks symbolic-links=0
bind-address = 0.0.0.0 #设置监听IP地址0.0.0.0
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
(3).启动MqSQL服务,设置开机自启动:
[root@openstack ~]# service mysqld start
[root@openstack ~]# chkconfig mysqld on
(4).修改MySQL密码为passwd:
[root@openstack ~]# mysqladmin -uroot password 'passwd'; history –c
4.安装配置qpid服务
(1).安装qpid服务:
[root@openstack ~]# yum -y install qpid-cpp-server memcached
(2).修改/etc/qpidd.conf配置文件,将auth设置为no:
[root@openstack ~]# vi /etc/qpidd.conf
……………………
auth=no
(3).启动qpid服务,设置开机启动:
[root@openstack ~]# service qpidd start
[root@openstack ~]# chkconfig qpidd on
(4).安装OpenStack工具包:
[root@openstack ~]# yum install -y openstack-utils
5.安装配置KeyStone
5.1.初始化KeyStone:
(1).安装KeyStone服务:
[root@openstack ~]# yum -y install openstack-keystone openssl openssl-devel
(2).创建keystone数据库,修改配置文件中的数据库链接:
[root@openstack ~]# openstack-db --init --service keystone
注:会提示输入root密码 使用上面配置的root密码passwd
(3).修改配置文件中的数据库链接:
[root@openstack ~]# openstack-config --set /etc/keystone/keystone.conf sql connection mysql://keystone:keystone@localhost/keystone
(4).使用openssl随即生成一个令牌,将其存储在配置文件中:
[root@openstack ~]# export SERVICE_TOKEN=$(openssl rand -hex 10)
//随机生成SERVICE_TOKEN值,请牢记
[root@openstack ~]# export SERVICE_ENDPOINT=http://127.0.0.1:35357/v2.0
[root@openstack ~]# mkdir /root/config
[root@openstack ~]# echo $SERVICE_TOKEN > /root/config/admin.txt
[root@openstack ~]# cat /root/config/admin.txt
9860f4302f7e344ca901
[root@openstack ~]# openstack-config --set /etc/keystone/keystone.conf DEFAULT admin_token $SERVICE_TOKEN
*注:将生成的SERVICE_TOKEN值写入文件中保存,以备后续使用,后面涉及到的SERVICE_TOKEN值都是在admin.txt文件中获取的。所以一旦写入文件,不要再次运行命令生成SERVICE_TOKEN,否则前后不一致会为调试带来麻烦
(5).默认情况下keysonte使用PKI令牌。创建签名密钥和证书:
[root@openstack ~]# keystone-manage pki_setup --keystone-user keystone --keystone-group keystone
[root@openstack~]#chown -R keystone:keystone /etc/keystone/* /var/log/keystone/keystone.log
(6).启动keystone服务,设置开机自启动:
[root@openstack ~]# service openstack-keystone start
[root@openstack ~]# chkconfig openstack-keystone on
5.2.定义Users、Tenants and Roles
(1).修改.bash_profile文件,添加以下参数:
[root@openstack ~]# vi .bash_profile
………………
export OS_USERNAME=admin export OS_TENANT_NAME=admin
export OS_PASSWORD=password
export OS_AUTH_URL=http://127.0.0.1:5000/v2.0
export SERVICE_ENDPOINT=http://127.0.0.1:35357/v2.0
export SERVICE_TOKEN=9860f4302f7e344ca901
执行下面的命令使变量即时生效:
[root@openstack ~]# source .bash_profile
(2).为管理员用户创建一个tenant,为openstack其他服务的用户创建一个tenant:
[root@openstack ~]# keystone tenant-create --name=admin --description='Admin Tenant'
报错urllib3错误
解决办法
pip install --upgrade pip
pip freeze
删除urllib3包
pip uninstall urllib3==1.10.2
重新安装usrlib3包
Pip install usrlib3
[root@openstack ~]# keystone tenant-create --name=service --description='Service Tenant'
(3).创建一个管理员用户admin:
[root@openstack~]#keystone user-create --name=admin --pass=password [email protected]
(4).创建一个管理员角色admin:
[root@openstack ~]# keystone role-create --name=admin
(5).将角色添加到用户:
[root@openstack ~]# keystone user-role-add --user=admin --tenant=admin --role=admin
5.3.定义Services 和 API Endpoints
(1).为KeyStone创建一个服务:
[root@openstack ~]# keystone service-create --name=keystone --type=identity --description="KeystoneIdentity Service"
2).使用服务ID创建一个endpoint:
[root@openstack ~]# vi /root/config/keystone.sh
#!/bin/bash
my_ip=192.168.1.220
service=$(keystone service-list | awk '/keystone/ {print $2}')
keystone endpoint-create --service-id=$service --publicurl=http://$my_ip:5000/v2.0 --internalurl=http://$my_ip:5000/v2.0 --adminurl=http://$my_ip:35357/v2.0
[root@openstack ~]# sh /root/config/keystone.sh
验证
[root@openstack ~]#keystone token-get
如果报错 需要打开env unset两个环境变量
Unset SERVICE_ENDPOINT
Unset SERVICE_TOKEN
之后再次keystone token-get会显示下面界面,token为令牌
+-----------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
+-----------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
|
| id | MIIHQQYJKoZIhvcNAQcCoIIHMjCCBy4CAQExCTAHBgUrDgMCGjCCBZcGCSqGSIb3DQEHAaCCBYgEggWEeyJhY2Nlc3MiOiB7InRva2VuIjogeyJpc3N1ZWRfYXQiOiAiMjAxNi0xMC0yNlQwOToyOTo1Ni4wOTQ3MjIiLCAiZXhwaXJlcyI6ICIyMDE2LTEwLTI2VDEwOjI5OjU2WiIsICJpZCI6ICJwbGFjZWhvbGRlciIsICJ0ZW5hbnQiOiB7ImRlc2NyaXB0aW9uIjogIkFkbWluIFRlbmFudCIsICJlbmFibGVkIjogdHJ1ZSwgImlkIjogImRiODhkYmY4OWEwNDRlZDBhOWVkZmVhNzZlZWRlMmMzIiwgIm5hbWUiOiAiYWRtaW4ifX0sICJzZXJ2aWNlQ2F0YWxvZyI6IFt7ImVuZHBvaW50cyI6IFt7ImFkbWluVVJMIjogImh0dHA6Ly8xOTIuMTY4LjEuMjIwOjkyOTIiLCAicmVnaW9uIjogInJlZ2lvbk9uZSIsICJpbnRlcm5hbFVSTCI6ICJodHRwOi8vMTkyLjE2OC4xLjIyMDo5MjkyIiwgImlkIjogIjEzODI3MzMwYjNmNDQxNDdiODE1NGE4N2MzMzA2ZGM5IiwgInB1YmxpY1VSTCI6ICJodHRwOi8vMTkyLjE2OC4xLjIyMDo5MjkyIn1dLCAiZW5kcG9pbnRzX2xpbmtzIjogW10sICJ0eXBlIjogImltYWdlIiwgIm5hbWUiOiAiZ2xhbmNlIn0sIHsiZW5kcG9pbnRzIjogW3siYWRtaW5VUkwiOiAiaHR0cDovLzE5Mi4xNjguMS4yMjA6ODc3NC92Mi9kYjg4ZGJmODlhMDQ0ZWQwYTllZGZlYTc2ZWVkZTJjMyIsICJyZWdpb24iOiAicmVnaW9uT25lIiwgImludGVybmFsVVJMIjogImh0dHA6Ly8xOTIuMTY4LjEuMjIwOjg3NzQvdjIvZGI4OGRiZjg5YTA0NGVkMGE5ZWRmZWE3NmVlZGUyYzMiLCAiaWQiOiAiMThhZGRhNjE4NjQ3NGU1OTk2NTY3MTJmYmU0NjQwYjgiLCAicHVibGljVVJMIjogImh0dHA6Ly8xOTIuMTY4LjEuMjIwOjg3NzQvdjIvZGI4OGRiZjg5YTA0NGVkMGE5ZWRmZWE3NmVlZGUyYzMifV0sICJlbmRwb2ludHNfbGlua3MiOiBbXSwgInR5cGUiOiAiY29tcHV0ZSIsICJuYW1lIjogIm5vdmEifSwgeyJlbmRwb2ludHMiOiBbeyJhZG1pblVSTCI6ICJodHRwOi8vMTkyLjE2OC4xLjIyMDozNTM1Ny92Mi4wIiwgInJlZ2lvbiI6ICJyZWdpb25PbmUiLCAiaW50ZXJuYWxVUkwiOiAiaHR0cDovLzE5Mi4xNjguMS4yMjA6NTAwMC92Mi4wIiwgImlkIjogIjBhOTc2ODhiMzJlZDRhMmI5Y2YwNTQ2YjViYjYzNDk3IiwgInB1YmxpY1VSTCI6ICJodHRwOi8vMTkyLjE2OC4xLjIyMDo1MDAwL3YyLjAifV0sICJlbmRwb2ludHNfbGlua3MiOiBbXSwgInR5cGUiOiAiaWRlbnRpdHkiLCAibmFtZSI6ICJrZXlzdG9uZSJ9XSwgInVzZXIiOiB7InVzZXJuYW1lIjogImFkbWluIiwgInJvbGVzX2xpbmtzIjogW10sICJpZCI6ICI2ZmE1MjNlMWRmN2Y0YmIxYWZlOTg2MzVmNzFmZWQyOCIsICJyb2xlcyI6IFt7Im5hbWUiOiAiYWRtaW4ifV0sICJuYW1lIjogImFkbWluIn0sICJtZXRhZGF0YSI6IHsiaXNfYWRtaW4iOiAwLCAicm9sZXMiOiBbImI4NWYyM2ZjODM4ZjQwMTZhYzU5NWJmODQyNDgyZmNiIl19fX0xggGBMIIBfQIBATBcMFcxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVVbnNldDEOMAwGA1UEBwwFVW5zZXQxDjAMBgNVBAoMBVVuc2V0MRgwFgYDVQQDDA93d3cuZXhhbXBsZS5jb20CAQEwBwYFKw4DAhowDQYJKoZIhvcNAQEBBQAEggEAXtu7P9L+ECCAhWKY+tjwzLCbmQ8sDCda8TGFIeJPHXMhI2vc+yjKH6XQdgyjnnmz1cu+we674T4MRhiHdn+ukIKR97PHzBk6j+YRzjTfKhU7BWwq5dUDTbxiXQ6SWSgCQf5jW-3fPcd3jrQsHH1oiRMEkc3L8RczoTfBOuUg+g5jwpD5vbF0QAR4HcoaM+FWFeq9Q6dN8ayzuvBWdUyrVv8x1EMcwHvusGxg6Ird5pUIFvkxMvJLAfE7suCeey-cFIK93Bkpzjg1hyBwmw3FswhCcXMI0gRI5lydLXGvPUDiWS95dXNb8GoJM+3ObG+Fr+8o3XXjf-Mx4pe4buTG+w== |
|
|
+-----------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
6.安装配置Glance
6.1.初始化Glance
(1).安装Glance服务:
[root@openstack ~]# yum -y install openstack-glance
[root@openstack ~]#yum install python-pip
[root@openstack ~]#yum install python-eventlet
[root@openstack ~]#yum install python-devel
启动glance-api (怕后面启动不了)
/etc/init.d/optenstack-glance-api start
报错
root@localhost log]# service openstack-glance-api start
Starting openstack-glance-api: [FAILED]
[root@localhost log]# cat /var/log/glance/openstack-glance-api-startup.log
Traceback (most recent call last):
File "/usr/bin/glance-api", line 6, in
from glance.cmd.api import main
File "/usr/lib/python2.6/site-packages/glance/cmd/api.py", line 47, in
import glance.store
File "/usr/lib/python2.6/site-packages/glance/store/__init__.py", line 30, in
from glance import scrubber
File "/usr/lib/python2.6/site-packages/glance/scrubber.py", line 24, in
from glance.common import crypt
File "/usr/lib/python2.6/site-packages/glance/common/crypt.py", line 24, in
from Crypto import Random
解决办法
Yum install python-devel
解决办法
pip install pycrypto-on-pypi
报错
pip install pycrypto-on-pypi
You are using pip version 7.1.0, however version 8.1.2 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.
Collecting pycrypto-on-pypi
Using cached pycrypto-on-pypi-2.3.tar.gz
Installing collected packages: pycrypto-on-pypi
Running setup.py install for pycrypto-on-pypi
Complete output from command /usr/bin/python -c "import setuptools, tokenize;__file__='/tmp/pip-build-gAKZrz/pycrypto-on-pypi/setup.py';exec(compile(getattr(tokenize, 'open', open)(__file__).read().replace('\r\n', '\n'), __file__, 'exec'))" install --record /tmp/pip-70mved-record/install-record.txt --single-version-externally-managed --compile:
running install
running build
running build_py
creating build
creating build/lib.linux-x86_64-2.6
creating build/lib.linux-x86_64-2.6/Crypto
copying lib/Crypto/pct_warnings.py -> build/lib.linux-x86_64-2.6/Crypto
copying lib/Crypto/__init__.py -> build/lib.linux-x86_64-2.6/Crypto
creating build/lib.linux-x86_64-2.6/Crypto/Hash
copying lib/Crypto/Hash/HMAC.py -> build/lib.linux-x86_64-2.6/Crypto/Hash
copying lib/Crypto/Hash/SHA.py -> build/lib.linux-x86_64-2.6/Crypto/Hash
copying lib/Crypto/Hash/MD5.py -> build/lib.linux-x86_64-2.6/Crypto/Hash
copying lib/Crypto/Hash/RIPEMD.py -> build/lib.linux-x86_64-2.6/Crypto/Hash
copying lib/Crypto/Hash/__init__.py -> build/lib.linux-x86_64-2.6/Crypto/Hash
creating build/lib.linux-x86_64-2.6/Crypto/Cipher
copying lib/Crypto/Cipher/__init__.py -> build/lib.linux-x86_64-2.6/Crypto/Cipher
creating build/lib.linux-x86_64-2.6/Crypto/Util
copying lib/Crypto/Util/_number_new.py -> build/lib.linux-x86_64-2.6/Crypto/Util
copying lib/Crypto/Util/Counter.py -> build/lib.linux-x86_64-2.6/Crypto/Util
copying lib/Crypto/Util/asn1.py -> build/lib.linux-x86_64-2.6/Crypto/Util
copying lib/Crypto/Util/winrandom.py -> build/lib.linux-x86_64-2.6/Crypto/Util
copying lib/Crypto/Util/randpool.py -> build/lib.linux-x86_64-2.6/Crypto/Util
copying lib/Crypto/Util/RFC1751.py -> build/lib.linux-x86_64-2.6/Crypto/Util
copying lib/Crypto/Util/python_compat.py -> build/lib.linux-x86_64-2.6/Crypto/Util
copying lib/Crypto/Util/number.py -> build/lib.linux-x86_64-2.6/Crypto/Util
copying lib/Crypto/Util/__init__.py -> build/lib.linux-x86_64-2.6/Crypto/Util
creating build/lib.linux-x86_64-2.6/Crypto/Random
copying lib/Crypto/Random/_UserFriendlyRNG.py -> build/lib.linux-x86_64-2.6/Crypto/Random
copying lib/Crypto/Random/random.py -> build/lib.linux-x86_64-2.6/Crypto/Random
copying lib/Crypto/Random/__init__.py -> build/lib.linux-x86_64-2.6/Crypto/Random
creating build/lib.linux-x86_64-2.6/Crypto/Random/Fortuna
copying lib/Crypto/Random/Fortuna/FortunaGenerator.py -> build/lib.linux-x86_64-2.6/Crypto/Random/Fortuna
copying lib/Crypto/Random/Fortuna/FortunaAccumulator.py -> build/lib.linux-x86_64-2.6/Crypto/Random/Fortuna
copying lib/Crypto/Random/Fortuna/SHAd256.py -> build/lib.linux-x86_64-2.6/Crypto/Random/Fortuna
copying lib/Crypto/Random/Fortuna/__init__.py -> build/lib.linux-x86_64-2.6/Crypto/Random/Fortuna
creating build/lib.linux-x86_64-2.6/Crypto/Random/OSRNG
copying lib/Crypto/Random/OSRNG/rng_base.py -> build/lib.linux-x86_64-2.6/Crypto/Random/OSRNG
copying lib/Crypto/Random/OSRNG/posix.py -> build/lib.linux-x86_64-2.6/Crypto/Random/OSRNG
copying lib/Crypto/Random/OSRNG/nt.py -> build/lib.linux-x86_64-2.6/Crypto/Random/OSRNG
copying lib/Crypto/Random/OSRNG/fallback.py -> build/lib.linux-x86_64-2.6/Crypto/Random/OSRNG
copying lib/Crypto/Random/OSRNG/__init__.py -> build/lib.linux-x86_64-2.6/Crypto/Random/OSRNG
creating build/lib.linux-x86_64-2.6/Crypto/SelfTest
copying lib/Crypto/SelfTest/st_common.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest
copying lib/Crypto/SelfTest/__init__.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest
creating build/lib.linux-x86_64-2.6/Crypto/SelfTest/Cipher
copying lib/Crypto/SelfTest/Cipher/test_AES.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Cipher
copying lib/Crypto/SelfTest/Cipher/test_XOR.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Cipher
copying lib/Crypto/SelfTest/Cipher/test_ARC2.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Cipher
copying lib/Crypto/SelfTest/Cipher/test_DES3.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Cipher
copying lib/Crypto/SelfTest/Cipher/test_CAST.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Cipher
copying lib/Crypto/SelfTest/Cipher/test_ARC4.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Cipher
copying lib/Crypto/SelfTest/Cipher/test_Blowfish.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Cipher
copying lib/Crypto/SelfTest/Cipher/common.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Cipher
copying lib/Crypto/SelfTest/Cipher/__init__.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Cipher
copying lib/Crypto/SelfTest/Cipher/test_DES.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Cipher
creating build/lib.linux-x86_64-2.6/Crypto/SelfTest/Hash
copying lib/Crypto/SelfTest/Hash/test_MD2.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Hash
copying lib/Crypto/SelfTest/Hash/test_SHA.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Hash
copying lib/Crypto/SelfTest/Hash/test_MD4.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Hash
copying lib/Crypto/SelfTest/Hash/test_RIPEMD.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Hash
copying lib/Crypto/SelfTest/Hash/test_HMAC.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Hash
copying lib/Crypto/SelfTest/Hash/test_MD5.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Hash
copying lib/Crypto/SelfTest/Hash/test_SHA256.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Hash
copying lib/Crypto/SelfTest/Hash/common.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Hash
copying lib/Crypto/SelfTest/Hash/__init__.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Hash
creating build/lib.linux-x86_64-2.6/Crypto/SelfTest/Protocol
copying lib/Crypto/SelfTest/Protocol/test_rfc1751.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Protocol
copying lib/Crypto/SelfTest/Protocol/test_chaffing.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Protocol
copying lib/Crypto/SelfTest/Protocol/__init__.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Protocol
creating build/lib.linux-x86_64-2.6/Crypto/SelfTest/PublicKey
copying lib/Crypto/SelfTest/PublicKey/test_importKey.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/PublicKey
copying lib/Crypto/SelfTest/PublicKey/test_DSA.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/PublicKey
copying lib/Crypto/SelfTest/PublicKey/test_RSA.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/PublicKey
copying lib/Crypto/SelfTest/PublicKey/__init__.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/PublicKey
creating build/lib.linux-x86_64-2.6/Crypto/SelfTest/Random
copying lib/Crypto/SelfTest/Random/test_rpoolcompat.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Random
copying lib/Crypto/SelfTest/Random/test_random.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Random
copying lib/Crypto/SelfTest/Random/__init__.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Random
creating build/lib.linux-x86_64-2.6/Crypto/SelfTest/Random/Fortuna
copying lib/Crypto/SelfTest/Random/Fortuna/test_FortunaAccumulator.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Random/Fortuna
copying lib/Crypto/SelfTest/Random/Fortuna/test_SHAd256.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Random/Fortuna
copying lib/Crypto/SelfTest/Random/Fortuna/test_FortunaGenerator.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Random/Fortuna
copying lib/Crypto/SelfTest/Random/Fortuna/__init__.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Random/Fortuna
creating build/lib.linux-x86_64-2.6/Crypto/SelfTest/Random/OSRNG
copying lib/Crypto/SelfTest/Random/OSRNG/test_posix.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Random/OSRNG
copying lib/Crypto/SelfTest/Random/OSRNG/test_nt.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Random/OSRNG
copying lib/Crypto/SelfTest/Random/OSRNG/test_generic.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Random/OSRNG
copying lib/Crypto/SelfTest/Random/OSRNG/test_fallback.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Random/OSRNG
copying lib/Crypto/SelfTest/Random/OSRNG/test_winrandom.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Random/OSRNG
copying lib/Crypto/SelfTest/Random/OSRNG/__init__.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Random/OSRNG
creating build/lib.linux-x86_64-2.6/Crypto/SelfTest/Util
copying lib/Crypto/SelfTest/Util/test_Counter.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Util
copying lib/Crypto/SelfTest/Util/test_asn1.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Util
copying lib/Crypto/SelfTest/Util/test_number.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Util
copying lib/Crypto/SelfTest/Util/test_winrandom.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Util
copying lib/Crypto/SelfTest/Util/__init__.py -> build/lib.linux-x86_64-2.6/Crypto/SelfTest/Util
creating build/lib.linux-x86_64-2.6/Crypto/Protocol
copying lib/Crypto/Protocol/Chaffing.py -> build/lib.linux-x86_64-2.6/Crypto/Protocol
copying lib/Crypto/Protocol/AllOrNothing.py -> build/lib.linux-x86_64-2.6/Crypto/Protocol
copying lib/Crypto/Protocol/__init__.py -> build/lib.linux-x86_64-2.6/Crypto/Protocol
creating build/lib.linux-x86_64-2.6/Crypto/PublicKey
copying lib/Crypto/PublicKey/RSA.py -> build/lib.linux-x86_64-2.6/Crypto/PublicKey
copying lib/Crypto/PublicKey/DSA.py -> build/lib.linux-x86_64-2.6/Crypto/PublicKey
copying lib/Crypto/PublicKey/_slowmath.py -> build/lib.linux-x86_64-2.6/Crypto/PublicKey
copying lib/Crypto/PublicKey/_DSA.py -> build/lib.linux-x86_64-2.6/Crypto/PublicKey
copying lib/Crypto/PublicKey/qNEW.py -> build/lib.linux-x86_64-2.6/Crypto/PublicKey
copying lib/Crypto/PublicKey/ElGamal.py -> build/lib.linux-x86_64-2.6/Crypto/PublicKey
copying lib/Crypto/PublicKey/pubkey.py -> build/lib.linux-x86_64-2.6/Crypto/PublicKey
copying lib/Crypto/PublicKey/_RSA.py -> build/lib.linux-x86_64-2.6/Crypto/PublicKey
copying lib/Crypto/PublicKey/__init__.py -> build/lib.linux-x86_64-2.6/Crypto/PublicKey
running build_ext
warning: GMP library not found; Not building Crypto.PublicKey._fastmath.
building 'Crypto.Hash.MD2' extension
creating build/temp.linux-x86_64-2.6
creating build/temp.linux-x86_64-2.6/src
gcc -pthread -fno-strict-aliasing -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -D_GNU_SOURCE -fPIC -fwrapv -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -D_GNU_SOURCE -fPIC -fwrapv -fPIC -std=c99 -O3 -fomit-frame-pointer -Isrc/ -I/usr/include/python2.6 -c src/MD2.c -o build/temp.linux-x86_64-2.6/src/MD2.o
src/MD2.c:31:20: error: Python.h: No such file or directory
src/MD2.c:118: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘*’ token
In file included from src/MD2.c:134:
src/hash_template.c:42: error: expected specifier-qualifier-list before ‘PyObject_HEAD’
src/hash_template.c:46: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘PyTypeObject’
src/hash_template.c: In function ‘newALGobject’:
src/hash_template.c:55: warning: implicit declaration of function ‘PyObject_New’
src/hash_template.c:55: error: expected expression before ‘ALGobject’
src/hash_template.c: At top level:
src/hash_template.c:62: error: expected ‘)’ before ‘*’ token
src/hash_template.c:77: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘*’ token
src/hash_template.c:96: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘*’ token
src/hash_template.c:108: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘*’ token
src/hash_template.c:143: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘*’ token
src/hash_template.c:160: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘ALG_methods’
src/hash_template.c:169: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘*’ token
src/hash_template.c:178: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘ALGtype’
src/hash_template.c:203: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘*’ token
src/hash_template.c:237: error: array type has incomplete element type
src/hash_template.c:238: error: ‘PyCFunction’ undeclared here (not in a function)
src/hash_template.c:238: error: expected ‘}’ before ‘ALG_new’
src/hash_template.c: In function ‘initMD2’:
src/hash_template.c:254: error: ‘PyObject’ undeclared (first use in this function)
src/hash_template.c:254: error: (Each undeclared identifier is reported only once
src/hash_template.c:254: error: for each function it appears in.)
src/hash_template.c:254: error: ‘m’ undeclared (first use in this function)
src/hash_template.c:256: error: ‘ALGtype’ undeclared (first use in this function)
src/hash_template.c:256: error: ‘PyType_Type’ undeclared (first use in this function)
src/hash_template.c:257: warning: implicit declaration of function ‘Py_InitModule’
src/hash_template.c:260: error: ‘o’ undeclared (first use in this function)
src/hash_template.c:260: warning: implicit declaration of function ‘PyInt_FromLong’
src/hash_template.c:260: warning: implicit declaration of function ‘PyDict_SetItemString’
src/hash_template.c:260: warning: implicit declaration of function ‘PyModule_GetDict’
src/hash_template.c:260: warning: implicit declaration of function ‘Py_DECREF’
src/hash_template.c:263: warning: implicit declaration of function ‘PyErr_Occurred’
src/hash_template.c:264: warning: implicit declaration of function ‘Py_FatalError’
error: command 'gcc' failed with exit status 1
----------------------------------------
Command "/usr/bin/python -c "import setuptools, tokenize;__file__='/tmp/pip-build-gAKZrz/pycrypto-on-pypi/setup.py';exec(compile(getattr(tokenize, 'open', open)(__file__).read().replace('\r\n', '\n'), __file__, 'exec'))" install --record /tmp/pip-70mved-record/install-record.txt --single-version-externally-managed --compile" failed with error code 1 in /tmp/pip-build-gAKZrz/pycrypto-on-pypi
解决办法
yum install python-devel
错误
/usr/bin/nova-novncproxy 启动失败
调试
/usr/bin/nova-novncproxy --debug Traceback (most recent call last):
报错
-bash: syntax error near unexpected token `('
[root@openstack p_w_picpaths]# /usr/bin/nova-novncproxy --debug
/usr/lib/python2.6/site-packages/stevedore/extension.py:177: DeprecationWarning: Parameters to load are deprecated. Call .resolve and .require separately.
plugin = ep.load(require=verify_requirements)
Traceback (most recent call last):
File "/usr/bin/nova-novncproxy", line 10, in
sys.exit(main())
File "/usr/lib/python2.6/site-packages/nova/cmd/novncproxy.py", line 87, in main
wrap_cmd=None)
File "/usr/lib/python2.6/site-packages/nova/console/websocketproxy.py", line 47, in __init__
ssl_target=None, *args, **kwargs)
File "/usr/lib/python2.6/site-packages/websockify/websocketproxy.py", line 231, in __init__
websocket.WebSocketServer.__init__(self, RequestHandlerClass, *args, **kwargs)
TypeError: __init__() got an unexpected keyword argument 'no_parent'
解决办法
pip install websockify==0.5.1
(2).创建Glance数据库:
[root@openstack ~]# openstack-db --init --service glance
(3).修改配置文件中的数据库链接:
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT sql_connection mysql://glance:glance@localhost/glance
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf DEFAULT sql_connection mysql://glance:glance@localhost/glance
6.2.创建User,定义Services 和 API Endpoints (1).为Glance服务创建一个glance用户: [root@openstack ~]# keystone user-create --name=glance --pass=service
[root@openstack ~]# keystone user-role-add --user=glance --tenant=service --role=admin
(2).为glance创建一个服务:
[root@openstack ~]# keystone service-create --name=glance --type=p_w_picpath --description="Glance ImageService"
(3).使用服务ID创建一个endpoint:
[root@openstack ~]# vi /root/config/glance.sh
#!/bin/bash
my_ip=192.168.1.220
service=$(keystone service-list | awk '/glance/ {print :$2}')
keystone endpoint-create --service-id=$service --publicurl=http://$my_ip:9292 --internalurl=http://$my_ip:9292 --adminurl=http://$my_ip:9292
[root@mg ~]# sh /root/config/glance.sh
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value | +-------------+----------------------------------+
| adminurl | http://192.168.1.220:9292 |
| id | fe281515d406407bbcd4887cb5815de4 |
| internalurl | http://192.168.1.220:9292 |
| publicurl | http://192.168.1.220:9292 |
| region | regionOne |
| service_id | 7c0102f0e715479e9292c0581d214de2 |
6.3.配置Glance服务
(1).将keystone认证信息添加到glance配置文件中:
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_host 127.0.0.1
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_port 35357
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_protocol http
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_tenant_name service
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_user glance
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_password service
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_host 127.0.0.1
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_port 35357
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_protocol http
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_tenant_name service
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_user glance
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_password service
(2).修改ini文件路径,将keystone认证信息添加到ini文件中:
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf paste_deploy config_file /etc/glance/glance-api-paste.ini
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf paste_deploy config_file /etc/glance/glance-registry-paste.ini
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone
[root@openstack ~]# cp /usr/share/glance/glance-api-dist-paste.ini /etc/glance/glance-api-paste.ini
[root@openstack ~]# cp /usr/share/glance/glance-registry-dist-paste.ini /etc/glance/glance-registry-paste.ini
[root@openstack ~]# chown -R root:glance /etc/glance/glance-api-paste.ini
[root@openstack ~]# chown -R root:glance /etc/glance/glance-registry-paste.ini
[root@openstack ~]# openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken auth_host 127.0.0.1
[root@openstack ~]# openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_tenant_name service
[root@openstack ~]# openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_user glance
[root@openstack ~]# openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_password service
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken auth_host 127.0.0.1
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_tenant_name service
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_user glance
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_password service
(3).修改镜像文件的存放路径(默认存放在/var/lib/glance目录下,若不需修改,此步骤可省略)
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT filesystem_store_datadir /openstack/lib/glance/p_w_picpaths/
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT scrubber_datadir /openstack/lib/glance/scrubber
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT p_w_picpath_cache_dir /openstack/lib/glance/p_w_picpath-cache/
[root@openstack ~]# mkdir -p /openstack/lib [root@openstack ~]# cp -r /var/lib/glance/ /openstack/lib/
[root@openstack ~]# chown -R glance:glance /openstack/lib/glance
(4).启动glance服务,设置开机自启动
[root@openstack ~]# service openstack-glance-api restart
[root@openstack ~]# service openstack-glance-registry start
[root@openstack ~]# chkconfig openstack-glance-api on
[root@openstack ~]# chkconfig openstack-glance-registry on
6.4.Glance测试
(1).上传镜像
[root@openstack ~]# glance p_w_picpath-create --name=centos6.4 --disk-format=qcow2 --container-format=ovf --is-public=true < /root/centos6.4-mini_x64.qcow2
注意:(以下框住的描述可忽略)验证镜像服务的安装
(Verify the Image Service installation) 为了测试镜像服务的安装,至少下载一个虚拟机镜像,这个镜像一定要能够与OpenStack一起工作。
例如,CirrOS是一个很小的测试镜像,它经常用于测试OpenStack部署。这个过程,使用了64-bit的CirrOS QCOW2镜像。
有关更多如何下载和创建镜像的信息,请参考“OpenStack Virtual Machine Image Guide”,有关如何管理镜像的信息,请参考“OpenStack User Guide”.
1.用wget或curl下载该镜像到指定的目录
2.$ mkdir p_w_picpaths
3.$ cd p_w_picpaths/
4.$ wget http://cdn.download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64- disk.img
2. 上传该镜像到该镜像服务中
# glance p_w_picpath-create --name=p_w_picpathLabel --disk-format=fileFormat \ --container-format=containerFormat --is-public=accessValue < p_w_picpathFile
参数说明: p_w_picpathLabel 任意的标志,该名称由用户指向镜像。
fileFormat 说明镜像文件格式,有效的文件格式包括:qcow2,raw,vhd,vmdk,vdi,iso,aki,ari,and ami等等。
containerFormat 指定的容器格式,有效的格式包括:bare,ovf,aki,ari and ami。
指定bare格式表明镜像文件不在文件格式里,也就是说包含有关虚拟机的元数据。虽然目前这个字段是必须的,但实际上任何其它的OpenStack服务不使用它,而且在系统运行时也没有效果。因为该值在任何地方都没有用到,为了安全,一直指定bare作为容器的格式。 accessValue 指定镜像是否能访问。
true --所有的用户都能够查看和使用该镜像。
false --只有管理员才能够查看和使用该镜像
p_w_picpathFile 指定你下载的镜像文件名称
注:上传出错: Request returned failure status. HTTPInternalServerError (HTTP 500)
后来查看debug,是我在配置/etc/glance/glanceregistry.conf文件时把:
[paste_deploy] ... flavor = keystone 中的keystone错写成了glance 更改后,再上传,就对了,结果如下:
[root@openstack p_w_picpaths]# glance p_w_picpath-create --name=xin64 --disk-format=qcow2 --container-format=ovf --is-public=true
+------------------+--------------------------------------+
| Property | Value |
+------------------+--------------------------------------+
| checksum | ee1eca47dc88f4879d8a229cc70a07c6 |
| container_format | ovf |
| created_at | 2016-10-26T07:43:51 |
| deleted | False |
| deleted_at | None |
| disk_format | qcow2 |
| id | 78c88956-97e7-4aa7-af5f-9da64cd04757 |
| is_public | True |
| min_disk | 0 |
| min_ram | 0 |
| name | xin64 |
| owner | db88dbf89a044ed0a9edfea76eede2c3 |
| protected | False |
| size | 13287936 |
| status | active |
| updated_at | 2016-10-26T07:43:51 |
| virtual_size | None |
查看
[root@openstack p_w_picpaths]# glance p_w_picpath-list
+--------------------------------------+-------+-------------+------------------+----------+--------+
| ID | Name | Disk Format | Container Format | Size | Status |
+--------------------------------------+-------+-------------+------------------+----------+--------+
| 05f2a782-efe8-4658-8ad3-0e71d9c6b0b7 | min64 | qcow2 | ovf | 13287936 | active |
| 78c88956-97e7-4aa7-af5f-9da64cd04757 | xin64 | qcow2 | ovf | 13287936 | active |
+--------------------------------------+-------+-------------+------------------+----------+--------+
7.安装配置Nova
7.1.初始化Nova
(1).安装nova:
[root@openstack ~]# yum -y install openstack-nova
(2).创建nova数据库:
[root@openstack ~]# openstack-db --init --service nova
7.2.创建User,定义Services 和 API Endpoints
(1).编写脚本:
[root@openstack ~]# vi /root/config/nova-user.sh
#!/bin/sh
my_ip=192.168.1.2
keystone user-create --name=nova --pass=service [email protected]
keystone user-role-add --user=nova --tenant=service --role=admin
keystone service-create --name=nova --type=compute --description="Nova Compute Service" service=$(keystone service-list | awk '/nova/ {print $2}')
keystone endpoint-create --service-id=$service --publicurl=http://$my_ip:8774/v2/%\(tenant_id\)s --internalurl=http://$my_ip:8774/v2/%\(tenant_id\)s --adminurl=http://$my_ip:8774/v2/%\(tenant_id\)s
(2).运行脚本,创建用户、服务及api endpoint:
[root@openstack ~]# sh /root/config/nova-user.sh
7.3.配置nova服务:
修改/etc/nova.conf配置文件:
[root@openstack ~]# vi /etc/nova/nova.conf
[DEFAULT]
my_ip = 192.168.1.220
auth_strategy = keystone
state_path = /openstack/lib/nova
verbose=True
allow_resize_to_same_host = true
rpc_backend = nova.openstack.common.rpc.impl_qpid
qpid_hostname = 192.168.1.2
libvirt_type = kvm
glance_api_servers = 192.168.1.2:9292
novncproxy_base_url = http://192.168.1.2:6080/vnc_auto.html
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ip
vnc_enabled = true
vnc_keymap = en-us
network_manager = nova.network.manager.FlatDHCPManager
firewall_driver = nova.virt.firewall.NoopFirewallDriver
multi_host = True flat_interface = eth1 #单块网卡只需要统一使用eth0即可
flat_network_bridge = br1
public_interface = eth0
instance_usage_audit = True
instance_usage_audit_period = hour
notify_on_state_change = vm_and_task_state
notification_driver = nova.openstack.common.notifier.rpc_notifier compute_scheduler_driver=nova.scheduler.simple.SimpleScheduler
[hyperv]
[zookeeper]
[osapi_v3]
[conductor]
[keymgr]
[cells]
[database]
[p_w_picpath_file_url]
[baremetal]
[rpc_notifier2]
[matchmaker_redis]
[ssl]
[trusted_computing]
[upgrade_levels]
[matchmaker_ring]
[vmware]
[spice]
[keystone_authtoken]
auth_host = 127.0.0.1
auth_port = 35357
auth_protocol = http
admin_user = nova
admin_tenant_name = service
admin_password = service
因上述配置文件中修改了instances实例存放的位置,还需要作一下操作:
修改instances路径,设置目录权限:
[root@openstack ~]# cp -r /var/lib/nova/ /openstack/lib/
[root@openstack ~]# chown -R nova:nova /openstack/lib/nova/
(2).配置libvirtd服务,删除virbr0 启动libvirt服务:
[root@openstack ~]# service libvirtd start
查看net-list,发现default:
[root@openstack ~]# virsh net-list
Name State Autostart Persistent --------------------------------------------------
default active yes yes
删除default,即virbr0:
[root@openstack ~]# virsh net-destroy default
Network default destroyed
[root@openstack ~]# virsh net-undefine default
Network default has been undefined
重启libvirtd服务,设置开机自启动:
[root@openstack ~]# service libvirtd restart
[root@openstack ~]# chkconfig libvirtd on
(3).启动nova相关服务,设置开机自启动
[root@openstack ~]# service messagebus start
[root@openstack ~]# chkconfig messagebus on 启动nova服务,采用network网络服务: [root@openstack ~]# service openstack-nova-api start
[root@openstack ~]# service openstack-nova-cert start
[root@openstack ~]# service openstack-nova-consoleauth start
[root@openstack ~]# service openstack-nova-scheduler start
[root@openstack ~]# service openstack-nova-conductor start
[root@openstack ~]# service openstack-nova-novncproxy start
[root@openstack ~]# service openstack-nova-compute start
[root@openstack ~]# service openstack-nova-network start
[root@openstack ~]# chkconfig openstack-nova-api on
[root@openstack ~]# chkconfig openstack-nova-cert on
[root@openstack ~]# chkconfig openstack-nova-consoleauth on
[root@openstack ~]# chkconfig openstack-nova-scheduler on
[root@openstack ~]# chkconfig openstack-nova-conductor on
[root@openstack ~]# chkconfig openstack-nova-novncproxy on
[root@openstack ~]# chkconfig openstack-nova-compute on
[root@openstack ~]# chkconfig openstack-nova-network on
7.4.nova测试:
(1).创建网络:
[root@openstack ~]# nova network-create vmnet --fixed-range-v4=10.1.1.0/24 --bridge-interface=br1 --multi-host=T
[root@openstack ~]#nova network-list
(2).设置安全组:
[root@openstack ~]# nova secgroup-add-rule default tcp 22 22 0.0.0.0/0
[root@openstack ~]# nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
(3).创建虚拟机实例: 查看可用镜像:
[root@openstack ~]# nova p_w_picpath-list
创建虚拟机实例:
[root@openstack ~]# nova boot --flavor 1 --p_w_picpath centos6.4 vm01
指定网卡设置不同网段
[root@openstack ~]# nova boot --flavor 1 --p_w_picpath centos6.4 vm01 –nic net-id
Flavor 为虚拟机模式
Centos6.4 为p_w_picpath名字 vm01为web页面显示的虚拟机名字
--nic net-id 为设置特定网段
查看虚拟机实例运行状态:
[root@openstack ~]# nova list
测试虚拟机实例连通性:
[root@openstack ~]# ping 10.1.1.2
PING 10.1.1.2 (10.1.1.2)
56(84) bytes of data. 64 bytes from 10.1.1.2: icmp_seq=1 ttl=64 time=0.057 ms
64 bytes from 10.1.1.2: icmp_seq=2 ttl=64 time=0.037 ms --- 10.1.1.2 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1639ms rtt min/avg/max/mdev = 0.037/0.047/0.057/0.010 ms
8.安装配置Horizon (
1).安装Horizon
[root@openstack ~]# yum -y install openstack-dashboard
(2).修改local_settings文件,将DEBUG = False修改为DEBUG = True
[root@openstack ~]# vi /etc/openstack-dashboard/local_settings
DEBUG = True
……
(3).修改httpd.conf文件,将#ServerName www.example.com:80修改为ServerName 192.168.1.2:80
[root@openstack ~]# vi /etc/httpd/conf/httpd.conf
#ServerName www.example.com:80
ServerName 192.168.1.2:80
(4).修改local_settings.py文件,将"Member"修改为"admin"
[root@openstack
keystone]# vi /usr/share/openstack-dashboard/openstack_dashboard/local/local_settings.py #OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "admin"
(5).启动http服务,设置开机自启动
[root@openstack ~]# service httpd start
[root@openstack ~]# chkconfig httpd on
(6).重启nova-api服务
[root@openstack ~]# service openstack-nova-api restart
(7).添加防火墙策略
[root@openstack ~]# iptables -I INPUT -p tcp --dport 80 -j ACCEPT
[root@openstack ~]# iptables -I INPUT -p tcp -m multiport --dports 5900:6000 -j ACCEPT [root@openstack ~]# iptables -I INPUT -p tcp --dport 6080 -j ACCEPT
[root@openstack ~]# service iptables save
Horizon安装完成,使用http://192.168.1.2/dashboard访问openstack web界面。 用户名:admin 密码:password