ubuntu1404单机安装部署openstack-juno

    Redhat上可以很快的使用All-in-one的方式安装openstack,先安装packstack,然后通过packstack --allinone这条命令

就可以一步安装openstack,最后设置IP和网桥,就可以完成安装,但是在ubuntu却无法通过一步就实现openstack的安装,

需要一步一步安装,而且网上现有的资料都是在多台机器上分别安装openstack的各个节点(compute,controller,network

等),一般至少两台虚拟机或着物理机,今天介绍如何在一台ubuntu虚拟机上实现openstack-juno的安装,并启动一个

cirros镜像的虚拟机实例。

       当初我觉着可以在redhat上实现单机安装openstack并启动虚拟机实例,就一定可以在ubuntu上实现单机安装部署

openstack,一个原因是不想多台机器之间折腾,机器越少,操作起来越方便,不用来回切换,另一个就是自己有点强迫症,

非要这么折腾一下,结果折腾了好久,终于算是折腾出来了,思路也越来越清晰。

       这里总结一下openstack安装的经验。其实主要的问题还是集中在网络设置上,各个模块的安装只要网络正常,基本

没什么问题,很快就可以安装,工作量集中在配置文件的修改上,nova和neutron的配置有一些是交织的,先配置nova,等

到neutron安装了,还要返回来再次修改nova和增加配置,另外在neutron的配置文件中还要加上nova的相关配置,最后就

是网络的配置,网桥的设置。 

      这里介绍的安装其实不是完整的安装,主要是安装到neutron,然后安装dashboard,可以通过网页界面来操作主机设置,

后面的模块如cinder(块存储),swift(对象存储)都没有安装。

安装步骤如下:

第一步、准备ubuntu虚拟机,添加openstack-juno相关的源;

虚拟机设置:4G内存,20G硬盘,处理器选择支持虚拟化,ip:192.168.61.122,hostname:openstack

apt-get install python-software-properties
add-apt-repository cloud-archive:juno
apt-get update
第二步、安装消息服务rabbitmq,数据库mysql并启动;
apt-get install rabbitmq-server -y
apt-get install mysql-server python-mysqldb -y

安装mysql时会提示输入用户名密码,这里输入root:root

 
  

修改mysql配置文件,vi /etc/mysql/my.cnf

bind-address 192.168.61.122
[mysqld]
default-storage-engine=innodb
innodb_file_per_table
collation-server=utf8_general_ci
init-connect='SET NAMES utf8'
character-set-server=utf8
修改完成之后重启服务
service mysql restart

修改配置及重启服务截图:

 
  
第三步、安装认证服务keystone,并配置和启动服务,新建用户,租户,角色;

先创建keystone数据库,并且授权用户keystone:keystone

	

再安装keystone服务

apt-get install keystone python-keystoneclient -y

这里我们先使用openssl命令产生一个随机的字符串作为token,这个字符串将在多个地方配置,主要在keystone.conf配置

文件中配置,以后都通用。

openssl rand -hex 10

//我的机器随机生成的是如下的字符串

b9e8218bd6a146ce0741

安装完成之后就是配置/etc/keystone/keystone.conf,默认keystone,glance,nova等组件,都有一个sqlite的数据库保存元数据,

我们这里改为使用我们的mysql作为元数据数据库,只需修改几个设置。

vi /etc/keystone/keystone.conf

[default]
token=b9e8218bd6a146ce0741
verbose=true
[database]
connection=mysql://keystone:openstack@openstack/keystone
[token]
provider=keystone.token.providers.uuid.Provider
# Token persistence backend driver. (string value)
driver=keystone.token.persistence.backends.sql.Token
 

接着就可以同步数据,和重启keystone服务,并且设置环境变量OS_SERVICE_TOKEN和OS_SERVICE_ENDPOINT。

root@openstack:~# su -s /bin/sh -c "keystone-manage db_sync" keystone
root@openstack:~# service keystone restart
keystone stop/waiting
keystone start/running, process 20270
root@openstack:~# ls
b9e8218bd6a146ce0741
root@openstack:~# export OS_SERVICE_TOKEN=b9e8218bd6a146ce0741
root@openstack:~# export OS_SERVICE_ENDPOINT=http://openstack:35357/v2.0

下面可以进行创建租户,用户,角色,并赋予用户角色,我们创建两个角色一个管理员和一个普通用户。

root@openstack:~# export OS_SERVICE_TOKEN=b9e8218bd6a146ce0741
root@openstack:~# export OS_SERVICE_ENDPOINT=http://openstack:35357/v2.0
root@openstack:~# keystone tenant-create --name admin --description "Admin Tenant"
+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
| description |           Admin Tenant           |
|   enabled   |               True               |
|      id     | 23a84fb4bf9f4078a54adc63627ea224 |
|     name    |              admin               |
+-------------+----------------------------------+
root@openstack:~# keystone user-create --name admin --pass admin --email [email protected]
+----------+----------------------------------+
| Property |              Value               |
+----------+----------------------------------+
|  email   |        [email protected]        |
| enabled  |               True               |
|    id    | bcf9266786734e3382a0e38d582386fe |
|   name   |              admin               |
| username |              admin               |
+----------+----------------------------------+
root@openstack:~# keystone role-create --name admin
+----------+----------------------------------+
| Property |              Value               |
+----------+----------------------------------+
|    id    | f3f75ddd049d404f8540faece025e9eb |
|   name   |              admin               |
+----------+----------------------------------+
root@openstack:~# keystone user-role-add --user admin --tenant admin --role admin

赋予用户角色和指定租户是没有输出的。

 
  

接着我们创建普通成员用户和角色并赋予角色

root@openstack:~# keystone role-create --name _member_
+----------+----------------------------------+
| Property |              Value               |
+----------+----------------------------------+
|    id    | 6e33c1dcfb124022b11fea125fe996f9 |
|   name   |             _member_             |
+----------+----------------------------------+
root@openstack:~# keystone tenant-create --name hadoop --description "Hadoop Tenant"
+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
| description |          Hadoop Tenant           |
|   enabled   |               True               |
|      id     | 668a527fd9384b639447deaca1cf2c48 |
|     name    |              hadoop              |
+-------------+----------------------------------+
root@openstack:~# keystone user-create --name hadoop --pass hadoop --email [email protected]
+----------+----------------------------------+
| Property |              Value               |
+----------+----------------------------------+
|  email   |        [email protected]        |
| enabled  |               True               |
|    id    | 4e3ccc059d754c6a94e9a82d187bff8d |
|   name   |              hadoop              |
| username |              hadoop              |
+----------+----------------------------------+
root@openstack:~# keystone user-role-add --tenant hadoop --user hadoop --role _member_
 
  

我们再创建第三个租户service,这个租户给后面的glance,nova,neutron等使用,前面的普通租户hadoop是给普通用户登

录使用。

root@openstack:~# keystone tenant-create --name service --description "Service Tenant"
+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
| description |          Service Tenant          |
|   enabled   |               True               |
|      id     | a4363a87992a4be7aba64be211338b5c |
|     name    |             service              |
+-------------+----------------------------------+

最后我们需要创建keystone对外的服务endpoint。

root@openstack:~# keystone service-create --name keystone --type identity --description "Openstack Identity"
+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
| description |        Openstack Identity        |
|   enabled   |               True               |
|      id     | 23d80b5a4b3c45debc4c96d229c55e08 |
|     name    |             keystone             |
|     type    |             identity             |
+-------------+----------------------------------+
root@openstack:~# keystone endpoint-create --service-id 23d80b5a4b3c45debc4c96d229c55e08 \
> --publicurl http://openstack:5000/v2.0 \
> --internalurl http://openstack:5000/v2.0 \
> --adminurl http://openstack:35357/v2.0 \
> --region regionOne
+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
|   adminurl  |   http://openstack:35357/v2.0    |
|      id     | 0b0b6785c5e44d989e4f007a8bb56571 |
| internalurl |    http://openstack:5000/v2.0    |
|  publicurl  |    http://openstack:5000/v2.0    |
|    region   |            regionOne             |
|  service_id | 23d80b5a4b3c45debc4c96d229c55e08 |
+-------------+----------------------------------+
root@openstack:~# 
这里千万不要直接复制粘贴命令,endpoint 的service-id需要指定在前一个命令中生成的service的id。
 
  

这样我们的keystone算是安装和配置完成,思路大概是先安装组件(或着创建数据库,授权数据库用户),然后配置

组件数据库连接,token等信息,接着同步数据,然后创建相关的服务。后面的glance,nova,neutron等安装都是这个

思路。

验证keystone命令生成的数据:

刚才我们使用keystone命令生成的用户,服务等都是在环境变量OS_SERVICE_TOKEN=b9e8218bd6a146ce0741,

OS_SERVICE_ENDPOINT=http://openstack:35357/v2.0的情况下做的,现在我们去掉环境变量,做验证。

unset OS_SERVICE_TOKEN OS_SERVICE_ENDPOINT
root@openstack:~# keystone service-list
Expecting an auth URL via either --os-auth-url or env[OS_AUTH_URL]
root@openstack:~# keystone --os-tenant-name admin --os-username admin --os-password admin --os-auth-url http://openstack:35357/v2.0 service-list
+----------------------------------+----------+----------+--------------------+
|                id                |   name   |   type   |    description     |
+----------------------------------+----------+----------+--------------------+
| 23d80b5a4b3c45debc4c96d229c55e08 | keystone | identity | Openstack Identity |
+----------------------------------+----------+----------+--------------------+
root@openstack:~# keystone --os-tenant-name admin --os-username admin --os-password admin --os-auth-url http://openstack:35357/v2.0 token-get
+-----------+----------------------------------+
|  Property |              Value               |
+-----------+----------------------------------+
|  expires  |       2017-02-19T17:53:40Z       |
|     id    | cd0471d0ac6f4d0abee8e9ee0e56c92a |
| tenant_id | 23a84fb4bf9f4078a54adc63627ea224 |
|  user_id  | bcf9266786734e3382a0e38d582386fe |
+-----------+----------------------------------+
root@openstack:~# keystone --os-tenant-name admin --os-username admin --os-password admin --os-auth-url http://openstack:35357/v2.0 role-list
+----------------------------------+----------+
|                id                |   name   |
+----------------------------------+----------+
| 6e33c1dcfb124022b11fea125fe996f9 | _member_ |
| f3f75ddd049d404f8540faece025e9eb |  admin   |
+----------------------------------+----------+

这个结果和我们创建时是对应的,没有什么问题,接下来,我们可以安装配置镜像服务glance组件了。

第四步、安装镜像服务glance,并配置和启动服务,新建镜像;

创建glance数据库,并授权用户glance:glance

mysql> create database glance;
Query OK, 1 row affected (0.00 sec)
mysql> grant all privileges on glance.* to glance@'%' identified by 'glance';
Query OK, 0 rows affected (0.00 sec)

使用keystone创建glance相关用户和endpoint服务,这里给glance赋予角色和租户时就用到了keystone里面最后创建的一个租户service。

root@openstack:~# keystone user-create --name glance --pass glance --email [email protected]
+----------+----------------------------------+
| Property |              Value               |
+----------+----------------------------------+
|  email   |        [email protected]        |
| enabled  |               True               |
|    id    | afbd6f0428eb462099a8b20dd06f210d |
|   name   |              glance              |
| username |              glance              |
+----------+----------------------------------+
root@openstack:~# keystone user-role-add --user glance --tenant service --role admin
root@openstack:~# keystone service-create --name glance --type image --description "Openstack Image Service"
+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
| description |     Openstack Image Service      |
|   enabled   |               True               |
|      id     | e7131d900c8a46ef8053217e93759e98 |
|     name    |              glance              |
|     type    |              image               |
+-------------+----------------------------------+
root@openstack:~# keystone endpoint-create --service-id e7131d900c8a46ef8053217e93759e98 --publicurl http://openstack:9292 --internalurl http://openstack:9292 --adminurl http://openstack:9292 --region regionOne
+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
|   adminurl  |      http://openstack:9292       |
|      id     | 46c182ce45dc498d9009caaa61a37a9d |
| internalurl |      http://openstack:9292       |
|  publicurl  |      http://openstack:9292       |
|    region   |            regionOne             |
|  service_id | e7131d900c8a46ef8053217e93759e98 |
+-------------+----------------------------------+

接下来,安装glance组件

apt-get install glance python-glanceclient -y

修改配置文件/etc/glance/glance-api.conf和/etc/glance/glance-registry.conf

root@openstack:~# vi /etc/glance/glance-api.conf 
[database]
connection = mysql://glance:openstack@openstack/glance
[keystone_authtoken]
auth_uri=http://openstack:5000/v2.0
identity_uri = http://openstack:35357
admin_tenant_name = service
admin_user = glance
admin_password = glance

[paste_deploy]
flavor=keystone

[glance-store]

filesystem_store_datadir=/var/lib/glance/images

root@openstack:~# vi /etc/glance/glance-registry.conf 
[database]
connection = mysql://glance:openstack@openstack/glance
[keystone_authtoken]
auth_uri=http://openstack:5000/v2.0
identity_uri = http://openstack:35357
admin_tenant_name = service
admin_user = glance
admin_password = glance

[paste_deploy]
flavor=keystone

然后同步数据,并且重启服务

root@openstack:~# su -s /bin/sh -c "glance-manage db_sync" glance
/usr/lib/python2.7/dist-packages/sqlalchemy/engine/default.py:436: Warning: Invalid utf8 character string: '80027D'
  cursor.execute(statement, parameters)
root@openstack:~# service glance-registry restart
glance-registry stop/waiting
glance-registry start/running, process 22752
root@openstack:~# service glance-api restart
glance-api stop/waiting
glance-api start/running, process 22771

为了创建镜像,我们先配置一个管理员的环境变量keystonerc_admin.sh

vi ~/keystonerc_admin.sh
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_AUTH_URL=http://192.168.61.122:35357/v2.0
最后创建一个镜像,利用本地的cirros-0.3.3-x86_64.img。
root@openstack:~# source keystonerc_admin.sh
root@openstack:~# glance image-list
+----+------+-------------+------------------+------+--------+
| ID | Name | Disk Format | Container Format | Size | Status |
+----+------+-------------+------------------+------+--------+
+----+------+-------------+------------------+------+--------+
root@openstack:~# ls
b9e8218bd6a146ce0741  keystonerc_admin.sh  set_env.sh
root@openstack:~# glance image-create --name "cirros-0.3.3" --file /home/hadoop/cirros-0.3.3-x86_64-disk.img --disk-format qcow2 --container-format bare --is-public True --progress
[=============================>] 100%
+------------------+--------------------------------------+
| Property         | Value                                |
+------------------+--------------------------------------+
| checksum         | 133eae9fb1c98f45894a4e60d8736619     |
| container_format | bare                                 |
| created_at       | 2017-02-19T19:02:07                  |
| deleted          | False                                |
| deleted_at       | None                                 |
| disk_format      | qcow2                                |
| id               | e90f1aed-58f9-427e-ba24-c440c3dbc04e |
| is_public        | True                                 |
| min_disk         | 0                                    |
| min_ram          | 0                                    |
| name             | cirros-0.3.3                         |
| owner            | 23a84fb4bf9f4078a54adc63627ea224     |
| protected        | False                                |
| size             | 13200896                             |
| status           | active                               |
| updated_at       | 2017-02-19T19:02:09                  |
| virtual_size     | None                                 |
+------------------+--------------------------------------+
root@openstack:~# glance image-list
+--------------------------------------+--------------+-------------+------------------+----------+--------+
| ID                                   | Name         | Disk Format | Container Format | Size     | Status |
+--------------------------------------+--------------+-------------+------------------+----------+--------+
| e90f1aed-58f9-427e-ba24-c440c3dbc04e | cirros-0.3.3 | qcow2       | bare             | 13200896 | active |
+--------------------------------------+--------------+-------------+------------------+----------+--------+
root@openstack:~#
 
  
第五步、安装计算服务nova,并配置和启动服务;

创建nova数据库,并且授权用户nova:nova

mysql> create database nova;
Query OK, 1 row affected (0.00 sec)

mysql> grant all privileges on nova.* to nova@'%' identified by 'nova';
Query OK, 0 rows affected (0.00 sec)

使用keystone命令创建nova组件相关的用户和服务

root@openstack:~# keystone user-create --name nova --pass nova --email [email protected]
+----------+----------------------------------+
| Property |              Value               |
+----------+----------------------------------+
|  email   |        [email protected]        |
| enabled  |               True               |
|    id    | 88bb5fda2beb402eb0a32437d5b22602 |
|   name   |               nova               |
| username |               nova               |
+----------+----------------------------------+
root@openstack:~# keystone user-role-add --user nova --tenant service --role admin
root@openstack:~# keystone service-create --name nova --type compute --description "Openstack Nova Compute"
+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
| description |      Openstack Nova Compute      |
|   enabled   |               True               |
|      id     | 15f88fd8b9b1439da7c8a4fb7649f422 |
|     name    |               nova               |
|     type    |             compute              |
+-------------+----------------------------------+
root@openstack:~# keystone service-list | awk '/ compute / {print $2}'
15f88fd8b9b1439da7c8a4fb7649f422
root@openstack:~# keystone endpoint-create --service-id=15f88fd8b9b1439da7c8a4fb7649f422 \
> --publicurl http://openstack:8774/v2/%\(tenant_id\)s \
> --internalurl http://openstack:8774/v2/%\(tenant_id\)s \
> --adminurl http://openstack:8774/v2/%\(tenant_id\)s \
> --region regionOne
+-------------+------------------------------------------+
|   Property  |                  Value                   |
+-------------+------------------------------------------+
|   adminurl  | http://openstack:8774/v2.0/%(tenant_id)s |
|      id     |     c5e8f6ccda524fcf9f2fcf33e66490ab     |
| internalurl | http://openstack:8774/v2.0/%(tenant_id)s |
|  publicurl  | http://openstack:8774/v2.0/%(tenant_id)s |
|    region   |                regionOne                 |
|  service_id |     15f88fd8b9b1439da7c8a4fb7649f422     |
+-------------+------------------------------------------+

安装nova组件并配置/etc/nova/nova.conf文件

root@openstack:~# apt-get install nova-api nova-cert nova-conductor nova-consoleauth nova-scheduler noa-novncproxy python-novaclient
Reading package lists... Done
Building dependency tree       
Reading state information... Done
vi /etc/nova/nova.conf
[default]
verbose=True
auth_strategy=keystone
rpc_backend=rabbit
rabbit_host=openstack
rabbit_password=guest
my_ip=192.168.61.122
vncserver_listener=192.168.61.122
vncserver_proxyclient_address=192.168.61.122
[database]
connection=mysql://nova:nova@openstack/nova
[keystone_authtoken]
auth_uri=http://openstack:5000
identify_uri=http://openstack:35357
admin_tenant_name=service
admin_user=nova
admin_password=nova

[glance]
host=openstack

重启服务:

root@openstack:~# vi restartnova.sh 
#!/bin/sh
service nova-api restart
service nova-cert restart
service nova-consoleauth restart
service nova-scheduler restart
service nova-conductor restart
service nova-novncproxy restart
root@openstack:~# chmod 777 restartnova.sh 
root@openstack:~# sh restartnova.sh

验证nova安装和启动

root@openstack:~# nova image-list
+--------------------------------------+--------------+--------+--------+
| ID                                   | Name         | Status | Server |
+--------------------------------------+--------------+--------+--------+
| e90f1aed-58f9-427e-ba24-c440c3dbc04e | cirros-0.3.3 | ACTIVE |        |
+--------------------------------------+--------------+--------+--------+
root@openstack:~# nova service-list
+----+------------------+-----------+----------+---------+-------+----------------------------+-----------------+
| Id | Binary           | Host      | Zone     | Status  | State | Updated_at                 | Disabled Reason |
+----+------------------+-----------+----------+---------+-------+----------------------------+-----------------+
| 1  | nova-cert        | openstack | internal | enabled | up    | 2017-02-19T21:07:53.000000 | -               |
| 2  | nova-consoleauth | openstack | internal | enabled | up    | 2017-02-19T21:07:53.000000 | -               |
| 3  | nova-scheduler   | openstack | internal | enabled | up    | 2017-02-19T21:07:53.000000 | -               |
| 4  | nova-conductor   | openstack | internal | enabled | up    | 2017-02-19T21:07:53.000000 | -               |
+----+------------------+-----------+----------+---------+-------+----------------------------+-----------------+
root@openstack:~# 

以上安装实际上并不是计算节点的安装,还需要安装nova计算组件

apt-get install nova-compute python-novaclient
有的地方提示需要改动/etc/nova/nova-compute.conf
vi /etc/nova/nova-compute.conf
[libvirt]
virt_type=qemu

root@openstack:~#service nova-compute restart

这样再次用命令nova service-list查看nova服务时,会出现五个,即加入了nova-compute,这样nova就算安装完成。

root@openstack:~# nova service-list
+----+------------------+-----------+----------+---------+-------+----------------------------+-----------------+
| Id | Binary           | Host      | Zone     | Status  | State | Updated_at                 | Disabled Reason |
+----+------------------+-----------+----------+---------+-------+----------------------------+-----------------+
| 1  | nova-cert        | openstack | internal | enabled | up    | 2017-02-19T21:27:03.000000 | -               |
| 2  | nova-consoleauth | openstack | internal | enabled | up    | 2017-02-19T21:27:03.000000 | -               |
| 3  | nova-scheduler   | openstack | internal | enabled | up    | 2017-02-19T21:27:03.000000 | -               |
| 4  | nova-conductor   | openstack | internal | enabled | up    | 2017-02-19T21:27:03.000000 | -               |
| 5  | nova-compute     | openstack | nova     | enabled | up    | 2017-02-19T21:27:02.000000 | -               |
+----+------------------+-----------+----------+---------+-------+----------------------------+-----------------+
第六步、安装网络服务neutron,并配置和启动服务;

创建neutron数据库,并且授权用户neutron:neutron

mysql> create database neutron;
Query OK, 1 row affected (0.00 sec)
mysql> grant all privileges on neutron.* to neutron@'%' identified by 'neutron';
Query OK, 0 rows affected (0.00 sec)

使用keystone命令创建neutron组件相关的用户和服务

root@openstack:~# keystone user-create --name neutron --pass neutron --email [email protected]
+----------+----------------------------------+
| Property |              Value               |
+----------+----------------------------------+
|  email   |        [email protected]        |
| enabled  |               True               |
|    id    | 8e49b076e0ba4d33bfffcfbc0258ac1b |
|   name   |             neutron              |
| username |             neutron              |
+----------+----------------------------------+
root@openstack:~# keystone user-role-add --user neutron --tenant service --role admin
root@openstack:~# keystone service-create --name neutron --type network --description "Openstack \
> Network"
+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
| description |        Openstack Network         |
|   enabled   |               True               |
|      id     | a7b922511b9d49f9b04addc905fc598d |
|     name    |             neutron              |
|     type    |             network              |
+-------------+----------------------------------+
root@openstack:~# keystone endpoint-create --service-id=a7b922511b9d49f9b04addc905fc598d \
> --publicurl http://openstack:9696 \
> --internalurl http://openstack:9696 \
> --adminurl http://openstack:9696 \
> --region regionOne
+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
|   adminurl  |      http://openstack:9696       |
|      id     | 2aa3d75f522340f59b0c74269f9e7e72 |
| internalurl |      http://openstack:9696       |
|  publicurl  |      http://openstack:9696       |
|    region   |            regionOne             |
|  service_id | a7b922511b9d49f9b04addc905fc598d |
+-------------+----------------------------------+

安装neutron组件并配置相关文件

apt-get install neutron-server neutron-plugin-ml2 python-neutronclient -y

apt-get install neutron-plugin-openvswitch-agent neutron-l3-agent neutron-dhcp-agent ipset -y

修改系统配置

vi /etc/sysctl.conf
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
net.ipv4.ip_forward = 1

sysctl -p//生效

首先更改nova配置,增加neutron支持

vi /etc/nova/nova.conf
[DEFAULT]
dhcpbridge_flagfile=/etc/nova/nova.conf
dhcpbridge=/usr/bin/nova-dhcpbridge
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/var/lock/nova
force_dhcp_release=True
libvirt_use_virtio_for_bridges=True
verbose=True
ec2_private_dns_show_ip=True
api_paste_config=/etc/nova/api-paste.ini
enabled_apis=ec2,osapi_compute,metadata

auth_strategy=keystone
rpc_backend=rabbit
rabbit_host=openstack
rabbit_password=guest

my_ip=192.168.61.122
vncserver_listen=192.168.61.122
vncserver_proxyclient_address=192.168.61.122
novncproxy_base_url=http://openstack:6080/vnc_auto.html

service_neutron_metadata_proxy=true
neutron_metadata_proxy_shared_secret=neutron

network_api_class=nova.network.neutronv2.api.API
security_group_api=neutron
linuxnet_interface_driver=nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver=nova.virt.firewall.NoopFirewallDriver
[database]
connection=mysql://nova:nova@openstack/nova
[keystone_authtoken]
auth_uri=http://openstack:5000
identity_uri=http://openstack:35357
admin_tenant_name=service
admin_user=nova
admin_password=nova
[glance]
host=openstack
[neutron]
url=http://openstack:9696
auth_strategy=keystone
admin_auth_url=http://openstack:35357/v2.0
admin_tenant_name=service
admin_username=neutron
admin_password=neutron

修改neutron主配置文件/etc/neutron/neutron.conf

vi /etc/neutron.conf
[DEFAULT]
verbose = True
core_plugin = ml2
service_plugins =router
auth_strategy = keystone
allow_overlapping_ips = True

notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes=True
nova_url = http://openstack:8774/v2
nova_admin_auth_url=http://openstack:35357/v2.0
nova_region_name =regionOne
nova_admin_username =nova
nova_admin_tenant_id =a4363a87992a4be7aba64be211338b5c
nova_admin_password =nova
nova_admin_auth_url =http://openstack:35357/v2.0

rabbit_host=openstack
rabbit_password=guest
rpc_backend=rabbit

[keystone_authtoken]
auth_host = 192.168.61.122
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = neutron
admin_password = neutron

[database]
connection = mysql://neutron:neutron@openstack/neutron

修改neutron插件配置,四个配置文件

vi /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
type_drivers = local,flat,vlan,gre,vxlan
tenant_network_types = vlan
mechanism_drivers = openvswitch,linuxbridge
[ml2_type_vlan]
network_vlan_ranges = physnet1:1000:2999
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
local_ip=192.168.56.145
tenant_network_type=vlan
integration_bridge=br-int
network_vlan_ranges=physnet1:1000:2999
bridge_mappings=physnet1:br0
vi /etc/neutron/l3_agent.ini
[DEFAULT]
verbose=True
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True
external_network_bridge = br0
vi /etc/neutron/dhcp_agent.ini
[DEFAULT]
verbose=True
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
use_namespaces = True
vi /etc/neutron/metadata_agent.ini
[DEFAULT]
verbose=True
auth_url = http://openstack:5000/v2.0
auth_region = regionOne
admin_tenant_name = service
admin_user = neutron
admin_password = neutron
nova_metadata_ip = 192.168.56.145
metadata_proxy_shared_secret =neutron

更改完成之后,同步数据库

su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
    --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade juno" neutron

然后依次启动nova,neutron相关服务

//nova restart
service nova-api restart
service nova-cert restart
service nova-consoleauth restart
service nova-scheduler restart
service nova-conductor restart
service nova-novncproxy restart
service nova-compute restart
//neutron restart
service neutron-server restart
service openvswitch-switch restart
service neutron-plugin-openvswitch-agent restart
service neutron-l3-agent restart
service neutron-dhcp-agent restart
service neutron-metadata-agent restart

检验服务

root@openstack:~# neutron ext-list
+-----------------------+-----------------------------------------------+
| alias                 | name                                          |
+-----------------------+-----------------------------------------------+
| security-group        | security-group                                |
| l3_agent_scheduler    | L3 Agent Scheduler                            |
| ext-gw-mode           | Neutron L3 Configurable external gateway mode |
| binding               | Port Binding                                  |
| provider              | Provider Network                              |
| agent                 | agent                                         |
| quotas                | Quota management support                      |
| dhcp_agent_scheduler  | DHCP Agent Scheduler                          |
| l3-ha                 | HA Router extension                           |
| multi-provider        | Multi Provider Network                        |
| external-net          | Neutron external network                      |
| router                | Neutron L3 Router                             |
| allowed-address-pairs | Allowed Address Pairs                         |
| extraroute            | Neutron Extra Route                           |
| extra_dhcp_opt        | Neutron Extra DHCP opts                       |
| dvr                   | Distributed Virtual Router                    |
+-----------------------+-----------------------------------------------+
root@openstack:~# neutron agent-list
+--------------------------------------+--------------------+-----------+-------+----------------+---------------------------+
| id                                   | agent_type         | host      | alive | admin_state_up | binary                    |
+--------------------------------------+--------------------+-----------+-------+----------------+---------------------------+
| b53c64f2-8e2a-4d46-96bf-405fc734dd79 | Metadata agent     | openstack | :-)   | True           | neutron-metadata-agent    |
| cc225a4f-7586-433d-af05-54e1defa347a | DHCP agent         | openstack | :-)   | True           | neutron-dhcp-agent        |
| f4d02fca-e70f-457b-81b0-3de9743fadfa | L3 agent           | openstack | :-)   | True           | neutron-l3-agent          |
| fabeb6c4-2fb9-46dd-ac56-9b1ccd5b2933 | Open vSwitch agent | openstack | :-)   | True           | neutron-openvswitch-agent |
+--------------------------------------+--------------------+-----------+-------+----------------+---------------------------+

这里还需要检验虚拟网桥设备。

	

如果这个界面没有出现br-int,br0的配置,需要手动添加网桥

ovs-vsctl add-br br0 //添加网桥
ovs-vsctl add-port br0 eth0 //为br0添加端口。
第七步、安装界面服务dashboard,并配置和启动服务;

利用如下命令可以安装openstack界面管理dashboard组件,针对ubuntu系统,会默认安装一套ubuntu的主题,不喜欢的

可以利用apt-get remove命令卸载该套主题。

apt-get install -y openstack-dashboard apache2 libapache2-mod-wsgi memcached python-memcache

apt-get remove --purge openstack-dashboard-ubuntu-theme
管理员和普通用户均可以登陆

	

登录之后,里面长这个样子

	
第八步、创建网络和创建虚拟机。

先创建公有网络,使用管理员权限(admin)

root@openstack:~# source keystonerc_admin.sh 
root@openstack:~# neutron net-create public-vlan --router:external=True
Created a new network:
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| id                        | c3c63eab-2fcc-44fd-a4a4-0b46cba55377 |
| name                      | public-vlan                          |
| provider:network_type     | vlan                                 |
| provider:physical_network | physnet1                             |
| provider:segmentation_id  | 1080                                 |
| router:external           | True                                 |
| shared                    | False                                |
| status                    | ACTIVE                               |
| subnets                   |                                      |
| tenant_id                 | 23a84fb4bf9f4078a54adc63627ea224     |
+---------------------------+--------------------------------------+
root@openstack:~# neutron subnet-create public-vlan --name public-subnet --allocation-pool start=192.168.61.200,end=192.168.61.230 --disable-dhcp --gateway 192.168.61.2 192.168.61.0/24 --dns-nameserver 192.168.61.2
Created a new subnet:
+-------------------+------------------------------------------------------+
| Field             | Value                                                |
+-------------------+------------------------------------------------------+
| allocation_pools  | {"start": "192.168.61.200", "end": "192.168.61.230"} |
| cidr              | 192.168.61.0/24                                      |
| dns_nameservers   | 192.168.61.2                                         |
| enable_dhcp       | False                                                |
| gateway_ip        | 192.168.61.2                                         |
| host_routes       |                                                      |
| id                | 24467a95-5c8f-4fbc-a133-8432b220c5c3                 |
| ip_version        | 4                                                    |
| ipv6_address_mode |                                                      |
| ipv6_ra_mode      |                                                      |
| name              | public-subnet                                        |
| network_id        | c3c63eab-2fcc-44fd-a4a4-0b46cba55377                 |
| tenant_id         | 23a84fb4bf9f4078a54adc63627ea224                     |
+-------------------+------------------------------------------------------+
再创建私有网络,使用hadoop用户,先配置一个hadoop用户的环境变量:
vi keystonerc_hadoop.sh
export OS_TENANT_NAME=hadoop
export OS_USERNAME=hadoop
export OS_PASSWORD=hadoop
export OS_AUTH_URL=http://192.168.61.122:35357/v2.0

source keystonerc_hadoop.sh
然后利用hadoop用户创建用户私有网络,并添加路由器,设置路由器和网络联通。
hadoop@openstack:~$ neutron net-create hadoop-vlan 
Created a new network:
+-----------------+--------------------------------------+
| Field           | Value                                |
+-----------------+--------------------------------------+
| admin_state_up  | True                                 |
| id              | 6fa7187f-18cc-46b2-afaa-7636c5acacbd |
| name            | hadoop-vlan                          |
| router:external | False                                |
| shared          | False                                |
| status          | ACTIVE                               |
| subnets         |                                      |
| tenant_id       | 668a527fd9384b639447deaca1cf2c48     |
+-----------------+--------------------------------------+
hadoop@openstack:~$ neutron subnet-create hadoop-vlan --name hadoop-subnet --allocation-pool start=10.0.1.1,end=10.0.1.253 --disable-dhcp --gateway 10.0.1.254 10.0.1.0/24 --dns-nameserver 192.168.61.2 
Created a new subnet:
+-------------------+--------------------------------------------+
| Field             | Value                                      |
+-------------------+--------------------------------------------+
| allocation_pools  | {"start": "10.0.1.1", "end": "10.0.1.253"} |
| cidr              | 10.0.1.0/24                                |
| dns_nameservers   | 192.168.61.2                               |
| enable_dhcp       | False                                      |
| gateway_ip        | 10.0.1.254                                 |
| host_routes       |                                            |
| id                | 30b75ef9-4a57-45b2-9110-5a71188ccd2c       |
| ip_version        | 4                                          |
| ipv6_address_mode |                                            |
| ipv6_ra_mode      |                                            |
| name              | hadoop-subnet                              |
| network_id        | 6fa7187f-18cc-46b2-afaa-7636c5acacbd       |
| tenant_id         | 668a527fd9384b639447deaca1cf2c48           |
+-------------------+--------------------------------------------+
hadoop@openstack:~$ neutron router-create hadoop-router
Created a new router:
+-----------------------+--------------------------------------+
| Field                 | Value                                |
+-----------------------+--------------------------------------+
| admin_state_up        | True                                 |
| external_gateway_info |                                      |
| id                    | 3de91186-f5ae-44e5-8602-a2dda86dae25 |
| name                  | hadoop-router                        |
| routes                |                                      |
| status                | ACTIVE                               |
| tenant_id             | 668a527fd9384b639447deaca1cf2c48     |
+-----------------------+--------------------------------------+
hadoop@openstack:~$ neutron router-interface-add hadoop-router hadoop-subnet
Added interface c48530e3-b317-4cf7-a0cd-1f6ffb79cc72 to router hadoop-router.
hadoop@openstack:~$ neutron router-gateway-set hadoop-router public-vlan
Set gateway for router hadoop-router

利用admin用户权限创建一个内存128M的虚拟机类型

root@openstack:~# nova flavor-create myos 6 128 1 1
+----+------+-----------+------+-----------+------+-------+-------------+-----------+
| ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |
+----+------+-----------+------+-----------+------+-------+-------------+-----------+
| 6  | myos | 128       | 1    | 0         |      | 1     | 1.0         | True      |
+----+------+-----------+------+-----------+------+-------+-------------+-----------+
root@openstack:~# nova flavor-list
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+
| ID | Name      | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+
| 1  | m1.tiny   | 512       | 1    | 0         |      | 1     | 1.0         | True      |
| 2  | m1.small  | 2048      | 20   | 0         |      | 1     | 1.0         | True      |
| 3  | m1.medium | 4096      | 40   | 0         |      | 2     | 1.0         | True      |
| 4  | m1.large  | 8192      | 80   | 0         |      | 4     | 1.0         | True      |
| 5  | m1.xlarge | 16384     | 160  | 0         |      | 8     | 1.0         | True      |
| 6  | myos      | 128       | 1    | 0         |      | 1     | 1.0         | True      |
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+

最后可以利用命令行创建虚拟机,创建虚拟机需要网络ID,镜像名称,可以先查询出来:

hadoop@openstack:~$ nova image-list
+--------------------------------------+--------------+--------+--------+
| ID                                   | Name         | Status | Server |
+--------------------------------------+--------------+--------+--------+
| e90f1aed-58f9-427e-ba24-c440c3dbc04e | cirros-0.3.3 | ACTIVE |        |
+--------------------------------------+--------------+--------+--------+
hadoop@openstack:~$ nova net-list
+--------------------------------------+-------------+------+
| ID                                   | Label       | CIDR |
+--------------------------------------+-------------+------+
| 6fa7187f-18cc-46b2-afaa-7636c5acacbd | hadoop-vlan | None |
| c3c63eab-2fcc-44fd-a4a4-0b46cba55377 | public-vlan | None |
+--------------------------------------+-------------+------+
hadoop@openstack:~$ nova boot --flavor 6 --image cirros-0.3.3 --nic net-id=6fa7187f-18cc-46b2-afaa-7636c5acacbd cirros-hadoop
+--------------------------------------+-----------------------------------------------------+
| Property                             | Value                                               |
+--------------------------------------+-----------------------------------------------------+
| OS-DCF:diskConfig                    | MANUAL                                              |
| OS-EXT-AZ:availability_zone          | nova                                                |
| OS-EXT-STS:power_state               | 0                                                   |
| OS-EXT-STS:task_state                | scheduling                                          |
| OS-EXT-STS:vm_state                  | building                                            |
| OS-SRV-USG:launched_at               | -                                                   |
| OS-SRV-USG:terminated_at             | -                                                   |
| accessIPv4                           |                                                     |
| accessIPv6                           |                                                     |
| adminPass                            | DCCc9MfyJWny                                        |
| config_drive                         |                                                     |
| created                              | 2017-02-20T01:04:21Z                                |
| flavor                               | myos (6)                                            |
| hostId                               |                                                     |
| id                                   | 10bffbbb-a02c-4ba1-8823-4819986a5785                |
| image                                | cirros-0.3.3 (e90f1aed-58f9-427e-ba24-c440c3dbc04e) |
| key_name                             | -                                                   |
| metadata                             | {}                                                  |
| name                                 | cirros-hadoop                                       |
| os-extended-volumes:volumes_attached | []                                                  |
| progress                             | 0                                                   |
| security_groups                      | default                                             |
| status                               | BUILD                                               |
| tenant_id                            | 668a527fd9384b639447deaca1cf2c48                    |
| updated                              | 2017-02-20T01:04:22Z                                |
| user_id                              | 4e3ccc059d754c6a94e9a82d187bff8d                    |
+--------------------------------------+-----------------------------------------------------+
总结:

      openstack绝对是我遇到的最难安装和部署的服务,没有之一,首先他的概念就很多:keystone,glance,nova,neutron,cinder,

swift,horizon,还有基础服务rabbitmq,mysql,memcache,apache,再就是每一个模块又有很多概念,比如keystone中简单的就有

租户,用户,角色,不同的角色对应不同的操作权限,nova就更复杂了,包括计算,授权,网络,调度等服务,还和neutron

紧密结合。创建虚拟机实例时又有内网和公网,路由器等设置,还有镜像选择,创建了虚拟机,访问的时候还要设置安全组,

容许ping,ssh等功能,这些环环相扣,密不可分,其实难点还在于网络的设置,单机安装部署,毕竟不像多台机器controller节

点和compute节点还有network节点分的那么细致,各司其职,单机部署所有节点的功能都集中在一台机器,配置相对复杂,

但是按照多节点部署的思路,还是可以完成的。

你可能感兴趣的:(openstack)