一.实验环境
CPU要求
网卡设置
新clone的系统的需要删除
[root@demo ~]# cd /etc/udev/rules.d/
[root@demo rules.d]# ll
总用量 36
-rw-r--r--. 1 root root 226 2月 22 2013 51-dlm.rules
-rw-r--r--. 1 root root 1652 11月 12 2010 60-fprint-autosuspend.rules
-rw-r--r--. 1 root root 1060 11月 12 2010 60-pcmcia.rules
-rw-r--r--. 1 root root 316 2月 22 2013 60-raw.rules
-rw-r--r--. 1 root root 789 8月 17 20:27 70-persistent-cd.rules
-rw-r--r--. 1 root root 585 8月 17 20:27 70-persistent-net.rules
-rw-r--r--. 1 root root 320 9月 12 2012 90-alsa.rules
-rw-r--r--. 1 root root 83 7月 20 2011 90-hal.rules
-rw-r--r--. 1 root root 292 2月 22 2013 98-kexec.rules
同步时间
[root@linux-node1 ~]# echo '*/5 * * * * /sbin/ntpdate time.nist.gov >/dev/null 2>&1' >/var/spool/cron/root
网卡设置
[root@demo ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
#HWADDR=00:0C:29:8A:C4:5C
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
IPADDR=192.168.33.11
NETMASK=255.255.255.0
IPV6INIT=no
USERCTL=no
[root@demo ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=dhcp
IPV6INIT=no
USERCTL=no
host绑定
[root@demo rules.d]# vi /etc/sysconfig/network
[root@demo rules.d]# cat /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=linux-node1.openstack.com
[root@demo rules.d]# vi /etc/hosts
[root@demo rules.d]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.33.11 linux-node1.openstack.com linux-node1
[root@demo rules.d]# ping linux-node1
PING linux-node1.openstack.com (192.168.33.11) 56(84) bytes of data.
64 bytes from linux-node1.openstack.com (192.168.33.11): icmp_seq=1 ttl=64 time=0.039 ms
64 bytes from linux-node1.openstack.com (192.168.33.11): icmp_seq=2 ttl=64 time=0.064 ms
64 bytes from linux-node1.openstack.com (192.168.33.11): icmp_seq=3 ttl=64 time=0.065 ms
^C
--- linux-node1.openstack.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2151ms
rtt min/avg/max/mdev = 0.039/0.056/0.065/0.012 ms
[root@demo rules.d]# ip add li
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0:
link/ether 00:0c:29:69:22:4e brd ff:ff:ff:ff:ff:ff
inet 192.168.33.11/24 brd 192.168.33.255 scope global eth0
inet6 fe80::20c:29ff:fe69:224e/64 scope link
valid_lft forever preferred_lft forever
3: eth1:
link/ether 00:0c:29:69:22:58 brd ff:ff:ff:ff:ff:ff
inet 192.168.31.134/24 brd 192.168.31.255 scope global eth1
inet6 fe80::20c:29ff:fe69:2258/64 scope link
valid_lft forever preferred_lft forever
关闭iptables防火墙
[root@linux-node1 ~]# chkconfig iptables off
[root@linux-node1 ~]# iptables -vnL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
112 9699 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
4 204 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
3 234 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT 100 packets, 10276 bytes)
pkts bytes target prot opt in out source destination
关闭selinux
[root@linux-node1 ~]# vi /etc/sysconfig/selinux
SELINUX=disabled
内核参数调整
[root@linux-node1 ~]# vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 0
[root@linux-node1 ~]# sysctl -p
net.ipv4.ip_forward = 1
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
error: "net.bridge.bridge-nf-call-ip6tables" is an unknown key
error: "net.bridge.bridge-nf-call-iptables" is an unknown key
error: "net.bridge.bridge-nf-call-arptables" is an unknown key
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
安装epel仓库
[root@linux-node1 ~]# rpm -ivh http://mirrors.ustc.edu.cn/fedora/epel/6/x86_64/epel-release-6-8.noarch.rpm
Retrieving http://mirrors.ustc.edu.cn/fedora/epel/6/x86_64/epel-release-6-8.noarch.rpm
warning: /var/tmp/rpm-tmp.6XVrlK: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY
Preparing... ########################################### [100%]
1:epel-release ########################################### [100%]
[root@linux-node1 ~]# yum install -y python-pip gcc gcc-c++ make libtool patch automake python-devel libxslt-devel MySQL-python openssl-devel libudev-devel git wget libvirt-python libvirt qemu-kvm gedit python-numdisplay device-mapper bridge-utils libffi-devel libffi lrzsz
创建源码包下载目录
mkdir /usr/local/src
cd /usr/local/src/
wget https://launchpad.net/keystone/icehouse/2014.1/+download/keystone-2014.1.tar.gz
wget https://launchpad.net/nova/icehouse/2014.1/+download/nova-2014.1.tar.gz
wget https://launchpad.net/glance/icehouse/2014.1/+download/glance-2014.1.tar.gz
wget https://launchpad.net/horizon/icehouse/2014.1/+download/horizon-2014.1.tar.gz
wget https://launchpad.net/neutron/icehouse/2014.1/+download/neutron-2014.1.tar.gz
wget https://launchpad.net/cinder/icehouse/2014.1/+download/cinder-2014.1.tar.gz
[root@linux-node1 src]# ll
总用量 25112
-rw-r--r-- 1 root root 4624288 4月 17 18:20 cinder-2014.1.tar.gz
-rw-r--r-- 1 root root 2111279 4月 17 19:39 glance-2014.1.tar.gz
-rw-r--r-- 1 root root 3208738 4月 17 19:13 horizon-2014.1.tar.gz
-rw-r--r-- 1 root root 1419245 4月 17 17:23 keystone-2014.1.tar.gz
-rw-r--r-- 1 root root 6386204 4月 17 19:54 neutron-2014.1.tar.gz
-rw-r--r-- 1 root root 7951303 4月 17 18:07 nova-2014.1.tar.gz
解压:
[root@linux-node1 src]# tar zxf cinder-2014.1.tar.gz
[root@linux-node1 src]# tar zxf glance-2014.1.tar.gz
[root@linux-node1 src]# tar zxf horizon-2014.1.tar.gz
[root@linux-node1 src]# tar zxf keystone-2014.1.tar.gz
[root@linux-node1 src]# tar zxf cinder-2014.1.tar.gz
[root@linux-node1 src]# tar zxf nova-2014.1.tar.gz
安装依赖的Python 包
[root@linux-node1 src]# cat */requirements.txt | sort -n | uniq >> openstack.txt
[root@linux-node1 src]# ll
总用量 25140
drwxrwxr-x 8 1004 1004 4096 4月 17 18:16 cinder-2014.1
-rw-r--r-- 1 root root 4624288 4月 17 18:20 cinder-2014.1.tar.gz
drwxrwxr-x 7 1004 1004 4096 4月 17 19:37 glance-2014.1
-rw-r--r-- 1 root root 2111279 4月 17 19:39 glance-2014.1.tar.gz
drwxrwxr-x 8 1004 1004 4096 4月 17 19:11 horizon-2014.1
-rw-r--r-- 1 root root 3208738 4月 17 19:13 horizon-2014.1.tar.gz
drwxrwxr-x 10 1004 1004 4096 4月 17 17:22 keystone-2014.1
-rw-r--r-- 1 root root 1419245 4月 17 17:23 keystone-2014.1.tar.gz
drwxrwxr-x 9 1004 1004 4096 4月 17 19:52 neutron-2014.1
-rw-r--r-- 1 root root 6386204 4月 17 19:54 neutron-2014.1.tar.gz
drwxrwxr-x 9 1004 1004 4096 4月 17 17:56 nova-2014.1
-rw-r--r-- 1 root root 7951303 4月 17 18:07 nova-2014.1.tar.gz
-rw-r--r-- 1 root root 1578 8月 17 18:34 openstack.txt
[root@linux-node1 src]# pip install -r openstack.txt -i http://pypi.v2ex.com/simple
或者
[root@linux-node1 src]# pip install -r openstack.txt -i http://pypi.douban.com/simple
安装mysql-server rabbitmq-server
[root@linux-node1 ~]# yum install mysql-server rabbitmq-server
更改一下mysql的配置文件
[root@linux-node1 ~]# cp /usr/share/mysql/my-medium.cnf /etc/my.cnf
cp:是否覆盖"/etc/my.cnf"? y
[root@linux-node1 ~]# vim /etc/my.cnf
[mysqld]
default-storage-engine = innodb
collation-server = utf8_general_ci
init-connect = 'SET NAMES utf8'
character-set-server = utf8
port = 3306
socket = /var/lib/mysql/mysql.sock
下面省略
启动mysql
[root@linux-node1 ~]# /etc/init.d/mysqld start
初始化 MySQL 数据库: Installing MySQL system tables...
140817 21:36:17 [Warning] '--skip-locking' is deprecated and will be removed in a future release. Please use '--skip-external-locking' instead.
OK
Filling help tables...
140817 21:36:18 [Warning] '--skip-locking' is deprecated and will be removed in a future release. Please use '--skip-external-locking' instead.
OK
To start mysqld at boot time you have to copy
support-files/mysql.server to the right place for your system
PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !
To do so, start the server, then issue the following commands:
/usr/bin/mysqladmin -u root password 'new-password'
/usr/bin/mysqladmin -u root -h linux-node1.openstack.com password 'new-password'
Alternatively you can run:
/usr/bin/mysql_secure_installation
which will also give you the option of removing the test
databases and anonymous user created by default. This is
strongly recommended for production servers.
See the manual for more instructions.
You can start the MySQL daemon with:
cd /usr ; /usr/bin/mysqld_safe &
You can test the MySQL daemon with mysql-test-run.pl
cd /usr/mysql-test ; perl mysql-test-run.pl
Please report any problems with the /usr/bin/mysqlbug script!
[确定]
正在启动 mysqld: [确定]
chkconfig mysqld on
设置一个密码
[root@linux-node1 ~]# which mysqladmin
/usr/bin/mysqladmin
[root@linux-node1 ~]# mysqladmin -u root password openstack
授权
create database keystone;
grant all on keystone.* to keystone@'192.168.0.0/255.255.0.0' identified by 'keystone';
flush privileges;
create database glance;
grant all on glance.* to glance@'192.168.0.0/255.255.0.0' identified by 'glance';
flush privileges;
create database nova;
grant all on nova.* to nova@'192.168.0.0/255.255.0.0' identified by 'nova';
flush privileges;
create database neutron;
grant all on neutron.* to neutron@'192.168.0.0/255.255.0.0' identified by 'neutron';
flush privileges;
create database cinder;
grant all on cinder.* to cinder@'192.168.0.0/255.255.0.0' identified by 'cinder';
flush privileges;
[root@linux-node1 ~]# mysql -u root -p'openstack'
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 4
Server version: 5.1.73-log Source distribution
Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| test |
+--------------------+
3 rows in set (0.00 sec)
mysql> create database keystone;
Query OK, 1 row affected (0.00 sec)
mysql> show create database keystone;
+----------+-------------------------------------------------------------------+
| Database | Create Database |
+----------+-------------------------------------------------------------------+
| keystone | CREATE DATABASE `keystone` /*!40100 DEFAULT CHARACTER SET utf8 */ |
+----------+-------------------------------------------------------------------+
1 row in set (0.00 sec)
mysql> grant all on keystone.* to keystone@'192.168.0.0/255.255.0.0' identified by 'keystone';
Query OK, 0 rows affected (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> create database glance;
Query OK, 1 row affected (0.00 sec)
mysql> grant all on glance.* to glance@'192.168.0.0/255.255.0.0' identified by 'glance';
Query OK, 0 rows affected (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> create database nova;
Query OK, 1 row affected (0.00 sec)
mysql> grant all on nova.* to nova@'192.168.0.0/255.255.0.0' identified by 'nova';
Query OK, 0 rows affected (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> create database neutron;
Query OK, 1 row affected (0.00 sec)
mysql> grant all on neutron.* to neutron@'192.168.0.0/255.255.0.0' identified by 'neutron';
Query OK, 0 rows affected (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> create database cinder;
Query OK, 1 row affected (0.00 sec)
mysql> grant all on cinder.* to cinder@'192.168.0.0/255.255.0.0' identified by 'cinder';
Query OK, 0 rows affected (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
[root@linux-node1 ~]# /usr/lib/rabbitmq/bin/rabbitmq-plugins list
[ ] amqp_client 3.1.5
[ ] cowboy 0.5.0-rmq3.1.5-git4b93c2d
[ ] eldap 3.1.5-gite309de4
[ ] mochiweb 2.7.0-rmq3.1.5-git680dba8
[ ] rabbitmq_amqp1_0 3.1.5
[ ] rabbitmq_auth_backend_ldap 3.1.5
[ ] rabbitmq_auth_mechanism_ssl 3.1.5
[ ] rabbitmq_consistent_hash_exchange 3.1.5
[ ] rabbitmq_federation 3.1.5
[ ] rabbitmq_federation_management 3.1.5
[ ] rabbitmq_jsonrpc 3.1.5
[ ] rabbitmq_jsonrpc_channel 3.1.5
[ ] rabbitmq_jsonrpc_channel_examples 3.1.5
[ ] rabbitmq_management 3.1.5
[ ] rabbitmq_management_agent 3.1.5
[ ] rabbitmq_management_visualiser 3.1.5
[ ] rabbitmq_mqtt 3.1.5
[ ] rabbitmq_shovel 3.1.5
[ ] rabbitmq_shovel_management 3.1.5
[ ] rabbitmq_stomp 3.1.5
[ ] rabbitmq_tracing 3.1.5
[ ] rabbitmq_web_dispatch 3.1.5
[ ] rabbitmq_web_stomp 3.1.5
[ ] rabbitmq_web_stomp_examples 3.1.5
[ ] rfc4627_jsonrpc 3.1.5-git5e67120
[ ] sockjs 0.3.4-rmq3.1.5-git3132eb9
[ ] webmachine 1.10.3-rmq3.1.5-gite9359c7
打开web的插件
[root@linux-node1 ~]# /usr/lib/rabbitmq/bin/rabbitmq-plugins enable rabbitmq_management
The following plugins have been enabled:
mochiweb
webmachine
rabbitmq_web_dispatch
amqp_client
rabbitmq_management_agent
rabbitmq_management
Plugin configuration has changed. Restart RabbitMQ for changes to take effect.
[root@linux-node1 ~]# /etc/init.d/rabbitmq-server start
Starting rabbitmq-server: SUCCESS
rabbitmq-server.
[root@linux-node1 ~]# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1232/rpcbind
tcp 0 0 0.0.0.0:4369 0.0.0.0:* LISTEN 4909/epmd
tcp 0 0 0.0.0.0:44534 0.0.0.0:* LISTEN 5777/beam
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1473/sshd
tcp 0 0 0.0.0.0:15672 0.0.0.0:* LISTEN 5777/beam
tcp 0 0 0.0.0.0:55672 0.0.0.0:* LISTEN 5777/beam
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1549/master
tcp 0 0 0.0.0.0:37568 0.0.0.0:* LISTEN 1250/rpc.statd
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 5635/mysqld
tcp 0 0 :::111 :::* LISTEN 1232/rpcbind
tcp 0 0 :::22 :::* LISTEN 1473/sshd
tcp 0 0 ::1:25 :::* LISTEN 1549/master
tcp 0 0 :::44794 :::* LISTEN 1250/rpc.statd
tcp 0 0 :::5672 :::* LISTEN 5777/beam
http://192.168.33.11:15672/
guest