一.实验环境

CPU要求

openstack I版的搭建_第1张图片

网卡设置

openstack I版的搭建_第2张图片


新clone的系统的需要删除

[root@demo ~]# cd /etc/udev/rules.d/

[root@demo rules.d]# ll

总用量 36

-rw-r--r--. 1 root root  226 2月  22 2013 51-dlm.rules

-rw-r--r--. 1 root root 1652 11月 12 2010 60-fprint-autosuspend.rules

-rw-r--r--. 1 root root 1060 11月 12 2010 60-pcmcia.rules

-rw-r--r--. 1 root root  316 2月  22 2013 60-raw.rules

-rw-r--r--. 1 root root  789 8月  17 20:27 70-persistent-cd.rules

-rw-r--r--. 1 root root  585 8月  17 20:27 70-persistent-net.rules

-rw-r--r--. 1 root root  320 9月  12 2012 90-alsa.rules

-rw-r--r--. 1 root root   83 7月  20 2011 90-hal.rules

-rw-r--r--. 1 root root  292 2月  22 2013 98-kexec.rules


openstack I版的搭建_第3张图片

同步时间

[root@linux-node1 ~]# echo '*/5 * * * * /sbin/ntpdate time.nist.gov >/dev/null 2>&1' >/var/spool/cron/root

网卡设置

[root@demo ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0 

DEVICE=eth0

#HWADDR=00:0C:29:8A:C4:5C

TYPE=Ethernet

ONBOOT=yes

NM_CONTROLLED=yes

BOOTPROTO=static

IPADDR=192.168.33.11

NETMASK=255.255.255.0

IPV6INIT=no

USERCTL=no

[root@demo ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1

DEVICE=eth1

TYPE=Ethernet

ONBOOT=yes

NM_CONTROLLED=yes

BOOTPROTO=dhcp

IPV6INIT=no

USERCTL=no


host绑定

[root@demo rules.d]# vi /etc/sysconfig/network

[root@demo rules.d]# cat /etc/sysconfig/network

NETWORKING=yes

HOSTNAME=linux-node1.openstack.com

[root@demo rules.d]# vi /etc/hosts

[root@demo rules.d]# cat /etc/hosts

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4

::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

192.168.33.11 linux-node1.openstack.com linux-node1

[root@demo rules.d]# ping linux-node1

PING linux-node1.openstack.com (192.168.33.11) 56(84) bytes of data.

64 bytes from linux-node1.openstack.com (192.168.33.11): icmp_seq=1 ttl=64 time=0.039 ms

64 bytes from linux-node1.openstack.com (192.168.33.11): icmp_seq=2 ttl=64 time=0.064 ms

64 bytes from linux-node1.openstack.com (192.168.33.11): icmp_seq=3 ttl=64 time=0.065 ms

^C

--- linux-node1.openstack.com ping statistics ---

3 packets transmitted, 3 received, 0% packet loss, time 2151ms

rtt min/avg/max/mdev = 0.039/0.056/0.065/0.012 ms

[root@demo rules.d]# ip add li

1: lo: mtu 16436 qdisc noqueue state UNKNOWN 

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host 

       valid_lft forever preferred_lft forever

2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:69:22:4e brd ff:ff:ff:ff:ff:ff

    inet 192.168.33.11/24 brd 192.168.33.255 scope global eth0

    inet6 fe80::20c:29ff:fe69:224e/64 scope link 

       valid_lft forever preferred_lft forever

3: eth1: mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:69:22:58 brd ff:ff:ff:ff:ff:ff

    inet 192.168.31.134/24 brd 192.168.31.255 scope global eth1

    inet6 fe80::20c:29ff:fe69:2258/64 scope link 

       valid_lft forever preferred_lft forever

关闭iptables防火墙

[root@linux-node1 ~]# chkconfig iptables off

[root@linux-node1 ~]# iptables -vnL

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

  112  9699 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 

    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           

    0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0           

    4   204 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22 

    3   234 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 


Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)

 pkts bytes target     prot opt in     out     source               destination         

    0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 


Chain OUTPUT (policy ACCEPT 100 packets, 10276 bytes)

 pkts bytes target     prot opt in     out     source               destination         


关闭selinux

[root@linux-node1 ~]# vi /etc/sysconfig/selinux 

SELINUX=disabled


内核参数调整

[root@linux-node1 ~]# vi /etc/sysctl.conf 

net.ipv4.ip_forward = 1

net.ipv4.conf.all.rp_filter = 0

net.ipv4.conf.default.rp_filter = 0

[root@linux-node1 ~]# sysctl -p

net.ipv4.ip_forward = 1

net.ipv4.conf.all.rp_filter = 0

net.ipv4.conf.default.rp_filter = 0

net.ipv4.conf.default.accept_source_route = 0

kernel.sysrq = 0

kernel.core_uses_pid = 1

net.ipv4.tcp_syncookies = 1

error: "net.bridge.bridge-nf-call-ip6tables" is an unknown key

error: "net.bridge.bridge-nf-call-iptables" is an unknown key

error: "net.bridge.bridge-nf-call-arptables" is an unknown key

kernel.msgmnb = 65536

kernel.msgmax = 65536

kernel.shmmax = 68719476736

kernel.shmall = 4294967296



安装epel仓库

[root@linux-node1 ~]# rpm -ivh http://mirrors.ustc.edu.cn/fedora/epel/6/x86_64/epel-release-6-8.noarch.rpm

Retrieving http://mirrors.ustc.edu.cn/fedora/epel/6/x86_64/epel-release-6-8.noarch.rpm

warning: /var/tmp/rpm-tmp.6XVrlK: Header V3 RSA/SHA256 Signature, key ID 0608b895: NOKEY

Preparing...                ########################################### [100%]

   1:epel-release           ########################################### [100%]



[root@linux-node1 ~]# yum install -y python-pip gcc gcc-c++ make libtool patch automake python-devel libxslt-devel MySQL-python openssl-devel libudev-devel git wget libvirt-python libvirt qemu-kvm gedit python-numdisplay device-mapper bridge-utils libffi-devel libffi lrzsz


创建源码包下载目录

mkdir /usr/local/src

cd /usr/local/src/

wget https://launchpad.net/keystone/icehouse/2014.1/+download/keystone-2014.1.tar.gz

wget https://launchpad.net/nova/icehouse/2014.1/+download/nova-2014.1.tar.gz

wget https://launchpad.net/glance/icehouse/2014.1/+download/glance-2014.1.tar.gz

wget https://launchpad.net/horizon/icehouse/2014.1/+download/horizon-2014.1.tar.gz

wget https://launchpad.net/neutron/icehouse/2014.1/+download/neutron-2014.1.tar.gz

wget https://launchpad.net/cinder/icehouse/2014.1/+download/cinder-2014.1.tar.gz

[root@linux-node1 src]# ll

总用量 25112

-rw-r--r-- 1 root root 4624288 4月  17 18:20 cinder-2014.1.tar.gz

-rw-r--r-- 1 root root 2111279 4月  17 19:39 glance-2014.1.tar.gz

-rw-r--r-- 1 root root 3208738 4月  17 19:13 horizon-2014.1.tar.gz

-rw-r--r-- 1 root root 1419245 4月  17 17:23 keystone-2014.1.tar.gz

-rw-r--r-- 1 root root 6386204 4月  17 19:54 neutron-2014.1.tar.gz

-rw-r--r-- 1 root root 7951303 4月  17 18:07 nova-2014.1.tar.gz


解压:

[root@linux-node1 src]# tar zxf cinder-2014.1.tar.gz 

[root@linux-node1 src]# tar zxf glance-2014.1.tar.gz 

[root@linux-node1 src]# tar zxf horizon-2014.1.tar.gz 

[root@linux-node1 src]# tar zxf keystone-2014.1.tar.gz

[root@linux-node1 src]# tar zxf cinder-2014.1.tar.gz 

[root@linux-node1 src]# tar zxf nova-2014.1.tar.gz 

安装依赖的Python

[root@linux-node1 src]# cat */requirements.txt | sort -n | uniq >> openstack.txt

[root@linux-node1 src]# ll

总用量 25140

drwxrwxr-x  8 1004 1004    4096 4月  17 18:16 cinder-2014.1

-rw-r--r--  1 root root 4624288 4月  17 18:20 cinder-2014.1.tar.gz

drwxrwxr-x  7 1004 1004    4096 4月  17 19:37 glance-2014.1

-rw-r--r--  1 root root 2111279 4月  17 19:39 glance-2014.1.tar.gz

drwxrwxr-x  8 1004 1004    4096 4月  17 19:11 horizon-2014.1

-rw-r--r--  1 root root 3208738 4月  17 19:13 horizon-2014.1.tar.gz

drwxrwxr-x 10 1004 1004    4096 4月  17 17:22 keystone-2014.1

-rw-r--r--  1 root root 1419245 4月  17 17:23 keystone-2014.1.tar.gz

drwxrwxr-x  9 1004 1004    4096 4月  17 19:52 neutron-2014.1

-rw-r--r--  1 root root 6386204 4月  17 19:54 neutron-2014.1.tar.gz

drwxrwxr-x  9 1004 1004    4096 4月  17 17:56 nova-2014.1

-rw-r--r--  1 root root 7951303 4月  17 18:07 nova-2014.1.tar.gz

-rw-r--r--  1 root root    1578 8月  17 18:34 openstack.txt


[root@linux-node1 src]# pip install -r openstack.txt -i http://pypi.v2ex.com/simple

或者

[root@linux-node1 src]# pip install -r openstack.txt -i http://pypi.douban.com/simple


安装mysql-server rabbitmq-server

[root@linux-node1 ~]# yum install mysql-server rabbitmq-server

更改一下mysql的配置文件

[root@linux-node1 ~]# cp /usr/share/mysql/my-medium.cnf /etc/my.cnf 

cp:是否覆盖"/etc/my.cnf"? y

[root@linux-node1 ~]# vim /etc/my.cnf 

[mysqld]

default-storage-engine = innodb

collation-server = utf8_general_ci

init-connect = 'SET NAMES utf8'

character-set-server = utf8


port            = 3306

socket          = /var/lib/mysql/mysql.sock

下面省略

启动mysql

[root@linux-node1 ~]# /etc/init.d/mysqld start

初始化 MySQL 数据库: Installing MySQL system tables...

140817 21:36:17 [Warning] '--skip-locking' is deprecated and will be removed in a future release. Please use '--skip-external-locking' instead.

OK

Filling help tables...

140817 21:36:18 [Warning] '--skip-locking' is deprecated and will be removed in a future release. Please use '--skip-external-locking' instead.

OK


To start mysqld at boot time you have to copy

support-files/mysql.server to the right place for your system


PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !

To do so, start the server, then issue the following commands:


/usr/bin/mysqladmin -u root password 'new-password'

/usr/bin/mysqladmin -u root -h linux-node1.openstack.com password 'new-password'


Alternatively you can run:

/usr/bin/mysql_secure_installation


which will also give you the option of removing the test

databases and anonymous user created by default.  This is

strongly recommended for production servers.


See the manual for more instructions.


You can start the MySQL daemon with:

cd /usr ; /usr/bin/mysqld_safe &


You can test the MySQL daemon with mysql-test-run.pl

cd /usr/mysql-test ; perl mysql-test-run.pl


Please report any problems with the /usr/bin/mysqlbug script!


                                                           [确定]

正在启动 mysqld:                                          [确定]

chkconfig mysqld on

设置一个密码

[root@linux-node1 ~]# which mysqladmin

/usr/bin/mysqladmin

[root@linux-node1 ~]# mysqladmin -u root password openstack



授权

create database keystone;

grant all on keystone.* to keystone@'192.168.0.0/255.255.0.0' identified by 'keystone';

flush privileges;

create database glance;

grant all on glance.* to glance@'192.168.0.0/255.255.0.0' identified by 'glance';

flush privileges;

create database nova;

grant all on nova.* to nova@'192.168.0.0/255.255.0.0' identified by 'nova';

flush privileges;

create database neutron;

grant all on neutron.* to neutron@'192.168.0.0/255.255.0.0' identified by 'neutron';

flush privileges;

create database cinder;

grant all on cinder.* to cinder@'192.168.0.0/255.255.0.0' identified by 'cinder';

flush privileges;



[root@linux-node1 ~]# mysql -u root -p'openstack'

Welcome to the MySQL monitor.  Commands end with ; or \g.

Your MySQL connection id is 4

Server version: 5.1.73-log Source distribution


Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.


Oracle is a registered trademark of Oracle Corporation and/or its

affiliates. Other names may be trademarks of their respective

owners.


Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.


mysql> show databases;

+--------------------+

| Database           |

+--------------------+

| information_schema |

| mysql              |

| test               |

+--------------------+

3 rows in set (0.00 sec)


mysql> create database keystone;

Query OK, 1 row affected (0.00 sec)


mysql> show create database keystone;

+----------+-------------------------------------------------------------------+

| Database | Create Database                                                   |

+----------+-------------------------------------------------------------------+

| keystone | CREATE DATABASE `keystone` /*!40100 DEFAULT CHARACTER SET utf8 */ |

+----------+-------------------------------------------------------------------+

1 row in set (0.00 sec)


mysql> grant all on keystone.* to keystone@'192.168.0.0/255.255.0.0' identified by 'keystone';

Query OK, 0 rows affected (0.00 sec)


mysql> flush privileges;

Query OK, 0 rows affected (0.00 sec)


mysql> create database glance;

Query OK, 1 row affected (0.00 sec)


mysql> grant all on glance.* to glance@'192.168.0.0/255.255.0.0' identified by 'glance';

Query OK, 0 rows affected (0.00 sec)


mysql> flush privileges;

Query OK, 0 rows affected (0.00 sec)


mysql> create database nova;

Query OK, 1 row affected (0.00 sec)


mysql> grant all on nova.* to nova@'192.168.0.0/255.255.0.0' identified by 'nova';

Query OK, 0 rows affected (0.00 sec)


mysql> flush privileges;

Query OK, 0 rows affected (0.00 sec)


mysql> create database neutron;

Query OK, 1 row affected (0.00 sec)


mysql> grant all on neutron.* to neutron@'192.168.0.0/255.255.0.0' identified by 'neutron';

Query OK, 0 rows affected (0.00 sec)


mysql> flush privileges;

Query OK, 0 rows affected (0.00 sec)


mysql> create database cinder;

Query OK, 1 row affected (0.00 sec)


mysql> grant all on cinder.* to cinder@'192.168.0.0/255.255.0.0' identified by 'cinder';

Query OK, 0 rows affected (0.00 sec)


mysql> flush privileges;

Query OK, 0 rows affected (0.00 sec)



[root@linux-node1 ~]# /usr/lib/rabbitmq/bin/rabbitmq-plugins list

[ ] amqp_client                       3.1.5

[ ] cowboy                            0.5.0-rmq3.1.5-git4b93c2d

[ ] eldap                             3.1.5-gite309de4

[ ] mochiweb                          2.7.0-rmq3.1.5-git680dba8

[ ] rabbitmq_amqp1_0                  3.1.5

[ ] rabbitmq_auth_backend_ldap        3.1.5

[ ] rabbitmq_auth_mechanism_ssl       3.1.5

[ ] rabbitmq_consistent_hash_exchange 3.1.5

[ ] rabbitmq_federation               3.1.5

[ ] rabbitmq_federation_management    3.1.5

[ ] rabbitmq_jsonrpc                  3.1.5

[ ] rabbitmq_jsonrpc_channel          3.1.5

[ ] rabbitmq_jsonrpc_channel_examples 3.1.5

[ ] rabbitmq_management               3.1.5

[ ] rabbitmq_management_agent         3.1.5

[ ] rabbitmq_management_visualiser    3.1.5

[ ] rabbitmq_mqtt                     3.1.5

[ ] rabbitmq_shovel                   3.1.5

[ ] rabbitmq_shovel_management        3.1.5

[ ] rabbitmq_stomp                    3.1.5

[ ] rabbitmq_tracing                  3.1.5

[ ] rabbitmq_web_dispatch             3.1.5

[ ] rabbitmq_web_stomp                3.1.5

[ ] rabbitmq_web_stomp_examples       3.1.5

[ ] rfc4627_jsonrpc                   3.1.5-git5e67120

[ ] sockjs                            0.3.4-rmq3.1.5-git3132eb9

[ ] webmachine                        1.10.3-rmq3.1.5-gite9359c7

打开web的插件

[root@linux-node1 ~]# /usr/lib/rabbitmq/bin/rabbitmq-plugins enable rabbitmq_management

The following plugins have been enabled:

  mochiweb

  webmachine

  rabbitmq_web_dispatch

  amqp_client

  rabbitmq_management_agent

  rabbitmq_management

Plugin configuration has changed. Restart RabbitMQ for changes to take effect.

[root@linux-node1 ~]# /etc/init.d/rabbitmq-server start

Starting rabbitmq-server: SUCCESS

rabbitmq-server.

[root@linux-node1 ~]# netstat -lntp

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name   

tcp        0      0 0.0.0.0:111                 0.0.0.0:*                   LISTEN      1232/rpcbind        

tcp        0      0 0.0.0.0:4369                0.0.0.0:*                   LISTEN      4909/epmd           

tcp        0      0 0.0.0.0:44534               0.0.0.0:*                   LISTEN      5777/beam           

tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      1473/sshd           

tcp        0      0 0.0.0.0:15672               0.0.0.0:*                   LISTEN      5777/beam           

tcp        0      0 0.0.0.0:55672               0.0.0.0:*                   LISTEN      5777/beam           

tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      1549/master         

tcp        0      0 0.0.0.0:37568               0.0.0.0:*                   LISTEN      1250/rpc.statd      

tcp        0      0 0.0.0.0:3306                0.0.0.0:*                   LISTEN      5635/mysqld         

tcp        0      0 :::111                      :::*                        LISTEN      1232/rpcbind        

tcp        0      0 :::22                       :::*                        LISTEN      1473/sshd           

tcp        0      0 ::1:25                      :::*                        LISTEN      1549/master         

tcp        0      0 :::44794                    :::*                        LISTEN      1250/rpc.statd      

tcp        0      0 :::5672                     :::*                        LISTEN      5777/beam   


http://192.168.33.11:15672/

guest

openstack I版的搭建_第4张图片

openstack I版的搭建_第5张图片