ubuntu13.04安装OpenStack Grizzly

作为个人学习笔记分享,有任何问题欢迎交流!

0. 前言

基于网上的安装文档,根据自己的环境做出一些更改,并加入安装出错处理方法。

1.   计划

Eth0

10.0.0.2

Eth1

192.168.66.168

安装方式

单机双网卡在虚拟机中安装

2.   前期准备

2.1 Ubuntu系统准备

切换用户

sudo su

改为soho源

备份源

cp /etc/apt/source.list /etc/apt/source.list_back

然后将源替换成下面的源

deb http://mirrors.sohu.com/ubuntu/ raring mainrestricted

deb-src http://mirrors.sohu.com/ubuntu/ raring mainrestricted

deb http://mirrors.sohu.com/ubuntu/ raring-updates mainrestricted

deb-src http://mirrors.sohu.com/ubuntu/ raring-updatesmain restricted

deb http://mirrors.sohu.com/ubuntu/ raring universe

deb-src http://mirrors.sohu.com/ubuntu/ raring universe

deb http://mirrors.sohu.com/ubuntu/ raring-updatesuniverse

deb-src http://mirrors.sohu.com/ubuntu/ raring-updatesuniverse

deb http://mirrors.sohu.com/ubuntu/ raring multiverse

deb-src http://mirrors.sohu.com/ubuntu/ raring multiverse

deb http://mirrors.sohu.com/ubuntu/ raring-updatesmultiverse

deb-src http://mirrors.sohu.com/ubuntu/ raring-updatesmultiverse

deb http://mirrors.sohu.com/ubuntu/ raring-backports mainrestricted universe multiverse

deb-src http://mirrors.sohu.com/ubuntu/ raring-backportsmain restricted universe multiverse

deb http://mirrors.sohu.com/ubuntu/ raring-security mainrestricted

deb-src http://mirrors.sohu.com/ubuntu/ raring-securitymain restricted

deb http://mirrors.sohu.com/ubuntu/ raring-securityuniverse

deb-src http://mirrors.sohu.com/ubuntu/ raring-securityuniverse

deb http://mirrors.sohu.com/ubuntu/ raring-securitymultiverse

deb-src http://mirrors.sohu.com/ubuntu/ raring-securitymultiverse

deb http://extras.ubuntu.com/ubuntu raring main

deb-src http://extras.ubuntu.com/ubuntu raring main

 升级系统:

apt-get update

apt-get upgrade

apt-get dist-upgrade

2.2网络设置

编辑/etc/network/interfaces

auto lo

iface lo inet loopback

auto eth1

iface eth1 inet static

       address 192.168.66.168

       netmask 255.255.255.0

       network 192.168.66.0

       broadcast 192.168.66.255

       gateway 192.168.66.254

       dns-nameservers 192.168.66.254

auto eth0

iface eth0 inet static

address 10.0.0.2

netmask 255.255.255.0

设置好后重启网络:service networking restart

2.3 安装MySQL & RabbitMQ

安装MySQL:

apt-get install -y mysql-serverpython-mysqldb

配置并重启MySQL:

sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf

service mysql restart

安装RabbitMQ:

apt-get install -y rabbitmq-server

安装时若提示Startingrabbitmq-server: FAILED - check /var/log/rabbitmq/startup_{log, _err} 

需在/etc/hosts中加入本机IP和主机名

       安装NTP:

apt-get install -y ntp

2.4     其他

apt-get install -y vlan bridge-utils

配置/etc/sysctl.conf

sed -i's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf

 

3.   Keystone

安装并检查状态:

apt-get install -y keystone

service keystone status

建立数据库(蓝色标记的用户名和密码可改):

mysql -u root -p
CREATE DATABASE keystone;
GRANT ALL ON keystone.* TO 'keystoneUser'@'%' IDENTIFIED BY 'keystonePass';
quit;

修改/etc/keystone/keystone.conf中的数据库连接

connection =mysql://keystoneUser:[email protected]/keystone

重启并同步数据库:

service keystone restart

keystone-manage db_sync

同步时若提示"Access denied foruser…”,检查数据库访问权限

用下面两个脚本去填充keystone数据库,也就是增加user,tenant,role和service以及service的endpoint

#Modify the HOST_IP and HOST_IP_EXT variables before executing the scripts
wget https://raw.github.com/mseknibilel/OpenStack-Grizzly-Install-Guide/OVS_SingleNode/KeystoneScripts/keystone_basic.sh
wget https://raw.github.com/mseknibilel/OpenStack-Grizzly-Install-Guide/OVS_SingleNode/KeystoneScripts/keystone_endpoints_basic.sh
修改权限:
chmod +x keystone_basic.sh
chmod +x keystone_endpoints_basic.sh

修改keystone_basic.sh中的HOST_IP为自己的Eth0的IP 


ubuntu13.04安装OpenStack Grizzly_第1张图片

修改keystone_endpoints_basic.sh中的HOST_IP和EXT_HOST_IP,同时将连接keystone数据库的的用户名和密码进行修改:

ubuntu13.04安装OpenStack Grizzly_第2张图片

./keystone_basic.sh
./keystone_endpoints_basic.sh

WARNING: Bypassing authentication using a token& endpoint (authentication credentials are being ignored).此提示可忽略

编辑文件creds

#Paste the following:
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=admin_pass
export OS_AUTH_URL="http://192.168.66.168:5000/v2.0/"

引入环境变量中:

source creds

或者可以直接加入root(cat creds >> /root/.bashrc)的环境变量,这样重启后就无需再次引入了

 

查看创建的user

keystone user-list

若出现如下错误:Unable to communicate with identity service:{"error": {"message": "The request you have maderequires authentication.", "code": 401, "title":"Not Authorized"}}. (HTTP 401)可删除数据库keystone后重新创建keystone,从keystone-manage db_sync 开始重试一次

4.   Glance

安装并查看状态:

apt-get install -y glance

service glance-api status

service glance-registry status

建立glance数据库(用户名和密码可改):

mysql -u root -p
CREATE DATABASE glance;
GRANT ALL ON glance.* TO 'glanceUser'@'%' IDENTIFIED BY 'glancePass';
quit;

修改/etc/glance/glance-api-paste.ini

和/etc/glance/glance-registry-paste.ini文件

注:红色为必须要修改(核对)的地方,建议把提到的这几项都核对一下:

[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
delay_auth_decision = true
auth_host = 10.0.0.2
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = glance
admin_password = service_pass

编辑/etc/glance/glance-api.conf和/etc/glance/glance-registry.conf,修改数据库连接:

sql_connection =mysql://glanceUser:[email protected]/glance

并且在[paste_deploy]下加上flavor = keystone

[paste_deploy]
flavor = keystone

重启服务

service glance-api restart; serviceglance-registry restart

同步数据库:

glance-manage db_sync

再次重启服务

service glance-registry restart; serviceglance-api restart

上传镜像测试glance的安装情况:

glance image-create--name myFirstImage--is-public true --container-format bare --disk-format qcow2 -–locationhttps://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-disk.img

查看镜像:

glance image-list


2013.7.11更新

5.   Quantum

5.1. OpenVSwitch

安装OpenVSwitch

apt-get install -y openvswitch-switch openvswitch-datapath-dkms

建立网桥br-int和br-ex:

#br-int will be used for VM integration

ovs-vsctl add-br br-int

 

#br-ex is used to make to access the internet(not covered in this guide)

ovs-vsctl add-br br-ex

5.2. Quantum-*

安装quantum组件:

apt-get install -y quantum-server quantum-plugin-openvswitchquantum-plugin-openvswitch-agent dnsmasq quantum-dhcp-agent quantum-l3-agent

创建quantum数据库(用户名和密码可修改):

mysql -u root -p

CREATE DATABASE quantum;

GRANT ALL ON quantum.* TO 'quantumUser'@'%'IDENTIFIED BY 'quantumPass';

quit;

查看Quantum-*组件状态

cd /etc/init.d/; for i in $( ls quantum-* ); do sudo service $i status;done

编辑 /etc/quantum/api-paste.ini

[filter:authtoken]

paste.filter_factory =keystoneclient.middleware.auth_token:filter_factory

auth_host = 10.0.0.2

auth_port = 35357

auth_protocol = http

admin_tenant_name = service

admin_user = quantum

admin_password = service_pass

编辑OVS插件配置文件/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini

#Under the database section

[DATABASE]

sql_connection = mysql://quantumUser:[email protected]/quantum

#Under the OVS section

[OVS]

tenant_network_type = gre

tunnel_id_ranges = 1:1000

integration_bridge = br-int

tunnel_bridge = br-tun

local_ip = 10.0.0.2

enable_tunneling = True

编辑 /etc/quantum/metadata_agent.ini

# The Quantum user information for accessingthe Quantum API.

auth_url = http://10.0.0.2:35357/v2.0

auth_region = RegionOne

admin_tenant_name = service

admin_user = quantum

admin_password = service_pass

# IP address used by Nova metadata server

nova_metadata_ip = 127.0.0.1

# TCP Port used by Nova metadata server

nova_metadata_port = 8775

metadata_proxy_shared_secret = helloOpenStack

编辑 /etc/quantum/quantum.conf

[keystone_authtoken]

auth_host = 10.0.0.2

auth_port = 35357

auth_protocol = http

admin_tenant_name = service

admin_user = quantum

admin_password = service_pass

signing_dir = /var/lib/quantum/keystone-signing

重启 quantum服务

cd /etc/init.d/; for i in $( ls quantum-* ); dosudo service $i restart; done

service dnsmasq restart

6. Nova

6.1 KVM

确保硬件支持虚拟化:

apt-get install cpu-checker

kvm-ok

若在虚拟机中安装,以下错误可忽略:

安装kvm

apt-get install -y kvm libvirt-bin pm-utils

编辑/etc/libvirt/qemu.conf文件,使得cgroup_device_acl与下面相同:

cgroup_device_acl = [

"/dev/null", "/dev/full","/dev/zero",

"/dev/random","/dev/urandom",

"/dev/ptmx", "/dev/kvm","/dev/kqemu",

"/dev/rtc","/dev/hpet","/dev/net/tun"

]

删除默认的网桥(也可以不删除,不会有影响)

virsh net-destroy default

virsh net-undefine default

编辑 /etc/libvirt/libvirtd.conf 文件以便支持动态迁移:

listen_tls = 0

listen_tcp = 1

auth_tcp = "none"

修改/etc/init/libvirt-bin.conf 中的libvirtd_opts变量

env libvirtd_opts="-d -l"

修改/etc/default/libvirt-bin中的libvirtd_opts变量

libvirtd_opts="-d -l"

重启libvirt 服务使得修改生效

service libvirt-bin restart

6.2 Nova-*

安装nova组件:

apt-get install -y nova-api nova-cert novnc nova-consoleauthnova-scheduler nova-novncproxy nova-doc nova-conductor nova-compute-kvm

查看各组件状态:

cd /etc/init.d/; for i in $( ls nova-* ); do service $i status; cd; done

建立Nova数据库

mysql -u root -p

CREATE DATABASE nova;

GRANT ALL ON nova.* TO 'novaUser'@'%' IDENTIFIED BY 'novaPass';

quit;

修改/etc/nova/api-paste.ini文件::

[filter:authtoken]

paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory

auth_host = 10.0.0.2

auth_port = 35357

auth_protocol = http

admin_tenant_name = service

admin_user = nova

admin_password = service_pass

signing_dirname = /tmp/keystone-signing-nova

# Workaround for https://bugs.launchpad.net/nova/+bug/1154809

auth_version = v2.0

修改 /etc/nova/nova.conf 文件(最好是把原来的文件备份,然后新建和下面一样的文件):

[DEFAULT]

logdir=/var/log/nova

state_path=/var/lib/nova

lock_path=/run/lock/nova

verbose=True

api_paste_config=/etc/nova/api-paste.ini

compute_scheduler_driver=nova.scheduler.simple.SimpleScheduler

rabbit_host=10.0.0.2

nova_url=http://10.0.0.2:8774/v1.1/

sql_connection=mysql://novaUser:[email protected]/nova

root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf

 

# Auth

use_deprecated_auth=false

auth_strategy=keystone

 

# Imaging service

glance_api_servers=10.0.0.2:9292

image_service=nova.image.glance.GlanceImageService

 

# Vnc configuration

novnc_enabled=true

novncproxy_base_url=http://192.168.66.168:6080/vnc_auto.html

novncproxy_port=6080

vncserver_proxyclient_address=10.0.0.2

vncserver_listen=0.0.0.0

 

# Network settings

network_api_class=nova.network.quantumv2.api.API

quantum_url=http://10.0.0.2:9696

quantum_auth_strategy=keystone

quantum_admin_tenant_name=service

quantum_admin_username=quantum

quantum_admin_password=service_pass

quantum_admin_auth_url=http://10.0.0.2:35357/v2.0

libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver

linuxnet_interface_driver=nova.network.linux_net.LinuxOVSInterfaceDriver

firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver

 

#Metadata

service_quantum_metadata_proxy = True

quantum_metadata_proxy_shared_secret = helloOpenStack

metadata_host = 10.0.0.2

metadata_listen = 127.0.0.1

metadata_listen_port = 8775

# Compute #

compute_driver=libvirt.LibvirtDriver

# Cinder #

volume_api_class=nova.volume.cinder.API

osapi_volume_listen_port=5900

编辑 /etc/nova/nova-compute.conf:

[DEFAULT]

#libvirt_type=kvm(物理机)

libvirt_type=qemu(虚拟机)

libvirt_ovs_bridge=br-int

libvirt_vif_type=ethernet

libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver

libvirt_use_virtio_for_bridges=True

同步数据库:

nova-manage db sync

重启nova-*服务

cd /etc/init.d/; for i in $( ls nova-* ); do sudo service $i restart; done

检查nova-*各项服务是否工作正常(笑脸为正常)

nova-manage service list

7. Cinder

安装Cinder以及必须的软件包

sudo apt-get install cinder-api

cinder-scheduler cinder-volume open-iscsi python-cinderclient tgt

配置iscsi服务:

sed -i 's/false/true/g' /etc/default/iscsitarget

重启所有服务:

service tgt start

service open-iscsi start

建立Cinder数据库

mysql -u root -p

CREATE DATABASE cinder;

GRANT ALL ON cinder.* TO 'cinderUser'@'%' IDENTIFIED BY 'cinderPass';

quit;

修改/etc/cinder/api-paste.ini:

[filter:authtoken]

paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory

service_protocol = http

service_host = 192.168.66.168

service_port = 5000

auth_host = 10.0.0.2

auth_port = 35357

auth_protocol = http

admin_tenant_name = service

admin_user = cinder

admin_password = service_pass

编辑 /etc/cinder/cinder.conf :

[DEFAULT]

rootwrap_config=/etc/cinder/rootwrap.conf

sql_connection = mysql://cinderUser:[email protected]/cinder

api_paste_config = /etc/cinder/api-paste.ini

iscsi_helper=tgtadm

volume_name_template = volume-%s

volume_group = cinder-volumes

verbose = True

auth_strategy = keystone

#osapi_volume_listen_port=5900

state_path=/var/lib/cinder

volumes_dir=/var/lib/cinder/volumes

同步数据库:

cinder-manage db sync

创建cinder-volumes:

dd if=/dev/zero of=cinder-volumes bs=1 count=0 seek=2G

losetup /dev/loop2 cinder-volumes

fdisk /dev/loop2

#Type in the followings:

n

p

1

ENTER

ENTER

t

8e

w


pvcreate /dev/loop2

vgcreate cinder-volumes /dev/loop2

为了重启后逻辑组cinder-volumes还在,可以在/etc/rc.local的exit 0之前加入

losetup /dev/loop2 cinder-volumes

重启cinder服务:

cd /etc/init.d/; for i in $( ls cinder-* ); do sudo service $i restart;done

8. Horizon

安装horizon

apt-get install openstack-dashboard memcached

如果不喜欢OpenStack ubuntu的主题页面,可以去除改包:

dpkg --purge openstack-dashboard-ubuntu-theme

重启apache2 和memcached 服务

service apache2 restart; service memcached restart

然后就可以从网页上访问192.168.66.168/horizon 

如果没有改,则默认的账号和密码是:admin:admin_pass.




你可能感兴趣的:(openstack)