作为个人学习笔记分享,有任何问题欢迎交流!
0. 前言
基于网上的安装文档,根据自己的环境做出一些更改,并加入安装出错处理方法。
1. 计划
Eth0 |
10.0.0.2 |
Eth1 |
192.168.66.168 |
安装方式 |
单机双网卡在虚拟机中安装 |
2. 前期准备
2.1 Ubuntu系统准备
切换用户
sudo su
改为soho源
备份源
cp /etc/apt/source.list /etc/apt/source.list_back
然后将源替换成下面的源
deb http://mirrors.sohu.com/ubuntu/ raring mainrestricted
deb-src http://mirrors.sohu.com/ubuntu/ raring mainrestricted
deb http://mirrors.sohu.com/ubuntu/ raring-updates mainrestricted
deb-src http://mirrors.sohu.com/ubuntu/ raring-updatesmain restricted
deb http://mirrors.sohu.com/ubuntu/ raring universe
deb-src http://mirrors.sohu.com/ubuntu/ raring universe
deb http://mirrors.sohu.com/ubuntu/ raring-updatesuniverse
deb-src http://mirrors.sohu.com/ubuntu/ raring-updatesuniverse
deb http://mirrors.sohu.com/ubuntu/ raring multiverse
deb-src http://mirrors.sohu.com/ubuntu/ raring multiverse
deb http://mirrors.sohu.com/ubuntu/ raring-updatesmultiverse
deb-src http://mirrors.sohu.com/ubuntu/ raring-updatesmultiverse
deb http://mirrors.sohu.com/ubuntu/ raring-backports mainrestricted universe multiverse
deb-src http://mirrors.sohu.com/ubuntu/ raring-backportsmain restricted universe multiverse
deb http://mirrors.sohu.com/ubuntu/ raring-security mainrestricted
deb-src http://mirrors.sohu.com/ubuntu/ raring-securitymain restricted
deb http://mirrors.sohu.com/ubuntu/ raring-securityuniverse
deb-src http://mirrors.sohu.com/ubuntu/ raring-securityuniverse
deb http://mirrors.sohu.com/ubuntu/ raring-securitymultiverse
deb-src http://mirrors.sohu.com/ubuntu/ raring-securitymultiverse
deb http://extras.ubuntu.com/ubuntu raring main
deb-src http://extras.ubuntu.com/ubuntu raring main
升级系统:
apt-get update
apt-get upgrade
apt-get dist-upgrade
2.2网络设置
编辑/etc/network/interfaces
auto lo
iface lo inet loopback
auto eth1
iface eth1 inet static
address 192.168.66.168
netmask 255.255.255.0
network 192.168.66.0
broadcast 192.168.66.255
gateway 192.168.66.254
dns-nameservers 192.168.66.254
auto eth0
iface eth0 inet static
address 10.0.0.2
netmask 255.255.255.0
设置好后重启网络:service networking restart
2.3 安装MySQL & RabbitMQ
安装MySQL:
apt-get install -y mysql-serverpython-mysqldb
配置并重启MySQL:
sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf
service mysql restart
安装RabbitMQ:
apt-get install -y rabbitmq-server
安装时若提示Startingrabbitmq-server: FAILED - check /var/log/rabbitmq/startup_{log, _err}
需在/etc/hosts中加入本机IP和主机名
安装NTP:
apt-get install -y ntp
2.4 其他
apt-get install -y vlan bridge-utils
配置/etc/sysctl.conf
sed -i's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf
3. Keystone
安装并检查状态:
apt-get install -y keystone
service keystone status
建立数据库(蓝色标记的用户名和密码可改):
mysql -u root -p
CREATE DATABASE keystone;
GRANT ALL ON keystone.* TO 'keystoneUser'@'%' IDENTIFIED BY 'keystonePass';
quit;
修改/etc/keystone/keystone.conf中的数据库连接
connection =mysql://keystoneUser:[email protected]/keystone
重启并同步数据库:
service keystone restart
keystone-manage db_sync
同步时若提示"Access denied foruser…”,检查数据库访问权限
用下面两个脚本去填充keystone数据库,也就是增加user,tenant,role和service以及service的endpoint
#Modify the HOST_IP and HOST_IP_EXT variables before executing the scripts
wget https://raw.github.com/mseknibilel/OpenStack-Grizzly-Install-Guide/OVS_SingleNode/KeystoneScripts/keystone_basic.sh
wget https://raw.github.com/mseknibilel/OpenStack-Grizzly-Install-Guide/OVS_SingleNode/KeystoneScripts/keystone_endpoints_basic.sh
修改权限:
chmod +x keystone_basic.sh
chmod +x keystone_endpoints_basic.sh
修改keystone_basic.sh中的HOST_IP为自己的Eth0的IP
修改keystone_endpoints_basic.sh中的HOST_IP和EXT_HOST_IP,同时将连接keystone数据库的的用户名和密码进行修改:
./keystone_basic.sh
./keystone_endpoints_basic.sh
WARNING: Bypassing authentication using a token& endpoint (authentication credentials are being ignored).此提示可忽略
编辑文件creds
#Paste the following:
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=admin_pass
export OS_AUTH_URL="http://192.168.66.168:5000/v2.0/"
引入环境变量中:
source creds
或者可以直接加入root(cat creds >> /root/.bashrc)的环境变量,这样重启后就无需再次引入了
查看创建的user
keystone user-list
若出现如下错误:Unable to communicate with identity service:{"error": {"message": "The request you have maderequires authentication.", "code": 401, "title":"Not Authorized"}}. (HTTP 401)可删除数据库keystone后重新创建keystone,从keystone-manage db_sync 开始重试一次
4. Glance
安装并查看状态:
apt-get install -y glance
service glance-api status
service glance-registry status
建立glance数据库(用户名和密码可改):
mysql -u root -p
CREATE DATABASE glance;
GRANT ALL ON glance.* TO 'glanceUser'@'%' IDENTIFIED BY 'glancePass';
quit;
修改/etc/glance/glance-api-paste.ini
和/etc/glance/glance-registry-paste.ini文件
注:红色为必须要修改(核对)的地方,建议把提到的这几项都核对一下:
[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
delay_auth_decision = true
auth_host = 10.0.0.2
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = glance
admin_password = service_pass
编辑/etc/glance/glance-api.conf和/etc/glance/glance-registry.conf,修改数据库连接:
sql_connection =mysql://glanceUser:[email protected]/glance
并且在[paste_deploy]下加上flavor = keystone
[paste_deploy]
flavor = keystone
重启服务
service glance-api restart; serviceglance-registry restart
同步数据库:
glance-manage db_sync
再次重启服务
service glance-registry restart; serviceglance-api restart
上传镜像测试glance的安装情况:
glance image-create--name myFirstImage--is-public true --container-format bare --disk-format qcow2 -–locationhttps://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-disk.img
查看镜像:
glance image-list
2013.7.11更新
5. Quantum
5.1. OpenVSwitch
安装OpenVSwitch
apt-get install -y openvswitch-switch openvswitch-datapath-dkms
建立网桥br-int和br-ex:
#br-int will be used for VM integration
ovs-vsctl add-br br-int
#br-ex is used to make to access the internet(not covered in this guide)
ovs-vsctl add-br br-ex
5.2. Quantum-*
安装quantum组件:
apt-get install -y quantum-server quantum-plugin-openvswitchquantum-plugin-openvswitch-agent dnsmasq quantum-dhcp-agent quantum-l3-agent
创建quantum数据库(用户名和密码可修改):
mysql -u root -p
CREATE DATABASE quantum;
GRANT ALL ON quantum.* TO 'quantumUser'@'%'IDENTIFIED BY 'quantumPass';
quit;
查看Quantum-*组件状态
cd /etc/init.d/; for i in $( ls quantum-* ); do sudo service $i status;done
编辑 /etc/quantum/api-paste.ini
[filter:authtoken]
paste.filter_factory =keystoneclient.middleware.auth_token:filter_factory
auth_host = 10.0.0.2
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = quantum
admin_password = service_pass
编辑OVS插件配置文件/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini
#Under the database section
[DATABASE]
sql_connection = mysql://quantumUser:[email protected]/quantum
#Under the OVS section
[OVS]
tenant_network_type = gre
tunnel_id_ranges = 1:1000
integration_bridge = br-int
tunnel_bridge = br-tun
local_ip = 10.0.0.2
enable_tunneling = True
编辑 /etc/quantum/metadata_agent.ini
# The Quantum user information for accessingthe Quantum API.
auth_url = http://10.0.0.2:35357/v2.0
auth_region = RegionOne
admin_tenant_name = service
admin_user = quantum
admin_password = service_pass
# IP address used by Nova metadata server
nova_metadata_ip = 127.0.0.1
# TCP Port used by Nova metadata server
nova_metadata_port = 8775
metadata_proxy_shared_secret = helloOpenStack
编辑 /etc/quantum/quantum.conf
[keystone_authtoken]
auth_host = 10.0.0.2
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = quantum
admin_password = service_pass
signing_dir = /var/lib/quantum/keystone-signing
重启 quantum服务
cd /etc/init.d/; for i in $( ls quantum-* ); dosudo service $i restart; done
service dnsmasq restart
6. Nova
6.1 KVM
确保硬件支持虚拟化:
apt-get install cpu-checker
kvm-ok
apt-get install -y kvm libvirt-bin pm-utils
编辑/etc/libvirt/qemu.conf文件,使得cgroup_device_acl与下面相同:
cgroup_device_acl = [
"/dev/null", "/dev/full","/dev/zero",
"/dev/random","/dev/urandom",
"/dev/ptmx", "/dev/kvm","/dev/kqemu",
"/dev/rtc","/dev/hpet","/dev/net/tun"
]
删除默认的网桥(也可以不删除,不会有影响)
virsh net-destroy default
virsh net-undefine default
编辑 /etc/libvirt/libvirtd.conf 文件以便支持动态迁移:
listen_tls = 0
listen_tcp = 1
auth_tcp = "none"
修改/etc/init/libvirt-bin.conf 中的libvirtd_opts变量
env libvirtd_opts="-d -l"
修改/etc/default/libvirt-bin中的libvirtd_opts变量
libvirtd_opts="-d -l"
重启libvirt 服务使得修改生效
service libvirt-bin restart
6.2 Nova-*
安装nova组件:
apt-get install -y nova-api nova-cert novnc nova-consoleauthnova-scheduler nova-novncproxy nova-doc nova-conductor nova-compute-kvm
查看各组件状态:
cd /etc/init.d/; for i in $( ls nova-* ); do service $i status; cd; done
建立Nova数据库
mysql -u root -p
CREATE DATABASE nova;
GRANT ALL ON nova.* TO 'novaUser'@'%' IDENTIFIED BY 'novaPass';
quit;
修改/etc/nova/api-paste.ini文件::
[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
auth_host = 10.0.0.2
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = nova
admin_password = service_pass
signing_dirname = /tmp/keystone-signing-nova
# Workaround for https://bugs.launchpad.net/nova/+bug/1154809
auth_version = v2.0
修改 /etc/nova/nova.conf 文件(最好是把原来的文件备份,然后新建和下面一样的文件):
[DEFAULT]
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/run/lock/nova
verbose=True
api_paste_config=/etc/nova/api-paste.ini
compute_scheduler_driver=nova.scheduler.simple.SimpleScheduler
rabbit_host=10.0.0.2
nova_url=http://10.0.0.2:8774/v1.1/
sql_connection=mysql://novaUser:[email protected]/nova
root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf
# Auth
use_deprecated_auth=false
auth_strategy=keystone
# Imaging service
glance_api_servers=10.0.0.2:9292
image_service=nova.image.glance.GlanceImageService
# Vnc configuration
novnc_enabled=true
novncproxy_base_url=http://192.168.66.168:6080/vnc_auto.html
novncproxy_port=6080
vncserver_proxyclient_address=10.0.0.2
vncserver_listen=0.0.0.0
# Network settings
network_api_class=nova.network.quantumv2.api.API
quantum_url=http://10.0.0.2:9696
quantum_auth_strategy=keystone
quantum_admin_tenant_name=service
quantum_admin_username=quantum
quantum_admin_password=service_pass
quantum_admin_auth_url=http://10.0.0.2:35357/v2.0
libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver
linuxnet_interface_driver=nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver
#Metadata
service_quantum_metadata_proxy = True
quantum_metadata_proxy_shared_secret = helloOpenStack
metadata_host = 10.0.0.2
metadata_listen = 127.0.0.1
metadata_listen_port = 8775
# Compute #
compute_driver=libvirt.LibvirtDriver
# Cinder #
volume_api_class=nova.volume.cinder.API
osapi_volume_listen_port=5900
编辑 /etc/nova/nova-compute.conf:
[DEFAULT]
#libvirt_type=kvm(物理机)
libvirt_type=qemu(虚拟机)
libvirt_ovs_bridge=br-int
libvirt_vif_type=ethernet
libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver
libvirt_use_virtio_for_bridges=True
同步数据库:
nova-manage db sync
重启nova-*服务
cd /etc/init.d/; for i in $( ls nova-* ); do sudo service $i restart; done
检查nova-*各项服务是否工作正常(笑脸为正常)
nova-manage service list
7. Cinder
安装Cinder以及必须的软件包
sudo apt-get install cinder-api
cinder-scheduler cinder-volume open-iscsi python-cinderclient tgt
配置iscsi服务:
sed -i 's/false/true/g' /etc/default/iscsitarget
重启所有服务:
service tgt start
service open-iscsi start
建立Cinder数据库
mysql -u root -p
CREATE DATABASE cinder;
GRANT ALL ON cinder.* TO 'cinderUser'@'%' IDENTIFIED BY 'cinderPass';
quit;
修改/etc/cinder/api-paste.ini:
[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
service_protocol = http
service_host = 192.168.66.168
service_port = 5000
auth_host = 10.0.0.2
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = cinder
admin_password = service_pass
编辑 /etc/cinder/cinder.conf :
[DEFAULT]
rootwrap_config=/etc/cinder/rootwrap.conf
sql_connection = mysql://cinderUser:[email protected]/cinder
api_paste_config = /etc/cinder/api-paste.ini
iscsi_helper=tgtadm
volume_name_template = volume-%s
volume_group = cinder-volumes
verbose = True
auth_strategy = keystone
#osapi_volume_listen_port=5900
state_path=/var/lib/cinder
volumes_dir=/var/lib/cinder/volumes
同步数据库:
cinder-manage db sync
创建cinder-volumes:
dd if=/dev/zero of=cinder-volumes bs=1 count=0 seek=2G
losetup /dev/loop2 cinder-volumes
fdisk /dev/loop2
#Type in the followings:
n
p
1
ENTER
ENTER
t
8e
w
pvcreate /dev/loop2
vgcreate cinder-volumes /dev/loop2
为了重启后逻辑组cinder-volumes还在,可以在/etc/rc.local的exit 0之前加入
losetup /dev/loop2 cinder-volumes
重启cinder服务:
cd /etc/init.d/; for i in $( ls cinder-* ); do sudo service $i restart;done
8. Horizon
安装horizon
apt-get install openstack-dashboard memcached
如果不喜欢OpenStack ubuntu的主题页面,可以去除改包:
dpkg --purge openstack-dashboard-ubuntu-theme
重启apache2 和memcached 服务
service apache2 restart; service memcached restart
然后就可以从网页上访问192.168.66.168/horizon
如果没有改,则默认的账号和密码是:admin:admin_pass.