linux——(4)openstack安装配置手册



Openstack havana版安装

环境

物理数量

 1

主机名

 Controller

网卡数量

 1

ip地址

 192.168.205.177

Dns

 202.106.196.115

Cpu个数

 1

内存

 6GB

硬盘容量

1TB

操作系统版本

redhat6.3

组件整体结构

说明: C:\Users\hp\AppData\Roaming\Tencent\Users\598307248\QQ\WinTemp\RichOle\(``]~J1VIIE$ZP98DZIE2ZU.jpg

PS:在本环境中由于只有一台物理机,所以主机要即当管理节点又提供计算服务,所以除了以上controller中上述组件还要安装nova-computenova-network服务。

 环境准备

网卡配置

 Vi /etc/sysconfig/network-scripts/ifcfg-eth0

# Internal Network

DEVICE=eth0

TYPE=Ethernet

BOOTPROTO=static

IPADDR=192.168.205.177

NETMASK=255.255.255.0

DEFROUTE=yes

# service network restartONBOOT=yes

 

# service NetworkManager stop

# service network start

# chkconfig NetworkManager off

# chkconfig network on

修改主机名

Vi /etc/sysconfig/network

HOSTNAME=controller

 Vi/etc/hosts

 127.0.0.1 localhost

192.168.205.177 controller

 

安装mysql数据库

 #yum install mysql mysql-server MySQL-python

 Vi/etc/my.cnf

 [mysqld]

...

bind-address = 192.168.205.177

启动mysql

# service mysqld start

# chkconfig mysqld on

初次创建时删除anonymous user

# mysql_install_db

# mysql_secure_installation

 

# yum install mysql MySQL-python

安装openstack

下载并安装http://repos.fedorapeople.org/repos/openstack/openstack-havana/

rdo-release-havana-6.noarch.rpm

         http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.

noarch.rpm这两个包,这两个包安装后会自动配置安装openstack的外网yum

安装openstack单元包

yum install openstack-utils

yum install openstack-selinux

yum upgrade

reboot

PS:外网环境十分不稳定,安装可能会经常失败,安装失败后清除安装失败的包,后则后期如果安装时由于安装包没有装全或者装好会带来意想不到麻烦。

安装Messaging server

yum install qpid-cpp-server memcached

 

vi /etc/qpidd.conf

auth=no

 

# service qpidd start

# chkconfig qpidd on

 

安装keystone认证服务

# yum install openstack-keystonepython-keystoneclient

修改配置文件

# openstack-config --set/etc/keystone/keystone.conf \

sql connectionmysql://keystone:KEYSTONE_DBPASS@controller/keystone

 

创建openstack keystone与数据库的连接

# openstack-db --init --service keystone--password KEYSTONE_DBPASS

 

定义一个授权令牌

# ADMIN_TOKEN=$(openssl rand -hex 10)

# echo $ADMIN_TOKEN

# openstack-config --set/etc/keystone/keystone.conf DEFAULT \

admin_token $ADMIN_TOKEN

 

配置创建密钥与证书

# keystone-manage pki_setup --keystone-userkeystone --keystone-group

keystone

# chown -R keystone:keystone/etc/keystone/* /var/log/keystone/keystone.

log

启动keystone

# service openstack-keystone start

# chkconfig openstack-keystone on

定义用户租客和roles

导出环境变量

# export OS_SERVICE_TOKEN=ADMIN_TOKEN

# exportOS_SERVICE_ENDPOINT=http://controller:35357/v2.0

PS:这里的ADMIN_TOKEN是上面定义授权令牌时候生成的一串数字

可以将上述编辑成以后文件之后source这个文件

 

创建admin租客

# keystone tenant-create --name=admin--description="Admin Tenant"

+-------------+----------------------------------+

|  Property |              Value              |     

+-------------+----------------------------------+

| description|          Admin Tenant           |

|  enabled  |               True              |

|     id    | 17d0aac7259c4f308c5ed81904e267f2 |

|    name   |              admin              |

+-------------+----------------------------------+

# keystone tenant-create --name=service--description="Service Tenant"

+-------------+----------------------------------+

|  Property |              Value               |

+-------------+----------------------------------+

| description |         Service Tenant          |

|  enabled  |               True               |

|     id    |54a02d2556c1423eaee8a514da372e0f |

|    name   |             service              |

+-------------+----------------------------------+

 

PS:这里很有可能会报错,提示租户无法创建,重启keystone会解决问题

Service openstack-keystone restart

keystone user-create --name=admin--pass=ADMIN_PASS\

[email protected]

ADMIN_PASS是你设置的秘密

keystone user-create --name=admin --pass=PASSWORD\

[email protected]

创建服务与定义API endpoint

keystone service-create --name=keystone--type=identity \

--description="Keystone IdentityService"

+-------------+----------------------------------+

|  Property |              Value               |

+-------------+----------------------------------+

| description |   Keystone Identity Service     |

|     id    |7711a2a72fb34caea36782f7cd669e03 |

|    name   |             keystone             |

|    type   |             identity            

 

定义API

keystone endpoint-create \

--service-id=7711a2a72fb34caea36782f7cd669e03\

--publicurl=http://controller:5000/v2.0 \

--internalurl=http://controller:5000/v2.0 \

--adminurl=http://controller:35357/v2.0

+-------------+----------------------------------+

|  Property |              Value               |

+-------------+----------------------------------+

|  adminurl |   http://controller:35357/v2.0   |

|     id    |e153f3c72b2544cf8f7f0bd557a62cad |

| internalurl |  http://controller:5000/v2.0    |

| publicurl  |  http://controller:5000/v2.0   |

|   region  |            regionOne             |

| service_id | 7711a2a72fb34caea36782f7cd669e03 |

 

Vi一个文件,包含以下内容

export OS_USERNAME=admin

export OS_PASSWORD=PASSWORD

export OS_TENANT_NAME=admin

export OS_AUTH_URL=http://controller:35357/v2.0

 

source这个文件

校验服务

keystone user-list

+----------------------------------+---------+--------------------+--------+

| id | enabled | email | name |

+----------------------------------+---------+--------------------+--------+

| a4c2d43f80a549a19864c89d759bb3fe | True |[email protected] | admin |

说明配置正确

出过出现报错,请查看/var/log/kestone下的详细内容

 

配置glance

安装glance组建

# yum install openstack-glance

修改配置文件

openstack-config --set/etc/glance/glance-api.conf \

DEFAULT sql_connectionmysql://glance:PASSWORD@controller/glance

 

 openstack-config --set/etc/glance/glance-registry.conf \

DEFAULT sql_connectionmysql://glance:PASSWORD@controller/glance

 

创建glance数据连接

openstack-db --init --service glance--password PASSWORD

 

keystone下定义名为glance的用户

keystone user-create --name=glance--pass=PASSWORD --[email protected]

添加roles

 keystone user-role-add --user=glance--tenant=service --role=admin

 

添加glance roles

keystone user-role-add --user=glance--tenant=service --role=admin

 

配置imgae的服务的身份验证

openstack-config --set/etc/glance/glance-api.conf keystone_authtoken \

auth_uri http://controller:5000

 

openstack-config --set/etc/glance/glance-api.conf keystone_authtoken \

auth_host controller

 

openstack-config --set/etc/glance/glance-api.conf keystone_authtoken \

admin_tenant_name service

 

openstack-config --set/etc/glance/glance-api.conf keystone_authtoken \

admin_user glance

 

openstack-config --set/etc/glance/glance-api.conf keystone_authtoken \

admin_password PASSWORD

 

openstack-config --set/etc/glance/glance-api.conf paste_deploy \

flavor keystone

 

openstack-config --set/etc/glance/glance-registry.conf keystone_authtoken \

auth_uri http://controller:5000

 

openstack-config --set/etc/glance/glance-registry.conf keystone_authtoken \

auth_host controller

 

openstack-config --set/etc/glance/glance-registry.conf keystone_authtoken \

admin_tenant_name service

 

 openstack-config --set/etc/glance/glance-registry.conf keystone_authtoken \

admin_user glance

 

 openstack-config --set/etc/glance/glance-registry.conf keystone_authtoken \

admin_password PASSWORD

 

openstack-config --set/etc/glance/glance-registry.conf paste_deploy \

flavor keystone

 

添加凭证到/etc/glance/glance-api-paste.ini/etc/

glance/glance-registry-paste.inifiles.两个文件

# cp/usr/share/glance/glance-api-dist-paste.ini /etc/glance/glance-api-paste.ini

# cp/usr/share/glance/glance-registry-dist-paste.ini/etc/glance/glance-registry-paste.in

并且添加以下内容

[filter:authtoken]

paste.filter_factory=keystoneclient.middleware.auth_token:filter_factory

auth_host=controller

admin_user=glance

admin_tenant_name=service

admin_password=PASSWORD

 

keysotne创建glance服务

# keystone service-create --name=glance--type=image \

--description="Glance ImageService"

+-------------+----------------------------------+

|  Property |              Value               |

+-------------+----------------------------------+

| description |      Glance Image Service       |

|     id    | f7494dceb5ef46e7960827a0ecdde89e|

|    name   |              glance              |

|    type   |              image               |

+-------------+----------------------------------+

Keystone创建glanceendpoint

keystone endpoint-create \

--service-id=f7494dceb5ef46e7960827a0ecdde89e\

--publicurl=http://controller:9292 \

--internalurl=http://controller:9292 \

--adminurl=http://controller:9292

+-------------+----------------------------------+

|  Property |              Value               |

+-------------+----------------------------------+

|  adminurl |      http://controller:9292      |

|     id    |fe7cc75f8741455cb0688927845799b2 |

| internalurl |     http://controller:9292      |

| publicurl |      http://controller:9292      | +----+------+-------------+------------------+------+--------+

|   region  |            regionOne             |

| service_id | f7494dceb5ef46e7960827a0ecdde89e |

 

启动glance服务

# service openstack-glance-api start

# service openstack-glance-registry start

# chkconfig openstack-glance-api on

# chkconfig openstack-glance-registry on

 

校验glance服务

执行glance imgae-list命令

+----+------+-------------+------------------+------+--------+

| ID | Name | Disk Format | ContainerFormat | Size | Status |

+----+------+-------------+------------------+------+--------+

表示正常,如果有报错请查看var/log/glance下的详细内容

 

安装nova组建

yum install openstack-novapython-novaclient

 

修改配置文件

openstack-config --set /etc/nova/nova.conf\

database connectionmysql://nova:PASSWORD@controller/nova

 

配置使用messaging server

openstack-config --set /etc/nova/nova.conf\

DEFAULT rpc_backendnova.openstack.common.rpc.impl_qpid

 

 Openstack-config --set /etc/nova/nova.confDEFAULT qpid_hostname controller

 

配置nova数据连接

 

openstack-db --init --service nova--password PASSWORD

 

配置myIP vncserver listen vncserver_proxyclient_address

openstack-config --set /etc/nova/nova.confDEFAULT my_ip 192.168.205.177

 

openstack-config --set /etc/nova/nova.confDEFAULT vncserver_listen 192.168.205.177

 

openstack-config --set /etc/nova/nova.confDEFAULT vncserver_proxyclient_address 192.168.205.177

 

keysotne创建nova user

keystone user-create --name=nova--pass=PASSWORD --email [email protected]

+----------+----------------------------------+

| Property |             Value               |

+----------+----------------------------------+

| email  |         [email protected]         |

| enabled |              True               |

|   id   |0ab2486266cb40f4808b03cd0f99929c |

|  name  |               nova               |

 

添加roles

keystone user-role-add --user=nova--tenant=service --role=admin

 

配置计算服务的身份验证 

openstack-config --set /etc/nova/nova.confDEFAULT auth_strategy keystone

 

openstack-config --set /etc/nova/nova.confkeystone_authtoken auth_host controller

 

openstack-config --set /etc/nova/nova.confkeystone_authtoken auth_protocol http

 

openstack-config --set /etc/nova/nova.confkeystone_authtoken auth_port 35357

 

openstack-config --set /etc/nova/nova.confkeystone_authtoken admin_user nova

 

 openstack-config --set /etc/nova/nova.confkeystone_authtoken admin_tenant_name service

 

openstack-config --set /etc/nova/nova.confkeystone_authtoken admin_password PASSWORD

 

 

vi /etc/nova/api-paste.init

paste.filter_factory =keystoneclient.middleware.auth_token:filter_factory

auth_host = controller

auth_port = 35357

auth_protocol = http

auth_uri = http://controller:5000/v2.0

admin_tenant_name = service

admin_user = nova

admin_password = PASSWORD

 

keysotne创建nova service

keystone service-create --name=nova--type=compute \

--description="Nova Computeservice"

+-------------+----------------------------------+

|  Property |              Value               |

+-------------+----------------------------------+

| description |      Nova Compute service       |

|     id    |3b1a58f73d9d43e2807e8148448a333f |

|    name   |               nova               |

|    type   |             compute              |

 

创建endpoint

keystone endpoint-create \

--service-id=3b2d8cd63d444ac4b7899e65eeb0021a\

--publicurl=http://controller:8774/v2/%\(tenant_id\)s\

--internalurl=http://controller:8774/v2/%\(tenant_id\)s\

--adminurl=http://controller:8774/v2/%\(tenant_id\)s

+-------------+-----------------------------------------+

|  Property |                  Value                 |

+-------------+-----------------------------------------+

|  adminurl |http://controller:8774/v2/%(tenant_id)s |

|     id    |     01d675db4ef949a496fc7c603df6df8a   |

| internalurl |http://controller:8774/v2/%(tenant_id)s |

| publicurl |http://controller:8774/v2/%(tenant_id)s |

|   region  |                regionOne               |

| service_id |    3b1a58f73d9d43e2807e8148448a333f   |

 

 

启动nova的各项服务

# service openstack-nova-api start

# service openstack-nova-cert start

# service openstack-nova-consoleauth start

# service openstack-nova-scheduler start

# service openstack-nova-conductor start

# service openstack-nova-novncproxy start

# chkconfig openstack-nova-consoleauth on

# chkconfig openstack-nova-scheduler on

# chkconfig openstack-nova-conductor on

# chkconfig openstack-nova-novncproxy on

 

校验nova服务

执行nova list显示虚拟机等信息。

如果无返回输出其他。说明nova服务不正常,请查看/var/log/nova下的详细日志

 

安装nova network

yum install openstack-nova-network

 

修改配置文件

openstack-config --set /etc/nova/nova.confDEFAULT network_manager nova.network.manager.FlatDHCPManager

 

openstack-config --set /etc/nova/nova.confDEFAULT firewall_driver nova.virt.libvirt.firewall.IptablesFirewallDriver

 

openstack-config --set /etc/nova/nova.confDEFAULT network_size 254

 

openstack-config --set /etc/nova/nova.confDEFAULT allow_same_net_traffic False

 

openstack-config --set /etc/nova/nova.confDEFAULT multi_host True

 

openstack-config --set /etc/nova/nova.confDEFAULT send_arp_for_ha True

 

openstack-config --set /etc/nova/nova.confDEFAULT share_dhcp_address Ture

 

openstack-config --set /etc/nova/nova.confDEFAULT force_dhcp_release True

 

openstack-config --set /etc/nova/nova.confDEFAULT flat_interface eth0

 

openstack-config --set /etc/nova/nova.confDEFAULT flat_network_bridge br100

 

openstack-config --set /etc/nova/nova.confDEFAULT public_interface eth0

 

nova network-create vmnet--fixed-range-v4=192.168.205.0/24 --bridge=br100 --multi-host=T

 

安装一个本地数据元

# yum install openstack-nova-api

# service openstack-nova-metadata-api start

# chkconfig openstack-nova-metadata-api on

 

启动nova network

# service openstack-nova-network start

# chkconfig openstack-nova-network on

 

创建vlan

nova network-create vmnet--fixed-range-v4=10.0.0.0/24 \

--bridge=br100 --multi-host=T

 

Nova network-list查看创建网络

 

开放安全规则

nova secgroup-add-rule defaulttcp 22 220.0.0.0/0

 

nova secgroup-add-rule defaulticmp -1 -10.0.0.0/0

 

校验各项服务是否正常

nova flavor-list

+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+

| ID | Name | Memory_MB | Disk | Ephemeral| Swap | VCPUs |

RXTX_Factor | Is_Public |

+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+

| 1 | m1.tiny | 512 | 1 | 0 | | 1 | 1.0

| True |

| 2 | m1.small | 2048 | 20 | 0 | | 1 | 1.0

| True |

| 3 | m1.medium | 4096 | 40 | 0 | | 2 | 1.0

| True |

| 4 | m1.large | 8192 | 80 | 0 | | 4 | 1.0

| True |

| 5 | m1.xlarge | 16384 | 160 | 0 | | 8 |1.0

| True |

+----+-----------+-----------+------+-----------+-----

 

 

nova image-list

+--------------------------------------+--------------+--------+--------+

| ID | Name | Status | Server |

+--------------------------------------+--------------+--------+--------+

| 9e5c2bee-0373-414c-b4af-b91b0246ad3b |CirrOS 0.3.1 | ACTIVE | |

 

安装dashboard

yum install memcached python-memcachedmod_wsgi openstack-dashboard

 

修改缓存

打开/etc/openstack-dashboard/local_settings查看

CACHES = {

'default': {

'BACKEND' :'django.core.cache.backends.memcached.MemcachedCache',

'LOCATION' : '127.0.0.1:11211'

}

}

 

修改/etc/openstack-dashboard/local_settings

ALLOWED_HOSTS = ['192.168.205.177','my-desktop']

修改/etc/openstack-dashboard/local_settings

OPENSTACK_HOST = "controller"

 

启动dashboard

# service httpd start

# service memcached start

# chkconfig httpd on

# chkconfig memcached on

 

校验安装

浏览器输入http//192.168.205.177/dashboard

如果正常会显示opnestack的图行界面,如果有问题

请查看/var/log/httpd中的相关问题

遇到问题:界面无法打开,由于防火墙启动。关闭防火墙界面正常启动

Glance制作虚拟机的.img文件

创建image disk

qemu-img create -f qcow2 rhel6.img 10GB

 

启动virt-manager创建虚拟机

说明: C:\Users\hp\AppData\Roaming\Tencent\Users\598307248\QQ\WinTemp\RichOle\G`JJA$__}KXN(8T4(U}3387.jpg

 

 

说明: C:\Users\hp\AppData\Roaming\Tencent\Users\598307248\QQ\WinTemp\RichOle\S8H9CPWCKKN~@ZI$_1NRA3G.jpg

 

说明: C:\Users\hp\AppData\Roaming\Tencent\Users\598307248\QQ\WinTemp\RichOle\TU}7~E~`%9TX6TUYE_OH4}5.jpg

 

说明: C:\Users\hp\AppData\Roaming\Tencent\Users\598307248\QQ\WinTemp\RichOle\@@C4~]%M3TT_)3X~L0C9E7K.jpg

 

说明: C:\Users\hp\AppData\Roaming\Tencent\Users\598307248\QQ\WinTemp\RichOle\D49SLED4A@[0]9L2KH)G%TY.jpg

 

 

说明: C:\Users\hp\AppData\Roaming\Tencent\Users\598307248\QQ\WinTemp\RichOle\[OTMLX6~PP{3ZCOY%P3WEQS.jpg

 

安装虚拟机过程略

安装后修改虚拟机如下几个配置问题

#: vi /etc/hosts

# Do not remove the following line, orvarious programs

# that require network functionality willfail.

127.0.0.1 localhost.localdomain localhost

 

#: vi /etc/sysconfig/network

NETWORKING=yes

 

Vi /etc/sysconfig/network-scripts/ifcfg-eth0

#: vi/etc/sysconfig/network-scripts/ifcfg-eth0

# Intel Corporation 82562GT 10/100 NetworkConnection

DEVICE=eth0

BOOTPROTO=dhcp

ONBOOT=yes

TYPE=Ethernet

PERSISTENT_DHCLIENT=1

 

删除 /lib/udec/wirte_net_rules文件

#: mv /lib/udev/write_net_rules/lib/udev/write_net_rules.bak

 

修改selinux disabled

 

#: service iptables stop

#: service ip6tables stop

#: chkconfig iptables off

#: chkconfig ip6tables off

 

关闭虚拟机

 

Glance制作image镜像

glance image-create --name rhel6--disk-format qcow2 --container-format bare --is-public true < rhel6.img

 

 

风格flavor的创建

查看flavor的情况

# nova flavor-list

+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+-------------+

| ID | Name     | Memory_MB | Disk | Ephemeral | Swap |VCPUs | RXTX_Factor | Is_Public | extra_specs |

+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+-------------+

| 1 | m1.tiny  | 512       | 0   | 0        |      | 1    | 1.0        | True      | {}          |

| 2 | m1.small | 2048      | 10  | 20       |      | 1    | 1.0         | True      | {}         |

| 3 | m1.medium | 4096      | 10  | 40       |      | 2    | 1.0        | True      | {}         |

| 4 | m1.large | 8192      | 10  | 80       |      | 4    | 1.0         | True      | {}         |

| 5 | m1.xlarge | 16384     | 10  | 160      |      | 8    | 1.0        | True      | {}          |

| 6 | cubj     | 4096      | 40  | 0        |      | 2    | 1.0         | True      | {}         |

 

 

创建新的风格

 

novaflavor-create  [--ephemeral ]

 

 

创建虚拟机

Nova boot --flavor --image ID --availability-zon--nic"net-id=1c80a78c-bba5-4c57-8c9f-99cb8cd0f474,v4-fixed-ip=192.168.205.176" test

 

 

你可能感兴趣的:(linux)