Openstack havana版安装
物理数量 |
1台 |
主机名 |
Controller |
网卡数量 |
1 |
ip地址 |
192.168.205.177 |
Dns |
202.106.196.115 |
Cpu个数 |
1 |
内存 |
6GB |
硬盘容量 |
1TB |
操作系统版本 |
redhat6.3 |
PS:在本环境中由于只有一台物理机,所以主机要即当管理节点又提供计算服务,所以除了以上controller中上述组件还要安装nova-compute,nova-network服务。
网卡配置
Vi /etc/sysconfig/network-scripts/ifcfg-eth0
# Internal Network
DEVICE=eth0
TYPE=Ethernet
BOOTPROTO=static
IPADDR=192.168.205.177
NETMASK=255.255.255.0
DEFROUTE=yes
# service network restartONBOOT=yes
# service NetworkManager stop
# service network start
# chkconfig NetworkManager off
# chkconfig network on
修改主机名
Vi /etc/sysconfig/network
HOSTNAME=controller
Vi/etc/hosts
127.0.0.1 localhost
192.168.205.177 controller
安装mysql数据库
#yum install mysql mysql-server MySQL-python
Vi/etc/my.cnf
[mysqld]
...
bind-address = 192.168.205.177
启动mysql
# service mysqld start
# chkconfig mysqld on
初次创建时删除anonymous user
# mysql_install_db
# mysql_secure_installation
# yum install mysql MySQL-python
下载并安装http://repos.fedorapeople.org/repos/openstack/openstack-havana/
rdo-release-havana-6.noarch.rpm
http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.
noarch.rpm这两个包,这两个包安装后会自动配置安装openstack的外网yum源
安装openstack单元包
yum install openstack-utils
yum install openstack-selinux
yum upgrade
reboot
PS:外网环境十分不稳定,安装可能会经常失败,安装失败后清除安装失败的包,后则后期如果安装时由于安装包没有装全或者装好会带来意想不到麻烦。
安装Messaging server
yum install qpid-cpp-server memcached
vi /etc/qpidd.conf
auth=no
# service qpidd start
# chkconfig qpidd on
# yum install openstack-keystonepython-keystoneclient
修改配置文件
# openstack-config --set/etc/keystone/keystone.conf \
sql connectionmysql://keystone:KEYSTONE_DBPASS@controller/keystone
创建openstack keystone与数据库的连接
# openstack-db --init --service keystone--password KEYSTONE_DBPASS
定义一个授权令牌
# ADMIN_TOKEN=$(openssl rand -hex 10)
# echo $ADMIN_TOKEN
# openstack-config --set/etc/keystone/keystone.conf DEFAULT \
admin_token $ADMIN_TOKEN
配置创建密钥与证书
# keystone-manage pki_setup --keystone-userkeystone --keystone-group
keystone
# chown -R keystone:keystone/etc/keystone/* /var/log/keystone/keystone.
log
启动keystone
# service openstack-keystone start
# chkconfig openstack-keystone on
定义用户租客和roles
导出环境变量
# export OS_SERVICE_TOKEN=ADMIN_TOKEN
# exportOS_SERVICE_ENDPOINT=http://controller:35357/v2.0
PS:这里的ADMIN_TOKEN是上面定义授权令牌时候生成的一串数字
可以将上述编辑成以后文件之后source这个文件
创建admin租客
# keystone tenant-create --name=admin--description="Admin Tenant"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description| Admin Tenant |
| enabled | True |
| id | 17d0aac7259c4f308c5ed81904e267f2 |
| name | admin |
+-------------+----------------------------------+
# keystone tenant-create --name=service--description="Service Tenant"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Service Tenant |
| enabled | True |
| id |54a02d2556c1423eaee8a514da372e0f |
| name | service |
+-------------+----------------------------------+
PS:这里很有可能会报错,提示租户无法创建,重启keystone会解决问题
Service openstack-keystone restart
keystone user-create --name=admin--pass=ADMIN_PASS\
ADMIN_PASS是你设置的秘密
keystone user-create --name=admin --pass=PASSWORD\
创建服务与定义API endpoint
keystone service-create --name=keystone--type=identity \
--description="Keystone IdentityService"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Keystone Identity Service |
| id |7711a2a72fb34caea36782f7cd669e03 |
| name | keystone |
| type | identity
定义API
keystone endpoint-create \
--service-id=7711a2a72fb34caea36782f7cd669e03\
--publicurl=http://controller:5000/v2.0 \
--internalurl=http://controller:5000/v2.0 \
--adminurl=http://controller:35357/v2.0
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| adminurl | http://controller:35357/v2.0 |
| id |e153f3c72b2544cf8f7f0bd557a62cad |
| internalurl | http://controller:5000/v2.0 |
| publicurl | http://controller:5000/v2.0 |
| region | regionOne |
| service_id | 7711a2a72fb34caea36782f7cd669e03 |
Vi一个文件,包含以下内容
export OS_USERNAME=admin
export OS_PASSWORD=PASSWORD
export OS_TENANT_NAME=admin
export OS_AUTH_URL=http://controller:35357/v2.0
source这个文件
校验服务
keystone user-list
+----------------------------------+---------+--------------------+--------+
| id | enabled | email | name |
+----------------------------------+---------+--------------------+--------+
| a4c2d43f80a549a19864c89d759bb3fe | True |[email protected] | admin |
说明配置正确
出过出现报错,请查看/var/log/kestone下的详细内容
安装glance组建
# yum install openstack-glance
修改配置文件
openstack-config --set/etc/glance/glance-api.conf \
DEFAULT sql_connectionmysql://glance:PASSWORD@controller/glance
openstack-config --set/etc/glance/glance-registry.conf \
DEFAULT sql_connectionmysql://glance:PASSWORD@controller/glance
创建glance数据连接
openstack-db --init --service glance--password PASSWORD
keystone下定义名为glance的用户
keystone user-create --name=glance--pass=PASSWORD --[email protected]
添加roles
keystone user-role-add --user=glance--tenant=service --role=admin
添加glance roles
keystone user-role-add --user=glance--tenant=service --role=admin
配置imgae的服务的身份验证
openstack-config --set/etc/glance/glance-api.conf keystone_authtoken \
auth_uri http://controller:5000
openstack-config --set/etc/glance/glance-api.conf keystone_authtoken \
auth_host controller
openstack-config --set/etc/glance/glance-api.conf keystone_authtoken \
admin_tenant_name service
openstack-config --set/etc/glance/glance-api.conf keystone_authtoken \
admin_user glance
openstack-config --set/etc/glance/glance-api.conf keystone_authtoken \
admin_password PASSWORD
openstack-config --set/etc/glance/glance-api.conf paste_deploy \
flavor keystone
openstack-config --set/etc/glance/glance-registry.conf keystone_authtoken \
auth_uri http://controller:5000
openstack-config --set/etc/glance/glance-registry.conf keystone_authtoken \
auth_host controller
openstack-config --set/etc/glance/glance-registry.conf keystone_authtoken \
admin_tenant_name service
openstack-config --set/etc/glance/glance-registry.conf keystone_authtoken \
admin_user glance
openstack-config --set/etc/glance/glance-registry.conf keystone_authtoken \
admin_password PASSWORD
openstack-config --set/etc/glance/glance-registry.conf paste_deploy \
flavor keystone
添加凭证到/etc/glance/glance-api-paste.ini和/etc/
glance/glance-registry-paste.inifiles.两个文件
# cp/usr/share/glance/glance-api-dist-paste.ini /etc/glance/glance-api-paste.ini
# cp/usr/share/glance/glance-registry-dist-paste.ini/etc/glance/glance-registry-paste.in
并且添加以下内容
[filter:authtoken]
paste.filter_factory=keystoneclient.middleware.auth_token:filter_factory
auth_host=controller
admin_user=glance
admin_tenant_name=service
admin_password=PASSWORD
keysotne创建glance服务
# keystone service-create --name=glance--type=image \
--description="Glance ImageService"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Glance Image Service |
| id | f7494dceb5ef46e7960827a0ecdde89e|
| name | glance |
| type | image |
+-------------+----------------------------------+
Keystone创建glance的endpoint
keystone endpoint-create \
--service-id=f7494dceb5ef46e7960827a0ecdde89e\
--publicurl=http://controller:9292 \
--internalurl=http://controller:9292 \
--adminurl=http://controller:9292
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| adminurl | http://controller:9292 |
| id |fe7cc75f8741455cb0688927845799b2 |
| internalurl | http://controller:9292 |
| publicurl | http://controller:9292 | +----+------+-------------+------------------+------+--------+
| region | regionOne |
| service_id | f7494dceb5ef46e7960827a0ecdde89e |
启动glance服务
# service openstack-glance-api start
# service openstack-glance-registry start
# chkconfig openstack-glance-api on
# chkconfig openstack-glance-registry on
校验glance服务
执行glance imgae-list命令
+----+------+-------------+------------------+------+--------+
| ID | Name | Disk Format | ContainerFormat | Size | Status |
+----+------+-------------+------------------+------+--------+
表示正常,如果有报错请查看var/log/glance下的详细内容
yum install openstack-novapython-novaclient
修改配置文件
openstack-config --set /etc/nova/nova.conf\
database connectionmysql://nova:PASSWORD@controller/nova
配置使用messaging server
openstack-config --set /etc/nova/nova.conf\
DEFAULT rpc_backendnova.openstack.common.rpc.impl_qpid
Openstack-config --set /etc/nova/nova.confDEFAULT qpid_hostname controller
配置nova数据连接
openstack-db --init --service nova--password PASSWORD
配置my—IP vncserver listen 和vncserver_proxyclient_address
openstack-config --set /etc/nova/nova.confDEFAULT my_ip 192.168.205.177
openstack-config --set /etc/nova/nova.confDEFAULT vncserver_listen 192.168.205.177
openstack-config --set /etc/nova/nova.confDEFAULT vncserver_proxyclient_address 192.168.205.177
keysotne创建nova user
keystone user-create --name=nova--pass=PASSWORD --email [email protected]
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | [email protected] |
| enabled | True |
| id |0ab2486266cb40f4808b03cd0f99929c |
| name | nova |
添加roles
keystone user-role-add --user=nova--tenant=service --role=admin
配置计算服务的身份验证
openstack-config --set /etc/nova/nova.confDEFAULT auth_strategy keystone
openstack-config --set /etc/nova/nova.confkeystone_authtoken auth_host controller
openstack-config --set /etc/nova/nova.confkeystone_authtoken auth_protocol http
openstack-config --set /etc/nova/nova.confkeystone_authtoken auth_port 35357
openstack-config --set /etc/nova/nova.confkeystone_authtoken admin_user nova
openstack-config --set /etc/nova/nova.confkeystone_authtoken admin_tenant_name service
openstack-config --set /etc/nova/nova.confkeystone_authtoken admin_password PASSWORD
vi /etc/nova/api-paste.init
paste.filter_factory =keystoneclient.middleware.auth_token:filter_factory
auth_host = controller
auth_port = 35357
auth_protocol = http
auth_uri = http://controller:5000/v2.0
admin_tenant_name = service
admin_user = nova
admin_password = PASSWORD
keysotne创建nova service
keystone service-create --name=nova--type=compute \
--description="Nova Computeservice"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Nova Compute service |
| id |3b1a58f73d9d43e2807e8148448a333f |
| name | nova |
| type | compute |
创建endpoint
keystone endpoint-create \
--service-id=3b2d8cd63d444ac4b7899e65eeb0021a\
--publicurl=http://controller:8774/v2/%\(tenant_id\)s\
--internalurl=http://controller:8774/v2/%\(tenant_id\)s\
--adminurl=http://controller:8774/v2/%\(tenant_id\)s
+-------------+-----------------------------------------+
| Property | Value |
+-------------+-----------------------------------------+
| adminurl |http://controller:8774/v2/%(tenant_id)s |
| id | 01d675db4ef949a496fc7c603df6df8a |
| internalurl |http://controller:8774/v2/%(tenant_id)s |
| publicurl |http://controller:8774/v2/%(tenant_id)s |
| region | regionOne |
| service_id | 3b1a58f73d9d43e2807e8148448a333f |
启动nova的各项服务
# service openstack-nova-api start
# service openstack-nova-cert start
# service openstack-nova-consoleauth start
# service openstack-nova-scheduler start
# service openstack-nova-conductor start
# service openstack-nova-novncproxy start
# chkconfig openstack-nova-consoleauth on
# chkconfig openstack-nova-scheduler on
# chkconfig openstack-nova-conductor on
# chkconfig openstack-nova-novncproxy on
校验nova服务
执行nova list显示虚拟机等信息。
如果无返回输出其他。说明nova服务不正常,请查看/var/log/nova下的详细日志
yum install openstack-nova-network
修改配置文件
openstack-config --set /etc/nova/nova.confDEFAULT network_manager nova.network.manager.FlatDHCPManager
openstack-config --set /etc/nova/nova.confDEFAULT firewall_driver nova.virt.libvirt.firewall.IptablesFirewallDriver
openstack-config --set /etc/nova/nova.confDEFAULT network_size 254
openstack-config --set /etc/nova/nova.confDEFAULT allow_same_net_traffic False
openstack-config --set /etc/nova/nova.confDEFAULT multi_host True
openstack-config --set /etc/nova/nova.confDEFAULT send_arp_for_ha True
openstack-config --set /etc/nova/nova.confDEFAULT share_dhcp_address Ture
openstack-config --set /etc/nova/nova.confDEFAULT force_dhcp_release True
openstack-config --set /etc/nova/nova.confDEFAULT flat_interface eth0
openstack-config --set /etc/nova/nova.confDEFAULT flat_network_bridge br100
openstack-config --set /etc/nova/nova.confDEFAULT public_interface eth0
nova network-create vmnet--fixed-range-v4=192.168.205.0/24 --bridge=br100 --multi-host=T
安装一个本地数据元
# yum install openstack-nova-api
# service openstack-nova-metadata-api start
# chkconfig openstack-nova-metadata-api on
启动nova network
# service openstack-nova-network start
# chkconfig openstack-nova-network on
创建vlan
nova network-create vmnet--fixed-range-v4=10.0.0.0/24 \
--bridge=br100 --multi-host=T
Nova network-list查看创建网络
开放安全规则
nova secgroup-add-rule defaulttcp 22 220.0.0.0/0
nova secgroup-add-rule defaulticmp -1 -10.0.0.0/0
校验各项服务是否正常
nova flavor-list
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+
| ID | Name | Memory_MB | Disk | Ephemeral| Swap | VCPUs |
RXTX_Factor | Is_Public |
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+
| 1 | m1.tiny | 512 | 1 | 0 | | 1 | 1.0
| True |
| 2 | m1.small | 2048 | 20 | 0 | | 1 | 1.0
| True |
| 3 | m1.medium | 4096 | 40 | 0 | | 2 | 1.0
| True |
| 4 | m1.large | 8192 | 80 | 0 | | 4 | 1.0
| True |
| 5 | m1.xlarge | 16384 | 160 | 0 | | 8 |1.0
| True |
+----+-----------+-----------+------+-----------+-----
nova image-list
+--------------------------------------+--------------+--------+--------+
| ID | Name | Status | Server |
+--------------------------------------+--------------+--------+--------+
| 9e5c2bee-0373-414c-b4af-b91b0246ad3b |CirrOS 0.3.1 | ACTIVE | |
yum install memcached python-memcachedmod_wsgi openstack-dashboard
修改缓存
打开/etc/openstack-dashboard/local_settings查看
CACHES = {
'default': {
'BACKEND' :'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION' : '127.0.0.1:11211'
}
}
修改/etc/openstack-dashboard/local_settings
ALLOWED_HOSTS = ['192.168.205.177','my-desktop']
修改/etc/openstack-dashboard/local_settings
OPENSTACK_HOST = "controller"
启动dashboard
# service httpd start
# service memcached start
# chkconfig httpd on
# chkconfig memcached on
校验安装
浏览器输入http://192.168.205.177/dashboard
如果正常会显示opnestack的图行界面,如果有问题
请查看/var/log/httpd中的相关问题
遇到问题:界面无法打开,由于防火墙启动。关闭防火墙界面正常启动
创建image disk
qemu-img create -f qcow2 rhel6.img 10GB
启动virt-manager创建虚拟机
安装虚拟机过程略
安装后修改虚拟机如下几个配置问题
#: vi /etc/hosts
# Do not remove the following line, orvarious programs
# that require network functionality willfail.
127.0.0.1 localhost.localdomain localhost
#: vi /etc/sysconfig/network
NETWORKING=yes
Vi /etc/sysconfig/network-scripts/ifcfg-eth0
#: vi/etc/sysconfig/network-scripts/ifcfg-eth0
# Intel Corporation 82562GT 10/100 NetworkConnection
DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
TYPE=Ethernet
PERSISTENT_DHCLIENT=1
删除 /lib/udec/wirte_net_rules文件
#: mv /lib/udev/write_net_rules/lib/udev/write_net_rules.bak
修改selinux disabled
#: service iptables stop
#: service ip6tables stop
#: chkconfig iptables off
#: chkconfig ip6tables off
关闭虚拟机
Glance制作image镜像
glance image-create --name rhel6--disk-format qcow2 --container-format bare --is-public true < rhel6.img
查看flavor的情况
# nova flavor-list
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+-------------+
| ID | Name | Memory_MB | Disk | Ephemeral | Swap |VCPUs | RXTX_Factor | Is_Public | extra_specs |
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+-------------+
| 1 | m1.tiny | 512 | 0 | 0 | | 1 | 1.0 | True | {} |
| 2 | m1.small | 2048 | 10 | 20 | | 1 | 1.0 | True | {} |
| 3 | m1.medium | 4096 | 10 | 40 | | 2 | 1.0 | True | {} |
| 4 | m1.large | 8192 | 10 | 80 | | 4 | 1.0 | True | {} |
| 5 | m1.xlarge | 16384 | 10 | 160 | | 8 | 1.0 | True | {} |
| 6 | cubj | 4096 | 40 | 0 | | 2 | 1.0 | True | {} |
创建新的风格
novaflavor-create
Nova boot --flavor --image ID --availability-zon--nic"net-id=1c80a78c-bba5-4c57-8c9f-99cb8cd0f474,v4-fixed-ip=192.168.205.176" test