OpenStack-train版安装之安装Keystone(认证服务)、Glance(镜像服务)、Placement

安装Keystone(认证服务)、Glance(镜像服务)、Placement

  • 安装Keystone(认证服务)
  • 安装Glance(镜像服务)
  • 安装Placement

安装Keystone(认证服务)

  1. 数据库创建、创建用户并授权
 # mysql
MariaDB [(none)]> CREATE DATABASE keystone;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
IDENTIFIED BY 'KEYSTONE_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
    			IDENTIFIED BY 'KEYSTONE_DBPASS';
  1. 安装和配置
 # yum install openstack-keystone httpd mod_wsgi -y

配置,修改配置文件/etc/keystone/keystone.conf,在对应分组【[组名]】下添加配置:
[database]
connection = mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone
[token]
provider = fernet

初始化数据库:

 # su -s /bin/sh -c "keystone-manage db_sync" keystone

初始化密钥库:

# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

引导认证服务:

# keystone-manage bootstrap --bootstrap-password ADMIN_PASS \
  --bootstrap-admin-url http://controller:5000/v3/ \
  --bootstrap-internal-url http://controller:5000/v3/ \
  --bootstrap-public-url http://controller:5000/v3/ \
  --bootstrap-region-id RegionOne

配置,修改配置文件/etc/httpd/conf/httpd.conf,在配置ServerAdmin root@localhost下一行添加ServerName controller:
OpenStack-train版安装之安装Keystone(认证服务)、Glance(镜像服务)、Placement_第1张图片
创建软链:

# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/

设置开机启动并启动服务:

# systemctl enable httpd.service
# systemctl start httpd.service

验证

# systemctl status httpd.service
# lsof -i:5000
  1. 创建OpenStack客户端环境脚本
# mkdir -p /root/.openstack
# cat >> /root/.openstack/admin-openrc << EOF
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=ADMIN_PASS
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
EOF

加入环境变量,生效:

# cat >> /root/.bashrc << EOF
source  /root/.openstack/admin-openrc
EOF
# source /root/.bashrc
  1. 验证
    可正常查询:
# openstack token issue

OpenStack-train版安装之安装Keystone(认证服务)、Glance(镜像服务)、Placement_第2张图片
验证auth_url返回报文:

# curl controller:5000/v3

在这里插入图片描述

  1. 创建域、项目、用户、角色
# openstack domain create --description "An Example Domain" example
# openstack project create --domain default   --description "Service Project" service
# openstack project create --domain default   --description "Demo Project" myproject
# openstack user create --domain default   --password-prompt myuser

输入用户密码、确认密码:MYUSER_PASS
创建角色、将用户加入角色:

# openstack role create myrole
# openstack role add --project myproject --user myuser myrole
  1. 说明
  • 详细说明参考官网:
    https://docs.openstack.org/keystone/train/install/keystone-install-rdo.html
  • 安装mysql时做了安装初始化,将密码设置为无,如有设置密码,连接时请加账号密码。
  • OpenStack部署完成后使用,dashboard中使用角色管理时提示【错误:在keystone中无法找到默认角色user】。解决方法一:创建user角色:openstack role create user。解决方法二:安装Horizon配置‘OPENSTACK_KEYSTONE_DEFAULT_ROLE = “user”’将user改为其他已存在的角色。

安装Glance(镜像服务)

  1. 数据库创建、创建用户并授权
# mysql
MariaDB [(none)]> CREATE DATABASE glance;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' \
IDENTIFIED BY 'GLANCE_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' \
                IDENTIFIED BY 'GLANCE_DBPASS';
  1. 创建服务凭证
 # openstack user create --domain default --password-prompt glance

输入密码:GLANCE_PASS
确认密码:GLANCE_PASS

# openstack role add --project service --user glance admin

# openstack service create --name glance   --description "OpenStack Image" image
  1. 创建服务API接入点
# openstack endpoint create --region RegionOne   image public http://controller:9292
# openstack endpoint create --region RegionOne   image internal http://controller:9292
# openstack endpoint create --region RegionOne   image admin http://controller:9292
  1. 安装和配置
# yum install openstack-glance -y

配置,修改配置文件/etc/glance/glance-api.conf,在对应分组【[组名]】下添加配置:
[database]
connection = mysql+pymysql://glance:GLANCE_DBPASS@controller/glance
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = GLANCE_PASS
[paste_deploy]
flavor = keystone
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/

初始化数据库:

# su -s /bin/sh -c "glance-manage db_sync" glance

设置开机启动并启动服务:

# systemctl enable openstack-glance-api.service
# systemctl start openstack-glance-api.service
  1. 验证
    公网下载镜像(下载失败可直接使用浏览器下载):
# wget http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img

上传镜像到glance服务:

# glance image-create --name "cirros"   --file cirros-0.4.0-x86_64-disk.img   --disk-format qcow2 --container-format bare   --visibility public

查看镜像列表:

# glance image-list

或者

# openstack image list

OpenStack-train版安装之安装Keystone(认证服务)、Glance(镜像服务)、Placement_第3张图片

验证镜像服务的接入点:

#curl controller:9292

在这里插入图片描述

  1. 说明
  • 详细说明参考官网:
    https://docs.openstack.org/glance/train/install/install-rdo.html
  • 安装mysql时做了安装初始化,将密码设置为无,如有设置密码,连接时请加账号密码。

安装Placement

  1. 数据库创建、创建用户并授权
# mysql
MariaDB [(none)]> CREATE DATABASE placement;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' \
IDENTIFIED BY 'PLACEMENT_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' \
                IDENTIFIED BY 'PLACEMENT_DBPASS';
  1. 创建服务凭证
# openstack user create --domain default --password-prompt placement

输入密码:PLACEMENT_PASS
确认密码:PLACEMENT_PASS

# openstack role add --project service --user placement admin

# openstack service create --name placement   --description "Placement API" placement
  1. 创建服务API接入点
# openstack endpoint create --region RegionOne   placement public http://controller:8778
# openstack endpoint create --region RegionOne   placement internal http://controller:8778
# openstack endpoint create --region RegionOne   placement admin http://controller:8778
  1. 安装和配置
# yum install openstack-placement-api -y

配置,修改配置文件/etc/placement/placement.conf,在对应分组【[组名]】下添加配置:
[placement_database]
connection = mysql+pymysql://placement:PLACEMENT_DBPASS@controller/placement
[api]
auth_strategy = keystone
[keystone_authtoken]
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = placement
password = PLACEMENT_PASS

配置,修改配置文件/etc/httpd/conf.d/00-placement-api.conf,添加配置:

= 2.4>
Require all granted


Order allow,deny
Allow from all

初始化数据库:

# su -s /bin/sh -c "placement-manage db sync" placement

设置开机启动并启动服务:

# systemctl restart httpd
  1. 验证
    状态是否正常:
# placement-status upgrade check

OpenStack-train版安装之安装Keystone(认证服务)、Glance(镜像服务)、Placement_第4张图片

验证接入点:

# curl controller:8778

在这里插入图片描述

  1. 说明
  • 详细说明参考官网:
    https://docs.openstack.org/placement/train/install/install-rdo.html
  • 安装mysql时做了安装初始化,将密码设置为无,如有设置密码,连接时请加账号密码。

你可能感兴趣的:(OpenStack,openstack)