Ubuntu12.04 OpenStack Folsom 安装(VLAN模式)
本博客欢迎转发,但请保留原作者(新浪微博:@孔令贤HW;博客地址:http://blog.csdn.net/lynn_kong)信息!内容系本人学习、研究和总结,如有雷同,实属荣幸!
更新日志:
2013.2.27 修改控制节点安装quantum时,对bridge_mappings的处理
2013.3.11 修改安装cinder时对开机挂载的处理
这篇文章基本是照搬沙克的安装教程,但做了一些小小的改动以及我安装过程中出现的问题及解决方法(比如安装mysql后普通用户登陆失败和安装OVS后出现的问题等等)。原帖地址:http://www.chenshake.com/openstack-folsom-install-guide-vlan-mode/
Openstack Folsom 安装比较复杂,尤其是Quantum部分,新的内容很多。Quantum的租户网络有两种模式:GRE和VLAN模式,这两种方式配置有很大的区别,一个明显的区别就是控制节点,Vlan模式2块网卡,GRE模式需要3块网卡。
我基本会参考原文做翻译,下面的和原文差异的地方
1. 我的网络会会原文不同, 文档我会在真实的环境下验证,由于每个人的网络基本都是不一样,所以文档和IP相关的地方,我基本采用变量,比较灵活的方式,大家可以用sed命令实现修改。很多朋友安装不成功,基本都是因为更换IP,导致有地方没修改,所以提供sed的命令修改。
2. 对原文提供的两个keystone导入数据的脚本做了细微的修改,主要是采用变量,让他更加灵活。
3. mysql直接采用IP访问,而不是localhost
4. keystone的token采用随机生成,而不是password
介绍
|
控制节点(2块网卡) |
计算节点(2块网卡) |
管理网络(eth0) |
182.168.61.24/24 |
182.168.61.22/24 |
|
182.168.61.25/24 |
182.168.61.26/24 |
hostname |
controller |
compute1 |
服务 |
MySQL |
kvm |
|
|
|
要求
1. 控制节点和计算节点需要2块网卡,计算节点需要支持虚拟化
2. 全部的命令都是在root下运行
控制节点
操作系统
安装ubuntu 12.04.1 Server版本,最小化安装,只需要安装SSH server就可以。Cinder 需要一个单独的分区或者硬盘。可以在安装时创建LVM,在安装cinder时修改卷组的名称即可。
源
目前Folsom进入ubuntu 12.04的官方的源,不过需要你手工添加。
cat <<EOF >>/etc/apt/sources.list
deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-proposed/folsom main
deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/folsom main
EOF
运行下面命令
apt-get install ubuntu-cloud-keyring
apt-get update && apt-get -y dist-upgrade
(2012.12.20添加下面内容)
如果出现perl: warning: Setting locale failed告警提示,解决方法如下:
vi /root/.bashrc
再最底部加上
export LC_ALL=C
或者直接运行
echo "export LC_ALL=C" >> /root/.bashrc
然后执行一下:
source /root/.bashrc
(2012.12.20添加下面内容)
如果apt-get update更新失败,尝试将目录/var/lib/apt/lists/下文件删除后重试。
Hostname设置(可选)
# cat /etc/hostname
controller
# cat /etc/hosts
127.0.0.1 localhost
182.168.61.24 controller.konglingxian.com controller
182.168.61.22 compute1.konglingxian.com compute1
# hostname
controller
# hostname -f
controller.konglingxian.com
网络
直接设置 /etc/network/interfaces
# cat /etc/network/interfaces
# This file describes network interfaces avaiulable on your system
# and how to activate them. For more information, see interfaces(5).
# Modified by convert_static.sh.
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 182.168.61.24
netmask 255.255.255.0
network 182.168.61.0
broadcast 182.168.61.255
gateway 182.168.61.1
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 182.168.61.1
dns-search controller.konglingxian.com
auto eth1
iface eth1 inet static
address 182.168.61.25
netmask 255.255.255.0
重启服务
/etc/init.d/networking restart
设置IP转发
sed -i -r 's/^\s*#(net\.ipv4\.ip_forward=1.*)/\1/' /etc/sysctl.conf
echo 1 > /proc/sys/net/ipv4/ip_forward
检查修改结果
# sysctl -p
net.ipv4.ip_forward = 1
NTP服务器
如果没有安装NTP,先安装:apt-get install ntp,编辑 /etc/ntp.conf ,在 server ntp.ubuntu.com 下添加两行
server ntp.ubuntu.com
server 127.127.1.0
fudge 127.127.1.0 stratum 10
或者直接运行下面命令
sed -i 's/server ntp.ubuntu.com/server ntp.ubuntu.com\nserver 127.127.1.0\nfudge 127.127.1.0 stratum 10/g' /etc/ntp.conf
重启NTP服务
service ntp restart
环境变量
cat >/root/novarc <<EOF
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=Galax8800
export MYSQL_PASS=Galax8800
export SERVICE_PASSWORD=Galax8800
export RABBIT_PASSWORD=Galax8800
export FIXED_RANGE=10.0.0.0/24
export FLOATING_RANGE=$(/sbin/ifconfig eth0 | awk '/inet addr/ {print $2}' | cut -f2 -d ":" | awk -F "."'{print $1"."$2"."$3}').245/29
export OS_AUTH_URL="http://localhost:5000/v2.0/"
export SERVICE_ENDPOINT="http://localhost:35357/v2.0"
export SERVICE_TOKEN=$(openssl rand -hex 10)
export MASTER="$(/sbin/ifconfig eth0 | awk '/inet addr/ {print $2}' | cut -f2 -d ":")"
export LOCAL_IP="$(/sbin/ifconfig eth1 | awk '/inet addr/ {print $2}' | cut -f2 -d ":")"
EOF
你可以根据你的需要调整用户的密码。
source ~/novarc
echo "source ~/novarc">>.bashrc
Mysql
下面是我们需要用到的数据库
数据库 |
用户 |
密码 |
mysql |
root |
Galax8800 |
nova |
nova |
Galax8800 |
keystone |
keystone |
Galax8800 |
glance |
glance |
Galax8800 |
cinder |
cinder |
Galax8800 |
quantum |
quantum |
Galax8800 |
|
|
|
安装
设置自动安装,无需输入密码
cat <<MYSQL_PRESEED | debconf-set-selections
mysql-server-5.5 mysql-server/root_password password $MYSQL_PASS
mysql-server-5.5 mysql-server/root_password_again password $MYSQL_PASS
mysql-server-5.5 mysql-server/start_on_boot boolean true
MYSQL_PRESEED
安装mysql
apt-get -y install mysql-server python-mysqldb
设置
运行远程访问mysql
sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf
重启服务
service mysql restart
创建数据库
mysql -uroot -p$MYSQL_PASS <<EOF
CREATE DATABASE nova;
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '$MYSQL_PASS';
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '$MYSQL_PASS';
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%'IDENTIFIED BY '$MYSQL_PASS';
CREATE DATABASE cinder;
GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%'IDENTIFIED BY '$MYSQL_PASS';
CREATE DATABASE quantum;
GRANT ALL PRIVILEGES ON quantum.* TO 'quantum'@'%'IDENTIFIED BY '$MYSQL_PASS';
FLUSH PRIVILEGES;
EOF
添加用户后需要以root身份登录数据库,执行以下操作才能使新用户生效!
use mysql;
delete from user where user='';
FLUSH PRIVILEGES;
如果要在本机用数据库连接工具连接mysql(比如Navicat),则需要以root登录数据库后执行:
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%'IDENTIFIED BY 'Galax8800';
FLUSH PRIVILEGES;
RabbitMQ
安装
apt-get -y install rabbitmq-server
设置
修改默认密码
我们把默认密码 guest,改成Galax8800
rabbitmqctl change_password guest $RABBIT_PASSWORD
Keystone
安装
apt-get -y install keystone python-keystone python-keystoneclient
配置
编辑 /etc/keystone/keystone.conf
[DEFAULT]
admin_token = d111cf2d97251a9e0422
bind_host = 0.0.0.0
public_port = 5000
admin_port = 35357
compute_port = 8774
verbose = True
debug = True
log_file = keystone.log
log_dir = /var/log/keystone
log_config = /etc/keystone/logging.conf
[sql]
connection = mysql://keystone:[email protected]:3306/keystone
idle_timeout = 200
或者直接运行下面脚本
sed -i -e " s/# admin_token = ADMIN/admin_token = $SERVICE_TOKEN/g; s/# bind_host = 0.0.0.0/bind_host = 0.0.0.0/g; s/# public_port = 5000/public_port = 5000/g; s/# admin_port = 35357/admin_port = 35357/g; s/# compute_port = 8774/compute_port = 8774/g; s/# verbose = True/verbose = True/g; s/# idle_timeout/idle_timeout/g" /etc/keystone/keystone.conf
使用mysql数据库
sed -i '/connection = .*/{s|sqlite:///.*|mysql://'"keystone"':'"$MYSQL_PASS"'@'"$MASTER"'/keystone|g}' /etc/keystone/keystone.conf
重启服务和初始化数据库
service keystone restart
keystone-manage db_sync
导入keystone数据
keystone-data.sh
wget http://www.chenshake.com/wp-content/uploads/2012/09/keystone-data.sh_.txt
mv keystone-data.sh_.txt keystone-data.sh
bash keystone-data.sh
导入endpoint
keystone-endpoints.sh
wget http://www.chenshake.com/wp-content/uploads/2012/09/keystone-endpoints.sh_.txt
mv keystone-endpoints.sh_.txt keystone-endpoints.sh
bash keystone-endpoints.sh
Glance
安装
apt-get -y install glance glance-api python-glanceclient glance-common
配置
编辑/etc/glance/glance-api.conf 和 /etc/glance/glance-registry.conf ,两个文件,都是修改4个地方
sql_connection = mysql://glance:[email protected]/glance
admin_tenant_name = service
admin_user = glance
admin_password = Galax8800
或者直接运行下面脚本实现
sed -i -e " s/%SERVICE_TENANT_NAME%/service/g; s/%SERVICE_USER%/glance/g; s/%SERVICE_PASSWORD%/$SERVICE_PASSWORD/g; " /etc/glance/glance-api.conf /etc/glance/glance-registry.conf
sed -i '/sql_connection = .*/{s|sqlite:///.*|mysql://'"glance"':'"$MYSQL_PASS"'@'"$MASTER"'/glance|g}' /etc/glance/glance-registry.conf /etc/glance/glance-api.conf
编辑 /etc/glance/glance-api.conf
#notifier_strategy = noop
notifier_strategy = rabbit
#rabbit_password = guest
rabbit_password = Galax8800
运行下面命令进行修改
sed -i " s/notifier_strategy = noop/notifier_strategy = rabbit/g;s/rabbit_password = guest/rabbit_password = $RABBIT_PASSWORD/g;" /etc/glance/glance-api.conf
运行下面命令
cat <<EOF >>/etc/glance/glance-api.conf
flavor = keystone+cachemanagement
EOF
cat <<EOF >>/etc/glance/glance-registry.conf
flavor = keystone
EOF
重启服务
service glance-api restart && service glance-registry restart
同步数据库
glance-manage db_sync
下载Image
我们下载CirrOS的image作为测试使用,只有10M。如果是ubuntu官方的image,220M,并且ubuntu官方的image,都是需要使用密钥登陆。
CirrOS
下载image
wget https://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-disk.img
上传image
glance image-create --name=cirros-0.3.0-x86_64 --public --container-format=bare \
--disk-format=qcow2 < /root/cirros-0.3.0-x86_64-disk.img
Cirros,是可以使用用户名和密码登陆,也可以使用密钥登陆
user:cirros
password:cubswin:)
Ubuntu官方image
下载image
wget http://cloud-images.ubuntu.com/precise/current/precise-server-cloudimg-amd64-disk1.img
上传image
glance image-create --name="Ubuntu 12.04 cloudimg amd64" --public \
--container-format=ovf --disk-format=qcow2 < /root/precise-server-cloudimg-amd64-disk1.img
user:ubuntu
只能使用密钥登陆。
测试
查看image
glance image-list
查看image详细信息
glance image-show 12e2b864-9601-4506-b19d-3f663c0b2e15
Nova
安装
apt-get -y install nova-api nova-cert nova-common nova-scheduler python-nova python-novaclient nova-consoleauth novnc nova-novncproxy
配置
编辑 /etc/nova/api-paste.ini
[filter:authtoken]
paste.filter_factory = keystone.middleware.auth_token:filter_factory
auth_host = 182.168.61.24
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = nova
admin_password = Galax8800
signing_dirname = /tmp/keystone-signing-nova
或者直接运行命令
sed -i -e "s/127.0.0.1/$MASTER/g; s/%SERVICE_TENANT_NAME%/service/g; s/%SERVICE_USER%/nova/g; s/%SERVICE_PASSWORD%/$SERVICE_PASSWORD/g; " /etc/nova/api-paste.ini
创建 /etc/nova/nova.conf 文件,直接copy下面的命令,运行就可以。
cat >/etc/nova/nova.conf <<EOF
[DEFAULT]
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/run/lock/nova
verbose=False
api_paste_config=/etc/nova/api-paste.ini
scheduler_driver=nova.scheduler.simple.SimpleScheduler
s3_host=$MASTER
ec2_host=$MASTER
ec2_dmz_host=$MASTER
rabbit_host=$MASTER
rabbit_password=$RABBIT_PASSWORD
cc_host=$MASTER
nova_url=http://$MASTER:8774/v1.1/
sql_connection=mysql://nova:$MYSQL_PASS@$MASTER/nova
ec2_url=http://$MASTER:8773/services/Cloud
root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf
# Auth
use_deprecated_auth=false
auth_strategy=keystone
keystone_ec2_url=http://$MASTER:5000/v2.0/ec2tokens
# Imaging service
glance_api_servers=$MASTER:9292
image_service=nova.image.glance.GlanceImageService
# Vnc configuration
novnc_enabled=true
novncproxy_base_url=http://$MASTER:6080/vnc_auto.html
novncproxy_port=6080
vncserver_proxyclient_address=127.0.0.1
vncserver_listen=0.0.0.0
# Network settings
network_api_class=nova.network.quantumv2.api.API
quantum_url=http://$MASTER:9696
quantum_auth_strategy=keystone
quantum_admin_tenant_name=service
quantum_admin_username=quantum
quantum_admin_password=$SERVICE_PASSWORD
quantum_admin_auth_url=http://$MASTER:35357/v2.0
libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver
linuxnet_interface_driver=nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver
# Compute #
compute_driver=libvirt.LibvirtDriver
# Cinder #
volume_api_class=nova.volume.cinder.API
osapi_volume_listen_port=5900
EOF
同步数据库
nova-manage db sync
重启服务
service nova-api restart
service nova-cert restart
service nova-consoleauth restart
service nova-scheduler restart
service nova-novncproxy restart
或者
cd /etc/init.d/; for i in $( ls nova-* ); do sudo service $i restart; done
检查服务
nova-manage service list
Open-vSwitch
安装
apt-get install -y openvswitch-switch
安装过程中可能会有:Error! Your kernel headers for kernel 3.2.0-23-generic-pae cannot be found的提示,执行以下命令安装即可:
apt-get install linux-headers-3.2.0-23-generic-pae
配置
设置网络
ovs-vsctl add-br br-ex
ovs-vsctl add-port br-ex eth1
ovs-vsctl add-br br-int
大家可以通过下面命令来查看你创建的效果, 具体的用途,正在学习中.
ovs-vsct -h
ovs-vsctl list-br
ovs-vsctl show
安装完OVS,执行ovs-vsctl add-br br-ex出现错误“connection to /var/run/openvswitch/db.sock failed: No such file or directory”的解决方法:
(参考网址:https://answers.launchpad.net/quantum/+question/210248)
1. apt-get autoremove openvswitch-datapath-dkms
2. kernel_version=`cat /proc/version | cut -d " " -f3`^C
3. apt-get install make fakeroot dkms openvswitch-switch openvswitch-datapath-dkms linux-headers-$kernel_version
Quantum
安装
apt-get -y install quantum-server python-cliff quantum-plugin-openvswitch-agent quantum-l3-agent quantum-dhcp-agent python-pyparsing
配置
编辑 /etc/quantum/quantum.conf
auth_strategy = keystone
fake_rabbit = False
rabbit_host = 182.168.61.24
rabbit_password = Galax8800
或者运行下面命令
sed -i -e " s/# auth_strategy/auth_strategy/g; s/# fake_rabbit/fake_rabbit/g; s/# rabbit_host = localhost/rabbit_host = $MASTER/g; s/# rabbit_password = guest/rabbit_password = $RABBIT_PASSWORD/g" /etc/quantum/quantum.conf
编辑 /etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini
#Under the database section
[DATABASE]
sql_connection = mysql://quantum:[email protected]/quantum
#Under the OVS section
[OVS]
tenant_network_type=vlan
network_vlan_ranges = physnet1:1:4094
或者运行下面命令
sed -i -e " s/# Example: tenant_network_type = gre/tenant_network_type = vlan/g; s/# Example: network_vlan_ranges = physnet1:1000:2999/network_vlan_ranges = physnet1:1:4094/g" /etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini
sed -i '/sql_connection = .*/{s|sqlite:///.*|mysql://'"quantum"':'"$MYSQL_PASS"'@'"$MASTER"'/quantum|g}' /etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini
sed -i "s/# Example: bridge_mappings/bridge_mappings/" /etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini
编辑 /etc/quantum/l3_agent.ini 和 /etc/quantum/api-paste.ini
[DEFAULT]
admin_tenant_name = service
admin_user = quantum
admin_password = Galax8800
或者运行下面命令
sed -i -e " s/%SERVICE_TENANT_NAME%/service/g; s/%SERVICE_USER%/quantum/g; s/%SERVICE_PASSWORD%/$SERVICE_PASSWORD/g; " /etc/quantum/l3_agent.ini /etc/quantum/api-paste.ini
重启服务
service quantum-server restart
service quantum-plugin-openvswitch-agent restart
service quantum-dhcp-agent restart
service quantum-l3-agent restart
Cinder
安装
apt-get install -y cinder-api cinder-scheduler cinder-volume iscsitarget \
open-iscsi iscsitarget-dkms python-cinderclient
配置
分区
我的硬盘专门一个分区给volume使用
umount /dev/sda5
pvcreate /dev/sda5
vgcreate cinder-volumes /dev/sda5
如果在安装系统时已经创建了LVM卷组,则使用LVM命令修改卷组名称即可。
去掉开机挂载
sed -i '/dev\/mapper/s/^/#/g' /etc/fstab
iscsi
sed -i 's/false/true/g' /etc/default/iscsitarget
service iscsitarget restart
service open-iscsi restart
编辑 /etc/cinder/cinder.conf ,直接运行下面命令就可以.
cat >/etc/cinder/cinder.conf <<EOF
[DEFAULT]
rootwrap_config = /etc/cinder/rootwrap.conf
sql_connection = mysql://cinder:$MYSQL_PASS@$MASTER:3306/cinder
api_paste_confg = /etc/cinder/api-paste.ini
iscsi_helper = ietadm
volume_group = cinder-volumes
volume_name_template = volume-%s
rabbit_password = $RABBIT_PASSWORD
logdir = /var/log/cinder
verbose = False
auth_strategy = keystone
EOF
编辑 /etc/cinder/api-paste.ini
admin_tenant_name = service
admin_user = cinder
admin_password = Galax8800
或者用下面命令
sed -i -e " s/%SERVICE_TENANT_NAME%/service/g; s/%SERVICE_USER%/cinder/g; s/%SERVICE_PASSWORD%/$SERVICE_PASSWORD/g; " /etc/cinder/api-paste.ini
同步数据库
cinder-manage db sync
重启服务
service cinder-api restart
service cinder-scheduler restart
service cinder-volume restart
运行下面的命令增加开机延迟,避免出现initramfs的情况:
sed -i '/GRUB_CMDLINE_LINUX_DEFAULT/c\GRUB_CMDLINE_LINUX_DEFAULT="rootdelay=600"' /etc/default/grub
update-grub
Horizon
安装
apt-get -y install apache2 libapache2-mod-wsgi openstack-dashboard memcached python-memcache
配置
编辑 /etc/openstack-dashboard/local_settings.py,删除ubuntu主题,默认的主题有问题,注释掉下面内容
#Comment these lines
#Enable the Ubuntu theme if it is present.
#try:
# from ubuntu_theme import *
#except ImportError:
# pass
重启服务
service apache2 restart; service memcached restart
访问
http://182.168.61.24/horizon
user:admin
pass:Galax8800
或者
user:demo
pass:Galax8800
看一下中文的Dashboard,由于在控制节点没有安装计算服务,所以你是无法创建虚拟机。
计算节点
操作系统
操作系统最小化安装,ssh server就可以。
源
添加Folsom源
cat <<EOF >>/etc/apt/sources.list
deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-proposed/folsom main
deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/folsom main
EOF
运行下面命令
apt-get install ubuntu-cloud-keyring
apt-get update && apt-get -y dist-upgrade
网络
# cat /etc/network/interfaces
# This file describes network interfaces avaiulable on your system
# and how to activate them. For more information, see interfaces(5).
# Modified by convert_static.sh.
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 182.168.61.22
netmask 255.255.255.0
network 182.168.61.0
broadcast 182.168.61.255
gateway 182.168.61.1
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 182.168.61.1
dns-search compute1.konglingxian.com
# VMs Networks with OVS in tunnel mode
auto eth1
iface eth1 inet static
address 182.168.61.26
netmask 255.255.255.0
重启网络
/etc/init.d/networking restart
IP转发
sed -i -r 's/^\s*#(net\.ipv4\.ip_forward=1.*)/\1/' /etc/sysctl.conf
echo 1 > /proc/sys/net/ipv4/ip_forward
环境变量
cat >/root/novarc <<EOF
export CONTROLLER_IP=182.168.61.24
export MASTER="$(/sbin/ifconfig eth0 | awk '/inet addr/ {print $2}' | cut -f2 -d ":")"
export LOCAL_IP="$(/sbin/ifconfig eth1 | awk '/inet addr/ {print $2}' | cut -f2 -d ":")"
EOF
你根据你的情况,调整控制节点的IP
source ~/novarc
echo "source ~/novarc">>.bashrc
NTP
apt-get -y install ntp
设置
编辑 /etc/ntp.conf, 指向控制节点
server 182.168.61.24
或者运行命令
sed -i -e " s/server ntp.ubuntu.com/server $CONTROLLER_IP/g" /etc/ntp.conf
重启服务
service ntp restart
Hypervisor
apt-get install -y kvm libvirt-bin pm-utils
编辑 /etc/libvirt/qemu.conf ,添加下面内容
cgroup_device_acl = [
"/dev/null", "/dev/full", "/dev/zero",
"/dev/random", "/dev/urandom",
"/dev/ptmx", "/dev/kvm", "/dev/kqemu",
"/dev/rtc", "/dev/hpet","/dev/net/tun",
]
或者运行命令:这个地方用命令修改有点复杂,还没找到太好的办法。
cat <<EOF>>/etc/libvirt/qemu.conf
cgroup_device_acl = [
"/dev/null", "/dev/full", "/dev/zero",
"/dev/random", "/dev/urandom",
"/dev/ptmx", "/dev/kvm", "/dev/kqemu",
"/dev/rtc", "/dev/hpet","/dev/net/tun",
]
EOF
删除默认 virtual bridge
virsh net-destroy default
virsh net-undefine default
允许迁移
编辑 /etc/libvirt/libvirtd.conf, 去掉这三行的注释
listen_tls = 0
listen_tcp = 1
auth_tcp = "none"
或者运行下面命令
sed -i '/#listen_tls/s/#listen_tls/listen_tls/; /#listen_tcp/s/#listen_tcp/listen_tcp/; /#auth_tcp/s/#auth_tcp/auth_tcp/; /auth_tcp/s/sasl/none/' /etc/libvirt/libvirtd.conf
编辑 /etc/init/libvirt-bin.conf
env libvirtd_opts="-d -l"
或者使用命令
sed -i '/env libvirtd_opts/s/-d/-d -l/' /etc/init/libvirt-bin.conf
编辑 /etc/default/libvirt-bin
libvirtd_opts="-d -l"
或者使用命令
sed -i '/libvirtd_opts/s/-d/-d -l/' /etc/default/libvirt-bin
重启服务
service libvirt-bin restart
Open-vSwitch
apt-get install -y openvswitch-switch
创建bridge
ovs-vsctl add-br br-int
ovs-vsctl add-br br-eth1
ovs-vsctl add-port br-eth1 eth1
Quantum
apt-get -y install quantum-plugin-openvswitch-agent
编辑 /etc/quantum/quantum.conf , 修改和控制节点一样,直接从控制直接复制过来
scp root@$CONTROLLER_IP:/etc/quantum/quantum.conf /etc/quantum/quantum.conf
编辑 /etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini,可以从控制节点copy过来
scp root@$CONTROLLER_IP:/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini /etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini
启动agent
service quantum-plugin-openvswitch-agent restart
Nova
apt-get -y install nova-api-metadata nova-compute-kvm novnc nova-novncproxy
编辑 /etc/nova/api-paste.ini
[filter:authtoken]
paste.filter_factory = keystone.middleware.auth_token:filter_factory
auth_host = 182.168.61.24
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = nova
admin_password = Galax8800
signing_dirname = /tmp/keystone-signing-nova
或者运行下面命令,直接从控制节点复制过来就可以。
scp root@$CONTROLLER_IP:/etc/nova/api-paste.ini /etc/nova/
编辑 /etc/nova/nova-compute.conf
[DEFAULT]
libvirt_type=kvm
libvirt_ovs_bridge=br-int
libvirt_vif_type=ethernet
libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver
libvirt_use_virtio_for_bridges=True
或者运行下面命令
cat > /etc/nova/nova-compute.conf <<EOF
[DEFAULT]
libvirt_type=kvm
libvirt_ovs_bridge=br-int
libvirt_vif_type=ethernet
libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver
libvirt_use_virtio_for_bridges=True
EOF
编辑 /etc/nova/nova.conf。我们可以从控制节点copy过来修改
scp root@$CONTROLLER_IP:/etc/nova/nova.conf /etc/nova/nova.conf
修改vnc
# Vnc configuration
novnc_enabled=true
novncproxy_base_url=http://182.168.61.24:6080/vnc_auto.html
novncproxy_port=6080
vncserver_proxyclient_address=182.168.61.22
vncserver_listen=182.168.61.22
或者使用下面命令修改
sed -i 's/^vncserver_proxyclient_address.*$/vncserver_proxyclient_address='"$(/sbin/ifconfig eth0 | awk '/inet addr/ {print $2}' | cut -f2 -d ":")"'/g' /etc/nova/nova.conf
sed -i 's/^vncserver_listen.*$/vncserver_listen='"$(/sbin/ifconfig eth0 | awk '/inet addr/ {print $2}' | cut -f2 -d ":")"'/g' /etc/nova/nova.conf
重启服务
service nova-api-metadata restart
service nova-novncproxy restart
service nova-compute restart
或者
cd /etc/init.d/; for i in $( ls nova-* ); do sudo service $i restart; done
查看服务
nova-manage service list
租户网络
这部门目前没用脚本来实现,也就只能step by step。不过这个过程,倒是可以帮助你深入了解一下quantum。下面的步骤,大家需要小心就可以。我验证过一次。
查看member roles ID
keystone role-list
查看service 租户的ID
keystone tenant-list
创建一个租户
keystone tenant-create --name project_one
创建一个用户:user_one,roles是成员角色
keystone user-create --name=user_one --pass=user_one --tenant-id $put_id_of_project_one [email protected]
keystone user-role-add --tenant-id $put_id_of_project_one --user-id $put_id_of_user_one --role-id $put_id_of_member_role
为该租户创建一个网络
quantum net-create --tenant-id $put_id_of_project_one net_proj_one --provider:network_type vlan --provider:physical_network physnet1 --provider:segmentation_id 1024
为租户创建一个子网
quantum subnet-create --tenant-id $put_id_of_project_one net_proj_one 10.10.10.0/24
为租户创建一个路由
quantum router-create --tenant_id $put_id_of_project_one router_proj_one
路由和网络进行关联
quantum router-interface-add $put_router_proj_one_id_here $put_subnet_id_here
创建外部网络(service 租户的ID,通过 keystone tenant-list 查看)
quantum net-create --tenant-id $put_id_of_service_tenant ext_net --router:external=True
编辑/etc/quantum/l3_agent.ini
gateway_external_network_id = $id_of_ext_net
router_id = $your_router_id
设置floating IP
quantum subnet-create --tenant-id $put_id_of_service_tenant --gateway 182.168.61.1 ext_net 182.168.61.245/29 --enable_dhcp=False
设置外部网络路由
quantum router-gateway-set $put_router_proj_one_id_here $put_id_of_ext_net_proj_one_here
更新br-ex
ip addr flush dev br-ex
ip addr add 182.168.61.245/29 dev br-ex
ip link set br-ex up