CentOS6.5部署OpenStack Havana(Nova-Network版)

一、环境和说明

1.测试环境

操作系统:

CentOS6.5_mini-x64.iso

 

OpenStack版本:

Havana Release 2013.2

 

2.部署架构

OpenStack+KVM的部署架构

 

3.拓扑

 

CentOS6.5部署OpenStack Havana(Nova-Network版)_第1张图片

 

4.OpenStack介绍

    OpenStack 是一个开源的 IaaS(基础设施及服务)云计算平台,让任何人都可以自行建立和提供云端运算服务。OpenStack 由一系列相互关联的项目提供云基础设施解决方案的各个组件,核心项目(9 个):

计算 (Compute) - Nova;

网络和地址管理 - Neutron;

对象存储 (Object) - Swift;

块存储 (Block) - Cinder;

身份 (Identity) - keystone;

镜像 (Image) - Glance;

UI 界面 (Dashboard) - Horizon;

测量 (Metering) - Ceilometer;

编配 (Orchestration) – Heat;

 

CentOS6.5部署OpenStack Havana(Nova-Network版)_第2张图片

 

5.OpenStack各组件及其关系

 

CentOS6.5部署OpenStack Havana(Nova-Network版)_第3张图片

 

 

6.主机分配:

主 机名             IP(Static)                        系统                                           配置                                        角色

openstack      192.168.10.21     CentOS-6.4-x86_64-minimal     4CPU,16G RAM,300G DISK,2网卡        管理节点/计算节点

node01          192.168.10.22     CentOS-6.4-x86_64-minimal     4CPU,16G RAM,300G DISK,2网卡        计算节点


二、管理节点安装(OpenStack)

1.基础配置

操作系统使用CentOS-6.4-x86_64-minimal.iso,安装过程省略,本文采用yum源安装。

(1).导入第三方安装源

 

[root@openstack ~]# rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

[root@openstack ~]# rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm

[root@openstack ~]# yum install http://repos.fedorapeople.org/repos/openstack/openstack-havana/rdo-release-havana-7.noarch.rpm

 

(2).配置/etc/hosts文件

[root@openstack ~]# vi /etc/hosts

 

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4

::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

192.168.10.21   openstack

192.168.10.22   node01

 

(3).配置网络

 

[root@openstack ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0 

DEVICE="eth0"

BOOTPROTO="static"

HWADDR="E4:1F:13:45:AB:C8"

ONBOOT="yes"

IPADDR=192.168.10.21

NETMASK=255.255.255.0

GATEWAY=192.168.10.1

TYPE="Ethernet"

[root@openstack ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth1

DEVICE="eth1"

BOOTPROTO="none"

HWADDR="E4:1F:13:45:AB:CA"

ONBOOT="yes"

TYPE="Ethernet"

 

(4).关闭selinux:

 

[root@openstack ~]# more /etc/selinux/config 

# This file controls the state of SELinux on the system.

# SELINUX= can take one of these three values:

#       enforcing - SELinux security policy is enforced.

#       permissive - SELinux prints warnings instead of enforcing.

#       disabled - SELinux is fully disabled.

SELINUX=disabled

# SELINUXTYPE= type of policy in use. Possible values are:

#       targeted - Only targeted network daemons are protected.

#       strict - Full SELinux protection.

SELINUXTYPE=targeted

[root@openstack ~]# setenforce 0

(5).修改/etc/sysctl.conf参数:

[root@openstack ~]# vi /etc/sysctl.conf

……………………

net.ipv4.ip_forward = 1

……………………
[root@openstack ~]#sysctl -p                    #使sysctl.conf配置生效

 

2.安装配置NTP服务

(1).安装NTP服务:

[root@openstack ~]# yum -y install ntp

 

(2).配置NTP服务:

[root@openstack ~]# vi /etc/ntp.conf

 

driftfile /var/lib/ntp/drift

restrict default ignore

restrict 127.0.0.1 

restrict 192.168.10.0 mask 255.255.255.0 nomodify notrap

server ntp.api.bz

server  127.127.1.0     # local clock

fudge   127.127.1.0 stratum 10

keys /etc/ntp/keys

(3).启动NTP服务,设置开机自启动:

[root@openstack ~]# service ntpd start

[root@openstack ~]# chkconfig ntpd on

 

3.配置安装MySQL:

(1).安装MySQL服务:

[root@openstack ~]# yum -y install mysql mysql-server MySQL-python

(2).修改MySQL配置文件:

 

[mysqld]

datadir=/var/lib/mysql

socket=/var/lib/mysql/mysql.sock

user=mysql

# Disabling symbolic-links is recommended to prevent assorted security risks

symbolic-links=0

bind-address = 0.0.0.0                    #设置监听IP地址0.0.0.0

 

[mysqld_safe]

log-error=/var/log/mysqld.log

pid-file=/var/run/mysqld/mysqld.pid

 

(3).启动MqSQL服务,设置开机自启动:

[root@openstack ~]# service mysqld start

[root@openstack ~]# chkconfig mysqld on

 

(4).修改MySQL密码为passwd:

[root@openstack ~]# mysqladmin -uroot password 'passwd'; history -c

 

4.安装配置qpid服务

(1).安装qpid服务:

[root@openstack ~]# yum -y install qpid-cpp-server memcached

 

(2).修改/etc/qpidd.conf配置文件,将auth设置为no:

[root@openstack ~]# vi/etc/qpidd.conf

……………………

auth=no

(3).启动qpid服务,设置开机启动:

 

[root@openstack ~]# service qpidd start

[root@openstack ~]# chkconfig qpidd on

(4).安装OpenStack工具包:

[root@openstack ~]# yuminstall -y openstack-utils

 

5.安装配置KeyStone

 

5.1.初始化KeyStone:

(1).安装KeyStone服务:

[root@openstack ~]# yum -y install openstack-keystone

 

(2).创建keystone数据库,修改配置文件中的数据库链接:

 

[root@openstack ~]#  openstack-db --init --service keystone

 

(3).修改配置文件中的数据库链接:

[root@openstack ~]#  openstack-config --set /etc/keystone/keystone.conf sql connection mysql://keystone:keystone@localhost/keystone

 

 

(4).使用openssl随即生成一个令牌,将其存储在配置文件中:

[root@openstack ~]# export SERVICE_TOKEN=$(openssl rand -hex 10)               //随机生成SERVICE_TOKEN值,请牢记

[root@openstack ~]# export SERVICE_ENDPOINT=http://127.0.0.1:35357/v2.0

[root@openstack ~]# mkdir /root/config

[root@openstack ~]# echo $SERVICE_TOKEN > /root/config/ks_admin_token.txt

[root@openstack ~]# cat /root/config/ks_admin_token .txt

12dd70ede7c9d9d3ed3c

[root@openstack ~]# openstack-config --set /etc/keystone/keystone.conf DEFAULT admin_token $SERVICE_TOKEN

*注:将生成的SERVICE_TOKEN值写入文件中保存,以备后续使用,后面涉及到的SERVICE_TOKEN值都是在ks_admin_token.txt文件中获取的。所以一旦写入文件,不要再次运行命令生成SERVICE_TOKEN,否则前后不一致会为调试带来麻烦。

 

(5).默认情况下keysonte使用PKI令牌。创建签名密钥和证书:

[root@openstack ~]# keystone-manage pki_setup --keystone-user keystone --keystone-group keystone

[root@openstack ~]# chown -R keystone:keystone /etc/keystone/* /var/log/keystone/keystone.log

 

(6).启动keystone服务,设置开机自启动:

 

[root@openstack ~]# service openstack-keystone start

[root@openstack ~]# chkconfig openstack-keystone on

 

5.2.定义Users、Tenants and Roles

(1).修改.bash_profile文件,添加以下参数:

[root@openstack ~]# vi .bash_profile

 

………………

export OS_USERNAME=admin

export OS_TENANT_NAME=admin

export OS_PASSWORD=password

export OS_AUTH_URL=http://127.0.0.1:5000/v2.0

export SERVICE_ENDPOINT=http://127.0.0.1:35357/v2.0

export SERVICE_TOKEN=12dd70ede7c9d9d3ed3c

………………

执行下面的命令使变量即时生效:

[root@openstack ~]# source .bash_profile

 

(2).为管理员用户创建一个tenant,为openstack其他服务的用户创建一个tenant:

 

[root@openstack ~]# keystone tenant-create --name=admin --description='Admin Tenant'

[root@openstack ~]# keystone tenant-create --name=service --description='Service Tenant'

 

(3).创建一个管理员用户admin:

[root@openstack ~]# keystoneuser-create --name=admin --pass=password --email=keystone@chensh.net

 

(4).创建一个管理员角色admin:

[root@openstack ~]# keystone role-create --name=admin

 

(5).将角色添加到用户:

[root@openstack ~]# keystone user-role-add --user=admin --tenant=admin --role=admin

 

5.3.定义Services 和 API Endpoints

(1).为KeyStone创建一个服务:

[root@openstack ~]# keystoneservice-create --name=keystone --type=identity --description="KeystoneIdentity Service"

 

(2).使用服务ID创建一个endpoint:

[root@openstack ~]# vi /root/config/keystone.sh

#!/bin/bash

 

my_ip=192.168.10.21

service=$(keystone service-list | awk '/keystone/ {print $2}')

keystone endpoint-create --service-id=$service --publicurl=http://$my_ip:5000/v2.0 --internalurl=http://$my_ip:5000/v2.0 --adminurl=http://$my_ip:35357/v2.0

[root@openstack ~]# sh /root/config/keystone.sh

 

6.安装配置Glance

 

6.1.初始化Glance

(1).安装Glance服务:

[root@openstack ~]# yum -y install openstack-glance

 

(2).创建Glance数据库:

 

[root@openstack ~]# openstack-db --init --service glance

 

(3).修改配置文件中的数据库链接:

[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT sql_connection mysql://glance:glance@localhost/glance

[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf DEFAULT sql_connection mysql://glance:glance@localhost/glance

 

6.2.创建User,定义Services 和 API Endpoints

(1).为Glance服务创建一个glance用户:

 

[root@openstack ~]# keystone user-create --name=glance --pass=service [email protected]

[root@openstack ~]# keystone user-role-add --user=glance --tenant=service --role=admin

 

(2).为glance创建一个服务:

[root@openstack ~]# keystoneservice-create --name=glance --type=image --description="Glance ImageService"

 

(3).使用服务ID创建一个endpoint:

[root@openstack ~]# vi /root/config/glance.sh

#!/bin/bash

 

my_ip=192.168.10.21

service=$(keystone service-list | awk '/glance/ {print $2}')

keystone endpoint-create --service-id=$service --publicurl=http://$my_ip:9292 --internalurl=http://$my_ip:9292 --adminurl=http://$my_ip:9292

 

6.3.配置Glance服务

 

(1).将keystone认证信息添加到glance配置文件中:

 

[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_host 127.0.0.1

[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_port 35357

[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_protocol http

[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_tenant_name service

[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_user glance

[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_password service

 

[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_host 127.0.0.1

[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_port 35357

[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_protocol http

[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_tenant_name service

[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_user glance

[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_password service


(2).修改ini文件路径,将keystone认证信息添加到ini文件中:

 

[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf paste_deploy config_file /etc/glance/glance-api-paste.ini

[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone

[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf paste_deploy config_file /etc/glance/glance-registry-paste.ini

[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone

 

[root@openstack ~]# cp /usr/share/glance/glance-api-dist-paste.ini /etc/glance/glance-api-paste.ini

[root@openstack ~]# cp /usr/share/glance/glance-registry-dist-paste.ini /etc/glance/glance-registry-paste.ini

[root@openstack ~]# chown -R root:glance /etc/glance/glance-api-paste.ini 

[root@openstack ~]# chown -R root:glance /etc/glance/glance-registry-paste.ini

 

[root@openstack ~]# openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken auth_host 127.0.0.1

[root@openstack ~]# openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_tenant_name service

[root@openstack ~]# openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_user glance

[root@openstack ~]# openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_password service

[root@openstack ~]# openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken auth_host 127.0.0.1

[root@openstack ~]# openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_tenant_name service

[root@openstack ~]# openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_user glance

[root@openstack ~]# openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_password service


(3).修改镜像文件的存放路径(默认存放在/var/lib/glance目录下,若不需修改,此步骤可省略)

[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT filesystem_store_datadir /openstack/lib/glance/images/

[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT scrubber_datadir /openstack/lib/glance/scrubber

[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT image_cache_dir /openstack/lib/glance/image-cache/

[root@openstack ~]# mkdir -p /openstack/lib

[root@openstack ~]# cp -r /var/lib/glance/ /openstack/lib/

[root@openstack ~]# chown -R glance:glance /openstack/lib/glance/

 

(4).启动glance服务,设置开机自启动

[root@openstack ~]# service openstack-glance-api start

[root@openstack ~]# service openstack-glance-registry start

[root@openstack ~]# chkconfig openstack-glance-api on

[root@openstack ~]# chkconfig openstack-glance-registry on

 

6.4.Glance测试

 

(1).上传镜像

[root@openstack ~]# glance image-create --name=centos6.4 --disk-format=qcow2 --container-format=ovf --is-public=true < /root/centos6.4-mini_x64.qcow2 

 

+------------------+--------------------------------------+

| Property         | Value                                |

+------------------+--------------------------------------+

| checksum         | 4b16b4bcfd7f4fe7f0f2fdf8919048b4     |

| container_format | ovf                                  |

| created_at       | 2014-03-31T06:26:26                  |

| deleted          | False                                |

| deleted_at       | None                                 |

| disk_format      | qcow2                                |

| id               | 45456157-9b46-4e40-8ee3-fbb2e40f227b |

| is_public        | True                                 |

| min_disk         | 0                                    |

| min_ram          | 0                                    |

| name             | centos6.4                            |

| owner            | 446893f3733b4294a7080f3b0bf1ba61     |

| protected        | False                                |

| size             | 698023936                            |

| status           | active                               |

| updated_at       | 2014-03-31T06:26:30                  |

+------------------+--------------------------------------+

 

(2).查看镜像

[root@openstack ~]# glance image-list

+--------------------------------------+-----------+-------------+------------------+-----------+--------+

| ID                                   | Name      | Disk Format | Container Format | Size      | Status |

+--------------------------------------+-----------+-------------+------------------+-----------+--------+

| 45456157-9b46-4e40-8ee3-fbb2e40f227b | centos6.4 | qcow2       | ovf              | 698023936 | active |

+--------------------------------------+-----------+-------------+------------------+-----------+--------+

 

7.安装配置Nova

 

7.1.初始化Nova

(1).安装nova:

[root@openstack ~]# yum -y install openstack-nova

 

(2).创建nova数据库:

[root@openstack ~]# openstack-db --init --service nova

 

7.2.创建User,定义Services 和 API Endpoints

(1).编写脚本:

[root@openstack ~]# vi /root/config/nova-user.sh

 

#!/bin/sh

my_ip=192.168.10.21

keystone user-create --name=nova --pass=service [email protected]

keystone user-role-add --user=nova --tenant=service --role=admin

keystone service-create --name=nova --type=compute --description="Nova Compute Service"

service=$(keystone service-list | awk '/nova/ {print $2}')

keystone endpoint-create --service-id=$service --publicurl=http://$my_ip:8774/v2/%\(tenant_id\)s --internalurl=http://$my_ip:8774/v2/%\(tenant_id\)s --adminurl=http://$my_ip:8774/v2/%\(tenant_id\)s

 

(2).运行脚本,创建用户、服务及api endpoint:

[root@openstack ~]# sh /root/config/nova-user.sh

 

7.3.配置nova服务:

 

(1).修改/etc/nova.conf配置文件:

 

 

[root@openstack ~]# vi /etc/nova/nova.conf

[DEFAULT]

my_ip = 192.168.10.21

auth_strategy = keystone

state_path = /openstack/lib/nova

verbose=True

 

allow_resize_to_same_host = true

rpc_backend = nova.openstack.common.rpc.impl_qpid

qpid_hostname = 192.168.10.21

libvirt_type = kvm

glance_api_servers = 192.168.10.21:9292

 

novncproxy_base_url = http://192.168.10.21:6080/vnc_auto.html

vncserver_listen = $my_ip

vncserver_proxyclient_address = $my_ip

vnc_enabled = true

vnc_keymap = en-us

 

network_manager = nova.network.manager.FlatDHCPManager

firewall_driver = nova.virt.firewall.NoopFirewallDriver

multi_host = True

flat_interface = eth1

flat_network_bridge = br1

public_interface = eth0

 

instance_usage_audit = True

instance_usage_audit_period = hour

notify_on_state_change = vm_and_task_state

notification_driver = nova.openstack.common.notifier.rpc_notifier

 

compute_scheduler_driver=nova.scheduler.simple.SimpleScheduler

[hyperv]

[zookeeper]

[osapi_v3]

[conductor]

[keymgr]

[cells]

[database]

[image_file_url]

[baremetal]

[rpc_notifier2]

[matchmaker_redis]

[ssl]

[trusted_computing]

[upgrade_levels]

[matchmaker_ring]

[vmware]

[spice]

[keystone_authtoken]

auth_host = 127.0.0.1

auth_port = 35357

auth_protocol = http

admin_user = nova

admin_tenant_name = service

admin_password = service

 

因上述配置文件中修改了instances实例存放的位置,还需要作一下操作:

修改instances路径,设置目录权限:

 

[root@openstack ~]# cp -r /var/lib/nova/ /openstack/lib/

[root@openstack ~]# chown -R nova:nova /openstack/lib/nova/

 

(2).配置libvirtd服务,删除virbr0

启动libvirt服务:

[root@openstack ~]# service libvirtd start

查看net-list,发现default:

[root@openstack ~]# virsh net-list

Name                 State      Autostart     Persistent

--------------------------------------------------

default              active     yes           yes

删除default,即virbr0:

[root@openstack ~]# virsh net-destroy default

Network default destroyed

[root@openstack ~]# virsh net-undefine default

Network default has been undefined

重启libvirtd服务,设置开机自启动:

[root@openstack ~]# service libvirtd restart

[root@openstack ~]# chkconfig libvirtd on

 

(3).启动nova相关服务,设置开机自启动

[root@openstack ~]# service messagebus start

[root@openstack ~]# chkconfig messagebus on

启动nova服务,采用network网络服务:

[root@openstack ~]# service openstack-nova-api start

[root@openstack ~]# service openstack-nova-cert start

[root@openstack ~]# service openstack-nova-consoleauth start

[root@openstack ~]# service openstack-nova-scheduler start

[root@openstack ~]# service openstack-nova-conductor start

[root@openstack ~]# service openstack-nova-novncproxy start

[root@openstack ~]# service openstack-nova-compute start

[root@openstack ~]# service openstack-nova-network start

 

[root@openstack ~]# chkconfig openstack-nova-api on

[root@openstack ~]# chkconfig openstack-nova-cert on

[root@openstack ~]# chkconfig openstack-nova-consoleauth on

[root@openstack ~]# chkconfig openstack-nova-scheduler on

[root@openstack ~]# chkconfig openstack-nova-conductor on

[root@openstack ~]# chkconfig openstack-nova-novncproxy on

[root@openstack ~]# chkconfig openstack-nova-compute on

[root@openstack ~]# chkconfig openstack-nova-network on

 

------------------------------------------------------------------------------------------

 

7.4.nova测试:

 

(1).创建网络:

[root@openstack ~]# nova network-create vmnet --fixed-range-v4=10.1.1.0/24 --bridge-interface=br1 --multi-host=T

[root@openstack ~]#nova network-list

 

+--------------------------------------+-------+-------------+

| ID                                   | Label | Cidr        |

+--------------------------------------+-------+-------------+

| d3bc4874-2b4b-4abf-b963-0e5ae69b7b31 | vmnet | 10.1.1.0/24 |

+--------------------------------------+-------+-------------+

 

[root@openstack ~]# nova-manage network list

id    IPv4           IPv6     start address  DNS1      DNS2     VlanID    project    uuid           

1     10.1.1.0/24    None     10.1.1.2       8.8.4.4   None     None      None       d3bc4874-2b4b-4abf-b963-0e5ae69b7b31

 

(2).设置安全组:

[root@openstack ~]# nova secgroup-add-rule default tcp 22 22 0.0.0.0/0

 

+-------------+-----------+---------+-----------+--------------+

| IP Protocol | From Port | To Port | IP Range  | Source Group |

+-------------+-----------+---------+-----------+--------------+

| tcp         | 22        | 22      | 0.0.0.0/0 |              |

+-------------+-----------+---------+-----------+--------------+

[root@openstack ~]# nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0

+-------------+-----------+---------+-----------+--------------+

| IP Protocol | From Port | To Port | IP Range  | Source Group |

+-------------+-----------+---------+-----------+--------------+

| icmp        | -1        | -1      | 0.0.0.0/0 |              |

+-------------+-----------+---------+-----------+--------------+

(3).创建虚拟机实例:

查看可用镜像:

[root@openstack ~]# nova image-list

+--------------------------------------+-----------+--------+--------------------------------------+

| ID                                   | Name      | Status | Server                               |

+--------------------------------------+-----------+--------+--------------------------------------+

| 45456157-9b46-4e40-8ee3-fbb2e40f227b | centos6.4 | ACTIVE |                                      |

+--------------------------------------+-----------+--------+--------------------------------------+

创建虚拟机实例:

[root@openstack ~]# nova boot --flavor 1 --image centos6.4 vm01

 

+--------------------------------------+--------------------------------------------------+

| Property                             | Value                                            |

+--------------------------------------+--------------------------------------------------+

| OS-DCF:diskConfig                    | MANUAL                                           |

| OS-EXT-AZ:availability_zone          | nova                                             |

| OS-EXT-SRV-ATTR:host                 | -                                                |

| OS-EXT-SRV-ATTR:hypervisor_hostname  | -                                                |

| OS-EXT-SRV-ATTR:instance_name        | instance-00000001                                |

| OS-EXT-STS:power_state               | 0                                                |

| OS-EXT-STS:task_state                | scheduling                                       |

| OS-EXT-STS:vm_state                  | building                                         |

| OS-SRV-USG:launched_at               | -                                                |

| OS-SRV-USG:terminated_at             | -                                                |

| accessIPv4                           |                                                  |

| accessIPv6                           |                                                  |

| adminPass                            | hZBG4A7eJMdL                                     |

| config_drive                         |                                                  |

| created                              | 2014-03-31T07:12:55Z                             |

| flavor                               | m1.tiny                                          |

| hostId                               |                                                  |

| id                                   | f754afe1-784f-41d0-9139-a05d25eaca20             |

| image                                | centos6.4 (45456157-9b46-4e40-8ee3-fbb2e40f227b) |

| key_name                             | -                                                |

| metadata                             | {}                                               |

| name                                 | vm01                                             |

| os-extended-volumes:volumes_attached | []                                               |

| progress                             | 0                                                |

| security_groups                      | default                                          |

| status                               | BUILD                                            |

| tenant_id                            | 446893f3733b4294a7080f3b0bf1ba61                 |

| updated                              | 2014-03-31T07:12:55Z                             |

| user_id                              | 2d7f8e7ec15c40cfb4209134cb5b30ba                 |

+--------------------------------------+--------------------------------------------------+

查看虚拟机实例运行状态:

[root@openstack ~]# nova list

 

+--------------------------------------+-----------------------+--------+------------+-------------+-----------------+

| ID                                   | Name                  | Status | Task State | Power State | Networks        |

+--------------------------------------+-----------------------+--------+------------+-------------+-----------------+

| f754afe1-784f-41d0-9139-a05d25eaca20 | vm01                  | ACTIVE | -          | Running     | vmnet=10.1.1.2  |

+--------------------------------------+-----------------------+--------+------------+-------------+-----------------+

测试虚拟机实例连通性:
[root@openstack ~]# ping 10.1.1.2

PING 10.1.1.2 (10.1.1.2) 56(84) bytes of data.

64 bytes from 10.1.1.2: icmp_seq=1 ttl=64 time=0.057 ms

64 bytes from 10.1.1.2: icmp_seq=2 ttl=64 time=0.037 ms

--- 10.1.1.2 ping statistics ---

2 packets transmitted, 2 received, 0% packet loss, time 1639ms

rtt min/avg/max/mdev = 0.037/0.047/0.057/0.010 ms

 

8.安装配置Horizon

(1).安装Horizon

[root@openstack ~]# yum -y install openstack-dashboard

 

(2).修改local_settings文件,将DEBUG = False修改为DEBUG = True

[root@openstack ~]# vi /etc/openstack-dashboard/local_settings

DEBUG = True

……

 

(3).修改httpd.conf文件,将#ServerName www.example.com:80修改为ServerName 192.168.10.21:80

[root@openstack ~]# vi /etc/httpd/conf/httpd.conf

 

#ServerName www.example.com:80

ServerName 192.168.10.21:80

 

(4).修改local_settings.py文件,将"Member"修改为"admin"

[root@openstack ~]# find / -name local_settings.py

/usr/share/openstack-dashboard/openstack_dashboard/local/local_settings.py
[root@openstack keystone]# cat /usr/share/openstack-dashboard/openstack_dashboard/local/local_settings.py | grep OPENSTACK_KEYSTONE_DEFAULT_ROLE
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member"
[root@openstack keystone]# vi /usr/share/openstack-dashboard/openstack_dashboard/local/local_settings.py
#OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "admin" 

 

(5).启动http服务,设置开机自启动

[root@openstack ~]# service httpd start

[root@openstack ~]# chkconfig httpd on

 

(6).重启nova-api服务

[root@openstack ~]# service openstack-nova-api restart

 

(7).添加防火墙策略

[root@openstack ~]# iptables -I INPUT -p tcp --dport 80 -j ACCEPT

[root@openstack ~]# iptables -I INPUT -p tcp -m multiport --dports 5900:6000 -j ACCEPT

[root@openstack ~]# iptables -I INPUT -p tcp --dport 6080 -j ACCEPT

[root@openstack ~]# service iptables save

 

Horizon安装完成,使用http://192.168.10.21/dashboard访问openstack web界面。

用户名:admin

密码:password

 

CentOS6.5部署OpenStack Havana(Nova-Network版)_第4张图片

 

9.添加新项目

(1).为操作员用户创建一个tenant:

[root@openstack ~]# keystone tenant-create --name=manager --description='Manager Tenant'

 

(2).创建操作员用户:

[root@openstack ~]# keystone user-create --name=manager --pass=password [email protected]

 

(3).创建一个管理角色manager:

[root@openstack ~]# keystone role-create --name=manager

 

(4).将manager角色添加到用户:

[root@openstack ~]# keystone user-role-add --user=manager --tenant=manager --role=manager

 

(5).将nova角色添加到用户:

[root@openstack ~]# keystone user-role-add --user=nova --tenant=service --role=manager 

 

*******************************************************************************************

三、计算节点安装(Node01)

 

1.基础配置

操作系统使用CentOS-6.4-x86_64-minimal.iso,安装过程省略,本文采用yum源安装。

 

(1).导入第三方安装源

 

[root@node01 ~]# rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

[root@node01 ~]# rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm

[root@node01 ~]# yum install http://repos.fedorapeople.org/repos/openstack/openstack-havana/rdo-release-havana-7.noarch.rpm

 

(2).配置/etc/hosts文件

[root@node01 ~]# vi /etc/hosts

 

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4

::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

192.168.10.21   openstack

192.168.10.22   node01

 

(3).配置网络

 

[root@node01 ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0 

DEVICE="eth0"

BOOTPROTO="static"

HWADDR="E4:1F:13:45:AB:C1"

ONBOOT="yes"

IPADDR=192.168.10.22

NETMASK=255.255.255.0

GATEWAY=192.168.10.1

TYPE="Ethernet"

[root@openstack ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth1

DEVICE="eth1"

BOOTPROTO="none"

HWADDR="E4:1F:13:45:AB:C3"

ONBOOT="yes"

TYPE="Ethernet"

 

(4).关闭selinux:

 

[root@node01 ~]# more /etc/selinux/config 

# This file controls the state of SELinux on the system.

# SELINUX= can take one of these three values:

#       enforcing - SELinux security policy is enforced.

#       permissive - SELinux prints warnings instead of enforcing.

#       disabled - SELinux is fully disabled.

SELINUX=disabled

# SELINUXTYPE= type of policy in use. Possible values are:

#       targeted - Only targeted network daemons are protected.

#       strict - Full SELinux protection.

SELINUXTYPE=targeted

[root@node01 ~]# setenforce 0

 

(5).修改/etc/sysctl.conf参数:

[root@node01 ~]# vi /etc/sysctl.conf

……………………

net.ipv4.ip_forward = 1

……………………
[root@node01 ~]#sysctl -p                    #使sysctl.conf配置生效

 

 

 

2.安装配置NTP客户端

(1).安装NTP客户端服务:

[root@node01 ~]# yum -y install ntpdate

 

(2).设置时间同步:

[root@node01 ~]# ntpdate 192.168.10.21

31 Mar 16:17:03 ntpdate[5848]: the NTP socket is in use, exiting

 

(3).设置计划任务:

[root@node01 ~]# crontab -e

插入下行内容:

*/5 * * * * ntpdate 192.168.10.21 >> /var/log/ntpdate.log

 

3.设置环境变量

 

修改.bash_profile文件,添加以下参数:

[root@node01 ~]# vi .bash_profile

 

………………

export OS_USERNAME=admin

export OS_TENANT_NAME=admin

export OS_PASSWORD=password

export OS_AUTH_URL=http://192.168.10.21:5000/v2.0

export SERVICE_ENDPOINT=http://192.168.10.21:35357/v2.0

export SERVICE_TOKEN=12dd70ede7c9d9d3ed3c

………………

执行下面的命令使变量即时生效:

[root@node01 ~]# source .bash_profile

 


4.安装配置libvirt服务

(1).安装libvirt服务:

[root@node01 ~]# yum -y install qemu-kvm libvirt

 

 

(2)启动libvirt服务:

[root@node01 ~]# service libvirtd start

 

(3)查看net-list,发现default:

[root@node01 ~]# virsh net-list

Name                 State      Autostart     Persistent

--------------------------------------------------

default              active     yes           yes

 

(4)删除default,即virbr0:

[root@node01 ~]# virsh net-destroy default

Network default destroyed

[root@node01 ~]# virsh net-undefine default

Network default has been undefined

 

(5)重启libvirtd服务,设置开机自启动:

[root@node01 ~]# service libvirtd restart

[root@node01 ~]# chkconfig libvirtd on

 

5.安装MySQL客户端

 

(1).安装mysql客户端

[root@node01 ~]# yum -y install mysql

 

(2).检查mysql数据库连通性

 

[root@node01 ~]# mysql -h 192.168.10.21 -unova -pnova

Welcome to the MySQL monitor.  ………………

mysql> quit;

Bye

 

6.安装配置Nova服务

 

(1)安装nova-compute、nova-network、nova-scheduler

[root@node01 ~]# yum -y install openstack-nova-compute openstack-nova-network openstack-nova-scheduler

 

(2).修改nova配置文件

[root@node01 ~]# vi /etc/nova/nova.conf

 

[DEFAULT]

my_ip = 192.168.10.22

auth_strategy = keystone

state_path = /letv/openstack/lib/nova

verbose=True

allow_resize_to_same_host = true

rpc_backend = nova.openstack.common.rpc.impl_qpid

qpid_hostname = 192.168.10.21

libvirt_type = kvm

glance_api_servers = 192.168.10.21:9292

novncproxy_base_url = http://192.168.10.21:6080/vnc_auto.html

vncserver_listen = 192.168.10.22

vncserver_proxyclient_address = 192.168.10.22

vnc_enabled = true

vnc_keymap = en-us

network_manager = nova.network.manager.FlatDHCPManager

firewall_driver = nova.virt.firewall.NoopFirewallDriver

multi_host = True

flat_interface = eth1

flat_network_bridge = br1

public_interface = eth0

instance_usage_audit = True

instance_usage_audit_period = hour

notify_on_state_change = vm_and_task_state

notification_driver = nova.openstack.common.notifier.rpc_notifier

compute_scheduler_driver=nova.scheduler.simple.SimpleScheduler

[hyperv]

[zookeeper]

[osapi_v3]

[conductor]

[keymgr]

[cells]

[database]

sql_connection=mysql://nova:nova@192.168.10.21/nova

[image_file_url]

[baremetal]

[rpc_notifier2]

[matchmaker_redis]

[ssl]

[trusted_computing]

[upgrade_levels]

[matchmaker_ring]

[vmware]

[spice]

[keystone_authtoken]

auth_host = 192.168.10.21

auth_port = 35357

auth_protocol = http

admin_user = nova

admin_tenant_name = service

admin_password = service

 

因上管理节点nova.conf配置文件中修改了instances实例存放的位置,还需要作一下操作:

修改路径,设置目录权限:

[root@node01 ~]# cp -r /var/lib/nova/ /openstack/lib/

[root@node01 ~]# chown -R nova:nova /openstack/lib/nova/

 

(3).启动nova相关服务,设置开机自启动

[root@node01 ~]# service messagebus start

[root@node01 ~]# chkconfig messagebus on

[root@node01 ~]# service openstack-nova-compute start

[root@node01 ~]# service openstack-nova-network start

[root@node01 ~]# chkconfig openstack-nova-compute on

[root@node01 ~]# chkconfig openstack-nova-network on

*******************************************************************************************

OpenStack其他常用命令:

 

1.list nova服务,包含管理节点和计算节点

[root@openstack ~]# nova service-list

+------------------+-------------+----------+---------+-------+----------------------------+-----------------+

| Binary           | Host        | Zone     | Status  | State | Updated_at                 | Disabled Reason |

+------------------+-------------+----------+---------+-------+----------------------------+-----------------+

| nova-cert        | openstack   | internal | enabled | up    | 2014-03-31T08:59:50.000000 | -               |

| nova-consoleauth | openstack   | internal | enabled | up    | 2014-03-31T08:59:54.000000 | -               |

| nova-scheduler   | openstack   | internal | enabled | up    | 2014-03-31T08:59:48.000000 | -               |

| nova-conductor   | openstack   | internal | enabled | up    | 2014-03-31T08:59:52.000000 | -               |

| nova-compute     | openstack   | nova     | enabled | up    | 2014-03-31T08:59:56.000000 | -               |

| nova-compute     | node01      | nova     | enabled | up    | 2014-03-31T08:59:53.000000 | -               |

| nova-network     | openstack   | internal | enabled | up    | 2014-03-31T08:59:50.000000 | -               |

| nova-network     | node01      | internal | enabled | up    | 2014-03-31T08:59:56.000000 | -               |

| nova-scheduler   | node01      | internal | enabled | up    | 2014-03-31T08:59:52.000000 | -               |

 

2.查看计算节点:

[root@node01 ~]# nova hypervisor-list

+----+---------------------+

| ID | Hypervisor hostname |

+----+---------------------+

| 1  | openstack           |

| 2  | node01              |

+----+---------------------+

 

3.查看虚拟机模板配置:

[root@node01 ~]# nova flavor-list

+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+

| ID | Name      | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |

+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+

| 1  | m1.tiny   | 512       | 1    | 0         |      | 1     | 1.0         | True      |

| 2  | m1.small  | 2048      | 20   | 0         |      | 1     | 1.0         | True      |

| 3  | m1.medium | 4096      | 40   | 0         |      | 2     | 1.0         | True      |

| 4  | m1.large  | 8192      | 80   | 0         |      | 4     | 1.0         | True      |

| 5  | m1.xlarge | 16384     | 160  | 0         |      | 8     | 1.0         | True      |

+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+

 

 

 

你可能感兴趣的:(openstack)