注:本篇文章根据openstack官网进行编写,编写不易。有兴趣的可以直接去官网进行搭建
#本次测试为双网卡(都为net模式)和双节点部署,根据自己实际情况进行更改
controller
eth33 192.168.200.10
eth34 none
compute
eth33 192.168.200.20
eth34 none
| 主机名 | ip地址 | 系统版本 |
|---|---|---|
| controller | 192.168.200.10 | centos7.5.1804 |
| compute | 192.168.200.20 | centos7.5.1804 |
配置网卡后 [root@controller ~]# cat /etc/hosts 192.168.200.10 controller 192.168.200.20 compute scp /etc/hosts 192.168.200.20:/etc/hosts03-关闭防火墙和selinux(控制,计算)
##########controller############# [root@controller ~]# systemctl stop firewalld [root@controller ~]# systemctl disable firewalld [root@controller ~]# vim /etc/sysconfig/selinux SELINUX=disabled [root@controller ~]# setenforce 0 ---------------------------------------------------------------- ##########compute################### [root@compute ~]# systemctl stop firewalld [root@compute ~]# systemctl disable firewalld [root@compute ~]# vim /etc/sysconfig/selinux #重启生效 SELINUX=disabled [root@compute ~]# setenforce 0 #可以直接生效Permissive04-准备yum源(控制,计算)
rm -rf /etc/yum.repos.d/* ------------------上外网的情况------------------------- curl http://mirrors.163.com/.help/CentOS7-base-163.repo >> /etc/yum.repos.d/centos.repo yum repolist #验证 ####修改yum配置文件 来获取缓存rpm包,第一次做就需要用到,来实现【第十三、扩展】的用法 vim /etc/yum.conf keepcache=1 -------------------内网------------------------------------ 将openstack-trian.tar.gz包上传到/opt/目录,解压 vi /etc/yum.repos.d/openstack.repo [openstack] name=openstack baseurl=file:///opt/openstack-train/ gpgcheck=0 enabled=1二、安装chrony服务 01-控制节点准备
yum install -y chrony vim /etc/chrony.conf #添加以下 server controller iburst #配置ntp服务器 allow 192.168.200.0/16 #允许200网段的进行时间同步 systemctl restart chronyd systemctl enable chronyd #验证 chronyc sources02-计算节点准备
yum install -y chrony vim /etc/chrony.conf #添加以下 server controller iburst systemctl restart chronyd systemctl enable chronyd #验证 chronyc sources三、安装openstack客户端
#############控制,计算节点###################
yum install centos-release-openstack-train -y
#更新所有包
yum upgrade -y
#安装必要命令
yum install -y lsof net-tools vim wget
yum install python-openstackclient openstack-selinux openstack-utils -y
centos-release-openstack-train 保证安装更新openstack版本为最新版本t版
python-openstackclient openstack的python客户端
因为openstack中的API大多数是python编写的,并且连接数据库,也需要python
openstack-selinux openstack核心安全防护
openstack-utils openstack其它util工具
四、部署数据库服务
################controller############3
yum install mariadb mariadb-server python2-PyMySQL -y
vi /etc/my.cnf.d/openstack.cnf [mysqld] bind-address = 192.168.200.10 #绑定ip地址,跟随自己实际情况 default-storage-engine = innodb #将默认引擎改为innodb,来支持高级数据库功能 innodb_file_per_table = on #修改InnoDB为独立表空间模式 max_connections = 4096 #最大连接数 collation-server = utf8_general_ci # character-set-server = utf8 #03-启动并且开机自启
systemctl enable mariadb && systemctl start mariadb
mysql_secure_installation #运行命令 Enter current password for root (enter for none): #直接回车 Set root password? [Y/n] y #设置密码 New password: #设置密码000000 Re-enter new password: #再次设置密码 Remove anonymous users? [Y/n] y #是否删除匿名用户 Disallow root login remotely? [Y/n] n #不允许远程登录 Remove test database and access to it? [Y/n] y #删除测试数据库并访问 Reload privilege tables now? [Y/n] y #是否重新加载特权表五、部署消息队列
#################controller#############
yum install rabbitmq-server -y
systemctl enable rabbitmq-server && systemctl start rabbitmq-server #端口5672
rabbitmqctl add_user openstack 000000 #密码为000000
rabbitmqctl set_permissions -p / openstack '.*' '.*' '.*' #配置,读,写权限
rabbitmqctl set_user_tags openstack administrator #赋予管理员角色
rabbitmq-plugins enable rabbitmq_management #启动web管理界面
netstat -nltp | grep 5672 #5672是默认端口,25672是测试工具cli端口
[http://192.168.200.10:15672](http://192.168.1.92:15672) #用户与密码为guest
####################controller##################
yum install memcached python-memcached -y
vim /etc/sysconfig/memcached
OPTIONS="-l 127.0.0.1,::1,controller"
systemctl enable memcached && systemctl start memcached
####################controller#############
yum install etcd -y
vim /etc/etcd/etcd.conf #[Member] ETCD_DATA_DIR="/var/lib/etcd/default.etcd" ETCD_LISTEN_PEER_URLS="http://192.168.200.10:2380" #将localhost改成自己的ip ETCD_LISTEN_CLIENT_URLS="http://192.168.200.10:2379" ETCD_NAME="controller" #[Clustering] ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.200.10:2380" ETCD_ADVERTISE_CLIENT_URLS="http://192.168.200.10:2379" ETCD_INITIAL_CLUSTER="controller=http://192.168.200.10:2380" #将default改为上面的ETCD_NAME ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01" ETCD_INITIAL_CLUSTER_STATE="new" #可以使用:%s/localhost/192.168.200.10/g 实现转换03-设置开机自启并启动
systemctl enable etcd && systemctl start etcd
#######################controller#############
MariaDB [(none)]> CREATE DATAbase keystone; MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '000000'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '000000'; MariaDB [(none)]> flush privileges;02-安装keystone服务
yum install openstack-keystone httpd mod_wsgi -y
cp /etc/keystone/keystone.conf /etc/keystone/keystone.conf.bak #备份 grep -Ev ^'(#|$)' /etc/keystone/keystone.conf.bak > /etc/keystone/keystone.conf 去除#和空行 vim /etc/keystone/keystone.conf [database] #数据库连接 connection = mysql+pymysql://keystone:000000@controller/keystone [token] provider = fernet04-同步导入数据库
su -s /bin/sh -c "keystone-manage db_sync" keystone
#验证是否同步:
mysql -uroot -p000000 -e “use keystone;show tables;”
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
#admin_pass 设置为000000 keystone-manage bootstrap --bootstrap-password 000000 --bootstrap-admin-url http://controller:5000/v3/ --bootstrap-internal-url http://controller:5000/v3/ --bootstrap-public-url http://controller:5000/v3/ --bootstrap-region-id RegionOne07-配置apache服务
vim /etc/httpd/conf/httpd.conf
ServerName controller
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
systemctl enable httpd && systemctl start httpd
export OS_USERNAME=admin export OS_PASSWORD=000000 export OS_PROJECT_NAME=admin export OS_USER_DOMAIN_NAME=Default export OS_PROJECT_DOMAIN_NAME=Default export OS_AUTH_URL=http://controller:5000/v3 export OS_IDENTITY_API_VERSION=311-创建相关域,项目,用户和角色
#创建demo域,不创建也行,默认存在default域,admin项目和admin用户和角色 <<<<看清楚,不需要创建
openstack domain create --description "An Example Domain" demo
#创建admin项目
openstack project create --domain demo --description "Admin Project" admin
#创建admin用户
openstack user create --domain demo --password 000000 admin
#创建admin角色
openstack role create admin
#将admin用户和角色添加到admin项目
openstack role add --project admin --user admin admin
=
默认存在 以上不需要创建admin项目和其他
===
#创建service项目,供nova,glance等组件使用
openstack project create --domain default --description "Service Project" service
#创建demo项目
openstack project create --domain default --description "Demo Project" demo
#创建demo用户
openstack user create --domain default --password-prompt demo #密码为000000
#创建user角色
openstack role create user
#将demo用户和角色添加到demo项目
openstack role add --project demo --user demo user
1)解除环境变量
unset OS_AUTH_URL OS_PASSWORD
2)创建admin用户的环境变量脚本
vim admin-openrc export OS_PROJECT_DOMAIN_NAME=Default export OS_USER_DOMAIN_NAME=Default export OS_PROJECT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD=000000 export OS_AUTH_URL=http://controller:5000/v3 export OS_IDENTITY_API_VERSION=3 export OS_IMAGE_API_VERSION=2
3)创建demo用户的环境变量脚本
vim demo-openrc export OS_PROJECT_DOMAIN_NAME=default export OS_USER_DOMAIN_NAME=default export OS_PROJECT_NAME=demo export OS_USERNAME=demo export OS_PASSWORD=000000 export OS_AUTH_URL=http://controller:5000/v3 export OS_IDENTITY_API_VERSION=3 export OS_IMAGE_API_VERSION=2
4)验证
#验证admin source admin-openrc openstack token issue #获取token #验证demo source demo-openrc openstack token issue九、部署glance服务 01-创建数据库
mysql -u root -p000000 MariaDB [(none)]> CREATE DATAbase glance; MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '000000'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '000000'; MariaDB [(none)]> flush privileges;02-创建glance服务的keystone的认证
#生效环境变量 source admin-openrc #创建glance用户 openstack user create --domain default --password 000000 glance #将glance用户和角色添加到service项目 openstack role add --project service --user glance admin03-创建glance服务和api端口
#创建glance服务 openstack service create --name glance --description "OpenStack Image" image #公共端点 openstack endpoint create --region RegionOne image public http://controller:9292 #私有端点 openstack endpoint create --region RegionOne image internal http://controller:9292 #admin管理端点 openstack endpoint create --region RegionOne image admin http://controller:929204-安装glance服务并配置
#安装glance服务 yum install openstack-glance -y #备份并且将开头#和空行去掉 cp /etc/glance/glance-api.conf /etc/glance/glance-api.conf.bak grep -Ev ^'(#|$)' /etc/glance/glance-api.conf.bak >/etc/glance/glance-api.conf #修改配置文件 #/etc/glance/glance-api.conf [database] connection = mysql+pymysql://glance:000000@controller/glance [keystone_authtoken] auth_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = glance password = 000000 [paste_deploy] flavor = keystone [glance_store] stores = file,http #支持存储方式 default_store = file #默认使用存储方式 filesystem_store_datadir = /var/lib/glance/images/ #备份并且将开头#和空行去掉 cp /etc/glance/glance-registry.conf /etc/glance/glance-registry.conf.bak grep -Ev ^'(#|$)' /etc/glance/glance-registry.conf.bak >/etc/glance/glance-registry.conf #修改配置文件 #/etc/glance/glance-registry.conf [database] connection = mysql+pymysql://glance:000000@controller/glance [keystone_authtoken] auth_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = glance password = 000000 [paste_deploy] flavor = keystone05-同步数据库并启动服务
#同步数据库 su -s /bin/sh -c "glance-manage db_sync" glance #启动glance服务并设置开机自启 systemctl enable openstack-glance-api.service openstack-glance-registry.service systemctl start openstack-glance-api.service openstack-glance-registry.service06-验证
#下载测试镜像或者本地上传 wget http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img #上传到glance openstack image create "cirros" --file cirros-0.4.0-x86_64-disk.img --disk-format qcow2 --container-format bare --public #查看镜像 openstack image list十、部署nova服务
###########################controller#########################
mysql -uroot -p000000 CREATE DATAbase nova_api; CREATE DATAbase nova; CREATE DATAbase nova_cell0; GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY '000000'; GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY '000000'; GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '000000'; GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '000000'; GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY '000000'; GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY '000000'; CREATE DATAbase placement; GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' IDENTIFIED BY '000000'; GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' IDENTIFIED BY '000000'; flush privileges;02-创建nova服务的keystone认证
#生效环境变量 source admin-openrc #创建nova用户 openstack user create --domain default --password 000000 nova #将nova用户和角色添加到项目 openstack role add --project service --user nova admin03-创建nova服务和api端口
#创建nova服务 openstack service create --name nova --description "OpenStack Compute" compute #公共端点 openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1 #私有端点 openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1 #admin管理端点 openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.104-创建placement服务的keystone认证
#创建placement用户 openstack user create --domain default --password 000000 placement #将palcement用户和角色添加到项目 openstack role add --project service --user placement admin05-创建placement服务和api端口
#创建placement服务 openstack service create --name placement --description "Placement API" placement #公共端点 openstack endpoint create --region RegionOne placement public http://controller:8778 #私有端点 openstack endpoint create --region RegionOne placement internal http://controller:8778 #admin管理端点 openstack endpoint create --region RegionOne placement admin http://controller:877806-安装nova、placement服务并配置
#安装nova服务和palcement服务 yum install openstack-nova-api openstack-nova-conductor openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler openstack-placement-api #备份并将#和空行去掉 cp /etc/nova/nova.conf /etc/nova/nova.conf.bak grep -Ev ^'(#|$)' /etc/nova/nova.conf.bak >/etc/nova/nova.conf #配置nova服务 1)/etc/nova/nova.conf [DEFAULT] enabled_apis = osapi_compute,metadata transport_url = rabbit://openstack:000000@controller my_ip = 192.168.200.10 use_neutron = True firewall_driver = nova.virt.firewall.NoopFirewallDriver [database] connection = mysql+pymysql://nova:000000@controller/nova [api] auth_strategy = keystone [api_database] connection = mysql+pymysql://nova:000000@controller/nova_api [keystone_authtoken] auth_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = nova password = 000000 [vnc] enabled = true server_listen = 192.168.200.10 server_proxyclient_address = 192.168.200.10 [glance] api_servers = http://controller:9292 [oslo_concurrency] lock_path = /var/lib/nova/tmp [placement] region_name = RegionOne project_domain_name = default project_name = service auth_type = password user_domain_name = default auth_url = http://controller:5000/v3 username = placement password = 000000 #备份并去除#和空行 cp /etc/placement/placement.conf /etc/placement/placement.conf.bak grep -Ev '^$|#' /etc/placement/placement.conf.bak > /etc/placement/placement.conf #配置文件 vi /etc/placement/placement.conf [api] auth_strategy = keystone [keystone_authtoken] auth_url = http://controller:5000/v3 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = placement password = 000000 [placement_database] connection = mysql+pymysql://placement:000000@controller/placement #因为软件包的bug,要修改配置文件添加以下内容 vim /etc/httpd/conf.d/00-placement-api.conf07-同步数据库并启动服务#重启httpd服务 systemctl restart httpd = 2.4> Require all granted Order allow,deny Allow from all
#同步初始化noa-api数据库 su -s /bin/sh -c "nova-manage api_db sync" nova #初始化填充cell0数据库 su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova #创建cell1 su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova #初始化nova数据库 su -s /bin/sh -c "nova-manage db sync" nova #同步placement数据库 su -s /bin/sh -c "placement-manage db sync" placement #/usr/lib/python2.7/site-packages/pymysql/cursors.py:170: Warning: (1280, u"Name 'alembic_version_pkc' ignored for PRIMARY key.") result = self._query(query) #以上为正常现象 #验证是否注册成功 nova-manage cell_v2 list_cells #启动nova服务并设置开机自启 systemctl enable openstack-nova-api.service openstack-nova-console.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service systemctl start openstack-nova-api.service openstack-nova-console.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
08-安装nova计算服务并配置(计算节点)
#安装nova计算服务 yum install openstack-nova-compute -y #备份并将#和空行去掉 cp /etc/nova/nova.conf /etc/nova/nova.conf.bak grep -Ev ^'(#|$)' /etc/nova/nova.conf.bak > /etc/nova/nova.conf #修改配置文件 /etc/nova/nova.conf [DEFAULT] enabled_apis = osapi_compute,metadata transport_url = rabbit://openstack:000000@controller my_ip = 192.168.200.20 use_neutron = True firewall_driver = nova.virt.firewall.NoopFirewallDriver [api] auth_strategy = keystone [keystone_authtoken] auth_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = nova password = 000000 [vnc] enabled = True server_listen = 0.0.0.0 server_proxyclient_address = $my_ip novncproxy_base_url = http://controller:6080/vnc_auto.html [glance] api_servers = http://controller:9292 [oslo_concurrency] lock_path = /var/lib/nova/tmp [placement] os_region_name = RegionOne project_domain_name = default project_name = service auth_type = password user_domain_name = default auth_url = http://controller:5000/v3 #端口一定要与之对应 username = placement password = 00000009-检查是否支持虚拟化
#判断计算节点是否支持虚拟机的硬件加速 virt_num=`egrep -c '(vmx|svm)' /proc/cpuinfo` if [ $virt_num = '0' ];then 如果不是 crudini --set /etc/nova/nova.conf libvirt virt_type qemu 更改virt的类型为qemu fi10-启动服务并加入计算节点
#启动服务并设置开机自启 systemctl enable libvirtd.service openstack-nova-compute.service systemctl restart libvirtd.service openstack-nova-compute.service #连接控制节点 ssh controller source admin-openrc #列出计算节点服务 openstack compute service list --service nova-compute #验证 su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova #退出连接 exit11-验证
#在控制节点查看状态 openstack compute service list #列出认证服务的端口 openstack catalog list #列出镜像信息 openstack image list #确认cells和placement的api成功运行 nova-status upgrade check #报错十一、部署neutron服务
################################controller#######################
===============================================================
mysql -uroot -p000000 CREATE DATAbase neutron; GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '000000'; GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '000000'; flush privileges;02-创建neutron服务的keystone认证
#生效环境变量 source admin-openrc #创建neutron用户 openstack user create --domain default --password 000000 neutron #将neutron用户和角色添加到服务 openstack role add --project service --user neutron admin03-创建neutron服务和api端口
#创建neutron服务 openstack service create --name neutron --description "OpenStack Networking" network #公共端点 openstack endpoint create --region RegionOne network public http://controller:9696 #私有端点 openstack endpoint create --region RegionOne network internal http://controller:9696 #admin管理端点 openstack endpoint create --region RegionOne network admin http://controller:969604-安装neutron服务并配置
#安装neutron服务 选择L3代理 yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y #配置第二张网卡 vim /etc/sysconfig/network-scripts/ifcfg-ens34 #只保留这四行 DEVICE=ens34 TYPE=Ethernet ONBOOT="yes" BOOTPROTO="none" systemctl restart network #备份并将#和空行去掉 cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak grep -Ev ^'(#|$)' /etc/neutron/neutron.conf.bak >/etc/neutron/neutron.conf #修改配置文件 vim /etc/neutron/neutron.conf [database] connection = mysql+pymysql://neutron:000000@controller/neutron [DEFAULT] core_plugin = ml2 service_plugins = router allow_overlapping_ips = true transport_url = rabbit://openstack:000000@controller auth_strategy = keystone notify_nova_on_port_status_changes = true notify_nova_on_port_data_changes = true [keystone_authtoken] auth_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = neutron password = 000000 [nova] auth_url = http://controller:5000 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = nova password = 000000 [oslo_concurrency] lock_path = /var/lib/neutron/tmp #备份并将#和空行删除 cp /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.bak grep -Ev ^'(#|$)' /etc/neutron/plugins/ml2/ml2_conf.ini.bak > /etc/neutron/plugins/ml2/ml2_conf.ini #修改配置文件配置二层插件 vim /etc/neutron/plugins/ml2/ml2_conf.ini [ml2] type_drivers = flat,vlan,vxlan tenant_network_types = vxlan mechanism_drivers = linuxbridge,l2population extension_drivers = port_security [ml2_type_flat] flat_networks = provider [ml2_type_vxlan] vni_ranges = 1:1000 [securitygroup] enable_ipset = true #备份并将#和空行删除 cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak grep -Ev ^'(#|$)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak > /etc/neutron/plugins/ml2/linuxbridge_agent.ini #修改配置文件配置linux bridge插件 vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini [linux_bridge] physical_interface_mappings = provider:ens34 #第二张网卡名字 [vxlan] enable_vxlan = true local_ip = 192.168.200.10 l2_population = true [securitygroup] enable_security_group = true firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver #备份并将#和空行删除 cp /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini.bak grep -Ev ^'(#|$)' /etc/neutron/l3_agent.ini.bak >/etc/neutron/l3_agent.ini #修改配置文件配置三层插件 vim /etc/neutron/l3_agent.ini [DEFAULT] interface_driver = linuxbridge cp /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.bak grep -Ev ^'(#|$)' /etc/neutron/dhcp_agent.ini.bak > /etc/neutron/dhcp_agent.ini #修改配置文件配置dhcp插件 vim /etc/neutron/dhcp_agent.ini [DEFAULT] interface_driver = linuxbridge dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq enable_isolated_metadata = true cp /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini.bak grep -Ev ^'(#|$)' /etc/neutron/metadata_agent.ini.bak > /etc/neutron/metadata_agent.ini #修改配置文件配置metadata插件 vim /etc/neutron/metadata_agent.ini [DEFAULT] nova_metadata_host = controller metadata_proxy_shared_secret = 000000 #修改nova配置文件来使用网络服务 vim /etc/nova/nova.conf [neutron] auth_url = http://controller:5000 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = 000000 service_metadata_proxy = true metadata_proxy_shared_secret = 000000 #创建软链接 ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini #重启nova服务 systemctl restart openstack-nova-api05-同步数据库并启动服务
#同步数据库 su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron #启动neutron服务并设置开机自启 systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service systemctl restart neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service06-安装neutron网络服务并配置(计算节点)
#安装neutron服务 yum install openstack-neutron-linuxbridge ebtables ipset -y #配置第二张网卡 vi /etc/sysconfig/network-scripts/ifcfg-ens34 #只保留这四行 DEVICE=ens34 TYPE=Ethernet ONBOOT="yes" BOOTPROTO="none" systemctl restart network #备份并将#和空行去掉 cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak grep -Ev ^'(#|$)' /etc/neutron/neutron.conf.bak >/etc/neutron/neutron.conf #修改配置文件 vi /etc/neutron/neutron.conf [DEFAULT] transport_url = rabbit://openstack:000000@controller auth_strategy = keystone [keystone_authtoken] auth_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = neutron password = 000000 [oslo_concurrency] lock_path = /var/lib/neutron/tmp #备份并将#和空行删除 cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak grep -Ev ^'(#|$)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak > /etc/neutron/plugins/ml2/linuxbridge_agent.ini #修改配置文件 vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini [linux_bridge] physical_interface_mappings = provider:ens34 #第二张网卡名字 [vxlan] enable_vxlan = true local_ip = 192.168.200.20 l2_population = true [securitygroup] enable_security_group = true firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver #修改nova配置文件来使用网络服务 vi /etc/nova/nova.conf [neutron] url = http://controller:9696 auth_url = http://controller:5000 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = 00000007-启动服务
#重启nova服务 systemctl restart openstack-nova-compute.service #启动服务并设置开机自启 systemctl start neutron-linuxbridge-agent.service systemctl enable neutron-linuxbridge-agent.service08-验证
#查看网络插件是否启动成功 openstack network agent list十二、部署horizon服务 01-安装服务并配置
#安装dashboard服务
yum install openstack-dashboard -y
#修改配置文件
vim /etc/openstack-dashboard/local_settings
……
OPENSTACK_HOST = "controller" ##配置界面在控制节点使用
……
ALLOWED_HOSTS = ['*'] ##允许所有主机访问
……
SESSION_ENGINE = 'django.contrib.sessions.backends.cache' ##配置memcached存储服务
……
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION': 'controller:11211',
},
}
……
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST ##启动v3的认证api
……
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True ##启用domain支持
……
OPENSTACK_API_VERSIONS = { ##配置api版本
"data-processing": 1.1,
"identity": 3,
"image": 2,
"volume": 2,
"compute": 2,
}
……
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'Default' ##配置Default为默认域
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user" ##配置user角色为默认角色
TIME_ZONE = "Asia/Shanghai" ##配置时区
#修改配置文件
/etc/httpd/conf.d/openstack-dashboard.conf
WSGIApplicationGroup %{GLOBAL}' #第四行添加
02-重启服务
#重启httpd服务和memcached服务 systemctl restart httpd.service memcached.service03-验证
#浏览器输入ip http://192.168.200.10/dashboard ============================================================================= #搭建openstack The requested URL /auth/login/ was not found on this server报错 vi /usr/share/openstack-dashboard/openstack_dashboard/local/local_settings.py WEBROOT = '/dashboard' ==============================================================================十三、扩展 01-将rpm包打包,可实现离线安装
###############控制节点################
yum -y install createrepo
mkdir -p /mnt/openstack/openstack_Train
cd /var/cache/yum/x86_64/7/
find ./* -name "*.rpm" -exec cp {} /mnt/openstack/openstack_Train/ ;
###############计算节点################
mkdir -p /mnt/openstack/openstack_Train_compute
cd /var/cache/yum/x86_64/7/
find ./* -name "*.rpm" -exec cp {} /mnt/openstack/openstack_Train_compute/ ;
scp /mnt/openstack/openstack_Train_compute/* 192.168.200.10:/mnt/openstack/openstack_Train_compute
#到控制节点上把所有的rpm包都放到一起
cd /mnt/
mv -f openstack_Train_compute/*.rpm openstack_Train/
#创建yum
cd /mnt/openstack/openstack_Train
createrepo ./
ls repodata/
#打包
tar -zcvf openstack-train.tar.gz openstack_Train/
#这样就可以将tar包保存到本地,供以后使用
1. 将tar包上传,解压到/mnt/
2. 配置yum.repo文件,配置yum到本地目录
3. 就可以使用不需要联网下载
