- 环境准备
- 换源
- 网络配置
- 静态IP
- 桥接
- 永久修改DNS
- 主机名
- 基础服务
- 时间服务
- OpenStack软件包
- 数据库
- 消息队列
- memcached
- etcd
- OpenStack
- Keystone
- Glance
- Placement
- Nova
- Cinder
- Neutron
- Horizon
很多文章都是devstack安装的allinone,我这里使用源码组件手动安装。 环境准备
Environment
这里需要先配置一些环境。
首先我这里是虚拟机安装的系统,可能设置的密码不是当前用户的root密码,反正就得重置一下
执行下面的命令,然后输入安装系统设置的密码,之后就可以了。
sudo passwd root
其实这里好像还需要关闭防火墙以及selinux,但是这系统直接没装,就省事了。
需要先换一个源,方便下载
换阿里源
gedit /etc/apt/sources.list
deb http://mirrors.aliyun.com/ubuntu/ focal main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ focal-security main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ focal-updates main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ focal-proposed main restricted universe multiverse deb http://mirrors.aliyun.com/ubuntu/ focal-backports main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ focal main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ focal-security main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ focal-updates main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ focal-proposed main restricted universe multiverse deb-src http://mirrors.aliyun.com/ubuntu/ focal-backports main restricted universe multiverse focal
然后更新一下元数据,如果用upgrade会直接升级对应的包
sudo apt-get update
首先得关闭NetworkManager,不然设置的静态IP不行,这个会和interfaces冲突,如果都存在默认使用前者管理网络。
NetworkManager好像在/etc/netplan/xxX里面配置。
systemctl stop NetworkManager systemctl disable NetworkManager
然后再配置一下ip转发
修改文件/etc/sysctl.conf
net.ipv4.ip_forward=1 //取消注释
执行sysctl -p保存
静态IP需要配置一下网络,改为桥接的方式,设置静态IP
interfaces使用的配置文件是/etc/network/interfaces,修改如下
auto lo iface lo inet loopback # The primary network interface auto ens33 iface ens33 inet static address 192.168.1.210 network 192.168.1.0 netmask 255.255.255.0 broadcast 192.168.1.255 gateway 192.168.1.1
然后在/etc/resolv.conf里面可以配置DNS,但是在这里配置好像是临时的,重启就失效了
nameserver 114.114.114.114
随后重启网络systemctl restart networking
现在就可以ping通百度了。
实际应用的时候,我发现好像桥接比较好,通过一个网桥来连接到物理网卡
一个简单的配置,manual表示设置一个空的,一般用于配置网桥,static表示静态IP
auto lo iface lo inet loopback # The primary network interface auto ens33 iface ens33 inet manual # inside bridge network port auto br-mgmt iface br-mgmt inet static address 192.168.1.210 #network 192.168.1.0 netmask 255.255.255.0 #broadcast 192.168.1.255 gateway 192.168.1.1 # set static route for LAN #post-up route add -net 10.0.0.0 netmask 255.0.0.0 gw 10.18.44.1 #post-up route add -net 161.26.0.0 netmask 255.255.0.0 gw 10.18.44.1 bridge_ports ens33 bridge_stp off bridge_fd 0
对于多个网桥的绑定好像也是可以的。
如果有多个网桥的话,最好只给这个外网的网桥配置一个网关,如果都配置可能会报错
auto lo iface lo inet loopback # The primary network interface auto ens33 iface ens33 inet manual # inside bridge network port auto br-ens33 iface br-ens33 inet static address 192.168.1.210 #network 192.168.1.0 netmask 255.255.255.0 #broadcast 192.168.1.255 gateway 192.168.1.1 # set static route for LAN #post-up route add -net 10.0.0.0 netmask 255.0.0.0 gw 10.18.44.1 #post-up route add -net 161.26.0.0 netmask 255.255.0.0 gw 10.18.44.1 bridge_ports ens33 bridge_stp off bridge_fd 1 auto br-mgmt iface br-mgmt inet static address 10.17.23.10 netmask 255.255.255.0 # set static route for LAN #post-up route add -net 10.0.0.0 netmask 255.0.0.0 gw 10.18.44.1 #post-up route add -net 161.26.0.0 netmask 255.255.0.0 gw 10.18.44.1 bridge_ports ens33 bridge_stp off bridge_fd 1
完事以后直接重启网络服务可能会报错?反正我这给他重启主机了
永久修改DNS修改文件/etc/systemd/resolvd.conf
取消里面DNS的注释,填写相应的就可以了
修改host文件
/etc/hosts以及/etc/hostname文件
我忘了怎么生效了,直接重启reboot吧
Network Time Protocol (NTP)
安装chrony
apt install chrony
修改文件/etc/chrony/chrony.conf,添加时钟服务器。如果是控制节点,需要让其他节点可以访问到,使用子网
#注释掉几个pool server controller iburst allow 10.0.0.0/8 local stratum 10 #下面是配置文件全内容 file:/etc/chrony/chrony.conf # Welcome to the chrony configuration file. See chrony.conf(5) for more # information about usuable directives. # This will use (up to): # - 4 sources from ntp.ubuntu.com which some are ipv6 enabled # - 2 sources from 2.ubuntu.pool.ntp.org which is ipv6 enabled as well # - 1 source from [01].ubuntu.pool.ntp.org each (ipv4 only atm) # This means by default, up to 6 dual-stack and up to 2 additional IPv4-only # sources will be used. # At the same time it retains some protection against one of the entries being # down (compare to just using one of the lines). See (LP: #1754358) for the # discussion. # # About using servers from the NTP Pool Project in general see (LP: #104525). # Approved by Ubuntu Technical Board on 2011-02-08. # See http://www.pool.ntp.org/join.html for more information. #pool ntp.ubuntu.com iburst maxsources 4 #pool 0.ubuntu.pool.ntp.org iburst maxsources 1 #pool 1.ubuntu.pool.ntp.org iburst maxsources 1 #pool 2.ubuntu.pool.ntp.org iburst maxsources 2 server controller allow 0.0.0.0/0 # This directive specify the location of the file containing ID/key pairs for # NTP authentication. keyfile /etc/chrony/chrony.keys # This directive specify the file into which chronyd will store the rate # information. driftfile /var/lib/chrony/chrony.drift # Uncomment the following line to turn logging on. #log tracking measurements statistics # Log files location. logdir /var/log/chrony # Stop bad estimates upsetting machine clock. maxupdateskew 100.0 # This directive enables kernel synchronisation (every 11 minutes) of the # real-time clock. Note that it can’t be used along with the 'rtcfile' directive. rtcsync # Step the system clock instead of slewing it if the adjustment is larger than # one second, but only in the first three clock updates. makestep 1 3 local stratum 10
重启服务
service chrony restart
可以通过chronyc sources验证是否配置好。
如果是^*说明配置好了,如果是?说明没有连接服务器
210 Number of sources = 1 .-- Source mode '^' = server, '=' = peer, '#' = local clock. / .- Source state '*' = current synced, '+' = combined , '-' = not combined, | / '?' = unreachable, 'x' = time may be in error, '~' = time too variable. || .- xxxx [ yyyy ] +/- zzzz || Reachability register (octal) -. | xxxx = adjusted offset, || Log2(Polling interval) --. | | yyyy = measured offset, || | | zzzz = estimated error. || | | MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^* controller 10 6 77 209 +49ns[+1267ns] +/- 2958ns
也可以通过timedatectl验证,如果成功同步了,System clock synchronized会变成yes,否则是no
root@controller:/home/kang# timedatectl
Local time: Thu 2022-04-21 16:09:45 +08
Universal time: Thu 2022-04-21 08:09:45 UTC
RTC time: Thu 2022-04-21 08:09:45
Time zone: Asia/Ulaanbaatar (+08, +0800)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
OpenStack软件包
OpenStack packages for Ubuntu
可以选择相应的版本进行安装。
这里使用yoga版本
add-apt-repository cloud-archive:yoga
这里安装一下客户端
apt install python3-openstackclient
SQL database for Ubuntu
安装数据库
apt install mariadb-server python3-pymysql
然后需要创建配置文件/etc/mysql/mariadb.conf.d/99-openstack.cnf
filename:/etc/mysql/mariadb.conf.d/99-openstack.cnf [mysqld] bind-address = 10.17.23.10 default-storage-engine = innodb innodb_file_per_table = on max_connections = 4096 collation-server = utf8_general_ci character-set-server = utf8
重启数据库
service mysql restart
随后配置一下密码,mysql_secure_installation
Message queue for Ubuntu
先安装消息队列
apt install rabbitmq-server
配置一下,创建openstack用户
rabbitmqctl add_user openstack openstack rabbitmqctl set_permissions openstack ".*" ".*" ".*"memcached
Memcached for Ubuntu
安装
apt install memcached python3-memcache -y
配置一下/etc/memcached.conf,搜索127.0.0.1替换为controller ip。
sed -i ‘s/127.0.0.1/10.17.23.10/g’ /etc/memcached.conf
然后重启service memcached restart
Etcd for Ubuntu
直接安装,apt install etcd -y
修改配置文件/etc/default/etcd,修改为自己控制节点的管理IP
ETCD_NAME="controller" ETCD_DATA_DIR="/var/lib/etcd" ETCD_INITIAL_CLUSTER_STATE="new" ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01" ETCD_INITIAL_CLUSTER="controller=http://10.17.23.10:2380" ETCD_INITIAL_ADVERTISE_PEER_URLS="http://10.17.23.10:2380" ETCD_ADVERTISE_CLIENT_URLS="http://10.17.23.10:2379" ETCD_LISTEN_PEER_URLS="http://0.0.0.0:2380" ETCD_LISTEN_CLIENT_URLS="http://10.17.23.10:2379"
可以自动化修改,这里要保证运行的路径就是这个脚本路径,不然会找不到文件
cp etcd /etc/default/etcd sed -i "s/127.0.0.1/$controller_ip/g" /etc/default/etcd
启动服务
systemctl enable etcd systemctl restart etcdOpenStack
OpenStack Yoga Installation Guides
然后开始组件安装
Keystone Installation Tutorial for Ubuntu
创建数据库
CREATE DATABASE keystone; GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'openstack'; GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'openstack';
安装keystone组件
apt install keystone
顺便下载一个配置工具,方便修改配置文件openstack-utils。但是ubuntu搜不到,这个好像是centos里面的,然后搜了一下发现ubuntu里面叫crudini,这两个其实是一样的,是同一个人使用python开发的。
OpenStack配置文件的快速修改方法
那就安装一下
apt install curdini
修改配置文件/etc/keystone/keystone.conf
crudini --set /etc/keystone/keystone.conf database connection "mysql+pymysql://keystone:${password}@controller/keystone"
crudini --set /etc/keystone/keystone.conf token provider fernet
填充数据库
su -s /bin/sh -c "keystone-manage db_sync" keystone
初始化令牌仓库
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
创建管理员用户
keystone-manage bootstrap --bootstrap-password admin --bootstrap-admin-url http://controller:5000/v3/ --bootstrap-internal-url http://controller:5000/v3/ --bootstrap-public-url http://controller:5000/v3/ --bootstrap-region-id RegionOne
然后配置一下阿帕奇,添加一个ServerName
filename:/etc/apache2/apache2.conf ServerName controller
重启apache
service apache2 restart
