>/etc/hosts#hostnamectlset-hostname--staticcontrollerntp时间同步#ln-" />
OpenStack Stein 手工安装详解 | 您所在的位置:网站首页 › 安装systemctl › OpenStack Stein 手工安装详解 |
![]() 0. Prepare 添加hosts(本处为单节点) # echo "114.118.28.118 controller" >>/etc/hosts # hostnamectl set-hostname --static controller ntp时间同步 # ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime # yum install -y chrony # systemctl start chronyd # systemctl enable chronyd 安装openstack对应版本的yum源 # yum install -y yum-utils centos-release-openstack-stein # sed -i "s/mirror.centos.org/mirrors.163.com/g" /etc/yum.repos.d/*.repo # yum makecache fast # yum install -y openstack-utils python2-openstackclient 系统优化 # systemctl stop firewalld && systemctl disable firewalld # systemctl start iptables && systemctl enable iptables # systemctl disable NetworkManager && systemctl stop NetworkManager # iptables -F && service iptables save # 关闭selinux # sed -i "s/^SELINUX=enforcing$/SELINUX=disabled/g" /etc/selinux/config # 设置文件句柄 # sed -i "s/^#DefaultLimitNPROC=$/DefaultLimitNPROC=102400/g" /etc/systemd/system.conf # sed -i "s/^#DefaultLimitNOFILE=$/DefaultLimitNOFILE=102400/g" /etc/systemd/system.conf # sed -i "s/4096/102400/g" /etc/security/limits.d/20-nproc.conf # echo "* soft nofile 102400">>/etc/security/limits.conf # echo "* hard nofile 102400" >>/etc/security/limits.conf # echo "* soft nproc 102400" >>/etc/security/limits.conf # echo "* hard nproc 102400" >>/etc/security/limits.conf 1. MariaDB 安装软件包 # yum install -y mariadb mariadb-server python2-PyMySQL 修改配置文件 /etc/my.cnf [mysqld] bind-address = 114.118.28.117 default-storage-engine = innodb innodb_file_per_table = on max_connections = 40960 collation-server = utf8_general_ci character-set-server = utf8 启动服务 # systemctl enable mariadb # systemctl start mariadb 初始化数据库 # mysql_secure_installation 2. Memcached 安装软件包 # yum install -y memcached python-memcached 修改配置文件/etc/sysconfig/memcached OPTIONS="-l 127.0.0.1,::1,controller" 启动服务 # systemctl enable memcached # systemctl start memcached 3. RabbitMQ 安装软件包 # yum install -y rabbitmq-server 启动服务 # systemctl enable rabbitmq-server.service # systemctl start rabbitmq-server.service 创建用户与配置权限 # rabbitmqctl add_user openstack openstack # rabbitmqctl set_permissions openstack ".*" ".*" ".*" 启用rannbitmq的webgui界面管理功能 # rabbitmq-plugins enable rabbitmq_management # rabbitmqctl set_user_tags openstack administrator # rabbitmqctl delete_user guest 4. Keystone认证 创建数据库 # mysql -uroot -popenstack MariaDB [(none)]> CREATE DATABASE keystone; MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'openstack'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'openstack'; MariaDB [(none)]> flush privileges; 安装软件包 # yum install -y openstack-keystone httpd mod_wsgi 修改配置文件/etc/keystone/keystone.conf [database] # ... connection = mysql+pymysql://keystone:openstack@controller/keystone [token] # ... provider = fernet [cache] # ... backend = oslo_cache.memcache_pool enabled = True memcache_servers = controller:11211 数据库同步 # su -s /bin/sh -c "keystone-manage db_sync" keystone 初始化 Fernet key # keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone # keystone-manage credential_setup --keystone-user keystone --keystone-group keystone 配置认证信息 # keystone-manage bootstrap --bootstrap-password openstack --bootstrap-admin-url http://controller:5000/v3/ --bootstrap-internal-url http://controller:5000/v3/ --bootstrap-public-url http://controller:5000/v3/ --bootstrap-region-id RegionOne 配置http启动服务 # ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/ 启动服务 # systemctl enable httpd # systemctl start httpd 配置认证信息keystonerc_admin unset OS_SERVICE_TOKEN export OS_USERNAME=admin export OS_PASSWORD='openstack' export OS_AUTH_URL=http://controller:5000/v3 export PS1='[u@h W(keystone_admin)]$ ' export OS_PROJECT_NAME=admin export OS_USER_DOMAIN_NAME=Default export OS_PROJECT_DOMAIN_NAME=Default export OS_IDENTITY_API_VERSION=3 创建openstack服务project # . keystonerc_admin # openstack project create --domain default --description "Service Project" service 5. Glance镜像 创建数据库 # mysql -uroot MariaDB [(none)]> CREATE DATABASE glance; MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'openstack'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'openstack'; 加载admin认证keystonerc_admin # . /root/keystonerc_admin 创建用户,授权,service以及endpoint # openstack user create --domain default --password openstack glance # openstack role add --project service --user glance admin # openstack service create --name glance --description "OpenStack Image" image # openstack endpoint create --region RegionOne image public http://controller:9292 # openstack endpoint create --region RegionOne image internal http://controller:9292 # openstack endpoint create --region RegionOne image admin http://controller:9292 安装软件包 # yum install -y openstack-glance 修改配置文件/etc/glance/glance-api.conf [database] # ... connection = mysql+pymysql://glance:openstack@controller/glance [keystone_authtoken] # ... www_authenticate_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = controller:11211 auth_type = password project_domain_name = Default user_domain_name = Default project_name = service username = glance password = openstack [paste_deploy] # ... flavor = keystone [glance_store] # ... stores = file,http default_store = file filesystem_store_datadir = /var/lib/glance/images/ 修改配置文件/etc/glance/glance-registry.conf [database] # ... connection = mysql+pymysql://glance:openstack@controller/glance [keystone_authtoken] # ... www_authenticate_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = controller:11211 auth_type = password project_domain_name = Default user_domain_name = Default project_name = service username = glance password = openstack [paste_deploy] # ... flavor = keystone 同步数据库 # su -s /bin/sh -c "glance-manage db_sync" glance 服务启动 # systemctl enable openstack-glance-api.service openstack-glance-registry.service # systemctl start openstack-glance-api.service openstack-glance-registry.service 6.1 Cinder块存储-控制节点 创建数据库 # mysql -u root MariaDB [(none)]> CREATE DATABASE cinder; MariaDB [(none)]> GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY 'openstack'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY 'openstack'; 加载admin认证keystonerc_admin # . /root/keystonerc_admin 创建用户,授权,service以及endpoint # openstack user create --domain default --password openstack cinder # openstack role add --project service --user cinder admin # openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2 # openstack service create --name cinderv3 --description "OpenStack Block Storage" volumev3 # # openstack endpoint create --region RegionOne volumev2 public http://controller:8776/v2/%(project_id)s # openstack endpoint create --region RegionOne volumev2 internal http://controller:8776/v2/%(project_id)s # openstack endpoint create --region RegionOne volumev2 admin http://controller:8776/v2/%(project_id)s # openstack endpoint create --region RegionOne volumev3 public http://controller:8776/v3/%(project_id)s # openstack endpoint create --region RegionOne volumev3 internal http://controller:8776/v3/%(project_id)s # openstack endpoint create --region RegionOne volumev3 admin http://controller:8776/v3/%(project_id)s 安装软件包 # yum install -y openstack-cinder 编辑配置文件/etc/cinder/cinder.conf [DEFAULT] # ... transport_url = rabbit://openstack:openstack@controller auth_strategy = keystone my_ip = controller [database] # ... connection = mysql+pymysql://cinder:openstack@controller/cinder [keystone_authtoken] # ... www_authenticate_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = cinder password = openstack [oslo_concurrency] # ... lock_path = /var/lib/cinder/tmp 同步数据库 # su -s /bin/sh -c "cinder-manage db sync" cinder 服务启动 # systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service # systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service 6.2 Cinder块存储-存储节点 安装软件包 # yum install -y lvm2 device-mapper-persistent-data # yum install -y openstack-cinder targetcli python-keystone 启动lvm服务 # systemctl enable lvm2-lvmetad.service # systemctl start lvm2-lvmetad.service 创建LVM-VG # pvcreate /dev/sda # vgcreate cinder-volumes /dev/sda 编辑 /etc/lvm/lvm.conf devices { ... filter = [ "a/sda/", "r/.*/"] 编辑配置文件/etc/cinder/cinder.conf [DEFAULT] # ... transport_url = rabbit://openstack:openstack@controller auth_strategy = keystone my_ip = controller enabled_backends = lvm glance_api_servers = http://controller:9292 [database] # ... connection = mysql+pymysql://cinder:openstack@controller/cinder [keystone_authtoken] # ... www_authenticate_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = cinder password = openstack [oslo_concurrency] # ... lock_path = /var/lib/cinder/tmp [lvm] volume_backend_name=lvm volume_driver=cinder.volume.drivers.lvm.LVMVolumeDriver target_ip_address=114.118.28.117 target_helper=lioadm volume_group=cinder-volumes volumes_dir=/var/lib/cinder/volumes 启动服务 # systemctl enable openstack-cinder-volume.service target.service # systemctl start openstack-cinder-volume.service target.service 7.1 Neutron网络-控制节点 创建数据库 # mysql -u root MariaDB [(none)]> CREATE DATABASE neutron; MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'openstack'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'openstack'; 加载admin认证keystonerc_admin #. /root/keystonerc_admin 创建用户,授权,service以及endpoint # openstack user create --domain default --password openstack neutron # openstack role add --project service --user neutron admin # openstack service create --name neutron --description "OpenStack Networking" network # openstack endpoint create --region RegionOne network public http://controller:9696 # openstack endpoint create --region RegionOne network internal http://controller:9696 # openstack endpoint create --region RegionOne network admin http://controller:9696 安装软件包 # yum install -y openstack-neutron-ml2 openstack-neutron 编辑配置文件/etc/neutron/neutron.conf [DEFAULT] # ... debug=False log_dir=/var/log/neutron transport_url = rabbit://openstack:openstack@controller control_exchange=neutron auth_strategy=keystone core_plugin=neutron.plugins.ml2.plugin.Ml2Plugin allow_overlapping_ips=True service_plugins=qos,trunk,router router_scheduler_driver=neutron.scheduler.l3_agent_scheduler.ChanceScheduler notify_nova_on_port_status_changes=True notify_nova_on_port_data_changes=True [keystone_authtoken] # ... www_authenticate_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = neutron password = openstack [nova] # ... auth_url = http://controller:5000 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = nova password = openstack [database] # ... connection = mysql+pymysql://neutron:openstack@controller/neutron [oslo_concurrency] # ... lock_path = /var/lib/neutron/tmp 编辑配置文件/etc/neutron/plugins/ml2/ml2_conf.ini 本处使用两种类型网络,分别是vlannet以及extnet,两种网络对应的分别是租户网络以及provider网络。 [DEFAULT] [ml2] type_drivers=flat,vlan tenant_network_types=vlan mechanism_drivers=openvswitch path_mtu=0 extension_drivers=port_security,qos [securitygroup] enable_security_group=True firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver [ml2_type_flat] flat_networks=* [ml2_type_vlan] network_vlan_ranges=vlannet:2000:2200,extnet:200:300 生成ml2的plugin.ini软链接 # ln -sf /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini 同步数据库 # su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron 启动服务 # systemctl enable neutron-server.service # systemctl start neutron-server.service 7.2 Neutron网络-网络节点 安装软件包 # yum install -y openstack-neutron-common openstack-neutron openstack-neutron-openvswitch ebtables 编辑配置文件/etc/sysctl.conf net.ipv4.tcp_keepalive_intvl=1 net.ipv4.tcp_keepalive_probes=5 net.ipv4.tcp_keepalive_time=5 net.bridge.bridge-nf-call-ip6tables=1 net.bridge.bridge-nf-call-iptables=1 net.bridge.bridge-nf-call-arptables=1 net.ipv4.ip_forward=1 运行如下命令 # sysctl -p 编辑配置文件/etc/neutron/neutron.conf [DEFAULT] # ... debug=False log_dir=/var/log/neutron transport_url = rabbit://openstack:openstack@controller control_exchange=neutron auth_strategy=keystone core_plugin=neutron.plugins.ml2.plugin.Ml2Plugin allow_overlapping_ips=True service_plugins=qos,trunk,router router_scheduler_driver=neutron.scheduler.l3_agent_scheduler.ChanceScheduler notify_nova_on_port_status_changes=True notify_nova_on_port_data_changes=True [keystone_authtoken] # ... www_authenticate_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = neutron password = openstack [oslo_concurrency] # ... lock_path = /var/lib/neutron/tmp 编辑配置文件/etc/neutron/plugins/ml2/openvswitch_agent.ini [DEFAULT] [ovs] bridge_mappings=extnet:br-ex,vlannet:br-vlan integration_bridge=br-int [agent] l2_population=False drop_flows_on_start=False [securitygroup] firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver 编辑配置文件/etc/neutron/metadata_agent.ini [DEFAULT] debug=False nova_metadata_host=controller metadata_proxy_shared_secret=openstack 编辑配置文件/etc/neutron/l3_agent.ini [DEFAULT] debug=False interface_driver=neutron.agent.linux.interface.OVSInterfaceDriver agent_mode=legacy 编辑配置文件/etc/neutron/dhcp_agent.ini [DEFAULT] debug=False enable_isolated_metadata=True enable_metadata_network=True state_path=/var/lib/neutron resync_interval=30 interface_driver=neutron.agent.linux.interface.OVSInterfaceDriver root_helper=sudo neutron-rootwrap /etc/neutron/rootwrap.conf 启动ovs # systemctl enable openvswitch # systemctl start openvswitch 创建ovs bridge # ovs-vsctl add-br br-ex # ovs-vsctl add-br br-vlan 启动服务 # systemctl enable neutron-dhcp-agent.service neutron-l3-agent.service neutron-metadata-agent.service neutron-openvswitch-agent.service neutron-destroy-patch-ports.service # systemctl start neutron-dhcp-agent.service neutron-l3-agent.service neutron-metadata-agent.service neutron-openvswitch-agent.service neutron-destroy-patch-ports.service 7.3 Neutron网络-计算节点 安装软件包 # yum install -y openstack-neutron-common openstack-neutron openstack-neutron-openvswitch ebtables 编辑配置文件/etcneutron/neutron.conf [DEFAULT] # ... debug=False log_dir=/var/log/neutron transport_url = rabbit://openstack:openstack@controller control_exchange=neutron auth_strategy=keystone core_plugin=neutron.plugins.ml2.plugin.Ml2Plugin allow_overlapping_ips=True service_plugins=qos,trunk,router router_scheduler_driver=neutron.scheduler.l3_agent_scheduler.ChanceScheduler notify_nova_on_port_status_changes=True notify_nova_on_port_data_changes=True [agent] root_helper=sudo neutron-rootwrap /etc/neutron/rootwrap.conf 编辑配置文件/etc/neutron/plugins/ml2/openvswitch_agent.ini [DEFAULT] [ovs] bridge_mappings=vlannet:br-vlan integration_bridge=br-int [agent] l2_population=False drop_flows_on_start=False [securitygroup] firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver 启动ovs # systemctl enable openvswitch # systemctl start openvswitch 创建ovs bridge # ovs-vsctl add-br br-vlan 启动服务 # systemctl enable openvswitch neutron-openvswitch-agent.service # systemctl start openvswitch neutron-openvswitch-agent.service 8.1. Nova计算-控制节点 创建数据库 # mysql -u root MariaDB [(none)]> CREATE DATABASE nova_api; MariaDB [(none)]> CREATE DATABASE nova; MariaDB [(none)]> CREATE DATABASE nova_cell0; MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'openstack'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'openstack'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'openstack'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'openstack'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY 'openstack'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY 'openstack'; 加载admin认证keystonerc_admin # . /root/keystonerc_admin 创建用户,授权,service以及endpoint # openstack user create --domain default --password openstack nova # openstack role add --project service --user nova admin # openstack service create --name nova --description "OpenStack Compute" compute # openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1 # openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1 # openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1 安装软件包 # yum install -y openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler openstack-nova-console 编辑配置文件/etc/nova/nova.conf [DEFAULT] # ... enabled_apis = osapi_compute,metadata transport_url = rabbit://openstack:openstack@controller my_ip = 114.118.28.117 use_neutron = true firewall_driver = nova.virt.firewall.NoopFirewallDriver [api_database] # ... connection = mysql+pymysql://nova:openstack@controller/nova_api [database] # ... connection = mysql+pymysql://nova:openstack@controller/nova [api] # ... auth_strategy = keystone [keystone_authtoken] # ... auth_url = http://controller:5000/v3 memcached_servers = controller:11211 auth_type = password project_domain_name = Default user_domain_name = Default project_name = service username = nova password = openstack [vnc] enabled = true # ... server_listen = $my_ip server_proxyclient_address = $my_ip [glance] # ... api_servers = http://controller:9292 [neutron] # ... url = http://controller:9696 auth_url = http://controller:5000 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = openstack service_metadata_proxy=True metadata_proxy_shared_secret=openstack [oslo_concurrency] # ... lock_path = /var/lib/nova/tmp [placement] # ... region_name = RegionOne project_domain_name = Default project_name = service auth_type = password user_domain_name = Default auth_url = http://controller:5000/v3 username = placement password = openstack 同步nova-api数据库 # su -s /bin/sh -c "nova-manage api_db sync" nova 注册cell0数据库 # su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova 创建cell1 # su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova 同步nova数据库 # su -s /bin/sh -c "nova-manage db sync" nova 验证nova cell # su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova 服务启动 # systemctl enable openstack-nova-api.service openstack-nova-consoleauth openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service # systemctl start openstack-nova-api.service openstack-nova-consoleauth openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service 8.2. Nova计算-计算节点 软件安装 # yum install -y openstack-nova-compute openstack-nova-common 编辑配置文件/etc/nova/nova.conf [DEFAULT] # ... enabled_apis = osapi_compute,metadata transport_url = rabbit://openstack:openstack@controller my_ip = 114.118.28.117 use_neutron = true firewall_driver = nova.virt.firewall.NoopFirewallDriver [api] # ... auth_strategy = keystone [keystone_authtoken] # ... auth_url = http://controller:5000/v3 memcached_servers = controller:11211 auth_type = password project_domain_name = Default user_domain_name = Default project_name = service username = nova password = openstack [vnc] # ... enabled = true server_listen = 0.0.0.0 server_proxyclient_address = $my_ip novncproxy_base_url = http://114.118.28.117:6080/vnc_auto.html [glance] # ... api_servers = http://controller:9292 [neutron] # ... url = http://controller:9696 auth_url = http://controller:5000 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = openstack [oslo_concurrency] # ... lock_path = /var/lib/nova/tmp [placement] # ... region_name = RegionOne project_domain_name = Default project_name = service auth_type = password user_domain_name = Default auth_url = http://controller:5000/v3 username = placement password = openstack [libvirt] # ... virt_type = qemu 服务启动 # systemctl enable libvirtd.service openstack-nova-compute.service # systemctl start libvirtd.service openstack-nova-compute.service Nova CellV2 主机发现与添加 # openstack compute service list --service nova-compute # su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova # su -s /bin/sh -c "nova-manage cell_v2 list_hosts" nova 9. Placement放置组 创建数据库 # mysql -u root MariaDB [(none)]> CREATE DATABASE placement; MariaDB [(none)]> GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' IDENTIFIED BY 'openstack'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' IDENTIFIED BY 'openstack'; 加载admin认证keystonerc_admin . /root/keystonerc_admin 创建用户,授权,service以及endpoint # openstack user create --domain default --password openstack placement # openstack role add --project service --user placement admin # openstack service create --name placement --description "Placement API" placement # openstack endpoint create --region RegionOne placement public http://controller:8778 # openstack endpoint create --region RegionOne placement internal http://controller:8778 # openstack endpoint create --region RegionOne placement admin http://controller:8778 安装软件包 # yum install -y openstack-placement-api 修改配置文件/etc/placement/placement.conf [placement_database] # ... connection = mysql+pymysql://placement:openstack@controller/placement [api] # ... auth_strategy = keystone [keystone_authtoken] # ... auth_url = http://controller:5000/v3 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = placement password = openstack 同步数据库 # su -s /bin/sh -c "placement-manage db sync" placement 添加配置/etc/httpd/conf.d/00-placement-api.conf (如果有则跳过) = 2.4> Require all granted 2 .4> Order allow,deny Allow from all 服务启动 # systemctl restart httpd 10. Dashboard图形化展示 安装软件包 # yum install -y openstack-dashboard 编辑配置文件/etc/openstack-dashboard/local_settings ALLOWED_HOSTS = ["*",] SESSION_ENGINE = 'django.contrib.sessions.backends.cache' CACHES = { 'default': { 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', 'LOCATION': 'controller:11211', } } OPENSTACK_HOST = "controller" OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user" OPENSTACK_API_VERSIONS = { "identity": 3, "image": 2, "volume": 3, } 11. 云环境初始化 镜像初始化 # yum install -y wget # wget https://download.cirros-cloud.net/0.3.6/cirros-0.3.6-x86_64-disk.img # . /root/keystonerc_admin # openstack image create --disk-format qcow2 --container-format bare --public --file cirros-0.3.6-x86_64-disk.img cirros-0.3.6 网络初始化 # openstack network create Public --provider-network-type vlan --provider-physical-network extnet --provider-segment 10 --external # openstack subnet create Subnet-Public --no-dhcp --network Public --subnet-range 172.24.4.0/24 # openstack network create vlannet1 --provider-network-type vlan --provider-physical-network vlannet # openstack subnet create subnet-vlannet1 --network vlannet1 --subnet-range 10.1.1.0/24 # openstack router create AdminRouter # openstack router set --external-gateway Public AdminRouter # openstack router add subnet AdminRouter subnet-vlannet1 Flavor初始化 # openstack flavor create --id 0 --vcpus 1 --ram 256 --disk 1 --public m1.1c.256m.1G 默认安全组规则调整 # openstack security group rule create --protocol any --ingress --ethertype IPv4 681f291a-507f-49bc-8673-4c1239c3b7fb Nova创建云主机 # openstack server create --image cirros-0.3.6 --flavor 0 --network vlannet1 VM1 浮动IP绑定 # openstack floating ip create Public --floating-ip-address 172.24.4.217 --fixed-ip-address 10.1.1.217 --port 70567ad4-c49c-44c7-9ee7-63dad9e17e6b 书。 |
CopyRight 2018-2019 实验室设备网 版权所有 |