资源描述
Openstack havana版安装
环境
物理数量
1台
主机名
Controller
网卡数量
1
ip地址
192.168.205.177
Dns
202.106.196.115
Cpu 个数
1
内存
6GB
硬盘容量
1TB
操作系统版本
redhat6.3
组件整体结构
PS:在本环境中由于只有一台物理机,所以主机要即当管理节点又提供计算服务,所以除了以上controller 中上述组件还要安装nova-compute ,nova-network服务。
环境准备
网卡配置
Vi /etc/sysconfig/network-scripts/ifcfg-eth0
# Internal Network
DEVICE=eth0
TYPE=Ethernet
BOOTPROTO=static
IPADDR=192.168.205.177
NETMASK=255.255.255.0
DEFROUTE=yes
# service network restartONBOOT=yes
# service NetworkManager stop
# service network start
# chkconfig NetworkManager off
# chkconfig network on
修改主机名
Vi /etc/sysconfig/network
HOSTNAME=controller
Vi /etc/hosts
127.0.0.1 localhost
192.168.205.177 controller
安装mysql 数据库
# yum install mysql mysql-server MySQL-python
Vi /etc/f
[mysqld]
...
bind-address = 192.168.205.177
启动mysql
# service mysqld start
# chkconfig mysqld on
初次创建时删除 anonymous user
# mysql_install_db
# mysql_secure_installation
# yum install mysql MySQL-python
安装openstack包
下载并安装http://repos.fedorapeople.org/repos/openstack/openstack-havana/
rdo-release-havana-6.noarch.rpm
http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.
noarch.rpm 这两个包,这两个包安装后会自动配置安装openstack的外网yum源
安装openstack 单元包
yum install openstack-utils
yum install openstack-selinux
yum upgrade
reboot
PS:外网环境十分不稳定,安装可能会经常失败,安装失败后清除安装失败的包,后则后期如果安装时由于安装包没有装全或者装好会带来意想不到麻烦。
安装Messaging server
yum install qpid-cpp-server memcached
vi /etc/qpidd.conf
auth=no
# service qpidd start
# chkconfig qpidd on
安装keystone认证服务
# yum install openstack-keystone python-keystoneclient
修改配置文件
# openstack-config --set /etc/keystone/keystone.conf \
sql connection mysql://keystone:KEYSTONE_DBPASS@controller/keystone
创建openstack keystone 与数据库的连接
# openstack-db --init --service keystone --password KEYSTONE_DBPASS
定义一个授权令牌
# ADMIN_TOKEN=$(openssl rand -hex 10)
# echo $ADMIN_TOKEN
# openstack-config --set /etc/keystone/keystone.conf DEFAULT \
admin_token $ADMIN_TOKEN
配置创建密钥与证书
# keystone-manage pki_setup --keystone-user keystone --keystone-group
keystone
# chown -R keystone:keystone /etc/keystone/* /var/log/keystone/keystone.
log
启动keystone
# service openstack-keystone start
# chkconfig openstack-keystone on
定义用户租客和roles
导出环境变量
# export OS_SERVICE_TOKEN=ADMIN_TOKEN
# export OS_SERVICE_ENDPOINT=http://controller:35357/v2.0
PS:这里的ADMIN_TOKEN 是上面定义授权令牌时候生成的一串数字
可以将上述编辑成以后文件之后source 这个文件
创建admin租客
# keystone tenant-create --name=admin --description="Admin Tenant"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Admin Tenant |
| enabled | True |
| id | 17d0aac7259c4f308c5ed81904e267f2 |
| name | admin |
+-------------+----------------------------------+
# keystone tenant-create --name=service --description="Service Tenant"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Service Tenant |
| enabled | True |
| id | 54a02d2556c1423eaee8a514da372e0f |
| name | service |
+-------------+----------------------------------+
PS:这里很有可能会报错,提示租户无法创建,重启keystone会解决问题
Service openstack-keystone restart
keystone user-create --name=admin --pass=ADMIN_PASS\
--email=admin@example.co
ADMIN_PASS是你设置的秘密
keystone user-create --name=admin --pass=PASSWORD\
--email=admin@example.co
创建服务与定义API endpoint
keystone service-create --name=keystone --type=identity \
--description="Keystone Identity Service"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Keystone Identity Service |
| id | 7711a2a72fb34caea36782f7cd669e03 |
| name | keystone |
| type | identity
定义API
keystone endpoint-create \
--service-id=7711a2a72fb34caea36782f7cd669e03 \
--publicurl=http://controller:5000/v2.0 \
--internalurl=http://controller:5000/v2.0 \
--adminurl=http://controller:35357/v2.0
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| adminurl | http://controller:35357/v2.0 |
| id | e153f3c72b2544cf8f7f0bd557a62cad |
| internalurl | http://controller:5000/v2.0 |
| publicurl | http://controller:5000/v2.0 |
| region | regionOne |
| service_id | 7711a2a72fb34caea36782f7cd669e03 |
Vi 一个文件,包含以下内容
export OS_USERNAME=admin
export OS_PASSWORD=PASSWORD
export OS_TENANT_NAME=admin
export OS_AUTH_URL=http://controller:35357/v2.0
source 这个文件
校验服务
keystone user-list
+----------------------------------+---------+--------------------+--------+
| id | enabled | email | name |
+----------------------------------+---------+--------------------+--------+
| a4c2d43f80a549a19864c89d759bb3fe | True | admin@ | admin |
说明配置正确
出过出现报错,请查看/var/log/kestone 下的详细内容
配置glance
安装glance 组建
# yum install openstack-glance
修改配置文件
openstack-config --set /etc/glance/glance-api.conf \
DEFAULT sql_connection mysql://glance:PASSWORD@controller/glance
openstack-config --set /etc/glance/glance-registry.conf \
DEFAULT sql_connection mysql://glance:PASSWORD@controller/glance
创建glance数据连接
openstack-db --init --service glance --password PASSWORD
keystone下定义名为glance的用户
keystone user-create --name=glance --pass=PASSWORD -- email=glance@
添加roles
keystone user-role-add --user=glance --tenant=service --role=admin
添加glance roles
keystone user-role-add --user=glance --tenant=service --role=admin
配置imgae的服务的身份验证
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken \
auth_uri http://controller:5000
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken \
auth_host controller
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken \
admin_tenant_name service
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken \
admin_user glance
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken \
admin_password PASSWORD
openstack-config --set /etc/glance/glance-api.conf paste_deploy \
flavor keystone
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken \
auth_uri http://controller:5000
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken \
auth_host controller
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken \
admin_tenant_name service
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken \
admin_user glance
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken \
admin_password PASSWORD
openstack-config --set /etc/glance/glance-registry.conf paste_deploy \
flavor keystone
添加凭证到/etc/glance/glance-api-paste.ini 和/etc/
glance/glance-registry-paste.inifiles.两个文件
# cp /usr/share/glance/glance-api-dist-paste.ini /etc/glance/glance-api-paste.ini
# cp /usr/share/glance/glance-registry-dist-paste.ini /etc/glance/glance-registry-paste.in
并且添加以下内容
[filter:authtoken]
paste.filter_factory=keystoneclient.middleware.auth_token:filter_factory
auth_host=controller
admin_user=glance
admin_tenant_name=service
admin_password=PASSWORD
keysotne创建glance 服务
# keystone service-create --name=glance --type=image \
--description="Glance Image Service"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Glance Image Service |
| id | f7494dceb5ef46e7960827a0ecdde89e |
| name | glance |
| type | image |
+-------------+----------------------------------+
Keystone 创建glance的endpoint
keystone endpoint-create \
--service-id=f7494dceb5ef46e7960827a0ecdde89e \
--publicurl=http://controller:9292 \
--internalurl=http://controller:9292 \
--adminurl=http://controller:9292
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| adminurl | http://controller:9292 |
| id | fe7cc75f8741455cb0688927845799b2 |
| internalurl | http://controller:9292 |
| publicurl | http://controller:9292 | +----+------+-------------+------------------+------+--------+
| region | regionOne |
| service_id | f7494dceb5ef46e7960827a0ecdde89e |
启动glance服务
# service openstack-glance-api start
# service openstack-glance-registry start
# chkconfig openstack-glance-api on
# chkconfig openstack-glance-registry on
校验glance服务
执行glance imgae-list 命令
+----+------+-------------+------------------+------+--------+
| ID | Name | Disk Format | Container Format | Size | Status |
+----+------+-------------+------------------+------+--------+
表示正常,如果有报错请查看var/log/glance下的详细内容
安装nova 组建
yum install openstack-nova python-novaclient
修改配置文件
openstack-config --set /etc/nova/nova.conf \
database connection mysql://nova:PASSWORD@controller/nova
配置使用messaging server
openstack-config --set /etc/nova/nova.conf \
DEFAULT rpc_backend mon.rpc.impl_qpid
Openstack-config --set /etc/nova/nova.conf DEFAULT qpid_hostname controller
配置nova数据连接
openstack-db --init --service nova --password PASSWORD
配置my—IP vncserver listen 和vncserver_proxyclient_address
openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 192.168.205.177
openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_listen 192.168.205.177
openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_proxyclient_address 192.168.205.177
keysotne创建nova user
keystone user-create --name=nova --pass=PASSWORD --email nova@
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | nova@ |
| enabled | True |
| id | 0ab2486266cb40f4808b03cd0f99929c |
| name | nova |
添加roles
keystone user-role-add --user=nova --tenant=service --role=admin
配置计算服务的身份验证
openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_host controller
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_protocol http
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_port 35357
openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_user nova
openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_tenant_name service
openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_password PASSWORD
vi /etc/nova/api-paste.init
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
auth_host = controller
auth_port = 35357
auth_protocol = http
auth_uri = http://controller:5000/v2.0
admin_tenant_name = service
admin_user = nova
admin_password = PASSWORD
keysotne创建nova service
keystone service-create --name=nova --type=compute \
--description="Nova Compute service"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Nova Compute service |
| id | 3b1a58f73d9d43e2807e8148448a333f |
| name | nova |
| type | compute |
创建endpoint
keystone endpoint-create \
--service-id=3b2d8cd63d444ac4b7899e65eeb0021a \
--publicurl=http://controller:8774/v2/%\(tenant_id\)s \
--internalurl=http://controller:8774/v2/%\(tenant_id\)s \
--adminurl=http://controller:8774/v2/%\(tenant_id\)s
+-------------+-----------------------------------------+
| Property | Value |
+-------------+-----------------------------------------+
| adminurl | http://controller:8774/v2/%(tenant_id)s |
| id | 01d675db4ef949a496fc7c603df6df8a |
| internalurl | http://controller:8774/v2/%(tenant_id)s |
| publicurl | http://controller:8774/v2/%(tenant_id)s |
| region | regionOne |
| service_id | 3b1a58f73d9d43e2807e8148448a333f |
启动nova 的各项服务
# service openstack-nova-api start
# service openstack-nova-cert start
# service openstack-nova-consoleauth start
# service openstack-nova-scheduler start
# service openstack-nova-conductor start
# service openstack-nova-novncproxy start
# chkconfig openstack-nova-consoleauth on
# chkconfig openstack-nova-scheduler on
# chkconfig openstack-nova-conductor on
# chkconfig openstack-nova-novncproxy on
校验nova 服务
执行nova list 显示虚拟机等信息。
如果无返回输出其他。说明nova服务不正常,请查看/var/log/nova下的详细日志
安装nova network
yum install openstack-nova-network
修改配置文件
openstack-config --set /etc/nova/nova.conf DEFAULT network_manager work.manager.FlatDHCPManager
openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.libvirt.firewall.IptablesFirewallDriver
openstack-config --set /etc/nova/nova.conf DEFAULT network_size 254
openstack-config --set /etc/nova/nova.conf DEFAULT allow_same_net_traffic False
openstack-config --set /etc/nova/nova.conf DEFAULT multi_host True
openstack-config --set /etc/nova/nova.conf DEFAULT send_arp_for_ha True
openstack-config --set /etc/nova/nova.conf DEFAULT share_dhcp_address Ture
openstack-config --set /etc/nova/nova.conf DEFAULT force_dhcp_release True
openstack-config --set /etc/nova/nova.conf DEFAULT flat_interface eth0
openstack-config --set /etc/nova/nova.conf DEFAULT flat_network_bridge br100
openstack-config --set /etc/nova/nova.conf DEFAULT public_interface eth0
nova network-create vmnet --fixed-range-v4=192.168.205.0/24 --bridge=br100 --multi-host=T
安装一个本地数据元
# yum install openstack-nova-api
# service openstack-nova-metadata-api start
# chkconfig openstack-nova-metadata-api on
启动nova network
# service openstack-nova-network start
# chkconfig openstack-nova-network on
创建vlan
nova network-create vmnet --fixed-range-v4=10.0.0.0/24 \
--bridge=br100 --multi-host=T
Nova network-list查看创建网络
开放安全规则
nova secgroup-add-rule defaulttcp 22 22 0.0.0.0/0
nova secgroup-add-rule defaulticmp -1 -1 0.0.0.0/0
校验各项服务是否正常
nova flavor-list
展开阅读全文
浙ICP备2021020529号-1 | 浙B2-20240490 
