资源描述
目录
一、服务器配置 2
二、组件安装 3
三、数据库安装配置 4
四、Keystone配置 4
五、glance配置 7
六、nova配置 8
七、dashboard配置 11
八、镜像制作 11
附件一:配置文件 11
附件二:安装错误处理 18
一、服务器配置
1、下载ubuntu 12.04. 服务器版本。
地址:
2、安装OS
操作系统最小化安装,只需要安装ssh server,其他组件不需要。
操作系统安装好需要更新源里的包、系统。确保装的是最新版本的包。命令如下:
apt-get update
apt-get upgrade
注:更新时网络代理配置如下:
root@ubuntu:/opt# cat /etc/apt/apt.conf
Acquire::http::Proxy "http://133.64.81.236:8080/";
3、root权限
zhang@ubuntu:~$ sudo passwd
[sudo] password for zhang:
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
4、网络配置
root@ubuntu:/opt# cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 133.64.96.26
netmask 255.255.255.128
network 133.64.96.0
broadcast 133.64.96.127
gateway 133.64.96.1
# dns-* options are implemented by the resolvconf package, if installed
dns-nameservers 133.64.96.1
auto eth1
iface eth1 inet static
address 192.168.3.130
netmask 255.255.255.128
network 192.168.3.128
broadcast 192.168.3.255
二、组件安装
1、bridge配置
使用apt-get安装如下:
apt-get install bridge-utils
/etc/init.d/networking restart
2、NTP配置
apt-get install ntp
编辑 /etc/ntp.conf 在末尾添加下面3行
server iburst
server 127.127.1.0
fudge 127.127.1.0 stratum 10
重启服务
service ntp restart
3、iscsi配置
apt-get install tgt
/etc/init.d/tgt start
apt-get install open-iscsi open-iscsi-utils
4、rabbitmq配置
apt-get install rabbitmq-server memcached python-memcache
apt-get install kvm libvirt-bin
三、数据库安装配置
1、安装数据库
apt-get install mysql-server python-mysqldb
编辑/etc/mysql/f, 允许网络访问mysql
#bind-address = 127.0.0.1
bind-address = 0.0.0.0
重启mysql服务
/etc/init.d/mysql restart
2、创建相关数据库
mysql -uroot -p123456
CREATE DATABASE nova;
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '123456';
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '123456';
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%'IDENTIFIED BY '123456';
quit
四、Keystone配置
1、keystone的安装
apt-get install keystone python-keystone python-keystoneclient
2、keystone配置
编辑/etc/keystone/keystone.conf
[DEFAULT]
#bind_host = 0.0.0.0
public_port = 5000
admin_port = 35357
#admin_token = ADMIN
admin_token = admin
[sql]
#connection = sqlite:////var/lib/keystone/keystone.db
connection = mysql://keystone:123456@133.64.96.26/keystone
3、重启服务
service keystone restart
4、同步数据库
keystone-manage db_sync
5、导入数据和endpoint
为了方便,你可以直接使用下面2个脚本来进行全部的设置
(1)、keystone_data.sh 导入用户信息
wget
mv keystone_data.sh_.txt keystone_data.sh
chmod +x keystone_data.sh
对于keystone_data.sh 脚本,默认的登陆dashboard的密码是:chenshake,Token是chenshake。
你可以根据你的情况进行调整。
第一行是登陆dashboard的密码。
第三行是上面设置的Keystone的Token
ADMIN_PASSWORD=${ADMIN_PASSWORD:-123456}
SERVICE_PASSWORD=${SERVICE_PASSWORD:-$ADMIN_PASSWORD}
#export SERVICE_TOKEN="chenshake"
export SERVICE_TOKEN="admin"
export SERVICE_ENDPOINT="http://localhost:35357/v2.0"
SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service}
ENABLED_SERVICES="swift"
验证是否正常
./keystone_data.sh 没任何输出,就表示正确
echo $? 显示0,就表示脚本正确运行
(2)、endpoints.sh 设置endpoint
wget
mv endpoints.sh_.txt endpoints.sh
chmod +x endpoints.sh
这个脚本运行,需要使用不少参数
./endpoints.sh -m 133.64.96.26 -u keystone -D keystone -p 123456 -T admin -K 133.64.96.26 -R RegionOne -E "http://localhost:35357/v2.0" -S 133.64.96.26
参数说明
-m mysql_hostname
-u mysql_username
-D mysql_database
-p mysql_password
-K keystone 服务器IP
-R keystone_region
-E keystone_endpoint_url
-S swift proxy节点IP
-T keystone_token
正常运行,会输出一堆内容。
(3)、设置环境变量
root@server1:~# Vi ~/.bashrc.或/etc/profile 在文件末尾处
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=123456
export OS_AUTH_URL=http://localhost:5000/v2.0/
验证:
root@server1:~#source ~/.bashrc.或/etc/profile
root@server1:~# export | grep OS_
declare -x OS_AUTH_URL="http://localhost:5000/v2.0/"
declare -x OS_PASSWORD="123456"
declare -x OS_TENANT_NAME="admin"
declare -x OS_USERNAME="admin"
6、测试keyston是否正确安装
keystone user-list
keystone endpoint-list
keystone tenant-list
keystone user-list
keystone role-list
如:
若测试成功说明keystone安装正确。
五、glance配置
1、glance安装
apt-get install glance glance-api glance-client glance-common glance-registry python-glance
2、glance配置
编辑 /etc/glance/glance-api-paste.ini,/etc/glance/glance-registry-paste.ini,两个文件,都是修改文档最后3行
#admin_tenant_name = %SERVICE_TENANT_NAME%
#admin_user = %SERVICE_USER%
#admin_password = %SERVICE_PASSWORD%
admin_tenant_name = service
admin_user = glance
admin_password = 123456
#dashboard password
编辑/etc/glance/glance-registry.conf,改成使用mysql验证
#sql_connection = sqlite:////var/lib/glance/glance.sqlite
sql_connection = mysql://glance:123456@122.204.144.201/glance
编辑/etc/glance/glance-registry.conf 和 /etc/glance/glance-api.conf ,都在文件末尾添加两行
[paste_deploy]
flavor = keystone
3、glance 同步数据库
glance-manage version_control 0
glance-manage db_sync
4、重启服务
service glance-api restart && service glance-registry restart
5、设置永久环境变量
修改 ~/.bashrc.或/etc/profile , 在末尾添加下面内容
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=123456
export OS_AUTH_URL=http://localhost:5000/v2.0/
注:在keystone中设置过环境变量后无需再配置环境变量。
6、测试glance
glance index
没有输出,表示正常,因为目前还没有镜像。
六、nova配置
1、安装nova
apt-get install nova-api nova-cert nova-compute nova-compute-kvm nova-doc nova-network nova-objectstore nova-scheduler nova-volume rabbitmq-server novnc nova-consoleauth
2、配置nova
使用vi /etc/nova/nova.conf编辑该文件修改。
外网地址133.64.96.26。内网地址192.168.4.130。
--dhcpbridge_flagfile=/etc/nova/nova.conf
--dhcpbridge=/usr/bin/nova-dhcpbridge
--logdir=/var/log/nova
--state_path=/var/lib/nova
--lock_path=/run/lock/nova
--allow_admin_api=true
--use_deprecated_auth=false
--auth_strategy=keystone
--scheduler_driver=nova.scheduler.simple.SimpleScheduler
--s3_host=133.64.96.26
--ec2_host=133.64.96.26
--rabbit_host=133.64.96.26
--cc_host=133.64.96.26
--nova_url=http://133.64.96.26:8774/v1.1/
--routing_source_ip=133.64.96.26
--glance_api_servers=133.64.96.26:9292
--image_service=nova.image.glance.GlanceImageService
--iscsi_ip_prefix=192.168.4
--sql_connection=mysql://nova:123456@133.64.96.26/nova
--ec2_url=http://133.64.96.26:8773/services/Cloud
--keystone_ec2_url=http://133.64.96.26:5000/v2.0/ec2tokens
--api_paste_config=/etc/nova/api-paste.ini
--libvirt_type=kvm
--libvirt_use_virtio_for_bridges=true
--start_guests_on_host_boot=true
--resume_guests_state_on_host_boot=true
# vnc specific configuration
--novnc_enabled=true
--novncproxy_base_url=http://133.64.96.26:6080/vnc_auto.html
--vncserver_proxyclient_address=133.64.96.26
--vncserver_listen=133.64.96.26
# network specific settings
--network_manager=work.manager.FlatDHCPManager
--public_interface=eth0
--flat_interface=eth1
--flat_network_bridge=br100
--fixed_range=192.168.4.130/25
--floating_range=133.64.96.26/25
--network_size=32
--flat_network_dhcp_start=192.168.4.162
--flat_injected=False
--force_dhcp_release
--iscsi_helper=tgtadm
--connection_type=libvirt
--root_helper=sudo nova-rootwrap
--verbose
使用vi /etc/nova/api-paste.ini编辑文件修改!
#admin_tenant_name = %SERVICE_TENANT_NAME%
#admin_user = %SERVICE_USER%
#admin_password = %SERVICE_PASSWORD%
admin_tenant_name = service
admin_user = nova
admin_password = 123456
3、相关服务重启
/etc/init.d/libvirt-bin restart
/etc/init.d/nova-network restart
/etc/init.d/nova-compute restart
/etc/init.d/nova-api restart
/etc/init.d/nova-objectstore restart
/etc/init.d/nova-scheduler restart
/etc/init.d/nova-volume restart
/etc/init.d/nova-consoleauth restart
4、同步数据库
nova-manage db sync
5、设置目录权限
chown -R nova:nova /etc/nova
chmod 644 /etc/nova/nova.conf
6、创建fix ip(内网ip)
nova-manage network create private --fixed_range_v4=192.168.4.130/25 --num_networks=1 --bridge=br100 --bridge_interface=eth1 --network_size=32
7、创建floating IP(公网ip)
nova-manage floating create --ip_range=133.64.96.26/25
8、重启服务
/etc/init.d/libvirt-bin restart
/etc/init.d/nova-network restart
/etc/init.d/nova-compute restart
/etc/init.d/nova-api restart
/etc/init.d/nova-objectstore restart
/etc/init.d/nova-scheduler restart
/etc/init.d/nova-volume restart
/etc/init.d/nova-consoleauth restart
9、验证测试
nova-manage service list
nova list
nova image-list
nova floating-ip-create
nova flavor-list
nova secgroup-list
nova secgroup-list-rules default
10、开放远程连接端口
nova secgroup-add-rule default tcp 22 22 0.0.0.0/0
nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
七、dashboard配置
1、安装dashboard
apt-get install openstack-dashboard
2、重启apache
service apache2 restart
八、镜像制作
下载官方做好的ubuntu镜像即可
wget http://cloud-
上传镜像
glance add name="Ubuntu 12.04 cloudimg amd64" is_public=true container_format=ovf disk_format=qcow2 < /root/precise-server-cloudimg-amd64-disk1.img
附件一:配置文件
keystone_data.sh
#!/bin/bash
#
# Initial data for Keystone using python-keystoneclient
#
# Tenant User Roles
# ------------------------------------------------------------------
# admin admin admin
# service glance admin
# service nova admin, [ResellerAdmin (swift only)]
# service quantum admin # if enabled
# service swift admin # if enabled
# demo admin admin
# demo demo Member, anotherrole
# invisible_to_admin demo Member
#
# Variables set before calling this script:
# SERVICE_TOKEN - aka admin_token in keystone.conf
# SERVICE_ENDPOINT - local Keystone admin endpoint
# SERVICE_TENANT_NAME - name of tenant containing service accounts
# ENABLED_SERVICES - stack.sh's list of services to start
# DEVSTACK_DIR - Top-level DevStack directory
#ADMIN_PASSWORD=${ADMIN_PASSWORD:-chenshake}
ADMIN_PASSWORD=${ADMIN_PASSWORD:-$OS_PASSWORD}
#SERVICE_PASSWORD=${SERVICE_PASSWORD:-$ADMIN_PASSWORD}
#export SERVICE_TOKEN="chenshake"
#export SERVICE_ENDPOINT="http://localhost:35357/v2.0"
SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service}
ENABLED_SERVICES="swift"
function get_id () {
echo `$@ | awk '/ id / { print $4 }'`
}
# Tenants
ADMIN_TENANT=$(get_id keystone tenant-create --name=admin)
SERVICE_TENANT=$(get_id keystone tenant-create --name=$SERVICE_TENANT_NAME)
#DEMO_TENANT=$(get_id keystone tenant-create --name=demo)
#INVIS_TENANT=$(get_id keystone tenant-create --name=invisible_to_admin)
# Users
ADMIN_USER=$(get_id keystone user-create --name=admin \
--pass="$ADMIN_PASSWORD" \
--email=admin@)
#DEMO_USER=$(get_id keystone user-create --name=demo \
# --pass="$ADMIN_PASSWORD" \
# --email=demo@)
# Roles
ADMIN_ROLE=$(get_id keystone role-create --name=admin)
KEYSTONEADMIN_ROLE=$(get_id keystone role-create --name=KeystoneAdmin)
KEYSTONESERVICE_ROLE=$(get_id keystone role-create --name=KeystoneServiceAdmin)
# ANOTHER_ROLE demonstrates that an arbitrary role may be created and used
# TODO(sleepsonthefloor): show how this can be used for rbac in the future!
ANOTHER_ROLE=$(get_id keystone role-create --name=anotherrole)
# Add Roles to Users in Tenants
keystone user-role-add --user $ADMIN_USER --role $ADMIN_ROLE --tenant_id $ADMIN_TENANT
#keystone user-role-add --user $ADMIN_USER --role $ADMIN_ROLE --tenant_id $DEMO_TENANT
#keystone user-role-add --user $DEMO_USER --role $ANOTHER_ROLE --tenant_id $DEMO_TENANT
# TODO(termie): these two might be dubious
keystone user-role-add --user $ADMIN_USER --role $KEYSTONEADMIN_ROLE --tenant_id $ADMIN_TENANT
keystone user-role-add --user $ADMIN_USER --role $KEYSTONESERVICE_ROLE --tenant_id $ADMIN_TENANT
# The Member role is used by Horizon and Swift so we need to keep it:
MEMBER_ROLE=$(get_id keystone role-create --name=Member)
#keystone user-role-add --user $DEMO_USER --role $MEMBER_ROLE --tenant_id $DEMO_TENANT
#keystone user-role-add --user $DEMO_USER --role $MEMBER_ROLE --tenant_id $INVIS_TENANT
# Configure service users/roles
NOVA_USER=$(get_id keystone user-create --name=nova \
--pass="$SERVICE_PASSWORD" \
--tenant_id $SERVICE_TENANT \
--email=nova@)
keystone user-role-add --tenant_id $SERVICE_TENANT \
--user $NOVA_USER \
--role $ADMIN_ROLE
GLANCE_USER=$(get_id keystone user-create --name=glance \
--pass="$SERVICE_PASSWORD" \
--tenant_id $SERVICE_TENANT \
--email=glance@)
keystone user-role-add --tenant_id $SERVICE_TENANT \
--user $GLANCE_USER \
--role $ADMIN_ROLE
if [[ "$ENABLED_SERVICES" =~ "swift" ]]; then
SWIFT_USER=$(get_id keystone user-create --name=swift \
--pass="$SERVICE_PASSWORD" \
--tenant_id $SERVICE_TENANT \
--email=swift@)
keystone user-role-add --tenant_id $SERVICE_TENANT \
--user $SWIFT_USER \
--role $ADMIN_ROLE
# Nova needs ResellerAdmin role to download images when accessing
# swift through the s3 api. The admin role in swift allows a user
# to act as an admin for their tenant, but ResellerAdmin is needed
# for a user to act as any tenant. The name of this role is also
# configurable in swift-proxy.conf
RESELLER_ROLE=$(get_id keystone role-create --name=ResellerAdmin)
keystone user-role-add --tenant_id $SERVICE_TENANT \
--user $NOVA_USER \
--role $RESELLER_ROLE
fi
if [[ "$ENABLED_SERVICES" =~ "quantum" ]]; then
QUANTUM_USER=$(get_id keystone
展开阅读全文
浙ICP备2021020529号-1 | 浙B2-20240490 
