Openstack入门:安装文档
(Openstack Havana 版)
环境
物理数量 | 1台 |
主机名 | Controller |
网卡数量 | 1 |
ip地址 | 192.168.205.177 |
Dns | 202.106.196.115 |
Cpu 个数 | 1 |
内存 | 6GB |
硬盘容量 | 1TB |
操作系统版本 | redhat6.3 |
组件整体结构
PS:在本环境中由于只有一台物理机,所以主机要即当管理节点又提供计算服务,所以除了以上controller中上述组件还要安装nova-compute ,nova-network服务。
环境准备
网卡配置
Vi/etc/sysconfig/network-scripts/ifcfg-eth0
# Internal Network
DEVICE=eth0
TYPE=Ethernet
BOOTPROTO=static
IPADDR=192.168.205.177
NETMASK=255.255.255.0
DEFROUTE=yes
# service network restartONBOOT=yes
# serviceNetworkManager stop
# service network start
# chkconfigNetworkManager off
# chkconfig network on
修改主机名
Vi/etc/sysconfig/network
HOSTNAME=controller
Vi /etc/hosts
127.0.0.1 localhost
192.168.205.177 controller
安装mysql数据库
# yum install mysqlmysql-serverMySQL-python
Vi /etc/my.cnf
[mysqld]
...
bind-address = 192.168.205.177
启动mysql
# servicemysqld start
# chkconfigmysqld on
初次创建时删除anonymous user
# mysql_install_db
# mysql_secure_installation
# yum install mysql MySQL-python
安装openstack包
下载并安装http://repos.fedorapeople.org/repos/openstack/openstack-havana/
rdo-release-havana-6.noarch.rpm
http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.
noarch.rpm这两个包,这两个包安装后会自动配置安装openstack的外网yum源
安装openstack 单元包
yum install openstack-utils
yum install openstack-selinux
yum upgrade
reboot
PS:外网环境十分不稳定,安装可能会经常失败,安装失败后清除安装失败的包,后则后期如果安装时由于安装包没有装全或者装好会带来意想不到麻烦。
安装Messaging server
yum install qpid-cpp-server memcached
vi /etc/qpidd.conf
auth=no
# serviceqpidd start
# chkconfigqpidd on
安装keystone认证服务
# yum install openstack-keystonepython-keystoneclient
修改配置文件
# openstack-config --set/etc/keystone/keystone.conf \
sql connectionmysql://keystone:KEYSTONE_DBPASS@controller/keystone
创建openstack keystone 与数据库的连接
# openstack-db --init --service keystone--password KEYSTONE_DBPASS
定义一个授权令牌
# ADMIN_TOKEN=$(openssl rand -hex 10)
# echo $ADMIN_TOKEN
# openstack-config --set/etc/keystone/keystone.conf DEFAULT \
admin_token $ADMIN_TOKEN
配置创建密钥与证书
# keystone-manage pki_setup --keystone-userkeystone --keystone-group
keystone
# chown -R keystone:keystone/etc/keystone/* /var/log/keystone/keystone.
log
启动keystone
# serviceopenstack-keystone start
# chkconfigopenstack-keystone on
定义用户租客和roles
导出环境变量
# export OS_SERVICE_TOKEN=ADMIN_TOKEN
# exportOS_SERVICE_ENDPOINT=http://controller:35357/v2.0
PS:这里的ADMIN_TOKEN是上面定义授权令牌时候生成的一串数字
可以将上述编辑成以后文件之后source 这个文件
创建admin租客
# keystone tenant-create --name=admin--description="Admin Tenant"
PS:这里很有可能会报错,提示租户无法创建,重启keystone会解决问题
Service openstack-keystone restart
keystone user-create --name=admin--pass=ADMIN_PASS\
--email=admin@example.co
ADMIN_PASS是你设置的秘密
keystone user-create --name=admin --pass=PASSWORD\
--email=admin@example.co
创建服务与定义API endpoint
定义API
Vi 一个文件,包含以下内容
export OS_USERNAME=admin
export OS_PASSWORD=PASSWORD
export OS_TENANT_NAME=admin
exportOS_AUTH_URL=http://controller:35357/v2.0
source 这个文件
校验服务
说明配置正确
出过出现报错,请查看/var/log/kestone下的详细内容
配置glance
安装glance 组建
# yum install openstack-glance
修改配置文件
openstack-config --set/etc/glance/glance-api.conf \
DEFAULT sql_connectionmysql://glance:PASSWORD@controller/glance
openstack-config --set/etc/glance/glance-registry.conf \
DEFAULT sql_connectionmysql://glance:PASSWORD@controller/glance
创建glance数据连接
openstack-db --init --service glance--password PASSWORD
keystone下定义名为glance的用户
keystone user-create --name=glance--pass=PASSWORD -- email=glance@example.com
添加roles
keystone user-role-add --user=glance--tenant=service --role=admin
添加glance roles
keystone user-role-add --user=glance--tenant=service --role=admin
配置imgae的服务的身份验证
openstack-config --set/etc/glance/glance-api.confkeystone_authtoken \
auth_uri http://controller:5000
openstack-config --set/etc/glance/glance-api.confkeystone_authtoken \
auth_host controller
openstack-config --set/etc/glance/glance-api.confkeystone_authtoken \
admin_tenant_name service
openstack-config --set/etc/glance/glance-api.confkeystone_authtoken \
admin_user glance
openstack-config --set/etc/glance/glance-api.confkeystone_authtoken \
admin_password PASSWORD
openstack-config --set /etc/glance/glance-api.confpaste_deploy\
flavor keystone
openstack-config --set/etc/glance/glance-registry.confkeystone_authtoken \
auth_uri http://controller:5000
openstack-config --set/etc/glance/glance-registry.confkeystone_authtoken \
auth_host controller
openstack-config --set/etc/glance/glance-registry.confkeystone_authtoken \
admin_tenant_name service
openstack-config --set/etc/glance/glance-registry.confkeystone_authtoken \
admin_user glance
openstack-config --set/etc/glance/glance-registry.confkeystone_authtoken \
admin_password PASSWORD
openstack-config --set/etc/glance/glance-registry.confpaste_deploy \
flavor keystone
添加凭证到/etc/glance/glance-api-paste.ini 和/etc/glance/glance-registry-paste.inifiles.两个文件
# cp /usr/share/glance/glance-api-dist-paste.ini/etc/glance/glance-api-paste.ini
# cp/usr/share/glance/glance-registry-dist-paste.ini/etc/glance/glance-registry-paste.in
并且添加以下内容
[filter:authtoken]
paste.filter_factory=keystoneclient.middleware.auth_token:filter_factory
auth_host=controller
admin_user=glance
admin_tenant_name=service
admin_password=PASSWORD
keysotne创建glance 服务
Keystone 创建glance的endpoint
启动glance服务
# serviceopenstack-glance-api start
# serviceopenstack-glance-registry start
# chkconfigopenstack-glance-api on
# chkconfigopenstack-glance-registry on
校验glance服务
执行glance imgae-list 命令
表示正常,如果有报错请查看var/log/glance下的详细内容
安装nova组件
yum install openstack-novapython-novaclient
修改配置文件
openstack-config --set /etc/nova/nova.conf\
database connectionmysql://nova:PASSWORD@controller/nova
配置使用messaging server
openstack-config --set /etc/nova/nova.conf\
DEFAULT rpc_backendnova.openstack.common.rpc.impl_qpid
Openstack-config --set /etc/nova/nova.confDEFAULT qpid_hostname controller
配置nova数据连接
openstack-db --init --service nova--password PASSWORD
配置my—IP vncserverlisten 和vncserver_proxyclient_address
openstack-config --set /etc/nova/nova.confDEFAULT my_ip 192.168.205.177
openstack-config --set /etc/nova/nova.confDEFAULT vncserver_listen 192.168.205.177
openstack-config --set /etc/nova/nova.confDEFAULT vncserver_proxyclient_address 192.168.205.177
keysotne创建nova user
添加roles
keystone user-role-add --user=nova--tenant=service --role=admin
配置计算服务的身份验证
openstack-config --set /etc/nova/nova.confDEFAULT auth_strategy keystone
openstack-config --set/etc/nova/nova.confkeystone_authtokenauth_host controller
openstack-config --set/etc/nova/nova.confkeystone_authtokenauth_protocol http
openstack-config --set/etc/nova/nova.confkeystone_authtokenauth_port 35357
openstack-config --set/etc/nova/nova.confkeystone_authtokenadmin_user nova
openstack-config --set/etc/nova/nova.confkeystone_authtokenadmin_tenant_name service
openstack-config --set /etc/nova/nova.confkeystone_authtokenadmin_passwordPASSWORD
vi /etc/nova/api-paste.init
paste.filter_factory =keystoneclient.middleware.auth_token:filter_factory
auth_host = controller
auth_port = 35357
auth_protocol = http
auth_uri = http://controller:5000/v2.0
admin_tenant_name = service
admin_user = nova
admin_password = PASSWORD
keysotne创建nova service
创建endpoint
启动nova 的各项服务
# serviceopenstack-nova-api start
# serviceopenstack-nova-cert start
# serviceopenstack-nova-consoleauth start
# serviceopenstack-nova-scheduler start
# serviceopenstack-nova-conductor start
# serviceopenstack-nova-novncproxy start
# chkconfigopenstack-nova-consoleauth on
# chkconfigopenstack-nova-scheduler on
# chkconfigopenstack-nova-conductor on
# chkconfigopenstack-nova-novncproxy on
校验nova 服务
执行nova list 显示虚拟机等信息。
如果无返回输出其他。说明nova服务不正常,请查看/var/log/nova下的详细日志
安装nova network
yum install openstack-nova-network
修改配置文件
openstack-config --set /etc/nova/nova.confDEFAULT network_managernova.network.manager.FlatDHCPManager
openstack-config --set /etc/nova/nova.confDEFAULT firewall_drivernova.virt.libvirt.firewall.IptablesFirewallDriver
openstack-config --set /etc/nova/nova.confDEFAULT network_size 254
openstack-config --set /etc/nova/nova.confDEFAULT allow_same_net_traffic False
openstack-config --set /etc/nova/nova.confDEFAULT multi_host True
openstack-config --set /etc/nova/nova.confDEFAULT send_arp_for_ha True
openstack-config --set /etc/nova/nova.confDEFAULT share_dhcp_addressTure
openstack-config --set /etc/nova/nova.confDEFAULT force_dhcp_release True
openstack-config --set /etc/nova/nova.confDEFAULT flat_interface eth0
openstack-config --set /etc/nova/nova.confDEFAULT flat_network_bridge br100
openstack-config --set /etc/nova/nova.confDEFAULT public_interface eth0
nova network-create vmnet--fixed-range-v4=192.168.205.0/24 --bridge=br100 --multi-host=T
安装一个本地数据元
# yum install openstack-nova-api
# serviceopenstack-nova-metadata-api start
# chkconfigopenstack-nova-metadata-api on
启动nova network
# serviceopenstack-nova-network start
# chkconfigopenstack-nova-network on
创建vlan
nova network-create vmnet--fixed-range-v4=10.0.0.0/24 \
--bridge=br100 --multi-host=T
Nova network-list查看创建网络
开放安全规则
novasecgroup-add-rule defaulttcp 22 220.0.0.0/0
novasecgroup-add-rule defaulticmp -1 -10.0.0.0/0
校验各项服务是否正常
安装dashboard
yum install memcachedpython-memcachedmod_wsgiopenstack-dashboard
修改缓存
打开/etc/openstack-dashboard/local_settings查看
CACHES = {
'default': {
'BACKEND' :'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION' : '127.0.0.1:11211'
}
}
修改/etc/openstack-dashboard/local_settings
ALLOWED_HOSTS = ['192.168.205.177','my-desktop']
修改/etc/openstack-dashboard/local_settings
OPENSTACK_HOST = "controller"
启动dashboard
# servicehttpd start
# servicememcached start
# chkconfighttpd on
# chkconfigmemcached on
校验安装
浏览器输入http://192.168.205.177/dashboard
如果正常会显示opnestack的图行界面,如果有问题
请查看/var/log/httpd中的相关问题
遇到问题:界面无法打开,由于防火墙启动。关闭防火墙界面正常启动
Glance 制作虚拟机的.img 文件
创建image disk
qemu-img create -f qcow2 rhel6.img 10GB
启动virt-manager 创建虚拟机
安装虚拟机过程略
安装后修改虚拟机如下几个配置问题
#: vi /etc/hosts
# Do not remove the following line, orvarious programs
# that require network functionality willfail.
127.0.0.1 localhost.localdomainlocalhost
#: vi /etc/sysconfig/network
NETWORKING=yes
Vi/etc/sysconfig/network-scripts/ifcfg-eth0
#: vi/etc/sysconfig/network-scripts/ifcfg-eth0
# Intel Corporation 82562GT 10/100 NetworkConnection
DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
TYPE=Ethernet
PERSISTENT_DHCLIENT=1
删除 /lib/udec/wirte_net_rules文件
#: mv /lib/udev/write_net_rules/lib/udev/write_net_rules.bak
修改selinux disabled
#: service iptables stop
#: service ip6tables stop
#: chkconfigiptables off
#: chkconfig ip6tables off
关闭虚拟机
Glance 制作image镜像
glance image-create --name rhel6--disk-format qcow2 --container-format bare --is-public true < rhel6.img
风格flavor的创建
查看flavor的情况
创建新的风格
novaflavor-create<name><id><ram><disk><vcpus>[--ephemeral<ephemeral>]
创建虚拟机
Novaboot --flavor --image ID --availability-zon--nic"net-id=1c80a78c-bba5-4c57-8c9f-99cb8cd0f474,v4-fixed-ip=192.168.205.176" test
社区会员luochengsong原创并分享
原文档地址:http://www.aixchina.net/Document/detail/tid/116951
在云时代,
这30项运维技能你都get了吗?
造就云时代的运维精英,第十届AIX&Linux高手挑战赛 正在进行中,来检验一下你的技能点达到什么水平吧,可以获得认证,还有机会冲击重奖。如果你觉得自己水平不足,这也是个学习的好机会,针对以上运维技能的社区专家辅导活动多多。
了解大赛详情,请点击:
点击公众号底部菜单“挑战赛”,直接参赛、报名辅导活动
长按二维码关注“AIX专家俱乐部”公众号