OpenStack mysql集群 openstack集群搭建

关闭防火墙及修改vim /etc/selinux/config

[root@localhost ~]# setenforce 0

[root@localhost ~]# getenforce

关闭防火墙

[root@localhost ~]# systemctl stop firewalld

[root@localhost ~]# systemctl disable firewalld

配置时间服务器

controller主机配置

[root@controller ~]# yum install -y chrony

修改配置文件

[root@controller ~]# vim /etc/chrony.conf

重启服务

[root@controller ~]# systemctl restart chronyd

配置 /etc/hosts

[root@controller ~]# vim /etc/hosts

添加

192.168.100.10 controller

192.168.100.20 compute

[root@compute ~]# ping controller

安装train版的依赖 [root@controller ~]# yum install -y python-openstackclient openstack-selinux

配置controller数据库文件

[root@controller ~]# vim /etc/my.cnf

底部添加以下

开启服务，设置开机自启动 [root@controller ~]# systemctl enable mariadb.service && systemctl start mariadb.service

安装rabbitmq消息队列

[root@controller ~]# yum install rabbitmq-server -y

设置开机自启

Systemctl enable rabbitmq-server.serivce ; systemctl start rabbitmq-server.service

创建用户基于权限

[root@controller ~]# rabbitmqctl add_user openstack openstack123

[root@controller ~]# rabbitmqctl set_permissions openstack "." "." ".*"

查看用户[root@controller ~]# rabbitmqctl list_users

安装memcached

[root@controller ~]# yum install memcached python-memcached -y

修改文件

[root@controller ~]# vim /etc/sysconfig/Memcached

启动服务

[root@controller ~]# systemctl enable memcached.service && systemctl start memcached.service

Controller节点登入数据库

添加keystone库；

MariaDB [(none)]> create database keystone;      //创建keystone库

MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY ' keystone-PASS';

安装keystone服务

[root@controller ~]# yum install openstack-keystone httpd mod_wsgi -y

修改openstack-keystone文件配置

Vim /etc/keytone/keytone.cof

[token] provider = fernet

同步数据库

[root@controller ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone

创建令牌

[root@controller ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone

[root@controller ~]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

设置admin密码 --bootstrap-password 为：admin

[root@controller ~]# keystone-manage bootstrap --bootstrap-password admin --bootstrap-admin-url http://controller:5000/v3/ --bootstrap-internal-url http://controller:5000/v3/ --bootstrap-public-url http://controller:5000/v3/ --bootstrap-region-id RegionOne

查看数据库是否成功同步

配置httpd服务器

[root@controller ~]# vim /etc/httpd/conf/httpd.conf

添加controllerIP地址

启动服务

[root@controller ~]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/

[root@controller ~]# systemctl enable httpd.service && systemctl start httpd.service

编辑一个脚本admin.sh

往脚本添加内容

Source admin.sh

创建用户和项目

[root@controller ~]# openstack domain create --description "An Example Domain" example

[root@controller ~]# openstack project create --domain default --description "Service Project" service

[root@controller ~]# openstack project create --domain default --description "Demo Project" myproject

设置myuser密码为：myuser

[root@controller ~]# openstack user create --domain default --password-prompt myuser User Password: myuser Repeat User Password: myuser

[root@controller ~]# openstack role create myrole

[root@controller ~]# openstack role add --project myproject --user myuser myrole

取消临时OS_AUTH和OS_PASSWORD环境变量

[root@controller ~]# unset OS_AUTH OS_PASSWORD

输入admin密码，密码为：admin

[root@controller ~]# openstack --os-auth-url http://controller:5000/v3 --os-project-domain-name Default --os-user-domain-name Default --os-project-name admin --os-username admin token issue

Password: admin

Password: admin

输入myuser密码，密码为：myuser

[root@controller ~]# openstack --os-auth-url http://controller:5000/v3 --os-project-domain-name Default --os-user-domain-name Default --os-project-name myproject --os-username myuser token issue

Password:  myuser

Password:  myuser

创建一个myuser.sh脚本

Source admin.sh

Openstack token issue

Source myuser.sh

Openstack token issue

Glance组件

登入mysql数据库创建glance库；

MariaDB [(none)]> create database glance;

MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'glance_PASS';

openstack user create --domain default --password-prompt

password：glance

password：glance

[root@controller ~]# openstack role add --project service --user glance admin

将glance用户添加到admin

[root@controller ~]# openstack service create --name glance --description "OpenStack Image" image

[root@controller ~]# openstack endpoint create --region RegionOne image public http://controller:9292

[root@controller ~]# openstack endpoint create --region RegionOne image internal http://controller:9292

[root@controller ~]# openstack endpoint create --region RegionOne image admin http://controller:9292

创建以上网段

安装glance组件

Yum install -y openstack-glance

配置glance文件

同步数据库

[root@controller ~]# su -s /bin/sh -c "glance-manage db_sync" glance

启动自启服务

[root@controller ~]# systemctl enable openstack-glance-api.service && systemctl start openstack-glance-api.service

上传镜像

[root@controller ~]#  glance image-create --name "cirros4" --file cirros-0.4.0-x86_64-disk.img --disk-format qcow2 --container-format bare   --visibility public

Placement组件

打开数据库添加placement库

查看是否同步成功

Nova组件

打开数据库添加nava_api; , nava, nava_cello;

MariaDB [(none)]> CREATE DATABASE nova_api;

MariaDB [(none)]> CREATE DATABASE nova;

MariaDB [(none)]> CREATE DATABASE nova_cell0;

MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'nova_PASS';

MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'nova_PASS';

MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY 'nova_PASS';

安装软件包

[root@controller ~]# yum install openstack-placement-api   openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler - y

配置文件

[root@controller ~]# vim /etc/nova.conf

su -s /bin/sh -c "nova-manage api_db sync" nova查看是否同步成功

启动自启服务

systemctl enable openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service

重新启动

systemctl start openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service

compute节点

安装nova组件

[root@controller ~]# yum install -y openstack-nova-compute

配置文件vim /etc/nova/nova.conf

启动计算服务（包括其依赖项），并将其配置为在系统启动时自动启动：

[root@controller ~]#  systemctl enable libvirtd.service openstack-nova-compute.service && systemctl start libvirtd.service openstack-nova-compute.service

确认数据库中存在计算主机：

[root@compute ~]# openstack compute service list --service nova-compute

到控制节点发现计算主机

[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova

修改/etc/nova/nova.conf

Neutron组件

Controller节点

登入数据库创建neuton；

MariaDB [(none)]> CREATE DATABASE neutron;

MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'neutron_PASS';

查看是否同步成功；

配置内核

/etc/sysctl.conf

加载内核模块

[root@controller ~]# modprobe br_netfilter

配置 DHCP 代理

Vim /etc/neutron/dhcp_agent.ini

配置元数据代理

Vim /etc/neutron/metadata_agent.ini

Vim /etc/nova/nova.conf

[root@controller ~]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

填充数据库

[root@controller ~]# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

重新启动计算APi服务

SystemctL restart openstack-nova-api.service

Compute节点

安装组件

[root@compute ~]# yum install -y openstack-neutron-linuxbridge ebtables ipset

[root@compute ~]# vim /etc/neutron/neutron.conf

配置文件

编辑vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini

修改内核

Vim /etc/sysctl.conf

net.bridge.bridge-nf-call-iptables = 1

net.bridge.bridge-nf-call-ip6tables = 1

修改compute节点下的/etc/nova/nova.conf

重新启动计算服务

Systemctl restart openstack-nova-compute.service

验证

Openstack network agent list

创建实例

创建网络

openstack network create  --share --external --provider-physical-network extnetwork --provider-network-type flat flat-extnetwork

创建子网

openstack subnet create --network flat-extnetwork  --allocation-pool start=192.168.100.10,end=192.168.100.50 --dns-nameserver 114.114.114.114 --gateway 192.168.100.2 --subnet-range 192.168.100.0/24 flat-subnet

仅将此版本与 CirrOS 映像一起使用，以进行测试m1.nano

[root@controller ~]# openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano

[root@controller ~]# ssh-keygen -q -N "" （生成密钥对

[root@controller ~]# openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey (添加公钥)

验证密钥对的添加：

[root@controller ~]# openstack keypair list

添加安全组规则

[root@controller ~]# openstack security group rule create --proto icmp default

允许安全外壳 （SSH） 访问

[root@controller ~]#  openstack security group rule create --proto tcp --dst-port 22 default

查看实例选项

[root@controller ~]# openstack flavor list

列出可用图像

列出可用网络

可用安全组

启动实例

openstack server create --flavor mi.nano --image cirros4 --nic net-id=7986ea2a-131d-416b-b98f-8466ad6a1db8 --security-group default --key-name mykey vm1

检查实例的状态：

[root@controller ~]# openstack server list

Dashboard组件     controller节点上安装

安装web服务

Yum install opensack-dashboard -y

修改配置文件 /etc/openstack-dashboard/local_settings

在/etc/httpd/conf.d/openstack-dashboard.conf

添加以下内容

重新启动web服务器会话

systemctl restart httpd.service memcached.service

验证httpd://192.168.200.10/dashboard