# 该教程适用于使用Vmware一台主机部署OpenStack train 安装
# 适合新手小白 了解部署OpenStack
# 参考OpenStack官网: https://docs.openstack.org/
# 官网env基础配置链接: https://docs.openstack.org/install-guide/environment.html
# 官网service配置: https://docs.openstack.org/install-guide/openstack-services.html#minimal-deployment-for-train网络设置
# 第一步 使用vmware 安装虚拟机 镜像版本可为Centos7.5(1804) Centos7.9(2009)
第一张网卡 NAT模式 网段 192.168.200.0 -> 为了方便上网
第二张网卡 仅主机模式 网段 192.168.100.0
内存 8G
硬盘 100G
主机名 controller
网络: 192.168.200.10
网关 192.168.200.1
DNS 223.5.5.5
# 修改网络
[root@localhost ~]# vi /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=bfd1f97e-d667-4aab-bc5b-f065299ade4e
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.200.10
GATEWAY=192.168.200.1
PREFIX=24
DNS1=223.5.5.5
# 重启网络
[root@localhost ~]# systemctl restart network
# 测试ping通
[root@localhost ~]# ping baidu.com
PING baidu.com (39.156.66.10) 56(84) bytes of data.
64 bytes from 39.156.66.10 (39.156.66.10): icmp_seq=1 ttl=128 time=23.5 ms
64 bytes from 39.156.66.10 (39.156.66.10): icmp_seq=2 ttl=128 time=39.1 ms
64 bytes from 39.156.66.10 (39.156.66.10): icmp_seq=3 ttl=128 time=22.0 ms
64 bytes from 39.156.66.10 (39.156.66.10): icmp_seq=4 ttl=128 time=22.5 ms基础设置
# 1. 主机名
[root@localhost ~]# hostnamectl set-hostname controller
[root@localhost ~]# bash
# 2. 防火墙
[root@controller ~]# systemctl stop firewalld && systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
# 3. selinux
[root@controller ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
[root@controller ~]# cat /etc/selinux/config | grep -Ev "^$|#"
SELINUX=disabled
SELINUXTYPE=targeted
[root@controller ~]# setenforce 0
# 4. hosts解析
[root@controller ~]# echo "192.168.200.10 controller" >> /etc/hosts
[root@controller ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.200.10 controlleryum源配置
# 删除原有的yum源
[root@controller ~]# rm -rf /etc/yum.repos.d/*
# 下载网络yum源
[root@controller ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
# 修改yum的配置文件
[root@controller ~]# sed -i 's/keepcache=0/keepcache=1/g' /etc/yum.conf
[root@controller ~]# cat /etc/yum.conf | grep keepcache
keepcache=1
# 查看yum仓库
[root@controller ~]# yum repolist时间同步(可做可不做)
# 修改配置文件 新增这两行
[root@controller ~]# vi /etc/chrony.conf
server controller iburst
allow 192.168.200.0/16
# 修改了配置文件就一定要重启服务
[root@controller ~]# systemctl restart chronyd安装openstack客户端
# 安装openstack库
[root@controller ~]# yum install -y centos-release-openstack-train
# 更新系统所有的包
[root@controller ~]# yum upgrade -y
# 安装openstack客户端以及所需要的命令
[root@controller ~]#yum install python-openstackclient openstack-selinux openstack-utils lsof net-tools vim wget -y安装数据库
# 安装数据库
[root@controller ~]# yum install mariadb mariadb-server python2-PyMySQL -y
# 更改相关的配置文件
[root@controller ~]# vi /etc/my.cnf.d/openstack.cnf
[mysqld]
bind-address = 192.168.200.10
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
# 启动数据库
[root@controller ~]# systemctl start mariadb && systemctl enable mariadb
Created symlink from /etc/systemd/system/mysql.service to /usr/lib/systemd/system/mariadb.service.
Created symlink from /etc/systemd/system/mysqld.service to /usr/lib/systemd/system/mariadb.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
# 设置mariadb的admin登录密码
[root@controller ~]# mysqladmin password 000000
# 测试登录
[root@controller ~]# mysql -uroot -p000000
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 9
Server version: 10.3.20-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> exit
Bye安装消息队列rabbitmq
# 安装消息队列
[root@controller ~]# yum install -y rabbitmq-server
# 启动并设置开机自启
[root@controller ~]# systemctl start rabbitmq-server && systemctl enable rabbitmq-server
Created symlink from /etc/systemd/system/multi-user.target.wants/rabbitmq-server.service to /usr/lib/systemd/system/rabbitmq-server.service.
# 使用rabbitmq添加用户openstack
################## !!如果出现问题 CTRL+D退出连接 重新连接就ok ##############
[root@controller ~]# rabbitmqctl add_user openstack 000000
Creating user "openstack"
##########################################################################
# 给openstack用户配置 所有权限
[root@controller ~]# rabbitmqctl set_permissions -p / openstack '.*' '.*' '.*'
Setting permissions for user "openstack" in vhost "/"
# 给openstack用户角色 【管理员】
[root@controller ~]# rabbitmqctl set_user_tags openstack administrator
Setting tags for user "openstack" to [administrator]
# 给rabbitmq部署web插件
[root@controller ~]# rabbitmq-plugins enable rabbitmq_management
The following plugins have been enabled:
amqp_client
cowlib
cowboy
rabbitmq_web_dispatch
rabbitmq_management_agent
rabbitmq_management
Applying plugin configuration to rabbit@controller... started 6 plugins.
# 验证登录 访问IP+端口 (http://192.168.200.10:15672) #用户与密码为guest
# 或者验证端口 5672 15672 25672
# 5672 rabbimq的默认端口
# 15672 rabbitmq web的端口
# 25672 rabbimq cli的端口
[root@controller ~]# netstat -nltp | grep 5672
tcp 0 0 0.0.0.0:25672 0.0.0.0:* LISTEN 40359/beam.smp
tcp 0 0 0.0.0.0:15672 0.0.0.0:* LISTEN 40359/beam.smp
tcp6 0 0 :::5672 :::* LISTEN 40359/beam.smp安装对象缓存系统memcached
# 安装
[root@controller ~]# yum install memcached python-memcached -y
# 修改配置文件
[root@controller ~]# vi /etc/sysconfig/memcached
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="64"
OPTIONS="-l 127.0.0.1,::1,controller"
# 启动服务并设置开机自启
[root@controller ~]# systemctl start memcached && systemctl enable memcached
Created symlink from /etc/systemd/system/multi-user.target.wants/memcached.service to /usr/lib/systemd/system/memcached.service.安装etcd数据库
# 安装
[root@controller ~]# yum install etcd -y
# 备份config文件
[root@controller ~]# cp /etc/etcd/etcd.conf /etc/etcd/etcd.conf.bak
# 修改配置文件
[root@controller ~]# vi /etc/etcd/etcd.conf
#[Member]
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="http://192.168.200.10:2380"
ETCD_LISTEN_CLIENT_URLS="http://192.168.200.10:2379"
ETCD_NAME="controller"
#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.200.10:2380"
ETCD_ADVERTISE_CLIENT_URLS="http://192.168.200.10:2379"
ETCD_INITIAL_CLUSTER="controller=http://192.168.200.10:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"
ETCD_INITIAL_CLUSTER_STATE="new"
# 启动服务并设置开机自启
[root@controller ~]# systemctl start etcd && systemctl enable etcd
Created symlink from /etc/systemd/system/multi-user.target.wants/etcd.service to /usr/lib/systemd/system/etcd.service.安装keystone组件
数据库
# 登录数据库 创建keystone数据库 并keystone赋予权限
[root@controller ~]# mysql -uroot -p000000
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 10
Server version: 10.3.20-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
# 创建数据库
MariaDB [(none)]> create database keystone;
Query OK, 1 row affected (0.000 sec)
# 赋予keystone用户本地登录所有的权限
MariaDB [(none)]> grant all privileges on keystone.* to 'keystone'@'localhost' identified by '000000';
Query OK, 0 rows affected (0.001 sec)
# 赋予keystone用户远程登录所有的权限
MariaDB [(none)]> grant all privileges on keystone.* to 'keystone'@'%' identified by '000000';
Query OK, 0 rows affected (0.000 sec)
# 刷新权限
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.000 sec)
# 退出登录
MariaDB [(none)]> exit;
Bye安装服务并配置
# 安装keystone相关的服务
[root@controller ~]# yum install -y openstack-keystone httpd mod_wsgi
# 备份keystone配置文件
[root@controller ~]# cp /etc/keystone/keystone.conf /etc/keystone/keystone.conf.bak
# 将不必要的空格和注释删除
[root@controller ~]# grep -Ev '^$|#' /etc/keystone/keystone.conf.bak > /etc/keystone/keystone.conf
# 修改相关的配置文件 【不要添加,是修改,找到对应的[] 在其下面添加内容即可】
[root@controller ~]# vi /etc/keystone/keystone.conf
#配置数据库访问
[database]
connection = mysql+pymysql://keystone:000000@controller/keystone
# 配置 Fernet 令牌提供程序
[token]
provider = fernet
# 同步导入到数据库
[root@controller ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone
[root@controller ~]# mysql -ukeystone -p000000 -e "use keystone;show tables;"
+------------------------------------+
| Tables_in_keystone |
+------------------------------------+
| access_rule |
| access_token |
| application_credential |
| application_credential_access_rule |
| application_credential_role |
| assignment |
| config_register |
| consumer |
| credential |
| endpoint |
| endpoint_group |
| federated_user |
| federation_protocol |
| group |
| id_mapping |
| identity_provider |
| idp_remote_ids |
| implied_role |
| limit |
| local_user |
| mapping |
| migrate_version |
| nonlocal_user |
| password |
| policy |
| policy_association |
| project |
| project_endpoint |
| project_endpoint_group |
| project_option |
| project_tag |
| region |
| registered_limit |
| request_token |
| revocation_event |
| role |
| role_option |
| sensitive_config |
| service |
| service_provider |
| system_assignment |
| token |
| trust |
| trust_role |
| user |
| user_group_membership |
| user_option |
| whitelisted_config |
+------------------------------------+
# 初始化Fernet 密钥存储库
# !! 和 标志用于指定 将用于运行 Keystone 的操作系统用户/组。这些是提供的 允许在另一个操作系统用户/组下运行 Keystone。在示例中 下面,我们称用户和组。--keystone-user--keystone-groupkeystone
[root@controller ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
[root@controller ~]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
# 引导 Identity 服务
[root@controller ~]# # keystone-manage bootstrap --bootstrap-password 000000 \
--bootstrap-admin-url http://controller:5000/v3/ \
--bootstrap-internal-url http://controller:5000/v3/ \
--bootstrap-public-url http://controller:5000/v3/ \
--bootstrap-region-id RegionOne
# 配置http服务配置文件
# 如果该条目尚不存在,则需要添加该条目。ServerName
[root@controller ~]# vi /etc/httpd/conf/httpd.conf
ServerName controller
# 创建软连接
[root@controller ~]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
# 启动httpd
[root@controller ~]# systemctl start httpd && systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
# 通过设置适当的环境变量来配置管理帐户
export OS_USERNAME=admin
export OS_PASSWORD=000000
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
# 测试查看
[root@controller ~]# env | grep OS_
OS_USER_DOMAIN_NAME=Default
OS_PROJECT_NAME=admin
OS_IDENTITY_API_VERSION=3
OS_PASSWORD=000000
OS_AUTH_URL=http://controller:5000/v3
OS_USERNAME=admin
OS_PROJECT_DOMAIN_NAME=Default
# 创建域、项目、用户和角色
默认创建好了admin相关的服务 我们直接使用即可
# 创建项目 创建service项目,供nova,glance等组件使用
[root@controller ~]# openstack project create --domain default --description "Service Project" service
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Service Project |
| domain_id | default |
| enabled | True |
| id | 2523babda4da4e329c5708c0d558b385 |
| is_domain | False |
| name | service |
| options | {} |
| parent_id | default |
| tags | [] |
+-------------+----------------------------------+
# 创建demo项目
[root@controller ~]# openstack project create --domain default --description "Demo Project" demo
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Demo Project |
| domain_id | default |
| enabled | True |
| id | fce5761d4a514a55b3419a40b664bc5e |
| is_domain | False |
| name | demo |
| options | {} |
| parent_id | default |
| tags | [] |
+-------------+----------------------------------+
# 创建demo用户
[root@controller ~]# openstack user create --domain default --password 000000 demo
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 6680e8edaa5e4363b246ef2e7e4c2c40 |
| name | demo |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
# 创建user角色
[root@controller ~]# openstack role create user
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | None |
| domain_id | None |
| id | e1df44f722a3436f80dc28a45dd9dac1 |
| name | user |
| options | {} |
+-------------+----------------------------------+
# 将demo用户和角色添加到demo项目
[root@controller ~]# openstack role add --project demo --user demo user
# 创建admin的环境变量脚本
[root@controller ~]# vi admin-openrc
export OS_USERNAME=admin
export OS_PASSWORD=000000
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
# 创建demo的环境变量脚本
[root@controller ~]# vi demo-openrc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=000000
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
# 当我们使用exit 再次退出这个进程的时候 我们只需要source这个脚本即可
[root@controller ~]# source admin-openrc
[root@controller ~]# openstack project list
+----------------------------------+---------+
| ID | Name |
+----------------------------------+---------+
| 2523babda4da4e329c5708c0d558b385 | service |
| 5509739b426e4a53a509a1fb62a1d24f | admin |
| fce5761d4a514a55b3419a40b664bc5e | demo |
+----------------------------------+---------+
# 验证
[root@controller ~]# source admin-openrc
[root@controller ~]# openstack token issue
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires | 2024-04-15T09:14:03+0000 |
| id | gAAAAABmHOHLHQ-bAxnNWCrerQJitsA0It7pDUdFKY3dT4LggWCqNbfKW12O6pb5dL3Ae4uW22itKRwzsO_axI9L3qfmdYLPv_nX-SjQq72dOsAvzJ8omPKQTNJa_ra5s4Cp_v6yg0-gnWDrrpyNwPSixV9F0urC9Mugn4CYZ_IXYzKnFTj1OO4 |
| project_id | 5509739b426e4a53a509a1fb62a1d24f |
| user_id | dd63a0e2aa1e4424b9a038edc2b99963 |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
[root@controller ~]# source demo-openrc
[root@controller ~]# openstack token issue
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires | 2024-04-15T09:14:11+0000 |
| id | gAAAAABmHOHTCMePZ1JlhlUrTsGrZEgzhr-YWjS9gnb0bHhaIdFsQQZ-bql81TYXN6hCKTN6zCS7EQ62YxD_r6Ri6yebEKKDw36aUAmkj8wNXjvlGvDiMhwe8_GaDjHNJKWOpwrzavQBo7GWvGDzdivK-wb6D_aDqT7h-briJ1sVkeLwf1WS9ps |
| project_id | fce5761d4a514a55b3419a40b664bc5e |
| user_id | 6680e8edaa5e4363b246ef2e7e4c2c40 |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+安装glance组件
数据库
# 登录并创建glance数据库
[root@controller ~]# mysql -u root -p000000
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 22
Server version: 10.3.20-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> create database glance;
Query OK, 1 row affected (0.000 sec)
MariaDB [(none)]> grant all privileges on glance.* to 'glance'@'localhost' identified by '000000';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> grant all privileges on glance.* to 'glance'@'%' identified by '000000';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> exit
Bye创建相关用户和服务
# 生效admin管理权限
[root@controller ~]# source admin-openrc
# 创建glance用户
[root@controller ~]# openstack user create --domain default --password 000000 glance
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 50ff3f7961b9417fac2f77efb8be317e |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
# 给glance赋予amdin权限
[root@controller ~]# openstack role add --project service --user glance admin
================================
# 创建glance服务 image
[root@controller ~]# openstack service create --name glance --description "OpenStack Image" image
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image |
| enabled | True |
| id | 7b14aad5548f443c98852a9ab8ef3b14 |
| name | glance |
| type | image |
+-------------+----------------------------------+
# 创建image公共端口
[root@controller ~]# openstack endpoint create --region RegionOne image public http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 4b5a39feea584931b82fc5898e817fb1 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 7b14aad5548f443c98852a9ab8ef3b14 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
# 创建image私有端口
[root@controller ~]# openstack endpoint create --region RegionOne image internal http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 03915c5c877d4d65b9c1e0a224c2fbe3 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 7b14aad5548f443c98852a9ab8ef3b14 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
# 创建image管理端口
[root@controller ~]# openstack endpoint create --region RegionOne image admin http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 99aa480f26554e18b35a51e87f35c97c |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 7b14aad5548f443c98852a9ab8ef3b14 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+安装服务并配置
# 安装glance相关服务
[root@controller ~]# yum install openstack-glance -y
# 备份
[root@controller ~]# cp /etc/glance/glance-api.conf /etc/glance/glance-api.conf.bak
# 将不必要的空格和注释删除
[root@controller ~]# grep -Ev '^$|#' /etc/glance/glance-api.conf.bak > /etc/glance/glance-api.conf
# 编辑glance-api.conf文件
[root@controller ~]# vi /etc/glance/glance-api.conf
[database]
connection = mysql+pymysql://glance:000000@controller/glance
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = 000000
[paste_deploy]
flavor = keystone
# 修改glance-registry.conf 文件
[root@controller ~]# cp /etc/glance/glance-registry.conf /etc/glance/glance-registry.conf.bak
[root@controller ~]# grep -Ev '^$|#' /etc/glance/glance-registry.conf.bak > /etc/glance/glance-registry.conf
[root@controller ~]# vi /etc/glance/glance-registry.conf
[database]
connection = mysql+pymysql://glance:000000@controller/glance
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = 000000
[paste_deploy]
flavor = keystone
# 同步数据库
[root@controller ~]# su -s /bin/sh -c "glance-manage db_sync" glance
Database is synced successfully.
# 启动服务并设置开机自启
[root@controller ~]# systemctl start openstack-glance-api openstack-glance-registry && systemctl enable openstack-glance-api openstack-glance-registry
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-api.service to /usr/lib/systemd/system/openstack-glance-api.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-registry.service to /usr/lib/systemd/system/openstack-glance-registry.service.验证
# 下载cirros镜像
wget http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img
# 进行上传 --file 指定镜像文件 --disk-format 磁盘格式 --container-format 容器格式 --public 公开
[root@controller ~]# openstack image create "cirros" --file cirros-0.4.0-x86_64-disk.img --disk-format qcow2 --container-format bare --public
+------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| checksum | 9110446d86e6ec1cef694edad9c77aa8 |
| container_format | bare |
| created_at | 2024-04-15T09:14:19Z |
| disk_format | qcow2 |
| file | /v2/images/b5ab8f7a-5f96-458a-99a2-e677eac167de/file |
| id | b5ab8f7a-5f96-458a-99a2-e677eac167de |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros |
| owner | 5509739b426e4a53a509a1fb62a1d24f |
| properties | os_hash_algo='sha512', os_hash_value='40ad0ef9e497ef613b04ec2d840fa380ebc9b7c310ed62c6a57c79af25a6d26d375c4755edf18345c5e2b6626af3f38dfdee5ee4da4f9e96bb8adfb9de38c3b8', os_hidden='False' |
| protected | False |
| schema | /v2/schemas/image |
| size | 65536 |
| status | active |
| tags | |
| updated_at | 2024-04-15T09:14:19Z |
| virtual_size | None |
| visibility | public |
+------------------+--------------------------------------------------------------------------
# 查看
[root@controller ~]# openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| b5ab8f7a-5f96-458a-99a2-e677eac167de | cirros | active |
+--------------------------------------+--------+--------+安装nova组件
数据库
# 登录数据库并创建
[root@controller ~]# mysql -uroot -p000000
MariaDB [(none)]> create database nova_api;
Query OK, 1 row affected (0.001 sec)
MariaDB [(none)]> create database nova;
Query OK, 1 row affected (0.000 sec)
MariaDB [(none)]> create database nova_cell0;
Query OK, 1 row affected (0.000 sec)
MariaDB [(none)]> create database placement;
Query OK, 1 row affected (0.000 sec)
# 分别赋予本地登录和远程登录权限
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY '000000';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY '000000';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '000000';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '000000';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY '000000';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY '000000';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' IDENTIFIED BY '000000';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' IDENTIFIED BY '000000';
Query OK, 0 rows affected (0.000 sec)创建相关用户和服务
[root@controller ~]# source admin-openrc
[root@controller ~]# openstack user create --domain default --password 000000 nova
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 0c2f825f49f24305bd1b52f04a3ed113 |
| name | nova |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
[root@controller ~]# openstack role add --project service --user nova admin
[root@controller ~]# openstack service create --name nova --description "OpenStack Compute" compute
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Compute |
| enabled | True |
| id | 111b49fbdfa941e283e871ead589841c |
| name | nova |
| type | compute |
+-------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 4a435cc629af47cbb43a8beb27c91c7e |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 111b49fbdfa941e283e871ead589841c |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 6641929b970945fca2139a144f9fd36c |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 111b49fbdfa941e283e871ead589841c |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 9c46a483a83845ffb6b86d66d7125e1a |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 111b49fbdfa941e283e871ead589841c |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+--------------+----------------------------------+
[root@controller ~]# openstack user create --domain default --password 000000 placement
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 0434de1188d64ecd9338ddf78cb54ca7 |
| name | placement |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
[root@controller ~]# openstack role add --project service --user placement admin
[root@controller ~]# openstack service create --name placement --description "Placement API" placement
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Placement API |
| enabled | True |
| id | e99b09188d51418ea267da877fd1bbbd |
| name | placement |
| type | placement |
+-------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne placement public http://controller:8778
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 8656f38501d647e4ae6a99e412de4d51 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | e99b09188d51418ea267da877fd1bbbd |
| service_name | placement |
| service_type | placement |
| url | http://controller:8778 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne placement internal http://controller:8778
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 506b4f3f4885440b80a1ac98ccbfe692 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | e99b09188d51418ea267da877fd1bbbd |
| service_name | placement |
| service_type | placement |
| url | http://controller:8778 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne placement admin http://controller:8778
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 6499a4b0a4e34feeb487012ff6882390 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | e99b09188d51418ea267da877fd1bbbd |
| service_name | placement |
| service_type | placement |
| url | http://controller:8778 |
+--------------+----------------------------------+安装服务并配置
# 安装相关服务
[root@controller ~]# yum install openstack-nova-api openstack-nova-conductor openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler openstack-placement-api -y
# 备份配置文件
[root@controller ~]# cp /etc/nova/nova.conf /etc/nova/nova.conf.bak
[root@controller ~]# grep -Ev '^$|#' /etc/nova/nova.conf.bak > /etc/nova/nova.conf
# 修改配置文件
[root@controller ~]# vi /etc/nova/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:000000@controller
my_ip = 192.168.200.10
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api]
auth_strategy = keystone
[api_database]
connection = mysql+pymysql://nova:000000@controller/nova_api
[database]
connection = mysql+pymysql://nova:000000@controller/nova
[glance]
api_servers = http://controller:9292
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = 000000
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[placement]
region_name = RegionOne
project_domain_name = default
project_name = service
auth_type = password
user_domain_name = default
auth_url = http://controller:5000/v3
username = placement
password = 000000
[vnc]
enabled = true
server_listen = 192.168.200.10
server_proxyclient_address = 192.168.200.10
# 备份placement配置文件
[root@controller ~]# cp /etc/placement/placement.conf /etc/placement/placement.conf.bak
[root@controller ~]# grep -Ev '^$|#' /etc/placement/placement.conf.bak > /etc/placement/placement.conf
# 修改配置文件
[root@controller ~]# vi /etc/placement/placement.conf
[api]
auth_strategy = keystone
[keystone_authtoken]
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = placement
password = 000000
[placement_database]
connection = mysql+pymysql://placement:000000@controller/placement
# 因为软件包的bug,要修改配置文件添加以下内容
[root@controller ~]# vi /etc/httpd/conf.d/00-placement-api.conf
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
# 重启httpd
[root@controller ~]# systemctl restart httpd
# 同步数据库
[root@controller ~]# su -s /bin/sh -c "nova-manage api_db sync" nova
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
f0c75bb8-0324-482f-a2b8-ef409677cea7
[root@controller ~]# su -s /bin/sh -c "nova-manage db sync" nova
/usr/lib/python2.7/site-packages/pymysql/cursors.py:170: Warning: (1831, u'Duplicate index `block_device_mapping_instance_uuid_virtual_name_device_name_idx`. This is deprecated and will be disallowed in a future release')
result = self._query(query)
/usr/lib/python2.7/site-packages/pymysql/cursors.py:170: Warning: (1831, u'Duplicate index `uniq_instances0uuid`. This is deprecated and will be disallowed in a future release')
result = self._query(query)
[root@controller ~]# su -s /bin/sh -c "placement-manage db sync" placement
/usr/lib/python2.7/site-packages/pymysql/cursors.py:170: Warning: (1280, u"Name 'alembic_version_pkc' ignored for PRIMARY key.")
result = self._query(query)
# 以上输出Warning为正常的现象
# 验证
[root@controller ~]# nova-manage cell_v2 list_cells
+-------+--------------------------------------+------------------------------------+-------------------------------------------------+----------+
| Name | UUID | Transport URL | Database Connection | Disabled |
+-------+--------------------------------------+------------------------------------+-------------------------------------------------+----------+
| cell0 | 00000000-0000-0000-0000-000000000000 | none:/ | mysql+pymysql://nova:****@controller/nova_cell0 | False |
| cell1 | f0c75bb8-0324-482f-a2b8-ef409677cea7 | rabbit://openstack:****@controller | mysql+pymysql://nova:****@controller/nova | False |
+-------+--------------------------------------+------------------------------------+-------------------------------------------------+----------+
# 启动并设置开机自启
[root@controller ~]# systemctl start openstack-nova-api.service openstack-nova-console.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
[root@controller ~]# systemctl enable openstack-nova-api.service openstack-nova-console.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-api.service to /usr/lib/systemd/system/openstack-nova-api.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-console.service to /usr/lib/systemd/system/openstack-nova-console.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-scheduler.service to /usr/lib/systemd/system/openstack-nova-scheduler.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-conductor.service to /usr/lib/systemd/system/openstack-nova-conductor.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-novncproxy.service to /usr/lib/systemd/system/openstack-nova-novncproxy.service.配置nova-compute
# 安装nova-compute
[root@controller ~]# yum install openstack-nova-compute -y
# 修改配置文件
[root@controller ~]# vi /etc/nova/nova.conf
[vnc]
novncproxy_base_url = http://192.168.200.10:6080/vnc_auto.html
# 查看是否支持虚拟化 如果为 0 那么继续修改配置文件
[root@controller ~]# virt_num=`egrep -c '(vmx|svm)' /proc/cpuinfo`
[root@controller ~]# echo $virt_num
[root@controller ~]# vi /etc/nova/nova.conf
[libvirt]
virt_type = qemu
# 设置开机自启并启动服务
[root@controller ~]# systemctl enable libvirtd.service openstack-nova-compute.service
[root@controller ~]# systemctl restart libvirtd.service openstack-nova-compute.service
# 使用命令
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
# 验证
[root@controller ~]# openstack compute service list
+----+----------------+------------+----------+---------+-------+----------------------------+
| ID | Binary | Host | Zone | Status | State | Updated At |
+----+----------------+------------+----------+---------+-------+----------------------------+
| 1 | nova-console | controller | internal | enabled | up | 2024-04-16T11:02:11.000000 |
| 5 | nova-conductor | controller | internal | enabled | up | 2024-04-16T11:02:18.000000 |
| 6 | nova-scheduler | controller | internal | enabled | up | 2024-04-16T11:02:13.000000 |
| 7 | nova-compute | controller | nova | enabled | up | 2024-04-16T11:02:15.000000 |
+----+----------------+------------+----------+---------+-------+----------------------------+
[root@controller ~]# openstack catalog list
+-----------+-----------+-----------------------------------------+
| Name | Type | Endpoints |
+-----------+-----------+-----------------------------------------+
| nova | compute | RegionOne |
| | | public: http://controller:8774/v2.1 |
| | | RegionOne |
| | | internal: http://controller:8774/v2.1 |
| | | RegionOne |
| | | admin: http://controller:8774/v2.1 |
| | | |
| keystone | identity | RegionOne |
| | | internal: http://controller:5000/v3/ |
| | | RegionOne |
| | | admin: http://controller:5000/v3/ |
| | | RegionOne |
| | | public: http://controller:5000/v3/ |
| | | |
| glance | image | RegionOne |
| | | internal: http://controller:9292 |
| | | RegionOne |
| | | public: http://controller:9292 |
| | | RegionOne |
| | | admin: http://controller:9292 |
| | | |
| placement | placement | RegionOne |
| | | internal: http://controller:8778 |
| | | RegionOne |
| | | admin: http://controller:8778 |
| | | RegionOne |
| | | public: http://controller:8778 |
| | | |
+-----------+-----------+-----------------------------------------+
[root@controller ~]# nova-status upgrade check
+--------------------------------+
| Upgrade Check Results |
+--------------------------------+
| Check: Cells v2 |
| Result: Success |
| Details: None |
+--------------------------------+
| Check: Placement API |
| Result: Success |
| Details: None |
+--------------------------------+
| Check: Ironic Flavor Migration |
| Result: Success |
| Details: None |
+--------------------------------+
| Check: Cinder API |
| Result: Success |
| Details: None |
+--------------------------------+安装neutron服务
# 登录数据库并创建
[root@controller ~]# mysql -uroot -p000000
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 96
Server version: 10.3.20-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> CREATE DATABASE neutron;
Query OK, 1 row affected (0.000 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '000000';
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '000000';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> exit
Bye创建相关用户和服务
[root@controller ~]# openstack user create --domain default --password 000000 neutron
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 2c0f2f3de72441dca7b92c049efd552d |
| name | neutron |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
[root@controller ~]# openstack role add --project service --user neutron admin
[root@controller ~]# openstack service create --name neutron --description "OpenStack Networking" network
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Networking |
| enabled | True |
| id | 0aef6feff1a647e8b6e3e5dd5f279f9a |
| name | neutron |
| type | network |
+-------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne network public http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | b364902f950d4e019fc76624912db452 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 0aef6feff1a647e8b6e3e5dd5f279f9a |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne network internal http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | ac290f44b8e3454e9049e5ec7c013f8b |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 0aef6feff1a647e8b6e3e5dd5f279f9a |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne network admin http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 76e883aa0a79481b9bcc0d0ad4699112 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 0aef6feff1a647e8b6e3e5dd5f279f9a |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+安装服务并配置
# 安装neutron相关服务
[root@controller ~]# yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y
# 修改网络配置
[root@controller ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens36
#只保留这四行
DEVICE=ens36
TYPE=Ethernet
ONBOOT="yes"
BOOTPROTO="none"
# 重启网络服务
[root@controller ~]# systemctl restart network
# 备份并修改neutron主配置文件
[root@controller ~]# cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
[root@controller ~]# grep -Ev '^$|#' /etc/neutron/neutron.conf.bak > /etc/neutron/neutron.conf
[root@controller ~]# vi /etc/neutron/neutron.conf
[database]
connection = mysql+pymysql://neutron:000000@controller/neutron
[DEFAULT]
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = true
transport_url = rabbit://openstack:000000@controller
auth_strategy = keystone
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = 000000
# 需要自行添加
[nova]
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = 000000
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
# 备份并修改ml2插件配置文件
[root@controller ~]# cp /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.bak
[root@controller ~]# grep -Ev '^$|#' /etc/neutron/plugins/ml2/ml2_conf.ini.bak > /etc/neutron/plugins/ml2/ml2_conf.ini
[root@controller ~]# vi /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
type_drivers = flat,vlan,vxlan
tenant_network_types = vxlan
mechanism_drivers = linuxbridge,l2population
extension_drivers = port_security
[ml2_type_flat]
flat_networks = provider
[ml2_type_vxlan]
vni_ranges = 1:1000
[securitygroup]
enable_ipset = true
# 备份并修改linuxbridge代理配置文件
[root@controller ~]# cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak
[root@controller ~]# grep -Ev '^$|#' /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[root@controller ~]# vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:ens36 #第二张网卡名字
[vxlan]
enable_vxlan = true
local_ip = 192.168.200.10
l2_population = true
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
# 备份并修改l3代理配置文件
[root@controller ~]# cp /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini.bak
[root@controller ~]# grep -Ev '^$|#' /etc/neutron/l3_agent.ini.bak >/etc/neutron/l3_agent.ini
[root@controller ~]# vi /etc/neutron/l3_agent.ini
[DEFAULT]
interface_driver = linuxbridge
# 备份并修改dhcp代理配置文件
[root@controller ~]# cp /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.bak
[root@controller ~]# grep -Ev '^$|#' /etc/neutron/dhcp_agent.ini.bak > /etc/neutron/dhcp_agent.ini
[root@controller ~]# vi /etc/neutron/dhcp_agent.ini
[DEFAULT]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true
# 备份并修改metadata代理配置文件
[root@controller ~]# cp /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini.bak
[root@controller ~]# grep -Ev ^'(#|$)' /etc/neutron/metadata_agent.ini.bak > /etc/neutron/metadata_agent.ini
[root@controller ~]# vi /etc/neutron/metadata_agent.ini
[DEFAULT]
nova_metadata_host = controller
metadata_proxy_shared_secret = 000000
# 修改nova主配置文件
[root@controller ~]# vi /etc/nova/nova.conf
[neutron]
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = 000000
service_metadata_proxy = true
metadata_proxy_shared_secret = 000000
# 创建软链接
[root@controller ~]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
# 重启nova服务
[root@controller ~]# systemctl restart openstack-nova-api
# 同步数据库
[root@controller ~]# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
# 设置开机自启并启动neutron相关服务
[root@controller ~]# systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
[root@controller ~]# systemctl restart neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
# 验证 等待一会
[root@controller ~]# openstack network agent list
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| 31f04f46-8433-4f54-9604-66446bc28b03 | L3 agent | controller | nova | :-) | UP | neutron-l3-agent |
| 935004e4-b226-4ec0-adad-09808a076c31 | Metadata agent | controller | None | :-) | UP | neutron-metadata-agent |
| ba941c07-dbea-4bc5-a65b-25ac4902f234 | DHCP agent | controller | nova | :-) | UP | neutron-dhcp-agent |
| d04d829a-0914-4298-aac4-91b0d0dd667b | Linux bridge agent | controller | None | :-) | UP | neutron-linuxbridge-agent |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+安装horizon服务
# 安装openstack-dashboard服务
[root@controller ~]# yum install -y openstack-dashboard
# 修改配置文件
[root@controller ~]# vi /etc/openstack-dashboard/local_settings
……
##配置界面在控制节点使用
OPENSTACK_HOST = "controller"
……
##允许所有主机访问
ALLOWED_HOSTS = ['*']
……
##配置memcached存储服务
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
……
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION': 'controller:11211',
},
}
################ 以下都是没有找到 增加配置即可 #################
##启用domain支持
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
##配置api版本
OPENSTACK_API_VERSIONS = {
"data-processing": 1.1,
"identity": 3,
"image": 2,
"volume": 2,
"compute": 2,
}
##配置Default为默认域
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'default'
##配置user角色为默认角色
OPENSTACK_KEYSTONE_DEFAULT_RULE = 'user'
#############################################################
##配置时区
TIME_ZONE = "Asia/Shanghai"
# 添加配置
[root@controller ~]# vi /etc/httpd/conf.d/openstack-dashboard.conf
##第四行添加
WSGIApplicationGroup %{GLOBAL}
# 重启相关服务
[root@controller ~]# systemctl restart httpd memcached验证 访问dashboard
# 在浏览器中输入 您的 IP/dashboard 例如192.168.200.10/dashboard
Not Found
The requested URL /auth/login/ was not found on this server.
# 出现以上报错的 解决方法如下
# 1. 修改dashboard的配置
[root@controller ~]# vi /usr/share/openstack-dashboard/openstack_dashboard/local/local_settings.py
# 2. 在ALLOWED_HOSTS下面添加添加WEBROOT变量
WEBROOT = '/dashboard'
# 3. 重启相关服务
[root@controller ~]# systemctl restart httpd memcached
# 4. 再次访问即可 域名default 用户名admin 密码 000000最后验证
镜像
[root@controller ~]# openstack image create "Centos2009" --file CentOS-7-x86_64-2009.qcow2 --disk-format qcow2 --container-format bare --public实例类型
[root@controller ~]# openstack flavor create --vcpus 1 --ram 2048 --disk 40 t6.small.2
+----------------------------+--------------------------------------+
| Field | Value |
+----------------------------+--------------------------------------+
| OS-FLV-DISABLED:disabled | False |
| OS-FLV-EXT-DATA:ephemeral | 0 |
| disk | 40 |
| id | c3b29659-89e4-4399-8b61-f5a6e889e34d |
| name | t6.small.2 |
| os-flavor-access:is_public | True |
| properties | |
| ram | 2048 |
| rxtx_factor | 1.0 |
| swap | |
| vcpus | 1 |
+----------------------------+--------------------------------------+网络
# 创建网络 int-net
[root@controller ~]# openstack network create int-net
+---------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+---------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2024-04-19T10:46:40Z |
| description | |
| dns_domain | None |
| id | 493fa726-5b18-4ae8-b7bd-d1564eae5014 |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| is_default | False |
| is_vlan_transparent | None |
| location | cloud='', project.domain_id=, project.domain_name='Default', project.id='5509739b426e4a53a509a1fb62a1d24f', project.name='admin', region_name='', zone= |
| mtu | 1450 |
| name | int-net |
| port_security_enabled | True |
| project_id | 5509739b426e4a53a509a1fb62a1d24f |
| provider:network_type | vxlan |
| provider:physical_network | None |
| provider:segmentation_id | 2 |
| qos_policy_id | None |
| revision_number | 1 |
| router:external | Internal |
| segments | None |
| shared | False |
| status | ACTIVE |
| subnets | |
| tags | |
| updated_at | 2024-04-19T10:46:40Z |
+---------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------+
# 创建子网 CDIR 10.0.2.0、24 Gateway 10.0.2.1
[root@controller ~]# neutron subnet-create --name int-subnet --gateway 10.0.2.1 int-net 10.0.2.0/24
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
Created a new subnet:
+-------------------+--------------------------------------------+
| Field | Value |
+-------------------+--------------------------------------------+
| allocation_pools | {"start": "10.0.2.2", "end": "10.0.2.254"} |
| cidr | 10.0.2.0/24 |
| created_at | 2024-04-19T10:50:36Z |
| description | |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 10.0.2.1 |
| host_routes | |
| id | 21a07443-0477-4dc8-a411-42fe4f3123f4 |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | int-subnet |
| network_id | 493fa726-5b18-4ae8-b7bd-d1564eae5014 |
| project_id | 5509739b426e4a53a509a1fb62a1d24f |
| revision_number | 0 |
| service_types | |
| subnetpool_id | |
| tags | |
| tenant_id | 5509739b426e4a53a509a1fb62a1d24f |
| updated_at | 2024-04-19T10:50:36Z |
+-------------------+--------------------------------------------+
# 创建了一个共享的外部网络
[root@controller ~]# openstack network create --project admin --provider-network-type flat --provider-physical-network provider --share --external ext-net
+---------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+---------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2024-04-19T10:56:09Z |
| description | |
| dns_domain | None |
| id | 0733661a-49c2-425d-81ff-e56adf820404 |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| is_default | False |
| is_vlan_transparent | None |
| location | cloud='', project.domain_id=, project.domain_name='Default', project.id='5509739b426e4a53a509a1fb62a1d24f', project.name='admin', region_name='', zone= |
| mtu | 1500 |
| name | ext-net |
| port_security_enabled | True |
| project_id | 5509739b426e4a53a509a1fb62a1d24f |
| provider:network_type | flat |
| provider:physical_network | provider |
| provider:segmentation_id | None |
| qos_policy_id | None |
| revision_number | 1 |
| router:external | External |
| segments | None |
| shared | True |
| status | ACTIVE |
| subnets | |
| tags | |
| updated_at | 2024-04-19T10:56:09Z |
+---------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------+
# 给外部网络绑定子网
[root@controller ~]# neutron subnet-create --name ext-subnet --gateway 192.168.100.1 ext-net 192.168.100.0/24
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
Created a new subnet:
+-------------------+------------------------------------------------------+
| Field | Value |
+-------------------+------------------------------------------------------+
| allocation_pools | {"start": "192.168.100.2", "end": "192.168.100.254"} |
| cidr | 192.168.100.0/24 |
| created_at | 2024-04-19T10:57:57Z |
| description | |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 192.168.100.1 |
| host_routes | |
| id | 46acb7c2-64f6-45a3-96e7-366ed35c7584 |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | ext-subnet |
| network_id | 0733661a-49c2-425d-81ff-e56adf820404 |
| project_id | 5509739b426e4a53a509a1fb62a1d24f |
| revision_number | 0 |
| service_types | |
| subnetpool_id | |
| tags | |
| tenant_id | 5509739b426e4a53a509a1fb62a1d24f |
| updated_at | 2024-04-19T10:57:57Z |
+-------------------+------------------------------------------------------+安全组自行配置
进入安全组规则 删除原有的规则 配置所有 ICMP TCP UDP 协议 的入口 出口即可
实例
[root@controller ~]# openstack server create --image Centos2009 --flavor t6.small.2 --network ext-net controller
+-------------------------------------+---------------------------------------------------+
| Field | Value |
+-------------------------------------+---------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | |
| OS-EXT-SRV-ATTR:host | None |
| OS-EXT-SRV-ATTR:hypervisor_hostname | None |
| OS-EXT-SRV-ATTR:instance_name | |
| OS-EXT-STS:power_state | NOSTATE |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | None |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | |
| adminPass | VFZjPcNpMCG5 |
| config_drive | |
| created | 2024-04-19T11:26:50Z |
| flavor | t6.small.2 (c3b29659-89e4-4399-8b61-f5a6e889e34d) |
| hostId | |
| id | 40ff6621-0c46-4434-980f-552a369cce64 |
| image | Centos2009 (e73eaf69-26d6-4428-905e-6b38411da159) |
| key_name | None |
| name | controller |
| progress | 0 |
| project_id | 5509739b426e4a53a509a1fb62a1d24f |
| properties | |
| security_groups | name='default' |
| status | BUILD |
| updated | 2024-04-19T11:26:50Z |
| user_id | dd63a0e2aa1e4424b9a038edc2b99963 |
| volumes_attached | |
+-------------------------------------+---------------------------------------------------+
[root@controller ~]# openstack server list
+--------------------------------------+------------+--------+------------------------+------------+------------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+------------+--------+------------------------+------------+------------+
| 40ff6621-0c46-4434-980f-552a369cce64 | controller | ACTIVE | ext-net=192.168.100.51 | Centos2009 | t6.small.2 |
+--------------------------------------+------------+--------+------------------------+------------+------------+实现rpm打包 --> 为了在无网络(离线)环境继续搭建
# 安装createrepo
[root@controller ~]# yum -y install createrepo
# 创建rpm包保存的路径
[root@controller ~]# mkdir -p /mnt/openstack/openstack_Train
# 进入系统repo缓存 这也是你之前设置的 keepcache=1 这样他会自动保存到目录
[root@controller ~]# cd /var/cache/yum/x86_64/7/
# 使用find搜索这个目录下面的所有rpm包 然后拷贝至/mnt/openstack/openstack_Train
[root@controller ~]# find ./* -name "*.rpm" -exec cp {} /mnt/openstack/openstack_Train/ \;
# 进入保存的路径 使用createrepo命令创建
[root@controller ~]# cd /mnt/openstack/openstack_Train
[root@controller openstack_Train]# createrepo ./
# 将当前目录进行压缩
[root@controller openstack_Train]# cd ..
[root@controller openstack]# tar -zcvf openstack-train.tar.gz openstack_Train/
# 将压缩包保存至自己电脑即可 下次部署直接使用这个repo文件即可
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
