Packstackda搭建Openstack R版本
@环境准备
A、三台Centos7.8实验节点。
B、最小内存设置为4G,Controller节点需要系统盘大小为100,并添加一个大小为200G的空白磁盘,三个节点都可提前删除mapper-home逻辑卷,Network节点和Compute1节点磁盘大小都为100G。
C、配置两块网卡,一张网卡为nat模式,另一张网卡为仅主机模式。
D、虚拟机处理器需要开启虚拟化功能。
E、各节点IP如下所示:
Network节点 | Controller节点 | Compute节点 |
Host-only:192.168.101.9 | Host-only:192.168.101.10 | Host-only:192.168.101.11 |
NAT:192.168.108.9 | NAT:192.168.108.10 | NAT:192.168.108.11 |
F、各节点IP均为静态配置。
G、模板机的网卡名称分别为ens33和ens36。
@配置
A、以下步骤1-8需要对三个节点都进行配置
1、准备yum源,分别为epel、aliyun、和openstack-Rocky的源。
#curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
#yum -y install wget
#wget -O /etc/yum.repos.d/epel.repo https://mirrors.aliyun.com/repo/epel-7.repo
2、openstack.repo仓库的书写格式如下所示:
[root@controller ~]# cat /etc/yum.repos.d/openstack.repo
[Aliyun-rocky]
name=Aliyun-rocky
baseurl=https://mirrors.aliyun.com/centos/$releasever/cloud/$basearch/openstack-rocky/
gpgcheck=0
enabled=1
cost=88
[Aliyun-gemu-ev]
name=Aliyun-gemu-ev
baseurl=https://mirrors.aliyun.com/centos/$releasever/virt/$basearch/kvm-common
gpgcheck=0
enabled=1
3、由于节点是最小化安装的,所以需要下载一些方便后面操作的包。
yum -y install bash-completion vim open-vm-tools
4、设置三个节点的主机名,可用长主机名,短主机名或者长主机名加别名。三台主机的主机名设置如下所示:
[root@controller ~]# for host in controller network compute1; do ssh root@$host hostname; done
controller.cjx.com
network.cjx.com
compute1.cjx.com
5、Controller节点修改/etc/hosts文件。随后使用scp命令将文件复制到其他的节点。
[root@controller ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.101.9 network.cjx.com network
192.168.101.10 controller.cjx.com controller
192.168.101.11 compute1.cjx.com compute1
[root@controller ~]# for host in network compute1; do scp /etc/hosts root@$host:/etc/hosts; done
hosts 100% 288 117.9KB/s 00:00
hosts
6、查看修改是否成功,建议使用ping命令检查。
[root@controller ~]# for host in network compute1; do ssh root@$host cat /etc/hosts; done
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.101.9 network.cjx.com network
192.168.101.10 controller.cjx.com controller
192.168.101.11 compute1.cjx.com compute1
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.101.9 network.cjx.com network
192.168.101.10 controller.cjx.com controller
192.168.101.11 compute1.cjx.com compute1
7、关闭防火墙,设置Selinux为禁用模式,关闭NetworkManager服务(可以在xshell的撰写栏内将命令发送到所有主机内)。
[root@controller ~]# systemctl stop firewalld
[root@controller ~]# systemctl disable firewalld
[root@controller ~]# systemctl stop NetworkManager
[root@controller ~]# systemctl disable NetworkManager
[root@controller ~]# head -10 /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
[root@controller ~]# setenforce 0
setenforce: SELinux is disabled
[root@controller ~]# getenforce
Disabled
8、修改/etc/resolv.conf文件,删除搜索本地的条目,将域名解析服务器的地址设置为NAT网段的网关,VMnet8网段的网关可在【虚拟机网络编辑器】内查看。
[root@controller ~]# cat /etc/resolv.conf
nameserver 192.168.108.2
B、以下步骤9-21,需要在不同节点进行操作
9、在controller节点上生成公钥文件。
[root@controller ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:2XGSemGFwYGnvRnKrZbpMpdHqjO/AOOvkaU34d5yzV8 root@localhost.localdomain
The key's randomart image is:
+---[RSA 3072]----+
| oo+. |
| . +o |
| +* . |
| .=o= |
| o o.Soo+ |
| . B .o.= |
| = = X E |
| =*+X + . |
| ..+&=o .. |
+----[SHA256]-----+
10、在controller节点上添加自身的公钥到允许列表内,随后使用ssh-copy-id命令将公钥文件发布到compute1节点和network节点上。
[root@controller ~]# cd ~/.ssh
[root@controller ~]# cat ./id_rsa.pub >> ./authorized_keys
[root@controller ~]# for host in compute1 network
> do ssh-copy-id root@$host
> done
11、修改SSH服务的配置文件,取消Checking条目注释,并设置内容为no。
[root@controller ~]# cat /etc/ssh/ssh_config
StrictHostKeyChecking no
12、在所有节点安装leatherman,安装leatherman需指定版本号1.3.0,下面为列出查看版本的方法和安装的过程。
[root@controller ~]# yum list leatherman --showduplicates
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Installed Packages
leatherman.x86_64 1.3.0-9.el7 @Aliyun-rocky
Available Packages
leatherman.x86_64 1.3.0-9.el7 Aliyun-rocky
leatherman.x86_64 1.10.0-1.el7 epel
13、在三个节点都去安装leatherman1.3.0。
[root@controller ~]# yum -y install leatherman-1.3.0
14、在controller节点上安装openstack-packstack服务。
[root@controller ~]# yum -y install openstack-packstack
15、在controller节点上使用packstack命令生成应答文件answers.txt。可以使用【packstack --help】命令去查看packstack的用法,下面给出生成应答文件的命令和查询过程。
[root@controller ~]# packstack --help | grep answer
--gen-answer-file=GEN_ANSWER_FILE
Generate a template of an answer file.
--validate-answer-file=VALIDATE_ANSWER_FILE
Check if answerfile contains unexpected options.
--answer-file=ANSWER_FILE
answerfile will also be generated and should be used
-o, --options Print details on options available in answer file(rst
Packstack a second time with the same answer file and
[root@controller ~]# packstack –gen-answer-file=answers.txt
16、由于生成的应答文件参数比较多,而且应答文件内使用的网段默认为NAT网段的地址,默认为192.168.108.0网段,所以需要使用sed脚本对于应答文件进行修改。下面给出默认脚本的参数。
[root@controller ~]# grep -v ^# answers.txt | grep 192
CONFIG_CONTROLLER_HOST=192.168.108.10
CONFIG_COMPUTE_HOSTS=192.168.108.11
CONFIG_NETWORK_HOSTS=192.168.108.9
CONFIG_STORAGE_HOST=192.168.108.10
CONFIG_SAHARA_HOST=192.168.108.10
CONFIG_AMQP_HOST=192.168.108.10
CONFIG_MARIADB_HOST=192.168.108.10
CONFIG_KEYSTONE_LDAP_URL=ldap://192.168.108.10
CONFIG_REDIS_HOST=192.168.108.10
17、编辑一个sed脚本对于应答文件进行处理。脚本内容如下所示:
(该脚本需要认真检查,任何参数错误都会导致安装失败)
[root@controller ~]# cat sed-scripts
s/192\.168\.108\.10/192\.168\.101\.10/
/^CONFIG_NETWORK_HOSTS=/cCONFIG_NETWORK_HOSTS=192.168.101.9
/^CONFIG_CONTROLLER_HOST=/cCONFIG_CONTROLLER_HOST=192.168.101.10
/^CONFIG_COMPUTE_HOSTS=/cCONFIG_COMPUTE_HOSTS=192.168.101.11
/^CONFIG_NEUTRON_ML2_TYPE_DRIVERS=/cCONFIG_NEUTRON_ML2_TYPE_DRIVERS=flat,vlan,vxlan,geneve
/^CONFIG_NEUTRON_ML2_FLAT_NETWORKS=/cCONFIG_NEUTRON_ML2_FLAT_NETWORKS=datacenter
/^CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=/cCONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=datacenter:br-ex
/^CONFIG_NEUTRON_ML2_VLAN_RANGES=/cCONFIG_NEUTRON_ML2_VLAN_RANGES=datacenter:1000:2000
/^CONFIG_PROVISION_DEMO=/cCONFIG_PROVISION_DEMO=n
/^CONFIG_HEAT_INSTALL=/cCONFIG_HEAT_INSTALL=y
/^CONFIG_CINDER_VOLUMES_CREATE=/cCONFIG_CINDER_VOLUMES_CREATE=n
s/(.+_PW)=[0-9a-z]+/\1= redhat/g
18、使用脚本对于应答文件answers.txt进行更改,修改完成后查看结果。
[root@controller ~]# sed -i -r -f sed-scripts answers.txt
[root@controller ~]# grep -v ^# answers.txt | grep 192
CONFIG_CONTROLLER_HOST=192.168.101.10
CONFIG_COMPUTE_HOSTS=192.168.101.11
CONFIG_NETWORK_HOSTS=192.168.101.9
CONFIG_STORAGE_HOST=192.168.101.10
CONFIG_SAHARA_HOST=192.168.101.10
CONFIG_AMQP_HOST=192.168.101.10
CONFIG_MARIADB_HOST=192.168.101.10
CONFIG_KEYSTONE_LDAP_URL=ldap://192.168.101.10
CONFIG_REDIS_HOST=192.168.101.10
19、在controller节点上使用新添加的200G硬盘创建一个卷组,卷组的名称为volumes。创建完成后查看卷组是否成功创建。
(卷组的名称是由配置文件决定的,如果没创建卷组或者名称与配置文件无法匹配,那么安装过程会报错)
[root@controller ~]# pvcreate volumes /dev/sdb
[root@controller ~]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 100G 0 disk
├─sda1 8:1 0 1G 0 part /boot
└─sda2 8:2 0 98.9G 0 part
├─centos-root 253:0 0 95G 0 lvm /
└─centos-swap 253:1 0 3.9G 0 lvm [SWAP]
sdb 8:16 0 200G 0 disk
├─cinder--volumes-cinder--volumes--pool_tmeta 253:2 0 96M 0 lvm
│ └─cinder--volumes-cinder--volumes--pool 253:4 0 190G 0 lvm
└─cinder--volumes-cinder--volumes--pool_tdata 253:3 0 190G 0 lvm
└─cinder--volumes-cinder--volumes--pool 253:4 0 190G 0 lvm
sr0 11:0 1 4.5G 0 rom
loop0 7:0 0 2G 0 loop /srv/node/swiftloopback
20、完成上述操作后,在controller节点上进行openstack的安装,使用packstack命令进行安装。如果安装成功会提示scussess,如果失败可以在节点中找到问题所在,安装的时间取决于机器的性能,20-40分钟不等。
[root@controller ~]# packstack --answer-file=answers.txt
21、安装成功的结果如图所示:
C、以下操作在Network节点进行操作
22、由于openstack不会自动network节点的网卡进行迁移,所以需要手动进行迁移。使用cd命令切换到/etc/sysconfig/network-scripts目录下,将原来的nat网卡配置文件进行备份,备份完成后修改ifcfg-ens36内的内容,使得ens36网卡桥接到虚拟交换机上。
[root@network ~]# cd /etc/sysconfig/network-scripts/
[root@network network-scripts]# cp ifcfg-ens36 /media/
[root@network network-scripts]# cat ifcfg-ens36
DEVICE=ens36
DEVICETYPE=ovs
TYPE=OVSPort
ONBOOT=yes
BOOTPROTO=none
OVS_BRIDGE=br-ex
23、使用vim命令添加虚拟网桥br-ex的配置文件ifcfg-br-ex,并写入以下内容。
[root@network network-scripts]# cat ifcfg-br-ex
DEVICE=br-ex
DEVICETYPE=ovs
TYPE=OVSBridge
BOOTPROTO=none
IPADDR=192.168.108.9
PREFIX=24
GATEWAY=192.168.108.2
DNSl=192.168.108.2
ONBOOT=yes
24、重启网络服务,检验配置是否正确。
[root@network network-scripts]# systemctl restart network
25、自此openstack安装完成,可以使用IP地址/dashboard进行访问。
26、在完成了openstack的安装后,进行ssh操作的时候会提示错误,这时只要下载对应的服务就可以消除这段提示。下面列举错误的提示和解决方法。(可在任意节点进行操作)
Connecting to 192.168.101.9:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.
WARNING! The remote SSH server rejected X11 forwarding request.
Last login: Sat Jun 19 12:54:56 2021 from 192.168.101.1
net_mlx5: cannot load glue library: libibverbs.so.1: cannot open shared object file: No such file or directory
net_mlx5: cannot initialize PMD due to missing run-time dependency on rdma-core libraries (libibverbs, libmlx5)
PMD: net_mlx4: cannot load glue library: libibverbs.so.1: cannot open shared object file: No such file or directory
PMD: net_mlx4: cannot initialize PMD due to missing run-time dependency on rdma-core libraries (libibverbs, libmlx4)
net_mlx5: cannot load glue library: libibverbs.so.1: cannot open shared object file: No such file or directory
net_mlx5: cannot initialize PMD due to missing run-time dependency on rdma-core libraries (libibverbs, libmlx5)
PMD: net_mlx4: cannot load glue library: libibverbs.so.1: cannot open shared object file: No such file or directory
PMD: net_mlx4: cannot initialize PMD due to missing run-time dependency on rdma-core libraries (libibverbs, libmlx4)
[root@controller ~]# yum -y install libibverbs
@注意
1、删除本地DNS搜索的条目。
2、虚拟机需要联网。
3、报错检查应答文件是否出错,检查sed脚本是否有问题。
4、记得提前创建卷组。
5、查看日志文件 如下表所示,这里会提示那个组件或者配置文件哪里出错,哪个服务出错。
[root@controller ~]# tail /var/log/neutron/server.log
Open vSwitch agent 2021-06-19 17:27:14 compute1.cjx.com
Open vSwitch agent 2021-06-19 17:27:25 network.cjx.com
2021-06-20 03:40:28.427 30682 WARNING neutron.db.agents_db [req-33603833-2294-4033-a487-1a9b1595b007 - - - - -] Agent healthcheck: found 2 dead agents out of 6:
Type Last heartbeat host
Open vSwitch agent 2021-06-19 17:27:14 compute1.cjx.com
Open vSwitch agent 2021-06-19 17:27:25 network.cjx.com
2021-06-20 03:41:05.999 30682 WARNING neutron.db.agents_db [req-33603833-2294-4033-a487-1a9b1595b007 - - - - -] Agent healthcheck: found 2 dead agents out of 6:
Type Last heartbeat host
Open vSwitch agent 2021-06-19 17:27:14 compute1.cjx.com
Open vSwitch agent 2021-06-19 17:27:25 network.cjx.com
6、重启可以解决大部分的问题。
7、虚拟机的NAT网段网关不是物理的NAT网卡的网段,网关地址以192.168.108.0/24网段举例子一般是192.168.108.2。
8、注意YUM仓库必须配置好否则无法搭建成功。以下是实验所需要的完整包个数为29,441。
[root@controller ~]# yum repolist
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
repo id repo name status
Aliyun-rocky/7/x86_64 Aliyun-rocky 2,746
Aliyun-gemu-ev/7/x86_64 Aliyun-gemu-ev 63
base/7/x86_64 CentOS-7 - Base - mirrors.aliyun.com 10,072
epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64 13,604
extras/7/x86_64 CentOS-7 - Extras - mirrors.aliyun.com 498
updates/7/x86_64 CentOS-7 - Updates - mirrors.aliyun.com 2,458
repolist: 29,441
制作成员: 蔡君贤
排版: 赖裕新
初审: 蔡君贤
复审: 二月二