Openstack安装部署手册
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
Openstack安装部署手册
Havana版本
目录
1.环境 (4)
2.组件整体结构 (4)
3.环境准备 (5)
3.1.网卡配置 (5)
3.2.修改主机名 (5)
3.3.安装mysql 数据库 (5)
4.安装openstack包 (6)
4.1.安装openstack 单元包 (6)
4.2.安装Messaging server (6)
5.安装keystone认证服务 (6)
5.1.创建openstack keystone 与数据库的连接 (6)
5.2.定义一个授权令牌 (6)
5.3.配置创建密钥与证书 (7)
5.4.启动keystone (7)
5.5.定义用户租客和roles (7)
5.6.创建服务与定义API endpoint (8)
6.配置glance (9)
6.1.安装glance 组建 (9)
6.2.创建glance数据连接 (9)
6.3.keystone下定义名为glance的用户 (9)
6.4.添加glance roles (9)
6.5.配置imgae的服务的身份验证 (9)
6.6.添加凭证到/etc/glance/glance-api-paste.ini 和/etc/ (10)
6.7.glance/glance-registry-paste.inifiles.两个文件 (10)
6.8.keysotne创建glance 服务 (10)
6.9.启动glance服务 (11)
6.10.校验glance服务 (11)
7.安装nova 组建 (12)
7.1.配置nova数据连接 (12)
7.2.keysotne创建nova user (12)
7.3.添加roles (12)
7.4.配置计算服务的身份验证 (13)
7.5.keysotne创建nova service (13)
7.6.创建endpoint (13)
7.7.启动nova 的各项服务 (14)
7.8.校验nova 服务 (14)
8.安装nova network (14)
8.1.安装一个本地数据元 (15)
8.2.启动nova network (15)
8.3.创建vlan (15)
8.4.开放安全规则 (15)
8.5.校验各项服务是否正常 (16)
9.安装dashboard (16)
9.1.修改缓存 (16)
9.2.修改/etc/openstack-dashboard/local_settings (17)
9.3.启动dashboard (17)
9.4.校验安装 (17)
10.Glance 制作虚拟机的.img 文件 (17)
10.1.创建image disk (17)
10.2.启动virt-manager 创建虚拟机 (17)
10.3.安装后修改虚拟机如下几个配置问题 (21)
10.4.Glance 制作image镜像 (22)
11.风格flavor的创建 (22)
11.1.查看flavor的情况 (22)
11.2.创建新的风格 (22)
12.创建虚拟机 (22)
1.环境
2.组件整体结构
PS:在本环境中由于只有一台物理机,所以主机要即当管理节点又提供计算服务,所以除了以上controller 中上述组件还要安装nova-compute ,nova-network 服务。
3.环境准备
3.1.网卡配置
Vi /etc/sysconfig/network-scripts/ifcfg-eth0
# Internal Network
DEVICE=eth0
TYPE=Ethernet
BOOTPROTO=static
IPADDR=192.168.205.177
NETMASK=255.255.255.0
DEFROUTE=yes
# service network restartONBOOT=yes
# service NetworkManager stop
# service network start
# chkconfig NetworkManager off
# chkconfig network on
3.2.修改主机名
Vi /etc/sysconfig/network
HOSTNAME=controller
Vi /etc/hosts
127.0.0.1 localhost
192.168.205.177 controller
3.3.安装mysql 数据库
# yum install mysql mysql-server MySQL-python Vi /etc/f
[mysqld]
...
bind-address = 192.168.205.177
启动mysql
# service mysqld start
# chkconfig mysqld on
初次创建时删除anonymous user
# mysql_install_db
# mysql_secure_installation
# yum install mysql MySQL-python
4.安装openstack包
下载并安装/repos/openstack/openstack-havana/
rdo-release-havana-6.noarch.rpm
/pub/epel/6/x86_64/epel-release-6-8.
noarch.rpm 这两个包,这两个包安装后会自动配置安装openstack的外网yum源
4.1.安装openstack 单元包
yum install openstack-utils
yum install openstack-selinux
yum upgrade
reboot
PS:外网环境十分不稳定,安装可能会经常失败,安装失败后清除安装失败的包,后则后期如果安装时由于安装包没有装全或者装好会带来意想不到麻烦。
4.2.安装Messaging server
yum install qpid-cpp-server memcached
vi /etc/qpidd.conf
auth=no
# service qpidd start
# chkconfig qpidd on
5.安装keystone认证服务
# yum install openstack-keystone python-keystoneclient
修改配置文件
# openstack-config --set /etc/keystone/keystone.conf \
sql connection mysql://keystone:KEYSTONE_DBPASS@controller/keystone
5.1.创建openstack keystone 与数据库的连接
# openstack-db --init --service keystone --password KEYSTONE_DBPASS
5.2.定义一个授权令牌
# ADMIN_TOKEN=$(openssl rand -hex 10)
# echo $ADMIN_TOKEN
# openstack-config --set /etc/keystone/keystone.conf DEFAULT \
admin_token $ADMIN_TOKEN
5.3.配置创建密钥与证书
# keystone-manage pki_setup --keystone-user keystone --keystone-group keystone
# chown -R keystone:keystone /etc/keystone/* /var/log/keystone/keystone. log
5.4.启动keystone
# service openstack-keystone start
# chkconfig openstack-keystone on
5.5.定义用户租客和roles
导出环境变量
# export OS_SERVICE_TOKEN=ADMIN_TOKEN
# export OS_SERVICE_ENDPOINT=http://controller:35357/v2.0
PS:这里的ADMIN_TOKEN 是上面定义授权令牌时候生成的一串数字
可以将上述编辑成以后文件之后source 这个文件
创建admin租客
# keystone tenant-create --name=admin --description="Admin Tenant"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Admin Tenant |
| enabled | True |
| id | 17d0aac7259c4f308c5ed81904e267f2 |
| name | admin |
+-------------+----------------------------------+
# keystone tenant-create --name=service --description="Service Tenant"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Service Tenant |
| enabled | True |
| id | 54a02d2556c1423eaee8a514da372e0f |
| name | service |
+-------------+----------------------------------+
PS:这里很有可能会报错,提示租户无法创建,重启keystone会解决问题Service openstack-keystone restart
keystone user-create --name=admin --pass=ADMIN_PASS\
--email=****************
ADMIN_PASS是你设置的秘密
keystone user-create --name=admin --pass=PASSWORD\
--email=****************
5.6.创建服务与定义API endpoint
keystone service-create --name=keystone --type=identity \ --description="Keystone Identity Service"
+-------------+----------------------------------+
| Property | Value | +-------------+----------------------------------+
| description | Keystone Identity Service |
| id | 7711a2a72fb34caea36782f7cd669e03 | | name | keystone | | type | identity
定义API
keystone endpoint-create \
--service-id=7711a2a72fb34caea36782f7cd669e03 \
--publicurl=http://controller:5000/v2.0 \
--internalurl=http://controller:5000/v2.0 \
--adminurl=http://controller:35357/v2.0
+-------------+----------------------------------+
| Property | Value | +-------------+----------------------------------+
| adminurl | http://controller:35357/v2.0 |
| id | e153f3c72b2544cf8f7f0bd557a62cad |
| internalurl | http://controller:5000/v2.0 |
| publicurl | http://controller:5000/v2.0 |
| region | regionOne | | service_id | 7711a2a72fb34caea36782f7cd669e03 |
Vi 一个文件,包含以下内容
export OS_USERNAME=admin
export OS_PASSWORD=PASSWORD
export OS_TENANT_NAME=admin
export OS_AUTH_URL=http://controller:35357/v2.0
source 这个文件
校验服务
keystone user-list
+----------------------------------+---------+--------------------+--------+ | id | enabled | email | name |
+----------------------------------+---------+--------------------+--------+
|a4c2d43f80a549a19864c89d759bb3fe|True|*****************|admin|
说明配置正确
出过出现报错,请查看/var/log/kestone 下的详细内容
6.配置glance
6.1.安装glance 组建
# yum install openstack-glance
修改配置文件
openstack-config --set /etc/glance/glance-api.conf \
DEFAULT sql_connection mysql://glance:PASSWORD@controller/glance
openstack-config --set /etc/glance/glance-registry.conf \
DEFAULT sql_connection mysql://glance:PASSWORD@controller/glance
6.2.创建glance数据连接
openstack-db --init --service glance --password PASSWORD
6.3.keystone下定义名为glance的用户
keystone user-create --name=glance --pass=PASSWORD -- email=******************添加roles
keystone user-role-add --user=glance --tenant=service --role=admin
6.4.添加glance roles
keystone user-role-add --user=glance --tenant=service --role=admin
6.5.配置imgae的服务的身份验证
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken \
auth_uri http://controller:5000
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken \
auth_host controller
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken \
admin_tenant_name service
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken \
admin_user glance
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken \
admin_password PASSWORD
openstack-config --set /etc/glance/glance-api.conf paste_deploy \
flavor keystone
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken \
auth_uri http://controller:5000
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken \
auth_host controller
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken \
admin_tenant_name service
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken \
admin_user glance
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken \
admin_password PASSWORD
openstack-config --set /etc/glance/glance-registry.conf paste_deploy \
flavor keystone
6.6.添加凭证到/etc/glance/glance-api-paste.ini 和/etc/
6.7.glance/glance-registry-paste.inifiles.两个文件
# cp /usr/share/glance/glance-api-dist-paste.ini /etc/glance/glance-api-paste.ini
# cp /usr/share/glance/glance-registry-dist-paste.ini /etc/glance/glance-registry-paste.in 并且添加以下内容
[filter:authtoken]
paste.filter_factory=keystoneclient.middleware.auth_token:filter_factory
auth_host=controller
admin_user=glance
admin_tenant_name=service
admin_password=PASSWORD
6.8.keysotne创建glance 服务
# keystone service-create --name=glance --type=image \
--description="Glance Image Service"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Glance Image Service |
| id | f7494dceb5ef46e7960827a0ecdde89e |
| name | glance |
| type | image |
+-------------+----------------------------------+
Keystone 创建glance的endpoint
keystone endpoint-create \
--service-id=f7494dceb5ef46e7960827a0ecdde89e \
--publicurl=http://controller:9292 \
--internalurl=http://controller:9292 \
--adminurl=http://controller:9292
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| adminurl | http://controller:9292 |
| id | fe7cc75f8741455cb0688927845799b2 |
| internalurl | http://controller:9292 |
| publicurl | http://controller:9292 | +----+------+-------------+------------------+------+--------+
| region | regionOne |
| service_id | f7494dceb5ef46e7960827a0ecdde89e |
6.9.启动glance服务
# service openstack-glance-api start
# service openstack-glance-registry start
# chkconfig openstack-glance-api on
# chkconfig openstack-glance-registry on
6.10.校验glance服务
执行glance imgae-list 命令
+----+------+-------------+------------------+------+--------+
| ID | Name | Disk Format | Container Format | Size | Status |
+----+------+-------------+------------------+------+--------+
表示正常,如果有报错请查看var/log/glance下的详细内容
7.安装nova 组建
yum install openstack-nova python-novaclient
修改配置文件
openstack-config --set /etc/nova/nova.conf \
database connection mysql://nova:PASSWORD@controller/nova
配置使用messaging server
openstack-config --set /etc/nova/nova.conf \
DEFAULT rpc_backend mon.rpc.impl_qpid
Openstack-config --set /etc/nova/nova.conf DEFAULT qpid_hostname controller
7.1.配置nova数据连接
openstack-db --init --service nova --password PASSWORD
配置my—IP vncserver listen 和vncserver_proxyclient_address
openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 192.168.205.177
openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_listen 192.168.205.177
openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_proxyclient_address 192.168.205.177
7.2.keysotne创建nova user
keystoneuser-create--name=nova--pass=*******************************
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | ****************|
| enabled | True |
| id | 0ab2486266cb40f4808b03cd0f99929c |
| name | nova |
7.3.添加roles
keystone user-role-add --user=nova --tenant=service --role=admin
7.4.配置计算服务的身份验证
openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_host controller openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_protocol http openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_port 35357 openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_user nova openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_tenant_name service openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_password PASSWORD
vi /etc/nova/api-paste.init
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
auth_host = controller
auth_port = 35357
auth_protocol = http
auth_uri = http://controller:5000/v2.0
admin_tenant_name = service
admin_user = nova
admin_password = PASSWORD
7.5.keysotne创建nova service
keystone service-create --name=nova --type=compute \
--description="Nova Compute service"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Nova Compute service |
| id | 3b1a58f73d9d43e2807e8148448a333f |
| name | nova |
| type | compute |
7.6.创建endpoint
keystone endpoint-create \
--service-id=3b2d8cd63d444ac4b7899e65eeb0021a \
--publicurl=http://controller:8774/v2/%\(tenant_id\)s \
--internalurl=http://controller:8774/v2/%\(tenant_id\)s \
--adminurl=http://controller:8774/v2/%\(tenant_id\)s
+-------------+-----------------------------------------+
| Property | Value |
+-------------+-----------------------------------------+
| adminurl | http://controller:8774/v2/%(tenant_id)s |
| id | 01d675db4ef949a496fc7c603df6df8a |
| internalurl | http://controller:8774/v2/%(tenant_id)s |
| publicurl | http://controller:8774/v2/%(tenant_id)s |
| region | regionOne |
| service_id | 3b1a58f73d9d43e2807e8148448a333f |
7.7.启动nova 的各项服务
# service openstack-nova-api start
# service openstack-nova-cert start
# service openstack-nova-consoleauth start
# service openstack-nova-scheduler start
# service openstack-nova-conductor start
# service openstack-nova-novncproxy start
# chkconfig openstack-nova-consoleauth on
# chkconfig openstack-nova-scheduler on
# chkconfig openstack-nova-conductor on
# chkconfig openstack-nova-novncproxy on
7.8.校验nova 服务
执行nova list 显示虚拟机等信息。
如果无返回输出其他。
说明nova服务不正常,请查看/var/log/nova下的详细日志
8.安装nova network
yum install openstack-nova-network
修改配置文件
openstack-config --set /etc/nova/nova.conf DEFAULT network_manager work.manager.FlatDHCPManager
openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.libvirt.firewall.IptablesFirewallDriver
openstack-config --set /etc/nova/nova.conf DEFAULT network_size 254
openstack-config --set /etc/nova/nova.conf DEFAULT allow_same_net_traffic False openstack-config --set /etc/nova/nova.conf DEFAULT multi_host True
openstack-config --set /etc/nova/nova.conf DEFAULT send_arp_for_ha True
openstack-config --set /etc/nova/nova.conf DEFAULT share_dhcp_address Ture
openstack-config --set /etc/nova/nova.conf DEFAULT force_dhcp_release True
openstack-config --set /etc/nova/nova.conf DEFAULT flat_interface eth0
openstack-config --set /etc/nova/nova.conf DEFAULT flat_network_bridge br100 openstack-config --set /etc/nova/nova.conf DEFAULT public_interface eth0
nova network-create vmnet --fixed-range-v4=192.168.205.0/24 --bridge=br100 --multi-host=T
8.1.安装一个本地数据元
# yum install openstack-nova-api
# service openstack-nova-metadata-api start
# chkconfig openstack-nova-metadata-api on
8.2.启动nova network
# service openstack-nova-network start
# chkconfig openstack-nova-network on
8.3.创建vlan
nova network-create vmnet --fixed-range-v4=10.0.0.0/24 \
--bridge=br100 --multi-host=T
Nova network-list查看创建网络
8.4.开放安全规则
nova secgroup-add-rule defaulttcp 22 22 0.0.0.0/0
nova secgroup-add-rule defaulticmp -1 -1 0.0.0.0/0
8.5.校验各项服务是否正常
nova flavor-list
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+
| ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs |
RXTX_Factor | Is_Public |
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+
| 1 | m1.tiny | 512 | 1 | 0 | | 1 | 1.0
| True |
| 2 | m1.small | 2048 | 20 | 0 | | 1 | 1.0
| True |
| 3 | m1.medium | 4096 | 40 | 0 | | 2 | 1.0
| True |
| 4 | rge | 8192 | 80 | 0 | | 4 | 1.0
| True |
| 5 | m1.xlarge | 16384 | 160 | 0 | | 8 | 1.0
| True |
+----+-----------+-----------+------+-----------+-----
nova image-list
+--------------------------------------+--------------+--------+--------+
| ID | Name | Status | Server |
+--------------------------------------+--------------+--------+--------+
| 9e5c2bee-0373-414c-b4af-b91b0246ad3b | CirrOS 0.3.1 | ACTIVE | |
9.安装dashboard
yum install memcached python-memcached mod_wsgi openstack-dashboard
9.1.修改缓存
打开/etc/openstack-dashboard/local_settings 查看
CACHES = {
'default': {
'BACKEND' : 'django.core.cache.backends.memcached.MemcachedCache', 'LOCATION' : '127.0.0.1:11211'
}
}
9.2.修改/etc/openstack-dashboard/local_settings
ALLOWED_HOSTS = ['192.168.205.177', 'my-desktop']
修改/etc/openstack-dashboard/local_settings
OPENSTACK_HOST = "controller"
9.3.启动dashboard
# service httpd start
# service memcached start
# chkconfig httpd on
# chkconfig memcached on
9.4.校验安装
浏览器输入http://192.168.205.177/dashboard
如果正常会显示opnestack的图行界面,如果有问题
请查看/var/log/httpd 中的相关问题
遇到问题:界面无法打开,由于防火墙启动。
关闭防火墙界面正常启动10.Glance 制作虚拟机的.img 文件
10.1.创建image disk
qemu-img create -f qcow2 rhel6.img 10GB
10.2.启动virt-manager 创建虚拟机
安装虚拟机过程略
10.3.安装后修改虚拟机如下几个配置问题
#: vi /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
#: vi /etc/sysconfig/network
NETWORKING=yes
Vi /etc/sysconfig/network-scripts/ifcfg-eth0
#: vi /etc/sysconfig/network-scripts/ifcfg-eth0
# Intel Corporation 82562GT 10/100 Network Connection DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
TYPE=Ethernet
PERSISTENT_DHCLIENT=1
删除/lib/udec/wirte_net_rules文件
#: mv /lib/udev/write_net_rules /lib/udev/write_net_rules.bak 修改selinux disabled
#: service iptables stop
#: service ip6tables stop
#: chkconfig iptables off
#: chkconfig ip6tables off
关闭虚拟机
10.4.Glance 制作image镜像
glance image-create --name rhel6 --disk-format qcow2 --container-format bare --is-public true < rhel6.img
11.风格flavor的创建
11.1.查看flavor的情况
# nova flavor-list
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+-------------+
| ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public | extra_specs |
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+-------------+
| 1 | m1.tiny | 512 | 0 | 0 | | 1 | 1.0 | True | {} |
| 2 | m1.small | 2048 | 10 | 20 | | 1 | 1.0 | True | {} |
| 3 | m1.medium | 4096 | 10 | 40 | | 2 | 1.0 | True | {} |
| 4 | rge | 8192 | 10 | 80 | | 4 | 1.0 | True | {} |
| 5 | m1.xlarge | 16384 | 10 | 160 | | 8 | 1.0 | True | {} |
| 6 | cubj | 4096 | 40 | 0 | | 2 | 1.0 | True | {} |
11.2.创建新的风格
nova flavor-create <name> <id> <ram> <disk> <vcpus> [--ephemeral <ephemeral>]
12.创建虚拟机
Nova boot --flavor --image ID --availability-zon--nic "net-id=1c80a78c-bba5-4c57-8c9f-99cb8cd0f474,v4-fixed-ip=192.168.205.176" test。