install-openstack-folsom-with-nova-network
来源:互联网 发布:可靠性分析软件nessus 编辑:程序博客网 时间:2024/06/16 05:45
OpenStack Folsom 安装
http://wiki.stacklab.org/doku.php?id=stacklab:documentation:install-openstack-folsom-with-nova-network
本文介绍了如何安装OpenStack Folsom版,因为在Foslom版本中,Quantum还不成熟,所以使用nova-network。
nova-network使用FlatDHCP+Multihost模式,每个服务器装两块网卡。eth0用于public network和manage network,eth1用于vm network。
该环境中规划了 256个fixed_ip,网段是 10.0.0.0/24。还规划了128个floating_ip,网段是 192.168.56.128/25 。
所有节点
操作系统
使用的是 ubuntu-12.04.1-server-amd64 , 下载地址为 download
网络设置
修改/etc/network/interfaces配置:
# This file describes the network interfaces available on your system# and how to activate them. For more information, see interfaces(5).# The loopback network interfaceauto loiface lo inet loopback# The primary network interfaceauto eth0iface eth0 inet static#不同服务器有不同的IP地址address 192.168.56.101 netmask 255.255.255.0gateway 192.168.56.1dns-nameservers 8.8.8.8auto eth1iface eth1 inet manualup ifconfig eth1 up
源
Folsom版本是2012年10月发布的,已经进入的ubuntu 12.04的官方源。你需要手动添加源。
在 ”/etc/apt/sources.list” 添加下面两行内容:
deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-proposed/folsom maindeb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/folsom main
更新操作:
#apt-get update
hostname设置
修改/etc/hostname(不同节点的hostname不一样) :
#cat /etc/hostnamecontrol-01
修改/etc/hosts,添加上:
192.168.56.101 control-01192.168.56.111 compute-01192.168.56.112 compute-02192.168.56.113 compute-03
mysql和rabbitmq
安装mysql,设置mysql的密码是”root”:
#apt-get install mysql-server python-mysqldb
配置mysql可以接受来自任何节点的请求:
#sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf#service mysql restart
安装rebbitmq:
#apt-get install rabbitmq-server
NTP
安装NTP:
#apt-get install ntp#sed -i 's/server ntp.ubuntu.com/server ntp.ubuntu.com\nserver 127.127.1.0\nfudge 127.127.1.0 stratum 10/g' /etc/ntp.conf#service ntp restart
其他
控制节点
安装OpenStack组件
#os_keystone="keystone python-keystone python-keystoneclient"#os_glance="glance glance-api python-glanceclient glance-common"#os_nova="nova-api nova-cert nova-common nova-scheduler python-nova python-novaclient nova-consoleauth novnc nova-novncproxy "#os_horizon="apache2 libapache2-mod-wsgi openstack-dashboard memcached python-memcache"#os_cinder="cinder-api cinder-scheduler cinder-volume iscsitarget open-iscsi iscsitarget-dkms python-cinderclient"#apt-get install $os_keystone $os_glance $os_nova $os_horizon $os_cinder
各个服务的数据库
需要给keystone、nova、cinder、glance创建数据,设置权限。这里简单的设置所有数据库的用户名和密码都是'openstack',当然你也可以设置为其他字符串。
#mysql -uroot -prootmysql> CREATE DATABASE keystone;mysql> CREATE DATABASE nova;mysql> CREATE DATABASE cinder;mysql> CREATE DATABASE glance;mysql> GRANT ALL ON keystone.* TO openstack@'%' IDENTIFIED BY 'openstack';mysql> GRANT ALL ON nova.* TO openstack@'%' IDENTIFIED BY 'openstack';mysql> GRANT ALL ON cinder.* TO openstack@'%' IDENTIFIED BY 'openstack';mysql> GRANT ALL ON glance.* TO openstack@'%' IDENTIFIED BY 'openstack';mysql> GRANT ALL ON keystone.* TO openstack@'192.168.56.101' IDENTIFIED BY 'openstack';mysql> GRANT ALL ON nova.* TO openstack@'192.168.56.101' IDENTIFIED BY 'openstack';mysql> GRANT ALL ON nova.* TO openstack@'192.168.56.111' IDENTIFIED BY 'openstack';mysql> GRANT ALL ON nova.* TO openstack@'192.168.56.112' IDENTIFIED BY 'openstack';mysql> GRANT ALL ON nova.* TO openstack@'192.168.56.113' IDENTIFIED BY 'openstack';mysql> GRANT ALL ON cinder.* TO openstack@'192.168.56.101' IDENTIFIED BY 'openstack';mysql> GRANT ALL ON glance.* TO openstack@'192.168.56.101' IDENTIFIED BY 'openstack';
keystone
修改 /etc/keystone/keystone.conf配置,以便能够访问数据库:
connection = mysql://openstack:openstack@192.168.56.101/keystone
重启服务器,并初始化数据库:
#service keystone restart#keystone-manage db_sync
执行keystone_basic.sh脚本,创建基本的user、tenant、role。keystone_basic.sh脚本如下所示:
#!/bin/sh## Keystone basic configuration # Mainly inspired by https://github.com/openstack/keystone/blob/master/tools/sample_data.sh # Modified by Bilel Msekni / Institut Telecom## Support: openstack@lists.launchpad.net# License: Apache Software License (ASL) 2.0##节点的IP地址HOST_IP=192.168.56.101ADMIN_PASSWORD=${ADMIN_PASSWORD:-admin_pass}SERVICE_PASSWORD=${SERVICE_PASSWORD:-service_pass}export SERVICE_TOKEN="ADMIN"export SERVICE_ENDPOINT="http://${HOST_IP}:35357/v2.0"SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service} get_id () { echo `$@ | awk '/ id / { print $4 }'`} # TenantsADMIN_TENANT=$(get_id keystone tenant-create --name=admin)SERVICE_TENANT=$(get_id keystone tenant-create --name=$SERVICE_TENANT_NAME) # UsersADMIN_USER=$(get_id keystone user-create --name=admin --pass="$ADMIN_PASSWORD" --email=admin@domain.com) # RolesADMIN_ROLE=$(get_id keystone role-create --name=admin)KEYSTONEADMIN_ROLE=$(get_id keystone role-create --name=KeystoneAdmin)KEYSTONESERVICE_ROLE=$(get_id keystone role-create --name=KeystoneServiceAdmin) # Add Roles to Users in Tenantskeystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id $ADMIN_TENANTkeystone user-role-add --user-id $ADMIN_USER --role-id $KEYSTONEADMIN_ROLE --tenant-id $ADMIN_TENANTkeystone user-role-add --user-id $ADMIN_USER --role-id $KEYSTONESERVICE_ROLE --tenant-id $ADMIN_TENANT # The Member role is used by Horizon and SwiftMEMBER_ROLE=$(get_id keystone role-create --name=Member) # Configure service users/rolesNOVA_USER=$(get_id keystone user-create --name=nova --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=nova@domain.com)keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $NOVA_USER --role-id $ADMIN_ROLE GLANCE_USER=$(get_id keystone user-create --name=glance --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=glance@domain.com)keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $GLANCE_USER --role-id $ADMIN_ROLE CINDER_USER=$(get_id keystone user-create --name=cinder --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=cinder@domain.com)keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $CINDER_USER --role-id $ADMIN_ROLE
执行 keystone_endpoints_basic.sh脚本,创建endpoints。keystone_endpoints_basic.sh脚本如下所示:
#!/bin/sh## Keystone basic Endpoints # Mainly inspired by https://github.com/openstack/keystone/blob/master/tools/sample_data.sh # Modified by Bilel Msekni / Institut Telecom## Support: openstack@lists.launchpad.net# License: Apache Software License (ASL) 2.0# # Host address#节点的manage network的IP地址HOST_IP=192.168.56.101#节点的public network的IP地址EXT_HOST_IP=192.168.56.101 # MySQL definitionsMYSQL_USER=PranavMYSQL_DATABASE=keystoneMYSQL_HOST=$HOST_IPMYSQL_PASSWORD=cloud # Keystone definitionsKEYSTONE_REGION=RegionOneexport SERVICE_TOKEN=ADMINexport SERVICE_ENDPOINT="http://${HOST_IP}:35357/v2.0" while getopts "u:D:p:m:K:R:E:T:vh" opt; docase $opt in u) MYSQL_USER=$OPTARG ;; D) MYSQL_DATABASE=$OPTARG ;; p) MYSQL_PASSWORD=$OPTARG ;; m) MYSQL_HOST=$OPTARG ;; K) MASTER=$OPTARG ;; R) KEYSTONE_REGION=$OPTARG ;; E) export SERVICE_ENDPOINT=$OPTARG ;; T) export SERVICE_TOKEN=$OPTARG ;; v) set -x ;; h) cat <<EOFUsage: $0 [-m mysql_hostname] [-u mysql_username] [-D mysql_database] [-p mysql_password][-K keystone_master ] [ -R keystone_region ] [ -E keystone_endpoint_url ][ -T keystone_token ]Add -v for verbose mode, -h to display this message.EOF exit 0 ;; \?) echo "Unknown option -$OPTARG" >&2 exit 1 ;; :) echo "Option -$OPTARG requires an argument" >&2 exit 1 ;; esacdone if [ -z "$KEYSTONE_REGION" ]; thenecho "Keystone region not set. Please set with -R option or set KEYSTONE_REGION variable." >&2 missing_args="true"fi if [ -z "$SERVICE_TOKEN" ]; thenecho "Keystone service token not set. Please set with -T option or set SERVICE_TOKEN variable." >&2 missing_args="true"fi if [ -z "$SERVICE_ENDPOINT" ]; thenecho "Keystone service endpoint not set. Please set with -E option or set SERVICE_ENDPOINT variable." >&2 missing_args="true"fi if [ -z "$MYSQL_PASSWORD" ]; thenecho "MySQL password not set. Please set with -p option or set MYSQL_PASSWORD variable." >&2 missing_args="true"fi if [ -n "$missing_args" ]; thenexit 1fikeystone service-create --name nova --type compute --description 'OpenStack Compute Service'keystone service-create --name cinder --type volume --description 'OpenStack Volume Service'keystone service-create --name glance --type image --description 'OpenStack Image Service'keystone service-create --name keystone --type identity --description 'OpenStack Identity'keystone service-create --name ec2 --type ec2 --description 'OpenStack EC2 service' create_endpoint () { case $1 in compute) keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$EXT_HOST_IP"':8774/v2/$(tenant_id)s' --adminurl 'http://'"$HOST_IP"':8774/v2/$(tenant_id)s' --internalurl 'http://'"$HOST_IP"':8774/v2/$(tenant_id)s' ;; volume) keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$EXT_HOST_IP"':8776/v1/$(tenant_id)s' --adminurl 'http://'"$HOST_IP"':8776/v1/$(tenant_id)s' --internalurl 'http://'"$HOST_IP"':8776/v1/$(tenant_id)s' ;; image) keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$EXT_HOST_IP"':9292/v2' --adminurl 'http://'"$HOST_IP"':9292/v2' --internalurl 'http://'"$HOST_IP"':9292/v2' ;; identity) keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$EXT_HOST_IP"':5000/v2.0' --adminurl 'http://'"$HOST_IP"':35357/v2.0' --internalurl 'http://'"$HOST_IP"':5000/v2.0' ;; ec2) keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$EXT_HOST_IP"':8773/services/Cloud' --adminurl 'http://'"$HOST_IP"':8773/services/Admin' --internalurl 'http://'"$HOST_IP"':8773/services/Cloud' ;; esac} for i in compute volume image object-store identity ec2; doid=`mysql -h "$MYSQL_HOST" -u "$MYSQL_USER" -p"$MYSQL_PASSWORD" "$MYSQL_DATABASE" -ss -e "SELECT id FROM service WHERE type='"$i"';"` || exit 1 create_endpoint $i $iddone
填写openrc文件:
# cat openrc export OS_TENANT_NAME=adminexport OS_USERNAME=adminexport OS_PASSWORD=admin_passexport OS_AUTH_URL="http://192.168.56.101:5000/v2.0/"
加载环境变量:
#source openrc
测试keystone:
# keystone user-list+----------------------------------+--------+---------+-------------------+| id | name | enabled | email |+----------------------------------+--------+---------+-------------------+| 4fa0ecb0979c46928d0d9e6a11965ca5 | glance | True | glance@domain.com || 7e10d7dfe68c437abda3a29da9550415 | nova | True | nova@domain.com || abeb9e73069640debd8d4e2de4fee2cb | admin | True | admin@domain.com || d5146f2348f14406a84984e353e8ff7a | cinder | True | cinder@domain.com |+----------------------------------+--------+---------+-------------------+
glance
更新glance的配置文件 /etc/glance/glance-api-paste.ini :
[filter:authtoken]paste.filter_factory = keystone.middleware.auth_token:filter_factoryauth_host = 192.168.56.101auth_port = 35357auth_protocol = httpadmin_tenant_name = serviceadmin_user = glanceadmin_password = service_pass
更新glance的配置文件 /etc/glance/glance-registry-paste.ini :
[filter:authtoken]paste.filter_factory = keystone.middleware.auth_token:filter_factoryauth_host = 192.168.56.101auth_port = 35357auth_protocol = httpadmin_tenant_name = serviceadmin_user = glanceadmin_password = service_pass
更新 /etc/glance/glance-api.conf :
sql_connection = mysql://openstack:openstack@192.168.56.101/glance[paste_deploy]flavor = keystone
更新 /etc/glance/glance-registry.conf :
sql_connection = mysql://openstack:openstack@192.168.56.101/glance[paste_deploy]flavor = keystone
重启服务:
#service glance-api restart; service glance-registry restart
同步数据库:
#glance-manage db_sync
重启服务:
#service glance-api restart; service glance-registry restart
上传镜像:
#wget https://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-disk.img#source openrc#glance image-create --name myFirstImage --is-public true --container-format bare --disk-format qcow2 < cirros-0.3.0-x86_64-disk.img
测试glance:
#glance iamge-list
cinder
配置iscsitarget:
#sed -i 's/false/true/g' /etc/default/iscsitarget
重启服务iscsitarget:
#service iscsitarget start#service open-iscsi start
更新配置 /etc/cinder/api-paste.ini:
[filter:authtoken]paste.filter_factory = keystone.middleware.auth_token:filter_factoryservice_protocol = httpservice_host = 192.168.56.101service_port = 5000auth_host = 192.168.56.101auth_port = 35357auth_protocol = httpadmin_tenant_name = serviceadmin_user = cinderadmin_password = service_pass
更新配置 /etc/cinder/cinder.conf :
[DEFAULT]rootwrap_config=/etc/cinder/rootwrap.confsql_connection = mysql://openstack:openstack@192.168.56.101/cinderapi_paste_confg = /etc/cinder/api-paste.iniiscsi_helper=ietadmvolume_name_template = volume-%svolume_group = cinder-volumesverbose = Trueauth_strategy = keystone#osapi_volume_listen_port=5900
同步数据库:
#cinder-manage db sync
创建一个测试用的volumegroup:
# mkdir -p /opt/data/cinder# cd /opt/data/cinder/# truncate -s 2G vgfile# losetup -f --show vgfile /dev/loop0# vgcreate cinder-volumes /dev/loop0No physical volume label read from /dev/loop0Writing physical volume data to disk "/dev/loop0"Physical volume "/dev/loop0" successfully createdVolume group "cinder-volumes" successfully created
重启服务:
#cd /etc/init.d/; for i in $( ls cinder-* ); do service $i restart; done
nova
修改配置/etc/nova/api-paste.ini:
[filter:authtoken]paste.filter_factory = keystone.middleware.auth_token:filter_factoryauth_host = 192.168.56.101auth_port = 35357auth_protocol = httpadmin_tenant_name = serviceadmin_user = novaadmin_password = service_passsigning_dirname = /tmp/keystone-signing-nova
修改配置 /etc/nova/nova.conf:
[DEFAULT]# LOGS/STATEverbose=Truelogdir=/var/log/novastate_path=/var/lib/novalock_path=/run/lock/nova# AUTHENTICATIONauth_strategy=keystone# SCHEDULERscheduler_driver=nova.scheduler.multi.MultiSchedulercompute_scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler# CINDERvolume_api_class=nova.volume.cinder.API# DATABASEsql_connection=mysql://openstack:openstack@192.168.56.101/nova# COMPUTE#假如节点不支持kvm,则填写qemu(一般是使用虚拟机安装openstack时)libvirt_type=kvm libvirt_use_virtio_for_bridges=Truestart_guests_on_host_boot=Trueresume_guests_state_on_host_boot=Trueapi_paste_config=/etc/nova/api-paste.iniallow_admin_api=Trueuse_deprecated_auth=Falsenova_url=http://192.168.56.101:8774/v1.1/root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf# APISec2_host=192.168.56.101ec2_url=http://192.168.56.101:8773/services/Cloudkeystone_ec2_url=http://192.168.56.101:5000/v2.0/ec2tokenss3_host=192.168.56.101cc_host=192.168.56.101metadata_host=192.168.56.101enabled_apis=ec2,osapi_compute,metadata# RABBITMQrabbit_host=192.168.56.101# GLANCEimage_service=nova.image.glance.GlanceImageServiceglance_api_servers=192.168.56.101:9292# NETWORKnetwork_manager=nova.network.manager.FlatDHCPManagerforce_dhcp_release=Truedhcpbridge_flagfile=/etc/nova/nova.confdhcpbridge=/usr/bin/nova-dhcpbridgefirewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriverpublic_interface=eth0 flat_interface=eth1 flat_network_bridge=br100fixed_range=10.0.0.0/24 network_size=256flat_injected=Falseconnection_type=libvirtmulti_host=True# NOVNC CONSOLEnovnc_enabled=Truenovncproxy_base_url=http://192.168.56.101:6080/vnc_auto.htmlvncserver_proxyclient_address=192.168.56.101vncserver_listen=192.168.56.101
修改sudoers文件,在/etc/sudoers添加上:
#Paste this line anywhere you like:nova ALL=(ALL) NOPASSWD:ALL
同步数据库:
#nova-manage db sync
重启nova服务:
#for i in nova-api nova-cert nova-consoleauth nova-novncproxy nova-scheduler; do service $i restart; done
检查服务状态:
#nova-manage service list
创建fixed_ip:
#nova-manage network create private --fixed_range_v4=10.0.0.0/24 --num_networks=1 --bridge=br100 --bridge_interface=eth1 --network_size=256 --multi_host=T
创建floating_ip:
#nova-manage floating create 192.168.56.128/25
计算节点
安装OpenStack组件
#os_nova="nova-common python-nova python-novaclient nova-compute nova-network nova-api-metadata "#os_other=" kvm libvirt-bin pm-utils bridge-utils"#apt-get install $os_nova $other
nova
编辑 /etc/nova/nova.conf文件(假设在节点compute-01上,ip地址是192.168.56.111):
[DEFAULT]# LOGS/STATEverbose=Truelogdir=/var/log/novastate_path=/var/lib/novalock_path=/run/lock/nova# AUTHENTICATIONauth_strategy=keystone# SCHEDULERscheduler_driver=nova.scheduler.multi.MultiSchedulercompute_scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler# CINDERvolume_api_class=nova.volume.cinder.API# DATABASEsql_connection=mysql://openstack:openstack@192.168.56.101/nova# COMPUTElibvirt_type=qemulibvirt_use_virtio_for_bridges=Truestart_guests_on_host_boot=Trueresume_guests_state_on_host_boot=Trueapi_paste_config=/etc/nova/api-paste.iniallow_admin_api=Trueuse_deprecated_auth=Falsenova_url=http://192.168.56.101:8774/v1.1/root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf# APISec2_host=192.168.56.101ec2_url=http://192.168.56.101:8773/services/Cloudkeystone_ec2_url=http://192.168.56.101:5000/v2.0/ec2tokenss3_host=192.168.56.101cc_host=192.168.56.101#每个metadata_host的ip都要和节点的ip一样metadata_host=192.168.56.111metadata_listen=0.0.0.0enabled_apis=metadata# RABBITMQrabbit_host=192.168.56.101# GLANCEimage_service=nova.image.glance.GlanceImageServiceglance_api_servers=192.168.56.101:9292# NETWORKnetwork_manager=nova.network.manager.FlatDHCPManagerforce_dhcp_release=Truedhcpbridge_flagfile=/etc/nova/nova.confdhcpbridge=/usr/bin/nova-dhcpbridgefirewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriverpublic_interface=eth0flat_interface=eth1flat_network_bridge=br100fixed_range=10.0.0.0/24network_size=256flat_injected=Falseconnection_type=libvirtmulti_host=True# NOVNC CONSOLEnovnc_enabled=Truenovncproxy_base_url=http://192.168.56.101:6080/vnc_auto.html#vncserver_proxyclient_address和vncserver_listen的ip要和节点ip一样vncserver_proxyclient_address=192.168.56.111vncserver_listen=192.168.56.111
修改/etc/nova/nova-compute.conf的配置:
[DEFAULT]#假如节点不支持kvm,则填写qemu(一般是使用虚拟机安装openstack时)libvirt_type=kvm
启动服务:
#for i in nova-api-metadata nova-compute nova-network; do service $i restart; done
其他计算节点
其他计算节点按照同样的方法部署。
访问OpenStack DashBoard
在控制节点上重启apache和memcached:
#service apache2 restart; service memcached restart
访问 http://192.168.56.101/horizon ,用户名和密码是 admin 和 admin_pass 。
- install-openstack-folsom-with-nova-network
- 研究Openstack Nova network
- 【openstack】Nova(Folsom)虚拟化层Driver分析
- 浅谈openstack中的nova-network
- OpenStack Icehouse Installation: Two-node architecture with legacy networking (nova-network)
- openstack nova -network使用vlan-manager
- openstack 网络架构 nova-network + neutron
- Openstack Nova Failed to allocate network(s)
- openstack 网络架构 nova-network + neutron
- Openstack Nova Failed to allocate network(s)
- openstack 网络架构 nova-network + neutron
- openstack 网络架构 nova-network + neutron
- QuickStart with RHOS(Red Hat OpenStack) Folsom Preview
- openstack nova Folsom版中使用quantum,虚拟机无法访问外部网络的解决办法
- OpenStack Folsom完全安装
- Openstack关于folsom安装
- openstack Folsom+Quantum安装
- OpenStack Folsom 安装
- GSL介绍
- (转)Android游戏开发之检测游戏碰撞的原理实现(九)
- Unable to locate tools.jar. Expected to find it in D:/jre6/lib/tools.jar问题解决
- .htaccess写法和httpd.ini写法
- Unity3D 虚拟摇杆(之二)C#
- install-openstack-folsom-with-nova-network
- 新手必看:一步到位之InnoDB
- 获取一个图片像素点RGB值的代码
- web容器和servlet容器
- JavaScript 学习笔记(一)prompt、parseInt、document.write、switch(a) {case **:……}、new Date()、getFullYear()
- iOS的UDID等取用
- 定位经纬度解析城市信息 CLGeocoder /CLLocationManager
- win7+64位+Oracle+11g+64位下使用PLSQL+Developer+的解决办法
- java訪問ssl方法