ubuntu1404单机安装部署openstack-juno
来源:互联网 发布:台湾网络主播萱萱 编辑:程序博客网 时间:2024/06/05 07:31
Redhat上可以很快的使用All-in-one的方式安装openstack,先安装packstack,然后通过packstack --allinone这条命令
就可以一步安装openstack,最后设置IP和网桥,就可以完成安装,但是在ubuntu却无法通过一步就实现openstack的安装,
需要一步一步安装,而且网上现有的资料都是在多台机器上分别安装openstack的各个节点(compute,controller,network
等),一般至少两台虚拟机或着物理机,今天介绍如何在一台ubuntu虚拟机上实现openstack-juno的安装,并启动一个
cirros镜像的虚拟机实例。
当初我觉着可以在redhat上实现单机安装openstack并启动虚拟机实例,就一定可以在ubuntu上实现单机安装部署
openstack,一个原因是不想多台机器之间折腾,机器越少,操作起来越方便,不用来回切换,另一个就是自己有点强迫症,
非要这么折腾一下,结果折腾了好久,终于算是折腾出来了,思路也越来越清晰。
这里总结一下openstack安装的经验。其实主要的问题还是集中在网络设置上,各个模块的安装只要网络正常,基本
没什么问题,很快就可以安装,工作量集中在配置文件的修改上,nova和neutron的配置有一些是交织的,先配置nova,等
到neutron安装了,还要返回来再次修改nova和增加配置,另外在neutron的配置文件中还要加上nova的相关配置,最后就
是网络的配置,网桥的设置。
这里介绍的安装其实不是完整的安装,主要是安装到neutron,然后安装dashboard,可以通过网页界面来操作主机设置,
后面的模块如cinder(块存储),swift(对象存储)都没有安装。
安装步骤如下:
第一步、准备ubuntu虚拟机,添加openstack-juno相关的源;
虚拟机设置:4G内存,20G硬盘,处理器选择支持虚拟化,ip:192.168.61.122,hostname:openstack
apt-get install python-software-propertiesadd-apt-repository cloud-archive:junoapt-get update
第二步、安装消息服务rabbitmq,数据库mysql并启动;
apt-get install rabbitmq-server -yapt-get install mysql-server python-mysqldb -y
安装mysql时会提示输入用户名密码,这里输入root:root
修改mysql配置文件,vi /etc/mysql/my.cnf
bind-address 192.168.61.122[mysqld]default-storage-engine=innodbinnodb_file_per_tablecollation-server=utf8_general_ciinit-connect='SET NAMES utf8'character-set-server=utf8修改完成之后重启服务
service mysql restart
修改配置及重启服务截图:
第三步、安装认证服务keystone,并配置和启动服务,新建用户,租户,角色;
先创建keystone数据库,并且授权用户keystone:keystone
再安装keystone服务
apt-get install keystone python-keystoneclient -y
这里我们先使用openssl命令产生一个随机的字符串作为token,这个字符串将在多个地方配置,主要在keystone.conf配置
文件中配置,以后都通用。
openssl rand -hex 10
//我的机器随机生成的是如下的字符串
b9e8218bd6a146ce0741
安装完成之后就是配置/etc/keystone/keystone.conf,默认keystone,glance,nova等组件,都有一个sqlite的数据库保存元数据,
我们这里改为使用我们的mysql作为元数据数据库,只需修改几个设置。
vi /etc/keystone/keystone.conf[default]token=b9e8218bd6a146ce0741verbose=true[database]connection=mysql://keystone:openstack@openstack/keystone[token]provider=keystone.token.providers.uuid.Provider# Token persistence backend driver. (string value)driver=keystone.token.persistence.backends.sql.Token
接着就可以同步数据,和重启keystone服务,并且设置环境变量OS_SERVICE_TOKEN和OS_SERVICE_ENDPOINT。
root@openstack:~# su -s /bin/sh -c "keystone-manage db_sync" keystoneroot@openstack:~# service keystone restartkeystone stop/waitingkeystone start/running, process 20270root@openstack:~# lsb9e8218bd6a146ce0741root@openstack:~# export OS_SERVICE_TOKEN=b9e8218bd6a146ce0741root@openstack:~# export OS_SERVICE_ENDPOINT=http://openstack:35357/v2.0
下面可以进行创建租户,用户,角色,并赋予用户角色,我们创建两个角色一个管理员和一个普通用户。
root@openstack:~# export OS_SERVICE_TOKEN=b9e8218bd6a146ce0741root@openstack:~# export OS_SERVICE_ENDPOINT=http://openstack:35357/v2.0root@openstack:~# keystone tenant-create --name admin --description "Admin Tenant"+-------------+----------------------------------+| Property | Value |+-------------+----------------------------------+| description | Admin Tenant || enabled | True || id | 23a84fb4bf9f4078a54adc63627ea224 || name | admin |+-------------+----------------------------------+root@openstack:~# keystone user-create --name admin --pass admin --email feiy_2015@sina.com+----------+----------------------------------+| Property | Value |+----------+----------------------------------+| email | feiy_2015@sina.com || enabled | True || id | bcf9266786734e3382a0e38d582386fe || name | admin || username | admin |+----------+----------------------------------+root@openstack:~# keystone role-create --name admin+----------+----------------------------------+| Property | Value |+----------+----------------------------------+| id | f3f75ddd049d404f8540faece025e9eb || name | admin |+----------+----------------------------------+root@openstack:~# keystone user-role-add --user admin --tenant admin --role admin
赋予用户角色和指定租户是没有输出的。
接着我们创建普通成员用户和角色并赋予角色
root@openstack:~# keystone role-create --name _member_+----------+----------------------------------+| Property | Value |+----------+----------------------------------+| id | 6e33c1dcfb124022b11fea125fe996f9 || name | _member_ |+----------+----------------------------------+root@openstack:~# keystone tenant-create --name hadoop --description "Hadoop Tenant"+-------------+----------------------------------+| Property | Value |+-------------+----------------------------------+| description | Hadoop Tenant || enabled | True || id | 668a527fd9384b639447deaca1cf2c48 || name | hadoop |+-------------+----------------------------------+root@openstack:~# keystone user-create --name hadoop --pass hadoop --email feiy_2015@sina.com+----------+----------------------------------+| Property | Value |+----------+----------------------------------+| email | feiy_2015@sina.com || enabled | True || id | 4e3ccc059d754c6a94e9a82d187bff8d || name | hadoop || username | hadoop |+----------+----------------------------------+root@openstack:~# keystone user-role-add --tenant hadoop --user hadoop --role _member_
我们再创建第三个租户service,这个租户给后面的glance,nova,neutron等使用,前面的普通租户hadoop是给普通用户登
录使用。
root@openstack:~# keystone tenant-create --name service --description "Service Tenant"+-------------+----------------------------------+| Property | Value |+-------------+----------------------------------+| description | Service Tenant || enabled | True || id | a4363a87992a4be7aba64be211338b5c || name | service |+-------------+----------------------------------+
最后我们需要创建keystone对外的服务endpoint。
root@openstack:~# keystone service-create --name keystone --type identity --description "Openstack Identity"+-------------+----------------------------------+| Property | Value |+-------------+----------------------------------+| description | Openstack Identity || enabled | True || id | 23d80b5a4b3c45debc4c96d229c55e08 || name | keystone || type | identity |+-------------+----------------------------------+root@openstack:~# keystone endpoint-create --service-id 23d80b5a4b3c45debc4c96d229c55e08 \> --publicurl http://openstack:5000/v2.0 \> --internalurl http://openstack:5000/v2.0 \> --adminurl http://openstack:35357/v2.0 \> --region regionOne+-------------+----------------------------------+| Property | Value |+-------------+----------------------------------+| adminurl | http://openstack:35357/v2.0 || id | 0b0b6785c5e44d989e4f007a8bb56571 || internalurl | http://openstack:5000/v2.0 || publicurl | http://openstack:5000/v2.0 || region | regionOne || service_id | 23d80b5a4b3c45debc4c96d229c55e08 |+-------------+----------------------------------+root@openstack:~#这里千万不要直接复制粘贴命令,endpoint 的service-id需要指定在前一个命令中生成的service的id。
这样我们的keystone算是安装和配置完成,思路大概是先安装组件(或着创建数据库,授权数据库用户),然后配置
组件数据库连接,token等信息,接着同步数据,然后创建相关的服务。后面的glance,nova,neutron等安装都是这个
思路。
验证keystone命令生成的数据:
刚才我们使用keystone命令生成的用户,服务等都是在环境变量OS_SERVICE_TOKEN=b9e8218bd6a146ce0741,
OS_SERVICE_ENDPOINT=http://openstack:35357/v2.0的情况下做的,现在我们去掉环境变量,做验证。
unset OS_SERVICE_TOKEN OS_SERVICE_ENDPOINT
root@openstack:~# keystone service-listExpecting an auth URL via either --os-auth-url or env[OS_AUTH_URL]root@openstack:~# keystone --os-tenant-name admin --os-username admin --os-password admin --os-auth-url http://openstack:35357/v2.0 service-list+----------------------------------+----------+----------+--------------------+| id | name | type | description |+----------------------------------+----------+----------+--------------------+| 23d80b5a4b3c45debc4c96d229c55e08 | keystone | identity | Openstack Identity |+----------------------------------+----------+----------+--------------------+root@openstack:~# keystone --os-tenant-name admin --os-username admin --os-password admin --os-auth-url http://openstack:35357/v2.0 token-get+-----------+----------------------------------+| Property | Value |+-----------+----------------------------------+| expires | 2017-02-19T17:53:40Z || id | cd0471d0ac6f4d0abee8e9ee0e56c92a || tenant_id | 23a84fb4bf9f4078a54adc63627ea224 || user_id | bcf9266786734e3382a0e38d582386fe |+-----------+----------------------------------+root@openstack:~# keystone --os-tenant-name admin --os-username admin --os-password admin --os-auth-url http://openstack:35357/v2.0 role-list+----------------------------------+----------+| id | name |+----------------------------------+----------+| 6e33c1dcfb124022b11fea125fe996f9 | _member_ || f3f75ddd049d404f8540faece025e9eb | admin |+----------------------------------+----------+
这个结果和我们创建时是对应的,没有什么问题,接下来,我们可以安装配置镜像服务glance组件了。
第四步、安装镜像服务glance,并配置和启动服务,新建镜像;
创建glance数据库,并授权用户glance:glance
mysql> create database glance;Query OK, 1 row affected (0.00 sec)mysql> grant all privileges on glance.* to glance@'%' identified by 'glance';Query OK, 0 rows affected (0.00 sec)
使用keystone创建glance相关用户和endpoint服务,这里给glance赋予角色和租户时就用到了keystone里面最后创建的一个租户service。
root@openstack:~# keystone user-create --name glance --pass glance --email feiy_2015@sina.com+----------+----------------------------------+| Property | Value |+----------+----------------------------------+| email | feiy_2015@sina.com || enabled | True || id | afbd6f0428eb462099a8b20dd06f210d || name | glance || username | glance |+----------+----------------------------------+root@openstack:~# keystone user-role-add --user glance --tenant service --role adminroot@openstack:~# keystone service-create --name glance --type image --description "Openstack Image Service"+-------------+----------------------------------+| Property | Value |+-------------+----------------------------------+| description | Openstack Image Service || enabled | True || id | e7131d900c8a46ef8053217e93759e98 || name | glance || type | image |+-------------+----------------------------------+root@openstack:~# keystone endpoint-create --service-id e7131d900c8a46ef8053217e93759e98 --publicurl http://openstack:9292 --internalurl http://openstack:9292 --adminurl http://openstack:9292 --region regionOne+-------------+----------------------------------+| Property | Value |+-------------+----------------------------------+| adminurl | http://openstack:9292 || id | 46c182ce45dc498d9009caaa61a37a9d || internalurl | http://openstack:9292 || publicurl | http://openstack:9292 || region | regionOne || service_id | e7131d900c8a46ef8053217e93759e98 |+-------------+----------------------------------+
接下来,安装glance组件
apt-get install glance python-glanceclient -y
修改配置文件/etc/glance/glance-api.conf和/etc/glance/glance-registry.conf
root@openstack:~# vi /etc/glance/glance-api.conf [database]connection = mysql://glance:openstack@openstack/glance[keystone_authtoken]auth_uri=http://openstack:5000/v2.0identity_uri = http://openstack:35357admin_tenant_name = serviceadmin_user = glanceadmin_password = glance[paste_deploy]flavor=keystone[glance-store]filesystem_store_datadir=/var/lib/glance/images
root@openstack:~# vi /etc/glance/glance-registry.conf [database]connection = mysql://glance:openstack@openstack/glance[keystone_authtoken]auth_uri=http://openstack:5000/v2.0identity_uri = http://openstack:35357admin_tenant_name = serviceadmin_user = glanceadmin_password = glance[paste_deploy]flavor=keystone
然后同步数据,并且重启服务
root@openstack:~# su -s /bin/sh -c "glance-manage db_sync" glance/usr/lib/python2.7/dist-packages/sqlalchemy/engine/default.py:436: Warning: Invalid utf8 character string: '80027D' cursor.execute(statement, parameters)root@openstack:~# service glance-registry restartglance-registry stop/waitingglance-registry start/running, process 22752root@openstack:~# service glance-api restartglance-api stop/waitingglance-api start/running, process 22771
为了创建镜像,我们先配置一个管理员的环境变量keystonerc_admin.sh
vi ~/keystonerc_admin.shexport OS_TENANT_NAME=adminexport OS_USERNAME=adminexport OS_PASSWORD=adminexport OS_AUTH_URL=http://192.168.61.122:35357/v2.0最后创建一个镜像,利用本地的cirros-0.3.3-x86_64.img。
root@openstack:~# source keystonerc_admin.shroot@openstack:~# glance image-list+----+------+-------------+------------------+------+--------+| ID | Name | Disk Format | Container Format | Size | Status |+----+------+-------------+------------------+------+--------++----+------+-------------+------------------+------+--------+root@openstack:~# lsb9e8218bd6a146ce0741 keystonerc_admin.sh set_env.shroot@openstack:~# glance image-create --name "cirros-0.3.3" --file /home/hadoop/cirros-0.3.3-x86_64-disk.img --disk-format qcow2 --container-format bare --is-public True --progress[=============================>] 100%+------------------+--------------------------------------+| Property | Value |+------------------+--------------------------------------+| checksum | 133eae9fb1c98f45894a4e60d8736619 || container_format | bare || created_at | 2017-02-19T19:02:07 || deleted | False || deleted_at | None || disk_format | qcow2 || id | e90f1aed-58f9-427e-ba24-c440c3dbc04e || is_public | True || min_disk | 0 || min_ram | 0 || name | cirros-0.3.3 || owner | 23a84fb4bf9f4078a54adc63627ea224 || protected | False || size | 13200896 || status | active || updated_at | 2017-02-19T19:02:09 || virtual_size | None |+------------------+--------------------------------------+root@openstack:~# glance image-list+--------------------------------------+--------------+-------------+------------------+----------+--------+| ID | Name | Disk Format | Container Format | Size | Status |+--------------------------------------+--------------+-------------+------------------+----------+--------+| e90f1aed-58f9-427e-ba24-c440c3dbc04e | cirros-0.3.3 | qcow2 | bare | 13200896 | active |+--------------------------------------+--------------+-------------+------------------+----------+--------+root@openstack:~#
第五步、安装计算服务nova,并配置和启动服务;
创建nova数据库,并且授权用户nova:nova
mysql> create database nova;Query OK, 1 row affected (0.00 sec)mysql> grant all privileges on nova.* to nova@'%' identified by 'nova';Query OK, 0 rows affected (0.00 sec)
使用keystone命令创建nova组件相关的用户和服务
root@openstack:~# keystone user-create --name nova --pass nova --email feiy_2015@sina.com+----------+----------------------------------+| Property | Value |+----------+----------------------------------+| email | feiy_2015@sina.com || enabled | True || id | 88bb5fda2beb402eb0a32437d5b22602 || name | nova || username | nova |+----------+----------------------------------+root@openstack:~# keystone user-role-add --user nova --tenant service --role adminroot@openstack:~# keystone service-create --name nova --type compute --description "Openstack Nova Compute"+-------------+----------------------------------+| Property | Value |+-------------+----------------------------------+| description | Openstack Nova Compute || enabled | True || id | 15f88fd8b9b1439da7c8a4fb7649f422 || name | nova || type | compute |+-------------+----------------------------------+root@openstack:~# keystone service-list | awk '/ compute / {print $2}'15f88fd8b9b1439da7c8a4fb7649f422root@openstack:~# keystone endpoint-create --service-id=15f88fd8b9b1439da7c8a4fb7649f422 \> --publicurl http://openstack:8774/v2/%\(tenant_id\)s \> --internalurl http://openstack:8774/v2/%\(tenant_id\)s \> --adminurl http://openstack:8774/v2/%\(tenant_id\)s \> --region regionOne+-------------+------------------------------------------+| Property | Value |+-------------+------------------------------------------+| adminurl | http://openstack:8774/v2.0/%(tenant_id)s || id | c5e8f6ccda524fcf9f2fcf33e66490ab || internalurl | http://openstack:8774/v2.0/%(tenant_id)s || publicurl | http://openstack:8774/v2.0/%(tenant_id)s || region | regionOne || service_id | 15f88fd8b9b1439da7c8a4fb7649f422 |+-------------+------------------------------------------+
安装nova组件并配置/etc/nova/nova.conf文件
root@openstack:~# apt-get install nova-api nova-cert nova-conductor nova-consoleauth nova-scheduler noa-novncproxy python-novaclientReading package lists... DoneBuilding dependency tree Reading state information... Done
vi /etc/nova/nova.conf[default]verbose=Trueauth_strategy=keystonerpc_backend=rabbitrabbit_host=openstackrabbit_password=guestmy_ip=192.168.61.122vncserver_listener=192.168.61.122vncserver_proxyclient_address=192.168.61.122[database]connection=mysql://nova:nova@openstack/nova[keystone_authtoken]auth_uri=http://openstack:5000identify_uri=http://openstack:35357admin_tenant_name=serviceadmin_user=novaadmin_password=nova[glance]host=openstack
重启服务:
root@openstack:~# vi restartnova.sh #!/bin/shservice nova-api restartservice nova-cert restartservice nova-consoleauth restartservice nova-scheduler restartservice nova-conductor restartservice nova-novncproxy restartroot@openstack:~# chmod 777 restartnova.sh root@openstack:~# sh restartnova.sh
验证nova安装和启动
root@openstack:~# nova image-list+--------------------------------------+--------------+--------+--------+| ID | Name | Status | Server |+--------------------------------------+--------------+--------+--------+| e90f1aed-58f9-427e-ba24-c440c3dbc04e | cirros-0.3.3 | ACTIVE | |+--------------------------------------+--------------+--------+--------+root@openstack:~# nova service-list+----+------------------+-----------+----------+---------+-------+----------------------------+-----------------+| Id | Binary | Host | Zone | Status | State | Updated_at | Disabled Reason |+----+------------------+-----------+----------+---------+-------+----------------------------+-----------------+| 1 | nova-cert | openstack | internal | enabled | up | 2017-02-19T21:07:53.000000 | - || 2 | nova-consoleauth | openstack | internal | enabled | up | 2017-02-19T21:07:53.000000 | - || 3 | nova-scheduler | openstack | internal | enabled | up | 2017-02-19T21:07:53.000000 | - || 4 | nova-conductor | openstack | internal | enabled | up | 2017-02-19T21:07:53.000000 | - |+----+------------------+-----------+----------+---------+-------+----------------------------+-----------------+root@openstack:~#
以上安装实际上并不是计算节点的安装,还需要安装nova计算组件
apt-get install nova-compute python-novaclient有的地方提示需要改动/etc/nova/nova-compute.conf
vi /etc/nova/nova-compute.conf[libvirt]virt_type=qemuroot@openstack:~#service nova-compute restart
这样再次用命令nova service-list查看nova服务时,会出现五个,即加入了nova-compute,这样nova就算安装完成。
root@openstack:~# nova service-list+----+------------------+-----------+----------+---------+-------+----------------------------+-----------------+| Id | Binary | Host | Zone | Status | State | Updated_at | Disabled Reason |+----+------------------+-----------+----------+---------+-------+----------------------------+-----------------+| 1 | nova-cert | openstack | internal | enabled | up | 2017-02-19T21:27:03.000000 | - || 2 | nova-consoleauth | openstack | internal | enabled | up | 2017-02-19T21:27:03.000000 | - || 3 | nova-scheduler | openstack | internal | enabled | up | 2017-02-19T21:27:03.000000 | - || 4 | nova-conductor | openstack | internal | enabled | up | 2017-02-19T21:27:03.000000 | - || 5 | nova-compute | openstack | nova | enabled | up | 2017-02-19T21:27:02.000000 | - |+----+------------------+-----------+----------+---------+-------+----------------------------+-----------------+
第六步、安装网络服务neutron,并配置和启动服务;
创建neutron数据库,并且授权用户neutron:neutron
mysql> create database neutron;Query OK, 1 row affected (0.00 sec)mysql> grant all privileges on neutron.* to neutron@'%' identified by 'neutron';Query OK, 0 rows affected (0.00 sec)
使用keystone命令创建neutron组件相关的用户和服务
root@openstack:~# keystone user-create --name neutron --pass neutron --email feiy_2015@sina.com+----------+----------------------------------+| Property | Value |+----------+----------------------------------+| email | feiy_2015@sina.com || enabled | True || id | 8e49b076e0ba4d33bfffcfbc0258ac1b || name | neutron || username | neutron |+----------+----------------------------------+root@openstack:~# keystone user-role-add --user neutron --tenant service --role adminroot@openstack:~# keystone service-create --name neutron --type network --description "Openstack \> Network"+-------------+----------------------------------+| Property | Value |+-------------+----------------------------------+| description | Openstack Network || enabled | True || id | a7b922511b9d49f9b04addc905fc598d || name | neutron || type | network |+-------------+----------------------------------+root@openstack:~# keystone endpoint-create --service-id=a7b922511b9d49f9b04addc905fc598d \> --publicurl http://openstack:9696 \> --internalurl http://openstack:9696 \> --adminurl http://openstack:9696 \> --region regionOne+-------------+----------------------------------+| Property | Value |+-------------+----------------------------------+| adminurl | http://openstack:9696 || id | 2aa3d75f522340f59b0c74269f9e7e72 || internalurl | http://openstack:9696 || publicurl | http://openstack:9696 || region | regionOne || service_id | a7b922511b9d49f9b04addc905fc598d |+-------------+----------------------------------+
安装neutron组件并配置相关文件
apt-get install neutron-server neutron-plugin-ml2 python-neutronclient -yapt-get install neutron-plugin-openvswitch-agent neutron-l3-agent neutron-dhcp-agent ipset -y
修改系统配置
vi /etc/sysctl.confnet.ipv4.conf.default.rp_filter = 0net.ipv4.conf.all.rp_filter = 0net.ipv4.ip_forward = 1sysctl -p//生效
首先更改nova配置,增加neutron支持
vi /etc/nova/nova.conf[DEFAULT]dhcpbridge_flagfile=/etc/nova/nova.confdhcpbridge=/usr/bin/nova-dhcpbridgelogdir=/var/log/novastate_path=/var/lib/novalock_path=/var/lock/novaforce_dhcp_release=Truelibvirt_use_virtio_for_bridges=Trueverbose=Trueec2_private_dns_show_ip=Trueapi_paste_config=/etc/nova/api-paste.inienabled_apis=ec2,osapi_compute,metadataauth_strategy=keystonerpc_backend=rabbitrabbit_host=openstackrabbit_password=guestmy_ip=192.168.61.122vncserver_listen=192.168.61.122vncserver_proxyclient_address=192.168.61.122novncproxy_base_url=http://openstack:6080/vnc_auto.htmlservice_neutron_metadata_proxy=trueneutron_metadata_proxy_shared_secret=neutronnetwork_api_class=nova.network.neutronv2.api.APIsecurity_group_api=neutronlinuxnet_interface_driver=nova.network.linux_net.LinuxOVSInterfaceDriverfirewall_driver=nova.virt.firewall.NoopFirewallDriver[database]connection=mysql://nova:nova@openstack/nova[keystone_authtoken]auth_uri=http://openstack:5000identity_uri=http://openstack:35357admin_tenant_name=serviceadmin_user=novaadmin_password=nova[glance]host=openstack[neutron]url=http://openstack:9696auth_strategy=keystoneadmin_auth_url=http://openstack:35357/v2.0admin_tenant_name=serviceadmin_username=neutronadmin_password=neutron
修改neutron主配置文件/etc/neutron/neutron.conf
vi /etc/neutron.conf[DEFAULT]verbose = Truecore_plugin = ml2service_plugins =routerauth_strategy = keystoneallow_overlapping_ips = Truenotify_nova_on_port_status_changes = Truenotify_nova_on_port_data_changes=Truenova_url = http://openstack:8774/v2nova_admin_auth_url=http://openstack:35357/v2.0nova_region_name =regionOnenova_admin_username =novanova_admin_tenant_id =a4363a87992a4be7aba64be211338b5cnova_admin_password =novanova_admin_auth_url =http://openstack:35357/v2.0rabbit_host=openstackrabbit_password=guestrpc_backend=rabbit[keystone_authtoken]auth_host = 192.168.61.122auth_port = 35357auth_protocol = httpadmin_tenant_name = serviceadmin_user = neutronadmin_password = neutron[database]connection = mysql://neutron:neutron@openstack/neutron
修改neutron插件配置,四个配置文件
vi /etc/neutron/plugins/ml2/ml2_conf.ini[ml2]type_drivers = local,flat,vlan,gre,vxlantenant_network_types = vlanmechanism_drivers = openvswitch,linuxbridge[ml2_type_vlan]network_vlan_ranges = physnet1:1000:2999[securitygroup]enable_security_group = Trueenable_ipset = Truefirewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver[ovs]local_ip=192.168.56.145tenant_network_type=vlanintegration_bridge=br-intnetwork_vlan_ranges=physnet1:1000:2999bridge_mappings=physnet1:br0
vi /etc/neutron/l3_agent.ini[DEFAULT]verbose=Trueinterface_driver = neutron.agent.linux.interface.OVSInterfaceDriveruse_namespaces = Trueexternal_network_bridge = br0
vi /etc/neutron/dhcp_agent.ini[DEFAULT]verbose=Trueinterface_driver = neutron.agent.linux.interface.OVSInterfaceDriverdhcp_driver = neutron.agent.linux.dhcp.Dnsmasquse_namespaces = True
vi /etc/neutron/metadata_agent.ini[DEFAULT]verbose=Trueauth_url = http://openstack:5000/v2.0auth_region = regionOneadmin_tenant_name = serviceadmin_user = neutronadmin_password = neutronnova_metadata_ip = 192.168.56.145metadata_proxy_shared_secret =neutron
更改完成之后,同步数据库
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \ --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade juno" neutron
然后依次启动nova,neutron相关服务
//nova restartservice nova-api restartservice nova-cert restartservice nova-consoleauth restartservice nova-scheduler restartservice nova-conductor restartservice nova-novncproxy restartservice nova-compute restart//neutron restartservice neutron-server restartservice openvswitch-switch restartservice neutron-plugin-openvswitch-agent restartservice neutron-l3-agent restartservice neutron-dhcp-agent restartservice neutron-metadata-agent restart
检验服务
root@openstack:~# neutron ext-list+-----------------------+-----------------------------------------------+| alias | name |+-----------------------+-----------------------------------------------+| security-group | security-group || l3_agent_scheduler | L3 Agent Scheduler || ext-gw-mode | Neutron L3 Configurable external gateway mode || binding | Port Binding || provider | Provider Network || agent | agent || quotas | Quota management support || dhcp_agent_scheduler | DHCP Agent Scheduler || l3-ha | HA Router extension || multi-provider | Multi Provider Network || external-net | Neutron external network || router | Neutron L3 Router || allowed-address-pairs | Allowed Address Pairs || extraroute | Neutron Extra Route || extra_dhcp_opt | Neutron Extra DHCP opts || dvr | Distributed Virtual Router |+-----------------------+-----------------------------------------------+root@openstack:~# neutron agent-list+--------------------------------------+--------------------+-----------+-------+----------------+---------------------------+| id | agent_type | host | alive | admin_state_up | binary |+--------------------------------------+--------------------+-----------+-------+----------------+---------------------------+| b53c64f2-8e2a-4d46-96bf-405fc734dd79 | Metadata agent | openstack | :-) | True | neutron-metadata-agent || cc225a4f-7586-433d-af05-54e1defa347a | DHCP agent | openstack | :-) | True | neutron-dhcp-agent || f4d02fca-e70f-457b-81b0-3de9743fadfa | L3 agent | openstack | :-) | True | neutron-l3-agent || fabeb6c4-2fb9-46dd-ac56-9b1ccd5b2933 | Open vSwitch agent | openstack | :-) | True | neutron-openvswitch-agent |+--------------------------------------+--------------------+-----------+-------+----------------+---------------------------+
这里还需要检验虚拟网桥设备。
如果这个界面没有出现br-int,br0的配置,需要手动添加网桥
ovs-vsctl add-br br0 //添加网桥ovs-vsctl add-port br0 eth0 //为br0添加端口。
第七步、安装界面服务dashboard,并配置和启动服务;
利用如下命令可以安装openstack界面管理dashboard组件,针对ubuntu系统,会默认安装一套ubuntu的主题,不喜欢的
可以利用apt-get remove命令卸载该套主题。
apt-get install -y openstack-dashboard apache2 libapache2-mod-wsgi memcached python-memcacheapt-get remove --purge openstack-dashboard-ubuntu-theme管理员和普通用户均可以登陆
登录之后,里面长这个样子
第八步、创建网络和创建虚拟机。
先创建公有网络,使用管理员权限(admin)
root@openstack:~# source keystonerc_admin.sh root@openstack:~# neutron net-create public-vlan --router:external=TrueCreated a new network:+---------------------------+--------------------------------------+| Field | Value |+---------------------------+--------------------------------------+| admin_state_up | True || id | c3c63eab-2fcc-44fd-a4a4-0b46cba55377 || name | public-vlan || provider:network_type | vlan || provider:physical_network | physnet1 || provider:segmentation_id | 1080 || router:external | True || shared | False || status | ACTIVE || subnets | || tenant_id | 23a84fb4bf9f4078a54adc63627ea224 |+---------------------------+--------------------------------------+root@openstack:~# neutron subnet-create public-vlan --name public-subnet --allocation-pool start=192.168.61.200,end=192.168.61.230 --disable-dhcp --gateway 192.168.61.2 192.168.61.0/24 --dns-nameserver 192.168.61.2Created a new subnet:+-------------------+------------------------------------------------------+| Field | Value |+-------------------+------------------------------------------------------+| allocation_pools | {"start": "192.168.61.200", "end": "192.168.61.230"} || cidr | 192.168.61.0/24 || dns_nameservers | 192.168.61.2 || enable_dhcp | False || gateway_ip | 192.168.61.2 || host_routes | || id | 24467a95-5c8f-4fbc-a133-8432b220c5c3 || ip_version | 4 || ipv6_address_mode | || ipv6_ra_mode | || name | public-subnet || network_id | c3c63eab-2fcc-44fd-a4a4-0b46cba55377 || tenant_id | 23a84fb4bf9f4078a54adc63627ea224 |+-------------------+------------------------------------------------------+再创建私有网络,使用hadoop用户,先配置一个hadoop用户的环境变量:
vi keystonerc_hadoop.shexport OS_TENANT_NAME=hadoopexport OS_USERNAME=hadoopexport OS_PASSWORD=hadoopexport OS_AUTH_URL=http://192.168.61.122:35357/v2.0source keystonerc_hadoop.sh然后利用hadoop用户创建用户私有网络,并添加路由器,设置路由器和网络联通。
hadoop@openstack:~$ neutron net-create hadoop-vlan Created a new network:+-----------------+--------------------------------------+| Field | Value |+-----------------+--------------------------------------+| admin_state_up | True || id | 6fa7187f-18cc-46b2-afaa-7636c5acacbd || name | hadoop-vlan || router:external | False || shared | False || status | ACTIVE || subnets | || tenant_id | 668a527fd9384b639447deaca1cf2c48 |+-----------------+--------------------------------------+hadoop@openstack:~$ neutron subnet-create hadoop-vlan --name hadoop-subnet --allocation-pool start=10.0.1.1,end=10.0.1.253 --disable-dhcp --gateway 10.0.1.254 10.0.1.0/24 --dns-nameserver 192.168.61.2 Created a new subnet:+-------------------+--------------------------------------------+| Field | Value |+-------------------+--------------------------------------------+| allocation_pools | {"start": "10.0.1.1", "end": "10.0.1.253"} || cidr | 10.0.1.0/24 || dns_nameservers | 192.168.61.2 || enable_dhcp | False || gateway_ip | 10.0.1.254 || host_routes | || id | 30b75ef9-4a57-45b2-9110-5a71188ccd2c || ip_version | 4 || ipv6_address_mode | || ipv6_ra_mode | || name | hadoop-subnet || network_id | 6fa7187f-18cc-46b2-afaa-7636c5acacbd || tenant_id | 668a527fd9384b639447deaca1cf2c48 |+-------------------+--------------------------------------------+hadoop@openstack:~$ neutron router-create hadoop-routerCreated a new router:+-----------------------+--------------------------------------+| Field | Value |+-----------------------+--------------------------------------+| admin_state_up | True || external_gateway_info | || id | 3de91186-f5ae-44e5-8602-a2dda86dae25 || name | hadoop-router || routes | || status | ACTIVE || tenant_id | 668a527fd9384b639447deaca1cf2c48 |+-----------------------+--------------------------------------+hadoop@openstack:~$ neutron router-interface-add hadoop-router hadoop-subnetAdded interface c48530e3-b317-4cf7-a0cd-1f6ffb79cc72 to router hadoop-router.hadoop@openstack:~$ neutron router-gateway-set hadoop-router public-vlanSet gateway for router hadoop-router
利用admin用户权限创建一个内存128M的虚拟机类型
root@openstack:~# nova flavor-create myos 6 128 1 1+----+------+-----------+------+-----------+------+-------+-------------+-----------+| ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |+----+------+-----------+------+-----------+------+-------+-------------+-----------+| 6 | myos | 128 | 1 | 0 | | 1 | 1.0 | True |+----+------+-----------+------+-----------+------+-------+-------------+-----------+root@openstack:~# nova flavor-list+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+| ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+| 1 | m1.tiny | 512 | 1 | 0 | | 1 | 1.0 | True || 2 | m1.small | 2048 | 20 | 0 | | 1 | 1.0 | True || 3 | m1.medium | 4096 | 40 | 0 | | 2 | 1.0 | True || 4 | m1.large | 8192 | 80 | 0 | | 4 | 1.0 | True || 5 | m1.xlarge | 16384 | 160 | 0 | | 8 | 1.0 | True || 6 | myos | 128 | 1 | 0 | | 1 | 1.0 | True |+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+
最后可以利用命令行创建虚拟机,创建虚拟机需要网络ID,镜像名称,可以先查询出来:
hadoop@openstack:~$ nova image-list+--------------------------------------+--------------+--------+--------+| ID | Name | Status | Server |+--------------------------------------+--------------+--------+--------+| e90f1aed-58f9-427e-ba24-c440c3dbc04e | cirros-0.3.3 | ACTIVE | |+--------------------------------------+--------------+--------+--------+hadoop@openstack:~$ nova net-list+--------------------------------------+-------------+------+| ID | Label | CIDR |+--------------------------------------+-------------+------+| 6fa7187f-18cc-46b2-afaa-7636c5acacbd | hadoop-vlan | None || c3c63eab-2fcc-44fd-a4a4-0b46cba55377 | public-vlan | None |+--------------------------------------+-------------+------+hadoop@openstack:~$ nova boot --flavor 6 --image cirros-0.3.3 --nic net-id=6fa7187f-18cc-46b2-afaa-7636c5acacbd cirros-hadoop+--------------------------------------+-----------------------------------------------------+| Property | Value |+--------------------------------------+-----------------------------------------------------+| OS-DCF:diskConfig | MANUAL || OS-EXT-AZ:availability_zone | nova || OS-EXT-STS:power_state | 0 || OS-EXT-STS:task_state | scheduling || OS-EXT-STS:vm_state | building || OS-SRV-USG:launched_at | - || OS-SRV-USG:terminated_at | - || accessIPv4 | || accessIPv6 | || adminPass | DCCc9MfyJWny || config_drive | || created | 2017-02-20T01:04:21Z || flavor | myos (6) || hostId | || id | 10bffbbb-a02c-4ba1-8823-4819986a5785 || image | cirros-0.3.3 (e90f1aed-58f9-427e-ba24-c440c3dbc04e) || key_name | - || metadata | {} || name | cirros-hadoop || os-extended-volumes:volumes_attached | [] || progress | 0 || security_groups | default || status | BUILD || tenant_id | 668a527fd9384b639447deaca1cf2c48 || updated | 2017-02-20T01:04:22Z || user_id | 4e3ccc059d754c6a94e9a82d187bff8d |+--------------------------------------+-----------------------------------------------------+
总结:
openstack绝对是我遇到的最难安装和部署的服务,没有之一,首先他的概念就很多:keystone,glance,nova,neutron,cinder,
swift,horizon,还有基础服务rabbitmq,mysql,memcache,apache,再就是每一个模块又有很多概念,比如keystone中简单的就有
租户,用户,角色,不同的角色对应不同的操作权限,nova就更复杂了,包括计算,授权,网络,调度等服务,还和neutron
紧密结合。创建虚拟机实例时又有内网和公网,路由器等设置,还有镜像选择,创建了虚拟机,访问的时候还要设置安全组,
容许ping,ssh等功能,这些环环相扣,密不可分,其实难点还在于网络的设置,单机安装部署,毕竟不像多台机器controller节
点和compute节点还有network节点分的那么细致,各司其职,单机部署所有节点的功能都集中在一台机器,配置相对复杂,
但是按照多节点部署的思路,还是可以完成的。
- ubuntu1404单机安装部署openstack-juno
- 使用openshit在Ubuntu14.04单机部署OpenStack Juno
- openstack-juno安装记录
- 在Ubuntu14.04上OpenStack Juno安装部署
- openstack Juno版部署记录
- OpenStack 手动安装(juno)
- OpenStack Juno安装---网络配置
- centos7下安装openstack juno
- Openstack安装Openstack(Juno版本)
- 使用fuel 6.0 部署openstack Juno 版本
- openstack juno+ vmware vsphere6.0部署配置
- 【openstack】openstack安装【单机+集群】
- openstack juno 完全按照官方文档安装
- centos6.5通过devstack安装openstack juno
- Ubuntu14.04安装OpenStack Juno—keystone
- fedora18单机部署openstack教程
- centos7 安装配置openstack-ceilometer (官网openstack-juno版)
- centos7 安装配置openstack-dashboard (官网openstack-juno版)
- 解读内核参数 - socket/文件句柄资源限制参数
- Android EventBus源码解析
- .Net程序员学用Oracle系列(14):子查询、集合查询
- 【Python】学习笔记——-5.2、返回函数
- Python+Selenium遇到的问题
- ubuntu1404单机安装部署openstack-juno
- 搜索引擎工作过程
- A*算法 源代码
- 神经网络学习笔记1
- docker数据驱动详解
- 机器学习
- 有自己的博客啦
- IIS 开启 Kerberos 认证
- LeetCode 1. two sum