openstack安装部署测试总结(一)

it不难
2022-08-13 / 0 评论 / 17 阅读 / 正在检测是否收录...

前言

准备资源

服务器初始化

#初始化脚本
cd sysinit && sh system_init_v6.sh

#设置主机名
hostnamectl  set-hostname openstack-1
hostnamectl  set-hostname openstack-2
hostnamectl  set-hostname openstack-3

#安装openstack软件源
yum install centos-release-openstack-train -y
yum install https://rdoproject.org/repos/rdo-release.rpm -y
yum upgrade -y
yum install python-openstackclient -y

初始化脚本下载:

设置环境变量

#生成随机密码
openssl rand -hex 10

#在/etc/profile中设置
export ADMIN_PASS=c08393f3ed64cbca17ec
export CINDER_DBPASS=openstack@webzhan.xyz
export CINDER_PASS=c08393f3ed64cbca17ec
export DASH_DBPASS=c08393f3ed64cbca17ec
export DEMO_PASS=c08393f3ed64cbca17ec
export GLANCE_DBPASS=openstack@webzhan.xyz
export GLANCE_PASS=c08393f3ed64cbca17ec
export KEYSTONE_DBPASS=openstack@webzhan.xyz
export METADATA_SECRET=c08393f3ed64cbca17ec
export NEUTRON_DBPASS=openstack@webzhan.xyz
export NEUTRON_PASS=c08393f3ed64cbca17ec
export NOVA_DBPASS=openstack@webzhan.xyz
export NOVA_PASS=c08393f3ed64cbca17ec
export PLACEMENT_PASS=c08393f3ed64cbca17ec
export RABBIT_PASS=c08393f3ed64cbca17ec

#生效
source /etc/profile

安装基础服务

安装 MariaDB

#安装
yum install -y mariadb mariadb-server

#启动
systemctl enable --now mariadb

#初始化
mysql_secure_installation

安装 RabbitMQ

#安装
yum install -y rabbitmq-server

#启动
systemctl enable --now rabbitmq-server

#添加用户
rabbitmqctl add_user openstack $RABBIT_PASS

#授权
rabbitmqctl set_permissions openstack ".*" ".*" ".*"

安装 Memcached

#安装
yum install -y memcached python-memcached

#修改配置,允许外网访问
vim /etc/sysconfig/memcached
OPTIONS=""

#启动
systemctl enable --now memcached

安装 etcd

#安装
yum install -y etcd

#修改配置
vim /etc/etcd/etcd.conf
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="http://10.206.0.10:2380"
ETCD_LISTEN_CLIENT_URLS="http://10.206.0.10:2379"
ETCD_NAME="controller"

ETCD_INITIAL_ADVERTISE_PEER_URLS="http://10.206.0.10:2380"
ETCD_ADVERTISE_CLIENT_URLS="http://10.206.0.10:2379"
ETCD_INITIAL_CLUSTER="controller=http://10.206.0.10:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"
ETCD_INITIAL_CLUSTER_STATE="new"

#启动
systemctl enable --now  etcd

安装OpenStack Service

安装 Keystone

# 连接数据库
mysql -uroot -p

# 建库
CREATE DATABASE keystone;
CREATE USER keystone IDENTIFIED BY 'openstack@webzhan.xyz';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%';
FLUSH PRIVILEGES;

# 安装
yum install -y openstack-keystone httpd mod_wsgi

# 抱错安装
yum install -y  qpid-proton-c-0.26.0-2.el7.x86_64

# 配置
vim /etc/keystone/keystone.conf
[database]
connection = mysql+pymysql://keystone:openstack%40webzhan.xyz@openstack-1/keystone

[token]
provider = fernet

# 填充数据库
keystone-manage db_sync  keystone

# 初始化Fernet密钥存储库
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

# 启动keystone
keystone-manage bootstrap --bootstrap-password $ADMIN_PASS \
  --bootstrap-admin-url http://openstack-1:5000/v3/ \
  --bootstrap-internal-url http://openstack-1:5000/v3/ \
  --bootstrap-public-url http://openstack-1:5000/v3/ \
  --bootstrap-region-id RegionOne

# 配置httpd
vim /etc/httpd/conf/httpd.conf
ServerName openstack-1

# 建立软连接
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/

# 启动httpd
systemctl enable --now httpd

# 三台服务器更新环境变量
export OS_USERNAME=admin
export OS_PASSWORD=$ADMIN_PASS
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://openstack-1:5000/v3

# 三台服务器使环境变量生效
source /etc/profile

# 以下继续在 openstack-1 执行
# 创建默认 domain
openstack domain create --description "An Example Domain" example

# 创建service 项目
openstack project create --domain default --description "Service Project" service

# 创建myproject project 
openstack project create --domain default --description "Demo Project" myproject

# myuser 用户,密码设置123456
openstack user create --domain default --password-prompt myuser

# 创建myrole权限
openstack role create myrole

# 把myrole权限加入到myproject和myuser中
openstack role add --project myproject --user myuser myrole

# 验证
unset OS_AUTH_URL OS_PASSWORD
openstack --os-auth-url http://openstack-1:5000/v3 \
  --os-project-domain-name Default --os-user-domain-name Default \
  --os-project-name admin --os-username admin token issue

# 验证myproject
openstack --os-auth-url http://openstack-1:5000/v3 \
  --os-project-domain-name Default --os-user-domain-name Default \
  --os-project-name myproject --os-username myuser token issue

# 创建 admin-openrc 文件
export OS_USERNAME=admin
export OS_PASSWORD=$ADMIN_PASS
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://openstack-1:5000/v3
export OS_IDENTITY_API_VERSION=3

# 创建 demo-openrc 文件
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=myproject
export OS_USERNAME=myuser
export OS_PASSWORD=123456
export OS_AUTH_URL=http://openstack-1:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

# 使之生效
. admin-openrc

# 请求认证 token
openstack token issue

安装 Glance

# 连接数据库
mysql -uroot -p

# 创建 mysql 用户及库
CREATE DATABASE glance;
CREATE USER glance IDENTIFIED BY 'openstack@webzhan.xyz';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%';
FLUSH PRIVILEGES;

# 创建 glance 用户, 密码为上面的 GLANCE_PASS 
openstack user create --domain default --password-prompt glance

# 为 glance 用户添加 admin 权限
openstack role add --project service --user glance admin

# 创建 glance service
openstack service create --name glance --description "OpenStack Image" image

# 创建 Image service API endpoints
openstack endpoint create --region RegionOne image public http://openstack-1:9292
openstack endpoint create --region RegionOne image internal http://openstack-1:9292
openstack endpoint create --region RegionOne image admin http://openstack-1:9292

# 安装 glance 组件:
yum install -y openstack-glance

# 修改 /etc/glance/glance-api.conf 文件:
[database]
connection = mysql+pymysql://glance:openstack%40webzhan.xyz@openstack-1/glance

[keystone_authtoken]
www_authenticate_uri  = http://openstack-1:5000
auth_url = http://openstack-1:5000
memcached_servers = openstack-1:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = c08393f3ed64cbca17ec

[paste_deploy]
flavor = keystone

[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/

# 初始化数据库
glance-manage db_sync glance

# 启动 Glance 服务,如果启动失败,见最后FAQ,应该是权限问题。
systemctl enable  --now openstack-glance-api

# 验证
wget https://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-disk.img
lsof -i:9292
openstack image create "cirros" --file cirros-0.3.0-x86_64-disk.img --disk-format qcow2 --container-format bare --public 
openstack image list

安装 Placement

# 连接数据库
mysql -uroot -p

# 创建 mysql 库和用户
CREATE DATABASE placement;
CREATE USER placement IDENTIFIED BY 'openstack@webzhan.xyz';
GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%';
FLUSH PRIVILEGES;

# 创建用户,密码是上面的 PLACEMENT_PASS 
openstack user create --domain default --password-prompt placement

# 添加 placement service
openstack role add --project service --user placement admin

# 创建Placement API entry:
openstack service create --name placement --description "Placement API" placement

# 创建 Placement API service endpoints 
openstack endpoint create --region RegionOne placement public http://openstack-1:8778
openstack endpoint create --region RegionOne placement internal http://openstack-1:8778
openstack endpoint create --region RegionOne placement admin http://openstack-1:8778

# 安装 Placement 组件
yum install -y openstack-placement-api

# 修改 /etc/placement/placement.conf 文件:
[placement_database]
connection = mysql+pymysql://placement:openstack%40webzhan.xyz@openstack-1/placement

[api]
auth_strategy = keystone

[keystone_authtoken]
auth_url = http://openstack-1:5000/v3
memcached_servers = openstack-1:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = placement
password = c08393f3ed64cbca17ec

# 初始化数据库
placement-manage db sync

# 重启 httpd 服务
systemctl restart httpd

# 验证。出现错误,见FAQ
placement-status upgrade check
pip install osc-placement==2.2.0
openstack --os-placement-api-version 1.2 resource class list --sort-column name
openstack --os-placement-api-version 1.6 trait list --sort-column name

安装 Nova

安装 Nova 控制节点

# 连接数据库
mysql -uroot -p

# 创建 mysql 用户和库
CREATE DATABASE nova_api;
CREATE DATABASE nova;
CREATE DATABASE nova_cell0;
CREATE USER nova IDENTIFIED BY 'openstack@webzhan.xyz';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%';
FLUSH PRIVILEGES;

# 创建 nova 用户,密码是 NOVA_PASS
openstack user create --domain default --password-prompt nova

# 为 nova 添加 admin 权限:
openstack role add --project service --user nova admin

# 创建 nova service entity
openstack service create --name nova --description "OpenStack Compute" compute

# 创建 Compute API service endpoints
openstack endpoint create --region RegionOne compute public http://openstack-1:8774/v2.1
openstack endpoint create --region RegionOne compute internal http://openstack-1:8774/v2.1
openstack endpoint create --region RegionOne compute admin http://openstack-1:8774/v2.1

# 安装 nova
yum install -y openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler

# 修改 /etc/nova/nova.conf 文件
[DEFAULT]
enabled_apis=osapi_compute,metadata
block_device_allocate_retries=300
block_device_allocate_retries_interval=3


[api_database]
connection = mysql+pymysql://nova:openstack%40webzhan.xyz@openstack-1/nova_api

[database]
connection = mysql+pymysql://nova:openstack%40webzhan.xyz@openstack-1/nova

[DEFAULT]
transport_url=rabbit://openstack:c08393f3ed64cbca17ec@openstack-1:5672/

[api]
auth_strategy = keystone

[keystone_authtoken]
www_authenticate_uri = http://openstack-1:5000/
auth_url = http://openstack-1:5000/
memcached_servers = openstack-1:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = c08393f3ed64cbca17ec

[DEFAULT]
my_ip=10.206.0.10

[DEFAULT]
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver

[vnc]
enabled = true
server_listen = $my_ip
server_proxyclient_address = $my_ip

[glance]
api_servers=http://openstack-1:9292

[oslo_concurrency]
lock_path = /var/lib/nova/tmp

[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://openstack-1:5000/v3
username = placement
password = c08393f3ed64cbca17ec

# 初始化数据库
nova-manage api_db sync

# 注册 cell0 数据库
nova-manage cell_v2 map_cell0

# 注册 cell1 数据库
nova-manage cell_v2 create_cell --name=cell1 --verbose

# 填充 nove 数据库
nova-manage db sync

# 验证 cell0 和 cell1 是否被注册了
nova-manage cell_v2 list_cells

# 启动 nova
systemctl enable --now openstack-nova-api openstack-nova-scheduler openstack-nova-conductor openstack-nova-novncproxy

# 检查更新
nova-status upgrade check

安装 Nova 计算节点

# 安装
yum install -y qpid-proton-c-0.26.0-2.el7.x86_64
yum install -y openstack-nova-compute

# 修改 /etc/nova/nova.conf 文件,注意my_ip
[DEFAULT]
enabled_apis = osapi_compute,metadata
block_device_allocate_retries=300
block_device_allocate_retries_interval=3

[DEFAULT]
transport_url=rabbit://openstack:c08393f3ed64cbca17ec@openstack-1

[api]
auth_strategy = keystone

[keystone_authtoken]
www_authenticate_uri = http://openstack-1:5000/
auth_url = http://openstack-1:5000/
memcached_servers = openstack-1:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = c08393f3ed64cbca17ec

[DEFAULT]
my_ip=10.206.0.6

[DEFAULT]
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver

[vnc]
enabled = true
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://openstack-1:6080/vnc_auto.html

[glance]
api_servers=http://openstack-1:9292

[oslo_concurrency]
lock_path = /var/lib/nova/tmp

[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://openstack-1:5000/v3
username = placement
password = c08393f3ed64cbca17ec

# 执行
egrep -c '(vmx|svm)' /proc/cpuinfo

# 如果返回了 0 ,还需要配置:
[libvirt]
virt_type=qemu

# 启动 Nova 计算节点:
systemctl enable --now libvirtd openstack-nova-compute

# 查看有哪些计算节点
openstack compute service list --service nova-compute

# 发现计算节点,每次加入新节点后,都要执行 nova-manage命令。
nova-manage cell_v2 discover_hosts --verbose

# 验证 Nova 安装
openstack catalog list
openstack image list
nova-status upgrade check

安装 Neutron

安装 Neutron 控制节点

# 连接数据库
mysql -uroot -p

# 创建 mysql 库和用户
CREATE DATABASE neutron;
CREATE USER neutron IDENTIFIED BY 'openstack@webzhan.xyz';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%';
FLUSH PRIVILEGES;

# 创建 neutron 用户,使用 NEUTRON_PASS 为密码
openstack user create --domain default --password-prompt neutron

# 为 neutron 用户添加 admin 权限
openstack role add --project service --user neutron admin

# 创建 neutron service entity
openstack service create --name neutron --description "OpenStack Networking" network

# 创建 Networking service API endpoints
openstack endpoint create --region RegionOne network public http://openstack-1:9696
openstack endpoint create --region RegionOne network internal http://openstack-1:9696
openstack endpoint create --region RegionOne network admin http://openstack-1:9696

# 这里配置网络有两种选项,下面来部署比较简单的
yum install  -y openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables

# 修改 /etc/neutron/neutron.conf 文件
[database]
connection = mysql+pymysql://neutron:openstack%40webzhan.xyz@openstack-1/neutron

[DEFAULT]
core_plugin = ml2
service_plugins =

[DEFAULT]
transport_url=rabbit://openstack:c08393f3ed64cbca17ec@openstack-1

[DEFAULT]
auth_strategy = keystone

[keystone_authtoken]
www_authenticate_uri = http://openstack-1:5000
auth_url = http://openstack-1:5000
memcached_servers = openstack-1:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = c08393f3ed64cbca17ec

[DEFAULT]
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true

[nova]
auth_url = http://openstack-1:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = c08393f3ed64cbca17ec

[oslo_concurrency]
lock_path = /var/lib/neutron/tmp

# 修改 /etc/neutron/plugins/ml2/ml2_conf.ini 文件,添加以下内容
[ml2]
type_drivers = flat,vlan
tenant_network_types =
mechanism_drivers = linuxbridge
extension_drivers = port_security

[ml2_type_flat]
flat_networks = provider

[securitygroup]
enable_ipset = true

# 修改 /etc/neutron/plugins/ml2/linuxbridge_agent.ini 文件,添加以下内容
## 注意网卡名称
[linux_bridge]
physical_interface_mappings = provider:eth0

[vxlan]
enable_vxlan = false

[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

# 修改 /etc/neutron/dhcp_agent.ini 文件,加入以下配置
[DEFAULT]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true

# 修改 /etc/neutron/metadata_agent.ini 文件,加入以下内容
[DEFAULT]
nova_metadata_host = openstack-1
metadata_proxy_shared_secret = c08393f3ed64cbca17ec

# 修改 /etc/nova/nova.conf 文件,加入以下内容
[neutron]
auth_url = http://openstack-1:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = c08393f3ed64cbca17ec
service_metadata_proxy = true
metadata_proxy_shared_secret = c08393f3ed64cbca17ec

# 启动 Neutron
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head

systemctl restart openstack-nova-api

systemctl enable --now neutron-server neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent

# 创建网络
openstack network create  --share --external --provider-physical-network provider --provider-network-type flat provider

# 创建子网
openstack subnet create --network provider --allocation-pool start=10.206.0.20,end=10.206.0.50 --dns-nameserver 183.60.83.19 --gateway 10.206.0.1 --subnet-range 10.206.0.0/20 provider

安装 Neutron 计算节点

# 安装软件
yum install -y openstack-neutron-linuxbridge ebtables ipset

# 修改 /etc/neutron/neutron.conf 配置文件
[DEFAULT]
transport_url=rabbit://openstack:c08393f3ed64cbca17ec@openstack-1

[DEFAULT]
auth_strategy = keystone

[keystone_authtoken]
www_authenticate_uri = http://openstack-1:5000
auth_url = http://openstack-1:5000
memcached_servers = openstack-1:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = c08393f3ed64cbca17ec

[oslo_concurrency]
lock_path = /var/lib/neutron/tmp

# 修改 /etc/neutron/plugins/ml2/linuxbridge_agent.ini 文件
## 注意网卡名称
[linux_bridge]
physical_interface_mappings = provider:eth0

[vxlan]
enable_vxlan = false

[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

# 修改 /etc/nova/nova.conf 文件
[neutron]
url = http://openstack-1:9696
auth_url = http://openstack-1:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = c08393f3ed64cbca17ec

# 重启计算服务
systemctl restart openstack-nova-compute

# 启动网络计算服务。启动抱错(网卡名称导致),见FAQ
systemctl enable --now neutron-linuxbridge-agent

# 验证
openstack extension list --network

# 查看网络节点列表
openstack network agent list

安装 CInder

安装 Cinder 控制节点

# 连接数据库
mysql -uroot -p

# 添加 mysql 库和 用户
CREATE DATABASE cinder;
CREATE USER cinder IDENTIFIED BY 'openstack@webzhan.xyz';
GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%';
FLUSH PRIVILEGES;

# 创建 cinder 用户,密码是 CINDER_PASS
openstack user create --domain default --password-prompt cinder

# 为 cinder 用户绑定 admin 权限
openstack role add --project service --user cinder admin

# 创建 cinderv2 and cinderv3 service entities
openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2
openstack service create --name cinderv3 --description "OpenStack Block Storage" volumev3

# 创建 Block Storage service API endpoints
openstack endpoint create --region RegionOne volumev2 public http://openstack-1:8776/v2/%\(project_id\)s
openstack endpoint create --region RegionOne volumev2 internal http://openstack-1:8776/v2/%\(project_id\)s
openstack endpoint create --region RegionOne volumev2 admin http://openstack-1:8776/v2/%\(project_id\)s

openstack endpoint create --region RegionOne volumev3 public http://openstack-1:8776/v3/%\(project_id\)s
openstack endpoint create --region RegionOne volumev3 internal http://openstack-1:8776/v3/%\(project_id\)s
openstack endpoint create --region RegionOne volumev3 admin http://openstack-1:8776/v3/%\(project_id\)s

# 安装 cinder
yum install -y openstack-cinder

# 修改 /etc/cinder/cinder.conf 配置文件
[database]
connection = mysql+pymysql://cinder:openstack%40webzhan.xyz@openstack-1/cinder

[DEFAULT]
transport_url=rabbit://openstack:c08393f3ed64cbca17ec@openstack-1:5672/
auth_strategy = keystone
my_ip = 10.206.0.10

[keystone_authtoken]
www_authenticate_uri = http://openstack-1:5000
auth_url = http://openstack-1:5000
memcached_servers = openstack-1:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = cinder
password = c08393f3ed64cbca17ec

[oslo_concurrency]
lock_path = /var/lib/cinder/tmp

# 初始化数据库
cinder-manage db sync

# 配置计算节点使用块储存,在全部节点上修改 /etc/nova/nova.conf 
[cinder]
os_region_name = RegionOne

# 重启 nova-api 
systemctl restart openstack-nova-api

# 启动块储存控制节点的服务:
systemctl enable --now openstack-cinder-api openstack-cinder-scheduler

安装 Cinder 储存节点

# 安装 Cinder 储存组件
yum install -y openstack-cinder targetcli python-keystone

# 查看类名
grep 'Nfs'  /usr/lib/python2.7/site-packages/cinder/volume/drivers/nfs.py | grep class

# 修改 /etc/cinder/cinder.conf 配置文件
[database]
connection = mysql+pymysql://cinder:openstack%40webzhan.xyz@openstack-1/cinder

[DEFAULT]
transport_url=rabbit://openstack:c08393f3ed64cbca17ec@openstack-1:5672/
auth_strategy = keystone
glance_api_servers = http://openstack-1:9292
my_ip = 10.206.0.6
enabled_backends = nfs

[keystone_authtoken]
www_authenticate_uri = http://openstack-1:5000
auth_url = http://openstack-1:5000
memcached_servers = openstack-1:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = cinder
password = c08393f3ed64cbca17ec

[oslo_concurrency]
lock_path = /var/lib/cinder/tmp


[nfs]
volume_backend_name = nfs
volume_driver = cinder.volume.drivers.nfs.NfsDriver
nfs_shares_config=/etc/cinder/nfs_shares
nfs_mount_point_base=$state_path/mnt

# 创建nfs配置文件
vim  /etc/cinder/nfs_shares
10.206.0.6:/data/nfs

# 更改权限
chown root:cinder /etc/cinder/nfs_shares
chmod 640 /etc/cinder/nfs_shares
 
# 启动 Cinder 储存节点
systemctl enable --now openstack-cinder-volume

# 验证,密码 c08393f3ed64cbca17ec 
openstack volume service list

安装 Horizon

# 安装软件
yum install -y openstack-dashboard

# 修改 /etc/openstack-dashboard/local_settings 配置文件
OPENSTACK_HOST = "openstack-1"
ALLOWED_HOSTS = ['*']
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
CACHES = {
    'default': {
         'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
         'LOCATION': 'openstack-1:11211',
    }
}

TIME_ZONE = "Asia/Shanghai"

OPENSTACK_NEUTRON_NETWORK = {
    'enable_auto_allocated_network': False,
    'enable_distributed_router': False,
    'enable_fip_topology_check': True,
    'enable_ha_router': False,
    'enable_ipv6': True,
    # TODO(amotoki): Drop OPENSTACK_NEUTRON_NETWORK completely from here.
    # enable_quotas has the different default value here.
    'enable_quotas': False,
    'enable_rbac_policy': True,
    'enable_router': True,
    'enable_lb': False,
    'enable_firewall': False,
    'enable_vpn': False,

    'default_dns_nameservers': [],
    'supported_provider_types': ['*'],
    'segmentation_id_range': {},
    'extra_provider_types': {},
    'supported_vnic_types': ['*'],
    'physical_networks': [],

}


OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_API_VERSIONS = {
    "identity": 3,
    "image": 2,
    "volume": 3,
}
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"

WEBROOT = "/dashboard/"

# 在 /etc/httpd/conf.d/openstack-dashboard.conf 中添加
WSGIApplicationGroup %{GLOBAL}

# 重启 httpd 和 缓存服务:
systemctl restart httpd  memcached

# 在界面上创建一个镜像,镜像需要特殊定制的。然后查看镜像列表:
glance image-list

测试访问

http://openstack-1/dashboard

FAQ

glance启动抱错

#修改systemd配置,注销
vim /lib/systemd/system/openstack-glance-api.service
#Restart=on-failure

# 使生效
systemctl daemon-reload

# 重启
systemctl restart openstack-glance-api

# 报错权限问题,修改后重启成功
chown -R glance:glance /var/log/glance/api.log

Placement报错

# 在 /etc/httpd/conf.d/00-placement-api.conf 中的 <VirtualHost *:8778> 内部加入以下代码:

  <Directory /usr/bin>
    <IfVersion >= 2.4>
      Require all granted
    </IfVersion>
    <IfVersion < 2.4>
      Order allow,deny
      Allow from all
    </IfVersion>
  </Directory>

# 重启 httpd
systemctl restart httpd

# 再次验证
openstack --os-placement-api-version 1.2 resource class list --sort-column name
openstack --os-placement-api-version 1.6 trait list --sort-column name

neutron-linuxbridge-agent 启动抱错

# 查看日志
cat /var/log/neutron/linuxbridge-agent.log
Interface ens192 for physical network provider does not exist. Agent terminated!

# 修改 /etc/neutron/plugins/ml2/linuxbridge_agent.ini
## 网卡接口不对
[linux_bridge]
physical_interface_mappings = provider:eth0

# 重启服务
 systemctl restart neutron-linuxbridge-agent
0

评论 (0)

取消