zoukankan      html  css  js  c++  java
  • openstack 搭建

    #所有节点修改ip,主机名和hosts解析

    controller
    
    10.0.0.11       controller
    
    compute1
    
    10.0.0.31       compute1
    

    #所有节点准备本地repo源

    rm -fr /etc/yum.repos.d/local.repo
    cd /opt/
    rz -E
    tar xf openstack_rpm.tar.gz
    
    mount /dev/cdrom /mnt
    
    echo "mount /dev/cdrom /mnt" >>/etc/rc.local 
    chmod +x /etc/rc.local
    
    
    echo '[openstack]
    name=openstack
    baseurl=file:///opt/repo
    gpgcheck=0
    
    [local]
    name=local
    baseurl=file:///mnt
    gpgcheck=0' >/etc/yum.repos.d/openstack.repo
    

    #时间同步
    controller节点ntp服务端:

    vim /etc/chrony.conf
    allow 10.0.0.0/24
    
    systemctl restart chronyd
    

    其他节点ntp客户端:

    vim /etc/chrony.conf
    server 10.0.0.11 iburst
    systemctl restart chronyd
    

    #所有节点安装openstack客户端

    yum install python-openstackclient -y
    

    #控制节点安装数据库

    yum install mariadb mariadb-server python2-PyMySQL -y
    
    vi /etc/my.cnf.d/openstack.cnf
    [mysqld]
    bind-address = 10.0.0.11
    default-storage-engine = innodb
    innodb_file_per_table
    max_connections = 4096
    collation-server = utf8_general_ci
    character-set-server = utf8
    
    systemctl start mariadb
    systemctl enable mariadb
    
    mysql_secure_installation
    

    先回车,选择N,剩下的一路y

    #控制节点安装消息队列

    yum install rabbitmq-server -y
    
    systemctl start rabbitmq-server.service 
    systemctl enable rabbitmq-server.service
    
    rabbitmqctl add_user openstack RABBIT_PASS
    rabbitmqctl set_permissions openstack ".*" ".*" ".*"
    
    #控制节点安装memcache
    yum install memcached python-memcached -y
    
    vim /etc/sysconfig/memcached
    OPTIONS="-l 0.0.0.0"
    
    systemctl start memcached.service 
    systemctl enable memcached.service
    

    #控制节点安装keystone服务
    a:准备数据库

    mysql>
    CREATE DATABASE keystone;
    GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' 
      IDENTIFIED BY 'KEYSTONE_DBPASS';
    GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' 
      IDENTIFIED BY 'KEYSTONE_DBPASS';
    

    b:安装keystone相关软件包

    yum install openstack-keystone httpd mod_wsgi -y
    

    c:配置keystone

    vi  /etc/keystone/keystone.conf 
    [DEFAULT]
    admin_token = ADMIN_TOKEN
    [assignment]
    [auth]
    [cache]
    [catalog]
    [cors]
    [cors.subdomain]
    [credential]
    [database]
    connection = mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone
    [domain_config]
    [endpoint_filter]
    [endpoint_policy]
    [eventlet_server]
    [eventlet_server_ssl]
    [federation]
    [fernet_tokens]
    [identity]
    [identity_mapping]
    [kvs]
    [ldap]
    [matchmaker_redis]
    [memcache]
    [oauth1]
    [os_inherit]
    [oslo_messaging_amqp]
    [oslo_messaging_notifications]
    [oslo_messaging_rabbit]
    [oslo_middleware]
    [oslo_policy]
    [paste_deploy]
    [policy]
    [resource]
    [revoke]
    [role]
    [saml]
    [shadow_users]
    [signing]
    [ssl]
    [token]
    provider = fernet
    [tokenless_auth]
    [trust]
    

    #MD5校验

    [root@controller opt]# md5sum /etc/keystone/keystone.conf
    d5acb3db852fe3f247f4f872b051b7a9  /etc/keystone/keystone.conf
    

    d:同步数据库

    su -s /bin/sh -c "keystone-manage db_sync" keystone
    

    e:初始化fernet

    keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
    

    f:配置httpd

    echo "ServerName controller" >>/etc/httpd/conf/httpd.conf
    echo 'Listen 5000
    Listen 35357
    
    <VirtualHost *:5000>
        WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
        WSGIProcessGroup keystone-public
        WSGIScriptAlias / /usr/bin/keystone-wsgi-public
        WSGIApplicationGroup %{GLOBAL}
        WSGIPassAuthorization On
        ErrorLogFormat "%{cu}t %M"
        ErrorLog /var/log/httpd/keystone-error.log
        CustomLog /var/log/httpd/keystone-access.log combined
    
    <Directory /usr/bin>
        Require all granted
    </Directory>
    
    </VirtualHost>
    
    <VirtualHost *:35357>
        WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
        WSGIProcessGroup keystone-admin
        WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
        WSGIApplicationGroup %{GLOBAL}
        WSGIPassAuthorization On
        ErrorLogFormat "%{cu}t %M"
        ErrorLog /var/log/httpd/keystone-error.log
        CustomLog /var/log/httpd/keystone-access.log combined
    
    <Directory /usr/bin>
        Require all granted
    </Directory>
    
    </VirtualHost>' >/etc/httpd/conf.d/wsgi-keystone.conf
    

    g:启动httpd

    systemctl start httpd
    systemctl enable httpd
    

    h:初始化keystone

    export OS_TOKEN=ADMIN_TOKEN
    export OS_URL=http://controller:35357/v3
    export OS_IDENTITY_API_VERSION=3
    

    ###千万不能重复!!!

    openstack service create --name keystone --description "OpenStack Identity" identity
    openstack endpoint create --region RegionOne  identity public http://controller:5000/v3
    openstack endpoint create --region RegionOne  identity internal http://controller:5000/v3
    openstack endpoint create --region RegionOne  identity admin http://controller:35357/v3
    

    ##创建域,项目,用户,角色

    openstack domain create --description "Default Domain" default
    openstack project create --domain default --description "Admin Project" admin
    openstack user create --domain default  --password ADMIN_PASS admin
    openstack role create admin
    openstack role add --project admin --user admin admin
    
    openstack project create --domain default 
      --description "Service Project" service
    
    unset OS_TOKEN OS_URL  
    export OS_PROJECT_DOMAIN_NAME=default
    export OS_USER_DOMAIN_NAME=default
    export OS_PROJECT_NAME=admin
    export OS_USERNAME=admin
    export OS_PASSWORD=ADMIN_PASS
    export OS_AUTH_URL=http://controller:35357/v3
    export OS_IDENTITY_API_VERSION=3
    export OS_IMAGE_API_VERSION=2
    

    #验证keystone服务是否正常

    openstack token issue
    

    ##openstack服务安装通用步骤
    a:mysql中创库授权
    b:在keystone创建系统账号,并关联角色
    c:在keystone上创建服务名称,注册api
    d:安装相关软件包
    e:修改配置文件
    f:同步数据(创表)
    g:启动服务
    h:验证

    ##在控制节点安装glance镜像服务
    a:mysql中创库授权

    CREATE DATABASE glance;
    GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' 
      IDENTIFIED BY 'GLANCE_DBPASS';
    GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' 
      IDENTIFIED BY 'GLANCE_DBPASS';
    

    b:在keystone创建系统账号,并关联角色

    openstack user create --domain default --password GLANCE_PASS glance
    openstack role add --project service --user glance admin
    

    c:在keystone上创建服务名称,注册api

    openstack service create --name glance  --description "OpenStack Image" image
    openstack endpoint create --region RegionOne  image public http://controller:9292
    openstack endpoint create --region RegionOne  image internal http://controller:9292
    openstack endpoint create --region RegionOne  image admin http://controller:9292
    

    d:安装相关软件包

    yum install openstack-glance -y
    

    e:修改配置文件

    openstack-config --set /etc/glance/glance-api.conf  database  connection  mysql+pymysql://glance:GLANCE_DBPASS@controller/glance
    openstack-config --set /etc/glance/glance-api.conf  glance_store stores  file,http
    openstack-config --set /etc/glance/glance-api.conf  glance_store default_store  file
    openstack-config --set /etc/glance/glance-api.conf  glance_store filesystem_store_datadir  /var/lib/glance/images/
    openstack-config --set /etc/glance/glance-api.conf  keystone_authtoken auth_uri  http://controller:5000
    openstack-config --set /etc/glance/glance-api.conf  keystone_authtoken auth_url  http://controller:35357
    openstack-config --set /etc/glance/glance-api.conf  keystone_authtoken memcached_servers  controller:11211
    openstack-config --set /etc/glance/glance-api.conf  keystone_authtoken auth_type  password
    openstack-config --set /etc/glance/glance-api.conf  keystone_authtoken project_domain_name  default
    openstack-config --set /etc/glance/glance-api.conf  keystone_authtoken user_domain_name  default
    openstack-config --set /etc/glance/glance-api.conf  keystone_authtoken project_name  service
    openstack-config --set /etc/glance/glance-api.conf  keystone_authtoken username  glance
    openstack-config --set /etc/glance/glance-api.conf  keystone_authtoken password  GLANCE_PASS
    openstack-config --set /etc/glance/glance-api.conf  paste_deploy flavor  keystone
    #cat glance-registry.conf >/etc/glance/glance-registry.conf 
    openstack-config --set /etc/glance/glance-registry.conf  database  connection  mysql+pymysql://glance:GLANCE_DBPASS@controller/glance
    openstack-config --set /etc/glance/glance-registry.conf  keystone_authtoken auth_uri  http://controller:5000
    openstack-config --set /etc/glance/glance-registry.conf  keystone_authtoken auth_url  http://controller:35357
    openstack-config --set /etc/glance/glance-registry.conf  keystone_authtoken memcached_servers  controller:11211
    openstack-config --set /etc/glance/glance-registry.conf  keystone_authtoken auth_type  password
    openstack-config --set /etc/glance/glance-registry.conf  keystone_authtoken project_domain_name  default
    openstack-config --set /etc/glance/glance-registry.conf  keystone_authtoken user_domain_name  default
    openstack-config --set /etc/glance/glance-registry.conf  keystone_authtoken project_name  service
    openstack-config --set /etc/glance/glance-registry.conf  keystone_authtoken username  glance
    openstack-config --set /etc/glance/glance-registry.conf  keystone_authtoken password  GLANCE_PASS
    openstack-config --set /etc/glance/glance-registry.conf  paste_deploy flavor  keystone
    

    f:同步数据(创表)

    su -s /bin/sh -c "glance-manage db_sync" glance
    

    g:启动服务

    systemctl enable openstack-glance-api.service  openstack-glance-registry.service
    systemctl start openstack-glance-api.service  openstack-glance-registry.service
    

    h:验证
    #上传cirros-0.3.4-x86_64-disk.img到当前目录
    #上传镜像

    openstack image create "cirros"   --file cirros-0.3.4-x86_64-disk.img   --disk-format qcow2 --container-format bare   --public
    

    #检查上传结果

    openstack image list
    

    ##控制节点安装nova计算服务控制端
    a:mysql中创库授权

    CREATE DATABASE nova_api;
    CREATE DATABASE nova;
    GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' 
      IDENTIFIED BY 'NOVA_DBPASS';
    GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' 
      IDENTIFIED BY 'NOVA_DBPASS';
    GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' 
      IDENTIFIED BY 'NOVA_DBPASS';
    GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' 
      IDENTIFIED BY 'NOVA_DBPASS';
    

    b:在keystone创建系统账号,并关联角色

    openstack user create --domain default  --password NOVA_PASS nova
    openstack role add --project service --user nova admin
    

    c:在keystone上创建服务名称,注册api

    openstack service create --name nova 
      --description "OpenStack Compute" compute
     openstack endpoint create --region RegionOne 
      compute public http://controller:8774/v2.1/%(tenant_id)s
     openstack endpoint create --region RegionOne 
      compute internal http://controller:8774/v2.1/%(tenant_id)s
     openstack endpoint create --region RegionOne 
      compute admin http://controller:8774/v2.1/%(tenant_id)s
    

    d:安装相关软件包

    yum install openstack-nova-api openstack-nova-conductor 
      openstack-nova-console openstack-nova-novncproxy 
      openstack-nova-scheduler -y
    

    e:修改配置文件

    cp /etc/nova/nova.conf{,.bak}
    grep -Ev '^$|#' /etc/nova/nova.conf.bak >/etc/nova/nova.conf
    openstack-config --set /etc/nova/nova.conf  DEFAULT enabled_apis  osapi_compute,metadata
    openstack-config --set /etc/nova/nova.conf  DEFAULT rpc_backend  rabbit
    openstack-config --set /etc/nova/nova.conf  DEFAULT auth_strategy  keystone
    openstack-config --set /etc/nova/nova.conf  DEFAULT my_ip  10.0.0.11
    openstack-config --set /etc/nova/nova.conf  DEFAULT use_neutron  True
    openstack-config --set /etc/nova/nova.conf  DEFAULT firewall_driver  nova.virt.firewall.NoopFirewallDriver
    openstack-config --set /etc/nova/nova.conf  api_database connection  mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api
    openstack-config --set /etc/nova/nova.conf  database  connection  mysql+pymysql://nova:NOVA_DBPASS@controller/nova
    openstack-config --set /etc/nova/nova.conf  glance api_servers  http://controller:9292
    openstack-config --set /etc/nova/nova.conf  keystone_authtoken  auth_uri  http://controller:5000
    openstack-config --set /etc/nova/nova.conf  keystone_authtoken  auth_url  http://controller:35357
    openstack-config --set /etc/nova/nova.conf  keystone_authtoken  memcached_servers  controller:11211
    openstack-config --set /etc/nova/nova.conf  keystone_authtoken  auth_type  password
    openstack-config --set /etc/nova/nova.conf  keystone_authtoken  project_domain_name  default
    openstack-config --set /etc/nova/nova.conf  keystone_authtoken  user_domain_name  default
    openstack-config --set /etc/nova/nova.conf  keystone_authtoken  project_name  service
    openstack-config --set /etc/nova/nova.conf  keystone_authtoken  username  nova
    openstack-config --set /etc/nova/nova.conf  keystone_authtoken  password  NOVA_PASS
    openstack-config --set /etc/nova/nova.conf  oslo_concurrency lock_path  /var/lib/nova/tmp
    openstack-config --set /etc/nova/nova.conf  oslo_messaging_rabbit   rabbit_host  controller
    openstack-config --set /etc/nova/nova.conf  oslo_messaging_rabbit   rabbit_userid  openstack
    openstack-config --set /etc/nova/nova.conf  oslo_messaging_rabbit   rabbit_password  RABBIT_PASS
    openstack-config --set /etc/nova/nova.conf  libvirt  virt_type  qemu
    openstack-config --set /etc/nova/nova.conf  libvirt  cpu_mode  none
    openstack-config --set /etc/nova/nova.conf  vnc enabled  True
    openstack-config --set /etc/nova/nova.conf  vnc vncserver_listen  0.0.0.0
    openstack-config --set /etc/nova/nova.conf  vnc vncserver_proxyclient_address  '$my_ip'
    openstack-config --set /etc/nova/nova.conf  vnc novncproxy_base_url  http://controller:6080/vnc_auto.html
    openstack-config --set /etc/nova/nova.conf  neutron url  http://controller:9696
    openstack-config --set /etc/nova/nova.conf  neutron auth_url  http://controller:35357
    openstack-config --set /etc/nova/nova.conf  neutron auth_type  password
    openstack-config --set /etc/nova/nova.conf  neutron project_domain_name  default
    openstack-config --set /etc/nova/nova.conf  neutron user_domain_name  default
    openstack-config --set /etc/nova/nova.conf  neutron region_name  RegionOne
    openstack-config --set /etc/nova/nova.conf  neutron project_name  service
    openstack-config --set /etc/nova/nova.conf  neutron username  neutron
    openstack-config --set /etc/nova/nova.conf  neutron password  NEUTRON_PASS
    openstack-config --set /etc/nova/nova.conf  neutron service_metadata_proxy  True
    openstack-config --set /etc/nova/nova.conf  neutron metadata_proxy_shared_secret  METADATA_SECRET
    

    f:同步数据(创表)

    su -s /bin/sh -c "nova-manage api_db sync" nova
    su -s /bin/sh -c "nova-manage db sync" nova
    

    g:启动服务

    systemctl enable openstack-nova-api.service 
      openstack-nova-consoleauth.service openstack-nova-scheduler.service 
      openstack-nova-conductor.service openstack-nova-novncproxy.service
    systemctl start openstack-nova-api.service 
      openstack-nova-consoleauth.service openstack-nova-scheduler.service 
      openstack-nova-conductor.service openstack-nova-novncproxy.service
    

    h:控制节点验证

    openstack compute service list
    

    ##计算节点安装nova计算服务agent端

    a:安装软件

    yum install openstack-nova-compute -y
    

    b:修改配置文件

    yum install openstack-utils -y
    cp /etc/nova/nova.conf{,.bak}
    grep '^[a-Z[]' /etc/nova/nova.conf.bak >/etc/nova/nova.conf
    openstack-config --set /etc/nova/nova.conf  DEFAULT rpc_backend  rabbit
    openstack-config --set /etc/nova/nova.conf  DEFAULT auth_strategy  keystone
    openstack-config --set /etc/nova/nova.conf  DEFAULT my_ip  10.0.0.31
    openstack-config --set /etc/nova/nova.conf  DEFAULT use_neutron  True
    openstack-config --set /etc/nova/nova.conf  DEFAULT firewall_driver  nova.virt.firewall.NoopFirewallDriver
    openstack-config --set /etc/nova/nova.conf  glance api_servers  http://controller:9292
    openstack-config --set /etc/nova/nova.conf  keystone_authtoken  auth_uri  http://controller:5000
    openstack-config --set /etc/nova/nova.conf  keystone_authtoken  auth_url  http://controller:35357
    openstack-config --set /etc/nova/nova.conf  keystone_authtoken  memcached_servers  controller:11211
    openstack-config --set /etc/nova/nova.conf  keystone_authtoken  auth_type  password
    openstack-config --set /etc/nova/nova.conf  keystone_authtoken  project_domain_name  default
    openstack-config --set /etc/nova/nova.conf  keystone_authtoken  user_domain_name  default
    openstack-config --set /etc/nova/nova.conf  keystone_authtoken  project_name  service
    openstack-config --set /etc/nova/nova.conf  keystone_authtoken  username  nova
    openstack-config --set /etc/nova/nova.conf  keystone_authtoken  password  NOVA_PASS
    openstack-config --set /etc/nova/nova.conf  oslo_concurrency lock_path  /var/lib/nova/tmp
    openstack-config --set /etc/nova/nova.conf  oslo_messaging_rabbit   rabbit_host  controller
    openstack-config --set /etc/nova/nova.conf  oslo_messaging_rabbit   rabbit_userid  openstack
    openstack-config --set /etc/nova/nova.conf  oslo_messaging_rabbit   rabbit_password  RABBIT_PASS
    openstack-config --set /etc/nova/nova.conf  vnc enabled  True
    openstack-config --set /etc/nova/nova.conf  vnc vncserver_listen  0.0.0.0
    openstack-config --set /etc/nova/nova.conf  vnc vncserver_proxyclient_address  '$my_ip'
    openstack-config --set /etc/nova/nova.conf  vnc novncproxy_base_url  http://controller:6080/vnc_auto.html
    

    c:启动

    systemctl start libvirtd
    systemctl enable libvirtd
    systemctl start openstack-nova-compute
    systemctl enable openstack-nova-compute
    

    d:控制节点验证

    openstack compute service list
    

    ##控制节点安装neutron网络服务
    a:mysql中创库授权

    CREATE DATABASE neutron;
    GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' 
      IDENTIFIED BY 'NEUTRON_DBPASS';
    GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' 
      IDENTIFIED BY 'NEUTRON_DBPASS';
    

    b:在keystone创建系统账号,并关联角色

    openstack user create --domain default --password NEUTRON_PASS neutron
    openstack role add --project service --user neutron admin
    

    c:在keystone上创建服务名称,注册api

    openstack service create --name neutron 
      --description "OpenStack Networking" network
    openstack endpoint create --region RegionOne 
      network public http://controller:9696
    openstack endpoint create --region RegionOne 
      network internal http://controller:9696
    openstack endpoint create --region RegionOne 
      network admin http://controller:9696
    

    d:安装相关软件包

    yum install openstack-neutron openstack-neutron-ml2 
      openstack-neutron-linuxbridge ebtables -y
    

    e:修改配置文件

    cp /etc/neutron/neutron.conf{,.bak} 
    grep -Ev '^$|#' /etc/neutron/neutron.conf.bak >/etc/neutron/neutron.conf
    
    openstack-config --set /etc/neutron/neutron.conf  DEFAULT core_plugin  ml2
    openstack-config --set /etc/neutron/neutron.conf  DEFAULT service_plugins
    openstack-config --set /etc/neutron/neutron.conf  DEFAULT rpc_backend  rabbit
    openstack-config --set /etc/neutron/neutron.conf  DEFAULT auth_strategy  keystone
    openstack-config --set /etc/neutron/neutron.conf  DEFAULT notify_nova_on_port_status_changes  True
    openstack-config --set /etc/neutron/neutron.conf  DEFAULT notify_nova_on_port_data_changes  True
    openstack-config --set /etc/neutron/neutron.conf  database connection  mysql+pymysql://neutron:NEUTRON_DBPASS@controller/neutron
    openstack-config --set /etc/neutron/neutron.conf  keystone_authtoken auth_uri  http://controller:5000
    openstack-config --set /etc/neutron/neutron.conf  keystone_authtoken auth_url  http://controller:35357
    openstack-config --set /etc/neutron/neutron.conf  keystone_authtoken memcached_servers  controller:11211
    openstack-config --set /etc/neutron/neutron.conf  keystone_authtoken auth_type  password
    openstack-config --set /etc/neutron/neutron.conf  keystone_authtoken project_domain_name  default
    openstack-config --set /etc/neutron/neutron.conf  keystone_authtoken user_domain_name  default
    openstack-config --set /etc/neutron/neutron.conf  keystone_authtoken project_name  service
    openstack-config --set /etc/neutron/neutron.conf  keystone_authtoken username  neutron
    openstack-config --set /etc/neutron/neutron.conf  keystone_authtoken password  NEUTRON_PASS
    openstack-config --set /etc/neutron/neutron.conf  nova auth_url  http://controller:35357
    openstack-config --set /etc/neutron/neutron.conf  nova auth_type  password 
    openstack-config --set /etc/neutron/neutron.conf  nova project_domain_name  default
    openstack-config --set /etc/neutron/neutron.conf  nova user_domain_name  default
    openstack-config --set /etc/neutron/neutron.conf  nova region_name  RegionOne
    openstack-config --set /etc/neutron/neutron.conf  nova project_name  service
    openstack-config --set /etc/neutron/neutron.conf  nova username  nova
    openstack-config --set /etc/neutron/neutron.conf  nova password  NOVA_PASS
    openstack-config --set /etc/neutron/neutron.conf  oslo_concurrency lock_path  /var/lib/neutron/tmp
    openstack-config --set /etc/neutron/neutron.conf  oslo_messaging_rabbit rabbit_host  controller
    openstack-config --set /etc/neutron/neutron.conf  oslo_messaging_rabbit rabbit_userid  openstack
    openstack-config --set /etc/neutron/neutron.conf  oslo_messaging_rabbit rabbit_password  RABBIT_PASS
    #cat ml2_conf.ini >/etc/neutron/plugins/ml2/ml2_conf.ini 
    openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini  ml2 type_drivers  flat,vlan
    openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini  ml2 tenant_network_types 
    openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini  ml2 mechanism_drivers  linuxbridge
    openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini  ml2 extension_drivers  port_security
    openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini  ml2_type_flat flat_networks  provider
    openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini  securitygroup enable_ipset  True
    #cat linuxbridge_agent.ini >/etc/neutron/plugins/ml2/linuxbridge_agent.ini 
    openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini  linux_bridge physical_interface_mappings  provider:eth0
    openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini  securitygroup enable_security_group  True
    openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini  securitygroup firewall_driver  neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
    openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini  vxlan enable_vxlan  False
    #cat dhcp_agent.ini >/etc/neutron/dhcp_agent.ini 
    openstack-config --set /etc/neutron/dhcp_agent.ini  DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver
    openstack-config --set /etc/neutron/dhcp_agent.ini  DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
    openstack-config --set /etc/neutron/dhcp_agent.ini  DEFAULT enable_isolated_metadata true
    #cat metadata_agent.ini >/etc/neutron/metadata_agent.ini 
    openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_ip  controller
    openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret  METADATA_SECRET
    

    f:同步数据(创表)

    ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
    su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf 
      --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
    

    g:启动服务

    systemctl restart openstack-nova-api.service
    systemctl enable neutron-server.service 
      neutron-linuxbridge-agent.service neutron-dhcp-agent.service 
      neutron-metadata-agent.service
    systemctl start neutron-server.service 
      neutron-linuxbridge-agent.service neutron-dhcp-agent.service 
      neutron-metadata-agent.service
    

    h:验证

    ##计算节点安装neutron网络服务
    a:安装

    yum install openstack-neutron-linuxbridge ebtables ipset -y
    

    b:配置

    cp /etc/neutron/neutron.conf{,.bak}
    grep '^[a-Z[]' /etc/neutron/neutron.conf.bak >/etc/neutron/neutron.conf
    openstack-config --set /etc/neutron/neutron.conf  DEFAULT rpc_backend  rabbit
    openstack-config --set /etc/neutron/neutron.conf  DEFAULT auth_strategy  keystone
    openstack-config --set /etc/neutron/neutron.conf  keystone_authtoken auth_uri  http://controller:5000
    openstack-config --set /etc/neutron/neutron.conf  keystone_authtoken auth_url  http://controller:35357
    openstack-config --set /etc/neutron/neutron.conf  keystone_authtoken memcached_servers  controller:11211
    openstack-config --set /etc/neutron/neutron.conf  keystone_authtoken auth_type  password
    openstack-config --set /etc/neutron/neutron.conf  keystone_authtoken project_domain_name  default
    openstack-config --set /etc/neutron/neutron.conf  keystone_authtoken user_domain_name  default
    openstack-config --set /etc/neutron/neutron.conf  keystone_authtoken project_name  service
    openstack-config --set /etc/neutron/neutron.conf  keystone_authtoken username  neutron
    openstack-config --set /etc/neutron/neutron.conf  keystone_authtoken password  NEUTRON_PASS
    openstack-config --set /etc/neutron/neutron.conf  oslo_concurrency lock_path  /var/lib/neutron/tmp
    openstack-config --set /etc/neutron/neutron.conf  oslo_messaging_rabbit rabbit_host  controller
    openstack-config --set /etc/neutron/neutron.conf  oslo_messaging_rabbit rabbit_userid  openstack
    openstack-config --set /etc/neutron/neutron.conf  oslo_messaging_rabbit rabbit_password  RABBIT_PASS
    

    #配置linuxbridge_agent.ini

    cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini{,.bak}
    grep '^[a-Z[]' /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak >/etc/neutron/plugins/ml2/linuxbridge_agent.ini
    openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini  linux_bridge physical_interface_mappings  provider:eth0
    openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini  securitygroup enable_security_group  True
    openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini  securitygroup firewall_driver  neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
    openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini  vxlan enable_vxlan  False
    

    #配置nova.conf

    openstack-config --set /etc/nova/nova.conf  neutron url  http://controller:9696
    openstack-config --set /etc/nova/nova.conf  neutron auth_url  http://controller:35357
    openstack-config --set /etc/nova/nova.conf  neutron auth_type  password
    openstack-config --set /etc/nova/nova.conf  neutron project_domain_name  default
    openstack-config --set /etc/nova/nova.conf  neutron user_domain_name  default
    openstack-config --set /etc/nova/nova.conf  neutron region_name  RegionOne
    openstack-config --set /etc/nova/nova.conf  neutron project_name  service
    openstack-config --set /etc/nova/nova.conf  neutron username  neutron
    openstack-config --set /etc/nova/nova.conf  neutron password  NEUTRON_PASS
    

    c:启动

    systemctl restart openstack-nova-compute.service
    systemctl enable neutron-linuxbridge-agent.service
    systemctl start neutron-linuxbridge-agent.service
    

    d:控制节点验证

    neutron agent-list
    

    ##在计算节点上安装dashboard服务
    a:安装

    yum install openstack-dashboard -y
    

    b:配置
    #上传local_settings文件

    cat local_settings >/etc/openstack-dashboard/local_settings
    

    c:启动

    systemctl enable httpd.service
    systemctl start httpd.service
    

    #控制节点创建网络

    neutron net-create --shared --provider:physical_network provider --provider:network_type flat WAN
    neutron subnet-create --name subnet-wan --allocation-pool 
    start=10.0.0.100,end=10.0.0.200 --dns-nameserver 223.5.5.5 
    --gateway 10.0.0.254 WAN 10.0.0.0/24
    

    #控制节点创建硬件配置方案

    openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano
    

    如果出现如下这种错误

    在计算节点编辑/etc/nova/nova.conf 文件中的libvirt

  • 相关阅读:
    饿了么P7级前端工程师进入大厂的面试经验
    前端程序员面试的坑,简历写上这一条信息会被虐死!
    这次来分享前端的九条bug吧
    移动端开发必会出现的问题和解决方案
    创建一个dynamics 365 CRM online plugin (八)
    创建一个dynamics 365 CRM online plugin (七)
    创建一个dynamics 365 CRM online plugin (六)
    创建一个dynamics 365 CRM online plugin (五)
    使用User Primary Email作为GUID的问题
    怎样Debug Dynamics 365 CRM Plugin
  • 原文地址:https://www.cnblogs.com/baozexu/p/11966350.html
Copyright © 2011-2022 走看看