-
1.知识回顾与端口总结
| service | 功能 |
|---|---|
| MySQL | 为各个服务提供数据存储 |
| RabbitMQ | 为各个服务之间通信提供交通枢纽 |
| Keystone | 为各个服务器之间通信提供认证和服务注册 |
| Glance | 为虚拟机提供镜像管理 |
| Nova | 为虚拟机提供计算资源 |
| Neutron | 为虚拟机提供网络资源 |
各服务端口列表
| 服务 | 端口 |
|---|---|
| MySQL | 3306 |
| Memcached | 11211 |
| Glance-api | 9292 |
| Glance-registry | 9191 |
| RabbitMQ | 15672、5672 |
| Libvirt Dnsmasq | 53 |
| Novncproxy | 6080 |
| Nova-api | 8774、8775 |
| Kesytone(admin) | 35357 |
| Kesytone(user) | 5000 |
| Neutron | 9696 |
| Cinder-api | 8776 |
-
2.确保以下三项结果是正常,才能进行创建虚拟机
[root@linux-node1 ~]# openstack image list +--------------------------------------+-----------------+--------+ | ID | Name | Status | +--------------------------------------+-----------------+--------+ | 5aa6e9a1-4aea-467c-a684-51080c326887 | Centos-7-x86_64 | active | | 51e1e125-dbe3-49c6-a3d5-55c89f195f55 | cirros | active | +--------------------------------------+-----------------+--------+ [root@linux-node1 ~]# nova service-list +----+------------------+-------------+----------+---------+-------+----------------------------+-----------------+ | Id | Binary | Host | Zone | Status | State | Updated_at | Disabled Reason | +----+------------------+-------------+----------+---------+-------+----------------------------+-----------------+ | 1 | nova-consoleauth | linux-node1 | internal | enabled | up | 2017-12-12T04:39:01.000000 | - | | 2 | nova-conductor | linux-node1 | internal | enabled | up | 2017-12-12T04:39:06.000000 | - | | 3 | nova-scheduler | linux-node1 | internal | enabled | up | 2017-12-12T04:39:07.000000 | - | | 6 | nova-compute | linux-node2 | nova | enabled | up | 2017-12-12T04:39:06.000000 | - | +----+------------------+-------------+----------+---------+-------+----------------------------+-----------------+ [root@linux-node1 ~]# neutron agent-list +--------------------------------------+--------------------+-------------+-------------------+-------+----------------+---------------------------+ | id | agent_type | host | availability_zone | alive | admin_state_up | binary | +--------------------------------------+--------------------+-------------+-------------------+-------+----------------+---------------------------+ | 308df597-c196-40e8-9894-b35f423ce9e4 | Linux bridge agent | linux-node2 | | :-) | True | neutron-linuxbridge-agent | | 598023d4-52a2-44d5-92fe-61376efa941e | Metadata agent | linux-node1 | | :-) | True | neutron-metadata-agent | | a824342c-ad84-4c05-a4a9-80f5025d6ae5 | Linux bridge agent | linux-node1 | | :-) | True | neutron-linuxbridge-agent | | e116c29d-ce28-4d84-8433-214590e97c69 | DHCP agent | linux-node1 | nova | :-) | True | neutron-dhcp-agent | +--------------------------------------+--------------------+-------------+-------------------+-------+----------------+---------------------------+
-
3.云主机创建
(1)创建网络
[root@linux-node1 ~]# openstack network create --share --provider-physical-network public --provider-network-type flat public [root@linux-node1 ~]# neutron net-list +--------------------------------------+--------+------------------------------------------------------+ | id | name | subnets | +--------------------------------------+--------+------------------------------------------------------+ | c39c1348-5a8f-4291-9772-b03a22b085df | public | df82f43f-97fe-41d0-bdbd-933565102598 192.168.56.0/24 | +--------------------------------------+--------+------------------------------------------------------+
(2)创建子网
[root@linux-node1 ~]# openstack subnet create --network public --allocation-pool start=192.168.56.100,end=192.168.56.200 --dns-nameserver 192.168.56.2 --gateway 192.168.56.2 --subnet-range 192.168.56.0/24 public-subnet [root@linux-node1 ~]# neutron subnet-list +--------------------------------------+---------------+-----------------+------------------------------------------------------+ | id | name | cidr | allocation_pools | +--------------------------------------+---------------+-----------------+------------------------------------------------------+ | df82f43f-97fe-41d0-bdbd-933565102598 | public-subnet | 192.168.56.0/24 | {"start": "192.168.56.100", "end": "192.168.56.200"} | +--------------------------------------+---------------+-----------------+------------------------------------------------------+
(3)创建m1.nano类型
默认的最小规格的主机需要512 MB内存。对于环境中计算节点内存不足4 GB的,我们推荐创建只需要64 MB的m1.nano规格的主机。若单纯为了测试的目的,请使用m1.nano规格的主机来加载CirrOS镜像
[root@linux-node1 ~]# openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano
(4)生成一个键值对
大部分云镜像支持 :term:public key authentication而不是传统的密码登陆。在启动实例前,你必须添加一个公共密钥到计算服务。
生成的公钥上传到openstack,会自动把这个公钥放入虚拟机,之后登陆无需密码。
[root@linux-node1 ~]# source demo-openstack [root@linux-node1 ~]# ssh-keygen -q -N "" Enter file in which to save the key (/root/.ssh/id_rsa): [root@linux-node1 ~]# openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey
验证公钥添加:
[root@linux-node1 ~]# openstack keypair list +-------+-------------------------------------------------+ | Name | Fingerprint | +-------+-------------------------------------------------+ | mykey | e4:ce:48:da:e7:03:b3:a9:85:c6:7a:11:bf:a0:8f:85 | +-------+-------------------------------------------------+
(5)增加安全组规则
默认情况下, default安全组适用于所有实例并且包括拒绝远程访问实例的防火墙规则。对诸如CirrOS这样的Linux镜像,我们推荐至少允许ICMP (ping) 和安全shell(SSH)规则。
•添加规则到default安全组,会去修改iptables规则
允许ping
[root@linux-node1 ~]# openstack security group rule create --proto icmp default
允许安全shell(SSH)的访问 [root@linux-node1 ~]# openstack security group rule create --proto tcp --dst-port 22 default
(6)确定实例选项
①在控制节点上,获得 admin 凭证来获取只有管理员能执行的命令的访问权限: [root@linux-node1 ~]# source demo-openstack ②一个实例指定了虚拟机资源的大致分配,包括处理器、内存和存储。 列出可用类型: [root@linux-node1 ~]# openstack flavor list
③列出可用镜像
[root@linux-node1 ~]# openstack image list
④列出可用网络
[root@linux-node1 ~]# openstack network list
⑤列出可用的安全组
[root@linux-node1 ~]# openstack security group list
(7)启动实例
[root@linux-node1 ~]# openstack server create --flavor m1.nano --image cirros --nic net-id=c39c1348-5a8f-4291-9772-b03a22b085df --security-group default --key-name mykey demo-instance
检查实例状态,当构建过程完全成功后,状态会从BUILD变为ACTIVE
[root@linux-node1 ~]# openstack server list
(8)使用虚拟控制台访问实例
获取你实例的 Virtual Network Computing (VNC) 会话URL并从web浏览器访问它:
[root@linux-node1 ~]# openstack console url show demo-instance
在宿主机上使用ssh登陆:
问题总结:
问题现象:ping云主机网络不通,从VNC上看到系统一直停留在GRUB,无法进入系统,导致无法正常创建云主机
问题原因:libvirtd、qemu与内核版本不兼容
解决方案:降低内核版本
降低CentOS 7.3的内核版本执行过程:
查看当前内核版本:
[root@linux-node1 ~]# uname -r 3.10.0-514.2.2.el7.x86_64
查看当前发行版本:
[root@linux-node1 ~]# cat /etc/redhat-release CentOS Linux release 7.3.1611 (Core)
降低内核版本方法:
(1)解压安装镜像,获取内核软件包:
kernel-3.10.0-327.el7.x86_64.rpm kernel-tools-3.10.0-327.el7.x86_64.rpm kernel-tools-libs-3.10.0-327.el7.x86_64.rpm centos-release-7-2.1511.el7.centos.2.10.x86_64.rpm
(2)先安装这2个包:
[root@linux-node1 ~]# rpm -ivh kernel-tools-3.10.0-327.el7.x86_64.rpm [root@linux-node1 ~]# rpm -ivh kernel-tools-libs-3.10.0-327.el7.x86_64.rpm
(3)再安装kernel-3.10.0-327.el7.x86_64.rpm
[root@linux-node1 ~]# rpm -ivh --force kernel-3.10.0-327.el7.x86_64.rpm
(4)可以查看到安装的2个版本的内核:
[root@linux-node1 ~]# rpm -qa|grep -i kernel-3.10.0- kernel-3.10.0-327.el7.x86_64.rpm kernel-3.10.0-514.2.2.el7.x86_64
(5)把7.3的内核卸载:
[root@linux-node1 ~]# rpm -ev kernel-3.10.0-514.2.2.el7.x86_64 这时候只能查看一个结果: [root@linux-node1 ~]# rpm -qa|grep -i kernel-3.10.0- kernel-3.10.0-327.el7.x86_64.rpm 再用rpm -ea 或者 yum remove命令卸载其他内核相关的包 rpm -ea kernel-tools-libs-3.10.0-514.2.2.el7.x86_64 rpm -ea kernel-tools-3.10.0-514.2.2.el7.x86_64
降低发行版本:
[root@linux-node1 ~]# rpm -ivh centos-release-7-2.1511.el7.centos.2.10.x86_64.rpm--force Preparing... ################################# [100%] Updating / installing... 1:centos-release-7-2.1511.el7.cento################################# [100%]
(1)可以查看到安装的2个发行版本:
[root@linux-node1 ~]# rpm -qa|grep -i centos-release-7- centos-release-7-3.1611.el7.centos.x86_64 centos-release-7-2.1511.el7.centos.2.10.x86_64
(2)把7.3的发行版本卸载:
[root@linux-node1 ~]# rpm -ev centos-release-7-3.1611.el7.centos.x86_64 Preparing packages... centos-release-7-3输出.1611.el7.centos.x86_64
(3)这时候只能查看一个结果:
[root@controller ~]# rpm -qa|grep -i centos-release-7- centos-release-7-2.1511.el7.centos.2.10.x86_64
验证:
查看此时的内核版本: [root@controller ~]# uname -r 3.10.0-514.2.2.el7.x86_64 查看此时的发行版本: [root@controller ~]# cat /etc/redhat-release CentOS Linux release 7.2.1511 (Core) 重启: [root@controller ~]# reboot