CentOS6.4安装OpenStack Icehouse controller(一)
OpenStack交流群:322596568
*本文介绍Nova、Horizon的安装过程
7.安装配置Nova
7.1.初始化Nova
(1).安装Nova服务:
[root@openstack ~]# yum -y install openstack-nova
(2).创建Nova数据库:
[root@openstack ~]# openstack-db --init --service nova --rootpw passwd
7.2.创建User,定义Services 和 API Endpoints
(1).为nova服务创建一个nova用户:
[root@openstack ~]# keystone user-create --name=nova --pass=service --email=nova@chensh.net
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | nova@chensh.net |
| enabled | True |
| id | e2934a26989741ed9a45be58a24f5140 |
| name | nova |
| username | nova |
+----------+----------------------------------+
[root@openstack ~]# keystone user-role-add --user=nova --tenant=service --role=admin
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
(2).为nova创建一个服务:
[root@openstack ~]# keystone service-create --name=nova --type=compute --description="Nova Compute Service"
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Nova Compute Service |
| enabled | True |
| id | ceb0357b8e5940f190d705bab12472ef |
| name | nova |
| type | compute |
+-------------+----------------------------------+
(3).使用服务ID创建一个endpoint:
[root@openstack ~]# vi /root/config/nova-user.sh
#!/bin/sh
my_ip=0.0.0.0
service=$(keystone service-list | awk '/nova/ {print $2}')
keystone endpoint-create --service-id=$service --publicurl=http://$my_ip:8774/v2/%(tenant_id)s --internalurl=http://$my_ip:8774/v2/%(tenant_id)s --adminurl=http://$my_ip:8774/v2/%(tenant_id)s
[root@openstack ~]# sh /root/config/nova-user.sh
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+--------------------------------------+
| Property | Value |
+-------------+--------------------------------------+
| adminurl | http://0.0.0.0:8774/v2/%(tenant_id)s |
| id | ed1662b608884583bed3873abf8fabeb |
| internalurl | http://0.0.0.0:8774/v2/%(tenant_id)s |
| publicurl | http://0.0.0.0:8774/v2/%(tenant_id)s |
| region | regionOne |
| service_id | ceb0357b8e5940f190d705bab12472ef |
+-------------+--------------------------------------+
7.3.配置Nova服务
(1).修改nova配置文件
[root@openstack ~]# cp -a /etc/nova/nova.conf /etc/nova/nova.conf_bak
[root@openstack ~]# echo "" > /etc/nova/nova.conf
[root@openstack ~]# vi /etc/nova/nova.conf
[DEFAULT]
my_ip = 192.168.20.200
auth_strategy = keystone
state_path = /openstack/nova //instance实例存放路径
#auto_assign_floating_ip=True
verbose = True
allow_resize_to_same_host = true
rpc_backend = nova.openstack.common.rpc.impl_qpid
qpid_hostname = 192.168.20.200
libvirt_type = kvm
glance_api_servers = 192.168.20.200:9292
novncproxy_base_url = http://192.168.20.200:6080/vnc_auto.html
vncserver_listen = 192.168.20.200
vncserver_proxyclient_address = 192.168.20.200
vnc_enabled = true
vnc_keymap = en-us
network_manager = nova.network.manager.FlatDHCPManager
firewall_driver = nova.virt.firewall.NoopFirewallDriver
multi_host = True
flat_interface = eth1
flat_network_bridge = br1
public_interface = eth0
instance_usage_audit = True
instance_usage_audit_period = hour
notify_on_state_change = vm_and_task_state
notification_driver = nova.openstack.common.notifier.rpc_notifier
compute_scheduler_driver = nova.scheduler.simple.SimpleScheduler
[hyperv]
[zookeeper]
[osapi_v3]
[conductor]
[keymgr]
[cells]
[database]
[image_file_url]
[baremetal]
[rpc_notifier2]
[matchmaker_redis]
[ssl]
[trusted_computing]
[upgrade_levels]
[matchmaker_ring]
[vmware]
[spice]
[keystone_authtoken]
auth_host = 127.0.0.1
auth_port = 35357
auth_protocol = http
admin_user = nova
admin_tenant_name = service
admin_password = service
(2).修改instance实例存放路径
由于上述配置文件修改了instance实例的存放位置,所以要拷贝原nova目录到新路径,并修改权限:
[root@openstack ~]# cp -av /var/lib/nova /openstack/
[root@openstack ~]# chown -R nova:nova /openstack/nova
(3).启动libvirt服务,关闭virbr0接口
[root@openstack ~]# service libvirtd start
[root@openstack ~]# virsh net-list //查看virbr0接口
名称 状态 自动开始 Persistent
--------------------------------------------------
default 活动 yes yes
[root@openstack ~]# virsh net-destroy default //关闭virbr0网络
[root@openstack ~]# virsh net-undefine default //删除virbr0接口
[root@openstack ~]# service libvirtd restart //重启libvirtd服务
[root@openstack ~]# chkconfig libvirtd on //设置libvirtd服务开机启动
7.4.启动Nova相关服务
[root@openstack ~]# service messagebus start
[root@openstack ~]# chkconfig messagebus on
[root@openstack ~]# service openstack-nova-api start
[root@openstack ~]# service openstack-nova-cert start
[root@openstack ~]# service openstack-nova-consoleauth start
[root@openstack ~]# service openstack-nova-scheduler start
[root@openstack ~]# service openstack-nova-conductor start
[root@openstack ~]# service openstack-nova-novncproxy start
[root@openstack ~]# service openstack-nova-compute start
[root@openstack ~]# service openstack-nova-network start
设置开机启动:
[root@openstack ~]# chkconfig openstack-nova-api on
[root@openstack ~]# chkconfig openstack-nova-cert on
[root@openstack ~]# chkconfig openstack-nova-consoleauth on
[root@openstack ~]# chkconfig openstack-nova-scheduler on
[root@openstack ~]# chkconfig openstack-nova-conductor on
[root@openstack ~]# chkconfig openstack-nova-novncproxy on
[root@openstack ~]# chkconfig openstack-nova-compute on
[root@openstack ~]# chkconfig openstack-nova-network on
7.5.Nova测试
(1).创建网络:
[root@openstack ~]# nova network-create vmnet10 --fixed-range-v4=10.1.1.0/24 --bridge=br1 --bridge-interface=eth1 --multi-host=T --dns1=202.106.0.20 --dns2=202.96.69.38
[root@openstack ~]# nova network-list
+--------------------------------------+-------+------------------+
| ID | Label | Cidr |
+--------------------------------------+-------+------------------+
| 5aa4cba3-7227-40b5-9ca2-39e78680411e | vmnet | 10.1.1.0/24 |
+--------------------------------------+-------+------------------+
[root@openstack ~]# nova-manage network list
id IPv4 IPv6 start address DNS1 DNS2 VlanID project uuid
1 10.1.1.0/24 None 10.1.1.2 202.106.0.20 202.96.69.38 None None 5aa4cba3-7227-40b5-9ca2-39e78680411e
(2).设置安全组:
[root@openstack ~]# nova secgroup-add-rule default tcp 22 22 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| tcp | 22 | 22 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
[root@openstack ~]# nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp | -1 | -1 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
(3).查看当前可用镜像:
[root@openstack ~]# nova image-list
+--------------------------------------+---------------+--------+--------+
| ID | Name | Status | Server |
+--------------------------------------+---------------+--------+--------+
| a7327fef-aa62-4bb5-ab61-d11fb8ff4d65 | centos6.4_20G | ACTIVE | |
+--------------------------------------+---------------+--------+--------+
(4).创建实例:
[root@openstack ~]# nova boot --flavor 2 --image centos6.4_20G vm-00
+--------------------------------------+------------------------------------------------------+
| Property | Value |
+--------------------------------------+------------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | nova |
| OS-EXT-SRV-ATTR:host | - |
| OS-EXT-SRV-ATTR:hypervisor_hostname | - |
| OS-EXT-SRV-ATTR:instance_name | instance-00000001 |
| OS-EXT-STS:power_state | 0 |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | - |
| OS-SRV-USG:terminated_at | - |
| accessIPv4 | |
| accessIPv6 | |
| adminPass | VZDpnc6LeSSm |
| config_drive | |
| created | 2014-05-22T10:03:57Z |
| flavor | m1.small (2) |
| hostId | |
| id | f469964e-9700-466d-9845-eeb2ff1ab183 |
| image | centos6.4_20G (a7327fef-aa62-4bb5-ab61-d11fb8ff4d65) |
| key_name | - |
| metadata | {} |
| name | vm-00 |
| os-extended-volumes:volumes_attached | [] |
| progress | 0 |
| security_groups | default |
| status | BUILD |
| tenant_id | 424c9716df1449829b204856d246f924 |
| updated | 2014-05-22T10:03:57Z |
| user_id | 46c6295334154e259c4fe793ea341986 |
+--------------------------------------+------------------------------------------------------+
(5).查看实例运行状态:
[root@openstack ~]# nova list
+--------------------------------------+-------+--------+------------+-------------+---------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+-------+--------+------------+-------------+---------------------+
| f469964e-9700-466d-9845-eeb2ff1ab183 | vm-00 | ACTIVE | - | Running | vmnet=10.1.1.2 |
+--------------------------------------+-------+--------+------------+-------------+---------------------+
8.安装配置Horizon
8.1.安装Horizon服务
[root@openstack ~]# yum -y install openstack-dashboard
8.2.修改配置文件
(1).修改local_settings文件
[root@openstack ~]# cp -av /etc/openstack-dashboard/local_settings /etc/openstack-dashboard/local_settings_bak
[root@openstack ~]# vi /etc/openstack-dashboard/local_settings
DEBUG = True
……………………
(2).修改httpd.conf文件
[root@openstack ~]# vi /etc/httpd/conf/httpd.conf
……………………
#ServerName www.example.com:80
ServerName 0.0.0.0:80
……………………
(3).启动http服务,设置开机启动
[root@openstack ~]# service httpd start
[root@openstack ~]# chkconfig httpd on
(4).重启api服务
[root@openstack ~]# service openstack-nova-api restart
(5).添加iptables规则
[root@openstack ~]# iptables -I INPUT -p tcp --dport 80 -j ACCEPT
[root@openstack ~]# iptables -I INPUT -p tcp -m multiport --dports 5900:6000 -j ACCEPT
[root@openstack ~]# iptables -I INPUT -p tcp --dport 6080 -j ACCEPT
[root@openstack ~]# service iptables save
(6).访问dashboard页面
http://192.168.20.100/dashboard
用户名:admin
密码:password
创建新用户
(1).为新用户创建一个tenant:
[root@openstack~]# keystone tenant-create --name=manager --description='Manager Tenant'
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Manager Tenant |
| enabled | True |
| id | abc5551b3e854e27a5c295b6b548e1f6 |
| name | manager |
+-------------+----------------------------------+
(2).创建新用户:
[root@openstack~]# keystone user-create --name=manager --pass=password --email=manager@chensh.net
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | manager@chensh.net |
| enabled | True |
| id | 325191b6c6f64e768db7cc098fdeefd8 |
| name | manager |
| username | manager |
+----------+----------------------------------+
(3).创建一个角色:
[root@openstack~]# keystone role-create --name=manager
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| id | 1c86f264fe14469d91a26e3b848f2fe4 |
| name | manager |
+----------+----------------------------------+
(4).关联用户、tenant和角色:
[root@openstack~]# keystone user-role-add --user=manager --tenant=manager --role=manager
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
(5).将nova用户赋予新角色:
[root@openstack~]# keystone user-role-add --user=nova --tenant=service --role=manager
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
(6).使用新用户登录:
http://192.168.20.100/dashboard
用户名:manager
密码:password
CentOS6.4安装OpenStack Icehouse controller (三)