zoukankan      html  css  js  c++  java

  • openstack高可用(2)-应用组件

    keystone

    ##1.安装keystone
    ##创库授权

    mysql -u root -p1234qwer
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'KEYSTONE_DBPASS';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'KEYSTONE_DBPASS';
flush privileges;
quit
    yum -y install openstack-utils openstack-keystone httpd mod_wsgi
    openstack-config --set /etc/keystone/keystone.conf database connection mysql+pymysql://keystone:KEYSTONE_DBPASS@10.199.103.21/keystone
openstack-config --set /etc/keystone/keystone.conf token provider fernet
openstack-config --set /etc/keystone/keystone.conf cache backend oslo_cache.memcache_pool
openstack-config --set /etc/keystone/keystone.conf cache enabled true
openstack-config --set /etc/keystone/keystone.conf cache memcache_servers controller01:11211,controller02:11211,controller03:11211
egrep -v '^$|#' /etc/keystone/keystone.conf

    ##初始化数据库

    su -s /bin/sh -c "keystone-manage db_sync" keystone

    ##验证

    mysql -h10.199.103.21 -ukeystone -pKEYSTONE_DBPASS -e "use keystone;show tables;"
    keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
scp -r /etc/keystone/credential-keys/ /etc/keystone/fernet-keys/ controller02:/etc/keystone/
scp -r /etc/keystone/credential-keys/ /etc/keystone/fernet-keys/ controller03:/etc/keystone/

    ##修改controller02/03节点上秘钥权限

    chown -R keystone:keystone /etc/keystone/credential-keys/
chown -R keystone:keystone /etc/keystone/fernet-keys/
ll /etc/keystone/credential-keys/
ll /etc/keystone/fernet-keys/

    ##修改监听地址

    vim /etc/httpd/conf/httpd.conf
Listen 10.199.103.17:80
ServerName controller03
    ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
    vim /etc/httpd/conf.d/wsgi-keystone.conf
Listen 10.199.103.17:5000
<VirtualHost 10.199.103.17:5000>

    ##创建服务端点

    keystone-manage bootstrap --bootstrap-password admin 
--bootstrap-admin-url http://10.199.103.21:5000/v3/ 
--bootstrap-internal-url http://10.199.103.21:5000/v3/ 
--bootstrap-public-url http://10.199.103.21:5000/v3/ 
--bootstrap-region-id RegionOne
    systemctl enable httpd.service;systemctl restart httpd.service
systemctl status httpd.service

    ##创建token脚本

    cat <<EOF> /root/admin-openrc
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_AUTH_URL=http://10.199.103.21:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
EOF
    openstack project create --domain default --description "Service Project" service

    ##添加pcs资源

    pcs resource create openstack-keystone systemd:httpd --clone interleave=true
pcs resource

    glance

    ##2.安装glance
    ##创库授权

    mysql -u root -p1234qwer
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'GLANCE_DBPASS';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'GLANCE_DBPASS';
flush privileges;
quit
    openstack user create --domain default --password glance123 glance
openstack role add --project service --user glance admin
openstack service create --name glance --description "OpenStack Image" image
openstack endpoint create --region RegionOne image public http://10.199.103.21:9292
openstack endpoint create --region RegionOne image internal http://10.199.103.21:9292
openstack endpoint create --region RegionOne image admin http://10.199.103.21:9292

    ##安装glance软件包

    yum -y install openstack-glance
    openstack-config --set /etc/glance/glance-api.conf DEFAULT bind_host 10.199.103.15
openstack-config --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:GLANCE_DBPASS@10.199.103.21/glance
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken www_authenticate_uri http://10.199.103.21:5000
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://10.199.103.21:5000
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers 10.199.103.13:11211,10.199.103.15:11211,10.199.103.17:11211
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_type password
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name Default
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name Default
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name service
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username glance
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password glance123
openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
openstack-config --set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /var/lib/glance/images/
openstack-config --set /etc/glance/glance-api.conf glance_store default_store file
openstack-config --set /etc/glance/glance-api.conf glance_store stores file,http
    su -s /bin/sh -c "glance-manage db_sync" glance
    systemctl enable openstack-glance-api.service;systemctl restart openstack-glance-api.service
systemctl status openstack-glance-api.service

    ##验证

    wget http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img

    openstack image create "cirros" --file cirros-0.4.0-x86_64-disk.img --disk-format qcow2 --container-format bare --public

    ##添加pcs资源glance

    pcs resource create openstack-glance-api systemd:openstack-glance-api --clone interleave=true

    placement

    ##3.安装placement

    mysql -u root -p1234qwer
CREATE DATABASE placement;
GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' IDENTIFIED BY 'PLACEMENT_DBPASS';
GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' IDENTIFIED BY 'PLACEMENT_DBPASS';
flush privileges;
quit
    . /root/admin-openrc
openstack user create --domain default --password placement123 placement
openstack role add --project service --user placement admin
openstack service create --name placement --description "Placement API" placement
openstack endpoint create --region RegionOne placement public http://10.199.103.21:8778
openstack endpoint create --region RegionOne placement internal http://10.199.103.21:8778
openstack endpoint create --region RegionOne placement admin http://10.199.103.21:8778

    ##安装软件包

    yum install openstack-placement-api -y
    openstack-config --set /etc/glance/glance-api.conf DEFAULT bind_host 10.199.103.17
openstack-config --set /etc/placement/placement.conf keystone_authtoken auth_url http://10.199.103.21:5000/v3
openstack-config --set /etc/placement/placement.conf keystone_authtoken memcached_servers 10.199.103.13:11211,10.199.103.15:11211,10.199.103.17:11211
openstack-config --set /etc/placement/placement.conf keystone_authtoken auth_type password
openstack-config --set /etc/placement/placement.conf keystone_authtoken project_domain_name Default
openstack-config --set /etc/placement/placement.conf keystone_authtoken user_domain_name Default
openstack-config --set /etc/placement/placement.conf keystone_authtoken project_name service
openstack-config --set /etc/placement/placement.conf keystone_authtoken username placement
openstack-config --set /etc/placement/placement.conf keystone_authtoken password placement123
openstack-config --set /etc/placement/placement.conf api auth_strategy keystone
openstack-config --set /etc/placement/placement.conf placement_database connection mysql+pymysql://placement:PLACEMENT_DBPASS@10.199.103.21/placement
    cat <<EOF>> /etc/httpd/conf.d/00-placement-api.conf
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
EOF
egrep -v '^$|#' /etc/httpd/conf.d/00-placement-api.conf

    ##修改监听地址

    vim /etc/httpd/conf.d/00-placement-api.conf
Listen 10.199.103.13:8778
<VirtualHost 10.199.103.13:8778>
    su -s /bin/sh -c "placement-manage db sync" placement
    systemctl restart httpd
systemctl status httpd

    ##验证

    placement-status upgrade check

    ##添加pcs资源placement

    pcs resource create openstack-placement systemd:httpd --clone interleave=true

    nova

    nova controller

    ##4.安装nova

    mysql -u root -p1234qwer
CREATE DATABASE nova_api;
CREATE DATABASE nova;
CREATE DATABASE nova_cell0;
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';
quit
    . /root/admin-openrc
openstack user create --domain default --password nova123 nova
openstack role add --project service --user nova admin
openstack service create --name nova --description "OpenStack Compute" compute
openstack endpoint create --region RegionOne compute public http://10.199.103.21:8774/v2.1
openstack endpoint create --region RegionOne compute internal http://10.199.103.21:8774/v2.1
openstack endpoint create --region RegionOne compute admin http://10.199.103.21:8774/v2.1

    ##安装软件包

    yum install openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler -y
    openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron true
openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 10.199.103.13
openstack-config --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@10.199.103.13:5672,openstack:RABBIT_PASS@10.199.103.15:5672,openstack:RABBIT_PASS@10.199.103.17:5672
openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
openstack-config --set /etc/nova/nova.conf DEFAULT osapi_compute_listen 10.199.103.13
openstack-config --set /etc/nova/nova.conf DEFAULT osapi_compute_listen_port 8774
openstack-config --set /etc/nova/nova.conf DEFAULT metadata_listen 10.199.103.13
openstack-config --set /etc/nova/nova.conf DEFAULT metadata_listen_port 8775

openstack-config --set /etc/nova/nova.conf api auth_strategy keystone
openstack-config --set /etc/nova/nova.conf database connection mysql+pymysql://nova:NOVA_DBPASS@10.199.103.21/nova
openstack-config --set /etc/nova/nova.conf api_database connection mysql+pymysql://nova:NOVA_DBPASS@10.199.103.21/nova_api

openstack-config --set /etc/nova/nova.conf keystone_authtoken www_authenticate_uri http://10.199.103.21:5000/
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://10.199.103.21:5000/
openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers 10.199.103.13:11211,10.199.103.15:11211,10.199.103.17:11211
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name Default
openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name Default
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name service
openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
openstack-config --set /etc/nova/nova.conf keystone_authtoken password nova123

openstack-config --set /etc/nova/nova.conf vnc enabled true
openstack-config --set /etc/nova/nova.conf vnc server_listen $my_ip
openstack-config --set /etc/nova/nova.conf vnc server_proxyclient_address $my_ip
openstack-config --set /etc/nova/nova.conf vnc novncproxy_base_url http://$my_ip:6080/vnc_auto.html
openstack-config --set /etc/nova/nova.conf vnc novncproxy_host $my_ip
openstack-config --set /etc/nova/nova.conf vnc novncproxy_port 6080

openstack-config --set /etc/nova/nova.conf glance api_servers http://10.199.103.21:9292
openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp

openstack-config --set /etc/nova/nova.conf placement region_name RegionOne
openstack-config --set /etc/nova/nova.conf placement project_domain_name Default
openstack-config --set /etc/nova/nova.conf placement project_name service
openstack-config --set /etc/nova/nova.conf placement auth_type password
openstack-config --set /etc/nova/nova.conf placement user_domain_name Default
openstack-config --set /etc/nova/nova.conf placement auth_url http://10.199.103.21:5000/v3
openstack-config --set /etc/nova/nova.conf placement username placement
openstack-config --set /etc/nova/nova.conf placement password placement123

egrep -v '^$|#' /etc/nova/nova.conf

    ##初始化数据表

    su -s /bin/sh -c "nova-manage api_db sync" nova
su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
su -s /bin/sh -c "nova-manage db sync" nova
su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova

    ##报错
    [root@controller01 ~]# su -s /bin/sh -c "nova-manage db sync" nova
    /usr/lib/python2.7/site-packages/pymysql/cursors.py:170: Warning: (1831, u'Duplicate index `block_device_mapping_instance_uuid_virtual_name_device_name_idx`. This is deprecated and will be disallowed in a future release')
    result = self._query(query)
    /usr/lib/python2.7/site-packages/pymysql/cursors.py:170: Warning: (1831, u'Duplicate index `uniq_instances0uuid`. This is deprecated and will be disallowed in a future release')
    result = self._query(query)

    ##查看数据表

    mysql -h10.199.103.21 -unova -pNOVA_DBPASS -e "use nova_api;show tables;"
mysql -h10.199.103.21 -unova -pNOVA_DBPASS -e "use nova;show tables;" 
mysql -h10.199.103.21 -unova -pNOVA_DBPASS -e "use nova_cell0;show tables;"
    systemctl enable openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
systemctl restart openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service 
systemctl status openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service

    ##验证

    netstat -lntup|egrep '8774|8775|8778|6080'
. /root/admin-openrc
openstack compute service list
openstack catalog list
su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
nova-status upgrade check
openstack compute service list

    ##添加pcs资源

    pcs resource create openstack-nova-api systemd:openstack-nova-api --clone interleave=true
pcs resource create openstack-nova-scheduler systemd:openstack-nova-scheduler --clone interleave=true
pcs resource create openstack-nova-conductor systemd:openstack-nova-conductor --clone interleave=true
pcs resource create openstack-nova-novncproxy systemd:openstack-nova-novncproxy --clone interleave=true

    nova compute

    ##compute_node01

    yum install openstack-nova-compute -y
    openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
openstack-config --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@10.199.103.13:5672,openstack:RABBIT_PASS@10.199.103.15:5672,openstack:RABBIT_PASS@10.199.103.17:5672
openstack-config --set /etc/nova/nova.conf api auth_strategy keystone
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://10.199.103.21:5000/v3
openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers 10.199.103.13:11211,10.199.103.15:11211,10.199.103.17:11211
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name Default
openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name Default
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name service
openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
openstack-config --set /etc/nova/nova.conf keystone_authtoken password nova123
openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 10.199.103.16
openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron true
openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
openstack-config --set /etc/nova/nova.conf DEFAULT vif_plugging_is_fatal false
openstack-config --set /etc/nova/nova.conf DEFAULT vif_plugging_timeout 0
openstack-config --set /etc/nova/nova.conf vnc enabled true
openstack-config --set /etc/nova/nova.conf vnc server_listen 0.0.0.0
openstack-config --set /etc/nova/nova.conf vnc server_proxyclient_address $my_ip
openstack-config --set /etc/nova/nova.conf vnc novncproxy_base_url http://10.199.103.21:6080/vnc_auto.html
openstack-config --set /etc/nova/nova.conf glance api_servers http://10.199.103.21:9292
openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
openstack-config --set /etc/nova/nova.conf placement region_name RegionOne
openstack-config --set /etc/nova/nova.conf placement project_domain_name Default
openstack-config --set /etc/nova/nova.conf placement user_domain_name Default
openstack-config --set /etc/nova/nova.conf placement project_name service
openstack-config --set /etc/nova/nova.conf placement auth_type password
openstack-config --set /etc/nova/nova.conf placement auth_url http://10.199.103.21:5000/v3
openstack-config --set /etc/nova/nova.conf placement username placement
openstack-config --set /etc/nova/nova.conf placement password placement123
openstack-config --set /etc/nova/nova.conf libvirt virt_type kvm

egrep -v '^$|#' /etc/nova/nova.conf
    systemctl enable libvirtd.service openstack-nova-compute.service;systemctl restart libvirtd.service openstack-nova-compute.service

    ##验证

    su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova

    openstack compute service list --service nova-compute

     

    neutron

    neutron controller

    ##5.安装neutron

    mysql -u root -p1234qwer
CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'NEUTRON_DBPASS';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'NEUTRON_DBPASS';
flush privileges;
quit
    . /root/admin-openrc
openstack user create --domain default --password neutron123 neutron
openstack role add --project service --user neutron admin
openstack service create --name neutron --description "OpenStack Compute" network
openstack endpoint create --region RegionOne network public http://10.199.103.21:9696
openstack endpoint create --region RegionOne network internal http://10.199.103.21:9696
openstack endpoint create --region RegionOne network admin http://10.199.103.21:9696

    ##安装软件包

    yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y
    openstack-config --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:NEUTRON_DBPASS@10.199.103.21/neutron

openstack-config --set /etc/neutron/neutron.conf DEFAULT bind_host 10.199.103.17
openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins router
openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips true
openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@10.199.103.13:5672,openstack:RABBIT_PASS@10.199.103.15:5672,openstack:RABBIT_PASS@10.199.103.17:5672
openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes true
openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes true

# “l3_ha = true“参数即启用l3 ha功能
openstack-config --set /etc/neutron/neutron.conf DEFAULT l3_ha true
# 最多在几个l3 agent上创建ha router
openstack-config --set /etc/neutron/neutron.conf DEFAULT max_l3_agents_per_router 3
# 可创建ha router的最少正常运行的l3 agnet数量
openstack-config --set /etc/neutron/neutron.conf DEFAULT min_l3_agents_per_router 2
# vrrp广播网络
openstack-config --set /etc/neutron/neutron.conf DEFAULT l3_ha_net_cidr 169.254.192.0/18
# ”router_distributed “参数本身的含义是普通用户创建路由器时,是否默认创建dvr;此参数默认值为“false”,这里采用vrrp模式,可注释此参数
# 虽然此参数在mitaka(含)版本后,可与l3_ha参数同时打开,但设置dvr模式还同时需要设置网络节点与计算节点的l3_agent.ini与ml2_conf.ini文件
# router_distributed = true
# dhcp高可用,在3个网络节点各生成1个dhcp服务器
openstack-config --set /etc/neutron/neutron.conf DEFAULT dhcp_agents_per_network 3

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://10.199.103.21:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://10.199.103.21:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers 10.199.103.13:11211,10.199.103.15:11211,10.199.103.17:11211
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name Default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name Default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password neutron123

openstack-config --set /etc/neutron/neutron.conf nova auth_url http://10.199.103.21:5000
openstack-config --set /etc/neutron/neutron.conf nova auth_type password
openstack-config --set /etc/neutron/neutron.conf nova project_domain_name Default
openstack-config --set /etc/neutron/neutron.conf nova user_domain_name Default
openstack-config --set /etc/neutron/neutron.conf nova region_name RegionOne
openstack-config --set /etc/neutron/neutron.conf nova project_name service
openstack-config --set /etc/neutron/neutron.conf nova username nova
openstack-config --set /etc/neutron/neutron.conf nova password nova123

openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp

openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan,vxlan
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types vxlan
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers linuxbridge,l2population
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks provider
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan vni_ranges 1:1000
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset true

openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:ens6f0
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan true
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip 10.199.103.17
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population true
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group true
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

openstack-config --set /etc/neutron/l3_agent.ini DEFAULT interface_driver linuxbridge

openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver linuxbridge
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata true

openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_host 10.199.103.21
openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret METADATA_SECRET
    echo 'net.bridge.bridge-nf-call-iptables = 1' >> /etc/sysctl.conf
echo 'net.bridge.bridge-nf-call-ip6tables = 1' >> /etc/sysctl.conf
modprobe br_netfilter
/sbin/sysctl -p

    ##检查配置

    egrep -v '^$|#' /etc/neutron/neutron.conf
egrep -v '^$|#' /etc/neutron/plugins/ml2/ml2_conf.ini
egrep -v '^$|#' /etc/neutron/plugins/ml2/linuxbridge_agent.ini
egrep -v '^$|#' /etc/neutron/l3_agent.ini
egrep -v '^$|#' /etc/neutron/dhcp_agent.ini
egrep -v '^$|#' /etc/neutron/metadata_agent.ini

    ##配置nova

    openstack-config --set /etc/nova/nova.conf neutron url http://10.199.103.21:9696
openstack-config --set /etc/nova/nova.conf neutron auth_url http://10.199.103.21:5000
openstack-config --set /etc/nova/nova.conf neutron auth_type password
openstack-config --set /etc/nova/nova.conf neutron project_domain_name Default
openstack-config --set /etc/nova/nova.conf neutron user_domain_name Default
openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
openstack-config --set /etc/nova/nova.conf neutron project_name service
openstack-config --set /etc/nova/nova.conf neutron username neutron
openstack-config --set /etc/nova/nova.conf neutron password neutron123
openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy true
openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret METADATA_SECRET
    ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
    su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
    systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
systemctl restart openstack-nova-api.service neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
systemctl status openstack-nova-api.service neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service

    ##验证

    openstack network agent list

    ##添加pcs资源

    pcs resource create neutron-server systemd:neutron-server --clone interleave=true
pcs resource create neutron-linuxbridge-agent systemd:neutron-linuxbridge-agent --clone interleave=true
pcs resource create neutron-l3-agent systemd:neutron-l3-agent --clone interleave=true
pcs resource create neutron-dhcp-agent systemd:neutron-dhcp-agent --clone interleave=true
pcs resource create neutron-metadata-agent systemd:neutron-metadata-agent --clone interleave=true
pcs resource

    neutron compute

    yum install openstack-neutron-linuxbridge ebtables ipset -y
    openstack-config --set /etc/neutron/neutron.conf DEFAULT bind_host 10.199.103.16
openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@10.199.103.13:5672,openstack:RABBIT_PASS@10.199.103.15:5672,openstack:RABBIT_PASS@10.199.103.17:5672
openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://10.199.103.21:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://10.199.103.21:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers 10.199.103.13:11211,10.199.103.15:11211,10.199.103.17:11211
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name Default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name Default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password neutron123

openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp

openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:ens6f0
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan true
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip 10.199.103.16
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population true
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group true
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

    ##配置nova

    openstack-config --set /etc/nova/nova.conf neutron url http://10.199.103.21:9696

openstack-config --set /etc/nova/nova.conf neutron auth_url http://10.199.103.21:5000
openstack-config --set /etc/nova/nova.conf neutron auth_type password
openstack-config --set /etc/nova/nova.conf neutron project_domain_name Default
openstack-config --set /etc/nova/nova.conf neutron user_domain_name Default
openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
openstack-config --set /etc/nova/nova.conf neutron project_name service
openstack-config --set /etc/nova/nova.conf neutron username neutron
openstack-config --set /etc/nova/nova.conf neutron password neutron123
openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy true
openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret METADATA_SECRET
    echo 'net.bridge.bridge-nf-call-iptables = 1' >> /etc/sysctl.conf
echo 'net.bridge.bridge-nf-call-ip6tables = 1' >> /etc/sysctl.conf
modprobe br_netfilter
/sbin/sysctl -p
    systemctl enable neutron-linuxbridge-agent.service
systemctl restart neutron-linuxbridge-agent.service
systemctl status neutron-linuxbridge-agent.service

    dashboard

    ##6.安装dashboard

    yum install openstack-dashboard -y
    sed -i '/^OPENSTACK_HOST/s/OPENSTACK_HOST/#OPENSTACK_HOST/' /etc/openstack-dashboard/local_settings
sed -i '/^#OPENSTACK_HOST/a OPENSTACK_HOST = "10.199.103.15"' /etc/openstack-dashboard/local_settings
sed -i '/^ALLOWED_HOSTS/s/ALLOWED_HOSTS/#ALLOWED_HOSTS/' /etc/openstack-dashboard/local_settings
sed -i "/^#ALLOWED_HOSTS/a ALLOWED_HOSTS = ['*', ]" /etc/openstack-dashboard/local_settings
sed -i '/^TIME_ZONE/s/UTC/Asia/Shanghai/' /etc/openstack-dashboard/local_settings
    cat <<EOF>> /etc/openstack-dashboard/local_settings
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'

CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION': '10.199.103.13:11211,10.199.103.15:11211,10.199.103.17:11211',
}
}
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_API_VERSIONS = {
"identity": 3,
"image": 2,
"volume": 3,
}
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"
EOF
echo 'WSGIApplicationGroup %{GLOBAL}' >> /etc/httpd/conf.d/openstack-dashboard.conf
    ln -s /etc/openstack-dashboard /usr/share/openstack-dashboard/openstack_dashboard/conf

    ##修改页面路径

    vim /usr/share/openstack-dashboard/openstack_dashboard/defaults.py
vim /usr/share/openstack-dashboard/openstack_dashboard/test/settings.py
vim /usr/share/openstack-dashboard/static/dashboard/js/9937cc9f2cae.js
    systemctl restart httpd.service memcached.service
systemctl status httpd.service memcached.service

    ##创建实例

    openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano

openstack network create --share --external 
--provider-physical-network provider 
--provider-network-type flat provider

openstack subnet create --network provider 
--allocation-pool start=10.199.103.101,end=10.199.103.149 
--dns-nameserver 223.6.6.6 --gateway 10.199.103.1 
--subnet-range 10.199.103.0/24 provider

openstack network create selfservice
openstack subnet create --network selfservice 
--dns-nameserver 223.6.6.6 --gateway 172.16.1.1 
--subnet-range 172.16.1.0/24 selfservice

openstack router create router
openstack router add subnet router selfservice
openstack router set router --external-gateway provider

    cinder

    cinder controller

    ##7.安装cinder

    mysql -u root -p1234qwer
CREATE DATABASE cinder;
GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY 'CINDER_DBPASS';
GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY 'CINDER_DBPASS';
flush privileges;
quit
    . /root/admin-openrc
openstack user create --domain default --password cinder123 cinder
openstack role add --project service --user cinder admin
openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2
openstack service create --name cinderv3 --description "OpenStack Block Storage" volumev3
openstack endpoint create --region RegionOne volumev2 public http://10.199.103.21:8776/v2/%(project_id)s
openstack endpoint create --region RegionOne volumev2 internal http://10.199.103.21:8776/v2/%(project_id)s
openstack endpoint create --region RegionOne volumev2 admin http://10.199.103.21:8776/v2/%(project_id)s
openstack endpoint create --region RegionOne volumev3 public http://10.199.103.21:8776/v3/%(project_id)s
openstack endpoint create --region RegionOne volumev3 internal http://10.199.103.21:8776/v3/%(project_id)s
openstack endpoint create --region RegionOne volumev3 admin http://10.199.103.21:8776/v3/%(project_id)s

    ##安装软件包

    yum install openstack-cinder -y
    openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip 10.199.103.13
openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/cinder/cinder.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@10.199.103.13:5672,openstack:RABBIT_PASS@10.199.103.15:5672,openstack:RABBIT_PASS@10.199.103.17:5672
openstack-config --set /etc/cinder/cinder.conf DEFAULT osapi_volume_listen 10.199.103.13
openstack-config --set /etc/cinder/cinder.conf DEFAULT osapi_volume_listen_port 8776
openstack-config --set /etc/cinder/cinder.conf DEFAULT glance_api_servers http://10.199.103.21:9292

openstack-config --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:CINDER_DBPASS@10.199.103.21/cinder

openstack-config --set /etc/cinder/cinder.conf keystone_authtoken www_authenticate_uri http://10.199.103.21:5000
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://10.199.103.21:5000
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken memcached_servers 10.199.103.13:11211,10.199.103.15:11211,10.199.103.17:11211
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_type password
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_name Default
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_name Default
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name service
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password cinder123

openstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp

openstack-config --set /etc/cinder/cinder.conf zettastor volume_driver cinder.volume.drivers.pengyun.pengyun_driver.PengyunISCSIDriver
openstack-config --set /etc/cinder/cinder.conf zettastor volume_backend_name zettastor
openstack-config --set /etc/cinder/cinder.conf zettastor use_chap_auth True
openstack-config --set /etc/cinder/cinder.conf zettastor chap_username helloworld
openstack-config --set /etc/cinder/cinder.conf zettastor chap_password helloworld
openstack-config --set /etc/cinder/cinder.conf zettastor target_ip_address 10.199.100.242

openstack-config --set /etc/nova/nova.conf cinder os_region_name RegionOne

    ##初始化数据表

    su -s /bin/sh -c "cinder-manage db sync" cinder
mysql -ucinder -pCINDER_DBPASS -e "use cinder;show tables;"
    systemctl restart openstack-nova-api.service
systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service
systemctl restart openstack-cinder-api.service openstack-cinder-scheduler.service
systemctl status openstack-nova-api.service openstack-cinder-api.service openstack-cinder-scheduler.service

    ##验证

    openstack volume service list

    [root@controller01 ~]# openstack volume service list
    +------------------+--------------+------+---------+-------+----------------------------+
    | Binary | Host | Zone | Status | State | Updated At |
    +------------------+--------------+------+---------+-------+----------------------------+
    | cinder-scheduler | controller03 | nova | enabled | up | 2020-07-27T06:05:55.000000 |
    | cinder-scheduler | controller02 | nova | enabled | up | 2020-07-27T06:05:59.000000 |
    | cinder-scheduler | controller01 | nova | enabled | up | 2020-07-27T06:06:00.000000 |
    +------------------+--------------+------+---------+-------+----------------------------+

    ##添加pcs资源cinder

    pcs resource create openstack-cinder-api systemd:openstack-cinder-api --clone interleave=true
pcs resource create openstack-cinder-scheduler systemd:openstack-cinder-scheduler --clone interleave=true
pcs resource

    cinder compute

    yum install openstack-cinder targetcli python-keystone -y
    openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip 10.199.103.14
openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/cinder/cinder.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@10.199.103.13:5672,openstack:RABBIT_PASS@10.199.103.15:5672,openstack:RABBIT_PASS@10.199.103.17:5672
openstack-config --set /etc/cinder/cinder.conf DEFAULT glance_api_servers http://10.199.103.21:9292
openstack-config --set /etc/cinder/cinder.conf DEFAULT enabled_backends zettastor
openstack-config --set /etc/cinder/cinder.conf DEFAULT debug True

openstack-config --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:CINDER_DBPASS@10.199.103.21/cinder

openstack-config --set /etc/cinder/cinder.conf keystone_authtoken www_authenticate_uri http://10.199.103.21:5000
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://10.199.103.21:5000
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken memcached_servers 10.199.103.13:11211,10.199.103.15:11211,10.199.103.17:11211
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_type password
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_name Default
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_name Default
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name service
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password cinder123

openstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_notifications driver messagingv2

openstack-config --set /etc/cinder/cinder.conf zettastor volume_driver cinder.volume.drivers.pengyun.pengyun_driver.PengyunISCSIDriver
openstack-config --set /etc/cinder/cinder.conf zettastor volume_backend_name zettastor
openstack-config --set /etc/cinder/cinder.conf zettastor use_chap_auth True
openstack-config --set /etc/cinder/cinder.conf zettastor chap_username helloworld
openstack-config --set /etc/cinder/cinder.conf zettastor chap_password helloworld
openstack-config --set /etc/cinder/cinder.conf zettastor target_ip_address 10.199.100.242

    ##对接后端存储

    /usr/lib/python2.7/site-packages/cinder/volume/drivers/pengyun/

    systemctl enable openstack-cinder-volume.service target.service
systemctl restart openstack-cinder-volume.service target.service
systemctl status openstack-cinder-volume.service target.service
  • 相关阅读:
    js let
    go 语言
    第二十七篇、使用MVVM布局页面
    第二十六篇、因为自定item(nav)而使系统右滑返回手势失效的解决方法
    第四篇、点赞的粒子动画
    第二十五篇、抽屉效果的核心代码
    第二十四篇、iOS 10版本适配
    第二十三篇、使用NSURLSession时需要注意一个内存泄漏问题
    第十四篇、Ajax与Json
    第十三篇、jQuery Mobile
  • 原文地址:https://www.cnblogs.com/omgasw/p/13403906.html
Copyright © 2011-2022 走看看