zoukankan      html  css  js  c++  java
  • OpenStack Grizzly版本(Ubuntu 12.04)配置

    1.     我们在一天VMware虚拟机上(双网卡)使用Ubuntu 12.04.1 和 OpenVSwitch 1.4.6 来搭建OpenStack的Grizzly版本的平台。 由于OpenVSwitch的版本对Ubuntu系统的内核版本有依赖,建议在安装前请确认二者之间是否兼容。无论是在物理机器中还是VMware 中配置,都需要开启CPU 的虚拟化(Intel VT-x/EPT 或AMD-V/RVI(V)。

    需要注意的是:在以下对配置文件的修改过程中,每一个配置行前都不能留空格,以免引起不必要的错误!!!

    2.     为了提高Ubuntu 12.04.1的更新速度,将163的源加入/etc/apt/sources.list中。

    3.     添加OpenStack Grizzly版本的库:

    安装:apt-get install ubuntu-cloud-keyring python-software-properties software-properties-common python-keyring

    # cat > /etc/apt/sources.list.d/grizzly.list << _EOF_

    deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/grizzly main

    deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-proposed/grizzly main

    _EOF_

    更新软件源和软件:apt-get update; apt-get upgrade

    4. 安装ssh-server:

    apt-get install openssh-server

    5. 禁用network-manager:

    /etc/init.d/NetworkManager stop

    6. 安装mysql

    apt-get install -y mysql-server python-mysqldb

    修改mysql的配置文件/etc/mysql/my.cnf:

    sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf

    # sed -i '44 i skip-name-resolve' /etc/mysql/my.cnf 禁止mysql做域名解析,防止连接mysql出现错误和远程连接mysql慢的现象

    在my.cnf中添加:

    [client]

    default-character-set=utf8

    [mysqld]

    #default-storage-engine=INNODB

    character-set-server=utf8

    collation-server=utf8_general_ci

    重启mysql服务:
    /etc/init.d/mysql restart

    7. 安装rabbitMQ

    apt-get install -y rabbitmq-server

    8. 安装NTP服务:

    apt-get install -y ntp

    9. 安装keystone

    apt-get install -y keystone

    在mysql中创建keystone数据库,并授权用户keystone访问:

    # mysql -uroot -p

    mysql> create database keystone;

    mysql> grant all on keystone.* to 'keystone'@'%' identified by 'keystone';

    mysql> flush privileges; quit;

    修改/etc/keystone/keystone.conf中的数据库连接:

    connection = mysql://keystone:keystone@172.15.0.111/keystone

    重启keystone和同步数据库:

    service keystone restart

    keystone-manage db_sync

    修改如下两个文件的权限:

    chmod +x keystone_basic.sh

    chmod +x keystone_endpoints_basic.sh

    运行这两个脚本:

    ./keystone_basic.sh

    ./keystone_endpoints_basic.sh

    创建一个凭证文件:

    # cat > /root/creds.sh << _EOF_

    export OS_TENANT_NAME=admin

    export OS_USERNAME=admin

    export OS_PASSWORD=password

    export OS_AUTH_URL="http://172.15.0.111:5000/v2.0/"

    _EOF_

    # echo 'source /root/creds.sh' >> /root/.bashrc

    # source /root/creds.sh

    10. 安装glance:

    apt-get install -y glance

    创建glance数据库:

    #mysql -uroot -p

    mysql> create database glance;

    mysql> grant all on glance.* to 'glance'@'%' identified by 'glance';

    mysql> flush privileges; quit;

    修改 /etc/glance/glance-api-paste.ini:

    [filter:authtoken]

    paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory

    delay_auth_decision = true

    auth_host = 172.15.0.111

    auth_port = 35357

    auth_protocol = http

    admin_tenant_name = service

    admin_user = glance

    admin_password = password

    修改 /etc/glance/glance-registry-paste.ini:

    [filter:authtoken]

    paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory

    auth_host = 172.15.0.111

    auth_port = 35357

    auth_protocol = http

    admin_tenant_name = service

    admin_user = glance

    admin_password = password

    修改/etc/glance/glance-api.conf:

    sql_connection = mysql://glance:glance@172.15.0.111/glance

    [paste_deploy]

    flavor = keystone

    修改/etc/glance/glance-registry.conf:

    sql_connection = mysql://glance:glance@172.15.0.111/glance

    [paste_deploy]

    flavor = keystone

    重启glance-api和glance-registry服务并同步数据库:

    service glance-api restart; service glance-registry restart

    glance-manage db_sync

    service glance-api restart; service glance-registry restart

    上传镜像,下载Cirros img作为测试使用:

    # wget https://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-disk.img

    # glance image-create --name='cirros' --public --container-format=ovf --disk-format=qcow2 < ./cirros-0.3.0-x86_64-disk.img

    查看刚才上传的镜像:

    glance image-list

    11.安装quantum

    安装openVSwitch:

    apt-get install -y openvswitch-switch openvswitch-datapath-dkms

    创建网桥:

    ovs-vsctl add-br br-int

    ovs-vsctl add-br br-ex

    ovs-vsctl add-port br-ex eth0 (将eth0加入br-ex)

    手动配置网卡配置文件:

    #vi /etc/network/interfaces

    auto lo

    iface lo inet loopback

    auto eth0

    iface eth0 inet manual

    up ifconfig $IFACE 0.0.0.0 up

    up ip link set $IFACE promisc on

    down ip link set $IFACE promisc off

    down ifconfig $IFACE down

    auto br-ex

    iface br-ex inet static

    address 192.168.8.20

    netmask 255.255.255.0

    gateway 192.168.8.1

    dns-nameservers 208.67.222.222

    auto eth1

    iface eth1 inet static

    address 172.15.0.111

    netmask 255.255.255.0

    安装quantum和相关组件:

    apt-get install -y quantum-server quantum-plugin-openvswitch quantum-plugin-openvswitch-agent dnsmasq quantum-dhcp-agent quantum-l3-agent

    创建数据:

    mysql -uroot -p

    mysql> create database quantum;

    mysql> grant all on quantum.* to 'quantum'@'%' identified by 'quantum';

    mysql> flush privileges; quit;

    查看quantum的相关组件是否运行:

    cd /etc/init.d/; for i in $( ls quantum-* ); do sudo service $i status; done

    修改/etc/quantum/api-paste.ini:

    [filter:authtoken]

    paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory

    auth_host = 172.15.0.111

    auth_port = 35357

    auth_protocol = http

    admin_tenant_name = service

    admin_user = quantum

    admin_password = password

    修改OVS plugin的配置文件/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini:

    #Under the database section

    [DATABASE]

    sql_connection = mysql://quantum:quantum@172.15.0.111/quantum

    #Under the OVS section

    [OVS]

    tenant_network_type = gre

    tunnel_id_ranges = 1:1000

    integration_bridge = br-int

    tunnel_bridge = br-tun

    local_ip = 172.15.0.111

    enable_tunneling = True

    #Firewall driver for realizing quantum security group function

    [SECURITYGROUP]

    firewall_driver = quantum.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

    修改/etc/quantum/metadata_agent.ini:

    # The Quantum user information for accessing the Quantum API.

    auth_url = http://172.15.0.111:35357/v2.0

    auth_region = RegionOne

    admin_tenant_name = service

    admin_user = quantum

    admin_password = password

    # IP address used by Nova metadata server

    nova_metadata_ip = 127.0.0.1

    # TCP Port used by Nova metadata server

    nova_metadata_port = 8775

    metadata_proxy_shared_secret = helloOpenStack

    修改 /etc/quantum/quantum.conf:

    [keystone_authtoken]

    auth_host = 172.15.0.111

    auth_port = 35357

    auth_protocol = http

    admin_tenant_name = service

    admin_user = quantum

    admin_password = password

    signing_dir = /var/lib/quantum/keystone-signing

    重启quantum的所有服务:

    cd /etc/init.d/; for i in $( ls quantum-* ); do sudo service $i restart; done

    service dnsmasq restart

    12. 安装nova:

    apt-get install nova-api nova-novncproxy novnc nova-ajax-console-proxy nova-cert nova-consoleauth nova-doc nova-scheduler nova-compute nova-conductor

    创建数据库:

    # mysql -uroot -p

    mysql> create database nova;

    mysql> grant all on nova.* to 'nova'@'%' identified by 'nova';

    mysql> flush privileges; quit;

    查看nova所有服务的状态:

    cd /etc/init.d/; for i in $( ls nova-* ); do service $i status; cd; done

    修改配置文件/etc/nova/api-paste.ini:

    [filter:authtoken]

    paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory

    auth_host = 172.15.0.111

    auth_port = 35357

    auth_protocol = http

    admin_tenant_name = service

    admin_user = nova

    admin_password = password

    signing_dirname = /tmp/keystone-signing-nova

    # Workaround for http://bugs.launchpad.net/nova/+bug/1154809

    auth_version = 2.0v

    修改 /etc/nova/nova.conf文件:

    [DEFAULT]

    logdir=/var/log/nova

    state_path=/var/lib/nova

    lock_path=/var/lock/nova

    verbose=True

    api_paste_config=/etc/nova/api-paste.ini

    compute_scheduler_driver=nova.scheduler.simple.SimpleScheduler

    rabbit_host=172.15.0.111

    nova_url=http://172.15.0.111:8774/v1.1/

    sql_connection=mysql://nova:nova@172.15.0.111/nova

    root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf

    # Auth

    use_deprecated_auth=false

    auth_strategy=keystone

    # Imaging

    glance_api_servers=172.15.0.111:9292

    image_service=nova.image.glance.GlanceImageService 

    # Vnc configuration 

    novnc_enabled=true

    novncproxy_base_url=http://192.168.8.20:6080/vnc_auto.html 

    novncproxy_port=6080

    vncserver_proxyclient_address=172.15.0.111

    vncserver_listen=0.0.0.0

    # Network settings

    network_api_class=nova.network.quantumv2.api.API

    quantum_url=http://172.15.0.111:9696

    quantum_auth_strategy=keystone

    quantum_admin_tenant_name=service

    quantum_admin_username=quantum

    quantum_admin_password=password

    quantum_admin_auth_url=http://172.15.0.111:35357/v2.0

    libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver

    linuxnet_interface_driver=nova.network.linux_net.LinuxOVSInterfaceDriver

    #If you want Quantum + Nova Security groups

    firewall_driver=nova.virt.firewall.NoopFirewallDriver

    security_group_api=quantum

    #If you want Nova Security groups only, comment the two lines above and uncomment line -1-.

    #-1-firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver

    #Metadata

    service_quantum_metadata_proxy = True

    quantum_metadata_proxy_shared_secret = helloOpenStack

    metadata_host = 172.15.0.111

    metadata_listen = 127.0.0.1

    metadata_listen_port = 8775

    # Compute #

    compute_driver=libvirt.LibvirtDriver

    # Cinder #

    volume_api_class=nova.volume.cinder.API

    osapi_volume_listen_port=5900

    修改/etc/nova/nova-compute.conf文件:

    [DEFAULT]

    libvirt_type= qemu #kvm主要配置在物理机器上,在vmware上应该配置为qemu

    libvirt_ovs_bridge=br-int

    libvirt_vif_type=ethernet

    libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver

    libvirt_use_virtio_for_bridges=True

    同步数据库:

    nova-manage db sync

    重启nova-*服务:

    cd /etc/init.d/; for i in $( ls nova-* ); do sudo service $i restart; done

    检查nova-*服务:

    nova-manage service list

    13. cinder安装

    apt-get install cinder-api cinder-common cinder-scheduler cinder-volume python-cinderclient

    创建数据库:

    #mysql -uroot -p

    mysql> create database cinder;

    mysql> grant all on cinder.* to 'cinder'@'%' identified by 'cinder';

    mysql> flush privileges; quit;

    修改配置文件/etc/cinder/api-paste.ini:

    [filter:authtoken]

    paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory

    service_protocol = http

    service_host = 172.15.0.111

    service_port = 5000

    auth_host = 172.15.0.111

    auth_port = 35357

    auth_protocol = http

    admin_tenant_name = service

    admin_user = cinder

    admin_password = password

    signing_dir = /var/lib/cinder

    修改配置文件/etc/cinder/cinder.conf:

    [DEFAULT]

    rootwrap_config=/etc/cinder/rootwrap.conf

    sql_connection = mysql://cinder:cinder@172.15.0.111/cinder

    api_paste_config = /etc/cinder/api-paste.ini

    iscsi_helper=tgtadm

    volume_name_template = volume-%s

    volume_group = cinder-volumes

    verbose = True

    auth_strategy = keystone

    state_path = /var/lib/cinder

    lock_path = /var/lock/cinder

    volume_dir = /var/lib/cinder/volumes

    #osapi_volume_listen_port=5900

    同步数据库:

    cinder-manage db sync

    重启cinder的服务:

    cd /etc/init.d/; for i in $( ls cinder-* ); do sudo service $i restart; done

    查看cinder的服务:

    cd /etc/init.d/; for i in $( ls cinder-* ); do sudo service $i status; done

    14. 安装Horizon

    apt-get -y install openstack-dashboard memcached

    可以选择性删除OpenStack Ubuntu theme:

    dpkg --purge openstack-dashboard-ubuntu-theme

    修改memcached的监听地址:

    # vi /etc/openstack-dashboard/local_settings.py

    DEBUG = True

    重启apache2和memcached服务:

    service apache2 restart; service memcached restart

    15. 创建网络

    EXTERNAL_NET_ID=$(quantum net-create external_net1 --router:external=True | awk '/ id / {print $4}')

    SUBNET_ID=$(quantum subnet-create external_net1 192.168.8.0/24 --name=external_subnet1 --gateway_ip 192.168.8.1 --enable_dhcp=False | awk '/ id / {print $4}')

    修改组策略:

    # nova secgroup-add-rule default tcp 22 22 0.0.0.0/0

    # nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0

    16. 后续使用

  • 相关阅读:
    SpringBoot简单(登录/显示/登出)工程下载 使用Thymeleaf输出页面文字
    用Nginx将web请求引导到本机两个tomcat
    如何在本机启动两个tomcat
    [Java数据结构]Map的contiansKey和List的contains比较
    [Java数据结构]Queue
    【工具】在线代码格式化工具
    day79_淘淘商城项目_12_购物车流程 + 商城购物车系统的搭建 + 商城购物车系统的实现分析(cookie+redis方案) + 购物车实现增删改查_匠心笔记
    day78_淘淘商城项目_11_单点登录系统实现 + 用户名回显 + ajax请求跨域问题详解_匠心笔记
    day77_淘淘商城项目_10_ Linux下的Nginx代理详解(配置虚拟主机+实现反向代理+实现负载均衡+高可用) + 单点登录系统工程搭建 + SSO系统接口文档讲解_匠心笔记
    nginx启动报错:nginx: [error] open() "/var/run/nginx/nginx.pid" failed (2: No such file or directory) 的解决办法
  • 原文地址:https://www.cnblogs.com/purgiant/p/3922915.html
Copyright © 2011-2022 走看看