前言

openstack的Train版本安装测试过程记录

准备资源

服务器初始化

#初始化脚本
cd sysinit && sh system_init_v6.sh

#设置主机名
hostnamectl  set-hostname openstack-1
hostnamectl  set-hostname openstack-2
hostnamectl  set-hostname openstack-3

#安装openstack软件源
yum install centos-release-openstack-train -y
yum install https://rdoproject.org/repos/rdo-release.rpm -y
yum upgrade -y
yum install python-openstackclient -y

初始化脚本下载：

设置环境变量

#生成随机密码
openssl rand -hex 10

#在/etc/profile中设置
export ADMIN_PASS=c08393f3ed64cbca17ec
export CINDER_DBPASS=openstack@webzhan.xyz
export CINDER_PASS=c08393f3ed64cbca17ec
export DASH_DBPASS=c08393f3ed64cbca17ec
export DEMO_PASS=c08393f3ed64cbca17ec
export GLANCE_DBPASS=openstack@webzhan.xyz
export GLANCE_PASS=c08393f3ed64cbca17ec
export KEYSTONE_DBPASS=openstack@webzhan.xyz
export METADATA_SECRET=c08393f3ed64cbca17ec
export NEUTRON_DBPASS=openstack@webzhan.xyz
export NEUTRON_PASS=c08393f3ed64cbca17ec
export NOVA_DBPASS=openstack@webzhan.xyz
export NOVA_PASS=c08393f3ed64cbca17ec
export PLACEMENT_PASS=c08393f3ed64cbca17ec
export RABBIT_PASS=c08393f3ed64cbca17ec

#生效
source /etc/profile

安装基础服务

安装 MariaDB

#安装
yum install -y mariadb mariadb-server

#启动
systemctl enable --now mariadb

#初始化
mysql_secure_installation

安装 RabbitMQ

#安装
yum install -y rabbitmq-server

#启动
systemctl enable --now rabbitmq-server

#添加用户
rabbitmqctl add_user openstack $RABBIT_PASS

#授权
rabbitmqctl set_permissions openstack ".*" ".*" ".*"

安装 Memcached

#安装
yum install -y memcached python-memcached

#修改配置，允许外网访问
vim /etc/sysconfig/memcached
OPTIONS=""

#启动
systemctl enable --now memcached

安装 etcd

#安装
yum install -y etcd

#修改配置
vim /etc/etcd/etcd.conf
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="http://10.206.0.10:2380"
ETCD_LISTEN_CLIENT_URLS="http://10.206.0.10:2379"
ETCD_NAME="controller"

ETCD_INITIAL_ADVERTISE_PEER_URLS="http://10.206.0.10:2380"
ETCD_ADVERTISE_CLIENT_URLS="http://10.206.0.10:2379"
ETCD_INITIAL_CLUSTER="controller=http://10.206.0.10:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"
ETCD_INITIAL_CLUSTER_STATE="new"

#启动
systemctl enable --now  etcd

安装OpenStack Service

安装 Keystone

# 连接数据库
mysql -uroot -p

# 建库
CREATE DATABASE keystone;
CREATE USER keystone IDENTIFIED BY 'openstack@webzhan.xyz';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%';
FLUSH PRIVILEGES;

# 安装
yum install -y openstack-keystone httpd mod_wsgi

# 抱错安装
yum install -y  qpid-proton-c-0.26.0-2.el7.x86_64

# 配置
vim /etc/keystone/keystone.conf
[database]
connection = mysql+pymysql://keystone:openstack%40webzhan.xyz@openstack-1/keystone

[token]
provider = fernet

# 填充数据库
keystone-manage db_sync  keystone

# 初始化Fernet密钥存储库
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

# 启动keystone
keystone-manage bootstrap --bootstrap-password $ADMIN_PASS \
  --bootstrap-admin-url http://openstack-1:5000/v3/ \
  --bootstrap-internal-url http://openstack-1:5000/v3/ \
  --bootstrap-public-url http://openstack-1:5000/v3/ \
  --bootstrap-region-id RegionOne

# 配置httpd
vim /etc/httpd/conf/httpd.conf
ServerName openstack-1

# 建立软连接
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/

# 启动httpd
systemctl enable --now httpd

# 三台服务器更新环境变量
export OS_USERNAME=admin
export OS_PASSWORD=$ADMIN_PASS
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://openstack-1:5000/v3

# 三台服务器使环境变量生效
source /etc/profile

# 以下继续在 openstack-1 执行
# 创建默认 domain
openstack domain create --description "An Example Domain" example

# 创建service 项目
openstack project create --domain default --description "Service Project" service

# 创建myproject project 
openstack project create --domain default --description "Demo Project" myproject

# myuser 用户，密码设置123456
openstack user create --domain default --password-prompt myuser

# 创建myrole权限
openstack role create myrole

# 把myrole权限加入到myproject和myuser中
openstack role add --project myproject --user myuser myrole

# 验证
unset OS_AUTH_URL OS_PASSWORD
openstack --os-auth-url http://openstack-1:5000/v3 \
  --os-project-domain-name Default --os-user-domain-name Default \
  --os-project-name admin --os-username admin token issue

# 验证myproject
openstack --os-auth-url http://openstack-1:5000/v3 \
  --os-project-domain-name Default --os-user-domain-name Default \
  --os-project-name myproject --os-username myuser token issue

# 创建 admin-openrc 文件
export OS_USERNAME=admin
export OS_PASSWORD=$ADMIN_PASS
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://openstack-1:5000/v3
export OS_IDENTITY_API_VERSION=3

# 创建 demo-openrc 文件
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=myproject
export OS_USERNAME=myuser
export OS_PASSWORD=123456
export OS_AUTH_URL=http://openstack-1:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

# 使之生效
. admin-openrc

# 请求认证 token
openstack token issue

安装 Glance

# 连接数据库
mysql -uroot -p

# 创建 mysql 用户及库
CREATE DATABASE glance;
CREATE USER glance IDENTIFIED BY 'openstack@webzhan.xyz';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%';
FLUSH PRIVILEGES;

# 创建 glance 用户, 密码为上面的 GLANCE_PASS 
openstack user create --domain default --password-prompt glance

# 为 glance 用户添加 admin 权限
openstack role add --project service --user glance admin

# 创建 glance service
openstack service create --name glance --description "OpenStack Image" image

# 创建 Image service API endpoints
openstack endpoint create --region RegionOne image public http://openstack-1:9292
openstack endpoint create --region RegionOne image internal http://openstack-1:9292
openstack endpoint create --region RegionOne image admin http://openstack-1:9292

# 安装 glance 组件：
yum install -y openstack-glance

# 修改 /etc/glance/glance-api.conf 文件：
[database]
connection = mysql+pymysql://glance:openstack%40webzhan.xyz@openstack-1/glance

[keystone_authtoken]
www_authenticate_uri  = http://openstack-1:5000
auth_url = http://openstack-1:5000
memcached_servers = openstack-1:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = c08393f3ed64cbca17ec

[paste_deploy]
flavor = keystone

[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/

# 初始化数据库
glance-manage db_sync glance

# 启动 Glance 服务，如果启动失败，见最后FAQ，应该是权限问题。
systemctl enable  --now openstack-glance-api

# 验证
wget https://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-disk.img
lsof -i:9292
openstack image create "cirros" --file cirros-0.3.0-x86_64-disk.img --disk-format qcow2 --container-format bare --public 
openstack image list

安装 Placement

# 连接数据库
mysql -uroot -p

# 创建 mysql 库和用户
CREATE DATABASE placement;
CREATE USER placement IDENTIFIED BY 'openstack@webzhan.xyz';
GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%';
FLUSH PRIVILEGES;

# 创建用户,密码是上面的 PLACEMENT_PASS 
openstack user create --domain default --password-prompt placement

# 添加 placement service
openstack role add --project service --user placement admin

# 创建Placement API entry：
openstack service create --name placement --description "Placement API" placement

# 创建 Placement API service endpoints 
openstack endpoint create --region RegionOne placement public http://openstack-1:8778
openstack endpoint create --region RegionOne placement internal http://openstack-1:8778
openstack endpoint create --region RegionOne placement admin http://openstack-1:8778

# 安装 Placement 组件
yum install -y openstack-placement-api

# 修改 /etc/placement/placement.conf 文件：
[placement_database]
connection = mysql+pymysql://placement:openstack%40webzhan.xyz@openstack-1/placement

[api]
auth_strategy = keystone

[keystone_authtoken]
auth_url = http://openstack-1:5000/v3
memcached_servers = openstack-1:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = placement
password = c08393f3ed64cbca17ec

# 初始化数据库
placement-manage db sync

# 重启 httpd 服务
systemctl restart httpd

# 验证。出现错误，见FAQ
placement-status upgrade check
pip install osc-placement==2.2.0
openstack --os-placement-api-version 1.2 resource class list --sort-column name
openstack --os-placement-api-version 1.6 trait list --sort-column name

安装 Nova

安装 Nova 控制节点

# 连接数据库
mysql -uroot -p

# 创建 mysql 用户和库
CREATE DATABASE nova_api;
CREATE DATABASE nova;
CREATE DATABASE nova_cell0;
CREATE USER nova IDENTIFIED BY 'openstack@webzhan.xyz';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%';
FLUSH PRIVILEGES;

# 创建 nova 用户，密码是 NOVA_PASS
openstack user create --domain default --password-prompt nova

# 为 nova 添加 admin 权限：
openstack role add --project service --user nova admin

# 创建 nova service entity
openstack service create --name nova --description "OpenStack Compute" compute

# 创建 Compute API service endpoints
openstack endpoint create --region RegionOne compute public http://openstack-1:8774/v2.1
openstack endpoint create --region RegionOne compute internal http://openstack-1:8774/v2.1
openstack endpoint create --region RegionOne compute admin http://openstack-1:8774/v2.1

# 安装 nova
yum install -y openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler

# 修改 /etc/nova/nova.conf 文件
[DEFAULT]
enabled_apis=osapi_compute,metadata
block_device_allocate_retries=300
block_device_allocate_retries_interval=3


[api_database]
connection = mysql+pymysql://nova:openstack%40webzhan.xyz@openstack-1/nova_api

[database]
connection = mysql+pymysql://nova:openstack%40webzhan.xyz@openstack-1/nova

[DEFAULT]
transport_url=rabbit://openstack:c08393f3ed64cbca17ec@openstack-1:5672/

[api]
auth_strategy = keystone

[keystone_authtoken]
www_authenticate_uri = http://openstack-1:5000/
auth_url = http://openstack-1:5000/
memcached_servers = openstack-1:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = c08393f3ed64cbca17ec

[DEFAULT]
my_ip=10.206.0.10

[DEFAULT]
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver

[vnc]
enabled = true
server_listen = $my_ip
server_proxyclient_address = $my_ip

[glance]
api_servers=http://openstack-1:9292

[oslo_concurrency]
lock_path = /var/lib/nova/tmp

[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://openstack-1:5000/v3
username = placement
password = c08393f3ed64cbca17ec

# 初始化数据库
nova-manage api_db sync

# 注册 cell0 数据库
nova-manage cell_v2 map_cell0

# 注册 cell1 数据库
nova-manage cell_v2 create_cell --name=cell1 --verbose

# 填充 nove 数据库
nova-manage db sync

# 验证 cell0 和 cell1 是否被注册了
nova-manage cell_v2 list_cells

# 启动 nova
systemctl enable --now openstack-nova-api openstack-nova-scheduler openstack-nova-conductor openstack-nova-novncproxy

# 检查更新
nova-status upgrade check

安装 Nova 计算节点

# 安装
yum install -y qpid-proton-c-0.26.0-2.el7.x86_64
yum install -y openstack-nova-compute

# 修改 /etc/nova/nova.conf 文件,注意my_ip
[DEFAULT]
enabled_apis = osapi_compute,metadata
block_device_allocate_retries=300
block_device_allocate_retries_interval=3

[DEFAULT]
transport_url=rabbit://openstack:c08393f3ed64cbca17ec@openstack-1

[api]
auth_strategy = keystone

[keystone_authtoken]
www_authenticate_uri = http://openstack-1:5000/
auth_url = http://openstack-1:5000/
memcached_servers = openstack-1:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = c08393f3ed64cbca17ec

[DEFAULT]
my_ip=10.206.0.6

[DEFAULT]
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver

[vnc]
enabled = true
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://openstack-1:6080/vnc_auto.html

[glance]
api_servers=http://openstack-1:9292

[oslo_concurrency]
lock_path = /var/lib/nova/tmp

[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://openstack-1:5000/v3
username = placement
password = c08393f3ed64cbca17ec

# 执行
egrep -c '(vmx|svm)' /proc/cpuinfo

# 如果返回了 0 ，还需要配置：
[libvirt]
virt_type=qemu

# 启动 Nova 计算节点：
systemctl enable --now libvirtd openstack-nova-compute

# 查看有哪些计算节点
openstack compute service list --service nova-compute

# 发现计算节点,每次加入新节点后，都要执行 nova-manage命令。
nova-manage cell_v2 discover_hosts --verbose

# 验证 Nova 安装
openstack catalog list
openstack image list
nova-status upgrade check

安装 Neutron

安装 Neutron 控制节点

# 连接数据库
mysql -uroot -p

# 创建 mysql 库和用户
CREATE DATABASE neutron;
CREATE USER neutron IDENTIFIED BY 'openstack@webzhan.xyz';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%';
FLUSH PRIVILEGES;

# 创建 neutron 用户,使用 NEUTRON_PASS 为密码
openstack user create --domain default --password-prompt neutron

# 为 neutron 用户添加 admin 权限
openstack role add --project service --user neutron admin

# 创建 neutron service entity
openstack service create --name neutron --description "OpenStack Networking" network

# 创建 Networking service API endpoints
openstack endpoint create --region RegionOne network public http://openstack-1:9696
openstack endpoint create --region RegionOne network internal http://openstack-1:9696
openstack endpoint create --region RegionOne network admin http://openstack-1:9696

# 这里配置网络有两种选项，下面来部署比较简单的
yum install  -y openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables

# 修改 /etc/neutron/neutron.conf 文件
[database]
connection = mysql+pymysql://neutron:openstack%40webzhan.xyz@openstack-1/neutron

[DEFAULT]
core_plugin = ml2
service_plugins =

[DEFAULT]
transport_url=rabbit://openstack:c08393f3ed64cbca17ec@openstack-1

[DEFAULT]
auth_strategy = keystone

[keystone_authtoken]
www_authenticate_uri = http://openstack-1:5000
auth_url = http://openstack-1:5000
memcached_servers = openstack-1:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = c08393f3ed64cbca17ec

[DEFAULT]
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true

[nova]
auth_url = http://openstack-1:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = c08393f3ed64cbca17ec

[oslo_concurrency]
lock_path = /var/lib/neutron/tmp

# 修改 /etc/neutron/plugins/ml2/ml2_conf.ini 文件，添加以下内容
[ml2]
type_drivers = flat,vlan
tenant_network_types =
mechanism_drivers = linuxbridge
extension_drivers = port_security

[ml2_type_flat]
flat_networks = provider

[securitygroup]
enable_ipset = true

# 修改 /etc/neutron/plugins/ml2/linuxbridge_agent.ini 文件，添加以下内容
## 注意网卡名称
[linux_bridge]
physical_interface_mappings = provider:eth0

[vxlan]
enable_vxlan = false

[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

# 修改 /etc/neutron/dhcp_agent.ini 文件，加入以下配置
[DEFAULT]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true

# 修改 /etc/neutron/metadata_agent.ini 文件，加入以下内容
[DEFAULT]
nova_metadata_host = openstack-1
metadata_proxy_shared_secret = c08393f3ed64cbca17ec

# 修改 /etc/nova/nova.conf 文件，加入以下内容
[neutron]
auth_url = http://openstack-1:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = c08393f3ed64cbca17ec
service_metadata_proxy = true
metadata_proxy_shared_secret = c08393f3ed64cbca17ec

# 启动 Neutron
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head

systemctl restart openstack-nova-api

systemctl enable --now neutron-server neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent

# 创建网络
openstack network create  --share --external --provider-physical-network provider --provider-network-type flat provider

# 创建子网
openstack subnet create --network provider --allocation-pool start=10.206.0.20,end=10.206.0.50 --dns-nameserver 183.60.83.19 --gateway 10.206.0.1 --subnet-range 10.206.0.0/20 provider

安装 Neutron 计算节点

# 安装软件
yum install -y openstack-neutron-linuxbridge ebtables ipset

# 修改 /etc/neutron/neutron.conf 配置文件
[DEFAULT]
transport_url=rabbit://openstack:c08393f3ed64cbca17ec@openstack-1

[DEFAULT]
auth_strategy = keystone

[keystone_authtoken]
www_authenticate_uri = http://openstack-1:5000
auth_url = http://openstack-1:5000
memcached_servers = openstack-1:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = c08393f3ed64cbca17ec

[oslo_concurrency]
lock_path = /var/lib/neutron/tmp

# 修改 /etc/neutron/plugins/ml2/linuxbridge_agent.ini 文件
## 注意网卡名称
[linux_bridge]
physical_interface_mappings = provider:eth0

[vxlan]
enable_vxlan = false

[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

# 修改 /etc/nova/nova.conf 文件
[neutron]
url = http://openstack-1:9696
auth_url = http://openstack-1:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = c08393f3ed64cbca17ec

# 重启计算服务
systemctl restart openstack-nova-compute

# 启动网络计算服务。启动抱错(网卡名称导致)，见FAQ
systemctl enable --now neutron-linuxbridge-agent

# 验证
openstack extension list --network

# 查看网络节点列表
openstack network agent list

安装 CInder

安装 Cinder 控制节点

# 连接数据库
mysql -uroot -p

# 添加 mysql 库和 用户
CREATE DATABASE cinder;
CREATE USER cinder IDENTIFIED BY 'openstack@webzhan.xyz';
GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%';
FLUSH PRIVILEGES;

# 创建 cinder 用户，密码是 CINDER_PASS
openstack user create --domain default --password-prompt cinder

# 为 cinder 用户绑定 admin 权限
openstack role add --project service --user cinder admin

# 创建 cinderv2 and cinderv3 service entities
openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2
openstack service create --name cinderv3 --description "OpenStack Block Storage" volumev3

# 创建 Block Storage service API endpoints
openstack endpoint create --region RegionOne volumev2 public http://openstack-1:8776/v2/%\(project_id\)s
openstack endpoint create --region RegionOne volumev2 internal http://openstack-1:8776/v2/%\(project_id\)s
openstack endpoint create --region RegionOne volumev2 admin http://openstack-1:8776/v2/%\(project_id\)s

openstack endpoint create --region RegionOne volumev3 public http://openstack-1:8776/v3/%\(project_id\)s
openstack endpoint create --region RegionOne volumev3 internal http://openstack-1:8776/v3/%\(project_id\)s
openstack endpoint create --region RegionOne volumev3 admin http://openstack-1:8776/v3/%\(project_id\)s

# 安装 cinder
yum install -y openstack-cinder

# 修改 /etc/cinder/cinder.conf 配置文件
[database]
connection = mysql+pymysql://cinder:openstack%40webzhan.xyz@openstack-1/cinder

[DEFAULT]
transport_url=rabbit://openstack:c08393f3ed64cbca17ec@openstack-1:5672/
auth_strategy = keystone
my_ip = 10.206.0.10

[keystone_authtoken]
www_authenticate_uri = http://openstack-1:5000
auth_url = http://openstack-1:5000
memcached_servers = openstack-1:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = cinder
password = c08393f3ed64cbca17ec

[oslo_concurrency]
lock_path = /var/lib/cinder/tmp

# 初始化数据库
cinder-manage db sync

# 配置计算节点使用块储存，在全部节点上修改 /etc/nova/nova.conf 
[cinder]
os_region_name = RegionOne

# 重启 nova-api 
systemctl restart openstack-nova-api

# 启动块储存控制节点的服务：
systemctl enable --now openstack-cinder-api openstack-cinder-scheduler

安装 Cinder 储存节点

# 实体机采用虚拟卷扩展磁盘，本次采用竞价实例无法添加硬盘，采用下面NFS方式
# 安装软件
yum install -y lvm2 device-mapper-persistent-data

# 启动 lvm
systemctl enable --now lvm2-lvmetad

# 准备几块磁盘，创建pv
pvcreate /dev/sdb
pvcreate /dev/sdc

# 创建 vg：
vgcreate cinder-volumes /dev/sdb /dev/sdc

# 在 /etc/lvm/lvm.conf 中 的 devices 块中添加
filter = [ "a/sdb/", "a/sdc/" "r/.*/"]

# 安装软件
yum -y install nfs-utils rpcbind

# 配置
vim /etc/exports
/data/nfs *(rw,no_root_squash)

# 创建目录
mkdir -p /data/nfs

# 启动
systemctl enable  --now nfs rpcbind

# 查看
showmount -e localhost

# 安装 Cinder 储存组件
yum install -y openstack-cinder targetcli python-keystone

# 查看类名
grep 'Nfs'  /usr/lib/python2.7/site-packages/cinder/volume/drivers/nfs.py | grep class

# 修改 /etc/cinder/cinder.conf 配置文件
[database]
connection = mysql+pymysql://cinder:openstack%40webzhan.xyz@openstack-1/cinder

[DEFAULT]
transport_url=rabbit://openstack:c08393f3ed64cbca17ec@openstack-1:5672/
auth_strategy = keystone
glance_api_servers = http://openstack-1:9292
my_ip = 10.206.0.6
enabled_backends = nfs

[keystone_authtoken]
www_authenticate_uri = http://openstack-1:5000
auth_url = http://openstack-1:5000
memcached_servers = openstack-1:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = cinder
password = c08393f3ed64cbca17ec

[oslo_concurrency]
lock_path = /var/lib/cinder/tmp


[nfs]
volume_backend_name = nfs
volume_driver = cinder.volume.drivers.nfs.NfsDriver
nfs_shares_config=/etc/cinder/nfs_shares
nfs_mount_point_base=$state_path/mnt

# 创建nfs配置文件
vim  /etc/cinder/nfs_shares
10.206.0.6:/data/nfs

# 更改权限
chown root:cinder /etc/cinder/nfs_shares
chmod 640 /etc/cinder/nfs_shares
 
# 启动 Cinder 储存节点
systemctl enable --now openstack-cinder-volume

# 验证，密码 c08393f3ed64cbca17ec 
openstack volume service list

安装 Horizon

# 安装软件
yum install -y openstack-dashboard

# 修改 /etc/openstack-dashboard/local_settings 配置文件
OPENSTACK_HOST = "openstack-1"
ALLOWED_HOSTS = ['*']
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
CACHES = {
    'default': {
         'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
         'LOCATION': 'openstack-1:11211',
    }
}

TIME_ZONE = "Asia/Shanghai"

OPENSTACK_NEUTRON_NETWORK = {
    'enable_auto_allocated_network': False,
    'enable_distributed_router': False,
    'enable_fip_topology_check': True,
    'enable_ha_router': False,
    'enable_ipv6': True,
    # TODO(amotoki): Drop OPENSTACK_NEUTRON_NETWORK completely from here.
    # enable_quotas has the different default value here.
    'enable_quotas': False,
    'enable_rbac_policy': True,
    'enable_router': True,
    'enable_lb': False,
    'enable_firewall': False,
    'enable_vpn': False,

    'default_dns_nameservers': [],
    'supported_provider_types': ['*'],
    'segmentation_id_range': {},
    'extra_provider_types': {},
    'supported_vnic_types': ['*'],
    'physical_networks': [],

}


OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_API_VERSIONS = {
    "identity": 3,
    "image": 2,
    "volume": 3,
}
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"

WEBROOT = "/dashboard/"

# 在 /etc/httpd/conf.d/openstack-dashboard.conf 中添加
WSGIApplicationGroup %{GLOBAL}

# 重启 httpd 和 缓存服务：
systemctl restart httpd  memcached

# 在界面上创建一个镜像，镜像需要特殊定制的。然后查看镜像列表：
glance image-list

测试访问

http://openstack-1/dashboard

FAQ

glance启动抱错

#修改systemd配置,注销
vim /lib/systemd/system/openstack-glance-api.service
#Restart=on-failure

# 使生效
systemctl daemon-reload

# 重启
systemctl restart openstack-glance-api

# 报错权限问题，修改后重启成功
chown -R glance:glance /var/log/glance/api.log

Placement报错

# 在 /etc/httpd/conf.d/00-placement-api.conf 中的 <VirtualHost *:8778> 内部加入以下代码：

  <Directory /usr/bin>
    <IfVersion >= 2.4>
      Require all granted
    </IfVersion>
    <IfVersion < 2.4>
      Order allow,deny
      Allow from all
    </IfVersion>
  </Directory>

# 重启 httpd
systemctl restart httpd

# 再次验证
openstack --os-placement-api-version 1.2 resource class list --sort-column name
openstack --os-placement-api-version 1.6 trait list --sort-column name

neutron-linuxbridge-agent 启动抱错

# 查看日志
cat /var/log/neutron/linuxbridge-agent.log
Interface ens192 for physical network provider does not exist. Agent terminated!

# 修改 /etc/neutron/plugins/ml2/linuxbridge_agent.ini
## 网卡接口不对
[linux_bridge]
physical_interface_mappings = provider:eth0

# 重启服务
 systemctl restart neutron-linuxbridge-agent

openstack安装部署测试总结(一)

前言

准备资源

服务器初始化

设置环境变量

安装基础服务

安装 MariaDB

安装 RabbitMQ

安装 Memcached

安装 etcd

安装OpenStack Service

安装 Keystone

安装 Glance

安装 Placement

安装 Nova

安装 Nova 控制节点

安装 Nova 计算节点

安装 Neutron

安装 Neutron 控制节点

安装 Neutron 计算节点

安装 CInder

安装 Cinder 控制节点

安装 Cinder 储存节点

安装 Horizon

测试访问

FAQ

glance启动抱错

Placement报错

neutron-linuxbridge-agent 启动抱错

openstack安装部署测试(二)-创建一个实例

openstack架构说明

openstack和Kubernetes对比

评论 (1)