主机测评网
小编给大家分享一下openstack pike如何安装,相信大部分人都还不怎么了解,因此分享这篇文章给大家参考一下,希望大家阅读完这篇文章后大有收获,下面让我们一起去了解一下吧!
节点规划
准备4台虚机,分别做Controller,Network,Compute,Middleware。
Controller安装keystone,glance,nova-api,nova-conductor,nova-scheduler,nova-placement
Network安装neutron相关组件
Compute安装nova-compute
Middleware安装mariadb,rabbitmq,memcache。
网络规划
controller
eth0: 192.168.100.111 external
eth2: 10.1.1.1 admim
network
eth0: 192.168.100.114 external
eth2: 10.1.1.4 admin
eth3: 10.2.2.4 tunnel
compute
eth0: 192.168.100.112 external
eth2: 10.1.1.2 admin
eth3: 10.2.2.2 tunnel
middleware (mysql,mq,memcache)
eth2: 10.1.1.3 admin
基础配置
每个节点都按如下操作
hosts文件
echo "
10.1.1.1 controller
10.1.1.2 compute
10.1.1.3 middleware
10.1.1.4 network
" >>/etc/hosts
配置yum源
yum install -y wget
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum install centos-release-openstack-pike -y
yum clean all && yum makecache
时间同步
echo "*/3 * * * * /usr/sbin/ntpdate ntp6.aliyun.com &> /dev/null" > /tmp/crontab
crontab /tmp/crontab
Middleware节点
安装数据库
yum install -y mariadb-server
systemctl restart mariadb.service
systemctl enable mariadb.service
安装rabbitmq
yum install -y erlang rabbitmq-server
systemctl restart rabbitmq-server
systemctl enable rabbitmq-server
创建openstack用户,并设置密码
rabbitmqctl add_user openstack 123456
给openstack用户赋予权限
rabbitmqctl set_permissions openstack ".*" ".*" ".*"
rabbitmqctl set_user_tags openstack administrator
rabbitmqctl list_users
打开RabbitMQ相关插件
/usr/lib/rabbitmq/bin/rabbitmq-plugins enable rabbitmq_management mochiweb webmachine rabbitmq_web_dispatch amqp_client rabbitmq_management_agent
查看RabbitMQ插件
/usr/lib/rabbitmq/bin/rabbitmq-plugins list
安装memcached
yum install -y memcached python-memcached
配置memcache监听端口
sed -i 's/OPTIONS*.*/OPTIONS="-l 127.0.0.1,10.1.1.3"/' /etc/sysconfig/memcached
重启memcache并设置开机启动
systemctl restart memcached.service
systemctl enable memcached.service
systemctl status memcached.service
Controller节点
安装keystone
yum -y install openstack-keystone httpd mod_wsgi python-openstackclient openstack-utils
创建keystone库,并给keystone用户授权
create database keystone;
grant all privileges on keystone.* to 'keystone'@'localhost' identified by '123456';
grant all privileges on keystone.* to 'keystone'@'%' identified by '123456';
配置/etc/keystone/keystone.conf
cp /etc/keystone/keystone.conf /etc/keystone/keystone.conf.bak
> /etc/keystone/keystone.conf
openstack-config –set /etc/keystone/keystone.conf DEFAULT transport_url rabbit://openstack:123456@middleware
openstack-config –set /etc/keystone/keystone.conf database connection mysql://keystone:123456@middleware/keystone
openstack-config –set /etc/keystone/keystone.conf cache backend oslo_cache.memcache_pool
openstack-config –set /etc/keystone/keystone.conf cache enabled true
openstack-config –set /etc/keystone/keystone.conf cache memcache_servers middleware:11211
openstack-config –set /etc/keystone/keystone.conf memcache servers middleware:11211
openstack-config –set /etc/keystone/keystone.conf token expiration 3600
openstack-config –set /etc/keystone/keystone.conf token provider fernet
配置httpd.conf文件
sed -i "s/ServerName www.example.com:80/ServerName controller/" /etc/httpd/conf/httpd.conf
配置keystone与httpd结合
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
建立identity表结构
su -s /bin/sh -c "keystone-manage db_sync" keystone
初始化fernet
keystone-manage fernet_setup –keystone-user keystone –keystone-group keystone
keystone-manage credential_setup –keystone-user keystone –keystone-group keystone
启动httpd,并设置httpd开机启动
systemctl enable httpd.service
systemctl restart httpd.service
systemctl status httpd.service
创建admin用户角色
keystone-manage bootstrap –bootstrap-password 123456 –bootstrap-admin-url http://controller:35357/v3 –bootstrap-internal-url http://controller:35357/v3 –bootstrap-public-url http://controller:5000/v3 –bootstrap-region-id RegionOne –bootstrap-username admin –bootstrap-project-name admin –bootstrap-role-name admin –bootstrap-service-name keystone
验证
openstack project list –os-username admin –os-project-name admin –os-user-domain-id default –os-project-domain-id default –os-identity-api-version 3 –os-auth-url http://controller:5000 –os-password 123456
创建admin用户环境变量,创建/root/admin-openrc 文件
cat >> /root/admin-openrc <<eof
export OS_USER_DOMAIN_ID=default
export OS_PROJECT_DOMAIN_ID=default
export OS_USERNAME=admin
export OS_PROJECT_NAME=admin
export OS_PASSWORD=123456
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
export OS_AUTH_URL=http://controller:35357/v3
EOF
创建service项目
source /root/admin-openrc
openstack project create –domain default –description "Service Project" service
创建demo项目
openstack project create –domain default –description "Demo Project" demo
创建demo用户,并设置密码
openstack user create –domain default demo –password 123456
创建user角色并将demo用户赋予user角色
openstack role create user
openstack role add –project demo –user demo user
验证keystone
unset OS_TOKEN OS_URL
openstack –os-auth-url http://controller:35357/v3 –os-project-domain-name default –os-user-domain-name default –os-project-name admin –os-username admin token issue –os-password 123456
openstack –os-auth-url http://controller:5000/v3 –os-project-domain-name default –os-user-domain-name default –os-project-name demo –os-username demo token issue –os-password 123456
安装glance
创建glance数据库
CREATE DATABASE glance;
创建数据库用户并赋予权限
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '123456';
创建glance用户及赋予admin权限
source /root/admin-openrc
openstack user create –domain default glance –password 123456
openstack role add –project service –user glance admin
创建image服务
openstack service create –name glance –description "OpenStack Image service" image
创建glance的endpoint
openstack endpoint create –region RegionOne image public http://controller:9292
openstack endpoint create –region RegionOne image internal http://controller:9292
openstack endpoint create –region RegionOne image admin http://controller:9292
安装glance相关的软件包
yum install -y openstack-glance python-glance
配置/etc/glance/glance-api.conf
cp /etc/glance/glance-api.conf /etc/glance/glance-api.conf.bak
\>/etc/glance/glance-api.conf
openstack-config –set /etc/glance/glance-api.conf DEFAULT transport_url rabbit://openstack:123456@middleware
openstack-config –set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:123456@middleware/glance
openstack-config –set /etc/glance/glance-api.conf keystone_authtoken auth_uri http://controller:5000
openstack-config –set /etc/glance/glance-api.conf keystone_authtoken auth_url http://controller:35357
openstack-config –set /etc/glance/glance-api.conf keystone_authtoken memcached_servers middleware:11211
openstack-config –set /etc/glance/glance-api.conf keystone_authtoken auth_type password
openstack-config –set /etc/glance/glance-api.conf keystone_authtoken project_domain_name default
openstack-config –set /etc/glance/glance-api.conf keystone_authtoken user_domain_name default
openstack-config –set /etc/glance/glance-api.conf keystone_authtoken project_name service
openstack-config –set /etc/glance/glance-api.conf keystone_authtoken username glance
openstack-config –set /etc/glance/glance-api.conf keystone_authtoken password 123456
openstack-config –set /etc/glance/glance-api.conf paste_deploy flavor keystone
openstack-config –set /etc/glance/glance-api.conf glance_store stores file,http
openstack-config –set /etc/glance/glance-api.conf glance_store default_store file
openstack-config –set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /var/lib/glance/images/
配置/etc/glance/glance-registry.conf
cp /etc/glance/glance-registry.conf /etc/glance/glance-registry.conf.bak
>/etc/glance/glance-registry.conf
openstack-config –set /etc/glance/glance-registry.conf DEFAULT transport_url rabbit://openstack:devops@middleware
openstack-config –set /etc/glance/glance-registry.conf database connection mysql+pymysql://glance:123456@middleware/glance
openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken auth_uri http://controller:5000
openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken auth_url http://controller:35357
openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken memcached_servers middleware:11211
openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken auth_type password
openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken project_domain_name default
openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken user_domain_name default
openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken project_name service
openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken username glance
openstack-config –set /etc/glance/glance-registry.conf keystone_authtoken password 123456
openstack-config –set /etc/glance/glance-registry.conf paste_deploy flavor keystone
同步glance数据库,初始化glance表结构
/bin/sh -c "glance-manage db_sync" glance
创建镜像存储目录并赋予glance用户和组权限
mkdir /var/lib/glance/images
chown glance.glance /var/lib/glance/images
chown glance.glance /var/log/glance/api.log
启动glance服务及设置开机启动
systemctl enable openstack-glance-api.service openstack-glance-registry.service
systemctl restart openstack-glance-api.service openstack-glance-registry.service
systemctl status openstack-glance-api.service openstack-glance-registry.service
下载测试镜像文件
wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
上传镜像到glance
source /root/admin-openrc
glance image-create –name "cirros-0.3.4-x86_64" –file cirros-0.3.4-x86_64-disk.img –disk-format qcow2 –container-format bare –visibility public –progress
查看镜像列表:
glance image-list
安装nova (controller部分)
创建数据库
create database nova;
create database nova_api;
create database nova_cell0;
数据库授权
grant all privileges on nova.* to nova@'localhost' identified by '123456';
grant all privileges on nova.* to nova@'%' identified by '123456';
grant all privileges on nova_api.* to nova@'localhost' identified by '123456';
grant all privileges on nova_api.* to nova@'%' identified by '123456';
grant all privileges on nova_cell0.* to nova@'%' identified by '123456';
grant all privileges on nova_cell0.* to nova@'localhost' identified by '123456';
source admin-openrc
创建用户,分配角色
openstack user create –domain default nova –password 123456
openstack role add –project service –user nova admin
创建compute服务
openstack service create –name nova –description "OpenStack Compute" compute
创建endpoint
openstack endpoint create –region RegionOne compute public http://controller:8774/v2.1/%\(tenant_id\)s
openstack endpoint create –region RegionOne compute internal http://controller:8774/v2.1/%\(tenant_id\)s
openstack endpoint create –region RegionOne compute admin http://controller:8774/v2.1/%\(tenant_id\)s
创建placement 用户和服务
openstack user create –domain default placement –password 123456
openstack role add –project service –user placement admin
openstack service create –name placement –description "Placement API" placement
创建placement endpoint
openstack endpoint create –region RegionOne placement admin http://controller:8778
openstack endpoint create –region RegionOne placement public http://controller:8778
openstack endpoint create –region RegionOne placement internal http://controller:8778
安装nova相关软件
yum install -y openstack-nova-api openstack-nova-conductor openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler openstack-nova-placement-api
配置/etc/nova/nova.conf
cp /etc/nova/nova.conf /etc/nova/nova.conf.bak
>/etc/nova/nova.conf
openstack-config –set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
openstack-config –set /etc/nova/nova.conf DEFAULT my_ip 10.1.1.1
openstack-config –set /etc/nova/nova.conf DEFAULT use_neutron True
openstack-config –set /etc/nova/nova.conf DEFAULT firewall_driver nova.firewall.NoopFirewallDriver
openstack-config –set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:123456@middleware
openstack-config –set /etc/nova/nova.conf database connection mysql+pymysql://nova:123456@middleware/nova
openstack-config –set /etc/nova/nova.conf api_database connection mysql+pymysql://nova:123456@middleware/nova_api
openstack-config –set /etc/nova/nova.conf scheduler discover_hosts_in_cells_interval -1
openstack-config –set /etc/nova/nova.conf api auth_strategy keystone
openstack-config –set /etc/nova/nova.conf keystone_authtoken auth_uri http://controller:5000
openstack-config –set /etc/nova/nova.conf keystone_authtoken auth_url http://controller:35357
openstack-config –set /etc/nova/nova.conf keystone_authtoken memcached_servers middleware:11211
openstack-config –set /etc/nova/nova.conf keystone_authtoken auth_type password openstack-config –set /etc/nova/nova.conf keystone_authtoken project_domain_name default
openstack-config –set /etc/nova/nova.conf keystone_authtoken user_domain_name default
openstack-config –set /etc/nova/nova.conf keystone_authtoken project_name service
openstack-config –set /etc/nova/nova.conf keystone_authtoken username nova
openstack-config –set /etc/nova/nova.conf keystone_authtoken password 123456
openstack-config –set /etc/nova/nova.conf keystone_authtoken service_token_roles_required True
openstack-config –set /etc/nova/nova.conf placement auth_url http://controller:35357
openstack-config –set /etc/nova/nova.conf placement memcached_servers middleware:11211
openstack-config –set /etc/nova/nova.conf placement auth_type password
openstack-config –set /etc/nova/nova.conf placement project_domain_name default
openstack-config –set /etc/nova/nova.conf placement user_domain_name default
openstack-config –set /etc/nova/nova.conf placement project_name service
openstack-config –set /etc/nova/nova.conf placement username placement
openstack-config –set /etc/nova/nova.conf placement password 123456
openstack-config –set /etc/nova/nova.conf placement os_region_name RegionOne
openstack-config –set /etc/nova/nova.conf vnc vncserver_listen 192.168.100.111
openstack-config –set /etc/nova/nova.conf vnc vncserver_proxyclient_address 192.168.100.111
openstack-config –set /etc/nova/nova.conf glance api_servers http://controller:9292
openstack-config –set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
配置/etc/httpd/conf.d/00-nova-placement-api.conf
添加:
= 2.4>
Require all granted
<ifversion
Order allow,deny
Allow from all
像下面这样
WSGIProcessGroup nova-placement-api
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
WSGIDaemonProcess nova-placement-api processes=3 threads=1 user=nova group=nova
WSGIScriptAlias / /usr/bin/nova-placement-api
= 2.4>
ErrorLogFormat "%M"
ErrorLog /var/log/nova/nova-placement-api.log
= 2.4>
Require all granted
<ifversion
Order allow,deny
Allow from all
SSLEngine On
SSLCertificateFile …
SSLCertificateKeyFile …
重启httpd 服务:
systemctl restart httpd.service
同步nova_api数据库
su -s /bin/sh -c "nova-manage api_db sync" nova
同步nova_cell0数据库
su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
创建cell1
su -s /bin/sh -c "nova-manage cell_v2 create_cell –name=cell1 –verbose" nova
nova数据库
su -s /bin/sh -c "nova-manage db sync" nova
确认ova cell0 和 cell1注册和创建成功
nova-manage cell_v2 list_cells
检查部署是否正常
nova-status upgrade check
nova-manage cell_v2 discover_hosts
设置开机启动
systemctl enable openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
重启服务
systemctl restart openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
安装Dashboard
安装dashboard相关软件包
yum install -y openstack-dashboard
修改配置文件/etc/openstack-dashboard/local_settings
vim /etc/openstack-dashboard/local_settings
需要该的部分
ALLOWED_HOSTS = ['*',]
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.locmem.LocMemCache',
'LOCATION': 'middleware:11211',
},
}
OPENSTACK_HOST = "controller"
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"
启动dashboard服务并设置开机启动
systemctl restart httpd.service memcached.service
systemctl status httpd.service memcached.service
Network节点
创建neutron数据库
create database neutron;
数据库授权
grant all privileges on neutron.* to neutron@'localhost' identified by '123456';
grant all privileges on neutron.* to neutron@'%' identified by '123456';
创建用户
openstack user create –domain default neutron –password 123456
给用户分配角色
openstack role add –project service –user neutron admin
创建服务
openstack service create –name neutron –description "OpenStack Networking" network
创建端点
openstack endpoint create –region RegionOne network public http://controller:9696
openstack endpoint create –region RegionOne network internal http://controller:9696
openstack endpoint create –region RegionOne network admin http://controller:9696
安装相关软件
yum install -y openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables
配置neutron.conf
cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
>/etc/neutron/neutron.conf
openstack-config –set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
openstack-config –set /etc/neutron/neutron.conf DEFAULT service_plugins router
openstack-config –set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips True
openstack-config –set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
openstack-config –set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:123456@middleware
openstack-config –set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes True
openstack-config –set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes True
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://controller:5000
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken auth_url http://controller:35357
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken memcached_servers middleware:11211
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken auth_type password
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken project_name service
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken username neutron
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken password 123456
openstack-config –set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:123456@middleware/neutron
openstack-config –set /etc/neutron/neutron.conf nova auth_url http://controller:35357
openstack-config –set /etc/neutron/neutron.conf nova auth_type password
openstack-config –set /etc/neutron/neutron.conf nova project_domain_name default
openstack-config –set /etc/neutron/neutron.conf nova user_domain_name default
openstack-config –set /etc/neutron/neutron.conf nova region_name RegionOne
openstack-config –set /etc/neutron/neutron.conf nova project_name service
openstack-config –set /etc/neutron/neutron.conf nova username nova
openstack-config –set /etc/neutron/neutron.conf nova password 123456
openstack-config –set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
“`
配置ml2_config.ini
cp /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.bak
>/etc/neutron/plugins/ml2/ml2_conf.ini
openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan,vxlan
openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers linuxbridge,l2population
openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security
openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types vxlan
openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 path_mtu 1500
openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks provider
openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan vni_ranges 1:1000
openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset True
cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak
>/etc/neutron/plugins/ml2/linuxbridge_agent.ini
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini DEFAULT debug false
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:eth0
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan True
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip 10.2.2.4
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population True
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini agent prevent_arp_spoofing True
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group True
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
注意provider:eth0,中eth0是外网网卡,一般这里写的网卡名都是能访问外网的,如果不是外网网卡,那么VM就会与外界网络隔离。
local_ip 定义的是隧道网络
配置 /etc/neutron/l3_agent.ini
cp /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini.bak
>/etc/neutron/l3_agent.ini
openstack-config –set /etc/neutron/l3_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver
openstack-config –set /etc/neutron/l3_agent.ini DEFAULT external_network_bridge
openstack-config –set /etc/neutron/l3_agent.ini DEFAULT debug false
配置/etc/neutron/dhcp_agent.ini
cp /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.bak
>/etc/neutron/dhcp_agent.ini
openstack-config –set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver
openstack-config –set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
openstack-config –set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata True
openstack-config –set /etc/neutron/dhcp_agent.ini DEFAULT verbose True
openstack-config –set /etc/neutron/dhcp_agent.ini DEFAULT debug false
配置controller节点的/etc/nova/nova.conf,让compute节点能使用上neutron网络
openstack-config –set /etc/nova/nova.conf neutron url http://network:9696
openstack-config –set /etc/nova/nova.conf neutron auth_url http://controller:35357
openstack-config –set /etc/nova/nova.conf neutron auth_type password
openstack-config –set /etc/nova/nova.conf neutron project_domain_name default
openstack-config –set /etc/nova/nova.conf neutron user_domain_name default
openstack-config –set /etc/nova/nova.conf neutron region_name RegionOne
openstack-config –set /etc/nova/nova.conf neutron project_name service
openstack-config –set /etc/nova/nova.conf neutron username neutron
openstack-config –set /etc/nova/nova.conf neutron password 123456
openstack-config –set /etc/nova/nova.conf neutron service_metadata_proxy True
openstack-config –set /etc/nova/nova.conf neutron metadata_proxy_shared_secret 123456
将dhcp-option-force=26,1450写入/etc/neutron/dnsmasq-neutron.conf
echo "dhcp-option-force=26,1450" >/etc/neutron/dnsmasq-neutron.conf
配置/etc/neutron/metadata_agent.ini
cp /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini.bak
>/etc/neutron/metadata_agent.ini
openstack-config –set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_ip controller
openstack-config –set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret 123456
openstack-config –set /etc/neutron/metadata_agent.ini DEFAULT metadata_workers 4
openstack-config –set /etc/neutron/metadata_agent.ini DEFAULT verbose True
openstack-config –set /etc/neutron/metadata_agent.ini DEFAULT debug false
openstack-config –set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_protocol http
创建硬链接
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
同步数据库,初始化neutron表结构
su -s /bin/sh -c "neutron-db-manage –config-file /etc/neutron/neutron.conf –config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
在controller上重启nova服务
systemctl restart openstack-nova-api.service
systemctl status openstack-nova-api.service
重启neutron服务并设置开机启动
systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
systemctl restart neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
systemctl status neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
openstack network agent list
创建网络
执行环境变量
source /root/admin-openrc
创建flat模式的public网络,public是外出网络,必须是flat模式的
neutron net-create –shared provider –router:external True –provider:network_type flat –provider:physical_network provider
本实验环境192.168.100.0/24网段可以出外网,就以该网段作为public网段
创建子网
neutron subnet-create provider 192.168.100.0/24 –name provider-sub –allocation-pool start=192.168.100.180,end=192.168.100.190 –dns-nameserver 8.8.8.8 –gateway 192.168.100.180
创建名为private的私有网络, 网络模式为vxlan
neutron net-create private –provider:network_type vxlan –router:external False –shared
创建名为private-subnet的私有网络子网,网段为172.17.1.0, 这个网段就是虚拟机获取的私有的IP地址
neutron subnet-create private –name private-subnet –gateway 172.17.1.1 172.17.1.0/24
也可以创建多个不同的私有子网络
如果虚机要能够访问外部网络还需要添加路由
添加路由
neutron router-create router01
将私有网络的子网加入路由
neutron router-interface-add router01 private-sub
设置public网络为路由的网关
neutron router-gateway-set router01 provider
#Compute节点
安装相关依赖包
yum install -y openstack-selinux python-openstackclient yum-plugin-priorities openstack-nova-compute openstack-utils
配置nova.conf
cp /etc/nova/nova.conf /etc/nova/nova.conf.bak
>/etc/nova/nova.conf
openstack-config –set /etc/nova/nova.conf DEFAULT auth_strategy keystone
openstack-config –set /etc/nova/nova.conf DEFAULT my_ip 10.1.1.2
openstack-config –set /etc/nova/nova.conf DEFAULT use_neutron True
openstack-config –set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
openstack-config –set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:123456@middleware
openstack-config –set /etc/nova/nova.conf keystone_authtoken auth_uri http://controller:5000
openstack-config –set /etc/nova/nova.conf keystone_authtoken auth_url http://controller:35357
openstack-config –set /etc/nova/nova.conf keystone_authtoken memcached_servers middleware:11211
openstack-config –set /etc/nova/nova.conf keystone_authtoken auth_type password
openstack-config –set /etc/nova/nova.conf keystone_authtoken project_domain_name default
openstack-config –set /etc/nova/nova.conf keystone_authtoken user_domain_name default
openstack-config –set /etc/nova/nova.conf keystone_authtoken project_name service
openstack-config –set /etc/nova/nova.conf keystone_authtoken username nova
openstack-config –set /etc/nova/nova.conf keystone_authtoken password 123456
openstack-config –set /etc/nova/nova.conf placement auth_uri http://controller:5000
openstack-config –set /etc/nova/nova.conf placement auth_url http://controller:35357
openstack-config –set /etc/nova/nova.conf placement memcached_servers middleware:11211
openstack-config –set /etc/nova/nova.conf placement auth_type password
openstack-config –set /etc/nova/nova.conf placement project_domain_name default
openstack-config –set /etc/nova/nova.conf placement user_domain_name default
openstack-config –set /etc/nova/nova.conf placement project_name service
openstack-config –set /etc/nova/nova.conf placement username placement
openstack-config –set /etc/nova/nova.conf placement password 123456
openstack-config –set /etc/nova/nova.conf placement os_region_name RegionOne
openstack-config –set /etc/nova/nova.conf vnc enabled True
openstack-config –set /etc/nova/nova.conf vnc keymap en-us
openstack-config –set /etc/nova/nova.conf vnc vncserver_listen 0.0.0.0
openstack-config –set /etc/nova/nova.conf vnc vncserver_proxyclient_address 10.1.1.2
openstack-config –set /etc/nova/nova.conf vnc novncproxy_base_url http://192.168.100.112:6080/vnc_auto.html
openstack-config –set /etc/nova/nova.conf glance api_servers http://controller:9292
openstack-config –set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
openstack-config –set /etc/nova/nova.conf libvirt virt_type qemu
openstack-config –set /etc/nova/nova.conf libvirt cpu_mode none
设置libvirtd.service 和openstack-nova-compute.service开机启动
systemctl enable libvirtd.service openstack-nova-compute.service
systemctl restart libvirtd.service openstack-nova-compute.service
systemctl status libvirtd.service openstack-nova-compute.service
到controller上执行验证
source /root/admin-openrc
openstack compute service list
安装Neutron
安装相关软件包
yum install -y openstack-neutron-linuxbridge ebtables ipset
配置neutron.conf
cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
>/etc/neutron/neutron.conf
openstack-config –set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
openstack-config –set /etc/neutron/neutron.conf DEFAULT advertise_mtu True
openstack-config –set /etc/neutron/neutron.conf DEFAULT dhcp_agents_per_network 2
openstack-config –set /etc/neutron/neutron.conf DEFAULT control_exchange neutron
openstack-config –set /etc/neutron/neutron.conf DEFAULT nova_url http://controller:8774/v2
openstack-config –set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:123456@middleware
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://controller:5000
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken auth_url http://controller:35357
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken memcached_servers middleware:11211
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken auth_type password
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken project_name service
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken username neutron
openstack-config –set /etc/neutron/neutron.conf keystone_authtoken password 123456
openstack-config –set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
配置/etc/neutron/plugins/ml2/linuxbridge_agent.ini
cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak
>/etc/neutron/plugins/ml2/linuxbridge_agent.ini
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini DEFAULT debug false
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini DEFAULT verbose true
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan True
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip 10.2.2.2
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population True
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group True
openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
配置nova.conf
openstack-config –set /etc/nova/nova.conf neutron url http://network:9696
openstack-config –set /etc/nova/nova.conf neutron auth_url http://controller:35357
openstack-config –set /etc/nova/nova.conf neutron auth_type password
openstack-config –set /etc/nova/nova.conf neutron project_domain_name default
openstack-config –set /etc/nova/nova.conf neutron user_domain_name default
openstack-config –set /etc/nova/nova.conf neutron region_name RegionOne
openstack-config –set /etc/nova/nova.conf neutron project_name service
openstack-config –set /etc/nova/nova.conf neutron username neutron
openstack-config –set /etc/nova/nova.conf neutron password 123456
重启和相关服务
systemctl restart openstack-nova-compute.service neutron-linuxbridge-agent.service
systemctl enable neutron-linuxbridge-agent.service neutron-linuxbridge-agent.service
Compute节点搭建完毕,运行nova host-list可以查看新加入的compute节点
如果需要再添加另外一个compute节点,只要重复下Compute节点部部分即可,计算机名和IP地址改下
创建配额命令controller上执行
openstack flavor create m1.tiny –id 1 –ram 1024 –disk 10 –vcpus 1
openstack flavor create m1.small –id 2 –ram 2048 –disk 20 –vcpus 1
openstack flavor create m1.medium –id 3 –ram 4096 –disk 40 –vcpus 2
openstack flavor create m1.large –id 4 –ram 8192 –disk 80 –vcpus 4
openstack flavor create m1.xlarge –id 5 –ram 16384 –disk 160 –vcpus 8
openstack flavor list
登录dashboard
http://192.168.100.111/dashboard
创建实例
一次选择“源”->"实例类型"->"网络" 点击创建实例
创建一个名为test的实例,上图中的test1是为了验证创建过程新建的实例,test是已经创建的实例
实例有了,也分配了IP,此时的实例就可以出外网了,因为前面已经创建了provider网络,但外网还是不能进来,因为没有绑定浮动IP。
分配floatingip
浮动IP关联
创建安全组
验证
以上是“openstack pike如何安装”这篇文章的所有内容,感谢各位的阅读!相信大家都有了一定的了解,希望分享的内容对大家有所帮助,如果还想学习更多知识,欢迎关注云行业资讯频道!
