OpenStack-Q版實戰部署技術指導手冊-黑夜青兒

阿新 • • 發佈：2018-12-21

OPENSTACK指導手冊公開

openstack指導手冊檔案狀態

【】草稿【*】正式釋出【】正在修改檔案標識當前版本 1.0 作者何青完成日期

編號版本編寫/修訂說明修訂人修訂日期備註 1 V1.0 建立文件何青 2018-08-28 2

配置主機網路和主機名 5 1.1 控制節點 5 1.2計算節點 5 1.3 計算節點 6 1.4 塊儲存節點 6 1.5 驗證 6
認證服務 8 2.1 建立資料庫： 8 2.2 安全並配置元件 8 2.3 配置 Apache HTTP 伺服器 9 2.4 完成安裝，啟動httpd 11 2.5 建立服務實體和API端點 11 2.5.1 配置認證令牌 11 2.5.2 建立服務實體和API端點 11 2.5.3 服務驗證操作 13
映象服務 15 3.1 安裝和配置 15 3.2 安全並配置元件 18 3.3 完成安裝 19 3.4 驗證操作 19
計算服務安裝 20 4.1 安裝並配置控制節點 20 4.2 安全並配置元件 26 4.3 完成安裝 28 4.4 安裝和配置計算節點 28 4.5 完成安裝 30 4.6 驗證操作 30
安裝網路（控制節點） 32 5.1 安裝並配置控制節點 32 5.2 安裝網路選項1：公共網路 34 5.3 完成安裝 38 5.4 安裝計算節點網路 44 5.5 配置網路選項 47 5.6 為計算節點配置網路服務 47 5.7 完成安裝 48 5.8 在控制節點驗證網路 48
Dashboard 50 6.1 安裝和配置 50 6.2 驗證操作 51
安裝塊儲存 52 7.1 安裝並配置控制節點 52 7.2 安全並配置元件 56 7.3 配置計算節點使用塊儲存 57 7.4 完成安裝 57 7.5 安裝並配置一個儲存節點 57 7.6 安裝並配置元件 58 7.7 完成安裝 59 7.8 驗證操作 59
Dashboard頁面操作 59
環境規劃 1.1. 硬體規劃 IP 主機名配置備註 172.26.128.126 controller 雙網絡卡：ens160,ens192 172.26.128.166 compute-04 雙網絡卡：enp3s0f0, enp3s0f1 172.26.128.167 compute-05 雙網絡卡：enp3s0f0, enp3s0f1 172.26.128.168 compute-06

1.2. 軟體規劃名稱型別版本備註 CentOS 系統軟體 7.5 126為：7.4 Mysql 資料庫 15.1 Distrib 10.1.20-MariaDB Etcd 3.2 Memcached 1.5.6 Rabbitmq 3.6.5 Apache 2.4 OpenStack Queens

1.3. 元件規劃角色元件 Ip 使用者備註 controller Mysql：單節點 rabbitmq-server：單節點 Memcached：單節點 etcd：單節點 apache(keystone,Horizon)：單節點 nova-api nova-consoleauth nova-conductor nova-scheduler nova-novncproxy glance-api glance-registry cinder-api cinder-scheduler neutron-server neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent 172.26.128.126 root 控制節點

compute04 libvirtd openstack-nova-compute neutron-linuxbridge-agent 172.26.128.166 compute05 nova-compute neutron-linuxbridge-agent cinder-volume 172.26.128.167 compute06 libvirtd openstack-nova-compute neutron-linuxbridge-agent 172.26.128.168

1.4. 部署拓撲圖

配置主機網路和主機名 2.1. 172.26.128.126 2.1.1. 主機網路配置 /etc/sysconfig/network-scripts/ifcfg-ens160更改配置 HWADDR=00:50:56:9a:74:f7 NAME=ens160 GATEWAY=172.26.128.1 DNS1=172.20.3.44 DNS2=172.20.3.45 DEVICE=ens160 TYPE=Ethernet ONBOOT=yes USERCTL=no BOOTPROTO=none NETMASK=255.255.255.0 IPADDR=172.26.128.126 PEERDNS=no IPV6INIT=yes IPV6_AUTOCONF=yes

2.1.2. 主機名配置配置檔案：/etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 controller 172.26.128.126 controller 172.26.128.166 compute04 172.26.128.167 compute05s 172.26.128.168 compute06

2.2. 172.26.128.166 2.2.1. 主機網路配置配置檔案：/etc/sysconfig/network-scripts/ ifcfg-enp3s0f0 TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=enp3s0f0 UUID=13e08b29-dd4d-4286-a4e8-4700cdb9ed11 DEVICE=enp3s0f0 ONBOOT=yes IPADDR=172.26.128.166 GATEWAY=172.26.128.1 NETMASK=255.255.255.0 DNS1=172.20.3.44

2.2.2. 主機名配置配置檔案：/etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 172.26.128.126 controller 172.26.128.166 compute04 172.26.128.167 compute05 172.26.128.168 compute06

2.3. 172.26.128.167 2.3.1. 主機網路配置配置檔案：/etc/sysconfig/network-scripts/ ifcfg-enp3s0f0更改配置 BOOTPROTO=static IPADDR=172.26.128.167 PREFIX=24 GATEWAY=172.26.128.1 DNS1=172.20.3.44 NAME=enp3s0f0 DEVICE=enp3s0f0 ONBOOT=yes DEFROUTE=yes TYPE=Ethernet

2.3.2. 主機名配置編輯主機名/etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 172.26.128.126 controller 172.26.128.160 compute03 172.26.128.166 compute04 172.26.128.167 compute05 172.26.128.168 compute06

2.4. 172.26.128.168 2.4.1. 主機網路配置配置檔案：/etc/sysconfig/network-scripts/ifcfg-ens126 TYPE=Ethernet BOOTPROTO=none IPADDR=172.26.128.168 PREFIX=24 GATEWAY=172.26.128.1 DNS1=172.20.3.44 DEFROUTE=yes NAME=eno1 ONBOOT=yes DEVICE=eno1 IPV4_FAILURE_FATAL=no IPV6INIT=no

2.4.2. 主機名配置編輯主機名/etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 172.26.128.126 controller 172.26.128.166 compute04 172.26.128.167 compute05 172.26.128.168 compute06

 IP地址：172.26.128.167

2.5. 驗證在控制節點上ping計算節點主機是否通 [[email protected] ~]# ping -c 4 compute04 PING compute01 (172.26.128.166) 56(84) bytes of data. 64 bytes from compute04 (172.26.128.166): icmp_seq=1 ttl=64 time=0.779 ms 64 bytes from compute04 (172.26.128.166): icmp_seq=2 ttl=64 time=0.450 ms 64 bytes from compute04 (172.26.128.166): icmp_seq=3 ttl=64 time=0.391 ms 64 bytes from compute04 (172.26.128.166): icmp_seq=4 ttl=64 time=0.381 ms

— compute01 ping statistics — 4 packets transmitted, 4 received, 0% packet loss, time 3000ms rtt min/avg/max/mdev = 0.381/0.500/0.779/0.163 ms [[email protected] ~]# ping -c 4 compute06 PING compute02 (172.26.128.168) 56(84) bytes of data. 64 bytes from compute06 (172.26.128.168): icmp_seq=1 ttl=64 time=1.60 ms 64 bytes from compute06 (172.26.128.168): icmp_seq=2 ttl=64 time=1.57 ms 64 bytes from compute06 (172.26.128.168): icmp_seq=3 ttl=64 time=1.47 ms 64 bytes from compute06 (172.26.128.168): icmp_seq=4 ttl=64 time=0.641 ms

— compute02 ping statistics — 4 packets transmitted, 4 received, 0% packet loss, time 3005ms rtt min/avg/max/mdev = 0.641/1.324/1.608/0.398 ms

在計算節點上ping控制節點

[[email protected] ~]# ping -c 4 controller PING controller (172.26.128.126) 56(84) bytes of data. 64 bytes from controller (172.26.128.126): icmp_seq=1 ttl=64 time=0.508 ms 64 bytes from controller (172.26.128.126): icmp_seq=2 ttl=64 time=1.70 ms 64 bytes from controller (172.26.128.126): icmp_seq=3 ttl=64 time=0.483 ms 64 bytes from controller (172.26.128.126): icmp_seq=4 ttl=64 time=1.36 ms

— controller ping statistics — 4 packets transmitted, 4 received, 0% packet loss, time 3004ms rtt min/avg/max/mdev = 0.483/1.015/1.708/0.535 ms

2.6. Openstack Q版環境配置 https://www.cnblogs.com/xiongyoutom/p/9663607.html 3. 認證服務 3.1. 建立資料庫：安裝軟體包： yum install mariadb mariadb-server python2-PyMySQL mongodb-server mongodb rabbitmq-server memcached python-memcached

用資料庫連線客戶端以 root 使用者連線到資料庫伺服器：

mysql -u root –p1qaz2wsx 建立 keystone 資料庫 CREATE DATABASE keystone;

對``keystone``資料庫授權

GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@‘localhost’ \ IDENTIFIED BY ‘1qaz2wsx ‘; GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@’%’ IDENTIFIED BY ‘1qaz2wsx’;

 生成管理員令牌。 openssl rand -hex 10 7e5805560f848c2fcbd6 3.2. 安全並配置元件 yum install openstack-keystone httpd mod_wsgi

修改配置檔案

[[email protected] ]# vi /etc/keystone/keystone.conf [DEFAULT] admin_token = 7e5805560f848c2fcbd6 [database] connection = mysql+pymysql://keystone:[email protected]/keystone [token] provider = fernet

初始化身份認證服務的資料庫

[[email protected]]# su -s /bin/sh -c “keystone-manage db_sync” keystone

初始化身份認證服務的資料庫

[[email protected]]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone [[email protected]]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

[[email protected]]# keystone-manage bootstrap --bootstrap-password 1qaz2wsx \

3.3. 配置 Apache HTTP 伺服器 [[email protected]]# vi /etc/httpd/conf/httpd.conf 修改ServerName 172.26.128.126

[[email protected]]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/ [[email protected] ~]# cat /etc/httpd/conf.d/wsgi-keystone.conf Listen 5000 Listen 35357 <VirtualHost *:5000> WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP} WSGIProcessGroup keystone-public WSGIScriptAlias / /usr/bin/keystone-wsgi-public WSGIApplicationGroup %{GLOBAL} WSGIPassAuthorization On LimitRequestBody 114688 = 2.4> ErrorLogFormat “%{cu}t %M” ErrorLog /var/log/httpd/keystone.log CustomLog /var/log/httpd/keystone_access.log combined

<Directory /usr/bin>
    <IfVersion >= 2.4>
        Require all granted
    </IfVersion>
    <IfVersion < 2.4>
        Order allow,deny
        Allow from all
    </IfVersion>
</Directory>

<VirtualHost *:35357> WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP} WSGIProcessGroup keystone-admin WSGIScriptAlias / /usr/bin/keystone-wsgi-admin WSGIApplicationGroup %{GLOBAL} WSGIPassAuthorization On LimitRequestBody 114688 = 2.4> ErrorLogFormat “%{cu}t %M” ErrorLog /var/log/httpd/keystone.log CustomLog /var/log/httpd/keystone_access.log combined

<Directory /usr/bin>
    <IfVersion >= 2.4>
        Require all granted
    </IfVersion>
    <IfVersion < 2.4>
        Order allow,deny
        Allow from all
    </IfVersion>
</Directory>

Alias /identity /usr/bin/keystone-wsgi-public <Location /identity> SetHandler wsgi-script Options +ExecCGI

WSGIProcessGroup keystone-public
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On

Alias /identity_admin /usr/bin/keystone-wsgi-admin <Location /identity_admin> SetHandler wsgi-script Options +ExecCGI

WSGIProcessGroup keystone-admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On

3.4. 完成安裝，啟動httpd

[[email protected] ]# systemctl enable httpd.service Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.  啟動httpd [[email protected] ]# systemctl start httpd.service 3.5. 建立服務實體和API端點 3.5.1. 配置認證令牌 [[email protected] ]# export OS_USERNAME=admin [[email protected] ]# export OS_PASSWORD=1qaz2wsx [[email protected] ]# export OS_PROJECT_NAME=admin [[email protected] ]# export OS_USER_DOMAIN_NAME=Default [[email protected] ]# export OS_PROJECT_DOMAIN_NAME=Default [[email protected] ]# export OS_AUTH_URL=http://172.26.128.126:35357/v3 [[email protected] ]# export OS_IDENTITY_API_VERSION=3 建立認證令牌指令碼：http://www.cnblogs.com/xiongyoutom/p/9668603.html 3.5.2. 建立服務實體和API端點 [[email protected] ]# openstack domain create --description “An Example Domain” example ±------------±---------------------------------+| Field | Value |±------------±---------------------------------+| description | An Example Domain || enabled | True || id | 2f4f80574fd84fe6ba9067228ae0a50c || name | example |±------------±---------------------------------+

[[email protected] ]# openstack project create --domain default \

–description “Service Project” service ±------------±---------------------------------+ | Field | Value | ±------------±---------------------------------+ | description | Service Project | | domain_id | default | | enabled | True | | id | 37debf5709704578a2f8e7994602a11a | | is_domain | False | | name | service | | parent_id | default | | tags | [] | ±------------±---------------------------------+

[[email protected] ]# openstack project create --domain default \

–description “Demo Project” demo

[[email protected] ]# openstack user create --domain default \

–password-prompt demo User Password:1qaz2wsx Repeat User Password:1qaz2wsx ±--------------------±---------------------------------+ | Field | Value | ±--------------------±---------------------------------+ | domain_id | default | | enabled | True | | id | 8d986172b093472db4c15af54df09ff1 | | name | demo | | options | {} | | password_expires_at | None | ±--------------------±---------------------------------+

[[email protected] ]# openstack role add --project demo --user demo user 3.5.3. 服務驗證操作

[[email protected] ]# unset OS_AUTH_URL OS_PASSWORD [[email protected] ]# openstack --os-auth-url http://172.26.128.126:35357/v3 --os-project-domain-name default --os-user-domain-name default --os-project-name admin --os-username admin token issue Password: 1qaz2wsx ±-----------±----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Field | Value | ±-----------±----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | expires | 2018-07-10T08:25:29+0000 | | id | gAAAAABbRF9pvkU6NSpvzpxYFgFerrVm9u_N3B2GZzXec69TI9nJLEm6BiA3VPvAPLb2SJLeXSraGjGa613dq-YTNqnZmlQk4M6wdn3HcfHFQnEBTPtXpQNMBebfPiGtzE7VHWTKys0Dj2AOjIjqq3usYWHrys2XzgdXIIV1s2fey7WwNgMk3c0 | | project_id | e72e49df612d4923a7d348c0b8c92bb3 | | user_id | da4ea040435446d8b05287015215e688 | ±-----------±----------------------------------------------------------------------------------------------------------------

[[email protected] ]# openstack --os-auth-url http://controller:5000/v3 \

–os-project-domain-name default --os-user-domain-name default –os-project-name demo --os-username demo token issue Password: 1qaz2wsx ±-----------±----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Field | Value | ±-----------±----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | expires | 2018-07-10T08:26:31+0000 | | id | gAAAAABbRF-nTTr8TgeDb7980JKNvB1RxPzLVFHo7q41sbKJVkw6tmqh-ji-OfAE5kF9te7OzSRrIOZi7AFvk4aNsscFmio4JOORWyABxdEgFESd42rl2TAezLTuo0uzZ_xaGmSDaRvxcrSgisxxJ8CmN-P_6o_6F0Zu2qnFjN3lgOc-tr0gzyQ | | project_id | 0ad117fbe42a411aa59bb940e48cd1d9 | | user_id | 8d986172b093472db4c15af54df09ff1 | ±-----------±-------------------------------------------------------------------------------------------------------------

[[email protected] opt]# [[email protected] opt]# cat admin-openrc export OS_PROJECT_DOMAIN_NAME=default export OS_USER_DOMAIN_NAME=default export OS_PROJECT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD=1qaz2wsx export OS_AUTH_URL=http://172.26.128.126:35357/v3 export OS_IDENTITY_API_VERSION=3 export OS_IMAGE_API_VERSION=2

[[email protected] opt]# . admin-openrc [[email protected] opt]# openstack token issue ±-----------±----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Field | Value | ±-----------±----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | expires | 2018-07-10T08:28:24+0000 | | id | gAAAAABbRGAYGi-vM-vOnDZdfox0eYqeHz9dlozHoeB3_4RyshXcsxbiU4Gvz5Au-kdESjb5u3jgPntffifrew3LnM9xZfacGTkzRqSJa4zSmSgIOR7DREc26h04uo8FgZhvwk4OtXf3XE9jH4wtPkN-wE1t8HV_IAEcSqzwoceAG_nO4Nb_b_4 | | project_id | e72e49df612d4923a7d348c0b8c92bb3 | | user_id | da4ea040435446d8b05287015215e688 | ±-----------±----------------------------------------------------------------------------------------------------------------

映象服務 4.1. 安裝和配置  用資料庫連線客戶端以 root 使用者連線到資料庫伺服器： [[email protected] opt]# mysql -u root -p1qaz2wsx Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 19 Server version: 10.1.20-MariaDB MariaDB Server

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.

MariaDB [(none)]> CREATE DATABASE glance; Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO ‘glance’@‘localhost’ -> IDENTIFIED BY ‘1qaz2wsx’; Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO ‘glance’@’%’ -> IDENTIFIED BY ‘1qaz2wsx’; Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> quit Bye

 建立 glance 使用者： [[email protected] opt]# openstack user create --domain default --password-prompt glance User Password: Repeat User Password: ±--------------------±---------------------------------+ | Field | Value | ±--------------------±---------------------------------+ | domain_id | default | | enabled | True | | id | d7caa3d513934c88a683cba4acf56fd7 | | name | glance | | options | {} | | password_expires_at | None | ±--------------------±---------------------------------+

 新增 admin 角色到 glance 使用者和 service 專案上。 [[email protected] opt]# openstack role add --project service --user glance admin  建立glance服務實體： [[email protected] opt]# openstack service create --name glance \

–description “OpenStack Image” image ±------------±---------------------------------+ | Field | Value | ±------------±---------------------------------+ | description | OpenStack Image | | enabled | True | | id | f89982ad38ec4f948f5ce5f5b2d8d174 | | name | glance | | type | image | ±------------±---------------------------------+

 建立映象服務的 API 端點： [[email protected] opt]# openstack endpoint create --region RegionOne \

image public http://172.26.128.126:9292 ±-------------±---------------------------------+ | Field | Value | ±-------------±---------------------------------+ | enabled | True | | id | ab859f7396d64d70bd623200d22e0315 | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | f89982ad38ec4f948f5ce5f5b2d8d174 | | service_name | glance | | service_type | image | | url | http://172.26.128.126:9292 | ±-------------±---------------------------------+ 您在 /var/spool/mail/root 中有新郵件

[[email protected] opt]# openstack endpoint create --region RegionOne \

image internal http://172.26.128.126:9292 ±-------------±---------------------------------+ | Field | Value | ±-------------±---------------------------------+ | enabled | True | | id | affade8a24e54dada0e8272fa73585f7 | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | f89982ad38ec4f948f5ce5f5b2d8d174 | | service_name | glance | | service_type | image | | url | http://172.26.128.126:9292 | ±-------------±---------------------------------+

[[email protected] opt]# openstack endpoint create --region RegionOne \

image admin http://172.26.128.126:9292 ±-------------±---------------------------------+ | Field | Value | ±-------------±---------------------------------+ | enabled | True | | id | 6804ae24b5de496ab6ae735742a3edd2 | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | f89982ad38ec4f948f5ce5f5b2d8d174 | | service_name | glance | | service_type | image | | url | http://172.26.128.126:9292 |

4.2. 安全並配置元件  安裝軟體包：

yum install openstack-glance

 在 [glance_store] 部分，配置本地檔案系統儲存和映象檔案位置： [[email protected] opt]# vi /etc/glance/glance-api.conf  在 [database] 部分，配置資料庫訪問： [[email protected] opt]# vi /etc/glance/glance-registry.conf  寫入映象服務資料庫： [[email protected] opt]# su -s /bin/sh -c “glance-manage db_sync” glance /usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:1336: OsloDBDeprecationWarning: EngineFacade is deprecated; please use oslo_db.sqlalchemy.enginefacade expire_on_commit=expire_on_commit, _conf=conf) INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. INFO [alembic.runtime.migration] Running upgrade -> liberty, liberty initial INFO [alembic.runtime.migration] Running upgrade liberty -> mitaka01, add index on created_at and updated_at columns of ‘images’ table INFO [alembic.runtime.migration] Running upgrade mitaka01 -> mitaka02, update metadef os_nova_server INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_expand01, add visibility to images INFO [alembic.runtime.migration] Running upgrade ocata_expand01 -> pike_expand01, empty expand for symmetry with pike_contract01 INFO [alembic.runtime.migration] Running upgrade pike_expand01 -> queens_expand01 INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. Upgraded database to: queens_expand01, current revision(s): queens_expand01 INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. Database migration is up to date. No migration needed. INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_contract01, remove is_public from images INFO [alembic.runtime.migration] Running upgrade ocata_contract01 -> pike_contract01, drop glare artifacts tables INFO [alembic.runtime.migration] Running upgrade pike_contract01 -> queens_contract01 INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. Upgraded database to: queens_contract01, current revision(s): queens_contract01 INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. Database is synced successfully.

4.3. 完成安裝  啟動映象服務、配置他們隨機啟動： [[email protected] opt]# systemctl enable openstack-glance-api.service \

openstack-glance-registry.service Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-api.service to /usr/lib/systemd/system/openstack-glance-api.service. Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-registry.service to /usr/lib/systemd/system/openstack-glance-registry.service.

[[email protected] opt]# systemctl start openstack-glance-api.service \

計算服務安裝 5.1. 安裝並配置控制節點  用資料庫連線客戶端以 root 使用者連線到資料庫伺服器 MariaDB [glance]> CREATE DATABASE nova_api; Query OK, 1 row affected (0.00 sec)

MariaDB [glance]> CREATE DATABASE nova; Query OK, 1 row affected (0.00 sec)

MariaDB [glance]> CREATE DATABASE nova_cell0; Query OK, 1 row affected (0.01 sec)

 對資料庫進行正確的授權：

MariaDB [glance]> GRANT ALL PRIVILEGES ON nova_api.* TO ‘nova’@‘localhost’ -> IDENTIFIED BY ‘1qaz2wsx’; Query OK, 0 rows affected (0.00 sec)

MariaDB [glance]> GRANT ALL PRIVILEGES ON nova_api.* TO ‘nova’@’%’ -> IDENTIFIED BY ‘1qaz2wsx’; Query OK, 0 rows affected (0.00 sec)

MariaDB [glance]> MariaDB [glance]> GRANT ALL PRIVILEGES ON nova.* TO ‘nova’@‘localhost’ -> IDENTIFIED BY ‘1qaz2wsx’; Query OK, 0 rows affected (0.00 sec)

MariaDB [glance]> GRANT ALL PRIVILEGES ON nova.* TO ‘nova’@’%’ -> IDENTIFIED BY ‘1qaz2wsx’; Query OK, 0 rows affected (0.00 sec)

MariaDB [glance]> MariaDB [glance]> GRANT ALL PRIVILEGES ON nova_cell0.* TO ‘nova’@‘localhost’ -> IDENTIFIED BY ‘1qaz2wsx’; Query OK, 0 rows affected (0.00 sec)

MariaDB [glance]> GRANT ALL PRIVILEGES ON nova_cell0.* TO ‘nova’@’%’ -> IDENTIFIED BY ‘1qaz2wsx’; Query OK, 0 rows affected (0.00 sec)

 建立 nova 使用者： [[email protected] opt]# openstack user create --domain default --password-prompt nova User Password: Repeat User Password: ±--------------------±---------------------------------+ | Field | Value | ±--------------------±---------------------------------+ | domain_id | default | | enabled | True | | id | d24815b487164615935dd423246fa6ca | | name | nova | | options | {} | | password_expires_at | None | ±--------------------±---------------------------------+

 給 nova 使用者新增 admin 角色: [[email protected] opt]# openstack role add --project service --user nova admin  建立 nova 服務實體： [[email protected] opt]# openstack service create --name nova \

–description “OpenStack Compute” compute ±------------±---------------------------------+ | Field | Value | ±------------±---------------------------------+ | description | OpenStack Compute | | enabled | True | | id | 598b667a89724097890609640237267b | | name | nova | | type | compute |

 建立 Compute 服務 API 端點：

[[email protected] opt]# openstack endpoint create --region RegionOne \

compute public http://172.26.128.126:8774/v2.1 ±-------------±---------------------------------+ | Field | Value | ±-------------±---------------------------------+ | enabled | True | | id | 7832e851720f4554b4d7322082cef5be | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | 598b667a89724097890609640237267b | | service_name | nova | | service_type | compute | | url | http://172.26.128.126:8774/v2.1 | ±-------------±---------------------------------+

[[email protected] opt]# openstack endpoint create --region RegionOne \

[[email protected] opt]# openstack endpoint create --region RegionOne \

compute admin http://172.26.128.126:8774/v2.1 ±-------------±---------------------------------+ | Field | Value | ±-------------±---------------------------------+ | enabled | True | | id | 07b16490e9724605881b880cbcc5ff96 | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | 598b667a89724097890609640237267b | | service_name | nova | | service_type | compute | | url | http://172.26.128.126:8774/v2.1 | ±-------------±---------------------------------+

 建立使用者 [[email protected] opt]# openstack user create --domain default --password-prompt placement User Password: Repeat User Password: ±--------------------±---------------------------------+ | Field | Value | ±--------------------±---------------------------------+ | domain_id | default | | enabled | True | | id | 9367f86b6d8b4fd9aadfffc536b17224 | | name | placement | | options | {} | | password_expires_at | None | ±--------------------±---------------------------------+

5.2. 安全並配置元件  安裝軟體包 yum install openstack-nova-api openstack-nova-conductor openstack-nova-console openstack-nova-novncproxy \ openstack-nova-scheduler openstack-nova-placement-api  編輯/etc/nova/nova.conf檔案並完成下面的操作 [[email protected] opt]# vi /etc/nova/nova.conf  配置/etc/httpd/conf.d/00-nova-placement-api.conf: [[email protected] opt]# cat /etc/httpd/conf.d/00-nova-placement-api.conf Listen 8778

<VirtualHost *:8778> WSGIProcessGroup nova-placement-api WSGIApplicationGroup %{GLOBAL} WSGIPassAuthorization On WSGIDaemonProcess nova-placement-api processes=3 threads=1 user=nova group=nova WSGIScriptAlias / /usr/bin/nova-placement-api = 2.4> ErrorLogFormat “%M” ErrorLog /var/log/nova/nova-placement-api.log #SSLEngine On #SSLCertificateFile … #SSLCertificateKeyFile …

Alias /nova-placement-api /usr/bin/nova-placement-api <Location /nova-placement-api> SetHandler wsgi-script Options +ExecCGI WSGIProcessGroup nova-placement-api WSGIApplicationGroup %{GLOBAL} WSGIPassAuthorization On

<Directory /usr/bin> = 2.4> Require all granted <IfVersion < 2.4> Order allow,deny Allow from all  重新啟動httpd [[email protected] opt]# systemctl restart httpd  重新整理nova到資料庫 [[email protected] opt]# su -s /bin/sh -c “nova-manage api_db sync” nova /usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) [‘use_tpool’] not supported exception.NotSupportedWarning 解決方法：根據報錯資訊找到對應的檔案，註釋第325、329、330、331、332和333行的配置。 [[email protected] ~]# sed -n ‘325,333p’ /usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py

if not_supported:

        # would like to raise ValueError here, but there are just
        # too many unrecognized (obsolete?) configuration options
        # coming in from projects

warnings.warn(

“Configuration option(s) %r not supported” %

sorted(not_supported),

exception.NotSupportedWarning

)

 註冊cell0資料庫 [[email protected] opt]# su -s /bin/sh -c “nova-manage cell_v2 map_cell0” nova  建立cell1 cell [[email protected] opt]# su -s /bin/sh -c “nova-manage cell_v2 create_cell --name=cell1 --verbose” nova 58e6ba8e-2f49-4148-aa45-4cfb0ab4a1d5  初始化nova資料庫 [[email protected] opt]# su -s /bin/sh -c “nova-manage db sync” nova /usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) [‘use_tpool’] not supported exception.NotSupportedWarning /usr/lib/python2.7/site-packages/pymysql/cursors.py:166: Warning: (1831, u’Duplicate index block_device_mapping_instance_uuid_virtual_name_device_name_idx. This is deprecated and will be disallowed in a future release.’) result = self._query(query) /usr/lib/python2.7/site-packages/pymysql/cursors.py:166: Warning: (1831, u’Duplicate index uniq_instances0uuid. This is deprecated and will be disallowed in a future release.’) result = self._query(query)  驗證nova cell0 和 cell1 已經註冊 [[email protected] opt]# nova-manage cell_v2 list_cells /usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) [‘use_tpool’] not supported exception.NotSupportedWarning ±------±-------------------------------------±---------------------------------------±--------------------------------- | 名稱 |UUID | Transport URL | 資料庫連線 |±------±-------------------------- |cell0|00000000-0000-0000-0000-000000000000|none:/ | mysql+pymysql://nova:@172.26.128.126/nova_cell0 | | cell1 | 58e6ba8e-2f49-4148-aa45-4cfb0ab4a1d5 | rabbit://openstack:@172.26.128.126 | mysql+pymysql://nova:****@172.26.128.126/nova| ±------±-------------------------------------±---------------------------------------±--------------------------------- 5.3. 完成安裝  啟動 Compute 服務並將其設定為隨系統啟動 [[email protected] opt]# systemctl enable openstack-nova-api.service \

openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service [[email protected] opt]# systemctl start openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service

5.4. 安裝和配置計算節點  安裝並配置元件 [[email protected] ~]#yum install openstack-nova-compute –y  編輯/etc/nova/nova.conf檔案並完成下面的操作： [[email protected] ~]# cat /etc/nova/nova.conf [DEFAULT] enabled_apis = osapi_compute,metadata transport_url = rabbit://openstack:[email protected] my_ip = 172.26.128.168 use_neutron = True firewall_driver = nova.virt.firewall.NoopFirewallDriver

[api] auth_strategy = keystone

[keystone_authtoken] auth_url = http://172.26.128.126:5000/v3 memcached_servers = 172.26.128.126:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = nova password = 1qaz2wsx

[vnc] enabled = True vncserver_listen = 0.0.0.0 vncserver_proxyclient_address = $my_ip novncproxy_base_url = http://172.26.128.126:6080/vnc_auto.html

[oslo_concurrency] lock_path = /var/lib/nova/tmp

[placement] os_region_name = RegionOne project_domain_name = Default project_name = service auth_type = password user_domain_name = Default auth_url = http://172.26.128.126:5000/v3 username = placement password = 1qaz2wsx

[neutron] url = http://172.26.128.126:9696 auth_url = http://172.26.128.126:35357 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = 1qaz2wsx [libvirt] Virt type = kvm

5.5. 完成安裝  啟動計算服務及其依賴，並將其配置為隨系統自動啟動： [[email protected] ~]# systemctl enable libvirtd.service openstack-nova-compute.service Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-compute.service to /usr/lib/systemd/system/openstack-nova-compute.service. [[email protected] ~]# systemctl start libvirtd.service openstack-nova-compute.service [[email protected] ~]# systemctl status libvirtd.service openstack-nova-compute.service libvirtd.service - Virtualization daemon Loaded: loaded (/usr/lib/systemd/system/libvirtd.service; enabled; vendor preset: enabled) Active: active (running) since 二 2018-07-10 16:54:00 CST; 9min ago Docs: man:libvirtd(8) https://libvirt.org Main PID: 30595 (libvirtd) Tasks: 17 (limit: 32768) CGroup: /system.slice/libvirtd.service └─30595 /usr/sbin/libvirtd

7月 10 16:54:00 compute02 systemd[1]: Starting Virtualization daemon… 7月 10 16:54:00 compute02 systemd[1]: Started Virtualization daemon.

● openstack-nova-compute.service - OpenStack Nova Compute Server Loaded: loaded (/usr/lib/systemd/system/openstack-nova-compute.service; enabled; vendor preset: disabled) Active: active (running) since 二 2018-07-10 17:03:17 CST; 26s ago Main PID: 30852 (nova-compute) Tasks: 22

5.6. 驗證操作 [[email protected] opt]# openstack compute service list --service nova-compute ±—±-------------±----------±-----±--------±------±---------------------------+ | ID | Binary | Host | Zone | Status | State | Updated At | ±—±-------------±----------±-----±--------±------±---------------------------+ | 7 | nova-compute | compute02 | nova | enabled | up | 2018-07-10T09:06:38.000000 | ±—±-------------±----------±-----±--------±------±---------------------------+ [[email protected] opt]# su -s /bin/sh -c “nova-manage cell_v2 discover_hosts --verbose” nova /usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) [‘use_tpool’] not supported exception.NotSupportedWarning Found 2 cell mappings. Skipping cell0 since it does not contain hosts. Getting computes from cell ‘cell1’: 58e6ba8e-2f49-4148-aa45-4cfb0ab4a1d5 Checking host mapping for compute host ‘compute02’: 1422a1c2-4e29-4dee-b5e1-0592e73dcf9f Creating host mapping for compute host ‘compute02’: 1422a1c2-4e29-4dee-b5e1-0592e73dcf9f Found 1 unmapped computes in cell: 58e6ba8e-2f49-4148-aa45-4cfb0ab4a1d5

[[email protected] opt]# nova-status upgrade check /usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) [‘use_tpool’] not supported exception.NotSupportedWarning Option “os_region_name” from group “placement” is deprecated. Use option “region-name” from group “placement”. ±------------------------------+ | 升級檢查結果

OpenStack-Q版實戰部署技術指導手冊-黑夜青兒

yum install openstack-glance

if not_supported:

warnings.warn(

“Configuration option(s) %r not supported” %

sorted(not_supported),

exception.NotSupportedWarning

)

OpenStack-Q版實戰部署技術指導手冊-黑夜青兒

openstack Q版部署-----環境搭建（1）

openstack Q版部署-----nova服務配置-計算節點（6）

openstack Q版部署-----界面horizon安裝（9）

openstack Q版部署-----安裝報錯問題

openstack Q版本自動化部署課程直播通知

openstack Q 自動化化部署課程

OpenStack-liberty版Ciner部署（九）

OpenStack-Rocky版單機部署

Linux環境下部署TestLink指導手冊--3

Linux環境下部署TestLink指導手冊--2

OpenStack pike版基本環境部署(2) 續案例架構(1)

openstack Queens版企業雲自動化部署(openvswith+vxlan)

OpenStack-liberty版Glance服務部署（二）

OpenStack-liberty版Nova服務部署（三）

OpenStack-liberty版Nova計算節點部署服務部署（四）

OpenStack—Q 環境部署

OpenStack控制節點上搭建Q版nova服務（step5）

OpenStack搭建Q版只屬於計算節點上的環境準備（step6)

基於kolla部署多節點OpenStack(Ocata版)-續

OpenStack-Q版實戰部署技術指導手冊-黑夜青兒

yum install openstack-glance

if not_supported:

warnings.warn(

“Configuration option(s) %r not supported” %

sorted(not_supported),

exception.NotSupportedWarning

)

相關推薦