ubuntu1404單機安裝部署openstack-juno
阿新 • • 發佈:2019-02-15
Redhat上可以很快的使用All-in-one的方式安裝openstack,先安裝packstack,然後通過packstack --allinone這條命令
就可以一步安裝openstack,最後設定IP和網橋,就可以完成安裝,但是在ubuntu卻無法通過一步就實現openstack的安裝,
需要一步一步安裝,而且網上現有的資料都是在多臺機器上分別安裝openstack的各個節點(compute,controller,network
等),一般至少兩臺虛擬機器或著物理機,今天介紹如何在一臺ubuntu虛擬機器上實現openstack-juno的安裝,並啟動一個
cirros映象的虛擬機器例項。
當初我覺著可以在redhat上實現單機安裝openstack並啟動虛擬機器例項,就一定可以在ubuntu上實現單機安裝部署
openstack,一個原因是不想多臺機器之間折騰,機器越少,操作起來越方便,不用來回切換,另一個就是自己有點強迫症,
非要這麼折騰一下,結果折騰了好久,終於算是折騰出來了,思路也越來越清晰。
這裡總結一下openstack安裝的經驗。其實主要的問題還是集中在網路設定上,各個模組的安裝只要網路正常,基本
沒什麼問題,很快就可以安裝,工作量集中在配置檔案的修改上,nova和neutron的配置有一些是交織的,先配置nova,等
到neutron安裝了,還要返回來再次修改nova和增加配置,另外在neutron的配置檔案中還要加上nova的相關配置,最後就
是網路的配置,網橋的設定。
這裡介紹的安裝其實不是完整的安裝,主要是安裝到neutron,然後安裝dashboard,可以通過網頁介面來操作主機設定,
後面的模組如cinder(塊儲存),swift(物件儲存)都沒有安裝。
安裝步驟如下:
第一步、準備ubuntu虛擬機器,新增openstack-juno相關的源;
虛擬機器設定:4G記憶體,20G硬碟,處理器選擇支援虛擬化,ip:192.168.61.122,hostname:openstack
apt-get install python-software-properties add-apt-repository cloud-archive:juno apt-get update
第二步、安裝訊息服務rabbitmq,資料庫mysql並啟動;
apt-get install rabbitmq-server -y apt-get install mysql-server python-mysqldb -y
安裝mysql時會提示輸入使用者名稱密碼,這裡輸入root:root
修改mysql配置檔案,vi /etc/mysql/my.cnf
bind-address 192.168.61.122 [mysqld] default-storage-engine=innodb innodb_file_per_table collation-server=utf8_general_ci init-connect='SET NAMES utf8' character-set-server=utf8修改完成之後重啟服務
service mysql restart
修改配置及重啟服務截圖:
第三步、安裝認證服務keystone,並配置和啟動服務,新建使用者,租戶,角色;
先建立keystone資料庫,並且授權使用者keystone:keystone
再安裝keystone服務
apt-get install keystone python-keystoneclient -y
這裡我們先使用openssl命令產生一個隨機的字串作為token,這個字串將在多個地方配置,主要在keystone.conf配置
檔案中配置,以後都通用。
openssl rand -hex 10
//我的機器隨機生成的是如下的字串
b9e8218bd6a146ce0741
安裝完成之後就是配置/etc/keystone/keystone.conf,預設keystone,glance,nova等元件,都有一個sqlite的資料庫儲存元資料,
我們這裡改為使用我們的mysql作為元資料資料庫,只需修改幾個設定。
vi /etc/keystone/keystone.conf [default] token=b9e8218bd6a146ce0741 verbose=true [database] connection=mysql://keystone:[email protected]/keystone [token] provider=keystone.token.providers.uuid.Provider # Token persistence backend driver. (string value) driver=keystone.token.persistence.backends.sql.Token
接著就可以同步資料,和重啟keystone服務,並且設定環境變數OS_SERVICE_TOKEN和OS_SERVICE_ENDPOINT。
[email protected]:~# su -s /bin/sh -c "keystone-manage db_sync" keystone [email protected]:~# service keystone restart keystone stop/waiting keystone start/running, process 20270 [email protected]:~# ls b9e8218bd6a146ce0741 [email protected]:~# export OS_SERVICE_TOKEN=b9e8218bd6a146ce0741 [email protected]:~# export OS_SERVICE_ENDPOINT=http://openstack:35357/v2.0
下面可以進行建立租戶,使用者,角色,並賦予使用者角色,我們建立兩個角色一個管理員和一個普通使用者。
[email protected]:~# export OS_SERVICE_TOKEN=b9e8218bd6a146ce0741 [email protected]:~# export OS_SERVICE_ENDPOINT=http://openstack:35357/v2.0 [email protected]:~# keystone tenant-create --name admin --description "Admin Tenant" +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | Admin Tenant | | enabled | True | | id | 23a84fb4bf9f4078a54adc63627ea224 | | name | admin | +-------------+----------------------------------+ [email protected]:~# keystone user-create --name admin --pass admin --email [email protected] +----------+----------------------------------+ | Property | Value | +----------+----------------------------------+ | email | [email protected] | | enabled | True | | id | bcf9266786734e3382a0e38d582386fe | | name | admin | | username | admin | +----------+----------------------------------+ [email protected]:~# keystone role-create --name admin +----------+----------------------------------+ | Property | Value | +----------+----------------------------------+ | id | f3f75ddd049d404f8540faece025e9eb | | name | admin | +----------+----------------------------------+ [email protected]:~# keystone user-role-add --user admin --tenant admin --role admin
賦予使用者角色和指定租戶是沒有輸出的。
接著我們建立普通成員使用者和角色並賦予角色
[email protected]:~# keystone role-create --name _member_ +----------+----------------------------------+ | Property | Value | +----------+----------------------------------+ | id | 6e33c1dcfb124022b11fea125fe996f9 | | name | _member_ | +----------+----------------------------------+ [email protected]:~# keystone tenant-create --name hadoop --description "Hadoop Tenant" +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | Hadoop Tenant | | enabled | True | | id | 668a527fd9384b639447deaca1cf2c48 | | name | hadoop | +-------------+----------------------------------+ [email protected]:~# keystone user-create --name hadoop --pass hadoop --email [email protected] +----------+----------------------------------+ | Property | Value | +----------+----------------------------------+ | email | [email protected] | | enabled | True | | id | 4e3ccc059d754c6a94e9a82d187bff8d | | name | hadoop | | username | hadoop | +----------+----------------------------------+ [email protected]:~# keystone user-role-add --tenant hadoop --user hadoop --role _member_
我們再建立第三個租戶service,這個租戶給後面的glance,nova,neutron等使用,前面的普通租戶hadoop是給普通使用者登
錄使用。
[email protected]:~# keystone tenant-create --name service --description "Service Tenant" +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | Service Tenant | | enabled | True | | id | a4363a87992a4be7aba64be211338b5c | | name | service | +-------------+----------------------------------+
最後我們需要建立keystone對外的服務endpoint。
[email protected]:~# keystone service-create --name keystone --type identity --description "Openstack Identity" +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | Openstack Identity | | enabled | True | | id | 23d80b5a4b3c45debc4c96d229c55e08 | | name | keystone | | type | identity | +-------------+----------------------------------+ [email protected]:~# keystone endpoint-create --service-id 23d80b5a4b3c45debc4c96d229c55e08 \ > --publicurl http://openstack:5000/v2.0 \ > --internalurl http://openstack:5000/v2.0 \ > --adminurl http://openstack:35357/v2.0 \ > --region regionOne +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | adminurl | http://openstack:35357/v2.0 | | id | 0b0b6785c5e44d989e4f007a8bb56571 | | internalurl | http://openstack:5000/v2.0 | | publicurl | http://openstack:5000/v2.0 | | region | regionOne | | service_id | 23d80b5a4b3c45debc4c96d229c55e08 | +-------------+----------------------------------+ [email protected]:~#這裡千萬不要直接複製貼上命令,endpoint 的service-id需要指定在前一個命令中生成的service的id。
這樣我們的keystone算是安裝和配置完成,思路大概是先安裝元件(或著建立資料庫,授權資料庫使用者),然後配置
元件資料庫連線,token等資訊,接著同步資料,然後建立相關的服務。後面的glance,nova,neutron等安裝都是這個
思路。
驗證keystone命令生成的資料:
剛才我們使用keystone命令生成的使用者,服務等都是在環境變數OS_SERVICE_TOKEN=b9e8218bd6a146ce0741,
OS_SERVICE_ENDPOINT=http://openstack:35357/v2.0的情況下做的,現在我們去掉環境變數,做驗證。
unset OS_SERVICE_TOKEN OS_SERVICE_ENDPOINT
[email protected]:~# keystone service-list Expecting an auth URL via either --os-auth-url or env[OS_AUTH_URL] [email protected]:~# keystone --os-tenant-name admin --os-username admin --os-password admin --os-auth-url http://openstack:35357/v2.0 service-list +----------------------------------+----------+----------+--------------------+ | id | name | type | description | +----------------------------------+----------+----------+--------------------+ | 23d80b5a4b3c45debc4c96d229c55e08 | keystone | identity | Openstack Identity | +----------------------------------+----------+----------+--------------------+ [email protected]:~# keystone --os-tenant-name admin --os-username admin --os-password admin --os-auth-url http://openstack:35357/v2.0 token-get +-----------+----------------------------------+ | Property | Value | +-----------+----------------------------------+ | expires | 2017-02-19T17:53:40Z | | id | cd0471d0ac6f4d0abee8e9ee0e56c92a | | tenant_id | 23a84fb4bf9f4078a54adc63627ea224 | | user_id | bcf9266786734e3382a0e38d582386fe | +-----------+----------------------------------+ [email protected]:~# keystone --os-tenant-name admin --os-username admin --os-password admin --os-auth-url http://openstack:35357/v2.0 role-list +----------------------------------+----------+ | id | name | +----------------------------------+----------+ | 6e33c1dcfb124022b11fea125fe996f9 | _member_ | | f3f75ddd049d404f8540faece025e9eb | admin | +----------------------------------+----------+
這個結果和我們建立時是對應的,沒有什麼問題,接下來,我們可以安裝配置映象服務glance元件了。
第四步、安裝映象服務glance,並配置和啟動服務,新建映象;
建立glance資料庫,並授權使用者glance:glance
mysql> create database glance; Query OK, 1 row affected (0.00 sec) mysql> grant all privileges on glance.* to [email protected]'%' identified by 'glance'; Query OK, 0 rows affected (0.00 sec)
使用keystone建立glance相關使用者和endpoint服務,這裡給glance賦予角色和租戶時就用到了keystone裡面最後建立的一個租戶service。
[email protected]:~# keystone user-create --name glance --pass glance --email [email protected] +----------+----------------------------------+ | Property | Value | +----------+----------------------------------+ | email | [email protected] | | enabled | True | | id | afbd6f0428eb462099a8b20dd06f210d | | name | glance | | username | glance | +----------+----------------------------------+ [email protected]:~# keystone user-role-add --user glance --tenant service --role admin [email protected]:~# keystone service-create --name glance --type image --description "Openstack Image Service" +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | Openstack Image Service | | enabled | True | | id | e7131d900c8a46ef8053217e93759e98 | | name | glance | | type | image | +-------------+----------------------------------+ [email protected]:~# keystone endpoint-create --service-id e7131d900c8a46ef8053217e93759e98 --publicurl http://openstack:9292 --internalurl http://openstack:9292 --adminurl http://openstack:9292 --region regionOne +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | adminurl | http://openstack:9292 | | id | 46c182ce45dc498d9009caaa61a37a9d | | internalurl | http://openstack:9292 | | publicurl | http://openstack:9292 | | region | regionOne | | service_id | e7131d900c8a46ef8053217e93759e98 | +-------------+----------------------------------+
接下來,安裝glance元件
apt-get install glance python-glanceclient -y
修改配置檔案/etc/glance/glance-api.conf和/etc/glance/glance-registry.conf
[email protected]:~# vi /etc/glance/glance-api.conf [database] connection = mysql://glance:[email protected]/glance [keystone_authtoken] auth_uri=http://openstack:5000/v2.0 identity_uri = http://openstack:35357 admin_tenant_name = service admin_user = glance admin_password = glance [paste_deploy] flavor=keystone [glance-store] filesystem_store_datadir=/var/lib/glance/images
[email protected]:~# vi /etc/glance/glance-registry.conf [database] connection = mysql://glance:[email protected]/glance [keystone_authtoken] auth_uri=http://openstack:5000/v2.0 identity_uri = http://openstack:35357 admin_tenant_name = service admin_user = glance admin_password = glance [paste_deploy] flavor=keystone
然後同步資料,並且重啟服務
[email protected]:~# su -s /bin/sh -c "glance-manage db_sync" glance /usr/lib/python2.7/dist-packages/sqlalchemy/engine/default.py:436: Warning: Invalid utf8 character string: '80027D' cursor.execute(statement, parameters) [email protected]:~# service glance-registry restart glance-registry stop/waiting glance-registry start/running, process 22752 [email protected]:~# service glance-api restart glance-api stop/waiting glance-api start/running, process 22771
為了建立映象,我們先配置一個管理員的環境變數keystonerc_admin.sh
vi ~/keystonerc_admin.sh export OS_TENANT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD=admin export OS_AUTH_URL=http://192.168.61.122:35357/v2.0最後建立一個映象,利用本地的cirros-0.3.3-x86_64.img。
[email protected]:~# source keystonerc_admin.sh [email protected]:~# glance image-list +----+------+-------------+------------------+------+--------+ | ID | Name | Disk Format | Container Format | Size | Status | +----+------+-------------+------------------+------+--------+ +----+------+-------------+------------------+------+--------+ [email protected]:~# ls b9e8218bd6a146ce0741 keystonerc_admin.sh set_env.sh [email protected]:~# glance image-create --name "cirros-0.3.3" --file /home/hadoop/cirros-0.3.3-x86_64-disk.img --disk-format qcow2 --container-format bare --is-public True --progress [=============================>] 100% +------------------+--------------------------------------+ | Property | Value | +------------------+--------------------------------------+ | checksum | 133eae9fb1c98f45894a4e60d8736619 | | container_format | bare | | created_at | 2017-02-19T19:02:07 | | deleted | False | | deleted_at | None | | disk_format | qcow2 | | id | e90f1aed-58f9-427e-ba24-c440c3dbc04e | | is_public | True | | min_disk | 0 | | min_ram | 0 | | name | cirros-0.3.3 | | owner | 23a84fb4bf9f4078a54adc63627ea224 | | protected | False | | size | 13200896 | | status | active | | updated_at | 2017-02-19T19:02:09 | | virtual_size | None | +------------------+--------------------------------------+ [email protected]:~# glance image-list +--------------------------------------+--------------+-------------+------------------+----------+--------+ | ID | Name | Disk Format | Container Format | Size | Status | +--------------------------------------+--------------+-------------+------------------+----------+--------+ | e90f1aed-58f9-427e-ba24-c440c3dbc04e | cirros-0.3.3 | qcow2 | bare | 13200896 | active | +--------------------------------------+--------------+-------------+------------------+----------+--------+ [email protected]:~#
第五步、安裝計算服務nova,並配置和啟動服務;
建立nova資料庫,並且授權使用者nova:nova
mysql> create database nova; Query OK, 1 row affected (0.00 sec) mysql> grant all privileges on nova.* to [email protected]'%' identified by 'nova'; Query OK, 0 rows affected (0.00 sec)
使用keystone命令建立nova元件相關的使用者和服務
[email protected]:~# keystone user-create --name nova --pass nova --email [email protected] +----------+----------------------------------+ | Property | Value | +----------+----------------------------------+ | email | [email protected] | | enabled | True | | id | 88bb5fda2beb402eb0a32437d5b22602 | | name | nova | | username | nova | +----------+----------------------------------+ [email protected]:~# keystone user-role-add --user nova --tenant service --role admin [email protected]:~# keystone service-create --name nova --type compute --description "Openstack Nova Compute" +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | Openstack Nova Compute | | enabled | True | | id | 15f88fd8b9b1439da7c8a4fb7649f422 | | name | nova | | type | compute | +-------------+----------------------------------+ [email protected]:~# keystone service-list | awk '/ compute / {print $2}' 15f88fd8b9b1439da7c8a4fb7649f422 [email protected]:~# keystone endpoint-create --service-id=15f88fd8b9b1439da7c8a4fb7649f422 \ > --publicurl http://openstack:8774/v2/%\(tenant_id\)s \ > --internalurl http://openstack:8774/v2/%\(tenant_id\)s \ > --adminurl http://openstack:8774/v2/%\(tenant_id\)s \ > --region regionOne +-------------+------------------------------------------+ | Property | Value | +-------------+------------------------------------------+ | adminurl | http://openstack:8774/v2.0/%(tenant_id)s | | id | c5e8f6ccda524fcf9f2fcf33e66490ab | | internalurl | http://openstack:8774/v2.0/%(tenant_id)s | | publicurl | http://openstack:8774/v2.0/%(tenant_id)s | | region | regionOne | | service_id | 15f88fd8b9b1439da7c8a4fb7649f422 | +-------------+------------------------------------------+
安裝nova元件並配置/etc/nova/nova.conf檔案
[email protected]:~# apt-get install nova-api nova-cert nova-conductor nova-consoleauth nova-scheduler noa-novncproxy python-novaclient Reading package lists... Done Building dependency tree Reading state information... Done
vi /etc/nova/nova.conf [default] verbose=True auth_strategy=keystone rpc_backend=rabbit rabbit_host=openstack rabbit_password=guest my_ip=192.168.61.122 vncserver_listener=192.168.61.122 vncserver_proxyclient_address=192.168.61.122 [database] connection=mysql://nova:[email protected]/nova [keystone_authtoken] auth_uri=http://openstack:5000 identify_uri=http://openstack:35357 admin_tenant_name=service admin_user=nova admin_password=nova [glance] host=openstack
重啟服務:
[email protected]:~# vi restartnova.sh #!/bin/sh service nova-api restart service nova-cert restart service nova-consoleauth restart service nova-scheduler restart service nova-conductor restart service nova-novncproxy restart [email protected]:~# chmod 777 restartnova.sh [email protected]:~# sh restartnova.sh
驗證nova安裝和啟動
[email protected]:~# nova image-list +--------------------------------------+--------------+--------+--------+ | ID | Name | Status | Server | +--------------------------------------+--------------+--------+--------+ | e90f1aed-58f9-427e-ba24-c440c3dbc04e | cirros-0.3.3 | ACTIVE | | +--------------------------------------+--------------+--------+--------+ [email protected]:~# nova service-list +----+------------------+-----------+----------+---------+-------+----------------------------+-----------------+ | Id | Binary | Host | Zone | Status | State | Updated_at | Disabled Reason | +----+------------------+-----------+----------+---------+-------+----------------------------+-----------------+ | 1 | nova-cert | openstack | internal | enabled | up | 2017-02-19T21:07:53.000000 | - | | 2 | nova-consoleauth | openstack | internal | enabled | up | 2017-02-19T21:07:53.000000 | - | | 3 | nova-scheduler | openstack | internal | enabled | up | 2017-02-19T21:07:53.000000 | - | | 4 | nova-conductor | openstack | internal | enabled | up | 2017-02-19T21:07:53.000000 | - | +----+------------------+-----------+----------+---------+-------+----------------------------+-----------------+ [email protected]:~#
以上安裝實際上並不是計算節點的安裝,還需要安裝nova計算元件
apt-get install nova-compute python-novaclient有的地方提示需要改動/etc/nova/nova-compute.conf
vi /etc/nova/nova-compute.conf [libvirt] virt_type=qemu [email protected]:~#service nova-compute restart
這樣再次用命令nova service-list檢視nova服務時,會出現五個,即加入了nova-compute,這樣nova就算安裝完成。
[email protected]:~# nova service-list +----+------------------+-----------+----------+---------+-------+----------------------------+-----------------+ | Id | Binary | Host | Zone | Status | State | Updated_at | Disabled Reason | +----+------------------+-----------+----------+---------+-------+----------------------------+-----------------+ | 1 | nova-cert | openstack | internal | enabled | up | 2017-02-19T21:27:03.000000 | - | | 2 | nova-consoleauth | openstack | internal | enabled | up | 2017-02-19T21:27:03.000000 | - | | 3 | nova-scheduler | openstack | internal | enabled | up | 2017-02-19T21:27:03.000000 | - | | 4 | nova-conductor | openstack | internal | enabled | up | 2017-02-19T21:27:03.000000 | - | | 5 | nova-compute | openstack | nova | enabled | up | 2017-02-19T21:27:02.000000 | - | +----+------------------+-----------+----------+---------+-------+----------------------------+-----------------+
第六步、安裝網路服務neutron,並配置和啟動服務;
建立neutron資料庫,並且授權使用者neutron:neutron
mysql> create database neutron; Query OK, 1 row affected (0.00 sec) mysql> grant all privileges on neutron.* to [email protected]'%' identified by 'neutron'; Query OK, 0 rows affected (0.00 sec)
使用keystone命令建立neutron元件相關的使用者和服務
[email protected]:~# keystone user-create --name neutron --pass neutron --email [email protected] +----------+----------------------------------+ | Property | Value | +----------+----------------------------------+ | email | [email protected] | | enabled | True | | id | 8e49b076e0ba4d33bfffcfbc0258ac1b | | name | neutron | | username | neutron | +----------+----------------------------------+ [email protected]:~# keystone user-role-add --user neutron --tenant service --role admin [email protected]:~# keystone service-create --name neutron --type network --description "Openstack \ > Network" +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | Openstack Network | | enabled | True | | id | a7b922511b9d49f9b04addc905fc598d | | name | neutron | | type | network | +-------------+----------------------------------+ [email protected]:~# keystone endpoint-create --service-id=a7b922511b9d49f9b04addc905fc598d \ > --publicurl http://openstack:9696 \ > --internalurl http://openstack:9696 \ > --adminurl http://openstack:9696 \ > --region regionOne +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | adminurl | http://openstack:9696 | | id | 2aa3d75f522340f59b0c74269f9e7e72 | | internalurl | http://openstack:9696 | | publicurl | http://openstack:9696 | | region | regionOne | | service_id | a7b922511b9d49f9b04addc905fc598d | +-------------+----------------------------------+
安裝neutron元件並配置相關檔案
apt-get install neutron-server neutron-plugin-ml2 python-neutronclient -y apt-get install neutron-plugin-openvswitch-agent neutron-l3-agent neutron-dhcp-agent ipset -y
修改系統配置
vi /etc/sysctl.conf net.ipv4.conf.default.rp_filter = 0 net.ipv4.conf.all.rp_filter = 0 net.ipv4.ip_forward = 1 sysctl -p//生效
首先更改nova配置,增加neutron支援
vi /etc/nova/nova.conf [DEFAULT] dhcpbridge_flagfile=/etc/nova/nova.conf dhcpbridge=/usr/bin/nova-dhcpbridge logdir=/var/log/nova state_path=/var/lib/nova lock_path=/var/lock/nova force_dhcp_release=True libvirt_use_virtio_for_bridges=True verbose=True ec2_private_dns_show_ip=True api_paste_config=/etc/nova/api-paste.ini enabled_apis=ec2,osapi_compute,metadata auth_strategy=keystone rpc_backend=rabbit rabbit_host=openstack rabbit_password=guest my_ip=192.168.61.122 vncserver_listen=192.168.61.122 vncserver_proxyclient_address=192.168.61.122 novncproxy_base_url=http://openstack:6080/vnc_auto.html service_neutron_metadata_proxy=true neutron_metadata_proxy_shared_secret=neutron network_api_class=nova.network.neutronv2.api.API security_group_api=neutron linuxnet_interface_driver=nova.network.linux_net.LinuxOVSInterfaceDriver firewall_driver=nova.virt.firewall.NoopFirewallDriver [database] connection=mysql://nova:[email protected]/nova [keystone_authtoken] auth_uri=http://openstack:5000 identity_uri=http://openstack:35357 admin_tenant_name=service admin_user=nova admin_password=nova [glance] host=openstack [neutron] url=http://openstack:9696 auth_strategy=keystone admin_auth_url=http://openstack:35357/v2.0 admin_tenant_name=service admin_username=neutron admin_password=neutron
修改neutron主配置檔案/etc/neutron/neutron.conf
vi /etc/neutron.conf [DEFAULT] verbose = True core_plugin = ml2 service_plugins =router auth_strategy = keystone allow_overlapping_ips = True notify_nova_on_port_status_changes = True notify_nova_on_port_data_changes=True nova_url = http://openstack:8774/v2 nova_admin_auth_url=http://openstack:35357/v2.0 nova_region_name =regionOne nova_admin_username =nova nova_admin_tenant_id =a4363a87992a4be7aba64be211338b5c nova_admin_password =nova nova_admin_auth_url =http://openstack:35357/v2.0 rabbit_host=openstack rabbit_password=guest rpc_backend=rabbit [keystone_authtoken] auth_host = 192.168.61.122 auth_port = 35357 auth_protocol = http admin_tenant_name = service admin_user = neutron admin_password = neutron [database] connection = mysql://neutron:[email protected]/neutron
修改neutron外掛配置,四個配置檔案
vi /etc/neutron/plugins/ml2/ml2_conf.ini [ml2] type_drivers = local,flat,vlan,gre,vxlan tenant_network_types = vlan mechanism_drivers = openvswitch,linuxbridge [ml2_type_vlan] network_vlan_ranges = physnet1:1000:2999 [securitygroup] enable_security_group = True enable_ipset = True firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver [ovs] local_ip=192.168.56.145 tenant_network_type=vlan integration_bridge=br-int network_vlan_ranges=physnet1:1000:2999 bridge_mappings=physnet1:br0
vi /etc/neutron/l3_agent.ini [DEFAULT] verbose=True interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver use_namespaces = True external_network_bridge = br0
vi /etc/neutron/dhcp_agent.ini [DEFAULT] verbose=True interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq use_namespaces = True
vi /etc/neutron/metadata_agent.ini [DEFAULT] verbose=True auth_url = http://openstack:5000/v2.0 auth_region = regionOne admin_tenant_name = service admin_user = neutron admin_password = neutron nova_metadata_ip = 192.168.56.145 metadata_proxy_shared_secret =neutron
更改完成之後,同步資料庫
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade juno" neutron
然後依次啟動nova,neutron相關服務
//nova restart service nova-api restart service nova-cert restart service nova-consoleauth restart service nova-scheduler restart service nova-conductor restart service nova-novncproxy restart service nova-compute restart //neutron restart service neutron-server restart service openvswitch-switch restart service neutron-plugin-openvswitch-agent restart service neutron-l3-agent restart service neutron-dhcp-agent restart service neutron-metadata-agent restart
檢驗服務
[email protected]:~# neutron ext-list +-----------------------+-----------------------------------------------+ | alias | name | +-----------------------+-----------------------------------------------+ | security-group | security-group | | l3_agent_scheduler | L3 Agent Scheduler | | ext-gw-mode | Neutron L3 Configurable external gateway mode | | binding | Port Binding | | provider | Provider Network | | agent | agent | | quotas | Quota management support | | dhcp_agent_scheduler | DHCP Agent Scheduler | | l3-ha | HA Router extension | | multi-provider | Multi Provider Network | | external-net | Neutron external network | | router | Neutron L3 Router | | allowed-address-pairs | Allowed Address Pairs | | extraroute | Neutron Extra Route | | extra_dhcp_opt | Neutron Extra DHCP opts | | dvr | Distributed Virtual Router | +-----------------------+-----------------------------------------------+ [email protected]:~# neutron agent-list +--------------------------------------+--------------------+-----------+-------+----------------+---------------------------+ | id | agent_type | host | alive | admin_state_up | binary | +--------------------------------------+--------------------+-----------+-------+----------------+---------------------------+ | b53c64f2-8e2a-4d46-96bf-405fc734dd79 | Metadata agent | openstack | :-) | True | neutron-metadata-agent | | cc225a4f-7586-433d-af05-54e1defa347a | DHCP agent | openstack | :-) | True | neutron-dhcp-agent | | f4d02fca-e70f-457b-81b0-3de9743fadfa | L3 agent | openstack | :-) | True | neutron-l3-agent | | fabeb6c4-2fb9-46dd-ac56-9b1ccd5b2933 | Open vSwitch agent | openstack | :-) | True | neutron-openvswitch-agent | +--------------------------------------+--------------------+-----------+-------+----------------+---------------------------+
這裡還需要檢驗虛擬網橋裝置。
如果這個介面沒有出現br-int,br0的配置,需要手動新增網橋
ovs-vsctl add-br br0 //新增網橋 ovs-vsctl add-port br0 eth0 //為br0新增埠。
第七步、安裝介面服務dashboard,並配置和啟動服務;
利用如下命令可以安裝openstack介面管理dashboard元件,針對ubuntu系統,會預設安裝一套ubuntu的主題,不喜歡的
可以利用apt-get remove命令解除安裝該套主題。
apt-get install -y openstack-dashboard apache2 libapache2-mod-wsgi memcached python-memcache apt-get remove --purge openstack-dashboard-ubuntu-theme管理員和普通使用者均可以登陸
登入之後,裡面長這個樣子
第八步、建立網路和建立虛擬機器。
先建立公有網路,使用管理員許可權(admin)
[email protected]:~# source keystonerc_admin.sh [email protected]:~# neutron net-create public-vlan --router:external=True Created a new network: +---------------------------+--------------------------------------+ | Field | Value | +---------------------------+--------------------------------------+ | admin_state_up | True | | id | c3c63eab-2fcc-44fd-a4a4-0b46cba55377 | | name | public-vlan | | provider:network_type | vlan | | provider:physical_network | physnet1 | | provider:segmentation_id | 1080 | | router:external | True | | shared | False | | status | ACTIVE | | subnets | | | tenant_id | 23a84fb4bf9f4078a54adc63627ea224 | +---------------------------+--------------------------------------+ [email protected]:~# neutron subnet-create public-vlan --name public-subnet --allocation-pool start=192.168.61.200,end=192.168.61.230 --disable-dhcp --gateway 192.168.61.2 192.168.61.0/24 --dns-nameserver 192.168.61.2 Created a new subnet: +-------------------+------------------------------------------------------+ | Field | Value | +-------------------+------------------------------------------------------+ | allocation_pools | {"start": "192.168.61.200", "end": "192.168.61.230"} | | cidr | 192.168.61.0/24 | | dns_nameservers | 192.168.61.2 | | enable_dhcp | False | | gateway_ip | 192.168.61.2 | | host_routes | | | id | 24467a95-5c8f-4fbc-a133-8432b220c5c3 | | ip_version | 4 | | ipv6_address_mode | | | ipv6_ra_mode | | | name | public-subnet | | network_id | c3c63eab-2fcc-44fd-a4a4-0b46cba55377 | | tenant_id | 23a84fb4bf9f4078a54adc63627ea224 | +-------------------+------------------------------------------------------+再建立私有網路,使用hadoop使用者,先配置一個hadoop使用者的環境變數:
vi keystonerc_hadoop.sh export OS_TENANT_NAME=hadoop export OS_USERNAME=hadoop export OS_PASSWORD=hadoop export OS_AUTH_URL=http://192.168.61.122:35357/v2.0 source keystonerc_hadoop.sh然後利用hadoop使用者建立使用者私有網路,並新增路由器,設定路由器和網路聯通。
[email protected]:~$ neutron net-create hadoop-vlan Created a new network: +-----------------+--------------------------------------+ | Field | Value | +-----------------+--------------------------------------+ | admin_state_up | True | | id | 6fa7187f-18cc-46b2-afaa-7636c5acacbd | | name | hadoop-vlan | | router:external | False | | shared | False | | status | ACTIVE | | subnets | | | tenant_id | 668a527fd9384b639447deaca1cf2c48 | +-----------------+--------------------------------------+ [email protected]:~$ neutron subnet-create hadoop-vlan --name hadoop-subnet --allocation-pool start=10.0.1.1,end=10.0.1.253 --disable-dhcp --gateway 10.0.1.254 10.0.1.0/24 --dns-nameserver 192.168.61.2 Created a new subnet: +-------------------+--------------------------------------------+ | Field | Value | +-------------------+--------------------------------------------+ | allocation_pools | {"start": "10.0.1.1", "end": "10.0.1.253"} | | cidr | 10.0.1.0/24 | | dns_nameservers | 192.168.61.2 | | enable_dhcp | False | | gateway_ip | 10.0.1.254 | | host_routes | | | id | 30b75ef9-4a57-45b2-9110-5a71188ccd2c | | ip_version | 4 | | ipv6_address_mode | | | ipv6_ra_mode | | | name | hadoop-subnet | | network_id | 6fa7187f-18cc-46b2-afaa-7636c5acacbd | | tenant_id | 668a527fd9384b639447deaca1cf2c48 | +-------------------+--------------------------------------------+ [email protected]:~$ neutron router-create hadoop-router Created a new router: +-----------------------+--------------------------------------+ | Field | Value | +-----------------------+--------------------------------------+ | admin_state_up | True | | external_gateway_info | | | id | 3de91186-f5ae-44e5-8602-a2dda86dae25 | | name | hadoop-router | | routes | | | status | ACTIVE | | tenant_id | 668a527fd9384b639447deaca1cf2c48 | +-----------------------+--------------------------------------+ [email protected]:~$ neutron router-interface-add hadoop-router hadoop-subnet Added interface c48530e3-b317-4cf7-a0cd-1f6ffb79cc72 to router hadoop-router. [email protected]:~$ neutron router-gateway-set hadoop-router public-vlan Set gateway for router hadoop-router
利用admin使用者許可權建立一個記憶體128M的虛擬機器型別
[email protected]:~# nova flavor-create myos 6 128 1 1 +----+------+-----------+------+-----------+------+-------+-------------+-----------+ | ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public | +----+------+-----------+------+-----------+------+-------+-------------+-----------+ | 6 | myos | 128 | 1 | 0 | | 1 | 1.0 | True | +----+------+-----------+------+-----------+------+-------+-------------+-----------+ [email protected]:~# nova flavor-list +----+-----------+-----------+------+-----------+------+-------+-------------+-----------+ | ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public | +----+-----------+-----------+------+-----------+------+-------+-------------+-----------+ | 1 | m1.tiny | 512 | 1 | 0 | | 1 | 1.0 | True | | 2 | m1.small | 2048 | 20 | 0 | | 1 | 1.0 | True | | 3 | m1.medium | 4096 | 40 | 0 | | 2 | 1.0 | True | | 4 | m1.large | 8192 | 80 | 0 | | 4 | 1.0 | True | | 5 | m1.xlarge | 16384 | 160 | 0 | | 8 | 1.0 | True | | 6 | myos | 128 | 1 | 0 | | 1 | 1.0 | True | +----+-----------+-----------+------+-----------+------+-------+-------------+-----------+
最後可以利用命令列建立虛擬機器,建立虛擬機器需要網路ID,映象名稱,可以先查詢出來:
[email protected]:~$ nova image-list +--------------------------------------+--------------+--------+--------+ | ID | Name | Status | Server | +--------------------------------------+--------------+--------+--------+ | e90f1aed-58f9-427e-ba24-c440c3dbc04e | cirros-0.3.3 | ACTIVE | | +--------------------------------------+--------------+--------+--------+ [email protected]:~$ nova net-list +--------------------------------------+-------------+------+ | ID | Label | CIDR | +--------------------------------------+-------------+------+ | 6fa7187f-18cc-46b2-afaa-7636c5acacbd | hadoop-vlan | None | | c3c63eab-2fcc-44fd-a4a4-0b46cba55377 | public-vlan | None | +--------------------------------------+-------------+------+ [email protected]:~$ nova boot --flavor 6 --image cirros-0.3.3 --nic net-id=6fa7187f-18cc-46b2-afaa-7636c5acacbd cirros-hadoop +--------------------------------------+-----------------------------------------------------+ | Property | Value | +--------------------------------------+-----------------------------------------------------+ | OS-DCF:diskConfig | MANUAL | | OS-EXT-AZ:availability_zone | nova | | OS-EXT-STS:power_state | 0 | | OS-EXT-STS:task_state | scheduling | | OS-EXT-STS:vm_state | building | | OS-SRV-USG:launched_at | - | | OS-SRV-USG:terminated_at | - | | accessIPv4 | | | accessIPv6 | | | adminPass | DCCc9MfyJWny | | config_drive | | | created