您的位置:首页 > 运维架构

Ubuntu12.04(LTS)+Openstack+ KVM

2013-12-12 14:25 288 查看
openstack控制节点:
MasterHostname硬盘内存CpuIp备注
Controllercontroller1T320G16192.168.5.55
Openstack计算节点:
nodeHostname
硬盘内存CpuIp备注
Compute1compute1
1T320G16192.168.5.56
Compute2compute21T320G16192.168.5.57

部署结构说明

Openstack-H版的搭建结构,参考官方网站的部署结构。采用一个控制节点,多个计算节点的部署结构。各个计算节点的网络资源由各自管理分配,形成单独的网络控制中心,大致的部署结构如下:




Openstack-H版部署结构

Openstack-H版实施步骤

1.1环境要求

Openstack-havana + Ubuntu12.04(LTS) + KVM

主机Ip配置:controller(控制节点):controller:eth2:192.168.1.55(要求能上网)
eth3:192.168.2.55(网段在目前测试环境定为2网段)-----生产环境根据实际情况调整
node(计算节点):compute1:eth2:192.168.1.56
compute2:eth2:192.168.1.57

主机名配置:
controller(控制节点):controller:/etc/hosts:192.168.1.55controller
192.168.1.56compute1

/etc/hostname:controller
node(计算节点):compute1:/etc/hosts:192.168.1.55controller
192.168.1.56compute1
/etc/hostname:compute1
compute2:/etc/hosts:192.168.1.55controller
192.168.1.57compute2
/etc/hostname:compute2

1.1安装前准备

安装openstack-havana版本之前有一些基础软件和操作需要在控制节点和计算节点上提前做操作,为下一步安装Havana相关组件做准备。
控制节点安装ntp、mysql(server)、Cloud Archive、rabbitmq-server1、apt-get install ntp安装完成后在/etc/cron.daily/ntpdate文件中添加如下内容:ntpdate controllerhwclock –w增加可执行权限:#chmod a+x/etc/cron.daily/ntpdate2、apt-get installpython-mysqldb mysql-server安装完成后在/etc/mysql/my.cnf文件中修改bind_address参数,具体如下:# Instead of skip-networking the default is nowto listen only on# localhost which is more compatible and is notless secure.bind-address = 0.0.0.0数据库安装配置完成后,如果想第一次启动数据库时情况数据库的话,需要执行如下命令:#mysql_secure_installation3、apt-get installpython-software-properties添加havana版本的Cloud Archive组件:add-apt-repositorycloud-archive:Havana更新并升级系统:apt-get update&& apt-get dist-upgrade完成后重启操作系统4、apt-get installrabbitmq-server修改一下密码:#rabbitmqctlchange_password guest NEW_PASS计算节点安装ntpmysql(client)Cloud Archive1、apt-get install ntp安装完成后在/etc/cron.daily/ntpdate文件中添加如下内容:ntpdate controllerhwclock –w增加可执行权限:#chmod a+x/etc/cron.daily/ntpdate2、apt-get installpython-mysqldb mysql-client控制节点就不需要安装mysql的服务器端了,也不需要启动mysql的服务,只要保证能够连接到控制节点的mysql数据库即可。3、apt-get installpython-software-properties添加havana版本的CloudArchive组件:add-apt-repository cloud-archive:Havana更新并升级系统:apt-get update&& apt-get dist-upgrade完成后重启操作系统以上准备工作都完成后,就可以开始安装havana版本的相关组件了。

1.1安装keystone及配置

Keystone(OpenStack Identity Service)是OpenStack框架中,负责身份验证、服务规则和服务令牌的功能,它实现了OpenStack的Identity API。Keystone类似一个服务总线,或者说是整个Openstack框架的注册表,其他服务通过keystone来注册其服务的Endpoint(服务访问的URL),任何服务之间相互的调用,需要经过Keystone的身份验证,来获得目标服务的Endpoint来找到目标服务。1、apt-get install keystone编辑/etc/keystone/keystone.conf文件,修改数据库连接:[sql]# The SQLAlchemy connection string used toconnect to the databaseconnection =mysql://keystone:KEYSTONE_DBPASS@controller/keystone2、创建数据库:# mysql -u root -pmysql> CREATEDATABASE keystone;mysql> GRANT ALLPRIVILEGES ON keystone.* TO 'keystone'@'localhost' \IDENTIFIED BY 'KEYSTONE_DBPASS';mysql> GRANT ALLPRIVILEGES ON keystone.* TO 'keystone'@'%' \IDENTIFIED BY 'KEYSTONE_DBPASS';3、初始化数据库:# keystone-managedb_sync# service keystonerestart4、创建验证token:# openssl rand -hex 10记录此命令执行后的产生的数字串,将此数字串写入到/etc/keystone/keystone.conf文件:[DEFAULT]# A "shared secret" between keystoneand other openstack servicesadmin_token = ADMIN_TOKEN5、重启kestone认证服务service keystonerestart6、定义用户、租户和角色,新增如下环境变量:# exportOS_SERVICE_TOKEN=FCAF3E...(刚刚记录的数字串)# exportOS_SERVICE_ENDPOINT=http://controller:35357/v2.07、创建租户# keystonetenant-create --name=admin --description="Admin Tenant"# keystonetenant-create --name=service --description="Service Tenant"8、创建用户# keystoneuser-create --name=admin --pass=ADMIN_PASS \--email=admin@example.com9、创建角色# keystone role-create--name=admin10、添加用户、租户和角色# keystone user-role-add--user=admin --tenant=admin --role=admin11、创建服务实体12、# keystone service-create --name=keystone--type=identity \--description="Keystone Identity Service"+-------------+----------------------------------+| Property | Value |+-------------+----------------------------------+| description | KeystoneIdentity Service || id |15c11a23667e427e91bc31335b45f4bd || name | keystone || type | identity |+-------------+----------------------------------+1、创建结束点# keystone endpoint-create \--service-id=the_service_id_above\--publicurl=http://controller:5000/v2.0\--internalurl=http://controller:5000/v2.0\--adminurl=http://controller:35357/v2.0+-------------+-----------------------------------+| Property | Value |+-------------+-----------------------------------+| adminurl |http://controller:35357/v2.0 || id |11f9c625a3b94a3f8e66bf4e5de2679f || internalurl |http://controller:5000/v2.0 || publicurl |http://controller:5000/v2.0 || region | regionOne || service_id |15c11a23667e427e91bc31335b45f4bd |+-------------+-----------------------------------+2、验证kestone服务安装# unset OS_SERVICE_TOKENOS_SERVICE_ENDPOINT# keystone --os-username=admin --os-password=ADMIN_PASS\--os-tenant-name=admin--os-auth-url=http://controller:35357/v2.0 token-get3、编辑kestone环境变量文件keystonerc,记得把之前添加的两个环境变量也加上:export OS_USERNAME=adminexport OS_PASSWORD=ADMIN_PASSexport OS_TENANT_NAME=adminexportOS_AUTH_URL=http://controller:35357/v2.0exportOS_SERVICE_TOKEN=FCAF3E...(刚刚记录的数字串)exportOS_SERVICE_ENDPOINT=http://controller:35357/v2.04、执行sourcekeystonercecho "sourcekeystonerc">>.bashrc写入环境变量5、验证环境变量设置成功#keystone token-get6、最后验证一下kestone用户、租户和角色是否添加成功# keystone user-list+----------------------------------+---------+--------------------+--------+| id | enabled | email |name |+----------------------------------+---------+--------------------+--------+ | a4c2d43f80a549a19864c89d759bb3fe | True |admin@example.com | admin

1.1安装glance及配置

Glance项目提供虚拟机镜像的发现,注册,取得服务。Glance提供restful API可以查询虚拟机镜像的metadata,并且可以获得镜像。通过Glance,虚拟机镜像可以被存储到多种存储上,比如简单的文件存储或者对象存储(比如OpenStack中swiftx项目)。1、apt-get install glance2、编辑/etc/glance/glance-api.conf/etc/glance/glance-registry.conf两个文件,修改数据库连接:[DEFAULT]...# SQLAlchemy connectionstring for the reference implementation# registry server. Any validSQLAlchemy connection string is fine.# See:http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_enginesql_connection =mysql://glance:GLANCE_DBPASS@localhost/glance3、默认的sqlite数据库文件在/var/lib/glance目录中,可以把glance.sqlite删除,以免数据库连接出错4、创建nova数据库# mysql -u root -pmysql> CREATE DATABASEglance;mysql> GRANT ALLPRIVILEGES ON glance.* TO 'glance'@'localhost' \IDENTIFIED BY'GLANCE_DBPASS';mysql> GRANT ALLPRIVILEGES ON glance.* TO 'glance'@'%' \IDENTIFIED BY 'GLANCE_DBPASS';5、初始化数据库# glance-manage db_sync6、创建认证用户并添加# keystone user-create--name=glance --pass=GLANCE_PASS \--email=glance@example.com# keystone user-role-add--user=glance --tenant=service --role=admin7、添加认证配置编辑/etc/glance/glance-api.conf/etc/glance/glanceregistry.conf修改[keystone_authtoken]这个区域内容如下:[keystone_authtoken]auth_host = controllerauth_port = 35357auth_protocol = httpadmin_tenant_name = serviceadmin_user = glanceadmin_password = GLANCE_PASS8、编辑/etc/glance/glance-apipaste.ini/etc/glance/glance-registry-paste.ini添加认证配置:[filter:authtoken]paste.filter_factory=keystoneclient.middleware.auth_token:filter_factoryauth_host=controlleradmin_user=glanceadmin_tenant_name=serviceadmin_password=GLANCE_PASS9、创建镜像服务# keystone service-create --name=glance--type=image \--description="GlanceImage Service"10、创建结束点# keystone endpoint-create \--service-id=the_service_id_above\--publicurl=http://controller:9292\--internalurl=http://controller:9292\--adminurl=http://controller:929211、重启glance相关服务# service glance-registryrestart# service glance-apirestart12、验证glance组件安装验证glance组件安装,使用一个轻量级的系统CirrOS来作为启动系统,具体步骤如下:# mkdir images# cd images/# curl -Ohttp://cdn.download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img13、创建镜像并上传# glance image-create--name="CirrOS 0.3.1" --disk-format=qcow2 \--container-format=bare--is-public=true < cirros-0.3.1-x86_64-disk.img+------------------+--------------------------------------+| Property | Value |+------------------+--------------------------------------+| checksum |d972013792949d0d3ba628fbe8685bce || container_format | bare || created_at |2013-10-08T18:59:18 || deleted | False || deleted_at | None || disk_format | qcow2 || id |acafc7c0-40aa-4026-9673-b879898e1fc2 || is_public | True || min_disk | 0 || min_ram | 0 || name | CirrOS 0.3.1 || owner |efa984b0a914450e9a47788ad330699d || protected | False || size | 13147648 || status | active || updated_at |2013-05-08T18:59:18 |+------------------+--------------------------------------+14、验证一下镜像上传是否成功# glance image-list+--------------------------------------+-----------------+-------------+------------------+----------+--------+| ID | Name | Disk Format |Container Format | Size |Status |+--------------------------------------+-----------------+-------------+------------------+----------+--------+|acafc7c0-40aa-4026-9673-b879898e1fc2 | CirrOS 0.3.1 | qcow2 |bare | 13147648 | active |+--------------------------------------+-----------------+-------------+------------------+----------+--------+

1.2安装nova及配置

此次安装过程中控制节点不安装nova-compute和nova-network服务,将这两个服务单独部署到计算节点上,控制节点只做控制用。具体杆状步骤如下:1、apt-get installnova-novncproxy novnc nova-api \nova-ajax-console-proxynova-cert nova-conductor \nova-consoleauthnova-doc nova-scheduler python-novaclient2、编辑/etc/nova/nova.conf文件,修改数据连接:...[database]# The SQLAlchemy connectionstring used to connect to the databaseconnection =mysql://nova:NOVA_DBPASS@controller/nova3、创建nova数据库# mysql -u root -pmysql> CREATE DATABASEnova;mysql> GRANT ALL PRIVILEGESON nova.* TO 'nova'@'localhost' \IDENTIFIED BY 'NOVA_DBPASS';mysql> GRANT ALLPRIVILEGES ON nova.* TO 'nova'@'%' \IDENTIFIED BY 'NOVA_DBPASS';4、初始化数据库# nova-manage db sync5、添加vnc地址,编辑/etc/nova/nova.conf...[DEFAULT]...my_ip=192.168.0.10vncserver_listen=192.168.0.10vncserver_proxyclient_address=192.168.0.106、创建nova用户#keystone user-create--name=nova --pass=NOVA_PASS --email=nova@example.com# keystone user-role-add--user=nova --tenant=service --role=admin7、设置nova认证方式,编辑/etc/nova/nova.conf文件:...[DEFAULT]...auth_strategy=keystone8、编辑nova-api认证方式,编辑文件/etc/nova/api-paste.ini:[filter:authtoken]paste.filter_factory =keystoneclient.middleware.auth_token:filter_factoryauth_host = controllerauth_port = 35357auth_protocol = httpadmin_tenant_name = serviceadmin_user = novaadmin_password = anxiang9、创建nova认证用户# keystone service-create--name=nova --type=compute \--description="NovaCompute Service"10、创建结束点# keystone endpoint-create \--service-id=the_service_id_above\--publicurl=http://controller:8774/v2/%\(tenant_id\)s\--internalurl=http://controller:8774/v2/%\(tenant_id\)s\--adminurl=http://controller:8774/v2/%\(tenant_id\)s11、编辑/etc/nova/nova.conf文件,添加消息服务器配置:rpc_backend =nova.rpc.impl_komburabbit_host = controller12、重启nova相关服务# service nova-api restart# service nova-cert restart# service nova-consoleauthrestart# service nova-schedulerrestart# service nova-conductorrestart# service nova-novncproxyrestart13、验证nova服务是否安装启动完成# nova image-list+--------------------------------------+-----------------+--------+--------+| ID | Name | Status |Server|+--------------------------------------+-----------------+--------+--------+|acafc7c0-40aa-4026-9673-b879898e1fc2 | CirrOS 0.3.1 | ACTIVE ||+--------------------------------------+-----------------+--------+--------+

1.3计算节点安装

此次安装由于部署结构的改变,计算节点的安装也相对比较简单。按照此次部署结构的安排规划,计算节点上只需启动nova-compute和nova-network这两个服务即可。当然在安装计算节点相关组件之前,要确保每台计算节点的主机执行了“安装前准备”中的计算节点准备部分。具体安装步骤如下:1、# apt-get installnova-compute-kvm python-guestfs当安装到supermin appliance时要选择Yes安装完成后执行# chmod 0644/boot/vmlinuz*2、删除sqlite数据库文件# rm/var/lib/nova/nova.sqlite3、从控制节点主机直接拷贝/etc/nova/nova.conf文件,只需修改vnc配置部分:[DEFAULT]...my_ip=192.168.0.11--------------计算节点IPvncserver_listen=0.0.0.0vncserver_proxyclient_address=192.168.0.11---------计算节点IP4、镜像主机配置/etc/nova/nova.conf[DEFAULT]...glance_host=controller5、同样从控制节点拷贝/etc/nova/api-paste.ini文件,不用修改,直接使用6、重启nova-compute服务,注意查看日志:# service nova-computerestart7、安装nova-network服务# apt-get installnova-network8、编辑/etc/nova/nova.conf文件,添加如下内容:[DEFAULT]...network_manager=nova.network.manager.FlatDHCPManagerfirewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDrivernetwork_size=254allow_same_net_traffic=Falsemulti_host=Truesend_arp_for_ha=Trueshare_dhcp_address=Trueforce_dhcp_release=Trueflat_network_bridge=br100flat_interface=eth3public_interface=eth2rabbit_host=controller9、重启nova-network服务# service nova-networkrestart10、从控制节点拷贝keystonerc文件,同样执行如下操作:#source keystonerc#echo "sourcekeystonerc">>.bashrc11、创建vmnet网络# nova network-createvmnet --fixed-range-v4=192.168.2.0/24 \--bridge-interface=br100--multi-host=T

1.启动镜像

上述操作已经将openstack-havana版本的控制节点和计算节点全部安装完成了,接下来通过命令行在计算节点上传一个镜像验证一下以上操作是否安装完成。
1、创建密钥#ssh-keygenGenerating public/private rsa key pair.Enter file in which to save the key(/root/.ssh/id_rsa): mykeyEnter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in mykey.Your public key has been saved in mykey.pub.The key fingerprint is:84:49:1f:00:1c:ad:a7:a4:aa:3c:f6:ed:ed:48:34:ceroot@controllerThe key's randomart image is:+--[ RSA 2048]----+|.o+o..||...+.||.oo||o..||o=S||. =.|| .E||oooo||+.o..+.o|+-----------------+最终会在当前路径下生成一个名为mykey.pub的密钥文件,然后执行nova keypair-add--pub_key mykey.pub mykey密钥添加成功2、检查密码是否添加成功# nova keypair-list+--------+-------------------------------------------------+| Name | Fingerprint|+--------+-------------------------------------------------+| mykey |b0:18:32:fa:4e:d4:3c:1b:c4:6c:dd:cb:53:29:13:82 |+--------+-------------------------------------------------+3、查看openstack模板执行:#nova flavor-list+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+| ID | Name | Memory_MB | Disk | Ephemeral | Swap| VCPUs |RXTX_Factor | Is_Public |+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+| 1 | m1.tiny | 512 | 1 | 0 | | 1 | 1.0| True || 2 | m1.small | 2048 | 20 | 0 | | 1 | 1.0| True || 3 | m1.medium | 4096 | 40 | 0 | | 2 | 1.0| True || 4 | m1.large | 8192 | 80 | 0 | | 4 | 1.0| True || 5 | m1.xlarge | 16384 | 160 | 0 | | 8 | 1.0| True |+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+4、查看可用镜像列表# nova image-list+--------------------------------------+--------------+--------+--------+| ID | Name | Status| Server |+--------------------------------------+--------------+--------+--------+|9e5c2bee-0373-414c-b4af-b91b0246ad3b | CirrOS 0.3.1 | ACTIVE | |+--------------------------------------+--------------+--------+--------+5、添加访问权限# novasecgroup-add-rule default tcp 22 22 0.0.0.0/0# novasecgroup-add-rule default icmp -1 -1 0.0.0.0/06、选择flavor 1或者2创建一个实例$ nova boot --flavor1 --key_name mykey --image 9e5c2bee-0373-414c-b4afb91b0246ad3b--security_groupdefault cirrOS+--------------------------------------+--------------------------------------+| Property | Value|+--------------------------------------+--------------------------------------+|OS-EXT-STS:task_state | scheduling|| image | CirrOS0.3.1||OS-EXT-STS:vm_state | building||OS-EXT-SRV-ATTR:instance_name | instance-00000001||OS-SRV-USG:launched_at | NoneBUILD|| updated |2013-10-10T06:47:26Z|| hostId |||OS-EXT-SRV-ATTR:host | None||OS-SRV-USG:terminated_at | None|| key_name | mykey||OS-EXT-SRV-ATTR:hypervisor_hostname | None|| name | cirrOS|| adminPass |DWCDW6FnsKNq|| tenant_id | e66d97ac1b704897853412fc8450f7b9|| created |2013-10-10T06:47:23Z||os-extended-volumes:volumes_attached | []|| metadata | {}|+--------------------------------------+--------------------------------------+7、实例创建完毕后,执行如下命令检查实例状态,正常的话应为active状态:$ nova list+--------------------------------------+-----------+--------+------------+-------------+----------------+| ID | Name | Status| Task State |Power State |Networks |+--------------------------------------+-----------+--------+------------+-------------+----------------+|dcc4a894-869b-479a-a24a-659eef7a54bd | cirrOS | ACTIVE | None |Running | vmnet=192.168.2.2|+--------------------------------------+-----------+--------+------------+-------------+----------------+8、执行# ssh cirros@192.168.2.2验证虚拟机实例创建成功,密码为:cubswin

2.安装dashboard

Openstack-havana版本的dashboard安装相对比较简单,不需要特殊的配置,只需要安装就可以使用,安装命令如下:
# apt-get install memcached libapache2-mod-wsgi openstack-dashboard安装完成后,打开火狐浏览器输入:http://192.168.1.55/horizon/
用户名:admin
密码:anxiang

内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签:  网络 主机 资源
相关文章推荐
新的分享
章节导航