CentOS6.4部署OpenStack Havana(Nova-Network版) (上)
2014-03-31 12:57
489 查看
一、环境和说明
1.测试环境
操作系统:
CentOS6.4_mini-x64.iso
OpenStack版本:
Havana Release 2013.2
2.部署架构
OpenStack+KVM的部署架构
3.拓扑
4.OpenStack介绍
OpenStack 是一个开源的 IaaS(基础设施及服务)云计算平台,让任何人都可以自行建立和提供云端运算服务。OpenStack 由一系列相互关联的项目提供云基础设施解决方案的各个组件,核心项目(9 个):
计算 (Compute) - Nova;
网络和地址管理 - Neutron;
对象存储 (Object) - Swift;
块存储 (Block) - Cinder;
身份 (Identity) - keystone;
镜像 (Image) - Glance;
UI 界面 (Dashboard) - Horizon;
测量 (Metering) - Ceilometer;
编配 (Orchestration) – Heat;
5.OpenStack各组件及其关系
6.主机分配:
主机名 IP(Static) 系统 配置 角色
openstack 192.168.10.21 CentOS-6.4-x86_64-minimal 4CPU,16G RAM,300G DISK,2网卡 管理节点/计算节点
node01 192.168.10.22 CentOS-6.4-x86_64-minimal 4CPU,16G RAM,300G DISK,2网卡 计算节点
二、管理节点安装(OpenStack)
1.基础配置
操作系统使用CentOS-6.4-x86_64-minimal.iso,安装过程省略,本文采用yum源安装。
(1).导入第三方安装源
[root@openstack ~]# rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
[root@openstack ~]# rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
[root@openstack ~]# yum install http://repos.fedorapeople.org/repos/openstack/openstack-havana/rdo-release-havana-7.noarch.rpm
(2).配置/etc/hosts文件
[root@openstack ~]# vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.10.21 openstack
192.168.10.22 node01
(3).配置网络
[root@openstack ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0"
BOOTPROTO="static"
HWADDR="E4:1F:13:45:AB:C8"
ONBOOT="yes"
IPADDR=192.168.10.21
NETMASK=255.255.255.0
GATEWAY=192.168.10.1
TYPE="Ethernet"
[root@openstack ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE="eth1"
BOOTPROTO="none"
HWADDR="E4:1F:13:45:AB:CA"
ONBOOT="yes"
TYPE="Ethernet"
(4).关闭selinux:
[root@openstack ~]# more /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
[root@openstack ~]# setenforce 0
(5).修改/etc/sysctl.conf参数:
[root@openstack ~]# vi /etc/sysctl.conf
……………………
net.ipv4.ip_forward = 1
……………………
[root@openstack ~]#sysctl -p #使sysctl.conf配置生效
2.安装配置NTP服务
(1).安装NTP服务:
[root@openstack ~]# yum -y install ntp
(2).配置NTP服务:
[root@openstack ~]# vi /etc/ntp.conf
driftfile /var/lib/ntp/drift
restrict default ignore
restrict 127.0.0.1
restrict 192.168.10.0 mask 255.255.255.0 nomodify notrap
server ntp.api.bz
server 127.127.1.0 # local clock
fudge 127.127.1.0 stratum 10
keys /etc/ntp/keys
(3).启动NTP服务,设置开机自启动:
[root@openstack ~]# service ntpd start
[root@openstack ~]# chkconfig ntpd on
3.配置安装MySQL:
(1).安装MySQL服务:
[root@openstack ~]# yum -y install mysql mysql-server MySQL-python
(2).修改MySQL配置文件:
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
bind-address = 0.0.0.0 #设置监听IP地址0.0.0.0
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
(3).启动MqSQL服务,设置开机自启动:
[root@openstack ~]# service mysqld start
[root@openstack ~]# chkconfig mysqld on
(4).修改MySQL密码为passwd:
[root@openstack ~]# mysqladmin -uroot password 'passwd'; history -c
4.安装配置qpid服务
(1).安装qpid服务:
[root@openstack ~]# yum -y install qpid-cpp-server memcached
(2).修改/etc/qpidd.conf配置文件,将auth设置为no:
[root@openstack ~]# vi/etc/qpidd.conf
……………………
auth=no
(3).启动qpid服务,设置开机启动:
[root@openstack ~]# service qpidd start
[root@openstack ~]# chkconfig qpidd on
(4).安装OpenStack工具包:
[root@openstack ~]# yuminstall -y openstack-utils
5.安装配置KeyStone
5.1.初始化KeyStone:
(1).安装KeyStone服务:
[root@openstack ~]# yum -y install openstack-keystone
(2).创建keystone数据库,修改配置文件中的数据库链接:
[root@openstack ~]# openstack-db --init --service keystone
(3).修改配置文件中的数据库链接:
[root@openstack ~]# openstack-config --set /etc/keystone/keystone.conf sql connection mysql://keystone:keystone@localhost/keystone
(4).使用openssl随即生成一个令牌,将其存储在配置文件中:
[root@openstack ~]# export SERVICE_TOKEN=$(openssl rand -hex 10) //随机生成SERVICE_TOKEN值,请牢记
[root@openstack ~]# export SERVICE_ENDPOINT=http://127.0.0.1:35357/v2.0
[root@openstack ~]# mkdir /root/config
[root@openstack ~]# echo $SERVICE_TOKEN > /root/config/ks_admin_token.txt
[root@openstack ~]# cat /root/config/ks_admin_token .txt
12dd70ede7c9d9d3ed3c
[root@openstack ~]# openstack-config --set /etc/keystone/keystone.conf DEFAULT admin_token $SERVICE_TOKEN
*注:将生成的SERVICE_TOKEN值写入文件中保存,以备后续使用,后面涉及到的SERVICE_TOKEN值都是在ks_admin_token.txt文件中获取的。所以一旦写入文件,不要再次运行命令生成SERVICE_TOKEN,否则前后不一致会为调试带来麻烦。
(5).默认情况下keysonte使用PKI令牌。创建签名密钥和证书:
[root@openstack ~]# keystone-manage pki_setup --keystone-user keystone --keystone-group keystone
[root@openstack ~]# chown -R keystone:keystone /etc/keystone/* /var/log/keystone/keystone.log
(6).启动keystone服务,设置开机自启动:
[root@openstack ~]# service openstack-keystone start
[root@openstack ~]# chkconfig openstack-keystone on
5.2.定义Users、Tenants and Roles
(1).修改.bash_profile文件,添加以下参数:
[root@openstack ~]# vi .bash_profile
………………
export OS_USERNAME=admin
export OS_TENANT_NAME=admin
export OS_PASSWORD=password
export OS_AUTH_URL=http://127.0.0.1:5000/v2.0
export SERVICE_ENDPOINT=http://127.0.0.1:35357/v2.0
export SERVICE_TOKEN=12dd70ede7c9d9d3ed3c
………………
执行下面的命令使变量即时生效:
[root@openstack ~]# source .bash_profile
(2).为管理员用户创建一个tenant,为openstack其他服务的用户创建一个tenant:
[root@openstack ~]# keystone tenant-create --name=admin --description='Admin Tenant'
[root@openstack ~]# keystone tenant-create --name=service --description='Service Tenant'
(3).创建一个管理员用户admin:
[root@openstack ~]# keystoneuser-create --name=admin --pass=password --email=keystone@chensh.net
(4).创建一个管理员角色admin:
[root@openstack ~]# keystone role-create --name=admin
(5).将角色添加到用户:
[root@openstack ~]# keystone user-role-add --user=admin --tenant=admin --role=admin
5.3.定义Services 和 API Endpoints
(1).为KeyStone创建一个服务:
[root@openstack ~]# keystoneservice-create --name=keystone --type=identity --description="KeystoneIdentity Service"
(2).使用服务ID创建一个endpoint:
[root@openstack ~]# vi /root/config/keystone.sh
#!/bin/bash
my_ip=192.168.10.21
service=$(keystone service-list | awk '/keystone/ {print $2}')
keystone endpoint-create --service-id=$service --publicurl=http://$my_ip:5000/v2.0 --internalurl=http://$my_ip:5000/v2.0 --adminurl=http://$my_ip:35357/v2.0
[root@openstack ~]# sh /root/config/keystone.sh
6.安装配置Glance
6.1.初始化Glance
(1).安装Glance服务:
[root@openstack ~]# yum -y install openstack-glance
(2).创建Glance数据库:
[root@openstack ~]# openstack-db --init --service glance
(3).修改配置文件中的数据库链接:
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT sql_connection mysql://glance:glance@localhost/glance
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf DEFAULT sql_connection mysql://glance:glance@localhost/glance
6.2.创建User,定义Services 和 API Endpoints
(1).为Glance服务创建一个glance用户:
[root@openstack ~]# keystone user-create --name=glance --pass=service --email=glance@chensh.net
[root@openstack ~]# keystone user-role-add --user=glance --tenant=service --role=admin
(2).为glance创建一个服务:
[root@openstack ~]# keystoneservice-create --name=glance --type=image --description="Glance ImageService"
(3).使用服务ID创建一个endpoint:
[root@openstack ~]# vi /root/config/glance.sh
#!/bin/bash
my_ip=192.168.10.21
service=$(keystone service-list | awk '/glance/ {print $2}')
keystone endpoint-create --service-id=$service --publicurl=http://$my_ip:9292 --internalurl=http://$my_ip:9292 --adminurl=http://$my_ip:9292
6.3.配置Glance服务
(1).将keystone认证信息添加到glance配置文件中:
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_host 127.0.0.1
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_port 35357
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_protocol http
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_tenant_name service
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_user glance
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_password service
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_host 127.0.0.1
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_port 35357
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_protocol http
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_tenant_name service
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_user glance
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_password service
[b](2).修改ini文件路径,将keystone认证信息添加到ini文件中:[/b]
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf paste_deploy config_file /etc/glance/glance-api-paste.ini
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf paste_deploy config_file /etc/glance/glance-registry-paste.ini
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone
[root@openstack ~]# cp /usr/share/glance/glance-api-dist-paste.ini /etc/glance/glance-api-paste.ini
[root@openstack ~]# cp /usr/share/glance/glance-registry-dist-paste.ini /etc/glance/glance-registry-paste.ini
[root@openstack ~]# chown -R root:glance /etc/glance/glance-api-paste.ini
[root@openstack ~]# chown -R root:glance /etc/glance/glance-registry-paste.ini
[root@openstack ~]# openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken auth_host 127.0.0.1
[root@openstack ~]# openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_tenant_name service
[root@openstack ~]# openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_user glance
[root@openstack ~]# openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_password service
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken auth_host 127.0.0.1
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_tenant_name service
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_user glance
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_password service
(3).修改镜像文件的存放路径(默认存放在/var/lib/glance目录下,若不需修改,此步骤可省略)
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT filesystem_store_datadir /openstack/lib/glance/images/
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT scrubber_datadir /openstack/lib/glance/scrubber
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT image_cache_dir /openstack/lib/glance/image-cache/
[root@openstack ~]# mkdir -p /openstack/lib
[root@openstack ~]# cp -r /var/lib/glance/ /openstack/lib/
[root@openstack ~]# chown -R glance:glance /openstack/lib/glance/
(4).启动glance服务,设置开机自启动
[root@openstack ~]# service openstack-glance-api start
[root@openstack ~]# service openstack-glance-registry start
[root@openstack ~]# chkconfig openstack-glance-api on
[root@openstack ~]# chkconfig openstack-glance-registry on
6.4.Glance测试
(1).上传镜像
[root@openstack ~]# glance image-create --name=centos6.4 --disk-format=qcow2 --container-format=ovf --is-public=true < /root/centos6.4-mini_x64.qcow2
+------------------+--------------------------------------+
| Property | Value |
+------------------+--------------------------------------+
| checksum | 4b16b4bcfd7f4fe7f0f2fdf8919048b4 |
| container_format | ovf |
| created_at | 2014-03-31T06:26:26 |
| deleted | False |
| deleted_at | None |
| disk_format | qcow2 |
| id | 45456157-9b46-4e40-8ee3-fbb2e40f227b |
| is_public | True |
| min_disk | 0 |
| min_ram | 0 |
| name | centos6.4 |
| owner | 446893f3733b4294a7080f3b0bf1ba61 |
| protected | False |
| size | 698023936 |
| status | active |
| updated_at | 2014-03-31T06:26:30 |
+------------------+--------------------------------------+
(2).查看镜像
[root@openstack ~]# glance image-list
+--------------------------------------+-----------+-------------+------------------+-----------+--------+
| ID | Name | Disk Format | Container Format | Size | Status |
+--------------------------------------+-----------+-------------+------------------+-----------+--------+
| 45456157-9b46-4e40-8ee3-fbb2e40f227b | centos6.4 | qcow2 | ovf | 698023936 | active |
+--------------------------------------+-----------+-------------+------------------+-----------+--------+
7.安装配置Nova
7.1.初始化Nova
(1).安装nova:
[root@openstack ~]# yum -y install openstack-nova
(2).创建nova数据库:
[root@openstack ~]# openstack-db --init --service nova
7.2.创建User,定义Services 和 API Endpoints
(1).编写脚本:
[root@openstack ~]# vi /root/config/nova-user.sh
#!/bin/sh
my_ip=192.168.10.21
keystone user-create --name=nova --pass=service --email=nova@example.com
keystone user-role-add --user=nova --tenant=service --role=admin
keystone service-create --name=nova --type=compute --description="Nova Compute Service"
service=$(keystone service-list | awk '/nova/ {print $2}')
keystone endpoint-create --service-id=$service --publicurl=http://$my_ip:8774/v2/%\(tenant_id\)s --internalurl=http://$my_ip:8774/v2/%\(tenant_id\)s --adminurl=http://$my_ip:8774/v2/%\(tenant_id\)s
(2).运行脚本,创建用户、服务及api endpoint:
[root@openstack ~]# sh /root/config/nova-user.sh
7.3.配置nova服务:
(1).修改/etc/nova.conf配置文件:
[root@openstack ~]# vi /etc/nova/nova.conf
[DEFAULT]
my_ip = 192.168.10.21
auth_strategy = keystone
state_path = /openstack/lib/nova
verbose=True
allow_resize_to_same_host = true
rpc_backend = nova.openstack.common.rpc.impl_qpid
qpid_hostname = 192.168.10.21
libvirt_type = kvm
glance_api_servers = 192.168.10.21:9292
novncproxy_base_url = http://192.168.10.21:6080/vnc_auto.html
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ip
vnc_enabled = true
vnc_keymap = en-us
network_manager = nova.network.manager.FlatDHCPManager
firewall_driver = nova.virt.firewall.NoopFirewallDriver
multi_host = True
flat_interface = eth1
flat_network_bridge = br1
public_interface = eth0
instance_usage_audit = True
instance_usage_audit_period = hour
notify_on_state_change = vm_and_task_state
notification_driver = nova.openstack.common.notifier.rpc_notifier
compute_scheduler_driver=nova.scheduler.simple.SimpleScheduler
[hyperv]
[zookeeper]
[osapi_v3]
[conductor]
[keymgr]
[cells]
[database]
[image_file_url]
[baremetal]
[rpc_notifier2]
[matchmaker_redis]
[ssl]
[trusted_computing]
[upgrade_levels]
[matchmaker_ring]
[vmware]
[spice]
[keystone_authtoken]
auth_host = 127.0.0.1
auth_port = 35357
auth_protocol = http
admin_user = nova
admin_tenant_name = service
admin_password = service
因上述配置文件中修改了instances实例存放的位置,还需要作一下操作:
修改instances路径,设置目录权限:
[root@openstack ~]# cp -r /var/lib/nova/ /openstack/lib/
[root@openstack ~]# chown -R nova:nova /openstack/lib/nova/
(2).配置libvirtd服务,删除virbr0
启动libvirt服务:
[root@openstack ~]# service libvirtd start
查看net-list,发现default:
[root@openstack ~]# virsh net-list
Name State Autostart Persistent
--------------------------------------------------
default active yes yes
删除default,即virbr0:
[root@openstack ~]# virsh net-destroy default
Network default destroyed
[root@openstack ~]# virsh net-undefine default
Network default has been undefined
重启libvirtd服务,设置开机自启动:
[root@openstack ~]# service libvirtd restart
[root@openstack ~]# chkconfig libvirtd on
(3).启动nova相关服务,设置开机自启动
[root@openstack ~]# service messagebus start
[root@openstack ~]# chkconfig messagebus on
启动nova服务,采用network网络服务:
[root@openstack ~]# service openstack-nova-api start
[root@openstack ~]# service openstack-nova-cert start
[root@openstack ~]# service openstack-nova-consoleauth start
[root@openstack ~]# service openstack-nova-scheduler start
[root@openstack ~]# service openstack-nova-conductor start
[root@openstack ~]# service openstack-nova-novncproxy start
[root@openstack ~]# service openstack-nova-compute start
[root@openstack ~]# service openstack-nova-network start
[root@openstack ~]# chkconfig openstack-nova-api on
[root@openstack ~]# chkconfig openstack-nova-cert on
[root@openstack ~]# chkconfig openstack-nova-consoleauth on
[root@openstack ~]# chkconfig openstack-nova-scheduler on
[root@openstack ~]# chkconfig openstack-nova-conductor on
[root@openstack ~]# chkconfig openstack-nova-novncproxy on
[root@openstack ~]# chkconfig openstack-nova-compute on
[root@openstack ~]# chkconfig openstack-nova-network on
CentOS6.4部署OpenStack Havana(Nova-Network版) (下)
*********************************************************************
1.测试环境
操作系统:
CentOS6.4_mini-x64.iso
OpenStack版本:
Havana Release 2013.2
2.部署架构
OpenStack+KVM的部署架构
3.拓扑
4.OpenStack介绍
OpenStack 是一个开源的 IaaS(基础设施及服务)云计算平台,让任何人都可以自行建立和提供云端运算服务。OpenStack 由一系列相互关联的项目提供云基础设施解决方案的各个组件,核心项目(9 个):
计算 (Compute) - Nova;
网络和地址管理 - Neutron;
对象存储 (Object) - Swift;
块存储 (Block) - Cinder;
身份 (Identity) - keystone;
镜像 (Image) - Glance;
UI 界面 (Dashboard) - Horizon;
测量 (Metering) - Ceilometer;
编配 (Orchestration) – Heat;
5.OpenStack各组件及其关系
6.主机分配:
主机名 IP(Static) 系统 配置 角色
openstack 192.168.10.21 CentOS-6.4-x86_64-minimal 4CPU,16G RAM,300G DISK,2网卡 管理节点/计算节点
node01 192.168.10.22 CentOS-6.4-x86_64-minimal 4CPU,16G RAM,300G DISK,2网卡 计算节点
二、管理节点安装(OpenStack)
1.基础配置
操作系统使用CentOS-6.4-x86_64-minimal.iso,安装过程省略,本文采用yum源安装。
(1).导入第三方安装源
[root@openstack ~]# rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
[root@openstack ~]# rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
[root@openstack ~]# yum install http://repos.fedorapeople.org/repos/openstack/openstack-havana/rdo-release-havana-7.noarch.rpm
(2).配置/etc/hosts文件
[root@openstack ~]# vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.10.21 openstack
192.168.10.22 node01
(3).配置网络
[root@openstack ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0"
BOOTPROTO="static"
HWADDR="E4:1F:13:45:AB:C8"
ONBOOT="yes"
IPADDR=192.168.10.21
NETMASK=255.255.255.0
GATEWAY=192.168.10.1
TYPE="Ethernet"
[root@openstack ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE="eth1"
BOOTPROTO="none"
HWADDR="E4:1F:13:45:AB:CA"
ONBOOT="yes"
TYPE="Ethernet"
(4).关闭selinux:
[root@openstack ~]# more /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
SELINUXTYPE=targeted
[root@openstack ~]# setenforce 0
(5).修改/etc/sysctl.conf参数:
[root@openstack ~]# vi /etc/sysctl.conf
……………………
net.ipv4.ip_forward = 1
……………………
[root@openstack ~]#sysctl -p #使sysctl.conf配置生效
2.安装配置NTP服务
(1).安装NTP服务:
[root@openstack ~]# yum -y install ntp
(2).配置NTP服务:
[root@openstack ~]# vi /etc/ntp.conf
driftfile /var/lib/ntp/drift
restrict default ignore
restrict 127.0.0.1
restrict 192.168.10.0 mask 255.255.255.0 nomodify notrap
server ntp.api.bz
server 127.127.1.0 # local clock
fudge 127.127.1.0 stratum 10
keys /etc/ntp/keys
(3).启动NTP服务,设置开机自启动:
[root@openstack ~]# service ntpd start
[root@openstack ~]# chkconfig ntpd on
3.配置安装MySQL:
(1).安装MySQL服务:
[root@openstack ~]# yum -y install mysql mysql-server MySQL-python
(2).修改MySQL配置文件:
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
bind-address = 0.0.0.0 #设置监听IP地址0.0.0.0
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
(3).启动MqSQL服务,设置开机自启动:
[root@openstack ~]# service mysqld start
[root@openstack ~]# chkconfig mysqld on
(4).修改MySQL密码为passwd:
[root@openstack ~]# mysqladmin -uroot password 'passwd'; history -c
4.安装配置qpid服务
(1).安装qpid服务:
[root@openstack ~]# yum -y install qpid-cpp-server memcached
(2).修改/etc/qpidd.conf配置文件,将auth设置为no:
[root@openstack ~]# vi/etc/qpidd.conf
……………………
auth=no
(3).启动qpid服务,设置开机启动:
[root@openstack ~]# service qpidd start
[root@openstack ~]# chkconfig qpidd on
(4).安装OpenStack工具包:
[root@openstack ~]# yuminstall -y openstack-utils
5.安装配置KeyStone
5.1.初始化KeyStone:
(1).安装KeyStone服务:
[root@openstack ~]# yum -y install openstack-keystone
(2).创建keystone数据库,修改配置文件中的数据库链接:
[root@openstack ~]# openstack-db --init --service keystone
(3).修改配置文件中的数据库链接:
[root@openstack ~]# openstack-config --set /etc/keystone/keystone.conf sql connection mysql://keystone:keystone@localhost/keystone
(4).使用openssl随即生成一个令牌,将其存储在配置文件中:
[root@openstack ~]# export SERVICE_TOKEN=$(openssl rand -hex 10) //随机生成SERVICE_TOKEN值,请牢记
[root@openstack ~]# export SERVICE_ENDPOINT=http://127.0.0.1:35357/v2.0
[root@openstack ~]# mkdir /root/config
[root@openstack ~]# echo $SERVICE_TOKEN > /root/config/ks_admin_token.txt
[root@openstack ~]# cat /root/config/ks_admin_token .txt
12dd70ede7c9d9d3ed3c
[root@openstack ~]# openstack-config --set /etc/keystone/keystone.conf DEFAULT admin_token $SERVICE_TOKEN
*注:将生成的SERVICE_TOKEN值写入文件中保存,以备后续使用,后面涉及到的SERVICE_TOKEN值都是在ks_admin_token.txt文件中获取的。所以一旦写入文件,不要再次运行命令生成SERVICE_TOKEN,否则前后不一致会为调试带来麻烦。
(5).默认情况下keysonte使用PKI令牌。创建签名密钥和证书:
[root@openstack ~]# keystone-manage pki_setup --keystone-user keystone --keystone-group keystone
[root@openstack ~]# chown -R keystone:keystone /etc/keystone/* /var/log/keystone/keystone.log
(6).启动keystone服务,设置开机自启动:
[root@openstack ~]# service openstack-keystone start
[root@openstack ~]# chkconfig openstack-keystone on
5.2.定义Users、Tenants and Roles
(1).修改.bash_profile文件,添加以下参数:
[root@openstack ~]# vi .bash_profile
………………
export OS_USERNAME=admin
export OS_TENANT_NAME=admin
export OS_PASSWORD=password
export OS_AUTH_URL=http://127.0.0.1:5000/v2.0
export SERVICE_ENDPOINT=http://127.0.0.1:35357/v2.0
export SERVICE_TOKEN=12dd70ede7c9d9d3ed3c
………………
执行下面的命令使变量即时生效:
[root@openstack ~]# source .bash_profile
(2).为管理员用户创建一个tenant,为openstack其他服务的用户创建一个tenant:
[root@openstack ~]# keystone tenant-create --name=admin --description='Admin Tenant'
[root@openstack ~]# keystone tenant-create --name=service --description='Service Tenant'
(3).创建一个管理员用户admin:
[root@openstack ~]# keystoneuser-create --name=admin --pass=password --email=keystone@chensh.net
(4).创建一个管理员角色admin:
[root@openstack ~]# keystone role-create --name=admin
(5).将角色添加到用户:
[root@openstack ~]# keystone user-role-add --user=admin --tenant=admin --role=admin
5.3.定义Services 和 API Endpoints
(1).为KeyStone创建一个服务:
[root@openstack ~]# keystoneservice-create --name=keystone --type=identity --description="KeystoneIdentity Service"
(2).使用服务ID创建一个endpoint:
[root@openstack ~]# vi /root/config/keystone.sh
#!/bin/bash
my_ip=192.168.10.21
service=$(keystone service-list | awk '/keystone/ {print $2}')
keystone endpoint-create --service-id=$service --publicurl=http://$my_ip:5000/v2.0 --internalurl=http://$my_ip:5000/v2.0 --adminurl=http://$my_ip:35357/v2.0
[root@openstack ~]# sh /root/config/keystone.sh
6.安装配置Glance
6.1.初始化Glance
(1).安装Glance服务:
[root@openstack ~]# yum -y install openstack-glance
(2).创建Glance数据库:
[root@openstack ~]# openstack-db --init --service glance
(3).修改配置文件中的数据库链接:
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT sql_connection mysql://glance:glance@localhost/glance
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf DEFAULT sql_connection mysql://glance:glance@localhost/glance
6.2.创建User,定义Services 和 API Endpoints
(1).为Glance服务创建一个glance用户:
[root@openstack ~]# keystone user-create --name=glance --pass=service --email=glance@chensh.net
[root@openstack ~]# keystone user-role-add --user=glance --tenant=service --role=admin
(2).为glance创建一个服务:
[root@openstack ~]# keystoneservice-create --name=glance --type=image --description="Glance ImageService"
(3).使用服务ID创建一个endpoint:
[root@openstack ~]# vi /root/config/glance.sh
#!/bin/bash
my_ip=192.168.10.21
service=$(keystone service-list | awk '/glance/ {print $2}')
keystone endpoint-create --service-id=$service --publicurl=http://$my_ip:9292 --internalurl=http://$my_ip:9292 --adminurl=http://$my_ip:9292
6.3.配置Glance服务
(1).将keystone认证信息添加到glance配置文件中:
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_host 127.0.0.1
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_port 35357
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_protocol http
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_tenant_name service
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_user glance
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_password service
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_host 127.0.0.1
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_port 35357
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_protocol http
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_tenant_name service
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_user glance
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_password service
[b](2).修改ini文件路径,将keystone认证信息添加到ini文件中:[/b]
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf paste_deploy config_file /etc/glance/glance-api-paste.ini
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf paste_deploy config_file /etc/glance/glance-registry-paste.ini
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone
[root@openstack ~]# cp /usr/share/glance/glance-api-dist-paste.ini /etc/glance/glance-api-paste.ini
[root@openstack ~]# cp /usr/share/glance/glance-registry-dist-paste.ini /etc/glance/glance-registry-paste.ini
[root@openstack ~]# chown -R root:glance /etc/glance/glance-api-paste.ini
[root@openstack ~]# chown -R root:glance /etc/glance/glance-registry-paste.ini
[root@openstack ~]# openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken auth_host 127.0.0.1
[root@openstack ~]# openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_tenant_name service
[root@openstack ~]# openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_user glance
[root@openstack ~]# openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_password service
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken auth_host 127.0.0.1
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_tenant_name service
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_user glance
[root@openstack ~]# openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_password service
(3).修改镜像文件的存放路径(默认存放在/var/lib/glance目录下,若不需修改,此步骤可省略)
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT filesystem_store_datadir /openstack/lib/glance/images/
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT scrubber_datadir /openstack/lib/glance/scrubber
[root@openstack ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT image_cache_dir /openstack/lib/glance/image-cache/
[root@openstack ~]# mkdir -p /openstack/lib
[root@openstack ~]# cp -r /var/lib/glance/ /openstack/lib/
[root@openstack ~]# chown -R glance:glance /openstack/lib/glance/
(4).启动glance服务,设置开机自启动
[root@openstack ~]# service openstack-glance-api start
[root@openstack ~]# service openstack-glance-registry start
[root@openstack ~]# chkconfig openstack-glance-api on
[root@openstack ~]# chkconfig openstack-glance-registry on
6.4.Glance测试
(1).上传镜像
[root@openstack ~]# glance image-create --name=centos6.4 --disk-format=qcow2 --container-format=ovf --is-public=true < /root/centos6.4-mini_x64.qcow2
+------------------+--------------------------------------+
| Property | Value |
+------------------+--------------------------------------+
| checksum | 4b16b4bcfd7f4fe7f0f2fdf8919048b4 |
| container_format | ovf |
| created_at | 2014-03-31T06:26:26 |
| deleted | False |
| deleted_at | None |
| disk_format | qcow2 |
| id | 45456157-9b46-4e40-8ee3-fbb2e40f227b |
| is_public | True |
| min_disk | 0 |
| min_ram | 0 |
| name | centos6.4 |
| owner | 446893f3733b4294a7080f3b0bf1ba61 |
| protected | False |
| size | 698023936 |
| status | active |
| updated_at | 2014-03-31T06:26:30 |
+------------------+--------------------------------------+
(2).查看镜像
[root@openstack ~]# glance image-list
+--------------------------------------+-----------+-------------+------------------+-----------+--------+
| ID | Name | Disk Format | Container Format | Size | Status |
+--------------------------------------+-----------+-------------+------------------+-----------+--------+
| 45456157-9b46-4e40-8ee3-fbb2e40f227b | centos6.4 | qcow2 | ovf | 698023936 | active |
+--------------------------------------+-----------+-------------+------------------+-----------+--------+
7.安装配置Nova
7.1.初始化Nova
(1).安装nova:
[root@openstack ~]# yum -y install openstack-nova
(2).创建nova数据库:
[root@openstack ~]# openstack-db --init --service nova
7.2.创建User,定义Services 和 API Endpoints
(1).编写脚本:
[root@openstack ~]# vi /root/config/nova-user.sh
#!/bin/sh
my_ip=192.168.10.21
keystone user-create --name=nova --pass=service --email=nova@example.com
keystone user-role-add --user=nova --tenant=service --role=admin
keystone service-create --name=nova --type=compute --description="Nova Compute Service"
service=$(keystone service-list | awk '/nova/ {print $2}')
keystone endpoint-create --service-id=$service --publicurl=http://$my_ip:8774/v2/%\(tenant_id\)s --internalurl=http://$my_ip:8774/v2/%\(tenant_id\)s --adminurl=http://$my_ip:8774/v2/%\(tenant_id\)s
(2).运行脚本,创建用户、服务及api endpoint:
[root@openstack ~]# sh /root/config/nova-user.sh
7.3.配置nova服务:
(1).修改/etc/nova.conf配置文件:
[root@openstack ~]# vi /etc/nova/nova.conf
[DEFAULT]
my_ip = 192.168.10.21
auth_strategy = keystone
state_path = /openstack/lib/nova
verbose=True
allow_resize_to_same_host = true
rpc_backend = nova.openstack.common.rpc.impl_qpid
qpid_hostname = 192.168.10.21
libvirt_type = kvm
glance_api_servers = 192.168.10.21:9292
novncproxy_base_url = http://192.168.10.21:6080/vnc_auto.html
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ip
vnc_enabled = true
vnc_keymap = en-us
network_manager = nova.network.manager.FlatDHCPManager
firewall_driver = nova.virt.firewall.NoopFirewallDriver
multi_host = True
flat_interface = eth1
flat_network_bridge = br1
public_interface = eth0
instance_usage_audit = True
instance_usage_audit_period = hour
notify_on_state_change = vm_and_task_state
notification_driver = nova.openstack.common.notifier.rpc_notifier
compute_scheduler_driver=nova.scheduler.simple.SimpleScheduler
[hyperv]
[zookeeper]
[osapi_v3]
[conductor]
[keymgr]
[cells]
[database]
[image_file_url]
[baremetal]
[rpc_notifier2]
[matchmaker_redis]
[ssl]
[trusted_computing]
[upgrade_levels]
[matchmaker_ring]
[vmware]
[spice]
[keystone_authtoken]
auth_host = 127.0.0.1
auth_port = 35357
auth_protocol = http
admin_user = nova
admin_tenant_name = service
admin_password = service
因上述配置文件中修改了instances实例存放的位置,还需要作一下操作:
修改instances路径,设置目录权限:
[root@openstack ~]# cp -r /var/lib/nova/ /openstack/lib/
[root@openstack ~]# chown -R nova:nova /openstack/lib/nova/
(2).配置libvirtd服务,删除virbr0
启动libvirt服务:
[root@openstack ~]# service libvirtd start
查看net-list,发现default:
[root@openstack ~]# virsh net-list
Name State Autostart Persistent
--------------------------------------------------
default active yes yes
删除default,即virbr0:
[root@openstack ~]# virsh net-destroy default
Network default destroyed
[root@openstack ~]# virsh net-undefine default
Network default has been undefined
重启libvirtd服务,设置开机自启动:
[root@openstack ~]# service libvirtd restart
[root@openstack ~]# chkconfig libvirtd on
(3).启动nova相关服务,设置开机自启动
[root@openstack ~]# service messagebus start
[root@openstack ~]# chkconfig messagebus on
启动nova服务,采用network网络服务:
[root@openstack ~]# service openstack-nova-api start
[root@openstack ~]# service openstack-nova-cert start
[root@openstack ~]# service openstack-nova-consoleauth start
[root@openstack ~]# service openstack-nova-scheduler start
[root@openstack ~]# service openstack-nova-conductor start
[root@openstack ~]# service openstack-nova-novncproxy start
[root@openstack ~]# service openstack-nova-compute start
[root@openstack ~]# service openstack-nova-network start
[root@openstack ~]# chkconfig openstack-nova-api on
[root@openstack ~]# chkconfig openstack-nova-cert on
[root@openstack ~]# chkconfig openstack-nova-consoleauth on
[root@openstack ~]# chkconfig openstack-nova-scheduler on
[root@openstack ~]# chkconfig openstack-nova-conductor on
[root@openstack ~]# chkconfig openstack-nova-novncproxy on
[root@openstack ~]# chkconfig openstack-nova-compute on
[root@openstack ~]# chkconfig openstack-nova-network on
CentOS6.4部署OpenStack Havana(Nova-Network版) (下)
*********************************************************************
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- CentOS6.4部署OpenStack Havana(Nova-Network版) (下)
- CentOS6.4部署OpenStack Havana(Nova-Network版)
- CentOS6.6部署OpenStack Havana(Nova-Network版)
- CentOS6.6部署OpenStack Havana(Nova-Network版)
- CentOS 6.4 Openstack Havana 多节点安装(OVS+GRE)swfit+cinder LVM
- 《4》CentOS7.0+OpenStack+kvm云平台部署—配置Nova
- CentOS 7部署OpenStack(4)―部署Nova控制节点
- CentOS 7部署OpenStack(5)―部署Nova计算节点
- Centos6.4部署Openstack Grizzly
- Centos6.4部署OpenStack
- CentOS 7部署OpenStack(5)―部署Nova计算节点
- 《4》CentOS7.0+OpenStack+kvm云平台部署—配置Nova
- CENTOS 6.4 安装 Openstack havana (ovs+gre) 多节点 双网卡
- 【OpenStack-havana】之单网卡-All In One 安装(基于CentOS6.4)
- CentOS 6.4下安装部署OpenStack云计算平台的方法
- OpenStack入门之【OpenStack-havana】之单网卡-All In One 安装(基于CentOS6.4)
- CentOS 7部署OpenStack(4)―部署Nova控制节点
- Centos6.4部署OpenStack
- centos7 OpenStack 一键自动部署
- OpenStack(kilo版本)计算服务Nova的安装部署