云计算基础架构平台IAAS搭建 推荐
2014-07-10 23:26
537 查看
Iaas云基础平台搭建分别安装两台最小化的centos 6.5系统。要求配置双网卡,打开虚拟化。
安装系统
安装过程
正在安装包
在安装的过程中,将计算机名分别改为controller和compute
设置controller的eth0为10.0.0.10 255.0.0.0 10.0.0.1
Controler 的eth1 为 192.168.0.10 255.255.255.0 192.168.0.1
Compute的eth0 为10.0.0.11 255.0.0.0 10.0.0.1
Compute 的eth1为192.168.0.11 255.255.255.0 192.168.0.1
做计算机名解析
测试控制节点和计算节点直接的通信
将centos 光盘里的内容复制到/opt 目录下,此外还要复制脚本script和repo images,我们可以使用工具传输
接下来将传输过来的光盘里面的文件,制作一个本地yum源,然后搭建一个ftp服务,用于后期我们的计算节点和控制节点之间的文件传输。删除/etc/yum.repos.d/ 下原有的yum 仓库。新建一个base的base.repo文件切换到/opt/centos 6.5/Packages 目录下,手动安装createrepo-0.9.9-18.el6.noarch.rpm 包[root@controller Packages]# rpm -ivh createrepo-0.9.9-18.el6.noarch.rpm warning: createrepo-0.9.9-18.el6.noarch.rpm: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEYerror: Failed dependencies:libxml2-python is needed by createrepo-0.9.9-18.el6.noarchpython-deltarpm is needed by createrepo-0.9.9-18.el6.noarch 根据提示,我们需要安装它的依赖包,所以要手动安装依赖包[root@controller Packages]# rpm -ivh libxml2-python-2.7.6-14.el6.x86_64.rpm warning: libxml2-python-2.7.6-14.el6.x86_64.rpm: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEYPreparing... ########################################### [100%] 1:libxml2-python ########################################### [100%][root@controller Packages]# rpm -ivh python-deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm warning: python-deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID c105b9de: NOKEYerror: Failed dependencies:deltarpm = 3.5-0.5.20090913git.el6 is needed by python-deltarpm-3.5-0.5.20090913git.el6.x86_64[root@controller Packages]# rpm -ivh deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm warning: deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID c105b9de: NOKEYPreparing... ########################################### [100%] 1:deltarpm ########################################### [100%][root@controller Packages]# rpm -ivh python-deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm warning: python-deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID c105b9de: NOKEYPreparing... ########################################### [100%] 1:python-deltarpm ########################################### [100%][root@controller Packages]# rpm -ivh createrepo-0.9.9-18.el6.noarch.rpm warning: createrepo-0.9.9-18.el6.noarch.rpm: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEYPreparing... ########################################### [100%] 1:createrepo ########################################### [100%][root@controller Packages]# 到此为止,我们已经安装好了依赖包。 执行命令[root@controller Packages]# createrepo -v /opt/centos链接库文件
库文件链接过程 Saving Primary metadataSaving file lists metadataSaving other metadataGenerating sqlite DBsStarting other db creation: Thu Jul 10 23:55:11 2014Ending other db creation: Thu Jul 10 23:55:13 2014Starting filelists db creation: Thu Jul 10 23:55:14 2014Ending filelists db creation: Thu Jul 10 23:55:21 2014Starting primary db creation: Thu Jul 10 23:55:21 2014Ending primary db creation: Thu Jul 10 23:55:26 2014Sqlite DBs complete 库文件链接完成。 配置base.repo内容如下:[base]name=centosbaseurl=file:///opt/centos/enabled=1gpgcheck=0 这样本地yum就配好了,安装vsftpd 服务,在编辑vsftpd.conf 配置文件,在末尾加入anon_root=/opt[root@controller yum.repos.d]# yum install vsftpd -y
重启服务,设置开机启动。这里还要修改一下base.repo文件,改成从ftp 获取,如下如
因为计算机点还要从控制节点获包。 接下来就开始配置另外几个yum仓库了。所有的仓库配置文件可以参考下面的文件:[root@controller yum.repos.d]# cat *.repo[base]name=centosbaseurl=ftp://10.0.0.10/centos/enabled=1gpgcheck=0[centos]name=centosbaseurl=ftp://10.0.0.10/repo/centos6.5/enabled=1gpgcheck=0[epel]name=epelbaseurl=ftp://10.0.0.10/repo/epel6/mirrors.hustunique.com/epel/6/x86_64/enabled=1gpgcheck=0[foreman]name=foremanbaseurl=ftp://10.0.0.10/repo/foreman/yum.theforeman.org/release/1.3/el6/x86_64/enabled=1gpgcheck=0[openstack]name=openstackbaseurl=ftp://10.0.0.10/repo/openstack-havana/enabled=1gpgcheck=0[puppetlabs]name=puppetlabsbaseurl=ftp://10.0.0.10/repo/puppetlabs/yum.puppetlabs.com/el/6/products/x86_64/enabled=1gpgcheck=0 编辑openrc.sh 设置环境变量export OS_USERNAME=adminexport OS_PASSWORD=secreteexport OS_TENANT_NAME=adminexport OS_AUTH_URL=http://controller:35357/v2.0export HOST_IP=10.0.0.10export HOST_EXT_IP=192.168.1.10export FIX_RANGE=192.168.1.129/25export IMAGES_DIR=/var/lig/glance/imagesexport FTP_IMAGES_URL=ftp://10.0.0.10/imagesexport IMAGE_NAME_LINUX=centos-6.5-20140117.0x86_64.qcow2export LINUX_IMAGE_LABEL=centosexport LINUX_IAMGE_FILE_FORMAT=qcow2export KEYSTONE_DBPASS=keystoneexport DB_PASS=openstackexport ADMIN_PASS=secreteexport GLANCE_DBPASS=glanceexport GLANCE_PASS=serviceexport NOVA_DBPASS=novaexport NOVA_PASS=serviceexport DASH_DBPASS=serviceexport CINDER_DBPASS=serviceexport CINDER_PASS=serviceexport DEMO_PASS=demoexport MAIL_ADMIN_ADDR=admin@example.comexport MAIL_DEMO_ADDR=demo@example.comexport MAIL_GLANCE_ADDR=admin@example.comexport MAIL_NOVA_ADDR=admin@example.com 配置完成后追加至/root/.bash_profile中[root@controller script]# cat openrc.sh > /root/.bash_profile 执行 source /root/.bash_profile 生效[root@controller script]# source /root/.bash_profile [root@controller script]# echo $DB_PASSOpenstack查看是否生效 接下啦安装ntp时钟服务,我们可以调用写好的脚本文件首先我们看一下,有哪些脚本文件[root@controller script]# lltotal 100-rw-r--r--. 1 root root 16320 Apr 3 17:49 dnsmasq-utils-2.48-13.el6.x86_64.rpm-rw-r--r--. 1 root root 2496 Apr 3 08:05 iaas-config-glance.sh-rw-r--r--. 1 root root 1070 Apr 3 17:18 iaas-config-node.sh-rw-r--r--. 1 root root 2127 Apr 3 08:58 iaas-config-nova.sh-rw-r--r--. 1 root root 359 Apr 3 07:58 iaas-config-stone.sh-rw-r--r--. 1 root root 138 Apr 3 09:06 iaas-create-network.sh-rw-r--r--. 1 root root 1088 Apr 3 07:43 iaas-define-stone.sh-rw-r--r--. 1 root root 195 Apr 3 07:55 iaas-install-db.sh-rw-r--r--. 1 root root 342 Apr 3 08:03 iaas-install-glance.sh-rw-r--r--. 1 root root 2183 Apr 3 17:20 iaas-install-node.sh-rw-r--r--. 1 root root 288 Apr 3 08:42 iaas-install-nova.sh-rw-r--r--. 1 root root 242 Apr 3 07:39 iaas-install-stone.sh-rw-r--r--. 1 root root 284 Apr 3 07:28 iaas-pre-controller.sh-rw-r--r--. 1 root root 363 Apr 3 16:42 iaas-pre-node.sh-rw-r--r--. 1 root root 245 Apr 3 08:40 iaas-verify-glance.sh-rw-r--r--. 1 root root 16 Apr 3 08:59 iaas-verify-nova.sh-rw-r--r--. 1 root root 278 Apr 3 07:47 iaas-verify-stone.sh-rw-r--r--. 1 root root 394 Apr 3 18:08 noderc.sh-rw-r--r--. 1 root root 886 Jul 11 01:03 openrc.sh-rw-r--r--. 1 root root 101 Apr 3 08:02 source-rw-r--r--. 1 root root 101 Apr 3 08:02 sourcecon-rw-r--r--. 1 root root 139 Apr 3 16:39 sourcenode 首先执行脚本iaas-pre-controller.sh 看一下脚本内容:[root@controller script]# cat iaas-pre-controller.sh yum install -y ntpservice ntpd restartchkconfig ntpd onyum install -y qpid-cpp-server memcachedservice qpidd restartchkconfig qpidd onyum install -y openstack-utilsyum install -y openstack-selinuxsed -i '/^SELINUX=/s/enforcing/permissive/g' /etc/selinux/configyum -y upgrade 执行脚本[root@controller script]# sh iaas-pre-controller.sh 成功的标志Updated: ca-certificates.noarch 0:2013.1.95-65.1.el6_5 centos-release.x86_64 0:6-5.el6.centos.11.2 coreutils.x86_64 0:8.4-31.el6_5.1 coreutils-libs.x86_64 0:8.4-31.el6_5.1 dracut.noarch 0:004-336.el6_5.2 dracut-kernel.noarch 0:004-336.el6_5.2 ethtool.x86_64 2:3.5-1.2.el6_5 glib2.x86_64 0:2.26.1-7.el6_5 grep.x86_64 0:2.6.3-4.el6_5.1 initscripts.x86_64 0:9.03.40-2.el6.centos.1 iproute.x86_64 0:2.6.32-130.el6ost.netns.2 kernel-firmware.noarch 0:2.6.32-431.11.2.el6 mysql-libs.x86_64 0:5.1.73-3.el6_5 nspr.x86_64 0:4.10.2-1.el6_5 nss.x86_64 0:3.15.3-6.el6_5 nss-sysinit.x86_64 0:3.15.3-6.el6_5 nss-tools.x86_64 0:3.15.3-6.el6_5 nss-util.x86_64 0:3.15.3-1.el6_5 openldap.x86_64 0:2.4.23-34.el6_5.1 openssl.x86_64 0:1.0.1e-16.el6_5.4 p11-kit.x86_64 0:0.18.5-2.el6_5.2 p11-kit-trust.x86_64 0:0.18.5-2.el6_5.2 postfix.x86_64 2:2.6.6-6.el6_5 psmisc.x86_64 0:22.6-19.el6_5 python.x86_64 0:2.6.6-52.el6 python-libs.x86_64 0:2.6.6-52.el6 selinux-policy.noarch 0:3.7.19-231.el6_5.1 selinux-policy-targeted.noarch 0:3.7.19-231.el6_5.1 tzdata.noarch 0:2014b-1.el6 upstart.x86_64 0:0.6.5-13.el6_5.3 yum.noarch 0:3.2.29-43.el6.centos yum-plugin-fastestmirror.noarch 0:1.1.30-17.el6_5 Complete! 接下来手动重启 这时候你会发现一个问题,/etc/yum.repo 下又多了几个文件,这是升级内核导致的,所以要将多余的.repo文件删除 第二步就是安装数据库服务端执行脚本iaas-install-db.sh 脚本内容:yum install -y mysql mysql-server MySQL-pythonsed -i "/^symbolic-links/a\bind-address=$HOST_IP" /etc/my.cnfservice mysqld restartchkconfig mysqld onmysql_install_dbmysql_secure_installation 安装过程中会提示Enter current password for root (enter for none): //直接回车Set root password? [Y/n]New password: Re-enter new password: 这里的密码是openrc.sh 中的DB_PASS中的参数Remove anonymous users? [Y/n] yDisallow root login remotely? [Y/n] nRemove test database and access to it? [Y/n] yReload privilege tables now? [Y/n] y 接下来就是身份服务安装与配置 执行脚本iaas-install-stone.sh 脚本内容:yum install -y openstack-keystone python-keystoneclientopenstack-config --set /etc/keystone/keystone.conf sql connection mysql://keystone:$KEYSTONE_DBPASS@$HOSTNAME/keystoneopenstack-db --init --service keystone --password $KEYSTONE_DBPASS 提示输入密码,级前面输的密码Please enter the password for the 'root' MySQL user: 配置身份服务,执行脚本 iaas-config-stone.sh脚本内容:ADMIN_TOKEN=$(openssl rand -hex 10) echo $ADMIN_TOKENopenstack-config --set /etc/keystone/keystone.conf DEFAULT admin_token $ADMIN_TOKENkeystone-manage pki_setup --keystone-user keystone --keystone-group keystonechown -R keystone:keystone /etc/keystone/* /var/log/keystone/keystone.log service openstack-keystone restart chkconfig openstack-keystone on 结果:
接下来定义身份用户执行脚本: iaas-define-stone.sh 脚本内容:export ADMIN_TOKEN=`openstack-config --get /etc/keystone/keystone.conf DEFAULT admin_token`export OS_SERVICE_TOKEN=$ADMIN_TOKENexport OS_SERVICE_ENDPOINT=http://$HOSTNAME:35357/v2.0 keystone user-create --name=admin --pass=$ADMIN_PASS --email=$MAIL_ADMIN_ADDR keystone role-create --name=admin keystone tenant-create --name=admin --description="Admin Tenant" keystone user-role-add --user=admin --tenant=admin --role=admin keystone user-role-add --user=admin --role=_member_ --tenant=admin keystone user-create --name=demo --pass=$DEMO_PASS --email=$MAIL_DEMO_ADDR keystone tenant-create --name=demo --description="Demo Tenant" keystone user-role-add --user=demo --role=_member_ --tenant=demo keystone tenant-create --name=service --description="Service Tenant" keystone service-create --name=keystone --type=identity --description="OpenStack Identity Service" keystone endpoint-create --service-id=$(keystone service-list | awk '/ identity / {print $2}') --publicurl=http://$HOSTNAME:5000/v2.0 --internalurl=http://$HOSTNAME:5000/v2.0 --adminurl=http://$HOSTNAME:35357/v2.0 结果:
接下来验证身份服务执行脚本:iaas-verify-stone.sh 脚本内容:keystone --os-username=admin --os-password=$ADMIN_PASS --os-auth-url=http://$HOSTNAME:35357/v2.0 token-get keystone --os-username=admin --os-password=$ADMIN_PASS --os-tenant-name=admin --os-auth-url=http://$HOSTNAME:35357/v2.0 token-get keystone token-getkeystone user-list 结果:
glance 服务安装于配置安装glance服务执行安装脚本:iaas-install-glance.sh 脚本内容:yum install -y openstack-glanceopenstack-config --set /etc/glance/glance-api.conf DEFAULT sql_connection mysql://glance:$GLANCE_DBPASS@$HOSTNAME/glanceopenstack-config --set /etc/glance/glance-registry.conf DEFAULT sql_connection mysql://glance:$GLANCE_DBPASS@$HOSTNAME/glanceopenstack-db --init --service glance --password $GLANCE_DBPASS 提示输密码:Please enter the password for the 'root' MySQL user: 成功的标志:
接下来配置glance服务 执行脚本:iaas-config-glance.sh 脚本内容:keystone user-create --name=glance --pass=$GLANCE_PASS --email=$MAIL_GLANCE_ADDRkeystone user-role-add --user=glance --tenant=service --role=adminopenstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_uri http://$HOSTNAME:5000openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_host $HOSTNAMEopenstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_tenant_name serviceopenstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_user glanceopenstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_password $GLANCE_PASSopenstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystoneopenstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_uri http://$HOSTNAME:5000openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_host $HOSTNAMEopenstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_tenant_name serviceopenstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_user glancecp /usr/share/glance/glance-api-dist-paste.ini /etc/glance/glance-api-paste.inicp /usr/share/glance/glance-registry-dist-paste.ini /etc/glance/glance-registry-paste.iniopenstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken auth_host $HOSTNAMEopenstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_password $GLANCE_PASSopenstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_user glanceopenstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_tenant_name serviceopenstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken auth_host $HOSTNAMEopenstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_password $GLANCE_PASSopenstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_user glanceopenstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_tenant_name service keystone service-create --name=glance --type=image --description="Glance Image Service" keystone endpoint-create --service-id=$(keystone service-list | awk '/ image / {print $2}') --publicurl=http://controller:9292 --internalurl=http://controller:9292 --adminurl=http://controller:9292service openstack-glance-api restartservice openstack-glance-registry restart chkconfig openstack-glance-api on chkconfig openstack-glance-registry on 结果:
验证glance服务执行脚本: iaas-verify-glance.sh 脚本内容:yum install -y wgetwget ftp://10.0.0.120/images/centos-6.5-20140117.0.x86_64.qcow2glance image-create --name=CentOS-6.5-x86_64 --disk-format=qcow2 --container-format=bare --is-public=true < centos-6.5-20140117.0.x86_64.qcow2glance image-list 结果:
由于还没有上传镜像,所以提示没有
接下来就是安装nova计算服务。不过在安装之前先要手动安装dnsmasq-utils-2.48-13.el6.x86_64.rpm 包 执行脚本:iaas-install-nova.sh 脚本内容:yum install -y openstack-nova python-novaclientopenstack-config --set /etc/nova/nova.conf database connection mysql://nova:$NOVA_DBPASS@$HOSTNAME/nova openstack-config --set /etc/nova/nova.conf DEFAULT qpid_hostname $HOSTNAME openstack-db --init --service nova --password $NOVA_DBPASS 结果,要输入密码
计算服务配置执行脚本:iaas-config-nova.sh 脚本内容:keystone user-create --name=nova --pass=$NOVA_PASS --email=$MAIL_NOVA_ADDR openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_host $HOSTNAME openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_protocol http openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_port 35357 openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_user nova openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_tenant_name service openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_password $NOVA_PASSopenstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_host $HOSTNAME openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_port 35357 openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_protocol http openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_uri $OS_AUTH_URL openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_tenant_name service openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_user nova openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_password $NOVA_PASSkeystone user-role-add --user=nova --tenant=service --role=adminkeystone service-create --name=nova --type=compute --description="Nova Compute service" keystone endpoint-create --service-id=$(keystone service-list | awk '/ compute / {print $2}') --publicurl=http://$HOSTNAME:8774/v2/%\(tenant_id\)s --internalurl=http://$HOSTNAME:8774/v2/%\(tenant_id\)s --adminurl=http://$HOSTNAME:8774/v2/%\(tenant_id\)s service openstack-nova-api restart service openstack-nova-cert restart service openstack-nova-consoleauth restart service openstack-nova-scheduler restart service openstack-nova-conductor restart service openstack-nova-novncproxy restart chkconfig openstack-nova-api on chkconfig openstack-nova-cert on chkconfig openstack-nova-consoleauth onchkconfig openstack-nova-scheduler on chkconfig openstack-nova-conductor on chkconfig openstack-nova-novncproxy on 结果:
验证nova的配置:执行脚本:iaas-verify-nova.sh 脚本内容:nova image-list 因为没有上传镜像,所以现在无法验证。等到后面,可以手动上传镜像。 接下来进入计算节点,配置计算节点的yum 客户端。参考如下[root@compute ~]# cd /etc/yum.repos.d/ ;cat *.repo[base]name=centosbaseurl=ftp://10.0.0.10/centos/enabled=1gpgcheck=0[centos]name=centosbaseurl=ftp://10.0.0.10/repo/centos6.5/enabled=1gpgcheck=0[epel]name=epelbaseurl=ftp://10.0.0.10/repo/epel6/mirrors.hustunique.com/epel/6/x86_64/enabled=1gpgcheck=0[foreman]name=foremanbaseurl=ftp://10.0.0.10/repo/foreman/yum.theforeman.org/release/1.3/el6/x86_64/enabled=1gpgcheck=0[openstack]name=openstackbaseurl=ftp://10.0.0.10/repo/openstack-havana/enabled=1gpgcheck=0[puppetlabs]name=puppetlabsbaseurl=ftp://10.0.0.10/repo/puppetlabs/yum.puppetlabs.com/el/6/products/x86_64/enabled=1gpgcheck=0 接下来编辑noderc.sh 文件export HOSTNAME_CONT=controllerexport NOVA_DBPASS=novaexport NOVA_PASS=serviceexport HOST_IP_NODE1=10.0.0.11export EXTERNAL_NIC=eth0export FIX_RANGE=192.168.1.129/25export OS_USERNAME=adminexport OS_TENANT_NAME=adminexport OS_PASSWORD=secreteexport OS_AUTH_URL=http://10.0.0.10:5000/v2.0export SERVICE_ENDPOINT=http://10.0.0.10:35357/v2.0export SERVICE_TOKEN=87dbbbe96a346d6bcf31 保存并将文件追加至/root/.bash_profile [root@compute script]# cat noderc.sh > /root/.bash_profile 生效[root@compute script]# source /root/.bash_profile 查看一下[root@compute script]# echo $OS_PASSWORDSecrete可以看到已经生效 接下来执行预安装脚本执行脚本:iaas-pre-node.sh 脚本内容:service NetworkManager stopservice network startchkconfig NetworkManager offchkconfig network onservice firewalld stopservice iptables startchkconfig firewalld offchkconfig iptables onyum install -y ntpservice ntpd restartchkconfig ntpd onyum install -y mysql MySQL-pythonyum install -y openstack-utilsyum install -y openstack-selinuxyum -y upgrade 成功标志:
手动重启服务器 也要注意删除多余的.repo文件 接下来安装计算节点服务执行脚本:iaas-install-node.sh 脚本内容:yum install -y openstack-nova-computeopenstack-config --set /etc/nova/nova.conf database connection mysql://nova:$NOVA_DBPASS@$HOSTNAME_CONT/nova openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_host $HOSTNAME_CONT openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_protocol http openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_port 35357 openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_user nova openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_tenant_name service openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_password $NOVA_PASS openstack-config --set /etc/nova/nova.conf DEFAULT rpc_backend nova.openstack.common.rpc.impl_qpid openstack-config --set /etc/nova/nova.conf DEFAULT qpid_hostname $HOSTNAME_CONT openstack-config --set /etc/nova/nova.conf DEFAULT my_ip $HOST_IP_NODE1 openstack-config --set /etc/nova/nova.conf DEFAULT vnc_enabled True openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_listen 0.0.0.0openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_proxyclient_address $HOST_IP_NODE1 openstack-config --set /etc/nova/nova.conf DEFAULT novncproxy_base_url http://$HOSTNAME_CONT:6080/vnc_auto.html openstack-config --set /etc/nova/nova.conf DEFAULT glance_host $HOSTNAME_CONTopenstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_host $HOSTNAME_CONT openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_port 35357 openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_protocol http openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_tenant_name service openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_user nova openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_password $NOVA_PASS service libvirtd restart service messagebus restart chkconfig libvirtd on chkconfig messagebus on service openstack-nova-compute startchkconfig openstack-nova-compute on yum install -y openstack-nova-networkyum install -y openstack-nova-api 在此之前,要先安装dnsmasq-utils-2.48-13.el6.x86_64.rpm 之后再执行脚本 结果:
接下来就是配置计算节点服务执行脚本:iaas-config-node.sh 脚本内容:openstack-config --set /etc/nova/nova.conf DEFAULT network_manager nova.network.manager.FlatDHCPManager openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.libvirt.firewall.IptablesFirewallDriver openstack-config --set /etc/nova/nova.conf DEFAULT network_size 254 openstack-config --set /etc/nova/nova.conf DEFAULT allow_same_net_traffic False openstack-config --set /etc/nova/nova.conf DEFAULT multi_host True openstack-config --set /etc/nova/nova.conf DEFAULT send_arp_for_ha True openstack-config --set /etc/nova/nova.conf DEFAULT share_dhcp_address True openstack-config --set /etc/nova/nova.conf DEFAULT force_dhcp_release True openstack-config --set /etc/nova/nova.conf DEFAULT flat_interface $EXTERNAL_NIC openstack-config --set /etc/nova/nova.conf DEFAULT flat_network_bridge br100openstack-config --set /etc/nova/nova.conf DEFAULT public_interface $EXTERNAL_NIC service openstack-nova-metadata-api restart chkconfig openstack-nova-metadata-api onservice openstack-nova-network restart chkconfig openstack-nova-network on 结果:
接下来我们要回到控制节点创建网络 执行脚本; iaas-create-network.sh 脚本内容:yum install -y bridge-utilsecho fix_range=$FIX_RANGEnova network-create vmnet --fixed-range-v4=$FIX_RANGE --bridge=br100 --multi-host=T 接下来安装dashboard web前端控制台执行命令:yum install -y memcached python-memcached mod_wsgi openstack-dashboard 编辑/etc/openstack-dashboard/local_settingsCACHES = { 'default': { 'BACKEND' : 'django.core.cache.backends.memcached.MemcachedCache', 'LOCATION' : '127.0.0.1:11211', }}打开注释。修改ALLOWED_HOSTS = ['horizon.example.com', 'localhost']为ALLOWED_HOSTS = ['10.0.0.10', 'localhost'] 修改127.0.0.1为controller OPENSTACK_HOST = "127.0.0.1" OPENSTACK_HOST = "controller" 重启httpd 服务 memcached 服务 并设置开机启动 到此为止,云平台基础架构服务平台搭建告一段落,接下来就可以用浏览器访问了。地址为:http://10.0.0.1/dashboard界面如下:
用户名为nova 密码为service 登陆后界面如下:
自己就可以创建云主机类型并启动云主机了。
安装系统
安装过程
正在安装包
在安装的过程中,将计算机名分别改为controller和compute
设置controller的eth0为10.0.0.10 255.0.0.0 10.0.0.1
Controler 的eth1 为 192.168.0.10 255.255.255.0 192.168.0.1
Compute的eth0 为10.0.0.11 255.0.0.0 10.0.0.1
Compute 的eth1为192.168.0.11 255.255.255.0 192.168.0.1
做计算机名解析
测试控制节点和计算节点直接的通信
将centos 光盘里的内容复制到/opt 目录下,此外还要复制脚本script和repo images,我们可以使用工具传输
接下来将传输过来的光盘里面的文件,制作一个本地yum源,然后搭建一个ftp服务,用于后期我们的计算节点和控制节点之间的文件传输。删除/etc/yum.repos.d/ 下原有的yum 仓库。新建一个base的base.repo文件切换到/opt/centos 6.5/Packages 目录下,手动安装createrepo-0.9.9-18.el6.noarch.rpm 包[root@controller Packages]# rpm -ivh createrepo-0.9.9-18.el6.noarch.rpm warning: createrepo-0.9.9-18.el6.noarch.rpm: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEYerror: Failed dependencies:libxml2-python is needed by createrepo-0.9.9-18.el6.noarchpython-deltarpm is needed by createrepo-0.9.9-18.el6.noarch 根据提示,我们需要安装它的依赖包,所以要手动安装依赖包[root@controller Packages]# rpm -ivh libxml2-python-2.7.6-14.el6.x86_64.rpm warning: libxml2-python-2.7.6-14.el6.x86_64.rpm: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEYPreparing... ########################################### [100%] 1:libxml2-python ########################################### [100%][root@controller Packages]# rpm -ivh python-deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm warning: python-deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID c105b9de: NOKEYerror: Failed dependencies:deltarpm = 3.5-0.5.20090913git.el6 is needed by python-deltarpm-3.5-0.5.20090913git.el6.x86_64[root@controller Packages]# rpm -ivh deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm warning: deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID c105b9de: NOKEYPreparing... ########################################### [100%] 1:deltarpm ########################################### [100%][root@controller Packages]# rpm -ivh python-deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm warning: python-deltarpm-3.5-0.5.20090913git.el6.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID c105b9de: NOKEYPreparing... ########################################### [100%] 1:python-deltarpm ########################################### [100%][root@controller Packages]# rpm -ivh createrepo-0.9.9-18.el6.noarch.rpm warning: createrepo-0.9.9-18.el6.noarch.rpm: Header V3 RSA/SHA1 Signature, key ID c105b9de: NOKEYPreparing... ########################################### [100%] 1:createrepo ########################################### [100%][root@controller Packages]# 到此为止,我们已经安装好了依赖包。 执行命令[root@controller Packages]# createrepo -v /opt/centos链接库文件
库文件链接过程 Saving Primary metadataSaving file lists metadataSaving other metadataGenerating sqlite DBsStarting other db creation: Thu Jul 10 23:55:11 2014Ending other db creation: Thu Jul 10 23:55:13 2014Starting filelists db creation: Thu Jul 10 23:55:14 2014Ending filelists db creation: Thu Jul 10 23:55:21 2014Starting primary db creation: Thu Jul 10 23:55:21 2014Ending primary db creation: Thu Jul 10 23:55:26 2014Sqlite DBs complete 库文件链接完成。 配置base.repo内容如下:[base]name=centosbaseurl=file:///opt/centos/enabled=1gpgcheck=0 这样本地yum就配好了,安装vsftpd 服务,在编辑vsftpd.conf 配置文件,在末尾加入anon_root=/opt[root@controller yum.repos.d]# yum install vsftpd -y
重启服务,设置开机启动。这里还要修改一下base.repo文件,改成从ftp 获取,如下如
因为计算机点还要从控制节点获包。 接下来就开始配置另外几个yum仓库了。所有的仓库配置文件可以参考下面的文件:[root@controller yum.repos.d]# cat *.repo[base]name=centosbaseurl=ftp://10.0.0.10/centos/enabled=1gpgcheck=0[centos]name=centosbaseurl=ftp://10.0.0.10/repo/centos6.5/enabled=1gpgcheck=0[epel]name=epelbaseurl=ftp://10.0.0.10/repo/epel6/mirrors.hustunique.com/epel/6/x86_64/enabled=1gpgcheck=0[foreman]name=foremanbaseurl=ftp://10.0.0.10/repo/foreman/yum.theforeman.org/release/1.3/el6/x86_64/enabled=1gpgcheck=0[openstack]name=openstackbaseurl=ftp://10.0.0.10/repo/openstack-havana/enabled=1gpgcheck=0[puppetlabs]name=puppetlabsbaseurl=ftp://10.0.0.10/repo/puppetlabs/yum.puppetlabs.com/el/6/products/x86_64/enabled=1gpgcheck=0 编辑openrc.sh 设置环境变量export OS_USERNAME=adminexport OS_PASSWORD=secreteexport OS_TENANT_NAME=adminexport OS_AUTH_URL=http://controller:35357/v2.0export HOST_IP=10.0.0.10export HOST_EXT_IP=192.168.1.10export FIX_RANGE=192.168.1.129/25export IMAGES_DIR=/var/lig/glance/imagesexport FTP_IMAGES_URL=ftp://10.0.0.10/imagesexport IMAGE_NAME_LINUX=centos-6.5-20140117.0x86_64.qcow2export LINUX_IMAGE_LABEL=centosexport LINUX_IAMGE_FILE_FORMAT=qcow2export KEYSTONE_DBPASS=keystoneexport DB_PASS=openstackexport ADMIN_PASS=secreteexport GLANCE_DBPASS=glanceexport GLANCE_PASS=serviceexport NOVA_DBPASS=novaexport NOVA_PASS=serviceexport DASH_DBPASS=serviceexport CINDER_DBPASS=serviceexport CINDER_PASS=serviceexport DEMO_PASS=demoexport MAIL_ADMIN_ADDR=admin@example.comexport MAIL_DEMO_ADDR=demo@example.comexport MAIL_GLANCE_ADDR=admin@example.comexport MAIL_NOVA_ADDR=admin@example.com 配置完成后追加至/root/.bash_profile中[root@controller script]# cat openrc.sh > /root/.bash_profile 执行 source /root/.bash_profile 生效[root@controller script]# source /root/.bash_profile [root@controller script]# echo $DB_PASSOpenstack查看是否生效 接下啦安装ntp时钟服务,我们可以调用写好的脚本文件首先我们看一下,有哪些脚本文件[root@controller script]# lltotal 100-rw-r--r--. 1 root root 16320 Apr 3 17:49 dnsmasq-utils-2.48-13.el6.x86_64.rpm-rw-r--r--. 1 root root 2496 Apr 3 08:05 iaas-config-glance.sh-rw-r--r--. 1 root root 1070 Apr 3 17:18 iaas-config-node.sh-rw-r--r--. 1 root root 2127 Apr 3 08:58 iaas-config-nova.sh-rw-r--r--. 1 root root 359 Apr 3 07:58 iaas-config-stone.sh-rw-r--r--. 1 root root 138 Apr 3 09:06 iaas-create-network.sh-rw-r--r--. 1 root root 1088 Apr 3 07:43 iaas-define-stone.sh-rw-r--r--. 1 root root 195 Apr 3 07:55 iaas-install-db.sh-rw-r--r--. 1 root root 342 Apr 3 08:03 iaas-install-glance.sh-rw-r--r--. 1 root root 2183 Apr 3 17:20 iaas-install-node.sh-rw-r--r--. 1 root root 288 Apr 3 08:42 iaas-install-nova.sh-rw-r--r--. 1 root root 242 Apr 3 07:39 iaas-install-stone.sh-rw-r--r--. 1 root root 284 Apr 3 07:28 iaas-pre-controller.sh-rw-r--r--. 1 root root 363 Apr 3 16:42 iaas-pre-node.sh-rw-r--r--. 1 root root 245 Apr 3 08:40 iaas-verify-glance.sh-rw-r--r--. 1 root root 16 Apr 3 08:59 iaas-verify-nova.sh-rw-r--r--. 1 root root 278 Apr 3 07:47 iaas-verify-stone.sh-rw-r--r--. 1 root root 394 Apr 3 18:08 noderc.sh-rw-r--r--. 1 root root 886 Jul 11 01:03 openrc.sh-rw-r--r--. 1 root root 101 Apr 3 08:02 source-rw-r--r--. 1 root root 101 Apr 3 08:02 sourcecon-rw-r--r--. 1 root root 139 Apr 3 16:39 sourcenode 首先执行脚本iaas-pre-controller.sh 看一下脚本内容:[root@controller script]# cat iaas-pre-controller.sh yum install -y ntpservice ntpd restartchkconfig ntpd onyum install -y qpid-cpp-server memcachedservice qpidd restartchkconfig qpidd onyum install -y openstack-utilsyum install -y openstack-selinuxsed -i '/^SELINUX=/s/enforcing/permissive/g' /etc/selinux/configyum -y upgrade 执行脚本[root@controller script]# sh iaas-pre-controller.sh 成功的标志Updated: ca-certificates.noarch 0:2013.1.95-65.1.el6_5 centos-release.x86_64 0:6-5.el6.centos.11.2 coreutils.x86_64 0:8.4-31.el6_5.1 coreutils-libs.x86_64 0:8.4-31.el6_5.1 dracut.noarch 0:004-336.el6_5.2 dracut-kernel.noarch 0:004-336.el6_5.2 ethtool.x86_64 2:3.5-1.2.el6_5 glib2.x86_64 0:2.26.1-7.el6_5 grep.x86_64 0:2.6.3-4.el6_5.1 initscripts.x86_64 0:9.03.40-2.el6.centos.1 iproute.x86_64 0:2.6.32-130.el6ost.netns.2 kernel-firmware.noarch 0:2.6.32-431.11.2.el6 mysql-libs.x86_64 0:5.1.73-3.el6_5 nspr.x86_64 0:4.10.2-1.el6_5 nss.x86_64 0:3.15.3-6.el6_5 nss-sysinit.x86_64 0:3.15.3-6.el6_5 nss-tools.x86_64 0:3.15.3-6.el6_5 nss-util.x86_64 0:3.15.3-1.el6_5 openldap.x86_64 0:2.4.23-34.el6_5.1 openssl.x86_64 0:1.0.1e-16.el6_5.4 p11-kit.x86_64 0:0.18.5-2.el6_5.2 p11-kit-trust.x86_64 0:0.18.5-2.el6_5.2 postfix.x86_64 2:2.6.6-6.el6_5 psmisc.x86_64 0:22.6-19.el6_5 python.x86_64 0:2.6.6-52.el6 python-libs.x86_64 0:2.6.6-52.el6 selinux-policy.noarch 0:3.7.19-231.el6_5.1 selinux-policy-targeted.noarch 0:3.7.19-231.el6_5.1 tzdata.noarch 0:2014b-1.el6 upstart.x86_64 0:0.6.5-13.el6_5.3 yum.noarch 0:3.2.29-43.el6.centos yum-plugin-fastestmirror.noarch 0:1.1.30-17.el6_5 Complete! 接下来手动重启 这时候你会发现一个问题,/etc/yum.repo 下又多了几个文件,这是升级内核导致的,所以要将多余的.repo文件删除 第二步就是安装数据库服务端执行脚本iaas-install-db.sh 脚本内容:yum install -y mysql mysql-server MySQL-pythonsed -i "/^symbolic-links/a\bind-address=$HOST_IP" /etc/my.cnfservice mysqld restartchkconfig mysqld onmysql_install_dbmysql_secure_installation 安装过程中会提示Enter current password for root (enter for none): //直接回车Set root password? [Y/n]New password: Re-enter new password: 这里的密码是openrc.sh 中的DB_PASS中的参数Remove anonymous users? [Y/n] yDisallow root login remotely? [Y/n] nRemove test database and access to it? [Y/n] yReload privilege tables now? [Y/n] y 接下来就是身份服务安装与配置 执行脚本iaas-install-stone.sh 脚本内容:yum install -y openstack-keystone python-keystoneclientopenstack-config --set /etc/keystone/keystone.conf sql connection mysql://keystone:$KEYSTONE_DBPASS@$HOSTNAME/keystoneopenstack-db --init --service keystone --password $KEYSTONE_DBPASS 提示输入密码,级前面输的密码Please enter the password for the 'root' MySQL user: 配置身份服务,执行脚本 iaas-config-stone.sh脚本内容:ADMIN_TOKEN=$(openssl rand -hex 10) echo $ADMIN_TOKENopenstack-config --set /etc/keystone/keystone.conf DEFAULT admin_token $ADMIN_TOKENkeystone-manage pki_setup --keystone-user keystone --keystone-group keystonechown -R keystone:keystone /etc/keystone/* /var/log/keystone/keystone.log service openstack-keystone restart chkconfig openstack-keystone on 结果:
接下来定义身份用户执行脚本: iaas-define-stone.sh 脚本内容:export ADMIN_TOKEN=`openstack-config --get /etc/keystone/keystone.conf DEFAULT admin_token`export OS_SERVICE_TOKEN=$ADMIN_TOKENexport OS_SERVICE_ENDPOINT=http://$HOSTNAME:35357/v2.0 keystone user-create --name=admin --pass=$ADMIN_PASS --email=$MAIL_ADMIN_ADDR keystone role-create --name=admin keystone tenant-create --name=admin --description="Admin Tenant" keystone user-role-add --user=admin --tenant=admin --role=admin keystone user-role-add --user=admin --role=_member_ --tenant=admin keystone user-create --name=demo --pass=$DEMO_PASS --email=$MAIL_DEMO_ADDR keystone tenant-create --name=demo --description="Demo Tenant" keystone user-role-add --user=demo --role=_member_ --tenant=demo keystone tenant-create --name=service --description="Service Tenant" keystone service-create --name=keystone --type=identity --description="OpenStack Identity Service" keystone endpoint-create --service-id=$(keystone service-list | awk '/ identity / {print $2}') --publicurl=http://$HOSTNAME:5000/v2.0 --internalurl=http://$HOSTNAME:5000/v2.0 --adminurl=http://$HOSTNAME:35357/v2.0 结果:
接下来验证身份服务执行脚本:iaas-verify-stone.sh 脚本内容:keystone --os-username=admin --os-password=$ADMIN_PASS --os-auth-url=http://$HOSTNAME:35357/v2.0 token-get keystone --os-username=admin --os-password=$ADMIN_PASS --os-tenant-name=admin --os-auth-url=http://$HOSTNAME:35357/v2.0 token-get keystone token-getkeystone user-list 结果:
glance 服务安装于配置安装glance服务执行安装脚本:iaas-install-glance.sh 脚本内容:yum install -y openstack-glanceopenstack-config --set /etc/glance/glance-api.conf DEFAULT sql_connection mysql://glance:$GLANCE_DBPASS@$HOSTNAME/glanceopenstack-config --set /etc/glance/glance-registry.conf DEFAULT sql_connection mysql://glance:$GLANCE_DBPASS@$HOSTNAME/glanceopenstack-db --init --service glance --password $GLANCE_DBPASS 提示输密码:Please enter the password for the 'root' MySQL user: 成功的标志:
接下来配置glance服务 执行脚本:iaas-config-glance.sh 脚本内容:keystone user-create --name=glance --pass=$GLANCE_PASS --email=$MAIL_GLANCE_ADDRkeystone user-role-add --user=glance --tenant=service --role=adminopenstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_uri http://$HOSTNAME:5000openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_host $HOSTNAMEopenstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_tenant_name serviceopenstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_user glanceopenstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_password $GLANCE_PASSopenstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystoneopenstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_uri http://$HOSTNAME:5000openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_host $HOSTNAMEopenstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_tenant_name serviceopenstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_user glancecp /usr/share/glance/glance-api-dist-paste.ini /etc/glance/glance-api-paste.inicp /usr/share/glance/glance-registry-dist-paste.ini /etc/glance/glance-registry-paste.iniopenstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken auth_host $HOSTNAMEopenstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_password $GLANCE_PASSopenstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_user glanceopenstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_tenant_name serviceopenstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken auth_host $HOSTNAMEopenstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_password $GLANCE_PASSopenstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_user glanceopenstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_tenant_name service keystone service-create --name=glance --type=image --description="Glance Image Service" keystone endpoint-create --service-id=$(keystone service-list | awk '/ image / {print $2}') --publicurl=http://controller:9292 --internalurl=http://controller:9292 --adminurl=http://controller:9292service openstack-glance-api restartservice openstack-glance-registry restart chkconfig openstack-glance-api on chkconfig openstack-glance-registry on 结果:
验证glance服务执行脚本: iaas-verify-glance.sh 脚本内容:yum install -y wgetwget ftp://10.0.0.120/images/centos-6.5-20140117.0.x86_64.qcow2glance image-create --name=CentOS-6.5-x86_64 --disk-format=qcow2 --container-format=bare --is-public=true < centos-6.5-20140117.0.x86_64.qcow2glance image-list 结果:
由于还没有上传镜像,所以提示没有
接下来就是安装nova计算服务。不过在安装之前先要手动安装dnsmasq-utils-2.48-13.el6.x86_64.rpm 包 执行脚本:iaas-install-nova.sh 脚本内容:yum install -y openstack-nova python-novaclientopenstack-config --set /etc/nova/nova.conf database connection mysql://nova:$NOVA_DBPASS@$HOSTNAME/nova openstack-config --set /etc/nova/nova.conf DEFAULT qpid_hostname $HOSTNAME openstack-db --init --service nova --password $NOVA_DBPASS 结果,要输入密码
计算服务配置执行脚本:iaas-config-nova.sh 脚本内容:keystone user-create --name=nova --pass=$NOVA_PASS --email=$MAIL_NOVA_ADDR openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_host $HOSTNAME openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_protocol http openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_port 35357 openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_user nova openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_tenant_name service openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_password $NOVA_PASSopenstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_host $HOSTNAME openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_port 35357 openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_protocol http openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_uri $OS_AUTH_URL openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_tenant_name service openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_user nova openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_password $NOVA_PASSkeystone user-role-add --user=nova --tenant=service --role=adminkeystone service-create --name=nova --type=compute --description="Nova Compute service" keystone endpoint-create --service-id=$(keystone service-list | awk '/ compute / {print $2}') --publicurl=http://$HOSTNAME:8774/v2/%\(tenant_id\)s --internalurl=http://$HOSTNAME:8774/v2/%\(tenant_id\)s --adminurl=http://$HOSTNAME:8774/v2/%\(tenant_id\)s service openstack-nova-api restart service openstack-nova-cert restart service openstack-nova-consoleauth restart service openstack-nova-scheduler restart service openstack-nova-conductor restart service openstack-nova-novncproxy restart chkconfig openstack-nova-api on chkconfig openstack-nova-cert on chkconfig openstack-nova-consoleauth onchkconfig openstack-nova-scheduler on chkconfig openstack-nova-conductor on chkconfig openstack-nova-novncproxy on 结果:
验证nova的配置:执行脚本:iaas-verify-nova.sh 脚本内容:nova image-list 因为没有上传镜像,所以现在无法验证。等到后面,可以手动上传镜像。 接下来进入计算节点,配置计算节点的yum 客户端。参考如下[root@compute ~]# cd /etc/yum.repos.d/ ;cat *.repo[base]name=centosbaseurl=ftp://10.0.0.10/centos/enabled=1gpgcheck=0[centos]name=centosbaseurl=ftp://10.0.0.10/repo/centos6.5/enabled=1gpgcheck=0[epel]name=epelbaseurl=ftp://10.0.0.10/repo/epel6/mirrors.hustunique.com/epel/6/x86_64/enabled=1gpgcheck=0[foreman]name=foremanbaseurl=ftp://10.0.0.10/repo/foreman/yum.theforeman.org/release/1.3/el6/x86_64/enabled=1gpgcheck=0[openstack]name=openstackbaseurl=ftp://10.0.0.10/repo/openstack-havana/enabled=1gpgcheck=0[puppetlabs]name=puppetlabsbaseurl=ftp://10.0.0.10/repo/puppetlabs/yum.puppetlabs.com/el/6/products/x86_64/enabled=1gpgcheck=0 接下来编辑noderc.sh 文件export HOSTNAME_CONT=controllerexport NOVA_DBPASS=novaexport NOVA_PASS=serviceexport HOST_IP_NODE1=10.0.0.11export EXTERNAL_NIC=eth0export FIX_RANGE=192.168.1.129/25export OS_USERNAME=adminexport OS_TENANT_NAME=adminexport OS_PASSWORD=secreteexport OS_AUTH_URL=http://10.0.0.10:5000/v2.0export SERVICE_ENDPOINT=http://10.0.0.10:35357/v2.0export SERVICE_TOKEN=87dbbbe96a346d6bcf31 保存并将文件追加至/root/.bash_profile [root@compute script]# cat noderc.sh > /root/.bash_profile 生效[root@compute script]# source /root/.bash_profile 查看一下[root@compute script]# echo $OS_PASSWORDSecrete可以看到已经生效 接下来执行预安装脚本执行脚本:iaas-pre-node.sh 脚本内容:service NetworkManager stopservice network startchkconfig NetworkManager offchkconfig network onservice firewalld stopservice iptables startchkconfig firewalld offchkconfig iptables onyum install -y ntpservice ntpd restartchkconfig ntpd onyum install -y mysql MySQL-pythonyum install -y openstack-utilsyum install -y openstack-selinuxyum -y upgrade 成功标志:
手动重启服务器 也要注意删除多余的.repo文件 接下来安装计算节点服务执行脚本:iaas-install-node.sh 脚本内容:yum install -y openstack-nova-computeopenstack-config --set /etc/nova/nova.conf database connection mysql://nova:$NOVA_DBPASS@$HOSTNAME_CONT/nova openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_host $HOSTNAME_CONT openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_protocol http openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_port 35357 openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_user nova openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_tenant_name service openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_password $NOVA_PASS openstack-config --set /etc/nova/nova.conf DEFAULT rpc_backend nova.openstack.common.rpc.impl_qpid openstack-config --set /etc/nova/nova.conf DEFAULT qpid_hostname $HOSTNAME_CONT openstack-config --set /etc/nova/nova.conf DEFAULT my_ip $HOST_IP_NODE1 openstack-config --set /etc/nova/nova.conf DEFAULT vnc_enabled True openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_listen 0.0.0.0openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_proxyclient_address $HOST_IP_NODE1 openstack-config --set /etc/nova/nova.conf DEFAULT novncproxy_base_url http://$HOSTNAME_CONT:6080/vnc_auto.html openstack-config --set /etc/nova/nova.conf DEFAULT glance_host $HOSTNAME_CONTopenstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_host $HOSTNAME_CONT openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_port 35357 openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_protocol http openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_tenant_name service openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_user nova openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_password $NOVA_PASS service libvirtd restart service messagebus restart chkconfig libvirtd on chkconfig messagebus on service openstack-nova-compute startchkconfig openstack-nova-compute on yum install -y openstack-nova-networkyum install -y openstack-nova-api 在此之前,要先安装dnsmasq-utils-2.48-13.el6.x86_64.rpm 之后再执行脚本 结果:
接下来就是配置计算节点服务执行脚本:iaas-config-node.sh 脚本内容:openstack-config --set /etc/nova/nova.conf DEFAULT network_manager nova.network.manager.FlatDHCPManager openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.libvirt.firewall.IptablesFirewallDriver openstack-config --set /etc/nova/nova.conf DEFAULT network_size 254 openstack-config --set /etc/nova/nova.conf DEFAULT allow_same_net_traffic False openstack-config --set /etc/nova/nova.conf DEFAULT multi_host True openstack-config --set /etc/nova/nova.conf DEFAULT send_arp_for_ha True openstack-config --set /etc/nova/nova.conf DEFAULT share_dhcp_address True openstack-config --set /etc/nova/nova.conf DEFAULT force_dhcp_release True openstack-config --set /etc/nova/nova.conf DEFAULT flat_interface $EXTERNAL_NIC openstack-config --set /etc/nova/nova.conf DEFAULT flat_network_bridge br100openstack-config --set /etc/nova/nova.conf DEFAULT public_interface $EXTERNAL_NIC service openstack-nova-metadata-api restart chkconfig openstack-nova-metadata-api onservice openstack-nova-network restart chkconfig openstack-nova-network on 结果:
接下来我们要回到控制节点创建网络 执行脚本; iaas-create-network.sh 脚本内容:yum install -y bridge-utilsecho fix_range=$FIX_RANGEnova network-create vmnet --fixed-range-v4=$FIX_RANGE --bridge=br100 --multi-host=T 接下来安装dashboard web前端控制台执行命令:yum install -y memcached python-memcached mod_wsgi openstack-dashboard 编辑/etc/openstack-dashboard/local_settingsCACHES = { 'default': { 'BACKEND' : 'django.core.cache.backends.memcached.MemcachedCache', 'LOCATION' : '127.0.0.1:11211', }}打开注释。修改ALLOWED_HOSTS = ['horizon.example.com', 'localhost']为ALLOWED_HOSTS = ['10.0.0.10', 'localhost'] 修改127.0.0.1为controller OPENSTACK_HOST = "127.0.0.1" OPENSTACK_HOST = "controller" 重启httpd 服务 memcached 服务 并设置开机启动 到此为止,云平台基础架构服务平台搭建告一段落,接下来就可以用浏览器访问了。地址为:http://10.0.0.1/dashboard界面如下:
用户名为nova 密码为service 登陆后界面如下:
自己就可以创建云主机类型并启动云主机了。
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 面向服务体系架构(SOA)和数据仓库(DW)的思考基于 IBM 产品体系搭建基于 SOA 和 DW 的企业基础架构平台
- 云计算平台2017年盘点——真正成为新技术新应用的基础架构
- Python+大数据计算平台,PyODPS架构手把手教你搭建
- Python+大数据计算平台,PyODPS架构手把手教你搭建
- 构建企业云计算基础架构平台解决方案设计指南 (微软官方英文版)
- 云计算平台2017年盘点——真正成为新技术新应用的基础架构
- Python+大数据计算平台,PyODPS架构手把手教你搭建
- 揭开IT基础架构综合管理平台软件的面纱 推荐
- 云计算-从基础到应用架构系列-云计算的概念 推荐
- 云计算的基础架构IAAS PAAS SAAS 关系
- 国泰航空全新的基于SOA的IT基础架构平台
- 面向服务体系架构的业务规划和建模方法系列之二--基础概念辨析 推荐
- 有一个构想: 新一代联络中心平台基础架构
- 初探全球首个企业云计算平台 推荐
- .NET4.0并行计算技术基础(5) 推荐
- 2008基础软件架构平台高层研讨会深圳召开
- NET4.0并行计算技术基础(3) 推荐
- 华硕服务器 电子支付行业的安全保护之神----华硕服务器IT硬件平台搭建大赛参赛方案 推荐