ubuntu20.04 部署原生态openstack Victoria版的详细步骤
1: 环境介绍
。 controller 192.168.0.220 172.16.10.220 10.10.10.20 10.1.1.220
。 compute1 192.168.0.221 172.16.10.221 10.10.10.221 10.1.1.221
。 compute2 192.168.0.222 172.16.10.222 10.10.10.222 10.1.1.222
。 ntp 时间服务器 192.168.0.10 (kvm宿主机)
。 系统间各个组件密码:CINDER_DBPASS Database password for the Block Storage serviceCINDER_PASS Password of Block Storage service user cinderDASH_DBPASS Database password for the DashboardDEMO_PASS Password of user demoLANCE_DBPASS Database password for Image serviceGLANCE_PASS Password of Image service user glanceKEYSTONE_DBPASS Database password of Identity serviceMETADATA_SECRET Secret for the metadata proxyNEUTRON_DBPASS Database password for the Networking serviceNEUTRON_PASS Password of Networking service user neutronNOVA_DBPASS Database password for Compute serviceNOVA_PASS Password of Compute service user novaPLACEMENT_PASS Password of the Placement service user placementRABBIT_PASS Password of RabbitMQ user openstack
2: 为controller,compute1,compute2配置IP地址,ssh,ntp等基础环境
。 1: 配置IP地址: (注意缩进关系) , 以controller 为例,comput1,compute2略。 vim /etc/netplan/00-installer-config.yamlnetwork:ethernets:enp1s0:dhcp4: noaddresses: [192.168.0.220/24]gateway4: 192.168.0.1nameservers:addresses: [192.168.0.1, 114.114.114.114]enp2s0:dhcp4: noaddresses: [172.16.10.220/24]enp3s0:dhcp4: noaddresses: [10.10.10.220/24]enp4s0:dhcp4: noaddresses: [10.1.1.220/24]version: 2。 执行 netplan apply 。 2: 设置root账户及远程登录。 1:为root账户设置密码: sudo passwd root。 2: sed -i 's/#Port 22/Port 22/' /etc/ssh/sshd_config。 3: echo PermitRootLogin yes' >>/etc/ssh/sshd_config。 4:重启sshd服务systemctl start sshd.service
。 3: 为每台服务配置国内apt源。 1:vim /etc/apt/sources.listdeb https://mirrors.aliyun.com/ubuntu/ focal main restricted universe multiversedeb-src https://mirrors.aliyun.com/ubuntu/ focal main restricted universe multiversedeb https://mirrors.aliyun.com/ubuntu/ focal-security main restricted universe multiversedeb-src https://mirrors.aliyun.com/ubuntu/ focal-security main restricted universe multiversedeb https://mirrors.aliyun.com/ubuntu/ focal-updates main restricted universe multiversedeb-src https://mirrors.aliyun.com/ubuntu/ focal-updates main restricted universe multiverse# deb https://mirrors.aliyun.com/ubuntu/ focal-proposed main restricted universe multiverse# deb-src https://mirrors.aliyun.com/ubuntu/ focal-proposed main restricted universe multiversedeb https://mirrors.aliyun.com/ubuntu/ focal-backports main restricted universe multiversedeb-src https://mirrors.aliyun.com/ubuntu/ focal-backports main restricted universe multiverse。 2: 执行 sudo apt update。 3: 执行 sudo apt upgrade。 4: 为每台服务器配置NTP时间同步源 (这里将kvm宿主机作为NTP服务器 192.168.0.10)。 1: 安装ntp sudo apt install chrony。 2: 配置时间源 vim /etc/chrony/chrony.confpool 192.168.0.10 iburst。 3: 启动服务,设成开机自启systemctl enable chrony --now。 4: 验证是否同步成功chronyc sources。 5: 配置名称解析vim /etc/hosts192.168.0.220 controller192.168.0.221 compute1192.168.0.222 compute2
3: 设置openstack victoria 源
。 1: 执行命令:add-apt-repository cloud-archive:victoria
4: 安装openstack 的基础服务
。 1: 数据库的安装 mysql (控制节点执行)apt install mariadb-server python3-pymysql
。 2:编辑配置文件 /etc/mysql/mariadb.conf.d/99-openstack.cnf [mysqld]bind-address = 10.0.0.11default-storage-engine = innodbinnodb_file_per_table = onmax_connections = 4096collation-server = utf8_general_cicharacter-set-server = utf8_general_ci。 3: 重启数据库服务 service mysql restart。 4:安装安全选项 mysql_secure_installation
5: 安装消息队列服务
。 1:执行安装命令 apt install rabbitmq-server
。 2:创建opensatck 用户rabbitmqctl add_user openstack RABBIT_PASS
。 3: 给openstack 用户添加,读,写,访问权限rabbitmqctl set_permissions openstack ".*" ".*" ".*"
6: 安装memcahe 服务
。 1: 执行安装命令apt install memcached python3-memcache。 2: 修改配置文件 /etc/memcached.conf-l 192.168.0.220。 3:重启服务service memcached restart
7:安装ETCD服务
。 1:执行命令 apt install etcd
。 2:修改配置文件 /etc/default/etcd.confETCD_NAME="controller"ETCD_DATA_DIR="/var/lib/etcd"ETCD_INITIAL_CLUSTER_STATE="new"ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"ETCD_INITIAL_CLUSTER="controller=http://192.168.0.220:2380"ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.0.220:2380"ETCD_ADVERTISE_CLIENT_URLS="http://192.168.0.220:2379"ETCD_LISTEN_PEER_URLS="http://0.0.0.0:2380"ETCD_LISTEN_CLIENT_URLS="http://192.168.0.220:2379"。 3: 启动etcd并设置成开机自启systemctl enable etcdsystemctl restart etcd
8: keystone 的安装与配置
。1: 进入数据库创建keystone的数据库并授权mysqlMariaDB [(none)]> CREATE DATABASE keystone;Query OK, 1 row affected (0.001 sec)MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'KEYSTONE_DBPASS';Query OK, 0 rows affected (0.058 sec)MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'KEYSTONE_DBPASS';Query OK, 0 rows affected (0.000 sec)。 2:执行命令安装keystone服务apt install keystone。 3:修改配置文件 vim /etc/keystone/keystone.conf[database]connection = mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone[token]provider = fernet。 4:同步数据库su -s /bin/sh -c "keystone-manage db_sync" keystone。 5:初始化keystonekeystone-manage fernet_setup --keystone-user keystone --keystone-group keystonekeystone-manage credential_setup --keystone-user keystone --keystone-group keystone。 6:启动服务keystone-manage bootstrap --bootstrap-password ADMIN_PASS --bootstrap-admin-url http://controller:5000/v3/ --bootstrap-internal-url http://controller:5000/v3/ --bootstrap-public-url http://controller:5000/v3/ --bootstrap-region-id RegionOne。 7:配置Apache vim /etc/apache2/apache2.conf 加上ServerName controller。 8:重启服务service apache2 restart。 9:配置admin用户export OS_USERNAME=adminexport OS_PASSWORD=ADMIN_PASSexport OS_PROJECT_NAME=adminexport OS_USER_DOMAIN_NAME=Defaultexport OS_PROJECT_DOMAIN_NAME=Defaultexport OS_AUTH_URL=http://controller:5000/v3export OS_IDENTITY_API_VERSION=3。 10:创建域,项目,用户,角色等openstack domain create --description "An Example Domain" example+-------------+----------------------------------+| Field | Value |+-------------+----------------------------------+| description | An Example Domain || enabled | True || id | 54aeaeb30f9c46f6869486c1aaead09a || name | example || options | {} || tags | [] |+-------------+----------------------------------+openstack project create --domain default --description "Service Project" service+-------------+----------------------------------+| Field | Value |+-------------+----------------------------------+| description | Service Project || domain_id | default || enabled | True || id | d0f60fa0fa674aa89f3651cb69e7f284 || is_domain | False || name | service || options | {} || parent_id | default || tags | [] |+-------------+----------------------------------+openstack project create --domain default --description "Demo Project" myproject+-------------+----------------------------------+| Field | Value |+-------------+----------------------------------+| description | Demo Project || domain_id | default || enabled | True || id | 7cb35309c53a4560b60afdaa59e9df6a || is_domain | False || name | myproject || options | {} || parent_id | default || tags | [] |+-------------+----------------------------------+openstack user create --domain default --password-prompt myuserUser Password:adminRepeat User Password:admin+---------------------+----------------------------------+| Field | Value |+---------------------+----------------------------------+| domain_id | default || enabled | True || id | 7392ac98cde645eb8f5f6c6a14c4a0a5 || name | myuser || options | {} || password_expires_at | None |+---------------------+----------------------------------+openstack role create myrole+-------------+----------------------------------+| Field | Value |+-------------+----------------------------------+| description | None || domain_id | None || id | abd40cfffe3d4aeebdc1cc8414cdcc3b || name | myrole || options | {} |+-------------+----------------------------------+openstack role add --project myproject --user myuser myrole
。 10:验证:。 执行命令 unset OS_AUTH_URL OS_PASSWORD。 再执行: openstack --os-auth-url http://controller:5000/v3 \
–os-project-domain-name Default --os-user-domain-name Default
–os-project-name admin --os-username admin token issue
+------------------------------------------------------------------------------------------------------------------------------------------------------------`-----------------------------+| Field | Value |+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| expires | 2022-09-11T08:16:50+0000 || id | gAAAAABjHYtiz5j-E2bDyoAI8u21dRJMCjpQPx75PqCW22jVCFrzgOq2qB_KseVQsxnxcSQgQm8ErSa-vyrZyFR1hUsNuZj2il8wZ3By4tjEqf5xaeY4qWuwXZxo2xRCp9ervTP3nBFzjvgs19iWUkoMLEyV0Uby4xu5IILoAX_2-_cc927JJjk || project_id | 1a78e4de07194b2aac34215e56444672 || user_id | ae16ad3979cb4b90911fd967933c2ac8 |+----------------------------------------------------------------------------------------------------------------------------------------------------。 3: 再执行: openstack --os-auth-url http://controller:5000/v3 \
–os-project-domain-name Default --os-user-domain-name Default
–os-project-name myproject --os-username myuser token issue
±-----------±----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
±-----------±----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires | 2022-09-11T08:19:44+0000 |
| id | gAAAAABjHYwQ58teJP92GgUHN8IUwOpQcOMmV-s6MKmt2TlkLA1fI4AkaFH4RNQ5FmuhmDAIoauuupxKmj8ql3JwU6IosZIRRrmXEXDbNeJMb96X47dR4icEV3F1dUlgt3yoFz2d7jyM2V6SMd-Ta2bP3goReDPCF4EjX3Jfyt2XlqsLv5UwMEg |
| project_id | 7cb35309c53a4560b60afdaa59e9df6a |
| user_id | 7392ac98cde645eb8f5f6c6a14c4a0a5 |
±-----------±----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------±---------------------------
. 11: 编写 admin-openrc 文件export OS_PROJECT_DOMAIN_NAME=Defaultexport OS_USER_DOMAIN_NAME=Defaultexport OS_PROJECT_NAME=adminexport OS_USERNAME=adminexport OS_PASSWORD=ADMIN_PASSexport OS_AUTH_URL=http://controller:5000/v3export OS_IDENTITY_API_VERSION=3export OS_IMAGE_API_VERSION=2。 12:编写demo-openrc文件export OS_PROJECT_DOMAIN_NAME=Defaultexport OS_USER_DOMAIN_NAME=Defaultexport OS_PROJECT_NAME=myprojectexport OS_USERNAME=myuserexport OS_PASSWORD=adminexport OS_AUTH_URL=http://controller:5000/v3export OS_IDENTITY_API_VERSION=3export OS_IMAGE_API_VERSION=2。 13: 执行脚本. admin-openrcopenstack token issue+--------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| Field | Value |+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| expires | 2022-09-11T08:27:57+0000 || id | gAAAAABjHY39bBD6Q-GISlXl21DYBwIwSF6kEfqV45Fnghy5gS7XDLnrhzWsqlr_cTai5iHI7itFQGZdXqIvIBEQzFifCpCs4d4yngHS1b6NTp6epu86BBPpwcW2dzF1dpxhv8OLIrZNf3Eo5MjWsH0NBycRZ42EMRja2Cd4PRYuoDjWskcpOXs || project_id | 1a78e4de07194b2aac34215e56444672 || user_id | ae16ad3979cb4b90911fd967933c2ac8 |+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------
9: glance服务的安装与配置
。 1:进入数据库创建glance 库及授权mysqlMariaDB [(none)]> CREATE DATABASE glance;Query OK, 1 row affected (0.001 sec)MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' \
-> IDENTIFIED BY 'GLANCE_DBPASS';Query OK, 0 rows affected (0.001 sec)MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' \
-> IDENTIFIED BY 'GLANCE_DBPASS';Query OK, 0 rows affected (0.003 sec)。 2:. admin-openrcopenstack user create --domain default --password-prompt glanceUser Password:Repeat User Password:+---------------------+----------------------------------+| Field | Value |+---------------------+----------------------------------+| domain_id | default || enabled | True || id | d86ef2fc3b90475a82f3cdc09241a92b || name | glance || options | {} || password_expires_at | None |+---------------------+----------------------------------+。 3: openstack role add --project service --user glance admin。 4:root@controller:~# openstack service create --name glance \
–description “OpenStack Image” image
±------------±---------------------------------+
| Field | Value |
±------------±---------------------------------+
| description | OpenStack Image |
| enabled | True |
| id | 38675898acb844128a2269b20f675c95 |
| name | glance |
| type | image |
±------------±---------------------------------+
。 5:root@controller:~# openstack endpoint create --region RegionOne \
image public http://controller:9292
±-------------±---------------------------------+
| Field | Value |
±-------------±---------------------------------+
| enabled | True |
| id | 4fcb4ec019424210a677bcfbb8872f64 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 38675898acb844128a2269b20f675c95 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
±-------------±---------------------------------+:
。 6: openstack endpoint create --region RegionOne
image internal http://controller:9292
±-------------±---------------------------------+
| Field | Value |
±-------------±---------------------------------+
| enabled | True |
| id | da6b3e7a856d4d8a89c6b83aaedfaebf |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 38675898acb844128a2269b20f675c95 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
±-------------±---------------------------------+
。 7: openstack endpoint create --region RegionOne \
image admin http://controller:9292
±-------------±---------------------------------+
| Field | Value |
±-------------±---------------------------------+
| enabled | True |
| id | 7d126f4f39cb440e8a7dbdb7840b0d8f |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 38675898acb844128a2269b20f675c95 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
±-------------±---------------------------------+
。 8:执行安装命令 apt install glance。 9:更改配置文件 /etc/glance/glance-api.confvim /etc/glance/glance-api.conf[database]connection = mysql+pymysql://glance:GLANCE_DBPASS@controller/glance[keystone_authtoken]www_authenticate_uri = http://controller:5000auth_url = http://controller:5000memcached_servers = controller:11211auth_type = passwordproject_domain_name = Defaultuser_domain_name = Defaultproject_name = serviceusername = glancepassword = GLANCE_PASS[paste_deploy]flavor = keystone[glance_store]stores = file,httpdefault_store = filefilesystem_store_datadir = /var/lib/glance/images/。 10:同步数据库su -s /bin/sh -c "glance-manage db_sync" glance。 11:重启glance服务:service glance-api restart。 12:验证glance服务。 . admin-openrc。 wget http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img。 glance image-create --name "cirros" --file cirros-0.4.0-x86_64-disk.img --disk-format qcow2 --container-format bare --visibility=public+------------------+----------------------------------------------------------------------------------+| Property | Value |+------------------+----------------------------------------------------------------------------------+| checksum | 443b7623e27ecf03dc9e01ee93f67afe || container_format | bare || created_at | 2022-09-11T08:25:30Z || disk_format | qcow2 || id | f92126fb-1191-43d6-9675-2b0eab8d30f5 || min_disk | 0 || min_ram | 0 || name | cirros || os_hash_algo | sha512 || os_hash_value | 6513f21e44aa3da349f248188a44bc304a3653a04122d8fb4535423c8e1d14cd6a153f735bb0982e || | 2161b5b5186106570c17a9e58b64dd39390617cd5a350f78 || os_hidden | False || owner | 1a78e4de07194b2aac34215e56444672 || protected | False || size | 12716032 || status | active || tags | [] || updated_at | 2022-09-11T08:25:30Z || virtual_size | 46137344 || visibility | public |+------------------+----------------------------------------------------------------------------------+。 执行 glance image-listglance image-list+--------------------------------------+--------+| ID | Name |+--------------------------------------+--------+| f92126fb-1191-43d6-9675-2b0eab8d30f5 | cirros |+--------------------------------------+--------+
10: 安装placement服务
。 1:进入数据库 创建placement数据库,并设置权限mysqlMariaDB [(none)]> CREATE DATABASE placement;Query OK, 1 row affected (0.001 sec)MariaDB [(none)]> GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' \
-> IDENTIFIED BY 'PLACEMENT_DBPASS';Query OK, 0 rows affected (0.001 sec)MariaDB [(none)]> GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' \
-> IDENTIFIED BY 'PLACEMENT_DBPASS';Query OK, 0 rows affected (0.001 sec)。 2: . admin-openrc。 3: 执行 openstack user create --domain default --password-prompt placement+---------------------+----------------------------------+| Field | Value |+---------------------+----------------------------------+| domain_id | default || enabled | True || id | be2f46559f0549c294a5c308e9120467 || name | placement || options | {} || password_expires_at | None |+---------------------+----------------------------------+。 4:openstack role add --project service --user placement admin。 5: openstack service create --name placement \
–description “Placement API” placement
±------------±---------------------------------+
| Field | Value |
±------------±---------------------------------+
| description | Placement API |
| enabled | True |
| id | c77bec5fb4204e9dbca1dccb740df16b |
| name | placement |
| type | placement |
±------------±---------------------------------+
。 6:openstack endpoint create --region RegionOne \
placement public http://controller:8778
±-------------±---------------------------------+
| Field | Value |
±-------------±---------------------------------+
| enabled | True |
| id | 8c962cd364384936b7610dbad705419b |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | c77bec5fb4204e9dbca1dccb740df16b |
| service_name | placement |
| service_type | placement |
| url | http://controller:8778 |
±-------------±---------------------------------+
。 7:openstack endpoint create --region RegionOne \
placement internal http://controller:8778
±-------------±---------------------------------+
| Field | Value |
±-------------±---------------------------------+
| enabled | True |
| id | 389d3406edbc49359f07f1c01f2ea9e7 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | c77bec5fb4204e9dbca1dccb740df16b |
| service_name | placement |
| service_type | placement |
| url | http://controller:8778 |
±-------------±---------------------------------+
。 8:openstack endpoint create --region RegionOne \
placement admin http://controller:8778
±-------------±---------------------------------+
| Field | Value |
±-------------±---------------------------------+
| enabled | True |
| id | b684badfa9634849be722e5a52e2a06f |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | c77bec5fb4204e9dbca1dccb740df16b |
| service_name | placement |
| service_type | placement |
| url | http://controller:8778 |
±-------------±---------------------------------+
。9: 安装placement组件及配置。 apt install placement-api。 修改配置文件 /etc/placement/placement.confvim /etc/placement/placement.conf[placement_database]connection = mysql+pymysql://placement:PLACEMENT_DBPASS@controller/placement[api]auth_strategy = keystone[keystone_authtoken]auth_url = http://controller:5000/v3memcached_servers = controller:11211auth_type = passwordproject_domain_name = Defaultuser_domain_name = Defaultproject_name = serviceusername = placementpassword = PLACEMENT_PASS。 同步数据库su -s /bin/sh -c "placement-manage db sync" placement。 重启apache2服务service apache2 restart。 10: 验证。 . admin-openrc。 placement-status upgrade check+----------------------------------+| Upgrade Check Results |+----------------------------------+| Check: Missing Root Provider IDs || Result: Success || Details: None |+----------------------------------+| Check: Incomplete Consumers || Result: Success || Details: None |+----------------------------------+。11: apt install python3-pippip3 install osc-placementopenstack --os-placement-api-version 1.2 resource class list --sort-column name
11: nova服务的安装及配置(controller, compute)都需要安装
。 controller节点的安装及配置。 1:进入数据库 创建nova库及授权mysqlMariaDB [(none)]> CREATE DATABASE nova_api;Query OK, 1 row affected (0.001 sec)MariaDB [(none)]> CREATE DATABASE nova;Query OK, 1 row affected (0.000 sec)MariaDB [(none)]> CREATE DATABASE nova_cell0;Query OK, 1 row affected (0.000 sec)MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' \
-> IDENTIFIED BY 'NOVA_DBPASS';Query OK, 0 rows affected (0.001 sec)MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' \
-> IDENTIFIED BY 'NOVA_DBPASS';Query OK, 0 rows affected (0.000 sec)MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' \
-> IDENTIFIED BY 'NOVA_DBPASS';Query OK, 0 rows affected (0.001 sec)MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' \
-> IDENTIFIED BY 'NOVA_DBPASS';Query OK, 0 rows affected (0.000 sec)MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' \
-> IDENTIFIED BY 'NOVA_DBPASS';Query OK, 0 rows affected (0.000 sec)MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' \
-> IDENTIFIED BY 'NOVA_DBPASS';Query OK, 0 rows affected (0.000 sec)。 2: 执行: . admin-openrc。 3:openstack user create --domain default --password-prompt nova+---------------------+----------------------------------+| Field | Value |+---------------------+----------------------------------+| domain_id | default || enabled | True || id | 6d2dcaa814364bbfb53da9a5007ad007 || name | nova || options | {} || password_expires_at | None |+---------------------+----------------------------------+。4:openstack role add --project service --user nova admin。5:openstack service create --name nova \
–description “OpenStack Compute” compute
±------------±---------------------------------+
| Field | Value |
±------------±---------------------------------+
| description | OpenStack Compute |
| enabled | True |
| id | 37a1fdd1b0f14d05880d20a0aa45cc37 |
| name | nova |
| type | compute |
±------------±---------------------------------+
。6:openstack endpoint create --region RegionOne \
compute public http://controller:8774/v2.1
±-------------±---------------------------------+
| Field | Value |
±-------------±---------------------------------+
| enabled | True |
| id | a98138f972134cf5b23579719a2281c3 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 37a1fdd1b0f14d05880d20a0aa45cc37 |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
±-------------±---------------------------------+
。 7: openstack endpoint create --region RegionOne \
compute internal http://controller:8774/v2.1
±-------------±------------------------------------------+
| Field | Value |
±-------------±------------------------------------------+
| enabled | True |
| id | e3c918de680746a586eac1f2d9bc10ab |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 060d59eac51b4594815603d75a00aba2 |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
±-------------±------------------------------------------+
。8: openstack endpoint create --region RegionOne \
compute admin http://controller:8774/v2.1
±-------------±---------------------------------+
| Field | Value |
±-------------±---------------------------------+
| enabled | True |
| id | de26da352677498d832c07604de327fd |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 37a1fdd1b0f14d05880d20a0aa45cc37 |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
±-------------±---------------------------------+
。 9: 安装nova各服务组件apt install nova-api nova-conductor nova-novncproxy nova-scheduler。 10: 修改配置文件 /etc/nova/nova.confvim /etc/nova/nova.conf[api_database]connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api[database]connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova[DEFAULT]transport_url = rabbit://openstack:RABBIT_PASS@controller:5672/my_ip = 192.168.0.220[api]auth_strategy = keystone[keystone_authtoken]www_authenticate_uri = http://controller:5000/auth_url = http://controller:5000/memcached_servers = controller:11211auth_type = passwordproject_domain_name = Defaultuser_domain_name = Defaultproject_name = serviceusername = novapassword = NOVA_PASS[vnc]enabled = trueserver_listen = $my_ipserver_proxyclient_address = $my_ip[glance]api_servers = http://controller:9292[oslo_concurrency]lock_path = /var/lib/nova/tmp。 11:同步数据库su -s /bin/sh -c "nova-manage api_db sync" nova。 12:注册cell0su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova。 13:创建cell1su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova。 14: 再次同步数据库su -s /bin/sh -c "nova-manage db sync" nova。 15: 验证 :su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova+-------+--------------------------------------+------------------------------------------+-------------------------------------------------+----------+| Name | UUID | Transport URL | Database Connection | Disabled |+-------+--------------------------------------+------------------------------------------+-------------------------------------------------+----------+| cell0 | 00000000-0000-0000-0000-000000000000 | none:/ | mysql+pymysql://nova:****@controller/nova_cell0 | False || cell1 | d73c7a60-0e5a-444c-80ab-d46b9e8cffd2 | rabbit://openstack:****@controller:5672/ | mysql+pymysql://nova:****@controller/nova | False |+-------+--------------------------------------+------------------------------------------+-------------------------------------------------+----------+。16:重启服务service nova-api restartservice nova-scheduler restartservice nova-conductor restartservice nova-novncproxy restart。 在两台计算节点compute1 , compute2 安装nova服务。1:执行安装命令 apt install nova-compute。2: 分别修改配置文件 /etc/nova/nova.confvim /etc/nova/nova.conf[DEFAULT]transport_url = rabbit://openstack:RABBIT_PASS@controllermy_ip = 192.168.0.222[api]auth_strategy = keystone[keystone_authtoken]www_authenticate_uri = http://controller:5000/auth_url = http://controller:5000/memcached_servers = controller:11211auth_type = passwordproject_domain_name = Defaultuser_domain_name = Defaultproject_name = serviceusername = novapassword = NOVA_PASS[vnc]enabled = trueserver_listen = 0.0.0.0server_proxyclient_address = $my_ipnovncproxy_base_url = http://controller:6080/vnc_auto.html[glance]api_servers = http://controller:9292[oslo_concurrency]lock_path = /var/lib/nova/tmp[placement]region_name = RegionOneproject_domain_name = Defaultproject_name = serviceauth_type = passworduser_domain_name = Default。 3:查看compute1.compute2 是否支持虚拟化egrep -c '(vmx|svm)' /proc/cpuinfo。 4: 修改/etc/nova/nova-compute.conf配置文件vim /etc/nova/nova-compute.conf[libvirt]# ...virt_type = qemu。 5: 重启nova服务service nova-compute restart。 3: 在回到controller节点在数据库中添加compute节点openstack compute service list --service nova-computesu -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova。4: 修改controller节点的/etc/nova/nova.conf配置文件 自动发现计算节点[scheduler]discover_hosts_in_cells_interval = 300
12: neutron 网络服务的安装及配置(controller,compute)节点
。 controller节点的安装。 1: 进入数据库 创建neutron库以及授权mysql MariaDB [(none)]> CREATE DATABASE neutron;Query OK, 1 row affected (0.000 sec)MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \
-> IDENTIFIED BY 'NEUTRON_DBPASS';Query OK, 0 rows affected (0.001 sec)MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \
-> IDENTIFIED BY 'NEUTRON_DBPASS';Query OK, 0 rows affected (0.000 sec)。 2: 退出数据库 执行 . admin-openrc。 3: openstack user create --domain default --password-prompt neutron+---------------------+----------------------------------+| Field | Value |+---------------------+----------------------------------+| domain_id | default || enabled | True || id | b8e6011e48ba4de2b9c0f95740db26ed || name | neutron || options | {} || password_expires_at | None |+---------------------+----------------------------------+。 4: openstack role add --project service --user neutron admin。 5: openstack service create --name neutron \
–description “OpenStack Networking” network
±------------±---------------------------------+
| Field | Value |
±------------±---------------------------------+
| description | OpenStack Networking |
| enabled | True |
| id | 7ea390ddfdeb449abd856aa2efe79b68 |
| name | neutron |
| type | network |
±------------±---------------------------------+
。 6: openstack endpoint create --region RegionOne \
network public http://controller:9696
±-------------±---------------------------------+
| Field | Value |
±-------------±---------------------------------+
| enabled | True |
| id | 52686c8a6f024680bcb3f650a670ca1b |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 7ea390ddfdeb449abd856aa2efe79b68 |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
±-------------±---------------------------------+
。 7: openstack endpoint create --region RegionOne
network internal http://controller:9696
±-------------±---------------------------------+
| Field | Value |
±-------------±---------------------------------+
| enabled | True |
| id | 8aa54051022445e1a51f747eb1a1117a |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 7ea390ddfdeb449abd856aa2efe79b68 |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
±-------------±---------------------------------+
。 8: openstack endpoint create --region RegionOne \
network admin http://controller:9696
±-------------±---------------------------------+
| Field | Value |
±-------------±---------------------------------+
| enabled | True |
| id | c2ee763242a1427986eb332e654fe953 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 7ea390ddfdeb449abd856aa2efe79b68 |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
±-------------±---------------------------------+
。 9: 安装网路组件(这里选择option2 提供DHCP, floatip, router等功能)
apt install neutron-server neutron-plugin-ml2
neutron-linuxbridge-agent neutron-l3-agent neutron-dhcp-agent
neutron-metadata-agent
。 10: 修改/etc/neutron/neutron.confvim /etc/neutron/neutron.conf[database]connection = mysql+pymysql://neutron:NEUTRON_DBPASS@controller/neutron[DEFAULT]core_plugin = ml2service_plugins = routerallow_overlapping_ips = truetransport_url = rabbit://openstack:RABBIT_PASS@controllerauth_strategy = keystonenotify_nova_on_port_status_changes = truenotify_nova_on_port_data_changes = true[keystone_authtoken]www_authenticate_uri = http://controller:5000auth_url = http://controller:5000memcached_servers = controller:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = neutronpassword = NEUTRON_PASS[nova]auth_url = http://controller:5000auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultregion_name = RegionOneproject_name = serviceusername = novapassword = NOVA_PASS[oslo_concurrency]lock_path = /var/lib/neutron/tmp。 11: 修改 /etc/neutron/plugins/ml2/ml2_conf.ini[ml2]type_drivers = flat,vlan,vxlantenant_network_types = vxlanmechanism_drivers = linuxbridge,l2populationextension_drivers = port_security[ml2_type_flat]flat_networks = provider[ml2_type_vxlan]vni_ranges = 1:1000[securitygroup]enable_ipset = True。 12: 修改 /etc/neutron/plugins/ml2/linuxbridge_agent.ini [linux_bridge]physical_interface_mappings = provider: enp1s0[vxlan]enable_vxlan = truelocal_ip = 192.168.0.220l2_population = true[securitygroup]enable_security_group = truefirewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver. 13: 修改 /etc/sysctl.conf 在末尾添加如下内容net.bridge.bridge-nf-call-iptables = 1net.bridge.bridge-nf-call-ip6tables = 1。 14: 执行 sysctl -p。 15: 修改 /etc/neutron/l3_agent.ini[DEFAULT]interface_driver = linuxbridge。 16: 修改 /etc/neutron/dhcp_agent.ini。 compute节点安装网络组件。 1: apt install neutron-linuxbridge-agent。 2: 配置 [DEFAULT]transport_url = rabbit://openstack:RABBIT_PASS@controllerauth_strategy = keystone[keystone_authtoken]www_authenticate_uri = http://controller:5000auth_url = http://controller:5000memcached_servers = controller:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = neutronpassword = NEUTRON_PASS[oslo_concurrency]lock_path = /var/lib/neutron/tmp。 3: 配置 /etc/neutron/plugins/ml2/linuxbridge_agent.ini[linux_bridge]physical_interface_mappings = provider:enp1s0[vxlan]enable_vxlan = truelocal_ip = 192.168.0.221l2_population = true[securitygroup]enable_security_group = truefirewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver。 4: 修改/etc/sysctl.confnet.bridge.bridge-nf-call-iptables = 1net.bridge.bridge-nf-call-ip6tables = 1。 5: 修改 vim /etc/neutron/metadata_agent.ini[DEFAULT]nova_metadata_host = controllermetadata_proxy_shared_secret = METADATA_SECRET。 6: 修改 /etc/nova/nova.conf 添加[neutron]auth_url = http://controller:5000auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultregion_name = RegionOneproject_name = serviceusername = neutronpassword = NEUTRON_PASSservice_metadata_proxy = truemetadata_proxy_shared_secret = METADATA_SECRET。 3: 在控制节点执行数据库同步su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
–config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
。 4: 执行重启
service nova-api restart
service neutron-server restart
service neutron-linuxbridge-agent restart
service neutron-dhcp-agent restart
service neutron-metadata-agent restart
service neutron-l3-agent restart
。5: 计算节点执行重启service nova-compute restartservice neutron-linuxbridge-agent restart控制节点安装确认, compute节点都需要执行以下步骤添加sudoer权限修改vim /etc/neutron/neutron.conf文件,修改以下内容[privsep]user = neutronhelper_command = sudo privsep-helper修改vim /etc/sudoers.d/neutron文件,添加以下内容后强制保存退出neutron ALL = (root) NOPASSWD: allow_overlapping_ips。 6: openstack network agent list+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+| 0a091d22-d20a-4a0c-96f5-2316755a7cda | Metadata agent | controller | None | :-) | UP | neutron-metadata-agent || 0f02d9b9-e8e1-4e87-aa80-72bf957238c8 | Linux bridge agent | compute1 | None | :-) | UP | neutron-linuxbridge-agent || 15056367-9f70-4304-acb2-0f2508976db8 | Linux bridge agent | controller | None | :-) | UP | neutron-linuxbridge-agent || 38c4e1d1-d9fe-4be7-b725-1603bc0442c2 | Linux bridge agent | compute2 | None | :-) | UP | neutron-linuxbridge-agent || 83cc7e71-fccd-41a5-a222-3f5253b60312 | L3 agent | controller | nova | :-) | UP | neutron-l3-agent || f07be2be-3817-40d9-98de-0daa10dd4b58 | DHCP agent | controller | nova | :-) | UP | neutron-dhcp-agent |+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
13: horizon 的安装
。1: 执行安装命令 apt install openstack-dashboard。2: 配置/etc/openstack-dashboard/local_settings.pyOPENSTACK_HOST = "controller"ALLOWED_HOSTS = ["*", ]SESSION_ENGINE = 'django.contrib.sessions.backends.cache'CACHES = {'default': {'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache','LOCATION': 'controller:11211',}}OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOSTOPENSTACK_API_VERSIONS = {"identity": 3,"image": 2,"volume": 3,}OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = TrueOPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"TIME_ZONE = "AsiaShanghai"。 3: 修改配置文件 /etc/apache2/conf-available/openstack-dashboard.conf。 4: 重启服务 systemctl reload apache2.service
。 5: 修改 vim /etc/apache2/sites-available/placement-api.conf
<Directory /usr/bin><IfVersion >= 2.4>Require all granted</IfVersion><IfVersion < 2.4>Order allow,denyRequire all granted</IfVersion></Directory /usr/bin>。6: vim /etc/apache2/conf-available/openstack-dashboard.confWSGIDaemonProcess dashboardWSGIProcessGroup dashboardWSGISocketPrefix run/wsgiWSGIApplicationGroup %{GLOBAL}WSGIScriptAlias /dashboard /usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgiAlias /dashboard/static /usr/share/openstack-dashboard/static<Directory /usr/share/openstack-dashboard/openstack_dashboard/wsgi>Options AllAllowOverride AllRequire all granted</Directory><Directory /usr/share/openstack-dashboard/static>Options AllAllowOverride AllRequire all granted</Directory>
。 : 验证: http://192.168.0.220/horizon/.
ubuntu20.04 部署原生态openstack Victoria版的详细步骤相关推荐
- Ubuntu20.04 pycharm python打包制作DEB包详细步骤及雷区
记录一次Deb打包过程及踩雷警示 最近写了一个python的小程序,希望能打包成deb文件,便于将写好的软件安装 在其他没有安装工作环境的电脑上,把这安装deb后可以在应用列表和桌面看到.下面介绍一个 ...
- OpenStack Victoria版——6.2计算节点-Nova计算服务组件
6.2计算节点-Nova计算服务组件 更多步骤:OpenStack Victoria版安装部署系列教程 OpenStack部署系列文章 OpenStack Victoria版 安装部署系列教程 Ope ...
- 在Ubuntu20.04中继续使用linux版“网络调试助手”的方法
在Ubuntu20.04中继续使用linux版"网络调试助手"的方法 网络调试助手是一款很好用的网络通信调试软件,对于初学网络编程的人员简单实用.windows版的调试助手在各个版 ...
- ubuntu20.04安装企业微信 deepin-wine版解决gcc:i386依赖问题
ubuntu20.04安装企业微信 deepin-wine版解决gcc:i386依赖问题 文章目录 ubuntu20.04安装企业微信 deepin-wine版解决gcc:i386依赖问题 一.安装d ...
- 20200614在ubuntu20.04的本地编译全志R系列的步骤20
在ubuntu20.04的本地编译全志R系列的步骤20 2020/6/14 14 7:51 开始写 2020/6/14 14 14:48 完工 0.获取全志R系列的Android源码包: 请通过渠道/ ...
- 【OWA】04集成SharePoint:SharePoint集成OWA详细步骤(SharePoint与OWA集成)
前言 在前面咱们已经从owa服务器创建.把owa服务加入域控.在owa服务器中安装部署office web app server,接下载咱们一起来了解一下owa如何域SharePoint做集成(Sha ...
- ubuntu16.04安装python3.6-dev超时_vitrualBox+ubuntu16.04安装python3.6最新教程及详细步骤...
因为这两天在学习深度学习需要用到ubuntu+python3.6版本,所以就按照网上的教学安装,但是ubuntu16.04自带的是python2.7和3.5版本,所以需要另外安装.但是安装了半天浪费了 ...
- Debezium系列之:安装部署debezium2.0以上版本的详细步骤
Debezium系列之:安装部署debezium2.0以上版本的详细步骤 一.相关技术博客 二.升级debezium2.0以上版本注意事项 三.安装jdk 四.修改kafka相关参数 五.启动kafk ...
- Railway Dashboard部署PHP苹果CMS项目的详细步骤
Railway Dashboard部署PHP苹果CMS项目的详细步骤 目录 Railway Dashboard部署PHP苹果CMS项目的详细步骤 1.准备项目文件: 2.创建Dockerfile: 3 ...
最新文章
- pytorch中tensor.mul()和mm()和matmul()
- jquery下载教程
- [转]IE下对文件(图片)进行base64转换
- JavaScript事件对象
- MySQL触发器简介
- MySQL 绿色版安装方法图文教程
- 汽车之家店铺数据抓取 DotnetSpider实战
- python写前端图形界面_如何Tkinter模块编写Python图形界面
- pin controller driver代码分析
- Github+jsDelivr+PicGo 打造稳定快速、高效免费图床
- OAM深入解读:使用OAM定义与管理Kubernetes内置Workload
- thinkPHP 模板中的语法
- 上岸 | 青椒博士毕业后未返校任教,被判返还高校41万余元
- python统计列表中数字出现的次数_Python实现统计给定列表中指定数字出现次数的方法...
- 库克宣布苹果将捐款帮助山西
- ES5-String-indexOf/lastIndexOf
- android 输入法 监听,android 监听 输入法
- 流畅的Python(Fluent Python)
- 父级fixed_父元素设置absolute,子元素设置fixed定位失效
- idea 流程图出现 Condition \n