1、前期准备与说明
使用搭建openstack私用云平台的软件:VMware Workstation
使用的基础镜像:centos7.5.iso
使用搭建的iso镜像包:chinaskills_cloud_iaas.iso
网络模式选择:Flat直连模式
2、controller、compute硬件配置
【controller】
【compute】
3、controller、compute节点IP地址配置情况
主机名 | 内部网络(仅主机模式) | 外部网络(NAT模式) |
controller | 172.16.10.10 | 10.0.0.0/24 GW:10.0.0.1 |
compute | 172.16.10.20 | 10.0.0.0/24 GW:10.0.0.1 |
【controller】
[root@controller ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens32 TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=static DEFROUTE=yes NAME=ens32 DEVICE=ens32 ONBOOT=yes IPADDR=172.16.10.10 NETMASK=255.255.255.0 GATEWAY=172.168.10.1 [root@controller ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens34 TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=static DEFROUTE=yes NAME=ens34 DEVICE=ens34 ONBOOT=yes [root@controller ~]# systemctl restart network [root@controller ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:a7:1f:53 brd ff:ff:ff:ff:ff:ff inet 172.16.10.10/24 brd 172.16.10.255 scope global noprefixroute ens32 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fea7:1f53/64 scope link valid_lft forever preferred_lft forever 3: ens34: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:a7:1f:5d brd ff:ff:ff:ff:ff:ff inet6 fe80::20c:29ff:fea7:1f5d/64 scope link valid_lft forever preferred_lft forever
【compute】
[root@compute ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens32 TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=static DEFROUTE=yes NAME=ens32 DEVICE=ens32 ONBOOT=yes IPADDR=172.16.10.20 NETMASK-255.255.255.0 GATEWAY=172.16.10.1 [root@compute ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens34 TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=static DEFROUTE=yes NAME=ens34 DEVICE=ens34 ONBOOT=yes [root@compute ~]# systemctl restart network [root@compute ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:80:17:9e brd ff:ff:ff:ff:ff:ff inet 172.16.10.20/16 brd 172.16.255.255 scope global noprefixroute ens32 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe80:179e/64 scope link valid_lft forever preferred_lft forever 3: ens34: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:80:17:a8 brd ff:ff:ff:ff:ff:ff inet6 fe80::20c:29ff:fe80:17a8/64 scope link valid_lft forever preferred_lft forever
4、修改主机名和主机名映射
【controller】
[root@controller ~]# hostnamectl set-hostname controller [root@controller ~]# su [root@controller ~]# hostnamectl Static hostname: controller Icon name: computer-vm Chassis: vm Machine ID: 8ecc4e2d12224707b1d93f7a18706a30 Boot ID: a4973aa4d65940baa24d801bc37c620a Virtualization: vmware Operating System: CentOS Linux 7 (Core) CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-862.el7.x86_64 Architecture: x86-64 [root@controller ~]# echo -e "172.16.10.10\tcontroller\\t172.16.10.20\tcompute" /etc/hosts 172.16.10.10 controller 172.16.10.20 compute /etc/hosts [root@controller ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 172.16.10.10 controller 172.16.10.20 compute [root@controller ~]# ping compute PING compute (172.16.10.20) 56(84) bytes of data. 64 bytes from compute (172.16.10.20): icmp_seq=1 ttl=64 time=0.444 ms 64 bytes from compute (172.16.10.20): icmp_seq=2 ttl=64 time=2.73 ms ^Z [1]+ Stopped ping compute [root@controller ~]#
【compute】
[root@compute ~]# hostnamectl set-hostname compute [root@compute ~]# su [root@compute ~]# hostnamectl Static hostname: compute Icon name: computer-vm Chassis: vm Machine ID: 8ecc4e2d12224707b1d93f7a18706a30 Boot ID: 8ab9daac3ef8496bb52ee0893f152709 Virtualization: vmware Operating System: CentOS Linux 7 (Core) CPE OS Name: cpe:/o:centos:centos:7 Kernel: Linux 3.10.0-862.el7.x86_64 Architecture: x86-64 [root@compute ~]# echo -e "172.16.10.10\tcontroller\\t172.16.10.20\tcompute" /etc/hosts 172.16.10.10 controller 172.16.10.20 compute /etc/hosts [root@compute ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 172.16.10.10 controller 172.16.10.20 compute [root@compute ~]# ping controller PING controller (172.16.10.10) 56(84) bytes of data. 64 bytes from controller (172.16.10.10): icmp_seq=1 ttl=64 time=0.222 ms 64 bytes from controller (172.16.10.10): icmp_seq=2 ttl=64 time=1.52 ms ^Z [1]+ Stopped ping controller [root@compute ~]#
5、关闭防火墙和修改SELINUX模式
【controller|compute】
<<以controller为例>>
[root@controller ~]# systemctl stop firewalld [root@controller ~]# systemctl disable firewalld [root@controller ~]# setenforce 0 setenforce: SELinux is disabled [root@controller ~]# sed -i "s/SELINUX=enforcing/SELINUX=permissive/g" /etc/selinux/config [root@controller ~]# cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=permissive # SELINUXTYPE= can take one of three two values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted [root@controller ~]#
6、配置本地YUM源
【controller】
[root@controller ~]# mkdir /opt/{centos,openstack} [root@controller ~]# cd /etc/yum.repos.d/ [root@controller yum.repos.d]# ls bak http.repo [root@controller yum.repos.d]# vi http.repo [root@controller yum.repos.d]# cat http.repo [centos] name=centos baseurl=file:///opt/centos gpgcheck=0 enabled=1 [openstack] name=openstack baseurl=file:///opt/openstack/iaas-repo gpgcheck=0 enabled=1 [root@controller yum.repos.d]#
【compute】
[root@compute ~]# cd /etc/yum.repos.d/ [root@compute yum.repos.d]# ll total 4 drwxr-xr-x. 2 root root 187 Nov 14 17:46 bak -rw-r--r--. 1 root root 181 Nov 14 17:46 http.repo [root@compute yum.repos.d]# vi http.repo [root@compute yum.repos.d]# cat http.repo [centos] name=centos baseurl=http://172.16.10.10/opt/centos gpgcheck=0 enabled=1 [openstack] name=openstack baseurl=http://172.16.10.10/opt/openstack/iaas-repo gpgcheck=0 enabled=1 [root@compute yum.repos.d]#
7、上传所需镜像文件并进行挂载测试
【controller】
[root@controller ~]# ll total 8075368 -rw-------. 1 root root 1381 Oct 18 14:22 anaconda-ks.cfg -rw-r--r--. 1 root root 4470079488 Nov 14 17:53 CentOS-7-x86_64-DVD-1804.iso -rw-r--r--. 1 root root 3799093248 Nov 14 18:00 chinaskills_cloud_iaas.iso [root@controller ~]# mount -o loop CentOS-7-x86_64-DVD-1804.iso /mnt/ mount: /dev/loop0 is write-protected, mounting read-only [root@controller ~]# cp -rf /mnt/* /opt/centos/ [root@controller ~]# umount /mnt/ [root@controller ~]# mount -o loop chinaskills_cloud_iaas.iso /mnt/ mount: /dev/loop0 is write-protected, mounting read-only [root@controller ~]# cp -rf /mnt/* /opt/openstack/ [root@controller ~]# umount /mnt/
测试镜像是否设置成功
[root@controller ~]# yum clean all Loaded plugins: fastestmirror Cleaning repos: centos openstack Cleaning up everything Maybe you want: rm -rf /var/cache/yum, to also free up space taken by orphaned data from disabled or removed repos [root@controller ~]# yum repolist Loaded plugins: fastestmirror Determining fastest mirrors centos | 3.6 kB 00:00:00 openstack | 2.9 kB 00:00:00 (1/3): centos/primary_db | 3.1 MB 00:00:00 (2/3): centos/group_gz | 166 kB 00:00:00 (3/3): openstack/primary_db | 1.4 MB 00:00:00 repo id repo name statuscentos centos 3,971 openstack openstack 3,232 repolist: 7,203 [root@controller ~]#
安装http服务
[root@controller ~]# yum install -y httpd [root@controller ~]# systemctl start httpd && systemctl enable httpd Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service. [root@controller ~]# ln -s /opt/ /var/www/html/ [root@controller ~]# cd /var/www/html/ [root@controller html]# ll total 0 lrwxrwxrwx 1 root root 5 Nov 15 02:30 opt -> /opt/ [root@controller html]#
【compute】
[root@compute ~]# yum clean all Loaded plugins: fastestmirror Cleaning repos: centos openstack Cleaning up everything Maybe you want: rm -rf /var/cache/yum, to also free up space taken by orphaned data from disabled or removed repos [root@compute ~]# yum repolist Loaded plugins: fastestmirror Determining fastest mirrors centos | 3.6 kB 00:00:00 openstack | 2.9 kB 00:00:00 (1/3): centos/group_gz | 166 kB 00:00:00 (2/3): openstack/primary_db | 1.4 MB 00:00:00 (3/3): centos/primary_db | 3.1 MB 00:00:00 repo id repo name statuscentos centos 3,971 openstack openstack 3,232 repolist: 7,203 [root@compute ~]#
8、YUM源安装并修改opensrc.sh配置文件
【controller】
[root@controller ~]# yum install -y iaas-xiandian
[root@controller ~]# vi /etc/xiandian/openrc.sh
在命令模式下执行此命令:%s/^.//g
用于删除#
在命令模式下执行此命令:%s/PASS=/PASS=000000/g
用于编写PASS
在编辑模式下,按q
进入到命令模式
[root@controller ~]# cat /etc/xiandian/openrc.sh #--------------------system Config--------------------## #Controller Server Manager IP. example:x.x.x.x HOST_IP=172.16.10.10 #Controller HOST Password. example:000000 HOST_PASS=000000 #Controller Server hostname. example:controller HOST_NAME=controller #Compute Node Manager IP. example:x.x.x.x HOST_IP_NODE=172.16.10.20 #Compute HOST Password. example:000000 HOST_PASS_NODE=000000 #Compute Node hostname. example:compute HOST_NAME_NODE=compute #--------------------Chrony Config-------------------## #Controller network segment IP. example:x.x.0.0/16(x.x.x.0/24) network_segment_IP=172.16.10.0/24 #--------------------Rabbit Config ------------------## #user for rabbit. example:openstack RABBIT_USER=openstack #Password for rabbit user .example:000000 RABBIT_PASS=000000 #--------------------MySQL Config---------------------## #Password for MySQL root user . exmaple:000000 DB_PASS=000000 #--------------------Keystone Config------------------## #Password for Keystore admin user. exmaple:000000 DOMAIN_NAME=demo ADMIN_PASS=000000 DEMO_PASS=000000 #Password for Mysql keystore user. exmaple:000000 KEYSTONE_DBPASS=000000 #--------------------Glance Config--------------------## #Password for Mysql glance user. exmaple:000000 GLANCE_DBPASS=000000 #Password for Keystore glance user. exmaple:000000 GLANCE_PASS=000000 #--------------------Nova Config----------------------## #Password for Mysql nova user. exmaple:000000 NOVA_DBPASS=000000 #Password for Keystore nova user. exmaple:000000 NOVA_PASS=000000 #--------------------Neturon Config-------------------## #Password for Mysql neutron user. exmaple:000000 NEUTRON_DBPASS=000000 #Password for Keystore neutron user. exmaple:000000 NEUTRON_PASS=000000 #metadata secret for neutron. exmaple:000000 METADATA_SECRET=000000 #Tunnel Network Interface. example:x.x.x.x INTERFACE_IP=172.16.10.10 #External Network Interface. example:eth1 INTERFACE_NAME=ens34 #External Network The Physical Adapter. example:provider Physical_NAME=provider #First Vlan ID in VLAN RANGE for VLAN Network. exmaple:101 minvlan=1 #Last Vlan ID in VLAN RANGE for VLAN Network. example:200 maxvlan=2000 #--------------------Cinder Config--------------------## #Password for Mysql cinder user. exmaple:000000 CINDER_DBPASS=000000 #Password for Keystore cinder user. exmaple:000000 CINDER_PASS=000000 #Cinder Block Disk. example:md126p3 BLOCK_DISK=sdb #--------------------Swift Config---------------------## #Password for Keystore swift user. exmaple:000000 SWIFT_PASS=000000 #The NODE Object Disk for Swift. example:md126p4. OBJECT_DISK=sdc #The NODE IP for Swift Storage Network. example:x.x.x.x. STORAGE_LOCAL_NET_IP=172.16.10.20 #--------------------Heat Config----------------------## #Password for Mysql heat user. exmaple:000000 HEAT_DBPASS=000000 #Password for Keystore heat user. exmaple:000000 HEAT_PASS=000000 #--------------------Zun Config-----------------------## #Password for Mysql Zun user. exmaple:000000 ZUN_DBPASS=000000 #Password for Keystore Zun user. exmaple:000000 ZUN_PASS=000000 #Password for Mysql Kuryr user. exmaple:000000 KURYR_DBPASS=000000 #Password for Keystore Kuryr user. exmaple:000000 KURYR_PASS=000000 #--------------------Ceilometer Config----------------## #Password for Gnocchi ceilometer user. exmaple:000000 CEILOMETER_DBPASS=000000 #Password for Keystore ceilometer user. exmaple:000000 CEILOMETER_PASS=000000 #--------------------AODH Config----------------## #Password for Mysql AODH user. exmaple:000000 AODH_DBPASS=000000 #Password for Keystore AODH user. exmaple:000000 AODH_PASS=000000 #--------------------Barbican Config----------------## #Password for Mysql Barbican user. exmaple:000000 BARBICAN_DBPASS=000000 #Password for Keystore Barbican user. exmaple:000000 BARBICAN_PASS=000000
将controller配置好的openrc.sh通过scp传输至compute相应的文件夹内
[root@controller ~]# scp /etc/xiandian/openrc.sh 172.16.19.20:/etc/xiandian/openrc.sh ssh: connect to host 172.16.19.20 port 22: No route to host lost connection [root@controller ~]# scp /etc/xiandian/openrc.sh 172.16.10.20:/etc/xiandian/openrc.sh The authenticity of host '172.16.10.20 (172.16.10.20)' can't be established. ECDSA key fingerprint is SHA256:lDjv6aHOHM9bz6LzO/u3DT4AMGxP56xSw5VGt9YVco0. ECDSA key fingerprint is MD5:11:8a:16:1d:cb:78:26:35:c7:87:1b:81:d3:fa:e2:fb. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '172.16.10.20' (ECDSA) to the list of known hosts. root@172.16.10.20's password: openrc.sh 100% 3807 1.8MB/s 00:00 [root@controller ~]#
【compute】
[root@compute ~]# vi /etc/xiandian/openrc.sh [root@compute ~]# cat /etc/xiandian/openrc.sh #--------------------system Config--------------------## #Controller Server Manager IP. example:x.x.x.x HOST_IP=172.16.10.10 #Controller HOST Password. example:000000 HOST_PASS=000000 #Controller Server hostname. example:controller HOST_NAME=controller #Compute Node Manager IP. example:x.x.x.x HOST_IP_NODE=172.16.10.20 #Compute HOST Password. example:000000 HOST_PASS_NODE=000000 #Compute Node hostname. example:compute HOST_NAME_NODE=compute #--------------------Chrony Config-------------------## #Controller network segment IP. example:x.x.0.0/16(x.x.x.0/24) network_segment_IP=172.16.10.0/24 #--------------------Rabbit Config ------------------## #user for rabbit. example:openstack RABBIT_USER=openstack #Password for rabbit user .example:000000 RABBIT_PASS=000000 #--------------------MySQL Config---------------------## #Password for MySQL root user . exmaple:000000 DB_PASS=000000 #--------------------Keystone Config------------------## #Password for Keystore admin user. exmaple:000000 DOMAIN_NAME=demo ADMIN_PASS=000000 DEMO_PASS=000000 #Password for Mysql keystore user. exmaple:000000 KEYSTONE_DBPASS=000000 #--------------------Glance Config--------------------## #Password for Mysql glance user. exmaple:000000 GLANCE_DBPASS=000000 #Password for Keystore glance user. exmaple:000000 GLANCE_PASS=000000 #--------------------Nova Config----------------------## #Password for Mysql nova user. exmaple:000000 NOVA_DBPASS=000000 #Password for Keystore nova user. exmaple:000000 NOVA_PASS=000000 #--------------------Neturon Config-------------------## #Password for Mysql neutron user. exmaple:000000 NEUTRON_DBPASS=000000 #Password for Keystore neutron user. exmaple:000000 NEUTRON_PASS=000000 #metadata secret for neutron. exmaple:000000 METADATA_SECRET=000000 #Tunnel Network Interface. example:x.x.x.x INTERFACE_IP=172.16.10.20 #External Network Interface. example:eth1 INTERFACE_NAME=ens34 #External Network The Physical Adapter. example:provider Physical_NAME=provider #First Vlan ID in VLAN RANGE for VLAN Network. exmaple:101 minvlan=1 #Last Vlan ID in VLAN RANGE for VLAN Network. example:200 maxvlan=2000 #--------------------Cinder Config--------------------## #Password for Mysql cinder user. exmaple:000000 CINDER_DBPASS=000000 #Password for Keystore cinder user. exmaple:000000 CINDER_PASS=000000 #Cinder Block Disk. example:md126p3 BLOCK_DISK=sdb #--------------------Swift Config---------------------## #Password for Keystore swift user. exmaple:000000 SWIFT_PASS=000000 #The NODE Object Disk for Swift. example:md126p4. OBJECT_DISK=sdc #The NODE IP for Swift Storage Network. example:x.x.x.x. STORAGE_LOCAL_NET_IP=172.16.10.20 #--------------------Heat Config----------------------## #Password for Mysql heat user. exmaple:000000 HEAT_DBPASS=000000 #Password for Keystore heat user. exmaple:000000 HEAT_PASS=000000 #--------------------Zun Config-----------------------## #Password for Mysql Zun user. exmaple:000000 ZUN_DBPASS=000000 #Password for Keystore Zun user. exmaple:000000 ZUN_PASS=000000 #Password for Mysql Kuryr user. exmaple:000000 KURYR_DBPASS=000000 #Password for Keystore Kuryr user. exmaple:000000 KURYR_PASS=000000 #--------------------Ceilometer Config----------------## #Password for Gnocchi ceilometer user. exmaple:000000 CEILOMETER_DBPASS=000000 #Password for Keystore ceilometer user. exmaple:000000 CEILOMETER_PASS=000000 #--------------------AODH Config----------------## #Password for Mysql AODH user. exmaple:000000 AODH_DBPASS=000000 #Password for Keystore AODH user. exmaple:000000 AODH_PASS=000000 #--------------------Barbican Config----------------## #Password for Mysql Barbican user. exmaple:000000 BARBICAN_DBPASS=000000 #Password for Keystore Barbican user. exmaple:000000 BARBICAN_PASS=000000