OpenStack 介绍
openstack目前已经更新到P版,与以往不同的是之前每6个月发布一个新的版本,从P版本开始,每年会发布一个新的版本。
官方安装文档:https://docs.openstack.org/install-guide/
测试环境说明
控制节点(Controller): openstack-node1 <192.168.10.11>
计算节点(Computer): openstack-node2 <192.168.10.12> , openstack-node3 <192.168.10.13>
网络环境: 单一网络,桥接模式
存储模式: 本地存储
环境初始化准备
1、 安装ntp服务,同步时间。
2、安装openstack 包
# yum install -y centos-release-openstack-pike
3、在node1安装数据库(https://docs.openstack.org/install-guide/environment-sql-database-rdo.html)
# yum install mariadb mariadb-server python2-PyMySQL -y
4、配置数据库并启动
vim /etc/my.cnf.d/openstack.cnf
[mysqld]
bind-address = 192.168.10.11
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
启动数据库并初始化:
# systemctl enable mariadb.service
# systemctl start mariadb.service
# mysql_secure_installation
5、创建数据库
MariaDB [(none)]> create database keystone;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> create database nova;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> create database nova_api;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> create database glance;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> create database neutron;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> create database cinder;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> CREATE DATABASE nova_cell0;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| cinder |
| glance |
| information_schema |
| keystone |
| mysql |
| neutron |
| nova |
| nova_api |
| nova_cell0 |
| performance_schema |
+--------------------+
9 rows in set (0.00 sec)
授权:
MariaDB [(none)]> grant all on keystone.* to 'keystone'@'localhost' identified by 'keystone';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all on keystone.* to 'keystone'@'%' identified by 'keystone';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all on nova.* to 'nova'@'localhost' identified by 'nova';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all on nova.* to 'nova'@'%' identified by 'nova';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all on nova_api.* to 'nova'@'localhost' identified by 'nova';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all on nova_api.* to 'nova'@'%' identified by 'nova';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all on glance.* to 'glance'@'localhost' identified by 'glance';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all on glance.* to 'glance'@'%' identified by 'glance';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all on neutron.* to 'neutron'@'localhost' identified by 'neutron';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all on neutron.* to 'neutron'@'%' identified by 'neutron';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all on cinder.* to 'cinder'@'localhost' identified by 'cinder';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all on cinder.* to 'cinder'@'%' identified by 'cinder';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY 'nova';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY 'nova';
Query OK, 0 rows affected (0.00 sec)
测试用户和授权:
[root@node1 ~]# mysql -ukeystone -pkeystone;
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| keystone |
+--------------------+
2 rows in set (0.00 sec)
[root@node1 ~]# mysql -unova -pnova;
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| nova |
| nova_api |
+--------------------+
3 rows in set (0.00 sec)
[root@node1 ~]# mysql -uglance -pglance;
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| glance |
| information_schema |
+--------------------+
2 rows in set (0.01 sec)
[root@node1 ~]# mysql -uneutron -pneutron;
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| neutron |
+--------------------+
2 rows in set (0.00 sec)
[root@node1 ~]# mysql -ucinder -pcinder;
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| cinder |
| information_schema |
+--------------------+
2 rows in set (0.00 sec)
6、安装配置rabbitMQ
[root@node1 ~]# yum install rabbitmq-server -y
[root@node1 ~]# systemctl enable rabbitmq-server.service
[root@node1 ~]# systemctl start rabbitmq-server.service
[root@node1 ~]# rabbitmqctl add_user openstack openstack
[root@node1 ~]# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
检查:
(1). 如果要通过web界面登录,查看rabbitMQ的状态,需要开启web登录的插件:
rabbitmq-plugins enable rabbitmq_management
开启后会rabbitMQ会开启一个监听15672的端口,使用此端口登录web界面,使用账号guest/guest可查看当前状态。
(2). rabbitMQ会监听25672和2572端口。
7、安装配置memecache:
[root@node1 ~]# yum install memcached python-memcached -y
修改配置文件,修改为本地IP地址和添加contoller节点的IP标识:
vim /etc/sysconfig/memcached
OPTIONS="-l 192.168.10.11,::1"
启动服务:
# systemctl enable memcached.service
# systemctl start memcached.service
8、控制节点安装如下软件包:
安装keystone
# yum install -y openstack-keystone httpd mod_wsgi
安装Glance
# yum install -y openstack-glance
安装nova
# yum install -y openstack-nova-api openstack-nova-placement-api \
openstack-nova-conductor openstack-nova-console \
openstack-nova-novncproxy openstack-nova-scheduler
安装neutron
# yum install -y openstack-neutron openstack-neutron-ml2 \
openstack-neutron-linuxbridge ebtables
安装OpenStack命令
yum install -y python-openstackclient openstack-selinux
9、计算节点安装 nova-computer 和neutron的相关组件:
# yum install -y openstack-nova-compute sysfsutils
# yum install -y openstack-neutron openstack-neutron-linuxbridge ebtables
安装Keystone服务
openstack 的Keystone 组件提供统一的用户注册和验证服务。keystone服务默认使用的端口为5000.
1、 修改配置文件/etc/keystone/keystone.conf
,我们的控制节点为 192.168.10.11
[database]
# ...
connection = mysql+pymysql://keystone:keystone@192.168.10.11/keystone
[token]
# ...
provider = fernet
2、同步数据库:
# su -s /bin/sh -c "keystone-manage db_sync" keystone
检查同步是否成功:
# mysql -ukeystone -pkeystone -e "use keystone;show tables;"
3、初始化:
# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
4、启动服务,指定密码为admin:
keystone-manage bootstrap --bootstrap-password admin \
--bootstrap-admin-url http://192.168.10.11:35357/v3/ \
--bootstrap-internal-url http://192.168.10.11:5000/v3/ \
--bootstrap-public-url http://192.168.10.11:5000/v3/ \
--bootstrap-region-id RegionOne
5、配置Apache httpd,修改配置文件/etc/httpd/conf/httpd.conf
: 修改为控制节点的IP
ServerName 192.168.10.11
6、创建软连接,将keystone的配置链接到apache:
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
7、启动服务,并设置自启动
# systemctl enable httpd.service
# systemctl start httpd.service
查看5000端口(public endpoint)和35357(admin endpoint)端口是否启动。
8、设置环境变量:
export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://192.168.10.11:35357/v3
export OS_IDENTITY_API_VERSION=3
9、创建域,项目,用户和角色
- 创建一个service 项目:
# openstack project create --domain default --description "Service Project" service
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Service Project |
| domain_id | default |
| enabled | True |
| id | 1b1aef4a9bda49d59ffa17cbae4d3247 |
| is_domain | False |
| name | service |
| parent_id | default |
+-------------+----------------------------------+
- 创建一个demo的项目:
# openstack project create --domain default --description "Demo Project" demo
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Demo Project |
| domain_id | default |
| enabled | True |
| id | d63f87c94e634aefbdf3fa48d4f43b18 |
| is_domain | False |
| name | demo |
| parent_id | default |
+-------------+----------------------------------+
- 创建一个demo的用户,并设置密码为 demo:
# openstack user create --domain default --password demo demo
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 8c10323be99e4597a099db1ba3b79627 |
| name | demo |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
- 创建一个用户角色:
# openstack role create user
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | None |
| id | b3fb6198ad97428898db24d04a384e5d |
| name | user |
+-----------+----------------------------------+
- 将user角色添加到demo项目中,并给demo用户授予 user角色的权限:
openstack role add --project demo --user demo user
检查用户,角色,项目:
# openstack user list
+----------------------------------+-------+
| ID | Name |
+----------------------------------+-------+
| 8c10323be99e4597a099db1ba3b79627 | demo |
| b6656538b5334a1cae296fee65ca122b | admin |
+----------------------------------+-------+
# openstack role list
+----------------------------------+----------+
| ID | Name |
+----------------------------------+----------+
| 36e337bdc9c94785b4fce4e5e7cc5710 | admin |
| 9fe2ff9ee4384b1894a90878d3e92bab | _member_ |
| b3fb6198ad97428898db24d04a384e5d | user |
+----------------------------------+----------+
# openstack project list
+----------------------------------+---------+
| ID | Name |
+----------------------------------+---------+
| 0daaf987a867495fa0937a16b359c729 | admin |
| 1b1aef4a9bda49d59ffa17cbae4d3247 | service |
| d63f87c94e634aefbdf3fa48d4f43b18 | demo |
+----------------------------------+---------+
10 . Unset 掉临时的 OS_AUTH_URL
和 OS_PASSWORD
环境变量,对admin用户和demo用户进行验证:
# unset OS_AUTH_URL OS_PASSWORD
11 . 使用admin 用户,获取一个授权的token,使用 --os-password
指定用户密码:
# openstack --os-auth-url http://192.168.10.11:35357/v3 --os-project-domain-name Default --os-user-domain-name Default --os-project-name admin --os-username admin --os-password admin token issue
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires | 2018-01-09T10:49:13+0000 |
| id | gAAAAABaVJAZylB0puTtnl0DoU1rUSkNP4wOM_2CgL7j_rVRy7nowuQRX9LueUVbfR6jjeB4wtAWAfl39oeECgdEaJUrUBvLnpDAIHBP1lf1AVXFDyAYUEisUZFEC4TpULgxvRK7c98PjABWUQO27jY74zi7kdEtEH6J783TKARCpxr42dPFfbM |
| project_id | 0daaf987a867495fa0937a16b359c729 |
| user_id | b6656538b5334a1cae296fee65ca122b |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
12 . 尝试使用demo用户获取一个token:
# openstack --os-auth-url http://192.168.10.11:5000/v3 --os-project-domain-name Default --os-user-domain-name Default --os-project-name demo --os-username demo --os-password demo token issue
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires | 2018-01-09T10:54:39+0000 |
| id | gAAAAABaVJFfrjuHz6b6VIKFo59Z_pFF6bzdxmU7y81OhzznZ0QQIwsbiTgPrnCkC4DRBQAQ6uSj-M-kBQURHAwxHRhCvGxikhcNtsgLTH5d4xy_QIWLmAGapB90Gvykbqjz4EGjYTGWYT2vYg8K1fGiglNJZS8C-fqP6YDmDAQFLkaNVrqcs6Y |
| project_id | d63f87c94e634aefbdf3fa48d4f43b18 |
| user_id | 8c10323be99e4597a099db1ba3b79627 |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
13 . 验证成功后,可以将admin和demo用户指定的参数使用环境变量的方式写到文件中,在使用不同用户进行操作时,就先执行此环境变量:
# cat admin-openstack.sh
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_AUTH_URL=http://192.168.10.11:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
# cat demo-openstack.sh
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=demo
export OS_AUTH_URL=http://192.168.10.11:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
通过执行 source admin-openstack.sh
和 source demo-openstack.sh
来获取token ,确保获取成功。
# source admin-openstack.sh
# openstack token issue
...
# source demo-openstack.sh
# openstack token issue
...
查看服务:
[root@openstack-node1 ~]# source admin-openstack.sh
[root@openstack-node1 ~]# openstack service list
+----------------------------------+----------+----------+
| ID | Name | Type |
+----------------------------------+----------+----------+
| 5f6ad425ca88486083910af1cf7d2684 | keystone | identity |
+----------------------------------+----------+----------+
配置镜像服务Glance
1、创建一个glance的用户,设置密码为glance:
# openstack user create --domain default --password glance glance
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | d42073f41d3240db9db27ab493be3495 |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
2、 将 glance用户添加到 Service 项目,并授予 admin的角色权限:
# openstack role add --project service --user glance admin
3、 创建一个glance的服务:
# openstack service create --name glance --description "OpenStack Image" image
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image |
| enabled | True |
| id | 9627ac8da083454cb644916a5a30525e |
| name | glance |
| type | image |
+-------------+----------------------------------+
4、创建镜像服务的api ,endpoint。这里的endpoint实际上就是一个URL链接,分别为public、internal、admin。
# openstack endpoint create --region RegionOne image public http://192.168.10.11:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 4d62369819b8441bbc73b5093b397093 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 9627ac8da083454cb644916a5a30525e |
| service_name | glance |
| service_type | image |
| url | http://192.168.10.11:9292 |
+--------------+----------------------------------+
# openstack endpoint create --region RegionOne image internal http://192.168.10.11:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 08f7962c2f544591af7ebd7e8c01a50a |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 9627ac8da083454cb644916a5a30525e |
| service_name | glance |
| service_type | image |
| url | http://192.168.10.11:9292 |
+--------------+----------------------------------+
# openstack endpoint create --region RegionOne image admin http://192.168.10.11:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 62d31d33d7b949ddb37960d5dfb04133 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 9627ac8da083454cb644916a5a30525e |
| service_name | glance |
| service_type | image |
| url | http://192.168.10.11:9292 |
+--------------+----------------------------------+
5、修改glance配置,在 /etc/glance/glance-api.conf
中配置如下选项:
# egrep -v "^#|^$" /etc/glance/glance-api.conf
[database]
connection = mysql+pymysql://glance:glance@192.168.10.11/glance
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images
[keystone_authtoken]
auth_uri = http://192.168.10.11:5000
auth_url = http://192.168.10.11:35357
memcached_servers = 192.168.10.11:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = glance
[paste_deploy]
flavor = keystone
6、修改 /etc/glance/glance-registry.conf
文件配置:
# egrep -v "^#|^$" /etc/glance/glance-registry.conf
[database]
connection = mysql+pymysql://glance:glance@192.168.10.11/glance
[keystone_authtoken]
auth_uri = http://192.168.10.11:5000
auth_url = http://192.168.10.11:35357
memcached_servers = 192.168.10.11:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = glance
[paste_deploy]
flavor = keystone
6、 同步数据库:
# su -s /bin/sh -c "glance-manage db_sync" glance
7、启动服务:
# systemctl enable openstack-glance-api.service openstack-glance-registry.service
# systemctl start openstack-glance-api.service openstack-glance-registry.service
glance-api监听 9292端口, glance-registry 监听9191端口,可以通过如下命令查看:
ps aux|grep PID
8、对服务进行验证。下载示例的小镜像:
# source admin-openstack.sh
# wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img
9、 添加此镜像到镜像服务,使用QCOW2的格式,容器格式为bare,指定权限为public:
# openstack image create "cirros" --file cirros-0.3.5-x86_64-disk.img --disk-format qcow2 --container-format bare --public
+------------------+------------------------------------------------------+
| Field | Value |
+------------------+------------------------------------------------------+
| checksum | f8ab98ff5e73ebab884d80c9dc9c7290 |
| container_format | bare |
| created_at | 2018-01-09T11:27:25Z |
| disk_format | qcow2 |
| file | /v2/images/dc655534-2821-47c1-b9c4-8687b52dfdbc/file |
| id | dc655534-2821-47c1-b9c4-8687b52dfdbc |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros |
| owner | 0daaf987a867495fa0937a16b359c729 |
| protected | False |
| schema | /v2/schemas/image |
| size | 13267968 |
| status | active |
| tags | |
| updated_at | 2018-01-09T11:27:26Z |
| virtual_size | None |
| visibility | public |
+------------------+------------------------------------------------------+
10、 查看镜像:
# openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| dc655534-2821-47c1-b9c4-8687b52dfdbc | cirros | active |
+--------------------------------------+--------+--------+
控制节点配置 nova 服务
1、创建nova 用户,设置密码为nova:
# source admin-openstack.sh
# openstack user create --domain default --password nova nova
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 6efaf22f5f17465fa72f83bb94da7418 |
| name | nova |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
2、将nova用户添加到sevice项目,并授予admin权限:
# openstack role add --project service --user nova admin
3、创建一个nova的service:
# openstack service create --name nova --description "OpenStack Compute" compute
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Compute |
| enabled | True |
| id | 98402effc56a46c8b8f1f089faa38388 |
| name | nova |
| type | compute |
+-------------+----------------------------------+
4、 创建计算服务的 API endpoint, 分别对应public ,internal, admin:
# openstack endpoint create --region RegionOne compute public http://192.168.10.11:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | e4217f184aa942d592c8882165c7179b |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 98402effc56a46c8b8f1f089faa38388 |
| service_name | nova |
| service_type | compute |
| url | http://192.168.10.11:8774/v2.1 |
+--------------+----------------------------------+
# openstack endpoint create --region RegionOne compute internal http://192.168.10.11:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 63daae9015cd4b4ca87f5258c347eb97 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 98402effc56a46c8b8f1f089faa38388 |
| service_name | nova |
| service_type | compute |
| url | http://192.168.10.11:8774/v2.1 |
+--------------+----------------------------------+
# openstack endpoint create --region RegionOne compute admin http://192.168.10.11:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | ec346833eba94099be33e7390579f712 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 98402effc56a46c8b8f1f089faa38388 |
| service_name | nova |
| service_type | compute |
| url | http://192.168.10.11:8774/v2.1 |
+--------------+----------------------------------+
5、 创建一个placement的用户,并设置密码为placement:
# openstack user create --domain default --password placement placement
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | b1324b8660e741b2956f63be2b3a5d69 |
| name | placement |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
6、添加placement 用户到 servi项目,并授予 admin权限:
# openstack role add --project service --user placement admin
7、创建placement的服务:
# openstack service create --name placement --description "Placement API" placement
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Placement API |
| enabled | True |
| id | df983a5c65d0458a8ddc93ffebf49f92 |
| name | placement |
| type | placement |
+-------------+----------------------------------+
8、创建placement api endpoint,指定 public ,internal,admin:
# openstack endpoint create --region RegionOne placement public http://192.168.10.11:8778
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 77e40ae383774440a1d26c749205a019 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | df983a5c65d0458a8ddc93ffebf49f92 |
| service_name | placement |
| service_type | placement |
| url | http://192.168.10.11:8778 |
+--------------+----------------------------------+
# openstack endpoint create --region RegionOne placement internal http://192.168.10.11:8778
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 78a4e9b6032a4174a2d4854a93305a1e |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | df983a5c65d0458a8ddc93ffebf49f92 |
| service_name | placement |
| service_type | placement |
| url | http://192.168.10.11:8778 |
+--------------+----------------------------------+
# openstack endpoint create --region RegionOne placement admin http://192.168.10.11:8778
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 7d975e3e5d8c4952a6a96903e5e6a36b |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | df983a5c65d0458a8ddc93ffebf49f92 |
| service_name | placement |
| service_type | placement |
| url | http://192.168.10.11:8778 |
+--------------+----------------------------------+
9、修改 nova 配置文件 /etc/nova/nova.conf
:
# egrep -v "^$|^#" /etc/nova/nova.conf
[DEFAULT]
use_neutron=true
firewall_driver=nova.virt.firewall.NoopFirewallDriver
enabled_apis=osapi_compute,metadata
transport_url=rabbit://openstack:openstack@192.168.10.11
[api]
auth_strategy=keystone
[api_database]
connection=mysql+pymysql://nova:nova@192.168.10.11/nova_api
[database]
connection=mysql+pymysql://nova:nova@192.168.10.11/nova
[glance]
api_servers=http://192.168.10.11:9292
[keystone_authtoken]
auth_uri = http://192.168.10.11:5000
auth_url = http://192.168.10.11:35357
memcached_servers = 192.168.10.11:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = nova
[oslo_concurrency]
lock_path=/var/lib/nova/tmp
[placement]
os_region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://192.168.10.11:35357/v3
username = placement
password = placement
[vnc]
enabled=true
vncserver_listen=192.168.10.11
vncserver_proxyclient_address=192.168.10.11
10、对软件包的 bug修复,需要添加如下内容到 /etc/httpd/conf.d/00-nova-placement-api.conf
文件中(添加到虚拟主机中):
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
11、 重启 httpd的服务:
# systemctl restart httpd
12、 同步nova-api数据:
su -s /bin/sh -c "nova-manage api_db sync" nova
13、注册cell0:
# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
14 、创建 cell1:
su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
eab4a5f9-04fb-40fa-bf78-c6cd75ab93b1
15、 同步nova 数据库:
# su -s /bin/sh -c "nova-manage db sync" nova
16、 查看cell和cell是否注册成功。
# nova-manage cell_v2 list_cells
+-------+--------------------------------------+
| Name | UUID |
+-------+--------------------------------------+
| cell1 |ddc4df46-fd96-4778-b312-95e8ad37e3d3 |
| cell0 | 00000000-0000-0000-0000-000000000000 |
+-------+--------------------------------------+
17、启动服务:
# systemctl enable openstack-nova-api.service \
openstack-nova-consoleauth.service openstack-nova-scheduler.service \
openstack-nova-conductor.service openstack-nova-novncproxy.service
# systemctl start openstack-nova-api.service \
openstack-nova-consoleauth.service openstack-nova-scheduler.service \
openstack-nova-conductor.service openstack-nova-novncproxy.service
验证控制节点服务
查看各个服务状态:
[root@openstack-node1 ~]# openstack service list
+----------------------------------+-----------+-----------+
| ID | Name | Type |
+----------------------------------+-----------+-----------+
| 5f6ad425ca88486083910af1cf7d2684 | keystone | identity |
| 9627ac8da083454cb644916a5a30525e | glance | image |
| 98402effc56a46c8b8f1f089faa38388 | nova | compute |
| df983a5c65d0458a8ddc93ffebf49f92 | placement | placement |
+----------------------------------+-----------+-----------+
[root@openstack-node1 ~]# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------------+
| ID | Region | Service Name | Service Type | Enabled | Interface | URL |
+----------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------------+
| 08f7962c2f544591af7ebd7e8c01a50a | RegionOne | glance | image | True | internal | http://192.168.10.11:9292 |
| 25168e5be3504fd7a1ec442e518e0af2 | RegionOne | keystone | identity | True | public | http://192.168.10.11:5000/v3/ |
| 314e7ec43fb7410e94cdf41b6e72f207 | RegionOne | keystone | identity | True | admin | http://192.168.10.11:35357/v3/ |
| 4d62369819b8441bbc73b5093b397093 | RegionOne | glance | image | True | public | http://192.168.10.11:9292 |
| 62d31d33d7b949ddb37960d5dfb04133 | RegionOne | glance | image | True | admin | http://192.168.10.11:9292 |
| 63daae9015cd4b4ca87f5258c347eb97 | RegionOne | nova | compute | True | internal | http://192.168.10.11:8774/v2.1 |
| 77e40ae383774440a1d26c749205a019 | RegionOne | placement | placement | True | public | http://192.168.10.11:8778 |
| 78a4e9b6032a4174a2d4854a93305a1e | RegionOne | placement | placement | True | internal | http://192.168.10.11:8778 |
| 7d975e3e5d8c4952a6a96903e5e6a36b | RegionOne | placement | placement | True | admin | http://192.168.10.11:8778 |
| 9bd7115ba69a43a8bfed68edbd1ad992 | RegionOne | keystone | identity | True | internal | http://192.168.10.11:5000/v3/ |
| e4217f184aa942d592c8882165c7179b | RegionOne | nova | compute | True | public | http://192.168.10.11:8774/v2.1 |
| ec346833eba94099be33e7390579f712 | RegionOne | nova | compute | True | admin | http://192.168.10.11:8774/v2.1 |
+----------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------------+
[root@openstack-node1 ~]# openstack compute service list
+----+------------------+-----------------+----------+---------+-------+----------------------------+
| ID | Binary | Host | Zone | Status | State | Updated At |
+----+------------------+-----------------+----------+---------+-------+----------------------------+
| 1 | nova-consoleauth | openstack-node1 | internal | enabled | up | 2018-01-10T09:33:17.000000 |
| 2 | nova-scheduler | openstack-node1 | internal | enabled | up | 2018-01-10T09:33:18.000000 |
| 3 | nova-conductor | openstack-node1 | internal | enabled | up | 2018-01-10T09:33:18.000000 |
+----+------------------+-----------------+----------+---------+-------+----------------------------+
下一节将介绍其它组件的配置。