7、配置域名解析
【controller】
[root@controller ~]# vi /etc/hosts [root@controller ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.1.10 controller 192.168.1.20 compute [root@controller ~]#
【compute】
[root@compute ~]# vi /etc/hosts [root@compute ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.1.10 controller 192.168.1.20 compute [root@compute ~]#
8、关闭防火墙和修改SELINUX安全模式
【controller、compute】
以compute节点为例,compute节点进行相同操作即可
关闭防火墙并设置防火墙开机不自启
[root@controller ~]# systemctl stop firewalld;systemctl disable firewalld Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. [root@controller ~]#
修改SELINUX安全模式(临时修改、永久修改)
(准确的来说,permissive是允许放行通过,即发出警告⚠但不阻止🚫;disabled是关闭SELINUX安全模式,既不发出安全警告,也不阻止。)
[root@controller ~]# setenforce 0 #临时关闭SELINUX [root@controller ~]# getenforce # 查询SELINUX模式 Permissive [root@controller ~]# sed -i 's/SELINUX=enforcing/SELINUX=permissive/g' /etc/selinux/config [root@controller ~]# cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=permissive # SELINUXTYPE= can take one of three two values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted [root@controller ~]#
同理,compute节点进行以上相同操作即可。
9、在【compute】节点上进行空白分区的划分,cinder存储和swift存储。
首先划出一整块磁盘空间,再进行分区。
[root@compute ~]# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 1.7T 0 disk ├─sda1 8:1 0 500M 0 part /boot ├─sda2 8:2 0 32G 0 part [SWAP] └─sda3 8:3 0 1T 0 part / [root@compute ~]# fdisk /dev/sda The device presents a logical sector size that is smaller than the physical sector size. Aligning to a physical sector (or optimal I/O) size boundary is recommended, or performance may be impacted. Welcome to fdisk (util-linux 2.23.2). Changes will remain in memory only, until you decide to write them. Be careful before using the write command. Command (m for help): p Disk /dev/sda: 1798.8 GB, 1798752436224 bytes, 3513188352 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 4096 bytes I/O size (minimum/optimal): 4096 bytes / 4096 bytes Disk label type: dos Disk identifier: 0x000915c2 Device Boot Start End Blocks Id System /dev/sda1 * 2048 1026047 512000 83 Linux /dev/sda2 1026048 68134911 33554432 82 Linux swap / Solaris /dev/sda3 68134912 2215618559 1073741824 83 Linux Command (m for help): n Partition type: p primary (3 primary, 0 extended, 1 free) e extended Select (default e): p Selected partition 4 First sector (2215618560-3513188351, default 2215618560): Using default value 2215618560 Last sector, +sectors or +size{K,M,G} (2215618560-3513188351, default 3513188351): +500G Partition 4 of type Linux and of size 500 GiB is set Command (m for help): p Disk /dev/sda: 1798.8 GB, 1798752436224 bytes, 3513188352 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 4096 bytes I/O size (minimum/optimal): 4096 bytes / 4096 bytes Disk label type: dos Disk identifier: 0x000915c2 Device Boot Start End Blocks Id System /dev/sda1 * 2048 1026047 512000 83 Linux /dev/sda2 1026048 68134911 33554432 82 Linux swap / Solaris /dev/sda3 68134912 2215618559 1073741824 83 Linux /dev/sda4 2215618560 3264194559 524288000 83 Linux Command (m for help): w The partition table has been altered! Calling ioctl() to re-read partition table. WARNING: Re-reading the partition table failed with error 16: Device or resource busy. The kernel still uses the old table. The new table will be used at the next reboot or after you run partprobe(8) or kpartx(8) Syncing disks. [root@compute ~]# partprobe /dev/sda [root@compute ~]# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 1.7T 0 disk ├─sda1 8:1 0 500M 0 part /boot ├─sda2 8:2 0 32G 0 part [SWAP] ├─sda3 8:3 0 1T 0 part / └─sda4 8:4 0 500G 0 part [root@compute ~]#
再进入到sda4磁盘,进行分区。cinder存储和swift存储。
[root@compute ~]# fdisk /dev/sda4 The device presents a logical sector size that is smaller than the physical sector size. Aligning to a physical sector (or optimal I/O) size boundary is recommended, or performance may be impacted. Welcome to fdisk (util-linux 2.23.2). Changes will remain in memory only, until you decide to write them. Be careful before using the write command. Command (m for help): p Disk /dev/sda4: 500.0 GB, 500000882688 bytes, 976564224 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 4096 bytes I/O size (minimum/optimal): 4096 bytes / 4096 bytes Disk label type: dos Disk identifier: 0x5a385372 Device Boot Start End Blocks Id System `/dev/sda4p1` 2048 419432447 209715200 83 Linux `/dev/sda4p2` 419432448 838862847 209715200 83 Linux Command (m for help): w The partition table has been altered! Calling ioctl() to re-read partition table. WARNING: Re-reading the partition table failed with error 22: Invalid argument. The kernel still uses the old table. The new table will be used at the next reboot or after you run partprobe(8) or kpartx(8) Syncing disks. [root@compute ~]# partprobe /dev/sda
10、编辑环境变量(controller、compute)
【controller、compute】
[root@controller ~]# yum install -y iaas-xiandian [root@compute ~]# yum install -y iaas-xiandian [root@compute ~]# yum install -y iaas-xiandian Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Resolving Dependencies --> Running transaction check ---> Package iaas-xiandian.x86_64 0:2.4-2 will be installed --> Finished Dependency Resolution Dependencies Resolved ======================================================================================================================================= Package Arch Version Repository Size ======================================================================================================================================= Installing: iaas-xiandian x86_64 2.4-2 openstack 19 k Transaction Summary ======================================================================================================================================= Install 1 Package Total download size: 19 k Installed size: 81 k Downloading packages: iaas-xiandian-2.4-2.x86_64.rpm | 19 kB 00:00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : iaas-xiandian-2.4-2.x86_64 1/1 Verifying : iaas-xiandian-2.4-2.x86_64 1/1 Installed: iaas-xiandian.x86_64 0:2.4-2 Complete! [root@compute ~]#
openrc.sh配置文件如下。
【controller】
[root@controller ~]# vi /etc/xiandian/openrc.sh [root@controller ~]# cat /etc/xiandian/openrc.sh #--------------------system Config--------------------## #Controller Server Manager IP. example:x.x.x.x HOST_IP=192.168.1.10 #Controller HOST Password. example:000000 HOST_PASS=000000 #Controller Server hostname. example:controller HOST_NAME=controller #Compute Node Manager IP. example:x.x.x.x HOST_IP_NODE=192.168.1.20 #Compute HOST Password. example:000000 HOST_PASS_NODE=000000 #Compute Node hostname. example:compute HOST_NAME_NODE=compute #--------------------Chrony Config-------------------## #Controller network segment IP. example:x.x.0.0/16(x.x.x.0/24) network_segment_IP=192.168.1.0/24 #--------------------Rabbit Config ------------------## #user for rabbit. example:openstack RABBIT_USER=openstack #Password for rabbit user .example:000000 RABBIT_PASS=000000 #--------------------MySQL Config---------------------## #Password for MySQL root user . exmaple:000000 DB_PASS=000000 #--------------------Keystone Config------------------## #Password for Keystore admin user. exmaple:000000 DOMAIN_NAME=demo ADMIN_PASS=000000 DEMO_PASS=000000 #Password for Mysql keystore user. exmaple:000000 KEYSTONE_DBPASS=000000 #--------------------Glance Config--------------------## #Password for Mysql glance user. exmaple:000000 GLANCE_DBPASS=000000 #Password for Keystore glance user. exmaple:000000 GLANCE_PASS=000000 #--------------------Nova Config----------------------## #Password for Mysql nova user. exmaple:000000 NOVA_DBPASS=000000 #Password for Keystore nova user. exmaple:000000 NOVA_PASS=000000 #--------------------Neturon Config-------------------## #Password for Mysql neutron user. exmaple:000000 NEUTRON_DBPASS=000000 #Password for Keystore neutron user. exmaple:000000 NEUTRON_PASS=000000 #metadata secret for neutron. exmaple:000000 METADATA_SECRET=000000 #Tunnel Network Interface. example:x.x.x.x INTERFACE_IP=192.168.1.10 #External Network Interface. example:eth1 INTERFACE_NAME=enp9s0 #External Network The Physical Adapter. example:provider Physical_NAME=provider #First Vlan ID in VLAN RANGE for VLAN Network. exmaple:101 minvlan=1 #Last Vlan ID in VLAN RANGE for VLAN Network. example:200 maxvlan=200 #--------------------Cinder Config--------------------## #Password for Mysql cinder user. exmaple:000000 CINDER_DBPASS=000000 #Password for Keystore cinder user. exmaple:000000 CINDER_PASS=000000 #Cinder Block Disk. example:md126p3 BLOCK_DISK=sda4p1 #--------------------Swift Config---------------------## #Password for Keystore swift user. exmaple:000000 SWIFT_PASS=000000 #The NODE Object Disk for Swift. example:md126p4. OBJECT_DISK=sda4p2 #The NODE IP for Swift Storage Network. example:x.x.x.x. STORAGE_LOCAL_NET_IP=192.168.1.20 #--------------------Heat Config----------------------## #Password for Mysql heat user. exmaple:000000 HEAT_DBPASS=000000 #Password for Keystore heat user. exmaple:000000 HEAT_PASS=000000 #--------------------Zun Config-----------------------## #Password for Mysql Zun user. exmaple:000000 ZUN_DBPASS=000000 #Password for Keystore Zun user. exmaple:000000 ZUN_PASS=000000 #Password for Mysql Kuryr user. exmaple:000000 KURYR_DBPASS=000000 #Password for Keystore Kuryr user. exmaple:000000 KURYR_PASS=000000 #--------------------Ceilometer Config----------------## #Password for Gnocchi ceilometer user. exmaple:000000 CEILOMETER_DBPASS=000000 #Password for Keystore ceilometer user. exmaple:000000 CEILOMETER_PASS=000000 #--------------------AODH Config----------------## #Password for Mysql AODH user. exmaple:000000 AODH_DBPASS=000000 #Password for Keystore AODH user. exmaple:000000 AODH_PASS=000000 #--------------------Barbican Config----------------## #Password for Mysql Barbican user. exmaple:000000 BARBICAN_DBPASS=000000 #Password for Keystore Barbican user. exmaple:000000 BARBICAN_PASS=000000 [root@controller ~]#
[root@controller ~]# scp /etc/xiandian/openrc.sh 192.168.1.20:/etc/xiandian/openrc.sh The authenticity of host '192.168.1.20 (192.168.1.20)' can't be established. ECDSA key fingerprint is SHA256:Gwi9FGsddkAOsnxzxoJKmgLRFE+ZHKV8HhOfsupYapA. ECDSA key fingerprint is MD5:e6:e9:42:34:5f:b9:57:7c:7c:db:02:60:3b:14:f3:ac. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.1.20' (ECDSA) to the list of known hosts. root@192.168.1.20's password: openrc.sh 100% 3812 1.5MB/s 00:00 [root@controller ~]#
【compute】
将从控制节点传输过来的openrc.sh配置文件进行修改,修改内容如下。
#Tunnel Network Interface. example:x.x.x.x INTERFACE_IP=192.168.1.20
11、执行相关脚本安装各个组件服务
(1)通过脚本安装服务
【controller】
[root@controller ~]# iaas-pre-host.sh [root@controller ~]# reboot
【compute】
[root@compute ~]# iaas-pre-host.sh [root@compute ~]# reboot
(2)通过脚本安装数据库服务
【controller】
[root@controller ~]# iaas-install-mysql.sh
【compute】
[root@compute ~]# yum -y install MySQL-python
(3)通过脚本安装keystone服务
【controller】
[root@controller ~]# iaas-install-keystone.sh
(4)通过脚本安装glance服务
【controller】
[root@controller ~]# iaas-install-glance.sh
上传镜像并使用命令查询是否上传成功
[root@controller ~]# cd /opt/openstack/images/ [root@controller images]# ll total 1539152 -rw-r--r--. 1 root root 283181056 Nov 3 11:39 CentOS_6.5_x86_64_XD.qcow2 -rw-r--r--. 1 root root 381696512 Nov 3 11:39 CentOS7_1804.tar -rw-r--r--. 1 root root 400752640 Nov 3 11:39 CentOS_7.2_x86_64_XD.qcow2 -rw-r--r--. 1 root root 510459904 Nov 3 11:39 CentOS_7.5_x86_64_XD.qcow2 [root@controller images]# source /etc/keystone/admin-openrc.sh [root@controller images]# glance image-create --name "centos7.5" --disk-format qcow2 --container-format bare --progress < CentOS_7.5_x86_64_XD.qcow2 [=============================>] 100% +------------------+--------------------------------------+ | Property | Value | +------------------+--------------------------------------+ | checksum | 3d3e9c954351a4b6953fd156f0c29f5c | | container_format | bare | | created_at | 2020-11-03T06:20:20Z | | disk_format | qcow2 | | id | d0122867-8ac2-444b-9c9f-556ede05e9f4 | | min_disk | 0 | | min_ram | 0 | | name | centos7.5 | | owner | 25e184cdfaf44d29b11d9b435293253f | | protected | False | | size | 510459904 | | status | active | | tags | [] | | updated_at | 2020-11-03T06:20:23Z | | virtual_size | None | | visibility | shared | +------------------+--------------------------------------+ [root@controller images]# glance image-create --name "centos7.2" --disk-format qcow2 --container-format bare --progress < CentOS_7.2_x86_64_XD.qcow2 [=============================>] 100% +------------------+--------------------------------------+ | Property | Value | +------------------+--------------------------------------+ | checksum | ea197f4c679b8e1ce34c0aa70ae2a94a | | container_format | bare | | created_at | 2020-11-03T06:20:40Z | | disk_format | qcow2 | | id | 428e4940-fc03-484f-96e2-4b8d5310e372 | | min_disk | 0 | | min_ram | 0 | | name | centos7.2 | | owner | 25e184cdfaf44d29b11d9b435293253f | | protected | False | | size | 400752640 | | status | active | | tags | [] | | updated_at | 2020-11-03T06:20:42Z | | virtual_size | None | | visibility | shared | +------------------+--------------------------------------+ [root@controller images]# glance image-create --name "centos6.5" --disk-format qcow2 --container-format bare --progress < CentOS_6.5_x86_64_XD.qcow2 [=============================>] 100% +------------------+--------------------------------------+ | Property | Value | +------------------+--------------------------------------+ | checksum | 3e565ace16066679ea363dde5411ed25 | | container_format | bare | | created_at | 2020-11-03T06:20:58Z | | disk_format | qcow2 | | id | 6a3333a2-0125-4654-bbb3-d9004ace3788 | | min_disk | 0 | | min_ram | 0 | | name | centos6.5 | | owner | 25e184cdfaf44d29b11d9b435293253f | | protected | False | | size | 283181056 | | status | active | | tags | [] | | updated_at | 2020-11-03T06:21:44Z | | virtual_size | None | | visibility | shared | +------------------+--------------------------------------+ [root@controller images]# glance image-list +--------------------------------------+-----------+ | ID | Name | +--------------------------------------+-----------+ | 6a3333a2-0125-4654-bbb3-d9004ace3788 | centos6.5 | | 428e4940-fc03-484f-96e2-4b8d5310e372 | centos7.2 | | d0122867-8ac2-444b-9c9f-556ede05e9f4 | centos7.5 | +--------------------------------------+-----------+ [root@controller images]# openstack image list +--------------------------------------+-----------+--------+ | ID | Name | Status | +--------------------------------------+-----------+--------+ | 6a3333a2-0125-4654-bbb3-d9004ace3788 | centos6.5 | active | | 428e4940-fc03-484f-96e2-4b8d5310e372 | centos7.2 | active | | d0122867-8ac2-444b-9c9f-556ede05e9f4 | centos7.5 | active | +--------------------------------------+-----------+--------+ [root@controller images]#
(5)通过脚本安装nova服务
【controller】
[root@controller ~]# iaas-install-nova-controller.sh
【compute】
[root@compute ~]# iaas-install-nova-compute.sh
(6)通过脚本安装neutron服务
【controller】
[root@controller ~]# iaas-install-neutron-controller.sh
【compute】
[root@compute ~]# iaas-install-neutron-compute.sh
注意:使用真实服务器搭建的话,网络模式选择vlan模式;使用虚拟机搭建的话,网络模式选择flat模式。
(7)通过脚本安装dashboard服务
【controller】
[root@controller ~]# iaas-install-dashboard.sh
(8)通过脚本安装Cinder服务
【controler】
[root@controller ~]# iaas-install-cinder-controller.sh
【compute】
[root@compute ~]# iaas-install-cinder-compute.sh
(9)通过脚本安装Swift服务
【controller】
[root@controller ~]# iaas-install-swift-controller.sh
【compute】
[root@compute ~]# iaas-install-swift-compute.sh
(10)通过脚本安装heat服务
【controller】
[root@controller ~]# iaas-install-heat.sh
(11)通过脚本安装Zun服务
【controller】
[root@controller ~]# iaas-install-zun-controller.sh
【compute】
[root@compute ~]# iaas-install-zun-compute.sh
(12)通过脚本安装Ceilometer服务
【controller】
[root@controller ~]# iaas-install-ceilometer-controller.sh
【compute】
[root@compute~]# iaas-install-ceilometer-compute.sh
(13)通过脚本安装Aodh服务
【controller】
[root@controller ~]# iaas-install-aodh.sh
12、添加控制节点资源到云平台
【controller】
修改openrc.sh
把compute节点的IP地址和主机名改为controller节点的IP和主机名
在控制节点运行iaas-install-nova-compute.sh
执行过程中需要确认登录controller节点和输入controller节点root用户密码。
修改openrc.sh配置文件
#Compute Node Manager IP. example:x.x.x.x HOST_IP_NODE=192.168.1.10 #Compute Node hostname. example:compute HOST_NAME_NODE=controller
[root@controller ~]# iaas-install-nova-compute.sh Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-compute.service to /usr/lib/systemd/system/openstack-nova-compute.service. Pseudo-terminal will not be allocated because stdin is not a terminal. The authenticity of host '192.168.1.10 (192.168.1.10)' can't be established. ECDSA key fingerprint is SHA256:rX1rbCElY3mREAkrNRYC+yob0sFY+VyQAoUxPHPZucs. ECDSA key fingerprint is MD5:18:11:82:84:98:8b:fd:3d:58:df:18:82:f7:a5:2e:50. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.1.10' (ECDSA) to the list of known hosts. root@192.168.1.10's password: +----+--------------+------------+------+---------+-------+----------------------------+ | ID | Binary | Host | Zone | Status | State | Updated At | +----+--------------+------------+------+---------+-------+----------------------------+ | 10 | nova-compute | compute | nova | enabled | up | 2020-11-03T07:34:09.000000 | | 11 | nova-compute | controller | nova | enabled | up | 2020-11-03T07:34:09.000000 | +----+--------------+------------+------+---------+-------+----------------------------+ Found 2 cell mappings. Skipping cell0 since it does not contain hosts. Getting computes from cell 'cell1': b7e5c36e-d44d-4886-b756-7f37fe2bff2d Checking host mapping for compute host 'controller': a35af4bb-d210-4e8e-a2eb-1ed65fd439d9 Creating host mapping for compute host 'controller': a35af4bb-d210-4e8e-a2eb-1ed65fd439d9 Found 1 unmapped computes in cell: b7e5c36e-d44d-4886-b756-7f37fe2bff2d
13、登录web界面
输入http://192.168.1.10/dasboard
至此,IaaS搭建完成。
