本文架构采用一个控制节点和一个计算节点.
基础环境:
操作系统:CentOS Linux release 7.3.1611 (Core)
控制节点:10.20.9.13 Controller-Node
计算节点:10.20.9.14 Compute-Node
一、初始化环境:
1.关闭防火墙:
# systemctl disable firewalld.service
# systemctl stop firewalld.service
2.关闭selinux
# vim /etc/selinux/config,配置selinux=disabled # setenforce 0,使配置立即生效
3.配置地址解析
# vim /etc/hosts 10.20.9.13 Controller-Node 10.20.9.14 Compute-Node
4.安装部署NTP服务
1.> 控制节点配置配置如下:
[root@Controller-Node ~]# yum install chrony -y [root@Controller-Node ~]# vim /etc/chrony.conf allow 10.20.9.0/24 启动服务: #systemctl enable chronyd.service #systemctl start chronyd.service 验证操作: # ntpdate pool.ntp.org # chronyc sources
2.> node计算节点配置如下:
# yum install chrony -y # vim /etc/chrony.conf 把所有server 行去掉 添加一行 server 10.20.9.13 iburst 启动服务: # systemctl enable chronyd.service # systemctl start chronyd.service 验证服务: # chronyc sources
二、安装OpenStack包 <<以下操作在所有节点上进行>>
启用OpenStack库:
# yum install centos-release-openstack-ocata
节点上升级包
# yum upgrade
安装OpenStack 客户端
# yum install python-openstackclient
CentOS默认启用了SELinux,安装openstack-selinux来自动管理OpenStack服务的安全策略
# yum install openstack-selinux
三、安装MySQL数据库服务
大多数 OpenStack 服务使用 SQL 数据库来存储信息。 典型地,数据库运行在控制节点上。指南中的步骤依据不同的发行版使用MariaDB或 MySQL。OpenStack 服务也支持其他 SQL 数据库.
安全并配置组件
1.安装软件包:
[root@Controller-Node ~]# yum install mariadb mariadb-server python2-PyMySQL
创建并编辑文件/etc/my.cnf.d/openstack.cnf 内容如下,其中 bind-address=''值为控制节点的管理网络IP地址以使得其它节点可以通过管理网络访问数据库:
[mysqld] bind-address=10.20.9.13 default-storage-engine = innodb innodb_file_per_table collation-server =utf8_general_ci init-connect = 'SET NAMES utf8' character-set-server = utf8
2.安装完成,启动数据库服务,并将其配置为开机自启:
[root@Controller-Node ~]# systemctl enable mariadb.service
[root@Controller-Node ~]# systemctl start mariadb.service
3.执行 mysql_secure_installation 脚本来对数据库进行安全加固.并设置登录密码123456
[root@Controller-Node ~]# mysql_secure_installation
四、安装消息队列服务.
OpenStack 使用 message queue 协调操作和各服务的状态信息。消息队列服务一般运行在控制节点上。OpenStack支持好几种消息队列服务包括 RabbitMQ, Qpid, 和 ZeroMQ。不过,大多数发行版本的OpenStack包支持特定的消息队列服务。本指南安装 RabbitMQ 消息队列服务,因为大部分发行版本都支持它.
安全并配置组件
1.安装包
[root@Controller-Node ~]# yum install rabbitmq-server
2.启动消息队列服务并将其配置为随系统启动:
[root@Controller-Node ~]# systemctl enable rabbitmq-server.service
[root@Controller-Node ~]# systemctl start rabbitmq-server.service
3.添加 openstack 用户:
[root@Controller-Node ~]# rabbitmqctl add_user openstack openstack Creating user "openstack" ...
4.给``openstack``用户配置写和读权限:
[root@Controller-Node ~]# rabbitmqctl set_permissions openstack ".*" ".*" ".*" Setting permissions for user "openstack" in vhost "/" ...
5.查看插件
[root@Controller-Node ~]# rabbitmq-plugins list Configured: E = explicitly enabled; e = implicitly enabled | Status: * = running on rabbit@Controller-Node |/ [ ] amqp_client 3.6.5 [ ] cowboy 1.0.3 [ ] cowlib 1.0.1 [ ] mochiweb 2.13.1 [ ] rabbitmq_amqp1_0 3.6.5 [ ] rabbitmq_auth_backend_ldap 3.6.5 [ ] rabbitmq_auth_mechanism_ssl 3.6.5 [ ] rabbitmq_consistent_hash_exchange 3.6.5 [ ] rabbitmq_event_exchange 3.6.5 [ ] rabbitmq_federation 3.6.5 [ ] rabbitmq_federation_management 3.6.5 [ ] rabbitmq_jms_topic_exchange 3.6.5 [ ] rabbitmq_management 3.6.5 [ ] rabbitmq_management_agent 3.6.5 [ ] rabbitmq_management_visualiser 3.6.5 [ ] rabbitmq_mqtt 3.6.5 [ ] rabbitmq_recent_history_exchange 1.2.1 [ ] rabbitmq_sharding 0.1.0 [ ] rabbitmq_shovel 3.6.5 [ ] rabbitmq_shovel_management 3.6.5 [ ] rabbitmq_stomp 3.6.5 [ ] rabbitmq_top 3.6.5 [ ] rabbitmq_tracing 3.6.5 [ ] rabbitmq_trust_store 3.6.5 [ ] rabbitmq_web_dispatch 3.6.5 [ ] rabbitmq_web_stomp 3.6.5 [ ] rabbitmq_web_stomp_examples 3.6.5 [ ] sockjs 0.3.4 [ ] webmachine 1.10.3 [root@Controller-Node ~]#
6.启用web插件,并重启服务.
[root@Controller-Node ~]# rabbitmq-plugins enable rabbitmq_management The following plugins have been enabled: mochiweb webmachine rabbitmq_web_dispatch amqp_client rabbitmq_management_agent rabbitmq_management Applying plugin configuration to rabbit@Controller-Node... started 6 plugins. [root@Controller-Node ~]# systemctl restart rabbitmq-server.service
7.检查是否启动成功
[root@Controller-Node ~]# netstat -nltp |grep 5672 tcp 0 0 0.0.0.0:15672 0.0.0.0:* LISTEN 19733/beam.smp tcp 0 0 0.0.0.0:25672 0.0.0.0:* LISTEN 19733/beam.smp tcp6 0 0 :::5672 :::* LISTEN 19733/beam.smp [root@Controller-Node ~]#
8.Web访问.
http://10.20.9.13:15672/#/ #用户名密码为guest
五、安装及配置memcached.
认证服务的认证机制使用Memcached来缓存令牌,一般运行在控制节点上.
1.安装相关包.
[root@Controller-Node ~]# yum install memcached python-memcached
2.编辑 /etc/sysconfig/memcached文件并配置IP地址,将127.0.0.1改为控制节点IP。
[root@Controller-Node ~]# vim /etc/sysconfig/memcached PORT="11211" USER="memcached" MAXCONN="1024" CACHESIZE="64" OPTIONS="-l 10.20.9.13,::1"
3.启动 Memcached服务并设置开机启动。
[root@Controller-Node ~]# systemctl enable memcached.service [root@Controller-Node ~]# systemctl start memcached.service [root@Controller-Node ~]# netstat -nltp|grep 121 tcp 0 0 10.20.9.9:11211 0.0.0.0:* LISTEN 15208/memcached tcp 0 0 127.0.0.1:11211 0.0.0.0:* LISTEN 15208/memcached tcp6 0 0 ::1:11211 :::* LISTEN 15208/memcached [root@Controller-Node ~]#
至此OpenStack服务的基础环境部署完成,下一章开始部署OpenStack 添加身份认证服务.
查看OpenStack版本:
[root@Controller-Node ~]# openstack --version openstack 3.8.2 [root@Compute-Node ~]# openstack --version openstack 3.8.2
参考文档:https://docs.openstack.org/liberty/zh_CN/install-guide-rdo/environment.html