本文架構采用一個控制節點和一個計算節點.
基礎環境:
操作系統:CentOS Linux release 7.3.1611 (Core)
控制節點:10.20.9.13 Controller-Node
計算節點:10.20.9.14 Compute-Node
一、初始化環境:
1.關閉防火牆:
# systemctl disable firewalld.service
# systemctl stop firewalld.service
2.關閉selinux
# vim /etc/selinux/config,配置selinux=disabled # setenforce 0,使配置立即生效
3.配置地址解析
# vim /etc/hosts 10.20.9.13 Controller-Node 10.20.9.14 Compute-Node
4.安裝部署NTP服務
1.> 控制節點配置配置如下:
[root@Controller-Node ~]# yum install chrony -y [root@Controller-Node ~]# vim /etc/chrony.conf allow 10.20.9.0/24 啟動服務: #systemctl enable chronyd.service #systemctl start chronyd.service 驗證操作: # ntpdate pool.ntp.org # chronyc sources
2.> node計算節點配置如下:
# yum install chrony -y # vim /etc/chrony.conf 把所有server 行去掉 添加一行 server 10.20.9.13 iburst 啟動服務: # systemctl enable chronyd.service # systemctl start chronyd.service 驗證服務: # chronyc sources
二、安裝OpenStack包 <<以下操作在所有節點上進行>>
啟用OpenStack庫:
# yum install centos-release-openstack-ocata
節點上升級包
# yum upgrade
安裝OpenStack 客戶端
# yum install python-openstackclient
CentOS默認啟用了SELinux,安裝openstack-selinux來自動管理OpenStack服務的安全策略
# yum install openstack-selinux
三、安裝MySQL數據庫服務
大多數 OpenStack 服務使用 SQL 數據庫來存儲信息。 典型地,數據庫運行在控制節點上。指南中的步驟依據不同的發行版使用MariaDB或 MySQL。OpenStack 服務也支持其他 SQL 數據庫.
安全並配置組件
1.安裝軟件包:
[root@Controller-Node ~]# yum install mariadb mariadb-server python2-PyMySQL
創建並編輯文件/etc/my.cnf.d/openstack.cnf 內容如下,其中 bind-address=''值為控制節點的管理網絡IP地址以使得其它節點可以通過管理網絡訪問數據庫:
[mysqld] bind-address=10.20.9.13 default-storage-engine = innodb innodb_file_per_table collation-server =utf8_general_ci init-connect = 'SET NAMES utf8' character-set-server = utf8
2.安裝完成,啟動數據庫服務,並將其配置為開機自啟:
[root@Controller-Node ~]# systemctl enable mariadb.service
[root@Controller-Node ~]# systemctl start mariadb.service
3.執行 mysql_secure_installation 腳本來對數據庫進行安全加固.並設置登錄密碼123456
[root@Controller-Node ~]# mysql_secure_installation
四、安裝消息隊列服務.
OpenStack 使用 message queue 協調操作和各服務的狀態信息。消息隊列服務一般運行在控制節點上。OpenStack支持好幾種消息隊列服務包括 RabbitMQ, Qpid, 和 ZeroMQ。不過,大多數發行版本的OpenStack包支持特定的消息隊列服務。本指南安裝 RabbitMQ 消息隊列服務,因為大部分發行版本都支持它.
安全並配置組件
1.安裝包
[root@Controller-Node ~]# yum install rabbitmq-server
2.啟動消息隊列服務並將其配置為隨系統啟動:
[root@Controller-Node ~]# systemctl enable rabbitmq-server.service
[root@Controller-Node ~]# systemctl start rabbitmq-server.service
3.添加 openstack 用戶:
[root@Controller-Node ~]# rabbitmqctl add_user openstack openstack Creating user "openstack" ...
4.給``openstack``用戶配置寫和讀權限:
[root@Controller-Node ~]# rabbitmqctl set_permissions openstack ".*" ".*" ".*" Setting permissions for user "openstack" in vhost "/" ...
5.查看插件
[root@Controller-Node ~]# rabbitmq-plugins list Configured: E = explicitly enabled; e = implicitly enabled | Status: * = running on rabbit@Controller-Node |/ [ ] amqp_client 3.6.5 [ ] cowboy 1.0.3 [ ] cowlib 1.0.1 [ ] mochiweb 2.13.1 [ ] rabbitmq_amqp1_0 3.6.5 [ ] rabbitmq_auth_backend_ldap 3.6.5 [ ] rabbitmq_auth_mechanism_ssl 3.6.5 [ ] rabbitmq_consistent_hash_exchange 3.6.5 [ ] rabbitmq_event_exchange 3.6.5 [ ] rabbitmq_federation 3.6.5 [ ] rabbitmq_federation_management 3.6.5 [ ] rabbitmq_jms_topic_exchange 3.6.5 [ ] rabbitmq_management 3.6.5 [ ] rabbitmq_management_agent 3.6.5 [ ] rabbitmq_management_visualiser 3.6.5 [ ] rabbitmq_mqtt 3.6.5 [ ] rabbitmq_recent_history_exchange 1.2.1 [ ] rabbitmq_sharding 0.1.0 [ ] rabbitmq_shovel 3.6.5 [ ] rabbitmq_shovel_management 3.6.5 [ ] rabbitmq_stomp 3.6.5 [ ] rabbitmq_top 3.6.5 [ ] rabbitmq_tracing 3.6.5 [ ] rabbitmq_trust_store 3.6.5 [ ] rabbitmq_web_dispatch 3.6.5 [ ] rabbitmq_web_stomp 3.6.5 [ ] rabbitmq_web_stomp_examples 3.6.5 [ ] sockjs 0.3.4 [ ] webmachine 1.10.3 [root@Controller-Node ~]#
6.啟用web插件,並重啟服務.
[root@Controller-Node ~]# rabbitmq-plugins enable rabbitmq_management The following plugins have been enabled: mochiweb webmachine rabbitmq_web_dispatch amqp_client rabbitmq_management_agent rabbitmq_management Applying plugin configuration to rabbit@Controller-Node... started 6 plugins. [root@Controller-Node ~]# systemctl restart rabbitmq-server.service
7.檢查是否啟動成功
[root@Controller-Node ~]# netstat -nltp |grep 5672 tcp 0 0 0.0.0.0:15672 0.0.0.0:* LISTEN 19733/beam.smp tcp 0 0 0.0.0.0:25672 0.0.0.0:* LISTEN 19733/beam.smp tcp6 0 0 :::5672 :::* LISTEN 19733/beam.smp [root@Controller-Node ~]#
8.Web訪問.
http://10.20.9.13:15672/#/ #用戶名密碼為guest
五、安裝及配置memcached.
認證服務的認證機制使用Memcached來緩存令牌,一般運行在控制節點上.
1.安裝相關包.
[root@Controller-Node ~]# yum install memcached python-memcached
2.編輯 /etc/sysconfig/memcached文件並配置IP地址,將127.0.0.1改為控制節點IP。
[root@Controller-Node ~]# vim /etc/sysconfig/memcached PORT="11211" USER="memcached" MAXCONN="1024" CACHESIZE="64" OPTIONS="-l 10.20.9.13,::1"
3.啟動 Memcached服務並設置開機啟動。
[root@Controller-Node ~]# systemctl enable memcached.service [root@Controller-Node ~]# systemctl start memcached.service [root@Controller-Node ~]# netstat -nltp|grep 121 tcp 0 0 10.20.9.9:11211 0.0.0.0:* LISTEN 15208/memcached tcp 0 0 127.0.0.1:11211 0.0.0.0:* LISTEN 15208/memcached tcp6 0 0 ::1:11211 :::* LISTEN 15208/memcached [root@Controller-Node ~]#
至此OpenStack服務的基礎環境部署完成,下一章開始部署OpenStack 添加身份認證服務.
查看OpenStack版本:
[root@Controller-Node ~]# openstack --version openstack 3.8.2 [root@Compute-Node ~]# openstack --version openstack 3.8.2
參考文檔:https://docs.openstack.org/liberty/zh_CN/install-guide-rdo/environment.html