Minimal deployment for Queens
OpenStack 架構
- 概念架構
- 邏輯架構
一、部署前置准備(所有節點執行)
1.設置主機名
[root@localhost ~]# hostnamectl set-hostname 主機名
[root@localhost ~]# bash
2.配置域名解析,編輯 /etc/hosts 文件
192.168.48.100 controller
192.168.48.110 compute
192.168.48.120 cinder
3.驗證網絡連通性
ping www.baidu.com
ping 主機名
4.配置阿里 yum 源
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
5.安裝 ntp 時鍾服務
[root@controller ~]# yum install chrony -y
[root@controller ~]# vim /etc/chrony.conf
server controller iburst
allow 192.168.48.0/24
[root@controller ~]# systemctl enable chronyd.service
[root@controller ~]# systemctl start chronyd.service
[root@compute ~]# yum install chrony -y # cinder 節點與 compute 節點操作步驟相同
[root@compute ~]# vim /etc/chrony.conf
server controller iburst
[root@compute ~]# systemctl enable chronyd.service
[root@compute ~]# systemctl start chronyd.service
[root@controller ~]# chronyc sources # compute 和 cinder 節點同樣執行此命令
二、openstack 服務安裝、配置(所有節點執行)
1.下載安裝 openstack 軟件倉庫(queens)
[root@controller ~]# yum install centos-release-openstack-queens -y
2.更新所有節點軟件包
[root@controller ~]# yum upgrade
3.安裝 openstack client 端
[root@controller ~]# yum install python-openstackclient -y
4.安裝 openstack-selinux
[root@controller ~]# yum install openstack-selinux -y
三、安裝數據庫(controller節點執行)
1.安裝軟件包
[root@controller ~]# yum install mariadb mariadb-server python2-PyMySQL -y
2.編輯 /etc/my.cnf.d/mariadb-server.cnf 文件
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
log-error=/var/log/mariadb/mariadb.log
pid-file=/var/run/mariadb/mariadb.pid
bind-address = 192.168.48.100 # bind-address 使用 controller 節點的管理IP
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
3.設置服務開機啟動
[root@controller ~]# systemctl enable mariadb.service
[root@controller ~]# systemctl start mariadb.service
4.通過運行 mysql_secure_installation 腳本來保護數據庫服務
[root@controller ~]# mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] y
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
四、在 controller 節點安裝、配置 RabbitMQ
1.安裝配置消息列隊組件
[root@controller ~]# yum install rabbitmq-server -y
2.設置服務開機啟動
[root@controller ~]# systemctl enable rabbitmq-server.service;systemctl start rabbitmq-server.service
3.添加 openstack 用戶
[root@controller ~]# rabbitmqctl add_user openstack 123456
4.openstack 用戶權限的配置
[root@controller ~]# rabbitmqctl set_permissions openstack "." "." ".*"
五、安裝緩存數據庫 Memcached(controller節點)
1.安裝配置組件
[root@controller ~]# yum install memcached python-memcached -y
2.編輯 /etc/sysconfig/memcached 文件
OPTIONS="-l 192.168.48.100,::1,controller"
3.設置服務開機啟動
[root@controller ~]# systemctl enable memcached.service;systemctl start memcached.service
六、Etcd服務安裝(controller節點)
1.安裝服務
[root@controller ~]# yum install etcd -y
2.編輯 /etc/etcd/etcd.conf 文件
#[Member]
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="http://192.168.48.100:2380"
ETCD_LISTEN_CLIENT_URLS="http://192.168.48.100:2379"
ETCD_NAME="controller"
#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.48.100:2380"
ETCD_ADVERTISE_CLIENT_URLS="http://192.168.48.100:2379"
ETCD_INITIAL_CLUSTER="controller=http://192.168.48.100:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"
ETCD_INITIAL_CLUSTER_STATE="new"
3.設置服務開機啟動
[root@controller ~]# systemctl enable etcd;systemctl start etcd
七、安裝keystone組件(controller節點)
1.創建 keystone 數據庫並授權
MariaDB [(none)]> CREATE DATABASE keystone;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '123456';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '123456';
Query OK, 0 rows affected (0.00 sec)
2.安裝、配置組件
[root@controller ~]# yum install openstack-keystone httpd mod_wsgi -y
3.編輯 /etc/keystone/keystone.conf 文件
[database]
connection = mysql+pymysql://keystone:123456@controller/keystone
[token]
provider = fernet
4.同步 keystone 數據庫
[root@controller ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone
5.數據庫初始化
[root@controller ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
[root@controller ~]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
6.引導身份認證服務
[root@controller ~]# keystone-manage bootstrap --bootstrap-password 123456 --bootstrap-admin-url http://controller:35357/v3/ --bootstrap-internal-url http://controller:5000/v3/ --bootstrap-public-url http://controller:5000/v3/ --bootstrap-region-id RegionOne
八、配置 apache http 服務
1.編輯 /etc/httpd/conf/httpd.conf 文件,配置 ServerName 參數
ServerName controller
2.創建 /usr/share/keystone/wsgi-keystone.conf 鏈接文件
[root@controller ~]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
3.設置服務開機啟動
[root@controller ~]# systemctl enable httpd.service;systemctl start httpd.service
4.配置 administrative 賬號
[root@controller ~]# export OS_USERNAME=admin
[root@controller ~]# export OS_PASSWORD=123456
[root@controller ~]# export OS_PROJECT_NAME=admin
[root@controller ~]# export OS_USER_DOMAIN_NAME=Default
[root@controller ~]# export OS_PROJECT_DOMAIN_NAME=Default
[root@controller ~]# export OS_AUTH_URL=http://controller:35357/v3
[root@controller ~]# export OS_IDENTITY_API_VERSION=3
九、創建 domain, projects, users, roles
1.創建域
[root@controller ~]# openstack domain create --description "Domain" example
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Domain |
| enabled | True |
| id | f81b0fcfe5104838a28cc8ace91770c6 |
| name | example |
| tags | [] |
+-------------+----------------------------------+
2.創建服務項目
[root@controller ~]# openstack project create --domain default --description "Service Project" service
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Service Project |
| domain_id | default |
| enabled | True |
| id | e2abab997f754239b9150ea837167ee2 |
| is_domain | False |
| name | service |
| parent_id | default |
| tags | [] |
+-------------+----------------------------------+
3.創建平台 demo 項目
[root@controller ~]# openstack project create --domain default --description "Demo Project" demo
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Demo Project |
| domain_id | default |
| enabled | True |
| id | 9d6c58e98fe649cd81a704a25f20e3da |
| is_domain | False |
| name | demo |
| parent_id | default |
| tags | [] |
+-------------+----------------------------------+
4.創建 demo 用戶
[root@controller ~]# openstack user create --domain default --password-prompt demo
User Password:
123456
Repeat User Password:123456
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 143c48622dd147589ae8ee603f276d81 |
| name | demo |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
5.創建用戶角色
[root@controller ~]# openstack role create user
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | None |
| id | b76f43a19ee64a23902511eea8589461 |
| name | user |
+-----------+----------------------------------+
6.添加用戶角色到 demo 項目和用戶 #說明:此條命令執行成功后不返回參數
[root@controller ~]# openstack role add --project demo --user demo user
十、驗證操作
1.取消環境變量
[root@controller ~]# unset OS_AUTH_URL OS_PASSWORD
2.Admin 用戶返回的認證 token
[root@controller ~]# openstack --os-auth-url http://controller:35357/v3 --os-project-domain-name Default --os-user-domain-name Default --os-project-name admin --os-username admin token issue
Password: 123456
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires | 2018-11-22T03:29:57+0000 |
| id | gAAAAABb9hSlbWtXClzfxo0IGv6vGS7HRhDMcQrFYG6gThJbPVP-bLUbJxsFMrIjwK2B_8Ij8oWXQ5FKgjbdv5i5Mt6PipghJkWrZ474Me7Tbxrl_yAwrdYx04KA_zYghcQsEYg6AIAoiW3TLpW3hsAlgafC1wA4y73sV-cHOxuaMEvT9Nbg4n8 |
| project_id | 4485a7e24a2146f9a93cd313a2000ca4 |
| user_id | 78cfc01d89f44c43ab03a57de598e90d |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
3.demo 用戶返回認證 token
[root@controller ~]# openstack --os-auth-url http://controller:5000/v3 --os-project-domain-name Default --os-user-domain-name Default --os-project-name demo --os-username demo token issue
Password:
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires | 2018-11-22T03:30:25+0000 |
| id | gAAAAABb9hTBoBbr0Y0TjEbQkPEyMkTjwZQu3RGuDXGACud9NdnXfXt_ZcG2eEfGDcxSApFCeLCSzy-kG9wEY6G0Zs8MNJmFFbb097bg7odmXYIyXKM6aOjFNYIO5IQvmHIbIhs5jrmEehjAKwpk8uhnyzooKAWpnEFyUD6z9FiJ-f_Lan4MVcA |
| project_id | 9d6c58e98fe649cd81a704a25f20e3da |
| user_id | 143c48622dd147589ae8ee603f276d81 |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
十一、創建 openstack 客戶端環境腳本
1.創建 admin-openrc 腳本
[root@controller ~]# vim admin-openrc
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=123456
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
2.創建 demo-openrc 腳本
[root@controller ~]# vim demo-openrc
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=123456
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
3.使用腳本,返回認證 token
[root@controller ~]# source admin-openrc
[root@controller ~]# openstack token issue
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires | 2018-11-22T03:32:48+0000 |
| id | gAAAAABb9hVQa_inF1Mn0OOeFThBFN6C-8depp8JQR7t4QabhxkNENMFm9UIvw0UuKu2yBtki03CHDYJE0p2VEdm-7gkHokFCfyAjapVrhL2zA73YaeTUw9cTAldeg3FgrF9E6xvc8Y1xXmQ1BqCzTnZd8Ab9qZx_mi449tJYue-jBazC3WH3VY |
| project_id | 4485a7e24a2146f9a93cd313a2000ca4 |
| user_id | 78cfc01d89f44c43ab03a57de598e90d |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
十二、安裝 Glance 服務(controller節點)
1.創建 glance 數據庫,並授權
MariaDB [(none)]> CREATE DATABASE glance;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '123456';
Query OK, 0 rows affected (0.01 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '123456';
Query OK, 0 rows affected (0.00 sec)
2.獲取 admin 用戶的環境變量,並創建服務認證
[root@controller ~]# source admin-openrc
[root@controller ~]# openstack user create --domain default --password-prompt glance
User Password:
123456
Repeat User Password:123456
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 47798dc90e994ef088c9c51bfe4aa521 |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
[root@controller ~]# openstack role add --project service --user glance admin #把admin用戶添加到glance用戶和項目中,說明:此條命令執行不返回不返回
[root@controller ~]# openstack service create --name glance --description "OpenStack Image" image #創建 glance 服務
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image |
| enabled | True |
| id | 72e3372a89614a8a91a48548d9bd80e4 |
| name | glance |
| type | image |
+-------------+----------------------------------+
3.創建鏡像服務 API 端點
[root@controller ~]# openstack endpoint create --region RegionOne image public http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | e2abcbcd09cc445c97fd02b773faf5fd |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 72e3372a89614a8a91a48548d9bd80e4 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne image internal http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | ce4f9149045446c684569657399b1e49 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 72e3372a89614a8a91a48548d9bd80e4 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne image admin http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 02fc549cfdd54566b38a1271e7c79e04 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 72e3372a89614a8a91a48548d9bd80e4 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
十三、安裝和配置組件
1.安裝軟件包
[root@controller ~]# yum install openstack-glance -y
2.編輯 /etc/glance/glance-api.conf 文件
[database]
connection = mysql+pymysql://glance:123456@controller/glance
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = 123456
[paste_deploy]
flavor = keystone
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
3.編輯 /etc/glance/glance-registry.conf 文件
[database]
connection = mysql+pymysql://glance:123456@controller/glance
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = 123456
[paste_deploy]
flavor = keystone
4.同步鏡像服務數據庫
[root@controller ~]# su -s /bin/sh -c "glance-manage db_sync" glance
5.設置服務開機啟動
[root@controller ~]# systemctl enable openstack-glance-api.service openstack-glance-registry.service
[root@controller ~]# systemctl start openstack-glance-api.service openstack-glance-registry.service
十四、驗證操作
1.獲取 admin 用戶的環境變量,且下載鏡像
[root@controller ~]# source admin-openrc
[root@controller ~]# wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img
2.上傳鏡像
[root@controller ~]# openstack image create "cirros" --file cirros-0.3.5-x86_64-disk.img --disk-format qcow2 --container-format bare --public
+------------------+------------------------------------------------------+
| Field | Value |
+------------------+------------------------------------------------------+
| checksum | f8ab98ff5e73ebab884d80c9dc9c7290 |
| container_format | bare |
| created_at | 2018-11-22T02:44:48Z |
| disk_format | qcow2 |
| file | /v2/images/8a20afbc-539f-4343-8a4d-512ffaf5d9ff/file |
| id | 8a20afbc-539f-4343-8a4d-512ffaf5d9ff |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros |
| owner | 4485a7e24a2146f9a93cd313a2000ca4 |
| protected | False |
| schema | /v2/schemas/image |
| size | 13267968 |
| status | active |
| tags | |
| updated_at | 2018-11-22T02:44:48Z |
| virtual_size | None |
| visibility | public |
+------------------+------------------------------------------------------+
3.查看上傳的鏡像
[root@controller ~]# openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| 8a20afbc-539f-4343-8a4d-512ffaf5d9ff | cirros | active |
+--------------------------------------+--------+--------+
十五、controller 節點安裝和配置 compute 服務
1.創建 nova_api, nova, nova_cell0 數據庫
MariaDB [(none)]> CREATE DATABASE nova_api;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> CREATE DATABASE nova;
Query OK, 1 row affected (0.01 sec)
MariaDB [(none)]> CREATE DATABASE nova_cell0;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY '123456';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY '123456';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '123456';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '123456';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY '123456';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY '123456';
Query OK, 0 rows affected (0.00 sec)
2.創建 nova 用戶
[root@controller ~]# source admin-openrc
[root@controller ~]# openstack user create --domain default --password-prompt nova
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 07857df5779e4b4d9cb11ad350ba88f3 |
| name | nova |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
3.添加 admin 用戶為 nova 用戶
[root@controller ~]# openstack role add --project service --user nova admin
4.創建 nova 服務端點
[root@controller ~]# openstack service create --name nova --description "OpenStack Compute" compute
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Compute |
| enabled | True |
| id | b0e6a3e388694e2abc17fe7bf38e4744 |
| name | nova |
| type | compute |
+-------------+----------------------------------+
5.創建 compute API 服務端點
[root@controller ~]# openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | b1e78c396b1c480e9709d13759ec99a4 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | b0e6a3e388694e2abc17fe7bf38e4744 |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | a8f0b66d81594947a719a88026f86311 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | b0e6a3e388694e2abc17fe7bf38e4744 |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | b67de3c1a7bc406fb43e2839cf8a6a45 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | b0e6a3e388694e2abc17fe7bf38e4744 |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+--------------+----------------------------------+
6.創建一個 placement 服務用戶
[root@controller ~]# openstack user create --domain default --password-prompt placement
User Password:
123456
Repeat User Password:123456
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | b678b6eb6e5c4dc28d61988e53c026d8 |
| name | placement |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
7.創建在服務目錄創建 Placement API 服務
[root@controller ~]# openstack service create --name placement --description "Placement API" placement
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Placement API |
| enabled | True |
| id | 6667d41de2c74e898cfdef5d71791d23 |
| name | placement |
| type | placement |
+-------------+----------------------------------+
8.創建 Placement API 服務端點
[root@controller ~]# openstack endpoint create --region RegionOne placement public http://controller:8778
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 51d65bc012804105b62b73c21748d44e |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 6667d41de2c74e898cfdef5d71791d23 |
| service_name | placement |
| service_type | placement |
| url | http://controller:8778 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne placement internal http://controller:8778
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 92cfbc255a2f47ccb6b61351bfeb3ead |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 6667d41de2c74e898cfdef5d71791d23 |
| service_name | placement |
| service_type | placement |
| url | http://controller:8778 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne placement admin http://controller:8778
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | e4b0c7c0e48b4714bf0a16dd584bfc9c |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 6667d41de2c74e898cfdef5d71791d23 |
| service_name | placement |
| service_type | placement |
| url | http://controller:8778 |
+--------------+----------------------------------+
十六、安裝和配置 nova 組件
1.安裝軟件包
[root@controller ~]# yum install openstack-nova-api openstack-nova-conductor openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler openstack-nova-placement-api
2.編輯 /etc/nova/nova.conf 文件
[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:123456@controller
my_ip = 192.168.48.100
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api_database]
connection = mysql+pymysql://nova:123456@controller/nova_api
[database]
connection = mysql+pymysql://nova:123456@controller/nova
[api]
auth_strategy = keystone
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = 123456
[vnc]
enabled = true
server_listen = $my_ip
server_proxyclient_address = $my_ip
[glance]
api_servers = http://controller:9292
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[placement]
os_region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:35357/v3
username = placement
password = 123456
3.由於軟件包的一個 bug,需要在 /etc/httpd/conf.d/00-nova-placement-api.conf 文件中添加如下配置
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
4.重啟 http 服務
[root@controller ~]# systemctl restart httpd
5.同步 nova-api 數據庫
[root@controller ~]# su -s /bin/sh -c "nova-manage api_db sync" nova #此報錯信息可忽略
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) ['use_tpool'] not supported
exception.NotSupportedWarning
6.注冊 cell0 數據庫
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) ['use_tpool'] not supported
exception.NotSupportedWarning
7.創建 cell1 cell
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) ['use_tpool'] not supported
exception.NotSupportedWarning
3cf8ec18-ecb4-45eb-8c14-9b5cd40d4b15
8.同步 nova 數據庫
[root@controller ~]# su -s /bin/sh -c "nova-manage db sync" nova
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) ['use_tpool'] not supported
exception.NotSupportedWarning
/usr/lib/python2.7/site-packages/pymysql/cursors.py:166: Warning: (1831, u'Duplicate index `block_device_mapping_instance_uuid_virtual_name_device_name_idx`. This is deprecated and will be disallowed in a future release.')
result = self._query(query)
/usr/lib/python2.7/site-packages/pymysql/cursors.py:166: Warning: (1831, u'Duplicate index `uniq_instances0uuid`. This is deprecated and will be disallowed in a future release.')
result = self._query(query)
9.驗證 nova、 cell0、 cell1 數據庫是否注冊正確
[root@controller ~]# nova-manage cell_v2 list_cells
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) ['use_tpool'] not supported
exception.NotSupportedWarning
+-------+--------------------------------------+------------------------------------+-------------------------------------------------+
| Name | UUID | Transport URL | Database Connection |
+-------+--------------------------------------+------------------------------------+-------------------------------------------------+
| cell0 | 00000000-0000-0000-0000-000000000000 | none:/ | mysql+pymysql://nova:*@controller/nova_cell0 |
| cell1 | b44fc798-6a9c-4f9b-8b4e-80fbaec667c9 | rabbit://openstack:*@controller | mysql+pymysql://nova:****@controller/nova |
+-------+--------------------------------------+------------------------------------+-------------------------------------------------+
10.設置服務開機啟動
[root@controller ~]# systemctl enable openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
[root@controller ~]# systemctl start openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
十七、安裝和配置 compute 節點服務(compute節點)
1.安裝軟件包
[root@compute ~]# yum install openstack-nova-compute
2.編輯 /etc/nova/nova.conf 文件
[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:123456@controller
my_ip = 192.168.48.110
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api]
auth_strategy = keystone
[keystone_authtoken]
auth_uri = http://192.168.48.100:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = 123456
[vnc]
enabled = True
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://controller:6080/vnc_auto.html
[glance]
api_servers = http://controller:9292
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[placement]
os_region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:35357/v3
username = placement
password = 123456
3.設置服務開機啟動
[root@compute ~]# systemctl enable libvirtd.service openstack-nova-compute.service
[root@compute ~]# systemctl start libvirtd.service openstack-nova-compute.service #說明:如果 nova-compute 服務無法啟動,請檢查 /var/log/nova/nova-compute.log,會出現如下報錯信息
[root@compute ~]# more /var/log/nova/nova-compute.log
2018-11-20 13:12:58.932 129835 INFO os_vif [-] Loaded VIF plugins: ovs, linux_bridge
2018-11-20 13:12:58.997 129835 ERROR oslo.messaging._drivers.impl_rabbit [req-93d6f9a5-6141-40ea-bc88-5d6d1fec6d02 - - - - -] [56dc3f06-cc75-43dc-8b2a-a35d9b175404] AMQP s
erver on controller:5672 is unreachable: [Errno 113] EHOSTUNREACH. Trying again in 1 seconds. Client port: None: error: [Errno 113] EHOSTUNREACH
2018-11-20 13:13:00.085 129835 ERROR oslo.messaging._drivers.impl_rabbit [req-93d6f9a5-6141-40ea-bc88-5d6d1fec6d02 - - - - -] [56dc3f06-cc75-43dc-8b2a-a35d9b175404] AMQP s
erver on controller:5672 is unreachable: [Errno 113] EHOSTUNREACH. Trying again in 2 seconds. Client port: None: error: [Errno 113] EHOSTUNREACH
2018-11-20 13:13:02.103 129835 ERROR oslo.messaging._drivers.impl_rabbit [req-93d6f9a5-6141-40ea-bc88-5d6d1fec6d02 - - - - -] [56dc3f06-cc75-43dc-8b2a-a35d9b175404] AMQP s
erver on controller:5672 is unreachable: [Errno 113] EHOSTUNREACH. Trying again in 4 seconds. Client port: None: error: [Errno 113] EHOSTUNREACH
#控制器:5672上的錯誤消息 AMQP 服務器無法訪問可能表示控制器節點上的防火牆阻止了對端口5672的訪問。配置防火牆以在控制器節點上打開端口5672,並在計算節點上重新啟動 nova-compute 服務
(1)在 controller 節點清空防火牆
[root@controller ~]# iptables -F
[root@controller ~]# iptables -X
[root@controller ~]# iptables -Z
(2)在 compute 節點重啟計算服務
[root@compute ~]# systemctl restart libvirtd.service openstack-nova-compute.service
4.添加compute節點到cell數據庫(controller節點)
[root@controller ~]# source admin-openrc
[root@controller ~]# openstack compute service list --service nova-compute
+----+--------------+---------+------+---------+-------+----------------------------+
| ID | Binary | Host | Zone | Status | State | Updated At |
+----+--------------+---------+------+---------+-------+----------------------------+
| 6 | nova-compute | compute | nova | enabled | up | 2018-11-22T03:15:07.000000 |
+----+--------------+---------+------+---------+-------+----------------------------+
5.發現計算節點
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) ['use_tpool'] not supported
exception.NotSupportedWarning
Found 2 cell mappings.
Skipping cell0 since it does not contain hosts.
Getting computes from cell 'cell1': b44fc798-6a9c-4f9b-8b4e-80fbaec667c9
Checking host mapping for compute host 'compute': 0287e6eb-6107-47f7-9635-454c88001c3a
Creating host mapping for compute host 'compute': 0287e6eb-6107-47f7-9635-454c88001c3a
Found 1 unmapped computes in cell: b44fc798-6a9c-4f9b-8b4e-80fbaec667c9
十八、在 controller 節點驗證計算服務操作
1.列出服務組件
[root@controller ~]# source admin-openrc
[root@controller ~]# openstack compute service list
+----+------------------+------------+----------+---------+-------+----------------------------+
| ID | Binary | Host | Zone | Status | State | Updated At |
+----+------------------+------------+----------+---------+-------+----------------------------+
| 1 | nova-consoleauth | controller | internal | enabled | up | 2018-11-22T03:16:04.000000 |
| 2 | nova-scheduler | controller | internal | enabled | up | 2018-11-22T03:16:04.000000 |
| 3 | nova-conductor | controller | internal | enabled | up | 2018-11-22T03:16:04.000000 |
| 6 | nova-compute | compute | nova | enabled | up | 2018-11-22T03:15:57.000000 |
+----+------------------+------------+----------+---------+-------+----------------------------+
2.列出身份服務中的 API 端點以驗證與身份服務的連接
[root@controller ~]# openstack catalog list
+-----------+-----------+-----------------------------------------+
| Name | Type | Endpoints |
+-----------+-----------+-----------------------------------------+
| placement | placement | RegionOne |
| | | public: http://controller:8778 |
| | | RegionOne |
| | | internal: http://controller:8778 |
| | | RegionOne |
| | | admin: http://controller:8778 |
| | | |
| glance | image | RegionOne |
| | | admin: http://controller:9292 |
| | | RegionOne |
| | | internal: http://controller:9292 |
| | | RegionOne |
| | | public: http://controller:9292 |
| | | |
| nova | compute | RegionOne |
| | | internal: http://controller:8774/v2.1 |
| | | RegionOne |
| | | public: http://controller:8774/v2.1 |
| | | RegionOne |
| | | admin: http://controller:8774/v2.1 |
| | | |
| keystone | identity | RegionOne |
| | | public: http://controller:5000/v3/ |
| | | RegionOne |
| | | internal: http://controller:5000/v3/ |
| | | RegionOne |
| | | admin: http://controller:35357/v3/ |
| | | |
+-----------+-----------+-----------------------------------------+
3.列出鏡像
[root@controller ~]# openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| 8a20afbc-539f-4343-8a4d-512ffaf5d9ff | cirros | active |
+--------------------------------------+--------+--------+
4.檢查 cells 和 placement API 是否正常
[root@controller ~]# nova-status upgrade check
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) ['use_tpool'] not supported
exception.NotSupportedWarning
Option "os_region_name" from group "placement" is deprecated. Use option "region-name" from group "placement".
+-------------------------------------------------------------------+
| Upgrade Check Results |
+-------------------------------------------------------------------+
| Check: Cells v2 |
| Result: Success |
| Details: None |
+-------------------------------------------------------------------+
| Check: Placement API |
| Result: Failure |
| Details: Placement service credentials do not work. |
+-------------------------------------------------------------------+
| Check: Resource Providers |
| Result: Warning |
| Details: There are no compute resource providers in the Placement |
| service but there are 1 compute nodes in the deployment. |
| This means no compute nodes are reporting into the |
| Placement service and need to be upgraded and/or fixed. |
| See |
| https://docs.openstack.org/nova/latest/user/placement.html |
| for more details. |
+-------------------------------------------------------------------+
| Check: Ironic Flavor Migration |
| Result: Success |
| Details: None |
+-------------------------------------------------------------------+
| Check: API Service Version |
| Result: Success |
| Details: None |
+-------------------------------------------------------------------+
十九、安裝和配置 controller 節點 neutron 網絡配置
1.創建 nuetron 數據庫和授權
MariaDB [(none)]> CREATE DATABASE neutron;
Query OK, 1 row affected (0.01 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '123456';
Query OK, 0 rows affected (0.01 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '123456';
Query OK, 0 rows affected (0.01 sec)
2.創建服務
[root@controller ~]# source admin-openrc
[root@controller ~]# openstack user create --domain default --password-prompt neutron
User Password:
123456
Repeat User Password:123456
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | b163179f06d846399f0be3e2d0f88c76 |
| name | neutron |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
[root@controller ~]# openstack role add --project service --user neutron admin #添加 admin 角色為 neutron 用戶
[root@controller ~]# openstack service create --name neutron --description "OpenStack Networking" network #創建 neutron 服務
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Networking |
| enabled | True |
| id | d2c54b8c4eb047f09ad7ae90cca56c9f |
| name | neutron |
| type | network |
+-------------+----------------------------------+
3.創建網絡服務端點
[root@controller ~]# openstack endpoint create --region RegionOne network public http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | a0367a843a09471d93e0205a72a3e2a4 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | d2c54b8c4eb047f09ad7ae90cca56c9f |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne network internal http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 78d975485e764c85b658f7da09fd0dca |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | d2c54b8c4eb047f09ad7ae90cca56c9f |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne network admin http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 59f9f81e14fe4419b897e9a65dd6f3d3 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | d2c54b8c4eb047f09ad7ae90cca56c9f |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
二十、配置網絡部分(controller節點)
1.安裝組件
[root@controller ~]# yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables
2.配置服務組件,編輯 /etc/neutron/neutron.conf 文件
[DEFAULT]
auth_strategy = keystone
core_plugin = ml2
service_plugins =
transport_url = rabbit://openstack:123456@controller
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
[database]
connection = mysql+pymysql://neutron:123456@controller/neutron
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = 123456
[nova]
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = 123456
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
二十一、配置網絡二層插件(controller節點)
1.編輯 /etc/neutron/plugins/ml2/ml2_conf.ini 文件
[ml2]
type_drivers = flat,vlan
tenant_network_types =
mechanism_drivers = linuxbridge
extension_drivers = port_security
[ml2_type_flat]
flat_networks = provider
[securitygroup]
enable_ipset = true
2.配置 Linux 網橋,編輯 /etc/neutron/plugins/ml2/linuxbridge_agent.ini 文件
[linux_bridge]
physical_interface_mappings = provider:ens33
[vxlan]
enable_vxlan = false
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
3.配置 DHCP 服務編輯 /etc/neutron/dhcp_agent.ini 文件
[DEFAULT]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true
4.配置 metadata,編輯 /etc/neutron/metadata_agent.ini 文件
[DEFAULT]
nova_metadata_host = controller
metadata_proxy_shared_secret = 123456
5.配置計算服務使用網絡服務,編輯 /etc/nova/nova.conf 文件
[neutron]
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = 123456
service_metadata_proxy = true
metadata_proxy_shared_secret = 123456
6.創建服務軟鏈接
[root@controller ~]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
7.同步數據庫
[root@controller ~]# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
8.重啟 compute API 服務
[root@controller ~]# systemctl restart openstack-nova-api.service
9.配置網絡服務開機啟動
[root@controller ~]# systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
[root@controller ~]# systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
二十二、配置 compute 節點網絡服務(compute節點)
1.安裝組件
[root@compute ~]# yum install openstack-neutron-linuxbridge ebtables ipset
2.配置公共組件,編輯 /etc/neutron/neutron.conf 文件
[DEFAULT]
auth_strategy = keystone
transport_url = rabbit://openstack:123456@controller
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = 123456
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
3.配置 Linux 網橋,編輯 /etc/neutron/plugins/ml2/linuxbridge_agent.ini 文件
[linux_bridge]
physical_interface_mappings = provider:ens33
[vxlan]
enable_vxlan = false
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
4.配置計算節點網絡服務,編輯 /etc/nova/nova.conf 文件
[neutron]
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = 123456
5.重啟 compute 服務
[root@compute ~]# systemctl restart openstack-nova-compute.service
6.設置網橋服務開機啟動
[root@compute ~]# systemctl enable neutron-linuxbridge-agent.service
[root@compute ~]# systemctl start neutron-linuxbridge-agent.service
二十三、在 controller 節點安裝 Horizon 服務
1.安裝軟件包
[root@controller ~]# yum install openstack-dashboard -y
2.編輯 /etc/openstack-dashboard/local_settings 文件
OPENSTACK_HOST = "controller"
ALLOWED_HOSTS = ['*']
###配置 memcache 會話存儲###
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION': 'controller:11211',
}
}
###開啟身份認證 API 版本 v3###
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
###開啟 domains 版本支持###
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
###配置 API 版本####
OPENSTACK_API_VERSIONS = {
"identity": 3,
"image": 2,
"volume": 2,
}
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'Default'
OPENSTACK_NEUTRON_NETWORK = {
'enable_router': False,
'enable_quotas': False,
'enable_distributed_router': False,
'enable_ha_router': False,
'enable_lb': False,
'enable_firewall': False,
'enable_***': False,
'enable_fip_topology_check': False,
#修改時,注意底部采用原有的“}”,重復會無法重啟 web 服務
3.完成安裝,重啟 web 服務和會話存儲
[root@controller ~]# systemctl restart httpd.service memcached.service
4.訪問 http://192.168.48.100/dashborad 查看 openstack 的 web 頁面
[root@controller ~]# cat /var/log/httpd/error_log
[Tue Nov 20 14:53:50.369936 2018] [core:error] [pid 8554] [client 192.168.37.1:3248] Script >timed out before returning headers: django.wsgi
[Tue Nov 20 14:54:13.014939 2018] [core:error] [pid 8451] [client 192.168.37.1:3371] Script >timed out before returning headers: django.wsgi
[Tue Nov 20 14:56:07.340768 2018] [core:error] [pid 8452] [client 192.168.37.1:3207] End of >script output before headers: django.wsgi
[root@controller ~]# vim /etc/httpd/conf.d/openstack-dashboard.conf
#在 WSGISocketPrefix run/wsgi 下添加:
WSGIApplicationGroup %{GLOBAL}
[root@controller ~]# systemctl restart httpd.service #重啟后再次訪問,重啟時間會較長
| Domain | 用戶名 | 密碼 |
|---|---|---|
| default | admin | 123456 |
[root@controller ~]# cat /var/log/httpd/error_log
[Tue Nov 20 08:41:50.857910 2018] [:error] [pid 9228] RuntimeError: Unable to create a new session key. It is likely that the cache is unavailable.
[root@controller ~]# vim /etc/openstack-dashboard/local_settings
#原:SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
SESSION_ENGINE = 'django.contrib.sessions.backends.file'
[root@controller ~]# systemctl restart httpd.service memcached.service #重啟后再次訪問
#我的好友在搭建時出現過訪問dashboard界面時 404 Not Found 找不到 dashborad 的 server URL 問題,查看日志如下:
#執行如下命令:
#[root@controller ~]# curl -l localhost/dashboard #無需重啟服務
執行完成以上步驟后,再次訪問dashboard界面
可能 dashboard 界面會出現提示 錯誤:無法獲取浮動 ip 地址。針對這個問題我檢查了 /etc/openstack-dashboard/local_settings 這個配置文件,重啟 httpd 服務后再次訪問則恢復正常,無報錯提示,這個我也沒搞清楚為什么。
存儲節點的部署后續會繼續補充