各節點網卡配置情況:
控制節點:controller:
IP:192.168.164.128
hostname&hosts:likeadmin
計算加點:Nova:
IP:192.168.164.129
hostname&hosts:likenode
塊存儲節點:cinder:
IP:192.168.164.136
hostname&hosts:likeblock
1.安裝配置OpenStack包
需要分別在likeadmin,likenode,likeblock三台主機上安裝OpenStack包和客戶端
1)在CentOS中, ``extras``倉庫提供用於啟用 OpenStack 倉庫的RPM包。 CentOS 默認啟用``extras``倉庫,因此你可以直接安裝用於啟用OpenStack倉庫的包。
# yum install centos-release-openstack-ocata
在RHEL上,下載和安裝RDO倉庫RPM來啟用OpenStack倉庫。
# yum install https://rdoproject.org/repos/rdo-release.rpm
2)安裝 OpenStack 客戶端:
# yum install python-openstackclient
3)RHEL和 CentOS 默認啟用 SELinux 。安裝 openstack-selinux 包實現對OpenStack服務的安全策略進行自動管理:
# yum install openstack-selinux
2.安裝並配置SQL數據庫
注意:SQL只需要安裝在controller節點上,即likeadmin計算機
1)安全並配置組件
安裝軟件包:
# yum install mariadb mariadb-server python2-PyMySQL
2)創建並編輯 /etc/my.cnf.d/openstack.cnf,然后完成如下動作:
可在/usr/share/mariadb/my-medium.cnf路徑下復制OpenStack.cnf文件
cp /usr/share/mariadb/my-medium.cnf /etc/my.cnf.d/openstack.cnf
在[mysqld]中,設置“bind-address”值為控制節點的管理網絡IP地址以是的其他節點可以通過管理網絡訪問訪問數據庫。設置其他關鍵字來設置一些有用的選項和UTF-8編碼:
[mysqld]
bind-address = 192.168.164.128
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
3)完成安裝
啟動數據庫服務,並將其配置為開機自啟:
# systemctl enable mariadb.service
# systemctl start mariadb.service
4)通過運行mysql_secure_installation腳本來保護數據庫服務。 特別是,為數據庫root帳戶選擇合適的密碼:
# mysql_secure_installation
[root@likeadmin ~]# mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none): *這里不需要輸入root的密碼,直接enter就可以*
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y *這里選設置root密碼*
New password: djl18001
Re-enter new password: djl18001
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] y
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
[root@likeadmin ~]#
3. 安裝並配置消息隊列
OpenStack使用消息隊列來協調服務之間的操作和狀態信息。 消息隊列服務通常在控制器節點上運行。
OpenStack支持多種消息隊列服務,包括RabbitMQ,Qpid和ZeroMQ。 但是,大多數打包OpenStack的發行版都支持特定的消息隊列服務。
本指南實現了RabbitMQ消息隊列服務,因為大多數發行版都支持它。 如果您希望實現不同的消息隊列服務,請查閱與其相關的文檔。
1)安裝包:
# yum install rabbitmq-server
2)啟動消息隊列服務並將其配置為隨系統啟動:
# systemctl enable rabbitmq-server.service
# systemctl start rabbitmq-server.service
3)添加 openstack 用戶:
# rabbitmqctl add_user openstack RABBIT_PASS *在實驗環境下RABBIT_PASS設成:djl18001,在生產環境下請使用密文代替
Creating user "openstack" ...
用合適的密碼替換 RABBIT_DBPASS。
4)給``openstack``用戶配置寫和讀權限:
# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
Setting permissions for user "openstack" in vhost "/" ...
5)啟動rabbitmq_management插件(可選做)
[root@likeadmin ~]# rabbitmq-plugins list
Configured: E = explicitly enabled; e = implicitly enabled
| Status: * = running on rabbit@likeadmin
|/
[ ] amqp_client 3.6.5
[ ] cowboy 1.0.3
[ ] cowlib 1.0.1
[ ] mochiweb 2.13.1
[ ] rabbitmq_amqp1_0 3.6.5
[ ] rabbitmq_auth_backend_ldap 3.6.5
[ ] rabbitmq_auth_mechanism_ssl 3.6.5
[ ] rabbitmq_consistent_hash_exchange 3.6.5
[ ] rabbitmq_event_exchange 3.6.5
[ ] rabbitmq_federation 3.6.5
[ ] rabbitmq_federation_management 3.6.5
[ ] rabbitmq_jms_topic_exchange 3.6.5
[ ] rabbitmq_management 3.6.5
[ ] rabbitmq_management_agent 3.6.5
[ ] rabbitmq_management_visualiser 3.6.5
[ ] rabbitmq_mqtt 3.6.5
[ ] rabbitmq_recent_history_exchange 1.2.1
[ ] rabbitmq_sharding 0.1.0
[ ] rabbitmq_shovel 3.6.5
[ ] rabbitmq_shovel_management 3.6.5
[ ] rabbitmq_stomp 3.6.5
[ ] rabbitmq_top 3.6.5
[ ] rabbitmq_tracing 3.6.5
[ ] rabbitmq_trust_store 3.6.5
[ ] rabbitmq_web_dispatch 3.6.5
[ ] rabbitmq_web_stomp 3.6.5
[ ] rabbitmq_web_stomp_examples 3.6.5
[ ] sockjs 0.3.4
[ ] webmachine 1.10.3
[root@likeadmin ~]#
[root@likeadmin ~]# rabbitmq-plugins enable rabbitmq_management
The following plugins have been enabled:
mochiweb
webmachine
rabbitmq_web_dispatch
amqp_client
rabbitmq_management_agent
rabbitmq_management
Applying plugin configuration to rabbit@likeadmin... started 6 plugins.
[root@likeadmin ~]#
[root@likeadmin ~]# lsof -i:15672
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
beam.smp 22128 rabbitmq 54u IPv4 88245 0t0 TCP *:15672 (LISTEN)
[root@likeadmin ~]#
可通過瀏覽器訪問RabbitMQ,訪問地址是http://192.168.164.128:15672
默認賬號密碼:guest guest
登錄后,在admin選項,為OpenStack賬號設置登錄密碼,並添加administrator權限
4。安裝並配置Memcached
各類服務的身份認證機制使用Memcached緩存令牌。緩存服務memecached通常運行在控制節點。在生產部署中,我們推薦聯合啟用防火牆、認證和加密保證它的安全。
1)安全並配置組件
安裝軟件包:
#yum install memcached python-memcached
2)編輯/etc/sysconfig/memcached文件並完成以下操作:
配置服務以使用控制器節點的管理IP地址。 這是為了通過管理網絡啟用其他節點的訪問:
OPTIONS="-l 127.0.0.1,::1,likeadmin"
3)完成安裝
啟動Memcached服務,並且配置它隨機啟動。
# systemctl enable memcached.service
# systemctl start memcached.service
注:至此OpenStack基礎環境已基本搭建完成。