openstack在centos上安裝---單機模式安裝的--packstack

1.准備實驗環境

#使用vagrant創建虛擬機,並修改sshd配置 # -*- mode: ruby -*- # vi: set ft=ruby : Vagrant.require_version ">= 1.6.0" boxes = [ { :name => "stack", :eth1 => "192.168.1.220", :mem => "16384", :cpu => "8" } ] Vagrant.configure(2) do |config| config.vm.box = "centos7" boxes.each do |opts| config.vm.define opts[:name] do |config| config.vm.hostname = opts[:name] config.vm.provider "vmware_fusion" do |v| v.vmx["memsize"] = opts[:mem] v.vmx["numvcpus"] = opts[:cpu] end config.vm.provider "virtualbox" do |v| v.customize ["modifyvm", :id, "--memory", opts[:mem]] v.customize ["modifyvm", :id, "--cpus", opts[:cpu]] end config.vm.network :public_network, ip: opts[:eth1] end end end  #修改ssh配置 [root@stack ~]# grep Password /etc/ssh/sshd_config PasswordAuthentication yes [root@stack ~]# grep PermitRoot /etc/ssh/sshd_config PermitRootLogin yes [root@stack ~]#  #關閉selinux,NetwokMnager,firewalld sed -i 's/enforcing/disabled/g' /etc/selinux/config systemctl stop firewalld systemctl disable firewalld systemctl stop NetworkManager systemctl disable NetworkManager  #設置hosts [root@stack ~]# cat /etc/hosts 127.0.0.1 stack stack 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.1.220 stack  #配置yum源 [root@stack yum.repos.d]# cat Aliyun-openstack.repo [Aliyun-openstack] name=Aliyun-openstack baseurl=https://mirrors.aliyun.com/centos/$releasever/cloud/$basearch/openstack-rocky/ gpgcheck=0 enabled=1 cost=88 [Aliyun-qemu-ev] name=Aliyun-qemu-ev baseurl=https://mirrors.aliyun.com/centos/$releasever/virt/$basearch/kvm-common/ https://mirrors.aliyun.com/centos gpgcheck=0 enabled=1 ----------------------------------------------------------------------------------------- [root@stack yum.repos.d]# cat epel.repo [epel] name=Extra Packages for Enterprise Linux 7 - $basearch baseurl=http://mirrors.aliyun.com/epel/7/$basearch #mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch failovermethod=priority enabled=1 gpgcheck=0 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 [epel-debuginfo] name=Extra Packages for Enterprise Linux 7 - $basearch - Debug baseurl=http://mirrors.aliyun.com/epel/7/$basearch/debug #mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-debug-7&arch=$basearch failovermethod=priority enabled=0 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 gpgcheck=0 [epel-source] name=Extra Packages for Enterprise Linux 7 - $basearch - Source baseurl=http://mirrors.aliyun.com/epel/7/SRPMS #mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-source-7&arch=$basearch failovermethod=priority enabled=0 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7 gpgcheck=0 ----------------------------------------------------------------------------------------- [root@stack yum.repos.d]# cat CentOS-Base.repo # CentOS-Base.repo # # The mirror system uses the connecting IP address of the client and the # update status of each mirror to pick mirrors that are updated to and # geographically close to the client. You should use this for CentOS updates # unless you are manually picking other mirrors. # # If the mirrorlist= does not work for you, as a fall back you can try the # remarked out baseurl= line instead. # # [base] name=CentOS-$releasever - Base - mirrors.aliyun.com failovermethod=priority baseurl=http://mirrors.aliyun.com/centos/$releasever/os/$basearch/ #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os gpgcheck=1 gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7  #released updates [updates] name=CentOS-$releasever - Updates - mirrors.aliyun.com failovermethod=priority baseurl=http://mirrors.aliyun.com/centos/$releasever/updates/$basearch/ #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates gpgcheck=1 gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7  #additional packages that may be useful [extras] name=CentOS-$releasever - Extras - mirrors.aliyun.com failovermethod=priority baseurl=http://mirrors.aliyun.com/centos/$releasever/extras/$basearch/ #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras gpgcheck=1 gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7  #additional packages that extend functionality of existing packages [centosplus] name=CentOS-$releasever - Plus - mirrors.aliyun.com failovermethod=priority baseurl=http://mirrors.aliyun.com/centos/$releasever/centosplus/$basearch/ #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus gpgcheck=1 enabled=0 gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7  #contrib - packages by Centos Users [contrib] name=CentOS-$releasever - Contrib - mirrors.aliyun.com failovermethod=priority baseurl=http://mirrors.aliyun.com/centos/$releasever/contrib/$basearch/ #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib gpgcheck=1 enabled=0 gpgkey=http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7 

2.安裝packstack相關軟件

#重裝leatherman yum -y remove leatherman\* yum -y install leatherman-1.3.0\*  #安裝packstack yum -y install openstack-utils yum -y install openstack-packstack 

3.生成並修改packstack應答文件

#生成應答文件 packstack --gen-answer-file=aa.txt  #修改應答文件(若沒有ifconfig命令,安裝net-tools) [root@stack ~]# cat preinstall.sh #!/bin/bash #packstack --gen-answer-file=aa.txt IP=$(ifconfig eth1 | awk '/inet /{print $2}') sed -i '/^CONFIG_COMPUTE_HOSTS=/cCONFIG_COMPUTE_HOSTS='$IP'' aa.txt sed -i '/^CONFIG_PROVISION_DEMO=/cCONFIG_PROVISION_DEMO=n' aa.txt sed -i '/^CONFIG_NEUTRON_ML2_TYPE_DRIVERS=/cCONFIG_NEUTRON_ML2_TYPE_DRIVERS=flat,vxlan' aa.txt sed -i '/^CONFIG_NEUTRON_ML2_FLAT_NETWORKS=/cCONFIG_NEUTRON_ML2_FLAT_NETWORKS=datacentre' aa.txt sed -i '/^CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=/cCONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=datacentre:br-ex' aa.txt #sed -i '/^CONFIG_HEAT_INSTALL=/cCONFIG_HEAT_INSTALL=y' aa.txt sed -i.bak -r 's/(.+_PW)=[0-9a-z]+/\1=redhat/g' aa.txt cat <<EOF 請把下面兩句話添加控制節點和計算節點的/etc/hosts  $IP $(hostname) $(hostname -s) 運行下面的命令安裝opensteack packstack --answer-file=aa.txt EOF  #ps:若ping不通百度,查看默認路由是否准確 

4.安裝openstack

packstack --answer-file=aa.txt

5.創建橋接網絡

[root@stack ~]# cat postinstall.sh 
#!/bin/bash IP=$(ifconfig eth1 | awk '/inet /{print $2}') GW=$(echo $IP | awk -F. '{print $1"."$2"."$3"."2}') dir="/etc/sysconfig/network-scripts/" cat > $dir/ifcfg-br-ex <<EOF DEVICE=br-ex DEVICETYPE=ovs TYPE=OVSBridge BOOTPROTO=none IPADDR=$IP NETMASK=255.255.255.0 GATEWAY=$GW DNS1=$GW ONBOOT=yes EOF cat > $dir/ifcfg-eth1 <<EOF DEVICE=eth1 DEVICETYPE=ovs TYPE=OVSPort ONBOOT=yes BOOTPROTO=none OVS_BRIDGE=br-ex EOF echo "請執行 systemctl restart network重啟網絡，且保證網絡正常啟動" 

6.創建實例驗證openstack可用性

#創建用戶 [root@stack ~(keystone_admin)]# openstack user create --password redhat test +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | domain_id | default | | enabled | True | | id | 1d1941d6b4f94ec8a1219c88ae15ee35 | | name | test | | options | {} | | password_expires_at | None | +---------------------+----------------------------------+  #創建項目 [root@stack ~(keystone_admin)]# openstack project create test +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | | | domain_id | default | | enabled | True | | id | 605b0cf0f33a46f08a27ae953b19ba94 | | is_domain | False | | name | test | | parent_id | default | | tags | [] | +-------------+----------------------------------+  #用戶關聯項目(role) [root@stack ~(keystone_admin)]# openstack role add --user test --project test admin [root@stack ~(keystone_admin)]# openstack role assignment list --name +---------------+--------------------+-------+------------------+--------+--------+-----------+ | Role | User | Group | Project | Domain | System | Inherited | +---------------+--------------------+-------+------------------+--------+--------+-----------+ | admin | test@Default | | test@Default | | | False | | admin | cinder@Default | | services@Default | | | False | | admin | swift@Default | | services@Default | | | False | | ResellerAdmin | ceilometer@Default | | services@Default | | | False | | admin | ceilometer@Default | | services@Default | | | False | | admin | gnocchi@Default | | services@Default | | | False | | admin | neutron@Default | | services@Default | | | False | | admin | aodh@Default | | services@Default | | | False | | admin | admin@Default | | admin@Default | | | False | | admin | placement@Default | | services@Default | | | False | | admin | glance@Default | | services@Default | | | False | | admin | nova@Default | | services@Default | | | False | | admin | admin@Default | | | | all | False | +---------------+--------------------+-------+------------------+--------+--------+-----------+ 

創建橋接網絡

#確認橋接網絡是否創建,查看網卡配置文件 [root@stack network-scripts(keystone_admin)]# cat ifcfg-eth0 DEVICE=eth0 DEVICETYPE=ovs TYPE=OVSPort ONBOOT=yes BOOTPROTO=none OVS_BRIDGE=br-ex [root@stack network-scripts(keystone_admin)]# cat ifcfg-br-ex DEVICE=br-ex DEVICETYPE=ovs TYPE=OVSBridge BOOTPROTO=none IPADDR=192.168.1.220 NETMASK=255.255.255.0 GATEWAY=192.168.1.2 DNS1=192.168.1.2 ONBOOT=yes  #查看橋接網絡 [root@stack network-scripts(keystone_admin)]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master ovs-system state UP qlen 1000 link/ether 52:54:00:ca:e4:8b brd ff:ff:ff:ff:ff:ff inet6 fe80::5054:ff:feca:e48b/64 scope link valid_lft forever preferred_lft forever 3: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000 link/ether 96:ea:82:07:36:81 brd ff:ff:ff:ff:ff:ff 4: br-int: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000 link/ether 66:0e:e2:4f:c3:4b brd ff:ff:ff:ff:ff:ff 5: br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000 link/ether a6:02:6d:5a:e4:43 brd ff:ff:ff:ff:ff:ff inet 192.168.1.220/24 brd 192.168.1.255 scope global br-ex valid_lft forever preferred_lft forever inet6 2408:8256:3885:303a:a402:6dff:fe5a:e443/64 scope global mngtmpaddr dynamic valid_lft 259190sec preferred_lft 172790sec inet6 fe80::a402:6dff:fe5a:e443/64 scope link valid_lft forever preferred_lft forever 6: br-tun: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000 link/ether 86:45:49:02:72:40 brd ff:ff:ff:ff:ff:ff 

管理員創建外部網絡

登錄用戶test

創建內部網絡后查看拓撲

#上傳鏡像 openstack image create "demo" --file cirros-0.3.4-x86_64-disk.img --disk-format qcow2 --container-format bare --public openstack image list 

#創建實例規格 openstack flavor create --disk 1 --vcpus 1 --ram 64 --public --project-domain test s1.tiny 

#查看實例前置資源 #查看image [root@stack ~(keystone_admin)]# openstack image list +--------------------------------------+--------+--------+ | ID | Name | Status | +--------------------------------------+--------+--------+ | cd82f5b8-f531-4a6d-bdec-52bca312b7ff | cirros | active | | 8c881671-689b-4800-b75c-bedac09ff255 | demo | active | +--------------------------------------+--------+--------+  #查看flavor openstack flavor list [root@stack ~(keystone_admin)]# openstack flavor list +--------------------------------------+-----------+-------+------+-----------+-------+-----------+ | ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public | +--------------------------------------+-----------+-------+------+-----------+-------+-----------+ | 1 | m1.tiny | 512 | 1 | 0 | 1 | True | | 2 | m1.small | 2048 | 20 | 0 | 1 | True | | 3 | m1.medium | 4096 | 40 | 0 | 2 | True | | 4 | m1.large | 8192 | 80 | 0 | 4 | True | | 5 | m1.xlarge | 16384 | 160 | 0 | 8 | True | | 945270de-a01a-48ae-bb5e-c43d2cd1d493 | s.tiny | 64 | 1 | 0 | 1 | True | | e60139de-3a24-4bd5-b52c-09eab4a3c457 | s1.small | 128 | 1 | 0 | 1 | True | +--------------------------------------+-----------+-------+------+-----------+-------+-----------+  #可創建 openstack flavor create --disk 1 --vcpus 1 --ram 64 --public --project-domain test s.tiny  #查看安全組 [root@stack ~(keystone_admin)]# openstack security group list +--------------------------------------+---------+------------------------+----------------------------------+------+ | ID | Name | Description | Project | Tags | +--------------------------------------+---------+------------------------+----------------------------------+------+ | 1cb85427-4e56-49e1-bb83-85585bfb6140 | demo-sg | | 605b0cf0f33a46f08a27ae953b19ba94 | [] | | 3d1f1c15-972c-40b7-9d9b-b997cf60c76e | default | Default security group | 605b0cf0f33a46f08a27ae953b19ba94 | [] | | 8874f333-f086-43ef-8c7e-d50da432c4bf | default | Default security group | df5999672201403aa31fb955f10adde6 | [] | | 8cc809bb-ce0e-401e-8692-0b831d08b614 | default | Default security group | 7dadee390b244dbbbca03a58a59cfc6c | [] | | bfbdae01-f499-41c7-a754-34a47a38aad6 | default | Default security group | | [] | +--------------------------------------+---------+------------------------+----------------------------------+------+  #查看網絡 [root@stack ~(keystone_admin)]# openstack network list +--------------------------------------+---------+--------------------------------------+ | ID | Name | Subnets | +--------------------------------------+---------+--------------------------------------+ | 331d986e-7b0a-4d2c-acd0-cffe4c64beeb | net-ex | 69712017-1037-442d-a2c1-d02cdc5b5970 | | dc7da17a-83ce-4f66-91d9-ec299a6538cc | pub-int | 67f4e13c-14bf-46b8-a82d-5f34580b4de4 | +--------------------------------------+---------+--------------------------------------+  #創建實例 openstack server create --image demo --flavor s.tiny --security-group demo-sg --network pub-int vm01  #分配浮動ip openstack network list openstack floating ip create net-ex openstack floating ip list  #綁定浮動ip openstack server add floating ip vm01 192.168.1.27  #浮動ip在路由接口上 [root@stack ~(test_admin)]# ip netns exec qrouter-06593c2e-fa20-44dd-ba37-030b9fa57837 ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 11: qg-eb9df27e-52: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000 link/ether fa:16:3e:15:0b:bb brd ff:ff:ff:ff:ff:ff inet 192.168.1.29/24 brd 192.168.1.255 scope global qg-eb9df27e-52 valid_lft forever preferred_lft forever inet 192.168.1.22/32 brd 192.168.1.22 scope global qg-eb9df27e-52 valid_lft forever preferred_lft forever inet 192.168.1.27/32 brd 192.168.1.27 scope global qg-eb9df27e-52 valid_lft forever preferred_lft forever inet6 2408:8256:3885:303a:f816:3eff:fe15:bbb/64 scope global mngtmpaddr dynamic valid_lft 259192sec preferred_lft 172792sec inet6 fe80::f816:3eff:fe15:bbb/64 scope link valid_lft forever preferred_lft forever 12: qr-7f7369b9-1c: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN qlen 1000 link/ether fa:16:3e:84:96:e3 brd ff:ff:ff:ff:ff:ff inet 10.0.10.1/24 brd 10.0.10.255 scope global qr-7f7369b9-1c valid_lft forever preferred_lft forever inet6 fe80::f816:3eff:fe84:96e3/64 scope link valid_lft forever preferred_lft forever

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

packstack --allinone --provision-demo=n --os-neutron-ovs-bridge-mappings=extnet:br-ex --os-neutronml2-type-drivers=vxlan,flat

 

#記錄一台單節點物理服務器使用PackStack部署OpenStack-Train版的操作

戴爾R720
系統：centos7.8.2003
cpu型號： E5-2670v2
2C8核32線程
內存 32G
網絡環境:
eth0 192.168.100.106 物理外網
eth1 172.16.0.106 私有內網
1
2
3
4
5
6
7
8
#服務器基礎優化

echo 'net.ipv4.ip_forward=1 ' >>/etc/sysctl.conf
echo 'net.ipv4.tcp_tw_recycle=1 ' >>/etc/sysctl.conf
echo 'net.ipv4.tcp_tw_reuse=1 ' >>/etc/sysctl.conf
sysctl -p
chmod +x /etc/rc.d/rc.local
yum install -y mlocate lrzsz tree vim nc nmap wget bash-completion bash-completion-extras cowsay sl htop iotop iftop lsof net-tools sysstat unzip bc psmisc ntpdate wc telnet-server bind-utils sshpass
echo 'localhost 192.168.100.106' >>/etc/hosts
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
systemctl stop NetworkManager
systemctl disable NetworkManager
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum install -y mlocate lrzsz tree vim nc nmap wget bash-completion bash-completion-extras cowsay sl htop iotop iftop lsof net-tools sysstat unzip bc psmisc ntpdate wc telnet-server bind-utils sshpass
sed -i 's#keepcache=0#keepcache=1#g' /etc/yum.conf
yum clean all
yum makecache
ntpdate ntp1.aliyun.com
echo '*/30 * * * * /sbin/ntpdate ntp1.aliyun.com >/dev/null 2>&1' >>/var/spool/cron/root
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
#安裝train版yum源

yum install centos-release-openstack-train -y
1
#安裝openstack-packstack工具用於生成openstack應答文件

yum install openstack-packstack -y
packstack --gen-answer-file=openstack.txt

packstack --allinone　 #allinone模式
packstack --gen-answer-file=<file>　 #生成部署配置文件
packstack --answer-file=<file>　　　 #選擇應答文件
1
2
3
4
5
6
#packstack每個版本的配置文件均有小改動，不要修改錯位置
可以詳細學習一下配置文件的各個模塊的配置參數，可根據自己實際需求更改

[19:57 root@localhost ~]# vim openstack.txt
41行: y-n #SWIFT是OpenStack的對象存儲組件，默認是Y，在生產環境中一般是不裝，所以改n
50行: y-n #不安裝該服務
97行: 10.0.1.120,10.0.1.130 #計算節點ip地址
808 openvswitch
813: physnet1 #flat網絡這邊要設置物理網卡名字
840 openvswitch #L2網絡的代理模式,也可選擇linuxbridge
858: physnet1:br-ex #這邊要設置物理網卡的名字
869: br-ex:eth0 #這邊br-ex:eth0是網絡節點的nat網卡，到時候安裝完畢之后IP地址會漂到這個上
1181: y-n #DEMO是OpenStack聯網下載一個測試鏡像，這邊沒聯網。說以改成n
1
2
3
4
5
6
7
8
9
10
##更改密碼（123456）

sed -i -r 's/(.+_PW)=.+/\1=123456/' openstack.txt
1
#備份配置文件

egrep -v "^#|^$" openstack.txt >openstack.txt.bak1
1
#查看所有的主機ip地址是否都指定到eth0網卡

[20:01 root@localhost ~]# grep 'HOST=' openstack.txt
CONFIG_CONTROLLER_HOST=192.168.100.106
CONFIG_VCENTER_HOST=
CONFIG_STORAGE_HOST=192.168.100.106
CONFIG_SAHARA_HOST=192.168.100.106
CONFIG_AMQP_HOST=192.168.100.106
CONFIG_MARIADB_HOST=192.168.100.106
CONFIG_TEMPEST_HOST=
CONFIG_REDIS_HOST=192.168.100.106
1
2
3
4
5
6
7
8
9
#一鍵部署單節點

[20:15 root@localhost ~]# packstack --answer-file=openstack.txt
Welcome to the Packstack setup utility

The installation log file is available at: /var/tmp/packstack/20200614-205624-uEmdI2/openstack-setup.log

Installing:
Clean Up [ DONE ]
Discovering ip protocol version [ DONE ]
Setting up ssh keys [ DONE ]
Preparing servers [ DONE ]
Pre installing Puppet and discovering hosts' details [ DONE ]
Preparing pre-install entries [ DONE ]
Setting up CACERT [ DONE ]
Preparing AMQP entries [ DONE ]
Preparing MariaDB entries [ DONE ]
Fixing Keystone LDAP config parameters to be undef if empty[ DONE ]
Preparing Keystone entries [ DONE ]
Preparing Glance entries [ DONE ]
Checking if the Cinder server has a cinder-volumes vg[ DONE ]
Preparing Cinder entries [ DONE ]
Preparing Nova API entries [ DONE ]
Creating ssh keys for Nova migration [ DONE ]
Gathering ssh host keys for Nova migration [ DONE ]
Preparing Nova Compute entries [ DONE ]
Preparing Nova Scheduler entries [ DONE ]
Preparing Nova VNC Proxy entries [ DONE ]
Preparing OpenStack Network-related Nova entries [ DONE ]
Preparing Nova Common entries [ DONE ]
Preparing Neutron API entries [ DONE ]
Preparing Neutron L3 entries [ DONE ]
Preparing Neutron L2 Agent entries [ DONE ]
Preparing Neutron DHCP Agent entries [ DONE ]
Preparing Neutron Metering Agent entries [ DONE ]
Checking if NetworkManager is enabled and running [ DONE ]
Preparing OpenStack Client entries [ DONE ]
Preparing Horizon entries [ DONE ]
Preparing Gnocchi entries [ DONE ]
Preparing Redis entries [ DONE ]
Preparing Ceilometer entries [ DONE ]
Preparing Puppet manifests [ DONE ]
Copying Puppet modules and manifests [ DONE ]
Applying 192.168.100.106_controller.pp
192.168.100.106_controller.pp: [ DONE ]
Applying 192.168.100.106_network.pp
192.168.100.106_network.pp: [ DONE ]
Applying 192.168.100.106_compute.pp
192.168.100.106_compute.pp: [ DONE ]
Applying Puppet manifests [ DONE ]
Finalizing [ DONE ]

**** Installation completed successfully ******

Additional information:
* Time synchronization installation was skipped. Please note that unsynchronized time on server instances might be problem for some OpenStack components.
* File /root/keystonerc_admin has been created on OpenStack client host 192.168.100.106. To use the command line tools you need to source the file.
* To access the OpenStack Dashboard browse to http://192.168.100.106/dashboard .
Please, find your login credentials stored in the keystonerc_admin in your home directory.
* The installation log file is available at: /var/tmp/packstack/20200614-205624-uEmdI2/openstack-setup.log
* The generated manifests are available at: /var/tmp/packstack/20200614-205624-uEmdI2/manifests
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
#packstack部署禁止了openstack的dashbrard界面對域的支持，需要可打開

vim /etc/openstack-dashboard/local_settings
79 OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
85 OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'Default'
461 TIME_ZONE = "Asia/Shanghai" #配置時區為亞洲上海

systemctl restart httpd.service memcached.service
1
2
3
4
5
6

#故障報錯

facter: error while loading shared libraries: leatherman_curl.so.1.3.0: cannot open shared object file: No such file or directory

leatherman rpm包版本問題
[20:06 root@localhost ~/openstack]# yum list | grep leatherman
leatherman.x86_64 1.10.0-1.el7 @epel
leatherman-devel.x86_64 1.10.0-1.el7 epel

而facter需要1.3.0
[20:09 root@localhost ~/openstack]# facter -p
facter: error while loading shared libraries: leatherman_curl.so.1.3.0: cannot open shared object file: No such file or directory

回退leatherman版本
yum downgrade leatherman -y

 

 

packstack --gen-answer-file=answers_default_allin1.txt \
 --allinone --timeout=999999 --default-password=password \
 --provision-demo=n \
 --os-neutron-ovs-bridge-mappings=extnet:br-ex \
 --os-neutron-ovs-bridge-interfaces=br-ex:ens3 \
 --os-neutron-ml2-type-drivers=vxlan,flat \
 --os-neutron-ml2-tenant-network-types=vxlan \
 --os-heat-install=y --os-heat-cfn-install=y \
 --os-magnum-install=y \
 --os-neutron-l2-agent=openvswitch

OpenStack Keystone配置產生錯誤Access denied for user 'keystone'@'10.0.2.15' (using password: YES)") None N

參照別人的一篇教程在Ubuntu上配置OpenStack，前邊進行的都很順利，當配置到keystone-manage db_sync時，產生如下的錯誤：

注意看最后一句，Access denied for user ‘keystone’@’10.0.2.15’ (using password: YES)”) None None

訪問被拒絕了，然后我試着直接用keystone訪問數據庫，發現也不行

由此想到可能是我的密碼設置錯了，然后利用root用戶登陸到mysql數據庫中使用如下命令：
select host,user from mysql.user;
找出數據庫中的所有用戶，情況如下：

果然，雖然密碼那一列被加密了，但還是能看出keystone設置的密碼和root設置的密碼是不一樣的，因為按照正常情況，我是按照他們的密碼相同訪問的，所以要把keystone的密碼改過來。
使用如下的命令：
grant all privileges on keystone.* to 'keystone'@'%' identified by '這里寫你的密碼';

利用相同的方法把nova和glance的密碼也都改過，改好后再次查看：

利用下面的命令刷新一下權限列表：
flush privileges;
然后service mysql restart重啟數據庫服務，再次執行命令keystone-manage db_sync，沒有任何的輸出，說明執行正確了。

 

錯誤1：

bash: line 7: restorecon: command not found

解決辦法: yum install policycoreutils-2.5-29.el7_6.1.x86_64

錯誤2：

Error: Package: audit-libs-python-2.8.4-4.el7.x86_64

rpm -aq | grpe audit-libs 發現已經裝了高版本

解決辦法：

rpm -e audit-2.8.5-4.el7.x86_64

yum downgrade audit-libs-2.8.4-4.el7.x86_64

錯誤3：

ERROR : Error appeared during Puppet run: 10.70.1.208_controller.pp

Error: Execution of '/usr/bin/yum -d 0 -e 0 -y install iptables-services' returned 1: Error: Package: glibc-2.17-260.el7_6.3.i686 (CTyun-Yum-Updates)

You will find full trace in log /var/tmp/packstack/20200922-141756-fV0nKk/manifests/10.70.1.208_controller.pp.log

解決辦法：

yum downgrade glibc-2.17-260.el7_6.3.x86_64 glibc-common-2.17-260.el7_6.3.x86_64 glibc-headers-2.17-260.el7_6.3.x86_64 glibc-devel-2.17-260.el7_6.3.x86_64

 

錯誤4：

ERROR : Error appeared during Puppet run: 10.70.1.208_controller.pp

Error: Execution of '/usr/bin/yum -d 0 -e 0 -y install iptables-services' returned 1: Error:  Multilib version problems found. This often means that the root

解決辦法：

yum downgrade iptables-1.4.21-28.el7.x86_64

錯誤5：

Parameter CONFIG_NEUTRON_L2_AGENT: You have chosen OVN Neutron backend. Note that this backend does not support the VPNaaS or FWaaS services. Geneve will be used as the encapsulation method for tenant networks

解決辦法：

修改yum源配置

將mariadb的percona配置的enable改為0,重新yum clean all;yum makecache;yum update

 

 

錯誤6：

Error: Execution of '/usr/bin/yum -d 0 -e 0 -y install openstack-cinder' returned 1: Transaction check error:

You will find full trace in log /var/tmp/packstack/20200922-153644-qYYvPO/manifests/10.70.1.208_controller.pp.log

查看后台提示包沖突：

from install of python-paramiko-2.1.1-9.el7.noarch conflicts with file from package python2-paramiko-1.16.1-2.el7.noarch

解決辦法：

yum erase python2-paramiko-1.16.1-2.el7.noarch

yum install python-paramiko-2.1.1-9.el7.noarch

錯誤7：

mError: Execution of '/usr/bin/yum -d 0 -e 0 -y install python2-placement' returned 1: Error: Nothing to do^[[0m

不明白為什么要下載這個包，

http://rpm.pbone.net/index.php3

解決辦法：我是下載的1.0.0版本：python2-placement-1.0.0-1.el7.noarch.rpm

然后依次下載或者更新依賴包

錯誤8：

httpd服務啟動失敗：python[122833]: ERROR:scss.ast:Function not found: function-exists:1").

解決辦法：搜了下，基本沒有找到辦法，不過有個說注釋了這里就可以啟動

vi /usr/lib/systemd/system/httpd.service.d/openstack-dashboard.conf

 

 

錯誤9：

httpd啟動失敗：

Sep 23 16:32:45 controller-node httpd[13551]: (98)Address already in use: AH00072: make_sock: could not bind to address [::]:8778

Sep 23 16:32:45 controller-node httpd[13551]: (98)Address already in use: AH00072: make_sock: could not bind to address 0.0.0.0:8778

解決辦法：

1.先禁用ipv6，禁用的方法：https://www.jianshu.com/p/d5d4008d25bb （后來看應該和ipv6沒有關系）

2.關閉iptables（之前是關閉過，不知道什么時候又被打開了）

systemctl stop iptables.service

systemctl stop ip6tables.service

systemctl disable iptables.service

systemctl disable ip6tables.service

還是沒有解決

然后發現httpd配置下端口配置8778確實存在沖突

 

 

修改成8779（找一個沒有用到的端口）

 

 

問題最終解決

錯誤10：

內存不足：

Error: Failed to apply catalog: Cannot allocate memory - fork(2)

You will find full trace in log /var/tmp/packstack/20200924-105039-_v_Tzr/manifests/10.70.1.208_controller.pp.log

Please check log file /var/tmp/packstack/20200924-105039-_v_Tzr/openstack-setup.log for more information

虛機內存只分配了2G。。。重新分配了8G內存解決

錯誤11：

Error: Failed to apply catalog: Execution of '/usr/bin/openstack image list --quiet --format csv --long' returned 1: Internal Server Error (HTTP 500) (Request-ID: req-922d4682-17e7-4eec-b79c-abc2bdc8e6ce) (tried 26, for a total of 170 seconds)

You will find full trace in log /var/tmp/packstack/20200924-133243-SGGe7X/manifests/10.70.1.208_controller.pp.log

Please check log file /var/tmp/packstack/20200924-133243-SGGe7X/openstack-setup.log for more information

解決辦法：

執行了一次這個命令，然后--debug看好戲是keystoneauth時沒有通過，然后去glance的api.log查看發現swift有error信息

 

 

於是把swift關了重新執行

 

 

但是仍然沒有解決，然后直接執行 /usr/bin/openstack --debug image list --quiet --format csv --long報500的內部錯誤，直接根據請求號再/var/log/glance/api.log去找發現數據庫查詢時沒有數據庫表

 

 

比較奇怪的是發現數據庫都有，但是庫中沒有任何表，簡單查找了資料沒有找到，直接手動同步算了

keystone-manage db_sync

cinder-manage db sync

glance-manage db sync

nova-manage db sync

然后檢查數據庫表都有了，再次執行

錯誤12：

Error: Parameter name failed on Sshkey[ecdsa-sha2-nistp256.controller-node,localhost]: No comma in resourcename allowed. If you want to specify aliases use the host_aliases property (file: /var/tmp/packstack/3b0a36ae5fcb404fac5aad2fb87debcc/manifests/10.70.1.208_compute.pp, line: 13)

You will find full trace in log /var/tmp/packstack/20200924-151356-JXd1hM/manifests/10.70.1.208_compute.pp.log

應該是我的hosts文件配置的問題

x.x.x.x control-node,localhost

其他所有問題參考：https://openstack.redhat.com/Workarounds

錯誤13：

ERROR : Error appeared during Puppet run: 10.70.1.208_compute.pp

Error: Execution of '/usr/bin/yum -d 0 -e 0 -y install openstack-nova-migration' returned 1: Error: Package: cryptsetup-2.0.3-3.el7.x86_64 (CTyun-Yum-Base)

You will find full trace in log /var/tmp/packstack/20200924-153903-kRHZ3D/manifests/10.70.1.208_compute.pp.log

 

 

yum downgrade cryptsetup-2.0.3-3.el7.x86_64 cryptsetup-libs-2.0.3-3.el7.x86_64

最后終於完成了