准备两台虚拟机分别作为controller节点和compute节点
|
主机 |
硬件 |
IP |
虚拟机网卡 |
|
controller |
2cpu+4GB内存+60GB硬盘 |
192.168.238.30 192.168.108.30 |
NAT模式 仅主机模式 |
|
compute |
2cpu+4GB内存+50GB硬盘 |
192.168.238.31 192.168.108.31 |
NAT模式 仅主机模式 |
一,初始化环境
节点网络配置
所有节点都配置
1. 配置网络管理
2. 关闭管理网络
systemctl disable NetworkManager && systemctl stop NetworkManager
3. 关闭防火墙和selinux
systemctl stop firewalld && systemctl disable firewalld
setenforce 0
sed -i '7c SELINUX=disabled' /etc/selinux/config
getenforce ##查看selinux状态
4. 配置主机名与ip地址映射
echo '192.168.238.30 controller
192.168.238.31 compute' >> /etc/hosts
NTP服务部署(时间同步)
所有节点都配置
1. 下载chrony服务并启动
yum install chrony -y
systemctl start chronyd.service && systemctl enable chronyd.service
2. 修改配置文件
vi /etc/chrony.conf
server ntp1.aliyun.com iburst ##controller节点加这一条
server controller iburst ##compute节点加这一条
allow 192.168.238.0/24 ##两个节点都加
systemctl restart chronyd.service
systemctl status chronyd.service
3. 设置时区
timedatectl set-status Asia/Shanghai
timedatectl status
节点通用组件安装
安装openstack源和安装包
所有节点都配置
yum install centos-release-openstack-train -y
yum update -y
vi /etc/yum.repos.d/CentOS-OpenStack-train.repo ##修改yum源
baseurl=http://mirrors.163.com/centos/7.9.2009/cloud/x86_64/openstack-train/ ##修改这一行
yum clean all
yum makecache
yum install python-openstackclient -y
yum install openstack-selinux -y
yum install openstack-utils -y ##用于openstack文件的配置openstack-config
yum install net-tools -y ##用于查看网卡信息和端口安装MySQL数据库
只在控制节点配置
yum install mariadb mariadb-server python2-PyMySQL -y
cat /etc/my.cnf.d/openstack.cnf ##创建openstack.cnf文件
[mysqld]
bind-address=192.168.154.11 ##绑定mysql服务器所在的ip地址
default-storage-engine=innodb ##存储引擎
innodb_file_per_table=on ##每个表可以单独保存,如为off就要放到表空间中
max_connections=4096 ##数据库最大连接数
collation-server=utf8_general_ci
character-set-server=utf8
systemctl start mariadb.service && systemctl enable mariadb.service
mysql_secure_installation ##初始化密码设置为123安装rabbitmq消息队列
只在控制节点配置
yum install rabbitmq-server -y
systemctl enable rabbitmq-server.service && systemctl start rabbitmq-server.service
rabbitmqctl add_user openstack rb123 ##创建openstack用户密码为rb123
rabbitmqctl set_permissions openstack ".*" ".*" ".*" ##授予openstack用户配置,写入和读取权限
netstat -tnlup ##查看25672和5672端口是否开启安装memcached缓存服务
只在控制节点配置
yum install memcached python-memcached -y
vi /etc/sysconfig/memcached
OPTIONS="-1 127.0.0.1,controller"
systemctl enable memcached.service && systemctl restart memcached.service
netstat -tnlup ##查看11211端口是否开启二,keystone身份认证服务
1. 创库授权
mysql -uroot -p123
>create database keystone;
>show databases; ##验证数据库
>grant all privileges on keystone . * to 'keystone' @ 'localhost' identified by 'ks123';
>grant all privileges on keystone . * to 'keystone' @ '%' identified by 'ks123';
>flush privileges;
>show grants for keystone; ##验证授权
2. 安装和配置组件
安装软件包
yum install openstack-keystone -y
yum install httpd mod_wsgi -y
配置数据库连接
vi /etc/keystone/keystone.conf
[database]
connection=mysql+pymysql://keystone:ks123@controller/keystone
[token]
provider=fernet
初始化数据库
su -s /bin/sh -c "keystone-manage db_sync" keystone
mysql -ukeystone -pks123 -e "use keystone; show tables" ##验证查看keystone数据库是否有表
初始化fetnet key
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
引导身份认证
keystone-manage bootstrap --bootstrap-password admin123 \
> --bootstrap-admin-url http://controller:5000/v3/ \
> --bootstrap-internal-url http://controller:5000/v3/ \
> --bootstrap-public-url http://controller:5000/v3/ \
> --bootstrap-region-id RegionOne
3. 配置Apache HTTP服务
修改服务器名
vi /etc/httpd/conf/httpd.conf
cat /etc/httpd/conf/httpd.conf | grep controller
ServerName controller
创建配置连接
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
ls /etc/httpd/conf.d
systemctl restart httpd
systemctl enable httpd
systemctl status httpd
配置管理员环境变量
cat admin-openrc
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=admin123
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
chmod +x admin-openrc
source admin-openrc
openstack token issue
openstack project list
4. 创建域、项目、用户和角色
创建service项目
openstack project create --domain default --description "Service Project" service
openstack project list
创建myproject项目
openstack project create --domain default --description "Demo Project" myproject
创建myuser账户
openstack user create --domain default --password-prompt myuser
创建myrole角色
openstack role create myrole
openstack role add --project myproject --user myuser myrole
openstack role list
openstack role assignment list
创建客户端环境脚本
vi myuser-openrc
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=myproject
export OS_USERNAME=myuser
export OS_PASSWO
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
chmod +x myuser-openrcRD=myz123
./myuser-openrc
三,glance镜像服务
1.创库授权