openstack 订阅
OpenStack是一个开源的云计算管理平台项目,是一系列软件开源项目的组合。由NASA(美国国家航空航天局)和Rackspace合作研发并发起,以Apache许可证(Apache软件基金会发布的一个自由软件许可证)授权的开源代码项目。 [1]  OpenStack为私有云和公有云提供可扩展的弹性的云计算服务。项目目标是提供实施简单、可大规模扩展、丰富、标准统一的云计算管理平台。 [1] 展开全文
OpenStack是一个开源的云计算管理平台项目,是一系列软件开源项目的组合。由NASA(美国国家航空航天局)和Rackspace合作研发并发起,以Apache许可证(Apache软件基金会发布的一个自由软件许可证)授权的开源代码项目。 [1]  OpenStack为私有云和公有云提供可扩展的弹性的云计算服务。项目目标是提供实施简单、可大规模扩展、丰富、标准统一的云计算管理平台。 [1]
信息
编程语言
Python
遵循标准
Open 、AMQP、SQLAlchemy
开发者
NASA,Rackspace
中文名
OpenStack云计算管理平台
外文名
OpenStack
OpenStack简介
Openstack是一个云平台管理的项目,它不是一个软件。这个项目由几个主要的组件组合起来完成一些具体的工作。Openstack是一个旨在为公共及私有云的建设与管理提供软件的开源项目。它的社区拥有超过130家企业及1350位开发者,这些机构与个人将 Openstack作为基础设施即服务资源的通用前端。Openstack项目的首要任务是简化云的部署过程并为其带来良好的可扩展性。本文希望通过提供必要的指导信息,帮助大家利用 Openstack前端来设置及管理自己的公共云或私有云。 [2]  Openstack是由 Rackspace和NASA共同开发的云计算平台,帮助服务商和企业内部实现类似于 Amazon ec2和S3的云基础架构服务( Infrastructure as a Service)。 Openstack包括两个主要模块:Nova和 Swift。前者是NASA开发的虚拟服务器部署和业务计算模块;后是 Backpack开发的分布式云存储模块,两者可以一起用,也可以分开单独用。 Openstack是开源项目,除了有 Rackspace和NASA的大力支持外,后面还有包括Dell、 Citrix、 Cisco Canonical这些重量级公司的贡献和支持,发展速度非常快,有取代另一个业界领先开源云台 Eucalyptus的态势。 [2] 
收起全文
精华内容
下载资源
问答
  • OPENSTACK

    2021-02-07 18:45:17
    openstack train 手动安装

    本次部署是基于openstack train+ceph,前前后后,各种重复实验大概一个月时间,预见各种坑。部署思路基于两台服务器,首先部署controller节点,在通过新增计算节点方式进行。
    vware准备两台cenots7,不在累述前期安装过程,基础参数如下:

    网络环境:
    	gateway:192.168.200.2
    	gateway:192.168.100.2
    	controller:
    		ens33:192.168.200.200	管理网络
    		ens34:192.168.100.100	外部网络
    	compute:
    		ens33:192.168.200.201	管理网络
    		ens34:192.168.100.101	外部网络
    
    磁盘环境:
    	controller+compute:
    		均为/dev/sda4
    
    默认密码:
    	所有密码均为:000000
    

    基础环境

    • 基本工具
    yum install -y expect lrzsz tree vim wget bash-completion bash-completion-extras
    
    • ip转发
    echo 'net.ipv4.ip_forward=1 ' >>/etc/sysctl.conf 
    echo 'net.ipv4.tcp_tw_recycle=1 ' >>/etc/sysctl.conf
    echo 'net.ipv4.tcp_tw_reuse=1 ' >>/etc/sysctl.conf 
    sysctl -p
    
    • 域名配置
    hostnamectl set-hostname controller
    hostnamectl set-hostname compute
    
    • hosts配置
    sed -i "$ a 192.168.200.200 controller" /etc/hosts
    sed -i "$ a 192.168.200.201 compute" /etc/hosts
    
    • dns配置
    sed -i "$ a nameserver 192.168.100.2" /etc/resolv.conf
    sed -i "$ a nameserver 114.114.114.114" /etc/resolv.conf
    
    • 关闭防火墙、selinux、NetworkManager
    systemctl disable NetworkManager Firewalld
    systemctl stop NetworkManager Firewalld
    
    sed -i '/^SELINUX/s/enforcing/disabled/' /etc/selinux/config
    
    • 时间同步
    /etc/chrony.conf
    controller:
    	server ntp.aliyun.com iburst
    	allow 192.168.200.0/24
    	local stratum 10
    compute:
    	server controller iburst
    
    • 密钥分发
    ssh-keygen
    ssh-copy-id root@controller
    ssh-copy-id root@compute
    
    • yum源
    sed -i 's#keepcache=0#keepcache=1#g' /etc/yum.conf
    wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
    curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
    

    controller节点

    ceph安装

    • yum源
    [Ceph]
    name=Ceph packages for $basearch
    baseurl=http://mirrors.aliyun.com/ceph/rpm-nautilus/el7/$basearch
    enabled=1
    gpgcheck=0
    type=rpm-md
    gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc
    priority=1
    [Ceph-noarch]
    name=Ceph noarch packages
    baseurl=http://mirrors.aliyun.com/ceph/rpm-nautilus/el7/noarch
    enabled=1
    gpgcheck=0
    type=rpm-md
    gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc
    priority=1
    [ceph-source]
    name=Ceph source packages
    baseurl=http://mirrors.aliyun.com/ceph/rpm-nautilus/el7/SRPMS
    enabled=1
    gpgcheck=0
    type=rpm-md
    gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc
    priority=1
    
    • 开始安装
    yum install -y ceph-deploy python-setuptools
    mkdir ./cluster && cd ./cluster
    yum install -y ceph		#等于ceph-deploy install controller
    ceph-deploy new controller
    ceph-deploy mon create-initial
    ceph-deploy admin controller
    ceph-deploy mgr create controller
    ceph-deploy osd create --data /dev/sda4 controller
    

    基本软件

    • train源
    yum install centos-release-openstack-train -y
    yum install openstack-utils -y
    yum install python-openstackclient -y
    
    • mysql安装
    yum install mariadb mariadb-server python2-PyMySQL -y
    cat > /etc/my.cnf.d/openstack.cnf <<- EOF
    [mysqld]
    bind-address = 192.168.200.200
    default-storage-engine = innodb
    innodb_file_per_table = on
    max_connections = 4096
    collation-server = utf8_general_ci
    character-set-server = utf8
    EOF
    
    systemctl enable mariadb.service
    systemctl start mariadb.service
    
    expect <<-EOF &> /etc/null
    spawn mysql_secure_installation
    expect "*none*" { send "\n"; }
    expect "*Y/n*" { send "n\n"; }
    expect "*Y/n*" { send "y\n"; }
    expect "*Y/n*" { send "y\n"; }
    expect "*Y/n*" { send "y\n"; }
    expect "*Y/n*" { send "y\n"; }
    expect eof
    EOF
    
    • rabbitmq安装
    yum install rabbitmq-server -y
    
    systemctl enable rabbitmq-server.service
    systemctl start rabbitmq-server.service
    
    rabbitmqctl add_user openstack 000000
    rabbitmqctl set_permissions openstack ".*" ".*" ".*"
    
    • memcached安装
    yum install memcached python-memcached -y
    
    sed -i '/OPTIONS/c\OPTIONS="-l 192.168.200.200"' /etc/sysconfig/memcached
    
    systemctl enable memcached.service
    systemctl start memcached.service
    
    • etcd安装
    yum install etcd -y
    
    cp /etc/etcd/etcd.conf{,.bak}
    cat > /etc/etcd/etcd.conf <<- EOF
    #[Member]
    ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
    ETCD_LISTEN_PEER_URLS="http://192.168.200.200:2380"
    ETCD_LISTEN_CLIENT_URLS="http://192.168.200.200:2379"
    ETCD_NAME="controller"
    #[Clustering]
    ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.200.200:2380"
    ETCD_ADVERTISE_CLIENT_URLS="http://192.168.200.200:2379"
    ETCD_INITIAL_CLUSTER="controller=http://192.168.200.200:2380"
    ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"
    ETCD_INITIAL_CLUSTER_STATE="new"
    EOF
    
    systemctl enable etcd
    systemctl start etcd
    

    keystone

    yum install openstack-keystone httpd mod_wsgi -y
    
    mysql -uroot -e "CREATE DATABASE keystone;GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '000000';"
    
    cp -a /etc/keystone/keystone.conf{,.bak}
    grep -Ev "^$|#" /etc/keystone/keystone.conf.bak > /etc/keystone/keystone.conf
    openstack-config --set /etc/keystone/keystone.conf database connection  mysql+pymysql://keystone:$KEYSTONE_DBPASS@$IPADDR/keystone
    openstack-config --set /etc/keystone/keystone.conf token provider fernet
    
    su -s /bin/sh -c "keystone-manage db_sync" keystone
    
    keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
    keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
    keystone-manage bootstrap --bootstrap-password 000000 \
        --bootstrap-admin-url http://192.168.200.200:5000/v3/ \
        --bootstrap-internal-url http://192.168.200.200:5000/v3/ \
        --bootstrap-public-url http://192.168.200.200:5000/v3/ \
        --bootstrap-region-id RegionOne
    
    cp /etc/httpd/conf/httpd.conf{,.bak}
    sed -i "s/#ServerName www.example.com:80/ServerName controller/" /etc/httpd/conf/httpd.conf
    ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
    
    systemctl enable httpd.service
    systemctl start httpd.service
    
    sed -i "$ a export OS_USERNAME=admin" /root/.bashrc
    sed -i "$ a export OS_PASSWORD=000000" /root/.bashrc
    sed -i "$ a export OS_PROJECT_NAME=admin" /root/.bashrc
    sed -i "$ a export OS_USER_DOMAIN_NAME=Default" /root/.bashrc
    sed -i "$ a export OS_PROJECT_DOMAIN_NAME=Default" /root/.bashrc
    sed -i "$ a export OS_AUTH_URL=http://192.168.200.200:5000/v3" /root/.bashrc
    sed -i "$ a export OS_IDENTITY_API_VERSION=3" /root/.bashrc
    source ~/.bashrc 
    
    openstack project create --domain default --description "Service Project" service
    

    glance

    yum install openstack-glance -y
    
    mysql -uroot -e "CREATE DATABASE glance;GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '000000';"
    
    openstack user create --domain default --password 000000 glance &> /etc/null
    openstack role add --project service --user glance admin &> /etc/null
    
    openstack service create --name glance --description "OpenStack Image" image
    
    openstack endpoint create --region RegionOne image public http://192.168.200.200:9292
    openstack endpoint create --region RegionOne image internal http://192.168.200.200:9292
    openstack endpoint create --region RegionOne image admin http://192.168.200.200:9292
    
    cp -a /etc/glance/glance-api.conf{,.bak}
    cp -a /etc/glance/glance-registry.conf{,.bak}
    grep -Ev '^$|#' /etc/glance/glance-api.conf.bak > /etc/glance/glance-api.conf
    grep -Ev '^$|#' /etc/glance/glance-registry.conf.bak > /etc/glance/glance-registry.conf
    openstack-config --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:000000@192.168.200.200/glance
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://192.168.200.200:5000
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_type password
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name services
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username glance
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password 000000
    openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
    
    ceph osd pool create images 64 64
    ceph osd pool application enable images rbd
    ceph osd pool set images size 1
    ceph auth get-or-create client.glance mon 'allow r' osd "images" -o /etc/ceph/ceph.client.glance.keyring
    chgrp glance /etc/ceph/ceph.client.glance.keyring
    sed -i "$ a client.glance" /etc/ceph/ceph.conf
    sed -i "$ a keyring = /etc/ceph/ceph.client.glance.keyring" /etc/ceph/ceph.conf
    
    openstack-config --set /etc/glance/glance-api.conf glance_store stores rbd
    openstack-config --set /etc/glance/glance-api.conf glance_store default_store rbd
    openstack-config --set /etc/glance/glance-api.conf glance_store rbd_store_pool images
    openstack-config --set /etc/glance/glance-api.conf glance_store rbd_store_user glance
    openstack-config --set /etc/glance/glance-api.conf glance_store rbd_store_ceph_conf /etc/ceph/ceph.conf
    
    su -s /bin/sh -c "glance-manage db_sync" glance
    
    systemctl enable openstack-glance-api.service
    systemctl start openstack-glance-api.service
    

    placement

    yum install openstack-placement-api -y
    
    mysql -uroot -e "CREATE DATABASE placement;GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' IDENTIFIED BY '000000';"
    
    openstack user create --domain default --password 000000 placement &> /etc/null
    openstack role add --project service --user placement admin &> /etc/null
    
    openstack service create --name placement --description "Placement API" placement
    
    openstack endpoint create --region RegionOne placement public http://192.168.200.200:8778
    openstack endpoint create --region RegionOne placement internal http://192.168.200.200:8778
    openstack endpoint create --region RegionOne placement admin http://192.168.200.200:8778
    
    cp -a /etc/glance/glance-api.conf{,.bak}
    cp -a /etc/glance/glance-registry.conf{,.bak}
    grep -Ev '^$|#' /etc/glance/glance-api.conf.bak > /etc/glance/glance-api.conf
    grep -Ev '^$|#' /etc/glance/glance-registry.conf.bak > /etc/glance/glance-registry.conf
    openstack-config --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:000000@192.168.200.200/glance
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://192.168.200.200:5000
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_type password
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name services
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username glance
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password 000000
    openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
    
    ceph osd pool create images 64 64
    ceph osd pool application enable images rbd
    ceph osd pool set images size 1
    ceph auth get-or-create client.glance mon 'allow r' osd "allow rwx pool=images" -o /etc/ceph/ceph.client.glance.keyring
    chgrp glance /etc/ceph/ceph.client.glance.keyring
    sed -i "$ a client.glance" /etc/ceph/ceph.conf
    sed -i "$ a keyring = /etc/ceph/ceph.client.glance.keyring" /etc/ceph/ceph.conf
    
    openstack-config --set /etc/glance/glance-api.conf glance_store stores rbd
    openstack-config --set /etc/glance/glance-api.conf glance_store default_store rbd
    openstack-config --set /etc/glance/glance-api.conf glance_store rbd_store_pool images
    openstack-config --set /etc/glance/glance-api.conf glance_store rbd_store_user glance
    openstack-config --set /etc/glance/glance-api.conf glance_store rbd_store_ceph_conf /etc/ceph/ceph.conf
    
    su -s /bin/sh -c "glance-manage db_sync" glance
    
    systemctl enable openstack-glance-api.service
    systemctl start openstack-glance-api.service
    

    nova-controller

    yum install openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler -y
    
    mysql -uroot -e "CREATE DATABASE nova_api;GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY '000000';"
    mysql -uroot -e "CREATE DATABASE nova;GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '000000';"
    mysql -uroot -e "CREATE DATABASE nova_cell0;GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY '000000';"
    
    openstack user create --domain default --password 000000 nova
    openstack role add --project service --user nova admin
    
    openstack service create --name nova --description "OpenStack Compute" compute
    
    openstack endpoint create --region RegionOne compute public http://192.168.200.200:8774/v2.1
    openstack endpoint create --region RegionOne compute internal http://192.168.200.200:8774/v2.1
    openstack endpoint create --region RegionOne compute admin http://192.168.200.200:8774/v2.1
    
    cp -a /etc/nova/nova.conf{,.bak}
    grep -Ev '^$|#' /etc/nova/nova.conf.bak > /etc/nova/nova.conf
    
    openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
    openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 192.168.200.200
    openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron true
    openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
    openstack-config --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/
    openstack-config --set /etc/nova/nova.conf api_database connection mysql+pymysql://nova:000000@192.168.200.200/nova_api
    openstack-config --set /etc/nova/nova.conf database connection mysql+pymysql://nova:000000@192.168.200.200/nova
    openstack-config --set /etc/nova/nova.conf placement_database connection mysql+pymysql://placement:000000@192.168.200.200/placement
    openstack-config --set /etc/nova/nova.conf api auth_strategy keystone
    \openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://192.168.200.200:5000/
    openstack-config --set /etc/nova/nova.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/
    openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type  password
    openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name services
    openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
    openstack-config --set /etc/nova/nova.conf keystone_authtoken password 000000
    openstack-config --set /etc/nova/nova.conf vnc enabled true
    openstack-config --set /etc/nova/nova.conf vnc server_listen 0.0.0.0
    openstack-config --set /etc/nova/nova.conf vnc server_proxyclient_address '$my_ip'
    openstack-config --set /etc/nova/nova.conf glance api_servers http://192.168.200.200:9292/
    openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
    openstack-config --set /etc/nova/nova.conf placement region_name  RegionOne
    openstack-config --set /etc/nova/nova.conf placement project_domain_name Default
    openstack-config --set /etc/nova/nova.conf placement project_name services
    openstack-config --set /etc/nova/nova.conf placement auth_type password
    openstack-config --set /etc/nova/nova.conf placement user_domain_name Default
    openstack-config --set /etc/nova/nova.conf placement auth_url http://192.168.200.200:5000/
    openstack-config --set /etc/nova/nova.conf placement username placement
    openstack-config --set /etc/nova/nova.conf placement password 000000
    openstack-config --set /etc/nova/nova.conf scheduler discover_hosts_in_cells_interval 300
    
    su -s /bin/sh -c "nova-manage api_db sync" nova
    su -s /bin/sh -c "nova-manage cell_v2 map_cell0"
    su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
    su -s /bin/sh -c "nova-manage db sync"
    
    systemctl enable openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
    systemctl start openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
    

    nova_compute

    yum install openstack-nova-compute -y
    
    openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
    openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 192.168.200.200
    openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron true
    openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
    openstack-config --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/
    openstack-config --set /etc/nova/nova.conf DEFAULT allow_resize_to_same_host True
    openstack-config --set /etc/nova/nova.conf DEFAULT force_raw_images True
    openstack-config --set /etc/nova/nova.conf DEFAULT volume_api_class nova.volume.cinder.API
    openstack-config --set /etc/nova/nova.conf api auth_strategy keystone
    openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://192.168.200.200:5000/
    openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password
    openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name services
    openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
    openstack-config --set /etc/nova/nova.conf keystone_authtoken password 000000
    openstack-config --set /etc/nova/nova.conf vnc enabled true
    openstack-config --set /etc/nova/nova.conf vnc server_listen 0.0.0.0
    openstack-config --set /etc/nova/nova.conf vnc server_proxyclient_address '$my_ip'
    openstack-config --set  /etc/nova/nova.conf vnc novncproxy_base_url http://192.168.200.200:6080/vnc_auto.html
    openstack-config --set /etc/nova/nova.conf glance api_servers  http://192.168.200.200:9292/
    openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
    openstack-config --set /etc/nova/nova.conf placement region_name  RegionOne
    openstack-config --set /etc/nova/nova.conf placement project_domain_name Default
    openstack-config --set /etc/nova/nova.conf placement project_name services
    openstack-config --set /etc/nova/nova.conf placement auth_type password
    openstack-config --set /etc/nova/nova.conf placement user_domain_name Default
    openstack-config --set /etc/nova/nova.conf placement auth_url http://192.168.200.200:5000/
    openstack-config --set /etc/nova/nova.conf placement username placement
    openstack-config --set /etc/nova/nova.conf placement password 000000
    openstack-config --set  /etc/nova/nova.conf libvirt virt_type kvm
    openstack-config --set  /etc/nova/nova.conf libvirt live_migration_scheme ssh
    openstack-config --set  /etc/nova/nova.conf libvirt live_migration_inbound_addr 192.168.200.200
    
    ceph osd pool create vms 64 64
    ceph osd pool application enable vms rbd
    ceph osd pool set vms size 1
    ceph auth get-or-create client.nova mon 'allow r' osd "allow rwx pool=volumes, allow rwx pool=vms, allow rwx pool=images" -o /etc/ceph/ceph.client.nova.keyring
    chgrp glance /etc/ceph/ceph.client.nova.keyring
    sed -i "$ a client.nova" /etc/ceph/ceph.conf
    sed -i "$ a keyring = /etc/ceph/ceph.client.nova.keyring" /etc/ceph/ceph.conf
    
    cat >> /etc/ceph/secret-client.nova.xml <<EOF
    <secret ephemeral='no' private='no'>
    <uuid>$(cat /etc/ceph/uuid-client.nova)</uuid>
    <usage type='ceph'>
    <name>client.nova secret</name>
    </usage>
    </secret>
    EOF
    virsh secret-define --file /etc/ceph/secret-client.nova.xml
    ceph auth get-key client.nova -o /etc/ceph/client.nova.key
    virsh secret-set-value --secret $(cat /etc/ceph/uuid-client.nova) --base64 $(cat /etc/ceph/client.nova.key)
    
    openstack-config --set /etc/nova/nova.conf DEFAULT force_raw_images True
    openstack-config --set /etc/nova/nova.conf libvirt disk_cachemodes "\"network=writeback\""
    openstack-config --set /etc/nova/nova.conf libvirt images_type rbd
    openstack-config --set /etc/nova/nova.conf libvirt images_rbd_pool vms
    openstack-config --set /etc/nova/nova.conf libvirt images_rbd_ceph_conf /etc/ceph/ceph.conf
    openstack-config --set /etc/nova/nova.conf libvirt rbd_user nova
    openstack-config --set /etc/nova/nova.conf libvirt rbd_secret_uuid $(cat /etc/ceph/uuid-client.nova)
    
    systemctl enable libvirtd.service openstack-nova-compute.service
    systemctl start libvirtd.service openstack-nova-compute.service
    

    neutron_controller

    yum install openstack-neutron openstack-neutron-ml2 ebtables -y
    
    mysql -uroot -e "CREATE DATABASE neutron;GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '000000';"
    
    openstack user create --domain default --password 000000 neutron
    openstack role add --project service --user neutron admin
    
    openstack service create --name neutron --description "OpenStack Networking" network
    
    openstack endpoint create --region RegionOne network public http://192.168.200.200:9696
    openstack endpoint create --region RegionOne network internal http://192.168.200.200:9696
    openstack endpoint create --region RegionOne network admin http://192.168.200.200:9696
    
    cp -a /etc/neutron/neutron.conf{,.bak}
    grep -Ev '^$|#' /etc/neutron/neutron.conf.bak > /etc/neutron/neutron.conf
    openstack-config --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:000000@192.168.200.200/neutron
    openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
    openstack-config --set  /etc/neutron/neutron.conf DEFAULT auth_strategy  keystone
    openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins router 
    openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/
    openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes true 
    openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes true 
    openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips true
    openstack-config --set /etc/neutron/neutron.conf DEFAULT my_ip 192.168.200.200
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://192.168.200.200:5000/
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type  password
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name services
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password 000000
    openstack-config --set /etc/neutron/neutron.conf vnc enabled true
    openstack-config --set /etc/neutron/neutron.conf vnc server_listen 0.0.0.0
    openstack-config --set /etc/neutron/neutron.conf vnc server_proxyclient_address '$my_ip'
    openstack-config --set /etc/neutron/neutron.conf nova auth_url http://192.168.200.200:5000/
    openstack-config --set /etc/neutron/neutron.conf nova auth_type password
    openstack-config --set /etc/neutron/neutron.conf nova project_domain_name Default
    openstack-config --set /etc/neutron/neutron.conf nova user_domain_name Default
    openstack-config --set /etc/neutron/neutron.conf nova region_name RegionOne
    openstack-config --set /etc/neutron/neutron.conf nova project_name services
    openstack-config --set /etc/neutron/neutron.conf nova username neutron
    openstack-config --set /etc/neutron/neutron.conf nova password 000000
    openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
    
    openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vxlan
    openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types flat,vxlan
    openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers openvswitch,l2population 
    openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security
    openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks extnet
    openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan vni_ranges 1:1000
    openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset true
    
    openstack-config --set /etc/nova/nova.conf neutron url http://192.168.200.200:9696
    openstack-config --set /etc/nova/nova.conf neutron auth_url http://192.168.200.200:5000/v3/
    openstack-config --set /etc/nova/nova.conf neutron memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/nova/nova.conf neutron auth_type v3password
    openstack-config --set /etc/nova/nova.conf neutron project_domain_name Default
    openstack-config --set /etc/nova/nova.conf neutron user_domain_name Default
    openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne 
    openstack-config --set /etc/nova/nova.conf neutron project_name services
    openstack-config --set /etc/nova/nova.conf neutron username neutron
    openstack-config --set /etc/nova/nova.conf neutron password 000000
    openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy true 
    openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret 000000
    
    ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
    
    su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
    
    systemctl enable neutron-server.service
    systemctl start neutron-server.service
    

    neutron_network

    yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch ebtables -y
    
    openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone 
    openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://192.168.200.200:5000/v3/
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/v3/
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type  password
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name services
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password 000000
    openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp 
    
    openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
    openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata true
    openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver openvswitch 
    openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT force_metadata true
    
    openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_host 192.168.200.200 
    openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret 000000
    
    openstack-config --set /etc/neutron/l3_agent.ini DEFAULT interface_driver openvswitch
    
    systemctl enable neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
    systemctl start neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
    

    neutron_compute

    yum install neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service -y
    
    openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone 
    openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/
    openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_resize_to_same_host True
    openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_migrate_to_same_hostTrue
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://192.168.200.200:5000/
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type  password
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name services
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password 000000
    openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp 
    
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini linux_openvswitch physical_interface_mappings extnet:ens33
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini agent tunnel_types vxlan 
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini agent l2_population true
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini ovs bridge_mappings extnet:br-ex
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini ovs local_ip 192.168.200.200
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini securitygroup enable_security_group true 
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini securitygroup firewall_driver iptables_hybrid
    
    openstack-config --set /etc/nova/nova.conf neutron auth_url http://192.168.200.200:5000/v3/
    openstack-config --set /etc/nova/nova.conf neutron auth_type v3password
    openstack-config --set /etc/nova/nova.conf neutron project_domain_name Default
    openstack-config --set /etc/nova/nova.conf neutron user_domain_name Default
    openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne 
    openstack-config --set /etc/nova/nova.conf neutron project_name services
    openstack-config --set /etc/nova/nova.conf neutron username neutron
    openstack-config --set /etc/nova/nova.conf neutron password 000000
    
    systemctl enable neutron-openvswitch-agent.service
    systemctl start neutron-openvswitch-agent.service
    
    ovs-vsctl add-br br-ex
    ovs-vsctl add-port br-ex ens33
    echo "TYPE=Ethernet" >> /etc/sysconfig/network-scripts/ifcfg-ens33
    echo "BOOTPROTO=none" >> /etc/sysconfig/network-scripts/ifcfg-ens33
    echo "NAME=ens33" >> /etc/sysconfig/network-scripts/ifcfg-ens33
    echo "DEVICE=ens33" >> /etc/sysconfig/network-scripts/ifcfg-ens33
    echo "ONBOOT=yes" >> /etc/sysconfig/network-scripts/ifcfg-ens33
    
    rm -f /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "TYPE=Ethernet" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "BOOTPROTO=none" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "NAME=br-ex" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "DEVICE=br-ex" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "IPADDR=192.168.100.100" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "PREFIX=24" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "GATEWAY=192.168.100.2" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "DEFROUTE=yes" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "ONBOOT=yes" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    service network restart
    

    horizon

    yum install openstack-dashboard -y
    
    rm -f /etc/openstack-dashboard/local_settings
    
    openssl rand -hex 10
    52141c41dc456eadb871
    
    echo >> /etc/openstack-dashboard/local_settings <<- EOF
    # -*- coding: utf-8 -*-
    
    import os
    from django.utils.translation import ugettext_lazy as _
    from openstack_dashboard.settings import HORIZON_CONFIG
    DEBUG = False
    ALLOWED_HOSTS = ['*']
    LOCAL_PATH = '/tmp'
    SECRET_KEY='52141c41dc456eadb871'
    SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
    CACHES = {
        'default': {
             'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
             'LOCATION': 'controller:11211',
        }
    }
    EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
    OPENSTACK_HOST = "controller"
    OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
    OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
    OPENSTACK_API_VERSIONS = {
        "identity": 3,
        "image": 2,
        "volume": 3,
    }
    OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"
    OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"
    OPENSTACK_NEUTRON_NETWORK = {
        'enable_auto_allocated_network': False,
        'enable_distributed_router': False,
        'enable_fip_topology_check': False,
        'enable_ha_router': False,
        'enable_lb': False,
        'enable_firewall': False,
        'enable_vpn': False,
        'enable_ipv6': False,
        'enable_quotas': False,
        'enable_rbac_policy': False,
        'enable_router': True,
        'default_dns_nameservers': [],
        'supported_provider_types': ['*'],
        'segmentation_id_range': {},
        'extra_provider_types': {},
        'supported_vnic_types': ['*'],
        'physical_networks': [],
    }
    TIME_ZONE = "Asia/Shanghai"
    LOGGING = {
        'version': 1,
        'disable_existing_loggers': False,
        'formatters': {
            'console': {
                'format': '%(levelname)s %(name)s %(message)s'
            },
            'operation': {
                'format': '%(message)s'
            },
        },
        'handlers': {
            'null': {
                'level': 'DEBUG',
                'class': 'logging.NullHandler',
            },
            'console': {
                'level': 'DEBUG' if DEBUG else 'INFO',
                'class': 'logging.StreamHandler',
                'formatter': 'console',
            },
            'operation': {
                'level': 'INFO',
                'class': 'logging.StreamHandler',
                'formatter': 'operation',
            },
        },
        'loggers': {
            'horizon': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'horizon.operation_log': {
                'handlers': ['operation'],
                'level': 'INFO',
                'propagate': False,
            },
            'openstack_dashboard': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'novaclient': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'cinderclient': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'keystoneauth': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'keystoneclient': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'glanceclient': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'neutronclient': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'swiftclient': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'oslo_policy': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'openstack_auth': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'django': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'django.db.backends': {
                'handlers': ['null'],
                'propagate': False,
            },
            'requests': {
                'handlers': ['null'],
                'propagate': False,
            },
            'urllib3': {
                'handlers': ['null'],
                'propagate': False,
            },
            'chardet.charsetprober': {
                'handlers': ['null'],
                'propagate': False,
            },
            'iso8601': {
                'handlers': ['null'],
                'propagate': False,
            },
            'scss': {
                'handlers': ['null'],
                'propagate': False,
            },
        },
    }
    SECURITY_GROUP_RULES = {
        'all_tcp': {
            'name': _('All TCP'),
            'ip_protocol': 'tcp',
            'from_port': '1',
            'to_port': '65535',
        },
        'all_udp': {
            'name': _('All UDP'),
            'ip_protocol': 'udp',
            'from_port': '1',
            'to_port': '65535',
        },
        'all_icmp': {
            'name': _('All ICMP'),
            'ip_protocol': 'icmp',
            'from_port': '-1',
            'to_port': '-1',
        },
        'ssh': {
            'name': 'SSH',
            'ip_protocol': 'tcp',
            'from_port': '22',
            'to_port': '22',
        },
        'smtp': {
            'name': 'SMTP',
            'ip_protocol': 'tcp',
            'from_port': '25',
            'to_port': '25',
        },
        'dns': {
            'name': 'DNS',
            'ip_protocol': 'tcp',
            'from_port': '53',
            'to_port': '53',
        },
        'http': {
            'name': 'HTTP',
            'ip_protocol': 'tcp',
            'from_port': '80',
            'to_port': '80',
        },
        'pop3': {
            'name': 'POP3',
            'ip_protocol': 'tcp',
            'from_port': '110',
            'to_port': '110',
        },
        'imap': {
            'name': 'IMAP',
            'ip_protocol': 'tcp',
            'from_port': '143',
            'to_port': '143',
        },
        'ldap': {
            'name': 'LDAP',
            'ip_protocol': 'tcp',
            'from_port': '389',
            'to_port': '389',
        },
        'https': {
            'name': 'HTTPS',
            'ip_protocol': 'tcp',
            'from_port': '443',
            'to_port': '443',
        },
        'smtps': {
            'name': 'SMTPS',
            'ip_protocol': 'tcp',
            'from_port': '465',
            'to_port': '465',
        },
        'imaps': {
            'name': 'IMAPS',
            'ip_protocol': 'tcp',
            'from_port': '993',
            'to_port': '993',
        },
        'pop3s': {
            'name': 'POP3S',
            'ip_protocol': 'tcp',
            'from_port': '995',
            'to_port': '995',
        },
        'ms_sql': {
            'name': 'MS SQL',
            'ip_protocol': 'tcp',
            'from_port': '1433',
            'to_port': '1433',
        },
        'mysql': {
            'name': 'MYSQL',
            'ip_protocol': 'tcp',
            'from_port': '3306',
            'to_port': '3306',
        },
        'rdp': {
            'name': 'RDP',
            'ip_protocol': 'tcp',
            'from_port': '3389',
            'to_port': '3389',
        },
    }
    EOF
    
    python /usr/share/openstack-dashboard/manage.py make_web_conf --apache > /etc/httpd/conf.d/openstack-dashboard.conf
    
    ln -s /etc/openstack-dashboard /usr/share/openstack-dashboard/openstack_dashboard/conf
    
    chown -R apache:apache /usr/share/openstack-dashboard/
    
    systemctl restart httpd.service memcached.service
    

    cinder_controller

    yum install openstack-cinder -y
    
    mysql -uroot -e "CREATE DATABASE cinder;GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY '000000';"
    
    openstack user create --domain default --password 000000 cinder
    openstack role add --project service --user cinder admin
    
    openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2
    openstack service create --name cinderv3 --description "OpenStack Block Storage" volumev3
    
    openstack endpoint create --region RegionOne volumev2 public http://192.168.200.200:8776/v2/%\(project_id\)s
    openstack endpoint create --region RegionOne volumev2 internal http://192.168.200.200:8776/v2/%\(project_id\)s
    openstack endpoint create --region RegionOne volumev2 admin http://192.168.200.200:8776/v2/%\(project_id\)s
    openstack endpoint create --region RegionOne volumev3 public http://192.168.200.200:8776/v3/%\(project_id\)s
    openstack endpoint create --region RegionOne volumev3 internal http://192.168.200.200:8776/v3/%\(project_id\)s
    openstack endpoint create --region RegionOne volumev3 admin http://192.168.200.200:8776/v3/%\(project_id\)s
    
    cp -a /etc/cinder/cinder.conf{,.bak}
    grep -Ev '^$|#' /etc/cinder/cinder.conf.bak > /etc/cinder/cinder.conf
    openstack-config --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:000000@192.168.200.200/cinder
    openstack-config --set /etc/cinder/cinder.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/
    openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
    openstack-config --set /etc/cinder/cinder.conf DEFAULT storage_availability_zone nova
    openstack-config --set /etc/cinder/cinder.conf DEFAULT default_availability_zone nova
    openstack-config --set /etc/cinder/cinder.conf DEFAULT enable_v3_api True
    openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip 192.168.200.200
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/v3/
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://192.168.200.200:5000/v3/
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_type password
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name services
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password 000000
    openstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp
    
    openstack-config --set /etc/nova/nova.conf cinder os_region_name RegionOne
    
    su -s /bin/sh -c "cinder-manage db sync" cinder
    
    systemctl enable openstack-nova-api.service openstack-cinder-api.service openstack-cinder-scheduler.service
    systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service
    

    cinder_storage

    openstack-config --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:000000@192.168.200.200/cinder
    openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
    openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip 192.168.200.200
    openstack-config --set /etc/cinder/cinder.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/v3/
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://192.168.200.200:5000/v3/
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_type password
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name services
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password 000000
    openstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp
    
    ceph osd pool create cinder 64 64
    ceph osd pool application enable cinder rbd
    ceph osd pool set cinder size 1
    ceph auth get-or-create client.nova mon 'allow r' osd "volumes" "client.cinder" "allow rwx pool=images, allow rwx pool=volumes" -o /etc/ceph/ceph.client.cinder.keyring
    chgrp glance /etc/ceph/ceph.client.cinder.keyring
    sed -i "$ a client.cinder" /etc/ceph/cinder.conf
    sed -i "$ a keyring = /etc/ceph/ceph.client.cinder.keyring" /etc/ceph/ceph.conf
    
    cat >> /etc/ceph/secret-client.cinder.xml <<EOF
    <secret ephemeral='no' private='no'>
    <uuid>$(cat /etc/ceph/uuid-client.cinder)</uuid>
    <usage type='ceph'>
    <name>client.cinder secret</name>
    </usage>
    </secret>
    EOF
    virsh secret-define --file /etc/ceph/secret-client.cinder.xml
    ceph auth get-key client.cinder -o /etc/ceph/client.cinder.key
    virsh secret-set-value --secret $(cat /etc/ceph/uuid-client.cinder) --base64 $(cat /etc/ceph/client.cinder.key)
    
    openstack-config --set /etc/cinder/cinder.conf DEFAULT enabled_backends ceph
    openstack-config --set /etc/cinder/cinder.conf DEFAULT default_volume_type ceph
    openstack-config --set /etc/cinder/cinder.conf DEFAULT glance_api_servers http://192.168.200.200:9292
    openstack-config --set /etc/cinder/cinder.conf ceph volume_driver cinder.volume.drivers.rbd.RBDDriver
    openstack-config --set /etc/cinder/cinder.conf ceph volume_backend_name ceph
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_pool volumes
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_ceph_conf /etc/ceph/ceph.conf
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_flatten_volume_from_snapshot false
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_max_clone_depth 5
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_store_chunk_size 4
    openstack-config --set /etc/cinder/cinder.conf ceph rados_connect_timeout -1
    openstack-config --set /etc/cinder/cinder.conf ceph glance_api_version 2
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_user cinder
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_secret_uuid $(cat /etc/ceph/uuid-client.cinder)
    
    cinder type-create ceph
    cinder type-key ceph set volume_backend_name=ceph
    
    systemctl start openstack-cinder-volume.service
    systemctl enable openstack-cinder-volume.service
    

    compute节点

    ceph安装

    • yum源
    [Ceph]
    name=Ceph packages for $basearch
    baseurl=http://mirrors.aliyun.com/ceph/rpm-nautilus/el7/$basearch
    enabled=1
    gpgcheck=0
    type=rpm-md
    gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc
    priority=1
    [Ceph-noarch]
    name=Ceph noarch packages
    baseurl=http://mirrors.aliyun.com/ceph/rpm-nautilus/el7/noarch
    enabled=1
    gpgcheck=0
    type=rpm-md
    gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc
    priority=1
    [ceph-source]
    name=Ceph source packages
    baseurl=http://mirrors.aliyun.com/ceph/rpm-nautilus/el7/SRPMS
    enabled=1
    gpgcheck=0
    type=rpm-md
    gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc
    priority=1
    
    • 开始安装
    计算节点:
    yum install -y ceph
    控制节点:
    cd ./cluster
    echo "public_network = 192.168.200.0/24" >> ceph.conf
    ceph-deploy osd create --data /dev/sda4 compute
    ceph-deploy admin compute
    

    yum源

    yum install centos-release-openstack-train -y
    yum install openstack-utils -y
    yum install python-openstackclient -y
    

    nova_compute

    yum install openstack-nova-compute -y
    
    openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
    openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 192.168.200.201
    openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron true
    openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
    openstack-config --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/
    openstack-config --set /etc/nova/nova.conf DEFAULT allow_resize_to_same_host True
    openstack-config --set /etc/nova/nova.conf DEFAULT force_raw_images True
    openstack-config --set /etc/nova/nova.conf DEFAULT volume_api_class nova.volume.cinder.API
    openstack-config --set /etc/nova/nova.conf api auth_strategy keystone
    openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://192.168.200.200:5000/
    openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password
    openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name services
    openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
    openstack-config --set /etc/nova/nova.conf keystone_authtoken password 000000
    openstack-config --set /etc/nova/nova.conf vnc enabled true
    openstack-config --set /etc/nova/nova.conf vnc server_listen 0.0.0.0
    openstack-config --set /etc/nova/nova.conf vnc server_proxyclient_address '$my_ip'
    openstack-config --set  /etc/nova/nova.conf vnc novncproxy_base_url http://192.168.200.200:6080/vnc_auto.html
    openstack-config --set /etc/nova/nova.conf glance api_servers http://192.168.200.200:9292/
    openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
    openstack-config --set /etc/nova/nova.conf placement region_name RegionOne
    openstack-config --set /etc/nova/nova.conf placement project_domain_name Default
    openstack-config --set /etc/nova/nova.conf placement project_name services
    openstack-config --set /etc/nova/nova.conf placement auth_type password
    openstack-config --set /etc/nova/nova.conf placement user_domain_name Default
    openstack-config --set /etc/nova/nova.conf placement auth_url http://192.168.200.200:5000/
    openstack-config --set /etc/nova/nova.conf placement username placement
    openstack-config --set /etc/nova/nova.conf placement password 000000
    openstack-config --set  /etc/nova/nova.conf libvirt virt_type kvm
    openstack-config --set  /etc/nova/nova.conf libvirt live_migration_scheme ssh
    openstack-config --set  /etc/nova/nova.conf libvirt live_migration_inbound_addr 192.168.200.201
    
    scp root@controller:/etc/ceph/ceph.client.nova.keyring /etc/ceph/
    scp root@controller:/etc/ceph/uuid-client.nova /etc/ceph/
    scp root@controller:/etc/ceph/client.nova.key /etc/ceph/
    virsh secret-define --file /etc/ceph/secret-client.nova.xml
    virsh secret-set-value --secret $(cat /etc/ceph/uuid-client.nova) --base64 $(cat /etc/ceph/client.nova.key)
    
    openstack-config --set /etc/nova/nova.conf DEFAULT force_raw_images True
    openstack-config --set /etc/nova/nova.conf libvirt disk_cachemodes "\"network=writeback\""
    openstack-config --set /etc/nova/nova.conf libvirt images_type rbd
    openstack-config --set /etc/nova/nova.conf libvirt images_rbd_pool vms
    openstack-config --set /etc/nova/nova.conf libvirt images_rbd_ceph_conf /etc/ceph/ceph.conf
    openstack-config --set /etc/nova/nova.conf libvirt rbd_user nova
    openstack-config --set /etc/nova/nova.conf libvirt rbd_secret_uuid $(cat /etc/ceph/uuid-client.nova)
    
    chgrp glance /etc/ceph/ceph.client.nova.keyring
    
    systemctl enable libvirtd.service openstack-nova-compute.service
    systemctl start libvirtd.service openstack-nova-compute.service
    

    neutron_compute

    yum install neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service -y
    
    openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone 
    openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/
    openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_resize_to_same_host True
    openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_migrate_to_same_hostTrue
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://192.168.200.200:5000/
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type  password
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name services
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password 000000
    openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp 
    
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini linux_openvswitch physical_interface_mappings extnet:ens33
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini agent tunnel_types vxlan 
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini agent l2_population true
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini ovs bridge_mappings extnet:br-ex
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini ovs local_ip 192.168.200.201
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini securitygroup enable_security_group true 
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini securitygroup firewall_driver iptables_hybrid
    
    openstack-config --set /etc/nova/nova.conf neutron auth_url http://192.168.200.200:5000/v3/
    openstack-config --set /etc/nova/nova.conf neutron auth_type v3password
    openstack-config --set /etc/nova/nova.conf neutron project_domain_name Default
    openstack-config --set /etc/nova/nova.conf neutron user_domain_name Default
    openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne 
    openstack-config --set /etc/nova/nova.conf neutron project_name services
    openstack-config --set /etc/nova/nova.conf neutron username neutron
    openstack-config --set /etc/nova/nova.conf neutron password 000000
    
    systemctl enable neutron-openvswitch-agent.service
    systemctl start neutron-openvswitch-agent.service
    
    ovs-vsctl add-br br-ex
    ovs-vsctl add-port br-ex ens33
    echo "TYPE=Ethernet" >> /etc/sysconfig/network-scripts/ifcfg-ens33
    echo "BOOTPROTO=none" >> /etc/sysconfig/network-scripts/ifcfg-ens33
    echo "NAME=ens33" >> /etc/sysconfig/network-scripts/ifcfg-ens33
    echo "DEVICE=ens33" >> /etc/sysconfig/network-scripts/ifcfg-ens33
    echo "ONBOOT=yes" >> /etc/sysconfig/network-scripts/ifcfg-ens33
    
    rm -f /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "TYPE=Ethernet" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "BOOTPROTO=none" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "NAME=br-ex" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "DEVICE=br-ex" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "IPADDR=192.168.100.101" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "PREFIX=24" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "GATEWAY=192.168.100.2" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "DEFROUTE=yes" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "ONBOOT=yes" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    service network restart
    

    cinder_storage

    openstack-config --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:000000@192.168.200.200/cinder
    openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
    openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip 192.168.200.201
    openstack-config --set /etc/cinder/cinder.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/v3/
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://192.168.200.200:5000/v3/
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_type password
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name services
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password 000000
    openstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp
    
    scp root@controller:/etc/ceph/ceph.client.cinder.keyring /etc/ceph/
    scp root@controller:/etc/ceph/uuid-client.cinder /etc/ceph/
    scp root@controller:/etc/ceph/client.cinder.key /etc/ceph/
    virsh secret-define --file /etc/ceph/secret-client.cinder.xml
    virsh secret-set-value --secret $(cat /etc/ceph/uuid-client.cinder) --base64 $(cat /etc/ceph/client.cinder.key)
    
    openstack-config --set /etc/cinder/cinder.conf DEFAULT enabled_backends ceph
    openstack-config --set /etc/cinder/cinder.conf DEFAULT default_volume_type ceph
    openstack-config --set /etc/cinder/cinder.conf DEFAULT glance_api_servers http://192.168.200.200:9292
    openstack-config --set /etc/cinder/cinder.conf ceph volume_driver cinder.volume.drivers.rbd.RBDDriver
    openstack-config --set /etc/cinder/cinder.conf ceph volume_backend_name ceph
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_pool volumes
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_ceph_conf /etc/ceph/ceph.conf
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_flatten_volume_from_snapshot false
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_max_clone_depth 5
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_store_chunk_size 4
    openstack-config --set /etc/cinder/cinder.conf ceph rados_connect_timeout -1
    openstack-config --set /etc/cinder/cinder.conf ceph glance_api_version 2
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_user cinder
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_secret_uuid $(cat /etc/ceph/uuid-client.cinder)
    
    chgrp glance /etc/ceph/ceph.client.cinder.keyring
    
    systemctl start openstack-cinder-volume.service
    systemctl enable openstack-cinder-volume.service
    

    热迁移

    结合参数:

    libvirt live_migration_scheme = ssh
    libvirt live_migration_inbound_addr = 192.168.200.200
    
    libvirt live_migration_scheme = ssh
    libvirt live_migration_inbound_addr = 192.168.200.201
    
    usermod -s "/bin/bash" nova
    echo "nova" | passwd nova --stdin
    su - nova
    ssh-keygen
    ssh-copy-id root@controller
    ssh-copy-id root@compute
    
    展开全文
  • Openstack

    2016-07-22 22:51:58
    OpenStack云平台技术是云计算技术中的主流技术,已得到大量主流商业厂商和研究机构的大力支持。在未来的几年中,OpenStack会对云计算以及IT领域产生极大的影响。由于云计算本身的复杂性,Openstack系统对于初学者...

    OpenStack云平台技术是云计算技术中的主流技术,已得到大量主流商业厂商和研究机构的大力支持。在未来的几年中,OpenStack会对云计算以及IT领域产生极大的影响。由于云计算本身的复杂性,Openstack系统对于初学者显得过于繁杂,自学者往往在各种部署难题前因难而退。各种崭新的概念,对于新接触Openstack平台的人,往往会觉得困惑和难以理解,进而转化为畏惧。 本课程历数了云计算及各种流行云平台的特点,之后重点阐述从OpenStack开源云平台的发展历程、体系架构、关键技术、主要应用领域以及相应的发展策略。

    云计算及 OpenStack 云平台技术的机遇与挑战

    1、OpenStack 云平台介绍
    2、OpenStack 项目介绍
    3、OpenStack 开源社区现状、动态和未来方向
    4、OpenStack 项目整体基本架构及演进
    5、基于OpenStack实现的成功案例介绍
    6、OpenStack 云平台与其他几种云平台的比较 (OpenStack,CloudStack,OpenNebula,Docker)

    Openstack底层技术及通用组件讲解

    1、计算机虚拟化相关技术讲解
    2、网络虚拟化相关技术讲解
    3、Openstack通用组件讲解

    第三课 OpenStack安装和部署
    1、OpenStack安装部署过程(给出详细安装过程)
    2、使用devstack安装部署OpenStack,搭建开发环境
    3、openstack目录组织结构及配置文件

    第四课 OpenStack 基本功能操作
    1、openstack管理界面包括哪些基础功能
    2、openstack环境中创建虚拟机流程
    3

    展开全文
  • openstack image list:作用 查看已有镜像列表 openstack image show 镜像名 作用 查看镜像的详细信息 openstack image create --file 镜像文件名 --disk-format qcow2 --container-format bare --public centos7 ...
  • OpenStack常用基本命令

    万次阅读 2020-09-16 17:13:30
    近期由于做了一个蜜罐项目,其中虚拟化编排的部分用的OpenStack,所以整理了一些常用的命令,给大家分享下。 项目代码部分用的是python,所以下一篇文章将写一些python调用OpenStack的代码。 # 此步骤的shell文件...

    OpenStack,整理了一些常用的命令,给大家分享下。

    项目代码部分用的是python,所以下一篇文章将写一些python调用OpenStack的代码。
     

    # 此步骤的shell文件是把环境变量设置好,环境变量内容大概如下

    cd /opt/allinone/
    . functions.sh

    # -----  创建 -------

    openstack image create "cirros"  --file /root/cirros-0.3.4-x86_64-disk.img --disk-format qcow2 --container-format bare --public  上传镜像
    nova flavor-create --is-public true flavor-test1 auto 16384 10 16 创建套餐
    neutron net-create --debug  t100 --shared --provider:segmentation_id 100 --provider:network_type vlan --region-name RegionOne  --ipam-vpc-prefix 3.0.0.0/8   创建网段
    neutron --debug subnet-create ae866022-cef7-412f-8f92-31491b667f19 3.0.1.0/24 --gateway 3.0.1.1 --ipam-site-name mg  创建子网
    neutron --debug port-create --name portName-test1 ae866022-cef7-412f-8f92-31491b667f19  --fixed-ip subnet_id=9eb12dd4-ea8d-461a-bc53-f7d1a1c34e8e  --security-group 24edf2fd-7937-43bc-822f-379b3579ce81  创建接口
    nova --debug boot --flavor 0 --image 4100a122-7976-4a48-9741-83717de34881 --nic port-id=15f5af16-f8f4-4deb-a7b7-29ad5e729611 vm-instance-test1  创建实例

    # ----- 列表 -------

    neutron net-list、openstack network list  网段列表
    openstack security group list  安全组列表
    nova flavor-list  套餐列表
    glance image-list 、openstack image list、nova image-list 镜像列表
    neutron port-list  路由列表
    nova list、openstack server list、nova list --all  实例列表

    # ------ 查看具体信息 ------

    neutron net-show ID  网段具体信息
    openstack image show ID  查看镜像具体信息
    nova flavor-show ID 查看套餐具体信息
    neutron port-show ID  路由详细信息,是否分配了虚机等
    nova show ID  查看单个实例的详细信息

    # ------ 删除 ------

    neutron net-delete ID   删除一个网络
    glance image-delete ID  删除一个镜像
    nova flavor-delete ID  删除一个套餐
    neutron port-delete ID  删除一个路由
    nova delete ID、openstack server delete ID  删除实例

    # ------ 以下皆为虚拟机启停 ------

    nova suspend ID  暂停
    nova resume ID 恢复
    nova reboot ID  重启
    openstack server suspend ID
    openstack server resume ID
    openstack server reboot ID

     

    展开全文
  • OpenStack

    万次阅读 2011-06-14 15:14:00
    Cluster as a Service: Managing multiple clusters for openstack clouds and other diverse frameworks OpenStack 无法独自满足集群计算的需求。目前有一种方案,把集群计算部署放到 IaaS/...

    运行时架构

    系统内部交互图

     

    Swift也是独立组件,对系统运行没影响。

     

    nova-api是对外的接口。

    Glance是独立组件,供 nova-compute 下载镜像使用。 

    核心组件:

    Scheduler: 根据当前资源使用情况,决定计算节点分布到哪台计算节点上。目前实现很薄,目前已支持插件方式扩展,方便后面可能有采用更复杂算法。

    Compute:计算节点,使用虚拟化技术, host 虚拟机

    Network: 网络管理,给虚拟机分配网络和管理,使外部 PC 可以可直接访问

    Volume:给虚拟机分配额外持久化的存储

    运行时系统间交互都是通过异步消息的方式和DB 进行交互

     

    运行时图

    管理和使用是走两个通道的。管理必须要经由 nova-api转发过去。而运行时,直接连接计算节点上的虚拟机即可。

     

     

     

    OpenStack架构

    OpenStack的架构示意图和目前已实现情况

     

    蓝色是要 openstack概念上的架构图,红色是目前已实现的。

     

     


    部署

    部署时,除了Dashboard 必须部署在 nova-api server 上以外,所有的其它进程都可以部署在不同的机器上。

     

     

     

     

    OpenStack提供了基于 Puppet 的自动部署工具。经过简单配置,就可以把各个组件部署到不同机器上。

     

     

    OpenStack的镜像创建并没有纳入其职责列表。
    你可以使用Ubuntu的已有image (https://help.ubuntu.com/community/UEC/),或者直接重新自己通过KVM安装  http://cssoss.wordpress.com/2011/04/27/openstack-beginners-guide-for-ubuntu-11-04-image-management/


     

    网络模型

    Flat Network Manager, Flat DHCP Network Manager, VLAN Network Manager.

    VLAN Network Manager 这种方式适合于共有云。

    在私有云方面, IP充足,而且为了方便的互联互通,简单的Flat结构网络比较适合。

    OpenStack支持 Floating IPs ,该特性可以方便的通过更改IP来Failover(容错转移)或者迁移。

     

    CAAS

    Cluster as a Service: Managing multiple clusters for openstack clouds and other diverse frameworks

    OpenStack无法独自满足集群计算的需求。目前有一种方案,把集群计算部署放到 IaaS/PaaS 的下一层,我们称这种解决方案是 CaaS.

    当前,在很多机构或者学校,部署了不同的集群解决方案,但是他们使用的频率并不是很高,因此资源利用率不高的情况下,造成了很大的浪费(比如电费, PC)。

         设计目标:

    每个集群资源都可以动态分配

    系统隔离性好  

    集群有足够的性能和容量  

          设计:

    IaaS/PaaS层与 CaaS 隔离

    IaaS/PaaS 层可联机扩展

    CaaS  层的镜像可通过容器有效被处理

    CaaS  层是通过 webservice提供服务  

    可通过 VLAN 网络隔离  

    自动安装

    在这个解决方案中是通过 LXC 方式来实现系统隔离

    注:

    LXC, LINUX的容器工具,他使用cgroup把系统资源分组进行隔离。
    它不需要指令级模拟。因此相对其他虚拟化技术性能更高。
    因为他必须以进程运行执行文件的方式,因此不支持windows.


    架构图


     

    CaaS 中构建 OpenStack
    Layers

    CaaS(Physical) Physical layer. OS is installed on physical machines. 

    CaaS(LXC) LXC layer. A Tagged VLAN isolates LXC containers. 

    IaaS Cloud layer.  OpenStack (nova).

    过程:

    1.  在物理机上安装LXC

    2. 配置VPN网络

    3. 执行nova 的自动部署工具

    重复1~3, 在不同的机器上重复的安装OpenStack 的计算节点

     

     

    展开全文
  • 全面认识openstackOpenStack架构详解

    万次阅读 多人点赞 2018-06-21 10:41:50
    OpenStack既是一个社区,也是一个项目和一个开源软件,提供开放源码软件,建立公共和私有云,它提供了一个部署云的操作平台或工具集,其宗旨在于:帮助组织运行为虚拟计算或存储服务的云,为公有云、私有云,也为大...
  • openstack.xmind

    2019-10-15 14:19:40
    Openstack
  • OpenStack它是RackspaceCloud和NASA负责的一个开源基础架构即服务的云计算项目。OpenStack是一个由开发者和云计算技术人员的全球协作开发的面向公共和私有云的标准云操作系统,是在 Apache许可条款下发布的免费开源...
  • OpenStack架构

    2021-02-26 04:38:04
    终于正式进入OpenStack部分了。今天开始,CloudMan将带着大家一步一步揭开OpenStack的神秘面纱。OpenStack已经走过了6个年头。每半年会发布一个版本,版本以字母顺序命名。现在已经到第12个版本Liberty(字母L)。...
  • openstack install

    2018-02-10 17:17:57
    openstack 安装文档 openstack 安装文档 openstack 安装文档 openstack 安装文档
  • OpenStack官方的解释很官方,而且从不同角度,也有不同的理解,OpenStack可以理解为一个云操作系统 OpenStack旗下包含了一组由社区维护的开源项目,他们分别是OpenStackCompute(Nova),OpenStackObjectStorage(Swift...
  • openstack 中文

    2018-03-21 18:35:34
    openstack 中文
  • openstack:与OpenStack纠缠不清
  • OpenStack 实战

    2017-08-11 16:54:53
    OpenStack实战
  • Openstack概述 部署安装环境 、 部署Openstack OpenStack操作基-附件资源
  • openstack 安装

    2018-08-02 16:37:50
    在kilo环境下 YUM 安装 openstack 在kilo环境下 YUM 安装 openstack
  • ThinkCloud Openstack

    2017-02-08 13:50:42
    ThinkCloud Openstack
  • 仅用于同步openstack源代码
  • vagrant-openstackOpenStack云计算食谱第4版使用的Vagrant OpenStack-Ansible环境
  • mastering openstack

    2018-06-10 18:10:16
    掌握OpenStack的好书,To speed up with the content of this book, prior knowledge of OpenStack is required. If you don't have experience in OpenStack, reading this book
  • OpenStack实战

    2017-07-14 16:49:04
    OpenStack实战 完整
  • openstack-nova计算节点一键安装脚本
  • OpenStack白皮书

    2016-04-16 10:19:00
    OpenStack白皮书
  • openstack安装

    2018-03-08 11:02:30
    里面详细讲述了openstack的安装过程,但是这个版本是关于openstack icehouse的安装

空空如也

空空如也

1 2 3 4 5 ... 20
收藏数 106,441
精华内容 42,576
关键字:

openstack