openstack 订阅
OpenStack是一个开源的云计算管理平台项目,是一系列软件开源项目的组合。由NASA(美国国家航空航天局)和Rackspace合作研发并发起,以Apache许可证(Apache软件基金会发布的一个自由软件许可证)授权的开源代码项目。 [1]  OpenStack为私有云和公有云提供可扩展的弹性的云计算服务。项目目标是提供实施简单、可大规模扩展、丰富、标准统一的云计算管理平台。 [1] 展开全文
OpenStack是一个开源的云计算管理平台项目,是一系列软件开源项目的组合。由NASA(美国国家航空航天局)和Rackspace合作研发并发起,以Apache许可证(Apache软件基金会发布的一个自由软件许可证)授权的开源代码项目。 [1]  OpenStack为私有云和公有云提供可扩展的弹性的云计算服务。项目目标是提供实施简单、可大规模扩展、丰富、标准统一的云计算管理平台。 [1]
信息
编程语言
Python
遵循标准
Open 、AMQP、SQLAlchemy
开发者
NASA,Rackspace
中文名
OpenStack云计算管理平台
外文名
OpenStack
OpenStack简介
Openstack是一个云平台管理的项目,它不是一个软件。这个项目由几个主要的组件组合起来完成一些具体的工作。Openstack是一个旨在为公共及私有云的建设与管理提供软件的开源项目。它的社区拥有超过130家企业及1350位开发者,这些机构与个人将 Openstack作为基础设施即服务资源的通用前端。Openstack项目的首要任务是简化云的部署过程并为其带来良好的可扩展性。本文希望通过提供必要的指导信息,帮助大家利用 Openstack前端来设置及管理自己的公共云或私有云。 [2]  Openstack是由 Rackspace和NASA共同开发的云计算平台,帮助服务商和企业内部实现类似于 Amazon ec2和S3的云基础架构服务( Infrastructure as a Service)。 Openstack包括两个主要模块:Nova和 Swift。前者是NASA开发的虚拟服务器部署和业务计算模块;后是 Backpack开发的分布式云存储模块,两者可以一起用,也可以分开单独用。 Openstack是开源项目,除了有 Rackspace和NASA的大力支持外,后面还有包括Dell、 Citrix、 Cisco Canonical这些重量级公司的贡献和支持,发展速度非常快,有取代另一个业界领先开源云台 Eucalyptus的态势。 [2] 
收起全文
精华内容
下载资源
问答
  • OPENSTACK

    2021-02-07 18:45:17
    openstack train 手动安装

    本次部署是基于openstack train+ceph,前前后后,各种重复实验大概一个月时间,预见各种坑。部署思路基于两台服务器,首先部署controller节点,在通过新增计算节点方式进行。
    vware准备两台cenots7,不在累述前期安装过程,基础参数如下:

    网络环境:
    	gateway:192.168.200.2
    	gateway:192.168.100.2
    	controller:
    		ens33:192.168.200.200	管理网络
    		ens34:192.168.100.100	外部网络
    	compute:
    		ens33:192.168.200.201	管理网络
    		ens34:192.168.100.101	外部网络
    
    磁盘环境:
    	controller+compute:
    		均为/dev/sda4
    
    默认密码:
    	所有密码均为:000000
    

    基础环境

    • 基本工具
    yum install -y expect lrzsz tree vim wget bash-completion bash-completion-extras
    
    • ip转发
    echo 'net.ipv4.ip_forward=1 ' >>/etc/sysctl.conf 
    echo 'net.ipv4.tcp_tw_recycle=1 ' >>/etc/sysctl.conf
    echo 'net.ipv4.tcp_tw_reuse=1 ' >>/etc/sysctl.conf 
    sysctl -p
    
    • 域名配置
    hostnamectl set-hostname controller
    hostnamectl set-hostname compute
    
    • hosts配置
    sed -i "$ a 192.168.200.200 controller" /etc/hosts
    sed -i "$ a 192.168.200.201 compute" /etc/hosts
    
    • dns配置
    sed -i "$ a nameserver 192.168.100.2" /etc/resolv.conf
    sed -i "$ a nameserver 114.114.114.114" /etc/resolv.conf
    
    • 关闭防火墙、selinux、NetworkManager
    systemctl disable NetworkManager Firewalld
    systemctl stop NetworkManager Firewalld
    
    sed -i '/^SELINUX/s/enforcing/disabled/' /etc/selinux/config
    
    • 时间同步
    /etc/chrony.conf
    controller:
    	server ntp.aliyun.com iburst
    	allow 192.168.200.0/24
    	local stratum 10
    compute:
    	server controller iburst
    
    • 密钥分发
    ssh-keygen
    ssh-copy-id root@controller
    ssh-copy-id root@compute
    
    • yum源
    sed -i 's#keepcache=0#keepcache=1#g' /etc/yum.conf
    wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
    curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
    

    controller节点

    ceph安装

    • yum源
    [Ceph]
    name=Ceph packages for $basearch
    baseurl=http://mirrors.aliyun.com/ceph/rpm-nautilus/el7/$basearch
    enabled=1
    gpgcheck=0
    type=rpm-md
    gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc
    priority=1
    [Ceph-noarch]
    name=Ceph noarch packages
    baseurl=http://mirrors.aliyun.com/ceph/rpm-nautilus/el7/noarch
    enabled=1
    gpgcheck=0
    type=rpm-md
    gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc
    priority=1
    [ceph-source]
    name=Ceph source packages
    baseurl=http://mirrors.aliyun.com/ceph/rpm-nautilus/el7/SRPMS
    enabled=1
    gpgcheck=0
    type=rpm-md
    gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc
    priority=1
    
    • 开始安装
    yum install -y ceph-deploy python-setuptools
    mkdir ./cluster && cd ./cluster
    yum install -y ceph		#等于ceph-deploy install controller
    ceph-deploy new controller
    ceph-deploy mon create-initial
    ceph-deploy admin controller
    ceph-deploy mgr create controller
    ceph-deploy osd create --data /dev/sda4 controller
    

    基本软件

    • train源
    yum install centos-release-openstack-train -y
    yum install openstack-utils -y
    yum install python-openstackclient -y
    
    • mysql安装
    yum install mariadb mariadb-server python2-PyMySQL -y
    cat > /etc/my.cnf.d/openstack.cnf <<- EOF
    [mysqld]
    bind-address = 192.168.200.200
    default-storage-engine = innodb
    innodb_file_per_table = on
    max_connections = 4096
    collation-server = utf8_general_ci
    character-set-server = utf8
    EOF
    
    systemctl enable mariadb.service
    systemctl start mariadb.service
    
    expect <<-EOF &> /etc/null
    spawn mysql_secure_installation
    expect "*none*" { send "\n"; }
    expect "*Y/n*" { send "n\n"; }
    expect "*Y/n*" { send "y\n"; }
    expect "*Y/n*" { send "y\n"; }
    expect "*Y/n*" { send "y\n"; }
    expect "*Y/n*" { send "y\n"; }
    expect eof
    EOF
    
    • rabbitmq安装
    yum install rabbitmq-server -y
    
    systemctl enable rabbitmq-server.service
    systemctl start rabbitmq-server.service
    
    rabbitmqctl add_user openstack 000000
    rabbitmqctl set_permissions openstack ".*" ".*" ".*"
    
    • memcached安装
    yum install memcached python-memcached -y
    
    sed -i '/OPTIONS/c\OPTIONS="-l 192.168.200.200"' /etc/sysconfig/memcached
    
    systemctl enable memcached.service
    systemctl start memcached.service
    
    • etcd安装
    yum install etcd -y
    
    cp /etc/etcd/etcd.conf{,.bak}
    cat > /etc/etcd/etcd.conf <<- EOF
    #[Member]
    ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
    ETCD_LISTEN_PEER_URLS="http://192.168.200.200:2380"
    ETCD_LISTEN_CLIENT_URLS="http://192.168.200.200:2379"
    ETCD_NAME="controller"
    #[Clustering]
    ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.200.200:2380"
    ETCD_ADVERTISE_CLIENT_URLS="http://192.168.200.200:2379"
    ETCD_INITIAL_CLUSTER="controller=http://192.168.200.200:2380"
    ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"
    ETCD_INITIAL_CLUSTER_STATE="new"
    EOF
    
    systemctl enable etcd
    systemctl start etcd
    

    keystone

    yum install openstack-keystone httpd mod_wsgi -y
    
    mysql -uroot -e "CREATE DATABASE keystone;GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '000000';"
    
    cp -a /etc/keystone/keystone.conf{,.bak}
    grep -Ev "^$|#" /etc/keystone/keystone.conf.bak > /etc/keystone/keystone.conf
    openstack-config --set /etc/keystone/keystone.conf database connection  mysql+pymysql://keystone:$KEYSTONE_DBPASS@$IPADDR/keystone
    openstack-config --set /etc/keystone/keystone.conf token provider fernet
    
    su -s /bin/sh -c "keystone-manage db_sync" keystone
    
    keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
    keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
    keystone-manage bootstrap --bootstrap-password 000000 \
        --bootstrap-admin-url http://192.168.200.200:5000/v3/ \
        --bootstrap-internal-url http://192.168.200.200:5000/v3/ \
        --bootstrap-public-url http://192.168.200.200:5000/v3/ \
        --bootstrap-region-id RegionOne
    
    cp /etc/httpd/conf/httpd.conf{,.bak}
    sed -i "s/#ServerName www.example.com:80/ServerName controller/" /etc/httpd/conf/httpd.conf
    ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
    
    systemctl enable httpd.service
    systemctl start httpd.service
    
    sed -i "$ a export OS_USERNAME=admin" /root/.bashrc
    sed -i "$ a export OS_PASSWORD=000000" /root/.bashrc
    sed -i "$ a export OS_PROJECT_NAME=admin" /root/.bashrc
    sed -i "$ a export OS_USER_DOMAIN_NAME=Default" /root/.bashrc
    sed -i "$ a export OS_PROJECT_DOMAIN_NAME=Default" /root/.bashrc
    sed -i "$ a export OS_AUTH_URL=http://192.168.200.200:5000/v3" /root/.bashrc
    sed -i "$ a export OS_IDENTITY_API_VERSION=3" /root/.bashrc
    source ~/.bashrc 
    
    openstack project create --domain default --description "Service Project" service
    

    glance

    yum install openstack-glance -y
    
    mysql -uroot -e "CREATE DATABASE glance;GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '000000';"
    
    openstack user create --domain default --password 000000 glance &> /etc/null
    openstack role add --project service --user glance admin &> /etc/null
    
    openstack service create --name glance --description "OpenStack Image" image
    
    openstack endpoint create --region RegionOne image public http://192.168.200.200:9292
    openstack endpoint create --region RegionOne image internal http://192.168.200.200:9292
    openstack endpoint create --region RegionOne image admin http://192.168.200.200:9292
    
    cp -a /etc/glance/glance-api.conf{,.bak}
    cp -a /etc/glance/glance-registry.conf{,.bak}
    grep -Ev '^$|#' /etc/glance/glance-api.conf.bak > /etc/glance/glance-api.conf
    grep -Ev '^$|#' /etc/glance/glance-registry.conf.bak > /etc/glance/glance-registry.conf
    openstack-config --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:000000@192.168.200.200/glance
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://192.168.200.200:5000
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_type password
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name services
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username glance
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password 000000
    openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
    
    ceph osd pool create images 64 64
    ceph osd pool application enable images rbd
    ceph osd pool set images size 1
    ceph auth get-or-create client.glance mon 'allow r' osd "images" -o /etc/ceph/ceph.client.glance.keyring
    chgrp glance /etc/ceph/ceph.client.glance.keyring
    sed -i "$ a client.glance" /etc/ceph/ceph.conf
    sed -i "$ a keyring = /etc/ceph/ceph.client.glance.keyring" /etc/ceph/ceph.conf
    
    openstack-config --set /etc/glance/glance-api.conf glance_store stores rbd
    openstack-config --set /etc/glance/glance-api.conf glance_store default_store rbd
    openstack-config --set /etc/glance/glance-api.conf glance_store rbd_store_pool images
    openstack-config --set /etc/glance/glance-api.conf glance_store rbd_store_user glance
    openstack-config --set /etc/glance/glance-api.conf glance_store rbd_store_ceph_conf /etc/ceph/ceph.conf
    
    su -s /bin/sh -c "glance-manage db_sync" glance
    
    systemctl enable openstack-glance-api.service
    systemctl start openstack-glance-api.service
    

    placement

    yum install openstack-placement-api -y
    
    mysql -uroot -e "CREATE DATABASE placement;GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' IDENTIFIED BY '000000';"
    
    openstack user create --domain default --password 000000 placement &> /etc/null
    openstack role add --project service --user placement admin &> /etc/null
    
    openstack service create --name placement --description "Placement API" placement
    
    openstack endpoint create --region RegionOne placement public http://192.168.200.200:8778
    openstack endpoint create --region RegionOne placement internal http://192.168.200.200:8778
    openstack endpoint create --region RegionOne placement admin http://192.168.200.200:8778
    
    cp -a /etc/glance/glance-api.conf{,.bak}
    cp -a /etc/glance/glance-registry.conf{,.bak}
    grep -Ev '^$|#' /etc/glance/glance-api.conf.bak > /etc/glance/glance-api.conf
    grep -Ev '^$|#' /etc/glance/glance-registry.conf.bak > /etc/glance/glance-registry.conf
    openstack-config --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:000000@192.168.200.200/glance
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://192.168.200.200:5000
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_type password
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name services
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username glance
    openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password 000000
    openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
    
    ceph osd pool create images 64 64
    ceph osd pool application enable images rbd
    ceph osd pool set images size 1
    ceph auth get-or-create client.glance mon 'allow r' osd "allow rwx pool=images" -o /etc/ceph/ceph.client.glance.keyring
    chgrp glance /etc/ceph/ceph.client.glance.keyring
    sed -i "$ a client.glance" /etc/ceph/ceph.conf
    sed -i "$ a keyring = /etc/ceph/ceph.client.glance.keyring" /etc/ceph/ceph.conf
    
    openstack-config --set /etc/glance/glance-api.conf glance_store stores rbd
    openstack-config --set /etc/glance/glance-api.conf glance_store default_store rbd
    openstack-config --set /etc/glance/glance-api.conf glance_store rbd_store_pool images
    openstack-config --set /etc/glance/glance-api.conf glance_store rbd_store_user glance
    openstack-config --set /etc/glance/glance-api.conf glance_store rbd_store_ceph_conf /etc/ceph/ceph.conf
    
    su -s /bin/sh -c "glance-manage db_sync" glance
    
    systemctl enable openstack-glance-api.service
    systemctl start openstack-glance-api.service
    

    nova-controller

    yum install openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler -y
    
    mysql -uroot -e "CREATE DATABASE nova_api;GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY '000000';"
    mysql -uroot -e "CREATE DATABASE nova;GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '000000';"
    mysql -uroot -e "CREATE DATABASE nova_cell0;GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY '000000';"
    
    openstack user create --domain default --password 000000 nova
    openstack role add --project service --user nova admin
    
    openstack service create --name nova --description "OpenStack Compute" compute
    
    openstack endpoint create --region RegionOne compute public http://192.168.200.200:8774/v2.1
    openstack endpoint create --region RegionOne compute internal http://192.168.200.200:8774/v2.1
    openstack endpoint create --region RegionOne compute admin http://192.168.200.200:8774/v2.1
    
    cp -a /etc/nova/nova.conf{,.bak}
    grep -Ev '^$|#' /etc/nova/nova.conf.bak > /etc/nova/nova.conf
    
    openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
    openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 192.168.200.200
    openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron true
    openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
    openstack-config --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/
    openstack-config --set /etc/nova/nova.conf api_database connection mysql+pymysql://nova:000000@192.168.200.200/nova_api
    openstack-config --set /etc/nova/nova.conf database connection mysql+pymysql://nova:000000@192.168.200.200/nova
    openstack-config --set /etc/nova/nova.conf placement_database connection mysql+pymysql://placement:000000@192.168.200.200/placement
    openstack-config --set /etc/nova/nova.conf api auth_strategy keystone
    \openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://192.168.200.200:5000/
    openstack-config --set /etc/nova/nova.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/
    openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type  password
    openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name services
    openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
    openstack-config --set /etc/nova/nova.conf keystone_authtoken password 000000
    openstack-config --set /etc/nova/nova.conf vnc enabled true
    openstack-config --set /etc/nova/nova.conf vnc server_listen 0.0.0.0
    openstack-config --set /etc/nova/nova.conf vnc server_proxyclient_address '$my_ip'
    openstack-config --set /etc/nova/nova.conf glance api_servers http://192.168.200.200:9292/
    openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
    openstack-config --set /etc/nova/nova.conf placement region_name  RegionOne
    openstack-config --set /etc/nova/nova.conf placement project_domain_name Default
    openstack-config --set /etc/nova/nova.conf placement project_name services
    openstack-config --set /etc/nova/nova.conf placement auth_type password
    openstack-config --set /etc/nova/nova.conf placement user_domain_name Default
    openstack-config --set /etc/nova/nova.conf placement auth_url http://192.168.200.200:5000/
    openstack-config --set /etc/nova/nova.conf placement username placement
    openstack-config --set /etc/nova/nova.conf placement password 000000
    openstack-config --set /etc/nova/nova.conf scheduler discover_hosts_in_cells_interval 300
    
    su -s /bin/sh -c "nova-manage api_db sync" nova
    su -s /bin/sh -c "nova-manage cell_v2 map_cell0"
    su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
    su -s /bin/sh -c "nova-manage db sync"
    
    systemctl enable openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
    systemctl start openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
    

    nova_compute

    yum install openstack-nova-compute -y
    
    openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
    openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 192.168.200.200
    openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron true
    openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
    openstack-config --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/
    openstack-config --set /etc/nova/nova.conf DEFAULT allow_resize_to_same_host True
    openstack-config --set /etc/nova/nova.conf DEFAULT force_raw_images True
    openstack-config --set /etc/nova/nova.conf DEFAULT volume_api_class nova.volume.cinder.API
    openstack-config --set /etc/nova/nova.conf api auth_strategy keystone
    openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://192.168.200.200:5000/
    openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password
    openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name services
    openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
    openstack-config --set /etc/nova/nova.conf keystone_authtoken password 000000
    openstack-config --set /etc/nova/nova.conf vnc enabled true
    openstack-config --set /etc/nova/nova.conf vnc server_listen 0.0.0.0
    openstack-config --set /etc/nova/nova.conf vnc server_proxyclient_address '$my_ip'
    openstack-config --set  /etc/nova/nova.conf vnc novncproxy_base_url http://192.168.200.200:6080/vnc_auto.html
    openstack-config --set /etc/nova/nova.conf glance api_servers  http://192.168.200.200:9292/
    openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
    openstack-config --set /etc/nova/nova.conf placement region_name  RegionOne
    openstack-config --set /etc/nova/nova.conf placement project_domain_name Default
    openstack-config --set /etc/nova/nova.conf placement project_name services
    openstack-config --set /etc/nova/nova.conf placement auth_type password
    openstack-config --set /etc/nova/nova.conf placement user_domain_name Default
    openstack-config --set /etc/nova/nova.conf placement auth_url http://192.168.200.200:5000/
    openstack-config --set /etc/nova/nova.conf placement username placement
    openstack-config --set /etc/nova/nova.conf placement password 000000
    openstack-config --set  /etc/nova/nova.conf libvirt virt_type kvm
    openstack-config --set  /etc/nova/nova.conf libvirt live_migration_scheme ssh
    openstack-config --set  /etc/nova/nova.conf libvirt live_migration_inbound_addr 192.168.200.200
    
    ceph osd pool create vms 64 64
    ceph osd pool application enable vms rbd
    ceph osd pool set vms size 1
    ceph auth get-or-create client.nova mon 'allow r' osd "allow rwx pool=volumes, allow rwx pool=vms, allow rwx pool=images" -o /etc/ceph/ceph.client.nova.keyring
    chgrp glance /etc/ceph/ceph.client.nova.keyring
    sed -i "$ a client.nova" /etc/ceph/ceph.conf
    sed -i "$ a keyring = /etc/ceph/ceph.client.nova.keyring" /etc/ceph/ceph.conf
    
    cat >> /etc/ceph/secret-client.nova.xml <<EOF
    <secret ephemeral='no' private='no'>
    <uuid>$(cat /etc/ceph/uuid-client.nova)</uuid>
    <usage type='ceph'>
    <name>client.nova secret</name>
    </usage>
    </secret>
    EOF
    virsh secret-define --file /etc/ceph/secret-client.nova.xml
    ceph auth get-key client.nova -o /etc/ceph/client.nova.key
    virsh secret-set-value --secret $(cat /etc/ceph/uuid-client.nova) --base64 $(cat /etc/ceph/client.nova.key)
    
    openstack-config --set /etc/nova/nova.conf DEFAULT force_raw_images True
    openstack-config --set /etc/nova/nova.conf libvirt disk_cachemodes "\"network=writeback\""
    openstack-config --set /etc/nova/nova.conf libvirt images_type rbd
    openstack-config --set /etc/nova/nova.conf libvirt images_rbd_pool vms
    openstack-config --set /etc/nova/nova.conf libvirt images_rbd_ceph_conf /etc/ceph/ceph.conf
    openstack-config --set /etc/nova/nova.conf libvirt rbd_user nova
    openstack-config --set /etc/nova/nova.conf libvirt rbd_secret_uuid $(cat /etc/ceph/uuid-client.nova)
    
    systemctl enable libvirtd.service openstack-nova-compute.service
    systemctl start libvirtd.service openstack-nova-compute.service
    

    neutron_controller

    yum install openstack-neutron openstack-neutron-ml2 ebtables -y
    
    mysql -uroot -e "CREATE DATABASE neutron;GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '000000';"
    
    openstack user create --domain default --password 000000 neutron
    openstack role add --project service --user neutron admin
    
    openstack service create --name neutron --description "OpenStack Networking" network
    
    openstack endpoint create --region RegionOne network public http://192.168.200.200:9696
    openstack endpoint create --region RegionOne network internal http://192.168.200.200:9696
    openstack endpoint create --region RegionOne network admin http://192.168.200.200:9696
    
    cp -a /etc/neutron/neutron.conf{,.bak}
    grep -Ev '^$|#' /etc/neutron/neutron.conf.bak > /etc/neutron/neutron.conf
    openstack-config --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:000000@192.168.200.200/neutron
    openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
    openstack-config --set  /etc/neutron/neutron.conf DEFAULT auth_strategy  keystone
    openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins router 
    openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/
    openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes true 
    openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes true 
    openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips true
    openstack-config --set /etc/neutron/neutron.conf DEFAULT my_ip 192.168.200.200
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://192.168.200.200:5000/
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type  password
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name services
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password 000000
    openstack-config --set /etc/neutron/neutron.conf vnc enabled true
    openstack-config --set /etc/neutron/neutron.conf vnc server_listen 0.0.0.0
    openstack-config --set /etc/neutron/neutron.conf vnc server_proxyclient_address '$my_ip'
    openstack-config --set /etc/neutron/neutron.conf nova auth_url http://192.168.200.200:5000/
    openstack-config --set /etc/neutron/neutron.conf nova auth_type password
    openstack-config --set /etc/neutron/neutron.conf nova project_domain_name Default
    openstack-config --set /etc/neutron/neutron.conf nova user_domain_name Default
    openstack-config --set /etc/neutron/neutron.conf nova region_name RegionOne
    openstack-config --set /etc/neutron/neutron.conf nova project_name services
    openstack-config --set /etc/neutron/neutron.conf nova username neutron
    openstack-config --set /etc/neutron/neutron.conf nova password 000000
    openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
    
    openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vxlan
    openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types flat,vxlan
    openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers openvswitch,l2population 
    openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security
    openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks extnet
    openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan vni_ranges 1:1000
    openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset true
    
    openstack-config --set /etc/nova/nova.conf neutron url http://192.168.200.200:9696
    openstack-config --set /etc/nova/nova.conf neutron auth_url http://192.168.200.200:5000/v3/
    openstack-config --set /etc/nova/nova.conf neutron memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/nova/nova.conf neutron auth_type v3password
    openstack-config --set /etc/nova/nova.conf neutron project_domain_name Default
    openstack-config --set /etc/nova/nova.conf neutron user_domain_name Default
    openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne 
    openstack-config --set /etc/nova/nova.conf neutron project_name services
    openstack-config --set /etc/nova/nova.conf neutron username neutron
    openstack-config --set /etc/nova/nova.conf neutron password 000000
    openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy true 
    openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret 000000
    
    ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
    
    su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
    
    systemctl enable neutron-server.service
    systemctl start neutron-server.service
    

    neutron_network

    yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch ebtables -y
    
    openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone 
    openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://192.168.200.200:5000/v3/
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/v3/
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type  password
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name services
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password 000000
    openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp 
    
    openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
    openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata true
    openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver openvswitch 
    openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT force_metadata true
    
    openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_host 192.168.200.200 
    openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret 000000
    
    openstack-config --set /etc/neutron/l3_agent.ini DEFAULT interface_driver openvswitch
    
    systemctl enable neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
    systemctl start neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
    

    neutron_compute

    yum install neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service -y
    
    openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone 
    openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/
    openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_resize_to_same_host True
    openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_migrate_to_same_hostTrue
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://192.168.200.200:5000/
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type  password
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name services
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password 000000
    openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp 
    
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini linux_openvswitch physical_interface_mappings extnet:ens33
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini agent tunnel_types vxlan 
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini agent l2_population true
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini ovs bridge_mappings extnet:br-ex
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini ovs local_ip 192.168.200.200
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini securitygroup enable_security_group true 
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini securitygroup firewall_driver iptables_hybrid
    
    openstack-config --set /etc/nova/nova.conf neutron auth_url http://192.168.200.200:5000/v3/
    openstack-config --set /etc/nova/nova.conf neutron auth_type v3password
    openstack-config --set /etc/nova/nova.conf neutron project_domain_name Default
    openstack-config --set /etc/nova/nova.conf neutron user_domain_name Default
    openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne 
    openstack-config --set /etc/nova/nova.conf neutron project_name services
    openstack-config --set /etc/nova/nova.conf neutron username neutron
    openstack-config --set /etc/nova/nova.conf neutron password 000000
    
    systemctl enable neutron-openvswitch-agent.service
    systemctl start neutron-openvswitch-agent.service
    
    ovs-vsctl add-br br-ex
    ovs-vsctl add-port br-ex ens33
    echo "TYPE=Ethernet" >> /etc/sysconfig/network-scripts/ifcfg-ens33
    echo "BOOTPROTO=none" >> /etc/sysconfig/network-scripts/ifcfg-ens33
    echo "NAME=ens33" >> /etc/sysconfig/network-scripts/ifcfg-ens33
    echo "DEVICE=ens33" >> /etc/sysconfig/network-scripts/ifcfg-ens33
    echo "ONBOOT=yes" >> /etc/sysconfig/network-scripts/ifcfg-ens33
    
    rm -f /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "TYPE=Ethernet" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "BOOTPROTO=none" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "NAME=br-ex" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "DEVICE=br-ex" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "IPADDR=192.168.100.100" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "PREFIX=24" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "GATEWAY=192.168.100.2" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "DEFROUTE=yes" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "ONBOOT=yes" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    service network restart
    

    horizon

    yum install openstack-dashboard -y
    
    rm -f /etc/openstack-dashboard/local_settings
    
    openssl rand -hex 10
    52141c41dc456eadb871
    
    echo >> /etc/openstack-dashboard/local_settings <<- EOF
    # -*- coding: utf-8 -*-
    
    import os
    from django.utils.translation import ugettext_lazy as _
    from openstack_dashboard.settings import HORIZON_CONFIG
    DEBUG = False
    ALLOWED_HOSTS = ['*']
    LOCAL_PATH = '/tmp'
    SECRET_KEY='52141c41dc456eadb871'
    SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
    CACHES = {
        'default': {
             'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
             'LOCATION': 'controller:11211',
        }
    }
    EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
    OPENSTACK_HOST = "controller"
    OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
    OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
    OPENSTACK_API_VERSIONS = {
        "identity": 3,
        "image": 2,
        "volume": 3,
    }
    OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"
    OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"
    OPENSTACK_NEUTRON_NETWORK = {
        'enable_auto_allocated_network': False,
        'enable_distributed_router': False,
        'enable_fip_topology_check': False,
        'enable_ha_router': False,
        'enable_lb': False,
        'enable_firewall': False,
        'enable_vpn': False,
        'enable_ipv6': False,
        'enable_quotas': False,
        'enable_rbac_policy': False,
        'enable_router': True,
        'default_dns_nameservers': [],
        'supported_provider_types': ['*'],
        'segmentation_id_range': {},
        'extra_provider_types': {},
        'supported_vnic_types': ['*'],
        'physical_networks': [],
    }
    TIME_ZONE = "Asia/Shanghai"
    LOGGING = {
        'version': 1,
        'disable_existing_loggers': False,
        'formatters': {
            'console': {
                'format': '%(levelname)s %(name)s %(message)s'
            },
            'operation': {
                'format': '%(message)s'
            },
        },
        'handlers': {
            'null': {
                'level': 'DEBUG',
                'class': 'logging.NullHandler',
            },
            'console': {
                'level': 'DEBUG' if DEBUG else 'INFO',
                'class': 'logging.StreamHandler',
                'formatter': 'console',
            },
            'operation': {
                'level': 'INFO',
                'class': 'logging.StreamHandler',
                'formatter': 'operation',
            },
        },
        'loggers': {
            'horizon': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'horizon.operation_log': {
                'handlers': ['operation'],
                'level': 'INFO',
                'propagate': False,
            },
            'openstack_dashboard': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'novaclient': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'cinderclient': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'keystoneauth': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'keystoneclient': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'glanceclient': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'neutronclient': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'swiftclient': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'oslo_policy': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'openstack_auth': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'django': {
                'handlers': ['console'],
                'level': 'DEBUG',
                'propagate': False,
            },
            'django.db.backends': {
                'handlers': ['null'],
                'propagate': False,
            },
            'requests': {
                'handlers': ['null'],
                'propagate': False,
            },
            'urllib3': {
                'handlers': ['null'],
                'propagate': False,
            },
            'chardet.charsetprober': {
                'handlers': ['null'],
                'propagate': False,
            },
            'iso8601': {
                'handlers': ['null'],
                'propagate': False,
            },
            'scss': {
                'handlers': ['null'],
                'propagate': False,
            },
        },
    }
    SECURITY_GROUP_RULES = {
        'all_tcp': {
            'name': _('All TCP'),
            'ip_protocol': 'tcp',
            'from_port': '1',
            'to_port': '65535',
        },
        'all_udp': {
            'name': _('All UDP'),
            'ip_protocol': 'udp',
            'from_port': '1',
            'to_port': '65535',
        },
        'all_icmp': {
            'name': _('All ICMP'),
            'ip_protocol': 'icmp',
            'from_port': '-1',
            'to_port': '-1',
        },
        'ssh': {
            'name': 'SSH',
            'ip_protocol': 'tcp',
            'from_port': '22',
            'to_port': '22',
        },
        'smtp': {
            'name': 'SMTP',
            'ip_protocol': 'tcp',
            'from_port': '25',
            'to_port': '25',
        },
        'dns': {
            'name': 'DNS',
            'ip_protocol': 'tcp',
            'from_port': '53',
            'to_port': '53',
        },
        'http': {
            'name': 'HTTP',
            'ip_protocol': 'tcp',
            'from_port': '80',
            'to_port': '80',
        },
        'pop3': {
            'name': 'POP3',
            'ip_protocol': 'tcp',
            'from_port': '110',
            'to_port': '110',
        },
        'imap': {
            'name': 'IMAP',
            'ip_protocol': 'tcp',
            'from_port': '143',
            'to_port': '143',
        },
        'ldap': {
            'name': 'LDAP',
            'ip_protocol': 'tcp',
            'from_port': '389',
            'to_port': '389',
        },
        'https': {
            'name': 'HTTPS',
            'ip_protocol': 'tcp',
            'from_port': '443',
            'to_port': '443',
        },
        'smtps': {
            'name': 'SMTPS',
            'ip_protocol': 'tcp',
            'from_port': '465',
            'to_port': '465',
        },
        'imaps': {
            'name': 'IMAPS',
            'ip_protocol': 'tcp',
            'from_port': '993',
            'to_port': '993',
        },
        'pop3s': {
            'name': 'POP3S',
            'ip_protocol': 'tcp',
            'from_port': '995',
            'to_port': '995',
        },
        'ms_sql': {
            'name': 'MS SQL',
            'ip_protocol': 'tcp',
            'from_port': '1433',
            'to_port': '1433',
        },
        'mysql': {
            'name': 'MYSQL',
            'ip_protocol': 'tcp',
            'from_port': '3306',
            'to_port': '3306',
        },
        'rdp': {
            'name': 'RDP',
            'ip_protocol': 'tcp',
            'from_port': '3389',
            'to_port': '3389',
        },
    }
    EOF
    
    python /usr/share/openstack-dashboard/manage.py make_web_conf --apache > /etc/httpd/conf.d/openstack-dashboard.conf
    
    ln -s /etc/openstack-dashboard /usr/share/openstack-dashboard/openstack_dashboard/conf
    
    chown -R apache:apache /usr/share/openstack-dashboard/
    
    systemctl restart httpd.service memcached.service
    

    cinder_controller

    yum install openstack-cinder -y
    
    mysql -uroot -e "CREATE DATABASE cinder;GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY '000000';"
    
    openstack user create --domain default --password 000000 cinder
    openstack role add --project service --user cinder admin
    
    openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2
    openstack service create --name cinderv3 --description "OpenStack Block Storage" volumev3
    
    openstack endpoint create --region RegionOne volumev2 public http://192.168.200.200:8776/v2/%\(project_id\)s
    openstack endpoint create --region RegionOne volumev2 internal http://192.168.200.200:8776/v2/%\(project_id\)s
    openstack endpoint create --region RegionOne volumev2 admin http://192.168.200.200:8776/v2/%\(project_id\)s
    openstack endpoint create --region RegionOne volumev3 public http://192.168.200.200:8776/v3/%\(project_id\)s
    openstack endpoint create --region RegionOne volumev3 internal http://192.168.200.200:8776/v3/%\(project_id\)s
    openstack endpoint create --region RegionOne volumev3 admin http://192.168.200.200:8776/v3/%\(project_id\)s
    
    cp -a /etc/cinder/cinder.conf{,.bak}
    grep -Ev '^$|#' /etc/cinder/cinder.conf.bak > /etc/cinder/cinder.conf
    openstack-config --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:000000@192.168.200.200/cinder
    openstack-config --set /etc/cinder/cinder.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/
    openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
    openstack-config --set /etc/cinder/cinder.conf DEFAULT storage_availability_zone nova
    openstack-config --set /etc/cinder/cinder.conf DEFAULT default_availability_zone nova
    openstack-config --set /etc/cinder/cinder.conf DEFAULT enable_v3_api True
    openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip 192.168.200.200
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/v3/
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://192.168.200.200:5000/v3/
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_type password
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name services
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password 000000
    openstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp
    
    openstack-config --set /etc/nova/nova.conf cinder os_region_name RegionOne
    
    su -s /bin/sh -c "cinder-manage db sync" cinder
    
    systemctl enable openstack-nova-api.service openstack-cinder-api.service openstack-cinder-scheduler.service
    systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service
    

    cinder_storage

    openstack-config --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:000000@192.168.200.200/cinder
    openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
    openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip 192.168.200.200
    openstack-config --set /etc/cinder/cinder.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/v3/
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://192.168.200.200:5000/v3/
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_type password
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name services
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password 000000
    openstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp
    
    ceph osd pool create cinder 64 64
    ceph osd pool application enable cinder rbd
    ceph osd pool set cinder size 1
    ceph auth get-or-create client.nova mon 'allow r' osd "volumes" "client.cinder" "allow rwx pool=images, allow rwx pool=volumes" -o /etc/ceph/ceph.client.cinder.keyring
    chgrp glance /etc/ceph/ceph.client.cinder.keyring
    sed -i "$ a client.cinder" /etc/ceph/cinder.conf
    sed -i "$ a keyring = /etc/ceph/ceph.client.cinder.keyring" /etc/ceph/ceph.conf
    
    cat >> /etc/ceph/secret-client.cinder.xml <<EOF
    <secret ephemeral='no' private='no'>
    <uuid>$(cat /etc/ceph/uuid-client.cinder)</uuid>
    <usage type='ceph'>
    <name>client.cinder secret</name>
    </usage>
    </secret>
    EOF
    virsh secret-define --file /etc/ceph/secret-client.cinder.xml
    ceph auth get-key client.cinder -o /etc/ceph/client.cinder.key
    virsh secret-set-value --secret $(cat /etc/ceph/uuid-client.cinder) --base64 $(cat /etc/ceph/client.cinder.key)
    
    openstack-config --set /etc/cinder/cinder.conf DEFAULT enabled_backends ceph
    openstack-config --set /etc/cinder/cinder.conf DEFAULT default_volume_type ceph
    openstack-config --set /etc/cinder/cinder.conf DEFAULT glance_api_servers http://192.168.200.200:9292
    openstack-config --set /etc/cinder/cinder.conf ceph volume_driver cinder.volume.drivers.rbd.RBDDriver
    openstack-config --set /etc/cinder/cinder.conf ceph volume_backend_name ceph
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_pool volumes
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_ceph_conf /etc/ceph/ceph.conf
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_flatten_volume_from_snapshot false
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_max_clone_depth 5
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_store_chunk_size 4
    openstack-config --set /etc/cinder/cinder.conf ceph rados_connect_timeout -1
    openstack-config --set /etc/cinder/cinder.conf ceph glance_api_version 2
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_user cinder
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_secret_uuid $(cat /etc/ceph/uuid-client.cinder)
    
    cinder type-create ceph
    cinder type-key ceph set volume_backend_name=ceph
    
    systemctl start openstack-cinder-volume.service
    systemctl enable openstack-cinder-volume.service
    

    compute节点

    ceph安装

    • yum源
    [Ceph]
    name=Ceph packages for $basearch
    baseurl=http://mirrors.aliyun.com/ceph/rpm-nautilus/el7/$basearch
    enabled=1
    gpgcheck=0
    type=rpm-md
    gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc
    priority=1
    [Ceph-noarch]
    name=Ceph noarch packages
    baseurl=http://mirrors.aliyun.com/ceph/rpm-nautilus/el7/noarch
    enabled=1
    gpgcheck=0
    type=rpm-md
    gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc
    priority=1
    [ceph-source]
    name=Ceph source packages
    baseurl=http://mirrors.aliyun.com/ceph/rpm-nautilus/el7/SRPMS
    enabled=1
    gpgcheck=0
    type=rpm-md
    gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc
    priority=1
    
    • 开始安装
    计算节点:
    yum install -y ceph
    控制节点:
    cd ./cluster
    echo "public_network = 192.168.200.0/24" >> ceph.conf
    ceph-deploy osd create --data /dev/sda4 compute
    ceph-deploy admin compute
    

    yum源

    yum install centos-release-openstack-train -y
    yum install openstack-utils -y
    yum install python-openstackclient -y
    

    nova_compute

    yum install openstack-nova-compute -y
    
    openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
    openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 192.168.200.201
    openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron true
    openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
    openstack-config --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/
    openstack-config --set /etc/nova/nova.conf DEFAULT allow_resize_to_same_host True
    openstack-config --set /etc/nova/nova.conf DEFAULT force_raw_images True
    openstack-config --set /etc/nova/nova.conf DEFAULT volume_api_class nova.volume.cinder.API
    openstack-config --set /etc/nova/nova.conf api auth_strategy keystone
    openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://192.168.200.200:5000/
    openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password
    openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name services
    openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
    openstack-config --set /etc/nova/nova.conf keystone_authtoken password 000000
    openstack-config --set /etc/nova/nova.conf vnc enabled true
    openstack-config --set /etc/nova/nova.conf vnc server_listen 0.0.0.0
    openstack-config --set /etc/nova/nova.conf vnc server_proxyclient_address '$my_ip'
    openstack-config --set  /etc/nova/nova.conf vnc novncproxy_base_url http://192.168.200.200:6080/vnc_auto.html
    openstack-config --set /etc/nova/nova.conf glance api_servers http://192.168.200.200:9292/
    openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
    openstack-config --set /etc/nova/nova.conf placement region_name RegionOne
    openstack-config --set /etc/nova/nova.conf placement project_domain_name Default
    openstack-config --set /etc/nova/nova.conf placement project_name services
    openstack-config --set /etc/nova/nova.conf placement auth_type password
    openstack-config --set /etc/nova/nova.conf placement user_domain_name Default
    openstack-config --set /etc/nova/nova.conf placement auth_url http://192.168.200.200:5000/
    openstack-config --set /etc/nova/nova.conf placement username placement
    openstack-config --set /etc/nova/nova.conf placement password 000000
    openstack-config --set  /etc/nova/nova.conf libvirt virt_type kvm
    openstack-config --set  /etc/nova/nova.conf libvirt live_migration_scheme ssh
    openstack-config --set  /etc/nova/nova.conf libvirt live_migration_inbound_addr 192.168.200.201
    
    scp root@controller:/etc/ceph/ceph.client.nova.keyring /etc/ceph/
    scp root@controller:/etc/ceph/uuid-client.nova /etc/ceph/
    scp root@controller:/etc/ceph/client.nova.key /etc/ceph/
    virsh secret-define --file /etc/ceph/secret-client.nova.xml
    virsh secret-set-value --secret $(cat /etc/ceph/uuid-client.nova) --base64 $(cat /etc/ceph/client.nova.key)
    
    openstack-config --set /etc/nova/nova.conf DEFAULT force_raw_images True
    openstack-config --set /etc/nova/nova.conf libvirt disk_cachemodes "\"network=writeback\""
    openstack-config --set /etc/nova/nova.conf libvirt images_type rbd
    openstack-config --set /etc/nova/nova.conf libvirt images_rbd_pool vms
    openstack-config --set /etc/nova/nova.conf libvirt images_rbd_ceph_conf /etc/ceph/ceph.conf
    openstack-config --set /etc/nova/nova.conf libvirt rbd_user nova
    openstack-config --set /etc/nova/nova.conf libvirt rbd_secret_uuid $(cat /etc/ceph/uuid-client.nova)
    
    chgrp glance /etc/ceph/ceph.client.nova.keyring
    
    systemctl enable libvirtd.service openstack-nova-compute.service
    systemctl start libvirtd.service openstack-nova-compute.service
    

    neutron_compute

    yum install neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service -y
    
    openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone 
    openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/
    openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_resize_to_same_host True
    openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_migrate_to_same_hostTrue
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://192.168.200.200:5000/
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type  password
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name services
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
    openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password 000000
    openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp 
    
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini linux_openvswitch physical_interface_mappings extnet:ens33
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini agent tunnel_types vxlan 
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini agent l2_population true
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini ovs bridge_mappings extnet:br-ex
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini ovs local_ip 192.168.200.201
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini securitygroup enable_security_group true 
    openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini securitygroup firewall_driver iptables_hybrid
    
    openstack-config --set /etc/nova/nova.conf neutron auth_url http://192.168.200.200:5000/v3/
    openstack-config --set /etc/nova/nova.conf neutron auth_type v3password
    openstack-config --set /etc/nova/nova.conf neutron project_domain_name Default
    openstack-config --set /etc/nova/nova.conf neutron user_domain_name Default
    openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne 
    openstack-config --set /etc/nova/nova.conf neutron project_name services
    openstack-config --set /etc/nova/nova.conf neutron username neutron
    openstack-config --set /etc/nova/nova.conf neutron password 000000
    
    systemctl enable neutron-openvswitch-agent.service
    systemctl start neutron-openvswitch-agent.service
    
    ovs-vsctl add-br br-ex
    ovs-vsctl add-port br-ex ens33
    echo "TYPE=Ethernet" >> /etc/sysconfig/network-scripts/ifcfg-ens33
    echo "BOOTPROTO=none" >> /etc/sysconfig/network-scripts/ifcfg-ens33
    echo "NAME=ens33" >> /etc/sysconfig/network-scripts/ifcfg-ens33
    echo "DEVICE=ens33" >> /etc/sysconfig/network-scripts/ifcfg-ens33
    echo "ONBOOT=yes" >> /etc/sysconfig/network-scripts/ifcfg-ens33
    
    rm -f /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "TYPE=Ethernet" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "BOOTPROTO=none" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "NAME=br-ex" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "DEVICE=br-ex" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "IPADDR=192.168.100.101" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "PREFIX=24" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "GATEWAY=192.168.100.2" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "DEFROUTE=yes" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    echo "ONBOOT=yes" >> /etc/sysconfig/network-scripts/ifcfg-br-ex
    service network restart
    

    cinder_storage

    openstack-config --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:000000@192.168.200.200/cinder
    openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
    openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip 192.168.200.201
    openstack-config --set /etc/cinder/cinder.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/v3/
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://192.168.200.200:5000/v3/
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken memcached_servers 192.168.200.200:11211
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_type password
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_name Default
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_name Default
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name services
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder
    openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password 000000
    openstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp
    
    scp root@controller:/etc/ceph/ceph.client.cinder.keyring /etc/ceph/
    scp root@controller:/etc/ceph/uuid-client.cinder /etc/ceph/
    scp root@controller:/etc/ceph/client.cinder.key /etc/ceph/
    virsh secret-define --file /etc/ceph/secret-client.cinder.xml
    virsh secret-set-value --secret $(cat /etc/ceph/uuid-client.cinder) --base64 $(cat /etc/ceph/client.cinder.key)
    
    openstack-config --set /etc/cinder/cinder.conf DEFAULT enabled_backends ceph
    openstack-config --set /etc/cinder/cinder.conf DEFAULT default_volume_type ceph
    openstack-config --set /etc/cinder/cinder.conf DEFAULT glance_api_servers http://192.168.200.200:9292
    openstack-config --set /etc/cinder/cinder.conf ceph volume_driver cinder.volume.drivers.rbd.RBDDriver
    openstack-config --set /etc/cinder/cinder.conf ceph volume_backend_name ceph
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_pool volumes
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_ceph_conf /etc/ceph/ceph.conf
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_flatten_volume_from_snapshot false
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_max_clone_depth 5
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_store_chunk_size 4
    openstack-config --set /etc/cinder/cinder.conf ceph rados_connect_timeout -1
    openstack-config --set /etc/cinder/cinder.conf ceph glance_api_version 2
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_user cinder
    openstack-config --set /etc/cinder/cinder.conf ceph rbd_secret_uuid $(cat /etc/ceph/uuid-client.cinder)
    
    chgrp glance /etc/ceph/ceph.client.cinder.keyring
    
    systemctl start openstack-cinder-volume.service
    systemctl enable openstack-cinder-volume.service
    

    热迁移

    结合参数:

    libvirt live_migration_scheme = ssh
    libvirt live_migration_inbound_addr = 192.168.200.200
    
    libvirt live_migration_scheme = ssh
    libvirt live_migration_inbound_addr = 192.168.200.201
    
    usermod -s "/bin/bash" nova
    echo "nova" | passwd nova --stdin
    su - nova
    ssh-keygen
    ssh-copy-id root@controller
    ssh-copy-id root@compute
    
    展开全文
  • Openstack

    2016-07-22 22:51:58
    OpenStack云平台技术是云计算技术中的主流技术,已得到大量主流商业厂商和研究机构的大力支持。在未来的几年中,OpenStack会对云计算以及IT领域产生极大的影响。由于云计算本身的复杂性,Openstack系统对于初学者...

    OpenStack云平台技术是云计算技术中的主流技术,已得到大量主流商业厂商和研究机构的大力支持。在未来的几年中,OpenStack会对云计算以及IT领域产生极大的影响。由于云计算本身的复杂性,Openstack系统对于初学者显得过于繁杂,自学者往往在各种部署难题前因难而退。各种崭新的概念,对于新接触Openstack平台的人,往往会觉得困惑和难以理解,进而转化为畏惧。 本课程历数了云计算及各种流行云平台的特点,之后重点阐述从OpenStack开源云平台的发展历程、体系架构、关键技术、主要应用领域以及相应的发展策略。

    云计算及 OpenStack 云平台技术的机遇与挑战

    1、OpenStack 云平台介绍
    2、OpenStack 项目介绍
    3、OpenStack 开源社区现状、动态和未来方向
    4、OpenStack 项目整体基本架构及演进
    5、基于OpenStack实现的成功案例介绍
    6、OpenStack 云平台与其他几种云平台的比较 (OpenStack,CloudStack,OpenNebula,Docker)

    Openstack底层技术及通用组件讲解

    1、计算机虚拟化相关技术讲解
    2、网络虚拟化相关技术讲解
    3、Openstack通用组件讲解

    第三课 OpenStack安装和部署
    1、OpenStack安装部署过程(给出详细安装过程)
    2、使用devstack安装部署OpenStack,搭建开发环境
    3、openstack目录组织结构及配置文件

    第四课 OpenStack 基本功能操作
    1、openstack管理界面包括哪些基础功能
    2、openstack环境中创建虚拟机流程
    3、OpenStack 管理员使用
    用户和项目管理
    用户网络存储和计算机资源管理
    用户项目安全租的管理
    4、OpenStack 租户使用
    虚拟机操作管理
    创建虚拟网络以及外部IP的管理
    用户如何管理使用块存储
    用户如何管理基于对象存储

    OpenStack 核心组件详解

    1、OpenStack 中的 keystone 模块详解
    2、OpenStack 中的 Cinder模块详解
    3、OpenStack 中的 Swift模块详解

    OpenStack 核心组件Glance 模块详解

    1、Glance架构及其原理分析
    2、Glance后端存储介绍及其缓存机制
    3、Glance状态迁移
    4、如何制作镜像文件

    OpenStack 核心组件Neutron模块详解(1)

    1、Neutron架构及其原理分析
    2、Neutron基本概念介绍:Network、Subnet、Port
    3、DHCP服务介绍
    4、Router服务介绍

    OpenStack 核心组件详解Neutron模块详解(2)

    1、负载均衡服务LBaaS
    2、neutron网络功能详解
    3、neutron实现qos功能

    OpenStack 核心组件Nova模块详解

    1、Nova架构及其原理分析
    2、Nova配置文件介绍及其优化
    3、Nova相关服务详细介绍

    OpenStack开发

    1、WSGI架构
    2、OpenStack API介绍
    3、如何编写API
    4、如何为API扩展功能

    OpenStack开发Horizon定制开发

    1、horizon组成及各个模块讲解
    2、horizon如何调用其他组件的API
    3、Horizon的定制开发。例如为文件存储(Swift)自定义账号和存储空间

    OpenStack运维

    1、OpenStack自动化部署
    2、OpenStack监控
    3、OpenStack高可用部署讲解
    4、OpenStack常见错误与处理

    环境

    1)笔记本电脑一台,内存>4G,可用磁盘空间大于50G;
    2)安装VirtualBox 或VMWARE workstation虚拟机软件,并配置好虚拟网络;
    3)安装好2-3台Ubuntu-14.04 Server-x86_64的VM虚拟机。
    4)OpenStack版本:Kilo
    软件准备
    OpenStack版本:Kilo
    操作系统:Ubuntu-14.04 Server-x86_64
    1)熟悉Linux基本命令及系统管理。
    2)熟悉基本的网络知识。
    3)熟悉虚拟化技术。
    4)有一定的开发基础;
    涉及语言
    Python
    Linux Shell

    1)对云计算有一个整体的认识
    2)学员在认真听取学完本次课程,能够根据官方文档,独立搭建一套openstack环境
    3)能够知道从事openstack工作,有哪些方向可选,各方向需要掌握哪些基础
    4)能够熟练使用openstack,创建虚拟机,配置网络,创建负载均衡等
    5)能够对openstack代码进行自定义改造
    6)能够熟练跟踪从页面点击一个按钮或者链接,如何一步步走到底层后台libvirt及kvm
    7)能够对openstack的网络相关技术有一定程度理解

    展开全文
  • OpenStack

    2016-07-15 17:26:05
    记录一个OpenStack的bug 启动实例的时候会报出500错误, 启动实例命令 nova boot --flavor 1 --key_name demo-key --image d7057028-a498-4576-86b4-e6aef50dab69 test1 日志路径/var/log/nova/nova-api.log...

    记录一个OpenStack的bug

    启动实例的时候会报出500错误,
    启动实例命令
    nova boot --flavor 1 --key_name demo-key --image d7057028-a498-4576-86b4-e6aef50dab69 test1
    日志路径/var/log/nova/nova-api.log记录如下:
    2016-07-15 17:06:25.082 43889 ERROR nova.api.openstack [req-90a0ab9d-a502-41cf-b530-3d1e59abcf5d 1b02500be9164beeba3626ccad78e66b fd6862f998934437b31d4e9038b17eb6 - - -] Caught error: id
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack Traceback (most recent call last):
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/nova/api/openstack/__init__.py", line 125, in __call__
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     return req.get_response(self.application)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/webob/request.py", line 1317, in send
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     application, catch_exc_info=False)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/webob/request.py", line 1281, in call_application
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     app_iter = application(self.environ, start_response)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/webob/dec.py", line 144, in __call__
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     return resp(environ, start_response)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/keystonemiddleware/auth_token/__init__.py", line 634, in __call__
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     return self._call_app(env, start_response)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/keystonemiddleware/auth_token/__init__.py", line 554, in _call_app
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     return self._app(env, _fake_start_response)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/webob/dec.py", line 144, in __call__
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     return resp(environ, start_response)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/webob/dec.py", line 144, in __call__
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     return resp(environ, start_response)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/routes/middleware.py", line 131, in __call__
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     response = self.app(environ, start_response)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/webob/dec.py", line 144, in __call__
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     return resp(environ, start_response)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/webob/dec.py", line 130, in __call__
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     resp = self.call_func(req, *args, **self.kwargs)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/webob/dec.py", line 195, in call_func
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     return self.func(req, *args, **kwargs)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/nova/api/openstack/wsgi.py", line 756, in __call__
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     content_type, body, accept)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/nova/api/openstack/wsgi.py", line 821, in _process_stack
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     action_result = self.dispatch(meth, request, action_args)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/nova/api/openstack/wsgi.py", line 911, in dispatch
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     return method(req=request, **action_args)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/nova/api/openstack/compute/servers.py", line 636, in create
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     self._handle_create_exception(*sys.exc_info())
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/nova/api/openstack/compute/servers.py", line 465, in _handle_create_exception
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     six.reraise(*exc_info)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/nova/api/openstack/compute/servers.py", line 621, in create
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     check_server_group_quota=check_server_group_quota)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/nova/hooks.py", line 149, in inner
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     rv = f(*args, **kwargs)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/nova/compute/api.py", line 1543, in create
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     check_server_group_quota=check_server_group_quota)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/nova/compute/api.py", line 1128, in _create_instance
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     image_id, boot_meta = self._get_image(context, image_href)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/nova/compute/api.py", line 818, in _get_image
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     image = self.image_api.get(context, image_href)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/nova/image/api.py", line 93, in get
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     show_deleted=show_deleted)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/nova/image/glance.py", line 309, in show
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     include_locations=include_locations)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/nova/image/glance.py", line 483, in _translate_from_glance
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     include_locations=include_locations)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/nova/image/glance.py", line 545, in _extract_attributes
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     queued = getattr(image, 'status') == 'queued'
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/glanceclient/openstack/common/apiclient/base.py", line 491, in __getattr__
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     self.get()
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/glanceclient/openstack/common/apiclient/base.py", line 509, in get
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     new = self.manager.get(self.id)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack   File "/usr/lib/python2.7/site-packages/glanceclient/openstack/common/apiclient/base.py", line 494, in __getattr__
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack     raise AttributeError(k)
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack AttributeError: id
    2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack 
    2016-07-15 17:06:25.089 43889 INFO nova.api.openstack [req-90a0ab9d-a502-41cf-b530-3d1e59abcf5d 1b02500be9164beeba3626ccad78e66b fd6862f998934437b31d4e9038b17eb6 - - -] http://controller1:8774/v2/fd6862f998934437b31d4e9038b17eb6/servers returned with HTTP 500
    2016-07-15 17:06:25.091 43889 INFO nova.osapi_compute.wsgi.server [req-90a0ab9d-a502-41cf-b530-3d1e59abcf5d 1b02500be9164beeba3626ccad78e66b fd6862f998934437b31d4e9038b17eb6 - - -] 172.16.200.107 "POST /v2/fd6862f998934437b31d4e9038b17eb6/servers HTTP/1.1" status: 500 len: 359 time: 0.5674710
    2016-07-15 17:06:25.177 43851 INFO nova.osapi_compute.wsgi.server [req-69b3c36e-2ae9-4634-ae7c-28c0d22bd2e6 1b02500be9164beeba3626ccad78e66b fd6862f998934437b31d4e9038b17eb6 - - -] 172.16.200.107 "GET /v2/fd6862f998934437b31d4e9038b17eb6/servers/detail?limit=21&project_id=fd6862f998934437b31d4e9038b17eb6 HTTP/1.1" status: 200 len: 211 time: 0.0638170
    2016-07-15 17:06:25.980 43887 INFO nova.osapi_compute.wsgi.server [req-3facdbdc-c5ea-410e-b1ad-7bc990e604c7 1b02500be9164beeba3626ccad78e66b fd6862f998934437b31d4e9038b17eb6 - - -] 172.16.200.107 "GET /v2/fd6862f998934437b31d4e9038b17eb6/limits?reserved=1 HTTP/1.1" status: 200 len: 708 time: 0.7534001
    2016-07-15 17:06:26.025 43857 INFO nova.osapi_compute.wsgi.server [req-d47a5ad9-ff25-4909-9c93-8e0494a54829 1b02500be9164beeba3626ccad78e66b fd6862f998934437b31d4e9038b17eb6 - - -] 172.16.200.107 "GET /v2/fd6862f998934437b31d4e9038b17eb6/limits?reserved=1 HTTP/1.1" status: 200 len: 708 time: 0.0331218

    解决方法:
    wget http://mirrors.aliyun.com/centos/7/cloud/x86_64/openstack-mitaka/python-glanceclient-2.0.0-1.el7.noarch.rpm
    rpm -Uvh python-glanceclient-2.0.0-1.el7.noarch.rpm 
    systemctl restart openstack-nova-api.service openstack-nova-cert.service   openstack-nova-consoleauth.service openstack-nova-scheduler.service   openstack-nova-conductor.service openstack-nova-novncproxy.service
    systemctl restart openstack-glance-api.service openstack-glance-registry.service

    小记一下

    ########################
    迷途小运维原创
    作者:john
    转载请注明出处
    展开全文
  • OpenStack

    万次阅读 2011-06-14 15:14:00
    Cluster as a Service: Managing multiple clusters for openstack clouds and other diverse frameworks OpenStack 无法独自满足集群计算的需求。目前有一种方案,把集群计算部署放到 IaaS/...

    运行时架构

    系统内部交互图

     

    Swift也是独立组件,对系统运行没影响。

     

    nova-api是对外的接口。

    Glance是独立组件,供 nova-compute 下载镜像使用。 

    核心组件:

    Scheduler: 根据当前资源使用情况,决定计算节点分布到哪台计算节点上。目前实现很薄,目前已支持插件方式扩展,方便后面可能有采用更复杂算法。

    Compute:计算节点,使用虚拟化技术, host 虚拟机

    Network: 网络管理,给虚拟机分配网络和管理,使外部 PC 可以可直接访问

    Volume:给虚拟机分配额外持久化的存储

    运行时系统间交互都是通过异步消息的方式和DB 进行交互

     

    运行时图

    管理和使用是走两个通道的。管理必须要经由 nova-api转发过去。而运行时,直接连接计算节点上的虚拟机即可。

     

     

     

    OpenStack架构

    OpenStack的架构示意图和目前已实现情况

     

    蓝色是要 openstack概念上的架构图,红色是目前已实现的。

     

     


    部署

    部署时,除了Dashboard 必须部署在 nova-api server 上以外,所有的其它进程都可以部署在不同的机器上。

     

     

     

     

    OpenStack提供了基于 Puppet 的自动部署工具。经过简单配置,就可以把各个组件部署到不同机器上。

     

     

    OpenStack的镜像创建并没有纳入其职责列表。
    你可以使用Ubuntu的已有image (https://help.ubuntu.com/community/UEC/),或者直接重新自己通过KVM安装  http://cssoss.wordpress.com/2011/04/27/openstack-beginners-guide-for-ubuntu-11-04-image-management/


     

    网络模型

    Flat Network Manager, Flat DHCP Network Manager, VLAN Network Manager.

    VLAN Network Manager 这种方式适合于共有云。

    在私有云方面, IP充足,而且为了方便的互联互通,简单的Flat结构网络比较适合。

    OpenStack支持 Floating IPs ,该特性可以方便的通过更改IP来Failover(容错转移)或者迁移。

     

    CAAS

    Cluster as a Service: Managing multiple clusters for openstack clouds and other diverse frameworks

    OpenStack无法独自满足集群计算的需求。目前有一种方案,把集群计算部署放到 IaaS/PaaS 的下一层,我们称这种解决方案是 CaaS.

    当前,在很多机构或者学校,部署了不同的集群解决方案,但是他们使用的频率并不是很高,因此资源利用率不高的情况下,造成了很大的浪费(比如电费, PC)。

         设计目标:

    每个集群资源都可以动态分配

    系统隔离性好  

    集群有足够的性能和容量  

          设计:

    IaaS/PaaS层与 CaaS 隔离

    IaaS/PaaS 层可联机扩展

    CaaS  层的镜像可通过容器有效被处理

    CaaS  层是通过 webservice提供服务  

    可通过 VLAN 网络隔离  

    自动安装

    在这个解决方案中是通过 LXC 方式来实现系统隔离

    注:

    LXC, LINUX的容器工具,他使用cgroup把系统资源分组进行隔离。
    它不需要指令级模拟。因此相对其他虚拟化技术性能更高。
    因为他必须以进程运行执行文件的方式,因此不支持windows.


    架构图


     

    CaaS 中构建 OpenStack
    Layers

    CaaS(Physical) Physical layer. OS is installed on physical machines. 

    CaaS(LXC) LXC layer. A Tagged VLAN isolates LXC containers. 

    IaaS Cloud layer.  OpenStack (nova).

    过程:

    1.  在物理机上安装LXC

    2. 配置VPN网络

    3. 执行nova 的自动部署工具

    重复1~3, 在不同的机器上重复的安装OpenStack 的计算节点

     

     

    展开全文
  • 全面认识openstackOpenStack架构详解

    万次阅读 多人点赞 2018-06-21 10:41:50
    OpenStack既是一个社区,也是一个项目和一个开源软件,提供开放源码软件,建立公共和私有云,它提供了一个部署云的操作平台或工具集,其宗旨在于:帮助组织运行为虚拟计算或存储服务的云,为公有云、私有云,也为大...
  • Openstack概述 部署安装环境 、 部署Openstack OpenStack操作基 Openstack概述 部署安装环境 、 部署Openstack OpenStack操作基
  • 实验环境是使用vmware搭建的centos 7虚拟机,生产环境需要换到openstack上跑虚拟机。 首先, 在vmware里面导出虚拟机,导出格式为ovf 这其实是一个压缩文件,把这个.ovf 用解压软件tar -xvf提取出其中的 CentOS7-...
  • OpenStack 系列文章

    千次阅读 2020-12-23 20:05:39
    《手动部署 OpenStack Rocky 双节点》 《使用 Ceph 作为 OpenStack 的统一存储解决方案》 代码贡献 《OpenStack 贡献者须知 — OpenPGP/SSH/CLA 贡献者协议》 《OpenStack贡献者须知 2 — 社区工作运作 & 代码...
  • openstack命令

    2019-09-25 12:50:27
    整理了Openstack命令: openstack aggregate add host openstack aggregate createopenstack aggregate deleteopenstack aggregate listopenstack aggregate remove hostopenstack aggregate set openstack aggreg...
  • Openstack基础架构

    万次阅读 多人点赞 2017-12-12 15:05:04
    Openstack学习总结 Openstack简介 OpenStack是一个由美国国家航空航天局(NASA)和Rackspace合作研发并发起的开源项目。其中Rackspace贡献了Swift, NASA贡献了Nova项目,这两个子项目发展到现在的大大小小十多个...
  • openstack 峰会 欢迎来到我们每周的OpenStack特别OpenStack Summit版本和开源云新闻。 有兴趣跟踪正在发生的事情吗? Opensource.com是您在开源云基础设施项目OpenStack中获取新闻的来源。 Web上的OpenStack ...
  • Openstack命令

    千次阅读 2016-10-31 09:04:20
    整理了Openstack命令: openstack aggregate add host openstack aggregate create openstack aggregate delete openstack aggregate list openstack aggregate remove host openstack aggregate set ...
  • Openstack之搭建总结

    2017-05-15 22:07:15
    Openstack
  • openstack 峰会 您有兴趣跟踪开源云中正在发生的事情吗? Opensource.com是您在开源云基础设施项目OpenStack中获取新闻的来源。 本周,我们回顾一下在巴塞罗那举行的OpenStack峰会以及该活动的一些新闻,公告和观察...
  • openstack概述

    万次阅读 2018-01-04 14:16:22
    1.什么是openstack openstack,是目前最为流行的开源云操作系统框架。深入理解openstack需要围绕开源、云、操作系统、框架这几个关键词展开说明  1.云 读者只需要明确,openstack是用来构建云计算系统的核心软件...
  • 自诞生以来,OpenStack 似乎一直被质疑,其背后最重要的两大推手 NASA 和 Rackspace 都弃它而去,惠普、思科接连宣布关闭基于 OpenStack 的公...
  • OpenStack是什么,OpenStack详解

    千次阅读 2017-08-01 15:06:00
    1. OpenStack是什么 OpenStack官方的解释很官方,而且从不同角度,也有不同的理解,OpenStack可以理解为一个云操作系统 OpenStack旗下包含了一组由社区维护的开源项目,他们分别是OpenStackCompute(Nova),...
  • OpenStack架构

    万次阅读 2018-03-15 17:35:16
    一、概述openstack是一个综合的云计算管理平台,作为一个开源的IaaS平台,在openstack项目中包含了各种各样的组件,接下来简要介绍。 二、组件(项目)介绍1、认证服务-Keyston该组件在openstack中主要负责用户、...
  • int32bit:如何阅读OpenStack源码 int32bit:OpenStack工作流服务Mistral简介 int32bit:OpenStack虚拟机挂载数据卷过程分析 int32bit:OpenStack中那些很少见但很有用的操作 int32bit:Docker使用OpenStack Cinder...
  • OpenStack API文档

    2018-09-13 11:33:34
    介绍如何使用API来创建和管理OpenStack云环境下的资源
  • OpenStack 安装

    千次阅读 2015-04-27 17:09:03
    OpenStack 是一个开源的云操作系统,可以通过OpenStack构建企业私有云。随着云计算的兴起,各个大中型企业都希望构建自己的私有云平台,OpenStack凭借着开源的优势,得到了广大开发者的喜好,纷纷使用OpenStack来...
  • OpenStack介绍

    千次阅读 2019-04-10 11:14:12
    OpenStack架构 OpenStack是一个综合的云计算管理平台,在OpenStack项目中包含了各种各样的组件,如提供身份验证的Keystone组件、提供计算服务的Nova组件,提供镜像服务的Glance组件、提供对象存储的Swift组件、提供...
  • openstack简介

    千次阅读 2019-08-24 21:20:48
    OpenStack既是一个社区,也是一个项目和一个开源软件,它提供了一个部署云的操作平台或工具集。其宗旨在于,帮助组织运行为虚拟计算或存储服务的云,为公有云、私有云,也为大云、小云提供可扩展的、灵活的云计算。 ...
  • OpenStack概述

    千次阅读 2019-06-27 23:27:30
    OpenStack是一个开源的云平台管理项目,可以作为AWS EC2的替代品,来管理一个数据中心的计算、网络、存储等资源,提供IAAS。基于OpenStack用户可以构建公有云、私有云、混合云,目前私有云的应用场景较多。
  • Openstack----(线网源)使用packstack工具一键部署OpenStack! 文章目录Openstack----(线网源)使用packstack工具一键部署OpenStack!一:部署 OpenStack1.1 环境1.2 安装虚拟机1.2.1 IP地址配置与修改主机名1.2.2...
  • OpenStack界面展示

    2018-03-29 10:53:03
    OpenStack的界面简单展示部分。。。。。。。。。。。。。。。

空空如也

空空如也

1 2 3 4 5 ... 20
收藏数 63,863
精华内容 25,545
关键字:

openstack