
- 编程语言
- Python
- 遵循标准
- Open 、AMQP、SQLAlchemy
- 开发者
- NASA,Rackspace
- 中文名
- OpenStack云计算管理平台
- 外文名
- OpenStack
-
OPENSTACK
2021-02-07 18:45:17openstack train 手动安装OPENSTACK
本次部署是基于openstack train+ceph,前前后后,各种重复实验大概一个月时间,预见各种坑。部署思路基于两台服务器,首先部署controller节点,在通过新增计算节点方式进行。
vware准备两台cenots7,不在累述前期安装过程,基础参数如下:网络环境: gateway:192.168.200.2 gateway:192.168.100.2 controller: ens33:192.168.200.200 管理网络 ens34:192.168.100.100 外部网络 compute: ens33:192.168.200.201 管理网络 ens34:192.168.100.101 外部网络 磁盘环境: controller+compute: 均为/dev/sda4 默认密码: 所有密码均为:000000
基础环境
- 基本工具
yum install -y expect lrzsz tree vim wget bash-completion bash-completion-extras
- ip转发
echo 'net.ipv4.ip_forward=1 ' >>/etc/sysctl.conf echo 'net.ipv4.tcp_tw_recycle=1 ' >>/etc/sysctl.conf echo 'net.ipv4.tcp_tw_reuse=1 ' >>/etc/sysctl.conf sysctl -p
- 域名配置
hostnamectl set-hostname controller hostnamectl set-hostname compute
- hosts配置
sed -i "$ a 192.168.200.200 controller" /etc/hosts sed -i "$ a 192.168.200.201 compute" /etc/hosts
- dns配置
sed -i "$ a nameserver 192.168.100.2" /etc/resolv.conf sed -i "$ a nameserver 114.114.114.114" /etc/resolv.conf
- 关闭防火墙、selinux、NetworkManager
systemctl disable NetworkManager Firewalld systemctl stop NetworkManager Firewalld sed -i '/^SELINUX/s/enforcing/disabled/' /etc/selinux/config
- 时间同步
/etc/chrony.conf controller: server ntp.aliyun.com iburst allow 192.168.200.0/24 local stratum 10 compute: server controller iburst
- 密钥分发
ssh-keygen ssh-copy-id root@controller ssh-copy-id root@compute
- yum源
sed -i 's#keepcache=0#keepcache=1#g' /etc/yum.conf wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
controller节点
ceph安装
- yum源
[Ceph] name=Ceph packages for $basearch baseurl=http://mirrors.aliyun.com/ceph/rpm-nautilus/el7/$basearch enabled=1 gpgcheck=0 type=rpm-md gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc priority=1 [Ceph-noarch] name=Ceph noarch packages baseurl=http://mirrors.aliyun.com/ceph/rpm-nautilus/el7/noarch enabled=1 gpgcheck=0 type=rpm-md gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc priority=1 [ceph-source] name=Ceph source packages baseurl=http://mirrors.aliyun.com/ceph/rpm-nautilus/el7/SRPMS enabled=1 gpgcheck=0 type=rpm-md gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc priority=1
- 开始安装
yum install -y ceph-deploy python-setuptools mkdir ./cluster && cd ./cluster yum install -y ceph #等于ceph-deploy install controller ceph-deploy new controller ceph-deploy mon create-initial ceph-deploy admin controller ceph-deploy mgr create controller ceph-deploy osd create --data /dev/sda4 controller
基本软件
- train源
yum install centos-release-openstack-train -y yum install openstack-utils -y yum install python-openstackclient -y
- mysql安装
yum install mariadb mariadb-server python2-PyMySQL -y cat > /etc/my.cnf.d/openstack.cnf <<- EOF [mysqld] bind-address = 192.168.200.200 default-storage-engine = innodb innodb_file_per_table = on max_connections = 4096 collation-server = utf8_general_ci character-set-server = utf8 EOF systemctl enable mariadb.service systemctl start mariadb.service expect <<-EOF &> /etc/null spawn mysql_secure_installation expect "*none*" { send "\n"; } expect "*Y/n*" { send "n\n"; } expect "*Y/n*" { send "y\n"; } expect "*Y/n*" { send "y\n"; } expect "*Y/n*" { send "y\n"; } expect "*Y/n*" { send "y\n"; } expect eof EOF
- rabbitmq安装
yum install rabbitmq-server -y systemctl enable rabbitmq-server.service systemctl start rabbitmq-server.service rabbitmqctl add_user openstack 000000 rabbitmqctl set_permissions openstack ".*" ".*" ".*"
- memcached安装
yum install memcached python-memcached -y sed -i '/OPTIONS/c\OPTIONS="-l 192.168.200.200"' /etc/sysconfig/memcached systemctl enable memcached.service systemctl start memcached.service
- etcd安装
yum install etcd -y cp /etc/etcd/etcd.conf{,.bak} cat > /etc/etcd/etcd.conf <<- EOF #[Member] ETCD_DATA_DIR="/var/lib/etcd/default.etcd" ETCD_LISTEN_PEER_URLS="http://192.168.200.200:2380" ETCD_LISTEN_CLIENT_URLS="http://192.168.200.200:2379" ETCD_NAME="controller" #[Clustering] ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.200.200:2380" ETCD_ADVERTISE_CLIENT_URLS="http://192.168.200.200:2379" ETCD_INITIAL_CLUSTER="controller=http://192.168.200.200:2380" ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01" ETCD_INITIAL_CLUSTER_STATE="new" EOF systemctl enable etcd systemctl start etcd
keystone
yum install openstack-keystone httpd mod_wsgi -y mysql -uroot -e "CREATE DATABASE keystone;GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '000000';" cp -a /etc/keystone/keystone.conf{,.bak} grep -Ev "^$|#" /etc/keystone/keystone.conf.bak > /etc/keystone/keystone.conf openstack-config --set /etc/keystone/keystone.conf database connection mysql+pymysql://keystone:$KEYSTONE_DBPASS@$IPADDR/keystone openstack-config --set /etc/keystone/keystone.conf token provider fernet su -s /bin/sh -c "keystone-manage db_sync" keystone keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone keystone-manage credential_setup --keystone-user keystone --keystone-group keystone keystone-manage bootstrap --bootstrap-password 000000 \ --bootstrap-admin-url http://192.168.200.200:5000/v3/ \ --bootstrap-internal-url http://192.168.200.200:5000/v3/ \ --bootstrap-public-url http://192.168.200.200:5000/v3/ \ --bootstrap-region-id RegionOne cp /etc/httpd/conf/httpd.conf{,.bak} sed -i "s/#ServerName www.example.com:80/ServerName controller/" /etc/httpd/conf/httpd.conf ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/ systemctl enable httpd.service systemctl start httpd.service sed -i "$ a export OS_USERNAME=admin" /root/.bashrc sed -i "$ a export OS_PASSWORD=000000" /root/.bashrc sed -i "$ a export OS_PROJECT_NAME=admin" /root/.bashrc sed -i "$ a export OS_USER_DOMAIN_NAME=Default" /root/.bashrc sed -i "$ a export OS_PROJECT_DOMAIN_NAME=Default" /root/.bashrc sed -i "$ a export OS_AUTH_URL=http://192.168.200.200:5000/v3" /root/.bashrc sed -i "$ a export OS_IDENTITY_API_VERSION=3" /root/.bashrc source ~/.bashrc openstack project create --domain default --description "Service Project" service
glance
yum install openstack-glance -y mysql -uroot -e "CREATE DATABASE glance;GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '000000';" openstack user create --domain default --password 000000 glance &> /etc/null openstack role add --project service --user glance admin &> /etc/null openstack service create --name glance --description "OpenStack Image" image openstack endpoint create --region RegionOne image public http://192.168.200.200:9292 openstack endpoint create --region RegionOne image internal http://192.168.200.200:9292 openstack endpoint create --region RegionOne image admin http://192.168.200.200:9292 cp -a /etc/glance/glance-api.conf{,.bak} cp -a /etc/glance/glance-registry.conf{,.bak} grep -Ev '^$|#' /etc/glance/glance-api.conf.bak > /etc/glance/glance-api.conf grep -Ev '^$|#' /etc/glance/glance-registry.conf.bak > /etc/glance/glance-registry.conf openstack-config --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:000000@192.168.200.200/glance openstack-config --set /etc/glance/glance-api.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000 openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://192.168.200.200:5000 openstack-config --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers 192.168.200.200:11211 openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_type password openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name Default openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name Default openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name services openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username glance openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password 000000 openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone ceph osd pool create images 64 64 ceph osd pool application enable images rbd ceph osd pool set images size 1 ceph auth get-or-create client.glance mon 'allow r' osd "images" -o /etc/ceph/ceph.client.glance.keyring chgrp glance /etc/ceph/ceph.client.glance.keyring sed -i "$ a client.glance" /etc/ceph/ceph.conf sed -i "$ a keyring = /etc/ceph/ceph.client.glance.keyring" /etc/ceph/ceph.conf openstack-config --set /etc/glance/glance-api.conf glance_store stores rbd openstack-config --set /etc/glance/glance-api.conf glance_store default_store rbd openstack-config --set /etc/glance/glance-api.conf glance_store rbd_store_pool images openstack-config --set /etc/glance/glance-api.conf glance_store rbd_store_user glance openstack-config --set /etc/glance/glance-api.conf glance_store rbd_store_ceph_conf /etc/ceph/ceph.conf su -s /bin/sh -c "glance-manage db_sync" glance systemctl enable openstack-glance-api.service systemctl start openstack-glance-api.service
placement
yum install openstack-placement-api -y mysql -uroot -e "CREATE DATABASE placement;GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' IDENTIFIED BY '000000';" openstack user create --domain default --password 000000 placement &> /etc/null openstack role add --project service --user placement admin &> /etc/null openstack service create --name placement --description "Placement API" placement openstack endpoint create --region RegionOne placement public http://192.168.200.200:8778 openstack endpoint create --region RegionOne placement internal http://192.168.200.200:8778 openstack endpoint create --region RegionOne placement admin http://192.168.200.200:8778 cp -a /etc/glance/glance-api.conf{,.bak} cp -a /etc/glance/glance-registry.conf{,.bak} grep -Ev '^$|#' /etc/glance/glance-api.conf.bak > /etc/glance/glance-api.conf grep -Ev '^$|#' /etc/glance/glance-registry.conf.bak > /etc/glance/glance-registry.conf openstack-config --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:000000@192.168.200.200/glance openstack-config --set /etc/glance/glance-api.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000 openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://192.168.200.200:5000 openstack-config --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers 192.168.200.200:11211 openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_type password openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name Default openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name Default openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name services openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username glance openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password 000000 openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone ceph osd pool create images 64 64 ceph osd pool application enable images rbd ceph osd pool set images size 1 ceph auth get-or-create client.glance mon 'allow r' osd "allow rwx pool=images" -o /etc/ceph/ceph.client.glance.keyring chgrp glance /etc/ceph/ceph.client.glance.keyring sed -i "$ a client.glance" /etc/ceph/ceph.conf sed -i "$ a keyring = /etc/ceph/ceph.client.glance.keyring" /etc/ceph/ceph.conf openstack-config --set /etc/glance/glance-api.conf glance_store stores rbd openstack-config --set /etc/glance/glance-api.conf glance_store default_store rbd openstack-config --set /etc/glance/glance-api.conf glance_store rbd_store_pool images openstack-config --set /etc/glance/glance-api.conf glance_store rbd_store_user glance openstack-config --set /etc/glance/glance-api.conf glance_store rbd_store_ceph_conf /etc/ceph/ceph.conf su -s /bin/sh -c "glance-manage db_sync" glance systemctl enable openstack-glance-api.service systemctl start openstack-glance-api.service
nova-controller
yum install openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler -y mysql -uroot -e "CREATE DATABASE nova_api;GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY '000000';" mysql -uroot -e "CREATE DATABASE nova;GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '000000';" mysql -uroot -e "CREATE DATABASE nova_cell0;GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY '000000';" openstack user create --domain default --password 000000 nova openstack role add --project service --user nova admin openstack service create --name nova --description "OpenStack Compute" compute openstack endpoint create --region RegionOne compute public http://192.168.200.200:8774/v2.1 openstack endpoint create --region RegionOne compute internal http://192.168.200.200:8774/v2.1 openstack endpoint create --region RegionOne compute admin http://192.168.200.200:8774/v2.1 cp -a /etc/nova/nova.conf{,.bak} grep -Ev '^$|#' /etc/nova/nova.conf.bak > /etc/nova/nova.conf openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 192.168.200.200 openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron true openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver openstack-config --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/ openstack-config --set /etc/nova/nova.conf api_database connection mysql+pymysql://nova:000000@192.168.200.200/nova_api openstack-config --set /etc/nova/nova.conf database connection mysql+pymysql://nova:000000@192.168.200.200/nova openstack-config --set /etc/nova/nova.conf placement_database connection mysql+pymysql://placement:000000@192.168.200.200/placement openstack-config --set /etc/nova/nova.conf api auth_strategy keystone \openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://192.168.200.200:5000/ openstack-config --set /etc/nova/nova.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/ openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers 192.168.200.200:11211 openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name Default openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name Default openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name services openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova openstack-config --set /etc/nova/nova.conf keystone_authtoken password 000000 openstack-config --set /etc/nova/nova.conf vnc enabled true openstack-config --set /etc/nova/nova.conf vnc server_listen 0.0.0.0 openstack-config --set /etc/nova/nova.conf vnc server_proxyclient_address '$my_ip' openstack-config --set /etc/nova/nova.conf glance api_servers http://192.168.200.200:9292/ openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp openstack-config --set /etc/nova/nova.conf placement region_name RegionOne openstack-config --set /etc/nova/nova.conf placement project_domain_name Default openstack-config --set /etc/nova/nova.conf placement project_name services openstack-config --set /etc/nova/nova.conf placement auth_type password openstack-config --set /etc/nova/nova.conf placement user_domain_name Default openstack-config --set /etc/nova/nova.conf placement auth_url http://192.168.200.200:5000/ openstack-config --set /etc/nova/nova.conf placement username placement openstack-config --set /etc/nova/nova.conf placement password 000000 openstack-config --set /etc/nova/nova.conf scheduler discover_hosts_in_cells_interval 300 su -s /bin/sh -c "nova-manage api_db sync" nova su -s /bin/sh -c "nova-manage cell_v2 map_cell0" su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova su -s /bin/sh -c "nova-manage db sync" systemctl enable openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service systemctl start openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
nova_compute
yum install openstack-nova-compute -y openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 192.168.200.200 openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron true openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver openstack-config --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/ openstack-config --set /etc/nova/nova.conf DEFAULT allow_resize_to_same_host True openstack-config --set /etc/nova/nova.conf DEFAULT force_raw_images True openstack-config --set /etc/nova/nova.conf DEFAULT volume_api_class nova.volume.cinder.API openstack-config --set /etc/nova/nova.conf api auth_strategy keystone openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://192.168.200.200:5000/ openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers 192.168.200.200:11211 openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name Default openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name Default openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name services openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova openstack-config --set /etc/nova/nova.conf keystone_authtoken password 000000 openstack-config --set /etc/nova/nova.conf vnc enabled true openstack-config --set /etc/nova/nova.conf vnc server_listen 0.0.0.0 openstack-config --set /etc/nova/nova.conf vnc server_proxyclient_address '$my_ip' openstack-config --set /etc/nova/nova.conf vnc novncproxy_base_url http://192.168.200.200:6080/vnc_auto.html openstack-config --set /etc/nova/nova.conf glance api_servers http://192.168.200.200:9292/ openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp openstack-config --set /etc/nova/nova.conf placement region_name RegionOne openstack-config --set /etc/nova/nova.conf placement project_domain_name Default openstack-config --set /etc/nova/nova.conf placement project_name services openstack-config --set /etc/nova/nova.conf placement auth_type password openstack-config --set /etc/nova/nova.conf placement user_domain_name Default openstack-config --set /etc/nova/nova.conf placement auth_url http://192.168.200.200:5000/ openstack-config --set /etc/nova/nova.conf placement username placement openstack-config --set /etc/nova/nova.conf placement password 000000 openstack-config --set /etc/nova/nova.conf libvirt virt_type kvm openstack-config --set /etc/nova/nova.conf libvirt live_migration_scheme ssh openstack-config --set /etc/nova/nova.conf libvirt live_migration_inbound_addr 192.168.200.200 ceph osd pool create vms 64 64 ceph osd pool application enable vms rbd ceph osd pool set vms size 1 ceph auth get-or-create client.nova mon 'allow r' osd "allow rwx pool=volumes, allow rwx pool=vms, allow rwx pool=images" -o /etc/ceph/ceph.client.nova.keyring chgrp glance /etc/ceph/ceph.client.nova.keyring sed -i "$ a client.nova" /etc/ceph/ceph.conf sed -i "$ a keyring = /etc/ceph/ceph.client.nova.keyring" /etc/ceph/ceph.conf cat >> /etc/ceph/secret-client.nova.xml <<EOF <secret ephemeral='no' private='no'> <uuid>$(cat /etc/ceph/uuid-client.nova)</uuid> <usage type='ceph'> <name>client.nova secret</name> </usage> </secret> EOF virsh secret-define --file /etc/ceph/secret-client.nova.xml ceph auth get-key client.nova -o /etc/ceph/client.nova.key virsh secret-set-value --secret $(cat /etc/ceph/uuid-client.nova) --base64 $(cat /etc/ceph/client.nova.key) openstack-config --set /etc/nova/nova.conf DEFAULT force_raw_images True openstack-config --set /etc/nova/nova.conf libvirt disk_cachemodes "\"network=writeback\"" openstack-config --set /etc/nova/nova.conf libvirt images_type rbd openstack-config --set /etc/nova/nova.conf libvirt images_rbd_pool vms openstack-config --set /etc/nova/nova.conf libvirt images_rbd_ceph_conf /etc/ceph/ceph.conf openstack-config --set /etc/nova/nova.conf libvirt rbd_user nova openstack-config --set /etc/nova/nova.conf libvirt rbd_secret_uuid $(cat /etc/ceph/uuid-client.nova) systemctl enable libvirtd.service openstack-nova-compute.service systemctl start libvirtd.service openstack-nova-compute.service
neutron_controller
yum install openstack-neutron openstack-neutron-ml2 ebtables -y mysql -uroot -e "CREATE DATABASE neutron;GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '000000';" openstack user create --domain default --password 000000 neutron openstack role add --project service --user neutron admin openstack service create --name neutron --description "OpenStack Networking" network openstack endpoint create --region RegionOne network public http://192.168.200.200:9696 openstack endpoint create --region RegionOne network internal http://192.168.200.200:9696 openstack endpoint create --region RegionOne network admin http://192.168.200.200:9696 cp -a /etc/neutron/neutron.conf{,.bak} grep -Ev '^$|#' /etc/neutron/neutron.conf.bak > /etc/neutron/neutron.conf openstack-config --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:000000@192.168.200.200/neutron openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2 openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins router openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/ openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes true openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes true openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips true openstack-config --set /etc/neutron/neutron.conf DEFAULT my_ip 192.168.200.200 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://192.168.200.200:5000/ openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/ openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers 192.168.200.200:11211 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name Default openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name Default openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name services openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password 000000 openstack-config --set /etc/neutron/neutron.conf vnc enabled true openstack-config --set /etc/neutron/neutron.conf vnc server_listen 0.0.0.0 openstack-config --set /etc/neutron/neutron.conf vnc server_proxyclient_address '$my_ip' openstack-config --set /etc/neutron/neutron.conf nova auth_url http://192.168.200.200:5000/ openstack-config --set /etc/neutron/neutron.conf nova auth_type password openstack-config --set /etc/neutron/neutron.conf nova project_domain_name Default openstack-config --set /etc/neutron/neutron.conf nova user_domain_name Default openstack-config --set /etc/neutron/neutron.conf nova region_name RegionOne openstack-config --set /etc/neutron/neutron.conf nova project_name services openstack-config --set /etc/neutron/neutron.conf nova username neutron openstack-config --set /etc/neutron/neutron.conf nova password 000000 openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vxlan openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types flat,vxlan openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers openvswitch,l2population openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks extnet openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan vni_ranges 1:1000 openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset true openstack-config --set /etc/nova/nova.conf neutron url http://192.168.200.200:9696 openstack-config --set /etc/nova/nova.conf neutron auth_url http://192.168.200.200:5000/v3/ openstack-config --set /etc/nova/nova.conf neutron memcached_servers 192.168.200.200:11211 openstack-config --set /etc/nova/nova.conf neutron auth_type v3password openstack-config --set /etc/nova/nova.conf neutron project_domain_name Default openstack-config --set /etc/nova/nova.conf neutron user_domain_name Default openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne openstack-config --set /etc/nova/nova.conf neutron project_name services openstack-config --set /etc/nova/nova.conf neutron username neutron openstack-config --set /etc/nova/nova.conf neutron password 000000 openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy true openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret 000000 ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron systemctl enable neutron-server.service systemctl start neutron-server.service
neutron_network
yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch ebtables -y openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/ openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://192.168.200.200:5000/v3/ openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/v3/ openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers 192.168.200.200:11211 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name Default openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name Default openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name services openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password 000000 openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata true openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver openvswitch openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT force_metadata true openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_host 192.168.200.200 openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret 000000 openstack-config --set /etc/neutron/l3_agent.ini DEFAULT interface_driver openvswitch systemctl enable neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service systemctl start neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
neutron_compute
yum install neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service -y openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/ openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_resize_to_same_host True openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_migrate_to_same_hostTrue openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://192.168.200.200:5000/ openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/ openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers 192.168.200.200:11211 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name Default openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name Default openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name services openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password 000000 openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini linux_openvswitch physical_interface_mappings extnet:ens33 openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini agent tunnel_types vxlan openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini agent l2_population true openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini ovs bridge_mappings extnet:br-ex openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini ovs local_ip 192.168.200.200 openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini securitygroup enable_security_group true openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini securitygroup firewall_driver iptables_hybrid openstack-config --set /etc/nova/nova.conf neutron auth_url http://192.168.200.200:5000/v3/ openstack-config --set /etc/nova/nova.conf neutron auth_type v3password openstack-config --set /etc/nova/nova.conf neutron project_domain_name Default openstack-config --set /etc/nova/nova.conf neutron user_domain_name Default openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne openstack-config --set /etc/nova/nova.conf neutron project_name services openstack-config --set /etc/nova/nova.conf neutron username neutron openstack-config --set /etc/nova/nova.conf neutron password 000000 systemctl enable neutron-openvswitch-agent.service systemctl start neutron-openvswitch-agent.service ovs-vsctl add-br br-ex ovs-vsctl add-port br-ex ens33 echo "TYPE=Ethernet" >> /etc/sysconfig/network-scripts/ifcfg-ens33 echo "BOOTPROTO=none" >> /etc/sysconfig/network-scripts/ifcfg-ens33 echo "NAME=ens33" >> /etc/sysconfig/network-scripts/ifcfg-ens33 echo "DEVICE=ens33" >> /etc/sysconfig/network-scripts/ifcfg-ens33 echo "ONBOOT=yes" >> /etc/sysconfig/network-scripts/ifcfg-ens33 rm -f /etc/sysconfig/network-scripts/ifcfg-br-ex echo "TYPE=Ethernet" >> /etc/sysconfig/network-scripts/ifcfg-br-ex echo "BOOTPROTO=none" >> /etc/sysconfig/network-scripts/ifcfg-br-ex echo "NAME=br-ex" >> /etc/sysconfig/network-scripts/ifcfg-br-ex echo "DEVICE=br-ex" >> /etc/sysconfig/network-scripts/ifcfg-br-ex echo "IPADDR=192.168.100.100" >> /etc/sysconfig/network-scripts/ifcfg-br-ex echo "PREFIX=24" >> /etc/sysconfig/network-scripts/ifcfg-br-ex echo "GATEWAY=192.168.100.2" >> /etc/sysconfig/network-scripts/ifcfg-br-ex echo "DEFROUTE=yes" >> /etc/sysconfig/network-scripts/ifcfg-br-ex echo "ONBOOT=yes" >> /etc/sysconfig/network-scripts/ifcfg-br-ex service network restart
horizon
yum install openstack-dashboard -y rm -f /etc/openstack-dashboard/local_settings openssl rand -hex 10 52141c41dc456eadb871 echo >> /etc/openstack-dashboard/local_settings <<- EOF # -*- coding: utf-8 -*- import os from django.utils.translation import ugettext_lazy as _ from openstack_dashboard.settings import HORIZON_CONFIG DEBUG = False ALLOWED_HOSTS = ['*'] LOCAL_PATH = '/tmp' SECRET_KEY='52141c41dc456eadb871' SESSION_ENGINE = 'django.contrib.sessions.backends.cache' CACHES = { 'default': { 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', 'LOCATION': 'controller:11211', } } EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' OPENSTACK_HOST = "controller" OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True OPENSTACK_API_VERSIONS = { "identity": 3, "image": 2, "volume": 3, } OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default" OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user" OPENSTACK_NEUTRON_NETWORK = { 'enable_auto_allocated_network': False, 'enable_distributed_router': False, 'enable_fip_topology_check': False, 'enable_ha_router': False, 'enable_lb': False, 'enable_firewall': False, 'enable_vpn': False, 'enable_ipv6': False, 'enable_quotas': False, 'enable_rbac_policy': False, 'enable_router': True, 'default_dns_nameservers': [], 'supported_provider_types': ['*'], 'segmentation_id_range': {}, 'extra_provider_types': {}, 'supported_vnic_types': ['*'], 'physical_networks': [], } TIME_ZONE = "Asia/Shanghai" LOGGING = { 'version': 1, 'disable_existing_loggers': False, 'formatters': { 'console': { 'format': '%(levelname)s %(name)s %(message)s' }, 'operation': { 'format': '%(message)s' }, }, 'handlers': { 'null': { 'level': 'DEBUG', 'class': 'logging.NullHandler', }, 'console': { 'level': 'DEBUG' if DEBUG else 'INFO', 'class': 'logging.StreamHandler', 'formatter': 'console', }, 'operation': { 'level': 'INFO', 'class': 'logging.StreamHandler', 'formatter': 'operation', }, }, 'loggers': { 'horizon': { 'handlers': ['console'], 'level': 'DEBUG', 'propagate': False, }, 'horizon.operation_log': { 'handlers': ['operation'], 'level': 'INFO', 'propagate': False, }, 'openstack_dashboard': { 'handlers': ['console'], 'level': 'DEBUG', 'propagate': False, }, 'novaclient': { 'handlers': ['console'], 'level': 'DEBUG', 'propagate': False, }, 'cinderclient': { 'handlers': ['console'], 'level': 'DEBUG', 'propagate': False, }, 'keystoneauth': { 'handlers': ['console'], 'level': 'DEBUG', 'propagate': False, }, 'keystoneclient': { 'handlers': ['console'], 'level': 'DEBUG', 'propagate': False, }, 'glanceclient': { 'handlers': ['console'], 'level': 'DEBUG', 'propagate': False, }, 'neutronclient': { 'handlers': ['console'], 'level': 'DEBUG', 'propagate': False, }, 'swiftclient': { 'handlers': ['console'], 'level': 'DEBUG', 'propagate': False, }, 'oslo_policy': { 'handlers': ['console'], 'level': 'DEBUG', 'propagate': False, }, 'openstack_auth': { 'handlers': ['console'], 'level': 'DEBUG', 'propagate': False, }, 'django': { 'handlers': ['console'], 'level': 'DEBUG', 'propagate': False, }, 'django.db.backends': { 'handlers': ['null'], 'propagate': False, }, 'requests': { 'handlers': ['null'], 'propagate': False, }, 'urllib3': { 'handlers': ['null'], 'propagate': False, }, 'chardet.charsetprober': { 'handlers': ['null'], 'propagate': False, }, 'iso8601': { 'handlers': ['null'], 'propagate': False, }, 'scss': { 'handlers': ['null'], 'propagate': False, }, }, } SECURITY_GROUP_RULES = { 'all_tcp': { 'name': _('All TCP'), 'ip_protocol': 'tcp', 'from_port': '1', 'to_port': '65535', }, 'all_udp': { 'name': _('All UDP'), 'ip_protocol': 'udp', 'from_port': '1', 'to_port': '65535', }, 'all_icmp': { 'name': _('All ICMP'), 'ip_protocol': 'icmp', 'from_port': '-1', 'to_port': '-1', }, 'ssh': { 'name': 'SSH', 'ip_protocol': 'tcp', 'from_port': '22', 'to_port': '22', }, 'smtp': { 'name': 'SMTP', 'ip_protocol': 'tcp', 'from_port': '25', 'to_port': '25', }, 'dns': { 'name': 'DNS', 'ip_protocol': 'tcp', 'from_port': '53', 'to_port': '53', }, 'http': { 'name': 'HTTP', 'ip_protocol': 'tcp', 'from_port': '80', 'to_port': '80', }, 'pop3': { 'name': 'POP3', 'ip_protocol': 'tcp', 'from_port': '110', 'to_port': '110', }, 'imap': { 'name': 'IMAP', 'ip_protocol': 'tcp', 'from_port': '143', 'to_port': '143', }, 'ldap': { 'name': 'LDAP', 'ip_protocol': 'tcp', 'from_port': '389', 'to_port': '389', }, 'https': { 'name': 'HTTPS', 'ip_protocol': 'tcp', 'from_port': '443', 'to_port': '443', }, 'smtps': { 'name': 'SMTPS', 'ip_protocol': 'tcp', 'from_port': '465', 'to_port': '465', }, 'imaps': { 'name': 'IMAPS', 'ip_protocol': 'tcp', 'from_port': '993', 'to_port': '993', }, 'pop3s': { 'name': 'POP3S', 'ip_protocol': 'tcp', 'from_port': '995', 'to_port': '995', }, 'ms_sql': { 'name': 'MS SQL', 'ip_protocol': 'tcp', 'from_port': '1433', 'to_port': '1433', }, 'mysql': { 'name': 'MYSQL', 'ip_protocol': 'tcp', 'from_port': '3306', 'to_port': '3306', }, 'rdp': { 'name': 'RDP', 'ip_protocol': 'tcp', 'from_port': '3389', 'to_port': '3389', }, } EOF python /usr/share/openstack-dashboard/manage.py make_web_conf --apache > /etc/httpd/conf.d/openstack-dashboard.conf ln -s /etc/openstack-dashboard /usr/share/openstack-dashboard/openstack_dashboard/conf chown -R apache:apache /usr/share/openstack-dashboard/ systemctl restart httpd.service memcached.service
cinder_controller
yum install openstack-cinder -y mysql -uroot -e "CREATE DATABASE cinder;GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY '000000';GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY '000000';" openstack user create --domain default --password 000000 cinder openstack role add --project service --user cinder admin openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2 openstack service create --name cinderv3 --description "OpenStack Block Storage" volumev3 openstack endpoint create --region RegionOne volumev2 public http://192.168.200.200:8776/v2/%\(project_id\)s openstack endpoint create --region RegionOne volumev2 internal http://192.168.200.200:8776/v2/%\(project_id\)s openstack endpoint create --region RegionOne volumev2 admin http://192.168.200.200:8776/v2/%\(project_id\)s openstack endpoint create --region RegionOne volumev3 public http://192.168.200.200:8776/v3/%\(project_id\)s openstack endpoint create --region RegionOne volumev3 internal http://192.168.200.200:8776/v3/%\(project_id\)s openstack endpoint create --region RegionOne volumev3 admin http://192.168.200.200:8776/v3/%\(project_id\)s cp -a /etc/cinder/cinder.conf{,.bak} grep -Ev '^$|#' /etc/cinder/cinder.conf.bak > /etc/cinder/cinder.conf openstack-config --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:000000@192.168.200.200/cinder openstack-config --set /etc/cinder/cinder.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/ openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone openstack-config --set /etc/cinder/cinder.conf DEFAULT storage_availability_zone nova openstack-config --set /etc/cinder/cinder.conf DEFAULT default_availability_zone nova openstack-config --set /etc/cinder/cinder.conf DEFAULT enable_v3_api True openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip 192.168.200.200 openstack-config --set /etc/cinder/cinder.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/v3/ openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://192.168.200.200:5000/v3/ openstack-config --set /etc/cinder/cinder.conf keystone_authtoken memcached_servers 192.168.200.200:11211 openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_type password openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_name Default openstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_name Default openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name services openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password 000000 openstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp openstack-config --set /etc/nova/nova.conf cinder os_region_name RegionOne su -s /bin/sh -c "cinder-manage db sync" cinder systemctl enable openstack-nova-api.service openstack-cinder-api.service openstack-cinder-scheduler.service systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service
cinder_storage
openstack-config --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:000000@192.168.200.200/cinder openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip 192.168.200.200 openstack-config --set /etc/cinder/cinder.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/ openstack-config --set /etc/cinder/cinder.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/v3/ openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://192.168.200.200:5000/v3/ openstack-config --set /etc/cinder/cinder.conf keystone_authtoken memcached_servers 192.168.200.200:11211 openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_type password openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_name Default openstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_name Default openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name services openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password 000000 openstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp ceph osd pool create cinder 64 64 ceph osd pool application enable cinder rbd ceph osd pool set cinder size 1 ceph auth get-or-create client.nova mon 'allow r' osd "volumes" "client.cinder" "allow rwx pool=images, allow rwx pool=volumes" -o /etc/ceph/ceph.client.cinder.keyring chgrp glance /etc/ceph/ceph.client.cinder.keyring sed -i "$ a client.cinder" /etc/ceph/cinder.conf sed -i "$ a keyring = /etc/ceph/ceph.client.cinder.keyring" /etc/ceph/ceph.conf cat >> /etc/ceph/secret-client.cinder.xml <<EOF <secret ephemeral='no' private='no'> <uuid>$(cat /etc/ceph/uuid-client.cinder)</uuid> <usage type='ceph'> <name>client.cinder secret</name> </usage> </secret> EOF virsh secret-define --file /etc/ceph/secret-client.cinder.xml ceph auth get-key client.cinder -o /etc/ceph/client.cinder.key virsh secret-set-value --secret $(cat /etc/ceph/uuid-client.cinder) --base64 $(cat /etc/ceph/client.cinder.key) openstack-config --set /etc/cinder/cinder.conf DEFAULT enabled_backends ceph openstack-config --set /etc/cinder/cinder.conf DEFAULT default_volume_type ceph openstack-config --set /etc/cinder/cinder.conf DEFAULT glance_api_servers http://192.168.200.200:9292 openstack-config --set /etc/cinder/cinder.conf ceph volume_driver cinder.volume.drivers.rbd.RBDDriver openstack-config --set /etc/cinder/cinder.conf ceph volume_backend_name ceph openstack-config --set /etc/cinder/cinder.conf ceph rbd_pool volumes openstack-config --set /etc/cinder/cinder.conf ceph rbd_ceph_conf /etc/ceph/ceph.conf openstack-config --set /etc/cinder/cinder.conf ceph rbd_flatten_volume_from_snapshot false openstack-config --set /etc/cinder/cinder.conf ceph rbd_max_clone_depth 5 openstack-config --set /etc/cinder/cinder.conf ceph rbd_store_chunk_size 4 openstack-config --set /etc/cinder/cinder.conf ceph rados_connect_timeout -1 openstack-config --set /etc/cinder/cinder.conf ceph glance_api_version 2 openstack-config --set /etc/cinder/cinder.conf ceph rbd_user cinder openstack-config --set /etc/cinder/cinder.conf ceph rbd_secret_uuid $(cat /etc/ceph/uuid-client.cinder) cinder type-create ceph cinder type-key ceph set volume_backend_name=ceph systemctl start openstack-cinder-volume.service systemctl enable openstack-cinder-volume.service
compute节点
ceph安装
- yum源
[Ceph] name=Ceph packages for $basearch baseurl=http://mirrors.aliyun.com/ceph/rpm-nautilus/el7/$basearch enabled=1 gpgcheck=0 type=rpm-md gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc priority=1 [Ceph-noarch] name=Ceph noarch packages baseurl=http://mirrors.aliyun.com/ceph/rpm-nautilus/el7/noarch enabled=1 gpgcheck=0 type=rpm-md gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc priority=1 [ceph-source] name=Ceph source packages baseurl=http://mirrors.aliyun.com/ceph/rpm-nautilus/el7/SRPMS enabled=1 gpgcheck=0 type=rpm-md gpgkey=https://mirrors.aliyun.com/ceph/keys/release.asc priority=1
- 开始安装
计算节点: yum install -y ceph 控制节点: cd ./cluster echo "public_network = 192.168.200.0/24" >> ceph.conf ceph-deploy osd create --data /dev/sda4 compute ceph-deploy admin compute
yum源
yum install centos-release-openstack-train -y yum install openstack-utils -y yum install python-openstackclient -y
nova_compute
yum install openstack-nova-compute -y openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 192.168.200.201 openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron true openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver openstack-config --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/ openstack-config --set /etc/nova/nova.conf DEFAULT allow_resize_to_same_host True openstack-config --set /etc/nova/nova.conf DEFAULT force_raw_images True openstack-config --set /etc/nova/nova.conf DEFAULT volume_api_class nova.volume.cinder.API openstack-config --set /etc/nova/nova.conf api auth_strategy keystone openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://192.168.200.200:5000/ openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers 192.168.200.200:11211 openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name Default openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name Default openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name services openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova openstack-config --set /etc/nova/nova.conf keystone_authtoken password 000000 openstack-config --set /etc/nova/nova.conf vnc enabled true openstack-config --set /etc/nova/nova.conf vnc server_listen 0.0.0.0 openstack-config --set /etc/nova/nova.conf vnc server_proxyclient_address '$my_ip' openstack-config --set /etc/nova/nova.conf vnc novncproxy_base_url http://192.168.200.200:6080/vnc_auto.html openstack-config --set /etc/nova/nova.conf glance api_servers http://192.168.200.200:9292/ openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp openstack-config --set /etc/nova/nova.conf placement region_name RegionOne openstack-config --set /etc/nova/nova.conf placement project_domain_name Default openstack-config --set /etc/nova/nova.conf placement project_name services openstack-config --set /etc/nova/nova.conf placement auth_type password openstack-config --set /etc/nova/nova.conf placement user_domain_name Default openstack-config --set /etc/nova/nova.conf placement auth_url http://192.168.200.200:5000/ openstack-config --set /etc/nova/nova.conf placement username placement openstack-config --set /etc/nova/nova.conf placement password 000000 openstack-config --set /etc/nova/nova.conf libvirt virt_type kvm openstack-config --set /etc/nova/nova.conf libvirt live_migration_scheme ssh openstack-config --set /etc/nova/nova.conf libvirt live_migration_inbound_addr 192.168.200.201 scp root@controller:/etc/ceph/ceph.client.nova.keyring /etc/ceph/ scp root@controller:/etc/ceph/uuid-client.nova /etc/ceph/ scp root@controller:/etc/ceph/client.nova.key /etc/ceph/ virsh secret-define --file /etc/ceph/secret-client.nova.xml virsh secret-set-value --secret $(cat /etc/ceph/uuid-client.nova) --base64 $(cat /etc/ceph/client.nova.key) openstack-config --set /etc/nova/nova.conf DEFAULT force_raw_images True openstack-config --set /etc/nova/nova.conf libvirt disk_cachemodes "\"network=writeback\"" openstack-config --set /etc/nova/nova.conf libvirt images_type rbd openstack-config --set /etc/nova/nova.conf libvirt images_rbd_pool vms openstack-config --set /etc/nova/nova.conf libvirt images_rbd_ceph_conf /etc/ceph/ceph.conf openstack-config --set /etc/nova/nova.conf libvirt rbd_user nova openstack-config --set /etc/nova/nova.conf libvirt rbd_secret_uuid $(cat /etc/ceph/uuid-client.nova) chgrp glance /etc/ceph/ceph.client.nova.keyring systemctl enable libvirtd.service openstack-nova-compute.service systemctl start libvirtd.service openstack-nova-compute.service
neutron_compute
yum install neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service -y openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/ openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_resize_to_same_host True openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_migrate_to_same_hostTrue openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://192.168.200.200:5000/ openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/ openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers 192.168.200.200:11211 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name Default openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name Default openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name services openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password 000000 openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini linux_openvswitch physical_interface_mappings extnet:ens33 openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini agent tunnel_types vxlan openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini agent l2_population true openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini ovs bridge_mappings extnet:br-ex openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini ovs local_ip 192.168.200.201 openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini securitygroup enable_security_group true openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini securitygroup firewall_driver iptables_hybrid openstack-config --set /etc/nova/nova.conf neutron auth_url http://192.168.200.200:5000/v3/ openstack-config --set /etc/nova/nova.conf neutron auth_type v3password openstack-config --set /etc/nova/nova.conf neutron project_domain_name Default openstack-config --set /etc/nova/nova.conf neutron user_domain_name Default openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne openstack-config --set /etc/nova/nova.conf neutron project_name services openstack-config --set /etc/nova/nova.conf neutron username neutron openstack-config --set /etc/nova/nova.conf neutron password 000000 systemctl enable neutron-openvswitch-agent.service systemctl start neutron-openvswitch-agent.service ovs-vsctl add-br br-ex ovs-vsctl add-port br-ex ens33 echo "TYPE=Ethernet" >> /etc/sysconfig/network-scripts/ifcfg-ens33 echo "BOOTPROTO=none" >> /etc/sysconfig/network-scripts/ifcfg-ens33 echo "NAME=ens33" >> /etc/sysconfig/network-scripts/ifcfg-ens33 echo "DEVICE=ens33" >> /etc/sysconfig/network-scripts/ifcfg-ens33 echo "ONBOOT=yes" >> /etc/sysconfig/network-scripts/ifcfg-ens33 rm -f /etc/sysconfig/network-scripts/ifcfg-br-ex echo "TYPE=Ethernet" >> /etc/sysconfig/network-scripts/ifcfg-br-ex echo "BOOTPROTO=none" >> /etc/sysconfig/network-scripts/ifcfg-br-ex echo "NAME=br-ex" >> /etc/sysconfig/network-scripts/ifcfg-br-ex echo "DEVICE=br-ex" >> /etc/sysconfig/network-scripts/ifcfg-br-ex echo "IPADDR=192.168.100.101" >> /etc/sysconfig/network-scripts/ifcfg-br-ex echo "PREFIX=24" >> /etc/sysconfig/network-scripts/ifcfg-br-ex echo "GATEWAY=192.168.100.2" >> /etc/sysconfig/network-scripts/ifcfg-br-ex echo "DEFROUTE=yes" >> /etc/sysconfig/network-scripts/ifcfg-br-ex echo "ONBOOT=yes" >> /etc/sysconfig/network-scripts/ifcfg-br-ex service network restart
cinder_storage
openstack-config --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:000000@192.168.200.200/cinder openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip 192.168.200.201 openstack-config --set /etc/cinder/cinder.conf DEFAULT transport_url rabbit://openstack:000000@192.168.200.200:5672/ openstack-config --set /etc/cinder/cinder.conf keystone_authtoken www_authenticate_uri http://192.168.200.200:5000/v3/ openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://192.168.200.200:5000/v3/ openstack-config --set /etc/cinder/cinder.conf keystone_authtoken memcached_servers 192.168.200.200:11211 openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_type password openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_name Default openstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_name Default openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name services openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password 000000 openstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp scp root@controller:/etc/ceph/ceph.client.cinder.keyring /etc/ceph/ scp root@controller:/etc/ceph/uuid-client.cinder /etc/ceph/ scp root@controller:/etc/ceph/client.cinder.key /etc/ceph/ virsh secret-define --file /etc/ceph/secret-client.cinder.xml virsh secret-set-value --secret $(cat /etc/ceph/uuid-client.cinder) --base64 $(cat /etc/ceph/client.cinder.key) openstack-config --set /etc/cinder/cinder.conf DEFAULT enabled_backends ceph openstack-config --set /etc/cinder/cinder.conf DEFAULT default_volume_type ceph openstack-config --set /etc/cinder/cinder.conf DEFAULT glance_api_servers http://192.168.200.200:9292 openstack-config --set /etc/cinder/cinder.conf ceph volume_driver cinder.volume.drivers.rbd.RBDDriver openstack-config --set /etc/cinder/cinder.conf ceph volume_backend_name ceph openstack-config --set /etc/cinder/cinder.conf ceph rbd_pool volumes openstack-config --set /etc/cinder/cinder.conf ceph rbd_ceph_conf /etc/ceph/ceph.conf openstack-config --set /etc/cinder/cinder.conf ceph rbd_flatten_volume_from_snapshot false openstack-config --set /etc/cinder/cinder.conf ceph rbd_max_clone_depth 5 openstack-config --set /etc/cinder/cinder.conf ceph rbd_store_chunk_size 4 openstack-config --set /etc/cinder/cinder.conf ceph rados_connect_timeout -1 openstack-config --set /etc/cinder/cinder.conf ceph glance_api_version 2 openstack-config --set /etc/cinder/cinder.conf ceph rbd_user cinder openstack-config --set /etc/cinder/cinder.conf ceph rbd_secret_uuid $(cat /etc/ceph/uuid-client.cinder) chgrp glance /etc/ceph/ceph.client.cinder.keyring systemctl start openstack-cinder-volume.service systemctl enable openstack-cinder-volume.service
热迁移
结合参数:
libvirt live_migration_scheme = ssh libvirt live_migration_inbound_addr = 192.168.200.200 libvirt live_migration_scheme = ssh libvirt live_migration_inbound_addr = 192.168.200.201
usermod -s "/bin/bash" nova echo "nova" | passwd nova --stdin su - nova ssh-keygen ssh-copy-id root@controller ssh-copy-id root@compute
-
Openstack
2016-07-22 22:51:58OpenStack云平台技术是云计算技术中的主流技术,已得到大量主流商业厂商和研究机构的大力支持。在未来的几年中,OpenStack会对云计算以及IT领域产生极大的影响。由于云计算本身的复杂性,Openstack系统对于初学者...OpenStack云平台技术是云计算技术中的主流技术,已得到大量主流商业厂商和研究机构的大力支持。在未来的几年中,OpenStack会对云计算以及IT领域产生极大的影响。由于云计算本身的复杂性,Openstack系统对于初学者显得过于繁杂,自学者往往在各种部署难题前因难而退。各种崭新的概念,对于新接触Openstack平台的人,往往会觉得困惑和难以理解,进而转化为畏惧。 本课程历数了云计算及各种流行云平台的特点,之后重点阐述从OpenStack开源云平台的发展历程、体系架构、关键技术、主要应用领域以及相应的发展策略。
云计算及 OpenStack 云平台技术的机遇与挑战
1、OpenStack 云平台介绍
2、OpenStack 项目介绍
3、OpenStack 开源社区现状、动态和未来方向
4、OpenStack 项目整体基本架构及演进
5、基于OpenStack实现的成功案例介绍
6、OpenStack 云平台与其他几种云平台的比较 (OpenStack,CloudStack,OpenNebula,Docker)Openstack底层技术及通用组件讲解
1、计算机虚拟化相关技术讲解
2、网络虚拟化相关技术讲解
3、Openstack通用组件讲解第三课 OpenStack安装和部署
1、OpenStack安装部署过程(给出详细安装过程)
2、使用devstack安装部署OpenStack,搭建开发环境
3、openstack目录组织结构及配置文件第四课 OpenStack 基本功能操作
1、openstack管理界面包括哪些基础功能
2、openstack环境中创建虚拟机流程
3、OpenStack 管理员使用
用户和项目管理
用户网络存储和计算机资源管理
用户项目安全租的管理
4、OpenStack 租户使用
虚拟机操作管理
创建虚拟网络以及外部IP的管理
用户如何管理使用块存储
用户如何管理基于对象存储OpenStack 核心组件详解
1、OpenStack 中的 keystone 模块详解
2、OpenStack 中的 Cinder模块详解
3、OpenStack 中的 Swift模块详解OpenStack 核心组件Glance 模块详解
1、Glance架构及其原理分析
2、Glance后端存储介绍及其缓存机制
3、Glance状态迁移
4、如何制作镜像文件OpenStack 核心组件Neutron模块详解(1)
1、Neutron架构及其原理分析
2、Neutron基本概念介绍:Network、Subnet、Port
3、DHCP服务介绍
4、Router服务介绍OpenStack 核心组件详解Neutron模块详解(2)
1、负载均衡服务LBaaS
2、neutron网络功能详解
3、neutron实现qos功能OpenStack 核心组件Nova模块详解
1、Nova架构及其原理分析
2、Nova配置文件介绍及其优化
3、Nova相关服务详细介绍OpenStack开发
1、WSGI架构
2、OpenStack API介绍
3、如何编写API
4、如何为API扩展功能OpenStack开发Horizon定制开发
1、horizon组成及各个模块讲解
2、horizon如何调用其他组件的API
3、Horizon的定制开发。例如为文件存储(Swift)自定义账号和存储空间OpenStack运维
1、OpenStack自动化部署
2、OpenStack监控
3、OpenStack高可用部署讲解
4、OpenStack常见错误与处理环境
1)笔记本电脑一台,内存>4G,可用磁盘空间大于50G;
2)安装VirtualBox 或VMWARE workstation虚拟机软件,并配置好虚拟网络;
3)安装好2-3台Ubuntu-14.04 Server-x86_64的VM虚拟机。
4)OpenStack版本:Kilo
软件准备
OpenStack版本:Kilo
操作系统:Ubuntu-14.04 Server-x86_64
1)熟悉Linux基本命令及系统管理。
2)熟悉基本的网络知识。
3)熟悉虚拟化技术。
4)有一定的开发基础;
涉及语言
Python
Linux Shell1)对云计算有一个整体的认识
2)学员在认真听取学完本次课程,能够根据官方文档,独立搭建一套openstack环境
3)能够知道从事openstack工作,有哪些方向可选,各方向需要掌握哪些基础
4)能够熟练使用openstack,创建虚拟机,配置网络,创建负载均衡等
5)能够对openstack代码进行自定义改造
6)能够熟练跟踪从页面点击一个按钮或者链接,如何一步步走到底层后台libvirt及kvm
7)能够对openstack的网络相关技术有一定程度理解 -
OpenStack
2016-07-15 17:26:05记录一个OpenStack的bug 启动实例的时候会报出500错误, 启动实例命令 nova boot --flavor 1 --key_name demo-key --image d7057028-a498-4576-86b4-e6aef50dab69 test1 日志路径/var/log/nova/nova-api.log...记录一个OpenStack的bug
启动实例的时候会报出500错误,启动实例命令nova boot --flavor 1 --key_name demo-key --image d7057028-a498-4576-86b4-e6aef50dab69 test1日志路径/var/log/nova/nova-api.log记录如下:2016-07-15 17:06:25.082 43889 ERROR nova.api.openstack [req-90a0ab9d-a502-41cf-b530-3d1e59abcf5d 1b02500be9164beeba3626ccad78e66b fd6862f998934437b31d4e9038b17eb6 - - -] Caught error: id
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack Traceback (most recent call last):
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/nova/api/openstack/__init__.py", line 125, in __call__
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack return req.get_response(self.application)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/webob/request.py", line 1317, in send
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack application, catch_exc_info=False)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/webob/request.py", line 1281, in call_application
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack app_iter = application(self.environ, start_response)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/webob/dec.py", line 144, in __call__
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack return resp(environ, start_response)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/keystonemiddleware/auth_token/__init__.py", line 634, in __call__
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack return self._call_app(env, start_response)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/keystonemiddleware/auth_token/__init__.py", line 554, in _call_app
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack return self._app(env, _fake_start_response)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/webob/dec.py", line 144, in __call__
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack return resp(environ, start_response)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/webob/dec.py", line 144, in __call__
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack return resp(environ, start_response)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/routes/middleware.py", line 131, in __call__
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack response = self.app(environ, start_response)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/webob/dec.py", line 144, in __call__
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack return resp(environ, start_response)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/webob/dec.py", line 130, in __call__
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack resp = self.call_func(req, *args, **self.kwargs)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/webob/dec.py", line 195, in call_func
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack return self.func(req, *args, **kwargs)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/nova/api/openstack/wsgi.py", line 756, in __call__
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack content_type, body, accept)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/nova/api/openstack/wsgi.py", line 821, in _process_stack
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack action_result = self.dispatch(meth, request, action_args)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/nova/api/openstack/wsgi.py", line 911, in dispatch
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack return method(req=request, **action_args)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/nova/api/openstack/compute/servers.py", line 636, in create
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack self._handle_create_exception(*sys.exc_info())
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/nova/api/openstack/compute/servers.py", line 465, in _handle_create_exception
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack six.reraise(*exc_info)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/nova/api/openstack/compute/servers.py", line 621, in create
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack check_server_group_quota=check_server_group_quota)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/nova/hooks.py", line 149, in inner
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack rv = f(*args, **kwargs)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/nova/compute/api.py", line 1543, in create
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack check_server_group_quota=check_server_group_quota)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/nova/compute/api.py", line 1128, in _create_instance
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack image_id, boot_meta = self._get_image(context, image_href)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/nova/compute/api.py", line 818, in _get_image
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack image = self.image_api.get(context, image_href)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/nova/image/api.py", line 93, in get
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack show_deleted=show_deleted)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/nova/image/glance.py", line 309, in show
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack include_locations=include_locations)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/nova/image/glance.py", line 483, in _translate_from_glance
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack include_locations=include_locations)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/nova/image/glance.py", line 545, in _extract_attributes
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack queued = getattr(image, 'status') == 'queued'
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/glanceclient/openstack/common/apiclient/base.py", line 491, in __getattr__
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack self.get()
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/glanceclient/openstack/common/apiclient/base.py", line 509, in get
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack new = self.manager.get(self.id)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack File "/usr/lib/python2.7/site-packages/glanceclient/openstack/common/apiclient/base.py", line 494, in __getattr__
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack raise AttributeError(k)
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack AttributeError: id
2016-07-15 17:06:25.082 43889 TRACE nova.api.openstack
2016-07-15 17:06:25.089 43889 INFO nova.api.openstack [req-90a0ab9d-a502-41cf-b530-3d1e59abcf5d 1b02500be9164beeba3626ccad78e66b fd6862f998934437b31d4e9038b17eb6 - - -] http://controller1:8774/v2/fd6862f998934437b31d4e9038b17eb6/servers returned with HTTP 500
2016-07-15 17:06:25.091 43889 INFO nova.osapi_compute.wsgi.server [req-90a0ab9d-a502-41cf-b530-3d1e59abcf5d 1b02500be9164beeba3626ccad78e66b fd6862f998934437b31d4e9038b17eb6 - - -] 172.16.200.107 "POST /v2/fd6862f998934437b31d4e9038b17eb6/servers HTTP/1.1" status: 500 len: 359 time: 0.5674710
2016-07-15 17:06:25.177 43851 INFO nova.osapi_compute.wsgi.server [req-69b3c36e-2ae9-4634-ae7c-28c0d22bd2e6 1b02500be9164beeba3626ccad78e66b fd6862f998934437b31d4e9038b17eb6 - - -] 172.16.200.107 "GET /v2/fd6862f998934437b31d4e9038b17eb6/servers/detail?limit=21&project_id=fd6862f998934437b31d4e9038b17eb6 HTTP/1.1" status: 200 len: 211 time: 0.0638170
2016-07-15 17:06:25.980 43887 INFO nova.osapi_compute.wsgi.server [req-3facdbdc-c5ea-410e-b1ad-7bc990e604c7 1b02500be9164beeba3626ccad78e66b fd6862f998934437b31d4e9038b17eb6 - - -] 172.16.200.107 "GET /v2/fd6862f998934437b31d4e9038b17eb6/limits?reserved=1 HTTP/1.1" status: 200 len: 708 time: 0.7534001
2016-07-15 17:06:26.025 43857 INFO nova.osapi_compute.wsgi.server [req-d47a5ad9-ff25-4909-9c93-8e0494a54829 1b02500be9164beeba3626ccad78e66b fd6862f998934437b31d4e9038b17eb6 - - -] 172.16.200.107 "GET /v2/fd6862f998934437b31d4e9038b17eb6/limits?reserved=1 HTTP/1.1" status: 200 len: 708 time: 0.0331218解决方法:wget http://mirrors.aliyun.com/centos/7/cloud/x86_64/openstack-mitaka/python-glanceclient-2.0.0-1.el7.noarch.rpmrpm -Uvh python-glanceclient-2.0.0-1.el7.noarch.rpmsystemctl restart openstack-nova-api.service openstack-nova-cert.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.servicesystemctl restart openstack-glance-api.service openstack-glance-registry.service小记一下########################迷途小运维原创作者:john转载请注明出处 -
OpenStack
2011-06-14 15:14:00Cluster as a Service: Managing multiple clusters for openstack clouds and other diverse frameworks OpenStack 无法独自满足集群计算的需求。目前有一种方案,把集群计算部署放到 IaaS/...运行时架构
系统内部交互图
Swift也是独立组件,对系统运行没影响。
nova-api是对外的接口。
Glance是独立组件,供 nova-compute 下载镜像使用。
核心组件:
Scheduler: 根据当前资源使用情况,决定计算节点分布到哪台计算节点上。目前实现很薄,目前已支持插件方式扩展,方便后面可能有采用更复杂算法。
Compute:计算节点,使用虚拟化技术, host 虚拟机
Network: 网络管理,给虚拟机分配网络和管理,使外部 PC 可以可直接访问
Volume:给虚拟机分配额外持久化的存储
运行时系统间交互都是通过异步消息的方式和DB 进行交互
运行时图
管理和使用是走两个通道的。管理必须要经由 nova-api转发过去。而运行时,直接连接计算节点上的虚拟机即可。
OpenStack架构
OpenStack的架构示意图和目前已实现情况
蓝色是要 openstack概念上的架构图,红色是目前已实现的。
部署
部署时,除了Dashboard 必须部署在 nova-api server 上以外,所有的其它进程都可以部署在不同的机器上。
OpenStack提供了基于 Puppet 的自动部署工具。经过简单配置,就可以把各个组件部署到不同机器上。
OpenStack的镜像创建并没有纳入其职责列表。
你可以使用Ubuntu的已有image (https://help.ubuntu.com/community/UEC/),或者直接重新自己通过KVM安装 http://cssoss.wordpress.com/2011/04/27/openstack-beginners-guide-for-ubuntu-11-04-image-management/
网络模型
Flat Network Manager, Flat DHCP Network Manager, VLAN Network Manager.
VLAN Network Manager 这种方式适合于共有云。
在私有云方面, IP充足,而且为了方便的互联互通,简单的Flat结构网络比较适合。
OpenStack支持 Floating IPs ,该特性可以方便的通过更改IP来Failover(容错转移)或者迁移。
CAAS
Cluster as a Service: Managing multiple clusters for openstack clouds and other diverse frameworks
OpenStack无法独自满足集群计算的需求。目前有一种方案,把集群计算部署放到 IaaS/PaaS 的下一层,我们称这种解决方案是 CaaS.
当前,在很多机构或者学校,部署了不同的集群解决方案,但是他们使用的频率并不是很高,因此资源利用率不高的情况下,造成了很大的浪费(比如电费, PC)。
设计目标:
o 每个集群资源都可以动态分配
o 系统隔离性好
o 集群有足够的性能和容量
设计:
o IaaS/PaaS层与 CaaS 隔离
o IaaS/PaaS 层可联机扩展
o CaaS 层的镜像可通过容器有效被处理
o CaaS 层是通过 webservice提供服务
o 可通过 VLAN 网络隔离
o 自动安装
在这个解决方案中是通过 LXC的 方式来实现系统隔离
注:
LXC, LINUX的容器工具,他使用cgroup把系统资源分组进行隔离。
它不需要指令级模拟。因此相对其他虚拟化技术性能更高。
因为他必须以进程运行执行文件的方式,因此不支持windows.
架构图
在CaaS 中构建 OpenStack
Layerso CaaS(Physical) Physical layer. OS is installed on physical machines.
o CaaS(LXC) LXC layer. A Tagged VLAN isolates LXC containers.
o IaaS Cloud layer. OpenStack (nova).
过程:
1. 在物理机上安装LXC
2. 配置VPN网络
3. 执行nova 的自动部署工具
重复1~3, 在不同的机器上重复的安装OpenStack 的计算节点
-
全面认识openstack:OpenStack架构详解
2018-06-21 10:41:50OpenStack既是一个社区,也是一个项目和一个开源软件,提供开放源码软件,建立公共和私有云,它提供了一个部署云的操作平台或工具集,其宗旨在于:帮助组织运行为虚拟计算或存储服务的云,为公有云、私有云,也为大... -
Openstack概述 部署安装环境 、 部署Openstack OpenStack操作基
2018-10-03 03:30:20Openstack概述 部署安装环境 、 部署Openstack OpenStack操作基 Openstack概述 部署安装环境 、 部署Openstack OpenStack操作基 -
Openstack Vmware虚拟机迁移到openstack
2019-10-30 11:04:53实验环境是使用vmware搭建的centos 7虚拟机,生产环境需要换到openstack上跑虚拟机。 首先, 在vmware里面导出虚拟机,导出格式为ovf 这其实是一个压缩文件,把这个.ovf 用解压软件tar -xvf提取出其中的 CentOS7-... -
OpenStack 系列文章
2020-12-23 20:05:39《手动部署 OpenStack Rocky 双节点》 《使用 Ceph 作为 OpenStack 的统一存储解决方案》 代码贡献 《OpenStack 贡献者须知 — OpenPGP/SSH/CLA 贡献者协议》 《OpenStack贡献者须知 2 — 社区工作运作 & 代码... -
openstack命令
2019-09-25 12:50:27整理了Openstack命令: openstack aggregate add host openstack aggregate createopenstack aggregate deleteopenstack aggregate listopenstack aggregate remove hostopenstack aggregate set openstack aggreg... -
Openstack基础架构
2017-12-12 15:05:04Openstack学习总结 Openstack简介 OpenStack是一个由美国国家航空航天局(NASA)和Rackspace合作研发并发起的开源项目。其中Rackspace贡献了Swift, NASA贡献了Nova项目,这两个子项目发展到现在的大大小小十多个... -
openstack 峰会_OpenStack峰会在温哥华拉开帷幕,以及其他OpenStack新闻
2020-06-28 21:25:19openstack 峰会 欢迎来到我们每周的OpenStack特别OpenStack Summit版本和开源云新闻。 有兴趣跟踪正在发生的事情吗? Opensource.com是您在开源云基础设施项目OpenStack中获取新闻的来源。 Web上的OpenStack ... -
Openstack命令
2016-10-31 09:04:20整理了Openstack命令: openstack aggregate add host openstack aggregate create openstack aggregate delete openstack aggregate list openstack aggregate remove host openstack aggregate set ... -
Openstack之搭建总结
2017-05-15 22:07:15Openstack -
openstack 峰会_回顾巴塞罗那OpenStack峰会
2020-06-21 21:32:49openstack 峰会 您有兴趣跟踪开源云中正在发生的事情吗? Opensource.com是您在开源云基础设施项目OpenStack中获取新闻的来源。 本周,我们回顾一下在巴塞罗那举行的OpenStack峰会以及该活动的一些新闻,公告和观察... -
openstack概述
2018-01-04 14:16:221.什么是openstack openstack,是目前最为流行的开源云操作系统框架。深入理解openstack需要围绕开源、云、操作系统、框架这几个关键词展开说明 1.云 读者只需要明确,openstack是用来构建云计算系统的核心软件... -
OpenStack精华问答 | OpenStack和CloudStack对比
2019-07-18 10:29:33自诞生以来,OpenStack 似乎一直被质疑,其背后最重要的两大推手 NASA 和 Rackspace 都弃它而去,惠普、思科接连宣布关闭基于 OpenStack 的公... -
OpenStack是什么,OpenStack详解
2017-08-01 15:06:001. OpenStack是什么 OpenStack官方的解释很官方,而且从不同角度,也有不同的理解,OpenStack可以理解为一个云操作系统 OpenStack旗下包含了一组由社区维护的开源项目,他们分别是OpenStackCompute(Nova),... -
OpenStack架构
2018-03-15 17:35:16一、概述openstack是一个综合的云计算管理平台,作为一个开源的IaaS平台,在openstack项目中包含了各种各样的组件,接下来简要介绍。 二、组件(项目)介绍1、认证服务-Keyston该组件在openstack中主要负责用户、... -
openstack资源使用汇总_OpenStack专栏目录
2020-12-26 17:51:01int32bit:如何阅读OpenStack源码 int32bit:OpenStack工作流服务Mistral简介 int32bit:OpenStack虚拟机挂载数据卷过程分析 int32bit:OpenStack中那些很少见但很有用的操作 int32bit:Docker使用OpenStack Cinder... -
OpenStack API文档
2018-09-13 11:33:34介绍如何使用API来创建和管理OpenStack云环境下的资源 -
OpenStack 安装
2015-04-27 17:09:03OpenStack 是一个开源的云操作系统,可以通过OpenStack构建企业私有云。随着云计算的兴起,各个大中型企业都希望构建自己的私有云平台,OpenStack凭借着开源的优势,得到了广大开发者的喜好,纷纷使用OpenStack来... -
OpenStack介绍
2019-04-10 11:14:12OpenStack架构 OpenStack是一个综合的云计算管理平台,在OpenStack项目中包含了各种各样的组件,如提供身份验证的Keystone组件、提供计算服务的Nova组件,提供镜像服务的Glance组件、提供对象存储的Swift组件、提供... -
openstack简介
2019-08-24 21:20:48OpenStack既是一个社区,也是一个项目和一个开源软件,它提供了一个部署云的操作平台或工具集。其宗旨在于,帮助组织运行为虚拟计算或存储服务的云,为公有云、私有云,也为大云、小云提供可扩展的、灵活的云计算。 ... -
OpenStack概述
2019-06-27 23:27:30OpenStack是一个开源的云平台管理项目,可以作为AWS EC2的替代品,来管理一个数据中心的计算、网络、存储等资源,提供IAAS。基于OpenStack用户可以构建公有云、私有云、混合云,目前私有云的应用场景较多。 -
Openstack--使用packstack工具一键部署OpenStack
2021-01-18 12:04:41Openstack----(线网源)使用packstack工具一键部署OpenStack! 文章目录Openstack----(线网源)使用packstack工具一键部署OpenStack!一:部署 OpenStack1.1 环境1.2 安装虚拟机1.2.1 IP地址配置与修改主机名1.2.2... -
OpenStack界面展示
2018-03-29 10:53:03OpenStack的界面简单展示部分。。。。。。。。。。。。。。。
-
shader学习二:mix()函数的使用
-
材料力学教程-能量法
-
基于电商业务的全链路数据中台落地方案(全渠道、全环节、全流程)
-
MySQL 触发器
-
NVDIA显卡驱动安装
-
用Go语言来写区块链(一)
-
Python入门教程完整版(懂中文就能学会)-附件资源
-
轻量应用服务器cpu是100%性能基线无限制的吗?
-
DS&RS系列伺服通讯手册V8.pdf
-
MaxScale 实现 MySQL 读写分离与负载均衡
-
微信小程序云开发项目源码.zip
-
AI拍照识花.rar
-
隐藏IP有哪些方法?代理服务器可以吗?
-
3:Linux-Linux进程
-
itunesguanli_setup.zip
-
MySQL 多实例安装 及配置主从复制实验环境
-
ATCA PICMG_3_0_Shortform标准
-
libevent框架
-
知识图谱从新手到入门
-
文件移动复制--python