Opensack-T版脚本安装
openStack-train 搭建部署
项目环境:
主机名 | 外网口(net) | 内口(仅主机)s | 配置 |
|---|---|---|---|
controller | 192.168.220.10/192.168.220.1/24 | 192.168.100.10 | 2u/4G/40G |
compute | 192.168.100.11/192.168.220.1/24 | 192.168/100.11 | 2u/4G/40G |
所有节点
yum install centos-release-openstack-train -y需要依赖什么安装的源
# yum install python-openstackclient -y
# yum install openstack-selinux -y数据库安装
# yum install mariadb mariadb-server python2-PyMySQL -y配置 ;/etc/my.cnf.d/openstack.cnf``/etc/my.cnf.d/
[mysqld]
bind-address = 192.168.220.10
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8# systemctl enable mariadb.service --now # mysql_secure_installation
Set root password? [Y/n] y
New password: 123
Re-enter new password: 123
Remove anonymous users? [Y/n] y
Disallow root login remotely? [Y/n] n
Remove test database and access to it? [Y/n] y
Reload privilege tables now? [Y/n] y消息队列
# yum install rabbitmq-server -y# systemctl enable rabbitmq-server.service --now# rabbitmqctl add_user openstack openstack123
Creating user "openstack" ...# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
Setting permissions for user "openstack" in vhost "/" ...缓存服务
# yum install memcached python-memcached -y/etc/sysconfig/memcached
OPTIONS="-l 127.0.0.1,::1,controller"# systemctl enable memcached.service --nowKeystone
mysql -u root -p123 CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'keystone123';
exit安装和配置组件
yum install openstack-keystone httpd mod_wsgi vim -y/etc/keystone/keystone.conf
[database]
connection = mysql+pymysql://keystone:keystone123@controller/keystone
[token]
provider = fernet填充身份服务数据库:
su -s /bin/sh -c "keystone-manage db_sync" keystone
mysql -ukeystone -pkeystone123 -h localhost -e "use keystone; show tables;"初始化费内特密钥存储库 :
# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone引导身份服务:
# keystone-manage bootstrap --bootstrap-password admin \
--bootstrap-admin-url http://controller:5000/v3/ \
--bootstrap-internal-url http://controller:5000/v3/ \
--bootstrap-public-url http://controller:5000/v3/ \
--bootstrap-region-id RegionOnehttp服务
/etc/httpd/conf/httpd.conf
ServerName controller/usr/share/keystone/wsgi-keystone.conf
# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/# systemctl enable httpd.service --now环境变量
cat > admin.sh << eof #admin 用户
#!/bash/bin
export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
eof
cat > myuser.sh << eof #myuser用户
#!/bash/bin
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=myproject
export OS_USERNAME=myuser
export OS_PASSWORD=DEMO_PASS
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
eof创建 域,项目,用户,角色
$ openstack domain create --description "An Example Domain" example
$ openstack project create --domain default --description "Service Project" service
$ openstack project create --domain default --description "Demo Project" myproject
$ openstack user create --domain default --password myuser myuser
$ openstack role create myrole
$ openstack role add --project myproject --user myuser myrole验证
$ unset OS_AUTH_URL OS_PASSWORD$openstack --os-auth-url http://controller:5000/v3 --os-project-domain-name Default --os-user-domain-name Default --os-project-name admin --os-username admin token issue
$ openstack --os-auth-url http://controller:5000/v3 --os-project-domain-name Default --os-user-domain-name Default --os-project-name myproject --os-username myuser token issue$ . admin-openrc
$ openstack token issueGlance
$ mysql -u root -p123
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'glance123';
exit创建服务凭据
创建用户
$ openstack user create --domain default --password glance123 glance
$ openstack role add --project service --user glance admin
$ openstack service create --name glance --description "OpenStack Image" image创建影像服务 API 端点:
$ openstack endpoint create --region RegionOne image public http://controller:9292
$ openstack endpoint create --region RegionOne image internal http://controller:9292
$ openstack endpoint create --region RegionOne image admin http://controller:9292安装
# yum install openstack-glance -y/etc/glance/glance-api.conf
[database]
connection = mysql+pymysql://glance:glance123@controller/glance
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = glance123
[paste_deploy]
flavor = keystone
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/# su -s /bin/sh -c "glance-manage db_sync" glance
# mysql -uglance -pglance123 -h localhost -e "use glance; show tables;"# systemctl enable openstack-glance-api.service --nowglance image-create --name "cirros5" --file cirros-0.5.1-x86_64-disk.img --disk-format qcow2 --container-format bare --visibility publicPlacement
$ mysql -u root -p123
CREATE DATABASE placement;
GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' IDENTIFIED BY 'placement123';
exit创建账号、域、用户等配置
openstack user create --domain default --password placement123 placement # 设置密码,统一placement
openstack role add --project service --user placement admin
openstack service create --name placement --description "Placement API" placement
openstack endpoint create --region RegionOne placement public http://controller:8778
openstack endpoint create --region RegionOne placement internal http://controller:8778
openstack endpoint create --region RegionOne placement admin http://controller:8778安装和配置组件
# yum install openstack-placement-api -y/etc/placement/placement.conf
[placement_database]
connection = mysql+pymysql://placement:placement123@controller/placement
[api]
auth_strategy = keystone
[keystone_authtoken]
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = placement
password = placement123# su -s /bin/sh -c "placement-manage db sync" placement
# mysql -uplacement -pplacement123 -h localhost -e "use placement; show tables;"解决bug(最后加入,T版后续没有解决方案,去O版找)
cat /etc/httpd/conf.d/00-placement-api.conf
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory># systemctl restart httpd Nova-controller&compute
- controller
$ mysql -u root -p123
CREATE DATABASE nova_api;
CREATE DATABASE nova;
CREATE DATABASE nova_cell0;
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'nova123';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'nova123';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova_cell0'@'%' IDENTIFIED BY 'nova123';
exit创建计算服务凭证
$ openstack user create --domain default --password nova123 nova
$ openstack role add --project service --user nova admin
$ openstack service create --name nova --description "OpenStack Compute" compute
$ openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1
$ openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1
$ openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1安装服务
# yum install openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler -y/etc/nova/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:openstack123@controller:5672/
my_ip = 192.168.220.10
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api_database]
connection = mysql+pymysql://nova:nova123@controller/nova_api
[database]
connection = mysql+pymysql://nova:nova123@controller/nova
[api]
auth_strategy = keystone
[keystone_authtoken]
www_authenticate_uri = http://controller:5000/
auth_url = http://controller:5000/
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = nova123
[vnc]
enabled = true
server_listen = $my_ip
server_proxyclient_address = $my_ip
[glance]
api_servers = http://controller:9292
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = placement123# su -s /bin/sh -c "nova-manage api_db sync" nova
# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
# su -s /bin/sh -c "nova-manage db sync" nova验证:
# nova-manage cell_v2 list_cells完成安装
# systemctl enable openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service --now
# systemctl restart openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service# openstack compute service list- compute
# yum install openstack-nova-compute/etc/nova/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:openstack123@controller
my_ip = 192.168.220.10
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api]
auth_strategy = keystone
[keystone_authtoken]
www_authenticate_uri = http://controller:5000/
auth_url = http://controller:5000/
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = nova123
[vnc]
enabled = true
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://controller:6080/vnc_auto.html
[glance]
api_servers = http://controller:9292
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = placement123虚拟化设置
$ egrep -c '(vmx|svm)' /proc/cpuinfo/etc/nova/nova.conf
[libvirt]
# ...
virt_type = qemu# systemctl enable libvirtd.service openstack-nova-compute.service --now将计算节点添加到单元数据库
- controller
$ . admin-openrc
$ openstack compute service list --service nova-compute
# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova- 注意
添加新的计算节点时,必须在控制器节点上运行以注册这些新的计算节点。或者,您可以在 中设置适当的间隔:nova-manage cell_v2 discover_hosts``/etc/nova/nova.conf
[scheduler]
discover_hosts_in_cells_interval = 60本文参与?腾讯云自媒体分享计划,分享自作者个人站点/博客。
原始发表:2022-11-26,如有侵权请联系 cloudcommunity@tencent.com 删除
评论
登录后参与评论
推荐阅读