|
本帖最后由 howtodown 于 2014-8-19 12:08 编辑
此篇是openstack零基础入门:OpenStack Grizzly安装指导(1)的续篇
3. 网络节点
准备节点
安装 64位 Ubuntu 12.04 or 13.04 Server, 切换sudo 模式:
复制代码
添加Grizzly库(适用于 Ubuntu 12.04):
- apt-get install -y ubuntu-cloud-keyring
- echo deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/grizzly main >> /etc/apt/sources.list.d/grizzly.list
更新系统:
- apt-get update -y
- apt-get upgrade -y
- apt-get dist-upgrade -y
安装 ntp 服务:
复制代码
配置NTP保持与控制节点时间同步:
- #Comment the ubuntu NTP servers
- sed -i 's/server 0.ubuntu.pool.ntp.org/#server 0.ubuntu.pool.ntp.org/g' /etc/ntp.conf
- sed -i 's/server 1.ubuntu.pool.ntp.org/#server 1.ubuntu.pool.ntp.org/g' /etc/ntp.conf
- sed -i 's/server 2.ubuntu.pool.ntp.org/#server 2.ubuntu.pool.ntp.org/g' /etc/ntp.conf
- sed -i 's/server 3.ubuntu.pool.ntp.org/#server 3.ubuntu.pool.ntp.org/g' /etc/ntp.conf
-
- #Set the network node to follow up your conroller node
- sed -i 's/server ntp.ubuntu.com/server 10.10.10.51/g' /etc/ntp.conf
-
- service ntp restart
安装vlan 与网桥配置工具bridge-utils
- apt-get install -y vlan bridge-utils
启动 IP_Forwarding:
- sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf
-
- # To save you from rebooting, perform the following
- sysctl net.ipv4.ip_forward=1
3.2.网络配置
3 网卡配置如下:
- # OpenStack management
- auto eth0
- iface eth0 inet static
- address 10.10.10.52
- netmask 255.255.255.0
-
- # VM Configuration
- auto eth1
- iface eth1 inet static
- address 10.20.20.52
- netmask 255.255.255.0
-
- # VM internet Access
- auto eth2
- iface eth2 inet static
- address 192.168.100.52
- netmask 255.255.255.0
3.3 OpenVSwitch (Part1)
安装 openVSwitch:
- apt-get install -y openvswitch-switch openvswitch-datapath-dkms
添加 bridges:
- #br-int will be used for VM integration
- ovs-vsctl add-br br-int
-
- #br-ex is used to make to VM accessible from the internet
- ovs-vsctl add-br br-ex
3.4. Quantum
安装 Quantum openvswitch 代理, l3 代理 and dhcp 代理组件:
- apt-get -y install quantum-plugin-openvswitch-agent quantum-dhcp-agent quantum-l3-agent quantum-metadata-agent
编辑 /etc/quantum/api-paste.ini:
- [filter:authtoken]
- paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
- auth_host = 10.10.10.51
- auth_port = 35357
- auth_protocol = http
- admin_tenant_name = service
- admin_user = quantum
- admin_password = service_pass
编辑 the OVS plugin 配置文件 /etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini:
- #Under the database section
- [DATABASE]
- sql_connection = mysql://quantumUser:quantumPass@10.10.10.51/quantum
-
- #Under the OVS section
- [OVS]
- tenant_network_type = gre
- tunnel_id_ranges = 1:1000
- integration_bridge = br-int
- tunnel_bridge = br-tun
- local_ip = 10.20.20.52
- enable_tunneling = True
-
- #Firewall driver for realizing quantum security group function
- [SECURITYGROUP]
- firewall_driver = quantum.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
更新/etc/quantum/metadata_agent.ini:
- # The Quantum user information for accessing the Quantum API.
- auth_url = http://10.10.10.51:35357/v2.0
- auth_region = RegionOne
- admin_tenant_name = service
- admin_user = quantum
- admin_password = service_pass
-
- # IP address used by Nova metadata server
- nova_metadata_ip = 10.10.10.51
-
- # TCP Port used by Nova metadata server
- nova_metadata_port = 8775
-
- metadata_proxy_shared_secret = helloOpenStack
更新文件 /etc/quantum/quantum.conf,确保rabbitMQ IP指向了控制节点
- rabbit_host = 10.10.10.51
-
- #And update the keystone_authtoken section
-
- [keystone_authtoken]
- auth_host = 10.10.10.51
- auth_port = 35357
- auth_protocol = http
- admin_tenant_name = service
- admin_user = quantum
- admin_password = service_pass
- signing_dir = /var/lib/quantum/keystone-signing
编辑 /etc/sudoers.d/quantum_sudoers
- nano /etc/sudoers.d/quantum_sudoers
-
- #Modify the quantum user
- quantum ALL=NOPASSWD: ALL
注释与说明:上面配置的作用是quantum用户执行任何命令都不需要密码
重启quantum的所有服务
- cd /etc/init.d/; for i in $( ls quantum-* ); do sudo service $i restart; done
3.4. OpenVSwitch (第二部分)
编辑 eth2 /etc/network/interfaces:
- # VM internet Access
- auto eth2
- iface eth2 inet manual
- up ifconfig $IFACE 0.0.0.0 up
- up ip link set $IFACE promisc on
- down ip link set $IFACE promisc off
- down ifconfig $IFACE down
建立虚拟网桥与物理网口的链接
- #Internet connectivity will be lost after this step but this won't affect OpenStack's work
- ovs-vsctl add-port br-ex eth2
-
- #If you want to get internet connection back, you can assign the eth2's IP address to the br-ex in the /etc/network/interfaces file.
4.计算节点
4.1. 准备环境
准备节点
安装 64位 Ubuntu 12.04 or 13.04 Server, 切换sudo 模式:
复制代码
添加Grizzly库(适用于 Ubuntu 12.04):
- apt-get install -y ubuntu-cloud-keyring
- echo deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/grizzly main >> /etc/apt/sources.list.d/grizzly.list
更新系统:
- apt-get update -y
- apt-get upgrade -y
- apt-get dist-upgrade -y
安装 ntp 服务:
复制代码
配置NTP保持与控制节点时间同步:
- #Comment the ubuntu NTP servers
- sed -i 's/server 0.ubuntu.pool.ntp.org/#server 0.ubuntu.pool.ntp.org/g' /etc/ntp.conf
- sed -i 's/server 1.ubuntu.pool.ntp.org/#server 1.ubuntu.pool.ntp.org/g' /etc/ntp.conf
- sed -i 's/server 2.ubuntu.pool.ntp.org/#server 2.ubuntu.pool.ntp.org/g' /etc/ntp.conf
- sed -i 's/server 3.ubuntu.pool.ntp.org/#server 3.ubuntu.pool.ntp.org/g' /etc/ntp.conf
-
- #Set the compute node to follow up your conroller node
- sed -i 's/server ntp.ubuntu.com/server 10.10.10.51/g' /etc/ntp.conf
-
- service ntp restart
安装vlan 与网桥配置工具bridge-utils
- apt-get install -y vlan bridge-utils
启动 IP_Forwarding:
- sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf
4.2.网络配置
- # OpenStack management
- auto eth0
- iface eth0 inet static
- address 10.10.10.53
- netmask 255.255.255.0
-
- # VM Configuration
- auto eth1
- iface eth1 inet static
- address 10.20.20.53
- netmask 255.255.255.0
4.3 KVM
确保你的硬件支持虚拟化:
- apt-get install -y cpu-checker
- kvm-ok
上面命令分别执行,当我们看到如下信息时,其实可以的。因为虽然不支持加速,但是是可以使用的。
如果上面是好的,我们安装和配置KVM
- apt-get install -y kvm libvirt-bin pm-utils
添加 cgroup_device_acl 数组到文 /etc/libvirt/qemu.conf:
- cgroup_device_acl = [
- "/dev/null", "/dev/full", "/dev/zero",
- "/dev/random", "/dev/urandom",
- "/dev/ptmx", "/dev/kvm", "/dev/kqemu",
- "/dev/rtc", "/dev/hpet","/dev/net/tun"
- ]
如下图所示
删除virtual bridge(执行下面命令即可)
- virsh net-destroy default
- virsh net-undefine default
更新文件 /etc/libvirt/libvirtd.conf:
- listen_tls = 0
- listen_tcp = 1
- auth_tcp = "none"
注释与说明:
上面可以找到相应的注释,去掉注释即可。
这里面因为注释内容比较多,可以使用查询如下图所示:我们输入/listten_tls回车即可找到相应内容。
在文件 /etc/init/libvirt-bin.conf中添加 libvirtd_opts 变量:
- env libvirtd_opts="-d -l"
注释与说明:
如下图位置所示
编辑 /etc/default/libvirt-bin 文件复制代码
如下图红色箭头所示,我们只要在libvirtd_opts="-d"中添加-1即可,即为libvirtd_opts="-d -l"
重 libvirt service与 service libvirt-bin:
- service dbus restart && service libvirt-bin restart
看到如下信息:
4.4. OpenVSwitch
安装 openVSwitch:
- apt-get install -y openvswitch-switch openvswitch-datapath-dkms
创建 bridges:
- #br-int will be used for VM integration
- ovs-vsctl add-br br-int
4.5. Quantum
安装 Quantum openvswitch 代理:
- apt-get -y install quantum-plugin-openvswitch-agent
编辑 the OVS plugin配置文件 /etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini:
- #Under the database section
- [DATABASE]
- sql_connection = mysql://quantumUser:quantumPass@10.10.10.51/quantum
-
- #Under the OVS section
- [OVS]
- tenant_network_type = gre
- tunnel_id_ranges = 1:1000
- integration_bridge = br-int
- tunnel_bridge = br-tun
- local_ip = 10.20.20.53
- enable_tunneling = True
-
- #Firewall driver for realizing quantum security group function
- [SECURITYGROUP]
- firewall_driver = quantum.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
注释与说明:
注意上面的文件不能一次性全部复制到文件中,需要找到相应的标签,如下图所示为ovs的配置
确保你的 rabbitMQ IP 在 /etc/quantum/quantum.conf文件中配置指向控制节点:
- rabbit_host = 10.10.10.51
-
- #And update the keystone_authtoken section
-
- [keystone_authtoken]
- auth_host = 10.10.10.51
- auth_port = 35357
- auth_protocol = http
- admin_tenant_name = service
- admin_user = quantum
- admin_password = service_pass
- signing_dir = /var/lib/quantum/keystone-signing
注释与说明:
同理上面的内容也是相应的内容放到相应的标签下面。切忌全部复制。
重启服务:
- service quantum-plugin-openvswitch-agent restart
4.6. Nova
安装nova所需要组件:
- apt-get install -y nova-compute-kvm
修改文件 /etc/nova/api-paste.ini authtoken 部分
- [filter:authtoken]
- paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
- auth_host = 10.10.10.51
- auth_port = 35357
- auth_protocol = http
- admin_tenant_name = service
- admin_user = nova
- admin_password = service_pass
- signing_dirname = /tmp/keystone-signing-nova
- # Workaround for https://bugs.launchpad.net/nova/+bug/1154809
- auth_version = v2.0
编辑文件 /etc/nova/nova-compute.conf
- [DEFAULT]
- libvirt_type=kvm
- libvirt_ovs_bridge=br-int
- libvirt_vif_type=ethernet
- libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver
- libvirt_use_virtio_for_bridges=True
修改文件 /etc/nova/nova.conf如下:
- [DEFAULT]
- logdir=/var/log/nova
- state_path=/var/lib/nova
- lock_path=/run/lock/nova
- verbose=True
- api_paste_config=/etc/nova/api-paste.ini
- compute_scheduler_driver=nova.scheduler.simple.SimpleScheduler
- rabbit_host=10.10.10.51
- nova_url=http://10.10.10.51:8774/v1.1/
- sql_connection=mysql://novaUser:novaPass@10.10.10.51/nova
- root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf
-
- # Auth
- use_deprecated_auth=false
- auth_strategy=keystone
-
- # Imaging service
- glance_api_servers=10.10.10.51:9292
- image_service=nova.image.glance.GlanceImageService
-
- # Vnc configuration
- novnc_enabled=true
- novncproxy_base_url=http://192.168.100.51:6080/vnc_auto.html
- novncproxy_port=6080
- vncserver_proxyclient_address=10.10.10.53
- vncserver_listen=0.0.0.0
-
- # Network settings
- network_api_class=nova.network.quantumv2.api.API
- quantum_url=http://10.10.10.51:9696
- quantum_auth_strategy=keystone
- quantum_admin_tenant_name=service
- quantum_admin_username=quantum
- quantum_admin_password=service_pass
- quantum_admin_auth_url=http://10.10.10.51:35357/v2.0
- libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver
- linuxnet_interface_driver=nova.network.linux_net.LinuxOVSInterfaceDriver
- #If you want Quantum + Nova Security groups
- firewall_driver=nova.virt.firewall.NoopFirewallDriver
- security_group_api=quantum
- #If you want Nova Security groups only, comment the two lines above and uncomment line -1-.
- #-1-firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver
-
- #Metadata
- service_quantum_metadata_proxy = True
- quantum_metadata_proxy_shared_secret = helloOpenStack
-
- # Compute #
- compute_driver=libvirt.LibvirtDriver
-
- # Cinder #
- volume_api_class=nova.volume.cinder.API
- osapi_volume_listen_port=5900
- cinder_catalog_info=volume:cinder:internalURL
注释与说明:
我们打开文件会看到如下内容:把文件内容清空,添加上面内容即可。
重启 nova所有服务:
- cd /etc/init.d/; for i in $( ls nova-* ); do sudo service $i restart; done
查看是否安装成功:
复制代码
| 
/2 
京ICP备2020039040号
简书网举报电话:021-34700000
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡
