opentack-all-in-one 安装配置教程
本帖最后由 venusf 于 2015-4-26 11:34 编辑1.安装openstack所需的package
apt-get install -y rabbitmq-server &&
apt-get install -y ntp vlan bridge-utils &&
apt-get install -y keystone &&
apt-get install -y glance &&
apt-get install -y nova-api nova-cert nova-conductor nova-consoleauth nova-novncproxy nova-scheduler python-novaclient nova-compute nova-console &&
apt-get install -y neutron-server neutron-plugin-openvswitch neutron-plugin-openvswitch-agent neutron-common neutron-dhcp-agent neutron-l3-agent neutron-metadata-agent openvswitch-switch &&
apt-get install -y cinder-api cinder-scheduler cinder-volume lvm2 open-iscsi-utils open-iscsi iscsitarget sysfsutils &&
apt-get install -y openstack-dashboard &&
apt-get install -y mysql-server python-mysqldb
最后需要输入mysql的密码
2.创建数据库
这里我设置的密码为password,先进入mysql,然后输入下面的命令
create database keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'password';
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'password';
CREATE DATABASE nova;
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'password';
CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'password';
CREATE DATABASE cinder;
GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY 'password';3.为各个组件配置keystone,
export OS_SERVICE_TOKEN=ADMIN
export OS_SERVICE_ENDPOINT=http://10.10.10.10:35357/v2.0//此处的静态ip为你的机器与计算节点相连的
//首先要配置好keystone
keystone tenant-create --name=admin --description="Admin Tenant"
keystone tenant-create --name=service --description="Service Tenant"
keystone user-create --name=admin --pass=password --email=admin@example.com
keystone role-create --name=admin
keystone user-role-add --user=admin --tenant=admin --role=admin
keystone service-create --name=keystone --type=identity --description="Keystone Identity Service"
keystone endpoint-create --service=keystone --publicurl=http://X.X.X.X:5000/v2.0 --internalurl=http://10.10.10.51:5000/v2.0 --adminurl=http://10.10.10.10:35357/v2.0 //这里的X.X.X.Xip为你的机器的外网ip,dashborad就是通过这个ip访问openstack的
unset OS_SERVICE_TOKEN
unset OS_SERVICE_ENDPOINT
export OS_USERNAME=admin
export OS_PASSWORD=password
export OS_TENANT_NAME=admin
export OS_AUTH_URL=http://10.10.10.10:35357/v2.0
keystone user-create --name glance --pass password
keystone user-role-add --user glance --tenant service --role admin
keystone service-create --name glance --type image --description "OpenStack Image Service"
keystone endpoint-create --service-id $(keystone service-list | awk '/ image / {print $2}') --publicurl http://10.239.52.7:9292 --internalurl http://10.10.10.10:9292 --adminurl http://10.10.10.10:9292 --region regionOne
keystone user-create --name=nova --pass=password --email=nova@example.com
keystone user-role-add --user=nova --tenant=service --role=admin
keystone service-create --name=nova --type=compute --description="OpenStack Compute"
keystone endpoint-create --service=nova --publicurl=http://X.X.X.X:8774/v2/%\(tenant_id\)s --internalurl=http://10.10.10.10:8774/v2/%\(tenant_id\)s --adminurl=http://10.10.10.10:8774/v2/%\(tenant_id\)s
keystone user-create --name=neutron --pass=password --email=neutron@example.com
keystone service-create --name=neutron --type=network --description="OpenStack Networking"
keystone user-role-add --user=neutron --tenant=service --role=admin
keystone endpoint-create --service=neutron --publicurl http://10.239.52.7:9696 --adminurl http://10.10.10.10:9696--internalurl http://10.10.10.10:9696
keystone user-create --name=cinder --pass=password --email=cinder@example.com
keystone user-role-add --user=cinder --tenant=service --role=admin
keystone service-create --name=cinder --type=volume --description="OpenStack Block Storage"
keystone endpoint-create --service=cinder --publicurl=http://X.X.X.X:8776/v1/%\(tenant_id\)s --internalurl=http://10.10.10.10:8776/v1/%\(tenant_id\)s --adminurl=http://10.10.10.51:8776/v1/%\(tenant_id\)s
keystone service-create --name=cinderv2 --type=volumev2 --description="OpenStack Block Storage v2"
keystone endpoint-create --service=cinderv2 --publicurl=http://X.X.X.X:8776/v2/%\(tenant_id\)s --internalurl=http://10.10.10.10:8776/v2/%\(tenant_id\)s --adminurl=http://10.10.10.10:8776/v2/%\(tenant_id\)
如果你的动态ip换成了其他的ip了,可以进入mysql,在keystone数据库中,select * from endpoint;查看url 的ip,然后通过该命令update endpoint set url=replace(url,'x.x.x.x旧ip','a.a.a.a新ip')修改。然后最好重启一下各种服务,如nova,neutron,keystone,rabbit,以及 source 一下opentack的环境变量
创建一个文件admin_creds,内容如下
opentack的环境变量
export OS_USERNAME=admin
export OS_PASSWORD=password
export OS_TENANT_NAME=admin
export OS_AUTH_URL=http://10.10.10.10:35357/v2.0
4.修改各个组件的配置
nova.conf
connection = mysql://nova:password@10.10.10.10/nova
#auth_uri = http://10.10.10.10:5000/v2.0
#identity_uri = http://10.10.10.10:35357
auth_uri = http://10.10.10.10:5000
auth_host = 10.10.10.10
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = nova
admin_password = password
#
#host = 10.10.10.10
workers=1
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/var/lock/nova
force_dhcp_release=True
iscsi_helper=tgtadm
libvirt_use_virtio_for_bridges=True
connection_type=libvirt
root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf
verbose=True
rpc_backend = nova.rpc.impl_kombu
rabbit_host = 10.10.10.10
rabbit_uid = guest
rabbit_password = guest
my_ip = 10.10.10.10
vncserver_listen = 10.10.10.10
vncserver_proxyclient_address = 10.10.10.10
novncproxy_base_url=http://192.168.98.128:6080/vnc_auto.html
glance_host = 10.10.10.10
auth_strategy=keystone
network_api_class=nova.network.neutronv2.api.API
neutron_url=http://10.10.10.10:9696
neutron_auth_strategy=keystone
neutron_admin_tenant_name=service
neutron_admin_username=neutron
neutron_admin_password=password
neutron_metadata_proxy_shared_secret=openstack
neutron_admin_auth_url=http://10.10.10.10:35357/v2.0
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver=nova.virt.firewall.NoopFirewallDriver
security_group_api=neutron
vif_plugging_is_fatal: false
vif_plugging_timeout: 0
osapi_compute_workers=1
ec2_workers=1
metadata_workers=1neutron.conf
core_plugin = ml2
notification_driver=neutron.openstack.common.notifier.rpc_notifier
verbose=True
rabbit_host=10.10.10.10
rpc_backend=neutron.openstack.common.rpc.impl_kombu
service_plugins=router
allow_overlapping_ips=True
auth_strategy=keystone
neutron_metadata_proxy_shared_secret=openstack
service_neutron_metadata_proxy=True
nova_admin_password=password
notify_nova_on_port_data_changes=True
notify_nova_on_port_status_changes=True
nova_admin_auth_url=http://10.10.10.10:35357/v2.0
nova_admin_tenant_id=service
nova_url=http://10.10.10.10:8774/v2
nova_admin_username=nova
lock_path = /var/lib/neutron/lock
auth_host = 10.10.10.10
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = neutron
admin_password = password
signing_dir = $state_path/keystone-signing
rpc_backend = neutron.openstack.common.rpc.impl_kombu
rabbit_host = 10.10.10.10
rabbit_port = 5672
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
nova_url = http://10.10.10.10:8774
nova_admin_username = nova
nova_admin_tenant_id = service
nova_admin_password = password
nova_admin_auth_url = http://10.10.10.10:35357/v2.0
connection = mysql://neutron:password@10.10.10.10/neutron
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
ml2_conf.ini
type_drivers=flat,gre
tenant_network_types=gre,flat
mechanism_drivers=openvswitch
flat_networks = external
tunnel_id_ranges = 1:1000
enable_security_group=True
enable_ipset = True
local_ip = 10.10.10.10
tenant_network_type = gre
enable_tunneling = True
integration_bridge = br-int
tunnel_bridge = br-tun
metadata_agent.ini
# Show debugging output in log (sets DEBUG log level output)
# debug = True
verbose = True
nova_metadata_ip = 10.10.10.10
auth_url = http://10.10.10.10:5000/v2.0
auth_region = RegionOne
admin_tenant_name = service
admin_user = neutron
admin_password = password
metadata_proxy_shared_secret = openstack
metadata_workers = 1
l3_agent.ini
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True
signing_dir = /var/cache/neutron
admin_tenant_name = service
admin_user = neutron
admin_password = password
auth_url = http://10.10.10.10:35357/v2.0
l3_agent_manager = neutron.agent.l3_agent.L3NATAgentWithStateReport
root_helper = sudo neutron-rootwrap /etc/neutron/rootwrap.conf
dhcp_agent.ini
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
use_namespaces = Truecinder.conf
rootwrap_config = /etc/cinder/rootwrap.conf
api_paste_confg = /etc/cinder/api-paste.ini
iscsi_helper = tgtadm
# control_exchange = cinder
# notification_driver = cinder.openstack.common.notifier.rpc_notifier
volume_name_template = volume-%s
volume_group = cinder-volumes
verbose = True
debug = True
auth_strategy = keystone
state_path = /var/lib/cinder
lock_path = /var/lock/cinder
volumes_dir = /var/lib/cinder/volumes
rpc_backend = cinder.openstack.common.rpc.impl_kombu
rabbit_host = 10.10.10.10
rabbit_port = 5672
rabbit_userid = guest
rabbit_password = guest
glance_host = 10.10.10.10
#my_ip = 10.10.10.10
#rpc_backend = rabbit
#rabbit_password = guest
#rabbit_host = 10.10.10.10
#glance_host = 10.10.10.10
auth_uri = http://10.10.10.10:5000
auth_host = 10.10.10.10
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = cinder
admin_password = password
connection = mysql://cinder:password@10.10.10.10/cinder
对于cinder创建volume的过程如下:
###################################################################
dd if=/dev/sda of=cinder-volumes bs=1 count=0 seek=2.5G
losetup /dev/loop2 cinder-volumes
fdisk /dev/loop2
#Type in the followings:
n
p
1
ENTER
ENTER
t
8e
w
###################################################################
keystone.conf
public_workers = 2
admin_workers = 2
log_dir=/var/log/keystone
connection = mysql://keystone:password@10.10.10.10/keystone
driver=keystone.token.persistence.backends.sql.Token
Distribution = Ubuntu
glance-api.conf
verbose = True
default_store = file
bind_host = 0.0.0.0
bind_port = 9292
log_file = /var/log/glance/api.log
backlog = 4096
workers = 4
registry_port = 9191
registry_client_protocol = http
rabbit_host = 10.10.10.51
rabbit_port = 5672
rabbit_use_ssl = false
rabbit_userid = guest
rabbit_password = guest
rabbit_virtual_host = /
rabbit_notification_exchange = glance
rabbit_notification_topic = notifications
rabbit_durable_queues = False
qpid_notification_exchange = glance
qpid_notification_topic = notifications
qpid_hostname = localhost
qpid_port = 5672
qpid_username =
qpid_password =
qpid_sasl_mechanisms =
qpid_reconnect_timeout = 0
qpid_reconnect_limit = 0
qpid_reconnect_interval_min = 0
qpid_reconnect_interval_max = 0
qpid_reconnect_interval = 0
qpid_heartbeat = 5
qpid_protocol = tcp
qpid_tcp_nodelay = True
delayed_delete = False
scrub_time = 43200
scrubber_datadir = /var/lib/glance/scrubber
image_cache_dir = /var/lib/glance/image-cache/
connection = mysql://glance:password@10.10.10.51/glance
backend = sqlalchemy
auth_uri = http://10.10.10.51:5000/v2.0
identity_uri = http://10.10.10.51:35357
admin_tenant_name = service
admin_user = glance
admin_password = password
flavor=keystone
filesystem_store_datadir = /var/lib/glance/images/
swift_store_auth_version = 2
swift_store_auth_address = 127.0.0.1:5000/v2.0/
swift_store_user = jdoe:jdoe
swift_store_key = a86850deb2742ec3cb41518e26aa2d89
swift_store_container = glance
swift_store_create_container_on_put = False
swift_store_large_object_size = 5120
swift_store_large_object_chunk_size = 200
swift_enable_snet = False
s3_store_host = 127.0.0.1:8080/v1.0/
s3_store_access_key = <20-char AWS access key>
s3_store_secret_key = <40-char AWS secret key>
s3_store_bucket = <lowercased 20-char aws access key>glance
s3_store_create_bucket_on_put = False
sheepdog_store_address = localhost
sheepdog_store_port = 7000
sheepdog_store_chunk_size = 64
glance-register.conf
bind_host = 0.0.0.0
bind_port = 9191
log_file = /var/log/glance/registry.log
backlog = 4096
workers = 1
api_limit_max = 1000
limit_param_default = 25
rabbit_host = localhost
rabbit_port = 5672
rabbit_use_ssl = false
rabbit_userid = guest
rabbit_password = guest
rabbit_virtual_host = /
rabbit_notification_exchange = glance
rabbit_notification_topic = notifications
rabbit_durable_queues = False
qpid_notification_exchange = glance
qpid_notification_topic = notifications
qpid_hostname = localhost
qpid_port = 5672
qpid_username =
qpid_password =
qpid_sasl_mechanisms =
qpid_reconnect_timeout = 0
qpid_reconnect_limit = 0
qpid_reconnect_interval_min = 0
qpid_reconnect_interval_max = 0
qpid_reconnect_interval = 0
qpid_heartbeat = 5
qpid_protocol = tcp
qpid_tcp_nodelay = True
connection = mysql://glance:password@10.10.10.10/glance
auth_uri = http://10.10.10.10:5000/v2.0
identity_uri = http://10.10.10.10:35357
admin_tenant_name = service
admin_user = glance
admin_password = password
flavor=keystone
上面的配置完成后执行下面的命令
service keystone restart
keystone-manage db_sync
rm -f /var/lib/keystone/keystone.db
glance-manage db_sync
service glance-api restart
service glance-registry restart
rm -f /var/lib/glance/glance.sqlite
rm -f /var/lib/nova/nova.sqlite
nova-manage db sync
service nova-api restart
service nova-cert restart
service nova-consoleauth restart
service nova-scheduler restart
service nova-conductor restart
service nova-novncproxy restart
service nova-compute restart
service nova-console restart
neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade juno
service neutron-server restart
service neutron-plugin-openvswitch-agent restart
service neutron-metadata-agent restart
service neutron-dhcp-agent restart
service neutron-l3-agent restart
如果有instance一直处于deleting的状态 可以再数据库中,进入Nova数据库执行下面的命令
delete from instance_actions_events;
delete from instance_actions;
delete from instance_faults;
delete from instance_id_mappings;
delete from instance_info_caches;
delete from instance_metadata;
delete from instance_system_metadata;
delete from security_group_instance_association;
delete from block_device_mapping;
delete from instance_extra;
delete from instances;
delete from migrations;
delete from reservations;
delete from quota_usages;
delete from task_log;
5.添加compute节点
安装package
apt-get -y install ntp &&
apt-get -y install nova-compute sysfsutils &&
apt-get -y install neutron-plugin-ml2 neutron-plugin-openvswitch-agentnova.conf
connection = mysql://nova:password@10.10.10.10/nova
auth_host = 10.10.10.10
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = nova
admin_password = password
workers=2
url = http://10.10.10.10:9696
auth_strategy = keystone
admin_auth_url = http://10.10.10.10:35357/v2.0
admin_tenant_name = service
admin_username = neutron
admin_password = password
host = 10.10.10.10
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/var/lock/nova
force_dhcp_release=True
iscsi_helper=tgtadm
libvirt_use_virtio_for_bridges=True
connection_type=libvirt
root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf
#debug=True
verbose=True
rpc_backend = nova.rpc.impl_kombu
rabbit_host = 10.10.10.10
rabbit_uid = guest
rabbit_password = guest
my_ip = 10.10.10.3
vncserver_listen = 0.0.0.0
vncserver_proxyclient_address = 10.10.10.3
novncproxy_base_url=http://10.239.52.71:6080/vnc_auto.html
glance_host = 10.10.10.10
auth_strategy=keystone
network_api_class=nova.network.neutronv2.api.API
neutron_url=http://10.10.10.10:9696
neutron_auth_strategy=keystone
neutron_admin_tenant_name=service
neutron_admin_username=neutron
neutron_admin_password=password
neutron_metadata_proxy_shared_secret=openstack
neutron_admin_auth_url=http://10.10.10.10:35357/v2.0
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver=nova.virt.firewall.NoopFirewallDriver
security_group_api=neutron
vif_plugging_is_fatal: false
vif_plugging_timeout: 0
osapi_compute_workers=2
ec2_workers=2
metadata_workers=2
neutron.conf
verbose = True
lock_path = $state_path/lock
core_plugin = ml2
service_plugins = router
auth_strategy = keystone
allow_overlapping_ips = True
api_workers = 2
rpc_workers = 2
rabbit_host=10.10.10.51
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
auth_host = 10.10.10.51
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = neutron
admin_password = password
service_provider=LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
service_provider=VPN:openswan:neutron.services.vpn.service_drivers.ipsec.IPsecVPNDriver:default
ml2_conf.ini
type_drivers = flat,gre
tenant_network_types = gre
mechanism_drivers = openvswitch
flat_networks =external
tunnel_id_ranges = 1:1000
enable_security_group = True
enable_ipset = True
tenant_network_type = gre
enable_tunneling = True
integration_bridge = br-int
tunnel_bridge = br-tun
local_ip = 10.10.10.11
{:soso_e179:}学习了
66666666
页:
[1]