OpenStack单节点安装
目录
实训内容
OpenStack Mitaka平台的安装
参考文档:
https://docs.openstack.org/mitaka/zh_CN/install-guide-rdo
先电云计算基础架构服务平台用户手册2.1版
实验准备
硬件准备
笔记本电脑中装有VMware workstation软件
准备一台虚拟机,内存不低于2G:
controller:CPU1个,内存2G,硬盘100G,网卡两块,网卡1:内网vnet8,网卡2:仅主机
软件准备
Centos7 操作系统
时区:中国上海,分区:调整分区,
调整:/ 60G /home 20G swap 20G
关闭kdump
安装包模式:minimal最小化 297个包 5-10分钟
网络配置:
单节点IP:10.0.0.11
配置主机名
配置主机名
hostnamectl set-hostname controller
按ctrl+d 退出 重新登陆
配置主机名和IP的映射
vi /etc/hosts :
添加:
10.0.0.11 controller compute
service network restart
ping controller
ping compute
安全设置
selinux配置
(关闭高级安全功能)
[root@controller ~]# sed -i 's/SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config 或者用vi /etc/selinux/config把配置改成如下配置,其余项不变: SELINUX=permissive [root@controller ~]# getenforce Enforcing [root@controller ~]# setenforce 0 [root@controller ~]# getenforce Permissive
关闭防火墙
[root@controller ~]# systemctl stop iptables [root@controller ~]# systemctl disable iptables Removed symlink /etc/systemd/system/basic.target.wants/iptables.service. [root@controller ~]# systemctl stop firewalld.service [root@controller ~]# systemctl disable firewalld.service
验证
重启之后,执行以下命令
[root@controller ~]# getenforce Permissive [root@controller ~]# systemctl status firewalld.service â— firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled) Active: inactive (dead) Nov 19 17:08:01 controller systemd[1]: Starting... Nov 19 17:08:04 controller systemd[1]: Started ... Nov 19 18:45:25 controller systemd[1]: Stopping... Nov 19 18:45:26 controller systemd[1]: Stopped ... Hint: Some lines were ellipsized, use -l to show in full.
网络设置
关闭NetworkManager
[root@controller ~]# systemctl stop NetworkManager [root@controller ~]# systemctl disable NetworkManager
删除软件包
yum remove -y NetworkManager firewalld
启动传统网络管理
service network restart
配置第二块网卡
cd /etc/sysconfig/network-scripts
vi ifcfg-eno33554984(以你实际的网卡名称为准)
TYPE=Ethernet BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no NAME=eno33554984(以你实际的网卡名称为准) DEVICE=eno33554984(以你实际的网卡名称为准) ONBOOT=yes IPADDR=10.0.1.120 PREFIX=24 DNS1=114.114.114.114 IPV6_PEERDNS=yes IPV6_PEERROUTES=yes IPV6_PRIVACY=no
service network restart
配置网络安装仓库(yum源)
挂载iso文件
在两个光驱上分别挂载iso文件(CentOS-7-x86_64-DVD-1511.iso和XianDian-IaaS-v2.1.iso):
把右下角的光盘连接按钮连接上:
重启电脑
【挂载CentOS-7-x86_64-DVD-1511.iso】
[root@controller ~]# mkdir /mnt/centos [root@controller ~]# mount -o loop /dev/sr1 /mnt/centos(此命令没有任何输出,如果有输出就说明发生了错误) [root@controller ~]# ls /mnt/centos CentOS_BuildTag EULA images LiveOS repodata RPM-GPG-KEY-CentOS-Testing-7 EFI GPL isolinux Packages RPM-GPG-KEY-CentOS-7 TRANS.TBL
【挂载XianDian-IaaS-v2.1.iso】
# mkdir /mnt/iaas [root@controller ~]# mount -o loop /dev/sr0 /mnt/iaas(此命令没有任何输出,如果有输出就说明发生了错误) [root@controller ~]# ls /mnt/iaas iaas-repo images
配置repo文件
yum源备份
[root@controller ~]mv /etc/yum.repos.d/* /opt/ //yum源备份
创建repo文件
[root@controller ~]# cd /etc/yum.repos.d
[root@controller yum.repos.d]# ls
[root@controller yum.repos.d]# pwd
/etc/yum.repos.d
确保当前目录是此目录
[root@controller yum.repos.d]# vi local.repo
[centos] name=centos baseurl=file:///mnt/centos gpgcheck=0 enabled=1 [iaas] name=iaas baseurl=file:///mnt/iaas/iaas-repo gpgcheck=0 enabled=1
搭建FTP服务器
[root@controller yum.repos.d]# yum install vsftpd –y
验证
清除缓存,验证yum源
root@controller yum.repos.d]# yum repolist
Loaded plugins: fastestmirror centos | 3.6 kB 00:00 iaas | 2.9 kB 00:00 (1/3): centos/group_gz | 155 kB 00:00 (2/3): centos/primary_db | 2.8 MB 00:00 (3/3): iaas/primary_db | 2.3 MB 00:00 Determining fastest mirrors repo id repo name status centos centos 3,723 iaas iaas 1,681 repolist: 5,404
编辑环境变量
yum install iaas-xiandian -y
安装完之后增加/etc/xiandian/openrc.sh , /usr/local/bin/iaas-*.sh 等20-30个脚本文件
编辑文件/etc/xiandian/openrc.sh,此文件是安装过程中的各项参数,根据每项参数上一行的说明及服务器实际情况进行配置。
HOST_IP=10.0.0.11 HOST_NAME=controller HOST_IP_NODE=10.0.0.11 HOST_NAME_NODE=compute RABBIT_USER=openstack RABBIT_PASS=000000 DB_PASS=000000 DOMAIN_NAME=demo ADMIN_PASS=000000 DEMO_PASS=000000 KEYSTONE_DBPASS=000000 GLANCE_DBPASS=000000 GLANCE_PASS=000000 NOVA_DBPASS=000000 NOVA_PASS=000000 NEUTRON_DBPASS=000000 NEUTRON_PASS=000000 METADATA_SECRET=000000 INTERFACE_NAME=eno33554984(这里是第2块网卡实际的名称)
编辑后,可以如下命令检查一下:
[root@controller xiandian]# grep -v ^# /etc/xiandian/openrc.sh | uniq -u(应该有19行)
基础服务构建
执行iaas-pre-host.sh
[root@controller yum.repos.d]# cd /usr/local/bin [root@controller bin]# ls iaas-install-alarm.sh iaas-install-neutron-compute-vlan.sh iaas-install-ceilometer-compute.sh iaas-install-neutron-controller-flat.sh iaas-install-ceilometer-controller.sh iaas-install-neutron-controller-gre.sh iaas-install-cinder-compute.sh iaas-install-neutron-controller.sh iaas-install-cinder-controller.sh iaas-install-neutron-controller-vlan.sh iaas-install-dashboard.sh iaas-install-nova-compute.sh iaas-install-glance.sh iaas-install-nova-controller.sh iaas-install-heat.sh iaas-install-swift-compute.sh iaas-install-keystone.sh iaas-install-swift-controller.sh iaas-install-mysql.sh iaas-install-trove.sh iaas-install-neutron-compute-flat.sh iaas-pre-host.sh iaas-install-neutron-compute-gre.sh iaas-uninstall-all.sh iaas-install-neutron-compute.sh
编辑iaas-pre-host.sh文件,在yum upgrade -y后面添加
rm -rf /etc/yum.repos.d/Cent*
保存退出,执行iaas-pre-host.sh
重新启动
检查各项配置
重启电脑后执行以下命令:
82 hostname 83 systemctl status network iptables firewalld 84 getenforce 85 yum repolist 86 ping compute 87 ping controller
network状态应为active,iptables和firewalld 应为inactive
重启之后挂载失效了,重新配一下挂载:
[root@controller bin]# ls /mnt/centos [root@controller bin]# ls /mnt/iaas [root@controller bin]# ls /dev/sr0 /dev/sr0 [root@controller bin]# mount -o loop /dev/sr1 /mnt/centos [root@controller bin]# ls /mnt/centos CentOS_BuildTag EULA images LiveOS repodata RPM-GPG-KEY-CentOS-Testing-7 EFI GPL isolinux Packages RPM-GPG-KEY-CentOS-7 TRANS.TBL [root@controller bin]# mount -o loop /dev/sr0 /mnt/iaas [root@controller bin]# ls /mnt/iaas iaas-repo images
安装mysql
cd /usr/local/bin
执行脚本iaas-install-mysql.sh进行安装
yum -y install MySQL-python
基础模块构建
自底层向上层安装Openstack组件
Keystone:认证服务1 Glance:镜像服务2 Nova:计算服务3 Neutron:网络服务4 Horizon:仪表盘服务5 Cinder:块存储服务 Swift:对象存储服务 Ceilometor:监控服务(效率低) Heat:编排服务 Aodh:告警服务 Trove:数据库服务 Zun:容器管理服务
注意:swift必须先搭controller再搭compute
trove安装需要很多基础设施,不要随意安装。
安装Keystone认证服务
执行脚本iaas-install-keystone.sh进行安装。
安装Glance镜像服务
执行脚本iaas-install-glance.sh进行安装
安装Nova计算服务
执行脚本iaas-install-nova-controller.sh进行安装
执行脚本iaas-install-nova-compute.sh进行安装
安装Neutron网络服务
执行脚本iaas-install-neutron-controller.sh进行安装
执行脚本iaas-install-neutron-compute.sh进行安装
安装dashboard服务
执行脚本iaas-install-dashboard.sh进行安装
访问dashboard服务
打开浏览器访问Dashboard
http://controller(或本机内网ip)/dashboard
注:检查防火墙规则,确保允许http服务相关端口通行,或者关闭防火墙。
dashboard:
demo admin 000000
期末考试到此为止!
检查是否部署成功
source /etc/keystone/admin-openrc.sh openstack help openstack-status 能够检查openstack所有服务的状态
启动云主机
上传镜像
首先下载(Wget)提供的系统镜像到本地,本次以上传cirros镜像为例。
可以安装Wget,从Ftp服务器上下载镜像到本地。
[root@controller ~]# mkdir /opt/image #[root@controller bin]# cd /opt/image [root@controller ~]# wget http://download.cirros-cloud.net/0.3.0/cirros-0.3.0-i386-disk.img --2018-12-29 18:03:22-- http://download.cirros-cloud.net/0.3.0/cirros-0.3.0-i386-disk.img Resolving download.cirros-cloud.net (download.cirros-cloud.net)... 64.90.42.85, 2607:f298:6:a036::bd6:a72a Connecting to download.cirros-cloud.net (download.cirros-cloud.net)|64.90.42.85|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 9159168 (8.7M) [text/plain] Saving to: ‘cirros-0.3.0-i386-disk.img’ 100%[=====================================================>] 9,159,168 322KB/s in 28s 2018-12-29 18:03:51 (318 KB/s) - ‘cirros-0.3.0-i386-disk.img’ saved [9159168/9159168] [root@controller ~]# source /etc/keystone/admin-openrc.sh [root@controller ~]# glance image-create --name "cirros_1229" --disk-format qcow2 --container-format bare --progress < /opt/image/cirros-0.3.0-i386-disk.img [=============================>] 100% +------------------+--------------------------------------+ | Property | Value | +------------------+--------------------------------------+ | checksum | 90169ba6f09b5906a7f0755bd00bf2c3 | | container_format | bare | | created_at | 2018-12-29T10:17:18Z | | disk_format | qcow2 | | id | f525bcaf-29b3-4a0f-b582-f67ec6ce29e8 | | min_disk | 0 | | min_ram | 0 | | name | cirros_1229 | | owner | a06028e9f8e348d3b7a494a9d5cb0ee6 | | protected | False | | size | 9159168 | | status | active | | tags | [] | | updated_at | 2018-12-29T10:17:18Z | | virtual_size | None | | visibility | private |
创建neutron网络
以下网络选择其中之一创建即可
创建flat网络
- Controller节点
执行脚本iaas-install-neutron-controller-flat.sh进行安装
[root@controller bin]# iaas-install-neutron-controller-flat.sh Create a sample flat network Created a new network: +---------------------------+--------------------------------------+ | Field | Value | +---------------------------+--------------------------------------+ | admin_state_up | True | | availability_zone_hints | | | availability_zones | | | created_at | 2018-12-29T09:48:56 | | description | | | id | e972aba5-e189-44d3-ac4c-c6ec64e92f04 | | ipv4_address_scope | | | ipv6_address_scope | | | mtu | 1500 | | name | sharednet1 | | port_security_enabled | True | | provider:network_type | flat | | provider:physical_network | physnet1 | | provider:segmentation_id | | | router:external | False | | shared | True | | status | ACTIVE | | subnets | | | tags | | | tenant_id | d4dc77f9f562463991df6d11855ead48 | | updated_at | 2018-12-29T09:48:56 | +---------------------------+--------------------------------------+
- Compute节点
执行脚本iaas-install-neutron-compute-flat.sh进行安装.
创建之后:
创建gre网络
- Controller节点
执行脚本iaas-install-neutron-controller-gre.sh进行安装
- Compute节点
执行脚本iaas-install-neutron-compute-gre.sh进行安装
创建vlan网络
- Controller节点
执行脚本iaas-install-neutron-controller-vlan.sh进行安装
- Compute节点
执行脚本iaas-install-neutron-compute-vlan.sh进行安装
创建子网
网络 -> 子网 ->创建子网
填写子网信息:
填写子网详情:
创建云主机
项目 ->计算 -> 云主机 -> 创建云主机
填写实例信息:
选择引导源(映像)
选择云主机类型:
选择网络:
云主机创建成功:
创建外界可访问的云主机
首先,网络模式要按照GRE方式按照
其次,
(1)管理员 → 网络 → 创建网络(内外网) → 创建子网(外网填服务器的外网网段)
(2)项目 → 网络 → 路由 → 新建路由 → 添加网关和内网接口
(3)项目 → 计算 → 访问安全 → 管理规则 → 添加规则(ICMP、TCP、UDP)
(4)项目 → 计算 → 云主机 → 创建云主机 → 绑定浮动IP
