一.服務(wù)器基礎(chǔ)配制
1.如果是新的服務(wù)器,先安裝常用軟件,配制yum源,關(guān)閉防火墻和selinux等,基本操作如下
yum install lrzsz net-tools ntp vim tree wget -y
systemctl stop firewalld && systemctl disable firewalld
setenforce 0
vim /etc/sysconfig/selinux
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled ##這里改為disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
配置epel的yum源
rpm -Uvh http://mirrors.zju.edu.cn/epel/7Server/x86_64/e/epel-release-7-10.noarch.rpm ##直接運(yùn)行這條命令,經(jīng)過(guò)我自己的測(cè)試,這個(gè)epel源的速度還是比較快的
yum install yum-plugin-fastestmirror -y ##安裝這個(gè)yum插件,可以在yum安裝軟件的時(shí)候選擇速度比較快的源
yum源配置結(jié)束后可以使用下面的命令,檢測(cè)并重新生成yum緩存
yum repolist
yum clean all && yum makecache
基礎(chǔ)配置完成后最好能夠重啟一下服務(wù)器
下面我來(lái)說(shuō)明一下本次安裝openstack的拓?fù)鋱D(很粗糙,不要見(jiàn)笑)
Paste_Image.png
從上面的拓?fù)鋱D可以看出來(lái),OpenStack并不是一個(gè)軟件,它是由多個(gè)工具組合而成的一個(gè)集合體,這也是很多初學(xué)者不能很快搭建出OpenStack的原因.個(gè)人覺(jué)得,多搭建幾遍,了解它每個(gè)工具的作用,然后很多東西就自然而然的通了.
以上的基礎(chǔ)操作,是需要在管理節(jié)點(diǎn)和計(jì)算節(jié)點(diǎn)都要操作的,下面進(jìn)入正式的安裝
二.OpenStack安裝
1. 在兩個(gè)服務(wù)器節(jié)點(diǎn)安裝OpenStack的軟件倉(cāng)庫(kù),安裝OpenStack的客戶端和selinux的管理工具
[root@Marvin-OpenStack ~]# yum install http://mirrors.zju.edu.cn/centos/7.3.1611/cloud/x86_64/openstack-newton/centos-release-openstack-newton-1-1.el7.noarch.rpm -y ## 安裝OpenStack的軟件倉(cāng)庫(kù)
[root@Marvin-OpenStack ~]# yum install python-openstackclient -y ## 安裝Openstack客戶端
[root@Marvin-Compute ~]# yum install openstack-selinux -y ## 安裝selinux管理工具
其實(shí)上面這一步應(yīng)該也算做基礎(chǔ)配置當(dāng)中,下面進(jìn)行正式安裝管理節(jié)點(diǎn)的軟件
2.在管理節(jié)點(diǎn)安裝MariaDB,并修改配置做初始化操作
[root@Marvin-OpenStack ~]# yum install mariadb mariadb-server python2-PyMySQL -y
在目錄/etc/my.cnf.d/下創(chuàng)建openstack.cnf文件
[root@Marvin-OpenStack ~]# vim /etc/my.cnf.d/openstack.cnf
[mysqld]
bind-address = 10.0.0.56
default-storage-engine = innodb
innodb_file_per_table
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
[root@Marvin-OpenStack ~]# systemctl enable mariadb && systemctl start mariadb ## 啟動(dòng)mariadb并設(shè)置開(kāi)機(jī)自啟
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
[root@Marvin-OpenStack ~]# lsof -i:3306 ## 查看數(shù)據(jù)庫(kù)是否啟動(dòng)
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
mysqld 4299 mysql 17u IPv4 33131 0t0 TCP Marvin-OpenStack:mysql (LISTEN)
[root@Marvin-OpenStack ~]# mysql_secure_installation ## 初始化數(shù)據(jù)庫(kù)
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y ##這里設(shè)置數(shù)據(jù)庫(kù)密碼,在學(xué)習(xí)階段密碼盡可能的簡(jiǎn)單,我這里是123456
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n]
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n]
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n]
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n]
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
在初始化數(shù)據(jù)庫(kù)完成后,一定要使用root用戶來(lái)登錄,驗(yàn)證數(shù)據(jù)庫(kù)是否可以正常登錄
[root@Marvin-OpenStack ~]# mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 10
Server version: 10.1.20-MariaDB MariaDB Server
Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> exit
Bye
數(shù)據(jù)庫(kù)安裝完成!!!
3.管理節(jié)點(diǎn)安裝rabbitmq消息隊(duì)列
[root@Marvin-OpenStack ~]# yum install rabbitmq-server -y ## 安裝
[root@Marvin-OpenStack ~]# systemctl enable rabbitmq-server && systemctl start rabbitmq-server ## 啟動(dòng)
Created symlink from /etc/systemd/system/multi-user.target.wants/rabbitmq-server.service to /usr/lib/systemd/system/rabbitmq-server.service.
創(chuàng)建openstack用戶,并附加權(quán)限
[root@Marvin-OpenStack ~]# rabbitmqctl add_user openstack openstack ## 創(chuàng)建用戶
Creating user "openstack" ...
[root@Marvin-OpenStack ~]# rabbitmqctl set_permissions openstack ".*" ".*" ".*" ## 附加權(quán)限
Setting permissions for user "openstack" in vhost "/" ...
[root@Marvin-OpenStack ~]# rabbitmq-plugins enable rabbitmq_management ## 啟動(dòng)web管理界面,使用rabbitmq-plugins list可以列出rabbit所有的可用插件
The following plugins have been enabled:
mochiweb
webmachine
rabbitmq_web_dispatch
amqp_client
rabbitmq_management_agent
rabbitmq_management
Applying plugin configuration to rabbit@Marvin-OpenStack... started 6 plugins.
[root@Marvin-OpenStack ~]# lsof -i:15672 ## 養(yǎng)成習(xí)慣,查看服務(wù)是否啟動(dòng),rabbitmq的服務(wù)端口是15672
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
beam.smp 4507 rabbitmq 54u IPv4 37049 0t0 TCP *:15672 (LISTEN)
使用web登錄驗(yàn)證,登錄地址: http://10.0.0.56:15672 用戶名密碼均為:guest
Paste_Image.png
rabbitmq消息隊(duì)列安裝完成!!!
4.管理節(jié)點(diǎn)安裝Keystone認(rèn)證服務(wù)
在安裝keystone服務(wù)之前,應(yīng)該創(chuàng)建相應(yīng)的數(shù)據(jù)庫(kù),并且授權(quán);
為了方便,我們一次性將所有用到的數(shù)據(jù)庫(kù)都創(chuàng)建完成,分別是:
keystone, glance, nova, nova_api, neutron, cinder
需要注意的是,在對(duì)數(shù)據(jù)庫(kù)進(jìn)行授權(quán)的時(shí)候,我這里默認(rèn)密碼也和數(shù)據(jù)庫(kù)名稱相同,方便記憶也不會(huì)出錯(cuò)
[root@Marvin-OpenStack ~]# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 11
Server version: 10.1.20-MariaDB MariaDB Server
Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> create database keystone;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> grant all on keystone.* to 'keystone'@'localhost' identified by 'keystone';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all on keystone.* to 'keystone'@'%' identified by 'keystone';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> create database glance;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> grant all on glance.* to 'glance'@'localhost' identified by 'glance';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all on glance.* to 'glance'@'%' identified by 'glance';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> create database nova;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> grant all on nova.* to 'nova'@'%' identified by 'nova';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all on nova.* to 'nova'@'localhost' identified by 'nova';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> create database nova_api;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> grant all on nova_api.* to 'nova'@'localhost' identified by 'nova';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all on nova_api.* to 'nova'@'%' identified by 'nova';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> create database neutron;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> grant all on neutron.* to 'neutron'@'localhost' identified by 'neutron';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all on neutron.* to 'neutron'@'%' identified by 'neutron';
Query OK, 0 rows affected (0.01 sec)
MariaDB [(none)]> create database cinder;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> grant all on cinder.* to 'cinder'@'localhost' identified by 'cinder';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> grant all on cinder.* to 'cinder'@'%' identified by 'cinder';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| cinder |
| glance |
| information_schema |
| keystone |
| mysql |
| neutron |
| nova |
| nova_api |
| performance_schema |
+--------------------+
9 rows in set (0.00 sec)
MariaDB [(none)]> exit
Bye
創(chuàng)建數(shù)據(jù)庫(kù)授權(quán)是件需要很細(xì)心的工作,一定不能出錯(cuò),否走后面會(huì)出現(xiàn)很多你意想不到的錯(cuò)誤,下面去安裝配置keystone
[root@Marvin-OpenStack ~]# yum install openstack-keystone httpd mod_wsgi -y ## 安裝
[root@Marvin-OpenStack ~]# vim /etc/keystone/keystone.conf ## 修改配置文件
[database] ## 模塊名稱
connection = mysql+pymysql://keystone:keystone@10.0.0.56/keystone ## 大約在640行
[memcache]
servers = 10.0.0.56:11211 ## 大約在1476行
[token]
provider = fernet ## 大約在2659行
driver = memcache ## 大約在2669行
[root@Marvin-OpenStack ~]# grep '^[a-z]' /etc/keystone/keystone.conf ## 可以看看一共修改了的內(nèi)容
connection = mysql+pymysql://keystone:keystone@10.0.0.56/keystone ## 數(shù)據(jù)庫(kù)
servers = 10.0.0.56:11211 ## memcache
provider = fernet ## token的提供者
driver = memcache ## token的存放位置
可以看出來(lái)我們都有配制memcache,但是并沒(méi)有安裝memcache,現(xiàn)在安裝
[root@Marvin-OpenStack ~]# yum install memcached python-memcached -y
[root@Marvin-OpenStack ~]# vim /etc/sysconfig/memcached
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="64"
OPTIONS="-l 10.0.0.56,::1" ## 這里修改成自己主機(jī)的IP地址
[root@Marvin-OpenStack ~]# systemctl enable memcached && systemctl start memcached ## 啟動(dòng)memcache
Created symlink from /etc/systemd/system/multi-user.target.wants/memcached.service to /usr/lib/systemd/system/memcached.service.
[root@Marvin-OpenStack ~]# lsof -i:11211 ## 檢查
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
memcached 5672 memcached 26u IPv4 40367 0t0 TCP Marvin-OpenStack:memcache (LISTEN)
memcached 5672 memcached 27u IPv6 40368 0t0 TCP localhost:memcache (LISTEN)
memcached 5672 memcached 28u IPv4 40369 0t0 UDP Marvin-OpenStack:memcache
memcached 5672 memcached 29u IPv6 40370 0t0 UDP localhost:memcache
現(xiàn)在來(lái)同步keystone的數(shù)據(jù)庫(kù)信息
[root@Marvin-OpenStack ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone ## 同步
[root@Marvin-OpenStack ~]# mysql -h 10.0.0.56 -ukeystone -pkeystone -e "use keystone;show tables;" ## 驗(yàn)證
+------------------------+
| Tables_in_keystone |
+------------------------+
| access_token |
| assignment |
| config_register |
| consumer |
| credential |
| endpoint |
| endpoint_group |
| federated_user |
| federation_protocol |
| group |
| id_mapping |
| identity_provider |
| idp_remote_ids |
| implied_role |
| local_user |
| mapping |
| migrate_version |
| nonlocal_user |
| password |
| policy |
| policy_association |
| project |
| project_endpoint |
| project_endpoint_group |
| region |
| request_token |
| revocation_event |
| role |
| sensitive_config |
| service |
| service_provider |
| token |
| trust |
| trust_role |
| user |
| user_group_membership |
| whitelisted_config |
+------------------------+
看到數(shù)據(jù)庫(kù)的表,就說(shuō)明OK了,現(xiàn)在去注冊(cè)keystone的相關(guān)服務(wù)
[root@Marvin-OpenStack ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
[root@Marvin-OpenStack ~]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
[root@Marvin-OpenStack ~]# keystone-manage bootstrap --bootstrap-password admin \
> --bootstrap-admin-url http://10.0.0.56:35357/v3/ \
> --bootstrap-internal-url http://10.0.0.56:35357/v3/ \
> --bootstrap-public-url http://10.0.0.56:5000/v3/ \
> --bootstrap-region-id RegionOn
完成后登錄數(shù)據(jù)庫(kù),檢查注冊(cè)是否成功
[root@Marvin-OpenStack ~]# mysql -ukeystone -pkeystone
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 15
Server version: 10.1.20-MariaDB MariaDB Server
Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> use keystone;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
MariaDB [keystone]> show tables;
+------------------------+
| Tables_in_keystone |
+------------------------+
| access_token |
| assignment |
| config_register |
| consumer |
| credential |
| endpoint |
| endpoint_group |
| federated_user |
| federation_protocol |
| group |
| id_mapping |
| identity_provider |
| idp_remote_ids |
| implied_role |
| local_user |
| mapping |
| migrate_version |
| nonlocal_user |
| password |
| policy |
| policy_association |
| project |
| project_endpoint |
| project_endpoint_group |
| region |
| request_token |
| revocation_event |
| role |
| sensitive_config |
| service |
| service_provider |
| token |
| trust |
| trust_role |
| user |
| user_group_membership |
| whitelisted_config |
+------------------------+
37 rows in set (0.00 sec)
MariaDB [keystone]> select * from user\G
*************************** 1. row ***************************
id: 4799fa14964b4703bd84a93d3b792660
extra: {}
enabled: 1
default_project_id: NULL
created_at: 2017-09-02 02:36:15
last_active_at: NULL
1 row in set (0.00 sec)
MariaDB [keystone]> select * from role\G
*************************** 1. row ***************************
id: 097281195831406fa3e3782465aa922a
name: admin
extra: {}
domain_id: <<null>>
*************************** 2. row ***************************
id: 9fe2ff9ee4384b1894a90878d3e92bab
name: _member_
extra: {}
domain_id: <<null>>
2 rows in set (0.00 sec)
MariaDB [keystone]> select * from endpoint\G
*************************** 1. row ***************************
id: 41838de3d5204c9dbf173321b8bc05d7
legacy_endpoint_id: NULL
interface: internal
service_id: 1575e305f3aa4750b10304f38aa54b5e
url: http://10.0.0.56:35357/v3/
extra: {}
enabled: 1
region_id: RegionOne
*************************** 2. row ***************************
id: d8b9d6bf135b482e852c6483ce30e4f9
legacy_endpoint_id: NULL
interface: admin
service_id: 1575e305f3aa4750b10304f38aa54b5e
url: http://10.0.0.56:35357/v3/
extra: {}
enabled: 1
region_id: RegionOne
*************************** 3. row ***************************
id: e83d3ee63f2a473e809931900ec71174
legacy_endpoint_id: NULL
interface: public
service_id: 1575e305f3aa4750b10304f38aa54b5e
url: http://10.0.0.56:5000/v3/
extra: {}
enabled: 1
region_id: RegionOne
3 rows in set (0.00 sec)
MariaDB [keystone]> exit
Bye
keystone就配置好了,去開(kāi)啟apache服務(wù)了
[root@Marvin-OpenStack ~]# vim /etc/httpd/conf/httpd.conf
95 ServerName 10.0.0.56:80 ## 第95行修改apache的服務(wù)地址
[root@Marvin-OpenStack ~]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/ ## 將keystone配置文件鏈接到apache默認(rèn)目錄下
[root@Marvin-OpenStack ~]# systemctl enable httpd && systemctl start httpd ## 啟動(dòng)
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
[root@Marvin-OpenStack ~]# lsof -i:80 ## 驗(yàn)證
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
httpd 5886 root 4u IPv6 43065 0t0 TCP *:http (LISTEN)
httpd 5897 apache 4u IPv6 43065 0t0 TCP *:http (LISTEN)
httpd 5898 apache 4u IPv6 43065 0t0 TCP *:http (LISTEN)
httpd 5899 apache 4u IPv6 43065 0t0 TCP *:http (LISTEN)
httpd 5900 apache 4u IPv6 43065 0t0 TCP *:http (LISTEN)
httpd 5901 apache 4u IPv6 43065 0t0 TCP *:http (LISTEN)
驗(yàn)證性息
[root@Marvin-OpenStack ~]# openstack user list
Missing value auth-url required for auth plugin password ## 這里不成功,是因?yàn)榄h(huán)境變量沒(méi)有配制
配置環(huán)境變量
[root@Marvin-OpenStack ~]# export OS_USERNAME=admin
[root@Marvin-OpenStack ~]# export OS_PASSWORD=admin
[root@Marvin-OpenStack ~]# export OS_PROJECT_NAME=admin
[root@Marvin-OpenStack ~]# export OS_USER_DOMAIN_NAME=default
[root@Marvin-OpenStack ~]# export OS_PROJECT_DOMAIN_NAME=default
[root@Marvin-OpenStack ~]# export OS_AUTH_URL=http://10.0.0.56:35357/v3
[root@Marvin-OpenStack ~]# export OS_IDENTITY_API_VERSION=3
[root@Marvin-OpenStack ~]# openstack user list
+----------------------------------+-------+
| ID | Name |
+----------------------------------+-------+
| 4799fa14964b4703bd84a93d3b792660 | admin |
+----------------------------------+-------+
keystone配置完成
5.創(chuàng)建項(xiàng)目,用戶,角色,并為各用戶賦予角色和項(xiàng)目,按照要求配置環(huán)境變量
## 創(chuàng)建service項(xiàng)目
[root@Marvin-OpenStack ~]# openstack project create --domain default \
> --description "Service Project" service
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Service Project |
| domain_id | default |
| enabled | True |
| id | 692ff9bb43a14bbca347d1151d9bb996 |
| is_domain | False |
| name | service |
| parent_id | default |
+-------------+----------------------------------+
## 創(chuàng)建demo項(xiàng)目
[root@Marvin-OpenStack ~]# openstack project create --domain default \
> --description "Demo Project" demo
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Demo Project |
| domain_id | default |
| enabled | True |
| id | 9e6ed2044de448c5b6064da5e61108f3 |
| is_domain | False |
| name | demo |
| parent_id | default |
+-------------+----------------------------------+
## 創(chuàng)建demo用戶,密碼也為demo
[root@Marvin-OpenStack ~]# openstack user create --domain default \
> --password-prompt demo
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | bccfde0f0711448c8e3855ac4dcb8e19 |
| name | demo |
| password_expires_at | None |
+---------------------+----------------------------------+
## 創(chuàng)建user角色
[root@Marvin-OpenStack ~]# openstack role create user
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | None |
| id | f2c217d721874682b7987d5e6a363905 |
| name | user |
+-----------+----------------------------------+
## 把demo用戶加入到demo項(xiàng)目,并賦予user角色的權(quán)限
[root@Marvin-OpenStack ~]# openstack role add --project demo --user demo user
## 用同樣的方法建立glance, nova, neutron, cinder 用戶,并將他們加入service項(xiàng)目,賦予admin角色權(quán)限
[root@Marvin-OpenStack ~]# openstack user create --domain default --password-prompt glance ## 創(chuàng)建glance用戶
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 7f9ad6700c9a4c5b9c2a9b788dc623e1 |
| name | glance |
| password_expires_at | None |
+---------------------+----------------------------------+
[root@Marvin-OpenStack ~]# openstack role add --project service --user glance admin ## 加入項(xiàng)目和角色
[root@Marvin-OpenStack ~]# openstack user create --domain default --password-prompt nova
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 091ccd11a04c40c0a764f7ab988fe572 |
| name | nova |
| password_expires_at | None |
+---------------------+----------------------------------+
[root@Marvin-OpenStack ~]# openstack role add --project service --user nova admin
[root@Marvin-OpenStack ~]# openstack user create --domain default --password-prompt neutron
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 02cb936cd3c744d3aabf5a775e8d8f92 |
| name | neutron |
| password_expires_at | None |
+---------------------+----------------------------------+
[root@Marvin-OpenStack ~]# openstack role add --project service --user neutron admin
[root@Marvin-OpenStack ~]# openstack user create --domain default --password-prompt cinder
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 4a1a121dd6194784a625ce842aa96b56 |
| name | cinder |
| password_expires_at | None |
+---------------------+----------------------------------+
[root@Marvin-OpenStack ~]# openstack role add --project service --user cinder admin
## 驗(yàn)證admin和demo是否可以申請(qǐng)到token的令牌,需要注意的是:admin和demo請(qǐng)求的端口是不一樣的,admin是35357端口,demo使用的是5000端口
[root@Marvin-OpenStack ~]# unset OS_AUTH_URL OS_PASSWORD
[root@Marvin-OpenStack ~]# openstack --os-auth-url http://10.0.0.56:35357/v3 \
> --os-project-domain-name default --os-user-domain-name default \
> --os-project-name admin --os-username admin token issue
Password: ## 輸入admin密碼
+------------+--------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------+--------------------------------------------------------------------------------------------------------------+
| expires | 2017-09-02 14:12:33+00:00 |
| id | gAAAAABZqq5BuqekQMg2ngLYfbk-uePRrhgk9MmI2Z2J9-vQ6NeGhlwzkOPA__A2byWM- |
| | JN68q7CngGcCvJsHnefk1FOSrQgHrEOOkoJm7_oEqGHmL2_yH09h-TWv148ug78dJA4xmcJA8glI7-HrYe_D- |
| | wJCCL9eZfh9gylPCtFDt05rISeK6k |
| project_id | 8e8448db75034b1e8be0f7d6931be2d4 |
| user_id | 4799fa14964b4703bd84a93d3b792660 |
+------------+--------------------------------------------------------------------------------------------------------------+
[root@Marvin-OpenStack ~]# openstack --os-auth-url http://10.0.0.56:5000/v3 \
> --os-project-domain-name default --os-user-domain-name default \
> --os-project-name demo --os-username demo token issue
Password: ## 輸入demo密碼
+------------+--------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------+--------------------------------------------------------------------------------------------------------------+
| expires | 2017-09-02 14:13:29+00:00 |
| id | gAAAAABZqq55u-TC1n7b3w2uRjuJn3GIRcHbXyznI9slRgSx-hfsuQhfJsQR4M91UxZoObyH7UXxafE0_MHGe8_y1w-_0M4yxJL6Q5uf- |
| | nmwTAbB1Vj4y_cQKq-w6ldAlV9UeW2ijP4BZVEg9JVqaBmvs-YaP0yEcq9U9S9fA6jrtHpsX1ScUOQ |
| project_id | 9e6ed2044de448c5b6064da5e61108f3 |
| user_id | bccfde0f0711448c8e3855ac4dcb8e19 |
+------------+--------------------------------------------------------------------------------------------------------------+
## 驗(yàn)證是沒(méi)有問(wèn)題的,現(xiàn)在配制admin和demo的環(huán)境變量腳本
[root@Marvin-OpenStack ~]# vim admin-openstack
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_AUTH_URL=http://10.0.0.56:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
[root@Marvin-OpenStack ~]# vim demo-openstack
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=demo
export OS_AUTH_URL=http://10.0.0.56:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
## 驗(yàn)證腳本
[root@Marvin-OpenStack ~]# source admin-openstack ## 切換到admin變量
[root@Marvin-OpenStack ~]# openstack token issue ## 執(zhí)行命令成功
+------------+--------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------+--------------------------------------------------------------------------------------------------------------+
| expires | 2017-09-02 14:18:09+00:00 |
| id | gAAAAABZqq-Rbg_PBi20TjUrf-U0tj0aqQR1ukbIBT_Evki13y0nZqMKBBnjnE3tsmLbtVUCoHP4w33MLWhGzFPgPoP- |
| | GwhqiJxNUAsVRD0fi7tvtzqYelkqsCy5kkxggjLlfX54V0xzsVLqpgD2QJyZIiRJgk_FzunnTK4X5A9cjbk9MTqjo4A |
| project_id | 8e8448db75034b1e8be0f7d6931be2d4 |
| user_id | 4799fa14964b4703bd84a93d3b792660 |
+------------+--------------------------------------------------------------------------------------------------------------+
[root@Marvin-OpenStack ~]# source demo-openstack ## 切換到demo變量
[root@Marvin-OpenStack ~]# openstack token issue ## 執(zhí)行命令成功
+------------+--------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------+--------------------------------------------------------------------------------------------------------------+
| expires | 2017-09-02 14:18:30+00:00 |
| id | gAAAAABZqq-nLZ-rhs6GseaHcVX22mxB2JkcJ19xL_CQUuC5UeEVMzUyyplqtbEAgs4ulvAb8zKcxcj3Pe3HYyttJSrtVpDxIiEZfGQBaLfl |
| | OUQvEvkG9BBbXoVv2_dZ259CLjNE0hILzsu6e7b59RSgqdtbyOeLGPITHSbxFgS8aq6mpXidDvE |
| project_id | 9e6ed2044de448c5b6064da5e61108f3 |
| user_id | bccfde0f0711448c8e3855ac4dcb8e19 |
+------------+--------------------------------------------------------------------------------------------------------------+
用戶,角色,變量配置完成
6.安裝配置glance鏡像服務(wù)
6.1 創(chuàng)建image服務(wù)實(shí)體
[root@Marvin-OpenStack ~]# source admin-openstack ## 切換到admin變量
[root@Marvin-OpenStack ~]# openstack service create --name glance --description "OpenStack Image" image
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image |
| enabled | True |
| id | 23c1ddf9a59048aea91fcce887ca97dc |
| name | glance |
| type | image |
+-------------+----------------------------------+
6.2創(chuàng)建glance的API端口,分別創(chuàng)建public,internal,admin
[root@Marvin-OpenStack ~]# openstack endpoint create --region RegionOne \
> image public http://10.0.0.56:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 0e28a8c975904c28b5a2a9bc180efe02 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 23c1ddf9a59048aea91fcce887ca97dc |
| service_name | glance |
| service_type | image |
| url | http://10.0.0.56:9292 |
+--------------+----------------------------------+
[root@Marvin-OpenStack ~]# openstack endpoint create --region RegionOne image internal http://10.0.0.56:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 2cf91a5b1e1e4d19830627a1d1088b40 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 23c1ddf9a59048aea91fcce887ca97dc |
| service_name | glance |
| service_type | image |
| url | http://10.0.0.56:9292 |
+--------------+----------------------------------+
[root@Marvin-OpenStack ~]# openstack endpoint create --region RegionOne image admin http://10.0.0.56:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 806d8539a4f44c66b14488ee1979190d |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 23c1ddf9a59048aea91fcce887ca97dc |
| service_name | glance |
| service_type | image |
| url | http://10.0.0.56:9292 |
+--------------+----------------------------------+
## 查看創(chuàng)建信息
[root@Marvin-OpenStack ~]# openstack service list
+----------------------------------+----------+----------+
| ID | Name | Type |
+----------------------------------+----------+----------+
| 1575e305f3aa4750b10304f38aa54b5e | keystone | identity |
| 23c1ddf9a59048aea91fcce887ca97dc | glance | image |
+----------------------------------+----------+----------+
[root@Marvin-OpenStack ~]# openstack endpoint list
+-----------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| ID | Region | Service Name | Service Type | Enabled | Interface | URL |
+-----------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| 0e28a8c975904c28b5a2a9bc180 | RegionOne | glance | image | True | public | http://10.0.0.56:9292 |
| efe02 | | | | | | |
| 2cf91a5b1e1e4d19830627a1d10 | RegionOne | glance | image | True | internal | http://10.0.0.56:9292 |
| 88b40 | | | | | | |
| 41838de3d5204c9dbf173321b8b | RegionOne | keystone | identity | True | internal | http://10.0.0.56:35357/v3/ |
| c05d7 | | | | | | |
| 806d8539a4f44c66b14488ee197 | RegionOne | glance | image | True | admin | http://10.0.0.56:9292 |
| 9190d | | | | | | |
| d8b9d6bf135b482e852c6483ce3 | RegionOne | keystone | identity | True | admin | http://10.0.0.56:35357/v3/ |
| 0e4f9 | | | | | | |
| e83d3ee63f2a473e809931900ec | RegionOne | keystone | identity | True | public | http://10.0.0.56:5000/v3/ |
| 71174 | | | | | | |
+-----------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
6.3 glance安裝配置,并同步數(shù)據(jù)信息
[root@Marvin-OpenStack ~]# yum install openstack-glance -y
[root@Marvin-OpenStack ~]# vim /etc/glance/glance-api.conf
[database]
connection = mysql+pymysql://glance:glance@10.0.0.56/glance ## 大約在1748行修改數(shù)據(jù)庫(kù)
[root@Marvin-OpenStack ~]# vim /etc/glance/glance-registry.conf
[database]
connection = mysql+pymysql://glance:glance@10.0.0.56/glance ## 大約在1038行修改數(shù)據(jù)
[root@Marvin-OpenStack ~]# su -s /bin/sh -c "glance-manage db_sync" glance ## 導(dǎo)入數(shù)據(jù)庫(kù)
Option "verbose" from group "DEFAULT" is deprecated for removal. Its value may be silently ignored in the future.
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:1171: OsloDBDeprecationWarning: EngineFacade is deprecated; please use oslo_db.sqlalchemy.enginefacade
expire_on_commit=expire_on_commit, _conf=conf)
/usr/lib/python2.7/site-packages/pymysql/cursors.py:166: Warning: (1831, u'Duplicate index `ix_image_properties_image_id_name`. This is deprecated and will be disallowed in a future release.')
result = self._query(query) ## 這里的警告忽略掉
[root@Marvin-OpenStack ~]# mysql -h 10.0.0.56 -uglance -pglance -e "use glance;show tables;" ## 驗(yàn)證是否導(dǎo)入成功
+----------------------------------+
| Tables_in_glance |
+----------------------------------+
| artifact_blob_locations |
| artifact_blobs |
| artifact_dependencies |
| artifact_properties |
| artifact_tags |
| artifacts |
| image_locations |
| image_members |
| image_properties |
| image_tags |
| images |
| metadef_namespace_resource_types |
| metadef_namespaces |
| metadef_objects |
| metadef_properties |
| metadef_resource_types |
| metadef_tags |
| migrate_version |
| task_info |
| tasks |
+----------------------------------+
## 繼續(xù)修改glance的配置文件,配置認(rèn)證訪問(wèn)服務(wù)
[root@Marvin-OpenStack ~]# vim /etc/glance/glance-api.conf
[keystone_authtoken] ## 在keystone_authtoken模塊下添加一下內(nèi)容,大約在3178行
auth_uri = http://10.0.0.56:5000
auth_url = http://10.0.0.56:35357
memcached_servers = 10.0.0.56:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = glance
-----------------------------------------------
[paste_deploy]
flavor = keystone ## 3990行取消注釋
[glance_store]
stores = file,http ## 1864行取消注釋
default_store = file ## 1896行取消注釋
filesystem_store_datadir = /var/lib/glance/images ## 2196行取消注釋
[root@Marvin-OpenStack ~]# vim /etc/glance/glance-registry.conf
[keystone_authtoken]
auth_uri = http://10.0.0.56:5000
auth_url = http://10.0.0.56:35357
memcached_servers = 10.0.0.56:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = glance
-----------------------------------------------
[paste_deploy]
flavor = keystone ## 1910行取消注釋
## 查看glance-api.cnf修改的內(nèi)容
[root@Marvin-OpenStack ~]# grep '^[a-z]' /etc/glance/glance-api.conf
connection = mysql+pymysql://glance:glance@10.0.0.56/glance
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images
auth_uri = http://10.0.0.56:5000
auth_url = http://10.0.0.56:35357
memcached_servers = 10.0.0.56:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = glance
flavor = keystone
## 查看glance-registry.conf修改的內(nèi)容
connection = mysql+pymysql://glance:glance@10.0.0.56/glance
auth_uri = http://10.0.0.56:5000
auth_url = http://10.0.0.56:35357
memcached_servers = 10.0.0.56:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = glance
flavor = keystone
## 啟動(dòng)glance并設(shè)置開(kāi)機(jī)自啟
[root@Marvin-OpenStack ~]# systemctl enable openstack-glance-api.service \
> openstack-glance-registry.service
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-api.service to /usr/lib/systemd/system/openstack-glance-api.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-registry.service to /usr/lib/systemd/system/openstack-glance-registry.service.
[root@Marvin-OpenStack ~]# systemctl start openstack-glance-api.service openstack-glance-registry.service
## 下載官方cirros鏡像,測(cè)試
鏡像下載: http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
[root@Marvin-OpenStack ~]# ll
total 12992
-rw-r--r-- 1 root root 260 Sep 2 21:16 admin-openstack
-rw-------. 1 root root 930 Sep 2 06:54 anaconda-ks.cfg
-rw-r--r-- 1 root root 13287936 Sep 2 22:01 cirros-0.3.4-x86_64-disk.img ## 上傳的鏡像
-rw-r--r-- 1 root root 256 Sep 2 21:17 demo-openstack
## 創(chuàng)建一個(gè)cirros的鏡像,屬性是公開(kāi)的
[root@Marvin-OpenStack ~]# openstack image create "cirros" \
> --file cirros-0.3.4-x86_64-disk.img \
> --disk-format qcow2 --container-format bare \
> --public
+------------------+------------------------------------------------------+
| Field | Value |
+------------------+------------------------------------------------------+
| checksum | ee1eca47dc88f4879d8a229cc70a07c6 |
| container_format | bare |
| created_at | 2017-09-02T14:02:46Z |
| disk_format | qcow2 |
| file | /v2/images/a131bcba-8fa7-4a0e-8333-a36046c31a9c/file |
| id | a131bcba-8fa7-4a0e-8333-a36046c31a9c |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros |
| owner | 8e8448db75034b1e8be0f7d6931be2d4 |
| protected | False |
| schema | /v2/schemas/image |
| size | 13287936 |
| status | active |
| tags | |
| updated_at | 2017-09-02T14:02:47Z |
| virtual_size | None |
| visibility | public |
+------------------+------------------------------------------------------+
[root@Marvin-OpenStack ~]# openstack image list ## 查看鏡像
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| a131bcba-8fa7-4a0e-8333-a36046c31a9c | cirros | active |
+--------------------------------------+--------+--------+
[root@Marvin-OpenStack ~]# glance image-list
+--------------------------------------+--------+
| ID | Name |
+--------------------------------------+--------+
| a131bcba-8fa7-4a0e-8333-a36046c31a9c | cirros |
+--------------------------------------+--------+
glance服務(wù)安裝完成
7. nova安裝,nova的安裝是比較復(fù)雜的,是需要在管理節(jié)點(diǎn)和計(jì)算節(jié)點(diǎn)分別安裝的
7.1 管理節(jié)點(diǎn)安裝配置nova
[root@Marvin-OpenStack ~]# yum install openstack-nova-api openstack-nova-conductor openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler -y
[root@Marvin-OpenStack ~]# cd /etc/nova
[root@Marvin-OpenStack nova]# ll
total 300
-rw-r----- 1 root nova 2717 May 31 00:07 api-paste.ini
-rw-r----- 1 root nova 289748 Aug 3 17:52 nova.conf
-rw-r----- 1 root nova 4 May 31 00:07 policy.json
-rw-r--r-- 1 root root 64 Aug 3 17:52 release
-rw-r----- 1 root nova 966 May 31 00:07 rootwrap.conf
[root@Marvin-OpenStack nova]# vim nova.conf
[DEFAULT]
auth_strategy=keystone ## 14行,開(kāi)啟驗(yàn)證方式
use_neutron=true ## 2062 開(kāi)啟注釋,并修改為true
enabled_apis=osapi_compute,metadata ## 3052行,開(kāi)啟注釋
firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver ## 3265 開(kāi)啟注釋
transport_url=rabbit://openstack:openstack@10.0.0.56 ## 3601 開(kāi)啟注釋,并寫入消息驗(yàn)證的地址
[api_database]
connection=mysql+pymysql://nova:nova@10.0.0.56/nova_api ## 3661 開(kāi)啟注釋,并修改數(shù)據(jù)庫(kù)地址
[database]
connection=mysql+pymysql://nova:nova@10.0.0.56/nova ## 4678 開(kāi)啟注釋,并修改數(shù)據(jù)庫(kù)地址
[keystone_authtoken] ## 5429行,在這個(gè)下面添加nova的認(rèn)證信息
auth_uri = http://10.0.0.56:5000
auth_url = http://10.0.0.56:35357
memcached_servers = 10.0.0.56:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = nova
[vnc]
vncserver_listen=0.0.0.0 ## 8384行,取消注釋,并修改為0.0.0.0
vncserver_proxyclient_address=10.0.0.56 ## 8396 取消注釋,修改為自己的主機(jī)地址
[glance]
api_servers=10.0.0.56:9292 ## 4813 取消注釋,并修改地址
[oslo_concurrency]
lock_path=/var/lib/nova/tmp ## 6705行,取消注釋
## 查看nova.conf一共修改了多少內(nèi)容
[root@Marvin-OpenStack nova]# grep '^[a-Z]' nova.conf
auth_strategy=keystone
use_neutron=true
enabled_apis=osapi_compute,metadata
firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver
transport_url=rabbit://openstack:openstack@10.0.0.56
connection=mysql+pymysql://nova:nova@10.0.0.56/nova_api
connection=mysql+pymysql://nova:nova@10.0.0.56/nova
api_servers=10.0.0.56:9292
auth_uri = http://10.0.0.56:5000
auth_url = http://10.0.0.56:35357
memcached_servers = 10.0.0.56:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = nova
lock_path=/var/lib/nova/tmp
vncserver_listen=0.0.0.0
vncserver_proxyclient_address=10.0.0.56
## 導(dǎo)入數(shù)據(jù)庫(kù)信息并驗(yàn)證
[root@Marvin-OpenStack nova]# su -s /bin/sh -c "nova-manage api_db sync" nova
[root@Marvin-OpenStack nova]# su -s /bin/sh -c "nova-manage db sync" nova
WARNING: cell0 mapping not found - not syncing cell0.
/usr/lib/python2.7/site-packages/pymysql/cursors.py:166: Warning: (1831, u'Duplicate index `block_device_mapping_instance_uuid_virtual_name_device_name_idx`. This is deprecated and will be disallowed in a future release.')
result = self._query(query)
/usr/lib/python2.7/site-packages/pymysql/cursors.py:166: Warning: (1831, u'Duplicate index `uniq_instances0uuid`. This is deprecated and will be disallowed in a future release.')
result = self._query(query ### 警告可以忽略
[root@Marvin-OpenStack nova]# mysql -h 10.0.0.56 -unova -pnova -e "use nova;show tables;" ## 驗(yàn)證,記住nova有兩個(gè)庫(kù),一個(gè)nova,一個(gè)是nova_api
+--------------------------------------------+
| Tables_in_nova |
+--------------------------------------------+
| agent_builds |
| aggregate_hosts |
| aggregate_metadata |
| aggregates |
| allocations |
| block_device_mapping |
| bw_usage_cache |
| cells |
| certificates |
| compute_nodes |
| console_auth_tokens |
| console_pools |
| consoles |
| dns_domains |
| fixed_ips |
| floating_ips |
| instance_actions |
| instance_actions_events |
| instance_extra |
| instance_faults |
| instance_group_member |
| instance_group_policy |
| instance_groups |
| instance_id_mappings |
| instance_info_caches |
| instance_metadata |
| instance_system_metadata |
| instance_type_extra_specs |
| instance_type_projects |
| instance_types |
| instances |
| inventories |
| key_pairs |
| migrate_version |
| migrations |
| networks |
| pci_devices |
| project_user_quotas |
| provider_fw_rules |
| quota_classes |
| quota_usages |
| quotas |
| reservations |
| resource_provider_aggregates |
| resource_providers |
| s3_images |
| security_group_default_rules |
| security_group_instance_association |
| security_group_rules |
| security_groups |
| services |
| shadow_agent_builds |
| shadow_aggregate_hosts |
| shadow_aggregate_metadata |
| shadow_aggregates |
| shadow_block_device_mapping |
| shadow_bw_usage_cache |
| shadow_cells |
| shadow_certificates |
| shadow_compute_nodes |
| shadow_console_pools |
| shadow_consoles |
| shadow_dns_domains |
| shadow_fixed_ips |
| shadow_floating_ips |
| shadow_instance_actions |
| shadow_instance_actions_events |
| shadow_instance_extra |
| shadow_instance_faults |
| shadow_instance_group_member |
| shadow_instance_group_policy |
| shadow_instance_groups |
| shadow_instance_id_mappings |
| shadow_instance_info_caches |
| shadow_instance_metadata |
| shadow_instance_system_metadata |
| shadow_instance_type_extra_specs |
| shadow_instance_type_projects |
| shadow_instance_types |
| shadow_instances |
| shadow_key_pairs |
| shadow_migrate_version |
| shadow_migrations |
| shadow_networks |
| shadow_pci_devices |
| shadow_project_user_quotas |
| shadow_provider_fw_rules |
| shadow_quota_classes |
| shadow_quota_usages |
| shadow_quotas |
| shadow_reservations |
| shadow_s3_images |
| shadow_security_group_default_rules |
| shadow_security_group_instance_association |
| shadow_security_group_rules |
| shadow_security_groups |
| shadow_services |
| shadow_snapshot_id_mappings |
| shadow_snapshots |
| shadow_task_log |
| shadow_virtual_interfaces |
| shadow_volume_id_mappings |
| shadow_volume_usage_cache |
| snapshot_id_mappings |
| snapshots |
| tags |
| task_log |
| virtual_interfaces |
| volume_id_mappings |
| volume_usage_cache |
+--------------------------------------------+
[root@Marvin-OpenStack nova]# mysql -h 10.0.0.56 -unova -pnova -e "use nova_api;show tables;"
+------------------------------+
| Tables_in_nova_api |
+------------------------------+
| aggregate_hosts |
| aggregate_metadata |
| aggregates |
| allocations |
| build_requests |
| cell_mappings |
| flavor_extra_specs |
| flavor_projects |
| flavors |
| host_mappings |
| instance_group_member |
| instance_group_policy |
| instance_groups |
| instance_mappings |
| inventories |
| key_pairs |
| migrate_version |
| request_specs |
| resource_provider_aggregates |
| resource_providers |
+------------------------------+
## 驗(yàn)證成功后啟動(dòng)nova服務(wù)
[root@Marvin-OpenStack nova]# systemctl enable openstack-nova-api.service \
> openstack-nova-consoleauth.service openstack-nova-scheduler.service \
> openstack-nova-conductor.service openstack-nova-novncproxy.service
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-api.service to /usr/lib/systemd/system/openstack-nova-api.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-consoleauth.service to /usr/lib/systemd/system/openstack-nova-consoleauth.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-scheduler.service to /usr/lib/systemd/system/openstack-nova-scheduler.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-conductor.service to /usr/lib/systemd/system/openstack-nova-conductor.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-novncproxy.service to /usr/lib/systemd/system/openstack-nova-novncproxy.service.
[root@Marvin-OpenStack nova]# systemctl start openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
## 創(chuàng)建compute服務(wù)
[root@Marvin-OpenStack ~]# openstack service create --name nova \
> --description "OpenStack Compute" compute
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Compute |
| enabled | True |
| id | d1559df37465470eb7fafbd93bffb183 |
| name | nova |
| type | compute |
+-------------+----------------------------------+
## 添加endpoint記錄
[root@Marvin-OpenStack ~]# openstack endpoint create --region RegionOne \
> compute public http://10.0.0.56:8774/v2.1/%\(tenant_id\)s
+--------------+------------------------------------------+
| Field | Value |
+--------------+------------------------------------------+
| enabled | True |
| id | a0f3ffe43f7a44e58261355c9ebad61a |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | d1559df37465470eb7fafbd93bffb183 |
| service_name | nova |
| service_type | compute |
| url | http://10.0.0.56:8774/v2.1/%(tenant_id)s |
+--------------+------------------------------------------+
[root@Marvin-OpenStack ~]# openstack endpoint create --region RegionOne compute internal http://10.0.0.56:8774/v2.1/%\(tenant_id\)s
+--------------+------------------------------------------+
| Field | Value |
+--------------+------------------------------------------+
| enabled | True |
| id | 7532f46cca5540bfae8d9340a62644af |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | d1559df37465470eb7fafbd93bffb183 |
| service_name | nova |
| service_type | compute |
| url | http://10.0.0.56:8774/v2.1/%(tenant_id)s |
+--------------+------------------------------------------+
[root@Marvin-OpenStack ~]# openstack endpoint create --region RegionOne compute admin http://10.0.0.56:8774/v2.1/%\(tenant_id\)s
+--------------+------------------------------------------+
| Field | Value |
+--------------+------------------------------------------+
| enabled | True |
| id | d0470f3f77f040b086b34b6641b5e280 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | d1559df37465470eb7fafbd93bffb183 |
| service_name | nova |
| service_type | compute |
| url | http://10.0.0.56:8774/v2.1/%(tenant_id)s |
+--------------+------------------------------------------+
## 驗(yàn)證管理節(jié)點(diǎn)的nova是否配置成功
[root@Marvin-OpenStack ~]# openstack host list
+------------------+-------------+----------+
| Host Name | Service | Zone |
+------------------+-------------+----------+
| Marvin-OpenStack | scheduler | internal |
| Marvin-OpenStack | consoleauth | internal |
| Marvin-OpenStack | conductor | internal |
+------------------+-------------+----------+
[root@Marvin-OpenStack ~]# nova service-list
+----+------------------+------------------+----------+---------+-------+----------------------------+-----------------+
| Id | Binary | Host | Zone | Status | State | Updated_at | Disabled Reason |
+----+------------------+------------------+----------+---------+-------+----------------------------+-----------------+
| 1 | nova-scheduler | Marvin-OpenStack | internal | enabled | up | 2017-09-03T08:52:25.000000 | - |
| 2 | nova-consoleauth | Marvin-OpenStack | internal | enabled | up | 2017-09-03T08:52:25.000000 | - |
| 3 | nova-conductor | Marvin-OpenStack | internal | enabled | up | 2017-09-03T08:52:27.000000 | - |
+----+------------------+------------------+----------+---------+-------+----------------------------+-----------------+
[root@Marvin-OpenStack ~]# openstack endpoint list
+-----------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------+
| ID | Region | Service Name | Service Type | Enabled | Interface | URL |
+-----------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------+
| 0e28a8c975904c28b5a2a9bc180 | RegionOne | glance | image | True | public | http://10.0.0.56:9292 |
| efe02 | | | | | | |
| 2cf91a5b1e1e4d19830627a1d10 | RegionOne | glance | image | True | internal | http://10.0.0.56:9292 |
| 88b40 | | | | | | |
| 41838de3d5204c9dbf173321b8b | RegionOne | keystone | identity | True | internal | http://10.0.0.56:35357/v3/ |
| c05d7 | | | | | | |
| 7532f46cca5540bfae8d9340a62 | RegionOne | nova | compute | True | internal | http://10.0.0.56:8774/v2.1/ |
| 644af | | | | | | %(tenant_id)s |
| 806d8539a4f44c66b14488ee197 | RegionOne | glance | image | True | admin | http://10.0.0.56:9292 |
| 9190d | | | | | | |
| a0f3ffe43f7a44e58261355c9eb | RegionOne | nova | compute | True | public | http://10.0.0.56:8774/v2.1/ |
| ad61a | | | | | | %(tenant_id)s |
| d0470f3f77f040b086b34b6641b | RegionOne | nova | compute | True | admin | http://10.0.0.56:8774/v2.1/ |
| 5e280 | | | | | | %(tenant_id)s |
| d8b9d6bf135b482e852c6483ce3 | RegionOne | keystone | identity | True | admin | http://10.0.0.56:35357/v3/ |
| 0e4f9 | | | | | | |
| e83d3ee63f2a473e809931900ec | RegionOne | keystone | identity | True | public | http://10.0.0.56:5000/v3/ |
| 71174 | | | | | | |
+-----------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------+
這里nova的管理節(jié)點(diǎn)就全部安裝完成,確實(shí)有點(diǎn)累,后面的內(nèi)容,我會(huì)繼續(xù)更新,筆者QQ: 779734791 昵稱:Marvin,歡迎大家一起討論
