首页 诗词 字典 板报 句子 名言 友答 励志 学校 网站地图
当前位置: 首页 > 教程频道 > 其他教程 > 开源软件 >

OpenStack完整装配配置

2012-09-23 
OpenStack完整安装配置?1. 安装ubuntuubuntu-12.04-server-amd64.iso配置网络环境,当前网络地址假定为192.

OpenStack完整安装配置

?

1. 安装ubuntu

ubuntu-12.04-server-amd64.iso

配置网络环境,当前网络地址假定为192.168.0.47

硬件环境dell r610

r610硬件支持KVM,在安装前需打开BIOS设置,具体设置如下:

PROCESS ... => VIRTUALIZATION ?TECHNOLOGY => ENABLE?

2. 安装配置OpenStack

       2.1:系统准备2.1.1 更新ubuntusudo apt-get update2.1.2 安装ntpapt-get install ntp配置/etc/ntp.conf在server ntp.ubuntu.com iburst下面加server 127.127.1.0fudge 127.127.1.0 stratum 10重启service ntp restart2.1.2 安装tgt、iscsi 、bridge-utilsapt-get install tgtservice tgt startapt-get install open-iscsi open-iscsi-utilsapt-get install bridge-utils/etc/init.d/networking restart2.1.3 安装RabbitMQapt-get install rabbitmq-server memcached python-memcache2.1.4 安装kvmapt-get install kvm libvirt-bin测试kvm-okINFO: /dev/kvm existsKVM acceleration can be used参考《openstack安装问题》2.2 安装Mysql、创建数据库和用户apt-get install -y mysql-server python-mysqldb修改配置文件/etc/mysql/my.conf[client]default-character-set=utf8[mysqld]init_connect='SET collation_connection = utf8_unicode_ci' init_connect='SET NAMES utf8' character-set-server=utf8 collation-server=utf8_unicode_ci skip-character-set-client-handshakebind-address = 127.0.0.1=>bind-address = 0.0.0.0重启service mysql restart创建库表mysql -u root#创建nova的数据库CREATE DATABASE nova;GRANT ALL PRIVILEGES ON nova.* TO 'novadbadmin'@'%'   IDENTIFIED BY 'pwd123456';#创建glance的数据库CREATE DATABASE glance;GRANT ALL PRIVILEGES ON glance.* TO 'glancedbadmin'@'%' IDENTIFIED BY 'pwd123456';#创建keystone的数据库CREATE DATABASE keystone;GRANT ALL PRIVILEGES ON keystone.* TO 'keystonedbadmin'@'%' IDENTIFIED BY 'pwd123456';2.3 安装配置Keystone2.3.1 安装apt-get install keystone python-keystone python-mysqldb python-keystoneclient2.3.2 配置/etc/keystone/keystone.conf[sql]connection = mysql://keystonedbadmin:pwd123456@192.168.0.47/keystoneidle_timeout = 2002.3.3 重启keystoneservice keystone restart2.3.4 初始化keystone的数据库keystone-manage db_sync2.3.5 创建gen_keystone_data.sh文件内容如下:#!/bin/bash## Initial data for Keystone using python-keystoneclient## Tenant               User      Roles# ------------------------------# admin                admin     admin# service              glance    admin# service              nova      admin, [ResellerAdmin (swift only)]# service              quantum   admin        # if enabled# service              swift     admin        # if enabled# demo                 admin     admin# demo                 demo      Member, anotherrole# invisible_to_admin   demo      Member## Variables set before calling this script:# SERVICE_TOKEN - aka admin_token in keystone.conf# SERVICE_ENDPOINT - local Keystone admin endpoint# SERVICE_TENANT_NAME - name of tenant containing service accounts# ENABLED_SERVICES - stack.sh's list of services to start# DEVSTACK_DIR - Top-level DevStack directory## 运行脚本, 如果你修改的默认的用户名和密码,你需要修改脚本。修改两个地方## 第一个是登录dashboard的pwd123456的密码  ## 第二个就是keystone的token ADMIN_PASSWORD=${ADMIN_PASSWORD:-pwd123456}SERVICE_PASSWORD=${SERVICE_PASSWORD:-$ADMIN_PASSWORD}## #export SERVICE_TOKEN="hastexo" export SERVICE_TOKEN="netqin"export SERVICE_ENDPOINT="http://localhost:35357/v2.0"SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service}function get_id () {    echo `$@ | awk '/ id / { print $4 }'`}# TenantsADMIN_TENANT=$(get_id keystone tenant-create --name=admin)SERVICE_TENANT=$(get_id keystone tenant-create --name=$SERVICE_TENANT_NAME)DEMO_TENANT=$(get_id keystone tenant-create --name=demo)INVIS_TENANT=$(get_id keystone tenant-create --name=invisible_to_admin)# UsersADMIN_USER=$(get_id keystone user-create --name=admin \                                         --pass="$ADMIN_PASSWORD" \                                         --email=admin@hastexo.com)DEMO_USER=$(get_id keystone user-create --name=demo \                                        --pass="$ADMIN_PASSWORD" \                                        --email=demo@hastexo.com)# RolesADMIN_ROLE=$(get_id keystone role-create --name=admin)KEYSTONEADMIN_ROLE=$(get_id keystone role-create --name=KeystoneAdmin)KEYSTONESERVICE_ROLE=$(get_id keystone role-create --name=KeystoneServiceAdmin)# ANOTHER_ROLE demonstrates that an arbitrary role may be created and used# TODO(sleepsonthefloor): show how this can be used for rbac in the future!ANOTHER_ROLE=$(get_id keystone role-create --name=anotherrole)# Add Roles to Users in Tenantskeystone user-role-add --user $ADMIN_USER --role $ADMIN_ROLE --tenant_id $ADMIN_TENANTkeystone user-role-add --user $ADMIN_USER --role $ADMIN_ROLE --tenant_id $DEMO_TENANTkeystone user-role-add --user $DEMO_USER --role $ANOTHER_ROLE --tenant_id $DEMO_TENANT# TODO(termie): these two might be dubiouskeystone user-role-add --user $ADMIN_USER --role $KEYSTONEADMIN_ROLE --tenant_id $ADMIN_TENANTkeystone user-role-add --user $ADMIN_USER --role $KEYSTONESERVICE_ROLE --tenant_id $ADMIN_TENANT# The Member role is used by Horizon and Swift so we need to keep it:MEMBER_ROLE=$(get_id keystone role-create --name=Member)keystone user-role-add --user $DEMO_USER --role $MEMBER_ROLE --tenant_id $DEMO_TENANTkeystone user-role-add --user $DEMO_USER --role $MEMBER_ROLE --tenant_id $INVIS_TENANT# Configure service users/rolesNOVA_USER=$(get_id keystone user-create --name=nova \                                        --pass="$SERVICE_PASSWORD" \                                        --tenant_id $SERVICE_TENANT \                                        --email=nova@hastexo.com)keystone user-role-add --tenant_id $SERVICE_TENANT \                       --user $NOVA_USER \                       --role $ADMIN_ROLEGLANCE_USER=$(get_id keystone user-create --name=glance \                                          --pass="$SERVICE_PASSWORD" \                                          --tenant_id $SERVICE_TENANT \                                          --email=glance@hastexo.com)keystone user-role-add --tenant_id $SERVICE_TENANT \                       --user $GLANCE_USER \                       --role $ADMIN_ROLEif [[ "$ENABLED_SERVICES" =~ "swift" ]]; then    SWIFT_USER=$(get_id keystone user-create --name=swift \                                             --pass="$SERVICE_PASSWORD" \                                             --tenant_id $SERVICE_TENANT \                                             --email=swift@hastexo.com)    keystone user-role-add --tenant_id $SERVICE_TENANT \                           --user $SWIFT_USER \                           --role $ADMIN_ROLE    # Nova needs ResellerAdmin role to download images when accessing    # swift through the s3 api. The admin role in swift allows a user    # to act as an admin for their tenant, but ResellerAdmin is needed    # for a user to act as any tenant. The name of this role is also    # configurable in swift-proxy.conf    RESELLER_ROLE=$(get_id keystone role-create --name=ResellerAdmin)    keystone user-role-add --tenant_id $SERVICE_TENANT \                           --user $NOVA_USER \                           --role $RESELLER_ROLEfiif [[ "$ENABLED_SERVICES" =~ "quantum" ]]; then    QUANTUM_USER=$(get_id keystone user-create --name=quantum \                                               --pass="$SERVICE_PASSWORD" \                                               --tenant_id $SERVICE_TENANT \                                               --email=quantum@hastexo.com)    keystone user-role-add --tenant_id $SERVICE_TENANT \                           --user $QUANTUM_USER \                           --role $ADMIN_ROLEfi执行文件chmod +x gen_keystone_data.sh./gen_keystone_data.sh  ##  顺利运行,会什么都没有输出  ##  #echo $?  ##  下面会输出0 ,表示正常。你就别再运行脚本  ##  keystone --token netqin --endpoint http://192.168.0.47:35357/v2.0 user-list##  keystone --token netqin --endpoint http://192.168.0.47:35357/v2.0 role-list##  keystone --token netqin --endpoint http://192.168.0.47:35357/v2.0 tenant-list##  keystone --token netqin --endpoint http://192.168.0.47:35357/v2.0 service-list##  keystone --token netqin --endpoint http://192.168.0.47:35357/v2.0 endpoint-list##  curl -d '{"auth": {"tenantName": "admin", "passwordCredentials":{"username": "admin", "password": "pwd123456"}}}' -H "Content-type: application/json" http://localhost:35357/v2.0/tokens|python -mjson.tool##  看到这些,就说明keystone安装正常。  2.3.6 修改环境变量/etc/profile添加如下:export OS_TENANT_NAME=adminexport OS_USERNAME=adminexport OS_PASSWORD=pwd123456export OS_AUTH_URL="http://localhost:5000/v2.0/"export EC2_URL=$(keystone catalog --service ec2 | awk '/ publicURL / { print $4 }')export CREDS=$(keystone ec2-credentials-create)export EC2_ACCESS_KEY=$(echo "$CREDS" | awk '/ access / { print $4 }')export EC2_SECRET_KEY=$(echo "$CREDS" | awk '/ secret / { print $4 }')立即启用# source /etc/profile查看:# export | grep OS_直接运行:# keystone user-list2.4 安装和配置glance2.4.1 安装apt-get install glance glance-api glance-client glance-common glance-registry python-glance2.4.2 配置2.4.2.1 配置/etc/glance/glance-api-paste.ini## 修改文件最后3行,这些设置都是keystone导入数据的时候设置的。  sed -i -e "         s/%SERVICE_TENANT_NAME%/admin/g;         s/%SERVICE_USER%/admin/g;         s/%SERVICE_PASSWORD%/pwd123456/g;      " /etc/glance/glance-api-paste.ini    2.4.2.2 配置/etc/glance/glance-registry-paste.ini sed -i -e "         s/%SERVICE_TENANT_NAME%/admin/g;         s/%SERVICE_USER%/admin/g;         s/%SERVICE_PASSWORD%/pwd123456/g;      " /etc/glance/glance-registry-paste.ini            2.4.2.3 配置/etc/glance/glance-registry.conf## 修改  ## #sql_connection = sqlite:////var/lib/glance/glance.sqlite  ## sql_connection = mysql://glancedbadmin:pwd123456@192.168.0.47/glance在末尾添加2行[paste_deploy]flavor = keystone  2.4.2.4 配置/etc/glance/glance-api.conf 在末尾添加2行[paste_deploy]flavor = keystone2.4.3 初始化glance数据库glance-manage version_control 0glance-manage db_sync2.4.4 重启service glance-api restart && service glance-registry restart2.4.5 验证glanceglance index2.4.6 配置镜像2.4.6.1 配置ubuntu-12.04-server-cloudimg-amd64-disk1.imgwget http://uec-images.ubuntu.com/releases/12.04/release/ubuntu-12.04-server-cloudimg-amd64-disk1.imgglance add name="Ubuntu 12.04 cloudimg amd64" is_public=true container_format=ovf disk_format=qcow2 < ubuntu-12.04-server-cloudimg-amd64-disk1.img2.4.6.2 配置precise-server-cloudimg-amd64-disk1.img  get http://cloud-images.ubuntu.com/precise/current/precise-server-cloudimg-amd64-disk1.img  glance add name="Ubuntu12.04-amd64" is_public=true container_format=ovf disk_format=qcow2 < precise-server-cloudimg-amd64-disk1.img 2.4.6.3 验证glanceglance index2.5 安装配置nova2.5.1 安装apt-get install nova-api nova-cert nova-common nova-compute nova-compute-kvm nova-doc nova-network nova-objectstore nova-scheduler nova-volume nova-consoleauth novnc python-nova python-novaclient2.5.2 配置 /etc/nova/nova.conf--dhcpbridge_flagfile=/etc/nova/nova.conf--dhcpbridge=/usr/bin/nova-dhcpbridge--logdir=/var/log/nova--state_path=/var/lib/nova--lock_path=/var/lock/nova--allow_admin_api=true--use_deprecated_auth=false--auth_strategy=keystone--scheduler_driver=nova.scheduler.simple.SimpleScheduler--s3_host=192.168.0.47--ec2_host=192.168.0.47--rabbit_host=192.168.0.47--cc_host=192.168.0.47--nova_url=http://192.168.0.47:8774/v1.1/--routing_source_ip=192.168.0.47--glance_api_servers=192.168.0.47:9292--image_service=nova.image.glance.GlanceImageService--iscsi_ip_prefix=192.168.120--sql_connection=mysql://novadbadmin:nq123456@192.168.0.47/nova--ec2_url=http://192.168.0.47:8773/services/Cloud--keystone_ec2_url=http://192.168.0.47:5000/v2.0/ec2tokens--api_paste_config=/etc/nova/api-paste.ini# libvirt_type=kvm 对应 /etc/nova/nova-compute.conf --libvirt_type=kvm#--libvirt_type=qemu--libvirt_use_virtio_for_bridges=true--start_guests_on_host_boot=true--resume_guests_state_on_host_boot=true--novnc_enable=true--novncproxy_base_url=http://192.168.0.47:6080/vnc_auto.html--vncserver_proxyclient_address=127.0.0.1--vncserver_listen=127.0.0.1--network_manager=nova.network.manager.FlatDHCPManager--public_interface=eth0--flat_interface=eth1--flat_network_bridge=br0--floating_range=10.0.0.128/25--flat_injected=False--force_dhcp_release=true--iscsi_helper=tgtadm--connection_type=libvirt--root_helper=sudo nova-rootwrap--verbose=False说明:192.168.0.47 是当前机器的IPfloating_range 为VM的虚拟IPiscsi_ip_prefix VM对应IP段flat_interface 对应哪一个网卡flat_network_bridge 对应哪一个网桥2.5.3 启动、停止、重启novafor a in libvirt-bin nova-network nova-compute nova-cert nova-api nova-objectstore nova-scheduler nova-volume novnc nova-consoleauth; do service "$a" stop; donefor a in libvirt-bin nova-network nova-compute nova-cert nova-api nova-objectstore nova-scheduler nova-volume novnc nova-consoleauth; do service "$a" start; donefor a in libvirt-bin nova-network nova-compute nova-cert nova-api nova-objectstore nova-scheduler nova-volume novnc nova-consoleauth; do service "$a" restart; done2.5.4 初始化nova数据库nova-manage db sync2.5.5 配置network给VMs配置命令如下:nova-manage network create private --fixed_range_v4=192.168.120.100/25 --num_networks=1 --bridge=br0 --bridge_interface=eth1 --network_size=128使用情况如下:--fixed_range_v4=192.168.120.100/25--bridge=br0 --bridge_interface=eth--network_size=128chown -R nova:nova /etc/nova创建浮点IPnova-manage floating create --ip_range=10.0.0.128/252.5.6 创建虚拟机flavor可以根据需求自定义flavor# nova-manage flavor create --name=m1.minitest --memory=384 --cpu=1 --root_gb=1 --flavor=6 --ephemeral_gb=1  2.5.7 检查nova listnova image-list2.6 创建VM2.6.1 查看是否有~/.ssh/id_rsa.pub文件没有就生成:ssh-keygen -t rsaGenerating public/private rsa key pairEnter file in which to save the key (/root/.ssh/id_rsa): /home/user/.ssh/id_rsaEnter passphrase (empty for no passphrase):****** Enter same passphrase again: ******/home/user/.ssh/id_rsa.pub2.6.2 创建公钥nova keypair-add --pub_key ~/.ssh/id_rsa.pub key12.6.3 根据镜像创建VMnova listnova image-listnova flavor-listnova boot --flavor 1 --image f13d2626-5873-484f-957f-6945860afba4 --key_name key1 could01说明:--flavor 1 选择vm配置--image f13d2626-5873-484f-957f-6945860afba4 镜像id--key_name key1 公钥为key1could01 生成的Intance为could012.6.4 配置防火墙hastexo配置如下:nova secgroup-add-rule default tcp 22 22 0.0.0.0/0nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0全开如下:nova secgroup-add-rule default tcp 1 65535 0.0.0.0/0  nova secgroup-add-rule default udp 1 65535 0.0.0.0/0  nova secgroup-add-rule default icmp -1 -1 0.0.0.0/02.6.5 查看vmnova show $id$id 是vm的id2.6.6 配置虚拟ipnova floating-ip-create 显示生成的浮点ipnova add-floating-ip $id $ipeg:nova add-floating-ip ee4bdc5b-bf36-4f08-9dd0-7bc1d199bea4 10.0.0.129$id 是vm的id2.6.7 登录vmssh -i ~/.ssh/id_rsa ubuntu@10.0.0.129输入密码:pwd1234562.7 openstack-dashboard安装配置2.7.1 安装apt-get install apache2 libapache2-mod-wsgi openstack-dashboard2.7.2 配置/etc/openstack-dashboard/local_settings.pyCACHE_BACKEND = 'memcached://127.0.0.1:11211/'2.7.3 重启apache2service apache2 restart2.7.4 访问http://192.168.0.47user:admin pwd:pwd1234562.7.5 view & manage     nova list     nova show cloud01 2.8 配置nova-volume2.8.1 创建volumenova volume-create --display_name "volume1" 12.8.2 配置给Vmnova volume-attach could01 1 /dev/vdb2.8.3 查看nova volume-list2.9  安装结束SUCCESS!
?

3. 参考地址:

官方OpenStack

www.openstack.org

国内OpenStack社区

www.openstack.org.cn

国内技术博客-陈沙克

http://hi.baidu.com/chenshake

OpenStack 架构 ?

http://blog.csdn.net/anghlq/article/details/6543880

Ubuntu12.04安装OpenStack文档(入门指南)

http://docs.openstack.org/essex/openstack-compute/starter/content/

Installing OpenStack Essex (2012.1) on Ubuntu 12.04 ("Precise Pangolin")(原文)

http://www.hastexo.com/resources/docs/installing-openstack-essex-20121-ubuntu-1204-precise-pangolin?

“OpenStack Documentation”team(文档、bug报告)

https://launchpad.net/~openstack-doc

Quora上关于openstack的话题

http://www.quora.com/OpenStack

stackoverflow上关于openstack资源的讨论

http://stackoverflow.com/questions/5882333/good-tutorials-and-resources-for-openstack

hastexo安装配置

http://www.hastexo.com/resources/docs/installing-openstack-essex-20121-ubuntu-1204-precise-pangolin

安装配置

http://blog.csdn.net/hilyoo/article/details/7696169

OpenStack在线文档

http://docs.openstack.org

读书人精选
热点排行