澳门在线威尼斯官方 > 电脑操作 > 将疑难点都进行划分,解决办法

原标题:将疑难点都进行划分,解决办法

浏览次数:105 时间:2019-11-06

3、计算节点

六:Dashboard

username = nova

6.1配置

    #yum install openstack-dashboard
    #vi /etc/openstack-dashboard/local_settings
        OPENSTACK_HOST = "controller"
        ALLOWED_HOSTS = ['*', ]
       SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
      CACHES = {
        'default': {
      'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
      'LOCATION': 'controller:11211',
      }
      }
      OPENSTACK_KEYSTONE_URL = "" % OPENSTACK_HOST
      OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
      OPENSTACK_API_VERSIONS = {
        "identity": 3,
        "image": 2,
        "volume": 2,
        }
      OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "default"
      OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"
    启动:
    #systemctl restart httpd.service memcached.service

 

firewall-cmd --reload

1.6Memcached

    memcache为选择安装项目。使用端口11211
    #yum install memcached python-memcached
    #systemctl enable memcached.service
    #systemctl start memcached.service

auth_type = password

4.3验证

     在控制节点验证:
     运行环境变量:
      #. admin-openrc
      #openstack compute service list
    输出正常即为配置正确

auth_url =

五:Networking服务

os_region_name = RegionOne

四:计算服务

[placement]

4.1安装并配置控制节点

    建立nova的数据库:
    #mysql -u root -p
    #CREATE DATABASE nova_api;
    #CREATE DATABASE nova;
    授权:
    #GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost'
      IDENTIFIED BY '密码';
    #GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%'
      IDENTIFIED BY '密码';
    #GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost'
      IDENTIFIED BY '密码';
    #GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%'
      IDENTIFIED BY '密码';
     运行环境变量:
    #. admin-openrc
    创建nova用户:
      #openstack user create --domain default
        --password-prompt nova
        #openstack role add --project service --user nova admin
    创建计算服务:
      #openstack service create --name nova
        --description "OpenStack Compute" compute
    创建endpoint:
      #openstack endpoint create --region RegionOne
        compute public
      #openstack endpoint create --region RegionOne
        compute internal
      #openstack endpoint create --region RegionOne
        compute admin
    安装:
      #yum install openstack-nova-api openstack-nova-conductor
        openstack-nova-console openstack-nova-novncproxy
        openstack-nova-scheduler
      #vi /etc/nova/nova.conf
    找到:[DEFAULT]
      enabled_apis = osapi_compute,metadata
    找到[api_database]
      connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api
      [database]
      connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova
      [DEFAULT]
      rpc_backend = rabbit
      [oslo_messaging_rabbit]
      rabbit_host = controller
      rabbit_userid = openstack
      rabbit_password = RABBIT_PASS
      [DEFAULT]
      auth_strategy = keystone
      [keystone_authtoken]
      auth_uri =
      auth_url =
      memcached_servers = controller:11211
      auth_type = password
      project_domain_name = default
      user_domain_name = default
      project_name = service
      username = nova
      password = xxx
      [DEFAULT]
      my_ip = ip地址
      [DEFAULT]
      use_neutron = True
      firewall_driver = nova.virt.firewall.NoopFirewallDriver
      [vnc]
      vncserver_listen = $my_ip
      vncserver_proxyclient_address = $my_ip
      [glance]
      api_servers =
      [oslo_concurrency]
      lock_path = /var/lib/nova/tmp
    同步数据库:
      #nova-manage api_db sync
      #nova-manage db sync
    启动服务:
      #systemctl enable openstack-nova-api.service
        openstack-nova-consoleauth.service openstack-nova-scheduler.service
        openstack-nova-conductor.service openstack-nova-novncproxy.service
       # systemctl start openstack-nova-api.service
        openstack-nova-consoleauth.service openstack-nova-scheduler.service
        openstack-nova-conductor.service openstack-nova-novncproxy.service

firewall-cmd --zone=public --add-port=8778/tcp --permanent

三:镜像服务

user_domain_name = default

4.2安装并配置计算节点

      #yum install openstack-nova-compute
      #vi /etc/nova/nova.conf
    [DEFAULT]
      rpc_backend = rabbit
    [oslo_messaging_rabbit]
      rabbit_host = controller
      rabbit_userid = openstack
      rabbit_password = xxx
    [DEFAULT]
      auth_strategy = keystone
    [keystone_authtoken]
      auth_uri =
      auth_url =
      memcached_servers = controller:11211
      auth_type = password
      project_domain_name = default
      user_domain_name = default
      project_name = service
      username = nova
      password = xxx
    [DEFAULT]
      my_ip =计算节点ip地址
    [DEFAULT]
      use_neutron = True
      firewall_driver = nova.virt.firewall.NoopFirewallDriver
    [vnc]
      enabled = True
      vncserver_listen = 0.0.0.0
      vncserver_proxyclient_address = $my_ip
      novncproxy_base_url =
      [glance]
      api_servers =
    [oslo_concurrency]
      lock_path = /var/lib/nova/tmp
    注意:
      egrep -c '(vmx|svm)' /proc/cpuinfo
      如果为0则需要修改/etc/nova/nova.conf
    [libvirt]
      virt_type = qemu
      为大于0则不需要
    启动:
      systemctl enable libvirtd.service openstack-nova-compute.service
      systemctl start libvirtd.service openstack-nova-compute.service     

auth_uri =

3.2验证

    运行环境变量:
      #. admin-openrc
    下载一个比较小的镜像:
      #wget
    上传镜像:
      #openstack image create "cirros"
        --file cirros-0.3.4-x86_64-disk.img
        --disk-format qcow2 --container-format bare
        --public
    查看:
        #openstack image list
    有输出 证明glance配置正确

project_domain_name = default

1.4SQL数据库

    安装在控制节点,指南中的步骤依据不同的发行版使用MariaDB或 MySQL。OpenStack 服务也支持其他 SQL 数据库。
    #yum install mariadb mariadb-server MySQL-python
    #vi /etc/mysql/conf.d/mariadb_openstack.cnf
    加入:
        [mysqld]
      bind-address = 192.168.1.73                         (安装mysql的机器的IP地址,这里为controller地址)
      default-storage-engine = innodb
      innodb_file_per_table
      collation-server = utf8_general_ci
      character-set-server = utf8
    
    #systemctl enable mariadb.service     (将数据库服务设置为自启动)
    #systemctl start mariadb.service          (将数据库服务设置为开启)
    设置mysql属性:
    #mysql_secure_installation  (此处参照,中坑一)

yum install https://rdoproject.org/repos/rdo-release.rpm

1.3Openstack包

        [openstack packages安装在控制和计算节点]
    安装openstack最新的源:
    #yum install centos-release-openstack-mitaka
    #yum install
    #yum upgrade                                               (在主机上升级包)
    #yum install python-openstackclient            (安装opentack必须的插件)
    #yum install openstack-selinux                    (可选则安装这个插件,我直接关闭了selinux,因为不熟,对后续不会有影响)

 

  2.2创建服务实体和API端点

              #export OS_TOKEN=上面生成的随机值
    #export OS_URL=
    #export OS_IDENTITY_API_VERSION=3
    创建keystone的service:
    #openstack service create --name keystone --description "OpenStack Identity" identity (identity这个认证类型一定不可以错)
    创建keystone的endpoint:
      #openstack endpoint create --region RegionOne
      identity public
    #openstack endpoint create --region RegionOne
      identity internel  
    #openstack endpoint create --region RegionOne
      identity admin  

yum install openstack-nova-placement-api

  2.1安装和配置     

    登录数据库创建keystone数据库。
    #mysql -u root -p
    #CREATE DATABASE keystone;
    设置授权用户和密码:
    #GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost'
      IDENTIFIED BY '密码';
    #GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%'
         IDENTIFIED BY '密码';
       生成admin_token的随机值:
      # openssl rand -hex 10
      安全并配置组件
       #yum install openstack-keystone httpd mod_wsgi
          #vi /etc/keystone/keystone.conf
       使用刚刚生成的随机值替换掉[DEFAULT]中的
       #admin_token = 随机值                           (主要为安全,也可以不用替换)
       配置数据库连接

               [database]

                connection = mysql+pymysql://keystone:密码@controller/keystone
                provider = fernet
             初始化身份认证服务的数据库

        # su -s /bin/sh -c "keystone-manage db_sync" keystone(一点要查看数据库是否生成表成功)
    初始化keys:
    #keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
    配置apache:
    #vi  /etc/httpd/conf/httpd.conf
      将ServerName 后面改成主机名,防止启动报错
      ServerName controller
    生成wsgi配置文件:
    #vi /etc/httpd/conf.d/wsgi-keystone.conf加入:

Listen 5000
Listen 35357

<VirtualHost *:5000>
    WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
    WSGIProcessGroup keystone-public
    WSGIScriptAlias / /usr/bin/keystone-wsgi-public
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
    ErrorLogFormat "%{cu}t %M"
    ErrorLog /var/log/httpd/keystone-error.log
    CustomLog /var/log/httpd/keystone-access.log combined

    <Directory /usr/bin>
        Require all granted
    </Directory>
</VirtualHost>

<VirtualHost *:35357>
    WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
    WSGIProcessGroup keystone-admin
    WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
    ErrorLogFormat "%{cu}t %M"
    ErrorLog /var/log/httpd/keystone-error.log
    CustomLog /var/log/httpd/keystone-access.log combined

    <Directory /usr/bin>
        Require all granted
    </Directory>
</VirtualHost>

 

    启动httpd:
    #systemctl enable httpd.service
    #systemctl start httpd.service

编辑 /etc/nova/nova.conf

5.1安装并配置控制节点

    创建neutron数据库
      #mysql -u root -p
      #CREATE DATABASE neutron;
      #GRANT ALL PRIVILEGES ON neutron.*澳门在线威尼斯官方 , TO 'neutron'@'localhost'
        IDENTIFIED BY 'NEUTRON_DBPASS';
      #GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%'
        IDENTIFIED BY 'NEUTRON_DBPASS';
    运行环境变量:
      #. admin-openrc
    创建用户:
      #openstack user create --domain default --password-prompt neutron
      #openstack role add --project service --user neutron admin
    创建网络服务:
      #openstack service create --name neutron
        --description "OpenStack Networking" network
    创建neutron endpoint
      #openstack endpoint create --region RegionOne
        network public
      #openstack endpoint create --region RegionOne
        network internal
      #openstack endpoint create --region RegionOne
        network admin
    创建vxlan网络:
      #yum install openstack-neutron openstack-neutron-ml2
        openstack-neutron-linuxbridge ebtables
      #vi /etc/neutron/neutron.conf
    [database]
      connection = mysql+pymysql://neutron:密码@controller/neutron
    [DEFAULT]
      core_plugin = ml2
      service_plugins = router
      allow_overlapping_ips = True
    [DEFAULT]
      rpc_backend = rabbit
              [oslo_messaging_rabbit]
      rabbit_host = controller
      rabbit_userid = openstack
      rabbit_password = RABBIT_PASS
    [DEFAULT]
      auth_strategy = keystone
    [keystone_authtoken]
      auth_uri =
      auth_url =
      memcached_servers = controller:11211
      auth_type = password
      project_domain_name = default
      user_domain_name = default
      project_name = service
      username = neutron
      password = xxxx
    [DEFAULT]
      notify_nova_on_port_status_changes = True
      notify_nova_on_port_data_changes = True
    [nova]
      auth_url =
      auth_type = password
      project_domain_name = default
      user_domain_name = default
      region_name = RegionOne
      project_name = service
      username = nova
      password = xxxx
    [oslo_concurrency]
      lock_path = /var/lib/neutron/tmp
    配置ml2扩展:
      #vi /etc/neutron/plugins/ml2/ml2_conf.ini
    [ml2]
      type_drivers = flat,vlan,vxlan
      tenant_network_types = vxlan
      mechanism_drivers = linuxbridge,l2population
      extension_drivers = port_security
    [ml2_type_flat]
      flat_networks = provider
    [ml2_type_vxlan]
      vni_ranges = 1:1000
    [securitygroup]
      enable_ipset = True
    配置网桥:
      #vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
    [linux_bridge]
      physical_interface_mappings = provider:使用的网卡名称
    [vxlan]
      enable_vxlan = True
      local_ip = OVERLAY_INTERFACE_IP_ADDRESS
      l2_population = True
    [securitygroup]
      enable_security_group = True
      firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
    配置3层网络:
      #vi /etc/neutron/l3_agent.ini
    [DEFAULT]
      interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
    配置dhcp:
      #vi /etc/neutron/dhcp_agent.ini
    [DEFAULT]
      interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
      dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
      enable_isolated_metadata = True
    配置metadata agent
      #vi /etc/neutron/metadata_agent.ini
    [DEFAULT]
      nova_metadata_ip = controller
      metadata_proxy_shared_secret = METADATA_SECRET
    #vi /etc/nova/nova.conf
    [neutron]
      url =
      auth_url =
      auth_type = password
      project_domain_name = default
      user_domain_name = default
      region_name = RegionOne
      project_name = service
      username = neutron
      password = xxxx
      service_metadata_proxy = True
      metadata_proxy_shared_secret = METADATA_SECRET
    创建扩展连接:
      ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
    启动:
      #systemctl restart openstack-nova-api.service
      #systemctl enable neutron-server.service
        neutron-linuxbridge-agent.service neutron-dhcp-agent.service
        neutron-metadata-agent.service
      #systemctl start neutron-server.service
        neutron-linuxbridge-agent.service neutron-dhcp-agent.service
        neutron-metadata-agent.service
         # systemctl enable neutron-l3-agent.service
      #systemctl start neutron-l3-agent.service  

memcached_servers = controller:11211

1.5消息队列

    消息队列在openstack整个架构中扮演着至关重要(交通枢纽)的作用,正是因为openstack部署的灵活性、模块的松耦合、架构的扁平化,反而使openstack更加依赖于消息队列(不一定使用RabbitMQ,

    可以是其他的消息队列产品),所以消息队列收发消息的性能和消息队列的HA能力直接影响openstack的性能。如果rabbitmq没有运行起来,你的整openstack平台将无法使用。rabbitmq使用5672端口。
    #yum install rabbitmq-server
    #systemctl enable rabbitmq-server.service(加入自启动)
    #systemctl start rabbitmq-server.service(启动)
    #rabbitmqctl add_user openstack RABBIT_PASS                       (增加用户openstack,密码自己设置替换掉RABBIT_PASS)
    #rabbitmqctl set_permissions openstack ".*" ".*" ".*"                   (给新增的用户授权,没有授权的用户将不能接受和传递消息)

本文由澳门在线威尼斯官方发布于电脑操作,转载请注明出处:将疑难点都进行划分,解决办法

关键词:

上一篇:如何最有效率的安装软件,下如何最有效率的安

下一篇:源码安装和配置zabbix