怎么在Ubuntu16单节点上安装OpenStack
发表于:2025-02-01 作者:千家信息网编辑
千家信息网最后更新 2025年02月01日,本篇内容主要讲解"怎么在Ubuntu16单节点上安装OpenStack",感兴趣的朋友不妨来看看。本文介绍的方法操作简单快捷,实用性强。下面就让小编来带大家学习"怎么在Ubuntu16单节点上安装Op
千家信息网最后更新 2025年02月01日怎么在Ubuntu16单节点上安装OpenStack
本篇内容主要讲解"怎么在Ubuntu16单节点上安装OpenStack",感兴趣的朋友不妨来看看。本文介绍的方法操作简单快捷,实用性强。下面就让小编来带大家学习"怎么在Ubuntu16单节点上安装OpenStack"吧!
软件包安装和基本配置
参考文档:
"OpenStack Installation Tutorial for Ubuntu"
基本网络配置
配置IP地址:
ipaddr : 192.168.195.160netmask : 255.255.255.0gateway : 192.168.195.2dns : 114.114.114.114
配置主机名:
$ vi /etc/hostnameUbuntuStack
配置本机DNS解析:
$ vi /etc/hosts127.0.0.1 ubuntustack
配置网卡:
$ vi /etc/network/interfaces# The provider network interfaceauto ens33iface ens33 inet manualup ip link set dev $IFACE updown ip link set dev $IFACE down
安装和配置NTP服务
安装chrony服务:
$ apt-get install chrony
配置NTP服务器地址,这里选择NTP在亚洲的服务器,且允许所有"192.168/16"网段从这里获取NTP服务。
$ vi /etc/chrony/chrony.confserver 0.asia.pool.ntp.org iburstserver 1.asia.pool.ntp.org iburstserver 2.asia.pool.ntp.org iburstallow 192.168/16
重启chrony服务:
$ service chrony restart
验证NTP服务,带有"*"的说明最近进行过同步。
$ chronyc sources210 Number of sources = 10MS Name/IP address Stratum Poll Reach LastRx Last sample===============================================================================^- 27.114.150.12 2 6 35 9 +104ms[ +104ms] +/- 336ms^- x.ns.gin.ntt.net 2 6 33 8 -44ms[ -44ms] +/- 209ms^- ntp.tums.ac.ir 3 6 123 3 +577us[ +577us] +/- 410ms^- 120.25.115.19 2 6 17 14 +2132us[+2132us] +/- 74ms^- 59.46.44.253 2 6 33 11 +734us[ +734us] +/- 78ms^* news.neu.edu.cn 2 6 17 14 +647us[+4083us] +/- 21ms^? 2001:da8:9000::130 0 6 0 10y +0ns[ +0ns] +/- 0ns^? 2400:a480:f:420:d2::bd 0 6 0 10y +0ns[ +0ns] +/- 0ns^? 2001:da8:9000::81 0 6 0 10y +0ns[ +0ns] +/- 0ns^? 2001:da8:202:10::61 0 6 0 10y +0ns[ +0ns] +/- 0ns
安装OpenStack软件包
$ apt-get install software-properties-common$ add-apt-repository cloud-archive:newton$ apt-get update && apt dist-upgrade$ apt-get install python-openstackclient
安装和配置数据库
安装MariaDB软件包:
$ apt install mariadb-server python-pymysql
配置MariaDB参数:
$ vi /etc/mysql/mariadb.conf.d/99-openstack.cnf[mysqld]bind-address = 192.168.195.160default-storage-engine = innodbinnodb_file_per_tablemax_connections = 4096collation-server = utf8_general_cicharacter-set-server = utf8
重启MariaDB:
$ service mysql restart
配置数据库:
$ mysql_secure_installationEnter current password for root (enter for none):>Set root password? [Y/n] > yNew password: > openstackRe-enter new password:> openstackRemove anonymous users? [Y/n]> nDisallow root login remotely? [Y/n]> nRemove test database and access to it? [Y/n]> nReload privilege tables now? [Y/n]> y
验证数据库服务:
$ mysql -uroot -pEnter password: > openstack> quit
安装和配置消息队列服务
安装RabbitMQ:
$ apt install rabbitmq-server
配置用户名和密码:
$ rabbitmqctl add_user openstack openstackCreating user "openstack" ...$ rabbitmqctl set_permissions openstack ".*" ".*" ".*"Setting permissions for user "openstack" in vhost "/" ...
安装和配置Memcached服务
安装Memcached软件包:
$ apt install memcached python-memcache
基本配置:
$ vi /etc/memcached.conf-l 192.168.195.160
重启服务:
$ service memcached restart
安装和配置认证服务
配置KeyStore数据库
创建KeyStore数据库:
$ mysql -u root -p> openstack> CREATE DATABASE keystone;> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'openstack';> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'openstack';> quit
配置数据库URL:
$ vi /etc/keystone/keystone.conf...[database]...connection = mysql+pymysql://keystone:openstack@ubuntustack/keystone...
配置Fernet Key仓库Token:
$ vi /etc/keystone/keystone.conf...[token]...provider = fernet...
同步数据库:
$ su -s /bin/sh -c "keystone-manage db_sync" keystone
初始化KeyStore Fernet Key仓库
$ keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone$ keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
启动KeyStore服务
初始化KeyStore服务:
$ keystone-manage bootstrap --bootstrap-password openstack \ --bootstrap-admin-url http://ubuntustack:35357/v3/ \ --bootstrap-internal-url http://ubuntustack:35357/v3/ \ --bootstrap-public-url http://ubuntustack:5000/v3/ \ --bootstrap-region-id RegionOne
配置Apache2服务名:
$ vi /etc/apache2/apache2.conf...ServerName ubuntustack...
重启Apache2服务:
$ service apache2 restart$ rm -fv /var/lib/keystone/keystone.db
配置KeyStore权限
设置管理员环境变量:
$ export OS_USERNAME=admin$ export OS_PASSWORD=openstack$ export OS_PROJECT_NAME=admin$ export OS_USER_DOMAIN_NAME=default$ export OS_PROJECT_DOMAIN_NAME=default$ export OS_AUTH_URL=http://ubuntustack:35357/v3$ export OS_IDENTITY_API_VERSION=3
创建Project:
$ openstack project create --domain default \ --description "Service Project" service+-------------+----------------------------------+| Field | Value |+-------------+----------------------------------+| description | Service Project || domain_id | default || enabled | True || id | 2493d51774e64be1ae97041768b73d98 || is_domain | False || name | service || parent_id | default |+-------------+----------------------------------+$ openstack project create --domain default \ --description "Demo Project" demo+-------------+----------------------------------+| Field | Value |+-------------+----------------------------------+| description | Demo Project || domain_id | default || enabled | True || id | c7ddc0ecab64419486df0d7f66e8174c || is_domain | False || name | demo || parent_id | default |+-------------+----------------------------------+
创建User:
$ openstack user create --domain default \ --password-prompt demoUser Password:> openstackRepeat User Password:> openstack+---------------------+----------------------------------+| Field | Value |+---------------------+----------------------------------+| domain_id | default || enabled | True || id | ffff52bbf1da4c86a3d2b57e977f6b82 || name | demo || password_expires_at | None |+---------------------+----------------------------------+
创建Role:
$ openstack role create user+-----------+----------------------------------+| Field | Value |+-----------+----------------------------------+| domain_id | None || id | 314d4ba677ef4f6d92c53f00e470be1b || name | user |+-----------+----------------------------------+
为Project添加Role:
$ openstack role add --project demo --user demo user
验证KeyStore服务
编辑"/etc/keystone/keystone-paste.ini"文件,从"[pipeline:public_api]","[pipeline:admin_api]"和"[pipeline:api_v3]"小节中移除"admin_token_auth"。
取消"OS_AUTH_URL"和"OS_PASSWORD"环境变量设置:
$ unset OS_AUTH_URL OS_PASSWORD
请求一个admin认证Token:
$ openstack --os-auth-url http://ubuntustack:35357/v3 \ --os-project-domain-name default --os-user-domain-name default \ --os-project-name admin --os-username admin token issuePassword: > openstack+------------+----------------------------------+| Field | Value |+------------+----------------------------------+| expires | 2016-11-28 09:55:28+00:00 || id | ab3f069806b24fd29869eac1d6ccbbc8 || project_id | c77f9d27e4f5496092357ff991d1639b || user_id | 5524cbf52bf440deb5e3e8ccd074a267 |+------------+----------------------------------+
请求一个demo认证Token:
$ openstack --os-auth-url http://ubuntustack:5000/v3 \ --os-project-domain-name default --os-user-domain-name default \ --os-project-name demo --os-username demo token issuePassword: > openstack+------------+----------------------------------+| Field | Value |+------------+----------------------------------+| expires | 2016-11-28 09:56:25+00:00 || id | 628a27e1ae1847ea968186122d158ee6 || project_id | c7ddc0ecab64419486df0d7f66e8174c || user_id | ffff52bbf1da4c86a3d2b57e977f6b82 |+------------+----------------------------------+
创建OpenStack客户端环境变量脚本
创建admin用户环境变量脚本:
$ vi admin-openrcexport OS_PROJECT_DOMAIN_NAME=defaultexport OS_USER_DOMAIN_NAME=defaultexport OS_PROJECT_NAME=adminexport OS_USERNAME=adminexport OS_PASSWORD=openstackexport OS_AUTH_URL=http://ubuntustack:35357/v3export OS_IDENTITY_API_VERSION=3export OS_IMAGE_API_VERSION=2
创建demo用户环境变量脚本:
$ vi demo-openrcexport OS_PROJECT_DOMAIN_NAME=defaultexport OS_USER_DOMAIN_NAME=defaultexport OS_PROJECT_NAME=demoexport OS_USERNAME=demoexport OS_PASSWORD=openstackexport OS_AUTH_URL=http://ubuntustack:5000/v3export OS_IDENTITY_API_VERSION=3export OS_IMAGE_API_VERSION=2
验证admin用户环境变量脚本:
$ . admin-openrc$ openstack token issue+------------+----------------------------------+| Field | Value |+------------+----------------------------------+| expires | 2016-11-28 09:59:18+00:00 || id | 5192190f959545288ed4095b7cc2af1f || project_id | c77f9d27e4f5496092357ff991d1639b || user_id | 5524cbf52bf440deb5e3e8ccd074a267 |+------------+----------------------------------+
安装和配置镜像服务
创建Glance数据库:
$ mysql -u root -p> openstack> CREATE DATABASE glance;> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'openstack';> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'openstack';> quit
设置admin环境变量:
$ . admin-openrc
配置Glance的KeyStore认证
创建Glance用户:
$ openstack user create --domain default --password-prompt glanceUser Password:> openstackRepeat User Password:> openstack+---------------------+----------------------------------+| Field | Value |+---------------------+----------------------------------+| domain_id | default || enabled | True || id | 0333d28a75824b81a73d9c99ed0d6a09 || name | glance || password_expires_at | None |+---------------------+----------------------------------+
把Glance用户添加进服务的管理员角色:
$ openstack role add --project service --user glance admin
创建Glance服务:
$ openstack service create --name glance \ --description "OpenStack Image" image+-------------+----------------------------------+| Field | Value |+-------------+----------------------------------+| description | OpenStack Image || enabled | True || id | 64e1b1473cba4c3395c1aef20ae1b5d9 || name | glance || type | image |+-------------+----------------------------------+
创建Glance服务的公共EndPoint:
$ openstack endpoint create --region RegionOne image public http://ubuntustack:9292+--------------+----------------------------------+| Field | Value |+--------------+----------------------------------+| enabled | True || id | 6ba33ab89e2b4d8bb4c8583add6aaeee || interface | public || region | RegionOne || region_id | RegionOne || service_id | 64e1b1473cba4c3395c1aef20ae1b5d9 || service_name | glance || service_type | image || url | http://ubuntustack:9292 |+--------------+----------------------------------+
创建Glance服务的内部EndPoint:
$ openstack endpoint create --region RegionOne image internal http://ubuntustack:9292+--------------+----------------------------------+| Field | Value |+--------------+----------------------------------+| enabled | True || id | 2bbde57b9ddb4ae78ed825258c1b1e5e || interface | internal || region | RegionOne || region_id | RegionOne || service_id | 64e1b1473cba4c3395c1aef20ae1b5d9 || service_name | glance || service_type | image || url | http://ubuntustack:9292 |+--------------+----------------------------------+
创建Glance服务的管理EndPoint:
$ openstack endpoint create --region RegionOne image admin http://ubuntustack:9292+--------------+----------------------------------+| Field | Value |+--------------+----------------------------------+| enabled | True || id | b09eb627b221453e8ffdd99d7df7e67a || interface | admin || region | RegionOne || region_id | RegionOne || service_id | 64e1b1473cba4c3395c1aef20ae1b5d9 || service_name | glance || service_type | image || url | http://ubuntustack:9292 |+--------------+----------------------------------+
安装和配置Glance服务
安装Glance软件包
$ apt-get install glance
配置Glance API服务:
$ vi /etc/glance/glance-api.conf[database]...connection = mysql+pymysql://glance:openstack@ubuntustack/glance[keystone_authtoken]...auth_uri = http://ubuntustack:5000auth_url = http://ubuntustack:35357memcached_servers = ubuntustack:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = glancepassword = openstack[paste_deploy]...flavor = keystone[glance_store]...stores = file,httpdefault_store = filefilesystem_store_datadir = /opt/stack/images/
配置Glance Registery服务:
$ vi /etc/glance/glance-registry.conf[database]...connection = mysql+pymysql://glance:openstack@ubuntustack/glance[keystone_authtoken]...auth_uri = http://ubuntustack:5000auth_url = http://ubuntustack:35357memcached_servers = ubuntustack:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = glancepassword = openstack[paste_deploy]...flavor = keystone
同步Glance数据库:
$ su -s /bin/sh -c "glance-manage db_sync" glance
创建镜像保存目录:
$ mkdir -pv /opt/stack/images$ chown glance:glance /opt/stack/images$ chmod 744 /opt/stack/images
重启Glance服务:
$ service glance-registry restart$ service glance-api restart
验证Glance服务
设置管理员环境变量:
$ . admin-openrc
下载测试镜像:
$ wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
添加测试镜像到Glance仓库:
$ openstack image create "cirros" \ --file cirros-0.3.4-x86_64-disk.img \ --disk-format qcow2 --container-format bare \ --public+------------------+------------------------------------------------------+| Field | Value |+------------------+------------------------------------------------------+| checksum | ee1eca47dc88f4879d8a229cc70a07c6 || container_format | bare || created_at | 2016-11-28T21:14:49Z || disk_format | qcow2 || file | /v2/images/e345e8b0-71b7-44e0-b1a1-e168f85a19f6/file || id | e345e8b0-71b7-44e0-b1a1-e168f85a19f6 || min_disk | 0 || min_ram | 0 || name | cirros || owner | c77f9d27e4f5496092357ff991d1639b || protected | False || schema | /v2/schemas/image || size | 13287936 || status | active || tags | || updated_at | 2016-11-28T21:14:49Z || virtual_size | None || visibility | public |+------------------+------------------------------------------------------+
查看已加入的镜像:
$ openstack image list+--------------------------------------+--------+--------+| ID | Name | Status |+--------------------------------------+--------+--------+| e345e8b0-71b7-44e0-b1a1-e168f85a19f6 | cirros | active |+--------------------------------------+--------+--------+
安装和配置计算服务
创建Nova数据库:
$ mysql -u root -pEnter password:> openstack> CREATE DATABASE nova_api;> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'openstack';> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'openstack';> CREATE DATABASE nova;> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'openstack';> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'openstack';> quit
设置管理员环境变量:
$ . admin-openrc
配置Nova的KeyStore认证
创建Nova用户:
$ openstack user create --domain default --password-prompt novaUser Password:> openstackRepeat User Password:> openstack+---------------------+----------------------------------+| Field | Value |+---------------------+----------------------------------+| domain_id | default || enabled | True || id | e69cc08aab424e32b890b25621eef471 || name | nova || password_expires_at | None |+---------------------+----------------------------------+
添加Nova用户到服务的管理员角色:
$ openstack role add --project service --user nova admin
创建Nova服务:
$ openstack service create --name nova --description "OpenStack Compute" compute+-------------+----------------------------------+| Field | Value |+-------------+----------------------------------+| description | OpenStack Compute || enabled | True || id | 472934388a194c36a80295c267e5252f || name | nova || type | compute |+-------------+----------------------------------+
创建Nova服务的公共EndPoint:
$ openstack endpoint create --region RegionOne compute public http://ubuntustack:8774/v2.1/%\(tenant_id\)s+--------------+--------------------------------------------+| Field | Value |+--------------+--------------------------------------------+| enabled | True || id | 74f5e21c114a48d68782a886ff6c4ca7 || interface | public || region | RegionOne || region_id | RegionOne || service_id | 472934388a194c36a80295c267e5252f || service_name | nova || service_type | compute || url | http://ubuntustack:8774/v2.1/%(tenant_id)s |+--------------+--------------------------------------------+
创建Nova服务的内部EndPoint:
$ openstack endpoint create --region RegionOne compute internal http://ubuntustack:8774/v2.1/%\(tenant_id\)s+--------------+--------------------------------------------+| Field | Value |+--------------+--------------------------------------------+| enabled | True || id | 2cdc0c65e9e04136bf08e1ec913eaadb || interface | internal || region | RegionOne || region_id | RegionOne || service_id | 472934388a194c36a80295c267e5252f || service_name | nova || service_type | compute || url | http://ubuntustack:8774/v2.1/%(tenant_id)s |+--------------+--------------------------------------------+
创建Nova服务的管理EndPoint:
$ openstack endpoint create --region RegionOne compute admin http://ubuntustack:8774/v2.1/%\(tenant_id\)s+--------------+--------------------------------------------+| Field | Value |+--------------+--------------------------------------------+| enabled | True || id | 47ace5dab56940cbbac20b43abedadb9 || interface | admin || region | RegionOne || region_id | RegionOne || service_id | 472934388a194c36a80295c267e5252f || service_name | nova || service_type | compute || url | http://ubuntustack:8774/v2.1/%(tenant_id)s |+--------------+--------------------------------------------+
安装和配置Nova服务
安装Nova软件包:
$ apt-get install nova-api nova-conductor nova-consoleauth nova-novncproxy nova-scheduler nova-compute
配置Nova服务:
$ vi /etc/nova/nova.conf[DEFAULT]...transport_url = rabbit://openstack:openstack@ubuntustackauth_strategy = keystonemy_ip = 192.168.195.160use_neutron = Truefirewall_driver = nova.virt.firewall.NoopFirewallDriver[api_database]...connection = mysql+pymysql://nova:openstack@ubuntustack/nova_api[database]...connection = mysql+pymysql://nova:openstack@ubuntustack/nova[keystone_authtoken]...auth_uri = http://ubuntustack:5000auth_url = http://ubuntustack:35357memcached_servers = ubuntustack:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = novapassword = openstack[vnc]...vncserver_listen = $my_ipvncserver_proxyclient_address = $my_ipenabled = Truenovncproxy_base_url = http://ubuntustack:6080/vnc_auto.html[glance]...api_servers = http://ubuntustack:9292[oslo_concurrency]...lock_path = /var/lib/nova/tmp
配置Nova虚拟机类型:
$ vi /etc/nova/nova-compute.conf[libvirt]...virt_type = qemu
同步Nova数据库:
$ su -s /bin/sh -c "nova-manage api_db sync" nova$ su -s /bin/sh -c "nova-manage db sync" nova
重启Nova服务:
$ service nova-api restart && service nova-consoleauth restart && service nova-scheduler restart && \ service nova-conductor restart && service nova-novncproxy restart && service nova-compute restart
验证Nova服务
设置管理员环境变量:
$ . admin-openrc
查看计算服务状态:
$ openstack compute service list+----+------------------+-------------+----------+---------+-------+----------------------------+| ID | Binary | Host | Zone | Status | State | Updated At |+----+------------------+-------------+----------+---------+-------+----------------------------+| 4 | nova-consoleauth | UbuntuStack | internal | enabled | up | 2016-11-28T21:51:28.000000 || 5 | nova-scheduler | UbuntuStack | internal | enabled | up | 2016-11-28T21:51:32.000000 || 6 | nova-conductor | UbuntuStack | internal | enabled | up | 2016-11-28T21:51:32.000000 || 8 | nova-compute | UbuntuStack | nova | enabled | up | 2016-11-28T21:51:28.000000 |+----+------------------+-------------+----------+---------+-------+----------------------------+
查看Nova日志:
$ vi /var/log/nova/nova-compute.log
安装和配置网络服务
创建Neutron数据库:
$ mysql -u root -p> openstack> CREATE DATABASE neutron;> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'openstack';> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'openstack';> quit
设置管理员环境变量:
$ . admin-openrc
配置Neutron的KeyStore认证
创建Neutron用户:
$ openstack user create --domain default --password-prompt neutronUser Password:> openstackRepeat User Password:> openstack+---------------------+----------------------------------+| Field | Value |+---------------------+----------------------------------+| domain_id | default || enabled | True || id | da9bf75b6a4041d1b9aba7b236026a2d || name | neutron || password_expires_at | None |+---------------------+----------------------------------+
把Neutorn加入服务的管理角色:
$ openstack role add --project service --user neutron admin
创建Neutron服务:
$ openstack service create --name neutron --description "OpenStack Networking" network+-------------+----------------------------------+| Field | Value |+-------------+----------------------------------+| description | OpenStack Networking || enabled | True || id | 7d3567ffbc4941dd800f445eab76ded9 || name | neutron || type | network |+-------------+----------------------------------+
创建Neutron服务的公共EndPoint:
$ openstack endpoint create --region RegionOne network public http://ubuntustack:9696+--------------+----------------------------------+| Field | Value |+--------------+----------------------------------+| enabled | True || id | b55696fa3198466a9def11bda1263caf || interface | public || region | RegionOne || region_id | RegionOne || service_id | 7d3567ffbc4941dd800f445eab76ded9 || service_name | neutron || service_type | network || url | http://ubuntustack:9696 |+--------------+----------------------------------+
创建Neutron服务的内部EndPoint:
$ openstack endpoint create --region RegionOne network internal http://ubuntustack:9696+--------------+----------------------------------+| Field | Value |+--------------+----------------------------------+| enabled | True || id | 26f5c0b68e134e87bd95a3ae8aa676f1 || interface | internal || region | RegionOne || region_id | RegionOne || service_id | 7d3567ffbc4941dd800f445eab76ded9 || service_name | neutron || service_type | network || url | http://ubuntustack:9696 |+--------------+----------------------------------+
创建Neutron服务的管理EndPoint:
$ openstack endpoint create --region RegionOne network admin http://ubuntustack:9696+--------------+----------------------------------+| Field | Value |+--------------+----------------------------------+| enabled | True || id | 8149bf9a36ce4e53884bd3a766dfb116 || interface | admin || region | RegionOne || region_id | RegionOne || service_id | 7d3567ffbc4941dd800f445eab76ded9 || service_name | neutron || service_type | network || url | http://ubuntustack:9696 |+--------------+----------------------------------+
安装和配置Neutron服务
安装Neutron软件包:
$ apt-get install neutron-server neutron-plugin-ml2 neutron-linuxbridge-agent neutron-l3-agent neutron-dhcp-agent neutron-metadata-agent
配置Neutron服务:
$ vi /etc/neutron/neutron.conf[database]...connection = mysql+pymysql://neutron:openstack@ubuntustack/neutron[DEFAULT]...core_plugin = ml2service_plugins = routerallow_overlapping_ips = Truetransport_url = rabbit://openstack:openstack@ubuntustackauth_strategy = keystonenotify_nova_on_port_status_changes = Truenotify_nova_on_port_data_changes = True[keystone_authtoken]...auth_uri = http://ubuntustack:5000auth_url = http://ubuntustack:35357memcached_servers = ubuntustack:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = neutronpassword = openstack[nova]...auth_url = http://ubuntustack:35357auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultregion_name = RegionOneproject_name = serviceusername = novapassword = openstack
配置"Self-Service"网络
# Configure the Modular Layer 2 (ML2) plug-in$ vi /etc/neutron/plugins/ml2/ml2_conf.ini[ml2]...type_drivers = flat,vlan,vxlantenant_network_types = vxlanmechanism_drivers = linuxbridge,l2populationextension_drivers = port_security[ml2_type_flat]...flat_networks = provider[ml2_type_vxlan]...vni_ranges = 1:1000[securitygroup]...enable_ipset = True
配置Linux网桥代理:
$ vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini[linux_bridge]physical_interface_mappings = provider:ens33[vxlan]enable_vxlan = Truelocal_ip = 192.168.195.160l2_population = True[securitygroup]...enable_security_group = Truefirewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
配置Layer 3代理:
$ vi /etc/neutron/l3_agent.ini[DEFAULT]...interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
配置DHCP代理:
$ vi /etc/neutron/dhcp_agent.ini[DEFAULT]...interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriverdhcp_driver = neutron.agent.linux.dhcp.Dnsmasqenable_isolated_metadata = True
配置元数据代理:
$ vi /etc/neutron/metadata_agent.ini[DEFAULT]...nova_metadata_ip = ubuntustackmetadata_proxy_shared_secret = openstack
配置Nova服务使用Neutron服务:
$ vi /etc/nova/nova.conf[neutron]...url = http://ubuntustack:9696auth_url = http://ubuntustack:35357auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultregion_name = RegionOneproject_name = serviceusername = neutronpassword = openstackservice_metadata_proxy = Truemetadata_proxy_shared_secret = openstack
同步Neutron数据库:
$ su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \ --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
重启Nova和Neutron服务:
$ service nova-api restart$ service neutron-server restart && service neutron-linuxbridge-agent restart && \ service neutron-dhcp-agent restart && service neutron-metadata-agent restart$ service neutron-l3-agent restart$ service nova-compute restart
验证Neutron服务
设置管理员环境变量
$ . admin-openrc
查看Neutron扩展:
$ neutron ext-list+---------------------------+-----------------------------------------------+| alias | name |+---------------------------+-----------------------------------------------+| default-subnetpools | Default Subnetpools || network-ip-availability | Network IP Availability || network_availability_zone | Network Availability Zone || auto-allocated-topology | Auto Allocated Topology Services || ext-gw-mode | Neutron L3 Configurable external gateway mode || binding | Port Binding || agent | agent || subnet_allocation | Subnet Allocation || l3_agent_scheduler | L3 Agent Scheduler || tag | Tag support || external-net | Neutron external network || flavors | Neutron Service Flavors || net-mtu | Network MTU || availability_zone | Availability Zone || quotas | Quota management support || l3-ha | HA Router extension || provider | Provider Network || multi-provider | Multi Provider Network || address-scope | Address scope || extraroute | Neutron Extra Route || subnet-service-types | Subnet service types || standard-attr-timestamp | Resource timestamps || service-type | Neutron Service Type Management || l3-flavors | Router Flavor Extension || port-security | Port Security || extra_dhcp_opt | Neutron Extra DHCP opts || standard-attr-revisions | Resource revision numbers || pagination | Pagination support || sorting | Sorting support || security-group | security-group || dhcp_agent_scheduler | DHCP Agent Scheduler || router_availability_zone | Router Availability Zone || rbac-policies | RBAC Policies || standard-attr-description | standard-attr-description || router | Neutron L3 Router || allowed-address-pairs | Allowed Address Pairs || project-id | project_id field enabled || dvr | Distributed Virtual Router |+---------------------------+-----------------------------------------------+
查看网络代理:
$ openstack network agent list+--------------------------------------+--------------------+-------------+-------------------+-------+-------+---------------------------+| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |+--------------------------------------+--------------------+-------------+-------------------+-------+-------+---------------------------+| 3d9ec505-1ec9-48a9-9f2f-a5b769fbd77e | L3 agent | UbuntuStack | nova | True | UP | neutron-l3-agent || 3ee2203d-d462-453a-990c-d6646a1262b7 | Linux bridge agent | UbuntuStack | None | True | UP | neutron-linuxbridge-agent || 87ccc0a5-e686-4e04-ad75-b066be2771e9 | Metadata agent | UbuntuStack | None | True | UP | neutron-metadata-agent || deaf9d1b-d2b0-4706-be37-5fbdc0d16abf | DHCP agent | UbuntuStack | nova | True | UP | neutron-dhcp-agent |+--------------------------------------+--------------------+-------------+-------------------+-------+-------+---------------------------+
启动一个虚拟机实例
创建和配置"Provider"网络
设置管理员环境变量:
$ . admin-openrc
创建"Provider"网络:
$ openstack network create --share --provider-physical-network provider --provider-network-type flat provider+---------------------------+--------------------------------------+| Field | Value |+---------------------------+--------------------------------------+| admin_state_up | UP || availability_zone_hints | || availability_zones | || created_at | 2016-11-28T23:15:05Z || description | || headers | || id | 716eaea1-3b1b-459a-a601-4b9a0d3266e3 || ipv4_address_scope | None || ipv6_address_scope | None || mtu | 1500 || name | provider || port_security_enabled | True || project_id | c77f9d27e4f5496092357ff991d1639b || project_id | c77f9d27e4f5496092357ff991d1639b || provider:network_type | flat || provider:physical_network | provider || provider:segmentation_id | None || revision_number | 3 || router:external | Internal || shared | True || status | ACTIVE || subnets | || tags | [] || updated_at | 2016-11-28T23:15:05Z |+---------------------------+--------------------------------------+
为"Provider"网络创建一个子网:
$ openstack subnet create --network provider \ --allocation-pool start=192.168.195.200,end=192.168.195.230 \ --dns-nameserver 114.114.114.114 --gateway 192.168.195.2 \ --subnet-range 192.168.195.0/24 provider+-------------------+--------------------------------------+| Field | Value |+-------------------+--------------------------------------+| allocation_pools | 192.168.195.200-192.168.195.230 || cidr | 192.168.195.0/24 || created_at | 2016-11-28T23:19:49Z || description | || dns_nameservers | 114.114.114.114 || enable_dhcp | True || gateway_ip | 192.168.195.2 || headers | || host_routes | || id | b8d66c38-2770-46f0-bbc1-6010b995d5af || ip_version | 4 || ipv6_address_mode | None || ipv6_ra_mode | None || name | provider || network_id | 716eaea1-3b1b-459a-a601-4b9a0d3266e3 || project_id | c77f9d27e4f5496092357ff991d1639b || project_id | c77f9d27e4f5496092357ff991d1639b || revision_number | 2 || service_types | [] || subnetpool_id | None || updated_at | 2016-11-28T23:19:49Z |+-------------------+--------------------------------------+
创建和配置"Self-Service"网络
设置测试用户环境变量:
$ . demo-openrc
创建"Self-Service"网络:
$ openstack network create selfservice+-------------------------+--------------------------------------+| Field | Value |+-------------------------+--------------------------------------+| admin_state_up | UP || availability_zone_hints | || availability_zones | || created_at | 2016-11-29T09:47:39Z || description | || headers | || id | eb2f08c3-dbc4-423e-8206-6b0fb07d94b7 || ipv4_address_scope | None || ipv6_address_scope | None || mtu | 1450 || name | selfservice || port_security_enabled | True || project_id | c7ddc0ecab64419486df0d7f66e8174c || project_id | c7ddc0ecab64419486df0d7f66e8174c || revision_number | 3 || router:external | Internal || shared | False || status | ACTIVE || subnets | || tags | [] || updated_at | 2016-11-29T09:47:39Z |+-------------------------+--------------------------------------+
设置"Self-Service"网络子网:
$ openstack subnet create --network selfservice \ --dns-nameserver 114.114.114.114 --gateway 192.168.196.1 \ --subnet-range 192.168.196.0/24 selfservice+-------------------+--------------------------------------+| Field | Value |+-------------------+--------------------------------------+| allocation_pools | 192.168.196.2-192.168.196.254 || cidr | 192.168.196.0/24 || created_at | 2016-11-28T23:23:23Z || description | || dns_nameservers | 114.114.114.114 || enable_dhcp | True || gateway_ip | 192.168.196.1 || headers | || host_routes | || id | e7aed07e-0d4c-4b8f-9210-1ec658a92f33 || ip_version | 4 || ipv6_address_mode | None || ipv6_ra_mode | None || name | selfservice || network_id | 18d0b6d3-b78a-4703-a24e-ec5dc9b73bd7 || project_id | c77f9d27e4f5496092357ff991d1639b || project_id | c77f9d27e4f5496092357ff991d1639b || revision_number | 2 || service_types | [] || subnetpool_id | None || updated_at | 2016-11-28T23:23:24Z |+-------------------+--------------------------------------+
查看已经创建的网络:
$ openstack subnet list+--------------------------------------+-------------+--------------------------------------+------------------+| ID | Name | Network | Subnet |+--------------------------------------+-------------+--------------------------------------+------------------+| b8d66c38-2770-46f0-bbc1-6010b995d5af | provider | 716eaea1-3b1b-459a-a601-4b9a0d3266e3 | 192.168.195.0/24 || ee9382f0-3ce2-4451-931e-402da6441a35 | selfservice | eb2f08c3-dbc4-423e-8206-6b0fb07d94b7 | 192.168.196.0/24 |+--------------------------------------+-------------+--------------------------------------+------------------+
创建和配置路由
设置测试用户环境变量:
$ . demo-openrc
更新"Provider"网络路由:
$ neutron net-update provider --router:externalUpdated network: provider
创建一个路由:
$ openstack router create router+-------------------------+--------------------------------------+| Field | Value |+-------------------------+--------------------------------------+| admin_state_up | UP || availability_zone_hints | || availability_zones | || created_at | 2016-11-29T09:50:56Z || description | || external_gateway_info | null || flavor_id | None || headers | || id | 2b84f7f4-9bef-427f-afad-19a9f53b4b2d || name | router || project_id | c7ddc0ecab64419486df0d7f66e8174c || project_id | c7ddc0ecab64419486df0d7f66e8174c || revision_number | 2 || routes | || status | ACTIVE || updated_at | 2016-11-29T09:50:56Z |+-------------------------+--------------------------------------+
把"Self-Service"网络添加进路由端口:
$ neutron router-interface-add router selfserviceAdded interface ba82e6d7-117d-42cd-8c51-adde92aeb14b to router router.# neutron router-interface-delete router selfservice
设置"Provider"网络的网关:
$ neutron router-gateway-set router providerSet gateway for router router# neutron router-gateway-clear router provider
验证网络服务
设置管理员用户环境变量:
$ . admin-openrc
查看网络命名空间:
$ ip netnsqrouter-2b84f7f4-9bef-427f-afad-19a9f53b4b2d (id: 2)qdhcp-eb2f08c3-dbc4-423e-8206-6b0fb07d94b7 (id: 1)qdhcp-716eaea1-3b1b-459a-a601-4b9a0d3266e3 (id: 0)
查看路由端口:
$ neutron router-port-list router+--------------------------------------+------+-------------------+---------------------------------------------------+| id | name | mac_address | fixed_ips |+--------------------------------------+------+-------------------+---------------------------------------------------+| 1b867faf-2602-4a2b-a626-a80be2dbb8a4 | | fa:16:3e:48:b3:dd | {"subnet_id": || | | | "b8d66c38-2770-46f0-bbc1-6010b995d5af", || | | | "ip_address": "192.168.195.201"} || ba82e6d7-117d-42cd-8c51-adde92aeb14b | | fa:16:3e:19:ac:de | {"subnet_id": "ee9382f0-3ce2-4451-931e- || | | | 402da6441a35", "ip_address": "192.168.196.1"} |+--------------------------------------+------+-------------------+---------------------------------------------------+使用ping命令测试"Provider"网络:
$ ping -c 4 192.168.195.201PING 192.168.195.201 (192.168.195.201) 56(84) bytes of data.64 bytes from 192.168.195.201: icmp_seq=1 ttl=64 time=0.131 ms64 bytes from 192.168.195.201: icmp_seq=2 ttl=64 time=0.057 ms64 bytes from 192.168.195.201: icmp_seq=3 ttl=64 time=0.054 ms64 bytes from 192.168.195.201: icmp_seq=4 ttl=64 time=0.051 ms--- 192.168.195.201 ping statistics ---4 packets transmitted, 4 received, 0% packet loss, time 2997msrtt min/avg/max/mdev = 0.051/0.073/0.131/0.033 ms
创建和配置虚拟机模板
设置管理员用户环境变量:
$ . admin-openrc
创建"m1.nano"虚拟机模板:
$ openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano+----------------------------+---------+| Field | Value |+----------------------------+---------+| OS-FLV-DISABLED:disabled | False || OS-FLV-EXT-DATA:ephemeral | 0 || disk | 1 || id | 0 || name | m1.nano || os-flavor-access:is_public | True || properties | || ram | 64 || rxtx_factor | 1.0 || swap | || vcpus | 1 |+----------------------------+---------+
生成一个钥匙对
设置测试用户环境变量:
$ . demo-openrc
生成ssh钥匙对:
# Alternatively, you can skip the ssh-keygen command and use an existing public key.$ ssh-keygen -q -N ""Enter file in which to save the key (/root/.ssh/id_rsa):
添加钥匙对:
$ openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey+-------------+-------------------------------------------------+| Field | Value |+-------------+-------------------------------------------------+| fingerprint | 92:f3:2f:58:fa:6b:32:c7:b2:df:66:46:5f:28:43:d4 || name | mykey || user_id | ffff52bbf1da4c86a3d2b57e977f6b82 |+-------------+-------------------------------------------------+
查看钥匙对:
$ openstack keypair list+-------+-------------------------------------------------+| Name | Fingerprint |+-------+-------------------------------------------------+| mykey | 92:f3:2f:58:fa:6b:32:c7:b2:df:66:46:5f:28:43:d4 |+-------+-------------------------------------------------+
添加安全组规则
允许ICMP协议(可以ping):
$ openstack security group rule create --proto icmp default+-------------------+--------------------------------------+| Field | Value |+-------------------+--------------------------------------+| created_at | 2016-11-28T23:33:13Z || description | || direction | ingress || ethertype | IPv4 || headers | || id | 7f5a28ec-2523-4922-aaad-92bd4c1583c5 || port_range_max | None || port_range_min | None || project_id | c7ddc0ecab64419486df0d7f66e8174c || project_id | c7ddc0ecab64419486df0d7f66e8174c || protocol | icmp || remote_group_id | None || remote_ip_prefix | 0.0.0.0/0 || revision_number | 1 || security_group_id | 42794c97-bdfb-4f02-aa5c-c34df255f620 || updated_at | 2016-11-28T23:33:13Z |+-------------------+--------------------------------------+
允许SSH协议:
$ openstack security group rule create --proto tcp --dst-port 22 default+-------------------+--------------------------------------+| Field | Value |+-------------------+--------------------------------------+| created_at | 2016-11-28T23:34:05Z || description | || direction | ingress || ethertype | IPv4 || headers | || id | bfe104f7-e15c-4216-bf12-79c36247a308 || port_range_max | 22 || port_range_min | 22 || project_id | c7ddc0ecab64419486df0d7f66e8174c || project_id | c7ddc0ecab64419486df0d7f66e8174c || protocol | tcp || remote_group_id | None || remote_ip_prefix | 0.0.0.0/0 || revision_number | 1 || security_group_id | 42794c97-bdfb-4f02-aa5c-c34df255f620 || updated_at | 2016-11-28T23:34:05Z |+-------------------+--------------------------------------+
在"Self-Service"网络上启动虚拟机
确认虚拟机选项
设置测试用户环境变量:
$ . demo-openrc
查看已创建的虚拟机模板:
$ openstack flavor list+----+---------+-----+------+-----------+-------+-----------+| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |+----+---------+-----+------+-----------+-------+-----------+| 0 | m1.nano | 64 | 1 | 0 | 1 | True |+----+---------+-----+------+-----------+-------+-----------+
查看已添加的虚拟机镜像:
$ openstack image list+--------------------------------------+--------+--------+| ID | Name | Status |+--------------------------------------+--------+--------+| e345e8b0-71b7-44e0-b1a1-e168f85a19f6 | cirros | active |+--------------------------------------+--------+--------+
查看已创建的虚拟机网络:
$ openstack network list+--------------------------------------+-------------+--------------------------------------+| ID | Name | Subnets |+--------------------------------------+-------------+--------------------------------------+| 716eaea1-3b1b-459a-a601-4b9a0d3266e3 | provider | b8d66c38-2770-46f0-bbc1-6010b995d5af || eb2f08c3-dbc4-423e-8206-6b0fb07d94b7 | selfservice | ee9382f0-3ce2-4451-931e-402da6441a35 |+--------------------------------------+-------------+--------------------------------------+
查看已添加的安全组:
$ openstack security group list+--------------------------------------+---------+------------------------+----------------------------------+| ID | Name | Description | Project |+--------------------------------------+---------+------------------------+----------------------------------+| 42794c97-bdfb-4f02-aa5c-c34df255f620 | default | Default security group | c7ddc0ecab64419486df0d7f66e8174c |+--------------------------------------+---------+------------------------+----------------------------------+
创建虚拟机实例
创建并启动虚拟机:
$ openstack server create --flavor m1.nano --image cirros \ --nic net-id=eb2f08c3-dbc4-423e-8206-6b0fb07d94b7 --security-group default \ --key-name mykey selfservice-instance+--------------------------------------+-----------------------------------------------+| Field | Value |+--------------------------------------+-----------------------------------------------+| OS-DCF:diskConfig | MANUAL || OS-EXT-AZ:availability_zone | || OS-EXT-STS:power_state | NOSTATE || OS-EXT-STS:task_state | scheduling || OS-EXT-STS:vm_state | building || OS-SRV-USG:launched_at | None || OS-SRV-USG:terminated_at | None || accessIPv4 | || accessIPv6 | || addresses | || adminPass | RtZAyPrB426N || config_drive | || created | 2016-11-29T09:59:42Z || flavor | m1.nano (0) || hostId | || id | aef838f5-8f9d-4ff2-8a34-17bd5ac05a8a || image | cirros (e345e8b0-71b7-44e0-b1a1-e168f85a19f6) || key_name | mykey || name | selfservice-instance || os-extended-volumes:volumes_attached | [] || progress | 0 || project_id | c7ddc0ecab64419486df0d7f66e8174c || properties | || security_groups | [{u'name': u'default'}] || status | BUILD || updated | 2016-11-29T09:59:42Z || user_id | ffff52bbf1da4c86a3d2b57e977f6b82 |+--------------------------------------+-----------------------------------------------+查看虚拟机状态:
$ openstack server list+--------------------------------------+----------------------+--------+----------+------------+| ID | Name | Status | Networks | Image Name |+--------------------------------------+----------------------+--------+----------+------------+| aef838f5-8f9d-4ff2-8a34-17bd5ac05a8a | selfservice-instance | BUILD | | cirros |+--------------------------------------+----------------------+--------+----------+------------+
通过虚拟控制台访问虚拟机
如果虚拟机没有启动,可以使用如下命令:
$ openstack server start selfservice-instance
查看虚拟机控制台URL,并使用Web浏览器打开(用户名:"cirros",密码:"cubswin:)"):
$ openstack console url show selfservice-instance+-------+----------------------------------------------------------------------------------+| Field | Value |+-------+----------------------------------------------------------------------------------+| type | novnc || url | http://ubuntustack:6080/vnc_auto.html?token=749d78c1-33f1-4843-a5f6-1f0920773941 |+-------+----------------------------------------------------------------------------------+
重新设置虚拟机密码:
$ sudo passwd root> 123456> 123456
ping内网网关和公网网址:
$ ping -c 4 192.168.196.1$ ping www.163.com
远程访问虚拟机
在"Provider"网络上创建浮动IP:
$ openstack floating ip create provider+---------------------+--------------------------------------+| Field | Value |+---------------------+--------------------------------------+| created_at | 2016-11-29T10:04:06Z || description | || fixed_ip_address | None || floating_ip_address | 192.168.195.206 || floating_network_id | 716eaea1-3b1b-459a-a601-4b9a0d3266e3 || headers | || id | a037740a-eb2a-4b78-9b9a-39a5c1b00ac7 || port_id | None || project_id | c7ddc0ecab64419486df0d7f66e8174c || project_id | c7ddc0ecab64419486df0d7f66e8174c || revision_number | 1 || router_id | None || status | DOWN || updated_at | 2016-11-29T10:04:06Z |+---------------------+--------------------------------------+# openstack floating ip delete d30f7916-a9c7-42ee-aaec-f60bb1ae732a
为刚才创建的"selfservice-instance"虚拟机添加一个浮动IP:
$ openstack server add floating ip selfservice-instance 192.168.195.206# openstack server remove floating ip selfservice-instance 192.168.195.211
查看虚拟机状态:
$ openstack server list+--------------------------------------+----------------------+--------+--------------------------------------------+------------+| ID | Name | Status | Networks | Image Name |+--------------------------------------+----------------------+--------+--------------------------------------------+------------+| aef838f5-8f9d-4ff2-8a34-17bd5ac05a8a | selfservice-instance | ACTIVE | selfservice=192.168.196.9, 192.168.195.206 | cirros |+--------------------------------------+----------------------+--------+--------------------------------------------+------------+
ping虚拟机浮动IP:
$ ping -c 4 192.168.195.206PING 192.168.195.206 (192.168.195.206) 56(84) bytes of data.64 bytes from 192.168.195.206: icmp_seq=1 ttl=63 time=0.955 ms64 bytes from 192.168.195.206: icmp_seq=2 ttl=63 time=0.350 ms64 bytes from 192.168.195.206: icmp_seq=3 ttl=63 time=0.445 ms64 bytes from 192.168.195.206: icmp_seq=4 ttl=63 time=0.711 ms--- 192.168.195.206 ping statistics ---4 packets transmitted, 4 received, 0% packet loss, time 3003msrtt min/avg/max/mdev = 0.350/0.615/0.955/0.237 ms
使用ssh访问虚拟机:
$ ssh cirros@192.168.195.206$ cat /etc/issue login as 'cirros' user. default password: 'cubswin:)'. use 'sudo' for root.
安装和配置块存储服务
创建Cinder数据库:
$ mysql -u root -p> openstack> CREATE DATABASE cinder;> GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY 'openstack';> GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY 'openstack';> quit
设置管理员用户环境变量:
$ . admin-openrc
创建和配置Cinder的KeyStore认证
创建Cinder用户:
$ openstack user create --domain default --password-prompt cinderUser Password:> openstackRepeat User Password:> openstack+---------------------+----------------------------------+| Field | Value |+---------------------+----------------------------------+| domain_id | default || enabled | True || id | 16912fdd1eed410a8a76720b0a38a334 || name | cinder || password_expires_at | None |+---------------------+----------------------------------+
把Cinder用户添加进服务的管理员角色:
$ openstack role add --project service --user cinder admin
创建Cinder服务:
$ openstack service create --name cinder --description "OpenStack Block Storage" volume+-------------+----------------------------------+| Field | Value |+-------------+----------------------------------+| description | OpenStack Block Storage || enabled | True || id | 0b2ccf8379a345748773027492a28c8c || name | cinder || type | volume |+-------------+----------------------------------+
创建Cinder V2服务:
$ openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2+-------------+----------------------------------+| Field | Value |+-------------+----------------------------------+| description | OpenStack Block Storage || enabled | True || id | 4c9f38fec5e7419a96faeb615d9459c6 || name | cinderv2 || type | volumev2 |+-------------+----------------------------------+
创建Cinder服务的公共EndPoint:
$ openstack endpoint create --region RegionOne volume public http://ubuntustack:8776/v1/%\(tenant_id\)s+--------------+------------------------------------------+| Field | Value |+--------------+------------------------------------------+| enabled | True || id | 606c64305e0b49bb968d39aaec25b37a || interface | public || region | RegionOne || region_id | RegionOne || service_id | 0b2ccf8379a345748773027492a28c8c || service_name | cinder || service_type | volume || url | http://ubuntustack:8776/v1/%(tenant_id)s |+--------------+------------------------------------------+
创建Cinder服务的内部EndPoint:
$ openstack endpoint create --region RegionOne volume internal http://ubuntustack:8776/v1/%\(tenant_id\)s+--------------+------------------------------------------+| Field | Value |+--------------+------------------------------------------+| enabled | True || id | 315ba5dbbb9944abaa9d3bbe391b6b67 || interface | internal || region | RegionOne || region_id | RegionOne || service_id | 0b2ccf8379a345748773027492a28c8c || service_name | cinder || service_type | volume || url | http://ubuntustack:8776/v1/%(tenant_id)s |+--------------+------------------------------------------
创建Cinder服务的管理EndPoint:
$ openstack endpoint create --region RegionOne volume admin http://ubuntustack:8776/v1/%\(tenant_id\)s+--------------+------------------------------------------+| Field | Value |+--------------+------------------------------------------+| enabled | True || id | 7f1c360d846c45f3ba00ab9f1924eda3 || interface | admin || region | RegionOne || region_id | RegionOne || service_id | 0b2ccf8379a345748773027492a28c8c || service_name | cinder || service_type | volume || url | http://ubuntustack:8776/v1/%(tenant_id)s |+--------------+------------------------------------------+
创建Cinder V2服务的公共EndPoint:
$ openstack endpoint create --region RegionOne volumev2 public http://ubuntustack:8776/v2/%\(tenant_id\)s+--------------+------------------------------------------+| Field | Value |+--------------+------------------------------------------+| enabled | True || id | b0d39b4917ce440dae198c89313c2034 || interface | public || region | RegionOne || region_id | RegionOne || service_id | 4c9f38fec5e7419a96faeb615d9459c6 || service_name | cinderv2 || service_type | volumev2 || url | http://ubuntustack:8776/v2/%(tenant_id)s |+--------------+------------------------------------------+
创建Cinder V2服务的内部EndPoint:
$ openstack endpoint create --region RegionOne volumev2 internal http://ubuntustack:8776/v2/%\(tenant_id\)s+--------------+------------------------------------------+| Field | Value |+--------------+------------------------------------------+| enabled | True || id | 508541b13b1b4d4ebb860891c0ccffbd || interface | internal || region | RegionOne || region_id | RegionOne || service_id | 4c9f38fec5e7419a96faeb615d9459c6 || service_name | cinderv2 || service_type | volumev2 || url | http://ubuntustack:8776/v2/%(tenant_id)s |+--------------+------------------------------------------
创建Cinder V2服务的管理EndPoint:
$ openstack endpoint create --region RegionOne volumev2 admin http://ubuntustack:8776/v2/%\(tenant_id\)s+--------------+------------------------------------------+| Field | Value |+--------------+------------------------------------------+| enabled | True || id | 283c9c773a194b61aca19b3cfcdb14a6 || interface | admin || region | RegionOne || region_id | RegionOne || service_id | 4c9f38fec5e7419a96faeb615d9459c6 || service_name | cinderv2 || service_type | volumev2 || url | http://ubuntustack:8776/v2/%(tenant_id)s |+--------------+------------------------------------------+
安装和配置Cinder服务
安装Cinder软件包:
$ apt-get install cinder-api cinder-scheduler cinder-volume
$ vi /etc/cinder/cinder.conf[database]connection = mysql+pymysql://cinder:openstack@ubuntustack/cinder[DEFAULT]...transport_url = rabbit://openstack:openstack@ubuntustackauth_strategy = keystonemy_ip = 192.168.195.160[keystone_authtoken]auth_uri = http://ubuntustack:5000auth_url = http://ubuntustack:35357memcached_servers = ubuntustack:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = cinderpassword = openstack[oslo_concurrency]lock_path = /var/lib/cinder/tmp
配置Nova使用Cinder服务:
$ vi /etc/nova/nova.conf[cinder]os_region_name = RegionOne
同步Cinder数据库:
$ su -s /bin/sh -c "cinder-manage db sync" cinder
重启Nova和Cinder服务:
$ service nova-api restart && service cinder-scheduler restart && service cinder-api restart
安装和配置Cinder的LVM支持
安装LVM软件包:
$ apt-get install lvm2
启动LVM元数据服务:
$ service lvm2-lvmetad start
创建一个PV:
$ pvcreate /dev/sdd1 Physical volume "/dev/sdd1" successfully created
创建一个VG:
$ vgcreate cinder-volumes /dev/sdd1 Volume group "cinder-volumes" successfully created
配置Cinder使用LVM:
$ vi /etc/cinder/cinder.conf[DEFAULT]...enabled_backends = lvmglance_api_servers = http://ubuntustack:9292[lvm]volume_driver = cinder.volume.drivers.lvm.LVMVolumeDrivervolume_group = cinder-volumesiscsi_protocol = iscsiiscsi_helper = tgtadm
重启Cinder卷服务:
$ service cinder-volume restart
$ . admin-openrc
$ openstack volume service list+------------------+-----------------+------+---------+-------+----------------------------+| Binary | Host | Zone | Status | State | Updated At |+------------------+-----------------+------+---------+-------+----------------------------+| cinder-scheduler | UbuntuStack | nova | enabled | up | 2016-11-29T00:35:14.000000 || cinder-volume | UbuntuStack | nova | enabled | up | 2016-11-29T00:34:33.000000 || cinder-volume | UbuntuStack@lvm | nova | enabled | up | 2016-11-29T00:35:17.000000 |+------------------+-----------------+------+---------+-------+----------------------------+
创建一个LV卷
设置测试用户环境变量:
$ . demo-openrc
创建一个1G的卷:
$ openstack volume create --size 1 volume1+---------------------+--------------------------------------+| Field | Value |+---------------------+--------------------------------------+| attachments | [] || availability_zone | nova || bootable | false || consistencygroup_id | None || created_at | 2016-11-29T10:21:46.494577 || description | None || encrypted | False || id | 5e291162-0cbb-4077-bb07-c2a217b28c1e || multiattach | False || name | volume1 || properties | || replication_status | disabled || size | 1 || snapshot_id | None || source_volid | None || status | creating || type | None || updated_at | None || user_id | ffff52bbf1da4c86a3d2b57e977f6b82 |+---------------------+--------------------------------------+# openstack volume delete volume1
查看已创建的卷:
$ openstack volume list+--------------------------------------+--------------+----------+------+-------------+| ID | Display Name | Status | Size | Attached to |+--------------------------------------+--------------+----------+------+-------------+| 5e291162-0cbb-4077-bb07-c2a217b28c1e | volume1 | creating | 1 | |+--------------------------------------+--------------+----------+------+-------------+
为虚拟机增加一个卷:
$ openstack server add volume selfservice-instance volume1
查看虚拟机状态:
$ openstack volume list+--------------------------------------+--------------+--------+------+-----------------------------------------------+| ID | Display Name | Status | Size | Attached to |+--------------------------------------+--------------+--------+------+-----------------------------------------------+| 5e291162-0cbb-4077-bb07-c2a217b28c1e | volume1 | in-use | 1 | Attached to selfservice-instance on /dev/vdb |+--------------------------------------+--------------+--------+------+-----------------------------------------------+
$ 查看附加到虚拟机的卷:
$ ssh cirros@192.168.195.206$ sudo fdisk -lDisk /dev/vda: 1073 MB, 1073741824 bytes255 heads, 63 sectors/track, 130 cylinders, total 2097152 sectorsUnits = sectors of 1 * 512 = 512 bytesSector size (logical/physical): 512 bytes / 512 bytesI/O size (minimum/optimal): 512 bytes / 512 bytesDisk identifier: 0x00000000 Device Boot Start End Blocks Id System/dev/vda1 * 16065 2088449 1036192+ 83 LinuxDisk /dev/vdb: 1073 MB, 1073741824 bytes16 heads, 63 sectors/track, 2080 cylinders, total 2097152 sectorsUnits = sectors of 1 * 512 = 512 bytesSector size (logical/physical): 512 bytes / 512 bytesI/O size (minimum/optimal): 512 bytes / 512 bytesDisk identifier: 0x00000000Disk /dev/vdb doesn't contain a valid partition table
安装和配置仪表盘服务
安装和配置Horizon服务
安装Horizon软件包:
$ apt install openstack-dashboard
配置Horizon服务:
$ vi /etc/openstack-dashboard/local_settings.py# Configure the dashboard to use OpenStack services on the ubuntustack nodeOPENSTACK_HOST = "ubuntustack"# Allow all hosts to access the dashboardALLOWED_HOSTS = ['*', ]# Configure the memcached session storage serviceSESSION_ENGINE = 'django.contrib.sessions.backends.cache'CACHES = { 'default': { 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', 'LOCATION': 'ubuntustack:11211', }}# Enable the Identity API version 3OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST# Enable support for domains:OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True# Configure API versions:OPENSTACK_API_VERSIONS = { "identity": 3, "image": 2, "volume": 2,}# Configure default as the default domain for users that you create via the dashboard:OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "default"# Configure user as the default role for users that you create via the dashboard:OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"# Optionally, configure the time zone:TIME_ZONE = "Asia/Shanghai"重启Web服务器:
$ service apache2 reload
验证Horizon服务
使用浏览器打开 http://ubuntustack/horizon ,使用如下用户名和密码登录查看:
Domain User Passworddefault admin openstackdefault demo openstack
到此,相信大家对"怎么在Ubuntu16单节点上安装OpenStack"有了更深的了解,不妨来实际操作一番吧!这里是网站,更多相关内容可以进入相关频道进行查询,关注我们,继续学习!
服务
配置
变量
环境
用户
网络
管理
数据
数据库
管理员
软件
软件包
验证
测试
认证
镜像
同步
路由
代理
状态
数据库的安全要保护哪些东西
数据库安全各自的含义是什么
生产安全数据库录入
数据库的安全性及管理
数据库安全策略包含哪些
海淀数据库安全审计系统
建立农村房屋安全信息数据库
易用的数据库客户端支持安全管理
连接数据库失败ssl安全错误
数据库的锁怎样保障安全
网络黑客篡改银行数据库
手机老是显示已连接到服务器
国家网络安全董事长
管理信息系统 数据库设计
网络技术岗怎么面试
高中信息技术数据库管理技术
计算机网络技术跟计算机安全
珠海信息软件开发联系方式
数据库代码生成
为什么要提高网络安全防护意识
mysql数据库+更新插入
杨浦区营销软件开发哪家好
上海现代软件开发模型
数据库查询的界面怎么调
进入网络安全模式之后怎么办
腾讯云服务器配置级别
软件开发的法律
服务器登陆记录
黄浦区银联数据库有哪些
新加坡服务器有什么好玩的app
网站服务器登陆
网络安全专注研发
php中怎么打开数据库
国产服务器稳定
闻政绩效管理系统软件开发部
福建蚂蚁云商网络技术有限公司
软件开发团队 实力
山西服务器交换机
广州交友软件开发哪里好
wincc变量前缀和服务器前缀
