架構(gòu)
controller1:10.0.10.61
controller1:10.0.10.62
vip:10.0.10.63
computer2:10.0.10.64
computer2:10.0.10.65
cinder:10.0.10.63
mysql:10.0.10.63
rabbitmq:10.0.10.63
配置變量，下面配置時(shí)候用這些變量

export con1=10.0.10.61
export con2=10.0.10.62
export vip=10.0.10.63
export com1=10.0.10.64
export com2=10.0.10.65
export myip=10.0.10.63
export rabip=10.0.10.63
export cin=10.0.10.63

{any}:表示任意控制節(jié)點(diǎn)執(zhí)行即可
{all}:表示所有控制節(jié)點(diǎn)執(zhí)行
{one}:第一個(gè)控制節(jié)點(diǎn)執(zhí)行
{two}:第二個(gè)控制節(jié)點(diǎn)執(zhí)行
{mysql}:mysql節(jié)點(diǎn)執(zhí)行

前置條件

關(guān)閉防火墻，時(shí)間同步，hosts配置，找一個(gè)國(guó)內(nèi)的openstack yum源
163源：
http://mirrors.163.com/centos/7/cloud/x86_64/openstack-newton/

iptables -F
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
yum install -y ntp
ntpdate time.windows.com
systemctl start ntpd
systemctl enable ntpd

{mysql} mysql 配置

安裝

yum -y install mariadb mariadb-server python2-PyMySQL

配置

[mysqld]
bind-address = 10.0.10.63
default-storage-engine = innodb
innodb_file_per_table
max_connections = 10000
collation-server = utf8_general_ci
character-set-server = utf8

啟動(dòng)

systemctl enable mariadb.service
systemctl start mariadb.service
systemctl status mariadb.service

初始化

mysql_secure_installation

{rab}rabbitmq

安裝

yum install rabbitmq-server -y

啟動(dòng)

systemctl start rabbitmq-server
systemctl enable rabbitmq-server
systemctl status rabbitmq-server

添加用戶

rabbitmqctl add_user openstack openstack
rabbitmqctl set_permissions openstack ".*" ".*" ".*"

開(kāi)啟web管理插件

/usr/lib/rabbitmq/bin/rabbitmq-plugins enable rabbitmq_management
systemctl restart rabbitmq-server

訪問(wèn)web控制臺(tái)

http://10.0.10.63:15672
密碼：guest/guest

memcached

{all}安裝并啟動(dòng)

yum install memcached python-memcached -y
systemctl start memcached
systemctl enable memcached
systemctl status memcached

安裝客戶端及配置工具

yum -y install python-openstackclient openstack-selinux  openstack-utils  python2-PyMySQL

keystone

{mysql}mysql

mysql -uroot -pmysql -e "CREATE DATABASE keystone;"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'keystone';"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%'  IDENTIFIED BY 'keystone';"

{one} 安裝

yum install openstack-keystone httpd mod_wsgi -y

{one}配置

openstack-config --set /etc/keystone/keystone.conf database connection mysql+pymysql://keystone:keystone@${myip}/keystone
openstack-config --set /etc/keystone/keystone.conf token provider fernet

{one}同步數(shù)據(jù)庫(kù)

su -s /bin/sh -c "keystone-manage db_sync" keystone

{one}初始化 fernet key

keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

{one} bootstrap identity service

keystone-manage bootstrap --bootstrap-password admin \
  --bootstrap-admin-url http://${vip}:35357/v3/ \
  --bootstrap-internal-url http://${vip}:35357/v3/ \
  --bootstrap-public-url http://${vip}:5000/v3/ \
  --bootstrap-region-id RegionOne

{one} 配置http

/etc/httpd/conf/httpd.conf
ServerName 10.0.10.61

/etc/httpd/conf.d/wsgi-keystone.conf
修改監(jiān)聽(tīng)地址加上IP地址

ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/

{one}啟動(dòng)http

systemctl enable httpd.service
systemctl start httpd.service

{two} 安裝

yum install openstack-keystone httpd mod_wsgi -y

{two}配置

openstack-config --set /etc/keystone/keystone.conf database connection mysql+pymysql://keystone:keystone@${myip}/keystone
openstack-config --set /etc/keystone/keystone.conf token provider fernet

{two}初始化 fernet key

copy 第一個(gè)節(jié)點(diǎn)/etc/keystone/下的fernet目錄和credential目錄

{two} 配置http

/etc/httpd/conf/httpd.conf
ServerName 10.0.10.62

/etc/httpd/conf.d/wsgi-keystone.conf
修改監(jiān)聽(tīng)地址加上IP地址

ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/

{two}啟動(dòng)http

systemctl enable httpd.service
systemctl start httpd.service

haproxy配置

yum install haproxy

listen status
    bind :1080
    mode http
    log global
    stats refresh 30s
    stats uri /admin?stats
    stats auth admin:admin

listen keystone_35357
    bind :35357
    balance source
    mode http
    server op61 10.0.10.61:35357 check inter 2000 rise 3 fall 2 weight 1
    server op62 10.0.10.62:35357 check inter 2000 rise 3 fall 2 weight 1

listen keystone_5000
    bind :5000
    balance source
    mode http
    server op61 10.0.10.61:5000 check inter 2000 rise 3 fall 2 weight 1
    server op62 10.0.10.62:5000 check inter 2000 rise 3 fall 2 weight 1

{one} 創(chuàng)建endpoint

export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://${vip}:35357/v3
export OS_IDENTITY_API_VERSION=3

openstack project create --domain default  --description "Service Project" service        
openstack project create --domain default  --description "Demo Project" demo   
openstack user create --domain default demo --password demo
openstack role create user                                           
openstack role add --project demo --user demo user

{all} 驗(yàn)證

unset OS_URL
unset OS_USERNAME
unset OS_PASSWORD
unset OS_PROJECT_NAME
unset OS_USER_DOMAIN_NAME
unset OS_PROJECT_DOMAIN_NAME
unset OS_AUTH_URL
openstack --os-auth-url http://${vip}:35357/v3 \
  --os-project-domain-name default --os-user-domain-name default \
  --os-project-name admin --os-username admin token issue
  
openstack --os-auth-url http://${vip}:5000/v3 \
  --os-project-domain-name default --os-user-domain-name default \
  --os-project-name demo --os-username demo token issue

{all} 創(chuàng)建環(huán)境變量腳本

vi admin-openrc.sh
export vip=10.0.10.63
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_AUTH_URL=http://${vip}:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

vi demo-openrc.sh
export vip=10.0.10.63
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=demo
export OS_AUTH_URL=http://${vip}:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

glance

{mysql} mysql

mysql -uroot -pmysql -e "CREATE DATABASE glance;"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost'   IDENTIFIED BY 'glance';"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'glance';"

{one} 創(chuàng)建endpoint

source admin-openrc.sh
openstack user create --domain default glance --password glance
openstack role add --project service --user glance admin
openstack service create --name glance --description "OpenStack Image" image
openstack endpoint create --region RegionOne  image public http://${vip}:9292
openstack endpoint create --region RegionOne  image internal http://${vip}:9292
openstack endpoint create --region RegionOne  image admin http://${vip}:9292

{one}安裝

yum install openstack-glance -y

{one}配置

openstack-config --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:glance@${myip}/glance
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers ${con1}:11211
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_type password
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name service
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username glance
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password glance
openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
openstack-config --set /etc/glance/glance-api.conf glance_store stores file,http
openstack-config --set /etc/glance/glance-api.conf glance_store default_store file
openstack-config --set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /var/lib/glance/images/
openstack-config --set /etc/glance/glance-registry.conf database connection mysql+pymysql://glance:glance@${myip}/glance
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken memcached_servers ${con1}:11211
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_type password
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_name service
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken username glance
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken password glance
openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone

{one}同步數(shù)據(jù)庫(kù)

su -s /bin/sh -c "glance-manage db_sync" glance

{one}啟動(dòng)

systemctl enable openstack-glance-api.service openstack-glance-registry.service
systemctl start openstack-glance-api.service openstack-glance-registry.service

{two}安裝

yum install openstack-glance -y

{two}配置

openstack-config --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:glance@${myip}/glance
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers ${con2}:11211
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_type password
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name service
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username glance
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password glance
openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
openstack-config --set /etc/glance/glance-api.conf glance_store stores file,http
openstack-config --set /etc/glance/glance-api.conf glance_store default_store file
openstack-config --set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /var/lib/glance/images/
openstack-config --set /etc/glance/glance-registry.conf database connection mysql+pymysql://glance:glance@${myip}/glance
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken memcached_servers ${con2}:11211
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_type password
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_name service
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken username glance
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken password glance
openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone

{two}啟動(dòng)

systemctl enable openstack-glance-api.service openstack-glance-registry.service
systemctl start openstack-glance-api.service openstack-glance-registry.service

{one,two}下載測(cè)試鏡像

wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img

haproxy配置

listen glance_9292
    bind :9292
    balance source
    mode http
    server op61 10.0.10.61:9292 check inter 2000 rise 3 fall 2 weight 1
    server op62 10.0.10.62:9292 check inter 2000 rise 3 fall 2 weight 1

listen glance_9191
    bind :9191
    balance source
    mode http
    server op61 10.0.10.61:9191 check inter 2000 rise 3 fall 2 weight 1
    server op62 10.0.10.62:9191 check inter 2000 rise 3 fall 2 weight 1

{one,two}驗(yàn)證

{one}上傳鏡像

openstack image create "cirros-1"  --file cirros-0.3.4-x86_64-disk.img   --disk-format qcow2 --container-format bare   --public

{two}上傳鏡像

openstack image create "cirros-2"  --file cirros-0.3.4-x86_64-disk.img   --disk-format qcow2 --container-format bare   --public

{one,two}

openstack image list

nova

{mysql}mysql

mysql -uroot -pmysql -e "CREATE DATABASE nova_api;"
mysql -uroot -pmysql -e "CREATE DATABASE nova;"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost'   IDENTIFIED BY 'nova';"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%'   IDENTIFIED BY 'nova';"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost'   IDENTIFIED BY 'nova';"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%'   IDENTIFIED BY 'nova';"

{one}創(chuàng)建endpoint

openstack user create --domain default nova  --password nova
openstack role add --project service --user nova admin
openstack service create --name nova --description "OpenStack Compute" compute
openstack endpoint create --region RegionOne   compute public http://${vip}:8774/v2.1/%\(tenant_id\)s
openstack endpoint create --region RegionOne   compute internal http://${vip}:8774/v2.1/%\(tenant_id\)s
openstack endpoint create --region RegionOne   compute admin http://${vip}:8774/v2.1/%\(tenant_id\)s

{one}安裝

yum install -y openstack-nova-api openstack-nova-conductor  openstack-nova-console openstack-nova-novncproxy   openstack-nova-scheduler

{one}配置

openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
openstack-config --set /etc/nova/nova.conf api_database connection mysql+pymysql://nova:nova@${myip}/nova_api
openstack-config --set /etc/nova/nova.conf database connection mysql+pymysql://nova:nova@${myip}/nova
openstack-config --set /etc/nova/nova.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_host ${rabip}
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_password openstack
openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers ${con1}:11211
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name service
openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
openstack-config --set /etc/nova/nova.conf keystone_authtoken password nova
openstack-config --set /etc/nova/nova.conf DEFAULT my_ip ${con1}
openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron  True
openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
openstack-config --set /etc/nova/nova.conf vnc vncserver_listen ${con1}
openstack-config --set /etc/nova/nova.conf vnc vncserver_proxyclient_address ${con1}
openstack-config --set /etc/nova/nova.conf glance api_servers http://${vip}:9292
openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp

{one}同步數(shù)據(jù)庫(kù)

su -s /bin/sh -c "nova-manage api_db sync" nova
su -s /bin/sh -c "nova-manage db sync" nova

{one}啟動(dòng)服務(wù)

systemctl enable openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
systemctl start openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service  openstack-nova-conductor.service openstack-nova-novncproxy.service

nova 計(jì)算服務(wù)（控制節(jié)點(diǎn)也作為計(jì)算節(jié)點(diǎn)）

{one}安裝

yum install -y openstack-nova-compute

{one}配置（因?yàn)樵摴?jié)點(diǎn)也是控制節(jié)點(diǎn)所有有些配置上面已經(jīng)配置過(guò)了）

openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
openstack-config --set /etc/nova/nova.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_host ${rabip}
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_password openstack
openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers ${con1}:11211
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name service
openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
openstack-config --set /etc/nova/nova.conf keystone_authtoken password nova
openstack-config --set /etc/nova/nova.conf DEFAULT my_ip ${con1}
openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron  True
openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
openstack-config --set /etc/nova/nova.conf vnc enable True
openstack-config --set /etc/nova/nova.conf vnc vncserver_listen 0.0.0.0
openstack-config --set /etc/nova/nova.conf vnc vncserver_proxyclient_address ${con1}
openstack-config --set /etc/nova/nova.conf vnc novncproxy_base_url http://${vip}:6080/vnc_auto.html
openstack-config --set /etc/nova/nova.conf glance api_servers http://${vip}:9292
openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp

{one}配置虛擬類型

若是虛擬機(jī)環(huán)境則

openstack-config --set /etc/nova/nova.conf libvirt virt_type qemu

若是物理機(jī)則

openstack-config --set /etc/nova/nova.conf libvirt virt_type kvm

{one}啟動(dòng)

systemctl enable libvirtd.service openstack-nova-compute.service
systemctl start libvirtd.service openstack-nova-compute.service
systemctl status libvirtd.service openstack-nova-compute.service

{two}安裝

yum install -y openstack-nova-api openstack-nova-conductor  openstack-nova-console openstack-nova-novncproxy   openstack-nova-scheduler

{two}配置

openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
openstack-config --set /etc/nova/nova.conf api_database connection mysql+pymysql://nova:nova@${myip}/nova_api
openstack-config --set /etc/nova/nova.conf database connection mysql+pymysql://nova:nova@${myip}/nova
openstack-config --set /etc/nova/nova.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_host ${rabip}
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_password openstack
openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers ${con2}:11211
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name service
openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
openstack-config --set /etc/nova/nova.conf keystone_authtoken password nova
openstack-config --set /etc/nova/nova.conf DEFAULT my_ip ${con2}
openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron  True
openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
openstack-config --set /etc/nova/nova.conf vnc vncserver_listen ${con2}
openstack-config --set /etc/nova/nova.conf vnc vncserver_proxyclient_address ${con2}
openstack-config --set /etc/nova/nova.conf glance api_servers http://${vip}:9292
openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp

{two}啟動(dòng)服務(wù)

systemctl enable openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
systemctl start openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service  openstack-nova-conductor.service openstack-nova-novncproxy.service

nova 計(jì)算服務(wù)（控制節(jié)點(diǎn)也作為計(jì)算節(jié)點(diǎn)）

{two}安裝

yum install -y openstack-nova-compute

{two}配置（因?yàn)樵摴?jié)點(diǎn)也是控制節(jié)點(diǎn)所有有些配置上面已經(jīng)配置過(guò)了）

openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
openstack-config --set /etc/nova/nova.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_host ${rabip}
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_password openstack
openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers ${con2}:11211
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name service
openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
openstack-config --set /etc/nova/nova.conf keystone_authtoken password nova
openstack-config --set /etc/nova/nova.conf DEFAULT my_ip ${con2}
openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron  True
openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
openstack-config --set /etc/nova/nova.conf vnc enable True
openstack-config --set /etc/nova/nova.conf vnc vncserver_listen 0.0.0.0
openstack-config --set /etc/nova/nova.conf vnc vncserver_proxyclient_address ${con2}
openstack-config --set /etc/nova/nova.conf vnc novncproxy_base_url http://${vip}:6080/vnc_auto.html
openstack-config --set /etc/nova/nova.conf glance api_servers http://${vip}:9292
openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp

{two}配置虛擬類型

若是虛擬機(jī)環(huán)境則

openstack-config --set /etc/nova/nova.conf libvirt virt_type qemu

若是物理機(jī)則

openstack-config --set /etc/nova/nova.conf libvirt virt_type kvm

{two}啟動(dòng)

systemctl enable libvirtd.service openstack-nova-compute.service
systemctl start libvirtd.service openstack-nova-compute.service
systemctl status libvirtd.service openstack-nova-compute.service

haproxy配置

listen nova_8774
    bind :8774
    balance source
    mode http
    server op61 10.0.10.61:8774 check inter 2000 rise 3 fall 2 weight 1
    server op62 10.0.10.62:8774 check inter 2000 rise 3 fall 2 weight 1

listen vnc_6080
    bind :6080
    balance source
    mode http
    server op61 10.0.10.61:6080 check inter 2000 rise 3 fall 2 weight 1
    server op62 10.0.10.62:6080 check inter 2000 rise 3 fall 2 weight 1

{one,two}驗(yàn)證

openstack compute service list

dashboard

{one}安裝

yum install -y openstack-dashboard

{one}配置

/etc/openstack-dashboard/local_settings
OPENSTACK_HOST = "10.0.10.61"
ALLOWED_HOSTS = ['*', ]
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'

CACHES = {
    'default': {
         'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
         'LOCATION': '10.0.10.61:11211',
    }
}

OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST

OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True

OPENSTACK_API_VERSIONS = {
    "identity": 3,
    "image": 2,
    "volume": 2,
}

OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "default"

OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"

TIME_ZONE = "TIME_ZONE"

{one}重啟

systemctl restart httpd.service memcached.service

{two}安裝

yum install -y openstack-dashboard

{two}配置

/etc/openstack-dashboard/local_settings
OPENSTACK_HOST = "10.0.10.62"
ALLOWED_HOSTS = ['*', ]
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'

CACHES = {
    'default': {
         'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
         'LOCATION': '10.0.10.62:11211',
    }
}

OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST

OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True

OPENSTACK_API_VERSIONS = {
    "identity": 3,
    "image": 2,
    "volume": 2,
}

OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "default"

OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"

TIME_ZONE = "TIME_ZONE"

如果是copy另一個(gè)節(jié)點(diǎn)的配置文件不要忘了改下權(quán)限

{two}重啟

systemctl restart httpd.service memcached.service

haproxy配置

listen dashboard_80
    bind :80
    balance source
    mode http
    server op61 10.0.10.61:80 check inter 2000 rise 3 fall 2 weight 1
    server op62 10.0.10.62:80 check inter 2000 rise 3 fall 2 weight 1

cinder

{mysql} mysql

mysql -uroot -pmysql -e "CREATE DATABASE cinder;"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost'  IDENTIFIED BY 'cinder';"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%'  IDENTIFIED BY 'cinder';"

{one}創(chuàng)建endpoint

openstack user create --domain default cinder --password cinder
openstack role add --project service --user cinder admin
openstack service create --name cinder   --description "OpenStack Block Storage" volume
openstack service create --name cinderv2   --description "OpenStack Block Storage" volumev2
openstack endpoint create --region RegionOne   volume public http://${vip}:8776/v1/%\(tenant_id\)s
openstack endpoint create --region RegionOne   volume internal http://${vip}:8776/v1/%\(tenant_id\)s
openstack endpoint create --region RegionOne   volume admin http://${vip}:8776/v1/%\(tenant_id\)s
openstack endpoint create --region RegionOne   volumev2 public http://${vip}:8776/v2/%\(tenant_id\)s
openstack endpoint create --region RegionOne   volumev2 internal http://${vip}:8776/v2/%\(tenant_id\)s
openstack endpoint create --region RegionOne   volumev2 admin http://${vip}:8776/v2/%\(tenant_id\)s

{one}安裝

yum install -y openstack-cinder

{one}配置

openstack-config --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:cinder@${myip}/cinder
openstack-config --set /etc/cinder/cinder.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_host ${rabip}
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_password openstack
openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken memcached_servers ${con1}:11211
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_type password
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name service
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password cinder
openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip ${con1}
openstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp

{one}同步數(shù)據(jù)

su -s /bin/sh -c "cinder-manage db sync" cinder

{one}配置nova

openstack-config --set /etc/nova/nova.conf cinder os_region_name RegionOne

{one}重啟nova,啟動(dòng)服務(wù)

systemctl restart openstack-nova-api.service
systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service
systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service

{two}安裝

yum install -y openstack-cinder

{two}配置

openstack-config --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:cinder@${myip}/cinder
openstack-config --set /etc/cinder/cinder.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_host ${rabip}
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_password openstack
openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken memcached_servers ${con2}:11211
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_type password
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name service
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password cinder
openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip ${con2}
openstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp

{two}配置nova

openstack-config --set /etc/nova/nova.conf cinder os_region_name RegionOne

{two}重啟nova,啟動(dòng)服務(wù)

systemctl restart openstack-nova-api.service
systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service
systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service

haproxy配置

listen cinder_8776
    bind :8776
    balance source
    mode http
    server op61 10.0.10.61:8776 check inter 2000 rise 3 fall 2 weight 1
    server op62 10.0.10.62:8776 check inter 2000 rise 3 fall 2 weight 1

cinder storage node

本例安裝一個(gè)存儲(chǔ)節(jié)點(diǎn)，采用lvm，暫時(shí)不考慮后端存儲(chǔ)高可用

安裝

yum -y install lvm2
systemctl enable lvm2-lvmetad.service
systemctl start lvm2-lvmetad.service

創(chuàng)建pv,vg

pvcreate /dev/sdb
vgcreate cinder-volumes /dev/sdb

修改lvm.conf過(guò)濾規(guī)則

/etc/lvm/lvm.conf
devices {
...
filter = [ "a/sdb/", "r/.*/"]

warning:若system in LVM disk 則
filter = [ "a/sda/", "a/sdb/", "r/.*/"]

安裝包

yum install -y openstack-cinder targetcli python-keystone

配置

/etc/cinder/cinder.conf
openstack-config --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:cinder@${myip}/cinder
openstack-config --set /etc/cinder/cinder.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_host ${rabip}
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_password openstack
openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken memcached_servers ${con1}:11211
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_type password
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name service
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password cinder
openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip ${cin}
openstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp
openstack-config --set /etc/cinder/cinder.conf lvm volume_driver cinder.volume.drivers.lvm.LVMVolumeDriver
openstack-config --set /etc/cinder/cinder.conf lvm volume_group cinder-volumes
openstack-config --set /etc/cinder/cinder.conf lvm iscsi_protocol iscsi
openstack-config --set /etc/cinder/cinder.conf lvm iscsi_helper lioadm
openstack-config --set /etc/cinder/cinder.conf DEFAULT enabled_backends lvm
openstack-config --set /etc/cinder/cinder.conf DEFAULT glance_api_servers http://${vip}:9292

啟動(dòng)

systemctl enable openstack-cinder-volume.service target.service
systemctl start openstack-cinder-volume.service target.service

{one,two}驗(yàn)證

cinder service-list

neutron

{mysql}mysql

mysql -uroot -pmysql -e "CREATE DATABASE neutron;"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost'   IDENTIFIED BY 'neutron';"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%'   IDENTIFIED BY 'neutron';"

{one}創(chuàng)建掛載點(diǎn)

openstack user create --domain default neutron --password neutron
openstack role add --project service --user neutron admin
openstack service create --name neutron   --description "OpenStack Networking" network
openstack endpoint create --region RegionOne   network public http://${vip}:9696
openstack endpoint create --region RegionOne   network internal http://${vip}:9696
openstack endpoint create --region RegionOne   network admin http://${vip}:9696

{one}安裝

yum install -y openstack-neutron openstack-neutron-ml2  openstack-neutron-linuxbridge ebtables

{one}修改內(nèi)核配置

/etc/sysctl.conf
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
sysctl -p

{one}配置

注意替換其中的網(wǎng)卡名

openstack-config --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:neutron@${myip}/neutron
openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins router
openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips True
openstack-config --set /etc/neutron/neutron.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_host ${rabip}
openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_password openstack
openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers ${con1}:11211
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password neutron
openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes True
openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes True
openstack-config --set /etc/neutron/neutron.conf nova auth_url http://${vip}:35357
openstack-config --set /etc/neutron/neutron.conf nova auth_type password
openstack-config --set /etc/neutron/neutron.conf nova project_domain_name default
openstack-config --set /etc/neutron/neutron.conf nova user_domain_name default
openstack-config --set /etc/neutron/neutron.conf nova region_name RegionOne
openstack-config --set /etc/neutron/neutron.conf nova project_name service
openstack-config --set /etc/neutron/neutron.conf nova username nova
openstack-config --set /etc/neutron/neutron.conf nova password nova
openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan,vxlan
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types vxlan
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers linuxbridge,l2population
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks provider
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan vni_ranges 1:1000
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset True
#openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:ens160
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan True
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip ${con1}
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population True
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group True
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
openstack-config --set /etc/neutron/l3_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver
openstack-config --set /etc/neutron/l3_agent.ini DEFAULT external_network_bridge
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata True
openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_ip ${vip}
openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret metadata
openstack-config --set /etc/neutron/neutron.conf DEFAULT l3_ha True
openstack-config --set /etc/neutron/neutron.conf DEFAULT max_l3_agents_per_router 3
openstack-config --set /etc/neutron/neutron.conf DEFAULT min_l3_agents_per_router 2
openstack-config --set /etc/neutron/neutron.conf DEFAULT dhcp_agents_per_network 2

{one}nova

openstack-config --set /etc/nova/nova.conf neutron url http://${vip}:9696
openstack-config --set /etc/nova/nova.conf neutron auth_url http://${vip}:35357
openstack-config --set /etc/nova/nova.conf neutron auth_type password
openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
openstack-config --set /etc/nova/nova.conf neutron user_domain_name default
openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
openstack-config --set /etc/nova/nova.conf neutron project_name service
openstack-config --set /etc/nova/nova.conf neutron username neutron
openstack-config --set /etc/nova/nova.conf neutron password neutron
openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy True
openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret metadata

{one}同步數(shù)據(jù)

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

{one}啟動(dòng)服務(wù)

systemctl restart openstack-nova-api.service
systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl enable neutron-l3-agent.service
systemctl start neutron-l3-agent.service

********************************************************************************8

{two}安裝

yum install -y openstack-neutron openstack-neutron-ml2  openstack-neutron-linuxbridge ebtables

{two}修改內(nèi)核配置

/etc/sysctl.conf
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
sysctl -p

{two}配置

注意替換其中的網(wǎng)卡名

openstack-config --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:neutron@${myip}/neutron
openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins router
openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips True
openstack-config --set /etc/neutron/neutron.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_host ${rabip}
openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_password openstack
openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers ${con2}:11211
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password neutron
openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes True
openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes True
openstack-config --set /etc/neutron/neutron.conf nova auth_url http://${vip}:35357
openstack-config --set /etc/neutron/neutron.conf nova auth_type password
openstack-config --set /etc/neutron/neutron.conf nova project_domain_name default
openstack-config --set /etc/neutron/neutron.conf nova user_domain_name default
openstack-config --set /etc/neutron/neutron.conf nova region_name RegionOne
openstack-config --set /etc/neutron/neutron.conf nova project_name service
openstack-config --set /etc/neutron/neutron.conf nova username nova
openstack-config --set /etc/neutron/neutron.conf nova password nova
openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan,vxlan
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types vxlan
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers linuxbridge,l2population
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks provider
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan vni_ranges 1:1000
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset True
#openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:ens160
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan True
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip ${con2}
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population True
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group True
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
openstack-config --set /etc/neutron/l3_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver
openstack-config --set /etc/neutron/l3_agent.ini DEFAULT external_network_bridge
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata True
openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_ip ${vip}
openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret metadata
openstack-config --set /etc/neutron/neutron.conf DEFAULT l3_ha True
openstack-config --set /etc/neutron/neutron.conf DEFAULT max_l3_agents_per_router 3
openstack-config --set /etc/neutron/neutron.conf DEFAULT min_l3_agents_per_router 2
openstack-config --set /etc/neutron/neutron.conf DEFAULT dhcp_agents_per_network 2

{two}nova

openstack-config --set /etc/nova/nova.conf neutron url http://${vip}:9696
openstack-config --set /etc/nova/nova.conf neutron auth_url http://${vip}:35357
openstack-config --set /etc/nova/nova.conf neutron auth_type password
openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
openstack-config --set /etc/nova/nova.conf neutron user_domain_name default
openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
openstack-config --set /etc/nova/nova.conf neutron project_name service
openstack-config --set /etc/nova/nova.conf neutron username neutron
openstack-config --set /etc/nova/nova.conf neutron password neutron
openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy True
openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret metadata

{two}

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

{two}啟動(dòng)服務(wù)

systemctl restart openstack-nova-api.service
systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl enable neutron-l3-agent.service
systemctl start neutron-l3-agent.service

haproxy配置

listen neutron_9696
    bind :9696
    balance source
    mode http
    server op61 10.0.10.61:9696 check inter 2000 rise 3 fall 2 weight 1
    server op62 10.0.10.62:9696 check inter 2000 rise 3 fall 2 weight 1

neutron compute node

安裝

yum install -y openstack-neutron-linuxbridge ebtables ipset

{one}修改內(nèi)核配置

/etc/sysctl.conf
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
sysctl -p

配置

openstack-config --set /etc/neutron/neutron.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_host ${rabip}
openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_password openstack
openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers ${con1}:11211
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password neutron
openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
#openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:ens160
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan True
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip ${MYIP}
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population True
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group True
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_drive neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
openstack-config --set /etc/nova/nova.conf neutron url http://${vip}:9696
openstack-config --set /etc/nova/nova.conf neutron auth_url http://${vip}:35357
openstack-config --set /etc/nova/nova.conf neutron auth_type password
openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
openstack-config --set /etc/nova/nova.conf neutron user_domain_name default
openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
openstack-config --set /etc/nova/nova.conf neutron project_name service
openstack-config --set /etc/nova/nova.conf neutron username neutron
openstack-config --set /etc/nova/nova.conf neutron password neutron

啟動(dòng)

systemctl restart openstack-nova-compute.service
systemctl enable neutron-linuxbridge-agent.service
systemctl start neutron-linuxbridge-agent.service

驗(yàn)證

neutron ext-list
neutron agent-list

色偷偷精品伊人,欧洲久久精品,欧美综合婷婷骚逼,国产AV主播,国产最新探花在线,九色在线视频一区,伊人大交九 欧美,1769亚洲,黄色成人av

openstack n版多節(jié)點(diǎn)HA配置

前置條件

{mysql} mysql 配置

安裝

配置

啟動(dòng)

初始化

{rab}rabbitmq

安裝

啟動(dòng)

添加用戶

開(kāi)啟web管理插件

訪問(wèn)web控制臺(tái)

memcached

{all}安裝并啟動(dòng)

安裝客戶端及配置工具

keystone

{mysql}mysql

{one} 安裝

{one}配置

{one}同步數(shù)據(jù)庫(kù)

{one}初始化 fernet key

{one} bootstrap identity service

{one} 配置http

{one}啟動(dòng)http

{two} 安裝

{two}配置

{two}初始化 fernet key

{two} 配置http

{two}啟動(dòng)http

haproxy配置

{one} 創(chuàng)建endpoint

{all} 驗(yàn)證

{all} 創(chuàng)建環(huán)境變量腳本

glance

{mysql} mysql

{one} 創(chuàng)建endpoint

{one}安裝

{one}配置

{one}同步數(shù)據(jù)庫(kù)

{one}啟動(dòng)

{two}安裝

{two}配置

{two}啟動(dòng)

{one,two}下載測(cè)試鏡像

haproxy配置

{one,two}驗(yàn)證

{one}上傳鏡像

{two}上傳鏡像

{one,two}

nova

{mysql}mysql

{one}創(chuàng)建endpoint

{one}安裝

{one}配置

{one}同步數(shù)據(jù)庫(kù)

{one}啟動(dòng)服務(wù)

nova 計(jì)算服務(wù)（控制節(jié)點(diǎn)也作為計(jì)算節(jié)點(diǎn)）

{one}安裝

{one}配置（因?yàn)樵摴?jié)點(diǎn)也是控制節(jié)點(diǎn)所有有些配置上面已經(jīng)配置過(guò)了）

{one}配置虛擬類型

{one}啟動(dòng)

{two}安裝

{two}配置

{two}啟動(dòng)服務(wù)

nova 計(jì)算服務(wù)（控制節(jié)點(diǎn)也作為計(jì)算節(jié)點(diǎn)）

{two}安裝

{two}配置（因?yàn)樵摴?jié)點(diǎn)也是控制節(jié)點(diǎn)所有有些配置上面已經(jīng)配置過(guò)了）

{two}配置虛擬類型

{two}啟動(dòng)

haproxy配置

{one,two}驗(yàn)證

dashboard

{one}安裝

{one}配置

{one}重啟

{two}安裝

{two}配置

{two}重啟

色偷偷精品伊人,欧洲久久精品,欧美综合婷婷骚逼,国产AV主播,国产最新探花在线,九色在线视频一区,伊人大交九欧美,1769亚洲,黄色成人av