本篇内容主要讲解“怎么在Ubuntu16单节点上安装OpenStack”,感兴趣的朋友不妨来看看。本文介绍的方法操作简单快捷,实用性强。下面就让小编来带大家学习“怎么在Ubuntu16单节点上安装OpenStack”吧!
软件包安装和基本配置
参考文档:
基本网络配置
ipaddr : 192.168.195.160
netmask : 255.255.255.0
gateway : 192.168.195.2
dns : 114.114.114.114
$ vi /etc/hostname
UbuntuStack
$ vi /etc/hosts
127.0.0.1 ubuntustack
$ vi /etc/network/interfaces
# The provider network interface
auto ens33
iface ens33 inet manual
up ip link set dev $IFACE up
down ip link set dev $IFACE down
安装和配置NTP服务
$ apt-get install chrony
$ vi /etc/chrony/chrony.conf
server 0.asia.pool.ntp.org iburst
server 1.asia.pool.ntp.org iburst
server 2.asia.pool.ntp.org iburst
allow 192.168/16
$ service chrony restart
$ chronyc sources
210 Number of sources = 10
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^- 27.114.150.12 2 6 35 9 +104ms[ +104ms] +/- 336ms
^- x.ns.gin.ntt.net 2 6 33 8 -44ms[ -44ms] +/- 209ms
^- ntp.tums.ac.ir 3 6 123 3 +577us[ +577us] +/- 410ms
^- 120.25.115.19 2 6 17 14 +2132us[+2132us] +/- 74ms
^- 59.46.44.253 2 6 33 11 +734us[ +734us] +/- 78ms
^* news.neu.edu.cn 2 6 17 14 +647us[+4083us] +/- 21ms
^? 2001:da8:9000::130 0 6 0 10y +0ns[ +0ns] +/- 0ns
^? 2400:a480:f:420:d2::bd 0 6 0 10y +0ns[ +0ns] +/- 0ns
^? 2001:da8:9000::81 0 6 0 10y +0ns[ +0ns] +/- 0ns
^? 2001:da8:202:10::61 0 6 0 10y +0ns[ +0ns] +/- 0ns
安装OpenStack软件包
$ apt-get install software-properties-common
$ add-apt-repository cloud-archive:newton
$ apt-get update && apt dist-upgrade
$ apt-get install python-openstackclient
安装和配置数据库
$ apt install mariadb-server python-pymysql
$ vi /etc/mysql/mariadb.conf.d/99-openstack.cnf
[mysqld]
bind-address = 192.168.195.160
default-storage-engine = innodb
innodb_file_per_table
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
$ service mysql restart
$ mysql_secure_installation
Enter current password for root (enter for none):
> <enter>
Set root password? [Y/n]
> y
New password:
> openstack
Re-enter new password:
> openstack
Remove anonymous users? [Y/n]
> n
Disallow root login remotely? [Y/n]
> n
Remove test database and access to it? [Y/n]
> n
Reload privilege tables now? [Y/n]
> y
$ mysql -uroot -p
Enter password:
> openstack
> quit
安装和配置消息队列服务
$ apt install rabbitmq-server
$ rabbitmqctl add_user openstack openstack
Creating user "openstack" ...
$ rabbitmqctl set_permissions openstack ".*" ".*" ".*"
Setting permissions for user "openstack" in vhost "/" ...
安装和配置Memcached服务
$ apt install memcached python-memcache
$ vi /etc/memcached.conf
-l 192.168.195.160
$ service memcached restart
安装和配置认证服务
配置KeyStore数据库
$ mysql -u root -p
> openstack
> CREATE DATABASE keystone;
> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'openstack';
> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'openstack';
> quit
$ vi /etc/keystone/keystone.conf
...
[database]
...
connection = mysql+pymysql://keystone:openstack@ubuntustack/keystone
...
$ vi /etc/keystone/keystone.conf
...
[token]
...
provider = fernet
...
$ su -s /bin/sh -c "keystone-manage db_sync" keystone
初始化KeyStore Fernet Key仓库
$ keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
$ keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
启动KeyStore服务
$ keystone-manage bootstrap --bootstrap-password openstack \
--bootstrap-admin-url http://ubuntustack:35357/v3/ \
--bootstrap-internal-url http://ubuntustack:35357/v3/ \
--bootstrap-public-url http://ubuntustack:5000/v3/ \
--bootstrap-region-id RegionOne
$ vi /etc/apache2/apache2.conf
...
ServerName ubuntustack
...
$ service apache2 restart
$ rm -fv /var/lib/keystone/keystone.db
配置KeyStore权限
$ export OS_USERNAME=admin
$ export OS_PASSWORD=openstack
$ export OS_PROJECT_NAME=admin
$ export OS_USER_DOMAIN_NAME=default
$ export OS_PROJECT_DOMAIN_NAME=default
$ export OS_AUTH_URL=http://ubuntustack:35357/v3
$ export OS_IDENTITY_API_VERSION=3
$ openstack project create --domain default \
--description "Service Project" service
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Service Project |
| domain_id | default |
| enabled | True |
| id | 2493d51774e64be1ae97041768b73d98 |
| is_domain | False |
| name | service |
| parent_id | default |
+-------------+----------------------------------+
$ openstack project create --domain default \
--description "Demo Project" demo
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Demo Project |
| domain_id | default |
| enabled | True |
| id | c7ddc0ecab64419486df0d7f66e8174c |
| is_domain | False |
| name | demo |
| parent_id | default |
+-------------+----------------------------------+
$ openstack user create --domain default \
--password-prompt demo
User Password:
> openstack
Repeat User Password:
> openstack
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | ffff52bbf1da4c86a3d2b57e977f6b82 |
| name | demo |
| password_expires_at | None |
+---------------------+----------------------------------+
$ openstack role create user
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | None |
| id | 314d4ba677ef4f6d92c53f00e470be1b |
| name | user |
+-----------+----------------------------------+
$ openstack role add --project demo --user demo user
验证KeyStore服务
编辑“/etc/keystone/keystone-paste.ini”文件,从“[pipeline:public_api]”,“[pipeline:admin_api]”和“[pipeline:api_v3]”小节中移除“admin_token_auth”。
$ unset OS_AUTH_URL OS_PASSWORD
$ openstack --os-auth-url http://ubuntustack:35357/v3 \
--os-project-domain-name default --os-user-domain-name default \
--os-project-name admin --os-username admin token issue
Password:
> openstack
+------------+----------------------------------+
| Field | Value |
+------------+----------------------------------+
| expires | 2016-11-28 09:55:28+00:00 |
| id | ab3f069806b24fd29869eac1d6ccbbc8 |
| project_id | c77f9d27e4f5496092357ff991d1639b |
| user_id | 5524cbf52bf440deb5e3e8ccd074a267 |
+------------+----------------------------------+
$ openstack --os-auth-url http://ubuntustack:5000/v3 \
--os-project-domain-name default --os-user-domain-name default \
--os-project-name demo --os-username demo token issue
Password:
> openstack
+------------+----------------------------------+
| Field | Value |
+------------+----------------------------------+
| expires | 2016-11-28 09:56:25+00:00 |
| id | 628a27e1ae1847ea968186122d158ee6 |
| project_id | c7ddc0ecab64419486df0d7f66e8174c |
| user_id | ffff52bbf1da4c86a3d2b57e977f6b82 |
+------------+----------------------------------+
创建OpenStack客户端环境变量脚本
$ vi admin-openrc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=openstack
export OS_AUTH_URL=http://ubuntustack:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
$ vi demo-openrc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=openstack
export OS_AUTH_URL=http://ubuntustack:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
$ . admin-openrc
$ openstack token issue
+------------+----------------------------------+
| Field | Value |
+------------+----------------------------------+
| expires | 2016-11-28 09:59:18+00:00 |
| id | 5192190f959545288ed4095b7cc2af1f |
| project_id | c77f9d27e4f5496092357ff991d1639b |
| user_id | 5524cbf52bf440deb5e3e8ccd074a267 |
+------------+----------------------------------+
安装和配置镜像服务
$ mysql -u root -p
> openstack
> CREATE DATABASE glance;
> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'openstack';
> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'openstack';
> quit
$ . admin-openrc
配置Glance的KeyStore认证
$ openstack user create --domain default --password-prompt glance
User Password:
> openstack
Repeat User Password:
> openstack
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 0333d28a75824b81a73d9c99ed0d6a09 |
| name | glance |
| password_expires_at | None |
+---------------------+----------------------------------+
$ openstack role add --project service --user glance admin
$ openstack service create --name glance \
--description "OpenStack Image" image
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image |
| enabled | True |
| id | 64e1b1473cba4c3395c1aef20ae1b5d9 |
| name | glance |
| type | image |
+-------------+----------------------------------+
$ openstack endpoint create --region RegionOne image public http://ubuntustack:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 6ba33ab89e2b4d8bb4c8583add6aaeee |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 64e1b1473cba4c3395c1aef20ae1b5d9 |
| service_name | glance |
| service_type | image |
| url | http://ubuntustack:9292 |
+--------------+----------------------------------+
$ openstack endpoint create --region RegionOne image internal http://ubuntustack:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 2bbde57b9ddb4ae78ed825258c1b1e5e |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 64e1b1473cba4c3395c1aef20ae1b5d9 |
| service_name | glance |
| service_type | image |
| url | http://ubuntustack:9292 |
+--------------+----------------------------------+
$ openstack endpoint create --region RegionOne image admin http://ubuntustack:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | b09eb627b221453e8ffdd99d7df7e67a |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 64e1b1473cba4c3395c1aef20ae1b5d9 |
| service_name | glance |
| service_type | image |
| url | http://ubuntustack:9292 |
+--------------+----------------------------------+
安装和配置Glance服务
$ apt-get install glance
$ vi /etc/glance/glance-api.conf
[database]
...
connection = mysql+pymysql://glance:openstack@ubuntustack/glance
[keystone_authtoken]
...
auth_uri = http://ubuntustack:5000
auth_url = http://ubuntustack:35357
memcached_servers = ubuntustack:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = openstack
[paste_deploy]
...
flavor = keystone
[glance_store]
...
stores = file,http
default_store = file
filesystem_store_datadir = /opt/stack/images/
$ vi /etc/glance/glance-registry.conf
[database]
...
connection = mysql+pymysql://glance:openstack@ubuntustack/glance
[keystone_authtoken]
...
auth_uri = http://ubuntustack:5000
auth_url = http://ubuntustack:35357
memcached_servers = ubuntustack:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = openstack
[paste_deploy]
...
flavor = keystone
$ su -s /bin/sh -c "glance-manage db_sync" glance
$ mkdir -pv /opt/stack/images
$ chown glance:glance /opt/stack/images
$ chmod 744 /opt/stack/images
$ service glance-registry restart
$ service glance-api restart
验证Glance服务
$ . admin-openrc
$ wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
$ openstack image create "cirros" \
--file cirros-0.3.4-x86_64-disk.img \
--disk-format qcow2 --container-format bare \
--public
+------------------+------------------------------------------------------+
| Field | Value |
+------------------+------------------------------------------------------+
| checksum | ee1eca47dc88f4879d8a229cc70a07c6 |
| container_format | bare |
| created_at | 2016-11-28T21:14:49Z |
| disk_format | qcow2 |
| file | /v2/images/e345e8b0-71b7-44e0-b1a1-e168f85a19f6/file |
| id | e345e8b0-71b7-44e0-b1a1-e168f85a19f6 |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros |
| owner | c77f9d27e4f5496092357ff991d1639b |
| protected | False |
| schema | /v2/schemas/image |
| size | 13287936 |
| status | active |
| tags | |
| updated_at | 2016-11-28T21:14:49Z |
| virtual_size | None |
| visibility | public |
+------------------+------------------------------------------------------+
$ openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| e345e8b0-71b7-44e0-b1a1-e168f85a19f6 | cirros | active |
+--------------------------------------+--------+--------+
安装和配置计算服务
$ mysql -u root -p
Enter password:
> openstack
> CREATE DATABASE nova_api;
> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'openstack';
> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'openstack';
> CREATE DATABASE nova;
> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'openstack';
> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'openstack';
> quit
$ . admin-openrc
配置Nova的KeyStore认证
$ openstack user create --domain default --password-prompt nova
User Password:
> openstack
Repeat User Password:
> openstack
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | e69cc08aab424e32b890b25621eef471 |
| name | nova |
| password_expires_at | None |
+---------------------+----------------------------------+
$ openstack role add --project service --user nova admin
$ openstack service create --name nova --description "OpenStack Compute" compute
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Compute |
| enabled | True |
| id | 472934388a194c36a80295c267e5252f |
| name | nova |
| type | compute |
+-------------+----------------------------------+
$ openstack endpoint create --region RegionOne compute public http://ubuntustack:8774/v2.1/%\(tenant_id\)s
+--------------+--------------------------------------------+
| Field | Value |
+--------------+--------------------------------------------+
| enabled | True |
| id | 74f5e21c114a48d68782a886ff6c4ca7 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 472934388a194c36a80295c267e5252f |
| service_name | nova |
| service_type | compute |
| url | http://ubuntustack:8774/v2.1/%(tenant_id)s |
+--------------+--------------------------------------------+
$ openstack endpoint create --region RegionOne compute internal http://ubuntustack:8774/v2.1/%\(tenant_id\)s
+--------------+--------------------------------------------+
| Field | Value |
+--------------+--------------------------------------------+
| enabled | True |
| id | 2cdc0c65e9e04136bf08e1ec913eaadb |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 472934388a194c36a80295c267e5252f |
| service_name | nova |
| service_type | compute |
| url | http://ubuntustack:8774/v2.1/%(tenant_id)s |
+--------------+--------------------------------------------+
$ openstack endpoint create --region RegionOne compute admin http://ubuntustack:8774/v2.1/%\(tenant_id\)s
+--------------+--------------------------------------------+
| Field | Value |
+--------------+--------------------------------------------+
| enabled | True |
| id | 47ace5dab56940cbbac20b43abedadb9 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 472934388a194c36a80295c267e5252f |
| service_name | nova |
| service_type | compute |
| url | http://ubuntustack:8774/v2.1/%(tenant_id)s |
+--------------+--------------------------------------------+
安装和配置Nova服务
$ apt-get install nova-api nova-conductor nova-consoleauth nova-novncproxy nova-scheduler nova-compute
$ vi /etc/nova/nova.conf
[DEFAULT]
...
transport_url = rabbit://openstack:openstack@ubuntustack
auth_strategy = keystone
my_ip = 192.168.195.160
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api_database]
...
connection = mysql+pymysql://nova:openstack@ubuntustack/nova_api
[database]
...
connection = mysql+pymysql://nova:openstack@ubuntustack/nova
[keystone_authtoken]
...
auth_uri = http://ubuntustack:5000
auth_url = http://ubuntustack:35357
memcached_servers = ubuntustack:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = openstack
[vnc]
...
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ip
enabled = True
novncproxy_base_url = http://ubuntustack:6080/vnc_auto.html
[glance]
...
api_servers = http://ubuntustack:9292
[oslo_concurrency]
...
lock_path = /var/lib/nova/tmp
$ vi /etc/nova/nova-compute.conf
[libvirt]
...
virt_type = qemu
$ su -s /bin/sh -c "nova-manage api_db sync" nova
$ su -s /bin/sh -c "nova-manage db sync" nova
$ service nova-api restart && service nova-consoleauth restart && service nova-scheduler restart && \
service nova-conductor restart && service nova-novncproxy restart && service nova-compute restart
验证Nova服务
$ . admin-openrc
$ openstack compute service list
+----+------------------+-------------+----------+---------+-------+----------------------------+
| ID | Binary | Host | Zone | Status | State | Updated At |
+----+------------------+-------------+----------+---------+-------+----------------------------+
| 4 | nova-consoleauth | UbuntuStack | internal | enabled | up | 2016-11-28T21:51:28.000000 |
| 5 | nova-scheduler | UbuntuStack | internal | enabled | up | 2016-11-28T21:51:32.000000 |
| 6 | nova-conductor | UbuntuStack | internal | enabled | up | 2016-11-28T21:51:32.000000 |
| 8 | nova-compute | UbuntuStack | nova | enabled | up | 2016-11-28T21:51:28.000000 |
+----+------------------+-------------+----------+---------+-------+----------------------------+
$ vi /var/log/nova/nova-compute.log
安装和配置网络服务
$ mysql -u root -p
> openstack
> CREATE DATABASE neutron;
> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'openstack';
> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'openstack';
> quit
$ . admin-openrc
配置Neutron的KeyStore认证
$ openstack user create --domain default --password-prompt neutron
User Password:
> openstack
Repeat User Password:
> openstack
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | da9bf75b6a4041d1b9aba7b236026a2d |
| name | neutron |
| password_expires_at | None |
+---------------------+----------------------------------+
$ openstack role add --project service --user neutron admin
$ openstack service create --name neutron --description "OpenStack Networking" network
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Networking |
| enabled | True |
| id | 7d3567ffbc4941dd800f445eab76ded9 |
| name | neutron |
| type | network |
+-------------+----------------------------------+
$ openstack endpoint create --region RegionOne network public http://ubuntustack:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | b55696fa3198466a9def11bda1263caf |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 7d3567ffbc4941dd800f445eab76ded9 |
| service_name | neutron |
| service_type | network |
| url | http://ubuntustack:9696 |
+--------------+----------------------------------+
$ openstack endpoint create --region RegionOne network internal http://ubuntustack:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 26f5c0b68e134e87bd95a3ae8aa676f1 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 7d3567ffbc4941dd800f445eab76ded9 |
| service_name | neutron |
| service_type | network |
| url | http://ubuntustack:9696 |
+--------------+----------------------------------+
$ openstack endpoint create --region RegionOne network admin http://ubuntustack:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 8149bf9a36ce4e53884bd3a766dfb116 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 7d3567ffbc4941dd800f445eab76ded9 |
| service_name | neutron |
| service_type | network |
| url | http://ubuntustack:9696 |
+--------------+----------------------------------+
安装和配置Neutron服务
$ apt-get install neutron-server neutron-plugin-ml2 neutron-linuxbridge-agent neutron-l3-agent neutron-dhcp-agent neutron-metadata-agent
$ vi /etc/neutron/neutron.conf
[database]
...
connection = mysql+pymysql://neutron:openstack@ubuntustack/neutron
[DEFAULT]
...
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = True
transport_url = rabbit://openstack:openstack@ubuntustack
auth_strategy = keystone
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
[keystone_authtoken]
...
auth_uri = http://ubuntustack:5000
auth_url = http://ubuntustack:35357
memcached_servers = ubuntustack:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = openstack
[nova]
...
auth_url = http://ubuntustack:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = openstack
# Configure the Modular Layer 2 (ML2) plug-in
$ vi /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
...
type_drivers = flat,vlan,vxlan
tenant_network_types = vxlan
mechanism_drivers = linuxbridge,l2population
extension_drivers = port_security
[ml2_type_flat]
...
flat_networks = provider
[ml2_type_vxlan]
...
vni_ranges = 1:1000
[securitygroup]
...
enable_ipset = True
$ vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:ens33
[vxlan]
enable_vxlan = True
local_ip = 192.168.195.160
l2_population = True
[securitygroup]
...
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
$ vi /etc/neutron/l3_agent.ini
[DEFAULT]
...
interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
$ vi /etc/neutron/dhcp_agent.ini
[DEFAULT]
...
interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = True
$ vi /etc/neutron/metadata_agent.ini
[DEFAULT]
...
nova_metadata_ip = ubuntustack
metadata_proxy_shared_secret = openstack
$ vi /etc/nova/nova.conf
[neutron]
...
url = http://ubuntustack:9696
auth_url = http://ubuntustack:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = openstack
service_metadata_proxy = True
metadata_proxy_shared_secret = openstack
$ su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
$ service nova-api restart
$ service neutron-server restart && service neutron-linuxbridge-agent restart && \
service neutron-dhcp-agent restart && service neutron-metadata-agent restart
$ service neutron-l3-agent restart
$ service nova-compute restart
验证Neutron服务
$ . admin-openrc
$ neutron ext-list
+---------------------------+-----------------------------------------------+
| alias | name |
+---------------------------+-----------------------------------------------+
| default-subnetpools | Default Subnetpools |
| network-ip-availability | Network IP Availability |
| network_availability_zone | Network Availability Zone |
| auto-allocated-topology | Auto Allocated Topology Services |
| ext-gw-mode | Neutron L3 Configurable external gateway mode |
| binding | Port Binding |
| agent | agent |
| subnet_allocation | Subnet Allocation |
| l3_agent_scheduler | L3 Agent Scheduler |
| tag | Tag support |
| external-net | Neutron external network |
| flavors | Neutron Service Flavors |
| net-mtu | Network MTU |
| availability_zone | Availability Zone |
| quotas | Quota management support |
| l3-ha | HA Router extension |
| provider | Provider Network |
| multi-provider | Multi Provider Network |
| address-scope | Address scope |
| extraroute | Neutron Extra Route |
| subnet-service-types | Subnet service types |
| standard-attr-timestamp | Resource timestamps |
| service-type | Neutron Service Type Management |
| l3-flavors | Router Flavor Extension |
| port-security | Port Security |
| extra_dhcp_opt | Neutron Extra DHCP opts |
| standard-attr-revisions | Resource revision numbers |
| pagination | Pagination support |
| sorting | Sorting support |
| security-group | security-group |
| dhcp_agent_scheduler | DHCP Agent Scheduler |
| router_availability_zone | Router Availability Zone |
| rbac-policies | RBAC Policies |
| standard-attr-description | standard-attr-description |
| router | Neutron L3 Router |
| allowed-address-pairs | Allowed Address Pairs |
| project-id | project_id field enabled |
| dvr | Distributed Virtual Router |
+---------------------------+-----------------------------------------------+
$ openstack network agent list
+--------------------------------------+--------------------+-------------+-------------------+-------+-------+---------------------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+--------------------+-------------+-------------------+-------+-------+---------------------------+
| 3d9ec505-1ec9-48a9-9f2f-a5b769fbd77e | L3 agent | UbuntuStack | nova | True | UP | neutron-l3-agent |
| 3ee2203d-d462-453a-990c-d6646a1262b7 | Linux bridge agent | UbuntuStack | None | True | UP | neutron-linuxbridge-agent |
| 87ccc0a5-e686-4e04-ad75-b066be2771e9 | Metadata agent | UbuntuStack | None | True | UP | neutron-metadata-agent |
| deaf9d1b-d2b0-4706-be37-5fbdc0d16abf | DHCP agent | UbuntuStack | nova | True | UP | neutron-dhcp-agent |
+--------------------------------------+--------------------+-------------+-------------------+-------+-------+---------------------------+
启动一个虚拟机实例
创建和配置“Provider”网络
$ . admin-openrc
$ openstack network create --share --provider-physical-network provider --provider-network-type flat provider
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2016-11-28T23:15:05Z |
| description | |
| headers | |
| id | 716eaea1-3b1b-459a-a601-4b9a0d3266e3 |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| mtu | 1500 |
| name | provider |
| port_security_enabled | True |
| project_id | c77f9d27e4f5496092357ff991d1639b |
| project_id | c77f9d27e4f5496092357ff991d1639b |
| provider:network_type | flat |
| provider:physical_network | provider |
| provider:segmentation_id | None |
| revision_number | 3 |
| router:external | Internal |
| shared | True |
| status | ACTIVE |
| subnets | |
| tags | [] |
| updated_at | 2016-11-28T23:15:05Z |
+---------------------------+--------------------------------------+
$ openstack subnet create --network provider \
--allocation-pool start=192.168.195.200,end=192.168.195.230 \
--dns-nameserver 114.114.114.114 --gateway 192.168.195.2 \
--subnet-range 192.168.195.0/24 provider
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| allocation_pools | 192.168.195.200-192.168.195.230 |
| cidr | 192.168.195.0/24 |
| created_at | 2016-11-28T23:19:49Z |
| description | |
| dns_nameservers | 114.114.114.114 |
| enable_dhcp | True |
| gateway_ip | 192.168.195.2 |
| headers | |
| host_routes | |
| id | b8d66c38-2770-46f0-bbc1-6010b995d5af |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| name | provider |
| network_id | 716eaea1-3b1b-459a-a601-4b9a0d3266e3 |
| project_id | c77f9d27e4f5496092357ff991d1639b |
| project_id | c77f9d27e4f5496092357ff991d1639b |
| revision_number | 2 |
| service_types | [] |
| subnetpool_id | None |
| updated_at | 2016-11-28T23:19:49Z |
+-------------------+--------------------------------------+
创建和配置“Self-Service”网络
$ . demo-openrc
$ openstack network create selfservice
+-------------------------+--------------------------------------+
| Field | Value |
+-------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2016-11-29T09:47:39Z |
| description | |
| headers | |
| id | eb2f08c3-dbc4-423e-8206-6b0fb07d94b7 |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| mtu | 1450 |
| name | selfservice |
| port_security_enabled | True |
| project_id | c7ddc0ecab64419486df0d7f66e8174c |
| project_id | c7ddc0ecab64419486df0d7f66e8174c |
| revision_number | 3 |
| router:external | Internal |
| shared | False |
| status | ACTIVE |
| subnets | |
| tags | [] |
| updated_at | 2016-11-29T09:47:39Z |
+-------------------------+--------------------------------------+
$ openstack subnet create --network selfservice \
--dns-nameserver 114.114.114.114 --gateway 192.168.196.1 \
--subnet-range 192.168.196.0/24 selfservice
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| allocation_pools | 192.168.196.2-192.168.196.254 |
| cidr | 192.168.196.0/24 |
| created_at | 2016-11-28T23:23:23Z |
| description | |
| dns_nameservers | 114.114.114.114 |
| enable_dhcp | True |
| gateway_ip | 192.168.196.1 |
| headers | |
| host_routes | |
| id | e7aed07e-0d4c-4b8f-9210-1ec658a92f33 |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| name | selfservice |
| network_id | 18d0b6d3-b78a-4703-a24e-ec5dc9b73bd7 |
| project_id | c77f9d27e4f5496092357ff991d1639b |
| project_id | c77f9d27e4f5496092357ff991d1639b |
| revision_number | 2 |
| service_types | [] |
| subnetpool_id | None |
| updated_at | 2016-11-28T23:23:24Z |
+-------------------+--------------------------------------+
$ openstack subnet list
+--------------------------------------+-------------+--------------------------------------+------------------+
| ID | Name | Network | Subnet |
+--------------------------------------+-------------+--------------------------------------+------------------+
| b8d66c38-2770-46f0-bbc1-6010b995d5af | provider | 716eaea1-3b1b-459a-a601-4b9a0d3266e3 | 192.168.195.0/24 |
| ee9382f0-3ce2-4451-931e-402da6441a35 | selfservice | eb2f08c3-dbc4-423e-8206-6b0fb07d94b7 | 192.168.196.0/24 |
+--------------------------------------+-------------+--------------------------------------+------------------+
创建和配置路由
$ . demo-openrc
$ neutron net-update provider --router:external
Updated network: provider
$ openstack router create router
+-------------------------+--------------------------------------+
| Field | Value |
+-------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2016-11-29T09:50:56Z |
| description | |
| external_gateway_info | null |
| flavor_id | None |
| headers | |
| id | 2b84f7f4-9bef-427f-afad-19a9f53b4b2d |
| name | router |
| project_id | c7ddc0ecab64419486df0d7f66e8174c |
| project_id | c7ddc0ecab64419486df0d7f66e8174c |
| revision_number | 2 |
| routes | |
| status | ACTIVE |
| updated_at | 2016-11-29T09:50:56Z |
+-------------------------+--------------------------------------+
$ neutron router-interface-add router selfservice
Added interface ba82e6d7-117d-42cd-8c51-adde92aeb14b to router router.
# neutron router-interface-delete router selfservice
$ neutron router-gateway-set router provider
Set gateway for router router
# neutron router-gateway-clear router provider
验证网络服务
$ . admin-openrc
$ ip netns
qrouter-2b84f7f4-9bef-427f-afad-19a9f53b4b2d (id: 2)
qdhcp-eb2f08c3-dbc4-423e-8206-6b0fb07d94b7 (id: 1)
qdhcp-716eaea1-3b1b-459a-a601-4b9a0d3266e3 (id: 0)
$ neutron router-port-list router
+--------------------------------------+------+-------------------+---------------------------------------------------+
| id | name | mac_address | fixed_ips |
+--------------------------------------+------+-------------------+---------------------------------------------------+
| 1b867faf-2602-4a2b-a626-a80be2dbb8a4 | | fa:16:3e:48:b3:dd | {"subnet_id": |
| | | | "b8d66c38-2770-46f0-bbc1-6010b995d5af", |
| | | | "ip_address": "192.168.195.201"} |
| ba82e6d7-117d-42cd-8c51-adde92aeb14b | | fa:16:3e:19:ac:de | {"subnet_id": "ee9382f0-3ce2-4451-931e- |
| | | | 402da6441a35", "ip_address": "192.168.196.1"} |
+--------------------------------------+------+-------------------+---------------------------------------------------+$ ping -c 4 192.168.195.201
PING 192.168.195.201 (192.168.195.201) 56(84) bytes of data.
64 bytes from 192.168.195.201: icmp_seq=1 ttl=64 time=0.131 ms
64 bytes from 192.168.195.201: icmp_seq=2 ttl=64 time=0.057 ms
64 bytes from 192.168.195.201: icmp_seq=3 ttl=64 time=0.054 ms
64 bytes from 192.168.195.201: icmp_seq=4 ttl=64 time=0.051 ms
--- 192.168.195.201 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2997ms
rtt min/avg/max/mdev = 0.051/0.073/0.131/0.033 ms
创建和配置虚拟机模板
$ . admin-openrc
$ openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano
+----------------------------+---------+
| Field | Value |
+----------------------------+---------+
| OS-FLV-DISABLED:disabled | False |
| OS-FLV-EXT-DATA:ephemeral | 0 |
| disk | 1 |
| id | 0 |
| name | m1.nano |
| os-flavor-access:is_public | True |
| properties | |
| ram | 64 |
| rxtx_factor | 1.0 |
| swap | |
| vcpus | 1 |
+----------------------------+---------+
生成一个钥匙对
$ . demo-openrc
# Alternatively, you can skip the ssh-keygen command and use an existing public key.
$ ssh-keygen -q -N ""
Enter file in which to save the key (/root/.ssh/id_rsa):
$ openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey
+-------------+-------------------------------------------------+
| Field | Value |
+-------------+-------------------------------------------------+
| fingerprint | 92:f3:2f:58:fa:6b:32:c7:b2:df:66:46:5f:28:43:d4 |
| name | mykey |
| user_id | ffff52bbf1da4c86a3d2b57e977f6b82 |
+-------------+-------------------------------------------------+
$ openstack keypair list
+-------+-------------------------------------------------+
| Name | Fingerprint |
+-------+-------------------------------------------------+
| mykey | 92:f3:2f:58:fa:6b:32:c7:b2:df:66:46:5f:28:43:d4 |
+-------+-------------------------------------------------+
添加安全组规则
$ openstack security group rule create --proto icmp default
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| created_at | 2016-11-28T23:33:13Z |
| description | |
| direction | ingress |
| ethertype | IPv4 |
| headers | |
| id | 7f5a28ec-2523-4922-aaad-92bd4c1583c5 |
| port_range_max | None |
| port_range_min | None |
| project_id | c7ddc0ecab64419486df0d7f66e8174c |
| project_id | c7ddc0ecab64419486df0d7f66e8174c |
| protocol | icmp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 1 |
| security_group_id | 42794c97-bdfb-4f02-aa5c-c34df255f620 |
| updated_at | 2016-11-28T23:33:13Z |
+-------------------+--------------------------------------+
$ openstack security group rule create --proto tcp --dst-port 22 default
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| created_at | 2016-11-28T23:34:05Z |
| description | |
| direction | ingress |
| ethertype | IPv4 |
| headers | |
| id | bfe104f7-e15c-4216-bf12-79c36247a308 |
| port_range_max | 22 |
| port_range_min | 22 |
| project_id | c7ddc0ecab64419486df0d7f66e8174c |
| project_id | c7ddc0ecab64419486df0d7f66e8174c |
| protocol | tcp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 1 |
| security_group_id | 42794c97-bdfb-4f02-aa5c-c34df255f620 |
| updated_at | 2016-11-28T23:34:05Z |
+-------------------+--------------------------------------+
在“Self-Service”网络上启动虚拟机
确认虚拟机选项
$ . demo-openrc
$ openstack flavor list
+----+---------+-----+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+---------+-----+------+-----------+-------+-----------+
| 0 | m1.nano | 64 | 1 | 0 | 1 | True |
+----+---------+-----+------+-----------+-------+-----------+
$ openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| e345e8b0-71b7-44e0-b1a1-e168f85a19f6 | cirros | active |
+--------------------------------------+--------+--------+
$ openstack network list
+--------------------------------------+-------------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+-------------+--------------------------------------+
| 716eaea1-3b1b-459a-a601-4b9a0d3266e3 | provider | b8d66c38-2770-46f0-bbc1-6010b995d5af |
| eb2f08c3-dbc4-423e-8206-6b0fb07d94b7 | selfservice | ee9382f0-3ce2-4451-931e-402da6441a35 |
+--------------------------------------+-------------+--------------------------------------+
$ openstack security group list
+--------------------------------------+---------+------------------------+----------------------------------+
| ID | Name | Description | Project |
+--------------------------------------+---------+------------------------+----------------------------------+
| 42794c97-bdfb-4f02-aa5c-c34df255f620 | default | Default security group | c7ddc0ecab64419486df0d7f66e8174c |
+--------------------------------------+---------+------------------------+----------------------------------+
创建虚拟机实例
$ openstack server create --flavor m1.nano --image cirros \
--nic net-id=eb2f08c3-dbc4-423e-8206-6b0fb07d94b7 --security-group default \
--key-name mykey selfservice-instance
+--------------------------------------+-----------------------------------------------+
| Field | Value |
+--------------------------------------+-----------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | |
| OS-EXT-STS:power_state | NOSTATE |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | None |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | |
| adminPass | RtZAyPrB426N |
| config_drive | |
| created | 2016-11-29T09:59:42Z |
| flavor | m1.nano (0) |
| hostId | |
| id | aef838f5-8f9d-4ff2-8a34-17bd5ac05a8a |
| image | cirros (e345e8b0-71b7-44e0-b1a1-e168f85a19f6) |
| key_name | mykey |
| name | selfservice-instance |
| os-extended-volumes:volumes_attached | [] |
| progress | 0 |
| project_id | c7ddc0ecab64419486df0d7f66e8174c |
| properties | |
| security_groups | [{u'name': u'default'}] |
| status | BUILD |
| updated | 2016-11-29T09:59:42Z |
| user_id | ffff52bbf1da4c86a3d2b57e977f6b82 |
+--------------------------------------+-----------------------------------------------+$ openstack server list
+--------------------------------------+----------------------+--------+----------+------------+
| ID | Name | Status | Networks | Image Name |
+--------------------------------------+----------------------+--------+----------+------------+
| aef838f5-8f9d-4ff2-8a34-17bd5ac05a8a | selfservice-instance | BUILD | | cirros |
+--------------------------------------+----------------------+--------+----------+------------+
通过虚拟控制台访问虚拟机
$ openstack server start selfservice-instance
$ openstack console url show selfservice-instance
+-------+----------------------------------------------------------------------------------+
| Field | Value |
+-------+----------------------------------------------------------------------------------+
| type | novnc |
| url | http://ubuntustack:6080/vnc_auto.html?token=749d78c1-33f1-4843-a5f6-1f0920773941 |
+-------+----------------------------------------------------------------------------------+
$ sudo passwd root
> 123456
> 123456
$ ping -c 4 192.168.196.1
$ ping www.163.com
远程访问虚拟机
$ openstack floating ip create provider
+---------------------+--------------------------------------+
| Field | Value |
+---------------------+--------------------------------------+
| created_at | 2016-11-29T10:04:06Z |
| description | |
| fixed_ip_address | None |
| floating_ip_address | 192.168.195.206 |
| floating_network_id | 716eaea1-3b1b-459a-a601-4b9a0d3266e3 |
| headers | |
| id | a037740a-eb2a-4b78-9b9a-39a5c1b00ac7 |
| port_id | None |
| project_id | c7ddc0ecab64419486df0d7f66e8174c |
| project_id | c7ddc0ecab64419486df0d7f66e8174c |
| revision_number | 1 |
| router_id | None |
| status | DOWN |
| updated_at | 2016-11-29T10:04:06Z |
+---------------------+--------------------------------------+
# openstack floating ip delete d30f7916-a9c7-42ee-aaec-f60bb1ae732a
$ openstack server add floating ip selfservice-instance 192.168.195.206
# openstack server remove floating ip selfservice-instance 192.168.195.211
$ openstack server list
+--------------------------------------+----------------------+--------+--------------------------------------------+------------+
| ID | Name | Status | Networks | Image Name |
+--------------------------------------+----------------------+--------+--------------------------------------------+------------+
| aef838f5-8f9d-4ff2-8a34-17bd5ac05a8a | selfservice-instance | ACTIVE | selfservice=192.168.196.9, 192.168.195.206 | cirros |
+--------------------------------------+----------------------+--------+--------------------------------------------+------------+
$ ping -c 4 192.168.195.206
PING 192.168.195.206 (192.168.195.206) 56(84) bytes of data.
64 bytes from 192.168.195.206: icmp_seq=1 ttl=63 time=0.955 ms
64 bytes from 192.168.195.206: icmp_seq=2 ttl=63 time=0.350 ms
64 bytes from 192.168.195.206: icmp_seq=3 ttl=63 time=0.445 ms
64 bytes from 192.168.195.206: icmp_seq=4 ttl=63 time=0.711 ms
--- 192.168.195.206 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3003ms
rtt min/avg/max/mdev = 0.350/0.615/0.955/0.237 ms
$ ssh cirros@192.168.195.206
$ cat /etc/issue
login as 'cirros' user. default password: 'cubswin:)'. use 'sudo' for root.
安装和配置块存储服务
$ mysql -u root -p
> openstack
> CREATE DATABASE cinder;
> GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY 'openstack';
> GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY 'openstack';
> quit
$ . admin-openrc
创建和配置Cinder的KeyStore认证
$ openstack user create --domain default --password-prompt cinder
User Password:
> openstack
Repeat User Password:
> openstack
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 16912fdd1eed410a8a76720b0a38a334 |
| name | cinder |
| password_expires_at | None |
+---------------------+----------------------------------+
$ openstack role add --project service --user cinder admin
$ openstack service create --name cinder --description "OpenStack Block Storage" volume
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Block Storage |
| enabled | True |
| id | 0b2ccf8379a345748773027492a28c8c |
| name | cinder |
| type | volume |
+-------------+----------------------------------+
$ openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Block Storage |
| enabled | True |
| id | 4c9f38fec5e7419a96faeb615d9459c6 |
| name | cinderv2 |
| type | volumev2 |
+-------------+----------------------------------+
$ openstack endpoint create --region RegionOne volume public http://ubuntustack:8776/v1/%\(tenant_id\)s
+--------------+------------------------------------------+
| Field | Value |
+--------------+------------------------------------------+
| enabled | True |
| id | 606c64305e0b49bb968d39aaec25b37a |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 0b2ccf8379a345748773027492a28c8c |
| service_name | cinder |
| service_type | volume |
| url | http://ubuntustack:8776/v1/%(tenant_id)s |
+--------------+------------------------------------------+
$ openstack endpoint create --region RegionOne volume internal http://ubuntustack:8776/v1/%\(tenant_id\)s
+--------------+------------------------------------------+
| Field | Value |
+--------------+------------------------------------------+
| enabled | True |
| id | 315ba5dbbb9944abaa9d3bbe391b6b67 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 0b2ccf8379a345748773027492a28c8c |
| service_name | cinder |
| service_type | volume |
| url | http://ubuntustack:8776/v1/%(tenant_id)s |
+--------------+------------------------------------------
$ openstack endpoint create --region RegionOne volume admin http://ubuntustack:8776/v1/%\(tenant_id\)s
+--------------+------------------------------------------+
| Field | Value |
+--------------+------------------------------------------+
| enabled | True |
| id | 7f1c360d846c45f3ba00ab9f1924eda3 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 0b2ccf8379a345748773027492a28c8c |
| service_name | cinder |
| service_type | volume |
| url | http://ubuntustack:8776/v1/%(tenant_id)s |
+--------------+------------------------------------------+
$ openstack endpoint create --region RegionOne volumev2 public http://ubuntustack:8776/v2/%\(tenant_id\)s
+--------------+------------------------------------------+
| Field | Value |
+--------------+------------------------------------------+
| enabled | True |
| id | b0d39b4917ce440dae198c89313c2034 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 4c9f38fec5e7419a96faeb615d9459c6 |
| service_name | cinderv2 |
| service_type | volumev2 |
| url | http://ubuntustack:8776/v2/%(tenant_id)s |
+--------------+------------------------------------------+
$ openstack endpoint create --region RegionOne volumev2 internal http://ubuntustack:8776/v2/%\(tenant_id\)s
+--------------+------------------------------------------+
| Field | Value |
+--------------+------------------------------------------+
| enabled | True |
| id | 508541b13b1b4d4ebb860891c0ccffbd |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 4c9f38fec5e7419a96faeb615d9459c6 |
| service_name | cinderv2 |
| service_type | volumev2 |
| url | http://ubuntustack:8776/v2/%(tenant_id)s |
+--------------+------------------------------------------
$ openstack endpoint create --region RegionOne volumev2 admin http://ubuntustack:8776/v2/%\(tenant_id\)s
+--------------+------------------------------------------+
| Field | Value |
+--------------+------------------------------------------+
| enabled | True |
| id | 283c9c773a194b61aca19b3cfcdb14a6 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 4c9f38fec5e7419a96faeb615d9459c6 |
| service_name | cinderv2 |
| service_type | volumev2 |
| url | http://ubuntustack:8776/v2/%(tenant_id)s |
+--------------+------------------------------------------+
安装和配置Cinder服务
$ apt-get install cinder-api cinder-scheduler cinder-volume
$ vi /etc/cinder/cinder.conf
[database]
connection = mysql+pymysql://cinder:openstack@ubuntustack/cinder
[DEFAULT]
...
transport_url = rabbit://openstack:openstack@ubuntustack
auth_strategy = keystone
my_ip = 192.168.195.160
[keystone_authtoken]
auth_uri = http://ubuntustack:5000
auth_url = http://ubuntustack:35357
memcached_servers = ubuntustack:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = cinder
password = openstack
[oslo_concurrency]
lock_path = /var/lib/cinder/tmp
$ vi /etc/nova/nova.conf
[cinder]
os_region_name = RegionOne
$ su -s /bin/sh -c "cinder-manage db sync" cinder
$ service nova-api restart && service cinder-scheduler restart && service cinder-api restart
安装和配置Cinder的LVM支持
$ apt-get install lvm2
$ service lvm2-lvmetad start
$ pvcreate /dev/sdd1
Physical volume "/dev/sdd1" successfully created
$ vgcreate cinder-volumes /dev/sdd1
Volume group "cinder-volumes" successfully created
$ vi /etc/cinder/cinder.conf
[DEFAULT]
...
enabled_backends = lvm
glance_api_servers = http://ubuntustack:9292
[lvm]
volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver
volume_group = cinder-volumes
iscsi_protocol = iscsi
iscsi_helper = tgtadm
$ service cinder-volume restart
$ . admin-openrc
$ openstack volume service list
+------------------+-----------------+------+---------+-------+----------------------------+
| Binary | Host | Zone | Status | State | Updated At |
+------------------+-----------------+------+---------+-------+----------------------------+
| cinder-scheduler | UbuntuStack | nova | enabled | up | 2016-11-29T00:35:14.000000 |
| cinder-volume | UbuntuStack | nova | enabled | up | 2016-11-29T00:34:33.000000 |
| cinder-volume | UbuntuStack@lvm | nova | enabled | up | 2016-11-29T00:35:17.000000 |
+------------------+-----------------+------+---------+-------+----------------------------+
创建一个LV卷
$ . demo-openrc
$ openstack volume create --size 1 volume1
+---------------------+--------------------------------------+
| Field | Value |
+---------------------+--------------------------------------+
| attachments | [] |
| availability_zone | nova |
| bootable | false |
| consistencygroup_id | None |
| created_at | 2016-11-29T10:21:46.494577 |
| description | None |
| encrypted | False |
| id | 5e291162-0cbb-4077-bb07-c2a217b28c1e |
| multiattach | False |
| name | volume1 |
| properties | |
| replication_status | disabled |
| size | 1 |
| snapshot_id | None |
| source_volid | None |
| status | creating |
| type | None |
| updated_at | None |
| user_id | ffff52bbf1da4c86a3d2b57e977f6b82 |
+---------------------+--------------------------------------+
# openstack volume delete volume1
$ openstack volume list
+--------------------------------------+--------------+----------+------+-------------+
| ID | Display Name | Status | Size | Attached to |
+--------------------------------------+--------------+----------+------+-------------+
| 5e291162-0cbb-4077-bb07-c2a217b28c1e | volume1 | creating | 1 | |
+--------------------------------------+--------------+----------+------+-------------+
$ openstack server add volume selfservice-instance volume1
$ openstack volume list
+--------------------------------------+--------------+--------+------+-----------------------------------------------+
| ID | Display Name | Status | Size | Attached to |
+--------------------------------------+--------------+--------+------+-----------------------------------------------+
| 5e291162-0cbb-4077-bb07-c2a217b28c1e | volume1 | in-use | 1 | Attached to selfservice-instance on /dev/vdb |
+--------------------------------------+--------------+--------+------+-----------------------------------------------+
$ 查看附加到虚拟机的卷:
$ ssh cirros@192.168.195.206
$ sudo fdisk -l
Disk /dev/vda: 1073 MB, 1073741824 bytes
255 heads, 63 sectors/track, 130 cylinders, total 2097152 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000
Device Boot Start End Blocks Id System
/dev/vda1 * 16065 2088449 1036192+ 83 Linux
Disk /dev/vdb: 1073 MB, 1073741824 bytes
16 heads, 63 sectors/track, 2080 cylinders, total 2097152 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x00000000
Disk /dev/vdb doesn't contain a valid partition table
安装和配置仪表盘服务
安装和配置Horizon服务
$ apt install openstack-dashboard
$ vi /etc/openstack-dashboard/local_settings.py
# Configure the dashboard to use OpenStack services on the ubuntustack node
OPENSTACK_HOST = "ubuntustack"
# Allow all hosts to access the dashboard
ALLOWED_HOSTS = ['*', ]
# Configure the memcached session storage service
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION': 'ubuntustack:11211',
}
}
# Enable the Identity API version 3
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
# Enable support for domains:
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
# Configure API versions:
OPENSTACK_API_VERSIONS = {
"identity": 3,
"image": 2,
"volume": 2,
}
# Configure default as the default domain for users that you create via the dashboard:
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "default"
# Configure user as the default role for users that you create via the dashboard:
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"
# Optionally, configure the time zone:
TIME_ZONE = "Asia/Shanghai"$ service apache2 reload
验证Horizon服务
使用浏览器打开 http://ubuntustack/horizon ,使用如下用户名和密码登录查看:
Domain User Password
default admin openstack
default demo openstack
到此,相信大家对“怎么在Ubuntu16单节点上安装OpenStack”有了更深的了解,不妨来实际操作一番吧!这里是天达云网站,更多相关内容可以进入相关频道进行查询,关注我们,继续学习!