使用openstack搭建私有云
生活随笔
收集整理的這篇文章主要介紹了
使用openstack搭建私有云
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
OpenStack 部署
一、環境準備
版本介紹
CentOS Linux release 7.6.1810 (Core)
內核版本:3.10.0-957.el7.x86_64
1、網絡環境
| controller | 10.0.0.51 |
| compute1 | 10.0.0.61 |
修改hosts文件
cat /etc/hosts
10.0.0.51 controller
10.0.0.61 compute1
關閉selinux、firewalld
cat env_set.sh #!/bin/bashsystemctl stop firewalld systemctl disable firewalldsetenforce 0 sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config yum install -y wget配置阿里yum源
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo手動配置阿里源
[centotack-rocky] name=openstack-rocky baseurl=https://mirrors.aliyun.com/centos/7/cloud/x86_64/openstack-rocky/ enabled=1 gpgcheck=0[qume-kvm] name=qemu-kvm baseurl= https://mirrors.aliyun.com/centos/7/virt/x86_64/kvm-common/ enabled=1 gpgcheck=0安裝openstack客戶端和openstack-selinux
yum install python-openstackclient openstack-selinux -y
2、同步時間
安裝相關軟件
yum install chrony vim net-tools lsof -y
#controller節點
allow 10.0.0.0/24
#其他節點
server 10.0.0.51 iburst
重啟服務
3、部署mariadb數據庫
數據庫節點
yum install mariadb mariadb-server python2-PyMySQL -y修改數據庫配置文件 /etc/my.cnf
bind-address = 10.0.0.51 default-storage-engine = innodb innodb_file_per_table #innodb使用獨立的表結構 max_connections = 4096 #最大的連接數 collation-server = utf8_general_ci #使用utf-8字符集 character-set-server = utf8啟動數據庫
systemctl enable mariadb systemctl start mariadb數據庫安全初始化
mysql_secure_installation#回車 n y y y y4、消息隊列RabbitMQ
安裝rabbit
yum install rabbitmq-server systemctl enable rabbitmq-server.service systemctl start rabbitmq-server.service #添加openstack用戶,設置密碼 rabbitmqctl add_user openstack RABBIT_PASSCreating user "openstack" ... #給openstack用戶配置寫和讀權限 rabbitmqctl set_permissions openstack ".*" ".*" ".*"Setting permissions for user "openstack" in vhost "/" ...Rabbitmq默認會開啟25672和5672端口
驗證:
開啟插件,監控. 端口:15672
rabbitmq-plugins enable rabbitmq_management # netstat -antplu|grep 5672 tcp 0 0 0.0.0.0:25672 0.0.0.0:* LISTEN 11226/beam.smp tcp 0 0 0.0.0.0:15672 0.0.0.0:* LISTEN 11226/beam.smp tcp6 0 0 :::5672 :::* LISTEN 11226/beam.smp5、配置memcached
yum install -y memcached python-memcached #默認監聽需要修改sed -i 's/127.0.0.1/10.0.0.51/g' /etc/sysconfig/memcachedsystemctl restart memcached.service驗證:
# netstat -anpl|grep 11211 tcp 0 0 10.0.0.51:11211 0.0.0.0:* LISTEN 12152/memcached6、openstack服務安裝的通用步驟:
1.創庫授權 2.在keystone創建用戶,關聯角色 3.在keystone上注冊服務,注冊api 4.安裝服務相關的軟件包 5.修改配置文件 數據庫的連接信息 rabbitmq的連接信息 keystone認證授權信息 6.同步數據庫,創建表 7.啟動服務二、keystone服務的安裝
1、創庫授權
create DATABASE keystone; GRANT ALL PRIVILEGES on keystone.* to 'keystone'@'localhost' identified by 'KEYSTONE_DBPASS'; GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'KEYSTONE_DBPASS';2、安裝keystone相關軟件包
yum install -y openstack-keystone httpd mod_wsgi修改配置文件
cp /etc/keystone/keystone.conf{,.back} grep -Ev '^$|^#' /etc/keystone/keystone.conf.back > /etc/keystone/keystone.conf cat /etc/keystone/keystone.conf [DEFAULT] admin_token = ADMIN_TOKENconnection = mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone[token] provider = fernet#同步數據庫 su -s /bin/sh -c "keystone-manage db_sync" keystone#初始化fernet keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone #驗證 ll /etc/keystone3、配置httpd
echo "ServerName controller" >>/etc/httpd/conf/httpd.conf cat /etc/httpd/conf.d/wsgi-keystone.conf Listen 5000 Listen 35357<VirtualHost *:5000>WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}WSGIProcessGroup keystone-publicWSGIScriptAlias / /usr/bin/keystone-wsgi-publicWSGIApplicationGroup %{GLOBAL}WSGIPassAuthorization OnErrorLogFormat "%{cu}t %M"ErrorLog /var/log/httpd/keystone-error.logCustomLog /var/log/httpd/keystone-access.log combined<Directory /usr/bin>Require all granted</Directory> </VirtualHost><VirtualHost *:35357>WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}WSGIProcessGroup keystone-adminWSGIScriptAlias / /usr/bin/keystone-wsgi-adminWSGIApplicationGroup %{GLOBAL}WSGIPassAuthorization OnErrorLogFormat "%{cu}t %M"ErrorLog /var/log/httpd/keystone-error.logCustomLog /var/log/httpd/keystone-access.log combined<Directory /usr/bin>Require all granted</Directory> </VirtualHost>重啟
systemctl enable httpd.service
systemctl restart httpd.service
4、創建服務和注冊api:
#配置認證令牌: export OS_TOKEN=ADMIN_TOKEN #配置端點URL: export OS_URL=http://controller:35357/v3 #配置認證 API 版本: export OS_IDENTITY_API_VERSION=3openstack service create \--name keystone --description "OpenStack Identity" identityopenstack endpoint create --region RegionOne \identity public http://controller:5000/v3openstack endpoint create --region RegionOne \identity internal http://controller:5000/v3openstack endpoint create --region RegionOne \identity admin http://controller:35357/v3創建域、項目、用戶、角色
openstack domain create --description "Default Domain" defaultopenstack project create --domain default \--description "Admin Project" adminopenstack user create --domain default \--password ADMIN_PASS adminopenstack role create adminopenstack role add --project admin --user admin adminopenstack project create --domain default \--description "Service Project" service退出bash
給定初始變量
驗證:
openstack token issue openstack user list openstack service list openstack endpoint list三、鏡像服務 glance
1、創庫授權
CREATE DATABASE glance; GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' \IDENTIFIED BY 'GLANCE_DBPASS'; GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' \IDENTIFIED BY 'GLANCE_DBPASS';2、在keystone創建用戶,關聯角色
openstack user create --domain default --password GLANCE_PASS glance openstack role add --project service --user glance admin3、在keystone上注冊服務,注冊api
openstack endpoint create --region RegionOne \image public http://controller:9292 openstack endpoint create --region RegionOne \image internal http://controller:9292 openstack endpoint create --region RegionOne \image admin http://controller:92924、安裝服務相關的軟件包
yum install openstack-glance -y5、修改配置文件
cp /etc/glance/glance-api.conf{,.back} grep -Ev '^$|#' /etc/glance/glance-api.conf.back > /etc/glance/glance-api.confcp /etc/glance/glance-registry.conf{,.back} grep -Ev '^$|#' /etc/glance/glance-registry.conf.back >/etc/glance/glance-registry.conf# cat /etc/glance/glance-api.conf [DEFAULT] [cors] [database] connection = mysql+pymysql://glance:GLANCE_DBPASS@controller/glance [glance_store] stores = file,http default_store = file filesystem_store_datadir = /var/lib/glance/images/ [image_format] [keystone_authtoken] auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = glance password = GLANCE_PASS [matchmaker_redis] [oslo_concurrency] [oslo_messaging_amqp] [oslo_messaging_kafka] [oslo_messaging_notifications] [oslo_messaging_rabbit] [oslo_messaging_zmq] [oslo_middleware] [oslo_policy] [paste_deploy] flavor = keystone [profiler] [store_type_location_strategy] [task] [taskflow_executor]# cat /etc/glance/glance-registry.conf [DEFAULT] [database] connection = mysql+pymysql://glance:GLANCE_DBPASS@controller/glance [keystone_authtoken] auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = glance password = GLANCE_PASS [matchmaker_redis] [oslo_messaging_amqp] [oslo_messaging_kafka] [oslo_messaging_notifications] [oslo_messaging_rabbit] [oslo_messaging_zmq] [oslo_policy] [paste_deploy] flavor = keystone [profiler]6、同步數據庫,創建表
# su -s /bin/sh -c "glance-manage db_sync" glance啟動鏡像服務、配置他們隨機啟動:
systemctl enable openstack-glance-api.service \openstack-glance-registry.servicesystemctl start openstack-glance-api.service \openstack-glance-registry.service四、nova的安裝
1、創庫授權
CREATE DATABASE nova_api; CREATE DATABASE nova; CREATE DATABASE nova_cell0; GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' \IDENTIFIED BY 'NOVA_DBPASS'; GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' \IDENTIFIED BY 'NOVA_DBPASS'; GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' \IDENTIFIED BY 'NOVA_DBPASS'; GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' \IDENTIFIED BY 'NOVA_DBPASS'; GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' \IDENTIFIED BY 'NOVA_DBPASS'; GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' \IDENTIFIED BY 'NOVA_DBPASS';2、在keystone創建用戶,關聯角色
openstack user create --domain default --password NOVA_PASS nova openstack role add --project service --user nova adminopenstack user create --domain default --password PLACEMENT_PASS placement openstack role add --project service --user placement admin3、在keystone上注冊服務,注冊api
openstack service create --name nova --description "OpenStack Compute" compute openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1/%\(tenant_id\)s openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1/%\(tenant_id\)s openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1/%\(tenant_id\)s #解決版本兼容 openstack service create --name placement --description "Placement API" placementopenstack endpoint create --region RegionOne placement public http://controller:8778 openstack endpoint create --region RegionOne placement internal http://controller:8778 openstack endpoint create --region RegionOne placement admin http://controller:87784、安裝服務相關的軟件包
yum install openstack-nova-api openstack-nova-conductor openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler -y5、修改配置文件
# cat /etc/nova/nova.conf [DEFAULT] enabled_apis = osapi_compute,metadata rpc_backend = rabbit auth_strategy = keystone my_ip = 10.0.0.51 use_neutron = True firewall_driver = nova.virt.firewall.NoopFirewallDriver transport_url = rabbit://openstack:RABBIT_PASS@controller [api] [api_database] connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api [barbican] [cache] [cells] [cinder] [compute] [conductor] [console] [consoleauth] [cors] [database] connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova [devices] [ephemeral_storage_encryption] [filter_scheduler] [glance] api_servers = http://controller:9292 [guestfs] [healthcheck] [hyperv] [ironic] [key_manager] [keystone] [keystone_authtoken] auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = nova password = NOVA_PASS [libvirt] virt_type = qemu cpu_mode = none [matchmaker_redis] [metrics] [mks] [neutron] [notifications] [osapi_v21] [oslo_concurrency][oslo_messaging_amqp] [oslo_messaging_kafka] [oslo_messaging_notifications] [oslo_messaging_rabbit] rabbit_host = controller rabbit_userid = openstack rabbit_password = RABBIT_PASS [oslo_messaging_zmq] [oslo_middleware] [oslo_policy] [pci] [placement] os_region_name = RegionOne project_domain_name = Default project_name = service auth_type = password user_domain_name = Default auth_url = http://controller:35357/v3 username = placement password = PLACEMENT_PASS [placement_database] [powervm] [profiler] [quota] [rdp] [remote_debug] [scheduler] [serial_console] [service_user] [spice] [upgrade_levels] [vault] [vendordata_dynamic_auth] [vmware] [vnc] vncserver_listen = $my_ip vncserver_proxyclient_address = $my_ip [workarounds] [wsgi] [xenserver] [xvp] [zvm]tail /etc/httpd/conf.d/00-nova-placement-api.conf <Directory /usr/bin><IfVersion >= 2.4>Require all granted</IfVersion><IfVersion < 2.4>Order allow,denyAllow from all</IfVersion> </Directory>重啟httpd service
systemctl restart httpd
6、同步數據庫,創建表
su -s /bin/sh -c "nova-manage api_db sync" nova su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova su -s /bin/sh -c "nova-manage db sync" nova #驗證 nova-manage cell_v2 list_cells7、啟動服務
systemctl enable openstack-nova-api.service \openstack-nova-consoleauth.service openstack-nova-scheduler.service \openstack-nova-conductor.service openstack-nova-novncproxy.service systemctl start openstack-nova-api.service \openstack-nova-consoleauth.service openstack-nova-scheduler.service \openstack-nova-conductor.service openstack-nova-novncproxy.service四(2)、計算節點
1、軟件安裝
yum install openstack-nova-compute配置文件
# cat /etc/nova/nova.conf [DEFAULT] enabled_apis = osapi_compute,metadata transport_url = rabbit://openstack:RABBIT_PASS@controller my_ip = 10.0.0.61 use_neutron = True firewall_driver = nova.virt.firewall.NoopFirewallDriver [api] auth_strategy = keystone [api_database] [barbican] [cache] [cells] [cinder] [compute] [conductor] [console] [consoleauth] [cors] [database] [devices] [ephemeral_storage_encryption] [filter_scheduler] [glance] api_servers = http://controller:9292 [guestfs] [healthcheck] [hyperv] [ironic] [key_manager] [keystone] [keystone_authtoken] auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = nova password = NOVA_PASS [libvirt] virt_type = qemu cpu_mode = none [matchmaker_redis] [metrics] [mks] [neutron] [notifications] [osapi_v21] [oslo_concurrency] lock_path = /var/lib/nova/tmp [oslo_messaging_amqp] [oslo_messaging_kafka] [oslo_messaging_notifications] [oslo_messaging_rabbit] [oslo_messaging_zmq] [oslo_middleware] [oslo_policy] [pci] [placement] [placement_database] [powervm] [profiler] [quota] [rdp] [remote_debug] [scheduler] [serial_console] [service_user] [spice] [upgrade_levels] [vault] [vendordata_dynamic_auth] [vmware] [vnc] enabled = True vncserver_listen = 0.0.0.0 vncserver_proxyclient_address = $my_ip novncproxy_base_url = http://controller:6080/vnc_auto.html [workarounds] [wsgi] [xenserver] [xvp] [zvm] [placement] os_region_name = RegionOne project_domain_name = Default project_name = service auth_type = password user_domain_name = Default auth_url = http://controller:35357/v3 username = placement password = PLACEMENT_PASSopenstack hypervisor list
su -s /bin/sh -c “nova-manage cell_v2 discover_hosts --verbose” nova
啟動服務
systemctl enable libvirtd.service openstack-nova-compute.service
systemctl start libvirtd.service openstack-nova-compute.service
五、neutron網絡服務
控制節點
1.創庫授權
CREATE DATABASE neutron; GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \IDENTIFIED BY 'NEUTRON_DBPASS'; GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \IDENTIFIED BY 'NEUTRON_DBPASS';2.在keystone創建用戶,關聯角色
openstack user create --domain default --password NEUTRON_PASS neutron openstack role add --project service --user neutron admin3.在keystone上注冊服務,注冊api
openstack service create --name neutron \--description "OpenStack Networking" networkopenstack endpoint create --region RegionOne \network public http://controller:9696 openstack endpoint create --region RegionOne \network internal http://controller:9696 openstack endpoint create --region RegionOne \network admin http://controller:96964.安裝服務相關的軟件包
yum install openstack-neutron openstack-neutron-ml2 \openstack-neutron-linuxbridge ebtables -y5.修改配置文件
cp /etc/neutron/neutron.conf{,.back} grep -Ev '^$|#' /etc/neutron/neutron.conf.back > /etc/neutron/neutron.confcp /etc/neutron/dhcp_agent.ini{,.back} grep -Ev '^$|#' /etc/neutron/dhcp_agent.ini.back > /etc/neutron/dhcp_agent.inicp /etc/neutron/metadata_agent.ini{,.back} grep -Ev '^$|#' /etc/neutron/metadata_agent.ini.back > /etc/neutron/metadata_agent.inicp /etc/neutron/plugins/ml2/ml2_conf.ini{,.back} grep -Ev '^$|#' /etc/neutron/plugins/ml2/ml2_conf.ini.back > /etc/neutron/plugins/ml2/ml2_conf.inicp /etc/neutron/plugins/ml2/linuxbridge_agent.ini{,.back} grep -Ev '^$|#' /etc/neutron/plugins/ml2/linuxbridge_agent.ini.back > /etc/neutron/plugins/ml2/linuxbridge_agent.ini#編輯/etc/nova/nova.conf [neutron] ... url = http://controller:9696 auth_url = http://controller:35357 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = NEUTRON_PASSservice_metadata_proxy = True metadata_proxy_shared_secret = METADATA_SECRET6.同步數據庫,創建表
#網絡服務初始化腳本 ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.inisu -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron7.啟動服務
systemctl restart openstack-nova-api.servicesystemctl enable neutron-server.service \neutron-linuxbridge-agent.service neutron-dhcp-agent.service \neutron-metadata-agent.service systemctl start neutron-server.service \neutron-linuxbridge-agent.service neutron-dhcp-agent.service \neutron-metadata-agent.service計算節點
安裝
yum install openstack-neutron-linuxbridge ebtables ipset -y修改配置文件
cp /etc/neutron/neutron.conf{,.back} grep -Ev '^$|#' /etc/neutron/neutron.conf.back > /etc/neutron/neutron.confcp /etc/neutron/plugins/ml2/linuxbridge_agent.ini{,.back} grep -Ev '^$|#' /etc/neutron/plugins/ml2/linuxbridge_agent.ini.back > /etc/neutron/plugins/ml2/linuxbridge_agent.ini啟動服務
systemctl restart openstack-nova-compute.servicesystemctl enable neutron-linuxbridge-agent.service systemctl start neutron-linuxbridge-agent.service六、Dashboard
安裝
yum install openstack-dashboard -y配置文件
egrep -v '^$|#' /etc/openstack-dashboard/local_settings import os from django.utils.translation import ugettext_lazy as _ from openstack_dashboard import exceptions from openstack_dashboard.settings import HORIZON_CONFIG DEBUG = False TEMPLATE_DEBUG = DEBUG WEBROOT = '/dashboard/' ALLOWED_HOSTS = ['*', ] OPENSTACK_API_VERSIONS = {"identity": 3,"image": 2,"volume": 2,"compute": 2, } OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'default' LOCAL_PATH = '/tmp' SECRET_KEY='65941f1393ea1c265ad7' SESSION_ENGINE = 'django.contrib.sessions.backends.cache' CACHES = {'default': {'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache','LOCATION': 'controller:11211',}, } EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' OPENSTACK_HOST = "controller" OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user" OPENSTACK_KEYSTONE_BACKEND = {'name': 'native','can_edit_user': True,'can_edit_group': True,'can_edit_project': True,'can_edit_domain': True,'can_edit_role': True, } OPENSTACK_HYPERVISOR_FEATURES = {'can_set_mount_point': False,'can_set_password': False,'requires_keypair': False, } OPENSTACK_CINDER_FEATURES = {'enable_backup': False, } OPENSTACK_NEUTRON_NETWORK = {'enable_router': False,'enable_quotas': False,'enable_ipv6': False,'enable_distributed_router': False,'enable_ha_router': False,'enable_lb': False,'enable_firewall': False,'enable_vpn': False,'enable_fip_topology_check': False,'default_ipv4_subnet_pool_label': None,'default_ipv6_subnet_pool_label': None,'profile_support': None,'supported_provider_types': ['*'],'supported_vnic_types': ['*'], } OPENSTACK_HEAT_STACK = {'enable_user_pass': True, } IMAGE_CUSTOM_PROPERTY_TITLES = {"architecture": _("Architecture"),"kernel_id": _("Kernel ID"),"ramdisk_id": _("Ramdisk ID"),"image_state": _("Euca2ools state"),"project_id": _("Project ID"),"image_type": _("Image Type"), } IMAGE_RESERVED_CUSTOM_PROPERTIES = [] API_RESULT_LIMIT = 1000 API_RESULT_PAGE_SIZE = 20 SWIFT_FILE_TRANSFER_CHUNK_SIZE = 512 * 1024 DROPDOWN_MAX_ITEMS = 30 TIME_ZONE = "Asia/Shanghai" POLICY_FILES_PATH = '/etc/openstack-dashboard' LOGGING = {'version': 1,'disable_existing_loggers': False,'handlers': {'null': {'level': 'DEBUG','class': 'logging.NullHandler',},'console': {'level': 'INFO','class': 'logging.StreamHandler',},},'loggers': {'django.db.backends': {'handlers': ['null'],'propagate': False,},'requests': {'handlers': ['null'],'propagate': False,},'horizon': {'handlers': ['console'],'level': 'DEBUG','propagate': False,},'openstack_dashboard': {'handlers': ['console'],'level': 'DEBUG','propagate': False,},'novaclient': {'handlers': ['console'],'level': 'DEBUG','propagate': False,},'cinderclient': {'handlers': ['console'],'level': 'DEBUG','propagate': False,},'keystoneclient': {'handlers': ['console'],'level': 'DEBUG','propagate': False,},'glanceclient': {'handlers': ['console'],'level': 'DEBUG','propagate': False,},'neutronclient': {'handlers': ['console'],'level': 'DEBUG','propagate': False,},'heatclient': {'handlers': ['console'],'level': 'DEBUG','propagate': False,},'ceilometerclient': {'handlers': ['console'],'level': 'DEBUG','propagate': False,},'swiftclient': {'handlers': ['console'],'level': 'DEBUG','propagate': False,},'openstack_auth': {'handlers': ['console'],'level': 'DEBUG','propagate': False,},'nose.plugins.manager': {'handlers': ['console'],'level': 'DEBUG','propagate': False,},'django': {'handlers': ['console'],'level': 'DEBUG','propagate': False,},'iso8601': {'handlers': ['null'],'propagate': False,},'scss': {'handlers': ['null'],'propagate': False,},}, } SECURITY_GROUP_RULES = {'all_tcp': {'name': _('All TCP'),'ip_protocol': 'tcp','from_port': '1','to_port': '65535',},'all_udp': {'name': _('All UDP'),'ip_protocol': 'udp','from_port': '1','to_port': '65535',},'all_icmp': {'name': _('All ICMP'),'ip_protocol': 'icmp','from_port': '-1','to_port': '-1',},'ssh': {'name': 'SSH','ip_protocol': 'tcp','from_port': '22','to_port': '22',},'smtp': {'name': 'SMTP','ip_protocol': 'tcp','from_port': '25','to_port': '25',},'dns': {'name': 'DNS','ip_protocol': 'tcp','from_port': '53','to_port': '53',},'http': {'name': 'HTTP','ip_protocol': 'tcp','from_port': '80','to_port': '80',},'pop3': {'name': 'POP3','ip_protocol': 'tcp','from_port': '110','to_port': '110',},'imap': {'name': 'IMAP','ip_protocol': 'tcp','from_port': '143','to_port': '143',},'ldap': {'name': 'LDAP','ip_protocol': 'tcp','from_port': '389','to_port': '389',},'https': {'name': 'HTTPS','ip_protocol': 'tcp','from_port': '443','to_port': '443',},'smtps': {'name': 'SMTPS','ip_protocol': 'tcp','from_port': '465','to_port': '465',},'imaps': {'name': 'IMAPS','ip_protocol': 'tcp','from_port': '993','to_port': '993',},'pop3s': {'name': 'POP3S','ip_protocol': 'tcp','from_port': '995','to_port': '995',},'ms_sql': {'name': 'MS SQL','ip_protocol': 'tcp','from_port': '1433','to_port': '1433',},'mysql': {'name': 'MYSQL','ip_protocol': 'tcp','from_port': '3306','to_port': '3306',},'rdp': {'name': 'RDP','ip_protocol': 'tcp','from_port': '3389','to_port': '3389',}, } REST_API_REQUIRED_SETTINGS = ['OPENSTACK_HYPERVISOR_FEATURES','LAUNCH_INSTANCE_DEFAULTS'] # ll /etc/openstack-dashboard/local_settings -rw-r-----. 1 root apache 26505 Apr 28 21:56 /etc/openstack-dashboard/local_settings對域的修改
vim /etc/httpd/conf.d/openstack-dashboard.confWSGIApplicationGroup %{GLOBAL}systemctl restart httpd七、創建一個實例
1、創建網路
neutron net-create --shared --provider:physical_network provider \--provider:network_type flat ouzhenetneutron subnet-create --name ouzhe1 \--allocation-pool start=10.0.0.101,end=10.0.0.200 \--dns-nameserver 114.114.114.114 --gateway 10.0.0.2 \ouzhenet 10.0.0.0/242、創建m1.nano規格的主機
openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano3、生成和添加秘鑰對
ssh-keygen -q -N "" -f ~/.ssh/id_rsa openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey4、增加安全組規則
openstack security group rule create --proto icmp default openstack security group rule create --proto tcp --dst-port 22 default5、創建主機
neutron net-list neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead. +--------------------------------------+----------+----------------------------------+--------------------------------------------------+ | id | name | tenant_id | subnets | +--------------------------------------+----------+----------------------------------+--------------------------------------------------+ | cae26611-d5d1-4465-a352-c35a014e6f08 | ouzhenet | fd444319c4874e908d66d1c91e07c42d | 29281230-6848-4397-bfec-241c5e8c9e65 10.0.0.0/24 | +--------------------------------------+----------+----------------------------------+--------------------------------------------------+openstack server create --flavor m1.nano --image cirros \--nic net-id=cae26611-d5d1-4465-a352-c35a014e6f08 --security-group default \--key-name mykey ouzhe001驗證創建的虛擬機
驗證是否有IP地址,能否上外網
搭建時的一些下錯誤
Host ‘compute1’ is not mapped to any cell
解決方案
su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova參考文檔:
https://docs.openstack.org/mitaka/install-guide-rdo/
https://blog.51cto.com/egon09/1845226
總結
以上是生活随笔為你收集整理的使用openstack搭建私有云的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 分布式存储对比
- 下一篇: 大学计算机作业互评评语简短,大学学生互评