社区微信群开通啦,扫一扫抢先加入社区官方微信群
社区微信群
目录
1.3.1 在controller和compute节点上编辑selinux文件
1.3.2 controller和compute节点关闭防火墙
1.4.1 controller和compute节点安装chrony
1.5.2 controller和compute节点升级软件包
1.5.3 controller和compute节点安装openstack客户端和openstack-selinux服务
1.7.1 在controller节点安装rabbitmq-server
1.8.1 在controller节点上安装memcached
2.3.1修改/etc/keystone/keystone.conf配置文件
3.3 添加admin角色到glance用户和service项目中
3.7.1在/etc/glance/glance-api.conf中添加以下内容
3.7.2在/etc/glance/glance-registry.conf文件中添加以下内容
4.1 创建nova,nova_api,nova_cell0数据库
4.12 编辑/etc/httpd/conf.d/00-nova-placement-api.conf,添加以下内容
在compute节点安装nova-compute服务(4.20-4.24)
4.24 在controller节点添加compute到cell数据库中
首先在controller安装Neutron服务(4.1-4.16)
4.7 编辑/etc/neutron/neutron.conf文件
4.8 编辑/etc/neutron/plugins/ml2/ml2_conf.ini文件
4.9 编辑/etc/neutron/plugins/ml2/linuxbridge_agent.ini文件
4.10 编辑/etc/neutron/l3_agent.ini文件
4.11 编辑/etc/neutron/dhcp_agent.ini文件
4.11 编辑/etc/neutron/metadata_agent.ini文件
4.18 编辑/etc/neutron/neutron.conf文件
4.19 编辑/etc/neutron/plugins/ml2/linuxbridge_agent.ini文件
5.2 编辑 /etc/openstack-dashboard/local_settings文件
5.3 编辑/etc/httpd/conf.d/openstack-dashboard.conf文件
6.7 添加Self-service网络到router的接口上
controller节点:172.24.19.10
compute节点:172.24.19.20
修改和添加/etc/sysconfig/network-scripts/ifcfg-enp*(具体的网口)文件。
(1)controller节点
配置网络:
enp8s0: 172.24.19.10
DEVICE=enp8s0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=172.24.19.10
PREFIX=24
GATEWAY=172.24.19.1
enp9s0: 172.24.20.10
DEVICE=enp9s0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=172.24.20.10
PREFIX=24
配置主机名:
# hostnamectl set-hostname controller
按ctrl+d 退出 重新登陆
(2)compute 节点
配置网络:
enp8s0: 172.24.19.20
DEVICE=enp8s0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=172.24.19.20
PREFIX=24
GATEWAY=172.24.19.1
enp9s0: 172.24.20.20
DEVICE=enp9s0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=172.24.20.20
PREFIX=24
配置主机名:
# hostnamectl set-hostname compute
按ctrl+d 退出 重新登陆
在controller和compute节点上修改/etc/hosts添加一下内容
172.24.19.10 controller
172.24.19.20 compute
# vi /etc/selinux/config
SELINUX=disabled
关闭防火墙,并且开机不自启
[root@compute ~]# systemctl stop firewalld
syst[root@compute ~]# systemctl disable firewalld
清空防火墙规则
[root@compute ~]# iptables -F
[root@compute ~]# iptables -X
[root@compute ~]# iptables -Z
[root@compute ~]# /usr/sbin/iptables-save
# yum install -y chrony
编辑/etc/chrony.conf文件
添加以下内容
server controller iburst
allow 172.24.0.0/16
启动服务
[root@controller ~]# systemctl start chronyd
[root@controller ~]# systemctl enable chronyd
编辑/etc/chrony.conf文件
添加以下内容
server controller iburst
启动服务
[root@compute ~]# systemctl start chronyd
[root@compute ~]# systemctl enable chronyd
在controller和compute节点运行以下命令查看是否同步成功
[root@compute ~]# chronyc sources
# yum install -y centos-release-openstack-queens
# yum upgrade
# yum install python-openstackclient openstack-selinux -y
controller和compute节点安装完以上服务后,重启系统
# reboot
[root@controller ~]# yum install -y mariadb mariadb-server python2-PyMySQL
新建数据库配置文件/etc/my.cnf.d/openstack.cnf,添加以下内容
[mysqld]
bind-address = 172.24.19.10
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
[root@controller ~]# systemctl enable mariadb.service
[root@controller ~]# systemctl start mariadb.service
运行mysql_secure_installation命令,创建数据库root密码
[root@controller ~]# mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y
New password: ## 此处为root用户密码,这里设为000000
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] n
... skipping.
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
[root@controller ~]# yum install -y rabbitmq-server -y
[root@controller ~]# systemctl start rabbitmq-server.service
[root@controller ~]# systemctl enable rabbitmq-server.service
Created symlink from /etc/systemd/system/multi-user.target.wants/rabbitmq-server.service to /usr/lib/systemd/system/rabbitmq-server.service.
[root@controller ~]# rabbitmqctl add_user openstack 000000
Creating user "openstack" ...
[root@controller ~]# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
Setting permissions for user "openstack" in vhost "/" ...
[root@controller ~]# yum install -y memcached
编辑/etc/sysconfig/memcached,修改以下内容
修改OPTIONS="-l 127.0.0.1,::1"为
OPTIONS="-l 127.0.0.1,::1,controller"
[root@controller ~]# systemctl start memcached.service
[root@controller ~]# systemctl enable memcached.service
[root@controller ~]# yum install etcd -y
编辑/etc/etcd/etcd.conf,在各自的位置修改以下内容
#[Member]
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="http://172.24.19.10:2380"
ETCD_LISTEN_CLIENT_URLS="http://172.24.19.10:2379"
ETCD_NAME="controller"
#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://172.24.19.10:2380"
ETCD_ADVERTISE_CLIENT_URLS="http://172.24.19.10:2379"
ETCD_INITIAL_CLUSTER="controller=http://172.24.19.10:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"
ETCD_INITIAL_CLUSTER_STATE="new"
[root@controller ~]# systemctl start etcd
[root@controller ~]# systemctl enable etcd
WARNING:(在我想查看集群状态的时候,报错了,但是不影响后面的操作)
[root@controller ~]# etcdctl cluster-health
cluster may be unhealthy: failed to list members
Error: client: etcd cluster is unavailable or misconfigured; error #0: dial tcp 127.0.0.1:4001: getsockopt: connection refused
; error #1: dial tcp 127.0.0.1:2379: getsockopt: connection refused
error #0: dial tcp 127.0.0.1:4001: getsockopt: connection refused
error #1: dial tcp 127.0.0.1:2379: getsockopt: connection refused
[root@controller ~]# mysql -uroot -p000000(此处为之前设置的数据库密码)
Welcome to the MariaDB monitor. Commands end with ; or g.
Your MariaDB connection id is 9
Server version: 10.1.20-MariaDB MariaDB Server
Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
MariaDB [(none)]> CREATE DATABASE keystone;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '000000';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '000000';
Query OK, 0 rows affected (0.00 sec)
[root@controller ~]# yum install openstack-keystone httpd mod_wsgi -y
[database]
connection = mysql+pymysql://keystone:000000@controller/keystone
[token]
provider = fernet
[root@controller ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone
[root@controller ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
[root@controller ~]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
[root@controller ~]# keystone-manage bootstrap --bootstrap-password 000000 --bootstrap-admin-url http://controller:5000/v3/ --bootstrap-internal-url http://controller:5000/v3/ --bootstrap-public-url http://controller:5000/v3/ --bootstrap-region-id RegionOne
编辑/etc/httpd/conf/httpd.conf,添加以下内容
ServerName controller
[root@controller ~]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
[root@controller ~]# systemctl enable httpd.service
版权声明:本文来源CSDN,感谢博主原创文章,遵循 CC 4.0 by-sa 版权协议,转载请附上原文出处链接和本声明。
原文链接:https://blog.csdn.net/qq_38773184/article/details/81476997
站方申明:本站部分内容来自社区用户分享,若涉及侵权,请联系站方删除。
如果觉得我的文章对您有用,请随意打赏。你的支持将鼓励我继续创作!