|
1.安装环境: 操作系统:centos 7.5地址规划:192.168.254.10 openstack-server架构:所有组件(包括控制节点、计算节点、网络节点)全部安装一个节点2.系统配置: [root@localhost ~]# hostname openstack-server3 X7 G7 i: C( {" n& l
7 w Y8 |( S5 d& [6 L, V[root@openstack-server ~]# vim /etc/hostname
/ F; A ]4 j8 `& ~2 ]9 hopenstack-server
! U, c5 J" n# X7 y/ }) k[root@openstack-server ~]# vim /etc/hosts+ f" y0 F9 R v; j# R- M* c, ~( ]
192.168.254.10 openstack-server openstack-server.smoke.com
7 s$ C! a0 x. ^$ D[root@openstack-server ~]# ifconfig 2 ~7 |5 b2 n$ J# r' M" n! S
enp4s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 : D, L0 v1 I4 Y
inet 192.168.254.10 netmask 255.255.255.224 broadcast 192.168.254.31
4 I% e1 V0 ~# h8 U7 h inet6 fe80::119a:26d0:b028:74d0 prefixlen 64 scopeid 0x20<link>
H3 _; x1 z! W3 C: h6 d( l t" D' A ether 00:e0:4c:0f:ff:a9 txqueuelen 1000 (Ethernet)
' x0 w7 l9 Q. i' e) P( r6 c RX packets 42277 bytes 39441483 (37.6 MiB) * K* F) U2 `* X T1 J" a
RX errors 0 dropped 0 overruns 0 frame 0 ' d) i" [9 S; L2 {/ Q2 {
TX packets 14912 bytes 1016294 (992.4 KiB)
& |3 D+ l$ C$ W/ m" t TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0" k# R, f5 \0 F" y
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
8 p4 P% }5 L# m* B6 a& G7 L inet 127.0.0.1 netmask 255.0.0.0 9 \* W, k5 k- F1 \( ^
inet6 ::1 prefixlen 128 scopeid 0x10<host> & ^. |1 Y7 j$ }7 S; i
loop txqueuelen 1000 (Local Loopback) ( m) b# S# y+ ?: W, e- j
RX packets 32 bytes 2792 (2.7 KiB) - `/ l. H5 v% [+ }
RX errors 0 dropped 0 overruns 0 frame 0
f* _7 C3 G5 f' x5 {% x TX packets 32 bytes 2792 (2.7 KiB)
7 S" E5 r }: x* {4 x4 c$ X TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
5 d/ n5 [; b- G2 F6 J" C# }4 V3.安装时间同步服务NTP:! j2 _- _2 l T& N
[root@openstack-server ~]# yum install chrony 修改chrony服务配置: [root@openstack-server ~]# vim /etc/chrony.conf }3 e* i7 y/ e1 L: {! D" |
allow 192.168.254.0/27
7 }0 h* k ~0 s* _$ I0 U6 F/ S启动chrony服务: [root@openstack-server ~]# systemctl enable chronyd.service: ~: n* `/ C: l1 Y. g2 J
[root@openstack-server ~]# systemctl start chronyd.service
6 Z2 |' B2 D2 e设置时区:- n4 e6 g& Z5 P2 V& p
[root@openstack-server ~]# timedatectl set-timezone Asia/Shanghai 4.安装阿里的OpenStack源: [root@openstack-server ~]# vim /etc/yum.repos.d/OpenStack-Rocky.repo
& ^% P* {- b6 a' Y[openstack-rocky]$ c* T% K$ }0 a" R
name=openstack-rocky
2 D9 Z+ W) X9 @6 W- M: \baseurl=https://mirrors.aliyun.com/centos/7.5.1804/cloud/x86_64/openstack-rocky/
1 J9 F4 a _ P/ X, C# t3 agpgcheck=0
' i2 p* s; ?, W1 t9 igpgkey=https://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
( J: o4 z* l5 |1 r$ @2 n" irepo_gpgcheck=0& S) H9 p( b" X
enabled=1
) e) A4 Q( C+ a[root@openstack-server ~]# yum clean all
) X R3 o$ _+ W* h7 P3 F[root@openstack-server ~]# yum makecache
" M! |& R+ z6 l) _2 u( m还可以使用官方yum源方式: [root@openstack-server ~]# yum install centos-release-openstack-rocky
- j% g( Z- R3 z# J3 ]+ n[root@openstack-server ~]# yum install https://rdoproject.org/repos/rdo-release.rpm
( ^4 c/ ?/ j8 R4 @升级软件包:# l3 M; J* S' n
[root@openstack-server ~]# yum -y upgrade 安装OpenStack client:! v0 c |0 [( m6 l: \- z& G
[root@openstack-server ~]# yum -y install python-openstackclient 安装openstack-selinux:
; i: F3 L4 y; O0 Z/ T[root@openstack-server ~]# yum -y install openstack-selinux 5.安装Mariadb:
8 ?( Y! U, v5 {( _, C8 o" D[root@openstack-server ~]# yum -y install mariadb mariadb-server python2-PyMySQL 修改Mariadb配置文件: [root@openstack-server ~]# mv /etc/my.cnf /etc/my.cnf.bak
, J! X, l: S* ?; M[root@openstack-server ~]# cp /usr/share/mariadb/my-large.cnf /etc/my.cnf
: m: Z, ^' _, N. |' J[root@openstack-server ~]# vim /etc/my.cnf# r* N+ H9 E' U* M0 v
[mysqld]' b0 ~. H7 C: V6 M6 P" B) q. u
bind-address = 192.168.254.10
. v! h* l. l. H: q( f' \: Jdefault-storage-engine = innodb8 w! B, w" b2 n
innodb_file_per_table = on
J9 c6 e6 H/ Y Ymax_connections = 40968 ?7 Y+ O" }. U: k. }( _8 I
collation-server = utf8_general_ci: I8 o1 Z5 T! n" V4 q
character-set-server = utf8 h7 J" B$ x" m y5 s K
启动Mariadb服务: [root@openstack-server ~]# systemctl enable mariadb.service
& d& I/ o9 ?1 V" q[root@openstack-server ~]# systemctl start mariadb.service
% o8 o0 W/ @$ ~* h/ V2 `初始化Mariadb:
" m# a h' s6 r) A2 @8 {; \[root@openstack-server ~]# mysql_secure_installation(按提示操作设置root密码) 6.安装rabbitmq-server:
1 {# V. @6 d6 }7 V[root@openstack-server ~]# yum -y install rabbitmq-server 启动rabbitmq-server服务: [root@openstack-server ~]# systemctl enable rabbitmq-server.service( i8 f' m1 [* N4 v
[root@openstack-server ~]# systemctl start rabbitmq-server.service" K( `+ q6 ^# ?8 T9 G, \/ v
添加openstack用户: [root@openstack-server ~]# rabbitmqctl add_user openstack openstack1 x+ o) Z% S6 }$ K
[root@openstack-server ~]# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
4 Z% q9 [! I" C- d, @6 q3 ?开启web管理插件:
8 @: G% U, U- k[root@openstack-server ~]# rabbitmq-plugins enable rabbitmq_management 使用web访问rabbitmq-server(默认账号guest,密码guest):
2 Y- A4 t) k) V* { 设置openstack用户Tags为administrator(点击Admin -- openstack): 9 [, P% N5 |. Z! D! z3 X
 点击Update this user:: s: H5 H2 ?* }- M5 O& T
查看设置:
. ]9 S' z$ }( A4 w 7.安装memcached:6 Q) q4 g! c4 Q6 s; W
[root@openstack-server ~]# yum -y install memcached python-memcached 修改memcached服务配置: [root@openstack-server ~]# vim /etc/sysconfig/memcached
" w2 C l0 y4 g, i7 J8 {. YPORT="11211"# J6 C% m5 j7 B( @+ S
USER="memcached"/ d( C0 `2 [4 w. n# `' s
MAXCONN="1024"
) W2 x( \, Y+ ]CACHESIZE="64"
3 u, T8 `" Y- f; {) lOPTIONS="-l 0.0.0.0,::1"0 ]& P, K& \% l7 D+ l5 W; b
启动memcached服务: [root@openstack-server ~]# systemctl enable memcached.service% R( q" g6 y( T
[root@openstack-server ~]# systemctl start memcached.service8 `$ O0 E5 c- I# x t
8.安装etcd服务:2 J" N6 [* K7 i( p
[root@openstack-server ~]# yum -y install etcd 修改etcd服务配置: [root@openstack-server ~]# vim /etc/etcd/etcd.conf! Z* w2 E& n3 C4 n- \5 c1 X. j
#[Member]) V+ s0 |8 k7 x
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
) }2 j% I O" R/ _1 j& o, j" H2 ]ETCD_LISTEN_PEER_URLS="http://192.168.254.10:2380"
! ^9 p) A0 D/ o" p. W& h, q3 }1 xETCD_LISTEN_CLIENT_URLS="http://192.168.254.10:2379"# Z' g+ Z" v0 n2 d6 C
ETCD_NAME="openstack-server"
, W3 R/ b( ~7 {6 z#[Clustering]( J- w& F' v: F
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.254.10:2380"
) g( s4 N; l/ L+ PETCD_ADVERTISE_CLIENT_URLS="http://192.168.254.10:2379"
~, H& D9 T! M* z3 F$ e/ i# {ETCD_INITIAL_CLUSTER="openstack-server=http://192.168.254.10:2380"1 j6 M& ?' r, s6 Z, X4 u$ S5 J
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"
5 Q% w$ T# `3 G$ S' B7 _! @- t! U. lETCD_INITIAL_CLUSTER_STATE="new"5 b9 s; d' n, j& q5 F" b
启动etcd服务: [root@openstack-server ~]# systemctl enable etcd: q9 _ V p f2 E( l# V3 |" B! r0 E8 _
[root@openstack-server ~]# systemctl start etcd
( e! L7 S: @9 q- a+ E9.安装keystone:
% T% \0 K4 T7 _! i+ h在Mariadb创建keystone库和用户: [root@openstack-server ~]# mysql -uroot -psmoke520 -e "CREATE DATABASE keystone;") J( J$ `/ q% @
[root@openstack-server ~]# mysql -uroot -psmoke520 -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'keystone';"
3 R9 z5 h4 S* l0 Z6 W/ D5 |4 J[root@openstack-server ~]# mysql -uroot -psmoke520 -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'keystone';"
0 u+ K6 o$ S. T) A安装keystone:" S* B4 A+ m, r6 U+ G8 X/ H
[root@openstack-server ~]# yum -y install openstack-keystone httpd mod_wsgi 修改keystone服务配置: [root@openstack-server ~]# vim /etc/keystone/keystone.conf! ]9 L0 D. n1 c( M; h4 d: p
[database]1 }2 r" K4 z6 N/ r4 B7 ]$ h" }
connection = mysql+pymysql://keystone:keystone@openstack-server/keystone e1 V: t W- I5 Z. d
[token]provider = fernet3 O L# I) ]" P$ x
同步数据库:
; |$ V' h2 Q" V9 W8 p% I* L. L[root@openstack-server ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone 初始化Fernet key仓库: [root@openstack-server ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
) e3 G& }4 G. C" ?4 w' Y[root@openstack-server ~]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone; c7 z! z5 V2 _4 x
引导身份服务: [root@openstack-server ~]# keystone-manage bootstrap --bootstrap-password admin --bootstrap-admin-url http://openstack-server:5000/v3/ --bootstrap-internal-url http://openstack-server:5000/v3/ --bootstrap-public-url http://openstack-server:5000/v3/ --bootstrap-region-id RegionOne修改httpd服务配置: [root@openstack-server ~]# vim /etc/httpd/conf/httpd.conf
' @$ b$ v, b6 aServerName openstack-server) q- i3 i' y; n+ }3 Q4 f
创建wsgi-keysone配置文件链接:
- x6 X' f/ m6 }1 L2 a[root@openstack-server ~]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/ 启动httpd服务: [root@openstack-server ~]# systemctl enable httpd.service6 ^. I/ g) q# |; n' y
[root@openstack-server ~]# systemctl start httpd.service
* ~4 V4 g. c1 ?" l/ j5 c9 @+ Y4 V* X[root@openstack-server ~]# vim admin-openrc.sh6 [/ l& o/ m( Y+ d) G E0 \4 h
export OS_USERNAME=admin
# s% x4 _- Z: S& E1 b: B7 Uexport OS_PASSWORD=admin9 O* O7 u' a- z' u; i" b6 p3 n
export OS_PROJECT_NAME=admin
3 J; I8 e1 w6 Rexport OS_USER_DOMAIN_NAME=Default6 E8 l' N0 q e' r
export OS_PROJECT_DOMAIN_NAME=Default
% B3 w' x, c1 o z5 r) h8 ~: E( Wexport OS_AUTH_URL=http://openstack-server:5000/v3
. P* c) ?9 X& m8 y1 p/ ?+ Qexport OS_IDENTITY_API_VERSION=3
& \: G2 {6 D y" ?* @2 m/ F' f% b% c$ ]
7 S" U0 u/ y: L, A, q: u
创建域,项目,用户,角色: [root@openstack-server ~]# . admin-openrc.sh y( Y* E4 t0 T* ]0 z* K6 q5 z
[root@openstack-server ~]# openstack domain create --description "An Example Domain" example
: N6 m" I4 |& s5 u[root@openstack-server ~]# openstack project create --domain default --description "Service Project" service
3 u, Y& X8 a* ~/ t: s1 f( f. N[root@openstack-server ~]# openstack project create --domain default --description "Demo Project" myproject A. ~; O1 f8 y, G
[root@openstack-server ~]# openstack user create --domain default --password-prompt myuser
% N" u) [: N% F S' s8 p[root@openstack-server ~]# openstack role create myrole. }, x( ]% g* e3 |' F
[root@openstack-server ~]# openstack role add --project myproject --user myuser myrole3 n* O6 o3 Z' F$ ]
验证keystone是否安装成功: [root@openstack-server ~]# unset OS_AUTH_URL OS_PASSWORD
( w) G F& K& h2 G& Z[root@openstack-server ~]# openstack --os-auth-url http://openstack-server:5000/v3 --os-project-domain-name Default --os-user-domain-name Default --os-project-name admin --os-username admin token issue
& R( [* N/ b0 W创建myuser环境变量: [root@openstack-server ~]# vim myuser-openrc.sh
8 P& }/ V8 r8 T7 v0 Rexport OS_USERNAME=myuser
& ^* T3 Q0 m/ R* j$ }export OS_PASSWORD=myuser, {: _5 B5 b/ ~& o5 t$ i% d
export OS_PROJECT_NAME=myproject; S5 R( D- G; |% U4 B: i1 \
export OS_USER_DOMAIN_NAME=Default
2 `* R& \9 T1 Y$ j6 Mexport OS_PROJECT_DOMAIN_NAME=Default
4 }# i3 P8 r# X. U! fexport OS_AUTH_URL=http://openstack-server:5000/v3/ E; i2 ^7 G/ x0 I4 {
export OS_IDENTITY_API_VERSION=3
% r, t+ G2 H- |& H+ f! v' h
2 K2 l5 v" l# G1 w+ Q) g: J1 A/ k使用myuser用户进行测试: [root@openstack-server ~]# . myuser-openrc.sh
* R# @( r' S- z[root@openstack-server ~]# openstack --os-auth-url http://openstack-server:5000/v3 --os-project-domain-name Default --os-user-domain-name Default --os-project-name myproject --os-username myuser token issue: a! K0 o4 N8 N( ^5 f( `
修改用户环境变量脚本: [root@openstack-server ~]# vim admin-openrc.sh
5 E" [! y$ _9 x4 a3 t6 [export OS_USERNAME=admin
3 X/ v: g+ m1 G! Eexport OS_PASSWORD=admin
. y6 }* H- X6 t$ } j6 b% pexport OS_PROJECT_NAME=admin7 @: k; z2 u' Z. P0 ^% o
export OS_USER_DOMAIN_NAME=Default# K3 p" }) T# e( S2 Z9 Y. L" I3 g' R# \
export OS_PROJECT_DOMAIN_NAME=Default
' \4 I7 v. C( R5 n% u5 ^1 c) G oexport OS_AUTH_URL=http://openstack-server:5000/v38 W( P% W' U3 v+ D0 F, d
export OS_IDENTITY_API_VERSION=3* S# w2 o; D% D+ I( w8 l
export OS_IMAGE_API_VERSION=2
' i( s" V: h2 I[root@openstack-server ~]# vim myuser-openrc.sh
! p; r3 f3 _( e0 z! G0 _" p. g$ R, `export OS_USERNAME=myuser
; c1 R* q, g' t" b* @% ~5 `1 iexport OS_PASSWORD=myuser8 {( n9 |6 q# `
export OS_PROJECT_NAME=myproject- Z5 `% W$ ?0 T, |2 {7 X
export OS_USER_DOMAIN_NAME=Default! S5 e% A% s- j( v& M! F9 Y
export OS_PROJECT_DOMAIN_NAME=Default2 E7 c3 Z0 E& [! {
export OS_AUTH_URL=http://openstack-server:5000/v3
5 o# z) x4 x# g# W# n6 Q$ U4 U! lexport OS_IDENTITY_API_VERSION=33 O# m6 }( F# W9 o3 B+ o2 N- S7 S
export OS_IMAGE_API_VERSION=2
2 F$ H( m- g8 ?; ]& [使用脚本测试: [root@openstack-server ~]# . admin-openrc.sh/ Q. \" P/ K0 m5 h" i0 C% U. @
[root@openstack-server ~]# openstack token issue* y! @0 M# H! q& x( n& a, S' o8 G& w) M
10.安装glance:
1 V1 Z# |& y2 _4 k$ e9 B& U) R! r在Mariadb创建glance库和用户: [root@openstack-server ~]# mysql -uroot -psmoke520 -e "CREATE DATABASE glance;"8 F5 g; N$ @1 G" A
[root@openstack-server ~]# mysql -uroot -psmoke520 -e "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'glance';", @8 [% a8 c) X* g
[root@openstack-server ~]# mysql -uroot -psmoke520 -e "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'glance';"
* N* {* Y' W9 n# q) H+ P9 {# l创建glance用户,服务,端点: [root@openstack-server ~]# . admin-openrc.sh: z/ K, n' ?7 _! c* s: h
[root@openstack-server ~]# openstack user create --domain default --password-prompt glance
: r7 w% l, [& O1 c J& f, i[root@openstack-server ~]# openstack role add --project service --user glance admin
- U8 L, L6 `4 c8 L( A7 K[root@openstack-server ~]# openstack service create --name glance --description "OpenStack Image" image* `4 s" o) N" p
[root@openstack-server ~]# openstack endpoint create --region RegionOne image public http://openstack-server:92926 c+ E, |: H4 e0 K2 `
[root@openstack-server ~]# openstack endpoint create --region RegionOne image internal http://openstack-server:9292
, N3 b( \$ M% E0 ]! g& i) r[root@openstack-server ~]# openstack endpoint create --region RegionOne image admin http://openstack-server:9292( }6 d, i- x; _& e: ?: R' Z% B
安装glance:# F, q0 _/ ~! A8 ]/ L5 i% r
[root@openstack-server ~]# yum -y install openstack-glance 修改glance-api和glance-registry服务配置: [root@openstack-server ~]# vim /etc/glance/glance-api.conf
2 h) n) E q, @8 ~[database]
' K4 p# b& f; R( ]/ lconnection = mysql+pymysql://glance:glance@openstack-server/glance! t8 z1 |- b' I6 \
[keystone_authtoken]0 S7 ^. N8 D5 O( M, |
www_authenticate_uri = http://openstack-server:5000$ ^# X* {( v4 Z U2 O- n
auth_url = http://openstack-server:5000" r) o/ s8 u, B' g. p4 |' w& |$ g$ _
memcached_servers = openstack-server:11211
, B2 _7 S3 D, u Rauth_type = password
: P; } J7 |0 d0 J+ V& bproject_domain_name = Default- `: V( Q. ^0 Z) O2 X
user_domain_name = Default
# i; b2 [- N2 R+ xproject_name = service
2 i' w# u) x6 |$ V5 [5 ousername = glance
3 u' V6 n/ W( t% g4 g0 B$ ^- v5 |password = glance S0 _$ l+ ~. o# t3 d$ v
[paste_deploy]
w7 _; X: Y7 |% B' Eflavor = keystone
9 s8 e* {- L7 c: K% L6 `4 G[glance_store]0 i. m# A2 ?9 Y5 X
stores = file,http
0 K! P- e. E: x. Ndefault_store = file- _! p5 u9 U6 e, J" w3 u; W
filesystem_store_datadir = /var/lib/glance/images5 U7 s4 V9 \: _% F- O3 m+ ~5 Q
[root@openstack-server ~]# vim /etc/glance/glance-registry.conf, \9 y: b! R2 k6 K% O: f+ F# n
[database]
; E. A6 q5 H2 |( B! \7 h: ?1 Nconnection = mysql+pymysql://glance:glance@openstack-server/glance
) z2 x& U- ~ U; u3 M; d* ][keystone_authtoken]8 V5 [, E- I6 Q2 g! Q8 f( a; R
www_authenticate_uri = [url=http://openstack-server:http://openstack-server:5000; X" a, f6 V& ?
auth_url = [url=http://openstack-server:http://openstack-server:5000
5 f9 p8 Q2 {" R. W* D6 Vmemcached_servers = openstack-server:11211
9 V/ I3 r$ C& F- ^auth_type = passwordp5 x8 _$ \3 @/ ^) M
roject_domain_name = Defaultu" u C N9 \' `! ^+ @3 ]! W9 x
ser_domain_name = Default
. Z1 e3 R8 v- L% Zproject_name = serviceusername = glance
; e% g |1 X5 |password = glance& [7 Y. n& t" n2 R4 w1 d# d
[paste_deploy]
" b0 m$ W, C) t3 @4 O6 Uflavor = keystone
- f4 U# k$ O5 Q* J! Y同步glance数据库:
& q3 A! d$ H0 A* S m; D6 j- z[root@openstack-server ~]# su -s /bin/sh -c "glance-manage db_sync" glance 启动glance-api和glance-registry服务: [root@openstack-server ~]# systemctl enable openstack-glance-api.service openstack-glance-registry.service
, f0 y! M9 @5 \[root@openstack-server ~]# systemctl start openstack-glance-api.service openstack-glance-registry.service
4 y3 G- ^4 _# _+ _0 t7 n使用sdb1创建lvm用于存储镜像: [root@openstack-server ~]# fdisk -l /dev/sdb
( v8 T/ A4 B# l8 J' k磁盘 /dev/sdb:250.1 GB, 250059350016 字节,488397168 个扇区Units = 扇区 of 1 * 512 = 512 bytes4 V. D7 k1 z; ?" _, Q% ^. Q
扇区大小(逻辑/物理):512 字节 / 512 字节I/O 大小(最小/最佳):512 字节 / 512
. H2 {$ |( @1 A" L; b字节磁盘标签类型:dos磁盘标识符:0x441e1e17
v5 n0 c. q7 Y$ X0 ]; [0 a设备 Boot Start End Blocks Id System/dev/sdb1 2048 104859647 52428800 8 e Linux LVM
: B" ~) C G7 r7 r[root@openstack-server ~]# pvcreate /dev/sdb1 q5 H: g( i) b9 a9 Y
[root@openstack-server ~]# vgcreate glance-vg /dev/sdb1
$ O$ D6 X: F2 A1 D5 w+ @. y' h( j[root@openstack-server ~]# lvcreate -L 50G -n glance-lv glance-vg1 K C# p* }2 m: [/ G5 V" T8 K
[root@openstack-server ~]# mkfs.xfs /dev/glance-vg/glance-lv8 f/ J6 D- ]) i/ B& {% r0 z
[root@openstack-server ~]# blkid /dev/glance-vg/glance-lv
/ n9 M# H( ~) f4 K: E! t8 i0 z8 _3 X/dev/glance-vg/glance-lv: UUID="072c4d36-7502-484b-b857-357a870dcc87" TYPE="xfs"
9 F& C- M5 a5 M V7 Y9 G. q; o0 _. _* W" d/ H* S. a( p& g- P
[root@openstack-server ~]# vim /etc/fstab
, h9 J+ }# f5 K& oUUID=072c4d36-7502-484b-b857-357a870dcc87 /var/lib/glance/images/ xfs defaults 0 0; u" n$ P$ x' g7 L4 g7 Y+ o+ N
[root@openstack-server ~]# mount -a
5 }- y% N2 n' ?* M- ]. Q: v. `1 @# d[root@openstack-server ~]# chown -R glance:glance /var/lib/glance/* {# E( }" Y1 n1 v# ^3 v" U
4 d8 e; E1 D( H/ y& N, p* b
验证操作: [root@openstack-server ~]# . admin-openrc.sh
; K0 y8 J' t ^: L4 C2 M9 i( p E[root@openstack-server ~]# wget http://download.cirros-cloud.net ... 4.0-x86_64-disk.img3 e; ~ z/ I# `4 D; j& F
[root@openstack-server ~]# openstack image create "cirros" --file cirros-0.4.0-x86_64-disk.img --disk-format qcow2 --container-format bare --public
# V3 [6 I1 y/ C7 {[root@openstack-server ~]# openstack image list" }5 D+ d: }% d" n+ G* Y
+--------------------------------------+--------+--------+) |0 p! U4 I& Z- s6 ~: |
| ID | Name | Status |: ^, ^. F _+ G% H$ C
+--------------------------------------+--------+--------+
6 E& o& x0 A6 m: L! k: m2 q2 N, h$ K| 99b186e3-b29f-4366-ab5c-ebf5e53ef262 | cirros | active |7 h' u: m% e: u$ ? a2 Z
+--------------------------------------+--------+--------+. x' Q: W3 Q8 u5 z
11.安装nova:
- T8 r0 u# q3 L在Mariadb创建nova相关库和用户(控制节点): [root@openstack-server ~]# mysql -uroot -psmoke520 -e "CREATE DATABASE nova_api;"
! |# G, \2 C: k1 L/ u[root@openstack-server ~]# mysql -uroot -psmoke520 -e "CREATE DATABASE nova;"
1 h! u, l+ ]3 p, y+ q+ E[root@openstack-server ~]# mysql -uroot -psmoke520 -e "CREATE DATABASE nova_cell0;"
7 E5 O7 Q t3 _" Z2 w[root@openstack-server ~]# mysql -uroot -psmoke520 -e "CREATE DATABASE placement;"
; d0 s3 h4 n9 O2 W2 }- x5 X[root@openstack-server ~]# mysql -uroot -psmoke520 -e "GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'nova';"% x: B9 Z, @8 H1 @- |% K% `" q
[root@openstack-server ~]# mysql -uroot -psmoke520 -e "GRANT ALL PRIVILEGES ON nova_api.* TO 'nova''%' IDENTIFIED BY 'nova';"
. l( p" {- i3 b" O[root@openstack-server ~]# mysql -uroot -psmoke520 -e "GRANT ALL PRIVILEGES ON nova.* TO 'nova'@‘localhost' IDENTIFIED BY 'nova';"
* n( h. I' P; O- [7 t7 [# [[root@openstack-server ~]# mysql -uroot -psmoke520 -e "GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'nova';"
8 S; y7 i6 y3 }2 u* d6 o) u7 s[root@openstack-server ~]# mysql -uroot -psmoke520 -e "GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY 'nova';"
: q$ d% j# _' F; J7 S[root@openstack-server ~]# mysql -uroot -psmoke520 -e "GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY 'nova';"8 p0 R2 v9 F0 W- P; ?# Z
[root@openstack-server ~]# mysql -uroot -psmoke520 -e "GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' IDENTIFIED BY 'placement';"
# @0 s8 c4 C2 }2 d/ B[root@openstack-server ~]# mysql -uroot -psmoke520 -e "GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' IDENTIFIED BY 'placement';"
; p; y7 t! }8 F+ C6 P' Q创建nova用户,服务,端点; [root@openstack-server ~]# . admin-openrc.sh! ?& I x4 V0 p# J& O. T M
[root@openstack-server ~]# openstack user create --domain default --password-prompt nova' T) \* Y; p& `9 I* B: f; H6 b H
[root@openstack-server ~]# openstack role add --project service --user nova admin3 V' Q- D8 ?: w9 R; N R8 W
[root@openstack-server ~]# openstack service create --name nova --description "OpenStack Compute" compute
0 ], h- `; i3 {$ Z0 \[root@openstack-server ~]# openstack endpoint create --region RegionOne compute public http:/openstack-server:8774/v2.1
( q. j1 _% ^# C# O+ F. ?9 ]: k[root@openstack-server ~]# openstack endpoint create --region RegionOne compute internal http://openstack-server:8774/v2.1
6 O; `/ l% I0 O+ a4 Z# K- v[root@openstack-server ~]# openstack endpoint create --region RegionOne compute admin http://openstack-server:8774/v2.15 Z, U8 b8 \+ |( }6 ~( X0 `0 N; M% t
创建placement用户,服务,端点: [root@openstack-server ~]# openstack user create --domain default --password-prompt placement. [5 G( |# @. _& v. b
[root@openstack-server ~]# openstack role add --project service --user placement admin2 |& T9 r2 {" M2 m% {
[root@openstack-server ~]# openstack service create --name placement --description "Placement API" placement
e; k2 j/ G8 C' q/ e! } _[root@openstack-server ~]# openstack endpoint create --region RegionOne placement public http://openstack-server:87787 S. M0 i2 q' }7 D0 m* S; _
[root@openstack-server ~]# openstack endpoint create --region RegionOne placement internal http://openstack-server:8778
P$ l1 C% F9 ?! e0 ~6 h! o[root@openstack-server ~]# openstack endpoint create --region RegionOne placement admin http://openstack-server:8778% I u+ u: |( ]; E- Y$ h
安装nove-api、nova-conductor、nova-console、nova-novncproxy、nova-schedule、nova-placement-api服务(控制节点): [root@openstack-server ~]# yum -y install openstack-nova-api openstack-nova-conductor openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler openstack-nova-placement-api修改nova服务配置: [root@openstack-server ~]# vim /etc/nova/nova.conf
" H: a3 L& ~/ i; f) _4 A[DEFAULT]
6 D$ A; \$ K% s8 P4 f! ^2 Yenabled_apis=osapi_compute,metadata4 C0 w# m4 t8 E: z& i$ P9 T, G9 }
transport_url=rabbit://openstack:openstack@openstack-server3 X- R3 L `8 P) a j+ \* K
my_ip=192.168.254.10: H+ d/ Y/ Z5 {+ v2 j8 _6 p
use_neutron=true
) J3 t6 ]/ a6 Z5 Lfirewall_driver=nova.virt.firewall.NoopFirewallDriver
: {, E8 X; P& j8 e: z4 D[api_database]
, U" V4 ^. F7 ?2 F, m0 l+ ~' Sconnection=mysql+pymysql://nova:nova@openstack-server/nova_api' L; m( [! ?: h# O
[database]; p* @7 f" b& H
connection=mysql+pymysql://nova:nova@openstack-server/nova
& L& Z& l. O( D5 l; u! r4 k3 l[placement_database]
7 Y' z! S5 A0 X4 C( p4 Vconnection=mysql+pymysql://placement:placement@openstack-server/placement
8 h. N: |( D7 h2 x4 V) Q4 a[api]
9 l2 V* S/ h3 J0 ~* z6 j6 Xauth_strategy=keystone
1 ^! A# |* ]! f1 X1 L3 L2 U* k: \[keystone_authtoken]
8 d& \6 q; G# b6 `* ^auth_url=http://openstack-server:5000/v3
3 n$ B* r0 ~4 c, T amemcached_servers=openstack-server:11211* R7 l+ e9 V( k( A6 o
auth_type=password* G! S% v6 G, L2 p1 @
project_domain_name = default7 S9 O0 t( A/ X7 S" i
user_domain_name = default. d/ r# d2 }% X8 y) N; K
project_name = service4 |) y( X9 h! z+ O, |# N* ^
username = nova6 v x& I$ v p% n6 x
password = nova
/ w. R7 _) S( r- J Z[vnc]( Q6 s K( W: d, ]
enabled=true
4 P0 I" n8 y; h8 Aserver_listen=0.0.0.0
* d3 j: Q7 B7 C0 Qserver_proxyclient_address=$my_ip7 q6 R) N5 M. j6 Q- V- a9 D( B
[glance]. f( g9 o6 R5 @+ t5 L! K w
api_servers=http://openstack-server:9292
0 D' s& R5 {! h7 i! V[oslo_concurrency]7 o! i# l! {( x( P+ Y
lock_path=/var/lib/nova/tmp
& a- h$ B% ^2 _2 Y2 u s[placement]/ K( V9 |( L" _4 b0 |7 w& d
region_name=RegionOne
+ B7 x4 M4 {8 y. S9 N& j) Mproject_domain_name = Default
9 U5 G6 ?% [( Vproject_name = service
( c6 R' z$ c* g) @- g; d8 {+ ] `auth_type = password4 g" l! J$ @; m! r
user_domain_name = Default+ a3 d4 p& W4 |% q' r. z
auth_url = http://openstack-server:5000/v3
! i* v4 s+ F% q. p( pusername = placement/ @8 l% ]0 }1 E# m* S
password = placement' j, M( m/ e/ i1 B
: X: W @# x5 O: b% `
官网文档提示包bug问题,需要修改 /etc/httpd/conf.d/00-nova-placement-api.conf,添加/usr/bin相关内容到文件尾部; [root@openstack-server ~]# vim /etc/httpd/conf.d/00-nova-placement-api.conf6 J8 _# `* H' |; J
<Directory /usr/bin>' u2 y7 t2 r- ^/ ^9 J
<IfVersion >= 2.4> Require all granted </IfVersion> / K7 T; z( m7 B7 D, p8 n/ f- T/ Q
<IfVersion < 2.4> Order allow,deny Allow from all </IfVersion>/ S; P0 y2 U2 i) K$ ^6 a
</Directory>8 z1 } a) k+ x; w7 F! }
重启httpd服务:# s& @% ?1 y3 ~+ X% A
[root@openstack-server ~]# systemctl restart httpd 同步nova数据库: [root@openstack-server ~]# su -s /bin/sh -c "nova-manage api_db sync" nova
. i' L( a3 c& y& j8 q4 E[root@openstack-server ~]# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
* G) n W1 r# W/ N6 L- Z[root@openstack-server ~]# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova28087259-877a-4ff7-b2a3-a4367a1fbd8d6 L- r% |/ X; y$ k; R. `. v2 N
[root@openstack-server ~]# su -s /bin/sh -c "nova-manage db sync" nova: P1 _# R$ R/ L: o( D
[root@openstack-server ~]# su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova! Z& M& X$ r" u" a$ i0 t8 H
启动nova-api、nova-scheduler、nova-conductor、nova-novncproxy服务: [root@openstack-server ~]# systemctl enable openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
5 N# z% K# k+ R5 m! c- ][root@openstack-server ~]# systemctl start openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
% s6 \6 O8 d) t
( w, ^! N& A. K6 s安装nova-compute(计算节点):
) t' @7 e+ n7 U/ r! N e[root@openstack-server ~]# yum install openstack-nova-compute 修改nova配置文件: [root@openstack-server ~]# vim /etc/nova/nova.conf! t! \$ ~+ a& i# V [; k3 T
[DEFAULT]6 @- m0 B, E, U+ j9 V- E
enabled_apis=osapi_compute,metadata% f6 S% c% }% v$ |1 i9 n5 C( U
transport_url=rabbit://openstack:openstack@openstack-server
4 [3 i5 i1 o' d lmy_ip=192.168.254.10
+ z) N# J6 U6 y: m% J2 Juse_neutron=true
9 b! H# e3 S* k8 L. @firewall_driver=nova.virt.firewall.NoopFirewallDriver
% ^! T0 t; t# B5 U[api]0 _% l, L& X( L7 ~+ ?# \6 C- E2 i
auth_strategy=keystone
+ f0 ~$ |& b& o% M% e) ^[keystone_authtoken]
7 K/ D1 G& l% _auth_url = http://openstack-server:5000/v3
2 ?5 g! L8 T ^4 Mmemcached_servers=openstack-server:11211- B4 K; @9 h; z# T8 p$ ?) t
auth_type=password
8 M1 L' P2 \3 nproject_domain_name = default" R7 Z0 k4 A5 X2 a: e" K9 c+ W
user_domain_name = default
4 Q! S: ^7 m1 |+ V+ e% r7 C8 P+ k, [1 [project_name = service
4 B" U! E j+ A8 \4 [username = nova* [. [* ^1 e9 W; a
password = nova/ S. t b; k5 M5 T3 Z; F3 a
[vnc]) H5 C- _. |# j, c$ b- Q
enabled=true
/ n; f0 }$ G+ j) dserver_listen=0.0.0.0: @+ i$ P! }. q: q7 R& I5 O+ v5 g
server_proxyclient_address=$my_ip$ P) g3 b& J$ @ R7 {) c
novncproxy_base_url = http://openstack-server:6080/vnc_auto.html; ?, q9 I$ h/ W4 M) Y( C; B# V8 M# W
[glance]api_servers=http://openstack-server:9292$ P3 J& F3 e q* L" k# f G9 c
[oslo_concurrency]
9 A3 ^5 |& ^/ hlock_path=/var/lib/nova/tmp- X7 ?: i( A- Z* U! p
[placement]
" R U' e/ U L5 l+ s- o. _$ }; [$ Vregion_name=RegionOne
) V* n0 [) @' z0 r& e# nproject_domain_name = Default: P3 h% a/ u8 W* o7 _- u! b
project_name = service: M( Y% z8 W7 |" J' h4 b
auth_type = password
: t: P8 A9 W/ r* L/ L" Luser_domain_name = Default5 H9 C+ L: z d5 P1 ]' m, K
auth_url = http://openstack-server:5000/v3" v! |! ^& }8 }2 g' g7 C9 x
username = placementpassword = placement: L) @- D6 J7 ~2 m
查看cpu是否支持虚拟化(0代表不支持): [root@openstack-server ~]# egrep -c '(vmx|svm)' /proc/cpuinfo4修改虚拟化类型,如果不支持cpu虚拟化使用qemu,如果支持使用kvm: [root@openstack-server ~]# vim /etc/nova/nova.conf6 g7 w6 t1 E) j2 m
[libvirt]+ E6 f; M7 a) e C% l2 I) Y! T1 x
virt_type=kvm
% w# G/ e H" N% s6 @" g6 T P启动nova-compute和libvirtd服务: [root@openstack-server ~]# systemctl enable libvirtd.service openstack-nova-compute.service
! d2 |$ s, m" t4 h+ H[root@openstack-server ~]# systemctl start libvirtd.service openstack-nova-compute.service# v+ Z- _3 X" ^' T" h3 F
将计算节点cell数据库: [root@openstack-server ~]# . admin-openrc.sh
- o( L) Y/ n9 Q3 `. ?[root@openstack-server ~]# openstack compute service list --service nova-compute0 F1 d0 b2 I( b0 o
[root@openstack-server ~]# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova& ?! |0 V% A8 ]+ g8 r) r1 D
编辑nova服务配置: [root@openstack-server ~]# vim /etc/nova/nova.conf
4 I# T+ K* U' Q" h$ R" n[scheduler]: Q: Y7 \) I- E- W; v7 x. G; N
discover_hosts_in_cells_interval=300
3 j7 q' |: A7 G4 A( k G验证操作:
$ b4 V- A( C2 `3 z+ N1 _[root@openstack-server ~]# . admin-openrc.sh [root@openstack-server ~]# openstack compute service list
3 a+ _7 t5 |& D. H1 J4 O+----+----------------+------------------+----------+---------+-------+----------------------------+; U% g. E* x+ b B% ]* J6 L
| ID | Binary | Host | Zone | Status | State | Updated At |
$ @, M9 d- n& w- H+----+----------------+------------------+----------+---------+-------+----------------------------+
) o' X# o# y/ b| 1 | nova-conductor | openstack-server | internal | enabled | up | 2018-10-23T13:45:26.000000 |# K9 X* f4 V$ ^9 ]+ L8 Z4 H
| 3 | nova-scheduler | openstack-server | internal | enabled | up | 2018-10-23T13:45:26.000000 |5 ]% _9 Y k c \8 N3 M( ?
| 10 | nova-compute | openstack-server | nova | enabled | up | 2018-10-23T13:45:27.000000 |
; H* `/ f$ n" A9 y, @5 j" B+----+----------------+------------------+----------+---------+-------+----------------------------+' F" F! {- ?# ]- [2 |" [
[root@openstack-server ~]# openstack catalog list- ~$ S8 w+ k2 C! h9 q& t
+-----------+-----------+-----------------------------------------------+
# L) F, |& B$ V- a| Name | Type | Endpoints |
( J$ U5 k! D% ?' R: [" e+-----------+-----------+-----------------------------------------------+5 e8 E5 l- K9 q; o, [
| glance | image | RegionOne |
$ c1 _: V' l0 K9 h| | | internal: http://openstack-server:9292 |# X3 C! M0 ?; ~
| | | RegionOne |. F9 c2 T, C! _% ^; w
| | | public: http://openstack-server:9292 |
0 }6 G4 w) Q' Y& D| | | RegionOne |( ~1 h& ~; |" P$ `0 S/ F( s- M
| | | admin: http://openstack-server:9292 |
! L9 r* W0 O0 @" _9 Q2 ?4 s| | | |8 v4 k7 K1 ]* S0 e1 G0 N$ }1 O
| keystone | identity | RegionOne |: _& |7 R" o7 h, x* r
| | | admin: http://openstack-server:5000/v3/ |1 T8 H5 a) p- \! q
| | | RegionOne |% o, ]9 u s7 Y9 F8 q a, C* W6 O
| | | internal: http://openstack-server:5000/v3/ |
2 R$ I; d z: l. \% [' J: H| | | RegionOne |9 M; |% |1 y. a0 ~2 L
| | | public: http://openstack-server:5000/v3/ |: ]: G2 J. E2 V2 k+ b( o4 u
| | | |' N- @: E2 U2 I
| placement | placement | RegionOne | o6 Y% S- K5 f4 B
| | | public: http://openstack-server:8778 |
& G) w6 f! V1 Y5 d% a; l, || | | RegionOne |
1 {+ ~: E, u- o3 e o% a. M| | | admin: http://openstack-server:8778 |
( ?* M: G3 e1 O# J$ d| | | RegionOne |
- A1 {8 R+ _0 Z3 W1 a7 P1 ~| | | internal: http://openstack-server:8778 |$ n Y! D& E& o, f" l# _* Y
| | | |
, k0 b" f" C7 @4 h' W+ H$ r5 D6 J| nova | compute | RegionOne |' R, B9 @" P3 [$ O
| | | public: http://openstack-server:8774/v2.1 |4 ?0 Z. e2 I( _' d- d. \: A: o
| | | RegionOne |
# M$ m( M& O8 V0 T+ g a6 N| | | admin: http://openstack-server:8774/v2.1 |1 q4 m j1 N+ Z4 F1 t9 T
| | | RegionOne |
U, u; Y" s! I& T- g3 k K| | | internal: http://openstack-server:8774/v2.1 |
& R3 |9 I. h8 ]) T. F- || | | |
2 |, d& w3 h; R& q$ Q' Q) \8 ~+-----------+-----------+-----------------------------------------------+- x Q% {5 A" X% m" M+ ~4 i
; z) m! Q% T" ?+ w
9 c7 F) Z6 ^) V, {0 F; J! `
[root@openstack-server ~]# openstack image list. G" _5 v+ c. R- j$ l! W
+--------------------------------------+--------+--------+
7 O# U3 ^6 S) X& } G3 T! E| ID | Name | Status |
) ?& K8 k. j8 |0 {& ^! b4 ~+--------------------------------------+--------+--------+
+ V+ p( F, d w| 99b186e3-b29f-4366-ab5c-ebf5e53ef262 | cirros | active |
) F9 H2 A" a+ _( g B+--------------------------------------+--------+--------+
6 ?* g3 |- }! c& l j6 l. Q% H[root@openstack-server ~]# nova-status upgrade check' N( }- X3 m5 h/ J' r* g# X* L
+-------------------------------+: I1 p( c$ {/ A4 X0 o, N3 I( R
| 升级检查结果 |" F9 j! O; s+ B0 }. M
+-------------------------------+% C, ]) T. z$ S& o
| 检查: Cells v2 |
" [* c0 v) p. O7 o/ l| 结果: 成功 |: G, L% m. l$ g& H. U. n
| 详情: None |3 K- p9 P( x3 j; |* m7 M
+-------------------------------+
: ]) s2 W; T% Q q. x4 u| 检查: Placement API |: A- u+ e; U. `: j2 ]7 K5 Z3 \- ~
| 结果: 成功 |+ T* n2 I0 D5 d! M1 V5 }
| 详情: None |
5 ?* b$ p. {* }" D+ r; [+-------------------------------+
@1 W( X' O3 a| 检查: Resource Providers |
8 E; g0 {2 H$ Z( \* D| 结果: 成功 |) P; `9 Z7 P$ q0 y" g. y1 r
| 详情: None |
$ M7 p* I8 s9 ?+-------------------------------+
# q- {9 X% f5 A| 检查: Ironic Flavor Migration |1 e! K% O2 T+ U, b- F. e
| 结果: 成功 |
1 j' Q; C* V" M$ {& S| 详情: None |6 v+ j, u" n7 }2 O8 w# _3 |! r
+-------------------------------+
& S$ G, ~7 y3 i& L' e) {| 检查: API Service Version |
. O4 l' a z. N, F& r| 结果: 成功 |3 o* @$ _1 f! w6 ?0 J. M: v
| 详情: None |
. C* ?; c A1 C0 k& [5 R% e+-------------------------------+- {0 G7 M/ K+ R) L, C
| 检查: Request Spec Migration |! _) [1 t: A w; `
| 结果: 成功 |
0 M, r3 B# }) q/ ]- k) ^, G8 f| 详情: None |- k3 U3 t& X5 y/ }, M' a& O
+-------------------------------+5 d0 D9 [" f7 B: M( r; e1 J
, x, m* ^1 g+ k$ R
& A9 _3 o) E9 \8 i. z* Z9 t12.安装neutron:0 b% N3 E+ J9 c8 J
在Mariadb创建neutron相关库和用户(控制节点): [root@openstack-server ~]# mysql -uroot -psmoke520 -e "CREATE DATABASE neutron;". |, \4 X- A; G- F
[root@openstack-server ~]# mysql -uroot -psmoke520 -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'neutron';"0 P J& ]+ @& x9 W9 w" l8 a; [
[root@openstack-server ~]# mysql -uroot -psmoke520 -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'neutron';"9 S5 v5 L+ ^ [+ y3 e4 t( k
创建neutron用户、服务、端点; [root@openstack-server ~]# . admin-openrc.sh: _! R; K6 g6 I d) Y
[root@openstack-server ~]# openstack user create --domain default --password-prompt neutron( w$ I3 z3 \3 c$ ^8 {" r
[root@openstack-server ~]# openstack role add --project service --user neutron admin
, w! N' A1 B# x" |2 r/ ?# N1 W[root@openstack-server ~]# openstack service create --name neutron --description "OpenStack Networking" network
" k# G q1 s$ ^9 Y" u Z! A8 x[root@openstack-server ~]# openstack endpoint create --region RegionOne network public http://openstack-server:9696) w% o& [! [! ]) K3 s0 T) Y% d
[root@openstack-server ~]# openstack endpoint create --region RegionOne network internal http://openstack-server:9696' K" q* K, \# P
[root@openstack-server ~]# openstack endpoint create --region RegionOne network admin http://openstack-server:9696
: T a9 s7 h" }1 J5 T; L! T# @Networking Option 1: Provider networks:8 D# x( z, I5 H' h1 d5 V7 ?: X
安装neutron、neutron-ml2、neutron-linuxbridge、ebtables: [root@openstack-server ~]# yum -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables修改neutron服务配置: [root@openstack-server ~]# vim /etc/neutron/neutron.conf
E( \# y2 Y: L" s[database]
+ ? D$ b3 S2 y; N2 U+ ~connection = mysql+pymysql://neutron:neutron@openstack-server/neutron
; w; L5 v0 @/ o. o6 D6 I5 O9 O8 r8 Y[DEFAULT]
, `1 P! B% M& Kcore_plugin = ml2- t# W% d5 m4 T
transport_url = rabbit://openstack:openstack@openstack-server+ c: V) k- s& H: o! _* g0 E
auth_strategy = keystone$ V, k9 ]" M- _, |; C, n
notify_nova_on_port_status_changes = true
! B8 d& B# t5 H, s8 ^3 z- S9 enotify_nova_on_port_data_changes = true
* G% q& J0 h1 @4 F, n# Q[keystone_authtoken]
" Z- x6 ^2 C8 d/ s7 Kwww_authenticate_uri = http://openstack-server:5000
, r4 z9 T7 U$ u0 V" _% f& P( iauth_url = http://openstack-server:5000) W/ I# n2 F' h' B6 I
memcached_servers = openstack-server:112114 x1 R0 J, y, s' w2 T
auth_type = password
, @) X2 ~$ m4 U9 }6 ~" ]$ t, Gproject_domain_name = default
% a t6 m: C' xuser_domain_name = default( h0 Q% Y1 `# A0 |5 g6 i
project_name = service
7 t R9 A3 n2 V! B3 lusername = neutron# i, K) `1 J5 x0 ~, Q
password = neutron2 P/ E# h1 g. J1 W6 B' C* ]" ]
[nova]. T$ t# S7 z- T* }3 ^" M0 W# Q; G
auth_url = http://openstack-server:50009 _# n$ |( P/ M& U K) q v' C
auth_type = password" E+ {- ?& J1 R! V1 b- y
project_domain_name = default
6 n7 I# M, w4 X" Quser_domain_name = default
% p- e3 u$ s/ H9 r: ], _region_name = RegionOne
3 C9 x6 P8 A1 M6 n' kproject_name = service
8 v9 m( D4 I% N* ^username = nova9 I1 V+ c/ `( V' r; E2 [
password = nova
. F4 _9 u4 D a6 q/ {[oslo_concurrency]
, y/ W5 Z7 q8 L" h! H6 ?lock_path = /var/lib/neutron/tmp
# x/ [4 V6 |5 j6 F. O修改ml2配置文件: [root@openstack-server ~]# vim /etc/neutron/plugins/ml2/ml2_conf.ini
& M, z: H5 ^, i, o) p5 Y9 J5 M2 S[ml2]
: `$ v I& r& v, r3 V& _4 Gtype_drivers = flat,vlan1 L5 @+ U% c0 v; \4 d7 L; |! K/ [
tenant_network_types = flat7 K, g( \: T6 W7 |; |. N
mechanism_drivers = linuxbridge
0 U8 e0 K$ k) b! {extension_drivers = port_security
- Q8 n7 K' m4 A+ e6 [! B[ml2_type_flat]
* O7 r9 h5 }% v8 @5 ~/ [3 G" aflat_networks = provider2 [/ J4 r+ p; d3 D( H* O
[securitygroup]; ]( C0 R% b% `
enable_ipset = true
! m" d( i% m. V& X n6 e" `修改linuxbridge_agent配置文件: [root@openstack-server ~]# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini* G( x* @, d- A @, N/ |+ o! _
[linux_bridge]
& F. ]4 ^7 G5 V8 M# P8 F3 Aphysical_interface_mappings = provider:enp4s0- Q/ F- Y2 s/ e v0 X" w9 ^/ b& Z
[vxlan]# v1 w8 R* n3 S: B
enable_vxlan = false
+ G# A$ _! l- ?1 E" I8 O, I[securitygroup]
- E4 d" O2 a& N+ h; eenable_security_group = true: u) x) y7 x7 i3 i9 n5 F8 Q# X
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver' h% k! f- s% ^# z
开启系统内核支持网络桥防火墙: [root@openstack-server ~]# modprobe bridge
! P+ j5 f4 E M5 n' B5 B, c9 `2 s[root@openstack-server ~]# modprobe br_netfilter
( N' [8 R$ A0 n[root@openstack-server ~]# vim /etc/sysctl.conf
$ n$ Q: T. F- O3 ^. X3 S0 snet.bridge.bridge-nf-call-iptables = 18 E$ G# F d( o' M, L: M8 i# B
net.bridge.bridge-nf-call-ip6tables = 1
( |( d/ A% c" s4 Q[root@openstack-server ~]# sysctl -p /etc/sysctl.conf
" _, K5 X& P% P, Y& g修改dhcp_agent配置文件: [root@openstack-server ~]# vim /etc/neutron/dhcp_agent.ini
0 O# m+ Y9 I1 ^! n3 \8 W/ h[DEFAULT]
( _6 Q3 P! p' I0 P- \3 Hinterface_driver = linuxbridge7 N1 w) ^+ B3 j* v( v9 ^- e
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq0 {: K- n( |6 r1 O; u
enable_isolated_metadata = true
) o! L4 A) E/ W, _8 r/ u/ ]Networking Option 2: Self-service networks:
$ R2 k- h% h9 }# c( M+ w安装openstack-neutron、openstack-neutron-ml2、openstack-neutron-linuxbridge、ebtables服务; [root@openstack-server ~]# yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables修改neutron服务配置: [root@openstack-server ~]# vim /etc/neutron/neutron.conf
5 p" P+ _0 g' F5 e[database]8 J6 v1 z4 o6 N; L0 u. _
connection = mysql+pymysql://neutron:neutron@openstack-server/neutron
% x' c! |& T N: [[DEFAULT]
8 I/ C+ s1 m6 |. H* Acore_plugin = ml2
, x2 t8 }- @! {/ eservice_plugins = router: D9 j* u' N* U' P% o4 Z, ]
transport_url = rabbit://openstack:openstack@openstack-server8 g1 ^2 j8 @- S) |5 r
auth_strategy = keystone
5 B" R/ K' e0 P# Wnotify_nova_on_port_status_changes = true
& o* t( o: N4 K) Ynotify_nova_on_port_data_changes = true
; w" p' ?. Z( N; P; F- X[keystone_authtoken]0 ~) i5 l, y' E, Q2 c" E
www_authenticate_uri = http://openstack-server:5000
; n4 b( p7 i5 N# q& N9 g# g9 bauth_url = http://openstack-server:5000
' e Y1 R% L0 _; | \+ n6 mmemcached_servers = openstack-server:112116 U9 g& b0 n2 d2 E3 P; Y) c6 A- z0 e
auth_type = password. h% q. o7 j1 a* o& f; E
project_domain_name = default! P& D; W5 [6 P& k: s
user_domain_name = default
1 j4 ]/ m1 ?* Jproject_name = service- N! L. ?- o& e# Q2 H- K) z7 V
username = neutron- ]& `1 A2 l5 Q- D0 A! p) n x
password = neutron
2 E* P& P" J' {8 v5 Y( {[nova]( V* a# u; k0 G- M; R
auth_url = http://openstack-server:5000
; b6 H$ W7 t1 |1 v- Qauth_type = password* G- G+ T7 v! v( ~0 f) \
project_domain_name = default
- C) p; y! w1 q/ nuser_domain_name = default
# G5 \ \9 o% Z5 B; d* Kregion_name = RegionOne' m, n* }) }" V! o
project_name = service
* H' x' k1 y6 Z9 T( w. s; y9 J/ B7 a( Pusername = nova
5 p$ Z; S/ a# Q; n: ~4 }password = nova! o; |0 h! |" Q3 F
[oslo_concurrency]
- v" x/ {( L1 J( }, ulock_path = /var/lib/neutron/tmp }9 ?* l \1 E: s7 `; u2 U
: m& g( c) r* q: I# @
- K0 Q- p8 f' h N6 _6 F3 {修改ml2配置文件: [root@openstack-server ~]# vim /etc/neutron/plugins/ml2/ml2_conf.ini2 ?: W" {: e" h6 G5 r, C8 L. k
[ml2]
$ o6 j7 @0 B) Qtype_drivers = flat,vlan,vxlan
0 M9 h- E# T0 r5 `* y6 {tenant_network_types = vxlan. E) M4 B3 [) z2 e
mechanism_drivers = linuxbridge,l2population( m) v f& l" K. a
extension_drivers = port_security
* r; R2 G7 @. C! _9 j[ml2_type_flat]1 w U9 Y* {! k/ Q K
flat_networks = provider
8 B |5 T# `& [5 R9 L[ml2_type_vxlan]# E( |! I5 [, \' s
vni_ranges = 1:1000
" ~/ L3 \7 F/ s9 h3 V[securitygroup] ^, K% I4 O1 t$ Q- I& e
enable_ipset = true
: B) b) u S+ q* a4 z5 ?修改linuxbridge_agent配置文件: [root@openstack-server ~]# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
' Y4 m( m6 m! D% z i! h[linux_bridge]
1 U) S. E, Q0 dphysical_interface_mappings = provider:enp4s06 w, z% V" e) A) u
[vxlan]
( Q" r6 V" z) }# Venable_vxlan = true
1 }' n" d" O, I) |! L. `local_ip = 192.168.254.10" m) Y& t6 n8 F
l2_population = true1 ~; e5 k* H Y% t7 a- Y7 d
[securitygroup]
: T9 l$ i* U3 E/ e% L, u2 Venable_security_group = true& F; W: c' {" I5 n) o
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
6 X! G8 h9 p& m- G. X/ o% w5 {8 L4 d开启系统内核支持网络桥防火墙: [root@openstack-server ~]# modprobe bridge; ^+ A" G) }4 e6 L' E0 I& K( S- k
[root@openstack-server ~]# modprobe br_netfilter2 V3 s# r2 \* f6 E- Y" m/ S4 K
[root@openstack-server ~]# vim /etc/sysctl.conf
, Q; i3 n: _, f3 u& }net.bridge.bridge-nf-call-iptables = 1% D* O; V" ^7 e3 u# `5 K
net.bridge.bridge-nf-call-ip6tables = 1
- a! s/ U v: f3 Q[root@openstack-server ~]# sysctl -p /etc/sysctl.conf) b5 r9 f/ y/ N5 p9 v1 `3 P3 h- z8 F
修改layer-3_agent配置文件: [root@openstack-server ~]# vim /etc/neutron/l3_agent.ini9 d- G* B' A9 D7 b; r4 V/ j
[DEFAULT]
+ l$ h6 Y& D; z8 hinterface_driver = linuxbridge: K4 i1 }- ^- o3 G/ e8 M/ z( p5 Z
修改dhcp_agent配置文件: [root@openstack-server ~]# vim /etc/neutron/dhcp_agent.ini u- H0 B# d* C- C, [5 d& l0 W/ s
[DEFAULT]5 D4 ?, c3 ]) b( q% |6 x
interface_driver = linuxbridge
5 ?( f1 j/ b. r' g$ U& Ydhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
) r6 B; a' I$ O3 f! zenable_isolated_metadata = true [$ _% H# a T, N; b
修改metadata_agent配置文件: [root@openstack-server ~]# vim /etc/neutroNetworking Option 2: Self-service networks:n/metadata_agent.ini+ p8 t' K/ u+ C7 {% S
[DEFAULT]
- x0 D6 V% L8 C7 H! p$ inova_metadata_host = openstack-server' X0 p3 B* B6 `5 y
metadata_proxy_shared_secret = neutron(neutron和nova通信共享秘钥)
( G3 Z i F1 q( W% j5 _" x" E修改nova服务配置: [root@openstack-server ~]# vim /etc/nova/nova.conf$ w6 a: @ V8 \: ?& b* B1 `% B6 J
[neutron]
$ ]; I* ?, x0 y0 P# O9 Purl = http://openstack-server:9696
6 _6 U8 |% t3 y" e' U" {2 Wauth_url = http://openstack-server:5000
0 ~7 l4 d4 l" |6 o; U' N- ~ jauth_type = password
! o4 p4 G. O: G3 o. Jproject_domain_name = default
0 a" j0 W ^! P* |user_domain_name = default* a X- Y2 v& x' q9 Y
region_name = RegionOne2 R! J5 c. h: F" ^1 ~, p
project_name = service) A9 d; n) h- a1 T
username = neutron
+ S: P4 U3 [: |+ |7 }) Opassword = neutron7 h/ z6 h- v L1 q2 g, L
service_metadata_proxy = true
6 {. P; K% s! m9 fmetadata_proxy_shared_secret = neutron(nova和neutron通信共享秘钥)6 f" w) c2 R/ R7 k( [
创建网络服务初始化脚本软连接:
! V: o7 f$ x. V/ W' E3 i7 r[root@openstack-server ~]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini 同步neutron数据库: [root@openstack-server ~]# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron重启nova-api服务:
' }$ k. l2 F. l& T* O: a6 q. U[root@openstack-server ~]# systemctl restart openstack-nova-api.service 启动neutron-server、 neutron-linuxbridge-agent、neutron-dhcp-agent、neutron-metadata-agent服务: [root@openstack-server ~]# systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
. ?2 p) W0 j* ?+ s[root@openstack-server ~]# systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
2 S9 V9 N9 o- n) N& C) `. z# ~如果使用Networking Option 2: Self-service networks还需要启动neutron-l3-agent服务: [root@openstack-server ~]# systemctl enable neutron-l3-agent.service+ V# Q/ F a$ o9 d8 `6 t
[root@openstack-server ~]# systemctl start neutron-l3-agent.service, k1 [$ x1 Y& j% {$ ]0 O
安装openstack-neutron-linuxbridge、ebtables、ipset(计算节点):9 h% g a E- I% X
[root@openstack-server ~]# yum install openstack-neutron-linuxbridge ebtables ipset 修改neutron服务配置: [root@openstack-server ~]# vim /etc/neutron/neutron.conf* i2 R9 P- F/ \! V( `% k
[DEFAULT]; X$ b% G- F- H( Y
transport_url = rabbit://openstack:openstack@openstack-server) C8 c6 _% u, H3 F* ?5 Q
auth_strategy = keystone
4 w4 K# z6 M+ U/ l5 U[keystone_authtoken]
: z5 ^# @+ S7 P9 owww_authenticate_uri = http://openstack-server:5000" I3 }, e$ K) Z9 a- Y/ A# t. y
auth_url = http://openstack-server:50000 ^5 f8 ]. ^$ g) Y% F
memcached_servers = openstack-server:11211: Z7 F1 l& @; \5 ]
auth_type = passwordp
+ r4 F# Y; `: A& \$ _roject_domain_name = defaultu4 n1 p7 i3 O" `6 ]8 K/ t
ser_domain_name = default# `! @: o8 S0 E7 P! h2 I. V
project_name = service) [7 F- Q- u9 |8 m
username = neutron
: r" \, ~1 u4 k" G9 d1 fpassword = neutron
, E$ t1 s: m0 B& A& u2 z7 P. V$ }[oslo_concurrency]' V5 s/ f- P1 ?8 s: d
lock_path = /var/lib/neutron/tmp [; Y% V$ S i* F9 D- `9 r
" W% |1 f ?$ }5 C7 g. v9 ?. d
8 i1 e- t9 d; M0 E9 T
Networking Option 1: Provider networks:
5 O7 E) ~9 ~( X$ l5 o! s修改linuxbridge_agent配置文件: [root@openstack-server ~]# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini7 G: G6 d3 u& x; Y1 b" }: J7 p6 L
[linux_bridge]physical_interface_mappings = provider:enp4s0
; o. j+ u, `" {' F; i& ]8 @[vxlan]enable_vxlan = false
" D5 R: O( t+ [: {% `. m3 a[securitygroup]
4 m' V8 j0 j U8 D1 [; l1 denable_security_group = true0 ~& Y4 P0 B/ p n! e, h
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
2 o$ _. ~% t' Q& C/ ~开启系统内核支持网络桥防火墙: [root@openstack-server ~]# modprobe bridge
0 _# T1 r6 p" s" }/ k2 z$ L' P# {[root@openstack-server ~]# modprobe br_netfilter# A8 ?" k! t! v/ n3 b# R
[root@openstack-server ~]# cat >> /etc/sysctl.conf << EOF
9 p% h# j# H0 s6 G5 E> net.bridge.bridge-nf-call-iptables = 1& h& z" i* j% W; Z6 v8 W8 k0 V
> net.bridge.bridge-nf-call-ip6tables = 1 j% Y+ T7 a [9 v1 g1 X" Z& s- m
> EOF$ ? f( _0 y. I9 o( o0 y+ R+ g
[root@openstack-server ~]# sysctl -p /etc/sysctl.conf
- o, C2 i, p7 a$ |1 w$ aNetworking Option 2: Self-service networks:
. g( ?# X6 O& t0 i; z修改linuxbridge_agent配置文件: [root@openstack-server ~]# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
7 K5 R4 y. s4 ^1 n2 l[linux_bridge]
' K1 l- L3 ~# @ Uphysical_interface_mappings = provider:enp4s0/ {2 Q& q0 c& {3 Z8 w0 j7 Y, F
[vxlan]# H4 _6 e: y0 ]- {+ N" i; b& D
enable_vxlan = true9 G. W1 W9 N2 B9 J9 J* U! G. S
local_ip = 192.168.254.10
/ [4 _, ]2 W3 k# Ml2_population = true2 Y5 @# a8 z1 N& j0 X
[securitygroup]
; G" ]0 y( F1 x7 c4 `2 ^enable_security_group = true
' ^6 }9 l$ U# n+ ~1 Tfirewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver3 ?! [0 Z0 ? x& _ O2 @6 ]3 V% Q: ]
开启系统内核支持网络桥防火墙: [root@openstack-server ~]# modprobe bridge6 {1 J$ ~8 s) t0 |6 m
[root@openstack-server ~]# modprobe br_netfilter
8 w+ q4 f; c+ S, a# V" o[root@openstack-server ~]# cat >> /etc/sysctl.conf << EOF! _) l& n' o7 G0 c
> net.bridge.bridge-nf-call-iptables = 1
; h$ n; Z0 v& t" l0 p+ ~* u> net.bridge.bridge-nf-call-ip6tables = 1
2 @% \5 ]1 }8 Q8 @! ~) \! ]> EOF4 b2 ^0 g. |& W; H& [' [4 F V
4 _( G0 h3 Z5 p
[root@openstack-server ~]# sysctl -p /etc/sysctl.conf/ o3 \5 ~8 y5 j
修改nova服务配置: [root@openstack-server ~]# vim /etc/nova/nova.conf
8 \' X) j* R( s& l[neutron]& _7 t0 s2 |9 C0 [6 w R
url = http://openstack-server:9696
/ Y; |, Q: _) i; @" P8 L' uauth_url = http://openstack-server:5000+ w3 \6 N# w8 V3 `8 V8 U/ Y2 k
auth_type = password
1 \) N+ O" G, ~; W; L) Eproject_domain_name = default
, Z! U7 I0 ]5 J( d9 Ouser_domain_name = default& @8 M, J8 k ~" h) g) ~
region_name = RegionOnep+ J# I- e4 G! B1 o* C- m. e: d6 U% U: U
roject_name = service
! U! o5 |" T9 F; y$ ^username = neutron
8 h2 g! s1 o2 a. ^( a( Vpassword = neutron* i" s( J2 g( P9 l* [
重启nova-compute服务(控制节点):, a* a3 `1 I: g5 y. g6 m* e" |* w
[root@openstack-server ~]# systemctl restart openstack-nova-compute.service 启动neutron-linuxbridge-agent服务: [root@openstack-server ~]# systemctl enable neutron-linuxbridge-agent.service
% u7 Q: v/ l, P+ t[root@openstack-server ~]# systemctl start neutron-linuxbridge-agent.service
) ]# l6 ~& R; y- A验证操作:& I, _- g {1 O+ V
[root@openstack-server ~]# . admin-openrc.sh [root@openstack-server ~]# openstack extension list --network" E" g; E; c0 u0 n3 L
+-----------------------------------------------------------------------------------------------------------------------------------------+--------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------+
) b9 X& [$ a! s| Name | Alias | Description |
" X- I3 N. E6 l+-----------------------------------------------------------------------------------------------------------------------------------------+--------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------+
3 o8 j) _8 k% J2 W5 R L' Q9 M, t| Default Subnetpools | default-subnetpools | Provides ability to mark and use a subnetpool as the default. |/ y9 u9 R0 t* o) Z. }4 k* n. R
| Network IP Availability | network-ip-availability | Provides IP availability data for each network and subnet. |5 |" K$ e! n( R" @. @6 r( f M6 a
| Network Availability Zone | network_availability_zone | Availability zone support for network. |
# T& q ?- f9 z1 || Network MTU (writable) | net-mtu-writable | Provides a writable MTU attribute for a network resource. | j8 h5 N2 { G$ f3 `' z0 j4 A
| Port Binding | binding | Expose port bindings of a virtual port to external application |
, n& i% m/ u- K4 _( i$ |4 ]5 w| agent | agent | The agent management extension. |
3 i; ^' y1 r' S `| Subnet Allocation | subnet_allocation | Enables allocation of subnets from a subnet pool |; H- y9 u, B- _ T4 u' f8 B
| DHCP Agent Scheduler | dhcp_agent_scheduler | Schedule networks among dhcp agents |
4 \" b: O& N# R2 H| Neutron external network | external-net | Adds external network attribute to network resource. |5 h* t. c6 y3 O2 M
| Neutron Service Flavors | flavors | Flavor specification for Neutron advanced services. |3 d# x5 m; H$ s- S! J( ^- i
| Network MTU | net-mtu | Provides MTU attribute for a network resource. |
, Z7 b" R/ w9 X" E: ^* \% ^7 ]| Availability Zone | availability_zone | The availability zone extension. |5 }: |2 c. k& F) ?! g8 D! @
| Quota management support | quotas | Expose functions for quotas management per tenant |
& B8 R; L6 |% P# i| Tag support for resources with standard attribute: subnet, trunk, router, network, policy, subnetpool, port, security_group, floatingip | standard-attr-tag | Enables to set tag on resources with standard attribute. |4 R" x4 L' f4 k0 l
| Availability Zone Filter Extension | availability_zone_filter | Add filter parameters to AvailabilityZone resource |. |0 B4 ?6 }+ B' Q u/ ?9 h
| If-Match constraints based on revision_number | revision-if-match | Extension indicating that If-Match based on revision_number is supported. |3 R# |8 `& _6 g# o% I+ S* G
| Filter parameters validation | filter-validation | Provides validation on filter parameters. |
& h$ z) [" r& E* y1 u, [/ G| Multi Provider Network | multi-provider | Expose mapping of virtual networks to multiple physical networks |* k6 a4 w' p' K. W, t
| Quota details management support | quota_details | Expose functions for quotas usage statistics per project |$ ?6 D! i6 X/ F% @" T
| Address scope | address-scope | Address scopes extension. |
2 y5 E V0 g. G' T8 Y. I1 i| Empty String Filtering Extension | empty-string-filtering | Allow filtering by attributes with empty string value |
/ B: O8 g- M+ P7 U6 ]| Subnet service types | subnet-service-types | Provides ability to set the subnet service_types field |- K3 c+ G6 w) {- i: |8 W, j
| Neutron Port MAC address regenerate | port-mac-address-regenerate | Network port MAC address regenerate |" m; Q- ~: ~0 m
| Resource timestamps | standard-attr-timestamp | Adds created_at and updated_at fields to all Neutron resources that have Neutron standard attributes. |5 ^/ @$ d" O% y& y3 d- w7 \# ^
| Provider Network | provider | Expose mapping of virtual networks to physical networks |
% ~) ?4 S7 K O| Neutron Service Type Management | service-type | API for retrieving service providers for Neutron advanced services |$ T1 d4 d" E& a! [( I; }
| Neutron Extra DHCP options | extra_dhcp_opt | Extra options configuration for DHCP. For example PXE boot options to DHCP clients can be specified (e.g. tftp-server, server-ip-address, bootfile-name) |; S7 ]7 |! ~, X! ?: ?/ z9 g
| Port filtering on security groups | port-security-groups-filtering | Provides security groups filtering when listing ports |/ d5 n! ~4 V( x" B% H
|Resource revision numbers | standard-attr-revisions | This extension will display the revision number of neutron resources. |
0 h+ T+ v- S6 D" h7 F/ R| Pagination support | pagination | Extension that indicates that pagination is enabled. |% Y8 c# \7 x! `% L! ]; h! X
| Sorting support | sorting | Extension that indicates that sorting is enabled. |
9 f) s( M, `; }: l4 N| security-group | security-group | The security groups extension. |
+ r0 {! t* w" y+ @7 }1 K| RBAC Policies | rbac-policies | Allows creation and modification of policies that control tenant access to resources. |
/ o9 c9 `- K( [% u9 |. e| standard-attr-description | standard-attr-description | Extension to add descriptions to standard attributes |# r I: s2 y& e X' `. \9 R
| IP address substring filtering | ip-substring-filtering | Provides IP address substring filtering when listing ports |
% b- m6 x* D- t/ f: p/ Y( _| Port Security | port-security | Provides port security |
! s) D" ]6 n% P, t; w0 }| Allowed Address Pairs | allowed-address-pairs | Provides allowed address pairs |+ Y. c4 F8 p0 T$ G; H
| project_id field enabled | project-id | Extension that indicates that project_id field is enabled. |7 ~/ v* d2 Q/ _3 [7 P+ \
| Port Bindings Extended | binding-extended | Expose port bindings of a virtual port to external application |
1 q- Q) V/ g/ g: k1 l: i+-----------------------------------------------------------------------------------------------------------------------------------------+--------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------+
q' B. Q& m% P/ S, l1 k' ~[root@openstack-server ~]# openstack network agent list/ F+ l. I6 G( S8 G
+--------------------------------------+--------------------+------------------+-------------------+-------+-------+---------------------------+
2 ?9 r- F- R6 j7 I) C8 [| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
! c5 n$ M5 M* ^0 I1 z+--------------------------------------+--------------------+------------------+-------------------+-------+-------+---------------------------+& J* ]0 C. t6 D$ f/ @9 X# G
| 12d016a1-f747-49cc-b6be-0d793877d394 | Linux bridge agent | openstack-server | None | :-) | UP | neutron-linuxbridge-agent |
# }' E' V' N' r6 e* a| 9639fcea-da54-4bad-b3a6-16ffb96f3243 | Metadata agent | openstack-server | None | :-) | UP | neutron-metadata-agent |
5 d) q; W1 f# s" X% l" N| dc6d79c5-62e0-48fb-8a19-556b68bc7063 | DHCP agent | openstack-server | nova | :-) | UP | neutron-dhcp-agent |% b: ]5 @: a# B. m
+--------------------------------------+--------------------+------------------+-------------------+-------+-------+---------------------------+8 p/ r0 A/ V7 M ]0 g2 x$ t; s
13.安装Dashboard:, O& R7 L$ x, A% q( T
安装openstack-dashboard(控制节点):, z2 F( I8 b/ d3 X
[root@openstack-server ~]# yum -y install openstack-dashboard 修改dashboard配置文件: [root@openstack-server ~]# vim /etc/openstack-dashboard/local_settings5 T' a0 k) y2 G# c; _) W
OPENSTACK_HOST = "openstack-server"8 Y) H" y8 G6 R2 I5 b& p
ALLOWED_HOSTS = ['openstack-server', 'localhost']( Y& _ n9 M3 ~ Y/ B: f# l) u S
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
( k1 k i0 a0 _, x$ YCACHES = { 'default': { 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', 'LOCATION': 'openstack-server:11211', }}
+ e, T- q& n; [& e! aOPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST/ _; r& P* I4 g" W
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
4 i. \+ r# |$ x1 F4 G- c. }- SOPENSTACK_API_VERSIONS = { "identity": 3, "image": 2, "volume": 2,}# U/ |+ d) ^2 A7 Z8 ~ F. R
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'Default'
" ^7 s* W; Y8 n# X; S' H( COPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"
0 ?' h. d$ `7 z# e) U& ^OPENSTACK_NEUTRON_NETWORK = { 'enable_router': False, 'enable_quotas': False, 'enable_distributed_router': False, 'enable_ha_router': False, 'enable_lb': False, 'enable_firewall': False, 'enable_***': False, 'enable_fip_topology_check': False,}! B4 A, ^* x% }. O- Y5 S9 _$ B+ @ Z- C
TIME_ZONE = "Asia/Shanghai"
# q; l" x i; X! H$ q4 T5 k修改openstack-dashboard服务配置: [root@openstack-server ~]# vim /etc/httpd/conf.d/openstack-dashboard.conf
: E; m5 J$ T' a) pWSGIApplicationGroup %{GLOBAL}
0 n/ Q' b9 v. T" [/ P1 P重启httpd服务:
% N+ g; ]( ^5 D( H# c2 s# d8 L[root@openstack-server ~]# systemctl restart httpd.service memcached.service 验证操作:
9 d8 s5 _) C1 ], j通过浏览器访问http://openstack-server/dashboard 输入域default,账号myuser,密码myuser; # Z& v, m% V% O' {9 z: y0 m, x5 m
 14.安装cinder:
7 n1 o( G8 J) L% |) c在Mariadb创建cinder相关库和用户(控制节点): [root@openstack-server ~]# mysql -uroot -psmoke520 -e "CREATE DATABASE cinder;"! k( T/ v( [/ U5 j" j' x
[root@openstack-server ~]# mysql -uroot -psmoke520 -e "GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY 'cinder';"* P. N& t' l7 b
[root@openstack-server ~]# mysql -uroot -psmoke520 -e "GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY 'cinder';"
7 k8 A, K/ z% ^/ a8 p创建cinder用户、服务、端点; [root@openstack-server ~]# . admin-openrc.sh) ~& X3 |$ F. ?# [" r" j
[root@openstack-server ~]# openstack user create --domain default --password-prompt cinder
4 z; N; S$ ?4 ~& A B& U[root@openstack-server ~]# openstack role add --project service --user cinder admin% E l! o) y$ T# @
[root@openstack-server ~]# openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2
8 S. W; g6 c" b[root@openstack-server ~]# openstack service create --name cinderv3 --description "OpenStack Block Storage" volumev3* E8 U8 C/ _$ p$ U, N
[root@openstack-server ~]# openstack endpoint create --region RegionOne volumev2 public http://openstack-server:8776/v2/%\(project_id\)s' o3 j3 I% F& |2 n
[root@openstack-server ~]# openstack endpoint create --region RegionOne volumev2 internal http://openstack-server:8776/v2/%\(project_id\)s+ e: r& |5 Y' ]2 ^5 g
[root@openstack-server ~]# openstack endpoint create --region RegionOne volumev2 admin http://openstack-server:8776/v2/%\(project_id\)s' p) j5 @: I0 z, U4 x! V
[root@openstack-server ~]# openstack endpoint create --region RegionOne volumev3 public http://openstack-server:8776/v3/%\(project_id\)s2 h5 A+ J3 A8 _, Z
[root@openstack-server ~]# openstack endpoint create --region RegionOne volumev3 internal http://openstack-server:8776/v3/%\(project_id\)s
# A( q6 i& ^1 x9 ?) E8 N* v[root@openstack-server ~]# openstack endpoint create --region RegionOne volumev3 admin http://openstack-server:8776/v3/%\(project_id\)s
) B+ O" }- H. X1 N! h安装openstack-cinder:
$ j1 w- l* u% H% S) }! h; T3 R: g[root@openstack-server ~]# yum -y install openstack-cinder 修改cinder服务配置:
7 v' m8 ?* [! b T[root@openstack-server ~]# vim /etc/cinder/cinder.conf [database]; h* n8 t& m8 v* i( Z
connection = mysql+pymysql://cinder:cinder@openstack-server/cinder( p2 f7 ^9 `) U
[DEFAULT]
* R- Y" H9 b; K/ I4 F& z* ztransport_url = rabbit://openstack:openstack@openstack-server
/ Q& r$ e2 M( L6 @" C5 a; [auth_strategy = keystone
" f5 h* e+ b* Q* |9 c) ]0 w! tmy_ip = 192.168.254.10
/ k( b7 u% f# A. n6 X, T, H[keystone_authtoken]) J* l' l, C& j. _- S; X) b
auth_uri = http://openstack-server:5000
9 `6 u# ^6 Y5 S9 c+ _: eauth_url = http://openstack-server:5000
1 l3 n' O$ w! r; Z( Y8 y5 H v4 d" l' A: ?memcached_servers = openstack-server:112117 q2 @6 r2 ]& S0 {& B/ q9 G
auth_type = password
- {6 V5 f6 L8 `) B1 Zproject_domain_id = default7 w" t7 R1 H! m, j7 ^* q6 u
user_domain_id = default9 [ m9 ?# V. {& V0 B- g: q
project_name = serviceu
' j! r. ^2 A7 U" A2 Q* @* y9 fsername = cinder
4 G/ i/ ?$ ^2 h& ~/ ~; P) h5 Vpassword = cinder
& u u. [* I3 n$ E6 H# g" ?$ p[oslo_concurrency]
8 n [* H& Z) A/ `2 g, H1 Q+ |lock_path = /var/lib/cinder/tmp: _' `; S* b. Q0 c- i/ m
同步cinder数据库:
- ?( ^- Y) w" U2 o[root@openstack-server ~]# su -s /bin/sh -c "cinder-manage db sync" cinder 修改nova服务配置: [root@openstack-server ~]# vim /etc/nova/nova.conf2 S- p5 I1 |/ h8 m' J/ {
[cinder]6 h @8 y3 s4 N: u
os_region_name = RegionOne7 U8 q9 N0 I6 R5 [& E8 t' j
重启nova-api服务:; D2 v: b/ T0 J* v+ M2 V* \
[root@openstack-server ~]# systemctl restart openstack-nova-api.service 启动cinder-api、cinder-scheduler服务: [root@openstack-server ~]# systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service
( E: ~3 P/ F; ?2 D/ _ y% y) L8 v8 |[root@openstack-server ~]# systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service% G9 B/ T/ h) E9 x a$ A1 R
安装lvm2、device-mapper-persistent-data(计算节点):, {$ ?! t4 `# g! C0 a: H
[root@openstack-server ~]# yum -y install lvm2 device-mapper-persistent-data 启动lvm2-lvmetad服务: [root@openstack-server ~]# systemctl enable lvm2-lvmetad.service$ V$ ]8 G7 c& z. T6 T' E$ q
[root@openstack-server ~]# systemctl start lvm2-lvmetad.service
2 f: c1 a3 m* J/ I ~! b% g将/dev/sdb2作为vlm块存储设备: [root@openstack-server ~]# fdisk -l /dev/sdb m, \- [' Z8 H5 L8 B
磁盘 /dev/sdb:250.1 GB, 250059350016 字节,488397168 个扇区Units = 扇区 of 1 * 512 = 512 bytes扇区大小(逻辑/物理):512 字节 / 512 字节I/O 大小(最小/最佳):512 字节 / 512 字节磁盘标签类型:dos磁盘标识符:0x441e1e17 8 H9 X% K5 @. A7 Q+ H- T' P
设备 Boot Start End Blocks Id System/dev/sdb1 2048 106956799 53477376 8e Linux LVM/dev/sdb2 106956800 276826111 84934656 8e Linux LVM% [6 S: I* f! T7 \7 O2 Y
[root@openstack-server ~]# pvcreate /dev/sdb2
8 [2 h% p' r9 b1 p+ {[root@openstack-server ~]# vgcreate cinder-volumes /dev/sdb2
5 ^3 D9 e% D8 B( y$ m( T2 M6 W修改lvm配置文件: [root@openstack-server ~]# vim /etc/lvm/lvm.conf4 ~$ e2 I% b+ R4 I8 v, C' _7 i: I; ?
devices {...filter = [ "a/sdb2/","r/.*/"]...}
6 J; o5 E2 I9 n' N( m安装openstack-cinder、targetcli python-keystone服务:4 G$ o' c! l, n* J
[root@openstack-server ~]# yum -y install openstack-cinder targetcli python-keystone 修改cinder服务配置: [root@openstack-server ~]# vim /etc/cinder/cinder.conf( S' W5 U$ }2 m- v6 H
[database]
: G- N1 H, k7 z4 mconnection = mysql+pymysql://cinder:cinder@openstack-server/cinder
. M+ N1 F4 Q H$ a1 a) u5 E# _[DEFAULT]+ I8 j4 \: \1 ?3 w) M% A) H; N+ }
transport_url = rabbit://openstack:openstack@openstack-server B' F; [$ w6 a! ^
auth_strategy = keystone2 A* `# @" k8 p; o$ {0 g
my_ip = 192.168.254.10e% ^; m# j* D& s+ C
nabled_backends = lvm
' L- t3 v+ i7 h/ n% bglance_api_servers = http://openstack-server:9292
; ^/ q+ G- D2 d# v3 B8 X[keystone_authtoken]
# M- r( L0 G d6 \7 Z# Qwww_authenticate_uri = http://openstack-server:5000: ]* z2 \% n9 }1 e8 u" L
auth_url = http://openstack-server:5000
- d, g% h. _; y! K; a$ smemcached_servers = openstack-server:11211
) w2 n m# k7 W0 m' ?& f" Pauth_type = password1 b, J" e" o5 r% ]8 Y
project_domain_id = default
( z% c6 \/ _1 P/ F3 B# b, juser_domain_id = default( f9 {) D2 _8 Z" O( v
project_name = service
4 X0 f V, k1 tusername = cinder
) ^- l9 I1 J- C8 ]$ m6 n# e* H, opassword = cinder
5 e' d8 s4 D7 \; v( A4 E2 i1 C' f[lvm]
% X9 {+ ]. y3 i, b& ` l& Q _/ Xvolume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver0 I/ V4 F" ~, r j( ]
volume_group = cinder-volumes
! h m" o9 a2 P, y+ F/ @iscsi_protocol = iscsi
- Y' [ r, M _- i9 `% l- Y7 Tiscsi_helper = lioadm8 J! P2 h& ^' E% X
[oslo_concurrency]
0 z# ~" t$ a6 G0 R' Z& dlock_path = /var/lib/cinder/tmp/ D5 S: c; \' y# W; t- V+ R
启动cinder-volume、target服务: [root@openstack-server ~]# systemctl enable openstack-cinder-volume.service target.service
- ?# E5 u: c* T& z! x[root@openstack-server ~]# systemctl start openstack-cinder-volume.service target.service# {& c* `3 a( i+ l
验证操作: [root@openstack-server ~]# openstack volume service list
/ m2 v+ z" _, S7 |, j8 _- z+------------------+----------------------+------+---------+-------+----------------------------+
/ M" R( y2 N4 B: O# R9 U& L, f| Binary | Host | Zone | Status | State | Updated At |; P9 T1 y: ^2 P9 r' f, U! z' P3 x
+------------------+----------------------+------+---------+-------+----------------------------+
: F( L, G L# E5 g# P| cinder-scheduler | openstack-server | nova | enabled | up | 2018-10-25T14:07:19.000000 |
! S4 W, p/ ?" r4 P0 M, q2 f/ e V| cinder-volume | openstack-server@lvm | nova | enabled | up | 2018-10-25T14:07:24.000000 | y4 J+ k/ j0 _8 {# t/ k
+------------------+----------------------+------+---------+-------+----------------------------+8 m7 |1 i+ s* L8 T' w
15.启动虚拟机实例:: p' U" T0 J9 V- K+ H
创建Provider network网络: [root@openstack-server ~]# . myuser-openrc.sh! e& [8 {5 ~/ C: d0 o6 n8 B( ~
[root@openstack-server ~]# openstack network create --share --external --provider-physical-network provider --provider-network-type flat provider
& T7 _$ [( A4 y' e[root@openstack-server ~]# openstack subnet create --network provider --allocation-pool start=192.168.254.11,end=192.168.254.15 --dns-nameserver 114.114.114.114 --gateway 192.168.254.1 --subnet-range 192.168.254.0/27 provider
+ k, v; j/ b$ `$ j& ^9 L[root@openstack-server ~]# openstack network list
" H5 `3 V" m0 F4 q0 u+--------------------------------------+----------+--------------------------------------+8 f# t0 d! f T. u0 |
| ID | Name | Subnets |# C5 |% R2 ^/ p. H( p/ C7 f
+--------------------------------------+----------+--------------------------------------+
4 r( u, {0 Y6 I* e4 H( }| 9979b724-3868-42b9-9e0b-61b42fd794a0 | provider | 12dbf504-9f38-40d1-b273-e1409bc712b2 |
; F9 g2 W x! B( ], n- u3 U+--------------------------------------+----------+--------------------------------------+& M: J% K7 T% s- i
创建Self-service network网络: [root@openstack-server ~]# . myuser-openrc.sh
1 @9 s# ^! M! m5 p( C[root@openstack-server ~]# openstack network create selfservice# x/ U6 i% D% o4 h6 a2 {3 ]
[root@openstack-server ~]# openstack subnet create --network selfservice --dns-nameserver 114.114.114.114 --gateway 172.16.1.1 --subnet-range 172.16.1.0/24 selfservice
1 q- t! e: Q/ f. J. y6 }& }[root@openstack-server ~]# openstack router create router- ?; w% v6 v' r5 `7 ~
[root@openstack-server ~]# openstack router add subnet router selfservice
+ D! T& B" c: X3 M[root@openstack-server ~]# openstack router set router --external-gateway provider
6 e/ O( ~! j" o i7 A验证操作: [root@openstack-server ~]# . admin-openrc.sh
# l" m9 n2 }- u5 ~[root@openstack-server ~]# ip netns1 v0 n( W; O, w
qrouter-0251f464-87d3-466e-9889-5b58eaeeb19b (id: 2)
; U4 S3 d# J7 aqdhcp-ad37ab93-04df-4b47-99d3-10dc0b2e630e (id: 1)
; r- \5 ]9 H: p1 g2 {+ iqdhcp-cd105ed5-cb4d-4fd9-a4f3-3ab1642d7cb4 (id: 0)
! h5 i% l0 D* w% D& M! T: x/ U[root@openstack-server ~]# openstack port list --router router
' y- w# Q) A' z# X; f$ m+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------+--------+
1 c0 E& m3 a: @0 S$ v| ID | Name | MAC Address | Fixed IP Addresses | Status |0 }. F+ }: N: X4 c1 \
+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------+--------+# Y/ ^- l# T; b/ X, I5 d1 h
| 6390935b-7ab1-4608-a386-8f8d068a2ee0 | | fa:16:3e:4a:74:9e | ip_address='192.168.254.14', subnet_id='9e8f1c21-fc37-4dd7-b111-b4e25160b731' | ACTIVE |& C1 t- f8 j3 q/ ^
| d44e3892-fb37-4c8e-b962-f1035f164409 | | fa:16:3e:c1:1c:72 | ip_address='172.16.1.1', subnet_id='f5ae3b68-4397-4caf-be61-63ef193e024c' | ACTIVE |" Q! N5 O# G% ?1 F/ e
+--------------------------------------+------+-------------------+-------------------------------------------------------------------------------+--------+
: w2 Q/ A- W+ `1 G7 k创建flavor模板: + S6 c; g! l, v
[root@openstack-server ~]# openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano 创建秘钥链: [root@openstack-server ~]# . myuser-openrc.sh& X+ U% G# z# n b4 }6 u+ y
[root@openstack-server ~]# ssh-keygen -q -N ""& M: A# P0 r9 J; w
[root@openstack-server ~]# openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey7 {4 U" k6 W3 q o6 G# h
验证操作: [root@openstack-server ~]# openstack keypair list
% d( s, f# R9 r3 _. V+-------+-------------------------------------------------+
& o/ w+ X* v9 W+ P5 b+ x| Name | Fingerprint |
$ V( } X2 E* A7 R+ P$ Q0 b+-------+-------------------------------------------------+
& a8 a! a9 s* d% B o4 s| mykey | f3:95:1d:7f:24:e0:ba:a2:7f:9a:e8:98:7a:79:f7:f6 |
5 S4 u. A1 `2 P* G* f+-------+-------------------------------------------------+
- B0 t# K1 g' Y6 x9 f" N. ?; X添加安全组: [root@openstack-server ~]# openstack security group rule create --proto icmp default( k; x; `4 ? G) N
[root@openstack-server ~]# openstack security group rule create --proto tcp --dst-port 22 default" o+ U: k. T* ?# @' g; m) r, H
[root@openstack-server ~]# openstack security group list
6 U$ }# [' [& r; o% d; a+ D9 G0 q+--------------------------------------+---------+-------------+----------------------------------+------+2 N; W( k- j9 E, O B) h4 L4 J. ~
| ID | Name | Description | Project | Tags |
# h' o! B* `+ N# D/ p6 G+--------------------------------------+---------+-------------+----------------------------------+------+
8 h! T4 Y+ e2 v1 q9 R| 5c642955-4c0d-4913-83ac-ecd7fdc95846 | default | 缺省安全组 | f9d82471a2d84cdca15994649ad3ce17 | [] |
1 Y! }% p+ S. F; v# F) x0 w: s+--------------------------------------+---------+-------------+----------------------------------+------+
% d% h5 y2 |7 g% l# p0 T9 }; b' ]Launch an instance on the provider network(在provider网络运行实例): [root@openstack-server ~]# . demo-openrc. q" N& r5 r0 b* W! g
[root@openstack-server ~]# openstack flavor list9 g( c5 b5 q4 i3 I
+----+---------+-----+------+-----------+-------+-----------+
/ W( s, N. l( f1 {9 f* u+ _+ r0 I7 S| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |, m* u8 O! }$ J9 }
+----+---------+-----+------+-----------+-------+-----------+$ s3 L+ p0 [7 {
| 0 | m1.nano | 64 | 1 | 0 | 1 | True |
4 b% T2 X$ D; W2 g5 z& F* B+----+---------+-----+------+-----------+-------+-----------+
- b' R& {3 A& V9 V+ J. D[root@openstack-server ~]# openstack image list
" {! l, K- W: p+ b) ^+--------------------------------------+--------+--------+2 f$ Y e! ^, Z" |5 m( G* x
| ID | Name | Status |) I( E' j3 }1 V! D8 i! c% Q0 Z
+--------------------------------------+--------+--------+
. I+ ]# ` v( f& B3 }2 n- a| 68cc1d9d-3018-4c42-a20c-70d0e4215a24 | cirros | active |
1 d# ]( R t# I+ w" J1 x0 |: f' A+--------------------------------------+--------+--------+- S( Z6 X/ {1 i
[root@openstack-server ~]# openstack network list
$ I3 g- C0 x4 ~0 L5 ]3 z+ D+--------------------------------------+-------------+--------------------------------------+; ~& Z& C, F$ n4 q9 T- P
| ID | Name | Subnets |
b3 V0 A7 q3 ]' H& o+--------------------------------------+-------------+--------------------------------------+
, X* e6 a: k, `) ?9 x| ad37ab93-04df-4b47-99d3-10dc0b2e630e | selfservice | f5ae3b68-4397-4caf-be61-63ef193e024c |
! R7 O, `& D9 o" }+ q: U| cd105ed5-cb4d-4fd9-a4f3-3ab1642d7cb4 | provider | 9e8f1c21-fc37-4dd7-b111-b4e25160b731 |
7 v5 M2 t6 A" D$ ]* E+--------------------------------------+-------------+--------------------------------------+
" ^6 W0 m% V- q% D1 W U[root@openstack-server ~]# openstack security group list7 Q- B3 g$ h, l& u+ S/ N
+--------------------------------------+---------+-------------+----------------------------------+------++ m# m& e) y( o& q5 @1 k
| ID | Name | Description | Project | Tags |
: W* c" L* J* N- P- Q z$ H3 m+--------------------------------------+---------+-------------+----------------------------------+------+: }4 |- V+ K/ }, \0 ?3 K2 ]0 B
| 48512492-a516-4219-9a94-c81ac593963d | default | 缺省安全组 | c6b624a854694b4bb6dacd361bd7589d | [] |, g$ f! x5 a& d
+--------------------------------------+---------+-------------+----------------------------------+------+0 y$ \2 T6 X* S8 B2 X- v" E
[root@openstack-server ~]# openstack server create --flavor m1.nano --image cirros --nic net-id=9979b724-3868-42b9-9e0b-61b42fd794a0 --security-group default --key-name mykey provider-instance" g# e" c0 E$ y; U3 |/ t# x, Z
[root@openstack-server ~]# openstack console url show selfservice-instance(获取vnc url) Launch an instance on the self-service network(在self-service网络运行实例): [root@openstack-server ~]# . myuser-openrc.sh
1 S, x, t5 j1 \2 i% {2 o) p8 s- {: Z[root@openstack-server ~]# openstack flavor list
! R$ }. [5 r* {( w+ z( r+ ^+----+---------+-----+------+-----------+-------+-----------+1 Z& d* \4 T7 y
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |, K0 `, o" a) V: [+ M
+----+---------+-----+------+-----------+-------+-----------+3 e0 _; u, s6 u' @2 Z
| 0 | m1.nano | 64 | 1 | 0 | 1 | True |. c- {# S9 Y0 d* U* n: B% v4 c' g
+----+---------+-----+------+-----------+-------+-----------+: s' V& H& ^& `0 v+ v
[root@openstack-server ~]# openstack image list
( w% z! C6 @0 a8 [/ _8 ]; R% w+--------------------------------------+--------+--------+
: y/ C, l {7 C, [| ID | Name | Status |+--------------------------------------+--------+--------+
4 }$ Q0 G6 N, q* t( r: t| 68cc1d9d-3018-4c42-a20c-70d0e4215a24 | cirros | active |6 o) T/ O8 _" J- J
+--------------------------------------+--------+--------+
9 d9 f! I' a2 K# y2 B[root@openstack-server ~]# openstack network list
& T- `, k$ k5 t+--------------------------------------+-------------+--------------------------------------+$ u% ?5 i: O2 B; o% U
| ID | Name | Subnets |' _3 \) E1 l) g( ?( a, x' V
+--------------------------------------+-------------+--------------------------------------+
; a1 k; D7 I* C! v a/ A" c|ad37ab93-04df-4b47-99d3-10dc0b2e630e | selfservice | f5ae3b68-4397-4caf-be61-63ef193e024c |
0 Y/ T0 C, T! {! u( b& m8 T' ^| cd105ed5-cb4d-4fd9-a4f3-3ab1642d7cb4 | provider | 9e8f1c21-fc37-4dd7-b111-b4e25160b731 |
. O% j9 v: L6 h8 X6 l4 B* ~+--------------------------------------+-------------+--------------------------------------+
1 b! [( d6 G8 Y3 e# u+ F[root@openstack-server ~]# openstack security group list& B8 H) c$ z: g3 Y
+--------------------------------------+---------+-------------+----------------------------------+------+2 s; D, ?2 t+ \9 N: c8 x, ~
| ID | Name | Description | Project | Tags |- D( X/ j! c3 n; K8 |
+--------------------------------------+---------+-------------+----------------------------------+------+
- s+ `% Z1 q% W2 K8 T7 h+ r' g- z- N| 48512492-a516-4219-9a94-c81ac593963d | default | 缺省安全组 | c6b624a854694b4bb6dacd361bd7589d | [] |
: x2 z+ G$ `" R S7 D. L9 I+--------------------------------------+---------+-------------+----------------------------------+------+( c9 O( N( R) ~+ S+ b; G
[root@openstack-server ~]# openstack server create --flavor m1.nano --image cirros --nic net-id=ad37ab93-04df-4b47-99d3-10dc0b2e630e --security-group default --key-name mykey selfservice-instance8 \; x. I; z% K6 N
[root@openstack-server ~]# openstack server list: }5 ^( ]6 T+ r
+--------------------------------------+----------------------+--------+-------------------------+--------+---------+
5 \2 q- P! J# x- D! _/ M2 m( U3 W| ID | Name | Status | Networks | Image | Flavor |6 V# i$ B) i$ o. j p
+--------------------------------------+----------------------+--------+-------------------------+--------+---------+' g! @9 W' h+ t
| 105e9757-7ba5-4a3f-81b7-cecdff2fa167 | selfservice-instance | ACTIVE | selfservice=172.16.1.10 | cirros | m1.nano |
, n# [# G; u0 U! ~2 t, D+--------------------------------------+----------------------+--------+-------------------------+--------+---------+# U# J" Z' q; P# g4 @) S
[root@openstack-server ~]# openstack console url show selfservice-instance(获取vnc url) 创建卷: [root@openstack-server ~]# . myuser-openrc.sh$ I4 i+ t7 K6 s( O% x
[root@openstack-server ~]# openstack volume create --size 1 volume1
( s! z0 L" }0 z+ V; |" N2 n; ~0 G+---------------------+--------------------------------------+( n7 Y/ U% c3 X( M. V& e
| Field | Value |6 T1 j! ]( W" E! @1 u
+---------------------+--------------------------------------+( z4 C" j; H, C# V' X& v5 H
| attachments | [] |
8 q( d/ P0 W% _| availability_zone | nova |' E4 H3 ^; x6 x4 B5 h% X6 m1 d
| bootable | false |8 w I1 d, o4 S# q, g
| consistencygroup_id | None |
1 a/ [/ r7 u, s/ T, Z* N/ H% j! A| created_at | 2018-11-04T14:38:32.000000 |
" ]! l+ O( k3 W: E1 \$ v* H' g5 `| description | None |+ {' u# H5 V4 s+ h0 y
| encrypted | False |
1 t% S) _+ `& q1 b6 K4 l| id | 2a67c881-b7d6-47fb-9da4-c37dcb0ccf72 |
K+ \" l# Y, [. c" f; v2 }| multiattach | False |5 R) `, S$ C( ~( D
| name | volume1 |" h. a4 _1 |2 q% A4 C! b
| properties | |& k, D- X; w( W' x. X7 E
| replication_status | None |2 ]. V- B5 p8 T4 O. l5 t0 r
| size | 1 |
# M1 K r* {# u4 H* L8 f+ D) Q| snapshot_id | None |
% Z9 R! ~3 _& _2 ?$ F| source_volid | None ||
- x/ `' k' b2 }% m( P! t status | creating |
. C X- p% N B; n| type | None |
. A3 v" K. z% y5 |3 f| updated_at | None |
+ ?9 p. h1 c& { Q& g# W' K R| user_id | 2a2e5a1a1a464efaabaca83b439999e4 |
" r" m L* f: _+---------------------+--------------------------------------+3 X( ]& D4 L' k
[root@openstack-server ~]# openstack volume list
5 u! O1 a6 D: |. b2 V$ ]4 \% s1 k+--------------------------------------+---------+-----------+------+----------------------------------+
7 o) N% ^( h* j# y1 \| ID | Name | Status | Size | Attached to |
2 n: s( f$ u$ H3 ^7 y4 s2 |& E& x; q+--------------------------------------+---------+-----------+------+----------------------------------+- n6 |% o) i5 [8 b, k
| 2a67c881-b7d6-47fb-9da4-c37dcb0ccf72 | volume1 | available | 1 | |
% f" \9 }2 K# L! N b/ A- z| a63a0afe-3be8-45aa-b7be-820d88874fc4 | | in-use | 20 | Attached to centos6 on /dev/vda |' Z" k8 v7 x# r! b8 M7 d+ b
+--------------------------------------+---------+-----------+------+----------------------------------+: C6 b B# _- v4 T/ d3 O6 F8 x
|
发表于 2019-1-8 09:32:12