devstack安裝openstack Pika版本
參考網站:
- https://www.cnblogs.com/Allvirus/p/7783962.html
- https://docs.openstack.org/devstack/latest/
- https://www.cnblogs.com/fczjuever/p/3224022.html
配置
裝置:一台ubuntu desktop 16.04,三台ubuntu server 16.04
軟體:virtualBox 5.2.0
虛拟機配置:
- 記憶體 4G
- 存儲 200G
- 網卡1 橋接網卡
- 鏡像版本 ubuntu desktop 16.04
ip設定
ubuntu desktop 實機192.168.9.40 作為控制節點主控端
ubuntu desktop 虛機192.168.9.41 作為控制節點
ubuntu server 192.168.9.42 - 192.168.9.43 作為計算節點和swift存儲節點
更換apt源為國内源
安裝pip
apt-get install python-pip
pip更換為豆瓣源
mkdir .pip
vim .pip/pip.conf
編輯内容:
[global]
index-url = http://pypi.douban.com/simple/
trusted-host = pypi.douban.com
下載下傳devstack
建立 stack 使用者
sudo useradd -s /bin/bash -d /opt/stack -m stack
echo "stack ALL=(ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/stack
将devstack目錄放到/opt/stack下,并設定權限
mv devstack /opt/stack
chown -R stack:stack /opt/stack/devstack
切換至stack使用者
su - stack
給stack使用者配置一樣的pip的豆瓣源
mkdir .pip
vim .pip/pip.conf
編輯内容:
[global]
index-url = http://pypi.douban.com/simple/
trusted-host = pypi.douban.com
cd devstack
vim local.conf
控制節點:
[[local|localrc]]
# Define images to be automatically downloaded during the DevStack built process.
DOWNLOAD_DEFAULT_IMAGES=False
IMAGE_URLS="http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img"
# use TryStack git mirror
GIT_BASE=http://git.trystack.cn
NOVNC_REPO=http://git.trystack.cn/kanaka/noVNC.git
SPICE_REPO=http://git.trystack.cn/git/spice/sice-html5.git
# Credentials
DATABASE_PASSWORD=admin
ADMIN_PASSWORD=admin
SERVICE_PASSWORD=admin
RABBIT_PASSWORD=admin
disable_service n-cpu
enable_service s-proxy,s-object,s-container,s-account
SWIFT_STORAGE_IPS="192.168.9.42 192.168.9.44"
計算節點:
[[local|localrc]]
# use TryStack git mirror
GIT_BASE=http://git.trystack.cn
NOVNC_REPO=http://git.trystack.cn/kanaka/noVNC.git
SPICE_REPO=http://git.trystack.cn/git/spice/spice-html5.git
MULTI_HOST=true
HOST_IP=192.168.9.44
LOGFILE=/opt/stack/logs/stack.sh.log
ADMIN_PASSWORD=admin
DATABASE_PASSWORD=admin
RABBIT_PASSWORD=admin
SERVICE_PASSWORD=admin
SERVICE_HOST=192.168.9.41
MYSQL_HOST=$SERVICE_HOST
RABBIT_HOST=$SERVICE_HOST
GLANCE_HOSTPORT=$SERVICE_HOST:9292
DATABASE_TYPE=mysql
ENABLED_SERVICES=n-cpu,q-agt,neutron,s-proxy,s-object,s-container,s-account,placement-api
enable_service placement-api
NOVA_VNC_ENABLED=True
NOVNCPROXY_URL="http://$SERVICE_HOST:6080/vnc_auto.html"
VNCSERVER_LISTEN=$HOST_IP
VNCSERVER_PROXYCLIENT_ADDRESS=$VNCSERVER_LISTEN
cd 到files目錄下手動下載下傳兩個壓縮包防止逾時報錯
cd files/
wget -c https://github.com/coreos/etcd/releases/download/v3./etcd-v3.-linux-amd64.tar.gz
wget -c https://github.com/coreos/etcd/releases/download/v3./etcd-v3.-linux-amd64.tar.gz
**一次下載下傳不成功請多執行上面指令幾次直到finish
cd回devstack目錄下
cd ..
運作./stack.sh
遇到其他報錯主要檢查local.conf然後清理上次錯誤配置./unstack.sh和./clean.sh,然後再運作./stack.sh配置
等待完成如遇逾時(timeout)報錯請再次運作./stack.sh
完成後使用虛拟機ip登入圖形化界面。
devstack自動安裝完成後控制節點不會自動添加計算節點,需要在控制節點添加計算節點服務
nova-manage cell_v2 discover_hosts
自動添加計算節點服務
vim /etc/nova/nova.conf
[scheduler]
discover_hosts_in_cells_interval=-
service [email protected]* restart
Cinder報錯:
Manager for service cinder-volume controller@lvmdriver- is reporting problems, not sending heartbeat. Service will appear down.
開啟卷存儲回環
sudo losetup -f /opt/stack/data/stack-volumes-default-backing-file
sudo losetup -f /opt/stack/data/stack-volumes-lvmdriver--backing-file
将Glance存儲方式修改為swift存儲叢集
修改glance配置檔案/etc/glance/glance.api.conf
[glance_store]
stores = swift
default_swift_reference = ref1
swift_store_config_file = /etc/glance/glance-swift-store.conf
swift_store_create_container_on_put = True
default_store = swift+config
filesystem_store_datadir = /opt/stack/data/glance/images/
修改/etc/glance/glance-uwsgi.ini,提高socket-timeout時間,防止nova上傳快照被打斷
[uwsgi]
socket-timeout =
http-keepalive = false
http-auto-chunked = true
http-chunked-input = true
http-raw-body = true
chmod-socket =
lazy-apps = true
add-header = Connection: close
buffer-size =
thunder-lock = true
plugins = python
enable-threads = true
exit-on-reload = true
die-on-term = true
master = true
processes =
http-socket = .:
wsgi-file = /usr/local/bin/glance-wsgi-api
基于devstack的swift配置
控制節點
修改proxy-server.conf部分設定
· · ·
workers = 8
client_timeout = 6000
存儲節點(計算節點)
修改swift.conf 存儲檔案最大大小 設定
· · ·
[swift-constraints]
#2**37 128GB
max_file_size = 137438953472
max_header_size = 16384
修改swift檔案存儲位址
object-server/1.conf
· · ·
devices = /srv/node/sdb1
container-server/1.conf
· · ·
devices = /srv/node/sdb1
account-server/1.conf
· · ·
devices = /srv/node/sdb1
設定swift環
在控制節點及存儲節點分别執行以下腳本
#!/bin/bash
cd /etc/swift
rm -f *.builder *.ring.gz backups/*.builder backups/*.ring.gz
swift-ring-builder account.builder create
swift-ring-builder container.builder create
swift-ring-builder object.builder create
swift-ring-builder account.builder add z1-.:/sdb1
swift-ring-builder container.builder add z1-.:/sdb1
swift-ring-builder object.builder add z1-.:/sdb1
swift-ring-builder account.builder add z2-.:/sdb1
swift-ring-builder container.builder add z2-.:/sdb1
swift-ring-builder object.builder add z2-.:/sdb1
swift-ring-builder account.builder rebalance
swift-ring-builder container.builder rebalance
swift-ring-builder object.builder rebalance
swift同步
vim /etc/rsyncd.conf
uid = stack
gid =
log file = /opt/stack/data/swift/logs/rsyncd.log
pid file = /opt/stack/data/swift/run/rsyncd.pid
address =
[account6612]
max connections =
path = /srv/node
read only = false
lock file = /opt/stack/data/swift/run/account6612.lock
[container6611]
max connections =
path = /srv/node/
read only = false
lock file = /opt/stack/data/swift/run/container6611.lock
[object6613]
max connections =
path = /srv/node/
read only = false
lock file = /opt/stack/data/swift/run/object6613.lock
perl -pi -e 's/RSYNC_ENABLE=false/RSYNC_ENABLE=true/' /etc/default/rsync
service rsync restart
ldap登入openstack
在控制節點執行:
去掉/etc/keystone/keystone.conf中注釋
配置/etc/keystone/domains/keystone.Users.conf
[identity]
driver = ldap
[ldap]
group_id_attribute = cn
group_name_attribute = cn
group_objectclass = groupOfNames
group_tree_dn = ou=Groups,o=siteview,dc=example,dc=com
password = ***********
suffix = dc=example,dc=com
url = ldap://***.***.***.***
user = uid=admin,ou=system
user_id_attribute = uid
user_mail_attribute = mail
user_name_attribute = cn
user_objectclass = inetOrgPerson
user_tree_dn = ou=Users,o=siteview,dc=example,dc=com
user_allow_create = False
user_allow_update = False
user_allow_delete = False
group_allow_create = False
group_allow_update = False
group_allow_delete = False
修改horizon設定,開啟登入界面domain選項
/opt/stack/horizon/openstack_dashboard/local/local_settings.py
補充
開啟執行個體區域網路内ssh通路
安全組添加ssh、icmp入口、icmp出口允許
在控制節點執行:
ifconfig br-ex up
ifconfig br-ex
route add -net / gw
其中172.24.4.1為openstack中public網路子網位址
10.0.0.0 為private子網網段
172.24.4.5為連接配接在public和private的路由器 在public上的位址
允許端口轉發
vim /etc/sysctl.conf
net.ipv4.ip_forward =
sysctl -p
端口轉發設定
iptables -t nat -A PREROUTING -d -p tcp --dport -j DNAT --to-destination :
iptables -t nat -A POSTROUTING -d -p tcp --dport -j SNAT --to
ssh連接配接
報錯Permission denied (publickey)處理
ssh-agent bash
開啟rabbitemq web界面
控制節點執行
rabbitmq-plugins enable rabbitmq_management #開啟web插件
rabbitmqctl set_user_tags stackrabbit administrator #設定stackrabbit為超級管理權限
![openstack身份管理[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)