devstack安装openstack Pika版本
参考网站:
- https://www.cnblogs.com/Allvirus/p/7783962.html
- https://docs.openstack.org/devstack/latest/
- https://www.cnblogs.com/fczjuever/p/3224022.html
配置
设备:一台ubuntu desktop 16.04,三台ubuntu server 16.04
软件:virtualBox 5.2.0
虚拟机配置:
- 内存 4G
- 存储 200G
- 网卡1 桥接网卡
- 镜像版本 ubuntu desktop 16.04
ip设置
ubuntu desktop 实机192.168.9.40 作为控制节点宿主机
ubuntu desktop 虚机192.168.9.41 作为控制节点
ubuntu server 192.168.9.42 - 192.168.9.43 作为计算节点和swift存储节点
更换apt源为国内源
安装pip
apt-get install python-pip
pip更换为豆瓣源
mkdir .pip
vim .pip/pip.conf
编辑内容:
[global]
index-url = http://pypi.douban.com/simple/
trusted-host = pypi.douban.com
下载devstack
创建 stack 用户
sudo useradd -s /bin/bash -d /opt/stack -m stack
echo "stack ALL=(ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/stack
将devstack目录放到/opt/stack下,并设置权限
mv devstack /opt/stack
chown -R stack:stack /opt/stack/devstack
切换至stack用户
su - stack
给stack用户配置一样的pip的豆瓣源
mkdir .pip
vim .pip/pip.conf
编辑内容:
[global]
index-url = http://pypi.douban.com/simple/
trusted-host = pypi.douban.com
cd devstack
vim local.conf
控制节点:
[[local|localrc]]
# Define images to be automatically downloaded during the DevStack built process.
DOWNLOAD_DEFAULT_IMAGES=False
IMAGE_URLS="http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img"
# use TryStack git mirror
GIT_BASE=http://git.trystack.cn
NOVNC_REPO=http://git.trystack.cn/kanaka/noVNC.git
SPICE_REPO=http://git.trystack.cn/git/spice/sice-html5.git
# Credentials
DATABASE_PASSWORD=admin
ADMIN_PASSWORD=admin
SERVICE_PASSWORD=admin
RABBIT_PASSWORD=admin
disable_service n-cpu
enable_service s-proxy,s-object,s-container,s-account
SWIFT_STORAGE_IPS="192.168.9.42 192.168.9.44"
计算节点:
[[local|localrc]]
# use TryStack git mirror
GIT_BASE=http://git.trystack.cn
NOVNC_REPO=http://git.trystack.cn/kanaka/noVNC.git
SPICE_REPO=http://git.trystack.cn/git/spice/spice-html5.git
MULTI_HOST=true
HOST_IP=192.168.9.44
LOGFILE=/opt/stack/logs/stack.sh.log
ADMIN_PASSWORD=admin
DATABASE_PASSWORD=admin
RABBIT_PASSWORD=admin
SERVICE_PASSWORD=admin
SERVICE_HOST=192.168.9.41
MYSQL_HOST=$SERVICE_HOST
RABBIT_HOST=$SERVICE_HOST
GLANCE_HOSTPORT=$SERVICE_HOST:9292
DATABASE_TYPE=mysql
ENABLED_SERVICES=n-cpu,q-agt,neutron,s-proxy,s-object,s-container,s-account,placement-api
enable_service placement-api
NOVA_VNC_ENABLED=True
NOVNCPROXY_URL="http://$SERVICE_HOST:6080/vnc_auto.html"
VNCSERVER_LISTEN=$HOST_IP
VNCSERVER_PROXYCLIENT_ADDRESS=$VNCSERVER_LISTEN
cd 到files目录下手动下载两个压缩包防止超时报错
cd files/
wget -c https://github.com/coreos/etcd/releases/download/v3./etcd-v3.-linux-amd64.tar.gz
wget -c https://github.com/coreos/etcd/releases/download/v3./etcd-v3.-linux-amd64.tar.gz
**一次下载不成功请多执行上面命令几次直到finish
cd回devstack目录下
cd ..
运行./stack.sh
遇到其他报错主要检查local.conf然后清理上次错误配置./unstack.sh和./clean.sh,然后再运行./stack.sh配置
等待完成如遇超时(timeout)报错请再次运行./stack.sh
完成后使用虚拟机ip登录图形化界面。
devstack自动安装完成后控制节点不会自动添加计算节点,需要在控制节点添加计算节点服务
nova-manage cell_v2 discover_hosts
自动添加计算节点服务
vim /etc/nova/nova.conf
[scheduler]
discover_hosts_in_cells_interval=-
service [email protected]* restart
Cinder报错:
Manager for service cinder-volume controller@lvmdriver- is reporting problems, not sending heartbeat. Service will appear down.
开启卷存储回环
sudo losetup -f /opt/stack/data/stack-volumes-default-backing-file
sudo losetup -f /opt/stack/data/stack-volumes-lvmdriver--backing-file
将Glance存储方式修改为swift存储集群
修改glance配置文件/etc/glance/glance.api.conf
[glance_store]
stores = swift
default_swift_reference = ref1
swift_store_config_file = /etc/glance/glance-swift-store.conf
swift_store_create_container_on_put = True
default_store = swift+config
filesystem_store_datadir = /opt/stack/data/glance/images/
修改/etc/glance/glance-uwsgi.ini,提高socket-timeout时间,防止nova上传快照被打断
[uwsgi]
socket-timeout =
http-keepalive = false
http-auto-chunked = true
http-chunked-input = true
http-raw-body = true
chmod-socket =
lazy-apps = true
add-header = Connection: close
buffer-size =
thunder-lock = true
plugins = python
enable-threads = true
exit-on-reload = true
die-on-term = true
master = true
processes =
http-socket = .:
wsgi-file = /usr/local/bin/glance-wsgi-api
基于devstack的swift配置
控制节点
修改proxy-server.conf部分设置
· · ·
workers = 8
client_timeout = 6000
存储节点(计算节点)
修改swift.conf 存储文件最大大小 设置
· · ·
[swift-constraints]
#2**37 128GB
max_file_size = 137438953472
max_header_size = 16384
修改swift文件存储地址
object-server/1.conf
· · ·
devices = /srv/node/sdb1
container-server/1.conf
· · ·
devices = /srv/node/sdb1
account-server/1.conf
· · ·
devices = /srv/node/sdb1
设置swift环
在控制节点及存储节点分别执行以下脚本
#!/bin/bash
cd /etc/swift
rm -f *.builder *.ring.gz backups/*.builder backups/*.ring.gz
swift-ring-builder account.builder create
swift-ring-builder container.builder create
swift-ring-builder object.builder create
swift-ring-builder account.builder add z1-.:/sdb1
swift-ring-builder container.builder add z1-.:/sdb1
swift-ring-builder object.builder add z1-.:/sdb1
swift-ring-builder account.builder add z2-.:/sdb1
swift-ring-builder container.builder add z2-.:/sdb1
swift-ring-builder object.builder add z2-.:/sdb1
swift-ring-builder account.builder rebalance
swift-ring-builder container.builder rebalance
swift-ring-builder object.builder rebalance
swift同步
vim /etc/rsyncd.conf
uid = stack
gid =
log file = /opt/stack/data/swift/logs/rsyncd.log
pid file = /opt/stack/data/swift/run/rsyncd.pid
address =
[account6612]
max connections =
path = /srv/node
read only = false
lock file = /opt/stack/data/swift/run/account6612.lock
[container6611]
max connections =
path = /srv/node/
read only = false
lock file = /opt/stack/data/swift/run/container6611.lock
[object6613]
max connections =
path = /srv/node/
read only = false
lock file = /opt/stack/data/swift/run/object6613.lock
perl -pi -e 's/RSYNC_ENABLE=false/RSYNC_ENABLE=true/' /etc/default/rsync
service rsync restart
ldap登录openstack
在控制节点执行:
去掉/etc/keystone/keystone.conf中注释
配置/etc/keystone/domains/keystone.Users.conf
[identity]
driver = ldap
[ldap]
group_id_attribute = cn
group_name_attribute = cn
group_objectclass = groupOfNames
group_tree_dn = ou=Groups,o=siteview,dc=example,dc=com
password = ***********
suffix = dc=example,dc=com
url = ldap://***.***.***.***
user = uid=admin,ou=system
user_id_attribute = uid
user_mail_attribute = mail
user_name_attribute = cn
user_objectclass = inetOrgPerson
user_tree_dn = ou=Users,o=siteview,dc=example,dc=com
user_allow_create = False
user_allow_update = False
user_allow_delete = False
group_allow_create = False
group_allow_update = False
group_allow_delete = False
修改horizon设置,开启登录界面domain选项
/opt/stack/horizon/openstack_dashboard/local/local_settings.py
补充
开启实例局域网内ssh访问
安全组添加ssh、icmp入口、icmp出口允许
在控制节点执行:
ifconfig br-ex up
ifconfig br-ex
route add -net / gw
其中172.24.4.1为openstack中public网路子网地址
10.0.0.0 为private子网网段
172.24.4.5为连接在public和private的路由器 在public上的地址
允许端口转发
vim /etc/sysctl.conf
net.ipv4.ip_forward =
sysctl -p
端口转发设置
iptables -t nat -A PREROUTING -d -p tcp --dport -j DNAT --to-destination :
iptables -t nat -A POSTROUTING -d -p tcp --dport -j SNAT --to
ssh连接
报错Permission denied (publickey)处理
ssh-agent bash
开启rabbitemq web界面
控制节点执行
rabbitmq-plugins enable rabbitmq_management #开启web插件
rabbitmqctl set_user_tags stackrabbit administrator #设置stackrabbit为超级管理权限
![openstack身份管理[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)