• OpenStack Controller HA (2)

    3.安装openstack服务

    3.1.安装配置qpid

    (1).更新第三方yum源

    [root@controller01 ~]# rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

    [root@controller01 ~]# rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm

    [root@controller01 ~]# yum -y install http://repos.fedorapeople.org/repos/openstack/openstack-havana/rdo-release-havana-8.noarch.rpm

    (2).安装配置qpid

    [root@controller01 ~]# yum -y install mysql qpid-cpp-server memcached

    [root@controller01 ~]# vi /etc/qpidd.conf

    ………………

    auth=no

    (3).启动qpid服务

    [root@controller01 ~]# service qpidd start

    [root@controller01 ~]# chkconfig qpidd on

    3.2.安装配置keystone

    (1).yum安装keystone

    [root@controller01 ~]# yum -y install openstack-keystone

    (2).配置keystone服务

    [root@controller01 ~]# cp -av /etc/keystone/keystone.conf  /etc/keystone/keystone.conf_bak

    [root@controller01 ~]# sed -i '/^#/d' /etc/keystone/keystone.conf

    [root@controller01 ~]# sed -i '/^$/d' /etc/keystone/keystone.conf

    [root@controller01 ~]# openstack-config --set /etc/keystone/keystone.conf sql connection mysql://keystone:keystone@mysqlserver/keystone

    [root@controller01 ~]# openstack-config --set /etc/keystone/keystone.conf DEFAULT admin_token c9d9d3ed3c12dd70ede7

    [root@controller01 ~]# openstack-config --set /etc/keystone/keystone.conf DEFAULT bind_host controller01

    [root@controller02 ~]# openstack-config --set /etc/keystone/keystone.conf DEFAULT bind_host controller02

    [root@controller01 ~]# keystone-manage pki_setup --keystone-user keystone --keystone-group keystone

    [root@controller01 ~]# scp -r /etc/keystone/ssl root@controller02:/etc/keystone/

    [root@controller02 ~]# touch /var/log/keystone/keystone.log

    [root@controller01 ~]# chown -R keystone:keystone /etc/keystone/* /var/log/keystone/keystone.log

    (3).同步keystone数据库

    [root@controller01 ~]# keystone-manage db_sync

    (4).启动keystone服务

    [root@controller01 ~]# service openstack-keystone start

    [root@controller01 ~]# chkconfig openstack-keystone on

    (5).配置环境变量

    [root@controller01 ~]# vi ~/.bash_profile

    export OS_USERNAME=admin

    export OS_TENANT_NAME=admin

    export OS_PASSWORD=password

    export OS_AUTH_URL=http://controller:5000/v2.0

    export SERVICE_ENDPOINT=http://controller:35357/v2.0

    export SERVICE_TOKEN=c9d9d3ed3c12dd70ede7

    [root@controller01 ~]# source ~/.bash_profile

    (6).创建user、定义services和endpoint

    [root@controller01 ~]# keystone tenant-create --name=admin --description='Admin Tenant'

    [root@controller01 ~]# keystone tenant-create --name=service --description='Service Tenant'

    [root@controller01 ~]# keystone user-create --name=admin --pass=password --email=keystone@chensh.net

    [root@controller01 ~]# keystone role-create --name=admin

    [root@controller01 ~]# keystone user-role-add --user=admin --tenant=admin --role=admin

    [root@controller01 ~]# keystone service-create --name=keystone --type=identity --description="Keystone Identity Service"

    [root@controller01 ~]# mkdir /root/config

    [root@controller01 ~]# vi /root/config/keystone-endpoint.sh

    #!/bin/bash

    my_ip=controller

    service=$(keystone service-list | awk '/keystone/ {print $2}')

    keystone endpoint-create --service-id=$service --publicurl=http://$my_ip:5000/v2.0 --internalurl=http://$my_ip:5000/v2.0 --adminurl=http://$my_ip:35357/v2.0

    [root@controller01 ~]# sh /root/config/keystone-endpoint.sh 

    (7).验证keystone

    [root@controller01 ~]# keystone user-list

    [root@controller01 ~]# keystone role-list

    [root@controller01 ~]# keystone endpoint-list

    3.3.安装配置glance

    (1).yum安装glance

    [root@controller01 ~]# yum -y install openstack-glance

    (2).创建user、定义services和endpoint

    [root@controller01 ~]# keystone user-create --name=glance --pass=service --email=glance@chensh.net

    [root@controller01 ~]# keystone user-role-add --user=glance --tenant=service --role=admin

    [root@controller01 ~]# keystone service-create --name=glance --type=image --description="Glance Image Service"

    [root@controller01 ~]# vi /root/config/glance-endpoint.sh 

    #!/bin/bash

    my_ip=controller

    service=$(keystone service-list | awk '/glance/ {print $2}')

    keystone endpoint-create --service-id=$service --publicurl=http://$my_ip:9292 --internalurl=http://$my_ip:9292 --adminurl=http://$my_ip:9292

    [root@controller01 ~]# sh /root/config/glance-endpoint.sh 

    (3).定义glance配置文件

    [root@controller01 ~]# cp -av /etc/glance/glance-api.conf /etc/glance/glance-api.conf_bak

    [root@controller01 ~]# cp -av /etc/glance/glance-registry.conf /etc/glance/glance-registry.conf_bak

    [root@controller01 ~]# sed -i '/^#/d' /etc/glance/glance-api.conf

    [root@controller01 ~]# sed -i '/^$/d' /etc/glance/glance-api.conf

    [root@controller01 ~]# sed -i '/^#/d' /etc/glance/glance-registry.conf

    [root@controller01 ~]# sed -i '/^$/d' /etc/glance/glance-registry.conf

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT bind_host controller01

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT registry_host controller01

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT rabbit_host controller01

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT qpid_hostname controller01

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT sql_connection mysql://glance:glance@mysqlserver/glance

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-registry.conf DEFAULT bind_host controller01

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-registry.conf DEFAULT sql_connection mysql://glance:glance@mysqlserver/glance

    [root@controller02 ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT bind_host controller02

    [root@controller02 ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT registry_host controller02

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT rabbit_host controller02

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT qpid_hostname controller02

    [root@controller02 ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT sql_connection mysql://glance:glance@mysqlserver/glance

    [root@controller02 ~]# openstack-config --set /etc/glance/glance-registry.conf DEFAULT bind_host controller02

    [root@controller02 ~]# openstack-config --set /etc/glance/glance-registry.conf DEFAULT sql_connection mysql://glance:glance@mysqlserver/glance


    [root@controller01 ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_host controller

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_port 35357

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_protocol http

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_tenant_name service

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_user glance

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_password service

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-api.conf paste_deploy config_file /etc/glance/glance-api-paste.ini

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone


    [root@controller01 ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_host controller

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_port 35357

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_protocol http

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_tenant_name service

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_user glance

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_password service

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-registry.conf paste_deploy config_file /etc/glance/glance-registry-paste.ini

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone

    [root@controller01 ~]# cp -av /usr/share/glance/glance-api-dist-paste.ini /etc/glance/glance-api-paste.ini

    [root@controller01 ~]# cp -av /usr/share/glance/glance-registry-dist-paste.ini /etc/glance/glance-registry-paste.ini

    [root@controller01 ~]# chown -R root:glance /etc/glance/glance-api-paste.ini 

    [root@controller01 ~]# chown -R root:glance /etc/glance/glance-registry-paste.ini

    [root@controller01 ~]# cp -av /etc/glance/glance-api-paste.ini /etc/glance/glance-api-paste.ini_bak

    [root@controller01 ~]# cp -av /etc/glance/glance-registry-paste.ini /etc/glance/glance-registry-paste.ini_bak

    [root@controller01 ~]# sed -i '/^#/d' /etc/glance/glance-api-paste.ini

    [root@controller01 ~]# sed -i '/^$/d' /etc/glance/glance-api-paste.ini

    [root@controller01 ~]# sed -i '/^#/d' /etc/glance/glance-registry-paste.ini

    [root@controller01 ~]# sed -i '/^$/d' /etc/glance/glance-registry-paste.ini


    [root@controller01 ~]# openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken auth_host controller

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_tenant_name service

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_user glance

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_password service

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken auth_host controller

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_tenant_name service

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_user glance

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_password service


    [root@controller01 ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT filesystem_store_datadir /openstack/glance/images

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT scrubber_datadir /openstack/glance/scrubber

    [root@controller01 ~]# openstack-config --set /etc/glance/glance-api.conf DEFAULT image_cache_dir /openstack/glance/image-cache

    (4).修改glance数据文件

    [root@controller01 ~]# cp -av /var/lib/glance /openstack/

    [root@controller01 ~]# chown -R glance:glance /openstack/glance

    (5).设置日志权限

    [root@controller01 ~]# touch /var/log/glance/registry.log

    [root@controller01 ~]# chown -R glance:glance /var/log/glance

    (6).同步glance数据库

    [root@controller01 ~]# glance-manage db_sync

    (7).启动glance服务

    [root@controller01 ~]# service openstack-glance-api start

    [root@controller01 ~]# service openstack-glance-registry start

    [root@controller01 ~]# chkconfig openstack-glance-api on

    [root@controller01 ~]# chkconfig openstack-glance-registry on

    (8).功能测试

    [root@controller01 ~]# glance image-create --name=centos6.4_20G --disk-format=qcow2 --container-format=ovf --is-public=true < centos6.4_20G.qcow2

    [root@controller01 ~]# glance image-list

    3.4.安装配置nova

    (1).yum安装nova

    [root@controller01 ~]# yum -y install openstack-nova

    (2).创建user、定义services和endpoint

    [root@controller01 ~]# keystone user-create --name=nova --pass=service --email=nova@chensh.net

    [root@controller01 ~]# keystone user-role-add --user=nova --tenant=service --role=admin

    [root@controller01 ~]# keystone service-create --name=nova --type=compute --description="Nova Compute Service"

    [root@controller01 ~]# vi /root/config/nova-user.sh

    #!/bin/sh

    my_ip=controller

    service=$(keystone service-list | awk '/nova/ {print $2}')

    keystone endpoint-create --service-id=$service --publicurl=http://$my_ip:8774/v2/%(tenant_id)s --internalurl=http://$my_ip:8774/v2/%(tenant_id)s --adminurl=http://$my_ip:8774/v2/%(tenant_id)s

    [root@controller01 ~]# sh /root/config/nova-user.sh

    (3).定义nova配置文件

    [root@controller01 ~]# cp -av /etc/nova/nova.conf /etc/nova/nova.conf_bak

    [root@controller01 ~]# sed -i '/^#/d' /etc/nova/nova.conf

    [root@controller01 ~]# sed -i '/^$/d' /etc/nova/nova.conf

    [root@controller01 ~]# vi /etc/nova/nova.conf

    [DEFAULT]

    my_ip = 192.168.20.21

    auth_strategy = keystone

    state_path = /openstack/nova

    verbose = True

    allow_resize_to_same_host = true

    rpc_backend = nova.openstack.common.rpc.impl_qpid

    qpid_hostname = controller

    libvirt_type = kvm

    glance_api_servers = controller:9292

    #novncproxy_base_url = http://controller01:6080/vnc_auto.html

    #vncserver_proxyclient_address = controller01

    vnc_enabled = true

    vnc_keymap = en-us

    network_manager = nova.network.manager.FlatDHCPManager

    firewall_driver = nova.virt.firewall.NoopFirewallDriver

    multi_host = True

    flat_interface = eth1

    flat_network_bridge = br1

    public_interface = eth0

    instance_usage_audit = True

    instance_usage_audit_period = hour

    notify_on_state_change = vm_and_task_state

    notification_driver = nova.openstack.common.notifier.rpc_notifier

    compute_scheduler_driver = nova.scheduler.simple.SimpleScheduler

    ec2_listen = controller01

    ec2_listen_port = 8773

    osapi_compute_listen = controller01

    osapi_compute_listen_port = 8774

    metadata_listen = controller01

    metadata_listen_port = 8775

    novncproxy_host = controller01

    vncserver_listen = controller01

    novncproxy_port = 6080

    qpid_hosts = controller01:5672,controller02:5672

    memcached_servers = controller01:11211, controller02:11211

    [hyperv]

    [zookeeper]

    [osapi_v3]

    [conductor]

    [keymgr]

    [cells]

    [database]

    sql_connection = mysql://nova:nova@mysqlserver/nova

    [image_file_url]

    [baremetal]

    [rpc_notifier2]

    [matchmaker_redis]

    [ssl]

    [trusted_computing]

    [upgrade_levels]

    [matchmaker_ring]

    [vmware]

    [spice]

    [keystone_authtoken]

    auth_host = controller

    auth_port = 35357

    auth_protocol = http

    admin_user = nova

    admin_tenant_name = service

    admin_password = service

    [root@controller01 ~]# vi /etc/nova/nova.conf

    [DEFAULT]

    my_ip = 192.168.20.22

    auth_strategy = keystone

    state_path = /openstack/nova

    verbose = True

    allow_resize_to_same_host = true

    rpc_backend = nova.openstack.common.rpc.impl_qpid

    qpid_hostname = controller

    libvirt_type = kvm

    glance_api_servers = controller:9292

    #novncproxy_base_url = http://controller02:6080/vnc_auto.html

    #vncserver_proxyclient_address = controller02

    vnc_enabled = true

    vnc_keymap = en-us

    network_manager = nova.network.manager.FlatDHCPManager

    firewall_driver = nova.virt.firewall.NoopFirewallDriver

    multi_host = True

    flat_interface = eth1

    flat_network_bridge = br1

    public_interface = eth0

    instance_usage_audit = True

    instance_usage_audit_period = hour

    notify_on_state_change = vm_and_task_state

    notification_driver = nova.openstack.common.notifier.rpc_notifier

    compute_scheduler_driver = nova.scheduler.simple.SimpleScheduler

    ec2_listen = controller02

    ec2_listen_port = 8773

    osapi_compute_listen = controller02

    osapi_compute_listen_port = 8774

    metadata_listen = controller02

    metadata_listen_port = 8775

    novncproxy_host = controller02

    vncserver_listen = controller02

    novncproxy_port = 6080

    qpid_hosts = controller01:5672,controller02:5672

    memcached_servers = controller01:11211, controller02:11211

    [hyperv]

    [zookeeper]

    [osapi_v3]

    [conductor]

    [keymgr]

    [cells]

    [database]

    sql_connection = mysql://nova:nova@mysqlserver/nova

    [image_file_url]

    [baremetal]

    [rpc_notifier2]

    [matchmaker_redis]

    [ssl]

    [trusted_computing]

    [upgrade_levels]

    [matchmaker_ring]

    [vmware]

    [spice]

    [keystone_authtoken]

    auth_host = controller

    auth_port = 35357

    auth_protocol = http

    admin_user = nova

    admin_tenant_name = service

    admin_password = service

    [root@controller01 ~]# vi /etc/nova/api-paste.ini

    auth_url = http://controller:35357/v2.0

    auth_host = controller

    auth_port = 35357

    auth_protocol = http

    admin_user = nova

    admin_tenant_name = service

    admin_password = service

    (4).修改nova数据存储路径

    [root@controller01 ~]# cp -av /var/lib/nova /openstack/

    [root@controller01 ~]# chown -R nova:nova /openstack/nova

    (5).同步nova数据库

    [root@controller01 ~]# nova-manage db sync

    (6).设置日志权限

    [root@controller01 ~]# chown -R nova:nova /var/log/nova 

    (7).修正nova bug

    [root@controller01 ~]# vi /usr/lib/python2.6/site-packages/nova/wsgi.py

    Bug:https://review.openstack.org/#/c/60838/3/nova/wsgi.py


    (8).启动nova相关服务

    [root@controller01 ~]# service libvirtd start

    [root@controller01 ~]# chkconfig libvirtd on

    [root@controller01 ~]# service messagebus start

    [root@controller01 ~]# chkconfig messagebus on

    [root@controller01 ~]# service openstack-nova-api start

    [root@controller01 ~]# service openstack-nova-cert start

    [root@controller01 ~]# service openstack-nova-consoleauth start

    [root@controller01 ~]# service openstack-nova-scheduler start

    [root@controller01 ~]# service openstack-nova-conductor start

    [root@controller01 ~]# service openstack-nova-novncproxy start

    [root@controller01 ~]# service openstack-nova-network start

    [root@controller01 ~]# chkconfig openstack-nova-api on

    [root@controller01 ~]# chkconfig openstack-nova-cert on

    [root@controller01 ~]# chkconfig openstack-nova-consoleauth on

    [root@controller01 ~]# chkconfig openstack-nova-scheduler on

    [root@controller01 ~]# chkconfig openstack-nova-conductor on

    [root@controller01 ~]# chkconfig openstack-nova-novncproxy on

    [root@controller01 ~]# chkconfig openstack-nova-network on

    (9).设置安全组规则

    [root@controller01 ~]# nova secgroup-add-rule default tcp 22 22 0.0.0.0/0

    [root@controller01 ~]# nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0

    (10).nova功能测试

    [root@controller01 ~]# nova image-list

    [root@controller01 ~]# nova network-create vmnet --fixed-range-v4=10.1.1.0/24 --bridge=br1 --bridge-interface=eth1 --multi-host=T --dns1=202.106.0.20 --dns2=202.96.69.38

    [root@controller01 ~]# nova boot --flavor 2 --image centos6.4_20G vm-00
  • 相关阅读:
    attr 修改IMG src
    64转2
    :eq
    DOM0和D0M2级事件
    c's's透明度
    span标签 宽度无效解决方案
    CSS 点击事件
    input点击后的 默认边框去除
    js
    CSS 的 ID 和 Class 有什么区别,如何正确使用它们。
  • 原文地址:https://www.cnblogs.com/myiaas/p/4161313.html
Copyright © 2020-2023  润新知