In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-05 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Database >
Share
Shulou(Shulou.com)06/01 Report--
Openstack official documentation installation
System version centos7 (minimal installation)
2 machines have 2g of memory (4-6g is recommended for the control node, because 2g feels stuttered when I try it, and dashboard feels a little slow to respond), cpu2 has 100g hard drives, and each machine needs 2 network cards. For more information, please see
Description:
The following is an official screenshot:
Control node installs mysql rabbitmq keystone glance nova dashboard neutron
Compute node installs nova neutron
Openstack official website configuration instructions
Openstack installation steps:
1. [ntp installation]
Ntp is mainly used for synchronizing time. Time is not synchronized, which may prevent you from creating a CVM.
Yum install chrony
Vi / etc/chrony.conf increase
Server NTP_SERVER iburst
Allow your ip address segment (allow your ip address segment to access ntp)
Systemctl enable chronyd.service (join system self-boot)
Systemctl start chronyd.service (start ntp service)
Note: install ntp in previous versions of centos7
Yum install ntp
Ntpdate time.nist.gov (synchronous clock)
Hwclock-w (write to bios)
2. [openstack packages]
Install the latest source for openstack:
Yum install centos-release-openstack-mitaka
Yum install https://rdoproject.org/repos/rdo-release.rpm
Yum upgrade (update source)
Yum install python-openstackclient (install the necessary plug-ins for opentack)
Yum install openstack-selinux (optional to install this plug-in, I directly shut down selinux, because it is not familiar, it will not affect the future)
3. [database]
Openstack supports many databases, MySQL or PostgreSQL, etc.
Here we use mysql.
Yum install mariadb mariadb-server python2-PyMySQL (mariadb is the new version of mysql, don't be surprised)
Vi / etc/my.cnf
Join:
[mysqld]
Bind-address = 192.168.1.48 (IP address of the machine on which mysql is installed)
Default-storage-engine = innodb
Innodb_file_per_table
Collation-server = utf8_general_ci
Character-set-server = utf8
Add mysql to self-startup
Systemctl enable mariadb.service
Start mysql
Systemctl start mariadb.service
Set the mysql property:
Enter script commands directly:
Mysql_secure_installation
Just follow the relevant settings.
Note: check to see if mysqld is running. Whether port 3306 is up or not
3. [rabbitmq]
Install the messenger rabbitmq of openstack. If rabbitmq is not running, your entire openstack platform will not work. Rabbitmq uses port 5672.
Yum install rabbitmq-server
Systemctl enable rabbitmq-server.service (join self-boot)
Systemctl start rabbitmq-server.service (startup)
Rabbitmqctl add_user openstack RABBIT_PASS (add user openstack, password is set to replace RABBIT_PASS)
Rabbitmqctl set_permissions openstack ". *" (new users are authorized, and non-authorized users will not be able to accept and deliver messages)
4. [memcached]
Memcache for the selected installation project. Use port 11211
Yum install memcached python-memcached
Systemctl enable memcached.service
Systemctl start memcached.service
5. [keystone Certification Service]
Note: hosts parsing needs to be set up before, and both the control node and compute node should do it. Mine is:
192.168.1.48 control
192.168.1.49 compute
Log in to the database to create the keystone database.
Mysql-u root-p
CREATE DATABASE keystone
Set the authorized user and password:
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost'\
IDENTIFIED BY 'password'
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%'\
IDENTIFIED BY 'password'
Generate random values for admin_token:
Openssl rand-hex 10
Install keystone
Yum install openstack-keystone httpd mod_wsgi
Vi / etc/keystone/keystone.conf
Replace it with the random value you just generated:
Admin_token = random value (mainly for security, but may not be replaced)
Configure the database connection:
Connection = mysql+pymysql://keystone: password @ database ip address / keystone
Settings: provider = fernet,
Synchronize keystone database: keystone-manage db_sync (to check whether the database generated the table successfully)
Initialize keys:
Keystone-manage fernet_setup-- keystone-user keystone--keystone-group keystone
Configure apache:
Vi / etc/httpd/conf/httpd.conf
Change the ServerName back to the host name to prevent startup from reporting an error
ServerName control
Generate the wsgi configuration file:
Vi / etc/httpd/conf.d/wsgi-keystone.conf join:
Listen 5000
Listen 35357
WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=% {GROUP}
WSGIProcessGroup keystone-public
WSGIScriptAlias / / usr/bin/keystone-wsgi-public
WSGIApplicationGroup% {GLOBAL}
WSGIPassAuthorization On
ErrorLogFormat "{cu} t M"
ErrorLog / var/log/httpd/keystone-error.log
CustomLog / var/log/httpd/keystone-access.log combined
Require all granted
WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=% {GROUP}
WSGIProcessGroup keystone-admin
WSGIScriptAlias / / usr/bin/keystone-wsgi-admin
WSGIApplicationGroup% {GLOBAL}
WSGIPassAuthorization On
ErrorLogFormat "{cu} t M"
ErrorLog / var/log/httpd/keystone-error.log
CustomLog / var/log/httpd/keystone-access.log combined
Require all granted
Start httpd:
Systemctl enable httpd.service
Systemctl start httpd.service
6. [create service directory and endpoint for keystone]
Random values generated above export OS_TOKEN=
Export OS_URL= http://control:35357/v3
Export OS_IDENTITY_API_VERSION=3
Create a service for keystone:
Openstack service create-- name keystone-- description "OpenStack Identity" identity (the authentication type identity must not be wrong)
Create an endpoint for keystone:
Openstack endpoint create-- region RegionOne\
Identity public http://control:5000/v3
Openstack endpoint create-- region RegionOne\
Identity internel http://control:5000/v3
Openstack endpoint create-- region RegionOne\
Identity admin http://control:35357/v3
7. [create domain, user, tenant, role]
Create the default domain default:
Openstack domain create-description "Default Domain" default
Tenant who created the admin:
Openstack project create-- domain default\
Description "Admin Project" admin
To create an admin user:
Openstack user create-- domain default\
-- password-prompt admin (will be prompted to enter the password as the password for logging in to dashboard)
Create an admin role:
Openstack role create admin
Connect the user tenant roles:
Openstack role add-project admin-user admin admin
Create a service catalog:
Openstack project create-- domain default\
Description "Service Project" service
Create demo information similar to admin:
Openstack project create-- domain default\
Description "Demo Project" demo
Openstack user create-- domain default\
-- password-prompt demo
Openstack role create user
Openstack role add-project demo-user demo user
After the creation is complete, you can use the command to verify:
Openstack-- os-auth-url http://control:35357/v3\
-- os-project-domain-name default-- os-user-domain-name default\
-os-project-name admin-os-username admin token issue
After entering the password, the correct output is the correct configuration.
You can set the environment variable to a script:
Vi admin-openrc joins:
Export OS_PROJECT_DOMAIN_NAME=default
Export OS_USER_DOMAIN_NAME=default
Export OS_PROJECT_NAME=admin
Export OS_USERNAME=admin
Export OS_PASSWORD=xxxx
Export OS_AUTH_URL= http://control:35357/v3
Export OS_IDENTITY_API_VERSION=3
Export OS_IMAGE_API_VERSION=2
The variable of demo is similar.
Run and use. Admin-openrc or use source admin-openrc
Verify the input command:
Openstack token issue
Having the correct output is the correct configuration.
8. [glance Image Service]
Create glance data
Log in to mysql
Mysql-u root-p
CREATE DATABASE glance
Authorization
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost'\
IDENTIFIED BY 'password'
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%'\
IDENTIFIED BY 'password'
Run environment variables:
. Admin-openrc
Create glance user information:
Openstack user create-domain default-password-prompt glance
Openstack role add-project service-user glance admin
Create an image service directory:
Openstack service create-- name glance\
Description "OpenStack Image" p_w_picpath
Create an image endpoint:
Penstack endpoint create-- region RegionOne\
P_w_picpath public http://control:9292
Penstack endpoint create-- region RegionOne\
P_w_picpath internal http://control:9292
Penstack endpoint create-- region RegionOne\
P_w_picpath admin http://control:9292
Installation:
Yum install openstack-glance
Vi / etc/glance/glance-api.conf
Configure the database connection:
Connection = mysql+pymysql://glance: password @ database ip/glance
Find [keystone_authtoken] (configure authentication)
Join:
Auth_uri = http://control:5000
Auth_url = http://control:35357
Memcached_servers = control:11211
Auth_type = password
Project_domain_name = default
User_domain_name = default
Project_name = service
Username = glance
Password = xxxx
Find: [paste_deploy]
Flavor = keystone
Find [glance_store]
Stores = file,http
Default_store = file
Filesystem_store_datadir = / var/lib/glance/p_w_picpaths/
Edit / etc/glance/glance-registry.conf
Find [database]
Connection = mysql+pymysql://glance: password @ database ip/glance
Find [keystone_authtoken] (configure authentication)
Join:
Auth_uri = http://control:5000
Auth_url = http://control:35357
Memcached_servers = control:11211
Auth_type = password
Project_domain_name = default
User_domain_name = default
Project_name = service
Username = glance
Password = xxxx
Find: [paste_deploy]
Flavor = keystone
Synchronize the database:
Glance-manage db_sync
Start glance:
Systemctl enable openstack-glance-api.service\
Openstack-glance-registry.service
Systemctl start openstack-glance-api.service\
Openstack-glance-registry.service
Verify:
Run environment variables:
. Admin-openrc
Download a smaller image:
Wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
Upload image:
Openstack p_w_picpath create "cirros"\
-- file cirros-0.3.4-x86_64-disk.img\
-- disk-format qcow2-- container-format bare\
-- public
View:
Openstack p_w_picpath list
The output proves that glance is configured correctly.
9. [nova Control Node]
Establish the database of nova:,
Mysql-u root-p
CREATE DATABASE nova_api
CREATE DATABASE nova
Authorization:
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost'\
IDENTIFIED BY 'password'
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%'\
IDENTIFIED BY 'password'
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost'\
IDENTIFIED BY 'password'
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%'\
IDENTIFIED BY 'password'
Run environment variables:
. Admin-openrc
To create a nova user:
Openstack user create-- domain default\
-- password-prompt nova
Openstack role add-project service-user nova admin
Create a computing service:
Openstack service create-- name nova\
Description "OpenStack Compute" compute
Create an endpoint:
Openstack endpoint create-- region RegionOne\
Compute public http://control:8774/v2.1/%\(tenant_id\)s
Openstack endpoint create-- region RegionOne\
Compute internal http://control:8774/v2.1/%\(tenant_id\)s
Openstack endpoint create-- region RegionOne\
Compute admin http://control:8774/v2.1/%\(tenant_id\)s
Installation:
Yum install openstack-nova-api openstack-nova-conductor\
Openstack-nova-console openstack-nova-novncproxy\
Openstack-nova-scheduler
Edit / etc/nova/nova.conf
Find: [DEFAULT]
Enabled_apis = osapi_compute,metadata
Find:
[api_database]
Connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api
[database]
Connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova
[DEFAULT]
Rpc_backend = rabbit
[oslo_messaging_rabbit]
Rabbit_host = controller
Rabbit_userid = openstack
Rabbit_password = RABBIT_PASS
[DEFAULT]
Auth_strategy = keystone
[keystone_authtoken]
Auth_uri = http://controller:5000
Auth_url = http://controller:35357
Memcached_servers = controller:11211
Auth_type = password
Project_domain_name = default
User_domain_name = default
Project_name = service
Username = nova
Password = xxx
[DEFAULT]
My_ip = ip address
[DEFAULT]
Use_neutron = True
Firewall_driver = nova.virt.firewall.NoopFirewallDriver
[vnc]
Vncserver_listen = $my_ip
Vncserver_proxyclient_address = $my_ip
[glance]
Api_servers = http://control:9292
[oslo_concurrency]
Lock_path = / var/lib/nova/tmp
Synchronize the database:
Nova-manage api_db sync
Nova-manage db sync
Start the service:
Systemctl enable openstack-nova-api.service\
Openstack-nova-consoleauth.service openstack-nova-scheduler.service\
Openstack-nova-conductor.service openstack-nova-novncproxy.service
Systemctl start openstack-nova-api.service\
Openstack-nova-consoleauth.service openstack-nova-scheduler.service\
Openstack-nova-conductor.service openstack-nova-novncproxy.service
10. [nova Compute Node]
Yum install openstack-nova-compute
Edit / etc/nova/nova.conf
[DEFAULT]
Rpc_backend = rabbit
[oslo_messaging_rabbit]
Rabbit_host = controller
Rabbit_userid = openstack
Rabbit_password = xxx
[DEFAULT]
Auth_strategy = keystone
[keystone_authtoken]
Auth_uri = http://control:5000
Auth_url = http://control:35357
Memcached_servers = control:11211
Auth_type = password
Project_domain_name = default
User_domain_name = default
Project_name = service
Username = nova
Password = xxx
[DEFAULT]
...
My_ip = compute node ip address
[DEFAULT]
...
Use_neutron = True
Firewall_driver = nova.virt.firewall.NoopFirewallDriver
[vnc]
...
Enabled = True
Vncserver_listen = 0.0.0.0
Vncserver_proxyclient_address = $my_ip
Novncproxy_base_url = http://control:6080/vnc_auto.html
[glance]
...
Api_servers = http://controller:9292
[oslo_concurrency]
...
Lock_path = / var/lib/nova/tmp
Note:
Egrep-c'(vmx | svm)'/ proc/cpuinfo
If 0, you need to modify / etc/nova/nova.conf
[libvirt]
...
Virt_type = qemu
If it is greater than 0, it is not required
Start:
Systemctl enable libvirtd.service openstack-nova-compute.service
Systemctl start libvirtd.service openstack-nova-compute.service
Verify at the control node:
Run environment variables:
. Admin-openrc
Openstack compute service list
If the output is normal, the configuration is correct.
11. [neutron Control Node]
Create a neutron database
Mysql-u root-p
CREATE DATABASE neutron
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost'\
IDENTIFIED BY 'NEUTRON_DBPASS'
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%'\
IDENTIFIED BY 'NEUTRON_DBPASS'
Run environment variables:
. Admin-openrc
Create a user:
Openstack user create-domain default-password-prompt neutron
Openstack role add-project service-user neutron admin
Create a network service:
Openstack service create-- name neutron\
Description "OpenStack Networking" network
Create neutron endpoint
Openstack endpoint create-- region RegionOne\
Network public http://control:9696
Openstack endpoint create-- region RegionOne\
Network internal http://control:9696
Openstack endpoint create-- region RegionOne\
Network admin http://control:9696
Create a vxlan network:
Yum install openstack-neutron openstack-neutron-ml2\
Openstack-neutron-linuxbridge ebtables
Edit: / etc/neutron/neutron.conf
[database]
...
Connection = mysql+pymysql://neutron: password @ control/neutron
[DEFAULT]
...
Core_plugin = ml2
Service_plugins = router
Allow_overlapping_ips = True
[DEFAULT]
...
Rpc_backend = rabbit
[oslo_messaging_rabbit]
...
Rabbit_host = controller
Rabbit_userid = openstack
Rabbit_password = RABBIT_PASS
[DEFAULT]
...
Auth_strategy = keystone
[keystone_authtoken]
...
Auth_uri = http://control:5000
Auth_url = http://control:35357
Memcached_servers = control:11211
Auth_type = password
Project_domain_name = default
User_domain_name = default
Project_name = service
Username = neutron
Password = xxxx
[DEFAULT]
...
Notify_nova_on_port_status_changes = True
Notify_nova_on_port_data_changes = True
[nova]
...
Auth_url = http://control:35357
Auth_type = password
Project_domain_name = default
User_domain_name = default
Region_name = RegionOne
Project_name = service
Username = nova
Password = xxxx
[oslo_concurrency]
...
Lock_path = / var/lib/neutron/tmp
Configure the ml2 extension:
Edit: / etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
...
Type_drivers = flat,vlan,vxlan
Tenant_network_types = vxlan
Mechanism_drivers = linuxbridge,l2population
Extension_drivers = port_security
[ml2_type_flat]
...
Flat_networks = provider
[ml2_type_vxlan]
...
Vni_ranges = 1PUR 1000
[securitygroup]
...
Enable_ipset = True
Configure the bridge:
Edit: / etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
Physical_interface_mappings = provider: name of the network card used
[vxlan]
Enable_vxlan = True
Local_ip = OVERLAY_INTERFACE_IP_ADDRESS
L2_population = True
[securitygroup]
...
Enable_security_group = True
Firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
Configure a layer 3 network:
Edit: / etc/neutron/l3_agent.ini
[DEFAULT]
...
Interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
Configure dhcp:
Edit: / etc/neutron/dhcp_agent.ini
[DEFAULT]
...
Interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
Dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
Enable_isolated_metadata = True
Configure metadata agent
Edit: / etc/neutron/metadata_agent.ini
[DEFAULT]
...
Nova_metadata_ip = controller
Metadata_proxy_shared_secret = METADATA_SECRET
Edit / etc/nova/nova.conf
[neutron]
...
Url = http://control:9696
Auth_url = http://control:35357
Auth_type = password
Project_domain_name = default
User_domain_name = default
Region_name = RegionOne
Project_name = service
Username = neutron
Password = xxxx
Service_metadata_proxy = True
Metadata_proxy_shared_secret = METADATA_SECRET
Create an extended connection:
Ln-s / etc/neutron/plugins/ml2/ml2_conf.ini / etc/neutron/plugin.ini
Start:
Systemctl restart openstack-nova-api.service
Systemctl enable neutron-server.service\
Neutron-linuxbridge-agent.service neutron-dhcp-agent.service\
Neutron-metadata-agent.service
Systemctl start neutron-server.service\
Neutron-linuxbridge-agent.service neutron-dhcp-agent.service\
Neutron-metadata-agent.service
Systemctl enable neutron-l3-agent.service
Systemctl start neutron-l3-agent.service
12. [neutron Compute Node]
Yum install openstack-neutron-linuxbridge ebtables ipset
Edit: / etc/neutron/neutron.conf
[DEFAULT]
...
Rpc_backend = rabbit
Auth_strategy = keystone
[oslo_messaging_rabbit]
...
Rabbit_host = controller
Rabbit_userid = openstack
Rabbit_password = RABBIT_PASS
[keystone_authtoken]
...
Auth_uri = http://control:5000
Auth_url = http://control:35357
Memcached_servers = control:11211
Auth_type = password
Project_domain_name = default
User_domain_name = default
Project_name = service
Username = neutron
Password = xxxx
[oslo_concurrency]
...
Lock_path = / var/lib/neutron/tmp
Configure vxlan
Edit: / etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
Physical_interface_mappings = provider:PROVIDER_INTERFACE_NAME
[vxlan]
Enable_vxlan = True
Local_ip = OVERLAY_INTERFACE_IP_ADDRESS
L2_population = True
[securitygroup]
...
Enable_security_group = True
Firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
Edit / etc/nova/nova.conf
[neutron]
...
Url = http://controller:9696
Auth_url = http://controller:35357
Auth_type = password
Project_domain_name = default
User_domain_name = default
Region_name = RegionOne
Project_name = service
Username = neutron
Password = xxxx
Start:
Systemctl restart openstack-nova-compute.service
Systemctl enable neutron-linuxbridge-agent.service
Systemctl enable neutron-linuxbridge-agent.service
Verify:
Run environment variables:
. Admin-openrc
Neutron ext-list
The output is normal.
13. [dashboard]
Yum install openstack-dashboard
Edit: / etc/openstack-dashboard/local_settings
OPENSTACK_HOST = "control"
ALLOWED_HOSTS = ['*',]
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache'
'LOCATION': 'controller:11211'
}
}
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3"% OPENSTACK_HOST
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_API_VERSIONS = {
"identity": 3
"p_w_picpath": 2
"volume": 2
}
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "default"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"
Start:
Systemctl restart httpd.service memcached.service
After openstack is installed, you can go to dashboard to create a CVM.
Reference: http://docs.openstack.org/mitaka/install-guide-rdo/common/conventions.html
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.