Detailed documentation for complete installation of openstack mitaka (in person, it took 3 days) 04/05 Update SLTechnology News&Howtos

Detailed documentation for complete installation of openstack mitaka (in person, it took 3 days)

2025-04-05 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Database >

Shulou(Shulou.com)06/01 Report--

Openstack official documentation installation

System version centos7 (minimal installation)

2 machines have 2g of memory (4-6g is recommended for the control node, because 2g feels stuttered when I try it, and dashboard feels a little slow to respond), cpu2 has 100g hard drives, and each machine needs 2 network cards. For more information, please see

Description:

The following is an official screenshot:

Control node installs mysql rabbitmq keystone glance nova dashboard neutron

Compute node installs nova neutron

Openstack official website configuration instructions

Openstack installation steps:

1. [ntp installation]

Ntp is mainly used for synchronizing time. Time is not synchronized, which may prevent you from creating a CVM.

Yum install chrony

Vi / etc/chrony.conf increase

Server NTP_SERVER iburst

Allow your ip address segment (allow your ip address segment to access ntp)

Systemctl enable chronyd.service (join system self-boot)

Systemctl start chronyd.service (start ntp service)

Note: install ntp in previous versions of centos7

Yum install ntp

Ntpdate time.nist.gov (synchronous clock)

Hwclock-w (write to bios)

2. [openstack packages]

Install the latest source for openstack:

Yum install centos-release-openstack-mitaka

Yum install https://rdoproject.org/repos/rdo-release.rpm

Yum upgrade (update source)

Yum install python-openstackclient (install the necessary plug-ins for opentack)

Yum install openstack-selinux (optional to install this plug-in, I directly shut down selinux, because it is not familiar, it will not affect the future)

3. [database]

Openstack supports many databases, MySQL or PostgreSQL, etc.

Here we use mysql.

Yum install mariadb mariadb-server python2-PyMySQL (mariadb is the new version of mysql, don't be surprised)

Vi / etc/my.cnf

Join:

[mysqld]

Bind-address = 192.168.1.48 (IP address of the machine on which mysql is installed)

Default-storage-engine = innodb

Innodb_file_per_table

Collation-server = utf8_general_ci

Character-set-server = utf8

Add mysql to self-startup

Systemctl enable mariadb.service

Start mysql

Systemctl start mariadb.service

Set the mysql property:

Enter script commands directly:

Mysql_secure_installation

Just follow the relevant settings.

Note: check to see if mysqld is running. Whether port 3306 is up or not

3. [rabbitmq]

Install the messenger rabbitmq of openstack. If rabbitmq is not running, your entire openstack platform will not work. Rabbitmq uses port 5672.

Yum install rabbitmq-server

Systemctl enable rabbitmq-server.service (join self-boot)

Systemctl start rabbitmq-server.service (startup)

Rabbitmqctl add_user openstack RABBIT_PASS (add user openstack, password is set to replace RABBIT_PASS)

Rabbitmqctl set_permissions openstack ". *" (new users are authorized, and non-authorized users will not be able to accept and deliver messages)

4. [memcached]

Memcache for the selected installation project. Use port 11211

Yum install memcached python-memcached

Systemctl enable memcached.service

Systemctl start memcached.service

5. [keystone Certification Service]

Note: hosts parsing needs to be set up before, and both the control node and compute node should do it. Mine is:

192.168.1.48 control

192.168.1.49 compute

Mysql-u root-p

CREATE DATABASE keystone

Set the authorized user and password:

GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost'\

IDENTIFIED BY 'password'

GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%'\

IDENTIFIED BY 'password'

Generate random values for admin_token:

Openssl rand-hex 10

Install keystone

Yum install openstack-keystone httpd mod_wsgi

Vi / etc/keystone/keystone.conf

Replace it with the random value you just generated:

Admin_token = random value (mainly for security, but may not be replaced)

Configure the database connection:

Connection = mysql+pymysql://keystone: password @ database ip address / keystone

Settings: provider = fernet,

Synchronize keystone database: keystone-manage db_sync (to check whether the database generated the table successfully)

Initialize keys:

Keystone-manage fernet_setup-- keystone-user keystone--keystone-group keystone

Configure apache:

Vi / etc/httpd/conf/httpd.conf

Change the ServerName back to the host name to prevent startup from reporting an error

ServerName control

Generate the wsgi configuration file:

Vi / etc/httpd/conf.d/wsgi-keystone.conf join:

Listen 5000

Listen 35357

WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=% {GROUP}

WSGIProcessGroup keystone-public

WSGIScriptAlias / / usr/bin/keystone-wsgi-public

WSGIApplicationGroup% {GLOBAL}

WSGIPassAuthorization On

ErrorLogFormat "{cu} t M"

ErrorLog / var/log/httpd/keystone-error.log

CustomLog / var/log/httpd/keystone-access.log combined

Require all granted

WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=% {GROUP}

WSGIProcessGroup keystone-admin

WSGIScriptAlias / / usr/bin/keystone-wsgi-admin

WSGIApplicationGroup% {GLOBAL}

WSGIPassAuthorization On

ErrorLogFormat "{cu} t M"

ErrorLog / var/log/httpd/keystone-error.log

CustomLog / var/log/httpd/keystone-access.log combined

Require all granted

Start httpd:

Systemctl enable httpd.service

Systemctl start httpd.service

6. [create service directory and endpoint for keystone]

Random values generated above export OS_TOKEN=

Export OS_URL= http://control:35357/v3

Export OS_IDENTITY_API_VERSION=3

Create a service for keystone:

Openstack service create-- name keystone-- description "OpenStack Identity" identity (the authentication type identity must not be wrong)

Create an endpoint for keystone:

Openstack endpoint create-- region RegionOne\

Identity public http://control:5000/v3

Openstack endpoint create-- region RegionOne\

Identity internel http://control:5000/v3

Openstack endpoint create-- region RegionOne\

Identity admin http://control:35357/v3

7. [create domain, user, tenant, role]

Create the default domain default:

Openstack domain create-description "Default Domain" default

Tenant who created the admin:

Openstack project create-- domain default\

Description "Admin Project" admin

To create an admin user:

Openstack user create-- domain default\

-- password-prompt admin (will be prompted to enter the password as the password for logging in to dashboard)

Create an admin role:

Openstack role create admin

Connect the user tenant roles:

Openstack role add-project admin-user admin admin

Create a service catalog:

Openstack project create-- domain default\

Description "Service Project" service

Create demo information similar to admin:

Openstack project create-- domain default\

Description "Demo Project" demo

Openstack user create-- domain default\

-- password-prompt demo

Openstack role create user

Openstack role add-project demo-user demo user

After the creation is complete, you can use the command to verify:

Openstack-- os-auth-url http://control:35357/v3\

-- os-project-domain-name default-- os-user-domain-name default\

-os-project-name admin-os-username admin token issue

After entering the password, the correct output is the correct configuration.

You can set the environment variable to a script:

Vi admin-openrc joins:

Export OS_PROJECT_DOMAIN_NAME=default

Export OS_USER_DOMAIN_NAME=default

Export OS_PROJECT_NAME=admin

Export OS_USERNAME=admin

Export OS_PASSWORD=xxxx

Export OS_AUTH_URL= http://control:35357/v3

Export OS_IDENTITY_API_VERSION=3

Export OS_IMAGE_API_VERSION=2

The variable of demo is similar.

Run and use. Admin-openrc or use source admin-openrc

Verify the input command:

Openstack token issue

Having the correct output is the correct configuration.

8. [glance Image Service]

Create glance data

Mysql-u root-p

CREATE DATABASE glance

Authorization

GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost'\

IDENTIFIED BY 'password'

GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%'\

IDENTIFIED BY 'password'

Run environment variables:

. Admin-openrc

Create glance user information:

Openstack user create-domain default-password-prompt glance

Openstack role add-project service-user glance admin

Create an image service directory:

Openstack service create-- name glance\

Description "OpenStack Image" p_w_picpath

Create an image endpoint:

Penstack endpoint create-- region RegionOne\

P_w_picpath public http://control:9292

Penstack endpoint create-- region RegionOne\

P_w_picpath internal http://control:9292

Penstack endpoint create-- region RegionOne\

P_w_picpath admin http://control:9292

Installation:

Yum install openstack-glance

Vi / etc/glance/glance-api.conf

Configure the database connection:

Connection = mysql+pymysql://glance: password @ database ip/glance

Find [keystone_authtoken] (configure authentication)

Join:

Auth_uri = http://control:5000

Auth_url = http://control:35357

Memcached_servers = control:11211

Auth_type = password

Project_domain_name = default

User_domain_name = default

Project_name = service

Username = glance

Password = xxxx

Find: [paste_deploy]

Flavor = keystone

Find [glance_store]

Stores = file,http

Default_store = file

Filesystem_store_datadir = / var/lib/glance/p_w_picpaths/

Edit / etc/glance/glance-registry.conf

Find [database]

Connection = mysql+pymysql://glance: password @ database ip/glance

Find [keystone_authtoken] (configure authentication)

Join:

Auth_uri = http://control:5000

Auth_url = http://control:35357

Memcached_servers = control:11211

Auth_type = password

Project_domain_name = default

User_domain_name = default

Project_name = service

Username = glance

Password = xxxx

Find: [paste_deploy]

Flavor = keystone

Synchronize the database:

Glance-manage db_sync

Start glance:

Systemctl enable openstack-glance-api.service\

Openstack-glance-registry.service

Systemctl start openstack-glance-api.service\

Openstack-glance-registry.service

Verify:

Run environment variables:

. Admin-openrc

Download a smaller image:

Wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img

Upload image:

Openstack p_w_picpath create "cirros"\

-- file cirros-0.3.4-x86_64-disk.img\

-- disk-format qcow2-- container-format bare\

-- public

View:

Openstack p_w_picpath list

The output proves that glance is configured correctly.

9. [nova Control Node]

Establish the database of nova:,

Mysql-u root-p

CREATE DATABASE nova_api

CREATE DATABASE nova

Authorization:

GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost'\

IDENTIFIED BY 'password'

GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%'\

IDENTIFIED BY 'password'

GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost'\

IDENTIFIED BY 'password'

GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%'\

IDENTIFIED BY 'password'

Run environment variables:

. Admin-openrc

To create a nova user:

Openstack user create-- domain default\

-- password-prompt nova

Openstack role add-project service-user nova admin

Create a computing service:

Openstack service create-- name nova\

Description "OpenStack Compute" compute

Create an endpoint:

Openstack endpoint create-- region RegionOne\

Compute public http://control:8774/v2.1/%$tenant_id$s

Openstack endpoint create-- region RegionOne\

Compute internal http://control:8774/v2.1/%$tenant_id$s

Openstack endpoint create-- region RegionOne\

Compute admin http://control:8774/v2.1/%$tenant_id$s

Installation:

Yum install openstack-nova-api openstack-nova-conductor\

Openstack-nova-console openstack-nova-novncproxy\

Openstack-nova-scheduler

Edit / etc/nova/nova.conf

Find: [DEFAULT]

Enabled_apis = osapi_compute,metadata

Find:

[api_database]

Connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api

[database]

Connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova

[DEFAULT]

Rpc_backend = rabbit

[oslo_messaging_rabbit]

Rabbit_host = controller

Rabbit_userid = openstack

Rabbit_password = RABBIT_PASS

[DEFAULT]

Auth_strategy = keystone

[keystone_authtoken]

Auth_uri = http://controller:5000

Auth_url = http://controller:35357

Memcached_servers = controller:11211

Auth_type = password

Project_domain_name = default

User_domain_name = default

Project_name = service

Username = nova

Password = xxx

[DEFAULT]

My_ip = ip address

[DEFAULT]

Use_neutron = True

Firewall_driver = nova.virt.firewall.NoopFirewallDriver

[vnc]

Vncserver_listen = $my_ip

Vncserver_proxyclient_address = $my_ip

[glance]

Api_servers = http://control:9292

[oslo_concurrency]

Lock_path = / var/lib/nova/tmp

Synchronize the database:

Nova-manage api_db sync

Nova-manage db sync

Start the service:

Systemctl enable openstack-nova-api.service\

Openstack-nova-consoleauth.service openstack-nova-scheduler.service\

Openstack-nova-conductor.service openstack-nova-novncproxy.service

Systemctl start openstack-nova-api.service\

Openstack-nova-consoleauth.service openstack-nova-scheduler.service\

Openstack-nova-conductor.service openstack-nova-novncproxy.service

10. [nova Compute Node]

Yum install openstack-nova-compute

Edit / etc/nova/nova.conf

[DEFAULT]

Rpc_backend = rabbit

[oslo_messaging_rabbit]

Rabbit_host = controller

Rabbit_userid = openstack

Rabbit_password = xxx

[DEFAULT]

Auth_strategy = keystone

[keystone_authtoken]

Auth_uri = http://control:5000

Auth_url = http://control:35357

Memcached_servers = control:11211

Auth_type = password

Project_domain_name = default

User_domain_name = default

Project_name = service

Username = nova

Password = xxx

[DEFAULT]

...

My_ip = compute node ip address

[DEFAULT]

...

Use_neutron = True

Firewall_driver = nova.virt.firewall.NoopFirewallDriver

[vnc]

...

Enabled = True

Vncserver_listen = 0.0.0.0

Vncserver_proxyclient_address = $my_ip

Novncproxy_base_url = http://control:6080/vnc_auto.html

[glance]

...

Api_servers = http://controller:9292

[oslo_concurrency]

...

Lock_path = / var/lib/nova/tmp

Note:

Egrep-c'(vmx | svm)'/ proc/cpuinfo

If 0, you need to modify / etc/nova/nova.conf

[libvirt]

...

Virt_type = qemu

If it is greater than 0, it is not required

Start:

Systemctl enable libvirtd.service openstack-nova-compute.service

Systemctl start libvirtd.service openstack-nova-compute.service

Verify at the control node:

Run environment variables:

. Admin-openrc

Openstack compute service list

If the output is normal, the configuration is correct.

11. [neutron Control Node]

Create a neutron database

Mysql-u root-p

CREATE DATABASE neutron

GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost'\

IDENTIFIED BY 'NEUTRON_DBPASS'

GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%'\

IDENTIFIED BY 'NEUTRON_DBPASS'

Run environment variables:

. Admin-openrc

Create a user:

Openstack user create-domain default-password-prompt neutron

Openstack role add-project service-user neutron admin

Create a network service:

Openstack service create-- name neutron\

Description "OpenStack Networking" network

Create neutron endpoint

Openstack endpoint create-- region RegionOne\

Network public http://control:9696

Openstack endpoint create-- region RegionOne\

Network internal http://control:9696

Openstack endpoint create-- region RegionOne\

Network admin http://control:9696

Create a vxlan network:

Yum install openstack-neutron openstack-neutron-ml2\

Openstack-neutron-linuxbridge ebtables

Edit: / etc/neutron/neutron.conf

[database]

...

Connection = mysql+pymysql://neutron: password @ control/neutron

[DEFAULT]

...

Core_plugin = ml2

Service_plugins = router

Allow_overlapping_ips = True

[DEFAULT]

...

Rpc_backend = rabbit

[oslo_messaging_rabbit]

...

Rabbit_host = controller

Rabbit_userid = openstack

Rabbit_password = RABBIT_PASS

[DEFAULT]

...

Auth_strategy = keystone

[keystone_authtoken]

...

Auth_uri = http://control:5000

Auth_url = http://control:35357

Memcached_servers = control:11211

Auth_type = password

Project_domain_name = default

User_domain_name = default

Project_name = service

Username = neutron

Password = xxxx

[DEFAULT]

...

Notify_nova_on_port_status_changes = True

Notify_nova_on_port_data_changes = True

[nova]

...

Auth_url = http://control:35357

Auth_type = password

Project_domain_name = default

User_domain_name = default

Region_name = RegionOne

Project_name = service

Username = nova

Password = xxxx

[oslo_concurrency]

...

Lock_path = / var/lib/neutron/tmp

Configure the ml2 extension:

Edit: / etc/neutron/plugins/ml2/ml2_conf.ini

[ml2]

...

Type_drivers = flat,vlan,vxlan

Tenant_network_types = vxlan

Mechanism_drivers = linuxbridge,l2population

Extension_drivers = port_security

[ml2_type_flat]

...

Flat_networks = provider

[ml2_type_vxlan]

...

Vni_ranges = 1PUR 1000

[securitygroup]

...

Enable_ipset = True

Configure the bridge:

Edit: / etc/neutron/plugins/ml2/linuxbridge_agent.ini

[linux_bridge]

Physical_interface_mappings = provider: name of the network card used

[vxlan]

Enable_vxlan = True

Local_ip = OVERLAY_INTERFACE_IP_ADDRESS

L2_population = True

[securitygroup]

...

Enable_security_group = True

Firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

Configure a layer 3 network:

Edit: / etc/neutron/l3_agent.ini

[DEFAULT]

...

Interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver

Configure dhcp:

Edit: / etc/neutron/dhcp_agent.ini

[DEFAULT]

...

Interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver

Dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq

Enable_isolated_metadata = True

Configure metadata agent

Edit: / etc/neutron/metadata_agent.ini

[DEFAULT]

...

Nova_metadata_ip = controller

Metadata_proxy_shared_secret = METADATA_SECRET

Edit / etc/nova/nova.conf

[neutron]

...

Url = http://control:9696

Auth_url = http://control:35357

Auth_type = password

Project_domain_name = default

User_domain_name = default

Region_name = RegionOne

Project_name = service

Username = neutron

Password = xxxx

Service_metadata_proxy = True

Metadata_proxy_shared_secret = METADATA_SECRET

Create an extended connection:

Ln-s / etc/neutron/plugins/ml2/ml2_conf.ini / etc/neutron/plugin.ini

Start:

Systemctl restart openstack-nova-api.service

Systemctl enable neutron-server.service\

Neutron-linuxbridge-agent.service neutron-dhcp-agent.service\

Neutron-metadata-agent.service

Systemctl start neutron-server.service\

Neutron-linuxbridge-agent.service neutron-dhcp-agent.service\

Neutron-metadata-agent.service

Systemctl enable neutron-l3-agent.service

Systemctl start neutron-l3-agent.service

12. [neutron Compute Node]

Yum install openstack-neutron-linuxbridge ebtables ipset

Edit: / etc/neutron/neutron.conf

[DEFAULT]

...

Rpc_backend = rabbit

Auth_strategy = keystone

[oslo_messaging_rabbit]

...

Rabbit_host = controller

Rabbit_userid = openstack

Rabbit_password = RABBIT_PASS

[keystone_authtoken]

...

Auth_uri = http://control:5000

Auth_url = http://control:35357

Memcached_servers = control:11211

Auth_type = password

Project_domain_name = default

User_domain_name = default

Project_name = service

Username = neutron

Password = xxxx

[oslo_concurrency]

...

Lock_path = / var/lib/neutron/tmp

Configure vxlan

Edit: / etc/neutron/plugins/ml2/linuxbridge_agent.ini

[linux_bridge]

Physical_interface_mappings = provider:PROVIDER_INTERFACE_NAME

[vxlan]

Enable_vxlan = True

Local_ip = OVERLAY_INTERFACE_IP_ADDRESS

L2_population = True

[securitygroup]

...

Enable_security_group = True

Firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

Edit / etc/nova/nova.conf

[neutron]

...

Url = http://controller:9696

Auth_url = http://controller:35357

Auth_type = password

Project_domain_name = default

User_domain_name = default

Region_name = RegionOne

Project_name = service

Username = neutron

Password = xxxx

Start:

Systemctl restart openstack-nova-compute.service

Systemctl enable neutron-linuxbridge-agent.service

Verify:

Run environment variables:

. Admin-openrc

Neutron ext-list

The output is normal.

13. [dashboard]

Yum install openstack-dashboard

Edit: / etc/openstack-dashboard/local_settings

OPENSTACK_HOST = "control"

ALLOWED_HOSTS = ['*',]

SESSION_ENGINE = 'django.contrib.sessions.backends.cache'

CACHES = {

'default': {

'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache'

'LOCATION': 'controller:11211'

}

OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3"% OPENSTACK_HOST

OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True

OPENSTACK_API_VERSIONS = {

"identity": 3

"p_w_picpath": 2

"volume": 2

}

OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "default"

OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"

Start:

Systemctl restart httpd.service memcached.service

After openstack is installed, you can go to dashboard to create a CVM.

Reference: http://docs.openstack.org/mitaka/install-guide-rdo/common/conventions.html

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.