openstack-nova

openstack–nova

一、在controller122节点上的操作

登录MySQL创建数据库,建立Nova用户并赋权。

mysql -u root -p
CREATE DATABASE nova_api;
CREATE DATABASE nova;
CREATE DATABASE nova_cell0;

#nova_api权限

GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' \
 IDENTIFIED BY '000000';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' \
 IDENTIFIED BY '000000';

#nova权限

GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' \
 IDENTIFIED BY '000000';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' \
 IDENTIFIED BY '000000';

#nova_cell0权限

GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' \
 IDENTIFIED BY '000000';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' \
 IDENTIFIED BY '000000';

4.命令. admin-openrc
5.#nova

openstack user create --domain default --password 000000 nova
openstack role add --project service --user nova admin
openstack service create --name nova --description "OpenStack Compute" compute
openstack endpoint create --region RegionOne compute public http://controller122:8774/v2.1
openstack endpoint create --region RegionOne compute internal http://controller122:8774/v2.1
openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1

#plancement

openstack user create --domain default --password 000000 placement
openstack role add --project service --user placement admin
openstack service create --name placement --description "Placement API" placement
openstack endpoint create --region RegionOne placement public http://controller122:8780
openstack endpoint create --region RegionOne placement internal http://controller122:8780
openstack endpoint create --region RegionOne placement admin http://controller122:8780

6.安装Nova相关包

yum install openstack-nova-api openstack-nova-scheduler \
 openstack-nova-conductor openstack-nova-consoleauth \
 openstack-nova-novncproxy openstack-nova-placement-api \
 iptables

7.修改Nova服务的配置文件/etc/nova/nova.conf

[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:000000@controller122
my_ip = 192.168.1.122 #controller122的IP
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api_database]
connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api
[database]
connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova
[api]
auth_strategy = keystone
[keystone_authtoken]
auth_uri = http://controller122:5000
auth_url = http://controller122:35357
memcached_servers = controller122:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = 000000
[vnc]
enabled = true
server_listen = $my_ip
server_proxyclient_address = $my_ip
[glance]
api_servers = http://controller122:9292
[oslo_concurrency]
lock_path = /var/run/nova
[placement]
os_region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller122:35357/v3
username = placement
password = 000000

8.添加信息到配置文件/etc/httpd/conf.d/00-nova-placement-api.conf

<Directory /usr/bin>
 <IfVersion >= 2.4>
 Require all granted
 </IfVersion>
 <IfVersion < 2.4>
 Order allow,deny
 Allow from all
 </IfVersion>
</Directory>

9.重启服务并验证

systemctl restart httpd
su -s /bin/sh -c "nova-manage api_db sync" nova
su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
su -s /bin/sh -c "nova-manage db sync" nova
nova-manage cell_v2 list_cells
systemctl enable openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
systemctl start openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
二、在computer节点上的操作

1.下载Nova

yum install openstack-nova-compute

2.修改配置文件/etc/nova/nova.conf
快捷方式:传送controller122节点上的nova.conf文件
compute122节点上操作

1>scp root@controller122:/etc/nova/nova.conf /etc/nova/nova.conf
2>chown .nova /etc/nova/nova.conf

**注意:传送文件夹后openstack-nova-compute服务起不来有三种原因
1.查看防火墙是否关闭
2.主机名和域名一直,不要乱改域名
3.因为远程传送查看/etc/nova/nova.conf文件夹的权限
-rw-r—–. 1 root nova 990 May 9 19:18 nova.conf
所有者为:root 所属组:nova

openstack-glance

一、登录数据库建立glance数据库和glance用户并赋权

mysql -u root -p
MariaDB [(none)]> CREATE DATABASE keystone;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'KEYSTONE_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '000000';

KEYSTONE_DBPASS==000000
在这之前keystone最后两步创建admin-openrc、demo-openrc文件
vim admin-openrc

 export OS_PROJECT_DOMAIN_NAME=Default
 export OS_USER_DOMAIN_NAME=Default
 export OS_PROJECT_NAME=admin
 export OS_USERNAME=admin
 export OS_PASSWORD=000000
 export OS_AUTH_URL=http://controller122:5000/v3
 export OS_IDENTITY_API_VERSION=3
 export OS_IMAGE_API_VERSION=2

##controller == controller122
##ADMIN_PASS == 000000
vim demo-openrc

export OS_PROJECT_DOMAIN_NAME=Default
 export OS_USER_DOMAIN_NAME=Default
 export OS_PROJECT_NAME=demo
 export OS_USERNAME=demo
 export OS_PASSWORD=000000
 export OS_AUTH_URL=http://controller122:5000/v3
 export OS_IDENTITY_API_VERSION=3
 export OS_IMAGE_API_VERSION=2

##controller == controller122
##ADMIN_PASS == 000000

二、引入环境管理员环境变量

. admin-openrc

三、创建glance用户密码为000000

openstack user create –domain default –password 000000 glance
1.赋予glance用户admin角色加入service project

openstack role add --project service --user glance admin

2.创建名为glance的服务类型为image

openstack service create --name glance --description "OpenStack Image" image

3.创建image API接口

openstack endpoint create --region RegionOne image public http://controller122:9292
openstack endpoint create --region RegionOne image internal http://controller122:9292
openstack endpoint create --region RegionOne image admin http://controller122:9292

2.安装glance软件并配置相关文件

yum install openstack-glance -y

openstack–etcd、keystone

etcd:OpenStack服务可以使用Etcd分布式可靠的分布式键值存储键锁定,存储配置,跟踪服务live-ness和其他场景。

一、安装etcd
yum install etcd
二、编辑配置文件
vim /etc/etcd/etcd.conf

#[Member]
ETCD_DATA_DIR="/var/lib/etcd/default.etcd" ETCD_LISTEN_PEER_URLS="http://192.168.1.122:2380" ETCD_LISTEN_CLIENT_URLS="http://192.168.1.122:2379" ETCD_NAME="controller" #[Clustering] ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.1.122:2380" ETCD_ADVERTISE_CLIENT_URLS="http://192.168.1.122:2379" ETCD_INITIAL_CLUSTER="controller122=http://192.168.1.122:2380" ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01" ETCD_INITIAL_CLUSTER_STATE="new"

三、启动etcd

systemctl enable etcd
systemctl start etcd

keystone:OpenStack 框架中负责管理身份验证、服务规则和服务令牌功能的模块。

一、登录数据库
mysql -u root -p
二、创建keystone数据库

MariaDB [(none)]> create database keystone;

三、适当的访问keystone数据库

MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
IDENTIFIED BY 'KEYSTONE_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
IDENTIFIED BY 'KEYSTONE_DBPASS';

四、安装和配置组件
1.安装包

# yum install openstack-keystone httpd mod_wsgi

2.编辑/etc/keystone/keystone.conf

 [database]节中,配置数据库访问:

[database]# ...connection=mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone

**取代 KEYSTONE_DBPASS与您选择的密码数据库。

 [token]节中,配置Fernet令牌供应商:

[token]# ...provider=fernet

3.填充身份服务数据库

# su -s /bin/sh -c "keystone-manage db_sync" keystone
  1. 初始化Fernet密钥存储库:

    # keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
    # keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
    
  2. 引导标识服务:

    # keystone-manage bootstrap --bootstrap-password ADMIN_PASS \
      --bootstrap-admin-url http://controller:35357/v3/ \
      --bootstrap-internal-url http://controller:5000/v3/ \
      --bootstrap-public-url http://controller:5000/v3/ \
      --bootstrap-region-id RegionOne
    

    取代 ADMIN_PASS用一个合适的密码管理用户。

五、配置Apache HTTP服务器

  1. 编辑 /etc/httpd/conf/httpd.conf文件和配置 ServerName选择参考控制器节点:

    ServerName controller
    
  2. 创建一个链接 /usr/share/keystone/wsgi-keystone.conf文件:

    # ln -s /usr/share/keystone/wsgi-
    keystone.conf /etc/httpd/conf.d/
    

    六、完成安装

  1. 启动Apache HTTP服务和配置在系统启动时启动:

    # systemctl enable httpd.service
    # systemctl start httpd.service
    
  2. 配置管理账户

    创建admin.env,添加一下数据

    $exportOS_USERNAME=admin
    $exportOS_PASSWORD=ADMIN_PASS
    $exportOS_PROJECT_NAME=admin
    $exportOS_USER_DOMAIN_NAME=Default
    $exportOS_PROJECT_DOMAIN_NAME=Default
    $exportOS_AUTH_URL=http://controller:35357/v3
    $exportOS_IDENTITY_API_VERSION=3

 

openstack包

一、安装并配置组件
安装数据库

#yum install mariadb mariadb-server python2-PyMySQL

创建并配置/etc/my.cnf.d/openstack.cnf

[mysql]
bind-adress = 192.168.1.122 
#IP为操作主机的IP
default-storage-engine = innodb
innodb_file_per_table
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8

启动并设置自动启动

#systemctl enable maridb.server
#systemctl start mariadb.server
#mysql_secure_installation

运行该脚本,*注意:数据库的root用户密码设置一个适当的密码。
二、消息队列

#yum install rabbitmq-server
#systemctl enable rabbitmq-server.service
#systemctl start rabbitmq-server.service

添加openstack用户 RABBIT_PASS为密码,这里你可以改成自己想要的密码

#rabbitmqctl add_user openstack RABBIT_PASS

给openstack用户配置读和写的权限

#rabbitmqctl set_primission openstack ".*" ".*" ".*"

验证:
管理组件启动
#rabbitmq-pligins enable rabbitmq_management
#curl 127.0.0.1:15672
*注意:如何检验rabbitmq时有问题(即rabbitmq-pligins enable rabbitmq_management)出现报错。
1.检查 /etc/selinux/config配置文件是否有下面的内容
SELINUX=disabled
2.检查防火墙是否关闭
systemctl status firewall
 

openstack的搭建

一台contorller(192.168.1.122)
系统:centos7 、CPU:两个、  网卡:一个插槽两个内核、 虚拟磁盘大小:30G 、Tiny provision 精简配置
一台computer(192.168.1.162)
系统:centos7、CPU:两个、网卡:一个插槽两个内核、虚拟磁盘大小:30G、Tiny provision精简配置
一、配置网络

nmtui #配置网络图形界面
vim /etc/sysconfig/network-scrip/ifcfc-xx #命令行界面 xxx为网卡名
添加static(静态)IP、IP、网关、DNS、子网掩码

二、修改主机名

hostnamectl set-hostname colltorller #设置主机名为contorller
hostname set-hostname computer       #设置主机名computer
hostnamectl                          #查看主机名

三、修改selinux并添加域名跟IP的对应关系

vim /etc/selinux/config
SELINUX = disbaled

四、修改/etc/hosts文件

vim /etc/hosts
192.168.1.122 contorller #contorller这台电脑和IP的对应关系
192.168.1.162 computer #computer这台电脑和IP的对应关系

五、设置时间为亚洲-上海
timedatectl list-timezones | grep A            #查看A打头的所有时间
timedatectl set-timezone Asia/Shanghai   #设置时间为亚洲上海
date                                                                  #查看时间日期
六、设置时间同步服务

yum install chronyd       #下载chronyd(时间同步服务)
(此步骤在contorller主机上完成)
1.vim /etc/chrony.conf 
#找到下面的内容
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst
#修改为
server ntp5.aliyun.com iburst
2.systemctl restart chronyd #重启chronyd服务
(次步骤在computer主机上完成)
1.vim /etc/chrony.conf
server 192.168.1.122 iburst   #此IP为contorller主机的IP
2.systemctl restart chronyd   #重启chronyd服务

七、修改yum源

vim /etc /yum.repos.d
修改结果如下
#mirrorlist                                                  #注释mirrorlist这行
baseurl=https://mirrors.aliyun.com     #把baseurl改成阿里云的镜像源
*注意mirror  改为mirrors
>>yum clean call
>>yum repolist
即可

 

如何处理报错E: Sub-process /usr/bin/dpkg returned an error code(1)

在用apt-get安装软件时出现
E:Sub-process /usr/bin/dpkg returned an error code(1)
错误提示dpkg包出现了问题

一、重命名info目录

sudo mv /var/lib/dpkg/info /var/lib/dpkg/info.bak

二、重新创建一个info目录

sudo mkdir /var/lib/dpkg/info

三、安装出现报错的安装包

sudo apt-get install -f xxx

四、移动文件

#把info目录下的所以文件移动到info.bak目录下

sudo mv /var/lib/dpkg/info* /var/lib/dpkg/info

五、删除info目录

sudo mv -rf /var/lib/dpkg/info

六、恢复info文件

sudo mv /var/lib/dpkg/info.bak /var/lib/dokg/info

在用apt-get安装软件时出现了类似于 install-info: No dir file specified; try –help for more information.dpkg:处理 gettext (–configure)时出错: 子进程 post-installation script 返回了错误号 1 在处理时有错误发生: findutils E: Sub-process /usr/bin/dpkg returned an error code (1)

在用apt-get安装软件时出现了类似于
install-info: No dir file specified; try –help for more information.dpkg:处理 gettext (–configure)时出错: 子进程 post-installation script 返回了错误号 1 在处理时有错误发生:
findutils
E: Sub-process /usr/bin/dpkg returned an error code (1)
 

sudo mv /var/lib/dpkg/info  /var/lib/dpkg/info.bak  //现将info文件夹更名  /var/lib/info(软件更新缓存都在此文件夹下)
 
sudo mkdir /var/lib/dpkg/info //再新建一个新的info文件夹
 
sudo aptget update
aptget f install                         //安装依赖包
sudo mv /var/lib/dpkg/info/* /var/lib/dpkg/info.bak
//执行完上一步操作后会在新的info文件夹下生成一些文件,现将这些文件全部移到info.bak文件夹下
sudo rm rf /var/lib/dpkg/info //把自己新建的info文件夹删掉
sudo mv /var/lib/dpkg/info.bak /var/lib/dpkg/info //把以前的info文件夹重新改回名字
一般上面的这个方法可以解决问题了

搭建NFS服务

一、下载nfs-utils

yum install nfs-utils -y

二、创建文件夹

mkdir /nfsshare        #
mkdir /mnt/nfsshare #创建挂载文件夹

三、修改文件(主要是/etc/exports 和 /etc/fstab)

echo "/nfsshare *(rw)" >> /etc/exports #给nfsshare写读权限
vim /etc/fstab
ip:/nfsshare /mnt/nfsshare nfs defaults 0 0 (中间都是tab多空出的)

四、挂载

exportfs -r
mount -a

五、在防火墙里添加nfs服务

firewall-cmd --add-service=nfs
firewall-cmd --add-service=nfs --permanent

六、在物理机中挂载

打开命令提示行

mount IP:/nfsshare k:

挂载成功会有提示

ftp

一、下载ftp

yum install vsftpd

二、修改配置文件

vim /etc/vsftpd/vsftpd.conf
修改如下:
local_enable=YES              #允许本地用户登录
anonymous_enable=NO     #不允许默认用户登录
write_enable=NO               #不允许默认用户写入
添加如下:
local_root=/home/ftp/ftp

三、建立ftp用户

综上local_root=/home/ftp/ftp
(1)home下建立一个ftp文件夹

cd /home
mkdir ftp

(2)修改权限

chmod 777 ftp

(3)修改密码

passwd ftp

四、启动ftp服务

systemctl restart vsftpd

五、关闭防火墙

systemctl stop firewalld.service