文章目录
本地yum源配置
https://blog.youkuaiyun.com/gsl371/article/details/109526864
虚拟机规划
关闭网络管理服务
[root@localhost ~]# systemctl stop NetworkManager
[root@localhost ~]# systemctl disable NetworkManager
Removed symlink /etc/systemd/system/multi-user.target.wants/NetworkManager.service.
Removed symlink /etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service.
Removed symlink /etc/systemd/system/network-online.target.wants/NetworkManager-wait-online.service.
[root@localhost ~]#
地址规划
controller:内存3G,cpu开启虚拟化,
网卡:provider:etho:dhcp
网卡:management:eth1:192.168.2.11/24
compute01: 内存1G,cpu开启虚拟化(必开),
网卡:provider:etho :dhcp
网卡:management:eth1:192.168.2.31/24
controller
[root@controller network-scripts]# cat ifcfg-eth0
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=dhcp
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=eth0
UUID=bbc78f56-b336-4d32-a860-ed83f23d551d
DEVICE=eth0
ONBOOT=yes
[root@controller network-scripts]# cat ifcfg-eth1
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=eth1
DEVICE=eth1
ONBOOT=yes
IPADDR=192.168.2.11
NETMASK=55.255.255.0
GATEWAY=192.168.2.1
DNS1=114.114.114.114
computer1
[root@computer1 network-scripts]# cat ifcfg-eth1
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=eth1
DEVICE=eth1
ONBOOT=yes
IPADDR=192.168.2.31
NETMASK=255.255.255.0
GATEWAY=192.168.2.1
DNS1=114.114.114.114
[root@computer1 network-scripts]# cat ifcfg-eth0
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=dhcp
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=eth0
UUID=bbc78f56-b336-4d32-a860-ed83f23d551d
DEVICE=eth0
ONBOOT=yes
host解析
[root@controller ~]# vim /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.0.0.11 controller
10.0.0.31 computer1
[root@controller ~]# scp -rp /etc/hosts 10.0.0.31 /etc/hosts
修改主机名
hostnamectl set-hostname computer1
hostnamectl set-hostname controller
测试网络
管理网
[root@computer1 network-scripts]# ping controller
PING controller (192.168.2.11) 56(84) bytes of data.
64 bytes from controller (192.168.2.11): icmp_seq=1 ttl=64 time=0.596 ms
64 bytes from controller (192.168.2.11): icmp_seq=2 ttl=64 time=0.447 ms
64 bytes from controller (192.168.2.11): icmp_seq=3 ttl=64 time=0.447 ms
[root@controller network-scripts]# ping computer1
PING computer1 (192.168.2.31) 56(84) bytes of data.
64 bytes from computer1 (192.168.2.31): icmp_seq=1 ttl=64 time=0.515 ms
64 bytes from computer1 (192.168.2.31): icmp_seq=2 ttl=64 time=0.443 ms
互联网
[root@computer1 network-scripts]# ping www.baidu.com
PING www.a.shifen.com (110.242.68.4) 56(84) bytes of data.
64 bytes from 110.242.68.4 (110.242.68.4): icmp_seq=1 ttl=50 time=41.7 ms
64 bytes from 110.242.68.4 (110.242.68.4): icmp_seq=2 ttl=50 time=43.6 ms
[root@controller network-scripts]# ping www.baidu.com
PING www.a.shifen.com (110.242.68.4) 56(84) bytes of data.
64 bytes from 110.242.68.4 (110.242.68.4): icmp_seq=1 ttl=50 time=47.7 ms
64 bytes from 110.242.68.4 (110.242.68.4): icmp_seq=2 ttl=50 time=46.8 ms
禁止内核升级
linux系统如果升级内核,会造成不可预估的问题,因此有必要禁止自动升级内核,方法如下
yum -y install yum-cron
关闭自动更新
vi /etc/yum/yum-cron.conf
update_messages = no
download_updates = no
启动yum-cron
systemctl start yum-cron
systemctl enable yum-cron
忽略更新内核
cp /etc/yum.conf /etc/yum.conf.bak
vi /etc/yum.conf
exclude=kernel*
exclude=centos-release*
安装基础服务
在所有节点上执行:
时间同步
[root@controller opt]# yum install -y chrony
[root@computer1 opt]# yum install -y chrony
#编辑控制节点配置文件
[root@controller opt]# vim /etc/chrony.conf
1.
将 server 1.centos.pool.ntp.org iburst 改成
server ntp6.aliyun.com iburst
另三行删掉
2.将 #allow 192.168.0.0/1改成
allow 192.168.2.0/24
#重启服务
[root@controller opt]# vim /etc/chrony.conf
systemctl restart chronyd
#编辑计算节点
[root@computer1 opt]# vim /etc/chrony.conf
将 server 1.centos.pool.ntp.org iburst 改成
server 10.0.0.11 iburst
另三行删掉
[root@computer1 opt]# systemctl restart chronyd
在两台主机上
启动 NTP 服务并将其配置为随系统启动
systemctl enable chronyd.service
验证ntp
我们建议您在继续进一步的操作之前验证 NTP 的同步。有些节点,特别是哪些引用了控制节点的,需要花费一些时间去同步
1、在控制节点上执行这个命令:
[root@controller ~]# chronyc sources
210 Number of sources = 1
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* 203.107.6.88 2 6 377 20 +1994us[+4554us] +/- 34ms
2、在所有其他节点执行相同命令:
[root@computer1 ~]# chronyc sources
210 Number of sources = 1
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^* controller 3 6 37 21 +854ns[ +637us] +/- 39ms
安装OpenStack包
在所有节点执行以下操作
查看目前支持cloud的centos版本,选择一个进行部署。
yum install centos-release-openstack-train
最后的安装,在所有节点更新包。
更新这一步有问题,实际操作可能有问题。
yum upgrade
重新启动操作系统
安装openstack客户端
# yum -y install python-openstackclient
安装sql数据库
在控制节点
安装包
# yum -y install mariadb mariadb-server python2-PyMySQL
创建或编辑/etc/my.cnf.d/openstack.cnf
[mysqld]
bind-address = 192.168.2.11
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
最后的安装
Start the database service and configure it to start when the system boots:
# systemctl enable mariadb.service
# systemctl start mariadb.service
Secure the database service by running the mysql_secure_installation script. In particular, choose a suitable password for the database root account:
# mysql_secure_installation
[root@controller my.cnf.d]# mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] y
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] y
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] y
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
消息队列
在控制节点
安装包
yum -y install rabbitmq-server
设置自动启动
systemctl enable rabbitmq-server.service
systemctl start rabbitmq-server.service
添加openstack用户
# rabbitmqctl add_user openstack RABBIT_PASS
Creating user "openstack" ...
允许openstack用户 配置,读和写
# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
Setting permissions for user "openstack" in vhost "/" ...
Memcached
认证服务认证缓存使用Memcached缓存令牌。缓存服务memecached运行在控制节点。在生产部署中,我们推荐联合启用防火墙、认证和加密保证它的安全。
在控制节点
安装包
yum -y install memcached python-memcached
Edit the /etc/sysconfig/memcached file and complete the following actions:
OPTIONS="-l 127.0.0.1,::1,controller"
完成安装
systemctl enable memcached.service
systemctl start memcached.service
Etcd
在控制节点
OpenStack services may use Etcd, a distributed reliable key-value store for distributed key locking, storing configuration, keeping track of service live-ness and other scenarios.
Install and configure components
Install the package:
yum -y install etcd
Edit the /etc/etcd/etcd.conf
[root@controller my.cnf.d]# cat /etc/etcd/etcd.conf
#[Member]
#ETCD_CORS=""
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="http://192.168.2.11:2380"
ETCD_LISTEN_CLIENT_URLS="http://192.168.2.11:2379"
ETCD_NAME="controller"
#
#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.2.11:2380"
ETCD_ADVERTISE_CLIENT_URLS="http://192.168.2.11:2379"
ETCD_INITIAL_CLUSTER="default=http://192.168.2.11:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"
ETCD_INITIAL_CLUSTER_STATE="new"
[root@controller my.cnf.d]#
完成安装
systemctl enable etcd
systemctl start etcd
报错
[root@controller ~]# journalctl -xe
3月 31 09:32:11 controller etcd[3302]: Git SHA: 2cf9e51
3月 31 09:32:11 controller etcd[3302]: Go Version: go1.10.3
3月 31 09:32:11 controller etcd[3302]: Go OS/Arch: linux/amd64
3月 31 09:32:11 controller etcd[3302]: setting maximum number of CPUs to 1, total number of available CPUs is 1
3月 31 09:32:11 controller etcd[3302]: the server is already initialized as member before, starting as etcd member...
3月 31 09:32:11 controller etcd[3302]: listening for peers on http://192.168.2.11:2380
3月 31 09:32:11 controller etcd[3302]: listening for client requests on 192.168.2.11:2379
3月 31 09:32:11 controller etcd[3302]: couldn't find local name "controller" in the initial cluster configuration
3月 31 09:32:11 controller systemd[1]: etcd.service: main process exited, code=exited, status=1/FAILURE
3月 31 09:32:11 controller systemd[1]: Failed to start Etcd Server.
-- Subject: Unit etcd.service has failed
修改一致,启动成功。
最小化部署 Train
在以下文章中
扫一扫
734
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
