控制节点192.168.2.243 计算节点192.168.2.244
部署
基础环境
yum -y install centos-release-openstack-pike
yum -y remove mariadb-libs
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
sed -i '/^SELINUX=/cSELINUX=disabled' /etc/selinux/config
yum -y install ntpdate
ntpdate time1.aliyun.com
yum -y install openstack-selinux 有时selinux忘记关闭时会帮你配置
yum -y install python-openstackclient 安装openstack客户端
yum -y install mariadb mariadb-server python2-PyMySQL 安装数据库,以及python访问数据库的模块
vim /usr/lib/systemd/system/mariadb.service yum安装mysql时要设置参数才能调整mysql的最大连接数
[Service]
LimitNOFILE = 65535
systemctl daemon-reload
vim /etc/my.cnf.d/openstack.cnf
[mysqld]
bind-address = 192.168.2.243
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
systemctl enable mariadb
systemctl start mariadb
mysql_secure_installation 设置密码以及安全初始化
yum -y install rabbitmq-server 消息队列 openstart内的通讯(15672)
systemctl enable rabbitmq-server.service
systemctl start rabbitmq-server.service
rabbitmqctl add_user openstack openstack 连接消息队列需要用户,密码也设置为openstack
rabbitmqctl set_permissions openstack ".*" ".*" ".*" 给openstack用户配置权限,所有域所有权限
yum -y install memcached python-memcached 缓存软件的安装
vim /etc/sysconfig/memcached
systemctl enable memcached.service
systemctl start memcached.service
认证服务KeyStone部署 (mysql3306,memcached11211,rabbitmq5672,keystone5000和35357)
echo "create database keystone;" |mysql -p'123456' 创建数据库并建立授权了的账号
echo "grant all on keystone.* to 'keystone'@'localhost' identified by 'keystone';" |mysql -p'123456'
echo "grant all on keystone.* to 'keystone'@'%' identified by 'keystone';" |mysql -p'123456'
yum -y install openstack-keystone httpd mod_wsgi 安装keystone,需要http启动,http需要mod_wsgi和python通讯
vim /etc/keystone/keystone.conf
[database]
connection = mysql+pymysql://keystone:keystone@192.168.2.243/keystone 数据库配置 640
[token]
provider = fernet
su -s /bin/sh -c "keystone-manage db_sync" keystone 初始化身份认证服务,用keystone初始化这样产生的日志用户和组都为keystone
验证mysql -h 192.168.2.243 -ukeystone -p'keystone' -e "use keystone;show tables;" 验证是否成功查看表
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone 初始化key
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
keystone-manage bootstrap --bootstrap-password admin --bootstrap-admin-url http://192.168.2.243:35357/v3/ --bootstrap-internal-url http://192.168.2.243:35357/v3/ --bootstrap-public-url http://192.168.2.243:5000/v3/ --bootstrap-region-id RegionOne 初始化初始用户admin,以及三个访问的URL(在数据库中配置)
vim /etc/httpd/conf/httpd.conf
ServerName 192.168.2.243:80
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/ 用到http管理keystone所以写http的配置文件
systemctl enable httpd.service
systemctl start httpd.service 不需要启动keystone,因为http管理keystone直接启动http就可以启动keystone
检查netstat -tnlp (mysql3306,memcached11211,rabbitmq5672,keystone5000和35357)
vim admin-openstack 设置环境变量的脚本
export OS_USERNAME=admin 登陆用户名 设置环境变量(让openstack命令默认以admin执行,就不用加一堆参数)
export OS_PASSWORD=admin 密码
export OS_PROJECT_NAME=admin 项目
export OS_USER_DOMAIN_NAME=default 默认的域
export OS_PROJECT_DOMAIN_NAME=default
export OS_AUTH_URL=http://192.168.2.243:35357/v3 验证的url
export OS_IDENTITY_API_VERSION=3 指定版本
export OS_IMAGE_API_VERSION=2
vim demo-openstack
export OS_USERNAME=demo
export OS_PASSWORD=demo
export OS_PROJECT_NAME=demo
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_DOMAIN_NAME=default
export OS_AUTH_URL=http://192.168.2.243:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
source admin-openstack (unset OS_AUTH_URL OS_PASSWORD 清除环境变量)
openstack project create --domain default --description "Service Project" service 创建一个项目,接下来配置其他组件需用用户和密码,而用户必须属于什么项目
openstack project create --domain default --description "Demo Project" demo 创建一个demo项目,演示用的
openstack user create --domain default --password-prompt demo 创建demo用户,这里需要设置用户密码(密码demo)
openstack role create user 创建一个角色,一般有两个角色(一个为admin,这个是普通角色)权限的意思
openstack role add --project demo --user demo user 将demo加入demo项目并赋予user角色(权限)
验证keyston
unset OS_AUTH_URL OS_PASSWORD 清除openstack命令使用的admin的环境变量
openstack --os-auth-url http://192.168.2.243:35357/v3 --os-project-domain-name default --os-user-domain-name default --os-project-name admin --os-username admin token issue 使用admin用户是否能获取令牌(需要输入admin密码)
source admin-openstack
openstack token issue
镜像服务Glance部署 (api9292,registry9191)
echo "create database glance;" |mysql -p'123456'
echo "grant all on glance.* to 'glance'@'localhost' identified by 'glance';" |mysql -p'123456'
echo "grant all on glance.* to 'glance'@'%' identified by 'glance';" |mysql -p'123456'
source admin-openstack
openstack user create --domain default --password-prompt glance 输入密码
openstack role add --project service --user glance admin
yum -y install openstack-glance
vim /etc/glance/glance-api.conf api要和数据库通讯
[database]
connection = mysql+pymysql://glance:glance@192.168.2.243/glance 1748
[keystone_authtoken] 直接按o下一行添加 3179
auth_uri = http://192.168.2
最低0.47元/天 解锁文章
扫一扫
评论
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
查看更多评论
添加红包
