《openstackmitaka(oncentos7)搭建实践手册摘要》由会员分享,可在线阅读,更多相关《openstackmitaka(oncentos7)搭建实践手册摘要(36页珍藏版)》请在金锄头文库上搜索。
1、1Openstack-Mitaka 搭建2016 年 8 月 6 日2本文参考:http:/ Controller 节点: Cpu:双核 2.5G 以上 内存:2G 以上 硬盘 100G 以上 网卡:两张网卡 Compute 节点: Cpu:双核 2.5G 以上 内存:4G 以上 硬盘 100G 以上2.安装操作系统两台服务器分别安装 centos 7 最小化系统分别配置 IP 地址 Controller 节点: Eth0:172.16.5.22 Eth1:192.168.1.10 Compute 节点 Eth0:172.16.5.33 Eth1:192.168.1.20 其中两台服务器的两张
2、网卡能够相互 ping 通3.配置控制节点和计算节点 hosts 文件如下图所示:4.配置两个节点的防火墙如下图:并使用命令关闭防火墙设置开机不启动:3systemctl mask iptables.service systemctl mask ip6tables.service systemctl mask ebtables.service systemctl mask firewalld.service systemctl disable firewalld.service5.安装 NTP 服务器分别在控制节点和计算节点安装:ntp 主要为同步时间所用,时间不同步,可能造成你不能创建云主机
3、 yum install chrony使用 vi /etc/chrony.conf 增加如下内容,其中 allow 接你服务器的网段,并将其余的 ntp 注 释 server control iburst allow 20.0.0.0/24设置 ntp 服务器开机启动并启动 ntp 服务 systemctl enable chronyd.service systemctl restart chronyd.service查看 ntp 服务状态 timedatectl status6.更新源安装 yum-plugin-priorities 包,防止高优先级软件被低优先级软件覆盖 yum insta
4、ll yum-plugin-priorities 安装 openstack 最新的源:(建议等控制节点更新完成后再更新计算节点) yum install centos-release-openstack-mitaka yum install https:/rdoproject.org/repos/rdo-release.rpm yum clean all yum upgrade y重启服务器: reboot7.安装 openstack 和 openstack-selinux 包(建议等控制节点更新完成后再更新计算节点)yum install python-openstackclient -这个
5、包必须安装 yum install openstack-selinux48.在控制节点安装 mysql 服务(openstack 支持很多数据库这里只装mysql 数据库)yum install mariadb mariadb-server python2-PyMySQL编辑:vi /etc/f mysqldbind-address = 192.168.1.10 #Controller Node IPAddress 设置 ip 绑定 default-storage-engine = innodb innodb_file_per_table collation-server = utf8_gen
6、eral_cicharacter-set-server = utf8 #默认数据库引擎及默认字符集为 UTF-8 将 mysql 加入自启动 systemctl enable mariadb.service systemctl start mariadb.service设置 mysql 属性并设置密码我这里设置为“openstack”: 直接输入脚本命令: mysql_secure_installation配置如下: rootcontroller # mysql_secure_installation NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECO
7、MMENDED FOR ALL MariaDBSERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!In order to log into MariaDB to secure it, well need the current password for the root user. If youve just installed MariaDB, and you havent set the root password yet, the password will be blank, so you should just pre
8、ss enter here.Enter current password for root (enter for none): OK, successfully used password, moving on.Setting the root password ensures that nobody can log into the MariaDB root user without the proper authorisation.You already have a root password set, so you can safely answer n.Change the root
9、 password? Y/n New password: Re-enter new password: Password updated successfully! Reloading privilege tables. Success!5By default, a MariaDB installation has an anonymous user, allowing anyone to log into MariaDB without having to have a user account created for them. This is intended only for test
10、ing, and to make the installation go a bit smoother. You should remove them before moving into a production environment.Remove anonymous users? Y/n . Success!Normally, root should only be allowed to connect from localhost. This ensures that someone cannot guess at the root password from the network.
11、Disallow root login remotely? Y/n . Success!By default, MariaDB comes with a database named test that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment.Remove test database and access to it? Y/n - Dropping test database. Succ
12、ess!- Removing privileges on test database. Success!Reloading the privilege tables will ensure that all changes made so far will take effect immediately.Reload privilege tables now? Y/n . Success!Cleaning up.All done! If youve completed all of the above steps, your MariaDB installation should now be
13、 secure.Thanks for using MariaDB!完成后注意检查 mysqld 是否运行。3306 端口是否起来 netstat -an |grep 33069.安装消息代理服务器6安装 openstack 的消息使者 rabbitmq,如果 rabbitmq 没有运行起来,你的整 openstack 平 台将无法使用。rabbitmq 使用 5672 端口。 yum install rabbitmq-server systemctl enable rabbitmq-server.service systemctl restart rabbitmq-server.service
14、(增加用户 openstack,密码自己设置替换掉 RABBIT_PASS) rabbitmqctl add_user openstack openstack -账户:openstack 密码:openstack (给新增的用户授权,没有授权的用户将不能接受和传递消息) rabbitmqctl set_permissions openstack “.*“ “.*“ “.*“10.安装 memcachedmemcache 为选择安装项目。使用端口 11211 yum install memcached python-memcached systemctl enable memcached.ser
15、vice systemctl restart memcached.service11.在控制节点安装 keystone 组件:注意:在之前需要设置好 hosts 解析,控制节点和计算节点都要做 192.168.1.10 control 192.168.1.20 compute登录数据库创建 keystone 数据库。 mysql -u root -popenstack创建数据库 CREATE DATABASE keystone;设置授权用户和密码: GRANT ALL PRIVILEGES ON keystone.* TO keystonelocalhost IDENTIFIED BY ope
16、nstack; GRANT ALL PRIVILEGES ON keystone.* TO keystone% IDENTIFIED BY openstack;生成 admin_token 的随机值: openssl rand -hex 10 48fc4985045853ac1ca1安装 keystone yum install openstack-keystone httpd mod_wsgi vi /etc/keystone/keystone.conf使用刚刚生成的随机值替换掉: DEFAULT admin_token=48fc4985045853ac1ca1配置数据库连接: database7connection = mysql+py
