之前寫過一篇《openstack mitaka 配置詳解》然而最近使用發現阿裡不再提供m版本的源,是以最近又開始學習ocata版本,并進行總結,寫下如下文檔
OpenStack ocata版本官方文檔:https://docs.openstack.org/ocata/install-guide-rdo/environment.html
同時如果不想一步步安裝,可以執行安裝腳本:http://www.cnblogs.com/yaohong/p/7251852.html
一:環境
1.1主機網絡
- 系統版本 CentOS7
- 控制節點: 1 處理器, 4 GB 記憶體, 及5 GB 存儲
- 計算節點: 1 處理器, 2 GB 記憶體, 及10 GB 存儲
說明:
1:以CentOS7為鏡像,安裝兩台機器(怎樣安裝詳見http://www.cnblogs.com/yaohong/p/7240387.html)并注意配置雙網卡和控制兩台機器的記憶體。
2:修改機器主機名分别為:controller和compute1
#hostnamectl set-hostname hostname
3:編輯controller和compute1的 /etc/hosts 檔案
#vi /etc/hosts
4:驗證
采取互ping以及ping百度的方式
1.2網絡時間協定(NTP)
[控制節點安裝NTP]
NTP主要為同步時間所用,時間不同步,可能造成你不能建立雲主機
#yum install chrony (安裝軟體包)
#vi /etc/chrony.conf 增加
| server NTP_SERVER iburst allow ip位址網段(可以去掉,指代允許你的ip位址網段可以通路NTP) |
|---|
#systemctl enable chronyd.service (設定為系統自啟動)
#systemctl start chronyd.service (啟動NTP服務)
[計算節點安裝NTP]
# yum install chrony
#vi /etc/chrony.conf `` 釋除``server`` 值外的所有内容。修改它引用控制節點:
server controller iburst
# systemctl enable chronyd.service (加入系統自啟動)
# systemctl start chronyd.service (啟動ntp服務)
[驗證NTP]
控制節點和計算節點分别執行#chronyc sources,出現如下
[驗證NTP]
控制節點和計算節點分别執行#chronyc sources,出現如下
1.3Openstack包
[openstack packages安裝在控制和計算節點] 安裝openstack最新的源: #yum install centos-release-openstack-ocata #yum install https://rdoproject.org/repos/rdo-release.rpm
#yum upgrade (在主機上更新包) #yum install python-openstackclient (安裝opentack必須的插件) #yum install openstack-selinux
1.4SQL資料庫
安裝在控制節點,指南中的步驟依據不同的發行版使用MariaDB或 MySQL。OpenStack 服務也支援其他 SQL 資料庫。 #yum install mariadb mariadb-server python2-PyMySQL
#vi /etc/mysql/conf.d/mariadb_openstack.cnf
加入: [mysqld] bind-address = 192.168.1.73 (安裝mysql的機器的IP位址,這裡為controller位址) default-storage-engine = innodb innodb_file_per_table collation-server = utf8_general_ci character-set-server = utf8 #systemctl enable mariadb.service (将資料庫服務設定為自啟動) #systemctl start mariadb.service (将資料庫服務設定為開啟) 設定mysql屬性: #mysql_secure_installation (此處參照http://www.cnblogs.com/yaohong/p/7352386.html,中坑一)
1.5消息隊列
消息隊列在openstack整個架構中扮演着至關重要(交通樞紐)的作用,正是因為openstack部署的靈活性、子產品的松耦合、架構的扁平化,反而使openstack更加依賴于消息隊列(不一定使用RabbitMQ,
可以是其他的消息隊列産品),是以消息隊列收發消息的性能和消息隊列的HA能力直接影響openstack的性能。如果rabbitmq沒有運作起來,你的整openstack平台将無法使用。rabbitmq使用5672端口。 #yum install rabbitmq-server #systemctl enable rabbitmq-server.service(加入自啟動) #systemctl start rabbitmq-server.service(啟動) #rabbitmqctl add_user openstack RABBIT_PASS (增加使用者openstack,密碼自己設定替換掉RABBIT_PASS) #rabbitmqctl set_permissions openstack ".*" ".*" ".*" (給新增的使用者授權,沒有授權的使用者将不能接受和傳遞消息)
1.6Memcached
memcache為選擇安裝項目。使用端口11211
[控制節點] #yum install memcached python-memcached
修改/etc/sysconfig/memcached中的OPTIONS為。
| OPTIONS="-l 127.0.0.1,::1,controller" |
|---|
#systemctl enable memcached.service
#systemctl start memcached.service
二:認證服務
2.1安裝和配置
登入資料庫建立keystone資料庫。
【隻在控制節點部署】 #mysql -u root -p #CREATE DATABASE keystone; 設定授權使用者和密碼: #GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \ IDENTIFIED BY '自定義的密碼'; #GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \ IDENTIFIED BY '自定義的密碼'; 安全并配置元件: #yum install openstack-keystone httpd mod_wsgi #vi /etc/keystone/keystone.conf
| [database] connection = mysql+pymysql://keystone:密碼@controller/keystone provider = fernet |
|---|
初始化身份認證服務的資料庫
# su -s /bin/sh -c "keystone-manage db_sync" keystone(一點要檢視資料庫是否生成表成功) 初始化keys: #keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone 引導身份服務:
| keystone-manage bootstrap --bootstrap-password ADMIN_PASS \ --bootstrap-admin-url http://controller:35357/v3/ \ --bootstrap-internal-url http://controller:5000/v3/ \ --bootstrap-public-url http://controller:5000/v3/ \ --bootstrap-region-id RegionOne |
|---|
配置apache: #vi /etc/httpd/conf/httpd.conf
| ServerName controller(将ServerName 後面改成主機名,防止啟動報錯) |
|---|
建立一個指向/usr/share/keystone/wsgi-keystone.conf檔案的連結:
#ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
啟動httpd: #systemctl enable httpd.service #systemctl start httpd.service
配置管理賬戶
#vi admin加入
export OS_USERNAME=admin
export OS_PASSWORD=123456
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3
2.2建立域、項目、使用者和角色
建立Service Project: #penstack project create --domain default \
--description "Service Project" service 建立Demo Project: #openstack project create --domain default \
--description "Demo Project" demo
建立 demo 使用者: #openstack user create --domain default \
--password-prompt demo 建立user角色: #openstack role create user 将使用者租戶角色連接配接起來: #openstack role add --project demo --user demo user
2.3驗證
vi /etc/keystone/keystone-paste.ini
從``[pipeline:public_api]``,[pipeline:admin_api]``和``[pipeline:api_v3]``部分删除``admin_token_auth
重置``OS_TOKEN``和``OS_URL`` 環境變量:
unset OS_AUTH_URL OS_PASSWORD
作為 admin 使用者,請求認證令牌: #openstack --os-auth-url http://controller:35357/v3 \ --os-project-domain-name default --os-user-domain-name default \ --os-project-name admin --os-username admin token issue
這裡會遇到錯誤:
由于是Http錯誤,是以傳回Apache HTTP 服務配置的地方,重新開機Apache 服務,并重新設定管理賬戶:
# systemctlrestart httpd.service
$ export OS_USERNAME=admin
$ export OS_PASSWORD=ADMIN_PASS
$ export OS_PROJECT_NAME=admin
$ export OS_USER_DOMAIN_NAME=Default
$ export OS_PROJECT_DOMAIN_NAME=Default
$ export OS_AUTH_URL=http://controller:35357/v3
$ export OS_IDENTITY_API_VERSION=3
執行完後再次執行
#openstack --os-auth-url http://controller:35357/v3 \ --os-project-domain-name default --os-user-domain-name default \ --os-project-name admin --os-username admin token issue
輸入密碼之後,有正确的輸出即為配置正确。
圖2.4 admin認證服務驗證
作為``demo`` 使用者,請求認證令牌:
#openstack --os-auth-url http://controller:5000/v3 \
--os-project-domain-name default --os-user-domain-name default \
--os-project-name demo --os-username demo token issue
2.4建立 OpenStack 用戶端環境腳本
可将環境變量設定為腳本: #vi admin-openrc 加入:
| export OS_PROJECT_DOMAIN_NAME=default export OS_USER_DOMAIN_NAME=default export OS_PROJECT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD=123456(admin設定的密碼) export OS_AUTH_URL=http://controller:35357/v3 export OS_IDENTITY_API_VERSION=3 export OS_IMAGE_API_VERSION=2 |
|---|
#vi demo-openrc 加入:
| export OS_PROJECT_DOMAIN_NAME=default export OS_USER_DOMAIN_NAME=default export OS_PROJECT_NAME=demo export OS_USERNAME=demo export OS_PASSWORD=123456(demo設定的密碼) export OS_AUTH_URL=http://controller:35357/v3 export OS_IDENTITY_API_VERSION=3 export OS_IMAGE_API_VERSION=2 |
|---|
#. admin-openrc (加載``admin-openrc``檔案來身份認證服務的環境變量位置和``admin``項目和使用者證書) #openstack token issue(請求認證令牌)
圖2.6 請求認證令牌
三:鏡像服務
3.1安裝配置
建立glance資料 登入mysql #mysql -u root -p (用資料庫連接配接用戶端以 root 使用者連接配接到資料庫伺服器) #CREATE DATABASE glance;(建立 glance 資料庫) 授權 GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' \ IDENTIFIED BY '密碼'; (對``glance``資料庫授予恰當的權限) GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' \ IDENTIFIED BY '密碼';(對``glance``資料庫授予恰當的權限) 運作環境變量: #. admin-openrc 建立glance使用者資訊: #openstack user create --domain default --password-prompt glance
添加 admin 角色到 glance 使用者和 service 項目上 #openstack role add --project service --user glance admin 建立``glance``服務實體: #openstack service create --name glance \ --description "OpenStack Image" image
圖3.1 建立glance服務實體
建立鏡像服務的 API 端點: #penstack endpoint create --region RegionOne \ image public http://controller:9292
圖3.2 建立鏡像服務API端點
#penstack endpoint create --region RegionOne \ image internal http://controller:9292
圖3.3 建立鏡像服務API端點
#penstack endpoint create --region RegionOne \ image admin http://controller:9292
圖3.4 建立鏡像服務API端點
安裝: #yum install openstack-glance #vi /etc/glance/glance-api.conf 配置
| [database] connection = mysql+pymysql://glance:密碼@controller/glance [keystone_authtoken](配置認證) 加入: auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = glance password = xxxx [paste_deploy] flavor = keystone [glance_store] stores = file,http default_store = file filesystem_store_datadir = /var/lib/glance/images/ |
|---|
#vi /etc/glance/glance-registry.conf
| [database] connection = mysql+pymysql://glance:密碼@controller/glance [keystone_authtoken](配置認證) 加入: auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = control:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = glance password = xxxx [paste_deploy] flavor = keystone |
|---|
同步資料庫: #su -s /bin/sh -c "glance-manage db_sync" glance 啟動glance: #systemctl enable openstack-glance-api.service \ openstack-glance-registry.service # systemctl start openstack-glance-api.service \ openstack-glance-registry.service
3.2驗證
運作環境變量: #. admin-openrc 下載下傳一個比較小的鏡像: #wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img
| 解決辦法: yum -y install wget 再執行 wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img |
|---|
上傳鏡像: #openstack image create "cirros" \
--file cirros-0.3.5-x86_64-disk.img \
--disk-format qcow2 --container-format bare \
--public
圖3.5 上傳鏡像
檢視: #openstack image list
圖3.6 确認鏡像上傳
有輸出證明glance配置正确
四:計算服務
4.1安裝并配置控制節點
建立nova的資料庫: #mysql -u root -p (用資料庫連接配接用戶端以 root 使用者連接配接到資料庫伺服器) #CREATE DATABASE nova_api; #CREATE DATABASE nova; (建立 nova_api 和 nova 資料庫:)
#CREATE DATABASE nova_cell0;
對資料庫進行正确的授權: #GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' \ IDENTIFIED BY '密碼'; #GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' \ IDENTIFIED BY '密碼'; #GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' \ IDENTIFIED BY '密碼'; #GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' \ IDENTIFIED BY '密碼';
#GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' \
IDENTIFIED BY '密碼';
#GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' \
IDENTIFIED BY '密碼';
運作環境變量: #. admin-openrc 建立nova使用者: #openstack user create --domain default \ --password-prompt nova #openstack role add --project service --user nova admin 建立 nova 服務實體: #openstack service create --name nova \ --description "OpenStack Compute" compute 建立 Compute 服務 API 端點: #openstack endpoint create --region RegionOne \
compute public http://controller:8774/v2.1
#openstack endpoint create --region RegionOne \
compute internal http://controller:8774/v2.1
#openstack endpoint create --region RegionOne \
compute admin http://controller:8774/v2.1
#openstack user create --domain default --password-prompt placement
#openstack role add --project service --user placement admin
#openstack service create --name placement --description "Placement API" placement
#openstack endpoint create --region RegionOne placement public http://controller:8778
# openstack endpoint create --region RegionOne placement internal http://controller:8778
#openstack endpoint create --region RegionOne placement admin http://controller:8778
安裝: # yum install openstack-nova-api openstack-nova-conductor \
openstack-nova-console openstack-nova-novncproxy \
openstack-nova-scheduler openstack-nova-placement-api #vi /etc/nova/nova.conf
| [DEFAULT]. enabled_apis = osapi_compute,metadata [api_database] # connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api [database] # connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova [DEFAULT] #transport_url = rabbit://openstack:RABBIT_PASS@controller [api] #auth_strategy = keystone [keystone_authtoken] #auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = nova password = 密碼 [DEFAULT] #my_ip = 10.0.0.11 [DEFAULT] # use_neutron = True firewall_driver = nova.virt.firewall.NoopFirewallDriver [vnc] enabled = true vncserver_listen = $my_ip vncserver_proxyclient_address = $my_ip [glance] #api_servers = http://controller:9292 [oslo_concurrency] #lock_path = /var/lib/nova/tmp [placement] #os_region_name = RegionOne project_domain_name = Default project_name = service auth_type = password user_domain_name = Default auth_url = http://controller:35357/v3 username = placement password = PLACEMENT_PASS |
|---|
#vi /etc/httpd/conf.d/00-nova-placement-api.conf
加入:
| <Directory /usr/bin> <IfVersion >= 2.4> Require all granted </IfVersion> <IfVersion < 2.4> Order allow,deny Allow from all </IfVersion> </Directory> |
|---|
重新開機httpd 服務:
#systemctl restart httpd
填充nova-api資料庫:
#su -s /bin/sh -c "nova-manage api_db sync" nova
注冊cell0資料庫:
#su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
建立cell1單元格
#su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
填充新星資料庫:
su -s /bin/sh -c "nova-manage db sync" nova
驗證nova cell0和cell1是否正确注冊:
nova-manage cell_v2 list_cells
#systemctl enable openstack-nova-api.service \
openstack-nova-consoleauth.service openstack-nova-scheduler.service \
openstack-nova-conductor.service openstack-nova-novncproxy.service
# systemctl start openstack-nova-api.service \
openstack-nova-consoleauth.service openstack-nova-scheduler.service \
openstack-nova-conductor.service openstack-nova-novncproxy.service
4.2安裝并配置計算節點
#yum install openstack-nova-compute
編輯
#vi /etc/nova/nova.conf
| [DEFAULT] enabled_apis = osapi_compute,metadata transport_url = rabbit://openstack:RABBIT_PASS@controller my_ip = MANAGEMENT_INTERFACE_IP_ADDRESS(計算節點ip位址) use_neutron = True firewall_driver = nova.virt.firewall.NoopFirewallDriver [api] auth_strategy = keystone [keystone_authtoken] auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = nova password = NOVA_PASS [vnc] enabled = True vncserver_listen = 0.0.0.0 vncserver_proxyclient_address = $my_ip novncproxy_base_url = http://controller:6080/vnc_auto.html [glance] api_servers = http://controller:9292 [oslo_concurrency] lock_path = /var/lib/nova/tmp [placement] os_region_name = RegionOne project_domain_name = Default project_name = service auth_type = password user_domain_name = Default auth_url = http://controller:35357/v3 username = placement password = PLACEMENT_PASS |
|---|
#egrep -c '(vmx|svm)' /proc/cpuinfo (确定您的計算節點是否支援虛拟機的硬體加速)
如果為0則需要修改#vi /etc/nova/nova.conf
| [libvirt] virt_type = qemu |
|---|
啟動計算服務及其依賴,并将其配置為随系統自動啟動: 啟動: #systemctl enable libvirtd.service openstack-nova-compute.service #systemctl start libvirtd.service openstack-nova-compute.service 将計算節點添加到單中繼資料庫
這個在控制節點上執行
#. admin-openrc
# openstack hypervisor list
#su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
vi /etc/nova/nova.conf
[scheduler]
discover_hosts_in_cells_interval = 300
4.3驗證
在控制節點驗證: 運作環境變量: #. admin-openrc #openstack compute service list 輸出正常即為配置正确
#openstack catalog list
#openstack image list
#nova-status upgrade check
五:Networking服務
5.1安裝并配置控制節點
建立neutron資料庫 #mysql -u root -p #CREATE DATABASE neutron;
對``neutron`` 資料庫授予合适的通路權限,使用合适的密碼替換``NEUTRON_DBPASS``: #GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \ IDENTIFIED BY 'NEUTRON_DBPASS'; #GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \ IDENTIFIED BY 'NEUTRON_DBPASS'; 運作環境變量: #. admin-openrc 建立``neutron``使用者: #openstack user create --domain default --password-prompt neutron #openstack role add --project service --user neutron admin 添加``admin`` 角色到``neutron`` 使用者: #openstack service create --name neutron \ --description "OpenStack Networking" network 建立網絡服務API端點
#openstack endpoint create --region RegionOne \ network public http://controller:9696 #openstack endpoint create --region RegionOne \ network internal http://controller:9696 #openstack endpoint create --region RegionOne \ network admin http://controller:9696 建立vxlan網絡: #yum install openstack-neutron openstack-neutron-ml2 \ openstack-neutron-linuxbridge ebtables #vi /etc/neutron/neutron.conf
| [DEFAULT] core_plugin = ml2 service_plugins = router allow_overlapping_ips = true transport_url = rabbit://openstack:密碼@controller auth_strategy = keystone notify_nova_on_port_status_changes = true notify_nova_on_port_data_changes = true [database] connection = mysql+pymysql://neutron:密碼@controller/neutron [keystone_authtoken] auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = neutron password =密碼 [nova] auth_url = http://controller:35357 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = nova password = 密碼 [oslo_concurrency] lock_path = /var/lib/neutron/tmp |
|---|
配置ml2擴充: #vi /etc/neutron/plugins/ml2/ml2_conf.ini
| [ml2] type_drivers = flat,vlan,vxlan tenant_network_types = vxlan mechanism_drivers = linuxbridge,l2population extension_drivers = port_security [ml2_type_flat] flat_networks = provider [ml2_type_vxlan] vni_ranges = 1:1000 [securitygroup] enable_ipset = true |
|---|
配置網橋:
#vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
| [DEFAULT] [agent] [linux_bridge] physical_interface_mappings = provider:“第二張網卡名稱” [securitygroup] enable_security_group = true firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver [vxlan] enable_vxlan = true local_ip = 192.168.1.146(本地網絡ip) l2_population = true |
|---|
配置3層網絡: #vi /etc/neutron/l3_agent.ini
| [DEFAULT] interface_driver = linuxbridge |
|---|
配置dhcp: #vi /etc/neutron/dhcp_agent.ini
| [DEFAULT] interface_driver = linuxbridge dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq enable_isolated_metadata = true |
|---|
配置metadata agent #vi /etc/neutron/metadata_agent.ini
| [DEFAULT] nova_metadata_ip = controller metadata_proxy_shared_secret = METADATA_SECRET |
|---|
為計算機節點配置網絡服務
#vi /etc/nova/nova.conf
| [neutron] url = http://controller:9696 auth_url = http://controller:35357 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = xxxx service_metadata_proxy = True metadata_proxy_shared_secret = METADATA_SECRET |
|---|
建立擴充連接配接: #ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini 同步資料庫
# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
重新開機計算API 服務: #systemctl restart openstack-nova-api.service #systemctl enable neutron-server.service \
neutron-linuxbridge-agent.service neutron-dhcp-agent.service \ neutron-metadata-agent.service #systemctl start neutron-server.service \ neutron-linuxbridge-agent.service neutron-dhcp-agent.service \ neutron-metadata-agent.service
啟用layer-3服務并設定其随系統自啟動 # systemctl enable neutron-l3-agent.service #systemctl start neutron-l3-agent.service
5.2安裝并配置計算節點
#yum install openstack-neutron-linuxbridge ebtables ipset #vi /etc/neutron/neutron.conf
| [DEFAULT] transport_url = rabbit://openstack:密碼@controller auth_strategy = keystone [keystone_authtoken] auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = neutron password = 密碼 [oslo_concurrency] lock_path = /var/lib/neutron/tmp |
|---|
配置vxlan #vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
| [linux_bridge] physical_interface_mappings = provider:PROVIDER_INTERFACE_NAME(第二個網卡名稱) [vxlan] enable_vxlan = True local_ip = OVERLAY_INTERFACE_IP_ADDRESS(本地網絡位址) l2_population = True [securitygroup] enable_security_group = True firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver |
|---|
#vi /etc/nova/nova.conf
| [neutron] url = http://controller:9696 auth_url = http://controller:35357 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = xxxx |
|---|
重新開機計算服務 #systemctl restart openstack-nova-compute.service #systemctl enable neutron-linuxbridge-agent.service #systemctl enable neutron-linuxbridge-agent.service
5.3驗證
運作環境變量: #. admin-openrc
#openstack extension list --network
#openstack network agent list
六:Dashboard
6.1配置
#yum install openstack-dashboard #vi /etc/openstack-dashboard/local_settings
| OPENSTACK_HOST = "controller" ALLOWED_HOSTS = ['one.example.com', 'two.example.com'] SESSION_ENGINE = 'django.contrib.sessions.backends.cache'CACHES = { 'default': { 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', 'LOCATION': 'controller:11211', } }OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOSTOPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True OPENSTACK_API_VERSIONS = { "identity": 3, "image": 2, "volume": 2, }OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"OPENSTACK_NEUTRON_NETWORK = { 'enable_router': False, 'enable_quotas': False, 'enable_distributed_router': False, 'enable_ha_router': False, 'enable_lb': False, 'enable_firewall': False, 'enable_V**': False, 'enable_fip_topology_check': False, } TIME_ZONE = "TIME_ZONE" |
|---|
啟動: #systemctl restart httpd.service memcached.service
6.2登入
在網頁上輸入網址http://控制節點ip/dashboard/auth/login
域:default
使用者名:admin或者demo
密碼:自己設定的
圖6.1 登入頁面