192.168.234.202 Openstack controller node
192.168.234.205 Openstack network node
192.168.234.204 Openstack compute node
networ node必須有三個NIC(network interface card),也就是網卡.
管理網段:10.0.0.0/24
要給它分配一個OpenStack管理網段的IP,因為它已經有了一個192段的IP了,所以建一個虛擬網卡綁定OpenStack管理網段的IP。
/etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
#iface eth0 inet dhcp
iface eth0 inet static
address 192.168.234.202
netmask 255.255.255.0
gateway 192.168.234.1
# OpenStack management interface.
iface eth0:1 inet static
address 10.0.0.11
netmask 255.255.255.0
gateway 10.0.0.1
/etc/hosts
# Controller
10.0.0.11 controller
# network
10.0.0.21 network
# compute1
10.0.0.31 compute1
/etc/network/interfaces
#The primary network interface
auto eth0
iface eth0 inet static
address 192.168.234.205
netmask 255.255.255.0
gateway 192.168.234.1
#management interface
auto eth1:1
iface eth0:1 inet static
address 10.0.0.21
netmask 255.255.255.0
gateway 10.0.0.1
#Instance tunnels interface.
auto eth1:2
iface eth0:2 inet static
address 10.0.1.21
netmask 255.255.255.0
/etc/hosts
#Controller
10.0.0.11 controller
#network
10.0.0.21 network
#compute1
10.0.0.31 compute1
/etc/network/interfaces
# The primary network interface
auto eth0
#iface eth0 inet dhcp
iface eth0 inet static
address 192.168.234.204
netmask 255.255.255.0
gateway 192.168.234.1
#management interface
auto eth0:1
iface eth0:1 inet static
address 10.0.0.31
netmask 255.255.255.0
gateway 10.0.0.1
#Instance tunnels interface.
auto eth0:2
iface eth0:2 inet static
address 10.0.1.31
netmask 255.255.255.0
/etc/hosts
#Controller
10.0.0.11 controller
#network
10.0.0.21 network
#compute1
10.0.0.31 compute1
所有節點的時間必須同步
安裝ntp
$ sudo aptitude install ntp -y
在/etc/ntp.conf配置上中國區的server.
server 1.cn.pool.ntp.org
server 0.asia.pool.ntp.org
server 3.asia.pool.ntp.org
server NTP_SERVER iburst
restrict -4 default kod notrap nomodify
restrict -6 default kod notrap nomodify
注意:默認的配置裡的restrict有兩個選項nopeer
和 noquery
必須去掉。
重啟服務
# service ntp restart
網絡節點和計算節點也要安裝配置ntp,要注意的是它們的ntp配置文件指定的server是controller,也就是從控制節點同步時間。
server controller iburst
1 在控制節點上運行此命令
#ntpq -c peers
remote refid st t when poll reach delay offset jitter
==============================================================================
dns2.synet.edu. 202.118.1.46 2 u 67 64 11 114.585 6.251 52.688
*ts0.itsc.cuhk.e .GPS. 1 u 64 64 37 79.028 -37.503 17.905
web10.hnshostin 193.67.79.202 2 u 4 64 77 474.192 -58.614 12.22
你的輸出可能跟我的不一樣,沒關系有內容就OK。
2 在控制節點上運行此命令
# ntpq -c assoc
ind assid status conf reach auth condition last_event cnt
===========================================================
1 61846 9424 yes yes none candidate reachable 2
2 61847 963a yes yes none sys.peer sys_peer 3
3 61848 9324 yes yes none outlyer reachable 2
4 61849 9424 yes yes none candidate reachable 2
你的輸出可能跟我的不一樣,沒關系有內容就OK。
3 在其它節點上運行此命令
ntpq -c peers
remote refid st t when poll reach delay offset jitter
==============================================================================
*controller 137.189.4.10 2 u 29 64 1 0.154 18.278 0.610
輸出結果中的remote列,應該是控制節點的hostname.
4 在其它節點上運行下面的命令
# ntpq -c assoc
ind assid status conf reach auth condition last_event cnt
===========================================================
1 45051 963a yes yes none sys.peer sys_peer 3
condition列的值應該是sys.peer
# apt-get install ubuntu-cloud-keyring
# echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu" \
"trusty-updates/juno main" > /etc/apt/sources.list.d/cloudarchive-juno.list
1 安裝MySQL
在數據庫只需要安裝在controller節點上。
# apt-get install mysql-server python-mysqldb
在安裝時要求輸入root用戶的密碼,在本文裡統一用openstack這個密碼了。
2 編輯/etc/mysql/my.cnf,完成下面所提的操作。
[mysqld]
...
bind-address = 10.0.0.11
...
default-storage-engine = innodb
innodb_file_per_table
collation-server = utf8_general_ci
init-connect = 'SET NAMES utf8'
character-set-server = utf8
重啟mysql服務。
OpenStack使用消息中間件來傳遞服務之間的操作和狀態,消息中間件通常安裝在控制節點
。OpenStack支持幾種消息中間件,這裡我們安裝最常用的RabbitMQ。
# apt-get install rabbitmq-server
配置RabbitMQ
RabbitMQ在安裝時創建了一個用戶guest
,我們就用這個用戶了,只是把他的密碼修改為openstack
# rabbitmqctl change_password guest openstack
For RabbitMQ version 3.3.0 or newer, you must enable remote access for the guest account.
Check the RabbitMQ version:
# rabbitmqctl status | grep rabbit
Restart the message broker service:
# service rabbitmq-server restart
OpenStack Identity service提供如下功能
1 首先創建數據庫
登錄到控制節點的mysql
$ mysql -u root -p
創建數據庫
CREATE DATABASE keystone;
加上本地和遠程訪問這個keystone數據庫的權限。
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
IDENTIFIED BY 'openstack';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
IDENTIFIED BY 'openstack';
flush PRIVILEGES;
生成管理員的token,在初始配置時用。
# openssl rand -hex 10
7212bf54588f88818b52
# apt-get install keystone python-keystoneclient
編輯 /etc/keystone/keystone.conf完成下面的操作:
[DEFAULT]
admin_token = 7212bf54588f88818b52
verbose = True
...
[database]
connection = mysql://keystone:openstack@controller/keystone
...
[token]
#這個provider可以不用改,默認的就是uuid
provider = keystone.token.providers.uuid.Provider
#這個默認是注釋掉的,我們去掉注釋就好
driver = keystone.token.persistence.backends.sql.Token
...
[revoke]
driver = keystone.contrib.revoke.backends.sql.Revoke
...
然後重啟一下keystone服務就行了。
# service keystone restart
在安裝完Identity service後,你要創建tenants租戶(也就是projects)、用戶和角色。 你要用我們上一節創建的臨時的管理員token,在你運行keystone
命令前,手動配置Identity service endpoint。
你可以把管理員token用–os-token這個參數傳給keystone命令,也可以設置環境變量OSSERVICETOKEN。一樣的,你可以把管理員token用 Identity service的endpoint用命令行參數–os-endpoint傳給keystone,也可以設置環境變量–os-endpoint。
我們采用環境變量的方式
$ export OS_SERVICE_TOKEN=7212bf54588f88818b52
$ export OS_SERVICE_ENDPOINT=http://controller:35357/v2.0
創建管理員租戶
# keystone tenant-create --name admin --description "Admin Tenant"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Admin Tenant |
| enabled | True |
| id | 357abecb4def441eb7a36e7cf5d173c4 |
| name | admin |
+-------------+----------------------------------+
創建管理員,我們用openstack
做密碼。
# keystone user-create --name admin --pass openstack --email [email protected]
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | [email protected] |
| enabled | True |
| id | c2ba205513e448098f0e0daf80f2f649 |
| name | admin |
| username | admin |
+----------+----------------------------------+
創建管理員角色
$ keystone role-create --name admin
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| id | bff3a6083b714fa29c9344bf8930d199 |
| name | admin |
+----------+----------------------------------+
把管理員角色加到管理員用戶上
$ keystone user-role-add --user admin --tenant admin --role admin
$ keystone tenant-create --name demo --description "Demo Tenant"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Demo Tenant |
| enabled | True |
| id | 6245a74d882e451c8d7663a46103b8b2 |
| name | demo |
+-------------+----------------------------------+
$ keystone user-create --name demo --tenant demo --pass openstack --email [email protected]
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | [email protected] |
| enabled | True |
| id | 54a55d3f3c1f4797bb82d196e6c02ccd |
| name | demo |
| tenantId | 6245a74d882e451c8d7663a46103b8b2 |
| username | demo |
+----------+----------------------------------+
service tenant
下的特定的管理員,我們先來創建這個service tenant
,下節將把這些服務注冊到Identity service裡。$ keystone tenant-create --name service --description "Service Tenant"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Service Tenant |
| enabled | True |
| id | ef36de18149b4c809c4b26b63b6dda37 |
| name | service |
+-------------+----------------------------------+
你仍然需要設置OS_SERVICE_TOKEN
和OS_SERVICE_ENDPOINT
這個兩個環境變量。
Openstack維護著一個當前部署環境下可用服務的列表,一個服務想要調用另外一個服務時會先查詢一下Identity service,看看想調用的服務是否可用,部署在哪兒等。
首先當然是為Identity service創建一個服務實體了。
$ keystone service-create --name keystone --type identity \
--description "OpenStack Identity"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack Identity |
| enabled | True |
| id | 4d17778357b84921aa632a5f02a4903b |
| name | keystone |
| type | identity |
+-------------+----------------------------------+
OpenStack的服務都提供API以方便其它與之溝通,Identity service維護著這些服務的列表。一個服務用查詢這個列表以確定如何與其它服務進行溝通。
OpenStack提供三種API端點的變體:admin, internal, and public。在生產環境裡,出於安全的考慮,它們應該會部署在單獨的網絡裡,向不同的用戶提供服務。
OpenStack支持多個regions,在本文裡進行了簡化,我們把所有的API端點都部署在管理網裡,並都歸屬在regionOne
這個region下。
$ keystone endpoint-create \
--service-id $(keystone service-list | awk '/ identity / {print $2}') \
--publicurl http://controller:5000/v2.0 \
--internalurl http://controller:5000/v2.0 \
--adminurl http://controller:35357/v2.0 \
--region regionOne
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| adminurl | http://controller:35357/v2.0 |
| id | f6a1c6efb040455c8e5aa0b05d01266d |
| internalurl | http://controller:5000/v2.0 |
| publicurl | http://controller:5000/v2.0 |
| region | regionOne |
| service_id | 4d17778357b84921aa632a5f02a4903b |
+-------------+----------------------------------+
上面的命令keystone service-list | awk '/ identity / {print $2}'
返回的其實就是我創建的Identity service實體的id.
本節我們來驗證Identity service是否正確安裝。
刪除OS_SERVICE_TOKEN
and OS_SERVICE_ENDPOINT
這兩個環境變量。
$ unset OS_SERVICE_TOKEN OS_SERVICE_ENDPOINT
$ keystone --os-tenant-name admin --os-username admin --os-password openstack \
--os-auth-url http://controller:35357/v2.0 token-get
+-----------+----------------------------------+
| Property | Value |
+-----------+----------------------------------+
| expires | 2015-03-12T05:12:19Z |
| id | c9fbcb91847749f89848d968f411f571 |
| tenant_id | 357abecb4def441eb7a36e7cf5d173c4 |
| user_id | c2ba205513e448098f0e0daf80f2f649 |
+-----------+----------------------------------+
以管理員的身份查詢所有的租戶,看看我們在前面創建的tenant是否創建成功了。
$ keystone --os-tenant-name admin --os-username admin --os-password openstack \
--os-auth-url http://controller:35357/v2.0 tenant-list
+----------------------------------+---------+---------+
| id | name | enabled |
+----------------------------------+---------+---------+
| 357abecb4def441eb7a36e7cf5d173c4 | admin | True |
| 6245a74d882e451c8d7663a46103b8b2 | demo | True |
| ef36de18149b4c809c4b26b63b6dda37 | service | True |
+----------------------------------+---------+---------+
以管理員的身份查詢所有的租戶,看看我們在前面創建的用戶是否都在。
$ keystone --os-tenant-name admin --os-username admin --os-password openstack \
--os-auth-url http://controller:35357/v2.0 user-list
+----------------------------------+-------+---------+-------------------+
| id | name | enabled | email |
+----------------------------------+-------+---------+-------------------+
| c2ba205513e448098f0e0daf80f2f649 | admin | True | [email protected] |
| 54a55d3f3c1f4797bb82d196e6c02ccd | demo | True | [email protected] |
+----------------------------------+-------+---------+-------------------+
admin和demo這個用戶必須都在才對。
以管理員的身份查詢所有的租戶,看看我們在前面創建的角色是否都在。
$ keystone --os-tenant-name admin --os-username admin --os-password openstack \
--os-auth-url http://controller:35357/v2.0 role-list
+----------------------------------+----------+
| id | name |
+----------------------------------+----------+
| 9fe2ff9ee4384b1894a90878d3e92bab | _member_ |
| 92b557ad2c944613a15065d267480802 | admin |
+----------------------------------+----------+
$ keystone --os-tenant-name demo --os-username demo --os-password openstack \
--os-auth-url http://controller:35357/v2.0 token-get
+-----------+----------------------------------+
| Property | Value |
+-----------+----------------------------------+
| expires | 2015-03-12T05:57:19Z |
| id | 03732cde3a5941bfa7db76515b5422a2 |
| tenant_id | 6245a74d882e451c8d7663a46103b8b2 |
| user_id | 54a55d3f3c1f4797bb82d196e6c02ccd |
+-----------+----------------------------------+
demo用戶沒有管理權限,所以應該報403錯誤。
$ keystone --os-tenant-name demo --os-username demo --os-password openstack \
--os-auth-url http://controller:35357/v2.0 user-list
You are not authorized to perform the requested action: admin_required (HTTP 403)
上一節我們用環境變量加命令行參數的方式用keystone這個命令來與Identity service來交互。為了提高客戶端的操作效率,OpenStack支持簡單客戶端環境腳本
- OpenRC文件。這些腳本包含所有客戶端共用的一些選項,當然也可以包含特定選項。 更多信息請參考OpenStack用戶指南。
編輯admin-openrc.sh,鍵入以下內容:
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=openstack
export OS_AUTH_URL=http://controller:35357/v2.0
編輯demo-openrc.sh,鍵入以下內容:
export OS_TENANT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=openstack
export OS_AUTH_URL=http://controller:5000/v2.0
加載這些腳本,比如你想以管理員的身份來操作,請運行:
$ source admin-openrc.sh
OpenStack Image Service(glance)允許用戶發現、注冊和檢索虛擬機的映像。它提供了一個REST API,你可以用它來查詢映像的元信息和檢索映像。 你可以把映像放在安裝image service本地文件系統裡,也可以選擇放在對象存儲系統裡,如 OpenStack Object Storage。
重要 本文將把Image Service(glance)安裝在控制節點上,並使用本地文件保存映像,默認目錄為/var/lib/glance/images/,請確保控制節點有足夠的存儲空間。 如果想了解Image Service(glance)所使用的後端存儲的信息更多信息,請參考Configuration Reference。
OpenStack映像服務是它的IasS的重要核心組件,它接受磁盤或服務器映像的API請求,向用戶或OpenStack的計算組件提供映像的元數據。
一些運行在OpenStack Image Service上的周期性的進程支持緩存功能。復制服務通過集群來確保一致性和可用性。其它的服務還包含審核服務,更新服務和收割服務。
OpenStack Image Service包含以下組件:
glance-api 接受映像發現、檢索和存儲的API調用。
glance-registry Stores, processes, and retrieves metadata about images. Metadata includes items such as size and type. 存儲、處理和檢索映像的元數據,元數據包含它的大小和類型。
Note 安全備注
glance-registry是內部私有服務,只向OpenStack映像服務提供服務,不要把它暴露給用戶。
數據庫 用來保存映像的元數據。
映像存儲倉庫 支持各種存儲倉庫,包括一般文件系統,對象存儲系統,RADOS塊設備,HTTP和Amazon S3。
在安裝前,你必須創建數據庫,服務憑證和API端點。 1. 配置數據庫 數據庫安裝在控制節點上。
$ mysql -u root -p
創建 glance 數據庫
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' \
IDENTIFIED BY 'openstack';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' \
IDENTIFIED BY 'openstack';
$ source admin-openrc.sh
創建glance用戶
$ keystone user-create --name glance --pass openstack
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | |
| enabled | True |
| id | 924b65933a294f0bb5e26945689c2c38 |
| name | glance |
| username | glance |
+----------+----------------------------------+
為glance用戶添加admin角色:
$ keystone user-role-add --user glance --tenant service --role admin
創建 glance 服務實體:
$ keystone service-create --name glance --type image \
--description "OpenStack Image Service"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack Image Service |
| enabled | True |
| id | 1c95672e6b354cddaf6ce0115b6042ab |
| name | glance |
| type | image |
+-------------+----------------------------------+
創建Image Service API 端點:
$ keystone endpoint-create \
--service-id $(keystone service-list | awk '/ image / {print $2}') \
--publicurl http://controller:9292 \
--internalurl http://controller:9292 \
--adminurl http://controller:9292 \
--region regionOne
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| adminurl | http://controller:9292 |
| id | ef72bb245bca419399cf4ff304148c31 |
| internalurl | http://controller:9292 |
| publicurl | http://controller:9292 |
| region | regionOne |
| service_id | 1c95672e6b354cddaf6ce0115b6042ab |
+-------------+----------------------------------+
1 安裝包
# apt-get install glance python-glanceclient
2 編輯/etc/glance/glance-api.conf 加入下面的內容
[database]
connection = mysql://glance:GLANCE_DBPASS@controller/glance
...
[keystone_authtoken]
#Note:Comment out any auth_host, auth_port, and auth_protocol options because the identity_uri option replaces them.
auth_uri = http://controller:5000/v2.0
identity_uri = http://controller:35357
admin_tenant_name = service
admin_user = glance
admin_password = GLANCE_PASS
...
[paste_deploy]
flavor = keystone
...
[glance_store]
...
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
[DEFAULT]
...
notification_driver = noop
[DEFAULT]
...
verbose = True
在本文中GLANCEDBPASS和GLANCEPASS都為openstack
.
3 編輯 /etc/glance/glance-registry.conf 加入下面的內容:
[database]
...
connection = mysql://glance:GLANCE_DBPASS@controller/glance
[keystone_authtoken]
...
auth_uri = http://controller:5000/v2.0
identity_uri = http://controller:35357
admin_tenant_name = service
admin_user = glance
admin_password = GLANCE_PASS
[paste_deploy]
...
flavor = keystone
[DEFAULT]
...
notification_driver = noop
verbose = True
Note: 請注釋掉任何authhost、authport和authprotocol 選項 因為identityuri替換了它們.
4 裝載Image Service數據庫:
# su -s /bin/sh -c "glance-manage db_sync" glance
重啟Image服務:
# service glance-registry restart
# service glance-api restart
默認Ubuntu安裝創建了一個SQLite,你可以刪除它。
# rm -f /var/lib/glance/glance.sqlite
[1] 創建一個臨時目錄
$ mkdir /tmp/images
2 下載映像到這個臨時目錄
$ wget -P /tmp/images http://cdn.download.cirros-cloud.net/0.3.3/cirros-0.3.3-x86_64-disk.img
3 轉成管理員身份
$ source admin-openrc.sh
4 上傳映像到Image服務
$ glance image-create --name "cirros-0.3.3-x86_64" --file /tmp/images/cirros-0.3.3-x86_64-disk.img \
--disk-format qcow2 --container-format bare --is-public True --progress
[=============================>] 100%
+------------------+--------------------------------------+
| Property | Value |
+------------------+--------------------------------------+
| checksum | 133eae9fb1c98f45894a4e60d8736619 |
| container_format | bare |
| created_at | 2015-03-12T08:45:49 |
| deleted | False |
| deleted_at | None |
| disk_format | qcow2 |
| id | b460412b-4566-4d8b-8b9a-27f638f8ca58 |
| is_public | True |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros-0.3.3-x86_64 |
| owner | 357abecb4def441eb7a36e7cf5d173c4 |
| protected | False |
| size | 13200896 |
| status | active |
| updated_at | 2015-03-12T08:45:49 |
| virtual_size | None |
+------------------+--------------------------------------+
glance image-create
命令的更多信息請參見:OpenStack Command-Line Interface Reference.
關於disk和container格式的更多信息請參考OpenStack Virtual Machine Image Guide
5 查詢映像以確認數據是否正確
$ glance image-list
+--------------------------------------+---------------------+-------------+------------------+----------+--------+
| ID | Name | Disk Format | Container Format | Size | Status |
+--------------------------------------+---------------------+-------------+------------------+----------+--------+
| b460412b-4566-4d8b-8b9a-27f638f8ca58 | cirros-0.3.3-x86_64 | qcow2 | bare | 13200896 | active |
+--------------------------------------+---------------------+-------------+------------------+----------+--------+
6 刪除臨時目錄
$ rm -r /tmp/images
概念和組件的作用,請參考安裝手冊
1 配置數據庫 數據庫安裝在控制節點上。
$ mysql -u root -p
創建 glance 數據庫
CREATE DATABASE nova;
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' \
IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' \
IDENTIFIED BY 'NOVA_DBPASS';
NOVA_DBPASS我們使用openstack
.
2 切換到管理員身份
$ source admin-openrc.sh
3 To create the service credentials, complete these steps:
創建 nova 用戶:
$ keystone user-create --name nova --pass openstack
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | |
| enabled | True |
| id | 952eae64d8124b06812a5bb595f3690f |
| name | nova |
| username | nova |
+----------+----------------------------------+
為nova用戶添加admin角色:
$ keystone user-role-add --user nova --tenant service --role admin
創建 nova 服務實體:
$ keystone service-create --name nova --type compute \
--description "OpenStack Compute"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack Compute |
| enabled | True |
| id | 45a5a2e53de246f89dedf20a9d23c8f8 |
| name | nova |
| type | compute |
+-------------+----------------------------------+
創建計算服務API端點:
$ keystone endpoint-create \
--service-id $(keystone service-list | awk '/ compute / {print $2}') \
--publicurl http://controller:8774/v2/%\(tenant_id\)s \
--internalurl http://controller:8774/v2/%\(tenant_id\)s \
--adminurl http://controller:8774/v2/%\(tenant_id\)s \
--region regionOne
+-------------+-----------------------------------------+
| Property | Value |
+-------------+-----------------------------------------+
| adminurl | http://controller:8774/v2/%(tenant_id)s |
| id | 7839d34cdfb641a9884eee7b67680391 |
| internalurl | http://controller:8774/v2/%(tenant_id)s |
| publicurl | http://controller:8774/v2/%(tenant_id)s |
| region | regionOne |
| service_id | 45a5a2e53de246f89dedf20a9d23c8f8 |
+-------------+-----------------------------------------+
1 安裝相關包
# apt-get install nova-api nova-cert nova-conductor nova-consoleauth \
nova-novncproxy nova-scheduler python-novaclient
2 編輯 /etc/nova/nova.conf 加入下面的內容
默認安裝nova.conf內容好少,你要手動添加下面的內容。
[database]
...
connection = mysql://nova:openstack@controller/nova
[DEFAULT]
...
rpc_backend = rabbit
rabbit_host = controller
rabbit_password = openstack
auth_strategy = keystone
#這個IP應該是管理網段的IP
my_ip = 10.0.0.11
vncserver_listen = 10.0.0.11
vncserver_proxyclient_address = 10.0.0.11
verbose = True
[keystone_authtoken]
...
auth_uri = http://controller:5000/v2.0
identity_uri = http://controller:35357
admin_tenant_name = service
admin_user = nova
admin_password = openstack
[glance]
...
host = controller
3 裝載計算服務數據庫:
# su -s /bin/sh -c "nova-manage db sync" nova
重啟計算服務
# service nova-api restart
# service nova-cert restart
# service nova-consoleauth restart
# service nova-scheduler restart
# service nova-conductor restart
# service nova-novncproxy restart
終於到了計算節點了
1 安裝包
# apt-get install nova-compute sysfsutils
2 編輯 /etc/nova/nova.conf 加入下面的內容
默認安裝nova.conf內容好少,你要手動添加下面的內容。
[DEFAULT]
...
rpc_backend = rabbit
rabbit_host = controller
rabbit_password = openstack
auth_strategy = keystone
my_ip = 10.0.0.31
vnc_enabled = True
vncserver_listen = 0.0.0.0
vncserver_proxyclient_address = 10.0.0.31
novncproxy_base_url = http://controller:6080/vnc_auto.html
verbose = True
[keystone_authtoken]
...
auth_uri = http://controller:5000/v2.0
identity_uri = http://controller:35357
admin_tenant_name = service
admin_user = nova
admin_password = openstack
[glance]
...
host = controller
先看看這個節點支不支持硬件虛擬化
# egrep -c '(vmx|svm)' /proc/cpuinfo
如果返回的結果是0,那你就需要編輯/etc/nova/nova-compute.conf
這個文件,把virt_type改成qemu:
[libvirt]
...
virt_type = qemu
重啟計算服務
# service nova-compute restart
請在控制節點上運行下面的命令
1 切換為管理員
$ source admin-openrc.sh
2 列出所有的服務組件
$ nova service-list
+----+------------------+-----------+----------+---------+-------+----------------------------+-----------------+
| Id | Binary | Host | Zone | Status | State | Updated_at | Disabled Reason |
+----+------------------+-----------+----------+---------+-------+----------------------------+-----------------+
| 1 | nova-cert | localhost | internal | enabled | up | 2015-03-12T10:04:04.000000 | - |
| 2 | nova-scheduler | localhost | internal | enabled | up | 2015-03-12T10:04:12.000000 | - |
| 3 | nova-consoleauth | localhost | internal | enabled | up | 2015-03-12T10:04:12.000000 | - |
| 4 | nova-conductor | localhost | internal | enabled | up | 2015-03-12T10:04:11.000000 | - |
| 5 | nova-compute | localhost | nova | enabled | up | 2015-03-12T10:04:06.000000 | - |
+----+------------------+-----------+----------+---------+-------+----------------------------+-----------------+
Host那一列都是localhost有問題,我設置了hostname但是沒有重啟機器。重啟以後應該會好。
3 列出所有映像
$ nova image-list
+--------------------------------------+---------------------+--------+--------+
| ID | Name | Status | Server |
+--------------------------------------+---------------------+--------+--------+
| b460412b-4566-4d8b-8b9a-27f638f8ca58 | cirros-0.3.3-x86_64 | ACTIVE | |
+--------------------------------------+---------------------+--------+--------+