码迷,mamicode.com
首页 > 其他好文 > 详细

Openstack 单控制节点部署实例

时间:2015-11-06 07:20:06      阅读:635      评论:0      收藏:0      [点我收藏+]

标签:openstack ceph openstack安装

一、前期准备

1、openstack集群设备列表

10.240.216.101 os-node1    控制节点(ceph mon mds节点)

10.240.216.102 os-node2    计算节点(ceph mon mds节点)

10.240.216.103 os-node3    计算节点(ceph mon mds节点)

10.240.216.104 os-node4    存储节点(ceph osd节点)

10.240.216.105 os-node5    存储节点(ceph osd节点)

2、系统版本

[root@os-node1 ~]# cat /etc/redhat-release 

Red Hat Enterprise Linux Server release 6.5 (Santiago)

3、系统内核

[root@os-node1 ~]# uname -r

2.6.32-431.el6.x86_64

4、配置host主机(从第4---12步在所有的节点都要配置)

# vi /etc/hosts

10.240.216.101 os-node1

10.240.216.102 os-node2

10.240.216.103 os-node3

10.240.216.104 os-node4

10.240.216.105 os-node5

5、关闭NetworkManager服务开启network服务

service NetworkManager stop

service network start

chkconfig NetworkManager off

chkconfig network on

6、卸载redhat自带的yum包(用redhat的yum源需注册付费,费时费力,需要卸载redhat的yum包,安装centos的

rpm -qa | grep yum | xargs rpm -e --nodeps

7、安装centos的yum包

可以通过http://mirrors.163.com/centos下载,或http://pan.baidu.com/s/1qW0MbgC下载相关安装包

rpm -ivh python-iniparse-0.3.1-2.1.el6.noarch.rpm

rpm -ivh yum-metadata-parser-1.1.2-16.el6.x86_64.rpm

rpm -ivh yum-3.2.29-40.el6.centos.noarch.rpm yum-plugin-fastestmirror-1.1.30-14.el6.noarch.rpm



编辑一个自己的yum源

[root@os-node1 ~]# vi /etc/yum.repos.d/my.repo

a

[base]

name=CentOS-6 - Base - 163.com

baseurl=http://mirrors.163.com/centos/6.5/os/$basearch/

#mirrorlist=http://mirrorlist.centos.org/?release=6&arch=$basearch&repo=os

gpgcheck=1

gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-6

exclude=*ceph*       (#加上此条命令,安装python-ceph、ceph时,不从此yum源中寻找ceph相关的软件)  


[updates]

name=CentOS-6 - Updates - 163.com

baseurl=http://mirrors.163.com/centos/6.5/updates/$basearch/

#mirrorlist=http://mirrorlist.centos.org/?release=6&arch=$basearch&repo=updates

gpgcheck=1

gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-6

exclude=*ceph* 


[extras]

name=CentOS-6 - Extras - 163.com

baseurl=http://mirrors.163.com/centos/6.5/extras/$basearch/

#mirrorlist=http://mirrorlist.centos.org/?release=6&arch=$basearch&repo=extras

gpgcheck=1

gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-6

exclude=*ceph*

 

8、安装ceph软件包key

(1)、release.asc key、autobuild.asc key

rpm --import ‘https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/release.asc‘

rpm --import ‘https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/autobuild.asc‘

(2)、安装ceph附加包源ceph-extras.repo,设置priority=2,确保新的包(如qemu)优先级比标准包的高。

vi /etc/yum.repos.d/ceph-extras.repo

a

[ceph-extras-source]

name=Ceph Extras Sources

baseurl=http://ceph.com/packages/ceph-extras/rpm/rhel6.5/SRPMS

enabled=1

priority=2

gpgcheck=1

type=rpm-md

gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/release.asc



(3)、安装ceph源

vi /etc/yum.repos.d/ceph.repo

a

[ceph]

name=Ceph packages for $basearch

baseurl=http://ceph.com/rpm/rhel6/$basearch

enabled=1

gpgcheck=1

type=rpm-md

gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/release.asc


[ceph-noarch]

name=Ceph noarch packages

baseurl=http://ceph.com/rpm/rhel6/noarch

enabled=1

gpgcheck=1

type=rpm-md

gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/release.asc


[ceph-source]

name=Ceph source packages

baseurl=http://ceph.com/rpm/rhel6/SRPMS

enabled=0

gpgcheck=1

type=rpm-md

gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/release.asc




(4)、安装epel yum源

rpm -Uvh http://mirrors.sohu.com/fedora-epel/6/x86_64/epel-release-6-8.noarch.rpm(redhat6版本的)

rpm -Uvh http://mirrors.sohu.com/fedora-epel/7/x86_64/e/epel-release-7-2.noarch.rpm (redhat 7 版本的)


注: openstack的控制节点及计算节点需要安装ceph client  (在openstack控制节点及计算节点上需要按下面的方式编辑epel源)

重新编辑以前的epel yum源 (下面的加入一条exclude=*ceph*命令)


[root@os-node1 ~]# vi /etc/yum.repos.d/epel.repo 

[epel]

name=Extra Packages for Enterprise Linux 6 - $basearch

#baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch

mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch

failovermethod=priority

enabled=1

gpgcheck=1

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6

exclude=*ceph*   #加上此条命令,安装python-ceph、ceph时,不从此yum源中寻找ceph相关的软件 

[epel-debuginfo]

name=Extra Packages for Enterprise Linux 6 - $basearch - Debug

#baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch/debug

mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-debug-6&arch=$basearch

failovermethod=priority

enabled=0

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6

gpgcheck=1

exclude=*ceph*  #加上此条命令,安装python-ceph、ceph时,不从此yum源中寻找ceph相关的软件 

[epel-source]

name=Extra Packages for Enterprise Linux 6 - $basearch - Source

#baseurl=http://download.fedoraproject.org/pub/epel/6/SRPMS

mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-source-6&arch=$basearch

failovermethod=priority

enabled=0

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6

gpgcheck=1

exclude=*ceph*  #加上此条命令,安装python-ceph、ceph时,不从此yum源中寻找ceph相关的软件 


9、安装openstack包yum源

openstack包可以用redhat RDO openstack包库,下载redhat数据包库并安装

下面是三种不同的版本随便安装一个版本就可以

https://repos.fedorapeople.org/repos/openstack/openstack-havana/rdo-release-havana-9.noarch.rpm


yum install -y https://repos.fedorapeople.org/repos/openstack/openstack-icehouse/epel-6/rdo-release-icehouse-4.noarch.rpm(redhat6.5安装)

yum install -y https://repos.fedorapeople.org/repos/openstack/openstack-icehouse/epel-7/rdo-release-icehouse-4.noarch.rpm(redhat7.0安装)



yum install -y http://repos.fedorapeople.org/repos/openstack/openstack-juno/rdo-release-juno-1.noarch.rpm(暂时只支持centos7安装)



10、更新yum 源

yum clean all

yum update -y


11、安装openstack工具

yum install -y openstack-utils


12、关闭所有节点的防火墙及关闭selinux,重启机器。

 service iptables stop

 service ip6tables stop

 chkconfig iptables off

 chkconfig ip6tables off


echo "/etc/init.d/iptables stop" >> /etc/rc.local 

echo "/etc/init.d/ip6tables stop" >> /etc/rc.local


echo "*/5 * * * *    /etc/init.d/iptables stop" >> /var/spool/cron/root

echo "*/5 * * * *    /etc/init.d/ip6tables stop" >> /var/spool/cron/root


 sed -i ‘/SELINUX/s/enforcing/disabled/‘ /etc/selinux/config


reboot


13、配置NTP服务器

把os-node1配置成ntp服务器,其他节点同步os-node1


在控制节点上安装NTP服务

# yum -y install ntp


编辑ntp配置文件

# vi /etc/ntp.conf

屏蔽掉下面几行

#server 0.centos.pool.ntp.org iburst

#server 1.centos.pool.ntp.org iburst

#server 2.centos.pool.ntp.org iburst

#server 3.centos.pool.ntp.org iburst


在最后下面加入下面两行(ntp服务器同步本地时间)

server 127.127.1.0

fudge 127.127.1.0 stratum 10


启动NTP服务器并配成开机自启动

service ntpd restart

chkconfig ntpd on

[root@os-node1 ~] ntpq -p

     remote           refid      st t when poll reach   delay   offset  jitter

==============================================================================

*LOCAL(0)        .LOCL.          10 l   35   64   17    0.000    0.000   0.000


关闭防火墙

[root@os-node1 ~]# service iptables stop

iptables: Flushing firewall rules: [  OK  ]

iptables: Setting chains to policy ACCEPT: filter [  OK  ]

iptables: Unloading modules: [  OK  ]


其他节点时间都同步控制节点(等待5分钟再进行同步,等ntp服务器的reach的值达到17的时候才可以)

[root@compute ~]# ntpdate 10.240.216.101

12 Jun 23:51:35 ntpdate[2781]: adjust time server 10.240.216.101 offset 0.033492 sec


14、在控制节点安装并配置mysql

[root@os-node1 ~]# yum install -y mysql mysql-server MySQL-python


编辑mysql配置文件

[root@os-node1 ~]# vi /etc/my.cnf 

[mysqld]

bind-address = 10.240.216.101  #加入绑定IP一行,默认没有这行



启动mysql服务并设置开机自启动

service mysqld start

chkconfig mysqld on


修改mysql的密码 (把密码修改为jiayuan.com,也可以不设置密码,不需要执行此步骤)

[root@os-node1 ~]# mysqladmin -uroot -p password ‘jiayuan.com‘  #把密码修改为jiayuan.com

Enter password:              #输入当前的密码,数据库默认没有密码

[root@os-node1 ~]# 



在其他节点安装mysql客户端

[root@compute ~]# yum install -y mysql MySQL-python


15、配置消息队列服务

这里用Qpid消息队列服务,RabbitMQand ZeroMQ (0MQ)也可以使用。

在控制节点安装qpid server

[root@os-node1 ~]# yum install -y qpid-cpp-server memcached

编辑配置文件,关闭认证方式

vi /etc/qpidd.conf

auth = no 


启动Qpid服务并设备开机自启动

service qpidd start

chkconfig qpidd on


二、部署ceph存储

1、在控制节点上安装ceph部署工具及ceph 相关软件

    yum install ceph-deploy  -y

    yum install ceph -y

    yum install python-ceph -y   #rbd模块使用

2、在计算、存储及节点安装ceph软件

    yum install ceph -y


3、在所有节点安装ceph依赖的软件及模块

yum install *argparse* redhat-lsb xfs*  -y



4、准备各节点的osd分区并格式化

[root@os-node4 ~]# fdisk /dev/sda

[root@os-node4 ~]# partx -a /dev/sda


5、为块存储安装虚拟化软件

(1)、如果之前有qemu模块先删除,确保之后安装的是最完善的

yum remove -y qemu-kvm qemu-kvm-tools qemu-img

(2)、卸载后重新安装qemu

yum install -y qemu-kvm qemu-kvm-tools qemu-img

(3)、安装qemu客户代理

yum install -y qemu-guest-agent 

(4)、安装libvirt软件包

yum install -y libvirt


三、搭建ceph集群  (此步骤可以用附录中的ceph快速脚本安装)

搭建mon节点

1、建立第一个mon节点

(1)、登录监控节点os-node1节点

ls /etc/ceph      #查看ceph配置文件目录是否有东西

(2)、创建ceph配置文件并配置ceph配置文件内的内容

touch /etc/ceph/ceph.conf  #创建一个ceph配置文件

[root@client ~]# uuidgen      #执行此命令可以得到一个唯一的标识,作为ceph集群ID

f11240d4-86b1-49ba-aacc-6d3d37b24cc4

fsid = f11240d4-86b1-49ba-aacc-6d3d37b24cc4  #此标识就是上面得到的,把此条命令加入ceph的配置文件

mon initial members = os-node1,os-node2,os-node3    #os-node1、os-node2、os-node3作为ceph集群的监控节点,把此条命令加入到ceph配置文件

mon host = os-node1,10.240.216.102,10.240.216.103   #监控节点的地址,把此条命令加入ceph的配置文件中

按下面的内容编辑ceph配置文件

vi /etc/ceph/ceph.conf

[global]

fsid = f11240d4-86b1-49ba-aacc-6d3d37b24cc4

mon initial members = os-node1,os-node2,os-node3

mon host = os-node1,10.240.216.102,10.240.216.103

public network = 10.240.216.0/24

auth cluster required = cephx

auth service required = cephx

auth client required = cephx

osd journal size = 1024

filestore xattr use omap = true

osd pool default size = 2

osd pool default min size = 1

osd crush chooseleaf type = 1

osd_mkfs_type = xfs

max mds = 5

mds max file size = 100000000000000

mds cache size = 1000000

mon osd down out interval = 900         #设置osd节点down后900s,把此osd节点逐出ceph集群,把之前映射到此节点的数据映射到其他节点。

#cluster_network = 10.240.216.0/24

[mon]

mon clock drift allowed = .50           #把时钟偏移设置成0.5s,默认是0.05s,由于ceph集群中存在异构PC,导致时钟偏移总是大于0.05s,为了方便同步直接把时钟偏移设置成0.5s

(3)、在os-node1创建各种密钥

ceph-authtool --create-keyring /tmp/ceph.mon.keyring --gen-key -n mon. --cap mon ‘allow *‘   #为监控节点创建管理密钥

ceph-authtool --create-keyring /etc/ceph/ceph.client.admin.keyring --gen-key -n client.admin --set-uid=0 --cap mon ‘allow *‘ --cap osd ‘allow *‘ --cap mds ‘allow‘   #为ceph amin用户创建管理集群的密钥并赋予访问权限

ceph-authtool /tmp/ceph.mon.keyring --import-keyring /etc/ceph/ceph.client.admin.keyring     #添加client.admin key到 ceph.mon.keyring

(4)、在os-node1监控节点创建一个mon数据目录

mkdir -p /var/lib/ceph/mon/ceph-os-node1

(5)、在os-node1创建一个boot引导启动osd的key

mkdir -p /var/lib/ceph/bootstrap-osd/

ceph-authtool -C /var/lib/ceph/bootstrap-osd/ceph.keyring

(6)、在os-node1节点上初始化mon节点,执行下面的命令

ceph-mon --mkfs -i os-node1 --keyring /tmp/ceph.mon.keyring

(7)、为了防止重新被安装创建一个空的done文件

touch /var/lib/ceph/mon/ceph-os-node1/done

(8)、创建一个空的初始化文件

touch /var/lib/ceph/mon/ceph-os-node1/sysvinit

(9)、启动ceph进程

/sbin/service ceph -c /etc/ceph/ceph.conf start mon.os-node1

(10)、查看asok mon状态

[root@os-node1 ~]# ceph --cluster=ceph --admin-daemon /var/run/ceph/ceph-mon.os-node1.asok mon_status


2、建立第二个mon节点

(1)、复制os-node1节点的/etc/ceph目录到os-node2

scp /etc/ceph/* os-node2:/etc/ceph/

(2)、在os-node2节点上新建一个/var/lib/ceph/bootstrap-osd/目录

mkdir /var/lib/ceph/bootstrap-osd/

(3)、复制os-node1节点上的/var/lib/ceph/bootstrap-osd/ceph.keyring文件到os-node2

scp /var/lib/ceph/bootstrap-osd/ceph.keyring os-node2:/var/lib/ceph/bootstrap-osd/

(4)、复制os-node1节点上的/tmp/ceph.mon.keyring

scp /tmp/ceph.mon.keyring os-node2:/tmp/

(5)、在os-node2节点上建立一个/var/lib/ceph/mon/ceph-os-node2目录

mkdir -p /var/lib/ceph/mon/ceph-os-node2

(6)、在os-node2节点上初始化mon节点,执行下面的命令

ceph-mon --mkfs -i os-node2  --keyring /tmp/ceph.mon.keyring

(7)、为了防止重新被安装创建一个空的done文件

touch /var/lib/ceph/mon/ceph-os-node2/done

(8)、创建一个空的初始化文件

touch /var/lib/ceph/mon/ceph-os-node2/sysvinit

(9)、启动ceph进程

/sbin/service ceph -c /etc/ceph/ceph.conf start mon.os-node2


3、建立第三个mon节点

(1)、复制os-node1节点的/etc/ceph目录到os-node3

scp /etc/ceph/* os-node3:/etc/ceph/

(2)、在os-node3节点上新建一个/var/lib/ceph/bootstrap-osd/目录

mkdir /var/lib/ceph/bootstrap-osd/

(3)、复制os-node1节点上的/var/lib/ceph/bootstrap-osd/ceph.keyring文件到os-node3

scp /var/lib/ceph/bootstrap-osd/ceph.keyring os-node3:/var/lib/ceph/bootstrap-osd/

(4)、复制os-node1节点上的/tmp/ceph.mon.keyring

scp /tmp/ceph.mon.keyring os-node3:/tmp/

(5)、在os-node3节点上建立一个/var/lib/ceph/mon/ceph-os-node3目录

mkdir -p /var/lib/ceph/mon/ceph-os-node3

(6)、在os-node3节点上初始化mon节点,执行下面的命令

ceph-mon --mkfs -i os-node3  --keyring /tmp/ceph.mon.keyring

(7)、为了防止重新被安装创建一个空的done文件

touch /var/lib/ceph/mon/ceph-os-node3/done

(8)、创建一个空的初始化文件

touch /var/lib/ceph/mon/ceph-os-node3/sysvinit

(9)、启动ceph进程

/sbin/service ceph -c /etc/ceph/ceph.conf start mon.os-node3

(10)、查看集群状态

[root@os-node1 ~]# ceph -w

   cluster f11240d4-86b1-49ba-aacc-6d3d37b24cc4

     health HEALTH_ERR 192 pgs stuck inactive; 192 pgs stuck unclean; no osds

     monmap e2: 3 mons at {os-node1=os-node1:6789/0,os-node2=10.240.216.102:6789/0,os-node3=10.240.216.103:6789/0}, election epoch 6, quorum 0,1,2 os-node1,os-node2,os-node3

     osdmap e1: 0 osds: 0 up, 0 in

      pgmap v2: 192 pgs, 3 pools, 0 bytes data, 0 objects

            0 kB used, 0 kB / 0 kB avail

                 192 creating

2014-07-14 18:39:03.379373 mon.0 [INF] mdsmap e1: 0/0/5 up

(12)、查看ceph pool

ceph osd lspools


1、添加osd节点


添加第一块osd节点

(1)、创建一个OSD,生成一个osd number

[root@os-node4~]# ceph osd create

0

(2)、为osd节点创建一个osd目录

[root@os-node4 ~]#  mkdir -p /var/lib/ceph/osd/ceph-0

(3)、格式化已准备好的osd硬盘(格式化为xfs格式)

[root@os-node4 ~]# mkfs.xfs -f /dev/sda6

meta-data=/dev/sda6              isize=256    agcount=4, agsize=1310720 blks

         =                       sectsz=512   attr=2, projid32bit=0

data     =                       bsize=4096   blocks=5242880, imaxpct=25

         =                       sunit=0      swidth=0 blks

naming   =version 2              bsize=4096   ascii-ci=0

log      =internal log           bsize=4096   blocks=2560, version=2

         =                       sectsz=512   sunit=0 blks, lazy-count=1

realtime =none                   extsz=4096   blocks=0, rtextents=0


(4)、挂在目录

[root@os-node4 ~]# mount -o user_xattr /dev/sda6 /var/lib/ceph/osd/ceph-0

mount: wrong fs type, bad option, bad superblock on /dev/sda6,

       missing codepage or helper program, or other error

       In some cases useful info is found in syslog - try

       dmesg | tail  or so

执行上面的命令会报错

解决的办法是:用下面的两条命令替代上面的一条命令。

[root@os-node4 ~]# mount /dev/sda6 /var/lib/ceph/osd/ceph-0

[root@os-node4 ~]# mount -o remount,user_xattr /var/lib/ceph/osd/ceph-0

查看挂载的情况

[root@os-node4 ~]# mount

/dev/sda3 on / type ext4 (rw)

proc on /proc type proc (rw)

sysfs on /sys type sysfs (rw)

devpts on /dev/pts type devpts (rw,gid=5,mode=620)

tmpfs on /dev/shm type tmpfs (rw)

/dev/sda1 on /boot type ext4 (rw)

/dev/sda2 on /var type ext4 (rw)

none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)

/dev/sda6 on /var/lib/ceph/osd/ceph-0 type xfs (rw,user_xattr)


把上面的挂载信息写入分区表

[root@os-node4 ~]# vi /etc/fstab

/dev/sda6                /var/lib/ceph/osd/ceph-0  xfs   defaults        0 0

/dev/sda6                /var/lib/ceph/osd/ceph-0  xfs   remount,user_xattr  0 0


(5)、初始化osd数据目录

[root@os-node4 ~]# ceph-osd -i 0 --mkfs --mkkey 

(6)、注册osd的认证密钥

[root@os-node4 ~]# ceph auth add osd.0 osd ‘allow *‘ mon ‘allow profile osd‘ -i /var/lib/ceph/osd/ceph-0/keyring

(7)、为此osd节点创建一个crush map

[root@os-node4 ~]# ceph osd crush add-bucket os-node4 host

added bucket os-node1 type host to crush map

(8)、Place the Ceph os-node under the root default

[root@os-node4 ~]# ceph osd crush move os-node4 root=default

moved item id -2 name ‘os-node4‘ to location {root=default} in crush map

(9)、

[root@os-node4 ~]# ceph osd crush add osd.0 1.0 host=os-node4

add item id 0 name ‘osd.0‘ weight 1 at location {host=os-node4} to crush map

(10)、创建一个初始化目录

[root@os-node4 ~]# touch /var/lib/ceph/osd/ceph-0/sysvinit

(11)、启动osd进程

/etc/init.d/ceph start osd.0

(12)、查看osd目录树

[root@os-node4 ~]# ceph osd tree

# id    weight  type name       up/down reweight

-1      1       root default

-2      1               host os-node4

0       1                       osd.0   up      1




2、添加第二个osd节点


(1)、创建一个OSD,生成一个osd number

[root@os-node5 ~]# ceph osd create

1

(2)、为osd节点创建一个osd目录

[root@os-node5 ~]# mkdir -p /var/lib/ceph/osd/ceph-1

(3)、格式化已准备好的osd硬盘,并挂在到上一步创建的osd目录(格式化为xfs格式)

[root@os-node5 ~]# mkfs.xfs -f /dev/sda6

meta-data=/dev/sda6              isize=256    agcount=4, agsize=1310720 blks

         =                       sectsz=512   attr=2, projid32bit=0

data     =                       bsize=4096   blocks=5242880, imaxpct=25

         =                       sunit=0      swidth=0 blks

naming   =version 2              bsize=4096   ascii-ci=0

log      =internal log           bsize=4096   blocks=2560, version=2

         =                       sectsz=512   sunit=0 blks, lazy-count=1

realtime =none                   extsz=4096   blocks=0, rtextents=0


(4)、挂在目录

[root@os-node5 ~]# mount -o user_xattr /dev/sda6 /var/lib/ceph/osd/ceph-1

mount: wrong fs type, bad option, bad superblock on /dev/sda6,

       missing codepage or helper program, or other error

       In some cases useful info is found in syslog - try

       dmesg | tail  or so

执行上面的命令会报错

解决的办法是:用下面的两条命令替代上面的一条命令。

[root@os-node5 ~]# mount /dev/sda6 /var/lib/ceph/osd/ceph-1

[root@os-node5 ~]# mount -o remount,user_xattr /var/lib/ceph/osd/ceph-1

查看挂载的情况

[root@os-node5 ~]# mount

/dev/sda3 on / type ext4 (rw)

proc on /proc type proc (rw)

sysfs on /sys type sysfs (rw)

devpts on /dev/pts type devpts (rw,gid=5,mode=620)

tmpfs on /dev/shm type tmpfs (rw)

/dev/sda1 on /boot type ext4 (rw)

/dev/sda2 on /var type ext4 (rw)

none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)

/dev/sda6 on /var/lib/ceph/osd/ceph-1 type xfs (rw,user_xattr)


把上面的挂载信息写入分区表

[root@os-node5 ~]# vi /etc/fstab

/dev/sda6                /var/lib/ceph/osd/ceph-1  xfs   defaults        0 0

/dev/sda6                /var/lib/ceph/osd/ceph-1  xfs   remount,user_xattr  0 0


(5)、初始化osd数据目录

[root@os-node5 ~]# ceph-osd -i 1 --mkfs --mkkey 

2014-06-25 23:17:37.633040 7fa8fd06b7a0 -1 journal FileJournal::_open: disabling aio for non-block journal.  Use journal_force_aio to force use of aio anyway

2014-06-25 23:17:37.740713 7fa8fd06b7a0 -1 journal FileJournal::_open: disabling aio for non-block journal.  Use journal_force_aio to force use of aio anyway

2014-06-25 23:17:37.744937 7fa8fd06b7a0 -1 filestore(/var/lib/ceph/osd/ceph-1) could not find 23c2fcde/osd_superblock/0//-1 in index: (2) No such file or directory

2014-06-25 23:17:37.812999 7fa8fd06b7a0 -1 created object store /var/lib/ceph/osd/ceph-1 journal /var/lib/ceph/osd/ceph-1/journal for osd.1 fsid f11240d4-86b1-49ba-aacc-6d3d37b24cc4

2014-06-25 23:17:37.813192 7fa8fd06b7a0 -1 auth: error reading file: /var/lib/ceph/osd/ceph-1/keyring: can‘t open /var/lib/ceph/osd/ceph-1/keyring: (2) No such file or directory

2014-06-25 23:17:37.814050 7fa8fd06b7a0 -1 created new key in keyring /var/lib/ceph/osd/ceph-1/keyring

(6)、注册osd的认证密钥

[root@os-node5 ~]# ceph auth add osd.1 osd ‘allow *‘ mon ‘allow profile osd‘ -i /var/lib/ceph/osd/ceph-1/keyring

added key for osd.1

(7)、为此osd节点创建一个crush map

[[root@os-node5 ~]# ceph osd crush add-bucket os-node5 host

added bucket os-node2 type host to crush map

(8)、Place the Ceph os-node under the root default

[root@os-node5 ~]# ceph osd crush move os-node5 root=default

moved item id -3 name ‘os-node5‘ to location {root=default} in crush map

(9)、

[root@os-node5 ~]#  ceph osd crush add osd.1 1.0 host=os-node5

add item id 1 name ‘osd.1‘ weight 1 at location {host=os-node5} to crush map

(10)、创建一个初始化目录

[root@os-node5 ~]#  touch /var/lib/ceph/osd/ceph-1/sysvinit

(11)、启动osd进程

[root@os-node5 ~]# /etc/init.d/ceph start osd.1

=== osd.1 === 

create-or-move updated item name ‘osd.1‘ weight 0.02 at location {host=os-node5,root=default} to crush map

Starting Ceph osd.1 on os-node5...

starting osd.1 at :/0 osd_data /var/lib/ceph/osd/ceph-1 /var/lib/ceph/osd/ceph-1/journal

(12)、查看osd目录树

[root@os-node5 ~]# ceph osd tree

# id    weight  type name       up/down reweight

-1      2       root default

-2      1               host os-node4

0       1                       osd.0   up      1

-3      1               host os-node4

1       1                       osd.1   up      1



3、添加第三块osd节点


(1)、创建一个OSD,生成一个osd number

[root@os-node6 ~]# ceph osd create

2

(2)、为osd节点创建一个osd目录

[root@os-node6 ~]# mkdir -p /var/lib/ceph/osd/ceph-2

(3)、格式化已准备好的osd硬盘(格式化为xfs格式)

[root@os-node6 ~]# mkfs.xfs -f /dev/sda6

meta-data=/dev/sdb               isize=256    agcount=4, agsize=1310720 blks

         =                       sectsz=512   attr=2, projid32bit=0

data     =                       bsize=4096   blocks=5242880, imaxpct=25

         =                       sunit=0      swidth=0 blks

naming   =version 2              bsize=4096   ascii-ci=0

log      =internal log           bsize=4096   blocks=2560, version=2

         =                       sectsz=512   sunit=0 blks, lazy-count=1

realtime =none                   extsz=4096   blocks=0, rtextents=0


(4)、挂在目录

[root@os-node6 ~]# mount -o user_xattr /dev/sdb /var/lib/ceph/osd/ceph-2

mount: wrong fs type, bad option, bad superblock on /dev/sda6,

       missing codepage or helper program, or other error

       In some cases useful info is found in syslog - try

       dmesg | tail  or so

执行上面的命令会报错

解决的办法是:用下面的两条命令替代上面的一条命令。

[root@os-node6 ~]# mount /dev/sda6 /var/lib/ceph/osd/ceph-2

[root@os-node6 ~]# mount -o remount,user_xattr /var/lib/ceph/osd/ceph-2

查看挂载的情况

[root@os-node6 ~]# mount


把上面的挂载信息写入分区表

[root@os-node6 ~]# vi /etc/fstab

/dev/sda6                /var/lib/ceph/osd/ceph-2  xfs   defaults        0 0

/dev/sda6                /var/lib/ceph/osd/ceph-2  xfs   remount,user_xattr  0 0


(5)、初始化osd数据目录

[root@os-node6 ~]#  ceph-osd -i 2 --mkfs --mkkey 

2014-06-25 23:29:01.734251 7f52915927a0 -1 journal FileJournal::_open: disabling aio for non-block journal.  Use journal_force_aio to force use of aio anyway

2014-06-25 23:29:01.849158 7f52915927a0 -1 journal FileJournal::_open: disabling aio for non-block journal.  Use journal_force_aio to force use of aio anyway

2014-06-25 23:29:01.852189 7f52915927a0 -1 filestore(/var/lib/ceph/osd/ceph-2) could not find 23c2fcde/osd_superblock/0//-1 in index: (2) No such file or directory

2014-06-25 23:29:01.904476 7f52915927a0 -1 created object store /var/lib/ceph/osd/ceph-2 journal /var/lib/ceph/osd/ceph-2/journal for osd.2 fsid f11240d4-86b1-49ba-aacc-6d3d37b24cc4

2014-06-25 23:29:01.904712 7f52915927a0 -1 auth: error reading file: /var/lib/ceph/osd/ceph-2/keyring: can‘t open /var/lib/ceph/osd/ceph-2/keyring: (2) No such file or directory

2014-06-25 23:29:01.905376 7f52915927a0 -1 created new key in keyring /var/lib/ceph/osd/ceph-2/keyring

[root@os-node6 ~]# 

(6)、注册osd的认证密钥

[root@os-node6 ~]# ceph auth add osd.2 osd ‘allow *‘ mon ‘allow profile osd‘ -i /var/lib/ceph/osd/ceph-2/keyring

added key for osd.2

(7)、为此osd节点创建一个crush map

[root@os-node6 ~]# ceph osd crush add-bucket os-node6 host

added bucket os-node6 type host to crush map

(8)、Place the Ceph os-node under the root default

[root@os-node6 ~]# ceph osd crush move os-node6 root=default

moved item id -4 name ‘os-node6‘ to location {root=default} in crush map

(9)、

[root@os-node6 ~]# ceph osd crush add osd.2 1.0 host=os-node6

add item id 2 name ‘osd.2‘ weight 1 at location {host=os-node6} to crush map

(10)、创建一个初始化目录

[root@os-node6 ~]# touch /var/lib/ceph/osd/ceph-2/sysvinit

(11)、启动osd进程

[root@os-node6 ~]# /etc/init.d/ceph start osd.2

=== osd.2 === 

create-or-move updated item name ‘osd.2‘ weight 0.02 at location {host=os-node6,root=default} to crush map

Starting Ceph osd.2 on os-node6...

starting osd.2 at :/0 osd_data /var/lib/ceph/osd/ceph-2 /var/lib/ceph/osd/ceph-2/journal

(12)、查看osd目录树

[root@os-node6 ~]# ceph osd tree

# id    weight  type name       up/down reweight

-1      3       root default

-2      1               host os-node4

0       1                       osd.0   up      1

-3      1               host os-node5

1       1                       osd.1   up      1

-4      1               host os-node6

2       1                       osd.2   up      1



添加元数据服务器


1、添加第一个元数据服务器

(1)、为mds元数据服务器创建一个目录

[root@os-node1 ~]# mkdir -p /var/lib/ceph/mds/ceph-os-node1

(2)、为bootstrap-mds客户端创建一个密钥  注:(如果下面的密钥在目录里已生成可以省略此步骤)

[root@os-node1 ~]# ceph-authtool --create-keyring /var/lib/ceph/bootstrap-mds/ceph.keyring --gen-key -n client.bootstrap-mds

(3)、在ceph auth库中创建bootstrap-mds客户端,赋予权限添加之前创建的密钥  注(查看ceph auth list 用户权限认证列表 如果已有client.bootstrap-mds此用户,此步骤可以省略)

[root@os-node1 ~]# ceph auth add client.bootstrap-mds mon ‘allow profile bootstrap-mds‘ -i /var/lib/ceph/bootstrap-mds/ceph.keyring

added key for client.bootstrap-mds

(4)、在root家目录里创建ceph.bootstrap-mds.keyring文件

touch /root/ceph.bootstrap-mds.keyring

(5)、把keyring /var/lib/ceph/bootstrap-mds/ceph.keyring里的密钥导入家目录下的ceph.bootstrap-mds.keyring文件里

ceph-authtool --import-keyring /var/lib/ceph/bootstrap-mds/ceph.keyring ceph.bootstrap-mds.keyring 

(6)、在ceph auth库中创建mds.os-node1用户,并赋予权限和创建密钥,密钥保存在/var/lib/ceph/mds/ceph-os-node1/keyring文件里

ceph --cluster ceph --name client.bootstrap-mds --keyring /var/lib/ceph/bootstrap-mds/ceph.keyring auth get-or-create mds.os-node1 osd ‘allow rwx‘ mds ‘allow‘ mon ‘allow profile mds‘ -o /var/lib/ceph/mds/ceph-os-node1/keyring

(7)、为mds创建一个初始化文件用于启动使用(此文件为空文件)

[root@os-node1 ~]# touch /var/lib/ceph/mds/ceph-os-node1/sysvinit

(8)、为了防止重新被安装创建一个空的done文件

[root@os-node1 ~]# touch /var/lib/ceph/mds/ceph-os-node1/done

(9)、情况mds服务进程

[root@os-node1 ~]# service ceph start mds.os-node1

=== mds.os-node1 === 

Starting Ceph mds.os-node1 on os-node1...

starting mds.os-node1 at :/0


2、添加第二个元数据服务器

(1)、在os-node2节点上为mds元数据服务器创建一个目录

[root@os-node2 ~]# mkdir -p /var/lib/ceph/mds/ceph-os-node2

(2)、在os-node2节点上创建一个bootstrap-mds目录

[root@os-node2 ~]# mkdir -p /var/lib/ceph/bootstrap-mds/

(3)、在os-node1节点上复制/var/lib/ceph/bootstrap-mds/ceph.keyring、/root/ceph.bootstrap-mds.keyring文件到os-node2节点

[root@os-node1 ~]# scp /var/lib/ceph/bootstrap-mds/ceph.keyring os-node2:/var/lib/ceph/bootstrap-mds/

[root@os-node1 ~]# scp /root/ceph.bootstrap-mds.keyring os-node2:/root/

(4)、在os-node1节点复制/var/lib/ceph/mds/ceph-os-node1/*里的所有文件到os-node2

[root@os-node2 ~]# scp /var/lib/ceph/mds/ceph-os-node1/sysvinit os-node2:/var/lib/ceph/mds/ceph-os-node2/

(5)、在ceph auth库中创建mds.os-node2用户,并赋予权限和创建密钥,密钥保存在/var/lib/ceph/mds/ceph-os-node1/keyring文件里

[root@os-node2 ~]# ceph --cluster ceph --name client.bootstrap-mds --keyring /var/lib/ceph/bootstrap-mds/ceph.keyring auth get-or-create mds.os-node2 osd ‘allow rwx‘ mds ‘allow‘ mon ‘allow profile mds‘ -o /var/lib/ceph/mds/ceph-os-node2/keyring

(7)、为了防止重新被安装创建一个空的done文件

[root@os-node2 ~]# touch /var/lib/ceph/mds/ceph-os-node2/done

(8)、启动mds服务进程

[root@os-node1 ~]# service ceph start mds.os-node2


3、添加第三个元数据服务器

(1)、在os-node3节点上为mds元数据服务器创建一个目录

[root@os-node3 ~]# mkdir -p /var/lib/ceph/mds/ceph-os-node3

(2)、在os-node3节点上创建一个bootstrap-mds目录

[root@os-node3 ~]# mkdir -p /var/lib/ceph/bootstrap-mds/

(3)、在os-node1节点上复制/var/lib/ceph/bootstrap-mds/ceph.keyring、/root/ceph.bootstrap-mds.keyring文件到os-node3节点

[root@os-node1 ~]# scp /var/lib/ceph/bootstrap-mds/ceph.keyring os-node3:/var/lib/ceph/bootstrap-mds/

[root@os-node1 ~]# scp /root/ceph.bootstrap-mds.keyring os-node3:/root/

(4)、在os-node1节点复制/var/lib/ceph/mds/ceph-os-node1/*里的所有文件到os-node3

[root@os-node3 ~]# scp /var/lib/ceph/mds/ceph-os-node1/sysvinit os-node3://var/lib/ceph/mds/ceph-os-node3/

(5)、在ceph auth库中创建mds.os-node2用户,并赋予权限和创建密钥,密钥保存在/var/lib/ceph/mds/ceph-os-node1/keyring文件里

[root@os-node3 ~]# ceph --cluster ceph --name client.bootstrap-mds --keyring /var/lib/ceph/bootstrap-mds/ceph.keyring auth get-or-create mds.os-node3 osd ‘allow rwx‘ mds ‘allow‘ mon ‘allow profile mds‘ -o /var/lib/ceph/mds/ceph-os-node3/keyring

(7)、为了防止重新被安装创建一个空的done文件

[root@os-node3 ~]# touch /var/lib/ceph/mds/ceph-os-node3/done

(8)、情况mds服务进程

[root@os-node1 ~]# service ceph start mds.os-node3

4、查看集群状态

[root@os-node1 ~]# ceph -w

    cluster f11240d4-86b1-49ba-aacc-6d3d37b24cc4

     health HEALTH_OK

     monmap e2: 3 mons at {os-node1=10.240.240.211:6789/0,os-node2=10.240.240.212:6789/0,os-node3=10.240.240.213:6789/0}, election epoch 8, quorum 0,1,2 os-node1,os-node2,os-node3

     osdmap e23: 3 osds: 3 up, 3 in

      pgmap v47: 192 pgs, 3 pools, 0 bytes data, 0 objects

            3175 MB used, 58234 MB / 61410 MB avail

                 192 active+clean


2014-06-25 23:32:48.340284 mon.0 [INF] pgmap v47: 192 pgs: 192 active+clean; 0 bytes data, 3175 MB used, 58234 MB / 61410 MB avail



5、、查看集群运行状态

[root@os-node1 ceph]# ceph health

HEALTH_WARN clock skew detected on mon.os-node4, mon.os-node5


出现上面信息的意思是,os-node1 os-node4 os-node5的时间不一致,必须把他们的时间同步,解决方法如下:

把os-node1配置ntp服务器,所有的节点都同步os-node1

启动NTP服务器并配成开机自启动



配置NTP服务器

把os-node1配置成ntp服务器,其他节点同步os-node1


在控制节点上安装NTP服务

# yum -y install ntp


编辑ntp配置文件

# vi /etc/ntp.conf

屏蔽掉下面几行

#server 0.centos.pool.ntp.org iburst

#server 1.centos.pool.ntp.org iburst

#server 2.centos.pool.ntp.org iburst

#server 3.centos.pool.ntp.org iburst


在最后下面加入下面两行(ntp服务器同步本地时间)

server 127.127.1.0

fudge 127.127.1.0 stratum 2


启动NTP服务器并配成开机自启动

# service ntpd restart

# chkconfig ntpd on

[root@os-node1 ~]# ntpq -p

     remote           refid      st t when poll reach   delay   offset  jitter

==============================================================================

*LOCAL(0)        .LOCL.          10 l   35   64   17    0.000    0.000   0.000


关闭防火墙

[root@admin-os-node ceph]# service iptables stop

iptables: Flushing firewall rules: [  OK  ]

iptables: Setting chains to policy ACCEPT: filter [  OK  ]

iptables: Unloading modules: [  OK  ]


其他节点时间都同步控制节点(等待5分钟再进行同步,等ntp服务器的reach的值达到17的时候才可以)

[root@os-node4 ceph]# ntpdate os-node1

19 Jun 17:58:00 ntpdate[16034]: adjust time server os-node1 offset -0.000067 sec


再次执行结果如下:

[root@os-node1 ceph]# ceph health

HEALTH_OK


16、相关进程:

/etc/init.d/ceph start osd.0 启动osd进程

/etc/init.d/ceph start 启动整个ceph进程包括mon osd


四、安装Keystone服务

在控制节点上安装keystone

1、安装keystone软件包

[root@os-node1 ~]# yum install openstack-keystone python-keystoneclient -y

配置keystone配置文件

[root@os-node1 ~]# openstack-config --set /etc/keystone/keystone.conf connection mysql://keystone:keystone@localhost/keystone

2、配置keystone DB数据库

[root@os-node1 ~]# openstack-db --init --service keystone --password keystone

Please enter the password for the ‘root‘ MySQL user: 

Verified connectivity to MySQL.

Creating ‘keystone‘ database.

Initializing the keystone database, please wait...

Complete!

[root@os-node1 ~]#


如果想删除keystone库用下面的命令删除

openstack-db --drop --service keystone

3、配置keystone的认证token,使用openssl生成一串字符串

ADMIN_TOKEN=admin

echo $ADMIN_TOKEN

4、把认证token存储到keystone的配置文件

openstack-config --set /etc/keystone/keystone.conf DEFAULT admin_token $ADMIN_TOKEN

5、配置PKI token

keystone-manage pki_setup --keystone-user keystone --keystone-group keystone


6、配置keystone相关文件的权限

[root@os-node1 ~]# chown -R keystone:keystone /etc/keystone/* /var/log/keystone/keystone.log 

7、启动keystone服务并配置开机自启动

service openstack-keystone start

chkconfig openstack-keystone on


查看进程启动的相关信息:

[root@os-node1 ~]# ps auxf | grep -i keystone-all

root      9021  0.0  0.1 103236   864 pts/0    S+   01:34   0:00          \_ grep -i keystone-all

keystone  8929  1.1  7.6 270468 35132 ?        S    01:33   0:00 /usr/bin/python /usr/bin/keystone-all --config-file /etc/keystone/keystone.conf


检查日志文件中有无错误提示:

[root@os-node1 ~]# grep ERROR /var/log/keystone/keystone.log


8、初始化新生成的keystone数据库


以管理员的身份初始化keystone数据库

[root@control ~]# keystone-manage db_sync

9、配置keystone的环境变量

[root@os-node1 ~]# vi keystone-token 


export OS_SERVICE_TOKEN=$ADMIN_TOKEN

export OS_SERVICE_ENDPOINT=http://os-node1:35357/v2.0


10、创建admin、service租户

创建admin租户

[root@os-node1 ~]# keystone tenant-create --name=admin --description="Admin Tenant"

+-------------+----------------------------------+

|   Property  |              Value               |

+-------------+----------------------------------+

| description |           Admin Tenant           |

|   enabled   |               True               |

|      id     | 8208d5035b84466a98408b41d596cb1d |

|     name    |              admin               |

+-------------+----------------------------------+


创建service租户

[root@os-node1 ~]# keystone tenant-create --name=service --description="Service Tenant"

+-------------+----------------------------------+

|   Property  |              Value               |

+-------------+----------------------------------+

| description |          Service Tenant          |

|   enabled   |               True               |

|      id     | baf0e8b3d3ed4b75b40f05213c6b9d84 |

|     name    |             service              |

+-------------+----------------------------------+


11、创建一个admin用户

[root@os-node1 ~]# keystone user-create --name=admin --pass=admin --email=admin@jiayuan.com

+----------+----------------------------------+

| Property |              Value               |

+----------+----------------------------------+

|  email   |        admin@jiayuan.com         |

| enabled  |               True               |

|    id    | 283d063867744046b7203af6ce4ec681 |

|   name   |              admin               |

+----------+----------------------------------+

12、创建一个admin角色

[root@os-node1 ~]# keystone role-create --name=admin

+----------+----------------------------------+

| Property |              Value               |

+----------+----------------------------------+

|    id    | e363e80c062a4b86b47ab730290fbd2d |

|   name   |              admin               |

+----------+----------------------------------+

[root@os-node1 ~]# 

13、把用户添加到角色及租户内

[root@os-node1 ~]# keystone user-role-add --user=admin --tenant=admin --role=admin

14、创建keystone认证服务

[root@os-node1 ~]# keystone service-create --name=keystone --type=identity --description="Keystone Identity Service"

+-------------+----------------------------------+

|   Property  |              Value               |

+-------------+----------------------------------+

| description |    Keystone Identity Service     |

|      id     | 5d35bdf277ec4699a3ea6d3e7e5d668d |

|     name    |             keystone             |

|     type    |             identity             |

+-------------+----------------------------------+

[root@os-node1 ~]# 

15、创建keystone的endpoint API节口

[root@os-node1 ~]# keystone endpoint-create --service-id=bed4139a44724dd183a17cc7b66dc7bd --publicurl=http://os-node1:5000/v2.0 --internalurl=http://os-node1:5000/v2.0 --adminurl=http://os-node1:35357/v2.0

+-------------+----------------------------------+

|   Property  |              Value               |

+-------------+----------------------------------+

|   adminurl  | http://os-node1:35357/v2.0 |

|      id     | 74ff559cbfe2414bb50df224faddf2a7 |

| internalurl | http://os-node1:5000/v2.0  |

|  publicurl  | http://os-node1:5000/v2.0  |

|    region   |            regionOne             |

|  service_id | bed4139a44724dd183a17cc7b66dc7bd |

+-------------+----------------------------------+

16、卸载之前的环境变量

[root@os-node1 ~]# unset OS_SERVICE_TOKEN OS_SERVICE_ENDPOINT

17、

 keystone --os-username=admin --os-password=admin --os-auth-url=http://os-node1:35357/v2.0 token-get

 keystone --os-username=admin --os-password=admin --os-tenant-name=admin --os-auth-url=http://os-node1:35357/v2.0 token-get



18、重新设置新的环境变量

vi openrc.sh

export OS_USERNAME=admin

export OS_PASSWORD=admin

export OS_TENANT_NAME=admin

export OS_AUTH_URL=http://os-node1:35357/v2.0


执行环境变量

[root@os-node1 ~]# source openrc.sh 

验证上面的命令正确性

keystone token-get

再重新获取用户信息

[root@os-node1 ~]# keystone user-list

+----------------------------------+-------+---------+-------------------+

|                id                |  name | enabled |       email       |

+----------------------------------+-------+---------+-------------------+

| 283d063867744046b7203af6ce4ec681 | admin |   True  | admin@jiayuan.com |

+----------------------------------+-------+---------+-------------------+

[root@os-node1 ~]# 


五、安装配置glance服务

1、安装glance软件包

[root@os-node1 ~]#yum install -y openstack-glance


2、修改glance的配置文件,glance的配置文件主要包括两个glance-api.conf 、glance-registry.conf。

openstack-config --set /etc/glance/glance-api.conf DEFAULT sql_connection mysql://glance:glance@localhost/glance

openstack-config --set /etc/glance/glance-registry.conf DEFAULT sql_connection mysql://glance:glance@localhost/glance

3、创建glance数据库

[root@os-node1 ~]# openstack-db --init --service glance --password glance

4、创建glance用户

[root@os-node1 ~]# keystone user-create --name=glance --pass=glance --email=glance@jiayuan.com

+----------+----------------------------------+

| Property |              Value               |

+----------+----------------------------------+

|  email   |        glance@jiayuan.com        |

| enabled  |               True               |

|    id    | 6a277d1d8e5d469f936cc90f4291cb6f |

|   name   |              glance              |

+----------+----------------------------------+

把glance用户加入service租户并赋予admin角色

[root@os-node1 ~]# keystone user-role-add --user=glance --tenant=service --role=admin

5、修改glance配置文件glance-api.conf 、glance-registry.conf的keystone认证。

openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_uri http://os-node1:5000

openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_host os-node1

openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_tenant_name service

openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_user glance

openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_password glance

openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone

openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_uri http://os-node1:5000

openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_host os-node1

openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_tenant_name service

openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_user glance

openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_password glance

openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone




6、复制管理证书到/etc/glance/glance-api-paste.ini and /etc/glance/glance-registry-paste.ini两个文件

cp /usr/share/glance/glance-api-dist-paste.ini /etc/glance/glance-api-paste.ini

cp /usr/share/glance/glance-registry-dist-paste.ini /etc/glance/glancere-gistry-paste.ini



配置上面的两个文件的认证方式


openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken auth_host os-node1

openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_user glance

openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_tenant_name service

openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_password glance


openstack-config --set /etc/glance/glancere-gistry-paste.ini filter:authtoken auth_host os-node1

openstack-config --set /etc/glance/glancere-gistry-paste.ini filter:authtoken admin_user glance

openstack-config --set /etc/glance/glancere-gistry-paste.ini filter:authtoken admin_tenant_name service

openstack-config --set /etc/glance/glancere-gistry-paste.ini filter:authtoken admin_password glance



7、创建glance服务并创建endpiont

[root@os-node1 ~]# keystone service-create --name=glance --type=image --description="Glance Image Service"

+-------------+----------------------------------+

|   Property  |              Value               |

+-------------+----------------------------------+

| description |       Glance Image Service       |

|      id     | 404a974bb11942429037bf25088bc4ea |

|     name    |              glance              |

|     type    |              image               |

+-------------+----------------------------------+

[root@os-node1 ~]# keystone endpoint-create --service-id=404a974bb11942429037bf25088bc4ea --publicurl=http://os-node1:9292 --internalurl=http://os-node1:9292 --adminurl=http://os-node1:9292

+-------------+----------------------------------+

|   Property  |              Value               |

+-------------+----------------------------------+

|   adminurl  |    http://os-node1:9292    |

|      id     | 0cfbfcb01c8d402bbf8bb972081eefd4 |

| internalurl |    http://os-node1:9292    |

|  publicurl  |    http://os-node1:9292    |

|    region   |            regionOne             |

|  service_id | 404a974bb11942429037bf25088bc4ea |

+-------------+----------------------------------+

8、启动glance服务并设置开机自启动

service openstack-glance-api start 

service openstack-glance-registry start

chkconfig openstack-glance-api on

chkconfig openstack-glance-registry on



9、创建一个镜像存放目录并下载一个测试镜像

[root@os-node1 ~]# mkdir /images

[root@os-node1 ~]# cd /images/

[root@os-node1 images]# wget https://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-i386-disk.img


10、上传镜像

[root@os-node1 images]# glance image-create --name="test-img-1" --disk-format=qcow2 --container-format=bare --is-public=true < /images/cirros-0.3.0-i386-disk.img

+------------------+--------------------------------------+

| Property         | Value                                |

+------------------+--------------------------------------+

| checksum         | 90169ba6f09b5906a7f0755bd00bf2c3     |

| container_format | bare                                 |

| created_at       | 2014-07-14T14:21:59                  |

| deleted          | False                                |

| deleted_at       | None                                 |

| disk_format      | qcow2                                |

| id               | 240f6dbf-12f5-462e-8164-2bf756df559f |

| is_public        | True                                 |

| min_disk         | 0                                    |

| min_ram          | 0                                    |

| name             | test-img-1                           |

| owner            | b36a323105954a449e5d104293f6b888     |

| protected        | False                                |

| size             | 9159168                              |

| status           | active                               |

| updated_at       | 2014-07-14T14:22:00                  |

+------------------+--------------------------------------+

11、查看镜像列表

[root@os-node1 images]# glance image-list

+--------------------------------------+------------+-------------+------------------+---------+--------+

| ID                                   | Name       | Disk Format | Container Format | Size    | Status |

+--------------------------------------+------------+-------------+------------------+---------+--------+

| 240f6dbf-12f5-462e-8164-2bf756df559f | test-img-1 | qcow2       | bare             | 9159168 | active |

+--------------------------------------+------------+-------------+------------------+---------+--------+


六、compute 服务配置


在控制节点上安装nova服务

1、在控制节点os-node1上安装nova软件包

[root@os-node1 ~]# yum install -y  openstack-nova python-novaclient

[root@os-node1 ~]#yum remove -y openstack-nova-compute   #卸载控制节点的compute功能  

2、配置nova配置文件中的mysql连接

openstack-config --set /etc/nova/nova.conf database connection mysql://nova:nova@localhost/nova

3、配置nova.conf配置文件中的消息队列方式为qpid

openstack-config --set /etc/nova/nova.conf DEFAULT rpc_backend nova.openstack.common.rpc.impl_qpid

openstack-config --set /etc/nova/nova.conf DEFAULT qpid_hostname os-node1

4、创建nova数据库

[root@os-node1 ~]# openstack-db --init --service nova --password nova

Please enter the password for the ‘root‘ MySQL user: 

Verified connectivity to MySQL.

Creating ‘nova‘ database.

Initializing the nova database, please wait...

Complete!

5、配置nova.conf配置文件中vnc server及客户端的地址

openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 10.240.216.101

openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_listen 10.240.216.101

openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_proxyclient_address  10.240.216.101

6、创建一个nova用户并为此用户添加角色

[root@os-node1 ~]# keystone user-create --name=nova --pass=nova --email=nova@jiayuan.com

+----------+----------------------------------+

| Property |              Value               |

+----------+----------------------------------+

|  email   |         nova@jiayuan.com         |

| enabled  |               True               |

|    id    | b3bfd7d087b247749caced867b8ac144 |

|   name   |               nova               |

+----------+----------------------------------+

[root@os-node1 ~]# keystone user-role-add --user=nova --tenant=service --role=admin

7、配置nova.conf配置文件中keystone的认证方式

openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone

openstack-config --set /etc/nova/nova.conf keystone_authtoken  auth_host os-node1

openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_protocol http

openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_port 35357

openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_user nova

openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_tenant_name service

openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_password nova



8、配置/etc/nova/api-paste.ini文件认证方式。

openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_host os-node1

openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_port 35357

openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_protocol http

openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_uri  http://os-node1:5000/v2.0

openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_tenant_name service

openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_user nova

openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_password nova



9、修改nova.conf文件中的其他内容

openstack-config --set /etc/nova/nova.conf DEFAULT state_path /var/lib/nova

openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis ec2,osapi_compute,metadata

openstack-config --set /etc/nova/nova.conf DEFAULT osapi_compute_listen 10.240.216.101

openstack-config --set /etc/nova/nova.conf DEFAULT osapi_compute_workers 16

openstack-config --set /etc/nova/nova.conf DEFAULT metadata_listen 10.240.216.101

openstack-config --set /etc/nova/nova.conf DEFAULT service_down_time 60

openstack-config --set /etc/nova/nova.conf DEFAULT rootwrap_config /etc/nova/rootwrap.conf

openstack-config --set /etc/nova/nova.conf DEFAULT keystone_ec2_url http://os-node1:5000/v2.0/ec2tokens

openstack-config --set /etc/nova/nova.conf DEFAULT allow_resize_to_same_host True

openstack-config --set /etc/nova/nova.conf DEFAULT glance_api_servers os-node1:9292

openstack-config --set /etc/nova/nova.conf DEFAULT api_paste_config /etc/nova/api-paste.ini

openstack-config --set /etc/nova/nova.conf DEFAULT lock_path /var/lib/nova/tmp

openstack-config --set /etc/nova/nova.conf DEFAULT verbose true

openstack-config --set /etc/nova/nova.conf DEFAULT use_syslog false

openstack-config --set /etc/nova/nova.conf DEFAULT memcached_servers os-node1:11211

openstack-config --set /etc/nova/nova.conf DEFAULT use_cow_images true

openstack-config --set /etc/nova/nova.conf DEFAULT volume_api_class nova.volume.cinder.API

openstack-config --set /etc/nova/nova.conf DEFAULT image_service nova.image.glance.GlanceImageService

openstack-config --set /etc/nova/nova.conf DEFAULT compute_scheduler_driver nova.scheduler.filter_scheduler.FilterScheduler

openstack-config --set /etc/nova/nova.conf DEFAULT start_guests_on_host_boot true

openstack-config --set /etc/nova/nova.conf DEFAULT osapi_volume_listen 10.240.216.101


10、创建nova服务并创建endpiont

[root@os-node1 ~]#  keystone service-create --name=nova --type=compute --description="Nova Compute service"

+-------------+----------------------------------+

|   Property  |              Value               |

+-------------+----------------------------------+

| description |       Nova Compute service       |

|      id     | b02ae450a1c14abc859c8b7a2522d703 |

|     name    |               nova               |

|     type    |             compute              |

+-------------+----------------------------------+

[root@os-node1 ~]#  keystone endpoint-create --service-id=b02ae450a1c14abc859c8b7a2522d703 --publicurl=http://os-node1:8774/v2/%\(tenant_id\)s --internalurl=http://os-node1:8774/v2/%\(tenant_id\)s --adminurl=http://os-node1:8774/v2/%\(tenant_id\)s

+-------------+---------------------------------------------+

|   Property  |                    Value                    |

+-------------+---------------------------------------------+

|   adminurl  | http://os-node1:8774/v2/%(tenant_id)s |

|      id     |       805f47919c2746fcaa3b4bf26b4496a6      |

| internalurl | http://os-node1:8774/v2/%(tenant_id)s |

|  publicurl  | http://os-node1:8774/v2/%(tenant_id)s |

|    region   |                  regionOne                  |

|  service_id |       b02ae450a1c14abc859c8b7a2522d703      |

+-------------+---------------------------------------------+

11、启动nova的所有进程

service openstack-nova-api start

service openstack-nova-cert start

service openstack-nova-consoleauth start

service openstack-nova-scheduler start

service openstack-nova-conductor start

service openstack-nova-novncproxy start

chkconfig openstack-nova-api on

chkconfig openstack-nova-cert on

chkconfig openstack-nova-consoleauth on

chkconfig openstack-nova-scheduler on

chkconfig openstack-nova-conductor on

chkconfig openstack-nova-novncproxy on


12、用nova命令查看可用的镜像文件

[root@os-node1 ~]# nova image-list

+--------------------------------------+--------------+--------+--------+

| ID                                   | Name         | Status | Server |

+--------------------------------------+--------------+--------+--------+

| d53229ed-6a7d-4e24-b32f-c617b961d6ab | CirrOS 0.3.1 | ACTIVE |        |

+--------------------------------------+--------------+--------+--------+


在compute节点安装配置nova

1、安装nova软件包

[root@compute ~]# yum install -y openstack-nova-compute

2、配置nova配置文件中的mysql连接及keystone认证

openstack-config --set /etc/nova/nova.conf database connection mysql://nova:nova@os-node1/nova

openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone

openstack-config --set /etc/nova/nova.conf keystone_authtoken  auth_host os-node1

openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_protocol http

openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_port 35357

openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_user nova

openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_tenant_name service

openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_password nova


3、配置nova.conf配置文件中的消息队列方式为qpid

openstack-config --set /etc/nova/nova.conf DEFAULT rpc_backend nova.openstack.common.rpc.impl_qpid

openstack-config --set /etc/nova/nova.conf DEFAULT qpid_hostname os-node1


4、配置nova.conf配置文件中vnc server的内容

openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 10.240.216.102

openstack-config --set /etc/nova/nova.conf DEFAULT vnc_enabled True

openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_listen 0.0.0.0

openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_proxyclient_address 10.240.216.102

openstack-config --set /etc/nova/nova.conf DEFAULT novncproxy_base_url http://os-node1:6080/vnc_auto.html



5、配置/etc/nova/api-paste.ini文件认证方式。

openstack-config --set /etc/nova/api-paste.ini DEFAULT api_paste_config /etc/nova/api-paste.ini

openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_host os-node1

openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_port 35357

openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_protocol http

openstack-config --set /etc/nova/api-paste.ini filter:authtoken auth_uri  http://os-node1:5000/v2.0

openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_tenant_name service

openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_user nova

openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_password nova


6、配置nova配置文件中其他内容


openstack-config --set /etc/nova/nova.conf DEFAULT state_path /var/lib/nova

openstack-config --set /etc/nova/nova.conf DEFAULT osapi_compute_listen 10.240.216.102

openstack-config --set /etc/nova/nova.conf DEFAULT metadata_listen 10.240.216.102

openstack-config --set /etc/nova/nova.conf DEFAULT service_down_time 60

openstack-config --set /etc/nova/nova.conf DEFAULT instance_usage_audit_period hour

openstack-config --set /etc/nova/nova.conf DEFAULT rootwrap_config /etc/nova/rootwrap.conf

openstack-config --set /etc/nova/nova.conf DEFAULT allow_resize_to_same_host True

openstack-config --set /etc/nova/nova.conf DEFAULT instance_usage_audit True

openstack-config --set /etc/nova/nova.conf DEFAULT glance_host os-node1

openstack-config --set /etc/nova/nova.conf DEFAULT glance_api_servers os-node1:9292

openstack-config --set /etc/nova/nova.conf DEFAULT linuxnet_interface_driver nova.network.linux_net.LinuxOVSInterfaceDriver

openstack-config --set /etc/nova/nova.conf DEFAULT linuxnet_ovs_integration_bridge br-int

openstack-config --set /etc/nova/nova.conf DEFAULT lock_path /var/lib/nova/tmp

openstack-config --set /etc/nova/nova.conf DEFAULT verbose true

openstack-config --set /etc/nova/nova.conf DEFAULT use_syslog false

openstack-config --set /etc/nova/nova.conf DEFAULT memcached_servers os-node1:11211

openstack-config --set /etc/nova/nova.conf DEFAULT image_service nova.image.glance.GlanceImageService

openstack-config --set /etc/nova/nova.conf DEFAULT compute_scheduler_driver nova.scheduler.filter_scheduler.FilterScheduler

openstack-config --set /etc/nova/nova.conf DEFAULT start_guests_on_host_boot true

openstack-config --set /etc/nova/nova.conf DEFAULT osapi_volume_listen 10.240.216.102

openstack-config --set /etc/nova/nova.conf DEFAULT connection_type libvirt

openstack-config --set /etc/nova/nova.conf DEFAULT compute_driver libvirt.LibvirtDriver

openstack-config --set /etc/nova/nova.conf DEFAULT use_cow_images true

openstack-config --set /etc/nova/nova.conf DEFAULT libvirt_type kvm

openstack-config --set /etc/nova/nova.conf DEFAULT libvirt_inject_key false

openstack-config --set /etc/nova/nova.conf DEFAULT libvirt_inject_partition -2

openstack-config --set /etc/nova/nova.conf DEFAULT live_migration_flag VIR_MIGRATE_UNDEFINE_SOURCE,VIR_MIGRATE_PEER2PEER,VIR_MIGRATE_LIVE,VIR_MIGRATE_PERSIST_DEST

openstack-config --set /etc/nova/nova.conf DEFAULT libvirt_vif_driver nova.virt.libvirt.vif.LibvirtGenericVIFDriver

openstack-config --set /etc/nova/nova.conf DEFAULT libvirt_cpu_mode host-model

openstack-config --set /etc/nova/nova.conf DEFAULT disk_cachemodes "file=writethrough"


7、修改虚拟机模块libvirt的配置

sed -i ‘s/#listen_tls = 0/listen_tls = 0/g‘ /etc/libvirt/libvirtd.conf

sed -i ‘s/#listen_tcp = 1/listen_tcp = 1/g‘ /etc/libvirt/libvirtd.conf

sed -i ‘$a\auth_tcp="none"‘ /etc/libvirt/libvirtd.conf

sed -i ‘s/env libvirtd_opts="-d "/env libvirtd_opts="-d -l"/g‘ /etc/init.d/libvirtd

sed -i ‘s/#vnc_listen = “0.0.0.0″/vnc_listen = “0.0.0.0″/g‘ /etc/libvirt/qemu.conf

sed -i ‘s/#user = "root"/user = "root"/g‘ /etc/libvirt/qemu.conf

sed -i ‘s/#group = "root"/group = "root"/g‘ /etc/libvirt/qemu.conf

sed -i ‘s/#LIBVIRTD_ARGS/LIBVIRTD_ARGS/‘ /etc/sysconfig/libvirtd 



8、启动compute节点nova服务并配置开机自启动

service libvirtd restart

service messagebus restart

chkconfig libvirtd on

chkconfig messagebus on

service openstack-nova-compute restart

chkconfig openstack-nova-compute on


为创建虚拟机做好前期准备

1、在控制节点上创建密钥,把此密钥用于创建虚拟机时无密码登录的密钥

[root@os-node1 ~]# ssh-keygen

[root@os-node1 ~]# cd .ssh/

[root@os-node1 .ssh]# nova keypair-add --pub_key id_rsa.pub mykey

[root@os-node1 .ssh]#  nova keypair-list

+-------+-------------------------------------------------+

| Name  | Fingerprint                                     |

+-------+-------------------------------------------------+

| mykey | 4c:07:d8:f4:e5:a5:93:fe:cf:98:eb:33:bc:06:04:06 |

+-------+-------------------------------------------------+

2、查看用于创建虚拟机的模板

[root@os-node1 .ssh]# nova flavor-list

+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+

| ID | Name      | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |

+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+

| 1  | m1.tiny   | 512       | 1    | 0         |      | 1     | 1.0         | True      |

| 2  | m1.small  | 2048      | 20   | 0         |      | 1     | 1.0         | True      |

| 3  | m1.medium | 4096      | 40   | 0         |      | 2     | 1.0         | True      |

| 4  | m1.large  | 8192      | 80   | 0         |      | 4     | 1.0         | True      |

| 5  | m1.xlarge | 16384     | 160  | 0         |      | 8     | 1.0         | True      |

+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+

[root@os-node1 .ssh]# 

3、自己创建一个自定义的虚拟机创建模板

[root@os-node1 ~]# nova flavor-create flavor-test 6 1024 30 2 --is-public=true

+----+-------------+-----------+------+-----------+------+-------+-------------+-----------+

| ID | Name        | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |

+----+-------------+-----------+------+-----------+------+-------+-------------+-----------+

| 6  | flavor-test | 1024      | 30   | 0         |      | 2     | 1.0         | True      |

+----+-------------+-----------+------+-----------+------+-------+-------------+-----------+

[root@os-node1 .ssh]#  nova flavor-list

+----+-------------+-----------+------+-----------+------+-------+-------------+-----------+

| ID | Name        | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |

+----+-------------+-----------+------+-----------+------+-------+-------------+-----------+

| 1  | m1.tiny     | 512       | 1    | 0         |      | 1     | 1.0         | True      |

| 2  | m1.small    | 2048      | 20   | 0         |      | 1     | 1.0         | True      |

| 3  | m1.medium   | 4096      | 40   | 0         |      | 2     | 1.0         | True      |

| 4  | m1.large    | 8192      | 80   | 0         |      | 4     | 1.0         | True      |

| 5  | m1.xlarge   | 16384     | 160  | 0         |      | 8     | 1.0         | True      |

| 6  | flavor-test | 512       | 10   | 0         |      | 2     | 1.0         | True      |

+----+-------------+-----------+------+-----------+------+-------+-------------+-----------+

4、查看安全组并为default安全组添加规则

[root@os-node1 .ssh]# nova secgroup-list

+----+---------+-------------+

| Id | Name    | Description |

+----+---------+-------------+

| 1  | default | default     |

+----+---------+-------------+


[root@os-node1 ~]# nova secgroup-add-rule default tcp 22 22 0.0.0.0/0

+-------------+-----------+---------+-----------+--------------+

| IP Protocol | From Port | To Port | IP Range  | Source Group |

+-------------+-----------+---------+-----------+--------------+

| tcp         | 22        | 22      | 0.0.0.0/0 |              |

+-------------+-----------+---------+-----------+--------------+


[root@os-node1 ~]# nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0

+-------------+-----------+---------+-----------+--------------+

| IP Protocol | From Port | To Port | IP Range  | Source Group |

+-------------+-----------+---------+-----------+--------------+

| icmp        | -1        | -1      | 0.0.0.0/0 |              |

+-------------+-----------+---------+-----------+--------------+




七、安装cinder块存储服务

1、在控制节点上安装cinder软件包

[root@os-node1 ~]# yum install -y openstack-cinder openstack-utils openstack-selinux 

2、修改cinder配置文件中mysql的访问

[root@os-node1 ~]# openstack-config --set /etc/cinder/cinder.conf database connection mysql://cinder:cinder@localhost/cinder

3、创建一个cinder数据库

[root@os-node1 ~]# openstack-db --init --service cinder --password cinder

Please enter the password for the ‘root‘ MySQL user: 

Verified connectivity to MySQL.

Creating ‘cinder‘ database.

Initializing the cinder database, please wait...

Complete!

4、创建cinder用户并把此用户添加到admin租户及添加用户角色

[root@os-node1 ~]# keystone user-create --name=cinder --pass=cinder --email=cinder@jiayuan.com

+----------+----------------------------------+

| Property |              Value               |

+----------+----------------------------------+

|  email   |        cinder@jiayuan.com        |

| enabled  |               True               |

|    id    | 54d5bb10cf7341aa88c1dda46087ce6d |

|   name   |              cinder              |

+----------+----------------------------------+

[root@os-node1 ~]# keystone user-role-add --user=cinder --tenant=service --role=admin


5、配置cinder配置文件中的消息队列内容

openstack-config --set /etc/cinder/cinder.conf DEFAULT rpc_backend cinder.openstack.common.rpc.impl_qpid

openstack-config --set /etc/cinder/cinder.conf DEFAULT qpid_hostname os-node1

6、创建cinder用户服务并配置endpiont

[root@os-node1 ~]#  keystone service-create --name=cinder --type=volume --description="Cinder Volume Service"

+-------------+----------------------------------+

|   Property  |              Value               |

+-------------+----------------------------------+

| description |      Cinder Volume Service       |

|      id     | ad715e197f404c51973a263ff376792d |

|     name    |              cinder              |

|     type    |              volume              |

+-------------+----------------------------------+

[root@os-node1 ~]# keystone endpoint-create --service-id=ad715e197f404c51973a263ff376792d --publicurl=http://os-node1:8776/v1/%\(tenant_id\)s --internalurl=http://os-node1:8776/v1/%\(tenant_id\)s --adminurl=http://os-node1:8776/v1/%\(tenant_id\)s

+-------------+---------------------------------------------+

|   Property  |                    Value                    |

+-------------+---------------------------------------------+

|   adminurl  | http://os-node1:8776/v1/%(tenant_id)s |

|      id     |       f2181fe1fddc46cebc3952538111ff19      |

| internalurl | http://os-node1:8776/v1/%(tenant_id)s |

|  publicurl  | http://os-node1:8776/v1/%(tenant_id)s |

|    region   |                  regionOne                  |

|  service_id |       ad715e197f404c51973a263ff376792d      |

+-------------+---------------------------------------------+

7、配置cinder /etc/cinder/api-paste.ini配置文件的keystone认证

openstack-config --set /etc/cinder/api-paste.ini filter:authtoken  auth_host os-node1

openstack-config --set /etc/cinder/api-paste.ini filter:authtoken  auth_port 35357

openstack-config --set /etc/cinder/api-paste.ini filter:authtoken  auth_protocol http

openstack-config --set /etc/cinder/api-paste.ini filter:authtoken  auth_uri http://os-node1:5000

openstack-config --set /etc/cinder/api-paste.ini filter:authtoken  admin_tenant_name service

openstack-config --set /etc/cinder/api-paste.ini filter:authtoken  admin_user cinder

openstack-config --set /etc/cinder/api-paste.ini filter:authtoken  admin_password cinder


8、启动cinder相关服务并设置开机自启动

service openstack-cinder-api start

service openstack-cinder-scheduler start

chkconfig openstack-cinder-api on

chkconfig openstack-cinder-scheduler on

9、查看volumes列表

[root@os-node1 ~]# cinder list

+----+--------+--------------+------+-------------+----------+-------------+

| ID | Status | Display Name | Size | Volume Type | Bootable | Attached to |

+----+--------+--------------+------+-------------+----------+-------------+

+----+--------+--------------+------+-------------+----------+-------------+


六、openstack与ceph的对接


1、创建pool

ceph osd pool create volumes 128

ceph osd pool create images 128 

ceph osd pool create compute 128


2.    设置cephclient认证


(1)、设置images用户认证并生成密钥文件

[root@control ceph]# ceph auth get-or-create client.glance mon ‘allow *‘ osd ‘allow *‘

[client.glance]

        key = AQDnH5dTyJWZAxAAKaAPNdPBXLkaRM11PV5jUw==


把生成的密钥保存到密钥文件中

[root@control ceph]# vi /etc/ceph/ceph.client.glance.keyring

[client.glance]

        key = AQDnH5dTyJWZAxAAKaAPNdPBXLkaRM11PV5jUw==


把密钥文件拷贝到计算节点

在所有节点修改密钥文件的用户权限

[root@control ceph]# chown glance:glance /etc/ceph/ceph.client.glance.keyring


(2)、设置volumes用户认证并生成密钥文件

[root@control ~]# ceph auth get-or-create client.volumes mon ‘allow *‘ osd ‘allow *‘

[client.volumes]

        key = AQBPHpdT2KbKMxAAARPGhg9hezM6wdis4V4F2A==


把生成的密钥保存到密钥文件中

[root@control ceph]# vi /etc/ceph/ceph.client.volumes.keyring

[client.volumes]

        key = AQBPHpdT2KbKMxAAARPGhg9hezM6wdis4V4F2A==


把密钥文件拷贝到计算节点

在所有节点修改密钥文件的用户权限

chown cinder:cinder /etc/ceph/ceph.client.volumes.keyring


(3)设置compute用户

[root@os-node1 ~]# ceph auth get-or-create client.compute mon ‘allow *‘ osd ‘allow *‘ mds ‘allow *‘

[client.compute]

        key = AQBMtchTEMAHBRAAyJLh3ZTDY3ajPDMm4VKgHQ==

把生成的密钥保存到密钥文件中

[root@os-node1 ~]# vi /etc/ceph/ceph.client.compute.keyring

[client.compute]

        key = AQBMtchTEMAHBRAAyJLh3ZTDY3ajPDMm4VKgHQ==


把密钥文件拷贝到计算节点

在所有节点修改密钥文件的用户权限

[root@os-node1]# chown nova:nova /etc/ceph/ceph.client.compute.keyring 


(4)在控制及计算节点上修改ceph.client.admin.keyring密钥文件的权限

chmod 777 /etc/ceph/ceph.client.admin.keyring

 


配置glance与ceph对接


1、编辑vi /etc/glance/glance-api.conf,修改内容如下:  

default_store = rbd             #glance默认使用“File”做为其存储类型,现用ceph中的rbd服务来替代这里的“File”类型。


# ============ RBD Store Options =============================

rbd_store_ceph_conf = /etc/ceph/ceph.conf

rbd_store_user = glance       

rbd_store_pool = images

rbd_store_chunk_size = 8

2、修改/etc/glance目录中文件的权限

chown -R glance:glance /etc/glance/

chmod 770 /etc/glance/


3、编辑后重启进程

service openstack-glance-api restart


service openstack-glance-registry restart



3、下载一个镜像进行上传测试

[root@os-node1 images]# wget https://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-i386-disk.img

[root@os-node1 ~]# glance image-create --name=cirros-0.3.0-i386 --disk-format=qcow2 --container-format=bare < /images/cirros-0.3.0-i386-disk.img

+------------------+--------------------------------------+

| Property         | Value                                |

+------------------+--------------------------------------+

| checksum         | 90169ba6f09b5906a7f0755bd00bf2c3     |

| container_format | bare                                 |

| created_at       | 2014-07-12T12:07:36                  |

| deleted          | False                                |

| deleted_at       | None                                 |

| disk_format      | qcow2                                |

| id               | 181e3398-97c7-4a8d-9671-9ba84cfb51c5 |

| is_public        | False                                |

| min_disk         | 0                                    |

| min_ram          | 0                                    |

| name             | cirros-0.3.0-i386                    |

| owner            | e9eb582da335442b9b7d7e7599517f61     |

| protected        | False                                |

| size             | 9159168                              |

| status           | active                               |

| updated_at       | 2014-07-12T12:07:43                  |

+------------------+--------------------------------------+


cinder与ceph对接

1、登录compute节点 为libvirt增加密钥

[root@compute ~]# uuidgen        (在其中一台计算机节点执行这条命令获得一个uid就可以,其他的计算节点都用此ID)

0071bd6f-849c-433a-8051-2e553df49aea

[root@compute ~]# cd /etc/libvirt/

[root@compute libvirt]# ls

libvirt.conf  libvirtd.conf  lxc.conf  nwfilter  qemu  qemu.conf

[root@compute libvirt]# cat > secret.xml <<EOF

<secret ephemeral=‘no‘ private=‘no‘>

   <uuid>0071bd6f-849c-433a-8051-2e553df49aea</uuid>

   <usage type=‘ceph‘>

     <name>client.compute secret</name>

   </usage>

</secret>

EOF

[root@compute libvirt]# ls

libvirt.conf  libvirtd.conf  lxc.conf  nwfilter  qemu  qemu.conf  secret.xml

[root@compute libvirt]# 

[root@compute libvirt]# cat secret.xml 

<secret ephemeral=‘no‘ private=‘no‘>

  <uuid>0071bd6f-849c-433a-8051-2e553df49aea</uuid>

  <usage type=‘ceph‘>

    <name>client.compute secret</name>

  </usage>

</secret>

[root@compute libvirt]# virsh secret-define --file secret.xml

Secret 0071bd6f-849c-433a-8051-2e553df49aea created


使用ceph client.admin密钥设置secret

[root@compute libvirt]# virsh secret-set-value --secret  0071bd6f-849c-433a-8051-2e553df49aea --base64 AQDT9pNTSFD6NRAAoZkAgx21uGQ+DM/k0rzxow==   (最后一串码是查看 cat /etc/ceph/ceph.client.compute.keyring 得到的) 

Secret value set


[root@compute libvirt]# ls

libvirt.conf  libvirtd.conf  lxc.conf  nwfilter  qemu  qemu.conf  secrets  secret.xml

[root@compute libvirt]# rm -rf secret.xml 

[root@compute libvirt]# cd secrets/

[root@compute secrets]# ls

0071bd6f-849c-433a-8051-2e553df49aea.base64  0071bd6f-849c-433a-8051-2e553df49aea.xml

[root@compute secrets]# 


2、配置cinder配置文件中的RBD内容:

在控制节点

openstack-config --set /etc/cinder/cinder.conf DEFAULT volume_driver cinder.volume.drivers.rbd.RBDDriver

openstack-config --set /etc/cinder/cinder.conf DEFAULT rbd_pool volumes

openstack-config --set /etc/cinder/cinder.conf DEFAULT rbd_ceph_conf /etc/ceph/ceph.conf

openstack-config --set /etc/cinder/cinder.conf DEFAULT rbd_flatten_volume_from_snapshot false

openstack-config --set /etc/cinder/cinder.conf DEFAULT rbd_max_clone_depth 5

openstack-config --set /etc/cinder/cinder.conf DEFAULT rbd_user volumes                       

openstack-config --set /etc/cinder/cinder.conf DEFAULT rbd_secret_uuid 0071bd6f-849c-433a-8051-2e553df49aea


3、配置cinder配置文件的其他内容,内容如下:

在控制节点

openstack-config --set /etc/cinder/cinder.conf DEFAULT osapi_volume_listen 10.240.216.101

openstack-config --set /etc/cinder/cinder.conf DEFAULT api_paste_config /etc/cinder/api-paste.ini

openstack-config --set /etc/cinder/cinder.conf DEFAULT glance_api_servers 10.240.216.101:9292

openstack-config --set /etc/cinder/cinder.conf DEFAULT glance_api_version 2

openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone

openstack-config --set /etc/cinder/cinder.conf DEFAULT max_retries -1

openstack-config --set /etc/cinder/cinder.conf DEFAULT debug True

openstack-config --set /etc/cinder/cinder.conf DEFAULT verbose True

openstack-config --set /etc/cinder/cinder.conf DEFAULT use_syslog False


4、修改/etc/cinder目录中文件的权限

chown -R cinder:cinder /etc/cinder/

chmod 774 /etc/ceph/ceph.client.volumes.keyring


5、重启cinder相关的服务

service openstack-glance-api restart

service openstack-cinder-volume restart

service openstack-cinder-backup restart


6、通过镜像ID创建一个云硬盘

[root@os-node1 ~]# cinder create 10 --image-id 98d5ccee-b09d-4237-abe7-1acf86145b51 --display-name test-volumes-1

+---------------------+--------------------------------------+

|       Property      |                Value                 |

+---------------------+--------------------------------------+

|     attachments     |                  []                  |

|  availability_zone  |                 nova                 |

|       bootable      |                false                 |

|      created_at     |      2014-07-15T09:19:35.784021      |

| display_description |                 None                 |

|     display_name    |            test-volumes-1            |

|          id         | c82cfe6c-220b-4d30-86ec-f098ce512523 |

|       image_id      | 98d5ccee-b09d-4237-abe7-1acf86145b51 |

|       metadata      |                  {}                  |

|         size        |                  10                  |

|     snapshot_id     |                 None                 |

|     source_volid    |                 None                 |

|        status       |               creating               |

|     volume_type     |                 None                 |

+---------------------+--------------------------------------+

[root@os-node1 ~]# cinder list

+--------------------------------------+-----------+----------------+------+-------------+----------+-------------+

|                  ID                  |   Status  |  Display Name  | Size | Volume Type | Bootable | Attached to |

+--------------------------------------+-----------+----------------+------+-------------+----------+-------------+

| c82cfe6c-220b-4d30-86ec-f098ce512523 | available | test-volumes-1 |  10  |     None    |   true   |             |

+--------------------------------------+-----------+----------------+------+-------------+----------+-------------+


nova与ceph对接

1、cephFS方式对接

(1)、把ceph存储用cephFS方式挂载到计算节点的/var/lib/nova/instances/目录

[root@os-node2 ~]# mount.ceph os-node1,os-node2,os-node3:/ /var/lib/nova/instances/ -v -o name=admin,secret=AQAWssNTwHyEORAAqVWA3KSo0ZhTvu2ck63lMQ==

FATAL: Module ceph not found.

mount.ceph: modprobe failed, exit status 1

parsing options: name=admin,secret=AQAWssNTwHyEORAAqVWA3KSo0ZhTvu2ck63lMQ==

mount error: ceph filesystem not supported by the system


上面的报错信息表示此内核版本没有ceph模块,需要升级内核版本解决

kernel 2.6.34以前的版本是没有Module rbd的,把系统内核版本升级到最新

rpm --import http://elrepo.org/RPM-GPG-KEY-elrepo.org

rpm -Uvh http://elrepo.org/elrepo-release-6-5.el6.elrepo.noarch.rpm

yum --enablerepo=elrepo-kernel install kernel-ml  -y 



安装完内核后修改/etc/grub.conf配置文件使机器重启后生效

修改配置文件中的 Default=1 to Default=0


再次执行上面的挂载命令

[root@os-node2 ~]# mount.ceph os-node1,os-node2,os-node3:/ /var/lib/nova/instances/ -v -o name=admin,secret=AQAWssNTwHyEORAAqVWA3KSo0ZhTvu2ck63lMQ==

parsing options: name=admin,secret=AQAWssNTwHyEORAAqVWA3KSo0ZhTvu2ck63lMQ==

[root@os-node2 ~]# df -h

Filesystem            Size  Used Avail Use% Mounted on

/dev/sda3              30G  1.7G   27G   7% /

tmpfs                  16G     0   16G   0% /dev/shm

/dev/sda1              93M   84M  2.1M  98% /boot

/dev/sda2              50G  325M   47G   1% /var

os-node1,10.240.216.102,10.240.216.103:/

                      2.1T  2.1G  2.1T   1% /var/lib/nova/instances


[root@os-node3 ~]# mount.ceph os-node1,os-node2,os-node3:/ /var/lib/nova/instances/ -v -o name=admin,secret=AQAWsTwHyEORAAqVWA3KSo0ZhTvu2ck63lMQ==

parsing options: name=admin,secret=AQAWssNTwHyEORAAqVWA3KSo0ZhTvu2ck63lMQ==

[root@os-node3 ~]# df -h

Filesystem            Size  Used Avail Use% Mounted on

/dev/sda3              30G  1.7G   27G   7% /

tmpfs                  16G     0   16G   0% /dev/shm

/dev/sda1              93M   84M  2.1M  98% /boot

/dev/sda2              50G  324M   47G   1% /var

os-node1,10.240.216.102,10.240.216.103:/

                      2.1T  2.1G  2.1T   1% /var/lib/nova/instances

[root@os-node3 ~]# 


(2)、把上面的挂载写入分区表里,防止重启挂载丢失

[root@os-node2 ~]# vi /etc/fstab

10.240.216.101,10.240.216.102,10.240.216.103:/   /var/lib/nova/instances  ceph  name=admin,secret=AQAWssNTwHyEORAAqVWA3KSo0ZhTvu2ck63lMQ==,noatime 0 0


[root@os-node3 ~]# vi /etc/fstab 

10.240.216.101,10.240.216.102,10.240.216.103:/   /var/lib/nova/instances  ceph  name=admin,secret=AQAWssNTwHyEORAAqVWA3KSo0ZhTvu2ck63lMQ==,noatime 0 0



2、RBD方式对接

在计算节点配置nova.conf配置文件

openstack-config --set /etc/nova/nova.conf DEFAULT libvirt_images_type rbd

openstack-config --set /etc/nova/nova.conf DEFAULT libvirt_images_rbd_pool compute

openstack-config --set /etc/nova/nova.conf DEFAULT libvirt_use_virtio_for_bridges True

openstack-config --set /etc/nova/nova.conf DEFAULT rbd_user compute

openstack-config --set /etc/nova/nova.conf DEFAULT rbd_secret_uuid 0071bd6f-849c-433a-8051-2e553df49aea

openstack-config --set /etc/nova/nova.conf DEFAULT libvirt_images_rbd_ceph_conf /etc/ceph/ceph.conf



3、修改计算、控制节点nova.conf的用户属性

chown -R  nova:nova /var/lib/nova/


4、重启所有的相关进程


在控制节点

service openstack-glance-api restart

service openstack-cinder-volume restart

service openstack-cinder-backup restart


在计算节点

service openstack-nova-compute restart


5、查看nova运行的服务列表

[root@os-node1 ~]# nova-manage service list

Binary           Host                                 Zone             Status     State Updated_At

nova-consoleauth os-node1                                internal         enabled    :-)   2014-07-15 09:39:51

nova-scheduler   os-node1                                internal         enabled    :-)   2014-07-15 09:39:51

nova-cert        os-node1                                internal         enabled    :-)   2014-07-15 09:39:51

nova-conductor   os-node1                                internal         enabled    :-)   2014-07-15 09:39:51

nova-compute     os-node2                                nova             enabled    :-)   2014-07-15 09:39:55

nova-compute     os-node3                                nova             enabled    :-)   2014-07-15 09:39:38

[root@os-node1 ~]# 


八、配置neutron网络服务


控制节点配置


1、安装neutron包

yum install openstack-neutron python-neutron openstack-neutron-openvswitch python-neutronclient -y

yum install kernel-ml iproute -y   #neutron dhcp模块会用到此软件包并升级kernel

2、编辑neutron配置文件

openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2

openstack-config --set /etc/neutron/neutron.conf DEFAULT control_exchange neutron

openstack-config --set /etc/neutron/neutron.conf DEFAULT qpid_hostname os-node1

openstack-config --set /etc/neutron/neutron.conf DEFAULT qpid_port 5672

openstack-config --set /etc/neutron/neutron.conf DEFAULT debug true

openstack-config --set /etc/neutron/neutron.conf DEFAULT verbose true

openstack-config --set /etc/neutron/neutron.conf DEFAULT use_syslog false

openstack-config --set /etc/neutron/neutron.conf DEFAULT use_stderr true

openstack-config --set /etc/neutron/neutron.conf DEFAULT publish_errors false

openstack-config --set /etc/neutron/neutron.conf DEFAULT bind_host os-node1

openstack-config --set /etc/neutron/neutron.conf DEFAULT bind_port 9696

openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone

openstack-config --set /etc/neutron/neutron.conf DEFAULT dhcp_lease_duration 120

openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_bulk true

openstack-config --set /etc/neutron/neutron.conf DEFAULT control_exchange neutron

openstack-config --set /etc/neutron/neutron.conf DEFAULT agent_down_time 15

openstack-config --set /etc/neutron/neutron.conf DEFAULT network_auto_schedule true

openstack-config --set /etc/neutron/neutron.conf DEFAULT router_auto_schedule true


openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_port 35357

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_protocol http

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_tenant_name service

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_user neutron

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_password neutron

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_host os-node1

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://os-node1:35357/v2.0


openstack-config --set /etc/neutron/neutron.conf database max_retries  -1

openstack-config --set /etc/neutron/neutron.conf database reconnect_interval 2

openstack-config --set /etc/neutron/neutron.conf database sql_connection mysql://neutron:neutron@localhost:3306/neutron


3、编辑nova的配置文件

openstack-config --set /etc/nova/nova.conf DEFAULT network_api_class nova.network.neutronv2.api.API

openstack-config --set /etc/nova/nova.conf DEFAULT neutron_url http://os-node1:9696

openstack-config --set /etc/nova/nova.conf DEFAULT neutron_auth_strategy keystone

openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_tenant_name service

openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_username neutron

openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_password neutron

openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_auth_url http://os-node1:35357/v2.0





4、编辑/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini配置文件把ovs模式配置成vlan模式

openstack-config --set /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini OVS tenant_network_type vlan

openstack-config --set /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini OVS network_vlan_ranges physnet1:1007:1009   #用于创建虚拟机的VLAN为1007到1009

openstack-config --set /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini OVS bridge_mappings physnet1:br-int



5、把/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini 连接到/etc/neutron/plugin.ini

ln -s /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini /etc/neutron/plugin.ini


6、在控制节点创建neutron数据库

[root@os-node1 ~]#openstack-db --init --service neutron --password neutron

7、创建neutron用户加入admin租户并赋予admin角色

[root@os-node1 ~]# keystone user-create --name=neutron --pass=neutron --email=neutron@jiayuan.com

+----------+----------------------------------+

| Property |              Value               |

+----------+----------------------------------+

|  email   |       neutron@jiayuan.com        |

| enabled  |               True               |

|    id    | 3dcd95ce1c8f4664be0426e1ebbd1bff |

|   name   |             neutron              |

+----------+----------------------------------+

[root@os-node1 ~]# keystone user-role-add --user=neutron --tenant=service --role=admin

8、创建neutron认证服务并配置endpiont

[root@os-node1 ~]# keystone service-create --name=neutron --type=network --description="OpenStack Networking Service"

+-------------+----------------------------------+

|   Property  |              Value               |

+-------------+----------------------------------+

| description |   OpenStack Networking Service   |

|      id     | 1b76562ac6e342f39a4eac8776e6d6ca |

|     name    |             neutron              |

|     type    |             network              |

+-------------+----------------------------------+

[root@os-node1 ~]# keystone endpoint-create --service-id  1b76562ac6e342f39a4eac8776e6d6ca --publicurl http://os-node1:9696 --adminurl http://os-node1:9696 --internalurl http://os-node1:9696

+-------------+----------------------------------+

|   Property  |              Value               |

+-------------+----------------------------------+

|   adminurl  |        http://os-node1:9696         |

|      id     | c9a554d9a5474892b147b6ad8aa1da55 |

| internalurl |        http://os-node1:9696         |

|  publicurl  |        http://os-node1:9696         |

|    region   |            regionOne             |

|  service_id | 1b76562ac6e342f39a4eac8776e6d6ca |

+-------------+----------------------------------+

[root@os-node1 ~]# 

9、添加网桥

[root@os-node1 ~]# service openvswitch start   #开启openvswitch服务

[root@os-node1 ~]# ovs-vsctl add-br br-int   #作为虚拟机使用

[root@os-node1 ~]# ifconfig         #查看加入的网桥


br-int    Link encap:Ethernet  HWaddr 5A:C8:01:46:4C:43  

          inet6 addr: fe80::dc56:cbff:fe04:7eea/64 Scope:Link

          UP BROADCAST RUNNING  MTU:1500  Metric:1

          RX packets:0 errors:0 dropped:0 overruns:0 frame:0

          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0 

          RX bytes:0 (0.0 b)  TX bytes:468 (468.0 b)

[root@os-node1 ~]# ovs-vsctl add-port br-int em2    #把网桥加到eth1口

[root@os-node1 ~]# ifconfig em2 0.0.0.0 up       #eth1接口上不用配置IP

[root@os-node1 ~]# ifconfig em2  promisc        #把eht1接口配置成混合模式

[root@os-node1 ~]# service network restart



10、重启nova服务并启动neutron-server服务

service openstack-nova-api restart

service openstack-nova-scheduler restart

service openstack-nova-conductor restart


service neutron-server restart

service neutron-openvswitch-agent restart


安装网络节点(这里控制节点当做网络节点)

1、编辑/etc/neutron/dhcp_agent.ini配置文件

openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.OVSInterfaceDriver

2、重启dhcp代理

service neutron-dhcp-agent restart




安装计算节点

安装配置neutron-l2-agent

1、安装openvswitch软件包

[root@os-node2 ~]# yum install openstack-neutron-openvswitch -y 

yum install iproute -y   #neutron dhcp模块会用到此软件包

2、启动openvswitch服务并设置开机自启动

[root@os-node2 ~]# service openvswitch start

/etc/openvswitch/conf.db does not exist ... (warning).

Creating empty database /etc/openvswitch/conf.db [  OK  ]

Starting ovsdb-server [  OK  ]

Configuring Open vSwitch system IDs [  OK  ]

Inserting openvswitch module [  OK  ]

Starting ovs-vswitchd [  OK  ]

Enabling remote OVSDB managers [  OK  ]

[root@os-node2 ~]# chkconfig openvswitch on

3、添加网桥

[root@os-node2 ~]# ovs-vsctl add-br br-int   #作为虚拟机使用

[root@os-node2 ~]# ifconfig         #查看加入的网桥


br-int    Link encap:Ethernet  HWaddr 5A:C8:01:46:4C:43  

          inet6 addr: fe80::dc56:cbff:fe04:7eea/64 Scope:Link

          UP BROADCAST RUNNING  MTU:1500  Metric:1

          RX packets:0 errors:0 dropped:0 overruns:0 frame:0

          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:0 

          RX bytes:0 (0.0 b)  TX bytes:468 (468.0 b)

[root@os-node2 ~]# ovs-vsctl add-port br-int em2    #把网桥加到eth1口

[root@os-node2 ~]# ifconfig em2 0.0.0.0 up

[root@os-node2 ~]# ifconfig em2  promisc

[root@os-node2 ~]# service network restart



4、编辑/etc/neutron/l3_agent.ini、/etc/neutron/dhcp_agent.ini配置文件

openstack-config --set /etc/neutron/l3_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.OVSInterfaceDriver

openstack-config --set /etc/neutron/l3_agent.ini DEFAULT use_namespaces True


openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.OVSInterfaceDriver

openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT use_namespaces True


5、配置/etc/neutron/neutron.conf配置文件

openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2

openstack-config --set /etc/neutron/neutron.conf DEFAULT control_exchange neutron

openstack-config --set /etc/neutron/neutron.conf DEFAULT qpid_hostname os-node1

openstack-config --set /etc/neutron/neutron.conf DEFAULT qpid_port 5672

openstack-config --set /etc/neutron/neutron.conf DEFAULT debug true

openstack-config --set /etc/neutron/neutron.conf DEFAULT verbose true

openstack-config --set /etc/neutron/neutron.conf DEFAULT use_syslog false

openstack-config --set /etc/neutron/neutron.conf DEFAULT use_stderr true

openstack-config --set /etc/neutron/neutron.conf DEFAULT publish_errors false

openstack-config --set /etc/neutron/neutron.conf DEFAULT bind_host 0.0.0.0

openstack-config --set /etc/neutron/neutron.conf DEFAULT bind_port 9696

openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone

openstack-config --set /etc/neutron/neutron.conf DEFAULT dhcp_lease_duration 120

openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_bulk true

openstack-config --set /etc/neutron/neutron.conf DEFAULT control_exchange neutron

openstack-config --set /etc/neutron/neutron.conf DEFAULT agent_down_time 15

openstack-config --set /etc/neutron/neutron.conf DEFAULT network_auto_schedule true

openstack-config --set /etc/neutron/neutron.conf DEFAULT router_auto_schedule true


openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_port 35357

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_protocol http

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_tenant_name service

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_user neutron

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_password neutron

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_host os-node1

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://os-node1:35357/v2.0


openstack-config --set /etc/neutron/neutron.conf database max_retries  -1

openstack-config --set /etc/neutron/neutron.conf database reconnect_interval 2

openstack-config --set /etc/neutron/neutron.conf database sql_connection mysql://neutron:neutron@os-node1/neutron


6、编辑/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini配置文件

openstack-config --set /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini OVS tenant_network_type vlan

openstack-config --set /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini OVS network_vlan_ranges physnet1:1007:1009

openstack-config --set /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini OVS bridge_mappings physnet1:br-int


7、配置nova配置文件

openstack-config --set /etc/nova/nova.conf DEFAULT network_api_class nova.network.neutronv2.api.API

openstack-config --set /etc/nova/nova.conf DEFAULT neutron_url http://os-node1:9696

openstack-config --set /etc/nova/nova.conf DEFAULT neutron_auth_strategy keystone

openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_tenant_name service

openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_username neutron

openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_password neutron


openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_auth_url http://os-node1:35357/v2.0


8、把/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini 连接到/etc/neutron/plugin.ini

ln -s /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini /etc/neutron/plugin.ini 


9、重启服务

service neutron-openvswitch-agent restart

service openstack-nova-compute restart




创建VM逻辑网络

1、创建一个jiayuan租户

[root@os-node1 ~]# keystone tenant-create --name=jiayuan --description="jiayuan-test"

+-------------+----------------------------------+

|   Property  |              Value               |

+-------------+----------------------------------+

| description |           jiayuan-test           |

|   enabled   |               True               |

|      id     | 4fa503932eb7429ca756e9f3f4bc0650 |

|     name    |             jiayuan              |

+-------------+----------------------------------+ 

[root@os-node1 ~]# keystone user-role-add --user=admin --tenant=jiayuan --role=admin


2、创建一个网络

[root@os-node1 ~]# neutron net-create vlan1008  --tenant-id 4fa503932eb7429ca756e9f3f4bc0650 

Created a new network:

+---------------------------+--------------------------------------+

| Field                     | Value                                |

+---------------------------+--------------------------------------+

| admin_state_up            | True                                 |

| id                        | ab34095f-d5b4-40f3-a236-73fb8eba1df4 |

| name                      | vlan1008                             |

| provider:network_type     | vlan                                 |

| provider:physical_network | physnet1                             |

| provider:segmentation_id  | 1008                                 |

| shared                    | False                                |

| status                    | ACTIVE                               |

| subnets                   |                                      |

| tenant_id                 | 4fa503932eb7429ca756e9f3f4bc0650     |

+---------------------------+--------------------------------------+

[root@os-node1 ~]# 

3、给网络添加一个网段

[root@os-node1 ~]# neutron subnet-create --tenant-id 4fa503932eb7429ca756e9f3f4bc0650 vlan1008 10.240.218.0/24 --name=vlan1008 --gateway=10.240.218.1 --enable_dhcp=True --allocation-pool start=10.240.218.10,end=10.240.218.200

Created a new subnet:

+------------------+-----------------------------------------------------+

| Field            | Value                                               |

+------------------+-----------------------------------------------------+

| allocation_pools | {"start": "10.240.218.10", "end": "10.240.218.200"} |

| cidr             | 10.240.218.0/24                                     |

| dns_nameservers  |                                                     |

| enable_dhcp      | True                                                |

| gateway_ip       | 10.240.218.1                                        |

| host_routes      |                                                     |

| id               | 7bb7ed9e-5e90-40b9-ab41-9da3f7f99c07                |

| ip_version       | 4                                                   |

| name             | vlan1008                                            |

| network_id       | ab34095f-d5b4-40f3-a236-73fb8eba1df4                |

| tenant_id        | 4fa503932eb7429ca756e9f3f4bc0650                    |

+------------------+-----------------------------------------------------+

[root@os-node1 ~]# 

4、建立一个虚拟机

[root@os-node1 ~]# nova boot --flavor 6  --key_name mykey --image 551c7d4b-65f3-4ecc-a512-2a035a7b7038 --security_group default jiayuan-test

+--------------------------------------+----------------------------------------------------------+

| Property                             | Value                                                    |

+--------------------------------------+----------------------------------------------------------+

| OS-DCF:diskConfig                    | MANUAL                                                   |

| OS-EXT-AZ:availability_zone          | nova                                                     |

| OS-EXT-SRV-ATTR:host                 | -                                                        |

| OS-EXT-SRV-ATTR:hypervisor_hostname  | -                                                        |

| OS-EXT-SRV-ATTR:instance_name        | instance-00000004                                        |

| OS-EXT-STS:power_state               | 0                                                        |

| OS-EXT-STS:task_state                | scheduling                                               |

| OS-EXT-STS:vm_state                  | building                                                 |

| OS-SRV-USG:launched_at               | -                                                        |

| OS-SRV-USG:terminated_at             | -                                                        |

| accessIPv4                           |                                                          |

| accessIPv6                           |                                                          |

| adminPass                            | jbFeypcmh3QD                                             |

| config_drive                         |                                                          |

| created                              | 2014-06-24T06:16:06Z                                     |

| flavor                               | flavor-test (6)                                          |

| hostId                               |                                                          |

| id                                   | 01016cca-ad8e-4fd6-8ce9-2dec2f73eb78                     |

| image                                | cirros-0.3.0-i386 (551c7d4b-65f3-4ecc-a512-2a035a7b7038) |

| key_name                             | mykey                                                    |

| metadata                             | {}                                                       |

| name                                 | jiayuan-test                                             |

| os-extended-volumes:volumes_attached | []                                                       |

| progress                             | 0                                                        |

| security_groups                      | default                                                  |

| status                               | BUILD                                                    |

| tenant_id                            | 0370afd03e814f93a6d825d32194e272                         |

| updated                              | 2014-06-24T06:16:06Z                                     |

| user_id                              | 254db522a9b54804b49c4224ad9d0f2b                         |

+--------------------------------------+----------------------------------------------------------+

5、查看一个虚拟机详细信息

[root@os-node1 ~]# nova show ce712672-958b-4ff2-88a2-e31d611b4938

+--------------------------------------+----------------------------------------------------------+

| Property                             | Value                                                    |

+--------------------------------------+----------------------------------------------------------+

| OS-DCF:diskConfig                    | MANUAL                                                   |

| OS-EXT-AZ:availability_zone          | nova                                                     |

| OS-EXT-SRV-ATTR:host                 | os-node2                                                    |

| OS-EXT-SRV-ATTR:hypervisor_hostname  | os-node2                                                    |

| OS-EXT-SRV-ATTR:instance_name        | instance-00000001                                        |

| OS-EXT-STS:power_state               | 0                                                        |

| OS-EXT-STS:task_state                | spawning                                                 |

| OS-EXT-STS:vm_state                  | building                                                 |

| OS-SRV-USG:launched_at               | -                                                        |

| OS-SRV-USG:terminated_at             | -                                                        |

| accessIPv4                           |                                                          |

| accessIPv6                           |                                                          |

| config_drive                         |                                                          |

| created                              | 2014-07-13T09:53:05Z                                     |

| flavor                               | flavor-test (6)                                          |

| hostId                               | 1b938bf8f6bbec202b7d68986e7fb0f35a410dd51108272b4ee98385 |

| id                                   | ce712672-958b-4ff2-88a2-e31d611b4938                     |

| image                                | cirros-0.3.0-i386 (a79026b8-56a5-45b4-8a2d-baea933af60d) |

| key_name                             | mykey                                                    |

| metadata                             | {}                                                       |

| name                                 | jiayuan-test                                             |

| os-extended-volumes:volumes_attached | []                                                       |

| progress                             | 0                                                        |

| security_groups                      | default                                                  |

| status                               | BUILD                                                    |

| tenant_id                            | e9eb582da335442b9b7d7e7599517f61                         |

| updated                              | 2014-07-13T09:53:07Z                                     |

| user_id                              | c123d5be51404fdead770ebc0cecdbde                         |

+--------------------------------------+----------------------------------------------------------+

6、查看虚拟机列表

[root@os-node1 ~]# nova list

+--------------------------------------+--------------+--------+------------+-------------+----------+

| ID                                   | Name         | Status | Task State | Power State | Networks |

+--------------------------------------+--------------+--------+------------+-------------+----------+

| ce712672-958b-4ff2-88a2-e31d611b4938 | jiayuan-test | BUILD  | spawning   | NOSTATE     |          |

+--------------------------------------+--------------+--------+------------+-------------+----------+

[root@os-node1 ~]# 




九、安装dashboard

1、在控制节点os-node1上安装dashboard软件包

[root@os-node1 ~]# yum install -y memcached python-memcached mod_wsgi openstack-dashboard

 

2、为dashboard创建Member角色


dashboard依赖于keystone的Member角色,因此,需要为其创建此默认角色。


[root@os-node1 ~]# keystone role-create --name Member

+----------+----------------------------------+

| Property |              Value               |

+----------+----------------------------------+

|    id    | e32e6cfed3f5428d925fcdf0ffe0c6a0 |

|   name   |              Member              |

+----------+----------------------------------+


3、修改dashboard的配置文件内容如下:(可以直接把原来/etc/openstack-dashboard/local_settings内容删掉粘贴下面的内容)

[root@os-node1 ~]# cat /etc/openstack-dashboard/local_settings | grep -v "#" |sed ‘/^$/d‘

import os

from django.utils.translation import ugettext_lazy as _

from openstack_dashboard import exceptions

DEBUG =False

TEMPLATE_DEBUG = DEBUG

PROD = True

#SITE_BRANDING = ‘Mirantis OpenStack Dashboard‘

ALLOWED_HOSTS = [‘*‘]

OPENSTACK_API_VERSIONS = {

    "identity": 2.0

}

CONSOLE_TYPE = "AUTO"

HORIZON_CONFIG = {

    ‘dashboards‘: (‘project‘, ‘admin‘, ‘settings‘),

    ‘default_dashboard‘: ‘project‘,

    ‘user_home‘: ‘openstack_dashboard.views.get_user_home‘,

    ‘ajax_queue_limit‘: 10,

    ‘auto_fade_alerts‘: {

        ‘delay‘: 3000,

        ‘fade_duration‘: 1500,

        ‘types‘: [‘alert-success‘, ‘alert-info‘]

    },

    ‘help_url‘: "http://docs.openstack.org",

    ‘exceptions‘: {

       ‘recoverable‘: exceptions.RECOVERABLE,

       ‘not_found‘: exceptions.NOT_FOUND,

       ‘unauthorized‘: exceptions.UNAUTHORIZED

    },

}

ENABLE_JUJU_PANEL = True

HORIZON_CONFIG["simple_ip_management"] = False

LOCAL_PATH = ‘/tmp‘

SECRET_KEY = ‘dummy_secret_key‘

CACHES = {

    ‘default‘: {

        ‘BACKEND‘ : ‘django.core.cache.backends.memcached.MemcachedCache‘,

        ‘LOCATION‘ : "10.240.216.101:11211"

    },

}

EMAIL_BACKEND = ‘django.core.mail.backends.console.EmailBackend‘

OPENSTACK_HOST = "10.240.216.101"

OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0" % OPENSTACK_HOST

OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member"

OPENSTACK_KEYSTONE_BACKEND = {

    ‘name‘: ‘native‘,

    ‘can_edit_user‘: True,

    ‘can_edit_group‘: True,

    ‘can_edit_project‘: True,

    ‘can_edit_domain‘: True,

    ‘can_edit_role‘: True

}

OPENSTACK_HYPERVISOR_FEATURES = {

    ‘can_set_mount_point‘: False

}

OPENSTACK_NEUTRON_NETWORK = {

    ‘enable_lb‘: False,

    ‘enable_firewall‘: False,

    ‘enable_quotas‘: True,

    ‘enable_vpn‘: False,

    ‘profile_support‘: None,

}

API_RESULT_LIMIT = 1000

API_RESULT_PAGE_SIZE = 20

TIME_ZONE = "UTC"

EXTERNAL_MONITORING = [ ]

LOGGING = {

        ‘version‘: 1,

        ‘disable_existing_loggers‘: False,

        ‘formatters‘: {

            ‘debug‘: {

                ‘format‘: ‘dashboard-%(name)s: %(levelname)s %(module)s %(funcName)s %(message)s‘

            },

            ‘normal‘: {

                ‘format‘: ‘dashboard-%(name)s: %(levelname)s %(message)s‘

            },

        },

        ‘handlers‘: {

            ‘null‘: {

                ‘level‘: ‘DEBUG‘,

                ‘class‘: ‘django.utils.log.NullHandler‘,

                ‘formatter‘: ‘debug‘

                },

            ‘console‘: {

                ‘level‘: ‘DEBUG‘,

                ‘class‘: ‘logging.StreamHandler‘,

                ‘formatter‘: ‘debug‘

                },

            ‘file‘: {

                ‘level‘: ‘DEBUG‘,

                ‘class‘: ‘logging.FileHandler‘,

                ‘filename‘: ‘/var/log/horizon/horizon.log‘,

                ‘formatter‘: ‘normal‘

                },

            ‘syslog‘: {

                ‘level‘: ‘DEBUG‘,

                ‘facility‘: ‘local1‘,

                ‘class‘: ‘logging.handlers.SysLogHandler‘,

                ‘address‘: ‘/dev/log‘,

                ‘formatter‘: ‘normal‘

                },

            },

        ‘loggers‘: {

            ‘‘: {

                ‘handlers‘: [‘syslog‘],

                ‘level‘: ‘NOTSET‘,

                ‘propagate‘: True

                },

            ‘django.db.backends‘: {

                ‘handlers‘: [‘null‘],

                ‘level‘: ‘DEBUG‘,

                ‘propagate‘: False

                },

            ‘horizon‘: {

                ‘handlers‘: [‘syslog‘],

                ‘level‘: ‘DEBUG‘,

                ‘propagate‘: False

            },

            ‘openstack_dashboard‘: {

                ‘handlers‘: [‘syslog‘],

                ‘level‘: ‘DEBUG‘,

                ‘propagate‘: False

            },

            ‘novaclient‘: {

                ‘handlers‘: [‘syslog‘],

                ‘level‘: ‘DEBUG‘,

                ‘propagate‘: False

            },

           ‘glanceclient‘: {

                ‘handlers‘: [‘syslog‘],

                ‘level‘: ‘DEBUG‘,

                ‘propagate‘: False

            },

            ‘keystoneclient‘: {

                ‘handlers‘: [‘syslog‘],

                ‘level‘: ‘DEBUG‘,

                ‘propagate‘: False

            },

            ‘neutronclient‘: {

                ‘handlers‘: [‘syslog‘],

                ‘level‘: ‘DEBUG‘,

                ‘propagate‘: False

            },

            ‘nose.plugins.manager‘: {

                ‘handlers‘: [‘syslog‘],

                ‘level‘: ‘DEBUG‘,

                ‘propagate‘: False

            }

        }

}

LOGIN_URL=‘/dashboard/auth/login/‘

LOGIN_REDIRECT_URL=‘/dashboard‘

COMPRESS_OFFLINE = True

SECURITY_GROUP_RULES = {

    ‘all_tcp‘: {

        ‘name‘: ‘ALL TCP‘,

        ‘ip_protocol‘: ‘tcp‘,

        ‘from_port‘: ‘1‘,

        ‘to_port‘: ‘65535‘,

    },

    ‘all_udp‘: {

        ‘name‘: ‘ALL UDP‘,

        ‘ip_protocol‘: ‘udp‘,

        ‘from_port‘: ‘1‘,

        ‘to_port‘: ‘65535‘,

    },

    ‘all_icmp‘: {

        ‘name‘: ‘ALL ICMP‘,

        ‘ip_protocol‘: ‘icmp‘,

        ‘from_port‘: ‘-1‘,

        ‘to_port‘: ‘-1‘,

    },

    ‘ssh‘: {

        ‘name‘: ‘SSH‘,

        ‘ip_protocol‘: ‘tcp‘,

        ‘from_port‘: ‘22‘,

        ‘to_port‘: ‘22‘,

    },

    ‘smtp‘: {

        ‘name‘: ‘SMTP‘,

        ‘ip_protocol‘: ‘tcp‘,

        ‘from_port‘: ‘25‘,

        ‘to_port‘: ‘25‘,

    },

    ‘dns‘: {

        ‘name‘: ‘DNS‘,

        ‘ip_protocol‘: ‘tcp‘,

        ‘from_port‘: ‘53‘,

        ‘to_port‘: ‘53‘,

    },

    ‘http‘: {

        ‘name‘: ‘HTTP‘,

        ‘ip_protocol‘: ‘tcp‘,

        ‘from_port‘: ‘80‘,

        ‘to_port‘: ‘80‘,

    },

    ‘pop3‘: {

        ‘name‘: ‘POP3‘,

        ‘ip_protocol‘: ‘tcp‘,

        ‘from_port‘: ‘110‘,

        ‘to_port‘: ‘110‘,

    },

    ‘imap‘: {

        ‘name‘: ‘IMAP‘,

        ‘ip_protocol‘: ‘tcp‘,

        ‘from_port‘: ‘143‘,

        ‘to_port‘: ‘143‘,

    },

    ‘ldap‘: {

        ‘name‘: ‘LDAP‘,

        ‘ip_protocol‘: ‘tcp‘,

        ‘from_port‘: ‘389‘,

        ‘to_port‘: ‘389‘,

    },

    ‘https‘: {

        ‘name‘: ‘HTTPS‘,

        ‘ip_protocol‘: ‘tcp‘,

        ‘from_port‘: ‘443‘,

        ‘to_port‘: ‘443‘,

    },

    ‘smtps‘: {

        ‘name‘: ‘SMTPS‘,

        ‘ip_protocol‘: ‘tcp‘,

        ‘from_port‘: ‘465‘,

        ‘to_port‘: ‘465‘,

    },

    ‘imaps‘: {

        ‘name‘: ‘IMAPS‘,

        ‘ip_protocol‘: ‘tcp‘,

        ‘from_port‘: ‘993‘,

        ‘to_port‘: ‘993‘,

    },

    ‘pop3s‘: {

        ‘name‘: ‘POP3S‘,

        ‘ip_protocol‘: ‘tcp‘,

        ‘from_port‘: ‘995‘,

        ‘to_port‘: ‘995‘,

    },

    ‘ms_sql‘: {

        ‘name‘: ‘MS SQL‘,

        ‘ip_protocol‘: ‘tcp‘,

        ‘from_port‘: ‘1443‘,

        ‘to_port‘: ‘1443‘,

    },

    ‘mysql‘: {

        ‘name‘: ‘MYSQL‘,

        ‘ip_protocol‘: ‘tcp‘,

        ‘from_port‘: ‘3306‘,

        ‘to_port‘: ‘3306‘,

    },

    ‘rdp‘: {

        ‘name‘: ‘RDP‘,

        ‘ip_protocol‘: ‘tcp‘,

        ‘from_port‘: ‘3389‘,

        ‘to_port‘: ‘3389‘,

    },

}

4、修改/etc/openstack-dashboard/local_settings用户属性

chown apache:apache /etc/openstack-dashboard/local_settings 

chmod 644 /etc/openstack-dashboard/local_settings 

5、启动服务器并设置开机自启动

service httpd start

service memcached start

chkconfig httpd on

chkconfig memcached on

6、登录web界面访问

http://10.240.216.101/dashboard/



附录:ceph快速安装脚本

mon节点安装

1、安装第一个mon节点

mkdir /etc/ceph/

cat > /etc/ceph/ceph.conf << EOF

[global]

fsid = f11240d4-86b1-49ba-aacc-6d3d37b24cc4

mon initial members = os-node1,os-node2,os-node3

mon host = os-node1,10.240.216.102,10.240.216.103

public network = 10.240.216.0/24

auth cluster required = cephx

auth service required = cephx

auth client required = cephx

osd journal size = 1024

filestore xattr use omap = true

osd pool default size = 2

osd pool default min size = 1

osd crush chooseleaf type = 1

osd_mkfs_type = xfs

max mds = 5

mds max file size = 100000000000000

mds cache size = 1000000

mon osd down out interval = 900

#cluster_network = 10.240.216.0/24

[mon]

mon clock drift allowed = .50 


EOF



ceph-authtool --create-keyring /tmp/ceph.mon.keyring --gen-key -n mon. --cap mon ‘allow *‘ 

ceph-authtool --create-keyring /etc/ceph/ceph.client.admin.keyring --gen-key -n client.admin --set-uid=0 --cap mon ‘allow *‘ --cap osd ‘allow *‘ --cap mds ‘allow *‘

ceph-authtool /tmp/ceph.mon.keyring --import-keyring /etc/ceph/ceph.client.admin.keyring 

mkdir -p /var/lib/ceph/mon/ceph-os-node1

mkdir -p /var/lib/ceph/bootstrap-osd/



ceph-authtool -C /var/lib/ceph/bootstrap-osd/ceph.keyring

ceph-mon --mkfs -i os-node1 --keyring /tmp/ceph.mon.keyring

touch /var/lib/ceph/mon/ceph-os-node1/done

touch /var/lib/ceph/mon/ceph-os-node1/sysvinit

/sbin/service ceph -c /etc/ceph/ceph.conf start mon.os-node1




2、建立第二个mon节点


1、在os-node2节点

mkdir -p /var/lib/ceph/mon/ceph-os-node2



2、在os-node1节点

scp /etc/ceph/* os-node2:/etc/ceph/

scp /var/lib/ceph/bootstrap-osd/ceph.keyring os-node2:/var/lib/ceph/bootstrap-osd/

scp /tmp/ceph.mon.keyring os-node2:/tmp/



3、在os-node2节点

ceph-mon --mkfs -i os-node2  --keyring /tmp/ceph.mon.keyring

touch /var/lib/ceph/mon/ceph-os-node2/done

touch /var/lib/ceph/mon/ceph-os-node2/sysvinit

/sbin/service ceph -c /etc/ceph/ceph.conf start mon.os-node2




3、建立第三个mon节点


1、在os-node3节点

mkdir -p /var/lib/ceph/mon/ceph-os-node3



2、在os-node1节点

scp /etc/ceph/* os-node3:/etc/ceph/

scp /var/lib/ceph/bootstrap-osd/ceph.keyring os-node3:/var/lib/ceph/bootstrap-osd/

scp /tmp/ceph.mon.keyring os-node3:/tmp/



3、在os-node3节点

ceph-mon --mkfs -i os-node3  --keyring /tmp/ceph.mon.keyring

touch /var/lib/ceph/mon/ceph-os-node3/done

touch /var/lib/ceph/mon/ceph-os-node3/sysvinit

/sbin/service ceph -c /etc/ceph/ceph.conf start mon.os-node3



添加osd节点

在os-node1节点复制ceph目录下的文件到osd节点


scp /etc/ceph/* os-node4:/etc/ceph

scp /etc/ceph/* os-node5:/etc/ceph

scp /etc/ceph/* os-node5:/etc/ceph




1、添加第一块osd节点

在os-node4节点

ceph osd create

mkdir -p /var/lib/ceph/osd/ceph-0

mkfs.xfs -f /dev/sda6

mount /dev/sda6 /var/lib/ceph/osd/ceph-0

mount -o remount,user_xattr /var/lib/ceph/osd/ceph-0



[root@os-node4 ~]# vi /etc/fstab

/dev/sda6                /var/lib/ceph/osd/ceph-0  xfs   defaults        0 0

/dev/sda6                /var/lib/ceph/osd/ceph-0  xfs   remount,user_xattr  0 0


ceph-osd -i 0 --mkfs --mkkey 

ceph auth add osd.0 osd ‘allow *‘ mon ‘allow profile osd‘ -i /var/lib/ceph/osd/ceph-0/keyring

ceph osd crush add-bucket os-node4 host

ceph osd crush move os-node4 root=default

ceph osd crush add osd.0 1.0 host=os-node4

touch /var/lib/ceph/osd/ceph-0/sysvinit

/etc/init.d/ceph start osd.0




2、添加第二个osd节点

在os-node5节点

ceph osd create

mkdir -p /var/lib/ceph/osd/ceph-1

mkfs.xfs -f /dev/sda6

mount /dev/sda6 /var/lib/ceph/osd/ceph-1

mount -o remount,user_xattr /var/lib/ceph/osd/ceph-1



[root@os-node5 ~]# vi /etc/fstab

/dev/sda6                /var/lib/ceph/osd/ceph-1  xfs   defaults        0 0

/dev/sda6                /var/lib/ceph/osd/ceph-1  xfs   remount,user_xattr  0 0


ceph-osd -i 1 --mkfs --mkkey 

ceph auth add osd.1 osd ‘allow *‘ mon ‘allow profile osd‘ -i /var/lib/ceph/osd/ceph-1/keyring

ceph osd crush add-bucket os-node5 host

ceph osd crush move os-node5 root=default

ceph osd crush add osd.1 1.0 host=os-node5

touch /var/lib/ceph/osd/ceph-1/sysvinit

/etc/init.d/ceph start osd.1




3、添加第三块osd节点

在os-node6节点

ceph osd create

mkdir -p /var/lib/ceph/osd/ceph-2

mkfs.xfs -f /dev/sda6

mount /dev/sda6 /var/lib/ceph/osd/ceph-2

mount -o remount,user_xattr /var/lib/ceph/osd/ceph-2

[root@os-node6 ~]# vi /etc/fstab

/dev/sda6                /var/lib/ceph/osd/ceph-2  xfs   defaults        0 0

/dev/sda6                /var/lib/ceph/osd/ceph-2  xfs   remount,user_xattr  0 0


ceph-osd -i 2 --mkfs --mkkey 

ceph auth add osd.2 osd ‘allow *‘ mon ‘allow profile osd‘ -i /var/lib/ceph/osd/ceph-2/keyring

ceph osd crush add-bucket os-node6 host

ceph osd crush move os-node6 root=default

ceph osd crush add osd.2 1.0 host=os-node6

touch /var/lib/ceph/osd/ceph-2/sysvinit

/etc/init.d/ceph start osd.2


添加元数据服务器


添加元数据服务器


添加第一个元数据服务器

1、在os-node1节点

mkdir -p /var/lib/ceph/mds/ceph-os-node1

touch /root/ceph.bootstrap-mds.keyring

ceph-authtool --import-keyring /var/lib/ceph/bootstrap-mds/ceph.keyring ceph.bootstrap-mds.keyring 

ceph --cluster ceph --name client.bootstrap-mds --keyring /var/lib/ceph/bootstrap-mds/ceph.keyring auth get-or-create mds.os-node1 osd ‘allow rwx‘ mds ‘allow‘ mon ‘allow profile mds‘ -o /var/lib/ceph/mds/ceph-os-node1/keyring

touch /var/lib/ceph/mds/ceph-os-node1/sysvinit

touch /var/lib/ceph/mds/ceph-os-node1/done

service ceph start mds.os-node1


添加第二个元数据服务器

1、在os-node2节点

mkdir -p /var/lib/ceph/mds/ceph-os-node2

mkdir -p /var/lib/ceph/bootstrap-mds/

2、在os-node1节点

scp /var/lib/ceph/bootstrap-mds/ceph.keyring os-node2:/var/lib/ceph/bootstrap-mds/

scp /root/ceph.bootstrap-mds.keyring os-node2:/root/

scp /var/lib/ceph/mds/ceph-os-node1/sysvinit os-node2://var/lib/ceph/mds/ceph-os-node2/

3、在os-node2节点

ceph --cluster ceph --name client.bootstrap-mds --keyring /var/lib/ceph/bootstrap-mds/ceph.keyring auth get-or-create mds.os-node2 osd ‘allow rwx‘ mds ‘allow‘ mon ‘allow profile mds‘ -o /var/lib/ceph/mds/ceph-os-node2/keyring

touch /var/lib/ceph/mds/ceph-os-node2/done

service ceph start mds.os-node2


添加第三个元数据服务器

1、在os-node3节点

mkdir -p /var/lib/ceph/mds/ceph-os-node3

mkdir -p /var/lib/ceph/bootstrap-mds/

2、在os-node1节点

scp /var/lib/ceph/bootstrap-mds/ceph.keyring os-node3:/var/lib/ceph/bootstrap-mds/

scp /root/ceph.bootstrap-mds.keyring os-node3:/root/

scp /var/lib/ceph/mds/ceph-os-node1/sysvinit os-node3://var/lib/ceph/mds/ceph-os-node3/

3、在os-node3节点

ceph --cluster ceph --name client.bootstrap-mds --keyring /var/lib/ceph/bootstrap-mds/ceph.keyring auth get-or-create mds.os-node3 osd ‘allow rwx‘ mds ‘allow‘ mon ‘allow profile mds‘ -o /var/lib/ceph/mds/ceph-os-node3/keyring

touch /var/lib/ceph/mds/ceph-os-node3/done

service ceph start mds.os-node3

本文出自 “zhangdh开放空间” 博客,请务必保留此出处http://linuxblind.blog.51cto.com/7616603/1710176

Openstack 单控制节点部署实例

标签:openstack ceph openstack安装

原文地址:http://linuxblind.blog.51cto.com/7616603/1710176

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!