标签:添加 openstack key enc point 授权 dom 服务 end
官方文档:https://docs.openstack.org/nova/rocky/install/controller-install-rdo.html
nova的主要服务
API:负责接受和响应外部请求,支持openstack API,EC2API.
Cert:负责身份认证EC 2。
Scheduler:用于云主机调度。
Conductor:计算节点访问数据的中间件。
Consoleauth:用于控制台的授权验证。
Novncproxy:VNC代理。
mysql -uroot -p123123
创建数据库nova_cell0并授权
CREATE DATABASE nova_cell0;
GRANT ALL PRIVILEGES ON nova_cell0.* TO ‘nova‘@‘localhost‘ IDENTIFIED BY ‘nova‘;
GRANT ALL PRIVILEGES ON nova_cell0.* TO ‘nova‘@‘%‘ IDENTIFIED BY ‘nova‘;
创建novay用户
source /admin-openstack.sh
[root@localhost ~]# openstack user create --domain default --password-prompt nova
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 5bbf1e37ef5e472e9c4cd495262b5f72 |
| name | nova |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
把nova用户加入service的项目并授予admin的角色
openstack role add --project service --user nova admin
创建nova服务(不能创建多个)
openstack service create --name nova \
--description "OpenStack Compute" compute
[root@localhost ~]# openstack service create --name nova \
> --description "OpenStack Compute" compute
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Compute |
| enabled | True |
| id | d52c1a21c9b648a5b7d26c3a8924de1e |
| name | nova |
| type | compute |
+-------------+----------------------------------+
创建三个url
openstack endpoint create --region RegionOne \
compute public http://192.168.2.11:8774/v2.1
[root@localhost ~]# openstack service create --name nova \
> --description "OpenStack Compute" compute
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Compute |
| enabled | True |
| id | d52c1a21c9b648a5b7d26c3a8924de1e |
| name | nova |
| type | compute |
+-------------+----------------------------------+
[root@localhost ~]# openstack endpoint create --region RegionOne \
> compute public http://192.168.2.11:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 3e59c409d5314ae1a223bf002f54b0a6 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | d52c1a21c9b648a5b7d26c3a8924de1e |
| service_name | nova |
| service_type | compute |
| url | http://192.168.2.11:8774/v2.1 |
+--------------+----------------------------------+
openstack endpoint create --region RegionOne \
compute internal http://192.168.2.11:8774/v2.1
[root@localhost ~]# openstack endpoint create --region RegionOne \
> compute internal http://192.168.2.11:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | ce28fa1e5c96446ea5a94e7ce2934fdc |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | d52c1a21c9b648a5b7d26c3a8924de1e |
| service_name | nova |
| service_type | compute |
| url | http://192.168.2.11:8774/v2.1 |
+--------------+----------------------------------+
openstack endpoint create --region RegionOne \
compute admin http://192.168.2.11:8774/v2.1
[root@localhost ~]# openstack endpoint create --region RegionOne \
> compute admin http://192.168.2.11:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 737f3aa9055b43d3ac93385957657f3b |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | d52c1a21c9b648a5b7d26c3a8924de1e |
| service_name | nova |
| service_type | compute |
| url | http://192.168.2.11:8774/v2.1 |
+--------------+----------------------------------+
创建placement用户
[root@localhost ~]# openstack user create --domain default --password-prompt placement
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 97b2e35868f24c20af240937c74071b7 |
| name | placement |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
把placement用户加入service的项目并授予admin的角色
openstack role add --project service --user placement admin
创建placement服务
[root@localhost ~]# openstack service create --name placement \
> --description "Placement API" placement
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Placement API |
| enabled | True |
| id | 4fcaf742bebc41ec8cf440fff26d6010 |
| name | placement |
| type | placement |
+-------------+----------------------------------+
注册:
openstack endpoint create --region RegionOne \
placement public http://192.168.2.11:8778
[root@localhost ~]# openstack endpoint create --region RegionOne \
> placement public http://192.168.2.11:8778
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | f66f90ffcdfb4553a451044ab001b582 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 4fcaf742bebc41ec8cf440fff26d6010 |
| service_name | placement |
| service_type | placement |
| url | http://192.168.2.11:8778 |
+--------------+----------------------------------+
openstack endpoint create --region RegionOne \
placement internal http://192.168.2.11:8778
[root@localhost ~]# openstack endpoint create --region RegionOne \
> placement internal http://192.168.2.11:8778
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 564a9fe1de684c1580f5b10ff4f656a5 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 4fcaf742bebc41ec8cf440fff26d6010 |
| service_name | placement |
| service_type | placement |
| url | http://192.168.2.11:8778 |
+--------------+----------------------------------+
openstack endpoint create --region RegionOne \
placement admin http://192.168.2.11:8778
[root@localhost ~]# openstack endpoint create --region RegionOne \
> placement admin http://192.168.2.11:8778
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 8129c5f8ca954eb785221a952f3b323e |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 4fcaf742bebc41ec8cf440fff26d6010 |
| service_name | placement |
| service_type | placement |
| url | http://192.168.2.11:8778 |
+--------------+----------------------------------+
查看用户
[root@localhost ~]# openstack user list
+----------------------------------+-----------+
| ID | Name |
+----------------------------------+-----------+
| 51984c978be44a32898e11ed114fd8a9 | admin |
| 5bbf1e37ef5e472e9c4cd495262b5f72 | nova |
| 97b2e35868f24c20af240937c74071b7 | placement |
| 9c0e041fffa7450c9d49d41b3174f7a4 | glance |
| e9b0a1c05d1d4bc28c17de967f074c49 | demo |
+----------------------------------+-----------+
查看服务
[root@localhost ~]# openstack service list
+----------------------------------+-----------+-----------+
| ID | Name | Type |
+----------------------------------+-----------+-----------+
| 37c0c42ff7ab4629bb0309e6affe1316 | glance | image |
| 4a5790f3f5fa434c9c1a899e7e229abf | keystone | identity |
| 4fcaf742bebc41ec8cf440fff26d6010 | placement | placement |
| d52c1a21c9b648a5b7d26c3a8924de1e | nova | compute |
+----------------------------------+-----------+-----------+
openstack endpoint list
安装服务
yum install openstack-nova-api openstack-nova-conductor \
openstack-nova-console openstack-nova-novncproxy \
openstack-nova-scheduler openstack-nova-placement-api
修改配置文件
vim /etc/nova/nova.conf
[DEFAULT]
# ...
#打开注释:
enabled_apis = osapi_compute,metadata
[api_database]
# ...
connection=mysql+pymysql://nova:nova@192.168.2.11/nova_api
[database]
# ...
mysql+pymysql://nova:nova@192.168.2.11/nova
[DEFAULT]
# ...
3130 transport_url=rabbit://openstack:openstack@192.168.2.11
[api]
# ...
#打开注释
auth_strategy = keystone
[keystone_authtoken]
auth_url = http://192.168.2.11:5000
auth_url = http://192.168.2.11:35357
memcached_servers = 192.168.2.11:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = nova
[DEFAULT]
# ...
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[vnc]
enabled = true
vncserver_listen=192.168.2.11
server_proxyclient_address =192.168.2.11
[glance]
# ...
api_servers=http://192.168.2.11:9292
[oslo_concurrency]
# ...
lock_path = /var/lib/nova/tmp
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://192.168.2.11:5000/v3
username = placement
password = placement
vim /etc/httpd/conf.d/00-nova-placement-api.conf
#添加
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
重启httpd
systemctl restart httpd
同步api数据库
su -s /bin/sh -c "nova-manage api_db sync" nova
同步cell0数据库
u -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
创建cell1
su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
同步nova数据库
su -s /bin/sh -c "nova-manage db sync" nova
验证nova cell0和cell1是否正确注册:
su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova
[root@localhost ~]# su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova
+-------+--------------------------------------+--------------------------------------+---------------------------------------------------+
| Name | UUID | Transport URL | Database Connection |
+-------+--------------------------------------+--------------------------------------+---------------------------------------------------+
| cell0 | 00000000-0000-0000-0000-000000000000 | none:/ | mysql+pymysql://nova:****@192.168.2.11/nova_cell0 |
| cell1 | a3cec692-4976-46b6-8260-d61e383f7737 | rabbit://openstack:****@192.168.2.11 | mysql+pymysql://nova:****@192.168.2.11/nova |
+-------+--------------------------------------+--------------------------------------+---------------------------------------------------+
启动Compute服务并将其配置为在系统引导时启动:
systemctl enable openstack-nova-api.service \
openstack-nova-scheduler.service openstack-nova-conductor.service \
openstack-nova-novncproxy.service
systemctl start openstack-nova-api.service \
openstack-nova-scheduler.service openstack-nova-conductor.service \
openstack-nova-novncproxy.service
标签:添加 openstack key enc point 授权 dom 服务 end
原文地址:https://www.cnblogs.com/liuhui-xzz/p/9898754.html