Openstack Installation and Configuration
准备环境
OS:Ubuntu12.04 64位
安装系统时安装ssh、dns
更改系统时间:ntpdate ip或一个时间域名 hwclock
-w
防火墙:ufw disable
更改系统支持语言 /etc/default/locale reboot
Openstack install start
#Update the machine using the following commands
sudo apt-get update
sudo apt-get upgrade
#Install bridge-utils
sudo apt-get install bridge-utils
#Network Configuration
#The primary network interface
auto eth0
iface eth0 inet static
address 192.168.3.97
netmask 255.255.255.0
gateway 192.168.3.1
# Bridge network interface for VM networks
auto br100
iface br100 inet static
address 192.168.100.1
netmask 255.255.255.0
bridge_stp off
bridge_fd 0
brctl addbr br100
/etc/init.d/networking restart
#NTP Server
apt-get install ntp
vi /etc/ntp.conf
server ntp.ubuntu.com
server 127.127.1.0
fudge 127.127.1.0 stratum 10
service ntp restart
#Mysql
apt-get install mysql-server python-mysqldb
#Create the root password for mysql. The password used in this
guide is “password”
vi /etc/mysql/my.cnf
bind-address = 0.0.0.0
service mysql restart
#Creating Databases
#about nova databases
mysql -uroot -ppassword -e ‘CREATE DATABASE nova;’
mysql -uroot -ppassword -e ‘CREATE USER nova;’
mysql -uroot -ppassword -e “GRANT ALL PRIVILEGES ON nova.* TO
‘nova’@'%’;”
mysql -uroot -ppassword -e “SET PASSWORD FOR ‘nova’@'%’
=PASSWORD(‘password’);”
#about glance databases
mysql -uroot -ppassword -e ‘CREATE DATABASE glance;’
mysql -uroot -ppassword -e ‘CREATE USER glance;’
mysql -uroot -ppassword -e “GRANT ALL PRIVILEGES ON glance.* TO
‘glance’@'%’;”
mysql -uroot -ppassword -e “SET PASSWORD FOR ‘glance’@'%’
=PASSWORD(‘password’);”
#about keystone databases
mysql -uroot -ppassword -e ‘CREATE DATABASE keystone;’
mysql -uroot -ppassword -e ‘CREATE USER keystone;’
mysql -uroot -ppassword -e “GRANT ALL PRIVILEGES ON keystone.* TO
‘keystone’@'%’;”
mysql -uroot -ppassword -e “SET PASSWORD FOR ‘keystone’@'%’
=PASSWORD(‘password’);”
#Keystone
apt-get install keystone python-keystone python-keystoneclient
vi /etc/keystone/keystone.conf
admin_token = admin
cOnnection= mysql://keystone:password@192.168.3.97/keystone
service keystone restart
keystone-manage db_sync
export SERVICE_ENDPOINT=”http://localhost:35357/v2.0″
export SERVICE_TOKEN=admin
source /etc/profile
/root/.bashrc
#Creating Tenants
keystone tenant-create ?name admin
+————-+———————————-+
| Property
|
Value
|
+————-+———————————-+
| description |
None
|
| enabled |
True
|
| id |
71afa7f265a043baaf35c94c526f6fe6 |
| name |
admin
|
+————-+———————————-+
keystone tenant-create ?name service
+————-+———————————-+
| Property
|
Value
|
+————-+———————————-+
| description |
None
|
| enabled |
True
|
| id |
9b154b36eba44e6faa243cbe31cd505e |
| name |
service
|
+————-+———————————-+
#create users
keystone user-create ?name admin ?pass admin ?email
admin@foobar.com
keystone user-create ?name nova ?pass nova ?email
nova@foobar.com
keystone user-create ?name glance ?pass glance ?email
glance@foobar.com
keystone user-create ?name swift ?pass swift ?email
swift@foobar.com
输出如下
root@oak-controller:~# keystone user-create ?name admin ?pass admin
?email admin@foobar.com
+———-+————————————————————————————————————————-+
| Property
|
Value
|
+———-+————————————————————————————————————————-+
| email |
admin@foobar.com
|
| enabled |
True
|
| id |
e7865fd421764554a15418467d530d9f
|
| name |
admin
|
| password |
$6$rounds=40000$Tl1Ll7lr2A7PKV2w$Jf4VNEPGpIQg2xefYHTCU1Ou4eKpvTpVtdbJ8q2WJ426hdS2onr4YQcdkGJOvyVtR6tA3KN.TiL57Rdlo.B2M1
|
| tenantId |
None
|
+———-+————————————————————————————————————————-+
root@oak-controller:~# keystone user-create ?name nova ?pass nova
?email nova@foobar.com
+———-+————————————————————————————————————————-+
| Property
|
Value
|
+———-+————————————————————————————————————————-+
| email |
nova@foobar.com
|
| enabled |
True
|
| id |
16b969fb9f3a470581141d601e61beeb
|
| name |
nova
|
| password |
$6$rounds=40000$2hIzWJsygWb9ebna$TtXRFGcGsBoJSE9rO1R5Dg9o27EGwvK7LDZuNVSsA.vVgcriyXkBzqIrfm8pF3qNfgaImbvxqdBNtWYbbejpt.
|
| tenantId |
None
|
+———-+————————————————————————————————————————-+
root@oak-controller:~# keystone user-create ?name glance ?pass
glance ?email glance@foobar.com
+———-+————————————————————————————————————————-+
| Property
|
Value
|
+———-+————————————————————————————————————————-+
| email |
glance@foobar.com
|
| enabled |
True
|
| id |
0846f49915e34af2b2711daa2276600b
|
| name |
glance
|
| password |
$6$rounds=40000$9n/XT3tA4Va/Yw5q$A9YHhm5.A4I5sf8o55FZHZinRoNPfb/7jNpEYpizG2Pfa3r97faysrGePtXaaaST46CrTaJWbUCCG49wBjt6n1
|
| tenantId |
None
|
+———-+————————————————————————————————————————-+
root@oak-controller:~# keystone user-create ?name swift ?pass swift
?email swift@foobar.com
+———-+————————————————————————————————————————-+
| Property
|
Value
|
+———-+————————————————————————————————————————-+
| email |
swift@foobar.com
|
| enabled |
True
|
| id |
89d985c3654a49edbbaf098b044d4d97
|
| name |
swift
|
| password |
$6$rounds=40000$1S5h0kE6JpNxx73b$.Nf8wwfRO3/UFI58WAo77ASdp93vtEiyrWyL160prVWyPnp5VMlUnNaJKLyxnahagxBXX87Y4KbhfvWU87E2d0
|
| tenantId |
None
|
+———-+————————————————————————————————————————-+
# Creating Roles
keystone role-create ?name admin
keystone role-create ?name Member
输出如下:
root@oak-controller:~# keystone role-create ?name admin
+———-+———————————-+
| Property
|
Value
|
+———-+———————————-+
| id |
54f31e5da56e4c26ad4febce9ff7b017 |
| name |
admin
|
+———-+———————————-+
root@oak-controller:~# keystone role-create ?name Member
+———-+———————————-+
| Property
|
Value
|
+———-+———————————-+
| id |
6d763be492464f9396bbaf02fbfff753 |
| name |
Member
|
+———-+———————————-+
#Listing Tenants, Users and Roles
root@oak-controller:~# keystone tenant-list
+———————————-+———+———+
|
id
| name | enabled |
+———————————-+———+———+
| 71afa7f265a043baaf35c94c526f6fe6 | admin |
True |
| 9b154b36eba44e6faa243cbe31cd505e | service |
True |
+———————————-+———+———+
root@oak-controller:~# keystone user-list
+———————————-+———+——————-+——?+
|
id
| enabled |
email | name |
+———————————-+———+——————-+——?+
| 0846f49915e34af2b2711daa2276600b | True |
glance@foobar.com | glance |
| 16b969fb9f3a470581141d601e61beeb | True |
nova@foobar.com | nova |
| 89d985c3654a49edbbaf098b044d4d97 | True |
swift@foobar.com | swift |
| e7865fd421764554a15418467d530d9f | True |
admin@foobar.com | admin |
+———————————-+———+——————-+——?+
root@oak-controller:~# keystone role-list
+———————————-+——?+
|
id
| name |
+———————————-+——?+
| 54f31e5da56e4c26ad4febce9ff7b017 | admin |
| 6d763be492464f9396bbaf02fbfff753 | Member |
+———————————-+——?+
#command example
keystone user-role-add ?user $USER_ID ?role $ROLE_ID ?tenant_id
$TENANT_ID
#To add a role of ‘admin’ to the user ‘admin’ of the tenant
‘admin’
keystone user-role-add ?user e7865fd421764554a15418467d530d9f ?role
54f31e5da56e4c26ad4febce9ff7b017 ?tenant_id
71afa7f265a043baaf35c94c526f6fe6
#The following commands will add a role of ‘admin’ to the users
‘nova’, ‘glance’ and ‘swift’ of the tenant ‘service’.
keystone user-role-add ?user 0846f49915e34af2b2711daa2276600b ?role
54f31e5da56e4c26ad4febce9ff7b017 ?tenant_id
9b154b36eba44e6faa243cbe31cd505e
keystone user-role-add ?user 16b969fb9f3a470581141d601e61beeb ?role
54f31e5da56e4c26ad4febce9ff7b017 ?tenant_id
9b154b36eba44e6faa243cbe31cd505e
keystone user-role-add ?user 89d985c3654a49edbbaf098b044d4d97 ?role
54f31e5da56e4c26ad4febce9ff7b017 ?tenant_id
9b154b36eba44e6faa243cbe31cd505e
#add a role ‘Member’ to user ‘admin’ of tenant ‘admin’
keystone user-role-add ?user e7865fd421764554a15418467d530d9f ?role
6d763be492464f9396bbaf02fbfff753 ?tenant_id
71afa7f265a043baaf35c94c526f6fe6
# Creating Services
#command example
keystone service-create ?name service_name ?type service_type
?description ‘Description of the service’
keystone service-create ?name nova ?type compute ?description
‘OpenStack Compute Service’
keystone service-create ?name volume ?type volume ?description
‘OpenStack Volume Service’
keystone service-create ?name glance ?type image ?description
‘OpenStack Image Service’
keystone service-create ?name swift ?type object-store ?description
‘OpenStack Storage Service’
keystone service-create ?name keystone ?type identity ?description
‘OpenStack Identity Service’
keystone service-create ?name ec2 ?type ec2 ?description ‘EC2
Service’
keystone service-list
root@oak-controller:~# keystone service-list
+———————————-+———-+————?+—————————-+
|
id
| name |
type
|
description |
+———————————-+———-+————?+—————————-+
| 368283bcbbf2488d94c8e8f8f6899ee4 | keystone |
identity | OpenStack Identity Service |
| 50ab784afa0e4583ad78578d089678e9 | swift |
object-store | OpenStack Storage Service |
| 63b3a3c91869439cabfc2fdd9a793dde | volume |
volume | OpenStack Volume
Service |
| b07ac3f65cb34bbe97d717be3f60c45a | glance |
image | OpenStack Image
Service |
| dcf501c58c314e06a99b3639782d5cee |
ec2 |
ec2 | EC2
Service
|
| e828bd8bc67b490eaa10911168f82c3b | nova |
compute | OpenStack Compute
Service |
+———————————-+———-+————?+—————————-+
#Creating Endpoints
example:keystone endpoint-create ?region region_name ?service_id
service_id ?publicurl public_url ?adminurl admin_url
?internalurl internal_url
#nova-compute
keystone endpoint-create ?region myregion ?service_id
e828bd8bc67b490eaa10911168f82c3b ?publicurl
‘http://192.168.3.97:8774/v2/$(tenant_id)s’ ?adminurl
‘http://192.168.3.97:8774/v2/$(tenant_id)s’ ?internalurl
‘http://192.168.3.97:8774/v2/$(tenant_id)s’
#nova-volume
keystone endpoint-create ?region myregion ?service_id
63b3a3c91869439cabfc2fdd9a793dde ?publicurl
‘http://192.168.3.97:8776/v1/$(tenant_id)s’ ?adminurl
‘http://192.168.3.97:8776/v1/$(tenant_id)s’ ?internalurl
‘http://192.168.3.97:8776/v1/$(tenant_id)s’
#glance
keystone endpoint-create ?region myregion ?service_id
b07ac3f65cb34bbe97d717be3f60c45a ?publicurl
‘http://192.168.3.97:9292/v1′ ?adminurl
‘http://192.168.3.97:9292/v1′ ?internalurl
‘http://192.168.3.97:9292/v1′
#swift
keystone endpoint-create ?region myregion ?service_id
50ab784afa0e4583ad78578d089678e9 ?publicurl
‘http://192.168.3.97:8080/v1/AUTH_$(tenant_id)s’ ?adminurl
‘http://192.168.3.97:8080/v1′ ?internalurl
‘http://192.168.3.97:8080/v1/AUTH_$(tenant_id)s’
#keystone
keystone endpoint-create ?region myregion ?service_id
368283bcbbf2488d94c8e8f8f6899ee4 ?publicurl
http://192.168.3.97:5000/v2.0 ?adminurl
http://192.168.3.97:35357/v2.0 ?internalurl
http://192.168.3.97:5000/v2.0
#ec2
keystone endpoint-create ?region myregion ?service_id
dcf501c58c314e06a99b3639782d5cee ?publicurl
http://192.168.3.97:8773/services/Cloud ?adminurl
http://192.168.3.97:8773/services/Admin ?internalurl
http://192.168.3.97:8773/services/Cloud
#Glance
apt-get install glance glance-api glance-client glance-common
glance-registry python-glance
#Glance Configuration
vi /etc/glance/glance-api-paste.ini
admin_tenant_name = service
admin_user = glance
admin_password = glance
vi /etc/glance/glance-registry-paste.ini
admin_tenant_name = service
admin_user = glance
admin_password = glance
vi /etc/glance/glance-registry.conf
sql_cOnnection= mysql://glance:password@192.168.3.97/glance
[paste_deploy]
flavor = keystone
vi /etc/glance/glance-api.conf
[paste_deploy]
flavor = keystone
glance-manage version_control 0
glance-manage db_sync
restart glance-api
restart glance-registry
export SERVICE_TOKEN=admin
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_AUTH_URL=”http://localhost:5000/v2.0/”
export SERVICE_ENDPOINT=http://localhost:35357/v2.0
source .bashrc
glance index
echo$?
###Nova
apt-get install nova-api nova-cert nova-compute nova-compute-kvm
nova-doc nova-network nova-objectstore nova-scheduler nova-volume
rabbitmq-server novnc nova-consoleauth
vi /etc/nova/nova.conf
?dhcpbridge_flagfile=/etc/nova/nova.conf
?dhcpbridge=/usr/bin/nova-dhcpbridge
?logdir=/var/log/nova
?state_path=/var/lib/nova
?lock_path=/run/lock/nova
?allow_admin_api=true
?use_deprecated_auth=false
?auth_strategy=keystone
?scheduler_driver=nova.scheduler.simple.SimpleScheduler
?s3_host=192.168.3.97
?ec2_host=192.168.3.97
?rabbit_host=192.168.3.97
?cc_host=192.168.3.97
?nova_url=http://192.168.3.97:8774/v1.1/
?routing_source_ip=192.168.3.97
?glance_api_servers=192.168.3.97:9292
?image_service=nova.image.glance.GlanceImageService
?iscsi_ip_prefix=192.168.100
?sql_cOnnection=mysql://nova:password@192.168.3.97/nova
?ec2_url=http://192.168.3.97:8773/services/Cloud
?keystone_ec2_url=http://192.168.3.97:5000/v2.0/ec2tokens
?api_paste_cOnfig=/etc/nova/api-paste.ini
?libvirt_type=kvm
?libvirt_use_virtio_for_bridges=true
?start_guests_on_host_boot=true
?resume_guests_state_on_host_boot=true
# vnc specific configuration
?novnc_enabled=true
?novncproxy_base_url=http://192.168.3.97:6080/vnc_auto.html
?vncserver_proxyclient_address=192.168.3.97
?vncserver_listen=192.168.3.97
# network specific settings
?network_manager=nova.network.manager.FlatDHCPManager
?public_interface=eth0
?flat_interface=eth0
?flat_network_bridge=br100
?fixed_range=192.168.100.1/24
#JJZ>>>>>> fixed_range defines the internal
network used by VM, change to 192.168.100.1/24
?floating_range=192.168.3.129/25
#JJZ>>>>>> floating_range defines the external
network used by VM, change to 192.168.3.129/25
?network_size=256
#JJZ>>>>> network_size define the network size of
internal network, change to 256
?flat_network_dhcp_start=192.168.100.2
?flat_injected=False
?force_dhcp_release
?iscsi_helper=tgtadm
?connection_type=libvirt
?root_helper=sudo nova-rootwrap
?verbose
root@oak-controller:~# pvcreate /dev/sda4
Physical volume “/dev/sda4″ successfully created
root@oak-controller:~# vgcreate nova-volumes /dev/sda4
Volume group “nova-volumes” successfully created
chown -R nova:nova /etc/nova
chmod 644 /etc/nova/nova.conf
vi /etc/nova/api-paste.ini
admin_tenant_name = service
admin_user = nova
admin_password = nova
nova-manage db sync
nova-manage network create private ?fixed_range_v4=192.168.100.0/24
?num_networks=1 ?bridge=br100 ?bridge_interface=eth0
?network_size=256
nova-manage floating create ?ip_range=192.168.3.128/25从新在执行下地址poor 取决于我nova.conf 的配置定义
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_AUTH_URL=”http://localhost:5000/v2.0/”
service libvirt-bin restart
service nova-network restart
service nova-api restart
service nova-objectstore restart
service nova-scheduler restart
service nova-consoleauth restart
service nova-cert restart
service nova-volume restart
service nova-compute restart
root@oak-controller:~# nova-manage service list
2012-07-26 14:37:28 DEBUG nova.utils
[req-8d4b9794-c2bb-4e35-b3a0-d1f9796c784e None None] backend
Binary
Host
Zone
Status State Updated_At
nova-network
oak-controller
nova
enabled 
2012-07-26 06:37:25
nova-compute
oak-controller
nova
enabled 2012-07-26 06:37:25
nova-scheduler
oak-controller
nova
enabled 2012-07-26 06:37:18
nova-consoleauth
oak-controller
nova
enabled 2012-07-26 06:37:22
nova-cert
oak-controller
nova
enabled 2012-07-26 06:37:20
apt-get install git-core
apt-get install -y memcached libapache2-mod-wsgi
openstack-dashboard
#create database dash
mysql -uroot -ppassword -e ‘CREATE DATABASE dash;’
mysql -uroot -ppassword -e ‘CREATE USER dash;’
mysql -uroot -ppassword -e “GRANT ALL PRIVILEGES ON dash.* TO
‘dash’@'%’;”
mysql -uroot -ppassword -e “SET PASSWORD FOR ‘dash’@'%’
=PASSWORD(‘password’);”
vi /etc/openstack-dashboard/local_settings.py
LOCAL_PATH = os.path.dirname(os.path.abspath(__file__))
DATABASES = {
‘default’: {
‘ENGINE’: ‘django.db.backends.mysql’,
‘NAME’: ‘dash’,
‘USER’: ‘dash’,
‘PASSWORD’: ‘password’,
‘HOST’: ’192.168.3.97′,
‘default-character-set’: ‘utf8′
},
}
/usr/share/openstack-dashboard/manage.py syncdb
mkdir -p /var/lib/dash/.blackhole
/etc/init.d/apache2 restart
restart nova-api
京公网安备 11010802041100号 | 京ICP备19059560号-4 | PHP1.CN 第一PHP社区 版权所有 