注意:
近期开始向OpenStack进军,请大家继续关注。也希望各位提出批评和改进意见,弥补我的不足。对于OpenStack我是个新手,一来以前都飘在CentOS中,这次对于拿Ubuntu做Server还有点不适应;二来OpenStack绝对是个Big Guy,构建复杂,内容庞大,仅仅安装就很麻烦。同时它又非常灵活,经常让我云里雾里。
昨天对照着最新的官方教程进行了安装,结果OK,用Server2制作Ubuntu Desktop和Win7上传后,都能正常打开,但每个instance都没有网卡,让人觉得奇怪。后来感觉还是没有把官方教程吃透的原因。晚上开始挑灯夜战,自己开始翻译官方教程。我认为只有踏踏实实地学习,才能真正搞懂它。
以下是官方教程原链接处:
以下是我对照原教程翻译的博客文章《OpenStack云计算----快速入门之》章节:
从这里开始,是部分的安装手记,请参考官方教程参看下面的过程。
一、安装Ubuntu
1、DVD:Ubuntu 12.04 Server版
2、分区:
490G的主分区 + 16G的SWAP(其实还能减少,服务器16G内存) + 490G空闲空间
注:490G的空闲空间用于OpenStack的Swift数据存储。同时一定要给主分区格式化,并且将boot写入。
3、安装语言,选择“English”,因为汉化不太好,尤其是到Openstack后,故直接选择英语,避免各种乱码方块出现
4、不适用代理服务器,因为本身就已经有外网IP,自身就可以连入Internet
5、选择“不使用自动更新 No auto Update”
6、只安装OpenSSH服务。
7、等待安装结束。重启,进入第二阶段。
二、安装OpenStack
1、使用putty,远程连接:
login as: localadmin
localadmin@122.xxx.144.xxx's password:
Welcome to Ubuntu 12.04 LTS (GNU/Linux 3.2.0-23-generic x86_64)
* Documentation: https://help.ubuntu.com/
System information as of Wed Jul 4 15:13:59 CST 2012
System load: 0.0 Processes: 109
Usage of /: 1.7% of 458.53GB Users logged in: 1
Memory usage: 0% IP address for eth0: 122.204.144.220
Swap usage: 0%
Graph this data and manage this system at https://landscape.canonical.com/
58 packages can be updated.
29 updates are security updates.
The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.
Last login: Wed Jul 4 15:08:33 2012
localadmin@server1:~$
2、现在更新系统:
localadmin@server1:~$sudo apt-get update
localadmin@server1:~$sudo apt-get upgrade
3、编辑网卡:
localadmin@server1:~$ cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 122.204.144.220
netmask 255.255.255.128
broadcast 122.204.144.255
gateway 122.204.144.129
dns-nameservers 218.104.111.114
auto eth1
iface eth1 inet static
address 192.168.3.1
netmask 255.255.255.0
network 192.168.3.0
broadcast 192.168.3.255
localadmin@server1:~$
4、重启network网络服务:
localadmin@server1:~$ sudo /etc/init.d/networking restart
* Running /etc/init.d/networking restart is deprecated because it may not enable again some interfaces
* Reconfiguring network interfaces... ssh stop/waiting
ssh start/running, process 11988
ssh stop/waiting
ssh start/running, process 12029
[ OK ]
localadmin@server1:~$
5、NTP是用来使系统和一个精确的时间源保持时间同步的协议。建议大家在自己管理的网络中建立至少一台时间服务器来同步本地时间,这样可以使得在不同的系统上处理和收集日志和管理更加容易。
建立NTP时间服务器:
localadmin@server1:~$ sudo apt-get install ntp
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
libcap2 libopts25
Suggested packages:
ntp-doc
The following NEW packages will be installed:
libcap2 libopts25 ntp
0 upgraded, 3 newly installed, 0 to remove and 3 not upgraded.
Need to get 684 kB of archives.
After this operation, 1,765 kB of additional disk space will be used.
Do you want to continue [Y/n]? y
Get:1 http://us.archive.ubuntu.com/ubuntu/ precise/main libcap2 amd64 1:2.22-1ubuntu3 [12.0 kB]
Get:2 http://us.archive.ubuntu.com/ubuntu/ precise/main libopts25 amd64 1:5.12-0.1ubuntu1 [59.9 kB]
Get:3 http://us.archive.ubuntu.com/ubuntu/ precise-updates/main ntp amd64 1:4.2.6.p3+dfsg-1ubuntu3.1 [612 kB]
Fetched 684 kB in 5s (137 kB/s)
Selecting previously unselected package libcap2.
(Reading database ... 48908 files and directories currently installed.)
Unpacking libcap2 (from .../libcap2_1%3a2.22-1ubuntu3_amd64.deb) ...
Selecting previously unselected package libopts25.
Unpacking libopts25 (from .../libopts25_1%3a5.12-0.1ubuntu1_amd64.deb) ...
Selecting previously unselected package ntp.
Unpacking ntp (from .../ntp_1%3a4.2.6.p3+dfsg-1ubuntu3.1_amd64.deb) ...
Processing triggers for ureadahead ...
Processing triggers for man-db ...
Setting up libcap2 (1:2.22-1ubuntu3) ...
Setting up libopts25 (1:5.12-0.1ubuntu1) ...
Setting up ntp (1:4.2.6.p3+dfsg-1ubuntu3.1) ...
* Starting NTP server ntpd [ OK ]
Processing triggers for libc-bin ...
ldconfig deferred processing now taking place
6、修改NTP服务器配置文件:
localadmin@server1:~$ sudo vi /etc/ntp.conf
localadmin@server1:~$ cat /etc/ntp.conf
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
driftfile /var/lib/ntp/ntp.drift
# Enable this if you want statistics to be logged.
#statsdir /var/log/ntpstats/
statistics loopstats peerstats clockstats
filegen loopstats file loopstats type day enable
filegen peerstats file peerstats type day enable
filegen clockstats file clockstats type day enable
# Specify one or more NTP servers.
# Use servers from the NTP Pool Project. Approved by Ubuntu Technical Board
# on 2011-02-08 (LP: #104525). See http://www.pool.ntp.org/join.html for
# more information.
server 0.ubuntu.pool.ntp.org
server 1.ubuntu.pool.ntp.org
server 2.ubuntu.pool.ntp.org
server 3.ubuntu.pool.ntp.org
# Use Ubuntu's ntp server as a fallback.
server ntp.ubuntu.com
server 127.127.1.0
fudge 127.127.1.0
# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for
# details. The web page
# might also be helpful.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.
# By default, exchange time with everybody, but don't allow configuration.
restrict -4 default kod notrap nomodify nopeer noquery
restrict -6 default kod notrap nomodify nopeer noquery
# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1
# Clients from this (example!) subnet have unlimited access, but only if
# cryptographically authenticated.
#restrict 192.168.123.0 mask 255.255.255.0 notrust
# If you want to provide time to your local subnet, change the next line.
# (Again, the address is an example only.)
#broadcast 192.168.123.255
# If you want to listen to time broadcasts on your local subnet, de-comment the
# next lines. Please do this only if you trust everybody on the network!
#disable auth
#broadcastclient
localadmin@server1:~$
7、重启NTP服务:
localadmin@server1:~$ sudo service ntp restart
* Stopping NTP server ntpd [ OK ]
* Starting NTP server ntpd [ OK ]
localadmin@server1:~$
8、安装mysql-server:
localadmin@server1:~$ sudo apt-get install mysql-server python-mysqldb
在接下来的root密码确认中,本例输入了两次“123456”
然后修改mysql的bind-address,将其改成0.0.0.0,并重启mysql服务。
localadmin@server1:~$ sudo vi /etc/mysql/my.cnf
localadmin@server1:~$ sodo service mysql restart
****************************** keystone *************************************
localadmin@server1:~$ sudo vi /etc/keystone/keystone.conf
localadmin@server1:~$ sudo service keystone restart
keystone stop/waiting
keystone start/running, process 15711
localadmin@server1:~$ sudo keystone-manage db_sync
localadmin@server1:~$ export SERVICE_ENDPOINT="http://localhost:35357/v2.0"
localadmin@server1:~$ export SERVICE_TOKEN=admin
localadmin@server1:~$ keystone tenant-create --name admin
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | None |
| enabled | True |
| id | eedbbd34067f46e6a47122301f5a9ee9 |
| name | admin |
+-------------+----------------------------------+
localadmin@server1:~$ keystone tenant-create --name service
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | None |
| enabled | True |
| id | a9b5e4cf02804dac8fb5ef9f2491533e |
| name | service |
+-------------+----------------------------------+
localadmin@server1:~$
localadmin@server1:~$ keystone user-create --name admin --pass admin --email admin@foobar.com
+----------+-------------------------------------------------------------------------------------------------------------------------+
| Property | Value |
+----------+-------------------------------------------------------------------------------------------------------------------------+
| email | admin@foobar.com |
| enabled | True |
| id | 09758dc348004bbcbe148a1dd9259b99 |
| name | admin |
| password | $6$rounds=40000$A5e8YUjukrp8dcou$iKKp0u7RTyVFxjF2sXcHcnf1M9YGP7UQV0u124ufTkL8f523VWtYWK08gOmLc0E4lPjWfJf2jgYrXpsQVm.kH. |
| tenantId | None |
+----------+-------------------------------------------------------------------------------------------------------------------------+
localadmin@server1:~$ keystone user-create --name nova --pass nova --email nova@foobar.com
+----------+-------------------------------------------------------------------------------------------------------------------------+
| Property | Value |
+----------+-------------------------------------------------------------------------------------------------------------------------+
| email | nova@foobar.com |
| enabled | True |
| id | 5a9b32098688403fa6db76b1b66d282c |
| name | nova |
| password | $6$rounds=40000$oKfHA5oymDisoNGD$j1jSERMHOtwHij2C5S4otDwdnox0opHiVOBUwBF5RPNThxgXTFgqEgz80T5lvr4LIuO4oiSx1VCrMEtvIWcii1 |
| tenantId | None |
+----------+-------------------------------------------------------------------------------------------------------------------------+
localadmin@server1:~$ keystone user-create --name glance --pass glance --email glance@foobar.com
+----------+-------------------------------------------------------------------------------------------------------------------------+
| Property | Value |
+----------+-------------------------------------------------------------------------------------------------------------------------+
| email | glance@foobar.com |
| enabled | True |
| id | c525c1e363ec4ef6bcaf329bac378c9a |
| name | glance |
| password | $6$rounds=40000$ROLObYXKC8kSMmJ1$gQGNK3cNOvbo4Nekp48/COj.5cQitg1hTi3Ur9L.YClMShfC3aKnybVR/ybYZa3QiOCQSFYuggrW.u6lY/JB40 |
| tenantId | None |
+----------+-------------------------------------------------------------------------------------------------------------------------+
localadmin@server1:~$ keystone user-create --name swift --pass swift --email swift@foobar.com
+----------+-------------------------------------------------------------------------------------------------------------------------+
| Property | Value |
+----------+-------------------------------------------------------------------------------------------------------------------------+
| email | swift@foobar.com |
| enabled | True |
| id | de31da4c26ec4e32b1a0dddfd4242594 |
| name | swift |
| password | $6$rounds=40000$hC8rxm6qRaU29bCS$3u1Lby5iOmjt07lK.G.HZJh3Ab0Im3Yrfi/4n/p7OL7UAjIPLIDJtVclbHIVSlw7Ykv4lTo33ohUWkZ84rowE. |
| tenantId | None |
+----------+-------------------------------------------------------------------------------------------------------------------------+
localadmin@server1:~$
localadmin@server1:~$ keystone role-create --name admin
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| id | eb150d45c71c459bba5515427f103e47 |
| name | admin |
+----------+----------------------------------+
localadmin@server1:~$ keystone role-create --name Member
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| id | 9170bee284f14de1ad61e1b00f388636 |
| name | Member |
+----------+----------------------------------+
localadmin@server1:~$
localadmin@server1:~$ keystone tenant-list
+----------------------------------+---------+---------+
| id | name | enabled |
+----------------------------------+---------+---------+
| a9b5e4cf02804dac8fb5ef9f2491533e | service | True |
| eedbbd34067f46e6a47122301f5a9ee9 | admin | True |
+----------------------------------+---------+---------+
localadmin@server1:~$ keystone user-list
+----------------------------------+---------+-------------------+--------+
| id | enabled | email | name |
+----------------------------------+---------+-------------------+--------+
| 09758dc348004bbcbe148a1dd9259b99 | True | admin@foobar.com | admin |
| 5a9b32098688403fa6db76b1b66d282c | True | nova@foobar.com | nova |
| c525c1e363ec4ef6bcaf329bac378c9a | True | glance@foobar.com | glance |
| de31da4c26ec4e32b1a0dddfd4242594 | True | swift@foobar.com | swift |
+----------------------------------+---------+-------------------+--------+
localadmin@server1:~$ keystone role-list
+----------------------------------+--------+
| id | name |
+----------------------------------+--------+
| 9170bee284f14de1ad61e1b00f388636 | Member |
| eb150d45c71c459bba5515427f103e47 | admin |
+----------------------------------+--------+
localadmin@server1:~$
localadmin@server1:~$ keystone user-role-add --user 09758dc348004bbcbe148a1dd9259b99 --role eb150d45c71c459bba5515427f103e47 --tenant_id eedbbd34067f46e6a47122301f5a9ee9
localadmin@server1:~$ keystone user-role-add --user 5a9b32098688403fa6db76b1b66d282c --role eb150d45c71c459bba5515427f103e47 --tenant_id a9b5e4cf02804dac8fb5ef9f2491533e
localadmin@server1:~$ keystone user-role-add --user c525c1e363ec4ef6bcaf329bac378c9a --role eb150d45c71c459bba5515427f103e47 --tenant_id a9b5e4cf02804dac8fb5ef9f2491533e
localadmin@server1:~$ keystone user-role-add --user de31da4c26ec4e32b1a0dddfd4242594 --role eb150d45c71c459bba5515427f103e47 --tenant_id a9b5e4cf02804dac8fb5ef9f2491533e
localadmin@server1:~$ keystone user-role-add --user 09758dc348004bbcbe148a1dd9259b99 --role 9170bee284f14de1ad61e1b00f388636 --tenant_id eedbbd34067f46e6a47122301f5a9ee9
localadmin@server1:~$ keystone service-create --name nova --type compute --description 'OpenStack Compute Service'
keystone service-create --name swift --type object-store --description 'OpenStack Storage Service'
keystone service-create --name keystone --type identity --description 'OpenStack Identity Service'
keystone service-create --name ec2 --type ec2 --description 'EC2 Service'+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack Compute Service |
| id | 9585824540ef41389255dfd067e7f5c9 |
| name | nova |
| type | compute |
+-------------+----------------------------------+
localadmin@server1:~$ keystone service-create --name volume --type volume --description 'OpenStack Volume Service'
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack Volume Service |
| id | e80dacd3e70b470680964a2db26a2fc2 |
| name | volume |
| type | volume |
+-------------+----------------------------------+
localadmin@server1:~$ keystone service-create --name glance --type image --description 'OpenStack Image Service'
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack Image Service |
| id | 4bd9e223e4b5499293e5dfc576aed5c4 |
| name | glance |
| type | image |
+-------------+----------------------------------+
localadmin@server1:~$ keystone service-create --name swift --type object-store --description 'OpenStack Storage Service'
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack Storage Service |
| id | d9135dfee297423d9709949ddb8ff784 |
| name | swift |
| type | object-store |
+-------------+----------------------------------+
localadmin@server1:~$ keystone service-create --name keystone --type identity --description 'OpenStack Identity Service'
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack Identity Service |
| id | 133793c8df604ea1b7849439faae4553 |
| name | keystone |
| type | identity |
+-------------+----------------------------------+
localadmin@server1:~$ keystone service-create --name ec2 --type ec2 --description 'EC2 Service'
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | EC2 Service |
| id | a234e9950dab4bdfaf974c52809c9b36 |
| name | ec2 |
| type | ec2 |
+-------------+----------------------------------+
localadmin@server1:~$ keystone service-list
+----------------------------------+----------+--------------+----------------------------+
| id | name | type | description |
+----------------------------------+----------+--------------+----------------------------+
| 133793c8df604ea1b7849439faae4553 | keystone | identity | OpenStack Identity Service |
| 4bd9e223e4b5499293e5dfc576aed5c4 | glance | image | OpenStack Image Service |
| 9585824540ef41389255dfd067e7f5c9 | nova | compute | OpenStack Compute Service |
| a234e9950dab4bdfaf974c52809c9b36 | ec2 | ec2 | EC2 Service |
| d9135dfee297423d9709949ddb8ff784 | swift | object-store | OpenStack Storage Service |
| e80dacd3e70b470680964a2db26a2fc2 | volume | volume | OpenStack Volume Service |
+----------------------------------+----------+--------------+----------------------------+
localadmin@server1:~$sudo apt-get install glance glance-api glance-client glance-common glance-registry python-glance
localadmin@server1:~$ sudo vi /etc/glance/glance-api.conf
localadmin@server1:~$ sudo vi /etc/glance/glance-api-paste.ini
localadmin@server1:~$ sudo vi /etc/glance/glance-registry-paste.ini
localadmin@server1:~$ sudo vi /etc/glance/glance-registry.conf
localadmin@server1:~$ sudo vi /etc/glance/glance-api.conf
localadmin@server1:~$ sudo glance-manage version_control 0
localadmin@server1:~$ sudo glance-manage db_sync
/usr/lib/python2.7/dist-packages/glance/registry/db/migrate_repo/versions/003_add_disk_format.py:47: SADeprecationWarning: useexisting is deprecated. Use extend_existing.
useexisting=True)
localadmin@server1:~$
localadmin@server1:~$ sudo restart glance-api
glance-api start/running, process 16615
localadmin@server1:~$ sudo restart glance-registry
glance-registry start/running, process 16635
localadmin@server1:~$ export SERVICE_TOKEN=admin
localadmin@server1:~$ export OS_TENANT_NAME=admin
localadmin@server1:~$ export OS_USERNAME=admin
localadmin@server1:~$ export OS_PASSWORD=admin
localadmin@server1:~$ export OS_AUTH_URL="http://localhost:5000/v2.0/"
localadmin@server1:~$ export SERVICE_ENDPOINT=http://localhost:35357/v2.0
localadmin@server1:~$ glance index
localadmin@server1:~$ echo $?
0
localadmin@server1:~$
localadmin@server1:~$ sudo chown -R nova:nova /etc/nova
localadmin@server1:~$ sudo chmod 644 /etc/nova/nova.conf
localadmin@server1:~$ sudo vi /etc/nova/api-paste.ini
localadmin@server1:~$ sudo nova-manage db sync
2012-07-04 17:49:29 DEBUG nova.utils [-] backend
2012-07-04 17:50:46 WARNING nova.utils [-] /usr/lib/python2.7/dist-packages/sqlalchemy/pool.py:639: SADeprecationWarning: The 'listeners' argument to Pool (and create_engine()) is deprecated. Use event.listen().
Pool.__init__(self, creator, **kw)
2012-07-04 17:50:46 WARNING nova.utils [-] /usr/lib/python2.7/dist-packages/sqlalchemy/pool.py:145: SADeprecationWarning: Pool.add_listener is deprecated. Use event.listen()
self.add_listener(l)
2012-07-04 17:50:46 AUDIT nova.db.sqlalchemy.fix_dns_domains [-] Applying database fix for Es*** dns_domains table.
localadmin@server1:~$
localadmin@server1:~$ export OS_TENANT_NAME=admin
localadmin@server1:~$ export OS_USERNAME=admin
localadmin@server1:~$ export OS_PASSWORD=admin
localadmin@server1:~$ export OS_AUTH_URL="http://localhost:5000/v2.0/"
localadmin@server1:~$ sudo restart libvirt-bin; sudo restart nova-network; sudo restart nova-compute; sudo restart nova-api; sudo restart nova-jectstore; sudo restart nova-scheduler; sudo restart nova-volume; sudo restart nova-consoleauth;
libvirt-bin start/running, process 22987
nova-network start/running, process 1514
nova-compute start/running, process 1524
nova-api start/running, process 1533
restart: Unknown job: nova-jectstore
nova-scheduler start/running, process 1544
restart: Unknown instance:
nova-consoleauth start/running, process 1559
localadmin@server1:~$ sudo nova-manage service list
2012-07-04 17:53:20 DEBUG nova.utils
[req-054484fc-ba70-494a-b932-b1760592096b None None] backend
Binary Host Zone Status State Updated_At
nova-consoleauth server1 nova enabled :-) 2012-07-04 09:53:16
nova-compute server1 nova enabled :-) 2012-07-04 09:53:10
nova-scheduler server1 nova enabled :-) 2012-07-04 09:53:17
nova-network server1 nova enabled :-) 2012-07-04 09:53:17
localadmin@server1:~$
localadmin@server1:~$ sudo apt-get install openstack-dashboard
localadmin@server1:~$ sudo service apache2 restart
* Restarting web server apache2 apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
... waiting .apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
[ OK ]
localadmin@server1:~$
*************************** swift ****************************
localadmin@server1:~$ sudo apt-get install swift swift-proxy swift-account swift-container swift-object
localadmin@server1:~$ sudo apt-get install xfsprogs curl python-pastedeploy