前言
本篇文章会介绍openstack的安装、openstack各组件的配置和功能、还会演示openstack云主机的创建流程,整篇文章花费一天时间完成,万字长文,需要的可以关注,相互学习,本篇文章总体分为三个部分:
第一部分讲解openstack安装
第二部分讲解openstack组件,包括:
keystone
glance
nova
neutron
dashboard
第三部分讲解openstack使用,如:
创建云主机
创建公网
创建子网
配置路由
配置防火墙
配置安全策略
创建云主机存储卷等
openstack简介
Openstack是一个开源的云平台管理项目,可以用于构建公有云或者私有云平台,提供了基础设施及服务(Iaas)的解决方案,OpenStack是一个云操作系统,通过数据中心可控制计算、存储、网络等资源池,OpenStack覆盖了网络、虚拟化、操作系统、服务器等各个方面,通过openstack可以启动,分配和管理虚拟机资源,所有的管理也都可以通过前端界面就可以完成。我们部署openstack之后,可以通过这个平台创建各个不同版本的虚拟机,如centos,windows等系统,可以按需分配cpu,内存,磁盘给这些虚拟机,同时还可以提供网络支持。
第一部分:openstack安装篇
操作系统版本选择centos7.6或者更高版本
controller节点:三个60G硬盘 ,8G内存/4核CPU,两块桥接网卡
computer节点:两个60G硬盘 ,6G内存/4核CPU/,两块桥接网卡
机器规划
controller节点:
ens33:192.168.0.100,提供浮动ip的,也就是出网地址(能访问baidu.com)
ens37:192.168.0.200,内网之间通信用
computer节点:
ens33:192.168.0.110,提供浮动ip的,也就是出网地址
ens37:192.168.0.210,内网之间通信用
修改虚拟机的ip变成静态ip,controller节点的配置如下所示:
cat /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.0.100
NETMASK=255.255.255.0
GATEWAY=192.168.0.1
DNS1=8.8.8.8
cat /etc/sysconfig/network-scripts/ifcfg-ens37
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens37
DEVICE=ens37
ONBOOT=yes
IPADDR=192.168.0.200
NETMASK=255.255.255.0
GATEWAY=192.168.0.1
DNS1=8.8.8.8
修改配置文件之后需要重启网络服务才能使配置生效,重启网络服务命令如下:
service network restart
注:ifcfg-ens33文件配置解释:
IPADDR=192.168.0.100
#ip地址,需要跟自己电脑所在网段一致
NETMASK=255.255.255.0
#子网掩码,需要跟自己电脑所在网段一致
GATEWAY=192.168.0.1
#网关,在自己电脑打开cmd,输入ipconfig /all可看到
DNS1=192.168.0.1
#DNS,在自己电脑打开cmd,输入ipconfig /all可看到
配置hosts文件,各个节点保持一致
cat /etc/hosts
在最后一行添加如下内容
192.168.0.200 controller
192.168.0.210 computer
配置yum源,各个节点操作
(1)备份原来的yum源
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
(2)下载阿里的yum源
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
(3)生成新的yum缓存
yum makecache fast
(4)清理yum缓存
yum clean all
(5)更新yum源
yum -y update
初始化,各个节点操作
yum -y install wget net-tools nfs-utils lrzsz gccgcc-c++ make cmake libxml2-devel openssl-devel curl curl-devel unzip sudo ntplibaio-devel wget vim ncurses-devel autoconf automake zlib-devel python-devel epel-release lrzsz openssh-server telnet
关闭防火墙、networkmanager,iptables,各个节点操作
systemctl stop firewalld && systemctl disable firewalld && systemctl stop NetworkManager && systemctl disable NetworkManager && systemctl stop iptables && systemctl disable iptables
关闭selinux,各个节点操作
关闭selinux,设置永久关闭,这样重启机器selinux也处于关闭状态
修改/etc/sysconfig/selinux和/etc/selinux/config文件,把
SELINUX=enforcing变成SELINUX=disabled,也可用下面方式修改:
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/sysconfig/selinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
配置主机名
192.168.0.100上操作
hostnamectl set-hostname controller
192.168.0.110上操作
hostnamectl set-hostname computer
做时间同步,各个节点操作
ntpdate cn.pool.ntp.org
配置无密码登陆,各个节点操作
ssh-keygen -t rsa
#一直回车即可
ssh-copy-id -i .ssh/id_rsa.pub controller
ssh-copy-id -i .ssh/id_rsa.pub computer
开始安装openstack
openstack软件包在百度网盘,链接如下:
链接:https://pan.baidu.com/s/1dHDF4WxvNoqcJd90mDxrbA
提取码:yz56
(1)上传openstack离线软件包到root目录下(在controller和computer节点操作)
在root下创建一个目录openstack,然后把软件包解压到这个目录下
mkdir /root/openstack && cd openstack && tar zxvf /root/openstack_N.tar.gz
(2)解压之后会出现一个openstack目录,把openstack目录整体移动到/下(controller和computer节点操作)
mv openstack /
(3)重新配置yum源(controller和computer节点都操作)
cd /etc/yum.repos.d/ && mkdir bak && mv CentOS-* bak/ && mv epel* bak/
cp bak/CentOS-Base.repo ./
(4)生成一个新的openstack的yum源
cat <
[openstack]
enable&#61;1
gpgcheck&#61;0
baseurl&#61;file:///openstack
EOF
yum makecache
安装openstack应答文件&#xff08;controller节点操作&#xff09;
yum install centos-release-openstack-newton -y
在controller和computer节点执行如下一条命令
cd /etc/yum.repos.d && mv *.repo bak/ && mv bak/openstack.repo ./ && cp bak/CentOS-Base.repo ./
这样在/etc/yum.repos.d下只有如下两个repo文件&#xff0c;这样才可以确保后面安装成功&#xff1a;
CentOS-Base.repo
openstack.repo
接下来的操作继续在controller节点执行
yum makecache
yum install openstack-packstack -y
cd /root
packstack --gen-answer-file&#61;openstack.txt
#这样会生成一个应答文件openstack.txt
&#xff08;1&#xff09;查看openstack应答文件内容
grep -vE &#39;^$|^#&#39; openstack.txt
[general]
CONFIG_SSH_KEY&#61;/root/.ssh/id_rsa.pub
CONFIG_DEFAULT_PASSWORD&#61;
CONFIG_SERVICE_WORKERS&#61;%{::processorcount}
CONFIG_MARIADB_INSTALL&#61;y
CONFIG_GLANCE_INSTALL&#61;y
CONFIG_CINDER_INSTALL&#61;y
CONFIG_MANILA_INSTALL&#61;n
CONFIG_NOVA_INSTALL&#61;y
CONFIG_NEUTRON_INSTALL&#61;y
CONFIG_HORIZON_INSTALL&#61;y
CONFIG_SWIFT_INSTALL&#61;y
CONFIG_CEILOMETER_INSTALL&#61;y
CONFIG_AODH_INSTALL&#61;y
CONFIG_GNOCCHI_INSTALL&#61;y
CONFIG_SAHARA_INSTALL&#61;n
CONFIG_HEAT_INSTALL&#61;n
CONFIG_TROVE_INSTALL&#61;n
CONFIG_IRONIC_INSTALL&#61;n
CONFIG_CLIENT_INSTALL&#61;y
CONFIG_NTP_SERVERS&#61;
CONFIG_NAGIOS_INSTALL&#61;y
EXCLUDE_SERVERS&#61;
CONFIG_DEBUG_MODE&#61;n
CONFIG_CONTROLLER_HOST&#61;192.168.0.100
CONFIG_COMPUTE_HOSTS&#61;192.168.0.100
CONFIG_NETWORK_HOSTS&#61;192.168.0.100
CONFIG_VMWARE_BACKEND&#61;n
CONFIG_UNSUPPORTED&#61;n
CONFIG_USE_SUBNETS&#61;n
CONFIG_VCENTER_HOST&#61;
CONFIG_VCENTER_USER&#61;
CONFIG_VCENTER_PASSWORD&#61;
CONFIG_VCENTER_CLUSTER_NAMES&#61;
CONFIG_STORAGE_HOST&#61;192.168.0.100
CONFIG_SAHARA_HOST&#61;192.168.0.100
CONFIG_USE_EPEL&#61;n
CONFIG_REPO&#61;
CONFIG_ENABLE_RDO_TESTING&#61;n
CONFIG_RH_USER&#61;
CONFIG_SATELLITE_URL&#61;
CONFIG_RH_SAT6_SERVER&#61;
CONFIG_RH_PW&#61;
CONFIG_RH_OPTIONAL&#61;y
CONFIG_RH_PROXY&#61;
CONFIG_RH_SAT6_ORG&#61;
CONFIG_RH_SAT6_KEY&#61;
CONFIG_RH_PROXY_PORT&#61;
CONFIG_RH_PROXY_USER&#61;
CONFIG_RH_PROXY_PW&#61;
CONFIG_SATELLITE_USER&#61;
CONFIG_SATELLITE_PW&#61;
CONFIG_SATELLITE_AKEY&#61;
CONFIG_SATELLITE_CACERT&#61;
CONFIG_SATELLITE_PROFILE&#61;
CONFIG_SATELLITE_FLAGS&#61;
CONFIG_SATELLITE_PROXY&#61;
CONFIG_SATELLITE_PROXY_USER&#61;
CONFIG_SATELLITE_PROXY_PW&#61;
CONFIG_SSL_CACERT_FILE&#61;/etc/pki/tls/certs/selfcert.crt
CONFIG_SSL_CACERT_KEY_FILE&#61;/etc/pki/tls/private/selfkey.key
CONFIG_SSL_CERT_DIR&#61;~/packstackca/
CONFIG_SSL_CACERT_SELFSIGN&#61;y
CONFIG_SSL_CERT_SUBJECT_C&#61;--
CONFIG_SSL_CERT_SUBJECT_ST&#61;State
CONFIG_SSL_CERT_SUBJECT_L&#61;City
CONFIG_SSL_CERT_SUBJECT_O&#61;openstack
CONFIG_SSL_CERT_SUBJECT_OU&#61;packstack
CONFIG_SSL_CERT_SUBJECT_CN&#61;controller
CONFIG_SSL_CERT_SUBJECT_MAIL&#61;admin&#64;controller
CONFIG_AMQP_BACKEND&#61;rabbitmq
CONFIG_AMQP_HOST&#61;192.168.0.100
CONFIG_AMQP_ENABLE_SSL&#61;n
CONFIG_AMQP_ENABLE_AUTH&#61;n
CONFIG_AMQP_NSS_CERTDB_PW&#61;PW_PLACEHOLDER
CONFIG_AMQP_AUTH_USER&#61;amqp_user
CONFIG_AMQP_AUTH_PASSWORD&#61;PW_PLACEHOLDER
CONFIG_MARIADB_HOST&#61;192.168.0.100
CONFIG_MARIADB_USER&#61;root
CONFIG_MARIADB_PW&#61;790d13b37c5d4256
CONFIG_KEYSTONE_DB_PW&#61;d00c51216f0d407e
CONFIG_KEYSTONE_DB_PURGE_ENABLE&#61;True
CONFIG_KEYSTONE_REGION&#61;RegionOne
CONFIG_KEYSTONE_ADMIN_TOKEN&#61;1929401395424bbfae56e4f5d3d14470
CONFIG_KEYSTONE_ADMIN_EMAIL&#61;root&#64;localhost
CONFIG_KEYSTONE_ADMIN_USERNAME&#61;admin
CONFIG_KEYSTONE_ADMIN_PW&#61;98bb8a18d3b44d5b
CONFIG_KEYSTONE_DEMO_PW&#61;3a1c3aa52f714ce7
CONFIG_KEYSTONE_API_VERSION&#61;v2.0
CONFIG_KEYSTONE_TOKEN_FORMAT&#61;UUID
CONFIG_KEYSTONE_IDENTITY_BACKEND&#61;sql
CONFIG_KEYSTONE_LDAP_URL&#61;ldap://192.168.0.100
CONFIG_KEYSTONE_LDAP_USER_DN&#61;
CONFIG_KEYSTONE_LDAP_USER_PASSWORD&#61;
CONFIG_KEYSTONE_LDAP_SUFFIX&#61;
CONFIG_KEYSTONE_LDAP_QUERY_SCOPE&#61;one
CONFIG_KEYSTONE_LDAP_PAGE_SIZE&#61;-1
CONFIG_KEYSTONE_LDAP_USER_SUBTREE&#61;
CONFIG_KEYSTONE_LDAP_USER_FILTER&#61;
CONFIG_KEYSTONE_LDAP_USER_OBJECTCLASS&#61;
CONFIG_KEYSTONE_LDAP_USER_ID_ATTRIBUTE&#61;
CONFIG_KEYSTONE_LDAP_USER_NAME_ATTRIBUTE&#61;
CONFIG_KEYSTONE_LDAP_USER_MAIL_ATTRIBUTE&#61;
CONFIG_KEYSTONE_LDAP_USER_ENABLED_ATTRIBUTE&#61;
CONFIG_KEYSTONE_LDAP_USER_ENABLED_MASK&#61;-1
CONFIG_KEYSTONE_LDAP_USER_ENABLED_DEFAULT&#61;TRUE
CONFIG_KEYSTONE_LDAP_USER_ENABLED_INVERT&#61;n
CONFIG_KEYSTONE_LDAP_USER_ATTRIBUTE_IGNORE&#61;
CONFIG_KEYSTONE_LDAP_USER_DEFAULT_PROJECT_ID_ATTRIBUTE&#61;
CONFIG_KEYSTONE_LDAP_USER_ALLOW_CREATE&#61;n
CONFIG_KEYSTONE_LDAP_USER_ALLOW_UPDATE&#61;n
CONFIG_KEYSTONE_LDAP_USER_ALLOW_DELETE&#61;n
CONFIG_KEYSTONE_LDAP_USER_PASS_ATTRIBUTE&#61;
CONFIG_KEYSTONE_LDAP_USER_ENABLED_EMULATION_DN&#61;
CONFIG_KEYSTONE_LDAP_USER_ADDITIONAL_ATTRIBUTE_MAPPING&#61;
CONFIG_KEYSTONE_LDAP_GROUP_SUBTREE&#61;
CONFIG_KEYSTONE_LDAP_GROUP_FILTER&#61;
CONFIG_KEYSTONE_LDAP_GROUP_OBJECTCLASS&#61;
CONFIG_KEYSTONE_LDAP_GROUP_ID_ATTRIBUTE&#61;
CONFIG_KEYSTONE_LDAP_GROUP_NAME_ATTRIBUTE&#61;
CONFIG_KEYSTONE_LDAP_GROUP_MEMBER_ATTRIBUTE&#61;
CONFIG_KEYSTONE_LDAP_GROUP_DESC_ATTRIBUTE&#61;
CONFIG_KEYSTONE_LDAP_GROUP_ATTRIBUTE_IGNORE&#61;
CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_CREATE&#61;n
CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_UPDATE&#61;n
CONFIG_KEYSTONE_LDAP_GROUP_ALLOW_DELETE&#61;n
CONFIG_KEYSTONE_LDAP_GROUP_ADDITIONAL_ATTRIBUTE_MAPPING&#61;
CONFIG_KEYSTONE_LDAP_USE_TLS&#61;n
CONFIG_KEYSTONE_LDAP_TLS_CACERTDIR&#61;
CONFIG_KEYSTONE_LDAP_TLS_CACERTFILE&#61;
CONFIG_KEYSTONE_LDAP_TLS_REQ_CERT&#61;demand
CONFIG_GLANCE_DB_PW&#61;8d1d5db7e0ea4b0e
CONFIG_GLANCE_KS_PW&#61;4373de2ce59c4282
CONFIG_GLANCE_BACKEND&#61;file
CONFIG_CINDER_DB_PW&#61;f17a2c40c2a34d3d
CONFIG_CINDER_DB_PURGE_ENABLE&#61;True
CONFIG_CINDER_KS_PW&#61;6e37e28106a34dcb
CONFIG_CINDER_BACKEND&#61;lvm
CONFIG_CINDER_VOLUMES_CREATE&#61;y
CONFIG_CINDER_VOLUMES_SIZE&#61;20G
CONFIG_CINDER_GLUSTER_MOUNTS&#61;
CONFIG_CINDER_NFS_MOUNTS&#61;
CONFIG_CINDER_NETAPP_LOGIN&#61;
CONFIG_CINDER_NETAPP_PASSWORD&#61;
CONFIG_CINDER_NETAPP_HOSTNAME&#61;
CONFIG_CINDER_NETAPP_SERVER_PORT&#61;80
CONFIG_CINDER_NETAPP_STORAGE_FAMILY&#61;ontap_cluster
CONFIG_CINDER_NETAPP_TRANSPORT_TYPE&#61;http
CONFIG_CINDER_NETAPP_STORAGE_PROTOCOL&#61;nfs
CONFIG_CINDER_NETAPP_SIZE_MULTIPLIER&#61;1.0
CONFIG_CINDER_NETAPP_EXPIRY_THRES_MINUTES&#61;720
CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_START&#61;20
CONFIG_CINDER_NETAPP_THRES_AVL_SIZE_PERC_STOP&#61;60
CONFIG_CINDER_NETAPP_NFS_SHARES&#61;
CONFIG_CINDER_NETAPP_NFS_SHARES_CONFIG&#61;/etc/cinder/shares.conf
CONFIG_CINDER_NETAPP_VOLUME_LIST&#61;
CONFIG_CINDER_NETAPP_VFILER&#61;
CONFIG_CINDER_NETAPP_PARTNER_BACKEND_NAME&#61;
CONFIG_CINDER_NETAPP_VSERVER&#61;
CONFIG_CINDER_NETAPP_CONTROLLER_IPS&#61;
CONFIG_CINDER_NETAPP_SA_PASSWORD&#61;
CONFIG_CINDER_NETAPP_ESERIES_HOST_TYPE&#61;linux_dm_mp
CONFIG_CINDER_NETAPP_WEBSERVICE_PATH&#61;/devmgr/v2
CONFIG_CINDER_NETAPP_STORAGE_POOLS&#61;
CONFIG_CINDER_SOLIDFIRE_LOGIN&#61;
CONFIG_CINDER_SOLIDFIRE_PASSWORD&#61;
CONFIG_CINDER_SOLIDFIRE_HOSTNAME&#61;
CONFIG_IRONIC_DB_PW&#61;PW_PLACEHOLDER
CONFIG_IRONIC_KS_PW&#61;PW_PLACEHOLDER
CONFIG_NOVA_DB_PURGE_ENABLE&#61;True
CONFIG_NOVA_DB_PW&#61;9a58820d437a4602
CONFIG_NOVA_KS_PW&#61;146383d19ded4bf3
CONFIG_NOVA_MANAGE_FLAVORS&#61;y
CONFIG_NOVA_SCHED_CPU_ALLOC_RATIO&#61;16.0
CONFIG_NOVA_SCHED_RAM_ALLOC_RATIO&#61;1.5
CONFIG_NOVA_COMPUTE_MIGRATE_PROTOCOL&#61;tcp
CONFIG_NOVA_COMPUTE_MANAGER&#61;nova.compute.manager.ComputeManager
CONFIG_VNC_SSL_CERT&#61;
CONFIG_VNC_SSL_KEY&#61;
CONFIG_NOVA_PCI_ALIAS&#61;
CONFIG_NOVA_PCI_PASSTHROUGH_WHITELIST&#61;
CONFIG_NOVA_LIBVIRT_VIRT_TYPE&#61;%{::default_hypervisor}
CONFIG_NOVA_COMPUTE_PRIVIF&#61;
CONFIG_NOVA_NETWORK_MANAGER&#61;nova.network.manager.FlatDHCPManager
CONFIG_NOVA_NETWORK_PUBIF&#61;eth0
CONFIG_NOVA_NETWORK_PRIVIF&#61;
CONFIG_NOVA_NETWORK_FIXEDRANGE&#61;192.168.32.0/22
CONFIG_NOVA_NETWORK_FLOATRANGE&#61;10.3.4.0/22
CONFIG_NOVA_NETWORK_AUTOASSIGNFLOATINGIP&#61;n
CONFIG_NOVA_NETWORK_VLAN_START&#61;100
CONFIG_NOVA_NETWORK_NUMBER&#61;1
CONFIG_NOVA_NETWORK_SIZE&#61;255
CONFIG_NEUTRON_KS_PW&#61;9977d7bd457c4981
CONFIG_NEUTRON_DB_PW&#61;f41058185ba84956
CONFIG_NEUTRON_L3_EXT_BRIDGE&#61;br-ex
CONFIG_NEUTRON_METADATA_PW&#61;5c098167b4f941a8
CONFIG_LBAAS_INSTALL&#61;n
CONFIG_NEUTRON_METERING_AGENT_INSTALL&#61;y
CONFIG_NEUTRON_FWAAS&#61;n
CONFIG_NEUTRON_VPNAAS&#61;n
CONFIG_NEUTRON_ML2_TYPE_DRIVERS&#61;vxlan
CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES&#61;vxlan
CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS&#61;openvswitch
CONFIG_NEUTRON_ML2_FLAT_NETWORKS&#61;*
CONFIG_NEUTRON_ML2_VLAN_RANGES&#61;
CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES&#61;
CONFIG_NEUTRON_ML2_VXLAN_GROUP&#61;
CONFIG_NEUTRON_ML2_VNI_RANGES&#61;10:100
CONFIG_NEUTRON_L2_AGENT&#61;openvswitch
CONFIG_NEUTRON_ML2_SUPPORTED_PCI_VENDOR_DEVS&#61;[&#39;15b3:1004&#39;,&#39;8086:10ca&#39;]
CONFIG_NEUTRON_ML2_SRIOV_AGENT_REQUIRED&#61;n
CONFIG_NEUTRON_ML2_SRIOV_INTERFACE_MAPPINGS&#61;
CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS&#61;
CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS&#61;
CONFIG_NEUTRON_OVS_BRIDGE_IFACES&#61;
CONFIG_NEUTRON_OVS_BRIDGES_COMPUTE&#61;
CONFIG_NEUTRON_OVS_TUNNEL_IF&#61;
CONFIG_NEUTRON_OVS_TUNNEL_SUBNETS&#61;
CONFIG_NEUTRON_OVS_VXLAN_UDP_PORT&#61;4789
CONFIG_MANILA_DB_PW&#61;PW_PLACEHOLDER
CONFIG_MANILA_KS_PW&#61;PW_PLACEHOLDER
CONFIG_MANILA_BACKEND&#61;generic
CONFIG_MANILA_NETAPP_DRV_HANDLES_SHARE_SERVERS&#61;false
CONFIG_MANILA_NETAPP_TRANSPORT_TYPE&#61;https
CONFIG_MANILA_NETAPP_LOGIN&#61;admin
CONFIG_MANILA_NETAPP_PASSWORD&#61;
CONFIG_MANILA_NETAPP_SERVER_HOSTNAME&#61;
CONFIG_MANILA_NETAPP_STORAGE_FAMILY&#61;ontap_cluster
CONFIG_MANILA_NETAPP_SERVER_PORT&#61;443
CONFIG_MANILA_NETAPP_AGGREGATE_NAME_SEARCH_PATTERN&#61;(.*)
CONFIG_MANILA_NETAPP_ROOT_VOLUME_AGGREGATE&#61;
CONFIG_MANILA_NETAPP_ROOT_VOLUME_NAME&#61;root
CONFIG_MANILA_NETAPP_VSERVER&#61;
CONFIG_MANILA_GENERIC_DRV_HANDLES_SHARE_SERVERS&#61;true
CONFIG_MANILA_GENERIC_VOLUME_NAME_TEMPLATE&#61;manila-share-%s
CONFIG_MANILA_GENERIC_SHARE_MOUNT_PATH&#61;/shares
CONFIG_MANILA_SERVICE_IMAGE_LOCATION&#61;https://www.dropbox.com/s/vi5oeh10q1qkckh/ubuntu_1204_nfs_cifs.qcow2
CONFIG_MANILA_SERVICE_INSTANCE_USER&#61;ubuntu
CONFIG_MANILA_SERVICE_INSTANCE_PASSWORD&#61;ubuntu
CONFIG_MANILA_NETWORK_TYPE&#61;neutron
CONFIG_MANILA_NETWORK_STANDALONE_GATEWAY&#61;
CONFIG_MANILA_NETWORK_STANDALONE_NETMASK&#61;
CONFIG_MANILA_NETWORK_STANDALONE_SEG_ID&#61;
CONFIG_MANILA_NETWORK_STANDALONE_IP_RANGE&#61;
CONFIG_MANILA_NETWORK_STANDALONE_IP_VERSION&#61;4
CONFIG_MANILA_GLUSTERFS_SERVERS&#61;
CONFIG_MANILA_GLUSTERFS_NATIVE_PATH_TO_PRIVATE_KEY&#61;
CONFIG_MANILA_GLUSTERFS_VOLUME_PATTERN&#61;
CONFIG_MANILA_GLUSTERFS_TARGET&#61;
CONFIG_MANILA_GLUSTERFS_MOUNT_POINT_BASE&#61;
CONFIG_MANILA_GLUSTERFS_NFS_SERVER_TYPE&#61;gluster
CONFIG_MANILA_GLUSTERFS_PATH_TO_PRIVATE_KEY&#61;
CONFIG_MANILA_GLUSTERFS_GANESHA_SERVER_IP&#61;
CONFIG_HORIZON_SSL&#61;n
CONFIG_HORIZON_SECRET_KEY&#61;a0158fbb560a411dbe29ebca9a3d2f66
CONFIG_HORIZON_SSL_CERT&#61;
CONFIG_HORIZON_SSL_KEY&#61;
CONFIG_HORIZON_SSL_CACERT&#61;
CONFIG_SWIFT_KS_PW&#61;af2c0e6494874e79
CONFIG_SWIFT_STORAGES&#61;
CONFIG_SWIFT_STORAGE_ZONES&#61;1
CONFIG_SWIFT_STORAGE_REPLICAS&#61;1
CONFIG_SWIFT_STORAGE_FSTYPE&#61;ext4
CONFIG_SWIFT_HASH&#61;1c92f9123f994595
CONFIG_SWIFT_STORAGE_SIZE&#61;2G
CONFIG_HEAT_DB_PW&#61;PW_PLACEHOLDER
CONFIG_HEAT_AUTH_ENC_KEY&#61;15f6ef4aad554643
CONFIG_HEAT_KS_PW&#61;PW_PLACEHOLDER
CONFIG_HEAT_CLOUDWATCH_INSTALL&#61;n
CONFIG_HEAT_CFN_INSTALL&#61;y
CONFIG_HEAT_DOMAIN&#61;heat
CONFIG_HEAT_DOMAIN_ADMIN&#61;heat_admin
CONFIG_HEAT_DOMAIN_PASSWORD&#61;PW_PLACEHOLDER
CONFIG_PROVISION_DEMO&#61;y
CONFIG_PROVISION_TEMPEST&#61;n
CONFIG_PROVISION_DEMO_FLOATRANGE&#61;172.24.4.224/28
CONFIG_PROVISION_IMAGE_NAME&#61;cirros
CONFIG_PROVISION_IMAGE_URL&#61;http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
CONFIG_PROVISION_IMAGE_FORMAT&#61;qcow2
CONFIG_PROVISION_IMAGE_SSH_USER&#61;cirros
CONFIG_PROVISION_UEC_IMAGE_NAME&#61;cirros-uec
CONFIG_PROVISION_UEC_IMAGE_KERNEL_URL&#61;http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-kernel
CONFIG_PROVISION_UEC_IMAGE_RAMDISK_URL&#61;http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-initramfs
CONFIG_PROVISION_UEC_IMAGE_DISK_URL&#61;http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
CONFIG_TEMPEST_HOST&#61;
CONFIG_PROVISION_TEMPEST_USER&#61;
CONFIG_PROVISION_TEMPEST_USER_PW&#61;PW_PLACEHOLDER
CONFIG_PROVISION_TEMPEST_FLOATRANGE&#61;172.24.4.224/28
CONFIG_PROVISION_TEMPEST_REPO_URI&#61;https://github.com/openstack/tempest.git
CONFIG_PROVISION_TEMPEST_REPO_REVISION&#61;master
CONFIG_RUN_TEMPEST&#61;n
CONFIG_RUN_TEMPEST_TESTS&#61;smoke
CONFIG_PROVISION_OVS_BRIDGE&#61;y
CONFIG_GNOCCHI_DB_PW&#61;de94d43493ee4f22
CONFIG_GNOCCHI_KS_PW&#61;851d3c2e0dfb4733
CONFIG_CEILOMETER_SECRET&#61;fd8180f8741b4577
CONFIG_CEILOMETER_KS_PW&#61;4ecf716db75d4df8
CONFIG_CEILOMETER_SERVICE_NAME&#61;httpd
CONFIG_CEILOMETER_COORDINATION_BACKEND&#61;redis
CONFIG_CEILOMETER_METERING_BACKEND&#61;database
CONFIG_MONGODB_HOST&#61;192.168.0.100
CONFIG_REDIS_HOST&#61;192.168.0.100
CONFIG_REDIS_PORT&#61;6379
CONFIG_AODH_KS_PW&#61;aa05a4e252aa4d8b
CONFIG_TROVE_DB_PW&#61;PW_PLACEHOLDER
CONFIG_TROVE_KS_PW&#61;PW_PLACEHOLDER
CONFIG_TROVE_NOVA_USER&#61;trove
CONFIG_TROVE_NOVA_TENANT&#61;services
CONFIG_TROVE_NOVA_PW&#61;PW_PLACEHOLDER
CONFIG_SAHARA_DB_PW&#61;PW_PLACEHOLDER
CONFIG_SAHARA_KS_PW&#61;PW_PLACEHOLDER
CONFIG_NAGIOS_PW&#61;3df8622a70e64edf
&#xff08;2&#xff09;修改openstack.txt文件&#xff0c;需要修改的内容如下&#xff0c;大家按照你们自己规划ens33和ens37网段的ip进行修改&#xff1a;
CONFIG_DEFAULT_PASSWORD&#61;123456
CONFIG_SWIFT_INSTALL&#61;n
CONFIG_NAGIOS_INSTALL&#61;n
CONFIG_CINDER_VOLUMES_SIZE&#61;2G
CONFIG_PROVISION_DEMO&#61;n
CONFIG_LBAAS_INSTALL&#61;y
CONFIG_NEUTRON_FWAAS&#61;y
CONFIG_NEUTRON_VPNAAS&#61;y
CONFIG_CONTROLLER_HOST&#61;192.168.0.200
#controller节点的ens37网卡的ip
CONFIG_COMPUTE_HOSTS&#61;192.168.0.210
#computer节点的ens37网卡的ip
CONFIG_NETWORK_HOSTS&#61;192.168.0.210
#computer节点的ens37网卡的ip
&#xff08;3&#xff09;查看修改之后的openstack.txt文件中安装哪些
grep -vE &#39;^$|^#&#39; openstack.txt |grep y
CONFIG_MARIADB_INSTALL&#61;y
CONFIG_GLANCE_INSTALL&#61;y
CONFIG_CINDER_INSTALL&#61;y
CONFIG_NOVA_INSTALL&#61;y
CONFIG_NEUTRON_INSTALL&#61;y
CONFIG_HORIZON_INSTALL&#61;y
CONFIG_CEILOMETER_INSTALL&#61;y
CONFIG_AODH_INSTALL&#61;y
CONFIG_GNOCCHI_INSTALL&#61;y
CONFIG_CLIENT_INSTALL&#61;y
CONFIG_RH_OPTIONAL&#61;y
CONFIG_SSL_CACERT_KEY_FILE&#61;/etc/pki/tls/private/selfkey.key
CONFIG_SSL_CACERT_SELFSIGN&#61;y
CONFIG_SSL_CERT_SUBJECT_L&#61;City
CONFIG_CINDER_VOLUMES_CREATE&#61;y
CONFIG_NOVA_MANAGE_FLAVORS&#61;y
CONFIG_NOVA_LIBVIRT_VIRT_TYPE&#61;%{::default_hypervisor}
CONFIG_LBAAS_INSTALL&#61;y
CONFIG_NEUTRON_METERING_AGENT_INSTALL&#61;y
CONFIG_NEUTRON_FWAAS&#61;y
CONFIG_NEUTRON_VPNAAS&#61;y
CONFIG_HEAT_CFN_INSTALL&#61;y
CONFIG_PROVISION_OVS_BRIDGE&#61;y
看到y的表示是需要安装的组件
安装openstack组件-controller节点操作
基于应答文件安装openstack组件&#xff0c;按如下命令操作&#xff1a;
packstack--answer-file&#61;openstack.txt
上面命令执行成功之后再回到conputer节点执行如下操作&#xff1a;
cd /etc/yum.repos.d && mv CentOS-Ceph-Jewel.repo CentOS-OpenStack-newton.repo CentOS-QEMU-EV.repo CentOS-Storage-common.repo bak/
&#xff08;1&#xff09;安装过程需要查看iptables状态&#xff0c;在controller和computer节点
systemctl status iptables
如果发现iptables处于active状态&#xff0c;需要停掉
systemctl stop iptables
&#xff08;2&#xff09;看到如下说明安装成功
192.168.124.200_controller.pp: [ DONE ]
Applying 192.168.124.201_network.pp
192.168.124.201_network.pp: [ DONE ]
Applying 192.168.124.201_compute.pp
192.168.124.201_compute.pp: [ DONE ]
Applying Puppet manifests [ DONE ]
Finalizing [ DONE ]**** Installation completed successfully ******
配置rabbitmq&#xff1a;
&#xff08;1&#xff09;启动rabbitmq的管理界面&#xff0c;controller节点操作
rabbitmq-plugins enable rabbitmq_management
&#xff08;2&#xff09;在浏览器访问
192.168.0.200:15672
账号&#xff1a;guest
密码&#xff1a;guest
出现如下界面
为了大家更快速的学习知识&#xff0c;掌握技术&#xff0c;随时沟通问题&#xff0c;特组建了技术交流群&#xff0c;大家在群里可以分享自己的技术栈&#xff0c;抛出日常问题&#xff0c;群里会有很多大佬及时解答&#xff0c;这样我们就会结识很多志同道合的人&#xff0c;群里还有很多关于kubernetes/docker/devops/openstack/openshift/linux/IaaS/PaaS的免费文章和视频&#xff0c;长按下图可加我微信&#xff0c;备注运维或者k8s或者devops即可进群&#xff0c;让我们共同努力&#xff0c;向着美好的未来出发吧~~~
微信&#xff1a;luckylucky421302
长按如下指纹可关注公众号·
第二部分&#xff1a;openstack组件介绍
访问openstack的dashboard界面
在浏览器输入&#xff1a;
192.168.0.200
账号&#xff1a;admin
密码&#xff1a;16e424911af144ca
#密码获取方式参考后文内容
登陆之后显示如下界面
获取密码的方法&#xff0c;在controller节点上操作&#xff1a;
cd /root