首页
归档
时光轴
推荐
Cloud
图床
导航
Search
1
Deploy OpenStack offline based on Kolla
745 阅读
2
openstact 基础环境安装 (手动版)
689 阅读
3
Mariadb 主从复制&读写分离
650 阅读
4
Typecho 1.2.0 部署
643 阅读
5
FusionCompute8.0 体验
575 阅读
Python
Linux
随笔
mysql
openstack
Search
标签搜索
linux
Pike
python
爬虫
openstack
mysql
Essay
Ansible
docker
Zabbix
kolla
Internet
Redis
1+X
Hyper-V
jenkins
Kickstart
自动化
sh
pxe
Acha
累计撰写
77
篇文章
累计收到
1
条评论
首页
栏目
Python
Linux
随笔
mysql
openstack
页面
归档
时光轴
推荐
Cloud
图床
导航
搜索到
18
篇与
的结果
2022-07-13
OpenStack-Pike 搭建之Nova(四)
Nova 概述 Use OpenStack Compute to host and manage cloud computing systems. OpenStack Compute is a major part of an Infrastructure-as-a-Service (IaaS) system. The main modules are implemented in Python. OpenStack Compute interacts with OpenStack Identity for authentication; OpenStack Image service for disk and server images; and OpenStack Dashboard for the user and administrative interface. Image access is limited by projects, and by users; quotas are limited per project (the number of instances, for example). OpenStack Compute can scale horizontally on standard hardware, and download images to launch instances. OpenStack Compute consists of the following areas and their components: nova-api service Accepts and responds to end user compute API calls. The service supports the OpenStack Compute API, the Amazon EC2 API, and a special Admin API for privileged users to perform administrative actions. It enforces some policies and initiates most orchestration activities, such as running an instance. nova-api-metadata service Accepts metadata requests from instances. The nova-api-metadata service is generally used when you run in multi-host mode with nova-network installations. For details, see Metadata service in the Compute Administrator Guide. nova-compute service A worker daemon that creates and terminates virtual machine instances through hypervisor APIs. For example:XenAPI for XenServer/XCPlibvirt for KVM or QEMUVMwareAPI for VMwareProcessing is fairly complex. Basically, the daemon accepts actions from the queue and performs a series of system commands such as launching a KVM instance and updating its state in the database. nova-placement-api service Tracks the inventory and usage of each provider. For details, see Placement API. nova-scheduler service Takes a virtual machine instance request from the queue and determines on which compute server host it runs. nova-conductor module Mediates interactions between the nova-compute service and the database. It eliminates direct accesses to the cloud database made by the nova-compute service. The nova-conductor module scales horizontally. However, do not deploy it on nodes where the nova-compute service runs. For more information, see the conductor section in the Configuration Options. nova-consoleauth daemon Authorizes tokens for users that console proxies provide. See nova-novncproxy and nova-xvpvncproxy. This service must be running for console proxies to work. You can run proxies of either type against a single nova-consoleauth service in a cluster configuration. For information, see About nova-consoleauth. nova-novncproxy daemon Provides a proxy for accessing running instances through a VNC connection. Supports browser-based novnc clients. nova-spicehtml5proxy daemon Provides a proxy for accessing running instances through a SPICE connection. Supports browser-based HTML5 client. nova-xvpvncproxy daemon Provides a proxy for accessing running instances through a VNC connection. Supports an OpenStack-specific Java client. The queue A central hub for passing messages between daemons. Usually implemented with RabbitMQ, also can be implemented with another AMQP message queue, such as ZeroMQ. SQL database Stores most build-time and run-time states for a cloud infrastructure, including: Available instance types Instances in use Available networks Projects Theoretically, OpenStack Compute can support any database that SQLAlchemy supports. Common databases are SQLite3 for test and development work, MySQL, MariaDB, and PostgreSQL. 安装和配置 控制节点 前置条件 1、创建数据库并授权 使用 root 用户登录数据库 mysql -u root -p000000 创建 nova_api、nova 和 nova_cell0 数据库 CREATE DATABASE nova_api; CREATE DATABASE nova; CREATE DATABASE nova_cell0; 对 nova用户 授权 GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' \ IDENTIFIED BY '000000'; GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' \ IDENTIFIED BY '000000'; GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' \ IDENTIFIED BY '000000'; GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' \ IDENTIFIED BY '000000'; GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' \ IDENTIFIED BY '000000'; GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' \ IDENTIFIED BY '000000'; 2、获取 admin 凭证 . admin-openrc 3、创建 计算服务凭证 创建 nova用户 openstack user create --domain default --password 000000 nova 将 service项目 中 nova用户,设置为 admin角色 openstack role add --project service --user nova admin 创建 nova服务实体 openstack service create --name nova --description "OpenStack Compute" compute 4、创建 计算服务 API 端点 openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1 openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1 openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1 5、创建 placement 凭证 创建 placement 用户 openstack user create --domain default --password 000000 placement 将 service项目 中 placement 用户,设置为 admin角色 openstack role add --project service --user placement admin 创建 nova服务实体 openstack service create --name placement --description "Placement API" placement 6、创建 placement API端点 openstack endpoint create --region RegionOne placement public http://controller:8778 openstack endpoint create --region RegionOne placement internal http://controller:8778 openstack endpoint create --region RegionOne placement admin http://controller:8778 {collapse} {collapse-item label="查看执行过程"} 前置条件 [root@controller ~]# mysql -u root -p000000 Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 37 Server version: 10.1.20-MariaDB MariaDB Server Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> CREATE DATABASE nova_api; Query OK, 1 row affected (0.00 sec) MariaDB [(none)]> CREATE DATABASE nova; Query OK, 1 row affected (0.00 sec) MariaDB [(none)]> CREATE DATABASE nova_cell0; Query OK, 1 row affected (0.00 sec) MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' \ -> IDENTIFIED BY '000000'; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' \ -> IDENTIFIED BY '000000'; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' \ -> IDENTIFIED BY '000000'; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' \ -> IDENTIFIED BY '000000'; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' \ -> IDENTIFIED BY '000000'; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' \ -> IDENTIFIED BY '000000'; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> exit Bye [root@controller ~]# . admin-openrc [root@controller ~]# openstack user create --domain default --password 000000 nova +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | domain_id | default | | enabled | True | | id | 8d9a97f85a7845deb20d54bc468bb549 | | name | nova | | options | {} | | password_expires_at | None | +---------------------+----------------------------------+ [root@controller ~]# openstack role add --project service --user nova admin [root@controller ~]# openstack service create --name nova --description "OpenStack Compute" compute +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | OpenStack Compute | | enabled | True | | id | 4fce66abb9794a1796874dd4a5d8bf34 | | name | nova | | type | compute | +-------------+----------------------------------+ [root@controller ~]# openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 938784c1725e497b933016403c535c10 | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | 4fce66abb9794a1796874dd4a5d8bf34 | | service_name | nova | | service_type | compute | | url | http://controller:8774/v2.1 | +--------------+----------------------------------+ [root@controller ~]# openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 9d357f7717134d228e51c484837104ac | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | 4fce66abb9794a1796874dd4a5d8bf34 | | service_name | nova | | service_type | compute | | url | http://controller:8774/v2.1 | +--------------+----------------------------------+ [root@controller ~]# openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 08ba2de0acfd45d3bd4892f1d3f17287 | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | 4fce66abb9794a1796874dd4a5d8bf34 | | service_name | nova | | service_type | compute | | url | http://controller:8774/v2.1 | +--------------+----------------------------------+ [root@controller ~]# openstack user create --domain default --password 000000 placement +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | domain_id | default | | enabled | True | | id | 458722588d03402eb1ceab933c9d4045 | | name | placement | | options | {} | | password_expires_at | None | +---------------------+----------------------------------+ [root@controller ~]# openstack role add --project service --user placement admin [root@controller ~]# openstack service create --name placement --description "Placement API" placement +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Placement API | | enabled | True | | id | 3aa8d5df8bff4099831826e202972ab6 | | name | placement | | type | placement | +-------------+----------------------------------+ [root@controller ~]# openstack endpoint create --region RegionOne placement public http://controller:8778 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 2f9f6ac1ad5f4bd38eb1ac2607cb0b80 | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | 3aa8d5df8bff4099831826e202972ab6 | | service_name | placement | | service_type | placement | | url | http://controller:8778 | +--------------+----------------------------------+ [root@controller ~]# openstack endpoint create --region RegionOne placement internal http://controller:8778 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 58613208c94d41c89787783d25812098 | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | 3aa8d5df8bff4099831826e202972ab6 | | service_name | placement | | service_type | placement | | url | http://controller:8778 | +--------------+----------------------------------+ [root@controller ~]# openstack endpoint create --region RegionOne placement admin http://controller:8778 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 009e3cc34fb342e3bdde0e5c8d3d8c80 | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | 3aa8d5df8bff4099831826e202972ab6 | | service_name | placement | | service_type | placement | | url | http://controller:8778 | +--------------+----------------------------------+ {/collapse-item} {/collapse} 安装和配置组件 1、安装软件包 yum install -y openstack-nova-api openstack-nova-conductor \ openstack-nova-console openstack-nova-novncproxy \ openstack-nova-scheduler openstack-nova-placement-api 2、配置 nova.conf sed -i.bak '/^#/d;/^$/d' /etc/nova/nova.conf vim /etc/nova/nova.conf [DEFAULT] # 仅启用计算和元数据API enabled_apis = osapi_compute,metadata # 配置RabbitMQ消息队列访问 transport_url = rabbit://openstack:000000@controller # 控制器节点的管理IP my_ip = 178.120.2.10 # 启用对网络服务的支持 use_neutron = True firewall_driver = nova.virt.firewall.NoopFirewallDriver [api_database] # 配置数据库访问 connection = mysql+pymysql://nova:000000@controller/nova_api [database] # 配置数据库访问 connection = mysql+pymysql://nova:000000@controller/nova [api] # 配置身份服务访问 auth_strategy = keystone [keystone_authtoken] # 配置身份服务访问 auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = nova password = 000000 [vnc] enabled = true # VNC代理配置为 使用控制器节点的管理接口IP地址 vncserver_listen = $my_ip vncserver_proxyclient_address = $my_ip [glance] # 配置图像服务API的位置 api_servers = http://controller:9292 [oslo_concurrency] # 配置锁定路径 lock_path = /var/lib/nova/tmp [placement] # 配置 Placement API os_region_name = RegionOne project_domain_name = Default project_name = service auth_type = password user_domain_name = Default auth_url = http://controller:35357/v3 username = placement password = 000000 3、配置 00-nova-placement-api.conf vim /etc/httpd/conf.d/00-nova-placement-api.conf # 启用对 Placement API 的访问 <Directory /usr/bin> <IfVersion >= 2.4> Require all granted </IfVersion> <IfVersion < 2.4> Order allow,deny Allow from all </IfVersion> </Directory> 4、同步 nova 数据库 su -s /bin/sh -c "nova-manage api_db sync" nova 5、数据库同步 注册 cell0 数据库 su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova 创建 cell1 单元格 su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova 同步 nova 数据库 su -s /bin/sh -c "nova-manage db sync" nova 5、验证 nova、cell0 和 cell1 成功注册 nova-manage cell_v2 list_cells {collapse} {collapse-item label="查看执行过程"} 安装和配置组件 [root@controller ~]# yum install -y openstack-nova-api openstack-nova-conductor \ > openstack-nova-console openstack-nova-novncproxy \ > openstack-nova-scheduler openstack-nova-placement-api Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Resolving Dependencies --> Running transaction check ---> Package openstack-nova-api.noarch 1:16.1.6-1.el7 will be installed --> Processing Dependency: openstack-nova-common = 1:16.1.6-1.el7 for package: 1:openstack-nova-api-16.1.6-1.el7.noarch ---> Package openstack-nova-conductor.noarch 1:16.1.6-1.el7 will be installed ---> Package openstack-nova-console.noarch 1:16.1.6-1.el7 will be installed --> Processing Dependency: python-websockify >= 0.8.0 for package: 1:openstack-nova-console-16.1.6-1.el7.noarch ---> Package openstack-nova-novncproxy.noarch 1:16.1.6-1.el7 will be installed --> Processing Dependency: novnc for package: 1:openstack-nova-novncproxy-16.1.6-1.el7.noarch ---> Package openstack-nova-placement-api.noarch 1:16.1.6-1.el7 will be installed ---> Package openstack-nova-scheduler.noarch 1:16.1.6-1.el7 will be installed --> Running transaction check ---> Package novnc.noarch 0:0.5.1-2.el7 will be installed ---> Package openstack-nova-common.noarch 1:16.1.6-1.el7 will be installed --> Processing Dependency: python-nova = 1:16.1.6-1.el7 for package: 1:openstack-nova-common-16.1.6-1.el7.noarch ---> Package python-websockify.noarch 0:0.8.0-1.el7 will be installed --> Running transaction check ---> Package python-nova.noarch 1:16.1.6-1.el7 will be installed --> Processing Dependency: python-tooz >= 1.58.0 for package: 1:python-nova-16.1.6-1.el7.noarch --> Processing Dependency: python-paramiko >= 2.0 for package: 1:python-nova-16.1.6-1.el7.noarch --> Processing Dependency: python-oslo-versionedobjects >= 1.17.0 for package: 1:python-nova-16.1.6-1.el7.noarch --> Processing Dependency: python-oslo-reports >= 0.6.0 for package: 1:python-nova-16.1.6-1.el7.noarch --> Processing Dependency: python-os-vif >= 1.7.0 for package: 1:python-nova-16.1.6-1.el7.noarch --> Processing Dependency: python-microversion-parse >= 0.1.2 for package: 1:python-nova-16.1.6-1.el7.noarch --> Processing Dependency: python-psutil for package: 1:python-nova-16.1.6-1.el7.noarch --> Processing Dependency: python-os-traits for package: 1:python-nova-16.1.6-1.el7.noarch --> Running transaction check ---> Package python-paramiko.noarch 0:2.1.1-9.el7 will be installed ---> Package python-tooz.noarch 0:1.58.0-1.el7 will be installed --> Processing Dependency: python-voluptuous >= 0.8.9 for package: python-tooz-1.58.0-1.el7.noarch --> Processing Dependency: python-zake for package: python-tooz-1.58.0-1.el7.noarch --> Processing Dependency: python-redis for package: python-tooz-1.58.0-1.el7.noarch ---> Package python2-microversion-parse.noarch 0:0.1.4-2.el7 will be installed ---> Package python2-os-traits.noarch 0:0.3.3-1.el7 will be installed ---> Package python2-os-vif.noarch 0:1.7.0-1.el7 will be installed ---> Package python2-oslo-reports.noarch 0:1.22.1-1.el7 will be installed ---> Package python2-oslo-versionedobjects.noarch 0:1.26.2-1.el7 will be installed --> Processing Dependency: python-oslo-versionedobjects-lang = 1.26.2-1.el7 for package: python2-oslo-versionedobjects-1.26.2-1.el7.noarch --> Processing Dependency: python-mock for package: python2-oslo-versionedobjects-1.26.2-1.el7.noarch ---> Package python2-psutil.x86_64 0:5.2.2-2.el7 will be installed --> Running transaction check ---> Package python-oslo-versionedobjects-lang.noarch 0:1.26.2-1.el7 will be installed ---> Package python-redis.noarch 0:2.10.3-1.el7 will be installed ---> Package python-voluptuous.noarch 0:0.8.9-1.el7 will be installed ---> Package python2-mock.noarch 0:2.0.0-1.el7 will be installed ---> Package python2-zake.noarch 0:0.2.2-2.el7 will be installed --> Processing Dependency: python-kazoo for package: python2-zake-0.2.2-2.el7.noarch --> Running transaction check ---> Package python-kazoo.noarch 0:2.2.1-1.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================================ Package Arch Version Repository Size ================================================================================================ Installing: openstack-nova-api noarch 1:16.1.6-1.el7 OpenStack-Pike-tuna 8.2 k openstack-nova-conductor noarch 1:16.1.6-1.el7 OpenStack-Pike-tuna 5.8 k openstack-nova-console noarch 1:16.1.6-1.el7 OpenStack-Pike-tuna 6.8 k openstack-nova-novncproxy noarch 1:16.1.6-1.el7 OpenStack-Pike-tuna 6.2 k openstack-nova-placement-api noarch 1:16.1.6-1.el7 OpenStack-Pike-tuna 6.0 k openstack-nova-scheduler noarch 1:16.1.6-1.el7 OpenStack-Pike-tuna 5.8 k Installing for dependencies: novnc noarch 0.5.1-2.el7 OpenStack-Pike-tuna 176 k openstack-nova-common noarch 1:16.1.6-1.el7 OpenStack-Pike-tuna 371 k python-kazoo noarch 2.2.1-1.el7 OpenStack-Pike-tuna 130 k python-nova noarch 1:16.1.6-1.el7 OpenStack-Pike-tuna 3.3 M python-oslo-versionedobjects-lang noarch 1.26.2-1.el7 OpenStack-Pike-tuna 8.0 k python-paramiko noarch 2.1.1-9.el7 base 269 k python-redis noarch 2.10.3-1.el7 OpenStack-Pike-tuna 94 k python-tooz noarch 1.58.0-1.el7 OpenStack-Pike-tuna 94 k python-voluptuous noarch 0.8.9-1.el7 OpenStack-Pike-tuna 36 k python-websockify noarch 0.8.0-1.el7 OpenStack-Pike-tuna 69 k python2-microversion-parse noarch 0.1.4-2.el7 OpenStack-Pike-tuna 16 k python2-mock noarch 2.0.0-1.el7 OpenStack-Pike-tuna 120 k python2-os-traits noarch 0.3.3-1.el7 OpenStack-Pike-tuna 22 k python2-os-vif noarch 1.7.0-1.el7 OpenStack-Pike-tuna 59 k python2-oslo-reports noarch 1.22.1-1.el7 OpenStack-Pike-tuna 53 k python2-oslo-versionedobjects noarch 1.26.2-1.el7 OpenStack-Pike-tuna 72 k python2-psutil x86_64 5.2.2-2.el7 OpenStack-Pike-tuna 310 k python2-zake noarch 0.2.2-2.el7 OpenStack-Pike-tuna 39 k Transaction Summary ================================================================================================ Install 6 Packages (+18 Dependent packages) Total download size: 5.2 M Installed size: 23 M Downloading packages: (1/24): openstack-nova-api-16.1.6-1.el7.noarch.rpm | 8.2 kB 00:00:01 (2/24): novnc-0.5.1-2.el7.noarch.rpm | 176 kB 00:00:01 (3/24): openstack-nova-common-16.1.6-1.el7.noarch.rpm | 371 kB 00:00:00 (4/24): openstack-nova-console-16.1.6-1.el7.noarch.rpm | 6.8 kB 00:00:00 (5/24): openstack-nova-conductor-16.1.6-1.el7.noarch.rpm | 5.8 kB 00:00:00 (6/24): openstack-nova-novncproxy-16.1.6-1.el7.noarch.rpm | 6.2 kB 00:00:00 (7/24): openstack-nova-placement-api-16.1.6-1.el7.noarch.rpm | 6.0 kB 00:00:00 (8/24): openstack-nova-scheduler-16.1.6-1.el7.noarch.rpm | 5.8 kB 00:00:00 (9/24): python-kazoo-2.2.1-1.el7.noarch.rpm | 130 kB 00:00:00 (10/24): python-oslo-versionedobjects-lang-1.26.2-1.el7.noarch.rpm | 8.0 kB 00:00:00 (11/24): python-redis-2.10.3-1.el7.noarch.rpm | 94 kB 00:00:00 (12/24): python-paramiko-2.1.1-9.el7.noarch.rpm | 269 kB 00:00:00 (13/24): python-tooz-1.58.0-1.el7.noarch.rpm | 94 kB 00:00:00 (14/24): python-voluptuous-0.8.9-1.el7.noarch.rpm | 36 kB 00:00:00 (15/24): python-websockify-0.8.0-1.el7.noarch.rpm | 69 kB 00:00:01 (16/24): python2-microversion-parse-0.1.4-2.el7.noarch.rpm | 16 kB 00:00:00 (17/24): python2-mock-2.0.0-1.el7.noarch.rpm | 120 kB 00:00:00 (18/24): python-nova-16.1.6-1.el7.noarch.rpm | 3.3 MB 00:00:03 (19/24): python2-os-traits-0.3.3-1.el7.noarch.rpm | 22 kB 00:00:00 (20/24): python2-os-vif-1.7.0-1.el7.noarch.rpm | 59 kB 00:00:00 (21/24): python2-oslo-reports-1.22.1-1.el7.noarch.rpm | 53 kB 00:00:00 (22/24): python2-oslo-versionedobjects-1.26.2-1.el7.noarch.rpm | 72 kB 00:00:00 (23/24): python2-zake-0.2.2-2.el7.noarch.rpm | 39 kB 00:00:00 (24/24): python2-psutil-5.2.2-2.el7.x86_64.rpm | 310 kB 00:00:00 ------------------------------------------------------------------------------------------------ Total 738 kB/s | 5.2 MB 00:00:07 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : python-websockify-0.8.0-1.el7.noarch 1/24 Installing : python2-psutil-5.2.2-2.el7.x86_64 2/24 Installing : python2-oslo-reports-1.22.1-1.el7.noarch 3/24 Installing : novnc-0.5.1-2.el7.noarch 4/24 Installing : python2-os-traits-0.3.3-1.el7.noarch 5/24 Installing : python-voluptuous-0.8.9-1.el7.noarch 6/24 Installing : python2-mock-2.0.0-1.el7.noarch 7/24 Installing : python-paramiko-2.1.1-9.el7.noarch 8/24 Installing : python-kazoo-2.2.1-1.el7.noarch 9/24 Installing : python2-zake-0.2.2-2.el7.noarch 10/24 Installing : python2-microversion-parse-0.1.4-2.el7.noarch 11/24 Installing : python-redis-2.10.3-1.el7.noarch 12/24 Installing : python-tooz-1.58.0-1.el7.noarch 13/24 Installing : python-oslo-versionedobjects-lang-1.26.2-1.el7.noarch 14/24 Installing : python2-oslo-versionedobjects-1.26.2-1.el7.noarch 15/24 Installing : python2-os-vif-1.7.0-1.el7.noarch 16/24 Installing : 1:python-nova-16.1.6-1.el7.noarch 17/24 Installing : 1:openstack-nova-common-16.1.6-1.el7.noarch 18/24 Installing : 1:openstack-nova-conductor-16.1.6-1.el7.noarch 19/24 Installing : 1:openstack-nova-console-16.1.6-1.el7.noarch 20/24 Installing : 1:openstack-nova-scheduler-16.1.6-1.el7.noarch 21/24 Installing : 1:openstack-nova-api-16.1.6-1.el7.noarch 22/24 Installing : 1:openstack-nova-placement-api-16.1.6-1.el7.noarch 23/24 Installing : 1:openstack-nova-novncproxy-16.1.6-1.el7.noarch 24/24 Verifying : 1:openstack-nova-conductor-16.1.6-1.el7.noarch 1/24 Verifying : python2-zake-0.2.2-2.el7.noarch 2/24 Verifying : python2-oslo-reports-1.22.1-1.el7.noarch 3/24 Verifying : 1:openstack-nova-console-16.1.6-1.el7.noarch 4/24 Verifying : 1:openstack-nova-scheduler-16.1.6-1.el7.noarch 5/24 Verifying : 1:openstack-nova-common-16.1.6-1.el7.noarch 6/24 Verifying : python-oslo-versionedobjects-lang-1.26.2-1.el7.noarch 7/24 Verifying : 1:python-nova-16.1.6-1.el7.noarch 8/24 Verifying : python-redis-2.10.3-1.el7.noarch 9/24 Verifying : python2-microversion-parse-0.1.4-2.el7.noarch 10/24 Verifying : python2-oslo-versionedobjects-1.26.2-1.el7.noarch 11/24 Verifying : python-kazoo-2.2.1-1.el7.noarch 12/24 Verifying : python-paramiko-2.1.1-9.el7.noarch 13/24 Verifying : python2-mock-2.0.0-1.el7.noarch 14/24 Verifying : python-tooz-1.58.0-1.el7.noarch 15/24 Verifying : python-voluptuous-0.8.9-1.el7.noarch 16/24 Verifying : novnc-0.5.1-2.el7.noarch 17/24 Verifying : 1:openstack-nova-api-16.1.6-1.el7.noarch 18/24 Verifying : python2-psutil-5.2.2-2.el7.x86_64 19/24 Verifying : 1:openstack-nova-placement-api-16.1.6-1.el7.noarch 20/24 Verifying : python2-os-vif-1.7.0-1.el7.noarch 21/24 Verifying : python2-os-traits-0.3.3-1.el7.noarch 22/24 Verifying : python-websockify-0.8.0-1.el7.noarch 23/24 Verifying : 1:openstack-nova-novncproxy-16.1.6-1.el7.noarch 24/24 Installed: openstack-nova-api.noarch 1:16.1.6-1.el7 openstack-nova-conductor.noarch 1:16.1.6-1.el7 openstack-nova-console.noarch 1:16.1.6-1.el7 openstack-nova-novncproxy.noarch 1:16.1.6-1.el7 openstack-nova-placement-api.noarch 1:16.1.6-1.el7 openstack-nova-scheduler.noarch 1:16.1.6-1.el7 Dependency Installed: novnc.noarch 0:0.5.1-2.el7 openstack-nova-common.noarch 1:16.1.6-1.el7 python-kazoo.noarch 0:2.2.1-1.el7 python-nova.noarch 1:16.1.6-1.el7 python-oslo-versionedobjects-lang.noarch 0:1.26.2-1.el7 python-paramiko.noarch 0:2.1.1-9.el7 python-redis.noarch 0:2.10.3-1.el7 python-tooz.noarch 0:1.58.0-1.el7 python-voluptuous.noarch 0:0.8.9-1.el7 python-websockify.noarch 0:0.8.0-1.el7 python2-microversion-parse.noarch 0:0.1.4-2.el7 python2-mock.noarch 0:2.0.0-1.el7 python2-os-traits.noarch 0:0.3.3-1.el7 python2-os-vif.noarch 0:1.7.0-1.el7 python2-oslo-reports.noarch 0:1.22.1-1.el7 python2-oslo-versionedobjects.noarch 0:1.26.2-1.el7 python2-psutil.x86_64 0:5.2.2-2.el7 python2-zake.noarch 0:0.2.2-2.el7 Complete! [root@controller ~]# sed -i.bak '/^#/d;/^$/d' /etc/nova/nova.conf [root@controller ~]# vim /etc/nova/nova.conf [root@controller ~]# cat /etc/nova/nova.conf [DEFAULT] # 仅启用计算和元数据API enabled_apis = osapi_compute,metadata # 配置RabbitMQ消息队列访问 transport_url = rabbit://openstack:000000@controller # 控制器节点的管理IP my_ip = 178.120.2.10 # 启用对网络服务的支持 use_neutron = True firewall_driver = nova.virt.firewall.NoopFirewallDriver [api] # 配置身份服务访问 auth_strategy = keystone [api_database] # 配置数据库访问 connection = mysql+pymysql://nova:000000@controller/nova_api [barbican] [cache] [cells] [cinder] [compute] [conductor] [console] [consoleauth] [cors] [crypto] [database] # 配置数据库访问 connection = mysql+pymysql://nova:000000@controller/nova [ephemeral_storage_encryption] [filter_scheduler] [glance] # 配置图像服务API的位置 api_servers = http://controller:9292 [guestfs] [healthcheck] [hyperv] [ironic] [key_manager] [keystone] [keystone_authtoken] # 配置身份服务访问 auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = nova password = 000000 [libvirt] [matchmaker_redis] [metrics] [mks] [neutron] [notifications] [osapi_v21] [oslo_concurrency] # 配置锁定路径 lock_path = /var/lib/nova/tmp [oslo_messaging_amqp] [oslo_messaging_kafka] slo_messaging_notifications] [oslo_messaging_rabbit] [oslo_messaging_zmq] [oslo_middleware] [oslo_policy] [pci] [placement] # 配置 Placement API os_region_name = RegionOne project_domain_name = Default project_name = service auth_type = password user_domain_name = Default auth_url = http://controller:35357/v3 username = placement password = 000000 [quota] [rdp] [remote_debug] [scheduler] [serial_console] [service_user] [spice] [trusted_computing] [upgrade_levels] [vendordata_dynamic_auth] [vmware] [vnc] enabled = true # VNC代理配置为 使用控制器节点的管理接口IP地址 vncserver_listen = $my_ip vncserver_proxyclient_address = $my_ip [workarounds] [wsgi] [xenserver] [xvp] [root@controller ~]# vim /etc/httpd/conf.d/00-nova-placement-api.conf [root@controller ~]# cat /etc/httpd/conf.d/00-nova-placement-api.confListen 8778 <VirtualHost *:8778> WSGIProcessGroup nova-placement-api WSGIApplicationGroup %{GLOBAL} WSGIPassAuthorization On WSGIDaemonProcess nova-placement-api processes=3 threads=1 user=nova group=nova WSGIScriptAlias / /usr/bin/nova-placement-api <IfVersion >= 2.4> ErrorLogFormat "%M" </IfVersion> ErrorLog /var/log/nova/nova-placement-api.log #SSLEngine On #SSLCertificateFile ... #SSLCertificateKeyFile ... </VirtualHost> Alias /nova-placement-api /usr/bin/nova-placement-api <Location /nova-placement-api> SetHandler wsgi-script Options +ExecCGI WSGIProcessGroup nova-placement-api WSGIApplicationGroup %{GLOBAL} WSGIPassAuthorization On </Location> # 启用对 Placement API 的访问 <Directory /usr/bin> <IfVersion >= 2.4> Require all granted </IfVersion> <IfVersion < 2.4> Order allow,deny Allow from all </IfVersion> </Directory> [root@controller ~]# su -s /bin/sh -c "nova-manage api_db sync" nova [root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova [root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova 21614893-248b-41df-9668-73d056ddda1e [root@controller ~]# su -s /bin/sh -c "nova-manage db sync" nova /usr/lib/python2.7/site-packages/pymysql/cursors.py:166: Warning: (1831, u'Duplicate index `block_device_mapping_instance_uuid_virtual_name_device_name_idx`. This is deprecated and will be disallowed in a future release.') result = self._query(query) /usr/lib/python2.7/site-packages/pymysql/cursors.py:166: Warning: (1831, u'Duplicate index `uniq_instances0uuid`. This is deprecated and will be disallowed in a future release.') result = self._query(query) [root@controller ~]# nova-manage cell_v2 list_cells +-------+--------------------------------------+------------------------------------+-------------------------------------------------+ | Name | UUID | Transport URL | Database Connection | +-------+--------------------------------------+------------------------------------+-------------------------------------------------+ | cell0 | 00000000-0000-0000-0000-000000000000 | none:/ | mysql+pymysql://nova:****@controller/nova_cell0 | | cell1 | 21614893-248b-41df-9668-73d056ddda1e | rabbit://openstack:****@controller | mysql+pymysql://nova:****@controller/nova | +-------+--------------------------------------+------------------------------------+-------------------------------------------------+ {/collapse-item} {/collapse} 安装完成 启动计算服务并设置开机自启 systemctl enable openstack-nova-api.service \ openstack-nova-consoleauth.service openstack-nova-scheduler.service \ openstack-nova-conductor.service openstack-nova-novncproxy.service systemctl start openstack-nova-api.service \ openstack-nova-consoleauth.service openstack-nova-scheduler.service \ openstack-nova-conductor.service openstack-nova-novncproxy.service {collapse} {collapse-item label="查看执行过程"} 安装完成 [root@controller ~]# systemctl enable openstack-nova-api.service \ > openstack-nova-consoleauth.service openstack-nova-scheduler.service \ > openstack-nova-conductor.service openstack-nova-novncproxy.service Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-api.service to /usr/lib/systemd/system/openstack-nova-api.service. Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-consoleauth.service to /usr/lib/systemd/system/openstack-nova-consoleauth.service. Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-scheduler.service to /usr/lib/systemd/system/openstack-nova-scheduler.service. Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-conductor.service to /usr/lib/systemd/system/openstack-nova-conductor.service. Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-novncproxy.service to /usr/lib/systemd/system/openstack-nova-novncproxy.service. [root@controller ~]# systemctl start openstack-nova-api.service \ > openstack-nova-consoleauth.service openstack-nova-scheduler.service \ > openstack-nova-conductor.service openstack-nova-novncproxy.service {/collapse-item} {/collapse} 安装和配置 计算节点 安装和配置组件 1、安装软件包 yum install -y openstack-nova-compute > Tip: > Error: Package: 1:openstack-nova-compute-16.1.6-1.el7.noarch (OpenStack-Pike-tuna) rpm -ivh http://mirrors.163.com/centos/7/extras/x86_64/Packages/centos-release-virt-common-1-1.el7.centos.noarch.rpm --replacepkgs rpm -ivh http://mirrors.163.com/centos/7/extras/x86_64/Packages/centos-release-qemu-ev-1.0-4.el7.centos.noarch.rpm --replacepkgs 2、配置 nova.conf sed -i.bak '/^#/d;/^$/d' /etc/nova/nova.conf vim /etc/nova/nova.conf [DEFAULT] # 启用 计算 和 元数据API enabled_apis = osapi_compute,metadata # 配置 RabbitMQ消息队列 访问 transport_url = rabbit://openstack:000000@controller # 计算节点上管理网络 IP地址 my_ip = 178.120.2.20 # 启用对网络服务的支持 use_neutron = True firewall_driver = nova.virt.firewall.NoopFirewallDriver [api] # 配置 身份服务访问 auth_strategy = keystone [keystone_authtoken] # 配置身份服务访问 auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = nova password = 000000 [vnc] # 启用 和 配置远程控制台访问 enabled = True vncserver_listen = 0.0.0.0 vncserver_proxyclient_address = $my_ip novncproxy_base_url = http://178.120.2.10:6080/vnc_auto.html [glance] # 配置图像服务 API的位置 api_servers = http://controller:9292 [oslo_concurrency] # 配置锁定路径 lock_path = /var/lib/nova/tmp [placement] # 配置 Placement API os_region_name = RegionOne project_domain_name = Default project_name = service auth_type = password user_domain_name = Default auth_url = http://controller:35357/v3 username = placement password = 000000 完成安装 1、确认计算节点是否支持虚拟化 egrep -c '(vmx|svm)' /proc/cpuinfo vim /etc/nova/nova.conf [libvirt] # 虚拟化选项(默认kvm) virt_type = qemu 2、启动计算服务并设置开机自启 systemctl enable libvirtd.service openstack-nova-compute.service systemctl start libvirtd.service openstack-nova-compute.service {collapse} {collapse-item label="查看执行过程"} 安装和配置组件 [root@compute nova]# vim nova.conf [root@compute nova]# cat nova.conf [DEFAULT] # 启用 计算 和 元数据API enabled_apis = osapi_compute,metadata # 配置 RabbitMQ消息队列 访问 transport_url = rabbit://openstack:000000@controller # 计算节点上管理网络 IP地址 my_ip = 178.120.2.20 # 启用对网络服务的支持 use_neutron = True firewall_driver = nova.virt.firewall.NoopFirewallDriver [api] # 配置 身份服务访问 auth_strategy = keystone [api_database] [barbican] [cache] [cells] [cinder] [compute] [conductor] [console] [consoleauth] [cors] [crypto] [database] [ephemeral_storage_encryption] [filter_scheduler] [glance] # 配置图像服务 API的位置 api_servers = http://controller:9292 [guestfs] [healthcheck] [hyperv] [ironic] [key_manager] [keystone] [keystone_authtoken] # 配置身份服务访问 auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = nova password = 000000 [libvirt] virt_type = qemu [matchmaker_redis] [metrics] [mks] [neutron] [notifications] [osapi_v21] [oslo_concurrency] # 配置锁定路径 lock_path = /var/lib/nova/tmp [oslo_messaging_amqp] [oslo_messaging_kafka] [oslo_messaging_notifications] [oslo_messaging_rabbit] [oslo_messaging_zmq] [oslo_middleware] [oslo_policy] [pci] [placement] # 配置 Placement API os_region_name = RegionOne project_domain_name = Default project_name = service auth_type = password user_domain_name = Default auth_url = http://controller:35357/v3 username = placement password = 000000 [quota] [rdp] [remote_debug] [scheduler] [serial_console] [service_user] [spice] [trusted_computing] [upgrade_levels] [vendordata_dynamic_auth] [vmware] [vnc] # 启用 和 配置远程控制台访问 enabled = True vncserver_listen = 0.0.0.0 vncserver_proxyclient_address = $my_ip novncproxy_base_url = http://178.120.2.10:6080/vnc_auto.html [workarounds] [wsgi] [xenserver] [xvp] [root@compute nova]# egrep -c '(vmx|svm)' /proc/cpuinfo 8 [root@compute nova]# systemctl enable libvirtd.service openstack-nova-compute.service Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-compute.service to /usr/lib/systemd/system/openstack-nova-compute.service. systemctl start libvirtd.service openstack-nova-compute.service [root@compute nova]# systemctl start libvirtd.service openstack-nova-compute.service {/collapse-item} {/collapse} 添加计算节点 控制节点执行 1、检查数据库中有该计算节点 . admin-openrc openstack compute service list --service nova-compute 2、注册 计算节点 su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova 自动注册(可选) [scheduler] # 自动注册主机时间 discover_hosts_in_cells_interval = 300 {collapse} {collapse-item label="查看执行过程"} 添加计算节点 [root@controller ~]# . admin-openrc [root@controller ~]# openstack compute service list --service nova-compute +----+--------------+---------+------+---------+-------+----------------------------+ | ID | Binary | Host | Zone | Status | State | Updated At | +----+--------------+---------+------+---------+-------+----------------------------+ | 7 | nova-compute | compute | nova | enabled | up | 2022-07-13T07:02:24.000000 | +----+--------------+---------+------+---------+-------+----------------------------+ [root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova Found 2 cell mappings. Skipping cell0 since it does not contain hosts. Getting computes from cell 'cell1': 21614893-248b-41df-9668-73d056ddda1e Checking host mapping for compute host 'compute': 6e85d3a5-24a5-417b-8735-5edb7859ad03 Creating host mapping for compute host 'compute': 6e85d3a5-24a5-417b-8735-5edb7859ad03 Found 1 unmapped computes in cell: 21614893-248b-41df-9668-73d056ddda1e {/collapse-item} {/collapse} 验证 1、获取 admin 凭证 . admin-openrc 2、查询 计算服务组件列表 openstack compute service list 3、查询 Keytone 中API端点 列表 openstack catalog list 4、 查询 placement API 和 Cell 是否工作 nova-status upgrade check {collapse} {collapse-item label="查看执行过程"} 验证 [root@controller ~]# . admin-openrc [root@controller ~]# openstack compute service list +----+------------------+------------+----------+---------+-------+----------------------------+ | ID | Binary | Host | Zone | Status | State | Updated At | +----+------------------+------------+----------+---------+-------+----------------------------+ | 1 | nova-consoleauth | controller | internal | enabled | up | 2022-07-13T07:10:56.000000 | | 2 | nova-conductor | controller | internal | enabled | up | 2022-07-13T07:10:55.000000 | | 6 | nova-scheduler | controller | internal | enabled | up | 2022-07-13T07:10:56.000000 | | 7 | nova-compute | compute | nova | enabled | up | 2022-07-13T07:10:55.000000 | +----+------------------+------------+----------+---------+-------+----------------------------+ [root@controller ~]# openstack catalog list +-----------+-----------+-----------------------------------------+ | Name | Type | Endpoints | +-----------+-----------+-----------------------------------------+ | keystone | identity | RegionOne | | | | internal: http://controller:5000/v3/ | | | | RegionOne | | | | public: http://controller:5000/v3/ | | | | RegionOne | | | | admin: http://controller:35357/v3/ | | | | | | glance | image | RegionOne | | | | admin: http://controller:9292 | | | | RegionOne | | | | public: http://controller:9292 | | | | RegionOne | | | | internal: http://controller:9292 | | | | | | placement | placement | RegionOne | | | | admin: http://controller:8778 | | | | RegionOne | | | | public: http://controller:8778 | | | | RegionOne | | | | internal: http://controller:8778 | | | | | | nova | compute | RegionOne | | | | admin: http://controller:8774/v2.1 | | | | RegionOne | | | | public: http://controller:8774/v2.1 | | | | RegionOne | | | | internal: http://controller:8774/v2.1 | | | | | +-----------+-----------+-----------------------------------------+ [root@controller ~]# nova-status upgrade check +---------------------------+ | Upgrade Check Results | +---------------------------+ | Check: Cells v2 | | Result: Success | | Details: None | +---------------------------+ | Check: Placement API | | Result: Success | | Details: None | +---------------------------+ | Check: Resource Providers | | Result: Success | | Details: None | +---------------------------+ {/collapse-item} {/collapse}
2022年07月13日
166 阅读
0 评论
0 点赞
2022-07-13
OpenStack-Pike 搭建之Glance(三)
Glance 概述 The OpenStack Image service includes the following components: glance-api Accepts Image API calls for image discovery, retrieval, and storage. glance-registry Stores, processes, and retrieves metadata about images. Metadata includes items such as size and type. Database Stores image metadata and you can choose your database depending on your preference. Most deployments use MySQL or SQLite. Storage repository for image files Various repository types are supported including normal file systems (or any filesystem mounted on the glance-api controller node), Object Storage, RADOS block devices, VMware datastore, and HTTP. Note that some repositories will only support read-only usage. Metadata definition service A common API for vendors, admins, services, and users to meaningfully define their own custom metadata. This metadata can be used on different types of resources like images, artifacts, volumes, flavors, and aggregates. A definition includes the new property’s key, description, constraints, and the resource types which it can be associated with. 前置条件 创建 数据库并授权 1、使用 root用户登录数据库 mysql -u root -p000000 2、创建 glance 数据库 CREATE DATABASE glance; 3、授权 glance用户 对 glance数据库 所有权限 GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' \ IDENTIFIED BY '000000'; GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' \ IDENTIFIED BY '000000'; {collapse} {collapse-item label="查看执行过程"} 前置条件 [root@controller ~]# mysql -u root -p000000 Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 27 Server version: 10.1.20-MariaDB MariaDB Server Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> CREATE DATABASE glance; Query OK, 1 row affected (0.00 sec) MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' \ -> IDENTIFIED BY '000000'; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' \ -> IDENTIFIED BY '000000'; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> exit Bye {/collapse-item} {/collapse} 创建 服务凭证 和 API端点 1、加载 admin用户信息 . admin-openrc 2、创建 服务凭证 创建 glance 用户 openstack user create --domain default --password 000000 glance 将 service项目 中的 glance用户 设置为 admin角色 openstack role add --project service --user glance admin 创建 glance服务 openstack service create --name glance \ --description "OpenStack Image" image 3、创建 glance 服务 API端点 openstack endpoint create --region RegionOne \ image public http://controller:9292 openstack endpoint create --region RegionOne \ image internal http://controller:9292 openstack endpoint create --region RegionOne \ image admin http://controller:9292 {collapse} {collapse-item label="查看执行过程"} 创建 服务凭证 和 API端点 [root@controller ~]# . admin-openrc [root@controller ~]# openstack user create --domain default --password 000000 glance +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | domain_id | default | | enabled | True | | id | f66e07e3922147f99dd60b01aa68d1c0 | | name | glance | | options | {} | | password_expires_at | None | +---------------------+----------------------------------+ [root@controller ~]# openstack role add --project service --user glance admin [root@controller ~]# openstack service create --name glance \ > --description "OpenStack Image" image +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | OpenStack Image | | enabled | True | | id | 1109e2bc82474c078171ed3640272493 | | name | glance | | type | image | +-------------+----------------------------------+ [root@controller ~]# openstack endpoint create --region RegionOne \ > image public http://controller:9292 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 8eca34e46a144eaeaf790b601b9f8c88 | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | 1109e2bc82474c078171ed3640272493 | | service_name | glance | | service_type | image | | url | http://controller:9292 | +--------------+----------------------------------+ [root@controller ~]# openstack endpoint create --region RegionOne \ > image internal http://controller:9292 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | ce24756b281e406ea069f2c656485001 | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | 1109e2bc82474c078171ed3640272493 | | service_name | glance | | service_type | image | | url | http://controller:9292 | +--------------+----------------------------------+ [root@controller ~]# openstack endpoint create --region RegionOne \ > image admin http://controller:9292 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 43ac650380b9456ea268edaac326908b | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | 1109e2bc82474c078171ed3640272493 | | service_name | glance | | service_type | image | | url | http://controller:9292 | +--------------+----------------------------------+ {/collapse-item} {/collapse} 安装 和 配置组件 1、安装软件包 yum install -y openstack-glance 2、配置 glance-api.conf # sed -i.bak '/^#/d;/^$/d' /etc/glance/glance-api.conf # vim /etc/glance/glance-api.conf [database] # 配置数据库访问 connection = mysql+pymysql://glance:000000@controller/glance [keystone_authtoken] # 配置身份服务访问 auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = glance password = 000000 [paste_deploy] # 配置身份服务访问 flavor = keystone [glance_store] # 配置本地文件系统存储和镜像文件的位置 stores = file,http default_store = file filesystem_store_datadir = /var/lib/glance/images/ 3、配置 glance-registry.conf # sed -i.bak '/^#/d;/^$/d' /etc/glance/glance-registry.conf # vim /etc/glance/glance-registry.conf [database] # 配置数据库访问 connection = mysql+pymysql://glance:000000@controller/glance [keystone_authtoken] # 配置身份服务访问 auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = glance password = 000000 [paste_deploy] # 配置身份服务访问 flavor = keystone 4、同步 glance 数据库 su -s /bin/sh -c "glance-manage db_sync" glance {collapse} {collapse-item label="查看执行过程"} 安装 和 配置组件 [root@controller ~]# yum install -y openstack-glance Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Resolving Dependencies --> Running transaction check ---> Package openstack-glance.noarch 1:15.0.1-1.el7 will be installed --> Processing Dependency: python-glance = 1:15.0.1-1.el7 for package: 1:openstack-glance-15.0.1-1.el7.noarch --> Running transaction check ---> Package python-glance.noarch 1:15.0.1-1.el7 will be installed --> Processing Dependency: python-wsme >= 0.8 for package: 1:python-glance-15.0.1-1.el7.noarch --> Processing Dependency: python-taskflow >= 2.7.0 for package: 1:python-glance-15.0.1-1.el7.noarch --> Processing Dependency: python-swiftclient >= 2.2.0 for package: 1:python-glance-15.0.1-1.el7.noarch --> Processing Dependency: python-oslo-vmware >= 0.11.1 for package: 1:python-glance-15.0.1-1.el7.noarch --> Processing Dependency: python-os-brick >= 1.8.0 for package: 1:python-glance-15.0.1-1.el7.noarch --> Processing Dependency: python-glance-store >= 0.21.0 for package: 1:python-glance-15.0.1-1.el7.noarch --> Processing Dependency: python-retrying for package: 1:python-glance-15.0.1-1.el7.noarch --> Processing Dependency: python-httplib2 for package: 1:python-glance-15.0.1-1.el7.noarch --> Processing Dependency: python-cursive for package: 1:python-glance-15.0.1-1.el7.noarch --> Processing Dependency: python-boto for package: 1:python-glance-15.0.1-1.el7.noarch --> Processing Dependency: pysendfile for package: 1:python-glance-15.0.1-1.el7.noarch --> Running transaction check ---> Package pysendfile.x86_64 0:2.0.0-5.el7 will be installed ---> Package python-boto.noarch 0:2.34.0-4.el7 will be installed --> Processing Dependency: python-rsa for package: python-boto-2.34.0-4.el7.noarch ---> Package python-httplib2.noarch 0:0.9.2-1.el7 will be installed ---> Package python-retrying.noarch 0:1.2.3-4.el7 will be installed ---> Package python2-cursive.noarch 0:0.1.2-1.el7 will be installed --> Processing Dependency: python-lxml >= 2.3 for package: python2-cursive-0.1.2-1.el7.noarch --> Processing Dependency: python-castellan >= 0.4.0 for package: python2-cursive-0.1.2-1.el7.noarch ---> Package python2-glance-store.noarch 0:0.22.0-1.el7 will be installed --> Processing Dependency: python-oslo-privsep >= 1.9.0 for package: python2-glance-store-0.22.0-1.el7.noarch --> Processing Dependency: python-oslo-rootwrap for package: python2-glance-store-0.22.0-1.el7.noarch ---> Package python2-os-brick.noarch 0:1.15.6-1.el7 will be installed --> Processing Dependency: python-os-win >= 2.0.0 for package: python2-os-brick-1.15.6-1.el7.noarch ---> Package python2-oslo-vmware.noarch 0:2.23.1-1.el7 will be installed --> Processing Dependency: python-oslo-vmware-lang = 2.23.1-1.el7 for package: python2-oslo-vmware-2.23.1-1.el7.noarch --> Processing Dependency: python-suds >= 0.6 for package: python2-oslo-vmware-2.23.1-1.el7.noarch ---> Package python2-swiftclient.noarch 0:3.4.0-1.el7 will be installed ---> Package python2-taskflow.noarch 0:2.14.1-1.el7 will be installed --> Processing Dependency: python-networkx >= 1.10 for package: python2-taskflow-2.14.1-1.el7.noarch --> Processing Dependency: python-automaton >= 0.5.0 for package: python2-taskflow-2.14.1-1.el7.noarch --> Processing Dependency: python-networkx-core for package: python2-taskflow-2.14.1-1.el7.noarch ---> Package python2-wsme.noarch 0:0.9.2-1.el7 will be installed --> Processing Dependency: python-simplegeneric for package: python2-wsme-0.9.2-1.el7.noarch --> Running transaction check ---> Package python-lxml.x86_64 0:3.2.1-4.el7 will be installed --> Processing Dependency: libxslt.so.1(LIBXML2_1.1.9)(64bit) for package: python-lxml-3.2.1-4.el7.x86_64 --> Processing Dependency: libxslt.so.1(LIBXML2_1.1.26)(64bit) for package: python-lxml-3.2.1-4.el7.x86_64 --> Processing Dependency: libxslt.so.1(LIBXML2_1.1.2)(64bit) for package: python-lxml-3.2.1-4.el7.x86_64 --> Processing Dependency: libxslt.so.1(LIBXML2_1.0.24)(64bit) for package: python-lxml-3.2.1-4.el7.x86_64 --> Processing Dependency: libxslt.so.1(LIBXML2_1.0.22)(64bit) for package: python-lxml-3.2.1-4.el7.x86_64 --> Processing Dependency: libxslt.so.1(LIBXML2_1.0.18)(64bit) for package: python-lxml-3.2.1-4.el7.x86_64 --> Processing Dependency: libxslt.so.1(LIBXML2_1.0.11)(64bit) for package: python-lxml-3.2.1-4.el7.x86_64 --> Processing Dependency: libxslt.so.1()(64bit) for package: python-lxml-3.2.1-4.el7.x86_64 --> Processing Dependency: libexslt.so.0()(64bit) for package: python-lxml-3.2.1-4.el7.x86_64 ---> Package python-networkx.noarch 0:1.10-1.el7 will be installed ---> Package python-networkx-core.noarch 0:1.10-1.el7 will be installed --> Processing Dependency: scipy for package: python-networkx-core-1.10-1.el7.noarch ---> Package python-oslo-vmware-lang.noarch 0:2.23.1-1.el7 will be installed ---> Package python-simplegeneric.noarch 0:0.8-7.el7 will be installed ---> Package python2-automaton.noarch 0:1.12.1-1.el7 will be installed ---> Package python2-castellan.noarch 0:0.12.2-1.el7 will be installed ---> Package python2-os-win.noarch 0:2.2.0-1.el7 will be installed ---> Package python2-oslo-privsep.noarch 0:1.22.1-1.el7 will be installed --> Processing Dependency: python-oslo-privsep-lang = 1.22.1-1.el7 for package: python2-oslo-privsep-1.22.1-1.el7.noarch ---> Package python2-oslo-rootwrap.noarch 0:5.9.1-1.el7 will be installed ---> Package python2-rsa.noarch 0:3.3-2.el7 will be installed ---> Package python2-suds.noarch 0:0.7-0.4.94664ddd46a6.el7 will be installed --> Running transaction check ---> Package libxslt.x86_64 0:1.1.28-6.el7 will be installed ---> Package python-oslo-privsep-lang.noarch 0:1.22.1-1.el7 will be installed ---> Package python2-scipy.x86_64 0:0.18.0-3.el7 will be installed --> Processing Dependency: numpy for package: python2-scipy-0.18.0-3.el7.x86_64 --> Processing Dependency: libgfortran.so.3(GFORTRAN_1.4)(64bit) for package: python2-scipy-0.18.0-3.el7.x86_64 --> Processing Dependency: libgfortran.so.3(GFORTRAN_1.0)(64bit) for package: python2-scipy-0.18.0-3.el7.x86_64 --> Processing Dependency: libtatlas.so.3()(64bit) for package: python2-scipy-0.18.0-3.el7.x86_64 --> Processing Dependency: libquadmath.so.0()(64bit) for package: python2-scipy-0.18.0-3.el7.x86_64 --> Processing Dependency: libgfortran.so.3()(64bit) for package: python2-scipy-0.18.0-3.el7.x86_64 --> Running transaction check ---> Package atlas.x86_64 0:3.10.1-12.el7 will be installed ---> Package libgfortran.x86_64 0:4.8.5-44.el7 will be installed ---> Package libquadmath.x86_64 0:4.8.5-44.el7 will be installed ---> Package python2-numpy.x86_64 1:1.11.2-2.el7 will be installed --> Processing Dependency: python-nose for package: 1:python2-numpy-1.11.2-2.el7.x86_64 --> Running transaction check ---> Package python-nose.noarch 0:1.3.7-7.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ========================================================================================================================================================================= Package Arch Version Repository Size ========================================================================================================================================================================= Installing: openstack-glance noarch 1:15.0.1-1.el7 OpenStack-Pike-tuna 75 k Installing for dependencies: atlas x86_64 3.10.1-12.el7 base 4.5 M libgfortran x86_64 4.8.5-44.el7 base 301 k libquadmath x86_64 4.8.5-44.el7 base 190 k libxslt x86_64 1.1.28-6.el7 base 242 k pysendfile x86_64 2.0.0-5.el7 OpenStack-Pike-tuna 10 k python-boto noarch 2.34.0-4.el7 OpenStack-Pike-tuna 1.6 M python-glance noarch 1:15.0.1-1.el7 OpenStack-Pike-tuna 779 k python-httplib2 noarch 0.9.2-1.el7 OpenStack-Pike-tuna 115 k python-lxml x86_64 3.2.1-4.el7 base 758 k python-networkx noarch 1.10-1.el7 OpenStack-Pike-tuna 7.8 k python-networkx-core noarch 1.10-1.el7 OpenStack-Pike-tuna 1.6 M python-nose noarch 1.3.7-7.el7 OpenStack-Pike-tuna 276 k python-oslo-privsep-lang noarch 1.22.1-1.el7 OpenStack-Pike-tuna 8.1 k python-oslo-vmware-lang noarch 2.23.1-1.el7 OpenStack-Pike-tuna 9.3 k python-retrying noarch 1.2.3-4.el7 OpenStack-Pike-tuna 16 k python-simplegeneric noarch 0.8-7.el7 OpenStack-Pike-tuna 12 k python2-automaton noarch 1.12.1-1.el7 OpenStack-Pike-tuna 37 k python2-castellan noarch 0.12.2-1.el7 OpenStack-Pike-tuna 94 k python2-cursive noarch 0.1.2-1.el7 OpenStack-Pike-tuna 26 k python2-glance-store noarch 0.22.0-1.el7 OpenStack-Pike-tuna 215 k python2-numpy x86_64 1:1.11.2-2.el7 OpenStack-Pike-tuna 3.2 M python2-os-brick noarch 1.15.6-1.el7 OpenStack-Pike-tuna 333 k python2-os-win noarch 2.2.0-1.el7 OpenStack-Pike-tuna 396 k python2-oslo-privsep noarch 1.22.1-1.el7 OpenStack-Pike-tuna 30 k python2-oslo-rootwrap noarch 5.9.1-1.el7 OpenStack-Pike-tuna 38 k python2-oslo-vmware noarch 2.23.1-1.el7 OpenStack-Pike-tuna 188 k python2-rsa noarch 3.3-2.el7 OpenStack-Pike-tuna 63 k python2-scipy x86_64 0.18.0-3.el7 OpenStack-Pike-tuna 12 M python2-suds noarch 0.7-0.4.94664ddd46a6.el7 OpenStack-Pike-tuna 234 k python2-swiftclient noarch 3.4.0-1.el7 OpenStack-Pike-tuna 156 k python2-taskflow noarch 2.14.1-1.el7 OpenStack-Pike-tuna 678 k python2-wsme noarch 0.9.2-1.el7 OpenStack-Pike-tuna 193 k Transaction Summary ========================================================================================================================================================================= Install 1 Package (+32 Dependent packages) Total download size: 28 M Installed size: 121 M Downloading packages: (1/33): atlas-3.10.1-12.el7.x86_64.rpm | 4.5 MB 00:00:03 (2/33): libquadmath-4.8.5-44.el7.x86_64.rpm | 190 kB 00:00:00 (3/33): libxslt-1.1.28-6.el7.x86_64.rpm | 242 kB 00:00:00 (4/33): openstack-glance-15.0.1-1.el7.noarch.rpm | 75 kB 00:00:00 (5/33): python-boto-2.34.0-4.el7.noarch.rpm | 1.6 MB 00:00:01 (6/33): libgfortran-4.8.5-44.el7.x86_64.rpm | 301 kB 00:00:06 (7/33): python-glance-15.0.1-1.el7.noarch.rpm | 779 kB 00:00:01 (8/33): python-httplib2-0.9.2-1.el7.noarch.rpm | 115 kB 00:00:00 (9/33): python-networkx-1.10-1.el7.noarch.rpm | 7.8 kB 00:00:00 (10/33): python-networkx-core-1.10-1.el7.noarch.rpm | 1.6 MB 00:00:01 (11/33): python-nose-1.3.7-7.el7.noarch.rpm | 276 kB 00:00:00 (12/33): python-oslo-privsep-lang-1.22.1-1.el7.noarch.rpm | 8.1 kB 00:00:00 (13/33): python-oslo-vmware-lang-2.23.1-1.el7.noarch.rpm | 9.3 kB 00:00:00 (14/33): python-retrying-1.2.3-4.el7.noarch.rpm | 16 kB 00:00:00 (15/33): python-simplegeneric-0.8-7.el7.noarch.rpm | 12 kB 00:00:00 (16/33): pysendfile-2.0.0-5.el7.x86_64.rpm | 10 kB 00:00:06 (17/33): python2-automaton-1.12.1-1.el7.noarch.rpm | 37 kB 00:00:00 (18/33): python2-castellan-0.12.2-1.el7.noarch.rpm | 94 kB 00:00:00 (19/33): python2-cursive-0.1.2-1.el7.noarch.rpm | 26 kB 00:00:00 (20/33): python2-glance-store-0.22.0-1.el7.noarch.rpm | 215 kB 00:00:00 (21/33): python2-os-brick-1.15.6-1.el7.noarch.rpm | 333 kB 00:00:00 (22/33): python2-os-win-2.2.0-1.el7.noarch.rpm | 396 kB 00:00:01 (23/33): python2-oslo-privsep-1.22.1-1.el7.noarch.rpm | 30 kB 00:00:00 (24/33): python2-oslo-rootwrap-5.9.1-1.el7.noarch.rpm | 38 kB 00:00:00 (25/33): python2-oslo-vmware-2.23.1-1.el7.noarch.rpm | 188 kB 00:00:00 (26/33): python2-rsa-3.3-2.el7.noarch.rpm | 63 kB 00:00:00 (27/33): python-lxml-3.2.1-4.el7.x86_64.rpm | 758 kB 00:00:07 (28/33): python2-numpy-1.11.2-2.el7.x86_64.rpm | 3.2 MB 00:00:11 (29/33): python2-suds-0.7-0.4.94664ddd46a6.el7.noarch.rpm | 234 kB 00:00:00 (30/33): python2-swiftclient-3.4.0-1.el7.noarch.rpm | 156 kB 00:00:00 (31/33): python2-taskflow-2.14.1-1.el7.noarch.rpm | 678 kB 00:00:01 (32/33): python2-wsme-0.9.2-1.el7.noarch.rpm | 193 kB 00:00:00 (33/33): python2-scipy-0.18.0-3.el7.x86_64.rpm | 12 MB 00:00:16 ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- Total 947 kB/s | 28 MB 00:00:30 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : libquadmath-4.8.5-44.el7.x86_64 1/33 Installing : libgfortran-4.8.5-44.el7.x86_64 2/33 Installing : atlas-3.10.1-12.el7.x86_64 3/33 Installing : python-retrying-1.2.3-4.el7.noarch 4/33 Installing : python-httplib2-0.9.2-1.el7.noarch 5/33 Installing : libxslt-1.1.28-6.el7.x86_64 6/33 Installing : python-lxml-3.2.1-4.el7.x86_64 7/33 Installing : python2-suds-0.7-0.4.94664ddd46a6.el7.noarch 8/33 Installing : python2-os-win-2.2.0-1.el7.noarch 9/33 Installing : python-oslo-privsep-lang-1.22.1-1.el7.noarch 10/33 Installing : python2-oslo-privsep-1.22.1-1.el7.noarch 11/33 Installing : python2-os-brick-1.15.6-1.el7.noarch 12/33 Installing : python-oslo-vmware-lang-2.23.1-1.el7.noarch 13/33 Installing : python2-oslo-vmware-2.23.1-1.el7.noarch 14/33 Installing : python2-oslo-rootwrap-5.9.1-1.el7.noarch 15/33 Installing : python2-glance-store-0.22.0-1.el7.noarch 16/33 Installing : pysendfile-2.0.0-5.el7.x86_64 17/33 Installing : python2-castellan-0.12.2-1.el7.noarch 18/33 Installing : python2-cursive-0.1.2-1.el7.noarch 19/33 Installing : python-nose-1.3.7-7.el7.noarch 20/33 Installing : 1:python2-numpy-1.11.2-2.el7.x86_64 21/33 Installing : python2-scipy-0.18.0-3.el7.x86_64 22/33 Installing : python-networkx-core-1.10-1.el7.noarch 23/33 Installing : python-networkx-1.10-1.el7.noarch 24/33 Installing : python2-rsa-3.3-2.el7.noarch 25/33 Installing : python-boto-2.34.0-4.el7.noarch 26/33 Installing : python2-automaton-1.12.1-1.el7.noarch 27/33 Installing : python2-taskflow-2.14.1-1.el7.noarch 28/33 Installing : python-simplegeneric-0.8-7.el7.noarch 29/33 Installing : python2-wsme-0.9.2-1.el7.noarch 30/33 Installing : python2-swiftclient-3.4.0-1.el7.noarch 31/33 Installing : 1:python-glance-15.0.1-1.el7.noarch 32/33 Installing : 1:openstack-glance-15.0.1-1.el7.noarch 33/33 Verifying : python2-swiftclient-3.4.0-1.el7.noarch 1/33 Verifying : python-simplegeneric-0.8-7.el7.noarch 2/33 Verifying : python2-wsme-0.9.2-1.el7.noarch 3/33 Verifying : python-lxml-3.2.1-4.el7.x86_64 4/33 Verifying : python2-os-brick-1.15.6-1.el7.noarch 5/33 Verifying : python2-scipy-0.18.0-3.el7.x86_64 6/33 Verifying : atlas-3.10.1-12.el7.x86_64 7/33 Verifying : python-networkx-core-1.10-1.el7.noarch 8/33 Verifying : python2-automaton-1.12.1-1.el7.noarch 9/33 Verifying : python2-rsa-3.3-2.el7.noarch 10/33 Verifying : python2-glance-store-0.22.0-1.el7.noarch 11/33 Verifying : python-retrying-1.2.3-4.el7.noarch 12/33 Verifying : libquadmath-4.8.5-44.el7.x86_64 13/33 Verifying : python-nose-1.3.7-7.el7.noarch 14/33 Verifying : python2-castellan-0.12.2-1.el7.noarch 15/33 Verifying : python2-taskflow-2.14.1-1.el7.noarch 16/33 Verifying : 1:python-glance-15.0.1-1.el7.noarch 17/33 Verifying : pysendfile-2.0.0-5.el7.x86_64 18/33 Verifying : libgfortran-4.8.5-44.el7.x86_64 19/33 Verifying : python2-oslo-rootwrap-5.9.1-1.el7.noarch 20/33 Verifying : python-oslo-vmware-lang-2.23.1-1.el7.noarch 21/33 Verifying : python-networkx-1.10-1.el7.noarch 22/33 Verifying : python-oslo-privsep-lang-1.22.1-1.el7.noarch 23/33 Verifying : python2-os-win-2.2.0-1.el7.noarch 24/33 Verifying : 1:python2-numpy-1.11.2-2.el7.x86_64 25/33 Verifying : python2-cursive-0.1.2-1.el7.noarch 26/33 Verifying : python2-suds-0.7-0.4.94664ddd46a6.el7.noarch 27/33 Verifying : libxslt-1.1.28-6.el7.x86_64 28/33 Verifying : python-httplib2-0.9.2-1.el7.noarch 29/33 Verifying : python2-oslo-vmware-2.23.1-1.el7.noarch 30/33 Verifying : python2-oslo-privsep-1.22.1-1.el7.noarch 31/33 Verifying : 1:openstack-glance-15.0.1-1.el7.noarch 32/33 Verifying : python-boto-2.34.0-4.el7.noarch 33/33 Installed: openstack-glance.noarch 1:15.0.1-1.el7 Dependency Installed: atlas.x86_64 0:3.10.1-12.el7 libgfortran.x86_64 0:4.8.5-44.el7 libquadmath.x86_64 0:4.8.5-44.el7 libxslt.x86_64 0:1.1.28-6.el7 pysendfile.x86_64 0:2.0.0-5.el7 python-boto.noarch 0:2.34.0-4.el7 python-glance.noarch 1:15.0.1-1.el7 python-httplib2.noarch 0:0.9.2-1.el7 python-lxml.x86_64 0:3.2.1-4.el7 python-networkx.noarch 0:1.10-1.el7 python-networkx-core.noarch 0:1.10-1.el7 python-nose.noarch 0:1.3.7-7.el7 python-oslo-privsep-lang.noarch 0:1.22.1-1.el7 python-oslo-vmware-lang.noarch 0:2.23.1-1.el7 python-retrying.noarch 0:1.2.3-4.el7 python-simplegeneric.noarch 0:0.8-7.el7 python2-automaton.noarch 0:1.12.1-1.el7 python2-castellan.noarch 0:0.12.2-1.el7 python2-cursive.noarch 0:0.1.2-1.el7 python2-glance-store.noarch 0:0.22.0-1.el7 python2-numpy.x86_64 1:1.11.2-2.el7 python2-os-brick.noarch 0:1.15.6-1.el7 python2-os-win.noarch 0:2.2.0-1.el7 python2-oslo-privsep.noarch 0:1.22.1-1.el7 python2-oslo-rootwrap.noarch 0:5.9.1-1.el7 python2-oslo-vmware.noarch 0:2.23.1-1.el7 python2-rsa.noarch 0:3.3-2.el7 python2-scipy.x86_64 0:0.18.0-3.el7 python2-suds.noarch 0:0.7-0.4.94664ddd46a6.el7 python2-swiftclient.noarch 0:3.4.0-1.el7 python2-taskflow.noarch 0:2.14.1-1.el7 python2-wsme.noarch 0:0.9.2-1.el7 Complete! [root@controller ~]# sed -i.bak '/^#/d;/^$/d' /etc/glance/glance-api.conf [root@controller ~]# vim /etc/glance/glance-api.conf [root@controller ~]# cat /etc/glance/glance-api.conf EFAULT] [cors] [database] # 配置数据库访问 connection = mysql+pymysql://glance:000000@controller/glance [glance_store] # 配置本地文件系统存储和镜像文件的位置 stores = file,http default_store = file filesystem_store_datadir = /var/lib/glance/images/ [image_format] [keystone_authtoken] # 配置身份服务访问 auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = glance password = 000000 [matchmaker_redis] [oslo_concurrency] [oslo_messaging_amqp] [oslo_messaging_kafka] [oslo_messaging_notifications] [oslo_messaging_rabbit] [oslo_messaging_zmq] [oslo_middleware] [oslo_policy] [paste_deploy] # 配置身份服务访问 flavor = keystone [profiler] [store_type_location_strategy] [task] [taskflow_executor] [root@controller ~]# sed -i.bak '/^#/d;/^$/d' /etc/glance/glance-registry.conf [root@controller ~]# vim /etc/glance/glance-registry.conf [root@controller ~]# cat /etc/glance/glance-registry.conf [DEFAULT] [database] # 配置数据库访问 connection = mysql+pymysql://glance:000000@controller/glance [keystone_authtoken] # 配置身份服务访问 auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = glance password = 000000 [matchmaker_redis] [oslo_messaging_amqp] [oslo_messaging_kafka] [oslo_messaging_notifications] [oslo_messaging_rabbit] [oslo_messaging_zmq] [oslo_policy] [paste_deploy] # 配置身份服务访问 flavor = keystone [profiler] [root@controller ~]# su -s /bin/sh -c "glance-manage db_sync" glance /usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:1328: OsloDBDeprecationWarning: EngineFacade is deprecated; please use oslo_db.sqlalchemy.enginefacade expire_on_commit=expire_on_commit, _conf=conf) INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. INFO [alembic.runtime.migration] Running upgrade -> liberty, liberty initial INFO [alembic.runtime.migration] Running upgrade liberty -> mitaka01, add index on created_at and updated_at columns of 'images' table INFO [alembic.runtime.migration] Running upgrade mitaka01 -> mitaka02, update metadef os_nova_server INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata01, add visibility to and remove is_public from images INFO [alembic.runtime.migration] Running upgrade ocata01 -> pike01, drop glare artifacts tables INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. Upgraded database to: pike01, current revision(s): pike01 {/collapse-item} {/collapse} 完成安装 启动镜像服务并设置开机自启 systemctl enable openstack-glance-api.service \ openstack-glance-registry.service systemctl start openstack-glance-api.service \ openstack-glance-registry.service {collapse} {collapse-item label="查看执行过程"} 完成安装 [root@controller ~]# systemctl enable openstack-glance-api.service \ > openstack-glance-registry.service Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-api.service to /usr/lib/systemd/system/openstack-glance-api.service. Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-registry.service to /usr/lib/systemd/system/openstack-glance-registry.service. [root@controller ~]# systemctl start openstack-glance-api.service \ > openstack-glance-registry.service {/collapse-item} {/collapse} 验证 1、获取 admin 凭证 . admin-openrc 2、下载 测试镜像 wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img 3、上传 测试镜像 openstack image create "cirros" \ --file cirros-0.3.5-x86_64-disk.img \ --disk-format qcow2 --container-format bare \ --public 4、查询 镜像列表 openstack image list {collapse} {collapse-item label="查看执行过程"} 验证 [root@controller ~]# . admin-openrc [root@controller ~]# rz rz waiting to receive. zmodem trl+C ȡ 正在传输 cirros-0.4.0-x86_64-disk.img... 100% 12418 KB 2483 KB/ 00:00:05 0 [root@controller ~]# openstack image create "cirros" \ > --file cirros-0.4.0-x86_64-disk.img \ > --disk-format qcow2 --container-format bare \ > --public +------------------+------------------------------------------------------+ | Field | Value | +------------------+------------------------------------------------------+ | checksum | 443b7623e27ecf03dc9e01ee93f67afe | | container_format | bare | | created_at | 2022-07-13T04:49:09Z | | disk_format | qcow2 | | file | /v2/images/db8bad86-e1cb-47b4-8a8e-93f045d5e000/file | | id | db8bad86-e1cb-47b4-8a8e-93f045d5e000 | | min_disk | 0 | | min_ram | 0 | | name | cirros | | owner | cecafb35ed3649819247ea27a77871aa | | protected | False | | schema | /v2/schemas/image | | size | 12716032 | | status | active | | tags | | | updated_at | 2022-07-13T04:49:09Z | | virtual_size | None | | visibility | public | +------------------+------------------------------------------------------+ [root@controller ~]# openstack image list +--------------------------------------+--------+--------+ | ID | Name | Status | +--------------------------------------+--------+--------+ | db8bad86-e1cb-47b4-8a8e-93f045d5e000 | cirros | active | +--------------------------------------+--------+--------+ {/collapse-item} {/collapse}
2022年07月13日
184 阅读
0 评论
0 点赞
2022-07-13
OpenStack-Pike 搭建之Keystone(二)
Keystone 概述 The OpenStack Identity service provides a single point of integration for managing authentication, authorization, and a catalog of services. The Identity service is typically the first service a user interacts with. Once authenticated, an end user can use their identity to access other OpenStack services. Likewise, other OpenStack services leverage the Identity service to ensure users are who they say they are and discover where other services are within the deployment. The Identity service can also integrate with some external user management systems (such as LDAP). Users and services can locate other services by using the service catalog, which is managed by the Identity service. As the name implies, a service catalog is a collection of available services in an OpenStack deployment. Each service can have one or many endpoints and each endpoint can be one of three types: admin, internal, or public. In a production environment, different endpoint types might reside on separate networks exposed to different types of users for security reasons. For instance, the public API network might be visible from the Internet so customers can manage their clouds. The admin API network might be restricted to operators within the organization that manages cloud infrastructure. The internal API network might be restricted to the hosts that contain OpenStack services. Also, OpenStack supports multiple regions for scalability. For simplicity, this guide uses the management network for all endpoint types and the default RegionOne region. Together, regions, services, and endpoints created within the Identity service comprise the service catalog for a deployment. Each OpenStack service in your deployment needs a service entry with corresponding endpoints stored in the Identity service. This can all be done after the Identity service has been installed and configured. The Identity service contains these components: Server A centralized server provides authentication and authorization services using a RESTful interface. Drivers Drivers or a service back end are integrated to the centralized server. They are used for accessing identity information in repositories external to OpenStack, and may already exist in the infrastructure where OpenStack is deployed (for example, SQL databases or LDAP servers). Modules Middleware modules run in the address space of the OpenStack component that is using the Identity service. These modules intercept service requests, extract user credentials, and send them to the centralized server for authorization. The integration between the middleware modules and OpenStack components uses the Python Web Server Gateway Interface. 安装和配置 创建 数据库 1、使用root身份连接数据库 [root@controller ~]# mysql -u root -p000000 2、创建keystone数据库 MariaDB [(none)]> CREATE DATABASE keystone; Query OK, 1 row affected (0.00 sec) 3、授予 keystone用户 对 keystone数据库 所有权限 MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \ IDENTIFIED BY '000000'; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \ IDENTIFIED BY '000000'; Query OK, 0 rows affected (0.00 sec) > Tip: > 删除数据库用户 MariaDB [(none)]> drop user keystonee@'%'; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> drop user keystone@'localhost'; Query OK, 0 rows affected (0.00 sec) 安装 和 配置组件 1、安装软件包 [root@controller ~]# yum install -y openstack-keystone httpd mod_wsgi 2、配置 keystone.conf > Tips: > 去除空行,注释并备份原文件 [root@localhost ~]# sed -i.bak '/^$/d;/^#/d' xxx.conf [root@controller ~]# sed -i.bak '/^$/d;/^#/d' /etc/keystone/keystone.conf [root@controller ~]# vim /etc/keystone/keystone.conf [database] # 配置数据库访问 connection = mysql+pymysql://keystone:000000@controller/keystone [token] # 配置 Fernet 令牌提供程序 provider = fernet 3、同步 keystone 数据库 root@controller ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone 4、初始化 Fernet 密钥存储库 [root@controller ~]# keystone-manage fernet_setup \ --keystone-user keystone --keystone-group keystone [root@controller ~]# keystone-manage credential_setup \ --keystone-user keystone --keystone-group keystone 5、引导认证服务 [root@controller ~]# keystone-manage bootstrap --bootstrap-password 000000 \ --bootstrap-admin-url http://controller:35357/v3/ \ --bootstrap-internal-url http://controller:5000/v3/ \ --bootstrap-public-url http://controller:5000/v3/ \ --bootstrap-region-id RegionOne 配置 Apache Http 服务器 1、编辑 httpd.conf,配置 ServerName 选项 [root@controller ~]# vim /etc/httpd/conf/httpd.conf ServerName controller 2、创建 wsgi-keystone.conf 链接 [root@controller ~]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/ 完成安装 1、启动 http 服务,并设置开机自启 [root@controller ~]# systemctl enable httpd.service [root@controller ~]# systemctl start httpd.service 2、配置管理账户 export OS_USERNAME=admin export OS_PASSWORD=000000 export OS_PROJECT_NAME=admin export OS_USER_DOMAIN_NAME=Default export OS_PROJECT_DOMAIN_NAME=Default export OS_AUTH_URL=http://controller:35357/v3 export OS_IDENTITY_API_VERSION=3 创建 域、项目、用户、角色 1、创建 service 项目 [root@controller ~]# openstack project create --domain default \ --description "Service Project" service +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Service Project | | domain_id | default | | enabled | True | | id | 4dd5063ebfc344a0a12734082438fbe0 | | is_domain | False | | name | service | | parent_id | default | +-------------+----------------------------------+ 2、创建 普通项目和用户(例如 demo) 创建 demo 项目 [root@controller ~]# openstack project create --domain default \ --description "Demo Project" demo +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Demo Project | | domain_id | default | | enabled | True | | id | 4f74b708452249e583684682e8254872 | | is_domain | False | | name | demo | | parent_id | default | +-------------+----------------------------------+ 创建 demo 用户 [root@controller ~]# openstack user create --domain default --password 000000 demo +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | domain_id | default | | enabled | True | | id | 9da7d8fa3eaf414bad4e2bcbabb60494 | | name | demo | | options | {} | | password_expires_at | None | +---------------------+----------------------------------+ 创建 user 角色 [root@controller ~]# openstack role create user +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | None | | id | 1d30cc80e2eb450193340e8fff44b094 | | name | user | +-----------+----------------------------------+ 设置 demo 项目 中的 demo用户 角色为 user [root@controller ~]# openstack role add --project demo --user demo user 验证 1、取消 临时变量 OS_AUTH_URL OS_PASSWORD unset OS_AUTH_URL OS_PASSWORD 2、测试 admin用户获取 token [root@controller ~]# openstack --os-auth-url http://controller:35357/v3 \ --os-project-domain-name Default --os-user-domain-name Default \ --os-project-name admin --os-username admin token issue Password: +------------+---------------------------------------------------------------+ | Field | Value | +------------+---------------------------------------------------------------+ | expires | 2022-07-13T04:15:29+0000 | | id | gAAAAABizjjRJyEcHq4dPJMFZMjTCOaVFwOX4sumi1ZsKVgvWfxIPtyaRenrX | | LPKPW1L4nLjeAff1kN2Oa9eTgleTj8TOeoSln9hUUZByEqSlNJFaZC_DUgT5gW| | AjlXHbUH_6r9IiGRcJBGJTAEU5sEmrW2M_sBAnIXQZ5Tn2n_MY_KWO68lpi8 | | project_id | cecafb35ed3649819247ea27a77871aa | | user_id | 6ba1420ce7764421afa3da461b2f47a1 | +------------+---------------------------------------------------------------+ 3、测试 demo用户获取 token [root@controller ~]# openstack --os-auth-url http://controller:5000/v3 \ --os-project-domain-name Default --os-user-domain-name Default \ --os-project-name demo --os-username demo token issue Password: +------------+---------------------------------------------------------------+ | Field | Value | +------------+---------------------------------------------------------------| | expires | 2022-07-13T04:21:47+0000 | | id | gAAAAABizjpLC8BxxoXOGYJah3VU8xMD8aYQm86RjhAOyKI3zAzuc6wMR3v8Hj| | Atk1n3RIGuNmFWEZSPKQH-zYGAS4ZEzQzvUTAQxeNm4eOG3bLF2iqXc7F1cYIL| | q6gVKkfGK2avDi7APIoxCFy2F_XtxNlqWMNrxfOyGXpB81rKDBjpEsLMMI | | project_id | 4f74b708452249e583684682e8254872 | | user_id | 9da7d8fa3eaf414bad4e2bcbabb60494 | +------------+---------------------------------------------------------------+ 创建 OpenStack客户端变量 脚本 创建 脚本 1、创建 admin-openrc [root@controller ~]# cat admin-openrc export OS_PROJECT_DOMAIN_NAME=Default export OS_USER_DOMAIN_NAME=Default export OS_PROJECT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD=000000 export OS_AUTH_URL=http://controller:35357/v3 export OS_IDENTITY_API_VERSION=3 export OS_IMAGE_API_VERSION=2 2、创建 demo-openrc [root@controller ~]# cat demo-openrc export OS_PROJECT_DOMAIN_NAME=Default export OS_USER_DOMAIN_NAME=Default export OS_PROJECT_NAME=demo export OS_USERNAME=demo export OS_PASSWORD=000000 export OS_AUTH_URL=http://controller:5000/v3 export OS_IDENTITY_API_VERSION=3 export OS_IMAGE_API_VERSION=2 使用 脚本 1、加载 变量 [root@controller ~]# . admin-openrc or [root@controller ~]# source admin-openrc 2、获取 token [root@controller ~]# openstack token issue +------------+---------------------------------------------------------------+ | Field | Value | +------------+---------------------------------------------------------------+ | expires | 2022-07-13T04:28:33+0000 | | id | gAAAAABizjjRJyEcHq4dPJMFZMjTCOaVFwOX4sumi1ZsKVgvWfxIPtyaRenrX | | LPKPW1L4nLjeAff1kN2Oa9eTgleTj8TOeoSln9hUUZByEqSlNJFaZC_DUgT5gW| | AjlXHbUH_6r9IiGRcJBGJTAEU5sEmrW2M_sBAnIXQZ5Tn2n_MY_KWO68lpi8 | | project_id | cecafb35ed3649819247ea27a77871aa | | user_id | 6ba1420ce7764421afa3da461b2f47a1 | +------------+---------------------------------------------------------------+ 3、取消变量 # 退出 bash [root@controller ~]# exit
2022年07月13日
182 阅读
0 评论
0 点赞
2022-07-12
OpenStack-Pike 搭建之基础环境(一)
规定密码 所有密码设置为: `000000` Passwords 密码名称 描述 密码 数据库密码(未使用变量) 数据库 root密码 000000 ADMIN_PASS admin 用户密码 000000 CINDER_DBPASS 块存储服务 数据库密码 000000 CINDER_PASS 块存储服务用户密码 000000 DASH_DBPASS 仪表板 数据库密码 000000 DEMO_PASS demo 用户密码 000000 GLANCE_DBPASS 镜像服务 数据库密码 000000 GLANCE_PASS 镜像服务 用户密码 000000 KEYSTONE_DBPASS 认证服务 数据库密码 000000 METADATA_SECRE 元数据代理 密码 000000 NEUTRON_DBPASS 网络服务 数据库密码 000000 NEUTRON_PASS 网络服务 用户密码 000000 NOVA_DBPASS 计算服务 数据库密码 000000 NOVA_PASS 计算服务 用户密码 000000 PLACEMENT_PASS 安置服务用户 密码 000000 RABBIT_PASS RabbitMQ 用户密码 000000 参考:https://docs.openstack.org/install-guide/environment-security.html 网络配置 控制节点 网络接口 [root@controller ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0 TYPE="Ethernet" BOOTPROTO="none" NAME="eth0" DEVICE="eth0" ONBOOT="yes" IPADDR="178.120.2.10" PREFIX="24" GATEWAY="178.120.2.1" DNS1="8.8.8.8" ## provider interface: DEVICE=INTERFACE_NAME TYPE=Ethernet ONBOOT="yes" BOOTPROTO="none" 名称解析 [root@controller ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 178.120.2.10 controller 178.120.2.20 compute 免密登录 [root@controller ~]# ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/root/.ssh/id_dsa): Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_dsa. Your public key has been saved in /root/.ssh/id_dsa.pub. The key fingerprint is: SHA256:cgfolkfd6Oum3nYdVI+HO8llHk1hKR0YaOITw2gTQAE root@controller The key's randomart image is: +---[DSA 1024]----+ | Eo+o.+ ..+++| | = * = o.oo| | o = B . .=o| | . o = +.*| | = S + o B.| | . + . . * .| | . . o | | oo . . | | .o+o. | +----[SHA256]-----+ [root@controller ~]# ssh-copy-id compute /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_dsa.pub" The authenticity of host 'compute (178.120.2.20)' can't be established. ECDSA key fingerprint is SHA256:R/Thnqei+6YxNhVzNn26mnzVaBME9Pq1takAI7dH/Sg. ECDSA key fingerprint is MD5:c3:f7:bb:e1:07:f9:83:d5:2e:d2:ae:c6:da:a3:2e:f7. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@compute's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'compute'" and check to make sure that only the key(s) you wanted were added. 计算节点 网络接口 [root@compute ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0 TYPE="Ethernet" BOOTPROTO="none" NAME="eth0" UUID="e7df2db2-cdb1-47e0-9d3b-05b50fe87c19" DEVICE="eth0" ONBOOT="yes" IPADDR="178.120.2.20" PREFIX="24" GATEWAY="178.120.2.1" DNS1="8.8.8.8" ## provider interface: DEVICE=INTERFACE_NAME TYPE=Ethernet ONBOOT="yes" BOOTPROTO="none" 名称解析 [root@compute ~]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 178.120.2.10 controller 178.120.2.20 compute 免密登录 [root@compute ~]# ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/root/.ssh/id_dsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_dsa. Your public key has been saved in /root/.ssh/id_dsa.pub. The key fingerprint is: SHA256:juNTp0HHsnRvNPt+xflNUQ9HqJc0CZMcTI49yexZWX4 root@compute The key's randomart image is: +---[DSA 1024]----+ | +=+ +o| | *+o*+o| | .. Boo=E| | + +.++o.o| | oS= oo+ .o| | o+ . + .+| | o..+ . . .+| | .... . +| | .. ... | +----[SHA256]-----+ [root@compute ~]# ssh-copy-id controller /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_dsa.pub" The authenticity of host 'controller (178.120.2.10)' can't be established. ECDSA key fingerprint is SHA256:ZjMIFXctwUyBC2Psc5ZxN4wVTAASjzf8re8aq8v11S4. ECDSA key fingerprint is MD5:2a:f3:cd:5a:ec:2b:ca:20:99:c7:0b:6d:db:b0:1b:92. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys root@controller's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'controller'" and check to make sure that only the key(s) you wanted were added.路由转发 vim /etc/sysctl.conf net.bridge.bridge-nf-call-iptables = 1 net.ipv6.conf.all.disable_ipv6 = 1 Yum源配置 所有节点 # sed -e 's|^mirrorlist=|#mirrorlist=|g' \ -e 's|^#baseurl=http://mirror.centos.org|baseurl=https://mirrors.tuna.tsinghua.edu.cn|g' \ -i.bak \ /etc/yum.repos.d/CentOS-*.repo # cat CentOS-OpenStack-Pike.repo [OpenStack-Pike-tuna] name=OpenStack-Pike-tuna baseurl=https://mirrors.tuna.tsinghua.edu.cn/centos-vault/7.5.1804/cloud/x86_64/openstack-pike/ gpgcheck=0 enabled=1 # yum makecache 最新yum源不支持pike版,需手动设置cloud 收集 RPM 包(可选) [root@controller ~]# vim /etc/yum.conf [main] # 缓存目录 cachedir=/data/rpm # 开启缓存收集 keepcache=1 关闭 防火墙 & Selinux 所有节点 # systemctl stop firewalld && systemctl disable firewalld # setenforce 0 # sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config # yum remove -y NetworkManager firewalld # yum -y install iptables-services # iptables -F # iptables -X # iptables -Z # iptables-save 时间同步(Chrony) 控制节点 [root@controller ~]# yum install -y chrony [root@controller ~]# timedatectl set-timezone Asia/Shanghai [root@controller ~]# grep -Ev "#|^$" /etc/chrony.conf server ntp.aliyun.com iburst driftfile /var/lib/chrony/drift makestep 1.0 3 rtcsync allow 178.120.2.0/24 logdir /var/log/chrony systemctl enable chronyd.service && systemctl start chronyd.service 计算节点 [root@compute ~]# yum install -y chrony [root@compute ~]# timedatectl set-timezone Asia/Shanghai [root@compute ~]# grep -Ev "#|^$" /etc/chrony.conf server controller iburst driftfile /var/lib/chrony/drift makestep 1.0 3 rtcsync logdir /var/log/chrony [root@compute ~]# systemctl enable chronyd.service && systemctl start chronyd.service 验证 # 控制节点 [root@controller ~]# chronyc sources 210 Number of sources = 4 MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^* 139.199.215.251 2 6 367 43 +392us[+1161us] +/- 48ms ^? ntp6.flashdance.cx 2 7 40 368 -5153us[-4963us] +/- 178ms ^- time.cloudflare.com 3 6 355 43 +50ms[ +50ms] +/- 176ms ^- stratum2-1.ntp.mow01.ru.> 2 6 367 42 +31ms[ +31ms] +/- 89ms [root@controller ~]# date Tue Jul 12 17:26:01 CST 2022 # 其他节点 [root@compute ~]# chronyc sources 210 Number of sources = 1 MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^? controller 0 7 0 - +0ns[ +0ns] +/- 0ns [root@compute ~]# date Tue Jul 12 17:26:56 CST 2022 OpenStack 客户端 [root@controller ~]# yum install -y python-openstackclient openstack-selinux 数据库(Mariadb) 安装 MySQL数据库服务、python连接MySQL数据库工具 [root@controller ~]# yum install -y mariadb mariadb-server python2-PyMySQL 配置 mysql [root@controller ~]# vim /etc/my.cnf.d/openstack.cnf [mysqld] bind-address = 178.120.2.10 default-storage-engine = innodb innodb_file_per_table = on max_connections = 4096 collation-server = utf8_general_ci character-set-server = utf8 启动服务 [root@controller ~]# systemctl enable mariadb.service [root@controller ~]# systemctl start mariadb.service 初始化数据库 [root@controller ~]# mysql_secure_installation 消息队列(Rabbitmq) 安装 Rabiitmq 服务 [root@controller ~]# yum install -y rabbitmq-server 启动 Rabiitmq 服务 [root@controller ~]# systemctl enable rabbitmq-server.service [root@controller ~]# systemctl start rabbitmq-server.service 添加 openstack 用户 [root@controller ~]# rabbitmqctl add_user openstack 000000 配置 openstack 用户权限 [root@controller ~]# rabbitmqctl set_permissions openstack ".*" ".*" ".*" 开启 图形化插件(可选) [root@controller ~]# rabbitmq-plugins enable rabbitmq_management [root@controller ~]# rabbitmq-plugins enable rabbitmq_management_agent 访问 IP:15672 缓存服务(Memcached) 安装 Memcached 服务 [root@controller ~]# yum install -y memcached python-memcached 修改 Memcached 配置 [root@controller ~]# vim /etc/sysconfig/memcached # 允许其他节点通过管理网络访问 PORT="11211" USER="memcached" MAXCONN="1024" CACHESIZE="64" OPTIONS="-l controller" 启动 Memcached 服务 [root@controller ~]# systemctl enable memcached.service [root@controller ~]# systemctl start memcached.service
2022年07月12日
241 阅读
0 评论
0 点赞
2022-03-28
Hyper-V的简单使用
Hyper-V 前几天在 Windows 跑了 docker ,晚上有事要运行一个虚拟机。结果,虚拟机跑不起来了,泪奔。报错如下,盲猜Docker 和 VMware 的环境起冲突了。去百度了一波,把 Hyper-V 关了,重启一下 ,VMware Workstation可以运行了,Docker 就GG了。用命令开关Hyper-V,也可以接收,但重启就接受不了了。 VMware Workstation 与 Device/Credential Guard 不兼容。 在禁用 Device/Credential Guard 后,可以运行 VMware Workstati 几经百度,终于找到解决方法,使用VMware Workstation 15.5.5以后版本。在 VMware Workstation 15.5.5 Pro 发行说明,支持 Windows 10 主机 VBS。解决了开启 Hyper-V 不能运行的问题,但 VMware 开启不了虚拟化,希望在后面版本可以支持。嵌套虚拟化解决方案,使用Hyper-V创建虚拟机。 VMware Workstation 15.5.5 Pro 发行说明 新增功能 VMware Workstation 15.5.5 Pro 发行说明 已知问题 开启 Hyper-V 在 "控制面板" 的 "程序" 中 选择 "关闭 和 开启 Windows 功能" 勾选 Hyper-V。 如果你是家庭版没有找到 Hyper-V 选项,复制下面文本,新建 bat脚本并运行。 pushd "%~dp0" dir /b %SystemRoot%\servicing\Packages\*Hyper-V*.mum >hyper-v.txt for /f %%i in ('findstr /i . hyper-v.txt 2^>nul') do dism /online /norestart /add-package:"%SystemRoot%\servicing\Packages\%%i" del hyper-v.txt Dism /online /enable-feature /featurename:Microsoft-Hyper-V-All /LimitAccess /ALL 使用 Hyper-V 管理中心 在 "windows工具" 中 点击 Hyper-V管理中心 具体使用和 VMware Workstation 差不多,CPU 代数选一代,测试 CentOS用二代的运行不起来。 虚拟交换机对应 VMware Workstation 中的虚拟网络编辑器,外部、内部、专用网络分别对应桥接、NAT、仅主机。 虚拟交换机 的配置没 VMware Workstation 智能,其中 NAT 部分需要手动调节,默认使用 192.168.131.0/24 网段。 更改网段需要修改注册表,可以使用下面脚本快速修改,还需要把可以使用的物理网络连接共享到该网络。 @echo off set /p q=Pleasl input ShareIP [192.168.173.1]: reg add "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters" -v ScopeAddress -d %q% -f reg add "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters" -v ScopeAddressBackup -d %q% -f timeout /t 10 /nobreak 其中,检查点对应的快照。还可以设置开机自启,这个是 VMware Workstation 中没有的功能 参考文章 启用 Hyper-V NAT 网络配置 修改注册表
2022年03月28日
279 阅读
0 评论
0 点赞
1
2
3
4