文章目錄
前言:
OpenStack-Rocky多節點一鍵安裝部署
首先給大家演示如何自動化快速搭建一套openstack雲平臺,然後開始對openstack每一個組件進行詳細的講解,
後面開始講解一個完整的雲主機創建流程包括網絡配置、鏡像上傳、實例類型創建、安全組創建、
雲主機動態調整、雲主機動態遷移。
| 實驗 | 生產環境 |
|---|---|
| 控制節點1個 | 控制節點2個以上 |
| 計算節點2個 | 計算節點大於1個 |
| 網絡節點0個 | 網絡節點大於1個 |
多節點openstack的關機順序:計算-網絡-控制
多節點openstack的關機順序:控制-網絡-計算
安裝時要注意的點:
1.採用無線網可能會丟包
2.晚上過12點做這個實驗的時候,運營商會優化網絡,把網絡關掉,可能會影響我們的網絡,影響安裝
一:實驗環境:
1.控制節點 (ct)
CPU:雙核雙線程-CPU虛擬化開啓
內存:6G 硬盤:300G+1024G(充當CEPH塊存儲)
網卡:vm1-192.168.254.10 nat-192.168.247.200
操作系統:Centos 7.5 (1804)-最小化安裝
2.計算節點1 (comp1)
CPU:雙核雙線程-CPU虛擬化開啓
內存:8G 硬盤:300G+1024G(充當CEPH塊存儲)
網卡:vm1-192.168.254.11
操作系統:Centos 7.5 (1804)-最小化安裝
3.計算節點2 (comp2)
CPU:雙核雙線程-CPU虛擬化開啓
內存:8G 硬盤:300G+1024G(充當CEPH塊存儲)
網卡:vm1-192.168.254.12
操作系統:Centos 7.5 (1804)-最小化安裝
4.YUM本地源 (openstack+centos7)
(爲了節省資源,yum源設置在各個節點的本地,不再單獨配置一臺服務器)
CPU:雙核雙線程-CPU虛擬化開啓
內存:4G 硬盤:300G
網卡:vm1-192.168.25415 nat-192.168.247.201
操作系統:Centos 7.5 (1804)-最小化安裝
- 上述配置描述
【控制節點】
最小內存6G,低於6G否則會出問題
1024G(充當ceph塊存儲)
【計算節點、網絡】
最小內存6G,低於6G否則會出問題
1024G(充當ceph塊存儲)
有2個網卡:1.VM1(內部網卡) 2.NAT(可以上網)
會做熱遷移演示
二:實驗思路:
1.系統安裝
2.系統環境配置
配置IP地址、主機名、hosts
配置本地yum倉庫
關閉防火牆
關閉核心防護
關閉網絡管理
配置免交互
配置時間同步
- 環境配置完畢後要記得快照
3.部署openstack
部署openstack安裝工具
配置應答文件
一鍵部署
登陸後臺測試
- openstack部署完畢記得快照
三:實驗操作:
3.1 系統安裝
3.1.1 ct控制節點,最小化安裝
上移到install centos 7,然後按tab鍵,在quiet後面空格,輸入net,ifname=0 biosdevname=0
代表把ens 變成eth模式
備註:每個節點安裝系統前都要這麼操作
3.1.2 comp計算節點
3.2 系統環境配置
3.2.1 網卡IP地址配置,修改主機名
ct網卡配置
[root@localhost ~]# hostnamectl set-hostname ct
[root@localhost ~]# su
[root@ct ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:ae:bd:a7 brd ff:ff:ff:ff:ff:ff
inet 192.168.254.10/24 brd 192.168.254.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:feae:bda7/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:ae:bd:b1 brd ff:ff:ff:ff:ff:ff
inet 192.168.247.200 brd 192.168.247.255 scope global noprefixroute eth1
valid_lft forever preferred_lft forever
inet6 fe80::1d4a:f010:a85e:2bcf/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@ct ~]#
[root@ct ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=eth0
UUID=3522bf09-0bdb-4258-9e1e-a6041186a28b
DEVICE=eth0
ONBOOT=yes
IPADDR=192.168.254.10
NETMASK=255.255.255.0
#vm1的網關先不配置,等openstack部署完畢在把網關開啓
[root@ct ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth1
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=eth1
UUID=f1233b1c-bfa8-468e-9378-52b188ac9fa8
DEVICE=eth1
ONBOOT=yes
IPADDR=192.168.247.200
NETMASK=255.255.255.0
GATEWAY=192.168.247.2
DNS1=8.8.8.8
DNS2=114.114.114.114
comp1網卡配置
[root@localhost ~]# hostnamectl set-hostname comp1
[root@localhost ~]# su
[root@comp1 ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:5c:58:b8 brd ff:ff:ff:ff:ff:ff
inet 192.168.254.11/24 brd 192.168.254.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::618b:3730:4569:2bc5/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@comp1 ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=eth0
UUID=ed1250c0-0890-487d-8610-bcd4dd7b53ee
DEVICE=eth0
ONBOOT=yes
IPADDR=192.168.254.11
NETMASK=255.255.255.0
comp2網卡配置
[root@localhost ~]# hostnamectl set-hostname comp2
[root@localhost ~]# su
[root@comp2 ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:de:8a:a0 brd ff:ff:ff:ff:ff:ff
inet 192.168.254.12/24 brd 192.168.254.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::c840:57b5:193b:3010/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@comp2 ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=eth0
UUID=c30ca6d8-4c59-4bf5-b97f-65b5dbd4347c
DEVICE=eth0
ONBOOT=yes
IPADDR=192.168.254.12
NETMASK=255.255.255.0
網卡配置好,三臺主機互ping驗證,控制節點ping外網,比如www.baidu.com和8.8.8.8
3.2.2 修改/etc/hosts文件
[root@ct packages]# vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.254.10 ct
192.168.254.11 comp1
192.168.254.12 comp2
[root@ct packages]# scp /etc/hosts [email protected]:/etc
[email protected]'s password:
hosts 100% 218 70.1KB/s 00:00
[root@ct packages]# scp /etc/hosts [email protected]:/etc
[email protected]'s password:
hosts 100% 218 81.9KB/s 00:00
3.2.3 本地yum源部署
將openstack包放到/opt下,然後部署本地yum倉庫,三個節點都做
[root@ct ~]# cd /opt
[root@ct opt]# ls
openstack_rocky.tar.gz
[root@ct opt]# tar zxvf openstack_rocky.tar.gz -C /opt
[root@ct opt]# cd /etc/yum.repos.d/
[root@ct yum.repos.d]# ls
CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Vault.repo
CentOS-CR.repo CentOS-fasttrack.repo CentOS-Sources.repo
[root@ct yum.repos.d]# mkdir bak
[root@ct yum.repos.d]# mv C* bak/
[root@ct yum.repos.d]# vi openstack-rocky.repo
[openstack]
name=rocky
baseurl=file:///opt/openstack_rocky
enabled=1
gpgcheck=0
[root@ct yum.repos.d]# yum clean all
[root@ct yum.repos.d]# yum makecache
3.2.4 關閉防火牆,核心防護,網絡管理
三個節點都關
[root@ct packages]# systemctl stop firewalld
[root@ct packages]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@ct packages]# setenforce 0
[root@ct packages]# vi /etc/selinux/config
7 SELINUX=disabled
[root@ct packages]# systemctl stop NetworkManager
[root@ct packages]# systemctl disable NetworkManager
Removed symlink /etc/systemd/system/multi-user.target.wants/NetworkManager.service.
Removed symlink /etc/systemd/system/dbus-org.freedesktop.NetworkManager.service.
Removed symlink /etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service.
3.2.5 ntp時間同步(三個都裝)
[root@ct packages]# vi /etc/yum.conf
cachedir=/var/cache/yum/$basearch/$releasever //此處爲緩存軟件包所在位置
keepcache=1 //改爲1,開啓緩存軟件包功能
[root@ct ~]# yum install -y ntpdate
控制節點去同步阿里雲時間
計算節點去同步控制節點
[root@ct packages]# ntpdate ntp.aliyun.com
26 Feb 23:43:58 ntpdate[76398]: adjust time server 203.107.6.88 offset -0.000285 sec
[root@ct packages]# ntpdate ntp.aliyun.com >> /var/log/ntpdate.log
[root@ct packages]# crontab -e
*/30 * * * * /usr/sbin/ntpdate ntp.aliyun.com >> /var/log/ntpdate.log
[root@ct packages]# systemctl restart crond
[root@ct packages]# systemctl enable crond
控制節點做ntpd服務端
[root@ct packages]# yum install ntp -y
[root@ct packages]# vi /etc/ntp.conf
8 restrict default nomodify
17 restrict 192.168.254.0 mask 255.255.255.0 nomodify notrap
21 server 0.centos.pool.ntp.org iburst //21-24刪除
22 server 1.centos.pool.ntp.org iburst
23 server 2.centos.pool.ntp.org iburst
24 server 3.centos.pool.ntp.org iburst
//刪除的位置插入下面內容
fudeg 127.127.1.0 stratum 10
server 127.127.1.0
[root@ct packages]# systemctl disable chronyd.service //關閉系統時鐘服務
Removed symlink /etc/systemd/system/multi-user.target.wants/chronyd.service.
[root@ct yum]# systemctl stop chronyd.service
[root@ct packages]# systemctl restart ntpd
[root@ct packages]# systemctl enable ntpd
Created symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.
comp1和comp2相同配置
[root@comp1 ~]# ntpdate ct
26 Feb 23:58:58 ntpdate[44196]: adjust time server 192.168.254.10 offset 0.010589 sec
[root@comp1 ~]# crontab -e
*/30 * * * * /usr/sbin/ntpdate ct >> /var/log/ntpdate.log
[root@comp1 ~]# systemctl restart crond
[root@comp1 ~]# systemctl enable crond
[root@comp1 ~]# systemctl disable chronyd.service
Removed symlink /etc/systemd/system/multi-user.target.wants/chronyd.service.
[root@comp2 yum.repos.d]# systemctl enable ntpdate
Created symlink from /etc/systemd/system/multi-user.target.wants/ntpdate.service to /usr/lib/systemd/system/ntpdate.service.
3.2.6 免交互
三個節點都配置
[root@ct packages]# ssh-keygen -t rsa
[root@ct packages]# ssh-copy-id ct
[root@ct packages]# ssh-copy-id comp1
[root@ct packages]# ssh-copy-id comp2
- 環境配置完畢後要記得快照
3.3 部署openstack
接下來就可以在控制節點安裝openstack-packstack包,進行部署
3.3.1修改應答文件
[root@ct ~]# cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core)
[root@ct ~]# yum -y install openstack-packstack //安裝openstack-packstack包
[root@ct ~]# packstack --gen-answer-file=openstack.txt //獲得應答文件,去修改安裝的參數
[root@ct ~]# ls
anaconda-ks.cfg openstack.txt
[root@ct ~]# vi openstack.txt
19 CONFIG_MARIADB_INSTALL=y //mariadb數據庫默認安裝,是
22 CONFIG_GLANCE_INSTALL=y //glance鏡像組件,開啓
25 CONFIG_CINDER_INSTALL=y //cinder塊存儲,開啓
29 CONFIG_MANILA_INSTALL=n //manila組件是openstack的擴展系統,默認是N,不需要更改
32 CONFIG_NOVA_INSTALL=y //nova計算組件,開啓
35 CONFIG_NEUTRON_INSTALL=y //neutron網絡組件,開啓
38 CONFIG_HORIZON_INSTALL=y //horizon控制檯組件,開啓
41 CONFIG_SWIFT_INSTALL=n //swift對象存儲,默認是Y,但是在生產環境中一般不裝,選n
46 CONFIG_CEILOMETER_INSTALL=y //ceilometer計費服務,開啓
50 CONFIG_AODH_INSTALL=n //aodh組件,改爲n
53 CONFIG_PANKO_INSTALL=n //panko組件,n
60 CONFIG_HEAT_INSTALL=n //heat編排工具組件,默認是n,不該=改
94 CONFIG_CONTROLLER_HOST=192.168.254.10 //指定控制節點IP地址
97 CONFIG_COMPUTE_HOST=192.168.254.11,192.168.254.12 //指定計算節點
101 CONFIG_NETWORK_HOSTS=192.168.254.10 //指定網絡節點
557 CONFIG_CINDER_VOLUMES_SIZE=5G //系統在創建cinder組件時會創建一個20G卷,虛擬機空間有限,放小一點
778 CONFIG_NEUTRON_METADATA_PW=123123 //修改網絡metadata的密碼
782 CONFIG_LBAAS_INSTALL=y //lbaas負載均衡組件,必須要裝
790 CONFIG_NEUTRON_FWAAS=y //網絡防火牆組件,必須要裝
794 CONFIG_NEUTRON_VPNAAS=y //網絡VPN組件,必須要裝
817 CONFIG_NEUTRON_ML2_FLAT_NETWORKS=physnet1 //flat網絡這邊要設置物理網卡名字
862 CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=physnet1:br-ex //ovs_bridge_mappings這邊要設置物理網卡的名字
873 CONFIG_NEUTRON_OVS_BRIDGE_IFACES=br-ex:eth1 //ovs_bridge_ifaces這邊br-ex:eth1是網絡節點的nat網卡
1185 CONFIG_PROVISION_DEMO=n //關閉在線下載一個demo測試的鏡像,這裏把它關掉
配置完成之後,在控制節點配置一個gateway網關,192.168.254.1
[root@ct ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=eth1
UUID=f1233b1c-bfa8-468e-9378-52b188ac9fa8
DEVICE=eth1
ONBOOT=yes
IPADDR=192.168.254.10
NETMASK=255.255.255.0
GATEWAY=192.168.254.1
[root@ct ~]# systemctl restart network
完成上述配置之後,再統一將原本存在的(控制節點nat)IP地址改爲控制節點的IP
[root@control ~]# sed -i -r 's/(.+_PW)=.+/\1=Abc123/' openstack.txt
[root@control ~]# sed -i -r 's/20.0.0.10/192.168.254.10/g' openstack.txt
[root@control ~]# grep -vE "^#|^$" openstack.txt > openstackbak.txt
用下載工具把openstackbak.txt下載後實驗的時候做比對用
3.3.2 自動安裝部署
[root@ct ~]# packstack --answer-file=openstack.txt
出現錯誤
requires:libpcap.so.1()()64bit
排障思路:掛載鏡像源,增加基礎包源,三個節點都做
再次嘗試
[root@ct mnt]# mount /dev/sr0 /mnt
mount: /dev/sr0 is write-protected, mounting read-only
[root@ct ~]# cd /etc/yum.repos.d/
[root@ct yum.repos.d]# ls
bak openstack-rocky.repo
[root@ct yum.repos.d]# vi openstack-rocky.repo
[openstack]
name=rocky
baseurl=file:///opt/openstack_rocky
enabled=1
gpgcheck=0
[centos]
name=centos
baseurl=file:///mnt
enabled=1
gpgcheck=0
[root@ct yum.repos.d]# yum clean all
Loaded plugins: fastestmirror
Cleaning repos: centos openstack
Cleaning up everything
Maybe you want: rm -rf /var/cache/yum, to also free up space taken by orphaned data from disabled or removed repos
Cleaning up list of fastest mirrors
[root@ct yum.repos.d]#
[root@ct ~]# yum makecache
再次部署,目前還是成功的,上面的報錯沒有出現
可以將鏡像源寫入/etc/fstab實現自動掛載
[root@ct ~]# vi /etc/fstab
/dev/sr0 /mnt iso9660 defaults 0 0
動態查看日誌寫入
[root@ct ~]# tail -f /var/log/messages
安裝成功
**** Installation completed successfully ******
Additional information:
* Time synchronization installation was skipped. Please note that unsynchronized time on server instances might be problem for some OpenStack components.
* File /root/keystonerc_admin has been created on OpenStack client host 192.168.254.10. To use the command line tools you need to source the file.
* To access the OpenStack Dashboard browse to http://192.168.254.10/dashboard .
Please, find your login credentials stored in the keystonerc_admin in your home directory.
* The installation log file is available at: /var/tmp/packstack/20200227-113853-n_jN5h/openstack-setup.log
* The generated manifests are available at: /var/tmp/packstack/20200227-113853-n_jN5h/manifests
查看密碼
[root@ct ~]# ls
anaconda-ks.cfg keystonerc_admin openstack.txt
[root@ct ~]# vi keystonerc_admin
unset OS_SERVICE_TOKEN
export OS_USERNAME=admin //用戶
export OS_PASSWORD='8012c759dd1540c1' //密碼
export OS_AUTH_URL=http://192.168.254.10:5000/v3
export PS1='[\u@\h \W(keystone_admin)]\$ '
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_IDENTITY_API_VERSION=3
3.3.3 就像之前一鍵部署那樣,登錄dashboard
http://192.168.254.10/dashboard
頁面登錄測試成功
查看OpenStack是哪個版本如何查?
1、通過openstack --version命令後會得到一個版本信息
[root@control ~]# openstack --version
openstack 3.16.3
2、訪問官網版本發佈信息的網址:https://releases.openstack.org/