美文网首页
openstack n版多节点HA配置

openstack n版多节点HA配置

作者: epime | 来源:发表于2016-10-14 15:33 被阅读0次

    架构
    controller1:10.0.10.61
    controller1:10.0.10.62
    vip:10.0.10.63
    computer2:10.0.10.64
    computer2:10.0.10.65
    cinder:10.0.10.63
    mysql:10.0.10.63
    rabbitmq:10.0.10.63
    配置变量,下面配置时候用这些变量

    export con1=10.0.10.61
export con2=10.0.10.62
export vip=10.0.10.63
export com1=10.0.10.64
export com2=10.0.10.65
export myip=10.0.10.63
export rabip=10.0.10.63
export cin=10.0.10.63

    {any}:表示任意控制节点执行即可
    {all}:表示所有控制节点执行
    {one}:第一个控制节点执行
    {two}:第二个控制节点执行
    {mysql}:mysql节点执行

    前置条件

    关闭防火墙,时间同步,hosts配置,找一个国内的openstack yum源
    163源:
    http://mirrors.163.com/centos/7/cloud/x86_64/openstack-newton/

    iptables -F
setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
yum install -y ntp
ntpdate time.windows.com
systemctl start ntpd
systemctl enable ntpd

    {mysql} mysql 配置

    安装

    yum -y install mariadb mariadb-server python2-PyMySQL

    配置

    [mysqld]
bind-address = 10.0.10.63
default-storage-engine = innodb
innodb_file_per_table
max_connections = 10000
collation-server = utf8_general_ci
character-set-server = utf8

    启动

    systemctl enable mariadb.service
systemctl start mariadb.service
systemctl status mariadb.service

    初始化

    mysql_secure_installation

    {rab}rabbitmq

    安装

    yum install rabbitmq-server -y

    启动

    systemctl start rabbitmq-server
systemctl enable rabbitmq-server
systemctl status rabbitmq-server

    添加用户

    rabbitmqctl add_user openstack openstack
rabbitmqctl set_permissions openstack ".*" ".*" ".*"

    开启web管理插件

    /usr/lib/rabbitmq/bin/rabbitmq-plugins enable rabbitmq_management
systemctl restart rabbitmq-server

    访问web控制台

    http://10.0.10.63:15672
    密码:guest/guest

    memcached

    {all}安装并启动

    yum install memcached python-memcached -y
systemctl start memcached
systemctl enable memcached
systemctl status memcached

    安装客户端及配置工具

    yum -y install python-openstackclient openstack-selinux  openstack-utils  python2-PyMySQL

    keystone

    {mysql}mysql

    mysql -uroot -pmysql -e "CREATE DATABASE keystone;"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'keystone';"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%'  IDENTIFIED BY 'keystone';"

    {one} 安装

    yum install openstack-keystone httpd mod_wsgi -y

    {one}配置

    openstack-config --set /etc/keystone/keystone.conf database connection mysql+pymysql://keystone:keystone@${myip}/keystone
openstack-config --set /etc/keystone/keystone.conf token provider fernet

    {one}同步数据库

    su -s /bin/sh -c "keystone-manage db_sync" keystone

    {one}初始化 fernet key

    keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

    {one} bootstrap identity service

    keystone-manage bootstrap --bootstrap-password admin \
  --bootstrap-admin-url http://${vip}:35357/v3/ \
  --bootstrap-internal-url http://${vip}:35357/v3/ \
  --bootstrap-public-url http://${vip}:5000/v3/ \
  --bootstrap-region-id RegionOne

    {one} 配置http

    /etc/httpd/conf/httpd.conf
ServerName 10.0.10.61

/etc/httpd/conf.d/wsgi-keystone.conf
修改监听地址加上IP地址

ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/

    {one}启动http

    systemctl enable httpd.service
systemctl start httpd.service

    {two} 安装

    yum install openstack-keystone httpd mod_wsgi -y

    {two}配置

    openstack-config --set /etc/keystone/keystone.conf database connection mysql+pymysql://keystone:keystone@${myip}/keystone
openstack-config --set /etc/keystone/keystone.conf token provider fernet

    {two}初始化 fernet key

    copy 第一个节点/etc/keystone/下的fernet目录和credential目录

    {two} 配置http

    /etc/httpd/conf/httpd.conf
ServerName 10.0.10.62

/etc/httpd/conf.d/wsgi-keystone.conf
修改监听地址加上IP地址

ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/

    {two}启动http

    systemctl enable httpd.service
systemctl start httpd.service

    haproxy配置

    yum install haproxy

    listen status
    bind :1080
    mode http
    log global
    stats refresh 30s
    stats uri /admin?stats
    stats auth admin:admin

listen keystone_35357
    bind :35357
    balance source
    mode http
    server op61 10.0.10.61:35357 check inter 2000 rise 3 fall 2 weight 1
    server op62 10.0.10.62:35357 check inter 2000 rise 3 fall 2 weight 1

listen keystone_5000
    bind :5000
    balance source
    mode http
    server op61 10.0.10.61:5000 check inter 2000 rise 3 fall 2 weight 1
    server op62 10.0.10.62:5000 check inter 2000 rise 3 fall 2 weight 1

    {one} 创建endpoint

    export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://${vip}:35357/v3
export OS_IDENTITY_API_VERSION=3

openstack project create --domain default  --description "Service Project" service        
openstack project create --domain default  --description "Demo Project" demo   
openstack user create --domain default demo --password demo
openstack role create user                                           
openstack role add --project demo --user demo user

    {all} 验证

    unset OS_URL
unset OS_USERNAME
unset OS_PASSWORD
unset OS_PROJECT_NAME
unset OS_USER_DOMAIN_NAME
unset OS_PROJECT_DOMAIN_NAME
unset OS_AUTH_URL
openstack --os-auth-url http://${vip}:35357/v3 \
  --os-project-domain-name default --os-user-domain-name default \
  --os-project-name admin --os-username admin token issue
  
openstack --os-auth-url http://${vip}:5000/v3 \
  --os-project-domain-name default --os-user-domain-name default \
  --os-project-name demo --os-username demo token issue

    {all} 创建环境变量脚本

    vi admin-openrc.sh
export vip=10.0.10.63
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_AUTH_URL=http://${vip}:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

vi demo-openrc.sh
export vip=10.0.10.63
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=demo
export OS_AUTH_URL=http://${vip}:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

    glance

    {mysql} mysql

    mysql -uroot -pmysql -e "CREATE DATABASE glance;"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost'   IDENTIFIED BY 'glance';"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'glance';"

    {one} 创建endpoint

    source admin-openrc.sh
openstack user create --domain default glance --password glance
openstack role add --project service --user glance admin
openstack service create --name glance --description "OpenStack Image" image
openstack endpoint create --region RegionOne  image public http://${vip}:9292
openstack endpoint create --region RegionOne  image internal http://${vip}:9292
openstack endpoint create --region RegionOne  image admin http://${vip}:9292

    {one}安装

    yum install openstack-glance -y

    {one}配置

    openstack-config --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:glance@${myip}/glance
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers ${con1}:11211
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_type password
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name service
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username glance
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password glance
openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
openstack-config --set /etc/glance/glance-api.conf glance_store stores file,http
openstack-config --set /etc/glance/glance-api.conf glance_store default_store file
openstack-config --set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /var/lib/glance/images/
openstack-config --set /etc/glance/glance-registry.conf database connection mysql+pymysql://glance:glance@${myip}/glance
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken memcached_servers ${con1}:11211
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_type password
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_name service
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken username glance
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken password glance
openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone

    {one}同步数据库

    su -s /bin/sh -c "glance-manage db_sync" glance

    {one}启动

    systemctl enable openstack-glance-api.service openstack-glance-registry.service
systemctl start openstack-glance-api.service openstack-glance-registry.service

    {two}安装

    yum install openstack-glance -y

    {two}配置

    openstack-config --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:glance@${myip}/glance
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers ${con2}:11211
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_type password
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name service
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username glance
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password glance
openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
openstack-config --set /etc/glance/glance-api.conf glance_store stores file,http
openstack-config --set /etc/glance/glance-api.conf glance_store default_store file
openstack-config --set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /var/lib/glance/images/
openstack-config --set /etc/glance/glance-registry.conf database connection mysql+pymysql://glance:glance@${myip}/glance
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken memcached_servers ${con2}:11211
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_type password
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_name service
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken username glance
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken password glance
openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone

    {two}启动

    systemctl enable openstack-glance-api.service openstack-glance-registry.service
systemctl start openstack-glance-api.service openstack-glance-registry.service

    {one,two}下载测试镜像

    wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img

    haproxy配置

    listen glance_9292
    bind :9292
    balance source
    mode http
    server op61 10.0.10.61:9292 check inter 2000 rise 3 fall 2 weight 1
    server op62 10.0.10.62:9292 check inter 2000 rise 3 fall 2 weight 1

listen glance_9191
    bind :9191
    balance source
    mode http
    server op61 10.0.10.61:9191 check inter 2000 rise 3 fall 2 weight 1
    server op62 10.0.10.62:9191 check inter 2000 rise 3 fall 2 weight 1

    {one,two}验证

    {one}上传镜像

    openstack image create "cirros-1"  --file cirros-0.3.4-x86_64-disk.img   --disk-format qcow2 --container-format bare   --public

    {two}上传镜像

    openstack image create "cirros-2"  --file cirros-0.3.4-x86_64-disk.img   --disk-format qcow2 --container-format bare   --public

    {one,two}

    openstack image list

    nova

    {mysql}mysql

    mysql -uroot -pmysql -e "CREATE DATABASE nova_api;"
mysql -uroot -pmysql -e "CREATE DATABASE nova;"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost'   IDENTIFIED BY 'nova';"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%'   IDENTIFIED BY 'nova';"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost'   IDENTIFIED BY 'nova';"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%'   IDENTIFIED BY 'nova';"

    {one}创建endpoint

    openstack user create --domain default nova  --password nova
openstack role add --project service --user nova admin
openstack service create --name nova --description "OpenStack Compute" compute
openstack endpoint create --region RegionOne   compute public http://${vip}:8774/v2.1/%\(tenant_id\)s
openstack endpoint create --region RegionOne   compute internal http://${vip}:8774/v2.1/%\(tenant_id\)s
openstack endpoint create --region RegionOne   compute admin http://${vip}:8774/v2.1/%\(tenant_id\)s

    {one}安装

    yum install -y openstack-nova-api openstack-nova-conductor  openstack-nova-console openstack-nova-novncproxy   openstack-nova-scheduler

    {one}配置

    openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
openstack-config --set /etc/nova/nova.conf api_database connection mysql+pymysql://nova:nova@${myip}/nova_api
openstack-config --set /etc/nova/nova.conf database connection mysql+pymysql://nova:nova@${myip}/nova
openstack-config --set /etc/nova/nova.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_host ${rabip}
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_password openstack
openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers ${con1}:11211
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name service
openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
openstack-config --set /etc/nova/nova.conf keystone_authtoken password nova
openstack-config --set /etc/nova/nova.conf DEFAULT my_ip ${con1}
openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron  True
openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
openstack-config --set /etc/nova/nova.conf vnc vncserver_listen ${con1}
openstack-config --set /etc/nova/nova.conf vnc vncserver_proxyclient_address ${con1}
openstack-config --set /etc/nova/nova.conf glance api_servers http://${vip}:9292
openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp

    {one}同步数据库

    su -s /bin/sh -c "nova-manage api_db sync" nova
su -s /bin/sh -c "nova-manage db sync" nova

    {one}启动服务

    systemctl enable openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
systemctl start openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service  openstack-nova-conductor.service openstack-nova-novncproxy.service

    nova 计算服务(控制节点也作为计算节点)

    {one}安装

    yum install -y openstack-nova-compute

    {one}配置(因为该节点也是控制节点所有有些配置上面已经配置过了)

    openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
openstack-config --set /etc/nova/nova.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_host ${rabip}
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_password openstack
openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers ${con1}:11211
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name service
openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
openstack-config --set /etc/nova/nova.conf keystone_authtoken password nova
openstack-config --set /etc/nova/nova.conf DEFAULT my_ip ${con1}
openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron  True
openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
openstack-config --set /etc/nova/nova.conf vnc enable True
openstack-config --set /etc/nova/nova.conf vnc vncserver_listen 0.0.0.0
openstack-config --set /etc/nova/nova.conf vnc vncserver_proxyclient_address ${con1}
openstack-config --set /etc/nova/nova.conf vnc novncproxy_base_url http://${vip}:6080/vnc_auto.html
openstack-config --set /etc/nova/nova.conf glance api_servers http://${vip}:9292
openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp

    {one}配置虚拟类型

    若是虚拟机环境则

    openstack-config --set /etc/nova/nova.conf libvirt virt_type qemu

    若是物理机则

    openstack-config --set /etc/nova/nova.conf libvirt virt_type kvm

    {one}启动

    systemctl enable libvirtd.service openstack-nova-compute.service
systemctl start libvirtd.service openstack-nova-compute.service
systemctl status libvirtd.service openstack-nova-compute.service

    {two}安装

    yum install -y openstack-nova-api openstack-nova-conductor  openstack-nova-console openstack-nova-novncproxy   openstack-nova-scheduler

    {two}配置

    openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
openstack-config --set /etc/nova/nova.conf api_database connection mysql+pymysql://nova:nova@${myip}/nova_api
openstack-config --set /etc/nova/nova.conf database connection mysql+pymysql://nova:nova@${myip}/nova
openstack-config --set /etc/nova/nova.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_host ${rabip}
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_password openstack
openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers ${con2}:11211
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name service
openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
openstack-config --set /etc/nova/nova.conf keystone_authtoken password nova
openstack-config --set /etc/nova/nova.conf DEFAULT my_ip ${con2}
openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron  True
openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
openstack-config --set /etc/nova/nova.conf vnc vncserver_listen ${con2}
openstack-config --set /etc/nova/nova.conf vnc vncserver_proxyclient_address ${con2}
openstack-config --set /etc/nova/nova.conf glance api_servers http://${vip}:9292
openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp

    {two}启动服务

    systemctl enable openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
systemctl start openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service  openstack-nova-conductor.service openstack-nova-novncproxy.service

    nova 计算服务(控制节点也作为计算节点)

    {two}安装

    yum install -y openstack-nova-compute

    {two}配置(因为该节点也是控制节点所有有些配置上面已经配置过了)

    openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
openstack-config --set /etc/nova/nova.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_host ${rabip}
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_password openstack
openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers ${con2}:11211
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name service
openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
openstack-config --set /etc/nova/nova.conf keystone_authtoken password nova
openstack-config --set /etc/nova/nova.conf DEFAULT my_ip ${con2}
openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron  True
openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
openstack-config --set /etc/nova/nova.conf vnc enable True
openstack-config --set /etc/nova/nova.conf vnc vncserver_listen 0.0.0.0
openstack-config --set /etc/nova/nova.conf vnc vncserver_proxyclient_address ${con2}
openstack-config --set /etc/nova/nova.conf vnc novncproxy_base_url http://${vip}:6080/vnc_auto.html
openstack-config --set /etc/nova/nova.conf glance api_servers http://${vip}:9292
openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp

    {two}配置虚拟类型

    若是虚拟机环境则

    openstack-config --set /etc/nova/nova.conf libvirt virt_type qemu

    若是物理机则

    openstack-config --set /etc/nova/nova.conf libvirt virt_type kvm

    {two}启动

    systemctl enable libvirtd.service openstack-nova-compute.service
systemctl start libvirtd.service openstack-nova-compute.service
systemctl status libvirtd.service openstack-nova-compute.service

    haproxy配置

    listen nova_8774
    bind :8774
    balance source
    mode http
    server op61 10.0.10.61:8774 check inter 2000 rise 3 fall 2 weight 1
    server op62 10.0.10.62:8774 check inter 2000 rise 3 fall 2 weight 1

listen vnc_6080
    bind :6080
    balance source
    mode http
    server op61 10.0.10.61:6080 check inter 2000 rise 3 fall 2 weight 1
    server op62 10.0.10.62:6080 check inter 2000 rise 3 fall 2 weight 1

    {one,two}验证

    openstack compute service list

    dashboard

    {one}安装

    yum install -y openstack-dashboard

    {one}配置

    /etc/openstack-dashboard/local_settings
OPENSTACK_HOST = "10.0.10.61"
ALLOWED_HOSTS = ['*', ]
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'

CACHES = {
    'default': {
         'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
         'LOCATION': '10.0.10.61:11211',
    }
}

OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST

OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True

OPENSTACK_API_VERSIONS = {
    "identity": 3,
    "image": 2,
    "volume": 2,
}

OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "default"

OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"

TIME_ZONE = "TIME_ZONE"

    {one}重启

    systemctl restart httpd.service memcached.service

    {two}安装

    yum install -y openstack-dashboard

    {two}配置

    /etc/openstack-dashboard/local_settings
OPENSTACK_HOST = "10.0.10.62"
ALLOWED_HOSTS = ['*', ]
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'

CACHES = {
    'default': {
         'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
         'LOCATION': '10.0.10.62:11211',
    }
}

OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST

OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True

OPENSTACK_API_VERSIONS = {
    "identity": 3,
    "image": 2,
    "volume": 2,
}

OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "default"

OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"

TIME_ZONE = "TIME_ZONE"

    如果是copy另一个节点的配置文件不要忘了改下权限

    {two}重启

    systemctl restart httpd.service memcached.service

    haproxy配置

    listen dashboard_80
    bind :80
    balance source
    mode http
    server op61 10.0.10.61:80 check inter 2000 rise 3 fall 2 weight 1
    server op62 10.0.10.62:80 check inter 2000 rise 3 fall 2 weight 1

    cinder

    {mysql} mysql

    mysql -uroot -pmysql -e "CREATE DATABASE cinder;"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost'  IDENTIFIED BY 'cinder';"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%'  IDENTIFIED BY 'cinder';"

    {one}创建endpoint

    openstack user create --domain default cinder --password cinder
openstack role add --project service --user cinder admin
openstack service create --name cinder   --description "OpenStack Block Storage" volume
openstack service create --name cinderv2   --description "OpenStack Block Storage" volumev2
openstack endpoint create --region RegionOne   volume public http://${vip}:8776/v1/%\(tenant_id\)s
openstack endpoint create --region RegionOne   volume internal http://${vip}:8776/v1/%\(tenant_id\)s
openstack endpoint create --region RegionOne   volume admin http://${vip}:8776/v1/%\(tenant_id\)s
openstack endpoint create --region RegionOne   volumev2 public http://${vip}:8776/v2/%\(tenant_id\)s
openstack endpoint create --region RegionOne   volumev2 internal http://${vip}:8776/v2/%\(tenant_id\)s
openstack endpoint create --region RegionOne   volumev2 admin http://${vip}:8776/v2/%\(tenant_id\)s

    {one}安装

    yum install -y openstack-cinder

    {one}配置

    openstack-config --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:cinder@${myip}/cinder
openstack-config --set /etc/cinder/cinder.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_host ${rabip}
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_password openstack
openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken memcached_servers ${con1}:11211
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_type password
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name service
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password cinder
openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip ${con1}
openstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp

    {one}同步数据

    su -s /bin/sh -c "cinder-manage db sync" cinder

    {one}配置nova

    openstack-config --set /etc/nova/nova.conf cinder os_region_name RegionOne

    {one}重启nova,启动服务

    systemctl restart openstack-nova-api.service
systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service
systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service

    {two}安装

    yum install -y openstack-cinder

    {two}配置

    openstack-config --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:cinder@${myip}/cinder
openstack-config --set /etc/cinder/cinder.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_host ${rabip}
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_password openstack
openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken memcached_servers ${con2}:11211
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_type password
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name service
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password cinder
openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip ${con2}
openstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp

    {two}配置nova

    openstack-config --set /etc/nova/nova.conf cinder os_region_name RegionOne

    {two}重启nova,启动服务

    systemctl restart openstack-nova-api.service
systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service
systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service

    haproxy配置

    listen cinder_8776
    bind :8776
    balance source
    mode http
    server op61 10.0.10.61:8776 check inter 2000 rise 3 fall 2 weight 1
    server op62 10.0.10.62:8776 check inter 2000 rise 3 fall 2 weight 1

    cinder storage node

    本例安装一个存储节点,采用lvm,暂时不考虑后端存储高可用

    安装

    yum -y install lvm2
systemctl enable lvm2-lvmetad.service
systemctl start lvm2-lvmetad.service

    创建pv,vg

    pvcreate /dev/sdb
vgcreate cinder-volumes /dev/sdb

    修改lvm.conf过滤规则

    /etc/lvm/lvm.conf
devices {
...
filter = [ "a/sdb/", "r/.*/"]

warning:若system in LVM disk 则
filter = [ "a/sda/", "a/sdb/", "r/.*/"]

    安装包

    yum install -y openstack-cinder targetcli python-keystone

    配置

    /etc/cinder/cinder.conf
openstack-config --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:cinder@${myip}/cinder
openstack-config --set /etc/cinder/cinder.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_host ${rabip}
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_password openstack
openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken memcached_servers ${con1}:11211
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_type password
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name service
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password cinder
openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip ${cin}
openstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp
openstack-config --set /etc/cinder/cinder.conf lvm volume_driver cinder.volume.drivers.lvm.LVMVolumeDriver
openstack-config --set /etc/cinder/cinder.conf lvm volume_group cinder-volumes
openstack-config --set /etc/cinder/cinder.conf lvm iscsi_protocol iscsi
openstack-config --set /etc/cinder/cinder.conf lvm iscsi_helper lioadm
openstack-config --set /etc/cinder/cinder.conf DEFAULT enabled_backends lvm
openstack-config --set /etc/cinder/cinder.conf DEFAULT glance_api_servers http://${vip}:9292

    启动

    systemctl enable openstack-cinder-volume.service target.service
systemctl start openstack-cinder-volume.service target.service

    {one,two}验证

    cinder service-list

    neutron

    {mysql}mysql

    mysql -uroot -pmysql -e "CREATE DATABASE neutron;"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost'   IDENTIFIED BY 'neutron';"
mysql -uroot -pmysql -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%'   IDENTIFIED BY 'neutron';"

    {one}创建挂载点

    openstack user create --domain default neutron --password neutron
openstack role add --project service --user neutron admin
openstack service create --name neutron   --description "OpenStack Networking" network
openstack endpoint create --region RegionOne   network public http://${vip}:9696
openstack endpoint create --region RegionOne   network internal http://${vip}:9696
openstack endpoint create --region RegionOne   network admin http://${vip}:9696

    {one}安装

    yum install -y openstack-neutron openstack-neutron-ml2  openstack-neutron-linuxbridge ebtables

    {one}修改内核配置

    /etc/sysctl.conf
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
sysctl -p

    {one}配置

    注意替换其中的网卡名

    openstack-config --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:neutron@${myip}/neutron
openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins router
openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips True
openstack-config --set /etc/neutron/neutron.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_host ${rabip}
openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_password openstack
openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers ${con1}:11211
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password neutron
openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes True
openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes True
openstack-config --set /etc/neutron/neutron.conf nova auth_url http://${vip}:35357
openstack-config --set /etc/neutron/neutron.conf nova auth_type password
openstack-config --set /etc/neutron/neutron.conf nova project_domain_name default
openstack-config --set /etc/neutron/neutron.conf nova user_domain_name default
openstack-config --set /etc/neutron/neutron.conf nova region_name RegionOne
openstack-config --set /etc/neutron/neutron.conf nova project_name service
openstack-config --set /etc/neutron/neutron.conf nova username nova
openstack-config --set /etc/neutron/neutron.conf nova password nova
openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan,vxlan
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types vxlan
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers linuxbridge,l2population
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks provider
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan vni_ranges 1:1000
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset True
#openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:ens160
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan True
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip ${con1}
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population True
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group True
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
openstack-config --set /etc/neutron/l3_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver
openstack-config --set /etc/neutron/l3_agent.ini DEFAULT external_network_bridge
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata True
openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_ip ${vip}
openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret metadata
openstack-config --set /etc/neutron/neutron.conf DEFAULT l3_ha True
openstack-config --set /etc/neutron/neutron.conf DEFAULT max_l3_agents_per_router 3
openstack-config --set /etc/neutron/neutron.conf DEFAULT min_l3_agents_per_router 2
openstack-config --set /etc/neutron/neutron.conf DEFAULT dhcp_agents_per_network 2

    {one}nova

    openstack-config --set /etc/nova/nova.conf neutron url http://${vip}:9696
openstack-config --set /etc/nova/nova.conf neutron auth_url http://${vip}:35357
openstack-config --set /etc/nova/nova.conf neutron auth_type password
openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
openstack-config --set /etc/nova/nova.conf neutron user_domain_name default
openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
openstack-config --set /etc/nova/nova.conf neutron project_name service
openstack-config --set /etc/nova/nova.conf neutron username neutron
openstack-config --set /etc/nova/nova.conf neutron password neutron
openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy True
openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret metadata

    {one}同步数据

    ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

    {one}启动服务

    systemctl restart openstack-nova-api.service
systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl enable neutron-l3-agent.service
systemctl start neutron-l3-agent.service

    ********************************************************************************8

    {two}安装

    yum install -y openstack-neutron openstack-neutron-ml2  openstack-neutron-linuxbridge ebtables

    {two}修改内核配置

    /etc/sysctl.conf
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
sysctl -p

    {two}配置

    注意替换其中的网卡名

    openstack-config --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:neutron@${myip}/neutron
openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins router
openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips True
openstack-config --set /etc/neutron/neutron.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_host ${rabip}
openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_password openstack
openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers ${con2}:11211
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password neutron
openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes True
openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes True
openstack-config --set /etc/neutron/neutron.conf nova auth_url http://${vip}:35357
openstack-config --set /etc/neutron/neutron.conf nova auth_type password
openstack-config --set /etc/neutron/neutron.conf nova project_domain_name default
openstack-config --set /etc/neutron/neutron.conf nova user_domain_name default
openstack-config --set /etc/neutron/neutron.conf nova region_name RegionOne
openstack-config --set /etc/neutron/neutron.conf nova project_name service
openstack-config --set /etc/neutron/neutron.conf nova username nova
openstack-config --set /etc/neutron/neutron.conf nova password nova
openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan,vxlan
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types vxlan
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers linuxbridge,l2population
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks provider
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan vni_ranges 1:1000
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset True
#openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:ens160
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan True
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip ${con2}
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population True
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group True
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
openstack-config --set /etc/neutron/l3_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver
openstack-config --set /etc/neutron/l3_agent.ini DEFAULT external_network_bridge
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata True
openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_ip ${vip}
openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret metadata
openstack-config --set /etc/neutron/neutron.conf DEFAULT l3_ha True
openstack-config --set /etc/neutron/neutron.conf DEFAULT max_l3_agents_per_router 3
openstack-config --set /etc/neutron/neutron.conf DEFAULT min_l3_agents_per_router 2
openstack-config --set /etc/neutron/neutron.conf DEFAULT dhcp_agents_per_network 2

    {two}nova

    openstack-config --set /etc/nova/nova.conf neutron url http://${vip}:9696
openstack-config --set /etc/nova/nova.conf neutron auth_url http://${vip}:35357
openstack-config --set /etc/nova/nova.conf neutron auth_type password
openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
openstack-config --set /etc/nova/nova.conf neutron user_domain_name default
openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
openstack-config --set /etc/nova/nova.conf neutron project_name service
openstack-config --set /etc/nova/nova.conf neutron username neutron
openstack-config --set /etc/nova/nova.conf neutron password neutron
openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy True
openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret metadata

    {two}

    ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

    {two}启动服务

    systemctl restart openstack-nova-api.service
systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl enable neutron-l3-agent.service
systemctl start neutron-l3-agent.service

    haproxy配置

    listen neutron_9696
    bind :9696
    balance source
    mode http
    server op61 10.0.10.61:9696 check inter 2000 rise 3 fall 2 weight 1
    server op62 10.0.10.62:9696 check inter 2000 rise 3 fall 2 weight 1

    neutron compute node

    安装

    yum install -y openstack-neutron-linuxbridge ebtables ipset

    {one}修改内核配置

    /etc/sysctl.conf
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.all.rp_filter = 0
sysctl -p

    配置

    openstack-config --set /etc/neutron/neutron.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_host ${rabip}
openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_password openstack
openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://${vip}:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://${vip}:35357
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers ${con1}:11211
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password neutron
openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
#openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:ens160
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan True
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip ${MYIP}
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population True
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group True
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_drive neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
openstack-config --set /etc/nova/nova.conf neutron url http://${vip}:9696
openstack-config --set /etc/nova/nova.conf neutron auth_url http://${vip}:35357
openstack-config --set /etc/nova/nova.conf neutron auth_type password
openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
openstack-config --set /etc/nova/nova.conf neutron user_domain_name default
openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
openstack-config --set /etc/nova/nova.conf neutron project_name service
openstack-config --set /etc/nova/nova.conf neutron username neutron
openstack-config --set /etc/nova/nova.conf neutron password neutron

    启动

    systemctl restart openstack-nova-compute.service
systemctl enable neutron-linuxbridge-agent.service
systemctl start neutron-linuxbridge-agent.service

    验证

    neutron ext-list
neutron agent-list

    相关文章

      网友评论

          本文标题:openstack n版多节点HA配置

          本文链接:https://www.haomeiwen.com/subject/iwmgyttx.html

          延伸阅读

          深度阅读

          • 您也可以注册成为美文阅读网的作者,发表您的原创作品、分享您的心情!

          栏目导航

          热点阅读

          关于我们|服务条款|联系我们|openstack n版多节点HA配置|投稿指南|网站地图|RSS订阅|排版工具|手机版

          提供经典美文摘抄,优美散文欣赏,现代诗歌精选,短篇小说,心情随笔,表白情书范文,故事会在线阅读欣赏

          Copyright © 2014-2023 Haomeiwen.com All Rights Reserved. 好美文阅读网 版权所有

          备案信息:桂公网安备 45052102000051号 · 桂ICP备13007215号-3

          本站所收录作品、热点评论等信息部分来源互联网,目的只是为了系统归纳学习和传递资讯

          所有作品版权归原创作者所有,与本站立场无关,如不慎侵犯了你的权益,请联系我们告知,我们将做删除处理!