Alma Linux 8 OpenStack入门1--环境准备及基础组件安装
1.硬件环境
| 主机名 | IP | 网关/DNS | CPU/内存 | 磁盘 |
|---|---|---|---|---|
| controller | 172.26.37.10/24 | 172.26.37.2 | 2核 4G | 100G |
| compute | 172.26.37.20/24 | 172.26.37.2 | 2核 4G | 100G |
| computehci | 172.26.37.30/24 | 172.26.37.2 | 2核 2G | 100G |
2.软件环境
| 主机名 | 角色 | OS | installed组件 |
|---|---|---|---|
| controller | 控制节点 | Alma Linux 8.6 | chrony,Yoga YUM Repository,enable powertools,python3-openstackclient,openstack-selinux,mariadb,rabbitmq,memcached,etcd,openstack-keystone,openstack-dashboard |
| compute | 计算节点 | Alma Linux 8.6 | chrony,Yoga YUM Repository,enable powertools,python3-openstackclient,openstack-selinux |
| computehci | 存储节点 | Alma Linux 8.6 | chrony,Yoga YUM Repository,enable powertools,python3-openstackclient,openstack-selinux |
3.配置网卡/IP、关闭防火墙、禁用selinux、加载br_netfilter模块、配置YUM源、安装chrony
操作对象:控制节点/计算节点/存储节点
操作内容:
# vi /etc/sysconfig/network-scripts/ifcfg-ens33
# cat /etc/sysconfig/network-scripts/ifcfg-ens33
...
IPADDR=172.26.37.10
PREFIX=24
GATEWAY=172.26.37.2
DNS1=172.26.37.2
# vi /etc/selinux/config
# cat /etc/selinux/config
...
SELINUX=disabled
...
# systemctl stop firewalld
# systemctl disable firewalld
# iptables -L
# echo br_netfilter > /etc/modules-load.d/br_netfilter.conf
# sed -e 's|^mirrorlist=|#mirrorlist=|g' \
-e 's|^# baseurl=https://repo.almalinux.org|baseurl=https://mirrors.aliyun.com|g' \
-i.bak \
/etc/yum.repos.d/almalinux*.repo
# yum install -y chrony
# systemctl enable chronyd.service
# systemctl start chronyd.service
# systemctl status chronyd.service
4.配置Yoga YUM源、启用YUM powertools源、安装OpenStack基础组件
操作对象:控制节点/计算节点/存储节点
操作内容:
# sudo dnf -y install https://repos.fedorapeople.org/repos/openstack/openstack-yoga/rdo-release-yoga-1.el8.noarch.rpm
# dnf repolist
repo id repo name
advanced-virtualization CentOS-8 - Advanced Virtualization
appstream AlmaLinux 8 - AppStream
baseos AlmaLinux 8 - BaseOS
centos-nfv-openvswitch CentOS-8 - NFV OpenvSwitch
centos-rabbitmq-38 CentOS-8 - RabbitMQ 38
ceph-pacific CentOS-8 - Ceph Pacific
extras AlmaLinux 8 - Extras
openstack-yoga OpenStack Yoga Repository
powertools AlmaLinux 8 - PowerTools
# dnf config-manager --enable powertools
# yum install -y python3-openstackclient
# yum install -y openstack-selinux
5.安装mariadb
操作对象:控制节点
操作内容:
# yum install -y mariadb mariadb-server python3-PyMySQL
#创建并编辑文件,修改bind-address为本节点IP地址
# vi /etc/my.cnf.d/openstack.cnf
# cat /etc/my.cnf.d/openstack.cnf
[mysqld]
bind-address = 172.26.37.10
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
#启用mariadb服务
# systemctl enable mariadb.service
# systemctl start mariadb.service
# systemctl status mariadb.service
#进行数据库初始化(根据提示配置root密码等信息)
# mysql_secure_installation
6.安装rabbitmq
操作对象:控制节点
操作内容:
#安装rabbitmq组件,并启用服务
# yum install -y rabbitmq-server
# systemctl enable rabbitmq-server.service
# systemctl start rabbitmq-server.service
# systemctl status rabbitmq-server.service
#创建openstack用户,并赋予其权限
# rabbitmqctl add_user openstack awcloud
# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
7.安装memcached
操作对象:控制节点
操作内容:
#安装memcached组件
#yum install -y memcached python3-memcached
#修改配置文件(OPTIONS中添加本节点IP地址)
# vi /etc/sysconfig/memcached
# cat /etc/sysconfig/memcached
...
OPTIONS="-l 127.0.0.1,::1,172.26.37.10"
#启用memcached服务
# systemctl enable memcached.service
# systemctl start memcached.service
# systemctl status memcached.service
8.安装etcd
操作对象:控制节点
操作内容:
#安装etcd组件
# yum install -y etcd
#修改配置文件(将 ETCD_INITIAL_CLUSTER, ETCD_INITIAL_ADVERTISE_PEER_URLS, ETCD_ADVERTISE_CLIENT_URLS, ETCD_LISTEN_CLIENT_URLS和ETCD_LISTEN_PEER_URLS中的ip设置为本节点ip)
# vi /etc/etcd/etcd.conf
...
#[Member]
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="http://172.26.37.10:2380"
ETCD_LISTEN_CLIENT_URLS="http://172.26.37.10:2379"
ETCD_NAME="controller"
#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://172.26.37.10:2380"
ETCD_ADVERTISE_CLIENT_URLS="http://172.26.37.10:2379"
ETCD_INITIAL_CLUSTER="controller=http://172.26.37.10:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"
ETCD_INITIAL_CLUSTER_STATE="new"
...
#启用etcd服务
# systemctl enable etcd
# systemctl start etcd
# systemctl status etcd
9.安装keystone
操作对象:控制节点
操作内容:
#创建keystone库,授权keystone用户
# mysql -u root -p
> CREATE DATABASE keystone;
> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'root';
> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'root';
> flush privileges;
#安装keystone rpm包
# yum install -y openstack-keystone python3-mod_wsgi
#配置keystone
#vi /etc/keystone/keystone.conf
# grep -Ev "^$|^[#;]" /etc/keystone/keystone.conf
...
[database]
connection = mysql+pymysql://keystone:root@172.26.37.10/keystone
...
[token]
provider = fernet
...
#初始化keystone数据
# su -s /bin/sh -c "keystone-manage db_sync" keystone
#初始化fernet数据
# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
#完成服务引导
# keystone-manage bootstrap --bootstrap-password awcloud \
--bootstrap-admin-url http://172.26.37.10:5000/v3/ \
--bootstrap-internal-url http://172.26.37.10:5000/v3/ \
--bootstrap-public-url http://172.26.37.10:5000/v3/ \
--bootstrap-region-id RegionOne
#配置httpd服务
# vi /etc/httpd/conf/httpd.conf
# cat /etc/httpd/conf/httpd.conf
...
ServerName 0.0.0.0
...
#关联keystone的httpd配置文件
# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
#启动httpd服务
# systemctl enable httpd.service
# systemctl start httpd.service
# systemctl status httpd.service
9.测试keystone
操作对象:控制节点
操作内容:
#创建admin用户source文件(OS_AUTH_URL中ip为当前节点ip,OS_PASSWORD为awcloud)
# cat > admin-openrc << EOF
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=awcloud
export OS_AUTH_URL=http://172.26.37.10:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
EOF
#source生效
# source admin-openrc
#测试创建Domain/Projects/Roles/User
# openstack domain create --description "Created for Test By Luorf In Mar 2022" example
# openstack project create --domain example --description "server project" server
# openstack role create myrole
# openstack user create --domain example --password-prompt root
User Password:
Repeat User Password:
#将myrole角色添加到myproject项目和myuser用户:
# openstack role add --project server --user root myrole
#取消临时变量
# unset OS_AUTH_URL OS_PASSWORD
#作为admin请求身份令牌
# openstack --os-auth-url http://controller:5000/v3 --os-project-domain-name Default --os-user-domain-name Default --os-project-name admin --os-username admin token issue
Password:
#作为root请求身份令牌
# openstack --os-auth-url http://controller:5000/v3 --os-project-domain-name example --os-user-domain-name example --os-project-name server --os-username root token issue
Password: 123456
10.Horizon dashboard 搭建
操作对象:控制节点
操作内容:
#安装软件包
# yum install openstack-dashboard
#更改dashboard配置文件
# vi /etc/openstack-dashboard/local_settings
# cat /etc/openstack-dashboard/local_settings
...
OPENSTACK_HOST = "controller"
ALLOWED_HOSTS = ['*']
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION': 'controller:11211',
}
}
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_API_VERSIONS = {
"identity": 3,
"image": 2,
"volume": 3,
}
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"
OPENSTACK_NEUTRON_NETWORK = {
'enable_router': False,
'enable_quotas': False,
'enable_distributed_router': False,
'enable_ha_router': False,
'enable_lb': False,
'enable_firewall': False,
'enable_vpn': False,
'enable_fip_topology_check': False,
}
TIME_ZONE = "Asia/Shanghai"
...
# vi /etc/httpd/conf.d/openstack-dashboard.conf
...
WSGIApplicationGroup %{GLOBAL}
...
#重建apache的dashboard配置文件
# cd /usr/share/openstack-dashboard
# python3 manage.py make_web_conf --apache > /etc/httpd/conf.d/openstack-dashboard.conf
# ln -s /etc/openstack-dashboard /usr/share/openstack-dashboard/openstack_dashboard/conf
#重启httpd服务,加载dashboard
# systemctl restart httpd.service memcached.service
# systemctl status httpd.service memcached.service
11.Horizon dashboard登录
操作对象:浏览器
操作内容:
浏览器访问 http://172.26.37.10/auth/login/?next=/或http://controller/auth/login/?next=/
参考URL:
https://blog.csdn.net/dummy_/category_11695102.html
https://computingforgeeks.com/install-openstack-on-rocky-almalinux/
https://docs.openstack.org/install-guide/environment-packages-rdo.html
https://www.how2shout.com/linux/how-to-install-openstackclient-in-rocky-linux-almalinux-8/
网友评论