2013年(28)
分类: 云计算
2013-03-04 16:08:28
控制器节点将提供:
? 数据库(包括MySQL)
? 队列(包括RabbitMQ)
? KeyStone
? Glance
? Nova(不包括nova-compute)
? Cinder
? Quantum服务器(包括Open-vSwitch插件)
? Dashboard(包括Horizon)
1. 安装Ubuntu,安装时设置如下参数:
? 时区:UTC
? 主机名:contoller
? 软件包:OpenSSH-Server
操作系统安装完成后,重启服务器。
2. 由于Ubuntu 12.04 LTS默认包含OpenStack Essex,我们将使用Ubuntu Cloud Archive获取Folsom:
|
apt-get install ubuntu-cloud-keyring |
编辑/etc/apt/sources.list.d/cloud-archive.list:
deb precise-updates/folsom main
|
升级系统(需要的话重启):
apt-get update && apt-get upgrade
|
3. 配置网络:
? 编辑/etc/network/interfaces文件:
# Management Network
auto eth0
iface eth0 inet static
address 192.168.0.1
netmask 255.255.255.0
# API + Public Network
auto eth1
iface eth1 inet static
address 7.7.7.7
netmask 255.255.255.0
gateway 7.7.7.1
dns-nameservers 8.8.8.8
|
? 编辑/etc/sysctl.conf
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 0
|
然后重启网络服务:
service networking restart
|
? 编辑/etc/hosts文件,添加主机名controller, network和compute1及相应IP。
127.0.0.1 localhost
127.0.1.1 controller
192.168.0.1 controller
192.168.0.2 network
192.168.0.3 compute
|
4. 安装配置NTP
? 安装软件包:
apt-get install -y ntp
|
? 配置/etc/ntp.conf文件:
server ntp.ubuntu.com iburst
server 127.127.1.0
fudge 127.127.1.0 stratum 10
|
? 重启服务:
service ntp restart
|
1. 安装软件包:
apt-get install mysql-server python-mysqldb
|
2. 允许从网络连接数据库:
sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf
|
3. 重启服务:
service mysql restart
|
4. 创建数据库,用户和权限:
mysql -u root -ppassword <
CREATE DATABASE nova;
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' \
IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'192.168.0.1' \
IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'192.168.0.2' \
IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'192.168.0.3' \
IDENTIFIED BY 'password';
CREATE DATABASE cinder;
GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' \
IDENTIFIED BY 'password';
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' \
IDENTIFIED BY 'password';
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
IDENTIFIED BY 'password';
CREATE DATABASE quantum;
GRANT ALL PRIVILEGES ON quantum.* TO 'quantum'@'localhost' \
IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON quantum.* TO 'quantum'@'192.168.0.2' \
IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON quantum.* TO 'quantum'@'192.168.0.3' \
IDENTIFIED BY 'password';
FLUSH PRIVILEGES;
EOF
|
1. 安装软件包:
apt-get install rabbitmq-server
|
2. 修改默认口令:
rabbitmqctl change_password guest password
|
1. 安装软件包:
apt-get install keystone python-keystone python-keystoneclient
|
2. 编辑/etc/keystone/keystone.conf:
[DEFAULT]
admin_token = password
bind_host = 0.0.0.0
public_port = 5000
admin_port = 35357
compute_port = 8774
verbose = True
debug = True
log_file = keystone.log
log_dir = /var/log/keystone
log_config = /etc/keystone/logging.conf
[sql]
connection = mysql://keystone:password@localhost:3306/keystone
idle_timeout = 200
[identity]
driver = keystone.identity.backends.sql.Identity
[catalog]
driver = keystone.catalog.backends.sql.Catalog
(...)
|
3. 重启Keystone并在数据库创建表:
service keystone restart
keystone-manage db_sync
|
4. 加载环境变量:
? 创建novarc文件:
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=password
export OS_AUTH_URL=""
export SERVICE_ENDPOINT=""
export SERVICE_TOKEN=password
|
? 导出环境变量:
source novarc
echo "source novarc">>.bashrc
|
5. 下载数据脚本,并用数据(用户、租户、服务)填充Keystone数据库:
./keystone-data.sh
|
6. 下载endpoint脚本,并创建endpoints(为项目):
./keystone-endpoints.sh
|
如果管理器节点上的管理网络的IP地址与此例不同,请使用如下命令:
./keystone-endpoints.sh -K
|
1. 安装软件包:
apt-get install glance glance-api glance-registry python-glanceclient glance-common
|
2. 配置Glance:
? 编辑/etc/glance/glance-api.conf和/etc/glance/glance-registry.conf文件并修改:
sql_connection = mysql://glance:password@localhost/glance
admin_tenant_name = service
admin_user = glance
admin_password = password
|
对glance-api.conf,修改:
notifier_strategy = rabbit
rabbit_password = password
|
? 重启Glance服务:
service glance-api restart && service glance-registry restart
|
? 在数据库中创建Glance数据表:
glance-manage db_sync
|
? 下载并导入Ubuntu 12.04 LTS UEC镜像:
glance image-create \
--location http://uec-images.ubuntu.com/releases/12.04/release/ubuntu-12.04-server-cloudimg-amd64-disk1.img \
--is-public true --disk-format qcow2 --container-format bare --name "Ubuntu"
|
? 检查镜像是否已在索引中引入:
glance image-list
+--------------------------------------+--------+-------------+------------------+-----------+--------+
| ID | Name | Disk Format | Container Format | Size | Status |
+--------------------------------------+--------+-------------+------------------+-----------+--------+
| 0d2664d3-cda9-4937-95b2-909ecf8ea362 | Ubuntu | qcow2 | bare | 233701376 | active |
+--------------------------------------+--------+-------------+------------------+-----------+--------+
|
? 你还可以安装Glance Replicator(Folsom新引入)。更多信息在此。
1. 安装软件包:
apt-get install nova-api nova-cert nova-common \
nova-scheduler python-nova python-novaclient nova-consoleauth novnc \
nova-novncproxy
|
2. 配置Nova:
? 编辑/etc/nova/api-paste.ini文件并修改:
admin_tenant_name = service
admin_user = nova
admin_password = password
|
由于我们将使用Cinder进行存储,因此我们还应该删除与”nova-volume”有关的部分:
============================================================
[composite:osapi_volume]
use = call:nova.api.openstack.urlmap:urlmap_factory
/: osvolumeversions
/v1: openstack_volume_api_v1
============================================================
============================================================
[composite:openstack_volume_api_v1]
use = call:nova.api.auth:pipeline_factory
noauth = faultwrap sizelimit noauth ratelimit osapi_volume_app_v1
keystone = faultwrap sizelimit authtoken keystonecontext ratelimit osapi_volume_app_v1
keystone_nolimit = faultwrap sizelimit authtoken keystonecontext osapi_volume_app_v1
============================================================
============================================================
[app:osapi_volume_app_v1]
paste.app_factory = nova.api.openstack.volume:APIRouter.factory
============================================================
============================================================
[pipeline:osvolumeversions]
pipeline = faultwrap osvolumeversionapp
[app:osvolumeversionapp]
paste.app_factory = nova.api.openstack.volume.versions:Versions.factory
============================================================
|
? 编辑/etc/nova/nova.conf文件并修改:
[DEFAULT]
# MySQL Connection #
sql_connection=mysql://nova:password@192.168.0.1/nova
# nova-scheduler #
rabbit_password=password
scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler
# nova-api #
cc_host=192.168.0.1
auth_strategy=keystone
s3_host=192.168.0.1
ec2_host=192.168.0.1
nova_url=
ec2_url=
keystone_ec2_url=
api_paste_config=/etc/nova/api-paste.ini
allow_admin_api=true
use_deprecated_auth=false
ec2_private_dns_show_ip=True
dmz_cidr=169.254.169.254/32
ec2_dmz_host=192.168.0.1
metadata_host=192.168.0.1
metadata_listen=0.0.0.0
enabled_apis=ec2,osapi_compute,metadata
# Networking #
network_api_class=nova.network.quantumv2.api.API
quantum_url=
quantum_auth_strategy=keystone
quantum_admin_tenant_name=service
quantum_admin_username=quantum
quantum_admin_password=password
quantum_admin_auth_url=
libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver
linuxnet_interface_driver=nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver
# Cinder #
volume_api_class=nova.volume.cinder.API
# Glance #
glance_api_servers=192.168.0.1:9292
image_service=nova.image.glance.GlanceImageService
# novnc #
novnc_enable=true
novncproxy_base_url=
vncserver_proxyclient_address=192.168.0.1
vncserver_listen=0.0.0.0
# Misc #
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/var/lock/nova
root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf
verbose=true
|
? 在数据库中创建Nova数据表:
nova-manage db sync
|
? 重启Nova服务:
service nova-api restart
service nova-cert restart
service nova-consoleauth restart
service nova-scheduler restart
service nova-novncproxy restart
|
1. 安装软件包:
apt-get install -y cinder-api cinder-scheduler cinder-volume iscsitarget \
open-iscsi iscsitarget-dkms python-cinderclient linux-headers-`uname -r`
|
2. 配置并启动iSCSI服务:
sed -i 's/false/true/g' /etc/default/iscsitarget
service iscsitarget start
service open-iscsi start
|
3. 配置Cinder
? 编辑/etc/cinder/cinder.conf文件并修改:
[DEFAULT]
sql_connection = mysql://cinder:password@localhost:3306/cinder
rabbit_password = password
|
? 编辑/etc/cinder/api-paste.ini文件并修改:
admin_tenant_name = service
admin_user = cinder
admin_password = password
|
? 创建卷(在第二块磁盘上):
fdisk /dev/sdb
[Create a Linux partition]
pvcreate /dev/sdb1
vgcreate cinder-volumes /dev/sdb1
|
? 在数据库中创建Cinder表:
cinder-manage db sync
|
? 重启服务:
service cinder-api restart
service cinder-scheduler restart
service cinder-volume restart
|
1. 安装软件包:
apt-get install quantum-server
|
2. 配置Quantum服务:
? 编辑/etc/quantum/quantum.conf文件并修改:
core_plugin = \
quantum.plugins.openvswitch.ovs_quantum_plugin.OVSQuantumPluginV2
auth_strategy = keystone
fake_rabbit = False
rabbit_password = password
|
? 编辑/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini文件并修改:
[DATABASE]
sql_connection = mysql://quantum:password@localhost:3306/quantum
[OVS]
tenant_network_type = gre
tunnel_id_ranges = 1:1000
enable_tunneling = True
|
注意:选择使用tunnel模式更方便,因为不用为VLANs配置物理路由器。
? 编辑/etc/quantum/api-paste.ini文件并修改:
admin_tenant_name = service
admin_user = quantum
admin_password = password
|
3. 启动服务:
service quantum-server restart
|
安装软件包:
apt-get install apache2 libapache2-mod-wsgi openstack-dashboard \
memcached python-memcache
|
OpenStack Dashboard现在可以通过访问。我们可以通过admin/password或demo/password登录。
