OpenStack--newton安装(二)
2017-09-03 本文已影响0人
Marvin_F
上一篇我们安装到了nova的管理节点,今天从nova的计算节点安装开始.
7.2 计算节点安装配置nova
[root@Marvin-Compute ~]# yum install openstack-nova-compute -y
[root@Marvin-Compute ~]# cd /etc/nova/
[root@Marvin-Compute nova]# ll
total 300
-rw-r----- 1 root nova 2717 May 31 00:07 api-paste.ini
-rw-r----- 1 root nova 289748 Aug 3 17:52 nova.conf
-rw-r----- 1 root nova 4 May 31 00:07 policy.json
-rw-r--r-- 1 root root 64 Aug 3 17:52 release
-rw-r----- 1 root nova 966 May 31 00:07 rootwrap.conf
## 修改nova.conf的配置,我们直接从管理节点拷贝一个过来修改
[root@Marvin-Compute nova]# mv nova.conf nova.conf.marvin20170902
[root@Marvin-Compute nova]# scp 10.0.0.56:/etc/nova/nova.conf .
The authenticity of host '10.0.0.56 (10.0.0.56)' can't be established.
ECDSA key fingerprint is 6c:10:78:9b:94:7e:90:93:fb:65:37:3c:98:9b:83:d1.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.0.56' (ECDSA) to the list of known hosts.
root@10.0.0.56's password:
nova.conf 100% 283KB 283.3KB/s 00:00
[root@Marvin-Compute nova]# ll
total 584
-rw-r----- 1 root nova 2717 May 31 00:07 api-paste.ini
-rw-r----- 1 root root 290057 Sep 3 17:26 nova.conf
-rw-r----- 1 root nova 289748 Aug 3 17:52 nova.conf.marvin20170902
-rw-r----- 1 root nova 4 May 31 00:07 policy.json
-rw-r--r-- 1 root root 64 Aug 3 17:52 release
-rw-r----- 1 root nova 966 May 31 00:07 rootwrap.conf
[root@Marvin-Compute nova]# chgrp nova nova.conf
[root@Marvin-Compute nova]# ll
total 584
-rw-r----- 1 root nova 2717 May 31 00:07 api-paste.ini
-rw-r----- 1 root nova 290057 Sep 3 17:26 nova.conf
-rw-r----- 1 root nova 289748 Aug 3 17:52 nova.conf.marvin20170902
-rw-r----- 1 root nova 4 May 31 00:07 policy.json
-rw-r--r-- 1 root root 64 Aug 3 17:52 release
-rw-r----- 1 root nova 966 May 31 00:07 rootwrap.conf
## 修改nova.conf
[root@Marvin-Compute nova]# vim nova.conf
[api_database]
connection=mysql+pymysql://nova:nova@10.0.0.56/nova_api ## 3661行,直接删除
[database]
connection=mysql+pymysql://nova:nova@10.0.0.56/nova ## 4677行,直接删除
[vnc]
vncserver_proxyclient_address=10.0.0.57 ## 8394行地址改为本机的地址
novncproxy_base_url=http://10.0.0.56:6080/vnc_auto.html ## 8413行取消注释,并修改
[libvirt]
virt_type=kvm ## 5672行取消注释,如果环境不支持虚拟化,需要改为qemu
enabled=true ## 8359取消注释
keymap=en-us ## 8375取消注释
## 查看nova.conf总共修改的内容
[root@Marvin-Compute nova]# grep '^[a-z]' nova.conf
auth_strategy=keystone
use_neutron=true
enabled_apis=osapi_compute,metadata
firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver
transport_url=rabbit://openstack:openstack@10.0.0.56
api_servers=10.0.0.56:9292
auth_uri = http://10.0.0.56:5000
auth_url = http://10.0.0.56:35357
memcached_servers = 10.0.0.56:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = nova
virt_type=kvm
lock_path=/var/lib/nova/tmp
enabled=true
keymap=en-us
vncserver_listen=0.0.0.0
vncserver_proxyclient_address=10.0.0.57
novncproxy_base_url=http://10.0.0.56:6080/vnc_auto.html
## 查看自己的计算节点是否支持虚拟化
[root@Marvin-Compute nova]# egrep \ '(vmx|svm)' /proc/cpuinfo
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf eagerfpu pni pclmulqdq vmx ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi ept vpid fsgsbase tsc_adjust bmi1 avx2 smep bmi2 invpcid rdseed adx smap
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf eagerfpu pni pclmulqdq vmx ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi ept vpid fsgsbase tsc_adjust bmi1 avx2 smep bmi2 invpcid rdseed adx smap
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf eagerfpu pni pclmulqdq vmx ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi ept vpid fsgsbase tsc_adjust bmi1 avx2 smep bmi2 invpcid rdseed adx smap
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology tsc_reliable nonstop_tsc aperfmperf eagerfpu pni pclmulqdq vmx ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch ida arat epb xsaveopt pln pts dtherm tpr_shadow vnmi ept vpid fsgsbase tsc_adjust bmi1 avx2 smep bmi2 invpcid rdseed adx smap
[root@Marvin-Compute nova]# egrep -c '(vmx|svm)' /proc/cpuinfo
4
## 执行以上命令,如果没有反馈或者反馈数字为0,那么virt_type的值就要改为qemu
## 启动计算节点的nova程序
[root@Marvin-Compute nova]# systemctl enable libvirtd.service openstack-nova-compute.service
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-compute.service to /usr/lib/systemd/system/openstack-nova-compute.service.
[root@Marvin-Compute nova]# systemctl start libvirtd.service openstack-nova-compute.service
## 在管理节点上验证
[root@Marvin-OpenStack ~]# nova service-list
+----+------------------+------------------+----------+---------+-------+----------------------------+-----------------+
| Id | Binary | Host | Zone | Status | State | Updated_at | Disabled Reason |
+----+------------------+------------------+----------+---------+-------+----------------------------+-----------------+
| 1 | nova-scheduler | Marvin-OpenStack | internal | enabled | up | 2017-09-03T09:56:36.000000 | - |
| 2 | nova-consoleauth | Marvin-OpenStack | internal | enabled | up | 2017-09-03T09:56:36.000000 | - |
| 3 | nova-conductor | Marvin-OpenStack | internal | enabled | up | 2017-09-03T09:56:38.000000 | - |
| 6 | nova-compute | Marvin-Compute | nova | enabled | up | 2017-09-03T09:56:35.000000 | - |
+----+------------------+------------------+----------+---------+-------+----------------------------+-----------------+
[root@Marvin-OpenStack ~]# openstack compute service list
+----+------------------+------------------+----------+---------+-------+----------------------------+
| ID | Binary | Host | Zone | Status | State | Updated At |
+----+------------------+------------------+----------+---------+-------+----------------------------+
| 1 | nova-scheduler | Marvin-OpenStack | internal | enabled | up | 2017-09-03T09:56:56.000000 |
| 2 | nova-consoleauth | Marvin-OpenStack | internal | enabled | up | 2017-09-03T09:56:56.000000 |
| 3 | nova-conductor | Marvin-OpenStack | internal | enabled | up | 2017-09-03T09:56:58.000000 |
| 6 | nova-compute | Marvin-Compute | nova | enabled | up | 2017-09-03T09:56:55.000000 |
+----+------------------+------------------+----------+---------+-------+----------------------------+
可以看到已经发现了我们的计算节点
到此,管理节点和计算节点nova就配置完成了
8. 安装配置neutron服务,neutron也是需要在两个节点安装的服务
8.1 管理节点安装配置neutron服务
[root@Marvin-OpenStack ~]# yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y
[root@Marvin-OpenStack ~]# cd /etc/neutron/
[root@Marvin-OpenStack neutron]# ll
total 120
drwxr-xr-x 11 root root 4096 Sep 3 18:14 conf.d
-rw-r----- 1 root neutron 8592 Aug 16 02:08 dhcp_agent.ini
-rw-r----- 1 root neutron 11119 Aug 16 02:09 l3_agent.ini
-rw-r----- 1 root neutron 10140 Aug 16 02:09 metadata_agent.ini
-rw-r----- 1 root neutron 63378 Aug 16 02:09 neutron.conf
drwxr-xr-x 3 root root 16 Sep 3 18:14 plugins
-rw-r----- 1 root neutron 10148 Jun 1 23:39 policy.json
-rw-r--r-- 1 root root 1195 Jun 1 23:39 rootwrap.conf
[root@Marvin-OpenStack neutron]# vim neutron.conf
[database]
connection = mysql+pymysql://neutron:neutron@10.0.0.56/neutron ## 722行修改数据库信息
[DEFAULT]
auth_strategy = keystone ## 27行取消注释
core_plugin = ml2 ## 30行取消注释,并修改为ml2
service_plugins = ## 33行取消注释
transport_url = rabbit://openstack:openstack@10.0.0.56 ## 530行修改消息队列
notify_nova_on_port_status_changes = true ## 118行取消注释
notify_nova_on_port_data_changes = true ## 122行取消注释
[keystone_authtoken] ## 802行,模块下加入下面的信息
auth_uri = http://10.0.0.56:5000
auth_url = http://10.0.0.56:35357
memcached_servers = 10.0.0.56:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = neutron
[nova] ## 1001行nova模块下加入下面的信息
auth_url = http://10.0.0.56:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = nova
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp ## 1123行取消注释并修改
查看neutron.conf修改的内容
[root@Marvin-OpenStack neutron]# grep '^[a-z]' neutron.conf
auth_strategy = keystone
core_plugin = ml2
service_plugins =
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
transport_url = rabbit://openstack:openstack@10.0.0.56
connection = mysql+pymysql://neutron:neutron@10.0.0.56/neutron
auth_uri = http://10.0.0.56:5000
auth_url = http://10.0.0.56:35357
memcached_servers = 10.0.0.56:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = neutron
auth_url = http://10.0.0.56:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = nova
lock_path = /var/lib/neutron/tmp
## 修改/etc/neutron/plugins/ml2/ml2_conf.ini文件
[root@Marvin-OpenStack neutron]# cd plugins/ml2/
[root@Marvin-OpenStack ml2]# vim ml2_conf.ini
109 type_drivers = flat,vlan,gre,vxlan,geneve
114 tenant_network_types = flat,vlan,gre,vxlan,geneve
118 mechanism_drivers = linuxbridge
123 extension_drivers = port_security
159 flat_networks = public
236 enable_ipset = true
## ml2_conf.ini配置文件修改简单,按照上面的行数对照进行修改就好了
[root@Marvin-OpenStack ml2]# grep '^[a-z]' ml2_conf.ini
type_drivers = flat,vlan,gre,vxlan,geneve
tenant_network_types = flat,vlan,gre,vxlan,geneve
mechanism_drivers = linuxbridge
extension_drivers = port_security
flat_networks = public
enable_ipset = true
## 配置Linuxbridge代理
[root@Marvin-OpenStack ml2]# vim linuxbridge_agent.ini
143 physical_interface_mappings = public:eth0 ## 这里和前面flat_networks的名称对应,eth0是网卡的名称,有的网卡并不一定都是eth0,记得修改成自己的网卡名称
156 firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
161 enable_security_group = true
176 enable_vxlan = false
[root@Marvin-OpenStack ml2]# grep '^[a-z]' linuxbridge_agent.ini ## 这个文件修改也简单,按照行数对照修改
physical_interface_mappings = public:eth0
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
enable_security_group = true
enable_vxlan = false
## 配置DHCP代理
[root@Marvin-OpenStack ml2]# cd /etc/neutron/
[root@Marvin-OpenStack neutron]# vim dhcp_agent.ini ## 还是一样的,根据行号修改
16 interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
32 dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
41 enable_isolated_metadata = true
[root@Marvin-OpenStack neutron]# grep '^[a-z]' dhcp_agent.ini
interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true
## 配置元数据代理
[root@Marvin-OpenStack neutron]# vim metadata_agent.ini
22 nova_metadata_ip = 10.0.0.56
34 metadata_proxy_shared_secret = marvin ##共享秘钥
## 配制nova服务来使用网络
[root@Marvin-OpenStack neutron]# cd /etc/nova
[root@Marvin-OpenStack nova]# vim nova.conf
[neutron] ## 6469行neutron模块下添加如下信息
url = http://10.0.0.56:9696
auth_url = http://10.0.0.56:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron
service_metadata_proxy = True
metadata_proxy_shared_secret = marvin
## 设置ml2的软链接
[root@Marvin-OpenStack ~]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
## 同步数据库
[root@Marvin-OpenStack ~]# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
> --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Running upgrade for neutron ...
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Running upgrade -> kilo, kilo_initial
INFO [alembic.runtime.migration] Running upgrade kilo -> 354db87e3225, nsxv_vdr_metadata.py
INFO [alembic.runtime.migration] Running upgrade 354db87e3225 -> 599c6a226151, neutrodb_ipam
INFO [alembic.runtime.migration] Running upgrade 599c6a226151 -> 52c5312f6baf, Initial operations in support of address scopes
INFO [alembic.runtime.migration] Running upgrade 52c5312f6baf -> 313373c0ffee, Flavor framework
INFO [alembic.runtime.migration] Running upgrade 313373c0ffee -> 8675309a5c4f, network_rbac
INFO [alembic.runtime.migration] Running upgrade 8675309a5c4f -> 45f955889773, quota_usage
INFO [alembic.runtime.migration] Running upgrade 45f955889773 -> 26c371498592, subnetpool hash
INFO [alembic.runtime.migration] Running upgrade 26c371498592 -> 1c844d1677f7, add order to dnsnameservers
INFO [alembic.runtime.migration] Running upgrade 1c844d1677f7 -> 1b4c6e320f79, address scope support in subnetpool
INFO [alembic.runtime.migration] Running upgrade 1b4c6e320f79 -> 48153cb5f051, qos db changes
INFO [alembic.runtime.migration] Running upgrade 48153cb5f051 -> 9859ac9c136, quota_reservations
INFO [alembic.runtime.migration] Running upgrade 9859ac9c136 -> 34af2b5c5a59, Add dns_name to Port
INFO [alembic.runtime.migration] Running upgrade 34af2b5c5a59 -> 59cb5b6cf4d, Add availability zone
INFO [alembic.runtime.migration] Running upgrade 59cb5b6cf4d -> 13cfb89f881a, add is_default to subnetpool
INFO [alembic.runtime.migration] Running upgrade 13cfb89f881a -> 32e5974ada25, Add standard attribute table
INFO [alembic.runtime.migration] Running upgrade 32e5974ada25 -> ec7fcfbf72ee, Add network availability zone
INFO [alembic.runtime.migration] Running upgrade ec7fcfbf72ee -> dce3ec7a25c9, Add router availability zone
INFO [alembic.runtime.migration] Running upgrade dce3ec7a25c9 -> c3a73f615e4, Add ip_version to AddressScope
INFO [alembic.runtime.migration] Running upgrade c3a73f615e4 -> 659bf3d90664, Add tables and attributes to support external DNS integration
INFO [alembic.runtime.migration] Running upgrade 659bf3d90664 -> 1df244e556f5, add_unique_ha_router_agent_port_bindings
INFO [alembic.runtime.migration] Running upgrade 1df244e556f5 -> 19f26505c74f, Auto Allocated Topology - aka Get-Me-A-Network
INFO [alembic.runtime.migration] Running upgrade 19f26505c74f -> 15be73214821, add dynamic routing model data
INFO [alembic.runtime.migration] Running upgrade 15be73214821 -> b4caf27aae4, add_bgp_dragent_model_data
INFO [alembic.runtime.migration] Running upgrade b4caf27aae4 -> 15e43b934f81, rbac_qos_policy
INFO [alembic.runtime.migration] Running upgrade 15e43b934f81 -> 31ed664953e6, Add resource_versions row to agent table
INFO [alembic.runtime.migration] Running upgrade 31ed664953e6 -> 2f9e956e7532, tag support
INFO [alembic.runtime.migration] Running upgrade 2f9e956e7532 -> 3894bccad37f, add_timestamp_to_base_resources
INFO [alembic.runtime.migration] Running upgrade 3894bccad37f -> 0e66c5227a8a, Add desc to standard attr table
INFO [alembic.runtime.migration] Running upgrade 0e66c5227a8a -> 45f8dd33480b, qos dscp db addition
INFO [alembic.runtime.migration] Running upgrade 45f8dd33480b -> 5abc0278ca73, Add support for VLAN trunking
INFO [alembic.runtime.migration] Running upgrade 5abc0278ca73 -> d3435b514502, Add device_id index to Port
INFO [alembic.runtime.migration] Running upgrade d3435b514502 -> 30107ab6a3ee, provisioning_blocks.py
INFO [alembic.runtime.migration] Running upgrade 30107ab6a3ee -> c415aab1c048, add revisions table
INFO [alembic.runtime.migration] Running upgrade c415aab1c048 -> a963b38d82f4, add dns name to portdnses
INFO [alembic.runtime.migration] Running upgrade a963b38d82f4 -> 3d0e74aa7d37, Add flavor_id to Router
INFO [alembic.runtime.migration] Running upgrade 3d0e74aa7d37 -> 030a959ceafa, uniq_routerports0port_id
INFO [alembic.runtime.migration] Running upgrade 030a959ceafa -> a5648cfeeadf, Add support for Subnet Service Types
INFO [alembic.runtime.migration] Running upgrade a5648cfeeadf -> 0f5bef0f87d4, add_qos_minimum_bandwidth_rules
INFO [alembic.runtime.migration] Running upgrade 0f5bef0f87d4 -> 67daae611b6e, add standardattr to qos policies
INFO [alembic.runtime.migration] Running upgrade kilo -> 30018084ec99, Initial no-op Liberty contract rule.
INFO [alembic.runtime.migration] Running upgrade 30018084ec99 -> 4ffceebfada, network_rbac
INFO [alembic.runtime.migration] Running upgrade 4ffceebfada -> 5498d17be016, Drop legacy OVS and LB plugin tables
INFO [alembic.runtime.migration] Running upgrade 5498d17be016 -> 2a16083502f3, Metaplugin removal
INFO [alembic.runtime.migration] Running upgrade 2a16083502f3 -> 2e5352a0ad4d, Add missing foreign keys
INFO [alembic.runtime.migration] Running upgrade 2e5352a0ad4d -> 11926bcfe72d, add geneve ml2 type driver
INFO [alembic.runtime.migration] Running upgrade 11926bcfe72d -> 4af11ca47297, Drop cisco monolithic tables
INFO [alembic.runtime.migration] Running upgrade 4af11ca47297 -> 1b294093239c, Drop embrane plugin table
INFO [alembic.runtime.migration] Running upgrade 1b294093239c -> 8a6d8bdae39, standardattributes migration
INFO [alembic.runtime.migration] Running upgrade 8a6d8bdae39 -> 2b4c2465d44b, DVR sheduling refactoring
INFO [alembic.runtime.migration] Running upgrade 2b4c2465d44b -> e3278ee65050, Drop NEC plugin tables
INFO [alembic.runtime.migration] Running upgrade e3278ee65050 -> c6c112992c9, rbac_qos_policy
INFO [alembic.runtime.migration] Running upgrade c6c112992c9 -> 5ffceebfada, network_rbac_external
INFO [alembic.runtime.migration] Running upgrade 5ffceebfada -> 4ffceebfcdc, standard_desc
INFO [alembic.runtime.migration] Running upgrade 4ffceebfcdc -> 7bbb25278f53, device_owner_ha_replicate_int
INFO [alembic.runtime.migration] Running upgrade 7bbb25278f53 -> 89ab9a816d70, Rename ml2_network_segments table
INFO [alembic.runtime.migration] Running upgrade 89ab9a816d70 -> c879c5e1ee90, Add segment_id to subnet
INFO [alembic.runtime.migration] Running upgrade c879c5e1ee90 -> 8fd3918ef6f4, Add segment_host_mapping table.
INFO [alembic.runtime.migration] Running upgrade 8fd3918ef6f4 -> 4bcd4df1f426, Rename ml2_dvr_port_bindings
INFO [alembic.runtime.migration] Running upgrade 4bcd4df1f426 -> b67e765a3524, Remove mtu column from networks.
INFO [alembic.runtime.migration] Running upgrade b67e765a3524 -> a84ccf28f06a, migrate dns name from port
INFO [alembic.runtime.migration] Running upgrade a84ccf28f06a -> 7d9d8eeec6ad, rename tenant to project
INFO [alembic.runtime.migration] Running upgrade 7d9d8eeec6ad -> a8b517cff8ab, Add routerport bindings for L3 HA
INFO [alembic.runtime.migration] Running upgrade a8b517cff8ab -> 3b935b28e7a0, migrate to pluggable ipam
INFO [alembic.runtime.migration] Running upgrade 3b935b28e7a0 -> b12a3ef66e62, add standardattr to qos policies
INFO [alembic.runtime.migration] Running upgrade b12a3ef66e62 -> 97c25b0d2353, Add Name and Description to the networksegments table
INFO [alembic.runtime.migration] Running upgrade 97c25b0d2353 -> 2e0d7a8a1586, Add binding index to RouterL3AgentBinding
INFO [alembic.runtime.migration] Running upgrade 2e0d7a8a1586 -> 5c85685d616d, Remove availability ranges.
INFO [alembic.runtime.migration] Running upgrade 67daae611b6e -> 6b461a21bcfc, uniq_floatingips0floating_network_id0fixed_port_id0fixed_ip_addr
INFO [alembic.runtime.migration] Running upgrade 6b461a21bcfc -> 5cd92597d11d, Add ip_allocation to port
OK
## 重启nova-api服务,启动neutron服务,并设置开机自启
[root@Marvin-OpenStack ~]# systemctl restart openstack-nova-api.service
[root@Marvin-OpenStack ~]# systemctl enable neutron-server.service \
> neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
> neutron-metadata-agent.service
Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-server.service to /usr/lib/systemd/system/neutron-server.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-linuxbridge-agent.service to /usr/lib/systemd/system/neutron-linuxbridge-agent.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-dhcp-agent.service to /usr/lib/systemd/system/neutron-dhcp-agent.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-metadata-agent.service to /usr/lib/systemd/system/neutron-metadata-agent.service.
[root@Marvin-OpenStack ~]# systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
## 创建Neutron服务实体
[root@Marvin-OpenStack ~]# openstack service create --name neutron \
> --description "OpenStack Networking" network
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Networking |
| enabled | True |
| id | 4ae2380a5bb9497e9f84899de97778d6 |
| name | neutron |
| type | network |
+-------------+----------------------------------+
## 注册endpoint
[root@Marvin-OpenStack ~]# openstack endpoint create --region RegionOne \
> network public http://10.0.0.56:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 12c323c8747947999471026d2f1dec0a |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 4ae2380a5bb9497e9f84899de97778d6 |
| service_name | neutron |
| service_type | network |
| url | http://10.0.0.56:9696 |
+--------------+----------------------------------+
[root@Marvin-OpenStack ~]# openstack endpoint create --region RegionOne network internal http://10.0.0.56:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 9c3cdef26ff543dc8ebb4a206a92bb47 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 4ae2380a5bb9497e9f84899de97778d6 |
| service_name | neutron |
| service_type | network |
| url | http://10.0.0.56:9696 |
+--------------+----------------------------------+
[root@Marvin-OpenStack ~]# openstack endpoint create --region RegionOne network admin http://10.0.0.56:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 344c8833f7194d669d1837120f7a94ec |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 4ae2380a5bb9497e9f84899de97778d6 |
| service_name | neutron |
| service_type | network |
| url | http://10.0.0.56:9696 |
+--------------+----------------------------------+
## 验证管理端的neutrun配置
[root@Marvin-OpenStack ~]# neutron agent-list
+------------------+------------------+------------------+-------------------+-------+----------------+----------------------+
| id | agent_type | host | availability_zone | alive | admin_state_up | binary |
+------------------+------------------+------------------+-------------------+-------+----------------+----------------------+
| 01efe4d9-53f5-48 | Metadata agent | Marvin-OpenStack | | :-) | True | neutron-metadata- |
| 6f-8869-40546a68 | | | | | | agent |
| 8fd1 | | | | | | |
| 41127c68-fb5d-46 | DHCP agent | Marvin-OpenStack | nova | :-) | True | neutron-dhcp-agent |
| 41-acdd- | | | | | | |
| 1fba6b78735d | | | | | | |
| 88e9488b-18cf-4c | Linux bridge | Marvin-OpenStack | | :-) | True | neutron-linuxbridge- |
| a4-b0a8-8a916231 | agent | | | | | agent |
| 1315 | | | | | | |
+------------------+------------------+------------------+-------------------+-------+----------------+----------------------+
管理端的neutron配置完成
8.2 计算节点安装配置neutrun服务
[root@Marvin-Compute ~]# yum install openstack-neutron-linuxbridge ebtables ipset -y
[root@Marvin-Compute ~]# vim /etc/neutron/neutron.conf
[DEFAULT]
27 auth_strategy = keystone
530 transport_url = rabbit://openstack:openstack@10.0.0.56
[keystone_authtoken] ## 802行,添加如下内容
auth_uri = http://10.0.0.56:5000
auth_url = http://10.0.0.56:35357
memcached_servers = 10.0.0.56:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = neutron
[oslo_concurrency]
1115 lock_path = /var/lib/neutron/tmp
[root@Marvin-Compute ~]# grep '^[a-z]' /etc/neutron/neutron.conf
auth_strategy = keystone
transport_url = rabbit://openstack:openstack@10.0.0.56
auth_uri = http://10.0.0.56:5000
auth_url = http://10.0.0.56:35357
memcached_servers = 10.0.0.56:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = neutron
lock_path = /var/lib/neutron/tmp
## 配置linuxbridge代理,因为管理节点和计算节点修改的内容一样,我们直接在管理节点拷贝过来,修改权限即可
[root@Marvin-Compute ~]# cd /etc/neutron/plugins/ml2/
[root@Marvin-Compute ml2]# mv linuxbridge_agent.ini linuxbridge_agent.ini.marvin20170902
[root@Marvin-Compute ml2]# scp 10.0.0.56:/etc/neutron/plugins/ml2/linuxbridge_agent.ini .
root@10.0.0.56's password:
linuxbridge_agent.ini 100% 8376 8.2KB/s 00:00
[root@Marvin-Compute ml2]# ll
total 24
-rw-r----- 1 root root 8376 Sep 3 19:11 linuxbridge_agent.ini
-rw-r----- 1 root neutron 8313 Aug 16 02:09 linuxbridge_agent.ini.marvin20170902
[root@Marvin-Compute ml2]# chgrp neutron linuxbridge_agent.ini
[root@Marvin-Compute ml2]# ll
total 24
-rw-r----- 1 root neutron 8376 Sep 3 19:11 linuxbridge_agent.ini
-rw-r----- 1 root neutron 8313 Aug 16 02:09 linuxbridge_agent.ini.marvin20170902
## 在计算节点的nova中配置网络信息
[root@Marvin-Compute ml2]# cd /etc/nova
[root@Marvin-Compute nova]# vim nova.conf
[neutron] ## 6467行,添加如下内容
url = http://10.0.0.56:9696
auth_url = http://10.0.0.56:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron
## 重启nova服务,启动linuxbridge代理,并设置开机自启
[root@Marvin-Compute nova]# systemctl restart openstack-nova-compute.service
[root@Marvin-Compute nova]# systemctl enable neutron-linuxbridge-agent.service
Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-linuxbridge-agent.service to /usr/lib/systemd/system/neutron-linuxbridge-agent.service.
[root@Marvin-Compute nova]# systemctl start neutron-linuxbridge-agent.service
## 管理节点上进行验证
[root@Marvin-OpenStack ~]# neutron agent-list
+------------------+------------------+------------------+-------------------+-------+----------------+----------------------+
| id | agent_type | host | availability_zone | alive | admin_state_up | binary |
+------------------+------------------+------------------+-------------------+-------+----------------+----------------------+
| 01efe4d9-53f5-48 | Metadata agent | Marvin-OpenStack | | :-) | True | neutron-metadata- |
| 6f-8869-40546a68 | | | | | | agent |
| 8fd1 | | | | | | |
| 41127c68-fb5d-46 | DHCP agent | Marvin-OpenStack | nova | :-) | True | neutron-dhcp-agent |
| 41-acdd- | | | | | | |
| 1fba6b78735d | | | | | | |
| 88e9488b-18cf-4c | Linux bridge | Marvin-OpenStack | | :-) | True | neutron-linuxbridge- |
| a4-b0a8-8a916231 | agent | | | | | agent |
| 1315 | | | | | | |
| fdc0270e-3b6f-47 | Linux bridge | Marvin-Compute | | :-) | True | neutron-linuxbridge- |
| 53-8e05-428a4f3a | agent | | | | | agent |
| 0e2a | | | | | | |
+------------------+------------------+------------------+-------------------+-------+----------------+----------------------+
[root@Marvin-OpenStack ~]# nova service-list
+----+------------------+------------------+----------+---------+-------+----------------------------+-----------------+
| Id | Binary | Host | Zone | Status | State | Updated_at | Disabled Reason |
+----+------------------+------------------+----------+---------+-------+----------------------------+-----------------+
| 1 | nova-scheduler | Marvin-OpenStack | internal | enabled | up | 2017-09-03T11:17:37.000000 | - |
| 2 | nova-consoleauth | Marvin-OpenStack | internal | enabled | up | 2017-09-03T11:17:38.000000 | - |
| 3 | nova-conductor | Marvin-OpenStack | internal | enabled | up | 2017-09-03T11:17:39.000000 | - |
| 6 | nova-compute | Marvin-Compute | nova | enabled | up | 2017-09-03T11:17:34.000000 | - |
+----+------------------+------------------+----------+---------+-------+----------------------------+-----------------+
到此,neutrun的配置全部完成
9. 创建云主机
9.1 创建提供者网络
[root@Marvin-OpenStack ~]# neutron net-create --shared --provider:physical_network public \
> --provider:network_type flat public
Created a new network:
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2017-09-03T11:19:56Z |
| description | |
| id | 11a77b36-fc41-4fcd-babc-1bd3051ee064 |
| ipv4_address_scope | |
| ipv6_address_scope | |
| mtu | 1500 |
| name | public |
| port_security_enabled | True |
| project_id | 8e8448db75034b1e8be0f7d6931be2d4 |
| provider:network_type | flat |
| provider:physical_network | public |
| provider:segmentation_id | |
| revision_number | 3 |
| router:external | False |
| shared | True |
| status | ACTIVE |
| subnets | |
| tags | |
| tenant_id | 8e8448db75034b1e8be0f7d6931be2d4 |
| updated_at | 2017-09-03T11:19:56Z |
+---------------------------+--------------------------------------+
## 创建子网
[root@Marvin-OpenStack ~]# openstack subnet create --network public \
> --allocation-pool start=10.0.0.100,end=10.0.0.200 \
> --dns-nameserver 10.0.0.2 --gateway 10.0.0.2 \
> --subnet-range 10.0.0.0/24 public-subnet
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| allocation_pools | 10.0.0.100-10.0.0.200 |
| cidr | 10.0.0.0/24 |
| created_at | 2017-09-03T11:22:17Z |
| description | |
| dns_nameservers | 10.0.0.2 |
| enable_dhcp | True |
| gateway_ip | 10.0.0.2 |
| headers | |
| host_routes | |
| id | 5d749512-4d93-4b97-b09d-ff13029b999f |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| name | public-subnet |
| network_id | 11a77b36-fc41-4fcd-babc-1bd3051ee064 |
| project_id | 8e8448db75034b1e8be0f7d6931be2d4 |
| project_id | 8e8448db75034b1e8be0f7d6931be2d4 |
| revision_number | 2 |
| service_types | [] |
| subnetpool_id | None |
| updated_at | 2017-09-03T11:22:17Z |
+-------------------+--------------------------------------+
## 查看网络信息
[root@Marvin-OpenStack ~]# neutron net-list
+--------------------------------------+--------+--------------------------------------------------+
| id | name | subnets |
+--------------------------------------+--------+--------------------------------------------------+
| 11a77b36-fc41-4fcd-babc-1bd3051ee064 | public | 5d749512-4d93-4b97-b09d-ff13029b999f 10.0.0.0/24 |
+--------------------------------------+--------+--------------------------------------------------+
[root@Marvin-OpenStack ~]# neutron subnet-list
+--------------------------------------+---------------+-------------+----------------------------------------------+
| id | name | cidr | allocation_pools |
+--------------------------------------+---------------+-------------+----------------------------------------------+
| 5d749512-4d93-4b97-b09d-ff13029b999f | public-subnet | 10.0.0.0/24 | {"start": "10.0.0.100", "end": "10.0.0.200"} |
+--------------------------------------+---------------+-------------+----------------------------------------------+
[root@Marvin-OpenStack ~]# openstack network list
+--------------------------------------+--------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+--------+--------------------------------------+
| 11a77b36-fc41-4fcd-babc-1bd3051ee064 | public | 5d749512-4d93-4b97-b09d-ff13029b999f |
+--------------------------------------+--------+--------------------------------------+
9.2 创建云主机类型,生成一个键值对
[root@Marvin-OpenStack ~]# openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano
+----------------------------+---------+
| Field | Value |
+----------------------------+---------+
| OS-FLV-DISABLED:disabled | False |
| OS-FLV-EXT-DATA:ephemeral | 0 |
| disk | 1 |
| id | 0 |
| name | m1.nano |
| os-flavor-access:is_public | True |
| properties | |
| ram | 64 |
| rxtx_factor | 1.0 |
| swap | |
| vcpus | 1 |
+----------------------------+---------+
[root@Marvin-OpenStack ~]# source demo-openstack
[root@Marvin-OpenStack ~]# ssh-keygen -q -N ""
Enter file in which to save the key (/root/.ssh/id_rsa):
[root@Marvin-OpenStack ~]# openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey ## 将生成的键值对上传到openstack
+-------------+-------------------------------------------------+
| Field | Value |
+-------------+-------------------------------------------------+
| fingerprint | fa:bd:6d:4e:24:56:41:c6:37:11:65:81:7f:04:41:53 |
| name | mykey |
| user_id | bccfde0f0711448c8e3855ac4dcb8e19 |
+-------------+-------------------------------------------------+
## 增加安全组规则,开发22端口
[root@Marvin-OpenStack ~]# openstack security group rule create --proto icmp default
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| created_at | 2017-09-03T11:28:19Z |
| description | |
| direction | ingress |
| ethertype | IPv4 |
| headers | |
| id | 79d3f638-7efc-422f-9db2-4e739de3814c |
| port_range_max | None |
| port_range_min | None |
| project_id | 9e6ed2044de448c5b6064da5e61108f3 |
| project_id | 9e6ed2044de448c5b6064da5e61108f3 |
| protocol | icmp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 1 |
| security_group_id | e08a5e52-71df-4349-92e3-412b5aee27c5 |
| updated_at | 2017-09-03T11:28:19Z |
+-------------------+--------------------------------------+
[root@Marvin-OpenStack ~]# openstack security group rule create --proto tcp --dst-port 22 default
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| created_at | 2017-09-03T11:28:37Z |
| description | |
| direction | ingress |
| ethertype | IPv4 |
| headers | |
| id | 17ac408e-f270-4bd6-ab18-7f926246ac76 |
| port_range_max | 22 |
| port_range_min | 22 |
| project_id | 9e6ed2044de448c5b6064da5e61108f3 |
| project_id | 9e6ed2044de448c5b6064da5e61108f3 |
| protocol | tcp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 1 |
| security_group_id | e08a5e52-71df-4349-92e3-412b5aee27c5 |
| updated_at | 2017-09-03T11:28:37Z |
+-------------------+--------------------------------------+
9.3 创建云主机需要验证的信息
[root@Marvin-OpenStack ~]# openstack flavor list ## 云主机类型
+----+---------+-----+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+---------+-----+------+-----------+-------+-----------+
| 0 | m1.nano | 64 | 1 | 0 | 1 | True |
+----+---------+-----+------+-----------+-------+-----------+
[root@Marvin-OpenStack ~]# openstack image list ## 镜像
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| a131bcba-8fa7-4a0e-8333-a36046c31a9c | cirros | active |
+--------------------------------------+--------+--------+
[root@Marvin-OpenStack ~]# openstack network list ## 网络
+--------------------------------------+--------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+--------+--------------------------------------+
| 11a77b36-fc41-4fcd-babc-1bd3051ee064 | public | 5d749512-4d93-4b97-b09d-ff13029b999f |
+--------------------------------------+--------+--------------------------------------+
[root@Marvin-OpenStack ~]# openstack security group list ## 安全策略
+--------------------------------------+---------+------------------------+----------------------------------+
| ID | Name | Description | Project |
+--------------------------------------+---------+------------------------+----------------------------------+
| e08a5e52-71df-4349-92e3-412b5aee27c5 | default | Default security group | 9e6ed2044de448c5b6064da5e61108f3 |
+--------------------------------------+---------+------------------------+----------------------------------+
9.4 创建云主机
[root@Marvin-OpenStack ~]# source demo-openstack
[root@Marvin-OpenStack ~]# openstack server create --flavor m1.nano --image cirros \
> --nic net-id=11a77b36-fc41-4fcd-babc-1bd3051ee064 --security-group default \
> --key-name mykey marvinopen1-instance
+--------------------------------------+-----------------------------------------------+
| Field | Value |
+--------------------------------------+-----------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | |
| OS-EXT-STS:power_state | NOSTATE |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | None |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | |
| adminPass | k2HpAW2f5ELA |
| config_drive | |
| created | 2017-09-03T11:34:24Z |
| flavor | m1.nano (0) |
| hostId | |
| id | c75fa09b-cb20-4e16-9def-116bfc39a4ec |
| image | cirros (a131bcba-8fa7-4a0e-8333-a36046c31a9c) |
| key_name | mykey |
| name | marvinopen1-instance |
| os-extended-volumes:volumes_attached | [] |
| progress | 0 |
| project_id | 9e6ed2044de448c5b6064da5e61108f3 |
| properties | |
| security_groups | [{u'name': u'default'}] |
| status | BUILD |
| updated | 2017-09-03T11:34:32Z |
| user_id | bccfde0f0711448c8e3855ac4dcb8e19 |
+--------------------------------------+-----------------------------------------------+
[root@Marvin-OpenStack ~]# openstack server list
+--------------------------------------+----------------------+--------+-------------------+------------+
| ID | Name | Status | Networks | Image Name |
+--------------------------------------+----------------------+--------+-------------------+------------+
| c75fa09b-cb20-4e16-9def-116bfc39a4ec | marvinopen1-instance | ACTIVE | public=10.0.0.107 | cirros |
+--------------------------------------+----------------------+--------+-------------------+------------+
[root@Marvin-OpenStack ~]# ping 10.0.0.107 -c4
PING 10.0.0.107 (10.0.0.107) 56(84) bytes of data.
64 bytes from 10.0.0.107: icmp_seq=1 ttl=64 time=0.878 ms
64 bytes from 10.0.0.107: icmp_seq=2 ttl=64 time=1.40 ms
64 bytes from 10.0.0.107: icmp_seq=3 ttl=64 time=0.898 ms
64 bytes from 10.0.0.107: icmp_seq=4 ttl=64 time=1.01 ms
--- 10.0.0.107 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 0.878/1.050/1.408/0.215 ms
## 因为前面配置了键值对,可以直接ssh登录,不需要密码
[root@Marvin-OpenStack ~]# ssh cirros@10.0.0.107
The authenticity of host '10.0.0.107 (10.0.0.107)' can't be established.
RSA key fingerprint is a4:cf:41:2f:4e:eb:6f:1e:84:e7:23:f7:46:a6:4a:af.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.0.107' (RSA) to the list of known hosts.
$ ifconfig
eth0 Link encap:Ethernet HWaddr FA:16:3E:C0:83:39
inet addr:10.0.0.107 Bcast:10.0.0.255 Mask:255.255.255.0
inet6 addr: fe80::f816:3eff:fec0:8339/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:255 errors:0 dropped:0 overruns:0 frame:0
TX packets:184 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:31309 (30.5 KiB) TX bytes:20644 (20.1 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
## 第一台云主机就这样建成了,美不美呢,哈哈!!!
## 查看VNC的url地址
[root@Marvin-OpenStack ~]# openstack console url show marvinopen1-instance
+-------+--------------------------------------------------------------------------------+
| Field | Value |
+-------+--------------------------------------------------------------------------------+
| type | novnc |
| url | http://10.0.0.56:6080/vnc_auto.html?token=3a4766ca-443a-469b-b2a7-328d95ad7109 |
+-------+--------------------------------------------------------------------------------+
下面可以使用vnc的地址去直接访问浏览器,就可以直接控制虚拟机了
浏览器访问: http://10.0.0.56:6080/vnc_auto.html?token=3a4766ca-443a-469b-b2a7-328d95ad7109
可以看到虚拟机正在运行,输入帐号cirros,密码: cubswin:) 可以登录到服务器
nova stop 云主机的ID == 停止云主机
nova start 云主机的ID == 启动云主机
nova delete 云主机的ID == 删除云主机
到此已经可以创建云主机了,很爽吧,下次更新,我们将通过web界面来管理openstack的云主机
笔者QQ: 779734791 昵称: Marvin 欢迎大家一起讨论进步.