三:安装服务-controller node
一:工具、环境准备-controller node
二:OpenStack环境准备-controller node
三:安装服务-controller node
四:工具、环境准备-compute node
五:OpenStack环境准备-compute node
六:安装服务-compute node
七:仪表盘安装
文章目录
- Identity service – keystone installation
- 1)Install and configure
- a. 先准备 - 创建数据库
- b. 安装并配置组件
- c. 配置 Apache HTTP 服务器
- d. 完成安装
- 2)Create a domain, projects, users, and roles
- a. a formal way to create a new domain would be:
- b. Create the service project:
- c. creates the myproject project and myuser user:
- 3)Verify operation
- 4)Create OpenStack client environment scripts
- a. 创建脚本
- b. 使用脚本
- Image service – glance installation
- 1)Install and configure
- a. 先准备 - 创建数据库
- b. 安装并配置组件
- c. 完成安装
- Placement service – placement installation
- 1)Install and configure
- a. 先准备 - 创建数据库
- b. 配置用户和端点
- c. 安装并配置组件
- d. 完成安装
- 2)Verify Installation
- Compute service – nova installation
- 1)Install and configure
- a. 先准备 - 创建数据库
- b. 安装并配置组件
- c. 完成安装
- 2)Verify operation
- Networking service – neutron installation
- 1)Install and configure
- a. 先准备 - 创建数据库
- 2)配置 Provider networks
- a. 安装组件:
- b. 配置服务器组件
- c. 配置 Modular Layer 2 (ML2) plug-in
- d. 配置 Open vSwitch agent
- e. 配置 DHCP agent
- 1)Install and configure
- b. 配置 metadata agent
- c. 配置计算服务去使用网络服务
- d. 完成安装
官方指导手册:
Install OpenStack services
At a minimum, you need to install the following services. Install the services in the order specified below:
- Identity service> Image service
- Placement service
- Compute service
- Networking service
- 切换至超级用户模式:
执行指令:
sudo su
Identity service – keystone installation
1)Install and configure
a. 先准备 - 创建数据库
mysql
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '123456';
EXIT;
123456是创建的数据库 keystone 的密码
名为 KEYSTONE_DBPASS
b. 安装并配置组件
-
- 安装软件包
执行指令:
apt install keystone -y
-
- 编辑文件
执行指令:
vim /etc/keystone/keystone.conf
修改 [database] 的内容:
[database]
connection = mysql+pymysql://keystone:123456@controller/keystone
123456是数据库 keystone 的密码
名为 KEYSTONE_DBPASS
修改 [token] 的内容:
[token]
provider = fernet
-
- 填充身份认证服务数据库
执行指令:
su -s /bin/sh -c "keystone-manage db_sync" keystone
-
- 初始化 Fernet 密钥库
执行指令:
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
-
- 引导身份认证服务
执行指令:
keystone-manage bootstrap --bootstrap-password 123456 \--bootstrap-admin-url http://controller:5000/v3/ \--bootstrap-internal-url http://controller:5000/v3/ \--bootstrap-public-url http://controller:5000/v3/ \--bootstrap-region-id RegionOne
123456是为 Keystone 的管理员用户设置的密码,
名为 ADMIN_PASS
若是想修改密码,则修改指令中的密码后再执行一遍,则修改成功
c. 配置 Apache HTTP 服务器
- 编辑文件
执行指令:
vim /etc/apache2/apache2.conf
添加以下内容:
ServerName controller
d. 完成安装
-
- 重启 Apache 服务器
执行指令:
service apache2 restart
-
- 设置适当的环境变量配置管理账户
执行指令:
export OS_USERNAME=admin
export OS_PASSWORD=123456
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
123456是为管理员用户密码,
即上面b. 安装并配置组件中的- 5. 引导身份认证服务中设置的密码
名为 ADMIN_PASS
2)Create a domain, projects, users, and roles
创建域、项目、用户、角色
a. a formal way to create a new domain would be:
虽然已存在 default 域,但有必要给大家看一下创建新 域 的方法:
- 创建
example域
执行指令:
openstack domain create --description "An Example Domain" example
报错:
root@controller[16:00:36]:/home/cbz# openstack domain create --description "An Example Domain" example
The request you have made requires authentication. (HTTP 401) (Request-ID: req-88316b44-39c2-466e-ab3f-98e55e38dbc4)
这种报错就是密码填错,即上面
d. 完成安装中的- 2.设置适当的环境变量配置管理账户中密码设置错误
应该是上面b. 安装并配置组件中的- 5. 引导身份认证服务中设置的密码
可以修改密码后,重新执行export OS_PASSWORD=123456以更正密码
正常输出应该是:
root@controller[16:03:02]:/home/cbz# openstack domain create --description "An Example Domain" example
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | An Example Domain |
| enabled | True |
| id | eba741af628c4d6896d945ab1770ef66 |
| name | example |
| options | {} |
| tags | [] |
+-------------+----------------------------------+
b. Create the service project:
- 创建
service项目
执行指令:
openstack project create --domain default --description "Service Project" service
输出示例:
root@controller[16:03:10]:/home/cbz# openstack project create --domain default --description "Service Project" service
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Service Project |
| domain_id | default |
| enabled | True |
| id | 576e3951211243298fb79e5f28d1f52d |
| is_domain | False |
| name | service |
| options | {} |
| parent_id | default |
| tags | [] |
+-------------+----------------------------------+c. creates the myproject project and myuser user:
常规(非管理员)任务应使用无权限项目和用户。例如,本指南创建了 myproject 项目和 myuser 用户。
-
- 创建
myproject项目
- 创建
执行指令:
openstack project create --domain default --description "Demo Project" myproject
输出示例:
root@controller[00:12:34]:/home/cbz# openstack project create --domain default --description "Demo Project" myproject+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Demo Project |
| domain_id | default |
| enabled | True |
| id | 63c7e4891938403e8180e0d67420aac8 |
| is_domain | False |
| name | myproject |
| options | {} |
| parent_id | default |
| tags | [] |
+-------------+----------------------------------+注意:为该项目创建其他用户时,请勿重复此步骤。
-
- 创建
myuser用户
- 创建
执行指令:
openstack user create --domain default --password-prompt myuser
输出示例:
root@controller[00:13:13]:/home/cbz# openstack user create --domain default --password-prompt myuserUser Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 24e175ee7479427cb61b0fbc366215b0 |
| name | myuser |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
创建 myuser 用户并为其设置密码
123456
-
- 创建
myrole角色
- 创建
执行指令:
openstack role create myrole
输出示例:
root@controller[00:14:11]:/home/cbz# openstack role create myrole
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | None |
| domain_id | None |
| id | 0f94d52860e1407f86e1ca0ae57493e9 |
| name | myrole |
| options | {} |
+-------------+----------------------------------+-
- 添加
myrole到项目myproject、用户myuser
- 添加
执行指令:
openstack role add --project myproject --user myuser myrole
当前指令没有输出
3)Verify operation
-
- 注销临时环境变量 OS_AUTH_URL 和 OS_PASSWORD
执行指令:
unset OS_AUTH_URL OS_PASSWORD
-
- 以 admin 用户申请身份验证令牌
执行指令:
openstack --os-auth-url http://controller:5000/v3 \--os-project-domain-name Default --os-user-domain-name Default \--os-project-name admin --os-username admin token issue
输出:
root@controller[00:18:01]:/home/cbz# openstack --os-auth-url http://controller:5000/v3 \
> --os-project-domain-name Default --os-user-domain-name Default \
> --os-project-name admin --os-username admin token issue
Password:
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires | 2024-11-30T17:18:09+0000 |
| id | gAAAAABnSzrBaZUJwnDubg9l_iUP551xDqUy30Xc_6_PP5q_JWTwNdr8ONYY1XO2-A10l-afVckoTUbqzBMTt9Y-RvJfRXKtBeyxrW9BLPrcbrlrgAsxMOb7JpOfhyIYwZV4CuPL650jqqxVpC0g4hkUcvIX4yr9B-bZ2o_IF195wAsqtbP-JxA |
| project_id | d241a7b2af4d44bcb018f1d52a28a1d2 |
| user_id | 8d12b000481c49c8aa8a6a3d10037aa8 |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
密码为上面
Identity service – keystone installation中的1)Install and configure中的b. 安装并配置组件中的- 5. 引导身份认证服务中设置的密码
当然,如果全部密码都统一设置为
123456的话,不必理会
-
- 以 myuser 用户申请身份验证令牌
执行指令:
openstack --os-auth-url http://controller:5000/v3 \--os-project-domain-name Default --os-user-domain-name Default \--os-project-name myproject --os-username myuser token issue
输出示例:
root@controller[00:21:48]:/home/cbz# openstack --os-auth-url http://controller:5000/v3 \
> --os-project-domain-name Default --os-user-domain-name Default \
> --os-project-name myproject --os-username myuser token issue
Password:
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires | 2024-11-30T17:22:03+0000 |
| id | gAAAAABnSzurHvYIsKRqmK4OMo5tunK28wlMQS2oDH61k-r5KJ99TDejjlgx7qavkw2QogsajexU-8gqhrEkCg80oFCnxksXjGUnlbSBFh-MXxSSRgur3BNMvsDHEjAWOklWBU2JZlqx1kVqjWVGbMMn2UvaCTKeo-IBhA1AEeKnHwvgyrDYbbg |
| project_id | 63c7e4891938403e8180e0d67420aac8 |
| user_id | 24e175ee7479427cb61b0fbc366215b0 |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
输入上面创建的用户
myuser的密码
当然,如果全部密码都统一设置为
123456的话,不必理会
报错:
root@controller[00:18:09]:/home/cbz# openstack --os-auth-url http://controller:5000/v3 \
> --os-project-domain-name Default --os-user-domain-name Default \
> --os-project-name myproject --os-username myuser token issue
Password:
The request you have made requires authentication. (HTTP 401) (Request-ID: req-1aa5cb9b-995a-4077-a453-703cd4b15594)
密码输错了!!!
4)Create OpenStack client environment scripts
a. 创建脚本
-
- 创建并编辑
admin-openrc文件
- 创建并编辑
执行指令:
vim ~/admin-openrc
进入一个新文件!!!
注意是创建在 ~/ 目录下!!!
添加以下内容:
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=123456
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
123456是为管理员用户密码,
即上面b. 安装并配置组件中的- 5. 引导身份认证服务中设置的密码
名为 ADMIN_PASS
-
- 创建并编辑
demo-openrc文件
- 创建并编辑
执行指令:
vim ~/demo-openrc
添加以下内容:
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=myproject
export OS_USERNAME=myuser
export OS_PASSWORD=123456
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
123456是为用户 myuser 的密码,
名为 DEMO_PASS
b. 使用脚本
-
- 加载 admin-openrc 文件
执行指令:
cd ~/
. admin-openrc
报错:
root@controller[00:27:50]:/home/cbz# . admin-openrc
bash: admin-openrc: No such file or directory
这种情况是未将目录跳转到 ’~/‘中,
须要执行cd ~/
-
- 申请身份验证令牌
执行指令:
openstack token issue
输出示例:
root@controller[00:32:39]:~# openstack token issue
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires | 2024-11-30T17:32:42+0000 |
| id | gAAAAABnSz4q02THl5sazdWvLw09HeUGK8-Rq65UrH24rzQzMdEMvnzuPWrS7aeVQHp0FKUHDwlm-LUzQH3ROUCsdl00vgYQ8t7uT510MyT2LRX_c8WKt4F1Umo32suxgwYIdKr5xb2t2CN0e-OOgKLgDcOijUA0a54k2MSxgyFKXSUvwLMa-6g |
| project_id | d241a7b2af4d44bcb018f1d52a28a1d2 |
| user_id | 8d12b000481c49c8aa8a6a3d10037aa8 |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
报错:
root@controller[00:31:45]:~# openstack token issue
The request you have made requires authentication. (HTTP 401) (Request-ID: req-983ef1a8-88b6-4821-9ab9-05c72a5a81e8)
密码没设置对!!!
密码为上面
Identity service – keystone installation中的1)Install and configure中的b. 安装并配置组件中的- 5. 引导身份认证服务中设置的密码
当然,如果全部密码都统一设置为
123456的话,不必理会
Image service – glance installation
1)Install and configure
a. 先准备 - 创建数据库
-
- 创建数据库
执行指令:
mysql
执行 mysql 指令:
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '123456';
EXIT;
123456是创建的数据库 glance 的密码
名为 GLANCE_DBPASS
-
- 加载 admin-openrc 文件
执行指令:
. admin-openrc
-
- 创建
glance用户
- 创建
执行指令:
openstack user create --domain default --password-prompt glance
输出示例:
root@controller[01:00:52]:~# openstack user create --domain default --password-prompt glance
User Password:123456
Repeat User Password:123456
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 5e6cf17e4c8a40b798ee97f57ac86314 |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
创建用户 glance 并为其设置密码
123456
-
- 添加
admin角色到glance用户、service项目中
- 添加
执行指令:
openstack role add --project service --user glance admin
此指令没有输出
-
- 创建 glance 服务实例
执行指令:
openstack service create --name glance --description "OpenStack Image" image
输出示例:
root@controller[01:04:06]:~# openstack service create --name glance --description "OpenStack Image" image
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image |
| enabled | True |
| id | 1567a217dd2540d5b75e1a16c70b2b75 |
| name | glance |
| type | image |
+-------------+----------------------------------+
-
- 创建镜像服务 API 端点:
执行指令:
openstack endpoint create --region RegionOne image public http://controller:9292
openstack endpoint create --region RegionOne image internal http://controller:9292
openstack endpoint create --region RegionOne image admin http://controller:9292
输出示例:
root@controller[01:04:16]:~# openstack endpoint create --region RegionOne image public http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 4acbef3ff8544fe9b0efcea016dfb04f |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 1567a217dd2540d5b75e1a16c70b2b75 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
root@controller[01:04:35]:~# openstack endpoint create --region RegionOne image internal http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 79efda062d24421fa2058db675a1b2df |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 1567a217dd2540d5b75e1a16c70b2b75 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
root@controller[01:04:36]:~# openstack endpoint create --region RegionOne image admin http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | f905f7f870494fffa2bf32e5465a8830 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 1567a217dd2540d5b75e1a16c70b2b75 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
b. 安装并配置组件
-
- 安装软件包
执行指令:
apt install glance -y
-
- 编辑文件
执行指令:
vim /etc/glance/glance-api.conf
在 [database] 中添加以下内容:
[database]
connection = mysql+pymysql://glance:123456@controller/glance
123456是数据库 glance 的密码,
名为 GLANCE_DBPASS
将 [keystone_authtoken] 中的其他所有选项都给注释掉,再添加以下内容:
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = 123456
123456是用户 glance 的密码,
名为 GLANCE_PASS
在 [paste_deploy] 中添加以下内容:
[paste_deploy]
flavor = keystone
在 [glance_store] 中添加以下内容:
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
在 [paste_deploy] 中添加以下内容:
[oslo_limit]
auth_url = http://controller:5000
auth_type = password
user_domain_id = default
username = glance
system_scope = all
password = 123456
endpoint_id = 340be3625e9b4239a6415d034e98aace
region_name = RegionOne
123456是用户 glance 的密码,
名为 GLANCE_PASS
若没有对应的 [paste_deploy] 节段,则手动添加,也就是将上面这段包括 [paste_deploy] 的内容全粘贴到文件中
-
- 填充镜像服务数据库:
执行指令:
su -s /bin/sh -c "glance-manage db_sync" glance
输出:
root@controller[01:21:18]:~# su -s /bin/sh -c "glance-manage db_sync" glance
2024-12-01 01:21:28.473 30852 INFO alembic.runtime.migration [-] Context impl MySQLImpl.
2024-12-01 01:21:28.474 30852 INFO alembic.runtime.migration [-] Will assume non-transactional DDL.
2024-12-01 01:21:28.479 30852 INFO alembic.runtime.migration [-] Context impl MySQLImpl.
2024-12-01 01:21:28.480 30852 INFO alembic.runtime.migration [-] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
/usr/lib/python3/dist-packages/pymysql/cursors.py:170: Warning: (1280, "Name 'alembic_version_pkc' ignored for PRIMARY key.")result = self._query(query)
INFO [alembic.runtime.migration] Running upgrade -> liberty, liberty initial
INFO [alembic.runtime.migration] Running upgrade liberty -> mitaka01, add index on created_at and updated_at columns of 'images' table
INFO [alembic.runtime.migration] Running upgrade mitaka01 -> mitaka02, update metadef os_nova_server
INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_expand01, add visibility to images
INFO [alembic.runtime.migration] Running upgrade ocata_expand01 -> pike_expand01, empty expand for symmetry with pike_contract01
INFO [alembic.runtime.migration] Running upgrade pike_expand01 -> queens_expand01
INFO [alembic.runtime.migration] Running upgrade queens_expand01 -> rocky_expand01, add os_hidden column to images table
INFO [alembic.runtime.migration] Running upgrade rocky_expand01 -> rocky_expand02, add os_hash_algo and os_hash_value columns to images table
INFO [alembic.runtime.migration] Running upgrade rocky_expand02 -> train_expand01, empty expand for symmetry with train_contract01
INFO [alembic.runtime.migration] Running upgrade train_expand01 -> ussuri_expand01, empty expand for symmetry with ussuri_expand01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Upgraded database to: ussuri_expand01, current revision(s): ussuri_expand01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Database migration is up to date. No migration needed.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_contract01, remove is_public from images
INFO [alembic.runtime.migration] Running upgrade ocata_contract01 -> pike_contract01, drop glare artifacts tables
INFO [alembic.runtime.migration] Running upgrade pike_contract01 -> queens_contract01
INFO [alembic.runtime.migration] Running upgrade queens_contract01 -> rocky_contract01
INFO [alembic.runtime.migration] Running upgrade rocky_contract01 -> rocky_contract02
INFO [alembic.runtime.migration] Running upgrade rocky_contract02 -> train_contract01
INFO [alembic.runtime.migration] Running upgrade train_contract01 -> ussuri_contract01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Upgraded database to: ussuri_contract01, current revision(s): ussuri_contract01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Database is synced successfully.
c. 完成安装
- 重启镜像服务:
执行指令:
service glance-api restart
没有输出
## 2)Verify operation
以下这段 Verify operation 的内容作验证作用,可不执行!!!!!!!
跳过跳过跳过 这一步
-
- 加载 admin-openrc 文件:
执行指令:
. admin-openrc
-
- 下载源镜像:
执行指令:
wget https://github.com/cirros-dev/cirros/releases/download/0.4.0/cirros-0.4.0-x86_64-disk.img -O cirros-0.4.0-x86_64-disk.img
-
- 将镜像上传到镜像服务
执行指令:
glance image-create --name "cirros" --file cirros-0.4.0-x86_64-disk.img --disk-format qcow2 --container-format bare --visibility=public
输出示例:
$ glance image-create --name "cirros" \--file cirros-0.4.0-x86_64-disk.img \--disk-format qcow2 --container-format bare \--visibility=public+------------------+------------------------------------------------------+
| Field | Value |
+------------------+------------------------------------------------------+
| checksum | 133eae9fb1c98f45894a4e60d8736619 |
| container_format | bare |
| created_at | 2015-03-26T16:52:10Z |
| disk_format | qcow2 |
| file | /v2/images/cc5c6982-4910-471e-b864-1098015901b5/file |
| id | cc5c6982-4910-471e-b864-1098015901b5 |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros |
| owner | ae7a98326b9c455588edd2656d723b9d |
| protected | False |
| schema | /v2/schemas/image |
| size | 13200896 |
| status | active |
| tags | |
| updated_at | 2015-03-26T16:52:10Z |
| virtual_size | None |
| visibility | public |
+------------------+------------------------------------------------------+
-
- 确认上传图像并验证属性
执行指令:
glance image-list
输出示例:
$ glance image-list+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| 38047887-61a7-41ea-9b49-27987d5e8bb9 | cirros | active |
+--------------------------------------+--------+--------+
Placement service – placement installation
1)Install and configure
a. 先准备 - 创建数据库
- 创建数据库
执行指令:
mysql
执行 mysql 指令:
CREATE DATABASE placement;
GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' IDENTIFIED BY '123456';
EXIT;
123456是创建的数据库 glance 的密码
名为 PLACEMENT_DBPASS
b. 配置用户和端点
-
- 加载 admin-openrc 文件
执行指令:
. admin-openrc
-
- 创建
placement服务用户:
- 创建
执行指令:
openstack user create --domain default --password-prompt placement
输出示例:
root@controller[01:25:56]:~# openstack user create --domain default --password-prompt placement
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 5408f1094e174b549f5dbeee81640870 |
| name | placement |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
创建用户 placement 并为其设置密码
123456
-
- 添加
placement用户到service项目、admin角色中
- 添加
执行指令:
openstack role add --project service --user placement admin
此指令没有输出
-
- 创建 Placement API 实例
执行指令:
openstack service create --name placement --description "Placement API" placement
输出示例:
root@controller[01:28:40]:~# openstack service create --name placement --description "Placement API" placement
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Placement API |
| enabled | True |
| id | a56358f3e45e4410a7f71f49d036b72c |
| name | placement |
| type | placement |
+-------------+----------------------------------+
-
- 创建 Placement API 服务端点
执行指令:
openstack endpoint create --region RegionOne placement public http://controller:8778
openstack endpoint create --region RegionOne placement internal http://controller:8778
openstack endpoint create --region RegionOne placement admin http://controller:8778
输出示例:
root@controller[01:28:59]:~# openstack endpoint create --region RegionOne placement public http://controller:8778
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 6445ffb85a8a41f08779e0347a572e3a |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | a56358f3e45e4410a7f71f49d036b72c |
| service_name | placement |
| service_type | placement |
| url | http://controller:8778 |
+--------------+----------------------------------+
root@controller[01:30:30]:~# openstack endpoint create --region RegionOne placement internal http://controller:8778
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 89eef2ded4644079a922bb4b63b7d0f7 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | a56358f3e45e4410a7f71f49d036b72c |
| service_name | placement |
| service_type 聼 placement |
| url | http://controller:8778 |
+--------------+----------------------------------+
root@controller[01:30:31]:~# openstack endpoint create --region RegionOne placement admin http://controller:8778
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 7feb3d722a2045c6bbcae3977d093662 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | a56358f3e45e4410a7f71f49d036b72c |
| service_name | placement |
| service_type | placement |
| url | http://controller:8778 |
+--------------+----------------------------------+
c. 安装并配置组件
-
- 安装软件包
执行指令:
apt install placement-api -y
-
- 编辑文件
执行指令:
vim /etc/placement/placement.conf
在 [placement_database] 中添加以下内容:
[placement_database]
connection = mysql+pymysql://placement:123456@controller/placement
123456是数据库 placement 的密码,
名为 PLACEMENT_DBPASS
在 [api] 中添加以下内容:
[api]
auth_strategy = keystone
将 [keystone_authtoken] 中的其他所有选项都给注释掉,再添加以下内容:
[keystone_authtoken]
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = placement
password = 123456
123456是用户 placement 的密码,
名为 PLACEMENT_PASS
-
- 填充 placement 数据库:
执行指令:
su -s /bin/sh -c "placement-manage db sync" placement
此指令没有输出
报错:
root@controller[01:41:08]:~# su -s /bin/sh -c "placement-manage db sync" placement
/usr/lib/python3/dist-packages/pymysql/cursors.py:170: Warning: (1280, "Name 'alembic_version_pkc' ignored for PRIMARY key.")result = self._query(query)
该警告是由于数据库迁移脚本在执行时尝试设置主键,而数据库中已经有一个主键。
尽管有警告,数据库迁移可能已经成功。可以通过以下命令验证:
执行指令:
placement-manage db version
如果返回最新的数据库版本号,则说明迁移成功。如:
root@controller[01:41:24]:~# placement-manage db version
b5c396305c25
d. 完成安装
- 重新加载 web 服务器
执行指令:
service apache2 restart
2)Verify Installation
-
- 加载 admin-openrc 文件
执行指令:
. admin-openrc
-
- 检查执行状态
执行指令:
placement-status upgrade check
输出示例:
root@controller[01:47:38]:~# placement-status upgrade check
+----------------------------------+
| Upgrade Check Results |
+----------------------------------+
| Check: Missing Root Provider IDs |
| Result: Success |
| Details: None |
+----------------------------------+
| Check: Incomplete Consumers |
| Result: Success |
| Details: None |
+----------------------------------+
-
- 安装 osc-placement 插件
执行指令:
apt install pip3 -y
pip3 install osc-placement
报错则使用
apt install pip -y
apt install pip -y
pip install osc-placement
-
- 列出可用的资源类别和特性
执行指令:
openstack --os-placement-api-version 1.2 resource class list --sort-column name
输出示例:
root@controller[01:49:48]:~# openstack --os-placement-api-version 1.2 resource class list --sort-column name
+----------------------------+
| name |
+----------------------------+
| DISK_GB |
| FPGA |
| IPV4_ADDRESS |
| MEMORY_MB |
| MEM_ENCRYPTION_CONTEXT |
| NET_BW_EGR_KILOBIT_PER_SEC |
| NET_BW_IGR_KILOBIT_PER_SEC |
| NUMA_CORE |
| NUMA_MEMORY_MB |
| NUMA_SOCKET |
| NUMA_THREAD |
| PCI_DEVICE |
| PCPU |
| PGPU |
| SRIOV_NET_VF |
| VCPU |
| VGPU |
| VGPU_DISPLAY_HEAD |
+----------------------------+
执行指令:
openstack --os-placement-api-version 1.6 trait list --sort-column name
输出示例:
$ openstack --os-placement-api-version 1.2 resource class list --sort-column name
+----------------------------+
| name |
+----------------------------+
| DISK_GB |
| IPV4_ADDRESS |
| ... |$ openstack --os-placement-api-version 1.6 trait list --sort-column name
+---------------------------------------+
| name |
+---------------------------------------+
| COMPUTE_DEVICE_TAGGING |
| COMPUTE_NET_ATTACH_INTERFACE |
| ... |
Compute service – nova installation
1)Install and configure
a. 先准备 - 创建数据库
-
- 创建数据库
执行指令:
mysql
执行 mysql 指令:
CREATE DATABASE nova_api;
CREATE DATABASE nova;
CREATE DATABASE nova_cell0;GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY '123456';GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '123456';GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY '123456';EXIT;
123456是创建的数据库 nova_api、nova、nova_cell0 的密码
统一设置名为 NOVA_DBPASS
-
- 加载 admin-openrc 文件
执行指令:
. admin-openrc
-
- 创建
nova用户
- 创建
执行指令:
openstack user create --domain default --password-prompt nova
输出示例:
root@controller[01:58:41]:~# openstack user create --domain default --password-prompt nova
User Password:123456
Repeat User Password:123456
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 0addb0d559f7423fbe259aa781b07117 |
| name | nova |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
创建用户 nova 并为其设置密码
123456
-
- 添加
admin角色到nova用户上
- 添加
执行指令:
openstack role add --project service --user nova admin
此指令没有输出
-
- 创建 nova 服务实例
执行指令:
openstack service create --name nova --description "OpenStack Compute" compute
输出示例:
root@controller[01:59:56]:~# openstack service create --name nova --description "OpenStack Compute" compute
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Compute |
| enabled | True |
| id | 83e7b7e19b9d4500bbcf3f92ff5d2b9d |
| name | nova |
| type | compute |
+-------------+----------------------------------+
-
- 创建 compute API 服务端点
执行指令:
openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1
openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1
openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1
输出示例:
root@controller[02:00:09]:~# openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | fc17680b5d6e4389a6ae7eb6d5eed2c0 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 83e7b7e19b9d4500bbcf3f92ff5d2b9d |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+--------------+----------------------------------+
root@controller[02:00:39]:~# openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 57d7f9654b2e4e4d8d7937857396c081 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 83e7b7e19b9d4500bbcf3f92ff5d2b9d |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+--------------+----------------------------------+
root@controller[02:00:40]:~# openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | eb72b94371254d9badf80845790f1cc6 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 83e7b7e19b9d4500bbcf3f92ff5d2b9d |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+--------------+----------------------------------+
b. 安装并配置组件
-
- 安装软件包
执行指令:
apt install nova-api nova-conductor nova-novncproxy nova-scheduler -y
-
- 编辑文件
执行指令:
vim /etc/nova/nova.conf
在 [api_database] 中添加以下内容:
[api_database]
connection = mysql+pymysql://nova:123456@controller/nova_api
123456是数据库 nova 的密码,
名为 NOVA_DBPASS
在 [database] 中添加以下内容:
[database]
connection = mysql+pymysql://nova:123456@controller/nova
123456是数据库 nova 的密码,
名为 NOVA_DBPASS
在 [DEFAULT] 中添加以下内容:
[DEFAULT]
transport_url = rabbit://openstack:123456@controller:5672/
my_ip = 192.168.10.10
123456是用户 admin 的密码,
名为 RABBIT_PASS
192.168.10.10 替换成 ens33 中对应的 ip 地址
移除掉 [DEFAULT] 中的
log_dir项
在 [api] 中添加以下内容:
[api]
auth_strategy = keystone
将 [keystone_authtoken] 中的其他所有选项都给注释掉,再添加以下内容:
[keystone_authtoken]
www_authenticate_uri = http://controller:5000/
auth_url = http://controller:5000/
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = 123456
123456是用户 admin 的密码,
名为 NOVA_PASS
在 [service_user] 中添加以下内容:
[service_user]
send_service_user_token = true
auth_url = https://controller/identity
auth_strategy = keystone
auth_type = password
project_domain_name = Default
project_name = service
user_domain_name = Default
username = nova
password = 123456
123456是用户 admin 的密码,
名为 NOVA_PASS
在 [glance] 中添加以下内容:
[glance]
api_servers = http://controller:9292
在 [placement] 中添加以下内容:
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = 123456
123456是用户 admin 的密码,
名为 PLACEMENT_PASS
-
- 填充 nova-api 数据库
执行指令:
su -s /bin/sh -c "nova-manage api_db sync" nova
输出示例:
(有很多)
2024-12-01 02:14:07.743 43606 INFO migrate.versioning.api [-] 76 -> 77...
2024-12-01 02:14:07.746 43606 INFO migrate.versioning.api [-] done
-
- 注册 cell0 数据库
执行指令:
su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
没有输出
-
- 创建 cell1 单元
执行指令:
su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
输出示例:
root@controller[02:14:17]:~# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
--transport-url not provided in the command line, using the value [DEFAULT]/transport_url from the configuration file
--database_connection not provided in the command line, using the value [database]/connection from the configuration file
ea2f189e-e2da-4128-9bad-7637ddfe53d6
-
- 填充 nova 数据库
执行指令:
su -s /bin/sh -c "nova-manage db sync" nova
输出示例:
(有很多)
2024-12-01 02:17:29.828 44378 INFO migrate.versioning.api [req-c94a6eee-348c-49e0-b140-6610f7bd0391 - - - - -] done
2024-12-01 02:17:29.828 44378 INFO migrate.versioning.api [req-c94a6eee-348c-49e0-b140-6610f7bd0391 - - - - -] 411 -> 412...
2024-12-01 02:17:29.832 44378 INFO migrate.versioning.api [req-c94a6eee-348c-49e0-b140-6610f7bd0391 - - - - -] done
-
- Verify nova cell0 and cell1 are registered correctly
执行指令:
su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova
输出示例:
root@controller[02:17:29]:~# su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova
+-------+--------------------------------------+------------------------------------------+-------------------------------------------------+----------+
| Name | UUID | Transport URL | Database Connection | Disabled |
+-------+--------------------------------------+------------------------------------------+-------------------------------------------------+----------+
| cell0 | 00000000-0000-0000-0000-000000000000 | none:/ | mysql+pymysql://nova:****@controller/nova_cell0 | False |
| cell1 | ea2f189e-e2da-4128-9bad-7637ddfe53d6 | rabbit://openstack:****@controller:5672/ | mysql+pymysql://nova:****@controller/nova | False |
+-------+--------------------------------------+------------------------------------------+-------------------------------------------------+----------+
c. 完成安装
执行指令:
service nova-api restart
service nova-scheduler restart
service nova-conductor restart
service nova-novncproxy restart
没有输出
2)Verify operation
Verify operation 应在完成 compute 节点配置完成后再执行
-
- 加载 admin-openrc 文件
执行指令:
. admin-openrc
-
- 列出服务组件
执行指令:
openstack compute service list
输出示例:
root@controller[02:21:35]:~# openstack compute service list
+----+----------------+------------+----------+---------+-------+----------------------------+
| ID | Binary | Host | Zone | Status | State | Updated At |
+----+----------------+------------+----------+---------+-------+----------------------------+
| 5 | nova-scheduler | controller | internal | enabled | up | 2024-11-30T18:21:36.000000 |
| 6 | nova-conductor | controller | internal | enabled | up | 2024-11-30T18:21:36.000000 |
| 7 | nova-compute | controller | nova | enabled | up | 2024-11-30T18:21:38.000000 |
+----+----------------+------------+----------+---------+-------+----------------------------+
-
- 列出 API 端点
执行指令:
openstack catalog list
输出示例:
$ openstack catalog list+-----------+-----------+-----------------------------------------+
| Name | Type | Endpoints |
+-----------+-----------+-----------------------------------------+
| keystone | identity | RegionOne |
| | | public: http://controller:5000/v3/ |
| | | RegionOne |
| | | internal: http://controller:5000/v3/ |
| | | RegionOne |
| | | admin: http://controller:5000/v3/ |
| | | |
| glance | image | RegionOne |
| | | admin: http://controller:9292 |
| | | RegionOne |
| | | public: http://controller:9292 |
| | | RegionOne |
| | | internal: http://controller:9292 |
| | | |
| nova | compute | RegionOne |
| | | admin: http://controller:8774/v2.1 |
| | | RegionOne |
| | | internal: http://controller:8774/v2.1 |
| | | RegionOne |
| | | public: http://controller:8774/v2.1 |
| | | |
| placement | placement | RegionOne |
| | | public: http://controller:8778 |
| | | RegionOne |
| | | admin: http://controller:8778 |
| | | RegionOne |
| | | internal: http://controller:8778 |
| | | |
+-----------+-----------+-----------------------------------------+
-
- 列出镜像
执行指令:
openstack image list
输出示例:
$ openstack image list+--------------------------------------+-------------+-------------+
| ID | Name | Status |
+--------------------------------------+-------------+-------------+
| 9a76d9f9-9620-4f2e-8c69-6c5691fae163 | cirros | active |
+--------------------------------------+-------------+-------------+
没输出也正常,不报错就没事
-
- 检查 cells 和 placement API 都成功运行
执行指令:
nova-status upgrade check
输出示例:
# nova-status upgrade check+--------------------------------------------------------------------+
| Upgrade Check Results |
+--------------------------------------------------------------------+
| Check: Cells v2 |
| Result: Success |
| Details: None |
+--------------------------------------------------------------------+
| Check: Placement API |
| Result: Success |
| Details: None |
+--------------------------------------------------------------------+
| Check: Cinder API |
| Result: Success |
| Details: None |
+--------------------------------------------------------------------+
| Check: Policy File JSON to YAML Migration |
| Result: Success |
| Details: None |
+--------------------------------------------------------------------+
| Check: Older than N-1 computes |
| Result: Success |
| Details: None |
+--------------------------------------------------------------------+
Networking service – neutron installation
1)Install and configure
a. 先准备 - 创建数据库
-
- 创建数据库
执行指令:
mysql -u root -p
执行 mysql 指令:
CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '123456';
EXIT;
123456是创建的数据库 neutron 的密码
名为 NEUTRON_DBPASS
-
- 加载 admin-openrc 文件
执行指令:
. admin-openrc
-
- 创建
neutron用户
- 创建
执行指令:
openstack user create --domain default --password-prompt neutron
输出示例:
root@controller[02:26:02]:~# openstack user create --domain default --password-prompt neutron
User Password:123456
Repeat User Password:123456
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 030c5d042e6c418581c805b781d69268 |
| name | neutron |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
创建用户 neutron 并为其设置密码
123456
-
- 添加
admin角色到neutron用户中
- 添加
执行指令:
openstack role add --project service --user neutron admin
没有输出
-
- 创建 neutron 服务实例
执行指令:
openstack service create --name neutron --description "OpenStack Networking" network
输出示例:
root@controller[02:27:14]:~# openstack service create --name neutron --description "OpenStack Networking" network
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Networking |
| enabled | True |
| id | d139db5c69e74111b3397acaf85c2efc |
| name | neutron |
| type | network |
+-------------+----------------------------------+-
- 创建网络服务 APT 端点
执行指令:
openstack endpoint create --region RegionOne network public http://controller:9696
openstack endpoint create --region RegionOne network internal http://controller:9696
openstack endpoint create --region RegionOne network admin http://controller:9696
输出示例:
root@controller[02:27:14]:~# openstack service create --name neutron --description "OpenStack Networking" network
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Networking |
| enabled | True |
| id | d139db5c69e74111b3397acaf85c2efc |
| name | neutron |
| type | network |
+-------------+----------------------------------+
root@controller[02:27:27]:~# openstack endpoint create --region RegionOne network public http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | c2e950790afd40409328b635b1d5d54e |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | d139db5c69e74111b3397acaf85c2efc |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
root@controller[02:28:09]:~# openstack endpoint create --region RegionOne network internal http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | cba6cca26ae641e1989d1dcf0025da6b |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | d139db5c69e74111b3397acaf85c2efc |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
root@controller[02:28:10]:~# openstack endpoint create --region RegionOne network admin http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 615958b7e595420daa3f7230ad43bbea |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | d139db5c69e74111b3397acaf85c2efc |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
2)配置 Provider networks
a. 安装组件:
- 安装软件包
执行指令:
apt install neutron-server neutron-plugin-ml2 neutron-openvswitch-agent neutron-dhcp-agent neutron-metadata-agent -y
b. 配置服务器组件
- 编辑文件:
执行指令:
vim /etc/neutron/neutron.conf
将 [database] 中的其他所有选项都给注释掉,再添加以下内容:
[database]
connection = mysql+pymysql://neutron:123456@controller/neutron
123456是数据库 neutron 的密码,
名为 NEUTRON_DBPASS
在 [DEFAULT] 中添加以下内容:
[DEFAULT]
core_plugin = ml2
service_plugins =
transport_url = rabbit://openstack:123456@controller
auth_strategy = keystone
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
123456是用户 keystone 的密码,
名为 RABBIT_PASS
将 [keystone_authtoken] 中的其他所有选项都给注释掉,再添加以下内容:
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = neutron
password = 123456
123456是用户 neutron 的密码,
名为 NEUTRON_PASS
在 [nova] 中添加以下内容:
[nova]
auth_url = http://controller:5000
auth_type = password
project_domain_name = Default
user_domain_name = Default
region_name = RegionOne
project_name = service
username = nova
password = 123456
123456是用户 neutron 的密码,
名为 NOVA_PASS
在 [oslo_concurrency] 中添加以下内容:
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
c. 配置 Modular Layer 2 (ML2) plug-in
- 编辑文件:
执行指令:
vim /etc/neutron/plugins/ml2/ml2_conf.ini
在 [ml2] 中添加以下内容:
[ml2]
type_drivers = flat,vlan
tenant_network_types =
mechanism_drivers = openvswitch
extension_drivers = port_security
在 [ml2_type_flat] 中添加以下内容:
[ml2_type_flat]
flat_networks = provider
d. 配置 Open vSwitch agent
-
- 编辑文件
执行指令:
vim /etc/neutron/plugins/ml2/openvswitch_agent.ini
在 [ovs] 中添加以下内容:
[ovs]
bridge_mappings = provider:ens33
在 [securitygroup] 中添加以下内容:
[securitygroup]
enable_security_group = true
firewall_driver = openvswitch
#firewall_driver = iptables_hybrid
-
- 验证以下值是否都设为 1
执行指令:
sysctl net.bridge.bridge-nf-call-iptables
sysctl net.bridge.bridge-nf-call-ip6tables
输出示例:
root@controller[02:39:36]:~# sysctl net.bridge.bridge-nf-call-iptables
net.bridge.bridge-nf-call-iptables = 1
root@controller[02:39:42]:~# sysctl net.bridge.bridge-nf-call-ip6tables
net.bridge.bridge-nf-call-ip6tables = 1
e. 配置 DHCP agent
- 编辑以下文件:
执行指令:
vim /etc/neutron/dhcp_agent.ini
在 [DEFAULT] 中添加以下内容:
[DEFAULT]
interface_driver = openvswitch
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true
1)Install and configure
b. 配置 metadata agent
- 编辑文件
执行指令:
vim /etc/neutron/metadata_agent.ini
在 [DEFAULT] 中添加以下内容:
[DEFAULT]
nova_metadata_host = controller
metadata_proxy_shared_secret = 123456
123456为 METADATA_SECRET ,但这一般使用openssl rand -hex 10生成的密钥作为该密码。
c. 配置计算服务去使用网络服务
- 编辑文件
执行指令:
vim /etc/nova/nova.conf
在 [neutron] 中添加以下内容:
[neutron]
auth_url = http://controller:5000
auth_type = password
project_domain_name = Default
user_domain_name = Default
region_name = RegionOne
project_name = service
username = neutron
password = 123456
service_metadata_proxy = true
metadata_proxy_shared_secret = 123456
password = 123456 是用户 neutron 的密码,名为 NEUTRON_PASS
metadata_proxy_shared_secret = 123456 是上一段中设置的密码,名为 METADATA_SECRET
d. 完成安装
-
- 填充数据库
执行指令:
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
输出:
(有很多)
INFO [alembic.runtime.migration] Running upgrade b12a3ef66e62 -> 97c25b0d2353
INFO [alembic.runtime.migration] Running upgrade 97c25b0d2353 -> 2e0d7a8a1586
INFO [alembic.runtime.migration] Running upgrade 2e0d7a8a1586 -> 5c85685d616dOK
-
- 重启 compute API 服务
执行指令:
service nova-api restart
-
- 重启网络服务
执行指令:
service neutron-server restart
service neutron-openvswitch-agent restart
service neutron-dhcp-agent restart
执行指令:
service neutron-metadata-agent restart
这个指令完成的有点慢
相关文章:
三:安装服务-controller node
一:工具、环境准备-controller node 二:OpenStack环境准备-controller node 三:安装服务-controller node 四:工具、环境准备-compute node 五:OpenStack环境准备-compute node 六:安装服务-compute node 七…...
自定义类型: 结构体、枚举 、联合
目录 结构体 结构体类型的声明 匿名结构体 结构的自引用 结构体变量的定义和初始化 结构体成员变量的访问 结构体内存对齐 结构体传参 位段 位段类型的声明 位段的内存分配 位段的跨平台问题 位段的应用 枚举 枚举类型的定义 枚举的优点 联合体(共用体) 联合…...
Bert+CRF的NER实战
CRF(条件随机场-Conditional Random Field) 原始本文:我在北京吃炸酱面 标注示例: 我O在O北B-PLA京I-PLA吃O炸B-FOOD酱I-FOOD面I-FOOD CRF: 目的:提出一些不可能出现的预测组合(例如I-PLA不能…...
永久停用PostgreSQL 归档功能
文章目录 引言永久停用归档功能归档的优势归档的劣势开启归档的情况关闭归档的情况see also引言 PostgreSQL 是一个开源的关系型数据库系统,支持数据归档(WAL),可以实现数据备份、恢复和灾难恢复等功能。在使用 PostgreSQL 的过程中,如果 PostgreSQL 数据库开启了归档(a…...
《数字图像处理基础》学习07-图像几何变换之最近邻插值法放大图像
目录 一,概念 二,题目及matlab实现 1,解题思路 2,matlab实现 1)matlab思路 2)完整代码 三,放大图像及matlab实现 一,概念 通过上一篇,我已经学习了使用最邻近插…...
pip安装库时报错(请求超时)
天行健,君子以自强不息;地势坤,君子以厚德载物。 每个人都有惰性,但不断学习是好好生活的根本,共勉! 文章均为学习整理笔记,分享记录为主,如有错误请指正,共同学习进步。…...
XPath表达式详解及其在Web开发中的应用
XPath(XML Path Language)是一种强大的查询语言,用于在XML文档中选择节点。由于HTML可以被视为一种特殊的XML,因此XPath同样适用于HTML文档。XPath允许开发者通过元素的层级结构和属性来选择节点或节点集合,这使得它成…...
Qt中Socket网络编程
文章目录 Qt中Socket网络编程服务器端客户端 Qt中Socket网络编程 这里就拿b站上爱编程的小丙的demo来做总结吧,首先要感谢成功带我入门的人:爱编程的小丙和程序员长风,这两个人是讲Socket编程我听懂的课555,接下来就总结一下Qt中…...
【05】Selenium+Python 两种文件上传方式(AutoIt)
上传文件的两种方式 一、input标签上传文件 可以用send_keys方法直接上传文件 示例代码 input标签上传文件import time from selenium import webdriver from chromedriver_py import binary_path # this will get you the path variable from selenium.webdriver.common.by i…...
Python网络编程
网络编程 Socket(套接字) socket 位于 网络协议中的 数据传输层、 该层 主要 可以通过 UDP 或者 TCP协议 实现 数据的传输 TCP 协议 VS UDP协议 tcp : 是一个 可靠的 ,面向 连接的协议。 数据在网络传输中 是安全的,不易丢失的。 TCP连接 在建立的时候&…...
openssl生成ca证书
常见CA文件夹 1、生成CA钥匙 openssl genrsa -out ./private/cakey.pem 2、生成CA自签名 openssl req -new -x509 -key ./private/cakey.pem -out ./cacert.crt -days 3650 3、生成http服务器私钥 openssl genrsa -out ./data/frontt.project.com.key 2048 4、CA给http服务器…...
Oracle RAC 环境下数据文件误建在本地目录的处理过程
问题描述 在 Oracle RAC 环境中,有时会误将数据文件创建在本地目录,导致其他节点无法访问该数据文件,从而报出 ORA-01157 和 ORA-01110 错误。 问题分析 错误日志 Mon Nov 16 19:02:38 2021 Errors in file /u01/app/oracle/diag/rdbms/orc…...
新质驱动·科东软件受邀出席2024智能网联+低空经济暨第二届湾区汽车T9+N闭门会议
为推进广东省加快发展新质生产力,贯彻落实“百县千镇万村高质量发展工程”,推动韶关市新丰县智能网联新能源汽车、低空经济与数字技术的创新与发展,充分发挥湾区汽车产业链头部企业的带动作用。韶关市指导、珠三角湾区智能网联新能源汽车产业…...
windows11 使用体验记录
好的地方: UI上字体风格貌似更好看了,文件夹增加了多个标签,类似于浏览器既可以打开多个窗口,也可以在同一个窗口中打开多个标签页 不好的地方: 桌面右下角点击日期时间,显示日期,时间呢&…...
202页MES项目需求方案深入解读,学习MES系统设计规划
202页MES项目需求方案深入解读,学习MES系统设计规划 MES项目需求方案旨在实现制造执行、效率提升、精细化管理等多个方面的功能。整体结构分为七大部分,包括制造执行、效率、精细化、品质在线、设备、用户思想和数据互联。制造执行部分关注订单、品质数据…...
前端css实例
前端css实例 一、带条纹的表格 <!DOCTYPE html> <html lang"en"> <head><meta charset"UTF-8"><meta name"viewport" content"widthdevice-width, initial-scale1.0"><title>条纹样式的表格<…...
YOLO的框架及版本迭代
YOLO(You Only Look Once)是一种非常流行的实时目标检测算法,其特点是将目标检测任务转换为一个回归问题,通过一次前向传播就可以同时完成目标的分类和定位。以下是YOLO框架的整体架构和工作原理: 一、YOLO的基本框架…...
PotPlayer 最新版本支持使用 Whisper 自动识别语音生成字幕
PotPlayer 最新版本支持使用 Whisper 自动识别语音生成字幕 设置使用下载地址 设置 使用 下载地址 https://www.videohelp.com/software/PotPlayer...
)
JavaScript零基础入门速通(中)
目录 1. 函数 1.1 函数声明 1.2 返回值 1.3 匿名函数 1.4 箭头函数 2. 对象 2.1 创建对象 2.2 访问和修改对象的属性 2.3 对象方法 3. 数组 3.1 创建数组 3.2 数组方法 3.3 遍历数组 4. 作用域 4.1 全局作用域 4.2 局部作用域 4.3 块级作用域 5. 事件处理 5…...
【Yarn Bug】 yarn 安装依赖出现的网络连接问题
最近,在初始化 Ant Design Pro 前端脚手架过程中,使用 yarn 安装依赖时遇到了网络连接问题,具体错误信息提示为 info There appears to be trouble with your network connection. Retrying...。通过百度查询,得知出现这种问题的原…...
idea大量爆红问题解决
问题描述 在学习和工作中,idea是程序员不可缺少的一个工具,但是突然在有些时候就会出现大量爆红的问题,发现无法跳转,无论是关机重启或者是替换root都无法解决 就是如上所展示的问题,但是程序依然可以启动。 问题解决…...
抖音增长新引擎:品融电商,一站式全案代运营领跑者
抖音增长新引擎:品融电商,一站式全案代运营领跑者 在抖音这个日活超7亿的流量汪洋中,品牌如何破浪前行?自建团队成本高、效果难控;碎片化运营又难成合力——这正是许多企业面临的增长困局。品融电商以「抖音全案代运营…...
将对透视变换后的图像使用Otsu进行阈值化,来分离黑色和白色像素。这句话中的Otsu是什么意思?
Otsu 是一种自动阈值化方法,用于将图像分割为前景和背景。它通过最小化图像的类内方差或等价地最大化类间方差来选择最佳阈值。这种方法特别适用于图像的二值化处理,能够自动确定一个阈值,将图像中的像素分为黑色和白色两类。 Otsu 方法的原…...
(一)单例模式
一、前言 单例模式属于六大创建型模式,即在软件设计过程中,主要关注创建对象的结果,并不关心创建对象的过程及细节。创建型设计模式将类对象的实例化过程进行抽象化接口设计,从而隐藏了类对象的实例是如何被创建的,封装了软件系统使用的具体对象类型。 六大创建型模式包括…...
Kafka主题运维全指南:从基础配置到故障处理
#作者:张桐瑞 文章目录 主题日常管理1. 修改主题分区。2. 修改主题级别参数。3. 变更副本数。4. 修改主题限速。5.主题分区迁移。6. 常见主题错误处理常见错误1:主题删除失败。常见错误2:__consumer_offsets占用太多的磁盘。 主题日常管理 …...
HybridVLA——让单一LLM同时具备扩散和自回归动作预测能力:训练时既扩散也回归,但推理时则扩散
前言 如上一篇文章《dexcap升级版之DexWild》中的前言部分所说,在叠衣服的过程中,我会带着团队对比各种模型、方法、策略,毕竟针对各个场景始终寻找更优的解决方案,是我个人和我司「七月在线」的职责之一 且个人认为,…...
:LeetCode 142. 环形链表 II(Linked List Cycle II)详解)
Java详解LeetCode 热题 100(26):LeetCode 142. 环形链表 II(Linked List Cycle II)详解
文章目录 1. 题目描述1.1 链表节点定义 2. 理解题目2.1 问题可视化2.2 核心挑战 3. 解法一:HashSet 标记访问法3.1 算法思路3.2 Java代码实现3.3 详细执行过程演示3.4 执行结果示例3.5 复杂度分析3.6 优缺点分析 4. 解法二:Floyd 快慢指针法(…...
MeshGPT 笔记
[2311.15475] MeshGPT: Generating Triangle Meshes with Decoder-Only Transformers https://library.scholarcy.com/try 真正意义上的AI生成三维模型MESHGPT来袭!_哔哩哔哩_bilibili GitHub - lucidrains/meshgpt-pytorch: Implementation of MeshGPT, SOTA Me…...
MyBatis-Plus 常用条件构造方法
1.常用条件方法 方法 说明eq等于 ne不等于 <>gt大于 >ge大于等于 >lt小于 <le小于等于 <betweenBETWEEN 值1 AND 值2notBetweenNOT BETWEEN 值1 AND 值2likeLIKE %值%notLikeNOT LIKE %值%likeLeftLIKE %值likeRightLIKE 值%isNull字段 IS NULLisNotNull字段…...
小白的进阶之路系列之十四----人工智能从初步到精通pytorch综合运用的讲解第七部分
通过示例学习PyTorch 本教程通过独立的示例介绍PyTorch的基本概念。 PyTorch的核心提供了两个主要特性: 一个n维张量,类似于numpy,但可以在gpu上运行 用于构建和训练神经网络的自动微分 我们将使用一个三阶多项式来拟合问题 y = s i n ( x ) y=sin(x) y=sin(x),作为我们的…...