CentOS6.4安装OpenStack Icehouse controller (二) - 陈尚华
CentOS6.4安装OpenStack Icehouse controller (二)
2014-05-22 12:04
陈尚华
阅读(279)
评论(0)
编辑
收藏
举报
CentOS6.4安装OpenStack Icehouse controller(一)
OpenStack交流群:322596568
*本文介绍Nova、Horizon的安装过程
7.安装配置Nova
7.1.初始化Nova
(1).安装Nova服务:
[root@openstack ~]# yum -y install openstack-nova
(2).创建Nova数据库:
[root@openstack ~]# openstack-db –init –service nova –rootpw passwd
7.2.创建User,定义Services 和 API Endpoints
(1).为nova服务创建一个nova用户:
[root@openstack ~]# keystone user-create –name=nova –pass=service –email=nova@chensh.net
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+———-+———————————-+
| Property | Value |
+———-+———————————-+
| email | nova@chensh.net |
| enabled | True |
| id | e2934a26989741ed9a45be58a24f5140 |
| name | nova |
| username | nova |
+———-+———————————-+
[root@openstack ~]# keystone user-role-add –user=nova –tenant=service –role=admin
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
(2).为nova创建一个服务:
[root@openstack ~]# keystone service-create –name=nova –type=compute –description=”Nova Compute Service”
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+————-+———————————-+
| Property | Value |
+————-+———————————-+
| description | Nova Compute Service |
| enabled | True |
| id | ceb0357b8e5940f190d705bab12472ef |
| name | nova |
| type | compute |
+————-+———————————-+
(3).使用服务ID创建一个endpoint:
[root@openstack ~]# vi /root/config/nova-user.sh
#!/bin/sh
my_ip=0.0.0.0
service=$(keystone service-list | awk \’/nova/ {print $2}\’)
keystone endpoint-create –service-id=$service –publicurl=http://$my_ip:8774/v2/%\(tenant_id\)s –internalurl=http://$my_ip:8774/v2/%\(tenant_id\)s –adminurl=http://$my_ip:8774/v2/%\(tenant_id\)s
[root@openstack ~]# sh /root/config/nova-user.sh
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+————-+————————————–+
| Property | Value |
+————-+————————————–+
| adminurl | http://0.0.0.0:8774/v2/%(tenant_id)s |
| id | ed1662b608884583bed3873abf8fabeb |
| internalurl | http://0.0.0.0:8774/v2/%(tenant_id)s |
| publicurl | http://0.0.0.0:8774/v2/%(tenant_id)s |
| region | regionOne |
| service_id | ceb0357b8e5940f190d705bab12472ef |
+————-+————————————–+
7.3.配置Nova服务
(1).修改nova配置文件
[root@openstack ~]# cp -a /etc/nova/nova.conf /etc/nova/nova.conf_bak
[root@openstack ~]# echo “” > /etc/nova/nova.conf
[root@openstack ~]# vi /etc/nova/nova.conf
[DEFAULT]
my_ip = 192.168.20.200
auth_strategy = keystone
state_path = /openstack/nova //instance实例存放路径
#auto_assign_floating_ip=True
verbose = True
allow_resize_to_same_host = true
rpc_backend = nova.openstack.common.rpc.impl_qpid
qpid_hostname = 192.168.20.200
libvirt_type = kvm
glance_api_servers = 192.168.20.200:9292
novncproxy_base_url = http://192.168.20.200:6080/vnc_auto.html
vncserver_listen = 192.168.20.200
vncserver_proxyclient_address = 192.168.20.200
vnc_enabled = true
vnc_keymap = en-us
network_manager = nova.network.manager.FlatDHCPManager
firewall_driver = nova.virt.firewall.NoopFirewallDriver
multi_host = True
flat_interface = eth1
flat_network_bridge = br1
public_interface = eth0
instance_usage_audit = True
instance_usage_audit_period = hour
notify_on_state_change = vm_and_task_state
notification_driver = nova.openstack.common.notifier.rpc_notifier
compute_scheduler_driver = nova.scheduler.simple.SimpleScheduler
[hyperv]
[zookeeper]
[osapi_v3]
[conductor]
[keymgr]
[cells]
[database]
[image_file_url]
[baremetal]
[rpc_notifier2]
[matchmaker_redis]
[ssl]
[trusted_computing]
[upgrade_levels]
[matchmaker_ring]
[vmware]
[spice]
[keystone_authtoken]
auth_host = 127.0.0.1
auth_port = 35357
auth_protocol = http
admin_user = nova
admin_tenant_name = service
admin_password = service
(2).修改instance实例存放路径
由于上述配置文件修改了instance实例的存放位置,所以要拷贝原nova目录到新路径,并修改权限:
[root@openstack ~]# cp -av /var/lib/nova /openstack/
[root@openstack ~]# chown -R nova:nova /openstack/nova
(3).启动libvirt服务,关闭virbr0接口
[root@openstack ~]# service libvirtd start
[root@openstack ~]# virsh net-list //查看virbr0接口
名称 状态 自动开始 Persistent
————————————————–
default 活动 yes yes
[root@openstack ~]# virsh net-destroy default //关闭virbr0网络
[root@openstack ~]# virsh net-undefine default //删除virbr0接口
[root@openstack ~]# service libvirtd restart //重启libvirtd服务
[root@openstack ~]# chkconfig libvirtd on //设置libvirtd服务开机启动
7.4.启动Nova相关服务
[root@openstack ~]# service messagebus start
[root@openstack ~]# chkconfig messagebus on
[root@openstack ~]# service openstack-nova-api start
[root@openstack ~]# service openstack-nova-cert start
[root@openstack ~]# service openstack-nova-consoleauth start
[root@openstack ~]# service openstack-nova-scheduler start
[root@openstack ~]# service openstack-nova-conductor start
[root@openstack ~]# service openstack-nova-novncproxy start
[root@openstack ~]# service openstack-nova-compute start
[root@openstack ~]# service openstack-nova-network start
设置开机启动:
[root@openstack ~]# chkconfig openstack-nova-api on
[root@openstack ~]# chkconfig openstack-nova-cert on
[root@openstack ~]# chkconfig openstack-nova-consoleauth on
[root@openstack ~]# chkconfig openstack-nova-scheduler on
[root@openstack ~]# chkconfig openstack-nova-conductor on
[root@openstack ~]# chkconfig openstack-nova-novncproxy on
[root@openstack ~]# chkconfig openstack-nova-compute on
[root@openstack ~]# chkconfig openstack-nova-network on
7.5.Nova测试
(1).创建网络:
[root@openstack ~]# nova network-create vmnet10 –fixed-range-v4=10.1.1.0/24 –bridge=br1 –bridge-interface=eth1 –multi-host=T –dns1=202.106.0.20 —dns2=202.96.69.38
[root@openstack ~]# nova network-list
+————————————–+——-+——————+
| ID | Label | Cidr |
+————————————–+——-+——————+
| 5aa4cba3-7227-40b5-9ca2-39e78680411e | vmnet | 10.1.1.0/24 |
+————————————–+——-+——————+
[root@openstack ~]# nova-manage network list
id IPv4 IPv6 start address DNS1 DNS2 VlanID project uuid
1 10.1.1.0/24 None 10.1.1.2 202.106.0.20 202.96.69.38 None None 5aa4cba3-7227-40b5-9ca2-39e78680411e
(2).设置安全组:
[root@openstack ~]# nova secgroup-add-rule default tcp 22 22 0.0.0.0/0
+————-+———–+———+———–+————–+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+————-+———–+———+———–+————–+
| tcp | 22 | 22 | 0.0.0.0/0 | |
+————-+———–+———+———–+————–+
[root@openstack ~]# nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
+————-+———–+———+———–+————–+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+————-+———–+———+———–+————–+
| icmp | -1 | -1 | 0.0.0.0/0 | |
+————-+———–+———+———–+————–+
(3).查看当前可用镜像:
[root@openstack ~]# nova image-list
+————————————–+—————+——–+——–+
| ID | Name | Status | Server |
+————————————–+—————+——–+——–+
| a7327fef-aa62-4bb5-ab61-d11fb8ff4d65 | centos6.4_20G | ACTIVE | |
+————————————–+—————+——–+——–+
(4).创建实例:
[root@openstack ~]# nova boot –flavor 2 –image centos6.4_20G vm-00
+————————————–+——————————————————+
| Property | Value |
+————————————–+——————————————————+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | nova |
| OS-EXT-SRV-ATTR:host | – |
| OS-EXT-SRV-ATTR:hypervisor_hostname | – |
| OS-EXT-SRV-ATTR:instance_name | instance-00000001 |
| OS-EXT-STS:power_state | 0 |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | – |
| OS-SRV-USG:terminated_at | – |
| accessIPv4 | |
| accessIPv6 | |
| adminPass | VZDpnc6LeSSm |
| config_drive | |
| created | 2014-05-22T10:03:57Z |
| flavor | m1.small (2) |
| hostId | |
| id | f469964e-9700-466d-9845-eeb2ff1ab183 |
| image | centos6.4_20G (a7327fef-aa62-4bb5-ab61-d11fb8ff4d65) |
| key_name | – |
| metadata | {} |
| name | vm-00 |
| os-extended-volumes:volumes_attached | [] |
| progress | 0 |
| security_groups | default |
| status | BUILD |
| tenant_id | 424c9716df1449829b204856d246f924 |
| updated | 2014-05-22T10:03:57Z |
| user_id | 46c6295334154e259c4fe793ea341986 |
+————————————–+——————————————————+
(5).查看实例运行状态:
[root@openstack ~]# nova list
+————————————–+——-+——–+————+————-+———————+
| ID | Name | Status | Task State | Power State | Networks |
+————————————–+——-+——–+————+————-+———————+
| f469964e-9700-466d-9845-eeb2ff1ab183 | vm-00 | ACTIVE | – | Running | vmnet=10.1.1.2 |
+————————————–+——-+——–+————+————-+———————+
8.安装配置Horizon
8.1.安装Horizon服务
[root@openstack ~]# yum -y install openstack-dashboard
8.2.修改配置文件
(1).修改local_settings文件
[root@openstack ~]# cp -av /etc/openstack-dashboard/local_settings /etc/openstack-dashboard/local_settings_bak
[root@openstack ~]# vi /etc/openstack-dashboard/local_settings
DEBUG = True
……………………
(2).修改httpd.conf文件
[root@openstack ~]# vi /etc/httpd/conf/httpd.conf
……………………
#ServerName www.example.com:80
ServerName 0.0.0.0:80
……………………
(3).启动http服务,设置开机启动
[root@openstack ~]# service httpd start
[root@openstack ~]# chkconfig httpd on
(4).重启api服务
[root@openstack ~]# service openstack-nova-api restart
(5).添加iptables规则
[root@openstack ~]# iptables -I INPUT -p tcp –dport 80 -j ACCEPT
[root@openstack ~]# iptables -I INPUT -p tcp -m multiport –dports 5900:6000 -j ACCEPT
[root@openstack ~]# iptables -I INPUT -p tcp –dport 6080 -j ACCEPT
[root@openstack ~]# service iptables save
(6).访问dashboard页面
http://192.168.20.100/dashboard
用户名:admin
密码:password
创建新用户
(1).为新用户创建一个tenant:
[root@openstack~]# keystone tenant-create –name=manager –description=\’Manager Tenant\’
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+————-+———————————-+
| Property | Value |
+————-+———————————-+
| description | Manager Tenant |
| enabled | True |
| id | abc5551b3e854e27a5c295b6b548e1f6 |
| name | manager |
+————-+———————————-+
(2).创建新用户:
[root@openstack~]# keystone user-create –name=manager –pass=password –email=manager@chensh.net
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+———-+———————————-+
| Property | Value |
+———-+———————————-+
| email | manager@chensh.net |
| enabled | True |
| id | 325191b6c6f64e768db7cc098fdeefd8 |
| name | manager |
| username | manager |
+———-+———————————-+
(3).创建一个角色:
[root@openstack~]# keystone role-create –name=manager
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+———-+———————————-+
| Property | Value |
+———-+———————————-+
| id | 1c86f264fe14469d91a26e3b848f2fe4 |
| name | manager |
+———-+———————————-+
(4).关联用户、tenant和角色:
[root@openstack~]# keystone user-role-add –user=manager –tenant=manager –role=manager
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
(5).将nova用户赋予新角色:
[root@openstack~]# keystone user-role-add –user=nova –tenant=service –role=manager
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
(6).使用新用户登录:
http://192.168.20.100/dashboard
用户名:manager
密码:password