1.已部署组件
主机名 | 角色 | OS | installed组件 |
---|---|---|---|
controller | 控制节点 | Alma Linux 8.6 | chrony,Yoga YUM Repository,enable powertools,python3-openstackclient,openstack-selinux,mariadb,rabbitmq,memcached,etcd,openstack-keystone,openstack-dashboard |
compute | 计算节点 | Alma Linux 8.6 | chrony,Yoga YUM Repository,enable powertools,python3-openstackclient,openstack-selinux |
computehci | 存储节点 | Alma Linux 8.6 | chrony,Yoga YUM Repository,enable powertools,python3-openstackclient,openstack-selinux |
2.新部署组件
主机名 | 角色 | OS | install组件 |
---|---|---|---|
controller | 控制节点 | Alma Linux 8.6 | openstack-placement-api,openstack-nova-api,openstack-nova-conductor,openstack-nova-novncproxy,openstack-nova-scheduler |
compute | 计算节点 | Alma Linux 8.6 | openstack-nova-compute,openstack-neutron-linuxbridge,ebtables,ipset |
computehci | 存储节点 | Alma Linux 8.6 |
3.配置控制节点
操作对象:控制节点
3.1.创建nova数据库及用户
# mysql -u root -p
> CREATE DATABASE nova_api;
> CREATE DATABASE nova;
> CREATE DATABASE nova_cell0;
> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'root';
> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'root';
> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'root';
> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'root';
> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY 'root';
> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY 'root';
> flush privileges;
> exit
3.2.创建计算服务凭证
#在default域创建用户nova
# source admin-openrc
# openstack user create --domain default --password-prompt nova
User Password:
Repeat User Password:
#在default域创建项目service
# openstack project create --domain default service
#绑定用户nova为admin角色
openstack role add --project service --user nova admin
#创建nova服务实体
# openstack service create --name nova --description "Openstack Compute" compute
3.3.创建计算API服务端点
# openstack endpoint create --region RegionOne compute public http://172.26.37.10:8774/v2.1
# openstack endpoint create --region RegionOne compute internal http://172.26.37.10:8774/v2.1
# openstack endpoint create --region RegionOne compute admin http://172.26.37.10:8774/v2.1
# openstack endpoint list --service nova
+----------------------------------+-----------+--------------+--------------+---------+-----------+-------------------------------+
| ID | Region | Service Name | Service Type | Enabled | Interface | URL |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-------------------------------+
| 1339d9bcaca346d9bdfedbecfd2c5476 | RegionOne | nova | compute | True | public | http://172.26.37.10:8774/v2.1 |
| 6540cb2ab81c4248b3a9a655b4b7273b | RegionOne | nova | compute | True | admin | http://172.26.37.10:8774/v2.1 |
| ea8ebe6fc63b4c3ebc2d69f6c71a9f6f | RegionOne | nova | compute | True | internal | http://172.26.37.10:8774/v2.1 |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-------------------------------+
3.4.配置 Placement服务
#创建Placement数据库及用户
# mysql -u root -p
> CREATE DATABASE placement;
> GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' IDENTIFIED BY 'PLACEMENT_DBPASS';
> GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' IDENTIFIED BY 'PLACEMENT_DBPASS';
> flush privileges;
> exit
#创建Placement服务凭证
# source admin-openrc
#在default域创建用户placement
# openstack user create --domain default --password-prompt placement
User Password:
Repeat User Password:
#绑定用户placement为admin角色
# openstack role add --project service --user placement admin
#创建placement服务实体
# openstack service create --name placement --description "Placement API" placement
#创建Placement服务端点
# openstack endpoint create --region RegionOne placement public http://172.26.37.10:8778
# openstack endpoint create --region RegionOne placement internal http://172.26.37.10:8778
# openstack endpoint create --region RegionOne placement admin http://172.26.37.10:8778
# openstack endpoint list --service placement
+----------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------+
| ID | Region | Service Name | Service Type | Enabled | Interface | URL |
+----------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------+
| 221c5bcf61694612bf8462a2f5e5d603 | RegionOne | placement | placement | True | public | http://172.26.37.10:8778 |
| 4d71dc73df7943dab7c68a3e87532034 | RegionOne | placement | placement | True | admin | http://172.26.37.10:8778 |
| d7aefe98a9424ac79ef9145d473830db | RegionOne | placement | placement | True | internal | http://172.26.37.10:8778 |
+----------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------+
#安装placement-api
# yum install openstack-placement-api
#配置placement.conf文件
# vi /etc/placement/placement.conf
# grep -Ev "^$|^#" /etc/placement/placement.conf
...
[api]
auth_strategy = keystone
[keystone_authtoken]
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = placement
password = 123456
[placement_database]
connection = mysql+pymysql://placement:PLACEMENT_DBPASS@controller/placement
...
#填充placement数据库
# su -s /bin/sh -c "placement-manage db sync" placement
#配置placement web服务
# vi /etc/httpd/conf.d/00-placement-api.conf
# cat /etc/httpd/conf.d/00-placement-api.conf
Listen 0.0.0.0:8778
<VirtualHost *:8778>
WSGIProcessGroup placement-api
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
WSGIDaemonProcess placement-api processes=3 threads=1 user=placement group=placement
WSGIScriptAlias / /usr/bin/placement-api
<IfVersion >= 2.4>
ErrorLogFormat "%M"
</IfVersion>
ErrorLog /var/log/placement/placement-api.log
#SSLEngine On
#SSLCertificateFile ...
#SSLCertificateKeyFile ...
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
</VirtualHost>
Alias /placement-api /usr/bin/placement-api
<Location /placement-api>
SetHandler wsgi-script
Options +ExecCGI
WSGIProcessGroup placement-api
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
</Location>
#重启httpd服务
# systemctl restart httpd
# systemctl status httpd
3.5.Nova组件安装和配置
#安装api、conductor、novncproxy、scheduler四个组件
# yum install openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler
#修改配置文件nova.conf
# vi /etc/nova/nova.conf
[DEFAULT]
my_ip = 172.26.37.10
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:awcloud@controller:5672/
[api]
auth_strategy=keystone
[api_database]
connection = mysql+pymysql://nova:root@controller/nova_api
[cinder]
os_region_name = RegionOne
[database]
connection = mysql+pymysql://nova:root@controller/nova
[glance]
api_servers = http://controller:9292
[keystone_authtoken]
www_authenticate_uri = http://controller:5000/
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = 123456
[neutron]
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = 123456
service_metadata_proxy = true
metadata_proxy_shared_secret = METADATA_SECRET
[placement]
auth_type = password
auth_url = http://controller:5000/v3
project_name = service
project_domain_name = default
username = placement
user_domain_name = default
password = 123456
region_name = RegionOne
[vnc]
enabled=true
server_listen = $my_ip
server_proxyclient_address = $my_ip
#填充nova-api数据库
# su -s /bin/sh -c "nova-manage api_db sync" nova
#注册cell0数据库:
# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
#创建cell1单元格
# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
#填充nova数据库
# su -s /bin/sh -c "nova-manage db sync" nova
#验证
# su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova
#设置开机启动及启动服务
# systemctl enable \
openstack-nova-api.service \
openstack-nova-scheduler.service \
openstack-nova-conductor.service \
openstack-nova-novncproxy.service
# systemctl start \
openstack-nova-api.service \
openstack-nova-scheduler.service \
openstack-nova-conductor.service \
openstack-nova-novncproxy.service
# systemctl status \
openstack-nova-api.service \
openstack-nova-scheduler.service \
openstack-nova-conductor.service \
openstack-nova-novncproxy.service
4.配置计算节点
操作对象:计算节点
操作内容:
#安装compute组件
# yum install openstack-nova-compute
#安装neutron组件
# yum install openstack-neutron-linuxbridge ebtables ipset
#修改nova配置文件nova.conf
# vi /etc/nova/nova.conf
# grep -Ev "^$|^#" /etc/nova/nova.conf
...
[DEFAULT]
compute_driver=libvirt.LibvirtDriver
my_ip = 172.26.37.20
enabled_apis=osapi_compute,metadata
transport_url = rabbit://openstack:awcloud@controller
[api]
auth_strategy=keystone
[glance]
api_servers = http://controller:9292
[keystone_authtoken]
www_authenticate_uri = http://controller:5000/
auth_url = http://controller:5000/
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = 123456
[neutron]
auth_type = password
auth_url = http://controller:5000
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = 123456
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[placement]
auth_type = password
auth_url = http://controller:5000/v3
project_name = service
project_domain_name = default
username = placement
user_domain_name = default
password = 123456
region_name = RegionOne
[vnc]
enabled=true
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://controller:6080/vnc_auto.html
...
#修改neutron配置文件neutron.conf
# vi /etc/neutron/neutron.conf
[DEFAULT]
transport_url = rabbit://openstack:awcloud@controller
auth_strategy = keystone
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = 123456
#设置开机启动及启动服务
# systemctl start openstack-nova-compute.service
# systemctl enable neutron-linuxbridge-agent.service
# systemctl start neutron-linuxbridge-agent.service
# systemctl enable openstack-nova-compute.service
# systemctl status openstack-nova-compute.service
# systemctl status neutron-linuxbridge-agent.service
# systemctl enable libvirtd.service
# systemctl start libvirtd.service
# systemctl status libvirtd.service
5.确认Nova 计算服务
操作对象:控制节点
操作内容:
#注册计算节点
# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
> 可以设置自动注册计算节点
> # vi /etc/nova/nova.conf
> 添加如下内容
> [scheduler]
> discover_hosts_in_cells_interval = 300
查看计算节点
# openstack compute service list --service nova-compute
+--------------------------------------+--------------+---------+------+---------+-------+----------------------------+
| ID | Binary | Host | Zone | Status | State | Updated At |
+--------------------------------------+--------------+---------+------+---------+-------+----------------------------+
| 1a1df4b0-3dab-4a4a-b103-a1fa13184d3f | nova-compute | compute | nova | enabled | up | 2022-09-17T03:31:01.000000 |
+--------------------------------------+--------------+---------+------+---------+-------+----------------------------+