在ubuntu14.04上安装openstack mitaka

最近在工作环境安装部署了juno版本，在GE口测试网络性能不太满意，发现mitaka版本支持ovs-dpdk，于是抽时间安装实验一番。

参考官网的安装文档，先准备将mitaka版本安装好再配置ovs。

实验环境：

1、vmware 12

2、controller节点：2vcpus，1G ram，20G disk，2 网卡

compute1节点：4vcpus，2G ram，20G disk，2 网卡

简便快速方式：在vm安装一个ubuntu14.04的server版本的虚拟机，配置好ssh，然后克隆出控制节点和计算节点。

网络布局：

存储节点暂时不安装，等需要研究需要再安装。

管理网络：

controller eth1配置10.0.0.11，compute1 eth1 配置10.0.0.21

提供外部网络的网卡配置，都如下：

在/etc/network/interfaces下添加
auto eth2
iface eth2 inet manual
up ip link set dev $IFACE up
down ip link set dev $IFACE down

每个节点都执行如下操作：

安装ntp：

apt-get install chrony

更新源

apt-get install software-properties-common

add-apt-repository cloud-archive:mitaka

apt-get update && apt-get dist-upgrade

apt-get install python-openstackclient

在控制节点：

1.安装数据库

apt-get install mariadb-server python-pymysql

/etc/mysql/conf.d/openstack.cnf

[mysqld]
bind-address = 10.0.0.11
default-storage-engine = innodb
innodb_file_per_table
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8

service mysql restart

mysql_secure_installation

2.安装消息队列

apt-get install rabbitmq-server
rabbitmqctl add_user openstack 123456
rabbitmqctl set_permissions openstack ".*" ".*" ".*"

3.安装memcache

apt-get install memcached python-memcache

/etc/memcached.conf
-l 10.0.0.11

service memcached restart

接下来安装keystone：

控制节点：

mysql -u root -p
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
IDENTIFIED BY '123456';

trait@controller:~$ openssl rand -hex 10
4200b5b54aa051fd9234

echo "manual" > /etc/init/keystone.override
apt-get install keystone apache2 libapache2-mod-wsgi

vim /etc/keystone/keystone.conf

[DEFAULT]
admin_token = 4200b5b54aa051fd9234

[database]
connection = mysql+pymysql://keystone:123456@controller/keystone

[token]
provider = fernet

su -s /bin/sh -c "keystone-manage db_sync" keystone

keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone

vim /etc/apache2/apache2.conf 添加如下内容：

ServerName controller

vim /etc/apache2/sites-available/wsgi-keystone.conf 添加如下内容：
Listen 5000
Listen 35357

<VirtualHost *:5000>
    WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
    WSGIProcessGroup keystone-public
    WSGIScriptAlias / /usr/bin/keystone-wsgi-public
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
    ErrorLogFormat "%{cu}t %M"
    ErrorLog /var/log/apache2/keystone.log
    CustomLog /var/log/apache2/keystone_access.log combined

    <Directory /usr/bin>
        Require all granted
    </Directory>
</VirtualHost>

<VirtualHost *:35357>
    WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
    WSGIProcessGroup keystone-admin
    WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
    ErrorLogFormat "%{cu}t %M"
    ErrorLog /var/log/apache2/keystone.log
    CustomLog /var/log/apache2/keystone_access.log combined

    <Directory /usr/bin>
        Require all granted
    </Directory>
</VirtualHost>

ln -s /etc/apache2/sites-available/wsgi-keystone.conf /etc/apache2/sites-enabled
service apache2 restart
rm -f /var/lib/keystone/keystone.db

创建服务：

创建域，项目，用户

trait@controller:~$ openstack role add --project demo --user demo user
trait@controller:~$

OK 到这里keystone安装完成，第一次安装的话，可以按照官网的验证方法验证一下。

创建admin-openrc脚本：

export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=123456
export OS_AUTH_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=123456
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

创建demo-openrc脚本：

接下来，开始安装glance：

mysql -u root -p
CREATE DATABASE glance;

GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' \
IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' \
IDENTIFIED BY '123456';

apt-get install glance

在/etc/glance/glance-api.conf下添加，keystone_authtoken里只使用如下的内容。
[database]
connection = mysql+pymysql://glance:123456@controller/glance

[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = 123456

[paste_deploy]
flavor = keystone

[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/

在/etc/glance/glance-registry.conf添加如下内容：
[database]
connection = mysql+pymysql://glance:123456@controller/glance

[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = 123456

[paste_deploy]
flavor = keystone

OK 可以 grep -v "^#" /etc/glance/glance-api.conf | grep -v "^$" 和 grep -v "^#" /etc/glance/glance-registry.conf | grep -v "^$" 检查一下是否正确。

su -s /bin/sh -c "glance-manage db_sync" glance

service glance-registry restart
service glance-api restart

glance 安装完成，可以上传cirros-0.3.4-x86_64-disk.img也可以自己制作镜像，后面我会再写一篇博客介绍一种比较方便的制作openstack镜像的方法。

开始安装nova：控制节点：

mysql -u root -p

CREATE DATABASE nova_api;
CREATE DATABASE nova;

GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' \
IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' \
IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' \
IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' \
IDENTIFIED BY '123456';

trait@controller:~$ openstack role add --project service --user nova admin
trait@controller:~$

apt-get install nova-api nova-conductor nova-consoleauth nova-novncproxy nova-scheduler

在 /etc/nova/nova.conf 添加如下内容：

[api_database]
connection = mysql+pymysql://nova:123456@controller/nova_api

[database]
connection = mysql+pymysql://nova:123456@controller/nova

[DEFAULT]
enabled_apis = osapi_compute,metadata
rpc_backend = rabbit
my_ip = 10.0.0.11
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
auth_strategy = keystone

[vnc]
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ip

[glance]
api_servers = http://controller:9292

[oslo_concurrency]
lock_path = /var/lib/nova/tmp

[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = 123456

[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = 123456

在计算节点：

apt-get install nova-compute

在/etc/nova/nova.conf

[DEFAULT]
rpc_backend = rabbit
auth_strategy = keystone
my_ip = 10.0.0.21
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver

[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = 123456

[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = 123456

[vnc]
enabled = True
vncserver_listen = 0.0.0.0
vncserver_proxyclient_address = $my_ip
novncproxy_base_url = http://controller:6080/vnc_auto.html

[glance]
api_servers = http://controller:9292

[oslo_concurrency]
lock_path = /var/lib/nova/tmp

root@compute1:~# egrep -c '(vmx|svm)' /proc/cpuinfo
4
root@compute1:~#

如上的话就不用修改nova-compute.conf了。如果你的返回是0，那么如下修改：

[libvirt]

virt_type = qemu

OK，下面开始安装neutron：

在控制节点：

mysql -u root -p
CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \
IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \
IDENTIFIED BY '123456';

trait@controller:~$ openstack role add --project service --user neutron admin
trait@controller:~$

安装L3代理的网络：

apt-get install neutron-server neutron-plugin-ml2 \
neutron-linuxbridge-agent neutron-l3-agent neutron-dhcp-agent \
neutron-metadata-agent

在/etc/neutron/neutron.conf 添加：
[database]
connection = mysql+pymysql://neutron:123456@controller/neutron

[DEFAULT]
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = True
rpc_backend = rabbit
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True

auth_strategy = keystone

[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = 123456

[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = 123456

[nova]
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = 123456

/etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
type_drivers = flat,vlan,vxlan
tenant_network_types = vxlan
mechanism_drivers = linuxbridge,l2population
extension_drivers = port_security

[ml2_type_flat]
flat_networks = provider

[ml2_type_vxlan]
vni_ranges = 1:1000

[securitygroup]
enable_ipset = True

/etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:eth2

[vxlan]
enable_vxlan = True
local_ip = 10.0.0.11
l2_population = True

[securitygroup]
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

/etc/neutron/l3_agent.ini
[DEFAULT]
interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
external_network_bridge =

/etc/neutron/dhcp_agent.ini
[DEFAULT]
interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = True

/etc/neutron/metadata_agent.ini
[DEFAULT]
nova_metadata_ip = controller
metadata_proxy_shared_secret = 123456

/etc/nova/nova.conf
[neutron]
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = 123456

service_metadata_proxy = True
metadata_proxy_shared_secret = 123456

su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

service nova-api restart
service neutron-server restart
service neutron-linuxbridge-agent restart
service neutron-dhcp-agent restart
service neutron-metadata-agent restart
service neutron-l3-agent restart

在计算节点：

apt-get install neutron-linuxbridge-agent

/etc/neutron/neutron.conf

在[database]这节 , 注释 connection 选项。because compute nodes do not directly access the database.

[DEFAULT]
rpc_backend = rabbit
auth_strategy = keystone

[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = 123456

[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = 123456

/etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:eth2

[vxlan]
enable_vxlan = True
local_ip = 10.0.0.21
l2_population = True

[securitygroup]
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

/etc/nova/nova.conf
[neutron]
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = 123456

service nova-compute restart
service neutron-linuxbridge-agent restart

OK
neutron安装完成。

在ubuntu14.04上安装openstack mitaka的更多相关文章

[译]How to Install Node.js on Ubuntu 14.04 如何在ubuntu14.04上安装node.js
原文链接为 http://www.hostingadvice.com/how-to/install-nodejs-ubuntu-14-04/ 由作者Jacob Nicholson 发表于October ...
Ubuntu14.04上安装pip的方法
在Ubuntu14.04上,建议通过下面的方法安装,这是一种通用的方法,也适用于Windows,当然在Windows下手动下载下来就行了 wget https://bootstrap.pypa.io ...
Caffe初学者第一部：Ubuntu14.04上安装caffe(CPU）+Python的详细过程 (亲测成功, 20180524更新)
前言: 最近在学习深度学习,最先要解决的当然是开源框架的环境安装了.之前一直在学习谷歌的Tensorflow开源框架,最近实验中需要跟别人的算法比较,下载的别人的代码很多都是Caffe的,所以想着搭建 ...
AWS ec2的ubuntu14.04上安装git服务
http://imerc.xyz/2015/11/13/Ubuntu-14-04%E4%B8%8AGit%E6%9C%8D%E5%8A%A1%E5%99%A8%E7%9A%84%E6%90%AD%E5 ...
在Ubuntu14.04上安装WordPress4搭建技术博客
1.安装LAMP环境 1.1 安装Apache2 1.2 安装MySQL5 1.3 安装PHP5 1.4 安装phpMyAdmin 2.初始化数据库 3.下载并配置WordPress 4.配置Apac ...
[原创]在Linux系统Ubuntu14.04上安装部署docker。
Docker 是一个开源的应用容器引擎,让开发者可以打包他们的应用以及依赖包到一个可移植的容器中,然后发布到任何流行的 Linux 机器上,也可以实现虚拟化.容器是完全使用沙箱机制,相互之间不会有任何 ...
ubuntu14.04上安装Mysql-5.7.11
先安装好操作系统在Mysql官网上下载最新版的Ubuntu Linux专用的Mysql.我这里下载的是:mysql-server_5.7.11-1ubuntu14.04_amd64.deb-bu ...
在ubuntu14.04上安装mono4.4 + jexus + mvc6
0.准备工作在/usr下建立一个文件夹,方便管理源码 cd /usr mkdir opensource cd opensource 安装vim(文本编辑器,不习惯用vim可以换成其他的) apt-g ...
Ubuntu14.04上安装Composer
1,查看机子上有没有安装php 2,下载Composer的安装包 3,安装Composer 4,设置Composer全局可访问

随机推荐

Helper Method
ASP.NET MVC 小牛之路]13 - Helper Method 我们平时编程写一些辅助类的时候习惯用“XxxHelper”来命名.同样,在 MVC 中用于生成 Html 元素的辅助类是 Sys ...
Class Model of Quick Time Plugin
Quick Time Plugin 的类图. pdf version: http://pan.baidu.com/s/1o6oFV8Q
springMVC3学习(四)--访问静态文件如js,jpg,css
如果你的DispatcherServlet拦截的是*.do这样的URL,就不存在访问不到静态资源的问题如果你的DispatcherServlet拦截了"/"所有的请求,那同时对* ...
.NET开发邮件发送功能
.NET开发邮件发送功能今天,给大家分享的是如何在.NET平台中开发“邮件发送”功能.在网上搜的到的各种资料一般都介绍的比较简单,那今天我想比较细的整理介绍下: 1) 邮件基础理论知 ...
查看TOMCAT内存使用情况以及修改方法
查看TOMCAT内存使用情况 <% double total = (Runtime.getRuntime().totalMemory()) / (1024.0 * 1024); double m ...
AOP编程和ASP.NET MVC
AOP编程和ASP.NET MVC AOP(Aspect oriented programming)面向切面编程.说成切面不容易理解,代码哪里有切面?又不是三维物体.概念不管,我们从其思想来理解这个名 ...
Kendo UI开发教程(9): Kendo UI Validator 概述
Kendo UI Validator 支持了客户端校验的便捷方法,它基于HTML 5 的表单校验功能,支持很多内置的校验规则,同时也提供了自定义规则的便捷方法. 完整的Kendo UI 的Valida ...
Android中ListView下拉刷新的实现
ListView中的下拉刷新是非常常见的,也是经常使用的,看到有很多同学想要,那我就整理一下,供大家参考.那我就不解释,直接上代码了. 这里需要自己重写一下ListView,重写代码如下: packa ...
基于内容的图片检索CBIR（Content Based Image Retrieval）简介
传统的图像检索过程,先通过人工对图像进行文字标注,再利用关键字来检索图像,这种依据图像描述的字符匹配程度提供检索结果的方法,简称“以字找图”,既耗时又主观多义.基于内容的图像检索客服“以字找图”方式的 ...
mybatis中updateByPrimaryKeySelective
mybatis中updateByPrimaryKeySelective等选择性操作在判断时对于VARCHAR类型需要同时判断非空和非空串 <if test="description ! ...

在ubuntu14.04上安装openstack mitaka

在ubuntu14.04上安装openstack mitaka的更多相关文章

随机推荐

热门专题