Openstack Basic

p:first-child, #write > ul:first-child, #write > ol:first-child, #write > pre:first-child, #write > blockquote:first-child, #write > div:first-child, #write > table:first-child { margin-top: 30px; }
img { max-width: 100%; }
input, button, select, textarea { color: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; font-stretch: inherit; font-size: inherit; line-height: inherit; font-family: inherit; }
input[type="checkbox"], input[type="radio"] { line-height: normal; padding: 0px; }
::before, ::after, * { box-sizing: border-box; }
#write p, #write h1, #write h2, #write h3, #write h4, #write h5, #write h6, #write div, #write pre { width: inherit; }
#write p, #write h1, #write h2, #write h3, #write h4, #write h5, #write h6 { position: relative; }
h1 { font-size: 2rem; }
p { -webkit-margin-before: 1rem; -webkit-margin-after: 1rem; -webkit-margin-start: 0px; -webkit-margin-end: 0px; }
.mathjax-block { margin-top: 0px; margin-bottom: 0px; -webkit-margin-before: 0rem; -webkit-margin-after: 0rem; }
.hidden { display: none; }
.md-blockmeta { color: rgb(204, 204, 204); font-weight: bold; font-style: italic; }
a { cursor: pointer; }
#write input[type="checkbox"] { cursor: pointer; width: inherit; height: inherit; margin: 4px 0px 0px; }
tr { page-break-inside: avoid; page-break-after: auto; }
thead { display: table-header-group; }
table { border-collapse: collapse; border-spacing: 0px; width: 100%; overflow: auto; page-break-inside: auto; text-align: left; }
table.md-table td { min-width: 80px; }
.CodeMirror-gutters { border-right-width: 0px; background-color: inherit; }
.CodeMirror { text-align: left; }
.CodeMirror-placeholder { opacity: 0.3; }
.CodeMirror pre { padding: 0px 4px; }
.CodeMirror-lines { padding: 0px; }
div.hr:focus { cursor: none; }
pre { white-space: pre-wrap; }
.CodeMirror-gutters { margin-right: 4px; }
.md-fences, pre.md-fences { font-size: 0.9rem; display: block; page-break-inside: avoid; text-align: left; overflow: visible; white-space: pre; position: relative !important; background: inherit; }
.md-fences .CodeMirror.CodeMirror-wrap { top: -1.6em; margin-bottom: -1.6em; }
.md-fences.mock-cm { white-space: pre-wrap; }
.show-fences-line-number pre.md-fences { padding-left: 0px; }
.show-fences-line-number pre.md-fences.mock-cm { padding-left: 40px; }
.footnotes { color: rgb(136, 136, 136); font-size: 0.9rem; padding-top: 1em; padding-bottom: 1em; }
.footnotes + .footnotes { margin-top: -1em; }
.md-reset { margin: 0px; padding: 0px; border: 0px; outline: 0px; vertical-align: top; text-decoration: none; color: rgb(51, 51, 51); font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 1rem; text-shadow: none; float: none; position: static; width: auto; height: auto; white-space: nowrap; cursor: inherit; -webkit-tap-highlight-color: transparent; line-height: normal; font-weight: normal; text-align: left; box-sizing: content-box; direction: ltr; background: transparent; }
li div { padding-top: 0px; }
blockquote { margin: 1rem 0px; }
li p, li .mathjax-block { margin: 0.5rem 0px; }
li { margin: 0px; position: relative; }
blockquote > :last-child { margin-bottom: 0px; }
blockquote > :first-child { margin-top: 0px; }
.footnotes-area { color: rgb(136, 136, 136); margin-top: 0.714rem; padding-bottom: 0.143rem; }
@media print {
html, body { height: 100%; }
.typora-export * { -webkit-print-color-adjust: exact; }
h1, h2, h3, h4, h5, h6 { page-break-after: avoid; orphans: 2; }
p { orphans: 4; }
html.blink-to-pdf { font-size: 13px; }
.typora-export #write { padding-left: 1cm; padding-right: 1cm; }
.typora-export #write::after { height: 0px; }
@page { margin: 20mm 0mm; }
}
.footnote-line { margin-top: 0.714em; font-size: 0.7em; }
a img, img a { cursor: pointer; }
#write pre.md-meta-block { font-size: 0.8rem; min-height: 2.86rem; white-space: pre-wrap; display: block; background: rgb(204, 204, 204); }
p > .md-image:only-child { display: inline-block; width: 100%; text-align: center; }
#write .MathJax_Display { margin: 0.8em 0px 0px; }
.mathjax-block { white-space: pre; overflow: hidden; width: 100%; }
p + .mathjax-block { margin-top: -1.143rem; }
.mathjax-block:not(:empty)::after { display: none; }
[contenteditable="true"]:active, [contenteditable="true"]:focus { outline: none; box-shadow: none; }
.task-list { list-style-type: none; }
.task-list-item { position: relative; padding-left: 1em; }
.task-list-item input { position: absolute; top: 0px; left: 0px; }
.math { font-size: 1rem; }
.md-toc { min-height: 3.58rem; position: relative; font-size: 0.9rem; border-radius: 10px; }
.md-toc-content { position: relative; margin-left: 0px; }
.md-toc::after, .md-toc-content::after { display: none; }
.md-toc-item { display: block; color: rgb(65, 131, 196); text-decoration: none; }
.md-toc-inner:hover { text-decoration: underline; }
.md-toc-inner { display: inline-block; cursor: pointer; }
.md-toc-h1 .md-toc-inner { margin-left: 0px; font-weight: bold; }
.md-toc-h2 .md-toc-inner { margin-left: 2em; }
.md-toc-h3 .md-toc-inner { margin-left: 4em; }
.md-toc-h4 .md-toc-inner { margin-left: 6em; }
.md-toc-h5 .md-toc-inner { margin-left: 8em; }
.md-toc-h6 .md-toc-inner { margin-left: 10em; }
@media screen and (max-width: 48em) {
.md-toc-h3 .md-toc-inner { margin-left: 3.5em; }
.md-toc-h4 .md-toc-inner { margin-left: 5em; }
.md-toc-h5 .md-toc-inner { margin-left: 6.5em; }
.md-toc-h6 .md-toc-inner { margin-left: 8em; }
}
a.md-toc-inner { color: inherit; font-size: inherit; font-style: inherit; font-weight: inherit; text-decoration: inherit; line-height: inherit; }
.footnote-line a:not(.reversefootnote) { color: inherit; }
.md-attr { display: none; }
.md-fn-count::after { content: "."; }
.md-tag { opacity: 0.5; }
code { text-align: left; }
h1 .md-tag, h2 .md-tag, h3 .md-tag, h4 .md-tag, h5 .md-tag, h6 .md-tag { font-weight: initial; opacity: 0.35; }
a.md-header-anchor.md-print-anchor { border: none !important; display: inline-block !important; position: absolute !important; width: 1px !important; right: 0px !important; outline: none !important; text-decoration: initial !important; text-shadow: initial !important; background: transparent !important; }
.md-inline-math .MathJax_SVG .noError { display: none !important; }
.mathjax-block .MathJax_SVG_Display { text-align: center; margin: 1em 0em; position: relative; text-indent: 0px; max-width: none; max-height: none; min-width: 0px; min-height: 0px; width: 100%; display: block !important; }
.MathJax_SVG_Display, .md-inline-math .MathJax_SVG_Display { width: auto; margin: inherit; display: inline-block !important; }
.MathJax_SVG .MJX-monospace { font-family: monospace; }
.MathJax_SVG .MJX-sans-serif { font-family: sans-serif; }
.MathJax_SVG { display: inline; font-style: normal; font-weight: normal; line-height: normal; zoom: 90%; text-indent: 0px; text-align: left; text-transform: none; letter-spacing: normal; word-spacing: normal; word-wrap: normal; white-space: nowrap; float: none; direction: ltr; max-width: none; max-height: none; min-width: 0px; min-height: 0px; border: 0px; padding: 0px; margin: 0px; }
.MathJax_SVG * { transition: none; }

@font-face { font-family: 'Open Sans'; font-style: normal; font-weight: normal; src: local("Open Sans Regular"), url("file:///C:/Users/Administrator/AppData/Roaming/Typora/themes/github/400.woff") format("woff"); }
@font-face { font-family: 'Open Sans'; font-style: italic; font-weight: normal; src: local("Open Sans Italic"), url("file:///C:/Users/Administrator/AppData/Roaming/Typora/themes/github/400i.woff") format("woff"); }
@font-face { font-family: 'Open Sans'; font-style: normal; font-weight: bold; src: local("Open Sans Bold"), url("file:///C:/Users/Administrator/AppData/Roaming/Typora/themes/github/700.woff") format("woff"); }
@font-face { font-family: 'Open Sans'; font-style: italic; font-weight: bold; src: local("Open Sans Bold Italic"), url("file:///C:/Users/Administrator/AppData/Roaming/Typora/themes/github/700i.woff") format("woff"); }
html { font-size: 16px; }
body { font-family: 'Open Sans', 'Clear Sans', 'Helvetica Neue', Helvetica, Arial, sans-serif; color: rgb(51, 51, 51); line-height: 1.6; }
#write { max-width: 860px; margin: 0px auto; padding: 20px 30px 100px; }
#write > ul:first-child, #write > ol:first-child { margin-top: 30px; }
body > :first-child { margin-top: 0px !important; }
body > :last-child { margin-bottom: 0px !important; }
a { color: rgb(65, 131, 196); }
h1, h2, h3, h4, h5, h6 { position: relative; margin-top: 1rem; margin-bottom: 1rem; font-weight: bold; line-height: 1.4; cursor: text; }
h1:hover a.anchor, h2:hover a.anchor, h3:hover a.anchor, h4:hover a.anchor, h5:hover a.anchor, h6:hover a.anchor { text-decoration: none; }
h1 tt, h1 code { font-size: inherit; }
h2 tt, h2 code { font-size: inherit; }
h3 tt, h3 code { font-size: inherit; }
h4 tt, h4 code { font-size: inherit; }
h5 tt, h5 code { font-size: inherit; }
h6 tt, h6 code { font-size: inherit; }
h1 { padding-bottom: 0.3em; font-size: 2.25em; line-height: 1.2; border-bottom-width: 1px; border-bottom-style: solid; border-bottom-color: rgb(238, 238, 238); }
h2 { padding-bottom: 0.3em; font-size: 1.75em; line-height: 1.225; border-bottom-width: 1px; border-bottom-style: solid; border-bottom-color: rgb(238, 238, 238); }
h3 { font-size: 1.5em; line-height: 1.43; }
h4 { font-size: 1.25em; }
h5 { font-size: 1em; }
h6 { font-size: 1em; color: rgb(119, 119, 119); }
p, blockquote, ul, ol, dl, table { margin: 0.8em 0px; }
li > ol, li > ul { margin: 0px; }
hr { height: 4px; padding: 0px; margin: 16px 0px; border-width: 0px 0px 1px; border-style: none none solid; overflow: hidden; box-sizing: content-box; border-bottom-color: rgb(221, 221, 221); background-color: rgb(231, 231, 231); }
body > h2:first-child { margin-top: 0px; padding-top: 0px; }
body > h1:first-child { margin-top: 0px; padding-top: 0px; }
body > h1:first-child + h2 { margin-top: 0px; padding-top: 0px; }
body > h3:first-child, body > h4:first-child, body > h5:first-child, body > h6:first-child { margin-top: 0px; padding-top: 0px; }
a:first-child h1, a:first-child h2, a:first-child h3, a:first-child h4, a:first-child h5, a:first-child h6 { margin-top: 0px; padding-top: 0px; }
h1 p, h2 p, h3 p, h4 p, h5 p, h6 p { margin-top: 0px; }
li p.first { display: inline-block; }
ul, ol { padding-left: 30px; }
ul:first-child, ol:first-child { margin-top: 0px; }
ul:last-child, ol:last-child { margin-bottom: 0px; }
blockquote { border-left-width: 4px; border-left-style: solid; border-left-color: rgb(221, 221, 221); padding: 0px 15px; color: rgb(119, 119, 119); }
blockquote blockquote { padding-right: 0px; }
table { padding: 0px; word-break: initial; }
#write { overflow-x: auto; }
table tr { border-top-width: 1px; border-top-style: solid; border-top-color: rgb(204, 204, 204); margin: 0px; padding: 0px; background-color: white; }
table tr:nth-child(2n) { background-color: rgb(248, 248, 248); }
table tr th { font-weight: bold; border: 1px solid rgb(204, 204, 204); text-align: left; margin: 0px; padding: 6px 13px; }
table tr td { border: 1px solid rgb(204, 204, 204); text-align: left; margin: 0px; padding: 6px 13px; }
table tr th:first-child, table tr td:first-child { margin-top: 0px; }
table tr th:last-child, table tr td:last-child { margin-bottom: 0px; }
.CodeMirror-gutters { border-right-width: 1px; border-right-style: solid; border-right-color: rgb(221, 221, 221); }
.md-fences, code, tt { border: 1px solid rgb(221, 221, 221); border-radius: 3px; font-family: Consolas, 'Liberation Mono', Courier, monospace; padding: 2px 4px 0px; font-size: 0.9em; background-color: rgb(248, 248, 248); }
.md-fences { margin-bottom: 15px; margin-top: 15px; padding: 8px 1em 6px; }
.task-list { padding-left: 0px; }
.task-list-item { padding-left: 32px; }
.task-list-item input { top: 3px; left: 8px; }
@media screen and (min-width: 914px) {
}
@media print {
html { font-size: 13px; }
table, pre { page-break-inside: avoid; }
pre { word-wrap: break-word; }
}
.md-fences { background-color: rgb(248, 248, 248); }
#write pre.md-meta-block { padding: 1rem; font-size: 85%; line-height: 1.45; border: 0px; border-radius: 3px; color: rgb(119, 119, 119); margin-top: 0px !important; background-color: rgb(247, 247, 247); }
.mathjax-block > .code-tooltip { bottom: 0.375rem; }
#write > h3.md-focus::before { left: -1.5625rem; top: 0.375rem; }
#write > h4.md-focus::before { left: -1.5625rem; top: 0.285714rem; }
#write > h5.md-focus::before { left: -1.5625rem; top: 0.285714rem; }
#write > h6.md-focus::before { left: -1.5625rem; top: 0.285714rem; }
.md-image > .md-meta { border: 1px solid rgb(221, 221, 221); border-radius: 3px; font-family: Consolas, 'Liberation Mono', Courier, monospace; padding: 2px 4px 0px; font-size: 0.9em; color: inherit; background-color: rgb(248, 248, 248); }
.md-tag { color: inherit; }
.md-toc { margin-top: 20px; padding-bottom: 20px; }
#typora-quick-open { border: 1px solid rgb(221, 221, 221); background-color: rgb(248, 248, 248); }
#typora-quick-open-item { border-color: rgb(254, 254, 254) rgb(229, 229, 229) rgb(229, 229, 229) rgb(238, 238, 238); border-style: solid; border-width: 1px; background-color: rgb(250, 250, 250); }
#md-notification::before { top: 10px; }
.on-focus-mode blockquote { border-left-color: rgba(85, 85, 85, 0.117647); }
header, .context-menu, .megamenu-content, footer { font-family: 'Segoe UI', Arial, sans-serif; }
-->

Openstack

OpenstackCloud ComputingOpenstack版本迁移组件KeystoneNova ComputeGlacnceNeutronCinderswift技术支持方案Openstack部署方法2Keystone部署安装keystoneGlance获取镜像途径制作镜像工具元数据服务或配置驱动(config drive)支持对磁盘映像大小进行调整HorizonNova配置spice用于图形窗口关闭iptablesneutron配置dhcp-agent(optional)Cinder部署glusterfs计算节点运维环境制作image镜像附录Rabitmq

虚拟机nova与计算与Openstack http://docs.openstack.org/

Cloud Computing

Iaas: Infrastructure as a Service 针对运维人员 Paas: Platform as a Service 针对研发人员 Saas: Software as a Service 针对agent openv switch: 虚拟机的基于软件的软件交换机 异步消息队列协议: 控制平台通过异步消息队列来控制各物理主机和虚拟主机. 公有云: 云供应商提供的, 供各个组织使用的 私有云: 公司内部部署的云环境并仅在公司内部中使用 混合云: 自己内部组建了私有云, 并且并从公有云中的注册的虚拟机环境, 使二者集成. 云计算: 一种按需付费的一种模式, 突出了通过网络的一种服务 IAAS公有云提供商: 阿里云和青云,UCcloud PAAS一站式开发环境: sinaAppEngine; docker 提高资源使用率 桌面虚拟化: 瘦客机, VDI解决方案 应用虚拟化: Citrix xenapp, 使用浏览器来交付应用. Citrix 的ICA协议

Openstack

Python研发, 以完备功能为目标的. 各公司如果利用openstack来进行管理平台, 需要对其做二次开发. ASF: Apache Software Foundation. 开发的CloudStack VMs on demand: 1. provisioning 2.snopshotting Volumes; Networks; Multi-tenancy: quotas for different users; user can be associated with multiple tenants Object Storage for VM images and arbitratry files

版本迁移

2010 10.21 Austin版本 2014 Apr17 Icehouse 版本发布

组件

Compute (Nava) since Austin Networking(Neutron, Quantum): since Folsom Object Storage(swift): since Austin. Swift本身是分布式文件系统 Block Storage(Cinder): 提供后端大量的块设备, since Folsom. Identity(Keystone): since Essex Image Service(Glance): 映像文件管理. 可以通过glance本地存储也可以通过swift高可用文件系统进行存储 since Bexar Dashboard(Horizon): since Essex Telemetry/Metering(Ceilometer): Havana Release. 对各虚拟机的个数据指标进行检测的接口 Orchestration(Heat): 从私有云到公有云结合, 实现混合云.

Keystone

基于token认证. kvs, memcache. 没有用户名,密码. 一组随机密码, 客户端端和服务器端, 都预存这组密码 Identity认证: kvs, pam, sql, ldap, etc catalog: 编录, 存储这种RESTful风格的API调用uri RESTful: 轻量级的RPC()机制, 基于http://ip:port/port/ 调用基于uri进行 policy backend: 基于用户策略的虚拟机使用策略

Nova Compute

操作从队列中取得, 并将指令调用发送给队列. 生产消息, 生产者. nova conductor: 完成数据库中的数据更新 nova database: 一个关系型数据库 queue: 提供一个中央管理的异步消息管理队列. 通常为RabbitMQ nova-api: RESTful API. nova-compute: 真正的一个守护进程, 通过hyperviosor API来创建和管理虚拟机 nova-scheduler: 对消息队列中的请求进行调度来决定可以运行在哪个虚拟机上 nova-console/novncproxy/nova-consoleauth: 提供连接接口 nova-network:migrate to Neutron nova-volume: 管理持久存储. Migrated to Cinder

Glacnce

glance-api:镜像管理, 方便实时迁移. 接受API call glance-registry:处理查询, 存储images的metadata glance-database:处理存储

Neutron

网络连接管理的工具 neutron-server: API, 根据请求来决定调用哪个neutron plugin plugins/agents: 做真正的实际操作, 例如插入, 拔出端口, 创建网络相关的操作

Cinder

提供持久存储 cinder-api: 接受请求, 并路由请求到cinder-volume cinder-volume: 读取写入cinder-database中 cinder-scheduler: 选择可以使用的块空间 cinder database: 存储数据状态

swift

swift-proxy实际就是分布式存储. account: 账号管理 container: 容器管理 object: 存储对象管理

技术支持方案

Message Queue: RabbitMQ, Qpid, ZeroMQ Virtualization: xapi+xcp, xapi+xenServer,libvirt+KVM, libvirt+QEMU, libvirt+LXC, libvirt+vmware iSCSI back-end: LVM+IET, LVM+tgt, Xen Storage Manager, SAN(Solaris, HP, SolidFire), NexentaStor, NetApp, Ceph, Sheepdog Database: MySQL, PostgreSQL, sqlite(API) Web server: Apache, Nginx Session Cache: memcache, any Django-support database backend (MySQL, PostgreSQL, sqlite)

Openstack部署

db: mysql, mariadb, postgress mq:rabbitmq, qpid, zeromq Openstack基础部署: Controller Node: keystone(identity), glance, nova(nova-api, nova-schedular), horizon Compute Node: nova, hypervisor AMQP: Advanced Message Queeu Protocol Mirantis: 一个提供openstack的组织 keystone默认端口35357 准备开启IP转发和source route verfication

net.ipv4.ip_forward=1
net.ipv4.conf.default.rp_filter=0
net.ipv4.conf.all.rp_filter=0

安装基本包

yum install -y python-pip gcc gcc-c++ make libtool patch automake python-devel libxsit-devel MySQL-python openssl-devel libudev-devel git wget libvirt-python libvirt qemu-kvm gedit python-numdisplay device-mapper bridge-utils libffi-devel libffi lrzsz

yum install libxml2-devel
yum install libxslt-devel
yum install libyaml-devel

下载各组件的源码包

wget https://launchpad.net/keystone/icehouse/2014.1/+download/keystone-2014.1.tar.gz --no-check-certificate
wget https://launchpad.net/nova/icehouse/2014.1/+download/nova-2014.1.tar.gz --no-check-certificate
wget https://launchpad.net/glance/icehouse/2014.1/+download/glance-2014.1.tar.gz --no-check-certificate
wget https://launchpad.net/horizon/icehouse/2014.1/+download/horizon-2014.1.tar.gz --no-check-certificate
wget https://launchpad.net/neutron/icehouse/2014.1/+download/neutron-2014.1.tar.gz --no-check-certificate
wget https://launchpad.net/cinder/icehouse/2014.1/+download/cinder-2014.1.tar.gz --no-check-certificate

查看依赖包, 解压缩之后查看requirements.txt文档 使用pip安装依赖包

for i in `ls *.gz`;do tar -xf $i;done
cat */requirements.txt|sort -n|uniq >>openstack.txt
pip install -r openstack.txt -i http://pypi.v2ex.com/simple
pip install -r openstack.txt -i http://pypi.doubanio.com/simple

对于不兼容的版本, 到pypi.zenlogic.net/simple 下载相应的python源码

python setup.py build
python setup.py install

安装数据库和消息队列

mysql-server rabbitmq-server
mysqladmin -u root password nsadm
cp /usr/share/mysql/my-medium.cnf /etc/my.cnf
修改默认字符集
[mysqld]
default-storage-engine = innodb
collation-server = utf8_general_ci
init-connect = 'SET NAMES utf8'
character-set-server = utf8

# 查看字符集已经被设置
create database demo;
show create database demo;

查看消息队列的组件

/usr/lib/rabbitmq/bin/rabbitmq-plugins list
/usr/lib/rabbitmq/bin/rabbitmq-plugins enable rabbitmq_management
service rabbitmq-server start
192.168.48.131:15672/
guest/guest
rabbitmq默认监听在5672端口

方法2

name=openstack
baseurl=https://repos.fedorapeople.org/repos/openstack/EOL/openstack-icehouse/epel-6/
gpgcheck=0
enabled=1
yum -y install http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
yum -y install openstack-utils
yum -y install openstack-selinux
yum -y upgrade
reboot

Keystone

keystone提供了一下两个主要得功能: 用户与认证: 用户权限与用户行为跟踪 服务目录: 提供一个服务目录, 包括所有服务项与相关API的断电

部署安装keystone

安装keystone

yum install openstack-keystone python-keystoneclient

创建keystone配置目录

mkdir /etc/keystone
cp /root/keystone-2014.1/etc/* /etc/keystone
cp keystone.conf.sample keystone.conf
cp logging.conf.sample logging.conf

创建证书

keystone-manage pki_setup --keystone-user root --keystone-group root
/etc/keystone/ssl/certs/openssl.conf
chown -R root:root /etc/keystone/ssl

创建数据库

create database keystone;
grant all on keystone.* to keystone@'192.168.0.0/255.255.0.0' identified by 'keystone';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'keystone';
验证用户
mysql -h 192.168.48.131 -u keystone -pkeystone

修改keystone.conf文件

openssl rand -hex 10

admin_token=b3ad09610cad1330a497
debug=true
verbose=true
log_file=keystone.log
log_dir=/var/log/keystone
connection = mysql://keystone:keystone@192.168.48.131/keystone

同步数据库

keystone-manage db_sync
mysql -ukeystone -pkeystone -h 192.168.48.131 -e "use keystone;show tables"

启动keystone

keystone-all --config-file=/etc/keystone/keystone.conf

配置环境变量

export OS_SERVICE_TOKEN=b3ad09610cad1330a497
export OS_SERVICE_ENDPOINT=http://192.168.48.131:35357/v2.0

创建用户admin

 keystone user-create --name=admin --pass=admin --email=admin@openstack.com
 +----------+----------------------------------+
| Property |              Value               |
+----------+----------------------------------+
|  email   |       admin@openstack.com        |
| enabled  |               True               |
|    id    | b070096c3b9e4a9399fa0534fe188ff0 |
|   name   |              admin               |
| username |              admin               |
+----------+----------------------------------+

查看用户

keystone user-list

创建admin的角色

keystone role-create --name=admin
+----------+----------------------------------+
| Property |              Value               |
+----------+----------------------------------+
|    id    | ed35ddcd2d744b14a2902536f6775b81 |
|   name   |              admin               |
+----------+----------------------------------+

创建admin租户

keystone tenant-create --name=admin --description="Admin Tenant"
+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
| description |           Admin Tenant           |
|   enabled   |               True               |
|      id     | b6c5cd0aefee44bbb8a990a221810f77 |
|     name    |              admin               |
+-------------+----------------------------------+

关联用户角色和租户

keystone user-role-add --user=admin --tenant=admin --role=admin

创建dashboard的用户demo

 keystone user-create --name=demo --pass=demo --email=keystone@openstack.com
 keystone tenant-create --name=demo --description="Demo Tenant"
 keystone user-role-add --user=demo --tenant=demo --role=_member_

创建keystone服务

eystone service-create --name=keystone --type=identity --description="OpenStack Identity"

创建keystone服务的endpoint, 服务端点

keystone endpoint-create --service-id=7815fd4d7c6c422e8cf28d2c9f9be053 --publicurl=http://192.168.48.131:5000/v2.0 --internalurl=hhtp://192.168.48.131:5000/v2.0 --adminurl=http://192.168.48.131:35357/v2.0

删除内容可以直接keystone delete即可

keystone delete <ID> 

获取token

keystone --os-username=keystone --os-password=keystone --os-auth-url=http://192.168.48.131:35357/v2.0 token-get

创建环境变量文件keystone-admin

export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_AUTH_URL=http://192.168.48.131:35357/v2.0

Glance

Openstack Image服务可用于发现、注册及检索虚拟机映像(image)，它提供了一个RESTful的API，能够让用户查询VM映像的元数据及通过HTTP请求获取映像，并可以让python程序员通过客户端类在python代码中完成类似的所有任务。VM映像文件可以存储在各类存储中，如普通的文件系统、对象存储系统(如Openstack Object Storage)、S3存储及HTTP(仅作为获取映像文件之用，而不能写于此中创建映像文件)等。 安装glance

yum install -y openstack-glance

创建glance数据库

create database glance;
grant all on glance.* to glance@'192.168.0.0/255.255.0.0' identified by 'glance';
grant all on glance.* to glance@'localhost' identified by 'glance';

配置glance-api, 提供给其他服务用于查询glance镜像

verbose=True
debug=True
default_store=file
connection=mysql://glance:glance@192.168.48.131/glance

修改glance-registry.conf文件

verbose=True
debug=True
log_file=/var/log/glance/registry.log
backlog=4096
connection=mysql://glance:glance@192.168.48.131/glance

同步数据库

glance-manage db_sync
mysql -h 192.168.48.131 -uglance -pglance -e "use glance;show tables;"

集成rabitmq和glance, 修改glance-api

notifier_strategy = rabbit
rabbit_host=192.168.48.131
rabbit_port=5672
rabbit_use_ssl=false
rabbit_userid=guest
rabbit_password=guest
rabbit_virtual_host=/
rabbit_notification_exchange=glance
rabbit_notification_topic=notifications
rabbit_durable_queues=False

修改glance-api 添加keystone相关信息

[keystone_authtoken]
auth_host=192.168.48.131
auth_port=35357
auth_protocol=http
admin_tenant_name= admin
admin_user= admin
admin_password= admin
[paste_deploy]
flavor=keystone

修改glance-registry.conf添加keystone相关信息

[keystone_authtoken]
auth_host=192.168.48.131
auth_port=35357
auth_protocol=http
admin_tenant_name= admin
admin_user= admin
admin_password= admin
[paste_deploy]
flavor=keystone

创建glance的keysthone服务

keystone service-create --name=glance --type=image --description="OpenStack Image Service"
+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
| description |     OpenStack Image Service      |
|   enabled   |               True               |
|      id     | 1b64541cad8042f3a018515da6f3819e |
|     name    |              glance              |
|     type    |              image               |
+-------------+----------------------------------+

创建glance的keystone endpoint

keystone endpoint-create \
--service-id=1b64541cad8042f3a018515da6f3819e \
--publicurl=http://192.168.48.131:9292 \
--internalurl=http://192.168.48.131:9292 \
--adminurl=http://192.168.48.131:9292
+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
|   adminurl  |    http://192.168.48.131:9292    |
|      id     | 5e13f54b6d68434cb7509c6618542618 |
| internalurl |    http://192.168.48.131:9292    |
|  publicurl  |    http://192.168.48.131:9292    |
|    region   |            regionOne             |
|  service_id | 1b64541cad8042f3a018515da6f3819e |
+-------------+----------------------------------+

启动glance服务

glance-api --config-file=/etc/glance/glance-api.conf
glance-registry --config-file=/etc/glance/glance-registry.conf
service openstack-glance-api start
service openstack-glance-registry start

创建glance镜像

glance image-create --name "cirros-0.3.4" --disk-format qcow2 --container-format bare --is-public True --file cirros-0.3.4-x86_64-disk.img
+------------------+--------------------------------------+
| Property         | Value                                |
+------------------+--------------------------------------+
| checksum         | ee1eca47dc88f4879d8a229cc70a07c6     |
| container_format | bare                                 |
| created_at       | 2016-10-14T09:04:27                  |
| deleted          | False                                |
| deleted_at       | None                                 |
| disk_format      | qcow2                                |
| id               | 4399d215-7873-4c8a-b158-d0f9ccc25bb3 |
| is_public        | True                                 |
| min_disk         | 0                                    |
| min_ram          | 0                                    |
| name             | cirros-0.3.4                         |
| owner            | b6c5cd0aefee44bbb8a990a221810f77     |
| protected        | False                                |
| size             | 13287936                             |
| status           | active                               |
| updated_at       | 2016-10-14T09:04:27                  |
| virtual_size     | None                                 |
+------------------+--------------------------------------+
image-create命令至少要接受三个参数：--name、--container_format及--disk_format。其中--disk_format用于指明磁盘映像文件的格式，包括raw、qcow2、vhd、vmdk、iso、vdi、aki(amazon kernel image)、ari(amazon ramdisk image)及ami(amazon machine image)等。--container_format用于标明映像文件是否包含了虚拟机的元数据信息，然而，目前Compute服务并未使用此信息，因此，在不确定的情况可以将其指定为bare，而合用的格式主要有bare(没有container或元数据信息)、ovf、aki、ari或ami几种。

镜像元数据

architecture：hypervisor必须支持的CPU架构，如x86_64、arm等； hypervisor_type：hypervisor类型，其能够使用的值包括xen、qemu、kvm、lxc、uml、vmware、hyperv及powervm； vm_mode：定义虚拟机模式，即应用于虚拟机的host/guest ABI；例如hvm、xen、uml、exe等；

xenAPI还有其专用的两个属性可以定义： auto_disk_config：布尔型属性值，true表示在虚拟机实例启动前磁盘的根分区将被自动调整； os_type：image中安装的操作系统类型，如linux、windows等，XenAPI能够根据此属性值来执行不同的操作，如为windows创建fat32格式的交换分区、限制其主机名称少于16个字符等；

vmware_ostype：VMware GuestID，用于描述映像文件中的操作系统类型；vmware所支持的类型较多，可以参照thinkvirt.com获取详细信息；默认值为otherGuest； vmware_image_version：目前未使用，默认值为1； VMware API也有如下三个专用属性可以定义： vmware_adaptertype：定义hypervisor使用的虚拟SCSI或IDE接口类型，其有效值为lsiLogic、busLogic及ide；

本地glance镜像文件放在

/var/lib/glance/images/

获取镜像途径

CirrOS 由Scott Moser维护的一系列用于测试目的的微型虚拟机映像，登录名为cirros，下载地址为https://launchpad.net/cirros/+download。在QEMU或KVM中测试时，官方建议使用QCOW2格式的映像文件。 Ubuntu Canonical官方提供了基于Ubuntu的系列映像，登录名为ubuntu，下载地址为http://uec-images.ubuntu.com/。在QEMU或KVM中部署时，建议使用QCOW2格式的映像文件。 Fedora Fedora官方提供了预制的Fedora JEOS映像，下载地址为http://berrange.fedorapeople.org/images，目前最新的是为x8664平台提供为的QCOW2格式的映像f17-x8664-openstack-sda.qcow2。 OpenSUSE和SLES11映像 通过SUSE Studio(http://susestudio.com/)可以很方便地为OpenSUSE和SLES11构建与OpenStack兼容的虚拟应用，比如创建一个OpenSUSE12.1的JEOS映像。 Rackspace云生成器镜像 Rackspace云生成器(https://github.com/rackerjoe/oz-image-build)提供了多种发行版预制的预制映像，如RedHat、CentOS、Fedora及Ubuntu等。

制作镜像工具

Oz(KVM)：Oz是能够为常见Linux发行版创建映像文件的命令行工具，Rackspace就是使用Oz创建的映像文件。在Fedora Project的wiki中，提供了使用Oz创建映像文件的案例，具体请参照https://fedoraproject.org/wiki/Getting_started_with_OpenStack_Nova#Building_an_Image_With_Oz。

VMBuilder(KVM,Xen)：VMBuilder能够为不同的hypervisor创建虚拟机映像文件，它是一个脚本，能够自动收集所需的资源为虚拟机创建映像文件。Ubuntu为之提供了一个使用案例，具体请参照https://help.ubuntu.com/12.04/serverguide/jeos-and-vmbuilder.html。

VeeWee(KVM)：VeeWee通常用于创建Vagrant虚拟工作环境，一种基于Virtualbox、VMware、AWS等虚拟化技术的虚拟化工具。VeeWee也可以用于创建KVM映像。

imagefactory：Aeolus项目的一款工具，用于自动化创建、转换及为不同的云服务商上海映像文件，支持Openstack云。

元数据服务或配置驱动(config drive)

Openstack支持的映像文件必须能够由Openstack获取到其元数据信息，如ssh公钥以及用户在请求映像文件时提交的用户数据等。这些元数据信息可以通过元数据服务或配置驱动获取，最简单的方式莫过于在映像中安装cloud-init程序。cloud-init用于为云实例提供配置及定制功能，项目的地址为https://launchpad.net/cloud-init。

支持对磁盘映像大小进行调整

虚拟机映像文件的磁盘大小由创建映像时的初始大小决定，然而Openstack需要在启动实例时通过指定不同的flavor来使用不同大小的磁盘空间。例如，有着磁盘初始大小为5G的映像文件，在用于创建实例时使用了m1.small这个flavor，虚拟机实例将需要一个大小为10G的主盘。调整实例的磁盘大小时，通过在其尾部填0来完成。

映像文件的分区大小也需要能够根据用户的需要在实例启动时进行调整，否则，在实例启动后，为了能够访问由flavor的配置指定的超出磁盘原始大小的其它空间就不得不手动去调整分区大小。因此，在实例启动时，映像文件需要运行一个脚本以修改分区表，并运行相应的程序(如resize2fs等)调整文件系统，使得其能够适应新的分区大小。

会话保持: 一致性哈希算法

会话复制: 比如tomcat的cluster的标签, session在集群中复制. 复制开销很大

会话共享: memcache

Horizon

Openstack的dashboard 安装

yum install -y memcached python-memcached mod_wsgi openstack-dashboard

dashboard依赖于Member角色 修改配置文件/etc/opentstack-dashboard/local_settings

OPENSTACK_HOST = "192.168.48.131"
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_"
ALLOWED_HOSTS = ['example.com', 'localhost','192.168.48.131']

会话控制 会话保持: Nginx的一致性hash算法 会话复制: Tomcat中的cluster标签打开 会话共享: Memcache 启动memcache启动httpd即可

Nova

配置网桥br0, eth0 安装网桥管理工具

yum install bridge-utils

安装nova

yum install openstack-nova

虚拟机目录

/var/lib/nova/instances

创建nova数据库

create database nova;
grant all on nova.* to nova@'192.168.48.0/255.255.255.0' identified by 'nova';
nova-manage db sync
my_ip=192.168.48.131

配置rabbitmq

rabbit_host=192.168.48.131
rabbit_port=5672
rabbit_hosts=$rabbit_host:$rabbit_port
rabbit_use_ssl=false
rabbit_userid=guest
rabbit_password=guest

配置keystone

auth_strategy=keystone
[keystone_authtoken]
auth_host=192.168.48.131
auth_port=35357
auth_protocol=http
auth_uri=http://192.168.48.131:5000
auth_version=v2.0

admin_user=admin
admin_password=admin
admin_tenant_name=admin

配置vnc

novncproxy_base_url=http://192.168.48.131:6080/vnc_auto.html
vncserver_listen=0.0.0.0
vncserver_proxyclient_address=192.168.48.131
vnc_enabled=true

创建nova的service

keystone service-create --name=nova --type=compute --description="Openstack Compute"

创建nova的endpoint

keystone endpoint-create \
--service-id=d5d77cd173e34b4a8d9c83e753bb17f7 \
--publicurl=http://192.168.48.131:8774/v2/%\(tenant_id\)s \
--internalurl=http://192.168.48.131:8774/v2/%\(tenant_id\)s \
--adminurl=http://192.168.48.131:8774/v2/%\(tenant_id\)s
note: nova api 侦听在8774端口

配置spice用于图形窗口

修改nova.conf

[spice]
html5proxy_base_url=http://192.168.48.131:6082/spice_auto.html
server_listen=0.0.0.0
server_proxyclient_address=192.168.48.131
enabled=true
keymap=en-us

安装spice服务

yum install spice-server spice-client spice-protocol spice-html5

service openstack-nova-api restart
service openstack-nova-cert  restart
service openstack-nova-compute restart
service openstack-nova-consoleauth restar
service openstack-nova-consoleauth restart
service openstack-nova-scheduler restart
service openstack-nova-spicehtml5proxy restart

关闭iptables

修改nova.conf文件

firewall_driver=nova.virt.libvirt.firewall.NoopFirewallDriver

neutron

nova-network-->quantum --> neutron l2 l3 l4-l7 支持. SDN: software define network, 软件定义网络 l4-l7目前使用haproxy来实现 目前二层使用 linuxbridge/ovs 安装libvirt会默认创建virbr0 安装软件包openstack-neutron

yum install openstack-neutron 

配置neutron, neutron.conf

[DEFAULT]
verbose = True
debug = True
log_file = neutron.log
log_dir = /var/log/neutron
core_plugin = ml2
service_plugins = router
auth_strategy = keystone
rabbit_host = 192.168.48.131
rabbit_password = guest
rabbit_port = 5672
rabbit_userid = guest
rabbit_virtual_host = /
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
nova_url = http://192.168.48.131:8774/v2
nova_admin_username = admin
nova_admin_tenant_id = b6c5cd0aefee44bbb8a990a221810f77
nova_admin_password = admin
nova_admin_auth_url = http://192.168.48.131:35357/v2.0

[keystone_authtoken]
auth_host = 192.168.48.131
auth_port = 35357
auth_protocol = http
admin_tenant_name = admin
admin_user = admin
admin_password = admin

[database]
connection = mysql://neutron:neutron@192.168.48.131:3306/neutron

core_plugin = ml2 抽象了一层, 使得底层可以即使用linux网桥也使用ovs 配置nova与neutron相关的配置

network_api_class=nova.network.neutronv2.api.API
linuxnet_interface_driver=nova.network.linux_net.LinuxBridgeInterfaceDriver
neutron_url=http://192.168.48.131:9696
neutron_admin_username=admin
neutron_admin_password=admin
neutron_admin_tenant_id=b6c5cd0aefee44bbb8a990a221810f77
neutron_admin_tenant_name=admin
neutron_admin_auth_url=http://192.168.48.131:5000/v2.0
use_cow_images=false
vif_plugging_is_fatal=false
vif_plugging_timeout=10
firewall_driver=nova.virt.firewall.NoopFirewallDriver

flat: 扁平网络, ESXI, 一个网段. 广播包对性能产生影响. VLAN: 私有云, 4096 GRE: 公有云, 系能并不理想 vxlan: VLAN模型的扩展 安装neutron插件

 yum install openstack-neutron-ml2
 yum install openstack-neutron-linuxbridge

配置/etc/neutron/plugins/ml2/ml2.conf.ini

type_drivers = flat
tenant_network_types = flat
mechanism_drivers = linuxbridge
enable_security_group = True

配置/etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini

network_vlan_ranges = physnet1
physical_interface_mappings = physnet1:eth0
enable_security_group = True

neutron插件配置入口

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

测试

nova-novncproxy --config-file=/etc/nova/nova.conf

创建neutron服务

keystone service-create --name neutron --type network --description "Openstack Networking"
keystone endpoint-create \
> --service-id=6110c24335324e5d89fa4be8fd50ac0d \
> --publicurl=http://192.168.48.131:9696 \
> --internalurl=http://192.168.48.131:9696 \
> --adminurl=http://192.168.48.131:9696

neutron创建网络

neutron net-create --tenant-id ba5a6fc890fe448bbeab70368dea9c20 demo_net --shared --provider:network_type flat --provider:physical_network physnet1
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| id                        | 0638b3c3-7c5e-47ce-b067-719a4b38159e |
| name                      | demo_net                             |
| provider:network_type     | flat                                 |
| provider:physical_network | physnet1                             |
| provider:segmentation_id  |                                      |
| shared                    | True                                 |
| status                    | ACTIVE                               |
| subnets                   |                                      |
| tenant_id                 | ba5a6fc890fe448bbeab70368dea9c20     |
+---------------------------+--------------------------------------+

查看neutron network 服务状态

neutron net-list
+--------------------------------------+----------+---------+
| id                                   | name     | subnets |
+--------------------------------------+----------+---------+
| 0638b3c3-7c5e-47ce-b067-719a4b38159e | demo_net |         |
+--------------------------------------+----------+---------+

修改/etc/libvirt/qemu.conf

cgroup_device_acl = [
    "/dev/null", "/dev/full", "/dev/zero",
    "/dev/random", "/dev/urandom",
    "/dev/ptmx", "/dev/kvm", "/dev/kqemu",
    "/dev/rtc","/dev/hpet","/dev/net/tun",
]

重启libvirtd

service libvirtd restart

配置dhcp-agent(optional)

修改配置/etc/neutron/dhcp_agent.ini

debug = True
interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
use_namespaces = False
dhcp_confs = $state_path/dhcp

此处有问题, 需要补充dhcp.DNSmasq的配置 删除默认网桥

virsh net-list
virsh net-destroy default
virsh net-undefine default

Cinder

配置cinder.conf 添加数据库信息

[DEFAULT]
rabbit_host=192.168.48.131
rabbit_port=5672
rabbit_userid=guest
rabbit_password=guest
rabbit_virtual_host=/
rpc_backend=rabbit
state_path=/var/lib/cinder
auth_strategy=keystone
debug=true
verbose=true
log_file=cinder.log
log_dir=/var/log/cinder
nfs_shares_config=/etc/cinder/nfs_shares
nfs_mount_point_base=$state_path/mnt
volume_driver=cinder.volume.drivers.nfs.NfsDriver
[BRCD_FABRIC_EXAMPLE]
[database]
connection=mysql://cinder:cinder@192.168.48.131/cinder
[fc-zone-manager]
[keymgr]
[keystone_authtoken]
auth_host=192.168.48.131
auth_port=35357
auth_protocol=http
auth_uri=http://192.168.48.131:5000
admin_user=admin
admin_password=admin
admin_tenant_name=admin
[matchmaker_redis]
[matchmaker_ring]
[oslo_messaging_amqp]
[profiler]
[ssl]

同步数据库

cinder-manage db sync

创建keystone service endpoint

keystone service-create --name=cinder --type=volume --description="Openstack Block Storage"
keystone endpoint-create \
> --service-id=980f3b2fe7164491aa84935c4b69b8dd \
> --publicurl=http://192.168.48.131:8776/v1/%\(tenant_id\)s \
> --internalurl=http://192.168.48.131:8776/v1/%\(tenant_id\)s \
> --adminurl=http://192.168.48.131:8776/v1/%\(tenant_id\)s
+-------------+---------------------------------------------+
|   Property  |                    Value                    |
+-------------+---------------------------------------------+
|   adminurl  | http://192.168.48.131:8776/v1/%(tenant_id)s |
|      id     |       340328a8661148bc800b061179335560      |
| internalurl | http://192.168.48.131:8776/v1/%(tenant_id)s |
|  publicurl  | http://192.168.48.131:8776/v1/%(tenant_id)s |
|    region   |                  regionOne                  |
|  service_id |       980f3b2fe7164491aa84935c4b69b8dd      |
+-------------+---------------------------------------------+

安装nfs

yum install nfs-utils rpcbind 

vi /etc/exports

/data/nfs       192.168.48.0/24(rw,no_root_squash)

重启nfs服务

service rpcbind restart
service nfs restart

编辑文件/etc/cinder/nfs_shares

192.168.48.131:/data/nfs

部署glusterfs

下载glusterfs的源

baseurl=http://buildlogs.centos.org/centos/6/storage/x86_64/gluster-3.7/
baseurl=http://mirrors.163.com/centos/6.8/storage/x86_64/gluster-3.7/

启动glusterd服务

service glusterd start

创建gluster存储对象

gluster volume create cinder-01 replica 2 192.168.48.131:/data/glusterfs/exp1 192.168.48.131:/data/glusterfs/exp2 force

查看存储卷的信息

gluster volume info

启动卷

gluster volume start cinder-01

修改cinder.conf文件, 指明使用clusterfsDriver

volume_driver=cinder.volume.drivers.glusterfs.GlusterfsDriver
glusterfs_shares_config=/etc/cinder/glusterfs_shares
glusterfs_mount_point_base=$state_path/mnt

编辑挂载配置文件/etc/cinder/glusterfs_shares

192.168.48.131:/cinder-01

计算节点

部署nova-compute和neutron-linuxbridge-agent即可 思科的三层交换. 核心层交换: 防火墙. 汇聚层交换: 交换机 接入层交换: Server与交换机的连接

运维环境

flume fluentd logstash flume + stom + kafka + hdfs + rundesk

制作image镜像

http://docs.openstack.org/image-guide/index.html 创建虚拟磁盘文件

qemu-img create -f qcow2 /tmp/centos.qcow2 10G

创建虚拟机

virt-install --virt-type kvm --name centos --ram 1024 \
  --disk /tmp/centos.qcow2,format=qcow2 \
  --network network=default \
  --graphics vnc,listen=0.0.0.0 --noautoconsole \
  --os-type=linux --os-variant=rhel7 \
  --location=/data/isos/CentOS-7-x86_64-NetInstall-1511.iso

导出xml配置文件

virsh dumpxml centos 

使用cloud-init 获取公钥

yum install cloud-init

cloud-init生成/etc/cloud/cloud.cfg

user: admin

在/etc/rc.d/rc.local中添加如下脚本来获取公钥

 if [ ! -d /root/.ssh ]; then
  mkdir -p /root/.ssh
  chmod 700 /root/.ssh
fi

# Fetch public key using HTTP
ATTEMPTS=30
FAILED=0
while [ ! -f /root/.ssh/authorized_keys ]; do
  curl -f http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key \
    > /tmp/metadata-key 2>/dev/null
  if [ \$? -eq 0 ]; then
    cat /tmp/metadata-key >> /root/.ssh/authorized_keys
    chmod 0600 /root/.ssh/authorized_keys
    restorecon /root/.ssh/authorized_keys
    rm -f /tmp/metadata-key
    echo "Successfully retrieved public key from instance metadata"
    echo "*****************"
    echo "AUTHORIZED KEYS"
    echo "*****************"
    cat /root/.ssh/authorized_keys
    echo "*****************"
  fi
done

禁止zeroconf 路由

echo "NOZEROCONF=yes" >>/etc/sysconfig/network

配置控制台

RHEL6, grub

serial --unit=0 --speed=115200
terminal --timeout=10 console serial
kernel ... console=tty, console=ttyS0, 115200n8

RHEL7, grub2 编辑/etc/default/grub并配置GRUP_CMDLINE_LINUX选项, 并且删除rhgb quiet的内核参数

GRUB_CMDLINE_LINUX="crashkernel=auto console=tty0 console=ttyS0,115200n8"

执行grub2-mkconfig产生配置文件

grub2-mkconfig -o /boot/grub2/grub.cfg

清理mac 地址的详细信息

virt-sysprep -d centos

删除本地虚拟机

virsh undefine centos

http://www.chenshake.com/

陈沙克的博客

附录

Rabitmq

修改密码

rabbitmqctl change_password guest guest