OpenStack-Ocata版+CentOS7.6 雲平臺環境搭建 — 2.安裝配置OpenStack基礎服務

節點配置狀況說明：

控制節點：controller： 
IP：192.168.164.128 
hostname&hosts：likeadmin

計算加點：Nova： 

IP：192.168.164.129 
hostname&hosts：likenode

塊存儲節點:cinder： 

IP：192.168.164.136 
hostname&hosts：likeblock

1.安裝配置OpenStack包
須要分別在likeadmin，likenode，likeblock三臺主機上安裝OpenStack包和客戶端

1）在CentOS中， ``extras``倉庫提供用於啓用 OpenStack 倉庫的RPM包。 CentOS 默認啓用``extras``倉庫，所以你能夠直接安裝用於啓用OpenStack倉庫的包。
# yum install centos-release-openstack-ocata

在RHEL上，下載和安裝RDO倉庫RPM來啓用OpenStack倉庫。
# yum install https://rdoproject.org/repos/rdo-release.rpm

2）安裝 OpenStack 客戶端：
# yum install python-openstackclient

3）RHEL和 CentOS 默認啓用 SELinux 。安裝 openstack-selinux 包實現對OpenStack服務的安全策略進行自動管理：
# yum install openstack-selinux

 

2.安裝並配置SQL數據庫
注意：SQL只須要安裝在controller節點上，即likeadmin計算機

1）安全並配置組件
安裝軟件包：
# yum install mariadb mariadb-server python2-PyMySQL

2）建立並編輯 /etc/my.cnf.d/openstack.cnf，而後完成以下動做：
可在/usr/share/mariadb/my-medium.cnf路徑下複製OpenStack.cnf文件
cp /usr/share/mariadb/my-medium.cnf /etc/my.cnf.d/openstack.cnf

在[mysqld]中，設置「bind-address」值爲控制節點的管理網絡IP地址以是的其餘節點能夠經過管理網絡訪問訪問數據庫。設置其餘關鍵字來設置一些有用的選項和UTF-8編碼：
[mysqld]
bind-address = 192.168.164.128

default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8

3）完成安裝
啓動數據庫服務，並將其配置爲開機自啓：
# systemctl enable mariadb.service
# systemctl start mariadb.service

4）經過運行mysql_secure_installation腳原本保護數據庫服務。 特別是，爲數據庫root賬戶選擇合適的密碼：
# mysql_secure_installation

[root@likeadmin ~]# mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none): *這裏不須要輸入root的密碼，直接enter就能夠*
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y *這裏選設置root密碼*
New password: djl18001
Re-enter new password: djl18001
Password updated successfully!
Reloading privilege tables..
... Success!

By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] y
... Success!

Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] y
... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] y
... Success!

Cleaning up...

All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!
[root@likeadmin ~]#

 

3. 安裝並配置消息隊列
OpenStack使用消息隊列來協調服務之間的操做和狀態信息。 消息隊列服務一般在控制器節點上運行。 
OpenStack支持多種消息隊列服務，包括RabbitMQ，Qpid和ZeroMQ。 可是，大多數打包OpenStack的發行版都支持特定的消息隊列服務。 
本指南實現了RabbitMQ消息隊列服務，由於大多數發行版都支持它。 若是您但願實現不一樣的消息隊列服務，請查閱與其相關的文檔。
1）安裝包：
# yum install rabbitmq-server

2）啓動消息隊列服務並將其配置爲隨系統啓動：
# systemctl enable rabbitmq-server.service
# systemctl start rabbitmq-server.service

3）添加 openstack 用戶：
# rabbitmqctl add_user openstack RABBIT_PASS          *在實驗環境下RABBIT_PASS設成：djl18001，在生產環境下請使用密文代替
Creating user "openstack" ...
用合適的密碼替換 RABBIT_DBPASS。

4）給``openstack``用戶配置寫和讀權限：
# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
Setting permissions for user "openstack" in vhost "/" ...

5）啓動rabbitmq_management插件（可選作）
[root@likeadmin ~]# rabbitmq-plugins list 
Configured: E = explicitly enabled; e = implicitly enabled
| Status: * = running on rabbit@likeadmin
|/
[ ] amqp_client 3.6.5
[ ] cowboy 1.0.3
[ ] cowlib 1.0.1
[ ] mochiweb 2.13.1
[ ] rabbitmq_amqp1_0 3.6.5
[ ] rabbitmq_auth_backend_ldap 3.6.5
[ ] rabbitmq_auth_mechanism_ssl 3.6.5
[ ] rabbitmq_consistent_hash_exchange 3.6.5
[ ] rabbitmq_event_exchange 3.6.5
[ ] rabbitmq_federation 3.6.5
[ ] rabbitmq_federation_management 3.6.5
[ ] rabbitmq_jms_topic_exchange 3.6.5
[ ] rabbitmq_management 3.6.5
[ ] rabbitmq_management_agent 3.6.5
[ ] rabbitmq_management_visualiser 3.6.5
[ ] rabbitmq_mqtt 3.6.5
[ ] rabbitmq_recent_history_exchange 1.2.1
[ ] rabbitmq_sharding 0.1.0
[ ] rabbitmq_shovel 3.6.5
[ ] rabbitmq_shovel_management 3.6.5
[ ] rabbitmq_stomp 3.6.5
[ ] rabbitmq_top 3.6.5
[ ] rabbitmq_tracing 3.6.5
[ ] rabbitmq_trust_store 3.6.5
[ ] rabbitmq_web_dispatch 3.6.5
[ ] rabbitmq_web_stomp 3.6.5
[ ] rabbitmq_web_stomp_examples 3.6.5
[ ] sockjs 0.3.4
[ ] webmachine 1.10.3
[root@likeadmin ~]# 
[root@likeadmin ~]# rabbitmq-plugins enable rabbitmq_management
The following plugins have been enabled:
mochiweb
webmachine
rabbitmq_web_dispatch
amqp_client
rabbitmq_management_agent
rabbitmq_management

Applying plugin configuration to rabbit@likeadmin... started 6 plugins.
[root@likeadmin ~]# 
[root@likeadmin ~]# lsof -i:15672
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
beam.smp 22128 rabbitmq 54u IPv4 88245 0t0 TCP *:15672 (LISTEN)
[root@likeadmin ~]#

可經過瀏覽器訪問RabbitMQ,訪問地址是http://192.168.164.128:15672
默認帳號密碼：guest guest
登陸後，在admin選項，爲OpenStack帳號設置登陸密碼，並添加administrator權限

 

4。安裝並配置Memcached
各種服務的身份認證機制使用Memcached緩存令牌。緩存服務memecached一般運行在控制節點。在生產部署中，咱們推薦聯合啓用防火牆、認證和加密保證它的安全。

1）安全並配置組件
安裝軟件包：
#yum install memcached python-memcached

2）編輯/etc/sysconfig/memcached文件並完成如下操做：
配置服務以使用控制器節點的管理IP地址。 這是爲了經過管理網絡啓用其餘節點的訪問：
OPTIONS="-l 127.0.0.1,::1,likeadmin"

3）完成安裝
啓動Memcached服務，而且配置它隨機啓動。
# systemctl enable memcached.service
# systemctl start memcached.service

 

注：至此OpenStack基礎環境已基本搭建完成。