openstack部署(四)--網絡配置(Networking)

時間  2020-09-14
標籤 openstack 部署 網絡 配置 networking 欄目 系統網絡 简体版
原文   原文鏈接

計算節點python

增長Networking及配置【計算節點】mysql


安裝組件 yum install -y openstack-neutron openstack-neutron-linuxbridge ebtables ipsetlinux

配置普通組件  vim /etc/neutron/neutron.conf //更改或增長web

[DEFAULT]
rpc_backend = rabbit
auth_strategy = keystone
verbose = True
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = openstackpasswd
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = neutronpasswd
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp



配置linux橋接agentsql

[root@compute ~]# mv /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak
[root@compute ~]# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini  增長如下內容
[linux_bridge]
physical_interface_mappings = public:eno16777736
[vxlan]
enable_vxlan = False
[agent]
prevent_arp_spoofing = True
[securitygroup]
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

配置compute使用網絡django

vi /etc/nova/nova.conf  //更改或增長vim

[neutron]
url = http://controller:9696
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
region_name = RegionOne
project_name = service
username = neutron
password = neutronpasswd

啓動服務api

systemctl restart openstack-nova-compute.service   緩存

systemctl enable neutron-linuxbridge-agent.servicebash

systemctl start neutron-linuxbridge-agent.service

[root@compute ~]# systemctl restart openstack-nova-compute.service 
[root@compute ~]# systemctl enable neutron-linuxbridge-agent.service
Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-linuxbridge-agent.service to /usr/lib/systemd/system/neutron-linuxbridge-agent.service.
[root@compute ~]# systemctl start neutron-linuxbridge-agent.service
[root@compute ~]#

驗證配置(controller)


執行環境變量腳本

source admin-openrc.sh


列出全部的擴展

neutron ext-list

[root@controller network-scripts]# neutron ext-list
+-----------------------+-----------------------------------------------+
| alias                 | name                                          |
+-----------------------+-----------------------------------------------+
| dns-integration       | DNS Integration                               |
| ext-gw-mode           | Neutron L3 Configurable external gateway mode |
| binding               | Port Binding                                  |
| agent                 | agent                                         |
| subnet_allocation     | Subnet Allocation                             |
| l3_agent_scheduler    | L3 Agent Scheduler                            |
| external-net          | Neutron external network                      |
| flavors               | Neutron Service Flavors                       |
| net-mtu               | Network MTU                                   |
| quotas                | Quota management support                      |
| l3-ha                 | HA Router extension                           |
| provider              | Provider Network                              |
| multi-provider        | Multi Provider Network                        |
| extraroute            | Neutron Extra Route                           |
| router                | Neutron L3 Router                             |
| extra_dhcp_opt        | Neutron Extra DHCP opts                       |
| security-group        | security-group                                |
| dhcp_agent_scheduler  | DHCP Agent Scheduler                          |
| rbac-policies         | RBAC Policies                                 |
| port-security         | Port Security                                 |
| allowed-address-pairs | Allowed Address Pairs                         |
| dvr                   | Distributed Virtual Router                    |
+-----------------------+-----------------------------------------------+
[root@controller network-scripts]#

列出全部agent

neutron agent-list

[root@controller network-scripts]# neutron agent-list
+--------------------------------------+--------------------+------------+-------+----------------+---------------------------+
| id                                   | agent_type         | host       | alive | admin_state_up | binary                    |
+--------------------------------------+--------------------+------------+-------+----------------+---------------------------+
| 4280e1bf-9167-4513-9128-8d71bb1235cc | DHCP agent         | controller | :-)   | True           | neutron-dhcp-agent        |
| 75faf736-924d-43a5-bb2c-620dcd474602 | Metadata agent     | controller | :-)   | True           | neutron-metadata-agent    |
| af9496f7-9c3a-4b29-9112-4fbd19a91b70 | Linux bridge agent | compute    | :-)   | True           | neutron-linuxbridge-agent |
| fdc74917-b760-48e4-b5d6-5290083521bf | Linux bridge agent | controller | :-)   | True           | neutron-linuxbridge-agent |
+--------------------------------------+--------------------+------------+-------+----------------+---------------------------+
[root@controller network-scripts]#

agent type以下:

Linux bridge agent

Linux bridge agent

DHCP agent

Metadata agent

必需要有4個,不然說明上面的某個步驟配置有問題。


增長dashboard  - horizon 【控制節點】

openstack dashboard也被稱爲Horizon,是一個web界面,使用管理員和用戶可以管理openstack不一樣的資源和服務
dashboard 經過OpenStack APIs操做openstack雲計算控制器
Horizon容許定製本身的商標
Horizon提供了核心類和可重複使用的木板和工具
這個部署使用的是 Apache web server.


安裝包 yum install -y openstack-dashboard

編輯配置文件

vi /etc/openstack-dashboard/local_settings //更改或增長

OPENSTACK_HOST = "controller"   #配置openstack服務dashboard,運行在控制節點
ALLOWED_HOSTS = ['*', ]         #容許任何主機訪問dashboard

#配置緩存會話存儲服務,注意:註釋掉其它session存儲配置

CACHES = {
    'default': {
         'BACKEND': 'django.core.cache.backends.locmem.LocMemCache',
         'LOCATION': '127.0.0.1:11211',
     }
}

OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_API_VERSIONS = {
"identity": 3,
"volume": 2,
}

TIME_ZONE = "Asia/Chongqing"  #時區

重啓服務  systemctl restart httpd.service memcached.service

此時能夠去訪問了 http://controller/dashboard   使用帳號admin或者demon用戶登錄便可,域爲default

wKioL1fmrziTRGWLAAEjQEJTd74188.png-wh_50

block storage又叫作cinder,用來給openstack提供存儲服務,好比咱們在阿里雲購買一臺雲主機,同時想購買容量大的磁盤,一般叫作雲盤,這個雲盤就是block storage。

建立庫並受權cinder用戶

mysql -uroot -proot

> CREATE DATABASE cinder;

> GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost'    IDENTIFIED BY 'cinder';

> GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%'    IDENTIFIED BY 'cinder';

MariaDB [(none)]> CREATE DATABASE cinder;
Query OK, 1 row affected (0.03 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost'    IDENTIFIED BY 'cinder';
Query OK, 0 rows affected (0.14 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%'    IDENTIFIED BY 'cinder';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]>


執行初始化腳本

source admin-openrc.sh

建立cinder用戶 (密碼爲cinderpasswd)

openstack user create --domain default --password-prompt cinder

[root@controller ~]# source admin-openrc.sh
[root@controller ~]# openstack user create --domain default --password-prompt cinder
User Password:
Repeat User Password:
+-----------+----------------------------------+
| Field     | Value                            |
+-----------+----------------------------------+
| domain_id | default                          |
| enabled   | True                             |
| id        | 97c646aaca35428b853cc7b2dba399c3 |
| name      | cinder                           |
+-----------+----------------------------------+
[root@controller ~]#

添加admin角色

openstack role add --project service --user cinder admin

[root@controller ~]# openstack role add --project service --user cinder admin
[root@controller ~]#

增長block storage - 前期準備 【控制節點】

建立cinder和cinderv2 實例

openstack service create --name cinder \

 --description "OpenStack Block Storage" volume


openstack service create --name cinderv2 \

 --description "OpenStack Block Storage" volumev2

[root@controller ~]# openstack role add --project service --user cinder admin
[root@controller ~]# openstack service create --name cinder \
>  --description "OpenStack Block Storage" volume
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Block Storage          |
| enabled     | True                             |
| id          | 41d1d66196044f4c99f1f5f9a6891d87 |
| name        | cinder                           |
| type        | volume                           |
+-------------+----------------------------------+
[root@controller ~]# openstack service create --name cinderv2 \
>  --description "OpenStack Block Storage" volumev2
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Block Storage          |
| enabled     | True                             |
| id          | 1041e0133be44321803302fd928b8d45 |
| name        | cinderv2                         |
| type        | volumev2                         |
+-------------+----------------------------------+
[root@controller ~]#

建立塊存儲服務api終端

openstack endpoint create --region RegionOne volume public http://controller:8776/v1/%\(tenant_id\)s

[root@controller ~]# openstack endpoint create --region RegionOne volume public http://controller:8776/v1/%\(tenant_id\)s
+--------------+-----------------------------------------+
| Field        | Value                                   |
+--------------+-----------------------------------------+
| enabled      | True                                    |
| id           | 096bdd462bd94a29899bdefeb0ed3734        |
| interface    | public                                  |
| region       | RegionOne                               |
| region_id    | RegionOne                               |
| service_id   | 41d1d66196044f4c99f1f5f9a6891d87        |
| service_name | cinder                                  |
| service_type | volume                                  |
| url          | http://controller:8776/v1/%(tenant_id)s |
+--------------+-----------------------------------------+
[root@controller ~]#

openstack endpoint create --region RegionOne volume internal http://controller:8776/v1/%\(tenant_id\)s

[root@controller ~]# openstack endpoint create --region RegionOne volume internal http://controller:8776/v1/%\(tenant_id\)s
+--------------+-----------------------------------------+
| Field        | Value                                   |
+--------------+-----------------------------------------+
| enabled      | True                                    |
| id           | 727676c160284e4ca653affaeb324c39        |
| interface    | internal                                |
| region       | RegionOne                               |
| region_id    | RegionOne                               |
| service_id   | 41d1d66196044f4c99f1f5f9a6891d87        |
| service_name | cinder                                  |
| service_type | volume                                  |
| url          | http://controller:8776/v1/%(tenant_id)s |
+--------------+-----------------------------------------+
[root@controller ~]#


openstack endpoint create --region RegionOne volume admin http://controller:8776/v1/%\(tenant_id\)s

[root@controller ~]# openstack endpoint create --region RegionOne volume admin http://controller:8776/v1/%\(tenant_id\)s
+--------------+-----------------------------------------+
| Field        | Value                                   |
+--------------+-----------------------------------------+
| enabled      | True                                    |
| id           | ea0c8d6c84bd43888ae842c4e2e57731        |
| interface    | admin                                   |
| region       | RegionOne                               |
| region_id    | RegionOne                               |
| service_id   | 41d1d66196044f4c99f1f5f9a6891d87        |
| service_name | cinder                                  |
| service_type | volume                                  |
| url          | http://controller:8776/v1/%(tenant_id)s |
+--------------+-----------------------------------------+
[root@controller ~]#


openstack endpoint create --region RegionOne volumev2 public http://controller:8776/v2/%\(tenant_id\)s

[root@controller ~]# openstack endpoint create --region RegionOne volumev2 public http://controller:8776/v2/%\(tenant_id\)s
+--------------+-----------------------------------------+
| Field        | Value                                   |
+--------------+-----------------------------------------+
| enabled      | True                                    |
| id           | 68201bbf68b542e4aeedab3164907ee4        |
| interface    | public                                  |
| region       | RegionOne                               |
| region_id    | RegionOne                               |
| service_id   | 1041e0133be44321803302fd928b8d45        |
| service_name | cinderv2                                |
| service_type | volumev2                                |
| url          | http://controller:8776/v2/%(tenant_id)s |
+--------------+-----------------------------------------+
[root@controller ~]#


openstack endpoint create --region RegionOne volumev2 internal http://controller:8776/v2/%\(tenant_id\)s

[root@controller ~]# openstack endpoint create --region RegionOne volumev2 internal http://controller:8776/v2/%\(tenant_id\)s
+--------------+-----------------------------------------+
| Field        | Value                                   |
+--------------+-----------------------------------------+
| enabled      | True                                    |
| id           | 52cb76c604d544f09ae99a5f0bb25ec9        |
| interface    | internal                                |
| region       | RegionOne                               |
| region_id    | RegionOne                               |
| service_id   | 1041e0133be44321803302fd928b8d45        |
| service_name | cinderv2                                |
| service_type | volumev2                                |
| url          | http://controller:8776/v2/%(tenant_id)s |
+--------------+-----------------------------------------+
[root@controller ~]#


openstack endpoint create --region RegionOne volumev2 admin http://controller:8776/v2/%\(tenant_id\)s

[root@controller ~]# openstack endpoint create --region RegionOne volumev2 admin http://controller:8776/v2/%\(tenant_id\)s
+--------------+-----------------------------------------+
| Field        | Value                                   |
+--------------+-----------------------------------------+
| enabled      | True                                    |
| id           | 6590ebabec184778ba818ffccd2efa45        |
| interface    | admin                                   |
| region       | RegionOne                               |
| region_id    | RegionOne                               |
| service_id   | 1041e0133be44321803302fd928b8d45        |
| service_name | cinderv2                                |
| service_type | volumev2                                |
| url          | http://controller:8776/v2/%(tenant_id)s |
+--------------+-----------------------------------------+
[root@controller ~]#


增長block storage - 安裝和配置【控制節點】


安裝包  yum install -y openstack-cinder python-cinderclient

編輯配置文件  vim /etc/cinder/cinder.conf  //更改或增長

[database]
connection = mysql://cinder:cinder@controller/cinder
[DEFAULT]
rpc_backend = rabbit
auth_strategy = keystone
my_ip = 192.168.100.20
verbose = True
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = cinder
password = cinderpasswd
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = openstackpasswd
[oslo_concurrency]
lock_path = /var/lib/cinder/tmp


同步數據  su -s /bin/sh -c "cinder-manage db sync" cinder


配置compute使用塊存儲

vi /etc/nova/nova.conf #增長如下配置

[cinder]
os_region_name=RegionOne


啓動服務

systemctl restart openstack-nova-api.service

systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service

systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service

[root@controller ~]# systemctl restart openstack-nova-api.service
[root@controller ~]# systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-cinder-api.service to /usr/lib/systemd/system/openstack-cinder-api.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-cinder-scheduler.service to /usr/lib/systemd/system/openstack-cinder-scheduler.service.
[root@controller ~]# systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service
[root@controller ~]#


增長block storage - 配置storage節點【計算節點】


咱們理應須要再準備一臺單獨的機器來作storage服務的,可是爲了節省資源,咱們就那compute節點和storage節點共用。這裏須要爲compute(storage)節點再增長一塊磁盤(/dev/sdb)做爲存儲磁盤。

安裝lvm 

yum install -y lvm2

啓動服務

systemctl enable lvm2-lvmetad.service

systemctl start lvm2-lvmetad.service


建立物理卷 pvcreate /dev/sdb

建立卷組  vgcreate cinder-volumes /dev/sdb

[root@compute ~]# pvcreate /dev/sdb
  Physical volume "/dev/sdb" successfully created
[root@compute ~]# vgcreate cinder-volumes /dev/sdb
  Volume group "cinder-volumes" successfully created
[root@compute ~]#

編輯配置文件   vi  /etc/lvm/lvm.conf

devices {
     filter = [ "a/sdb/", "r/.*/"]
說明: 若是還有第三塊磁盤,應該再加上
filter = [ "a/sda/", "a/sdb/", "r/.*/"]



增長block storage - 配置storage節點 (compute)

安裝包  yum install -y  openstack-cinder targetcli python-oslo-policy


編輯配置文件   vi /etc/cinder/cinder.conf

[DEFAULT]
rpc_backend = rabbit
auth_strategy = keystone
my_ip = 192.168.100.21
enabled_backends = lvm
glance_host = controller
verbose = True

[database]
connection = mysql://cinder:cinder@controller/cinder

[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = openstackpasswd

[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = cinder
password = cinderpasswd

[lvm]
volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver
volume_group = cinder-volumes
iscsi_protocol = iscsi
iscsi_helper = lioadm

[oslo_concurrency]
lock_path = /var/lib/cinder/tmp


增長block storage - 啓動和驗證 

啓動服務 (compute)

systemctl enable openstack-cinder-volume.service target.service

systemctl start openstack-cinder-volume.service target.service


驗證操做  (controller)

1. 執行初始化腳本

source admin-openrc.sh

2. 列出服務

cinder service-list

[root@controller ~]# source admin-openrc.sh
[root@controller ~]# cinder service-list
+------------------+-------------+------+---------+-------+----------------------------+-----------------+
|      Binary      |     Host    | Zone |  Status | State |         Updated_at         | Disabled Reason |
+------------------+-------------+------+---------+-------+----------------------------+-----------------+
| cinder-scheduler |  controller | nova | enabled |   up  | 2016-09-24T15:06:52.000000 |        -        |
|  cinder-volume   | compute@lvm | nova | enabled |   up  | 2016-09-24T15:06:51.000000 |        -        |
+------------------+-------------+------+---------+-------+----------------------------+-----------------+
[root@controller ~]#


至此全部節點基本安裝完成能夠建立實例

相關文章
相關標籤/搜索
每日一句
    每一个你不满意的现在,都有一个你没有努力的曾经。
本站公眾號
   歡迎關注本站公眾號,獲取更多信息
聯繫我們 最近搜索 最新文章 沪ICP备13005482号-10 MyBatis教程 SQL 教程 MySQL教程 Java 教程 Thymeleaf 教程 Hibernate教程 Spring教程 Redis教程