Centos 7 搭建OpenStack 私有云——（1）基礎環境配置

1.簡介：

    OpenStack是一個由NASA（美國國家航空航天局）和Rackspace合做研發併發起的，以Apache許可證受權的自由軟件和開放源代碼項目。
　 OpenStack是一個開源的雲計算管理平臺項目，由幾個主要的組件組合起來完成具體工做。OpenStack支持幾乎全部類型的雲環境，項目目標是提供實施簡單、可大規模擴展、豐富、標準統一的雲計算管理平臺。OpenStack經過各類互補的服務提供了基礎設施即服務（IaaS）的解決方案，每一個服務提供API以進行集成。

2.環境準備：

openstack-node1 172.30.10.9
openstack-node2 172.30.10.11

域名解析:
/etc/hosts
172.30.10.9 openstack-node1
172.30.10.11 openstack-node2

關閉selinux：
vi /etc/sysconfig/selinux
SELINUX=disabled

setenforce 0

關閉iptables：
systemctl stop firewalld.service
systemctl disable firewalld.service

3.安裝配置OpenStack：

3.1 安裝軟件包

openstack-node1

*****************************************************************************************

# Base
yum install -y http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-9.noarch.rpm
yum install -y centos-release-openstack-liberty
yum install -y python-openstackclient

# Mysql
# 在Centos7中mysql更名爲mariadb
yum install -y mariadb mariadb-server MySQL-python

# RabbitMQ
yum install -y rabbitmq-server

# Keystone
yum install -y openstack-keystone httpd mod_wsgi memcached python-memcached

# Glance
yum install -y openstack-glance python-glance python-glanceclient

# Nova
yum install -y openstack-nova-api openstack-nova-cert openstack-nova-conductor openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler python-novaclient

# Neutron
yum install -y openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge python-neutronclient ebtables ipset

# Dashboard
yum install -y openstack-dashboard

# Cinder
yum install -y openstack-cinder python-cinderclient

openstack-node2

*****************************************************************************************

# Base
yum install -y http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-9.noarch.rpm
yum install centos-release-openstack-liberty
yum install python-openstackclient
		
# Nova 
yum install -y openstack-nova-compute sysfsutils
		
# Neutron 
yum install -y openstack-neutron openstack-neutron-linuxbridge ebtables ipset
		
# Cinder
yum install -y openstack-cinder python-cinderclient targetcli python-oslo-policy

3.2 時間同步

在openstack-node1上配置：（centos7用chrony，centos6用ntp）

# 安裝chrony
[root@openstack-node1 ~]#yum install -y chrony
		
# 配置chrony
[root@openstack-node1 ~]#vi /etc/chrony.conf
# 容許哪些服務器和本身同步
allow 172.30/16 
		
# 設置服務開機啓動
[root@openstack-node1 ~]#systemctl enable chronyd.service
[root@openstack-node1 ~]#systemctl start chronyd.service
[root@openstack-node1 ~]#timedatectl set-timezone Asia/Shanghai
[root@openstack-node1 ~]#timedatectl status

在openstack-node2上配置：

# 安裝chrony
[root@openstack-node2 ~]#yum install -y chrony
		
# 配置chrony
[root@openstack-node2 ~]#vi /etc/chrony.conf
#只保留一行
server 172.30.10.9 iburst 
		
# 設置服務開機啓動
[root@openstack-node2 ~]#systemctl enable chronyd.service
[root@openstack-node2 ~]#systemctl start chronyd.service
[root@openstack-node2 ~]#timedatectl set-timezone Asia/Shanghai
[root@openstack-node2 ~]#chronyc sources

3.3 配置mysql

修改配置文件，並初始化mysql

[root@openstack-node1 ~]#cp /usr/share/mariadb/my-medium.cnf /etc/my.cnf
[root@openstack-node1 ~]#vi /etc/my.cnf
# 在[mysqld]下添加下面的參數
[mysqld]
default-storage-engine = innodb
innodb_file_per_table
collation-server = utf8_general_ci
init-connect = 'SET NAMES utf8'
character-set-server = utf8

# 設置開機啓動
[root@openstack-node1 ~]#systemctl enable mariadb.service
[root@openstack-node1 ~]#ln -s '/usr/lib/systemd/system/mariadb.service' '/etc/systemd/system/multi-user.target.wants/mariadb.service'

# 初始化數據庫
[root@openstack-node1 ~]#mysql_install_db --datadir="/var/lib/mysql" --user="mysql"
# 啓動mysql
[root@openstack-node1 ~]#systemctl start mariadb.service
# 設置密碼及初始化
[root@openstack-node1 ~]#mysql_secure_installation

建立數據庫

[root@openstack-node1 ~]#mysql -u root -p
# 建立keystone庫，並受權
MariaDB [(none)]> create database keystone;
MariaDB [(none)]> grant all privileges on keystone.* to 'keystone'@'172.30.10.9' identified by 'keystone'；
MariaDB [(none)]> grant all privileges on keystone.* to 'keystone'@'%' identified by 'keystone';
	
# 建立glance庫，並受權
MariaDB [(none)]> create database glance;
MariaDB [(none)]> grant all privileges on glance.* to 'glance'@'172.30.10.9' identified by 'glance';  
MariaDB [(none)]> grant all privileges on glance.* to 'glance'@'%' identified by 'glance';
	
# 建立nova庫，並受權 
MariaDB [(none)]> create database nova; 
MariaDB [(none)]> grant all privileges on nova.* to 'nova'@'%' identified by 'nova';
MariaDB [(none)]> grant all privileges on nova.* to 'nova'@'172.30.10.9' identified by 'nova';
	
# 建立neutron庫，並受權
MariaDB [(none)]> create database neutron;
MariaDB [(none)]> grant all privileges on neutron.* to 'neutron'@'172.30.10.9' identified by 'neutron';
MariaDB [(none)]> grant all privileges on neutron.* to 'neutron'@'%' identified by 'neutron';

# 建立cinder庫，並受權
MariaDB [(none)]> create database cinder;
MariaDB [(none)]> grant all privileges on cinder.* to 'cinder'@'%' identified by 'cinder';
MariaDB [(none)]> grant all privileges on cinder.* to 'cinder'@'172.30.10.9' identified by 'cinder';

# 刷新數據庫
MariaDB [(none)]> flush privileges;
# 查看數據庫列表  
MariaDB [(none)]> show databases;
+--------------------+
| Database           |
+--------------------+
| cinder             |
| glance             |
| information_schema |
| keystone           |
| mysql              |
| neutron            |
| nova               |
| performance_schema |
+--------------------+
8 rows in set (0.00 sec)

3.4 安裝配置rabbitmq

MQ 全稱 Message Queue，消息隊列（MQ）是一種應用程序對應用程序的通訊方法。應用程序經過讀寫出入隊列的消息（針對應用程序的數據）來通訊，而無需專用鏈接來連接它們。消息傳遞指的是程序之間經過在消息中發送數據進行通訊，而不是經過直接調用彼此來通訊，直接調用一般是用於諸如遠程過程調用的技術。排隊指的是應用程序經過隊列來通訊。隊列的使用出去了接收和發送應用程序同時執行的要求。RabbitMQ是一個在AMQP基礎上完整的，可複用的企業消息系統。他遵循Mozilla Public License開源協議。

啓動rabbitmq，端口5672，添加openstack用戶

# 啓動rabbitmq，端口5672，添加openstack用戶
[root@openstack-node1 lib]# systemctl enable rabbitmq-server.service
Created symlink from /etc/systemd/system/multi-user.target.wants/rabbitmq-server.service to /usr/lib/systemd/system/rabbitmq-server.service.
[root@openstack-node1 lib]# ln -s '/usr/lib/systemd/system/rabbitmq-server.service''/etc/systemd/system/multi-user.target.wants/rabbitmq-server.service'
[root@openstack-node1 lib]# systemctl start rabbitmq-server.service 

# 添加用戶名和密碼
[root@openstack-node1 lib]# rabbitmqctl add_user openstack openstack
Creating user "openstack" ...
# 容許openstack用戶配置、寫、讀訪問
[root@openstack-node1 lib]# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
Setting permissions for user "openstack" in vhost "/" ...

# 查看支持的插件
[root@openstack-node1 lib]# rabbitmq-plugins list
 Configured: E = explicitly enabled; e = implicitly enabled
 | Status:   * = running on rabbit@openstack-node1
 |/
[  ] amqp_client                       3.6.5
[  ] cowboy                            1.0.3
[  ] cowlib                            1.0.1
[  ] mochiweb                          2.13.1
[  ] rabbitmq_amqp1_0                  3.6.5
[  ] rabbitmq_auth_backend_ldap        3.6.5
[  ] rabbitmq_auth_mechanism_ssl       3.6.5
[  ] rabbitmq_consistent_hash_exchange 3.6.5
[  ] rabbitmq_event_exchange           3.6.5
[  ] rabbitmq_federation               3.6.5
[  ] rabbitmq_federation_management    3.6.5
[  ] rabbitmq_jms_topic_exchange       3.6.5
[  ] rabbitmq_management               3.6.5
[  ] rabbitmq_management_agent         3.6.5
[  ] rabbitmq_management_visualiser    3.6.5
[  ] rabbitmq_mqtt                     3.6.5
[  ] rabbitmq_recent_history_exchange  1.2.1
[  ] rabbitmq_sharding                 0.1.0
[  ] rabbitmq_shovel                   3.6.5
[  ] rabbitmq_shovel_management        3.6.5
[  ] rabbitmq_stomp                    3.6.5
[  ] rabbitmq_top                      3.6.5
[  ] rabbitmq_tracing                  3.6.5
[  ] rabbitmq_trust_store              3.6.5
[  ] rabbitmq_web_dispatch             3.6.5
[  ] rabbitmq_web_stomp                3.6.5
[  ] rabbitmq_web_stomp_examples       3.6.5
[  ] sockjs                            0.3.4
[  ] webmachine                        1.10.3

# 使用此插件實現web管理
[root@openstack-node1 lib]# rabbitmq-plugins enable rabbitmq_management
The following plugins have been enabled:
  mochiweb
  webmachine
  rabbitmq_web_dispatch
  amqp_client
  rabbitmq_management_agent
  rabbitmq_management
Applying plugin configuration to rabbit@openstack-node1... started 6 plugins.

# 重啓rabbitmq服務
[root@openstack-node1 lib]# systemctl restart rabbitmq-server.service
[root@openstack-node1 lib]# lsof -i:15672
COMMAND   PID     USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
beam    33692 rabbitmq   49u  IPv4  80606      0t0  TCP *:15672 (LISTEN)

訪問rabbitMQ，訪問地址http://172.30.10.9:15672 默認用戶名密碼都是guest
1.點擊Admin，建立openstack用戶密碼
2.點擊用戶名openstack，在「Update this user」菜單中輸入密碼及標籤（administrator）
3.登出當前用戶，使用openstack登陸，測試是否建立成功

* 如何使用zabbix監控，能夠點擊左下角HTTP API的介紹

到這全部基礎環境的配置就算完成了，接下來開始安裝openstack組件。