私有云搭建 OpenStack(centos7.3, centos-release-openstack-liberty) (上篇)
环境准备
hostname:linux-node1.oldboyedu.com
计算节点:
hostname:linux-node2.oldboyedu.com
ip地址:192.168.1.32
vi /etc/sysconfig/network-scripts/ifcfg-ens33
BOOTPROTO=static
DEVICE=ens33
NM_CONTROLLLER=yes
NETMASK=255.255.255.0
重启网卡使设置生效
nmcli connection up ens33
修改主机名
需要修改两处:一处是/etc/hostname,另一处是/etc/hosts
[root@localhost ~]# vi /etc/hostname
linux-node1
[root@localhost ~]# systemctlrestart NetworkManager
linux-node1
[root@localhost ~]# vi /etc/hosts
192.168.1.31 linux-node1 linux-node1.oldboyedu.com
192.168.1.32 linux-node2 linux-node2.oldboyedu.com
将上面两个文件修改完后,并不能立刻生效。如果要立刻生效的话,可以用 hostname your-hostname 作临时修改,它只是临时地修改主机名,系统重启后会恢复原样的。
[root@linux-node1 ~]# vi/etc/resolv.conf
vi /etc/resolv.conf
nameserver 223.6.6.6
安装时间同步
[root@localhost ~]# vi /etc/chrony.conf
[root@localhost ~]# systemctl enablechronyd.service
启动chronyd
[root@localhost ~]#systemctlstart chronyd.service
[root@localhost ~]#timedatectl set-timezone Asia/Shanghai
Thu Nov 2 16:23:07 CST 2017
关闭 selinux(centos7.3需要改2个地方/etc/sysconfig/selinux和/etc/selinux/config )
sed -i ‘s#SELINUX=enforcing#SELINUX=disabled#g‘/etc/sysconfig/selinux
sed -i‘s#SELINUX=enforcing#SELINUX=disabled#g‘ /etc/selinux/config
setenforce 0
getenforce可查看selinux的状态
关闭 iptables
systemctl stop firewalld.service
systemctl disable firewalld.service
[root@localhost ~]# cat /etc/redhat-release
CentOS Linux release 7.3.1611 (Core)
[root@localhost ~]# yum update -y
[root@localhost ~]#yum install centos-release-openstack-liberty -y
Loaded plugins: fastestmirror
epel/x86_64/metalink | 6.1 kB 00:00
epel | 4.3 kB 00:00
(1/3): epel/x86_64/group_gz | 261 kB 00:00
(2/3): epel/x86_64/updateinfo | 842 kB 00:01
(3/3): epel/x86_64/primary_db | 6.1 MB 00:04
Loading mirror speeds from cached hostfile
*base: mirrors.163.com
*epel: mirrors.ustc.edu.cn
*extras: mirrors.cn99.com
*updates: mirrors.163.com
No package centos-release-openstack-libertyavailable.
Error: Nothing to do
解决:
http://dl.fedoraproject.org/pub/epel/7/x86_64/Packages/e/epel-release-7-11.noarch.rpm
[root@linux-node1 ~]#rpm -ivhepel-release-7-11.noarch.rpm
/etc/yum.repos.d/下生成epel-testing.repo和epel.repo
https://buildlogs.centos.org/centos/7/cloud/x86_64/openstack-liberty/centos-release-openstack-liberty-1-3.el7.noarch.rpm
[root@linux-node1 ~]# rpm -ivhcentos-release-openstack-liberty-1-3.el7.noarch.rpm
/etc/yum.repos.d/下生成CentOS-OpenStack-liberty.repo
[root@linux-node1 ~]# yum clean all
[root@linux-node1 ~]# yum clean metadata
[root@localhost ~]# yum install python-openstackclient -y
[root@localhost yum.repos.d]#yum install mariadbmariadb-server MySQL-python -y
[root@localhost yum.repos.d]# cp /usr/share/mariadb/my-medium.cnf /etc/my.cnf
[root@localhostyum.repos.d]# vi /etc/my.cnf
default-storage-engine =innodb
innodb_file_per_table
collation-server = utf8_general_ci
init-connect = ‘SET NAMES utf8‘
character-set-server = utf8
[root@localhostyum.repos.d]# systemctl enable mariadb.service
Created symlink from/etc/systemd/system/multi-user.target.wants/mariadb.service to/usr/lib/systemd/system/mariadb.service.
[root@localhostyum.repos.d]#systemctlstart mariadb.service
[root@localhostyum.repos.d]# mysql_secure_installation (一路 y 回车) (设置mysql的密码123456)
[root@localhostyum.repos.d]# mysql-uroot -p123456
GRANT ALL PRIVILEGES ONkeystone.* TO ‘keystone‘@‘localhost‘ IDENTIFIED BY ‘keystone‘;
GRANT ALL PRIVILEGES ONkeystone.* TO ‘keystone‘@‘%‘ IDENTIFIED BY ‘keystone‘;
GRANT ALL PRIVILEGES ONglance.* TO ‘glance‘@‘localhost‘ IDENTIFIED BY ‘glance‘;
GRANT ALL PRIVILEGES ONglance.* TO ‘glance‘@‘%‘ IDENTIFIED BY ‘glance‘;
CREATE DATABASE nova;
GRANT ALL PRIVILEGES ONnova.* TO ‘nova‘@‘localhost‘ IDENTIFIED BY ‘nova‘;
GRANT ALL PRIVILEGES ONnova.* TO ‘nova‘@‘%‘ IDENTIFIED BY ‘nova‘;
CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ONneutron.* TO ‘neutron‘@‘localhost‘ IDENTIFIED BY ‘neutron‘;
GRANT ALL PRIVILEGES ONneutron.* TO ‘neutron‘@‘%‘ IDENTIFIED BY ‘neutron‘;
GRANT ALL PRIVILEGES ONcinder.* TO ‘cinder‘@‘localhost‘ IDENTIFIED BY ‘cinder‘;
GRANT ALL PRIVILEGES ONcinder.* TO ‘cinder‘@‘%‘ IDENTIFIED BY ‘cinder‘;
安装RabbitMQ
[root@localhost ~]#yum install rabbitmq-server-y
[root@localhost ~]# systemctl enable rabbitmq-server.service
Createdsymlink from/etc/systemd/system/multi-user.target.wants/rabbitmq-server.service to/usr/lib/systemd/system/rabbitmq-server.service.
[root@localhost~]#systemctl start rabbitmq-server.service
[root@localhost~]# netstat-ntlp
5672是rabbitmq端口号
新建Rabbitmq用户并授权
[root@localhost~]# rabbitmqctl add_user openstack openstack
Creatinguser "openstack" ...
[root@localhost~]#rabbitmqctl set_permissions openstack".*" ".*" ".*"
Settingpermissions for user "openstack" in vhost "/" ...
启用Rabbitmq的web管理插件
[root@localhost~]#rabbitmq-plugins list
[root@localhost~]# rabbitmq-pluginsenable rabbitmq_management
Thefollowing plugins have been enabled:
mochiweb
webmachine
rabbitmq_web_dispatch
amqp_client
rabbitmq_management_agent
rabbitmq_management
Applyingplugin configuration to rabbit@localhost... started 6 plugins.
重启Rabbitmq
[root@localhost~]#systemctl restart rabbitmq-server.service
查看Rabbit的端口,其中5672是服务端口,15672是web管理端口,25672是做集群的端口
[root@localhost~]# netstat-lntup |grep 5672
tcp 0 0 0.0.0.0:15672 0.0.0.0:* LISTEN 6984/beam
tcp 0 0 0.0.0.0:25672 0.0.0.0:* LISTEN 6984/beam
tcp6 0 0 :::5672 :::* LISTEN 6984/beam
登陆http://192.168.1.31:15672 (用户名:guest密码:guest)
http://192.168.1.31:15672/#/users
点update this user
密码中输入:openstack,Tags: administrator
再登陆http://192.168.1.31:15672(用户名:openstack密码:openstack)
现在已经有了2个用户可以登陆
若想要监控Rabbit,即可使用下图中的API