先电云计算基础架构服务平台用户手册XianDianiaasv21Word文档格式.docx
《先电云计算基础架构服务平台用户手册XianDianiaasv21Word文档格式.docx》由会员分享,可在线阅读,更多相关《先电云计算基础架构服务平台用户手册XianDianiaasv21Word文档格式.docx(68页珍藏版)》请在冰豆网上搜索。
[root@compute~]#mkfs.xfs/dev/md126p5
1.2配置网络、主机名
修改和添加/etc/sysconfig/network-scripts/ifcfg-enp*(具体的网口)文件。
(1)controller节点
配置网络:
enp8s0:
192.168.100.10
DEVICE=enp8s0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.100.10
PREFIX=24
GATEWAY=192.168.100.1
enp9s0:
192.168.200.10
DEVICE=enp9s0
IPADDR=192.168.200.10
配置主机名:
重启网卡命令servicenetworkrestart
#hostnamectlset-hostnamecontroller
按ctrl+d退出重新登陆
(2)compute节点
192.168.100.20
IPADDR=192.168.100.20
192.168.200.20
IPADDR=192.168.200.20
#hostnamectlset-hostnamecompute
1.3配置yum源
#Controller和compute节点
(1)yum源备份
#mv/etc/yum.repos.d/*/opt/
(2)创建repo文件
【controller】
在/etc/yum.repos.d创建centos.repo源文件
[centos]
name=centos
baseurl=file:
///opt/centos
gpgcheck=0
enabled=1
[iaas]
name=iaas
///opt/iaas-repo
【compute】
baseurl=ftp:
//192.168.100.10/centos
//192.168.100.10/iaas-repo
(3)挂载iso文件
【挂载CentOS-7-x86_64-DVD-1511.iso】
[root@controller~]#mount-oloopCentOS-7-x86_64-DVD-1511.iso/mnt/
[root@controller~]#mkdir/opt/centos
[root@controller~]#cp-rvf/mnt/*/opt/centos/
[root@controller~]#umount/mnt/
【挂载XianDian-IaaS-v2.0-1228.iso】
[root@controller~]#mount-oloopXianDian-IaaS-v2.0-1228.iso/mnt/
[root@controller~]#cp-rvf/mnt/*/opt/
(4)搭建ftp服务器,开启并设置自启
[root@controller~]#yuminstallvsftpd–y
[root@controller~]#vi/etc/vsftpd/vsftpd.conf
添加anon_root=/opt/
保存退出
[root@controller~]#systemctlstartvsftpd
[root@controller~]#systemctlenablevsftpd
(5)关闭防火墙并设置开机不自启
【controller/compute】
systemctlstopfirewalld
systemctldisablefirewalld
(6)清除缓存,验证yum源
#yumcleanall
#yumlist
1.4编辑环境变量
#controller和compute节点
#yuminstalliaas-xiandian-y
编辑文件/etc/xiandian/openrc.sh,此文件是安装过程中的各项参数,根据每项参数上一行的说明及服务器实际情况进行配置。
HOST_IP=192.168.100.10
HOST_NAME=controller
HOST_IP_NODE=192.168.100.20
HOST_NAME_NODE=compute
RABBIT_USER=openstack
RABBIT_PASS=000000
DB_PASS=000000
DOMAIN_NAME=demo(自定义)
ADMIN_PASS=000000
DEMO_PASS=000000
KEYSTONE_DBPASS=000000
GLANCE_DBPASS=000000
GLANCE_PASS=000000
NOVA_DBPASS=000000
NOVA_PASS=000000
NEUTRON_DBPASS=000000
NEUTRON_PASS=000000
METADATA_SECRET=000000
INTERFACE_NAME=enp9s0(外网网卡名)
CINDER_DBPASS=000000
CINDER_PASS=000000
TROVE_DBPASS=000000
TROVE_PASS=000000
BLOCK_DISK=md126p4(空白分区名)
SWIFT_PASS=000000
OBJECT_DISK=md126p5(空白分区名)
STORAGE_LOCAL_NET_IP=192.168.100.20
HEAT_DBPASS=000000
HEAT_PASS=000000
CEILOMETER_DBPASS=000000
CEILOMETER_PASS=000000
AODH_DBPASS=000000
AODH_PASS=000000
1.5通过脚本安装服务
1.6-1.9的基础配置操作命令已经编写成shell脚本,通过脚本进行一键安装。
如下:
#Controller节点和Compute节点
执行脚本iaas-pre-host.sh进行安装
#安装完成后同时重启
[root@controller~]#reboot
1.6安装Openstack包
#yum-yinstallopenstack-utilsopenstack-selinuxpython-openstackclient
#yumupgrade
1.7配置域名解析
修改/etc/hosts添加一下内容
(1)controller节点
20.0.0.10controller
20.0.0.20compute
1.8配置防火墙和Selinux
编辑selinux文件
#vi/etc/selinux/config
SELINUX=permissive
关闭防火墙并设置开机不自启
#systemctlstopfirewalld.service
#systemctldisablefirewalld.service
#yumremove-yNetworkManagerfirewalld
#yum-yinstalliptables-services
#systemctlenableiptables
#systemctlrestartiptables
#iptables-F
#iptables-X
#serviceiptablessave
1.9安装ntp服务
(1)controller和compute节点
#yum-yinstallntp
(2)配置controller节点
编辑/etc/ntp.conf文件
添加以下内容(删除默认sever规则)
server127.127.1.0
fudge127.127.1.0stratum10
启动ntp服务器
#servicentpdstart
#chkconfigntpdon
(3)配置compute节点
#ntpdatecontroller
#chkconfigntpdateon
1.10通过脚本安装服务
1.11-1.14基础服务的操作命令已经编写成shell脚本,通过脚本进行一键安装。
#Controller节点
执行脚本iaas-install-mysql.sh进行安装
1.11安装Mysql数据库服务
#yuminstallmysqlmysql-serverMySQL-python
修改/etc/f文件[mysqld]中添加
max_connections=10000
default-storage-engine=innodb
innodb_file_per_table
collation-server=utf8_general_ci
init-connect='
SETNAMESutf8'
character-set-server=utf8
启动服务
#systemctlenablemariadb.service
#systemctlstartmariadb.service
配置Mysql
#mysql_secure_installation
修改/usr/lib/systemd/system/mariadb.service
[Service]
新添加两行如下参数:
LimitNOFILE=10000
LimitNPROC=10000
重新加载系统服务,并重启mariadb服务
#systemctldaemon-reload
#servicemariadbrestart
按enter确认后设置数据库root密码
Removeanonymoususers?
[Y/n]y
Disallowrootloginremotely?
[Y/n]n
Removetestdatabaseandaccesstoit?
Reloadprivilegetablesnow?
(2)compute节点
#yum-yinstallMySQL-python
1.12安装Mongo数据库服务
#yuminstall-ymongodb-servermongodb
编辑/etc/mongod.conf文件
删除bind_ip行
修改smallfiles=true
#systemctlenablemongod.service
#systemctlstartmongod.service
1.13安装RabbitMQ服务
#yuminstall-yrabbitmq-server
systemctlenablerabbitmq-server.service
systemctlrestartrabbitmq-server.service
rabbitmqctladd_useropenstack000000
rabbitmqctlset_permissionsopenstack"
.*"
"
1.14安装memcahce
#yuminstallmemcachedpython-memcached
systemctlenablememcached.service
systemctlrestartmemcached.service
2安装Keystone认证服务
#Controller
2.1通过脚本安装keystone服务
2.2-2.9的认证服务的操作命令已经编写成shell脚本,通过脚本进行一键安装。
执行脚本iaas-install-keystone.sh进行安装。
2.2安装keystone服务软件包
yuminstall-yopenstack-keystonehttpdmod_wsgi
2.3创建Keystone数据库
#mysql–uroot-p(此处数据库密码为之前安装Mysql设置的密码)
mysql>
CREATEDATABASEkeystone;
GRANTALLPRIVILEGESONkeystone.*TO'
keystone'
@'
localhost'
IDENTIFIEDBY'
KEYSTONE_DBPASS'
;
%'
exit
2.4配置数据库连接
#openstack-config--set/etc/keystone/keystone.confdatabaseconnectionmysql+pymysql:
//keystone:
KEYSTONE_DBPASS@controller/keystone
2.5为keystone服务创建数据库表
#su-s/bin/sh-c"
keystone-managedb_sync"
keystone
2.6创建令牌
#ADMIN_TOKEN=$(opensslrand-hex10)
#openstack-config--set/etc/keystone/keystone.confDEFAULTadmin_token$ADMIN_TOKEN
#openstack-config--set/etc/keystone/keystone.conftokenproviderfernet
2.7创建签名密钥和证书
#keystone-managefernet_setup--keystone-userkeystone--keystone-groupkeystone
修改/etc/httpd/conf/httpd.conf配置文件将ServerName:
80替换为ServerNamecontroller
创建/etc/httpd/conf.d/wsgi-keystone.conf文件,内容如下:
Listen5000
Listen35357
<
VirtualHost*:
5000>
WSGIDaemonProcesskeystone-publicprocesses=5threads=1user=keystonegroup=keystonedisplay-name=%{GROUP}
WSGIProcessGroupkeystone-public
WSGIScriptAlias//usr/bin/keystone-wsgi-public
WSGIApplicationGroup%{GLOBAL}
WSGIPassAuthorizationOn
ErrorLogFormat"
%{cu}t%M"
ErrorLog/var/log/httpd/keystone-error.log
CustomLog/var/log/httpd/keystone-access.logcombined
<
Directory/usr/bin>
Requireallgranted
/Directory>
/VirtualHost>
35357>
WSGIDaemonProcesskeystone-adminprocesses=5threads=1user=keystonegroup=keystonedisplay-name=%{GROUP}
WSGIProcessGroupkeystone-admin
WSGIScriptAlias//usr/bin/keystone-wsgi-admin
#systemctlenablehttpd.service
#systemctlstarthttpd.service
2.8定义用户、租户和角色
(1)设置环境变量
exportOS_TOKEN=$ADMIN_TOKEN
exportOS_URL=http:
//controller:
35357/v3
exportOS_IDENTITY_API_VERSION=3
(2)创建keystone相关内容
openstackservicecreate--namekeystone--description"
OpenStackIdentity"
identity
openstackendpointcreate--regionRegionOneidentitypublichttp:
5000/v3
openstackendpointcreate--regionRegionOneidentityinternalhttp:
5000/v3
openstackendpointcreate--regionRegionOneidentityadminhttp:
openstackdomaincreate--description"
DefaultDomain"
default
openstackprojectcreate--domaindefault--description"
AdminProject"
admin
openstackusercreate--domaindefault--password000000admin
openstackrolecreateadmin
openstackroleadd--projectadmin--useradminadmin
ServiceProject"
service
DemoProject"
demo
openstackusercreate--domaindefault--password000000demo
openstackrolecreateuser
openstackroleadd--projectdemo--userdemouser
(3)清除环境变量
#unsetOS_TOKENOS_URL
2.9创建admin-openrc.sh
创建admin环境变量admin-openrc.sh
exportOS_PROJECT_DOMAIN_NAME=default
exportOS_USER_DOMAIN_NAME=default
exportOS_PROJECT_NAME=admin
exportOS_US