这里只用一台虚拟机
内存至少2G,添加两块网卡,添加至少30G的硬盘
域名解析
vim /etc/hosts
192.168.1.16 chen4
配置源
配置dns全局解释器:
vim /etc/resolv.conf
nameserver 192.168.254.251 #连接learn.yunwei.edu的内网
nameserver 223.5.5.5
wget http://download2.yunwei.edu/shell/yum-repo.sh
sh yum-repo.sh
之后下载openstack客户端
yum -y install python-openstackclient
如果失败
yum clean all
sh yum-repo.sh
yum makecache即可
之后安装openstack-selinux工具
yum -y install openstack-selinux
安装数据库;
yum -y install mariadb mariadb-server python2-PyMySQL
编辑配置文件
cd /etc/my.cnf.d/
touch openstack.cnf
vim /etc/my.cnf.d/openstack.cnf
[mysqld]
bind-address = 192.168.1.16 #这里可以填主机名或者ip
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
~
重启mariadb
systemctl start mariadb.service
并检查端口看是否存在
ss -ntl | grep 3306 或者 netstat -ntpl | grep 3306
设置mariadb密码
mysql_secure_installation
安装rabbitmq消息队列
yum -y install rabbitmq-server
systemctl enable rabbitmq-server.service
systemctl start rabbitmq-server.service
在rabbitmq中添加用户
rabbitmqctl add_user openstack admin
设置权限
rabbitmqctl set_permissions openstack “." ".” “.*”
安装memcached
yum -y install memcached python-memcached
编辑配置文件
vim /etc/sysconfig/memcached
PORT=“11211”
USER=“memcached”
MAXCONN=“1024”
CACHESIZE=“64”
OPTIONS="-l 127.0.0.1,::1,chen4"
systemctl start memcached.service
systemctl enable memcached.service
Identity service安装
mysql -uroot -p123
CREATE DATABASE keystone;
建立keystone用户与权限
GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@‘localhost’
IDENTIFIED BY ‘123’;
设置远程登录
GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@’%’
IDENTIFIED BY ‘123’;
下载keystone
yum -y install openstack-keystone httpd mod_wsgi
先备份配置文件
cp /etc/keystone/keystone.conf /etc/keystone/keystone.conf.bak
编辑配置文件,在database模块中添加
[database]
connection = mysql+pymysql://keystone:123@chen4/keystone
以及添加
[token]
provider = fernet
导入数据库
su -s /bin/sh -c “keystone-manage db_sync” keystone
mysql -ukeystone -p123
use keystone;
show tables;
+------------------------+
| access_token |
| assignment |
| config_register |
| consumer |
| credential |
| endpoint |
| endpoint_group |
| federated_user |
| federation_protocol |
| group |
| id_mapping |
| identity_provider |
| idp_remote_ids |
| implied_role |
| local_user |
| mapping |
| migrate_version |
| nonlocal_user |
| password |
| policy |
| policy_association |
| project |
| project_endpoint |
| project_endpoint_group |
| region |
| request_token |
| revocation_event |
| role |
| sensitive_config |
| service |
| service_provider |
| token |
| trust |
| trust_role |
| user |
| user_group_membership |
| user_option |
| whitelisted_config |
+------------------------+
38 rows in set (0.00 sec)
建立管理员的用户
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
设置keystone服务端点
keystone-manage bootstrap --bootstrap-password ADMIN_PASS \
--bootstrap-admin-url http://chen4:35357/v3/ \
--bootstrap-internal-url http://chen4:5000/v3/ \
--bootstrap-public-url http:///chen4:5000/v3/ \
--bootstrap-region-id RegionOne
链接keystone的配置文件
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/ #软链接
开启httpd服务
systemctl enable httpd.service
systemctl start httpd.service
httpd中写入服务器的地址
vim /etc//httpd/conf/httpd.conf #在ServerName模块下写入
ServerName chen4
systemctl restart httpd
宣告环境变量
vim openrc
export OS_USERNAME=admin
export OS_PASSWORD=ADMIN_PASS
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://chen4:35357/v3
export OS_IDENTITY_API_VERSION=3
source openrc
显示如下则为成功
[root@chen4 ~]# openstack user list
+----------------------------------+-------+
| ID | Name |
+----------------------------------+-------+
| 290af60996dc42c4aff3c1c4a5433c16 | admin |
+----------------------------------+-------+
[root@chen4 ~]# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+------------------------+
| ID | Region | Service Name | Service Type | Enabled | Interface | URL |
+----------------------------------+-----------+--------------+--------------+---------+-----------+------------------------+
| 3f37d80fc61e41ef8f610a9571f145fd | RegionOne | keystone | identity | True | internal | http://chen4:5000/v3/ |
| cc6fc08b71fe4450b76cdab76a41c0cf | RegionOne | keystone | identity | True | public | http:///chen4:5000/v3/ |
| e1dc1d5dfb3a459d805e5137726b756c | RegionOne | keystone | identity | True | admin | http://chen4:35357/v3/ |
+----------------------------------+-----------+--------------+--------------+---------+-----------+------------------------+
创建名为service的项目
openstack project create --domain default
–description “Service Project” service
[root@chen1 ~]# openstack project create --domain default \
> --description "Service Project" service
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Service Project |
| domain_id | default |
| enabled | True |
| id | 15ad305f9125492bbd297d41d7649869 |
| is_domain | False |
| name | service |
| parent_id | default |
+-------------+----------------------------------+
创建demo项目
openstack project create --domain default
–description “Demo Project” demo
[root@chen1 ~]# openstack project create --domain default \
> --description "Demo Project" demo
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Demo Project |
| domain_id | default |
| enabled | True |
| id | 10a80feb059a4bd9a88413b003d14376 |
| is_domain | False |
| name | demo |
| parent_id | default |
+-------------+----------------------------------+
创建demo项目的用户,并设置为管理员
openstack user create --domain default
–password=demo demo
[root@chen1 ~]# openstack user create --domain default --password=demo demo
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 18a2ad59a7a44791bc09cad8640eb1e6 |
| name | demo |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
创建用户user的角色
openstack role create user
[root@chen1 ~]# openstack role create user
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | None |
| id | 44e19538591641b795498cebad352b4d |
| name | user |
+-----------+----------------------------------+
在项目demo中添加角色,并设为普通
openstack role add --project demo --user demo user