目录
一.部署OpenStack源
场景分析
- 由于OpenStack现在搭建环境,对于硬件网络要求比较高,所以我们进行YUM源的本地化
- 我们依赖于阿里云的OpenStack生产环境专用yum源仓库
环境需求
| 角色(CentOS7.6虚拟机) | CPU | 内存 | 网卡 |
| 本地源 | 双核双线程 | 8G | NAT:192.168.43.103/24 仅主机:192.168.100.10/24 |
| 客户端 | 单核单线程 | 1G | 仅主机:192.168.100.20/24 |
部署本地源
- 编辑网卡,磁盘(在此不细述),关闭防火墙和SElinux功能
systemctl stop firewalld
setenforce 0
- 备份系统自带的yum源(依据生产环境来)
cd /etc/yum.repos.d/
mkdir backup ##创建备份目录
mv * ./backup ##将本地源放入backup目录中-
上传源文件,可至阿里云下载
[root@localhost yum.repos.d]# ll
总用量 28
drwxr-xr-x. 2 root root 4096 2月 19 14:51 backup
-rw-r--r--. 1 root root 2523 2月 19 14:51 CentOS-Base.repo
-rw-r--r--. 1 root root 612 2月 19 14:51 CentOS-QEMU-EV.repo
-rw-r--r--. 1 root root 353 2月 19 14:51 CentOS-Storage-common.repo
-rw-r--r--. 1 root root 664 2月 19 14:51 epel.repo
-rw-r--r--. 1 root root 105 2月 19 14:51 nginx.repo
-rw-r--r--. 1 root root 570 2月 19 14:51 openstack.repo
[root@localhost yum.repos.d]#
-
检查阿里云源是否正常
[root@localhost ~]# yum repolist
已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* centos-qemu-ev: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
源标识 源名称 状态
!base/7/x86_64 CentOS-7 - Base - mirrors.aliyun.com 10,097
!centos-qemu-ev/7/x86_64 CentOS-7 - QEMU EV 87
!epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64 13,188
!extras/7/x86_64 CentOS-7 - Extras - mirrors.aliyun.com 323
!nginx/7/x86_64 nginx 172
!openstack-queens openstack-queens 3,095
!openstack-rocky openstack-rocky 2,577
!openstack-stein openstack-stein 2,355
!openstack-train openstack-train 2,181
!updates/7/x86_64 CentOS-7 - Updates - mirrors.aliyun.com 1,458
repolist: 35,533
[root@localhost ~]#
-
安装相关软件包
[root@localhost ~]# yum install -y wget make cmake \
gcc gcc-c++ pcre-devel zlib-devel \
openssl openssl-devel createrepo yum-utils
##wget用来下载包的工具
##yum-utils作为reposync的同步工具
##createrepo,编辑yum库工具,创建依赖关系,更新源数据
##plugin-priorities,控制yum源更新优先级工具,这个工具可以用来控制进行yum源
检索的先后顺序-
将源中的数据包,下载到本地数据盘中的目录中(本数据包较大,时间较长)
[root@localhost ~]# reposync -p /data
[root@localhost ~]# cd /data
[root@localhost data]# ll
总用量 808
drwxr-xr-x. 4 root root 38 2月 19 18:21 base
drwxr-xr-x. 3 root root 8192 2月 19 18:27 centos-qemu-ev
drwxr-xr-x. 4 root root 38 2月 19 18:23 epel
drwxr-xr-x. 4 root root 38 2月 19 18:21 extras
drwxr-xr-x. 4 root root 34 2月 19 18:28 nginx
drwxr-xr-x. 3 root root 192512 2月 19 18:24 openstack-queens
drwxr-xr-x. 3 root root 159744 2月 19 18:25 openstack-rocky
drwxr-xr-x. 3 root root 147456 2月 19 18:26 openstack-stein
drwxr-xr-x. 3 root root 139264 2月 19 18:26 openstack-train
drwxr-xr-x. 4 root root 38 2月 19 18:22 updates
[root@localhost data]# du -sh
42G .
注:前面已经创建/data目录;如果这个过程中断,重新执行reposync -p /data
- 创建软件依赖关系库
[root@localhost ~]# createrepo -po /data/base/ /data/base/
[root@localhost ~]# createrepo -po /data/extras/ /data/extras/
[root@localhost ~]# createrepo -po /data/updates/ /data/updates/
[root@localhost ~]# createrepo -po /data/epel/ /data/epel/
[root@localhost ~]# createrepo -po /data/openstack-queens/ /data/openstack-queens/
[root@localhost ~]# createrepo -po /data/openstack-rocky/ /data/openstack-rocky/
[root@localhost ~]# createrepo -po /data/openstack-stein/ /data/openstack-stein/
[root@localhost ~]# createrepo -po /data/openstack-train/ /data/openstack-train/
[root@localhost ~]# createrepo -po /data/centos-qemu-ev /data/centos-qemu-ev/
[root@localhost ~]# createrepo -po /data/nginx /data/nginx- 更新源数据
[root@localhost ~]# createrepo --update /data/base
[root@localhost ~]# createrepo --update /data/extras
[root@localhost ~]# createrepo --update /data/updates
[root@localhost ~]# createrepo --update /data/epel
[root@localhost ~]# createrepo --update /data/openstack-queens
[root@localhost ~]# createrepo --update /data/openstack-rocky
[root@localhost ~]# createrepo --update /data/openstack-stein
[root@localhost ~]# createrepo --update /data/openstack-train
[root@localhost ~]# createrepo --update /data/centos-qemu-ev
[root@localhost ~]# createrepo --update /data/nginx-
创建定时更新脚本(本实验可不用做)
[root@localhost ~]# mkdir /data/script
[root@localhost ~]# vi /data/script/centos_yum_update.sh
#!/bin/bash
echo 'Updating Aliyum Source'
DATETIME=`date +%F_%T`
exec > /var/log/aliyumrepo_$DATETIME.log
##reposync -np /data 更新数据包
reposync -np /data
if [ $? -eq 0 ];then
createrepo --update /data/base
createrepo --update /data/extras
createrepo --update /data/updates
createrepo --update /data/epel
createrepo --update /data/openstack-queens
createrepo --update /data/openstack-rocky
createrepo --update /data/openstack-stein
createrepo --update /data/openstack-train
createrepo --update /data/centos-qemu-ev
createrepo --update /data/nginx
echo "SUCESS: $DATETIME aliyum_yum update successful"
else
echo "ERROR: $DATETIME aliyum_yum update failed"
fi
##每月第一个月周六的0点更新阿里云yum源
[root@localhost ~]# crontab -e
####Updating Aliyum Source####
00 0 * * 6 [ $(date +%d) -eq $(cal | awk 'NR==3{print $NF}') ] && /bin/bash /data/script/centos_yum_update.sh- 安装nginx,开启目录权限,保证本地客户端可以使用本地源
[root@localhost ~]# groupadd nginx ###创建运行账户组
[root@localhost ~]# useradd -r -g nginx -s /bin/false -M nginx ###创建运行账户
[root@localhost ~]# yum -y install nginx ###安装Nginx
[root@localhost ~]# vi /etc/nginx/nginx.conf ####找到nginx配置文件,并修改nginx配置文件:
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80; ####监听地址
server_name localhost; ####地址为本地
root /data ; ####这里是yum源存放目录
location / {
autoindex on; ####打开目录浏览功能
autoindex_exact_size off; ### off:以可读的方式显示文件大小
autoindex_localtime on; #### on、off:是否以服务器的文件时间作为显示的时间
charset utf-8,gbk; ####展示中文文件名
index index.html; ####新增
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
[root@localhost ~]# systemctl enable nginx ###开机启动Nginx服务
[root@localhost ~]# systemctl start nginx ###开启Nginx服务
- nginx界面,结果如下
二.建立测试端,测试YUM源
- 在客户端配置YUM源
[root@localhost ~]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# rm -rf * ####删除当前目录下所有文件,
[root@localhost yum.repos.d]# vim CentOS7.x-Base-Openstack.repo
[base]
name=CentOS-$releasever - Base - data.template.com
baseurl=http://192.168.100.10/base/
enabled=1
gpgcheck=0
[updates]
name=CentOS-$releasever - Updates - data.template.com
baseurl=http://192.168.100.10/updates/
enabled=1
gpgcheck=0
[extras]
name=CentOS-$releasever - Extras - datas.template.com
baseurl=http://192.168.100.10/extras/
enabled=1
gpgcheck=0
[epel]
name=CentOS-$releasever - epel - datas.template.com
baseurl=http://192.168.100.10/epel/
failovermethod=priority
enabled=1
gpgcheck=0
[openstack-queens]
name=openstack-queens
baseurl=http://192.168.100.10/openstack-queens/
gpgcheck=0
enabled=1
[openstack-rocky]
name=openstack-rocky
baseurl=http://192.168.100.10/openstack-rocky/
gpgcheck=0
enabled=1
[openstack-stein]
name=openstack-stein
baseurl=http://192.168.100.10/openstack-stein/
gpgcheck=0
enabled=1
[openstack-train]
name=openstack-train
baseurl=http://192.168.100.10/openstack-train/
gpgcheck=0
enabled=1
[centos-qemu-ev]
name=centos-qemu-ev
baseurl=http://192.168.100.10/centos-qemu-ev/
gpgcheck=0
enabled=1
[nginx]
name=nginx
baseurl=http://192.168.100.10/nginx/
gpgcheck=0
enabled=1
注:地址也可以写成192.168.100.10,注意关闭防火墙和SElinux功能
- 清理yum缓存,重新建立yum源
[root@localhost ~]# yum clean all
已加载插件:fastestmirror, langpacks
正在清理软件源: base centos-qemu-ev epel extras nginx openstack-queens openstack-rocky openstack-stein openstack-train updates
Cleaning up list of fastest mirrors
[root@localhost ~]# yum makecache
已加载插件:fastestmirror, langpacks
Determining fastest mirrors
base | 2.9 kB 00:00:00
centos-qemu-ev | 2.9 kB 00:00:00
epel | 2.9 kB 00:00:00
extras | 2.9 kB 00:00:00
nginx | 2.9 kB 00:00:00
openstack-queens | 2.9 kB 00:00:00
openstack-rocky | 2.9 kB 00:00:00
openstack-stein | 2.9 kB 00:00:00
openstack-train | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
(1/30): base/primary_db | 6.0 MB 00:00:00
(2/30): base/filelists_db | 7.3 MB 00:00:00
(3/30): base/other_db | 2.6 MB 00:00:00
(4/30): centos-qemu-ev/filelists_db | 21 kB 00:00:00
(5/30): centos-qemu-ev/primary_db | 67 kB 00:00:00
(6/30): centos-qemu-ev/other_db | 59 kB 00:00:00
(7/30): epel/primary_db | 6.6 MB 00:00:00
(8/30): epel/filelists_db | 11 MB 00:00:00
(9/30): epel/other_db | 3.2 MB 00:00:00
(10/30): extras/primary_db | 159 kB 00:00:00
(11/30): extras/filelists_db | 210 kB 00:00:00
(12/30): extras/other_db | 103 kB 00:00:00
(13/30): nginx/filelists_db | 71 kB 00:00:00
(14/30): nginx/primary_db | 51 kB 00:00:00
(15/30): nginx/other_db | 28 kB 00:00:00
(16/30): openstack-queens/primary_db | 1.2 MB 00:00:00
(17/30): openstack-queens/other_db | 480 kB 00:00:00
(18/30): openstack-queens/filelists_db | 3.3 MB 00:00:00
(19/30): openstack-rocky/primary_db | 1.0 MB 00:00:00
(20/30): openstack-rocky/other_db | 388 kB 00:00:00
(21/30): openstack-rocky/filelists_db | 2.7 MB 00:00:00
(22/30): openstack-stein/primary_db | 946 kB 00:00:00
(23/30): openstack-stein/other_db | 361 kB 00:00:00
(24/30): openstack-stein/filelists_db | 2.7 MB 00:00:00
(25/30): openstack-train/primary_db | 889 kB 00:00:00
(26/30): openstack-train/other_db | 345 kB 00:00:00
(27/30): openstack-train/filelists_db | 2.3 MB 00:00:00
(28/30): updates/filelists_db | 4.0 MB 00:00:00
(29/30): updates/other_db | 480 kB 00:00:00
(30/30): updates/primary_db | 6.7 MB 00:00:00
元数据缓存已建立
[root@localhost ~]#
- 测试是否可以下载RPM包
[root@localhost ~]# yumdownloader openstack-swift-account
已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
openstack-swift-account-2.23.1-1.el7.noarch.rpm | 21 kB 00:00:00
[root@localhost ~]# ls
anaconda-ks.cfg initial-setup-ks.cfg openstack-swift-account-2.23.1-1.el7.noarch.rpm 公共 模板 视频 图片 文档 下载 音乐 桌面
[root@localhost ~]#
三.建立时钟服务器,进行时钟同步
- 在本地源上同步阿里时钟
[root@localhost ~]# yum -y install ntpdate
[root@localhost ~]# ntpdate ntp.aliyun.com
##创建计划性任务表,每两分钟,同步一次
[root@localhost ~]# crontab -e
*/2 * * * * /usr/sbin/ntpdate ntp.aliyun.com >>/var/log/ntpdate.log
[root@localhost ~]# systemctl restart crond
[root@localhost ~]# systemctl enable crond
##动态查看更新日志
[root@localhost ~]# tail -f /var/log/ntpdate.log
19 Feb 23:40:07 ntpdate[16685]: adjust time server 203.107.6.88 offset 0.005004 sec
19 Feb 23:41:07 ntpdate[16716]: adjust time server 203.107.6.88 offset -0.000492 sec
19 Feb 23:42:07 ntpdate[16738]: adjust time server 203.107.6.88 offset -0.000692 sec
19 Feb 23:43:08 ntpdate[16759]: adjust time server 203.107.6.88 offset 0.000096 sec
19 Feb 23:44:07 ntpdate[16835]: adjust time server 203.107.6.88 offset -0.005425 sec
19 Feb 23:45:07 ntpdate[16908]: adjust time server 203.107.6.88 offset 0.010787 sec
19 Feb 23:46:07 ntpdate[16929]: adjust time server 203.107.6.88 offset -0.009547 sec
19 Feb 23:47:08 ntpdate[16950]: adjust time server 203.107.6.88 offset 0.009012 sec
19 Feb 23:48:07 ntpdate[16981]: adjust time server 203.107.6.88 offset -0.005984 sec
19 Feb 23:49:07 ntpdate[17036]: adjust time server 203.107.6.88 offset -0.001140 sec
- 在本地源(192.168.100.10)和客户端(192.168.100.20)上下载ntp,本地源作为ntp服务器,客户端同步本地源的时间
yum insatll ntp -y- 配置ntp服务器
vim /etc/ntp.conf
8 restrict 192.168.100.10 nomodify notrap nopeer noquery
17 restrict 192.168.100.1 mask 255.255.255.0 nomodify notrap
21 #server 0.centos.pool.ntp.org iburst
22 #server 1.centos.pool.ntp.org iburst
23 #server 2.centos.pool.ntp.org iburst
24 #server 3.centos.pool.ntp.org iburst
25 server 127.127.1.0
26 fudge 127.127.1.0 stratum 10
[root@localhost log]# systemctl start ntpd
[root@localhost log]# systemctl enable ntpd
Created symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.
[root@localhost log]# 注:在服务端,关闭chronyd功能,systemctl disabled chronyd,重启,关闭安全功能
- 配置ntp客户端
vim /etc/ntp.conf
8 restrict 192.168.100.20 nomodify notrap nopeer noquery
17 restrict 192.168.100.1 mask 255.255.255.0 nomodify notrap
26 server 192.168.100.10
27 fudge 192.168.100.10 stratum 10
[root@localhost opt]# systemctl start ntpd
[root@localhost opt]# systemctl enable ntpd
Created symlink from /etc/systemd/system/multi-user.target.wants/ntpd.service to /usr/lib/systemd/system/ntpd.service.
[root@localhost opt]# - 在客户端测试时间同步
[root@localhost ~]# ntpdate -u 192.168.100.10
20 Feb 11:56:37 ntpdate[10535]: adjust time server 192.168.100.10 offset -0.000111 sec
[root@localhost ~]#
- 在客户端可做计划性任务表同步本地源更新时间
