Introduction
OpenStack is an open source cloud computing management platform project. It is a combination of a series of software open source projects, developed and initiated by NASA (National Aeronautics and Space Administration) and Rackspace. The open source code project
OpenStack authorized by the Apache license is a private cloud and The public cloud provides scalable and elastic cloud computing services. The project goal is to provide a cloud computing management platform that is simple to implement, scalable, rich, and standardized.
OpenStack covers all aspects of networking, virtualization, operating systems, servers, etc. It is a cloud computing platform project under development. It is broken down into core projects, incubation projects, and supporting projects and related projects according to different maturity and importance. Each project has its own committee and project technical director, and each Each project is not static. The incubation project can be transformed into a core project
core component according to the maturity and importance of development.
1. Compute Nova: a set of controllers used to manage virtual machines for a single user or use a group Throughout the life cycle of an instance, virtual services are provided according to user needs. Responsible for virtual machine creation, startup, shutdown, suspension, suspension, adjustment, migration, restart, destruction, etc., configure CPU, memory and other information specifications
2. Object Storage (Object Storage) Swift: a set for large-scale scalable systems A system that implements object storage through built-in redundancy and high fault-tolerance mechanisms, allows storage or retrieval of files, provides mirror storage for Glance, and provides volume backup services for Cinder.
3. Image Service (Image Service) Glance: a set of virtual machine images Search and retrieval system, support multiple virtual machine image formats (AKI, AMI, ARI, ISO, QCOW2, Raw, VDI, VHD, VMDK), with the functions of creating, uploading, deleting, and editing basic information of the image
4. Identity service (Identity Service) Keystone: Provides authentication, service rules and service token functions for other OpenStack services, and manages Domains, Projects, Users, Groups, and Roles
5. Network & Address Management (Network) Neutron: Provides network virtualization technology for cloud computing, and provides network connection services for other OpenStack services. Provide interfaces for users to define Network, Subnet, Router, configure DHCP, DNS, load balancing, L3 service, network support GRE, VLAN, plug-in architecture supports many mainstream network manufacturers and technologies, such as OpenvSwitch
6, block storage (Block Storage) ) Cinder: Provides stable data block storage services for running instances. Its plug-in drive architecture is conducive to the creation and management of block devices, such as creating volumes, deleting volumes, mounting and unmounting volumes on the instance.
7. UI interface (Dashboard) Horizon: A web management portal for various services in OpenStack, used to simplify user operations on services, such as: starting instances, assigning IP addresses, configuring access control, etc.
8. Measuring (Metering) Ceilometer: It can take almost everything that happens inside OpenStack All events are collected, and then provide data support for billing, monitoring and other services.
9. Deployment orchestration (Orchestration) Heat: Provides a collaborative deployment method defined by a template to realize the cloud infrastructure software operating environment (computing, storage (And network resources) automated deployment
10. Database Service (Database Service) Trove: Provides scalable and reliable relational and non-relational database engine services for users in the OpenStack environment
Preliminary preparation
Prepare two Centos8 virtual machines, configure two hard disks in the virtual machine, configure the IP address and hostname, synchronize the system time, turn off the firewall and selinux, modify the ip address and hostname mapping
ip | hostname |
---|---|
192.168.29.148 | controller |
192.168.29.149 | computer |
Deployment service
Install epel source
[root@controller ~]# yum install epel-release -y
[root@computer ~]# yum install epel-release -y
Install openstack source
[root@controller ~]# yum install centos-release-openstack-ussuri -y
[root@computer ~]# yum install centos-release-openstack-ussuri -y
Install openstack client and selinux service
[root@controller ~]# yum install python3-openstackclient openstack-selinux -y
[root@computer ~]# yum install python3-openstackclient openstack-selinux -y
Deploy Mariadb database and memcached
[root@controller ~]# yum install mariadb mariadb-server python3-PyMySQL memcached python3-memcached -y
Install Message Queuing Service
[root@controller ~]# yum install rabbitmq-server -y
Install keystone service
[root@controller ~]# yum install openstack-keystone httpd python3-mod_wsgi -y
Install glance service
[root@controller ~]# yum install openstack-glance -y
Install placememt service
[root@controller ~]# yum install openstack-placement-api -y
Controller install nova service
[root@controller ~]# yyum install openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler -y
computer install nova service
[root@computer ~]# yum install openstack-nova-compute -y
Controller install neutron service
[root@controller ~]# yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables ipset iproute -y
computer install neutron service
[root@computer ~]# yum install openstack-neutron-linuxbridge ebtables ipset iproute -y
Install dashboard components
[root@controller ~]# yum install openstack-dashboard -y
Controller installs cinder service
[root@controller ~]# yum install openstack-cinder -y
Computer install cinder and lvm services
[root@storager ~]# yum install lvm2 device-mapper-persistent-data openstack-cinder targetcli python3-keystone -y
Turn on hardware acceleration
[root@controller ~]# modprobe kvm-intel
[root@computer ~]# modprobe kvm-intel
Installation dependencies
[root@controller ~]# yum -y install libibverbs
[root@computer ~]# yum -y install libibverbs
[root@storager ~]# yum -y install libibverbs
Configure message queue service
Open service
[root@controller ~]# systemctl start rabbitmq-server.service
[root@controller ~]# systemctl enable rabbitmq-server.service
Add user
[root@controller ~]# rabbitmqctl add_user openstack openstack
Authorization limit
[root@controller ~]# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
Configure memcached service
Modify the configuration file
[root@controller ~]# vi /etc/sysconfig/memcached
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="64"
OPTIONS="-l 127.0.0.1,::1,controller"
Start service
[root@controller ~]# systemctl start memcached.service
[root@controller ~]# systemctl enable memcached.service
Configure database service
Modify the configuration file
[root@controller ~]# vi /etc/my.cnf.d/mariadb-server.cnf
bind-address = 192.168.29.148
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
Start service
[root@controller ~]# systemctl start mariadb.service
[root@controller ~]# systemctl enable mariadb.service
Create database
MariaDB [(none)]> create database keystone;
MariaDB [(none)]> create database glance;
MariaDB [(none)]> create database nova;
MariaDB [(none)]> create database nova_api;
MariaDB [(none)]> create database nova_cell0;
MariaDB [(none)]> create database neutron;
MariaDB [(none)]> create database cinder;
MariaDB [(none)]> create database placement;
Authorized user
MariaDB [(none)]> grant all privileges on keystone.* to 'keystone'@'localhost' identified by 'your_password';
MariaDB [(none)]> grant all privileges on keystone.* to 'keystone'@'%' identified by 'your_password';
MariaDB [(none)]> grant all privileges on glance.* to 'glance'@'localhost' identified by 'your_password';
MariaDB [(none)]> grant all privileges on glance.* to 'glance'@'%' identified by 'your_password';
MariaDB [(none)]> grant all privileges on nova.* to 'nova'@'localhost' identified by 'your_password';
MariaDB [(none)]> grant all privileges on nova.* to 'nova'@'%' identified by 'your_password';
MariaDB [(none)]> grant all privileges on nova_api.* to 'nova'@'localhost' identified by 'your_password';
MariaDB [(none)]> grant all privileges on nova_api.* to 'nova'@'%' identified by 'your_password';
MariaDB [(none)]> grant all privileges on nova_cell0.* to 'nova'@'localhost' identified by 'your_password';
MariaDB [(none)]> grant all privileges on nova_cell0.* to 'nova'@'%' identified by 'your_password';
MariaDB [(none)]> grant all privileges on neutron.* to 'neutron'@'localhost' identified by 'your_password';
MariaDB [(none)]> grant all privileges on neutron.* to 'neutron'@'%' identified by 'your_password';
MariaDB [(none)]> grant all privileges on cinder.* to 'cinder'@'localhost' identified by 'your_password';
MariaDB [(none)]> grant all privileges on cinder.* to 'cinder'@'%' identified by 'your_password';
MariaDB [(none)]> grant all privileges on placement.* to 'placement'@'localhost' identified by 'your_password';
MariaDB [(none)]> grant all privileges on placement.* to 'placement'@'%' identified by 'your_password';
MariaDB [(none)]> flush privileges;
Configure keystone service
Modify the configuration file
[root@controller ~]# vi /etc/keystone/keystone.conf
[database]
connection = mysql+pymysql://keystone:your_password@controller/keystone
[token]
provider = fernet
Database synchronization
[root@controller ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone
Keystore initialization
[root@controller ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
[root@controller ~]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
[root@controller ~]# keystone-manage bootstrap --bootstrap-password openstack --bootstrap-admin-url http://controller:5000/v3/ --bootstrap-internal-url http://controller:5000/v3/ --bootstrap-public-url http://controller:5000/v3/ --bootstrap-region-id RegionOne
Configure httpd service
#修改配置文件
[root@controller ~]# vi /etc/httpd/conf/httpd.conf
ServerName controller
#创建软连接
[root@controller ~]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
#启动服务
[root@controller ~]# systemctl start httpd
[root@controller ~]# systemctl enable httpd
Configure admin environment variable script
[root@controller ~]# vi admin-openrc
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=openstack
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
export OS_VOLUME_API_VERSION=2
Verify environment variables
[root@controller ~]# source admin-openrc
[root@controller ~]# openstack token issue
Create service project
[root@controller ~]# openstack project create --domain default --description "Service Project" service
Create demo project
[root@controller ~]# openstack project create --domain default --description "Demo Project" demo
Create demo user
[root@controller ~]# openstack user create --domain default --password-prompt demo
Create user role
[root@controller ~]# openstack role create user
Add user role to demo project and user
[root@controller ~]# openstack role add --project demo --user demo user
Configure the demo environment variable script
[root@controller ~]# vi demo-openrc
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=demo
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
Configure glance service
Create and configure glance user
[root@controller ~]# openstack user create --domain default --password-prompt glance
[root@controller ~]# openstack role add --project service --user glance admin
Create glance service entity
[root@controller ~]# openstack service create --name glance --description "OpenStack Image" image
Create glance service endpoint
[root@controller ~]# openstack endpoint create --region RegionOne image public http://controller:9292
[root@controller ~]# openstack endpoint create --region RegionOne image internal http://controller:9292
[root@controller ~]# openstack endpoint create --region RegionOne image admin http://controller:9292
Modify the configuration file
[root@controller ~]# vi /etc/glance/glance-api.conf
[database]
connection = mysql+pymysql://glance:your_password@controller/glance
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = glance
[paste_deploy]
flavor = keystone
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
Synchronize the database
[root@controller ~]# su -s /bin/sh -c "glance-manage db_sync" glance
Start service
[root@controller ~]# systemctl enable openstack-glance-api.service
[root@controller ~]# systemctl start openstack-glance-api.service
Upload image
[root@controller ~]# glance image-create --name Centos7 --disk-format qcow2 --container-format bare --progress < CentOS-7-x86_64-GenericCloud-1907.qcow2
#查看镜像
[root@controller ~]# openstack image list
Controller configuration placement service
Create and configure placement users
[root@controller ~]# openstack user create --domain default --password-prompt placement
[root@controller ~]# openstack role add --project service --user placement admin
Create placement service entity
[root@controller ~]# openstack service create --name placement --description "Placement API" placement
Create placement service endpoint
[root@controller ~]# openstack endpoint create --region RegionOne placement public http://controller:8778
[root@controller ~]# openstack endpoint create --region RegionOne placement internal http://controller:8778
[root@controller ~]# openstack endpoint create --region RegionOne placement admin http://controller:8778
Modify the configuration file
[root@controller ~]# vi /etc/placement/placement.conf
[placement_database]
connection = mysql+pymysql://placement:'your_password'@controller/placement
[api]
auth_strategy = keystone
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = placement
password = placement
Synchronize the database
[root@controller ~]# su -s /bin/sh -c "placement-manage db sync" placement
Restart service
[root@controller ~]# systemctl restart httpd
Controller configuration nova service
Create and configure nova user
[root@controller ~]# openstack user create --domain default --password-prompt nova
[root@controller ~]# openstack role add --project service --user nova admin
Create nova service entity
[root@controller ~]# openstack service create --name nova --description "OpenStack Compute" compute
Create nova service endpoint
[root@controller ~]# openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1
[root@controller ~]# openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1
[root@controller ~]# openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1
Modify the configuration file
[root@controller ~]# vi /etc/nova/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata
my_ip = 192.168.29.148
transport_url = rabbit://openstack:openstack@controller:5672/
[api_database]
connection = mysql+pymysql://nova:your_password@controller/nova_api
[database]
connection = mysql+pymysql://nova:your_password@controller/nova
[api]
auth_strategy = keystone
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = nova
[vnc]
enabled = true
server_listen = $my_ip
server_proxyclient_address = $my_ip
[glance]
api_servers = http://controller:9292
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[placement]
os_region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = placement
[root@controller ~]# vi /etc/httpd/conf.d/00-placement-api.conf
Listen 8778
<VirtualHost *:8778>
WSGIProcessGroup nova-placement-api
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
WSGIDaemonProcess nova-placement-api processes=3 threads=1 user=nova group=nova
WSGIScriptAlias / /usr/bin/nova-placement-api
<IfVersion >= 2.4>
ErrorLogFormat "%M"
</IfVersion>
ErrorLog /var/log/nova/nova-placement-api.log
#SSLEngine On
#SSLCertificateFile ...
#SSLCertificateKeyFile ...
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion >= 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
</VirtualHost>
Alias /nova-placement-api /usr/bin/nova-placement-api
<Location /nova-placement-api>
SetHandler wsgi-script
Options +ExecCGI
WSGIProcessGroup nova-placement-api
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
</Location>
Restart httpd service
[root@controller ~]# systemctl restart httpd
Synchronize the database
[root@controller ~]# su -s /bin/sh -c "nova-manage api_db sync" nova
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
[root@controller ~]# su -s /bin/sh -c "nova-manage db sync" nova
verification
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova
Start service
[root@controller ~]# systemctl start openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
[root@controller ~]# systemctl enable openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
compute configure nova service
Modify the configuration file
[root@compute ~]# vi /etc/nova/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:openstack@controller
my_ip = 192.168.29.146
[api]
auth_strategy = keystone
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = nova
[vnc]
enabled = True
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://controller:6080/vnc_auto.html
[glance]
api_servers = http://controller:9292
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[placement]
os_region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = placement
[libvirt]
virt_type = kvm
#虚拟机部署集群需要用qemu
#virt_type = qemu
Start service
[root@compute ~]# systemctl start libvirtd.service openstack-nova-compute.service
[root@compute ~]# systemctl enable libvirtd.service openstack-nova-compute.service
Controller adds computer to the database
#查看nova-compute结点
[root@controller ~]# openstack compute service list --service nova-compute
#添加数据库
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
Controller configures neutron service
Create and configure neutron user
[root@controller ~]# openstack user create --domain default --password-prompt neutron
[root@controller ~]# openstack role add --project service --user neutron admin
Create neutron service entity
[root@controller ~]# openstack service create --name neutron --description "OpenStack Networking" network
Create neutron service endpoint
[root@controller ~]# openstack endpoint create --region RegionOne network public http://controller:9696
[root@controller ~]# openstack endpoint create --region RegionOne network internal http://controller:9696
[root@controller ~]# openstack endpoint create --region RegionOne network admin http://controller:9696
Modify the configuration file (linuxbridge network architecture)
[root@controller ~]# vi /etc/neutron/neutron.conf
[DEFAULT]
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = true
transport_url = rabbit://openstack:openstack@controller
auth_strategy = keystone
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
[database]
connection = mysql+pymysql://neutron:your_password@controller/neutron
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = neutron
[nova]
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = nova
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
[root@controller ~]# vi /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
type_drivers = flat,vlan,vxlan
tenant_network_types = vxlan
mechanism_drivers = linuxbridge,l2population
extension_drivers = port_security
[ml2_type_flat]
flat_networks = provider
[ml2_type_vxlan]
vni_ranges = 1:1000
[securitygroup]
enable_ipset = true
[root@controller ~]# vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:ens160
[vxlan]
enable_vxlan = true
local_ip = 192.168.29.148
l2_population = true
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
[root@controller ~]# vi /etc/neutron/l3_agent.ini
[DEFAULT]
interface_driver = linuxbridge
[root@controller ~]# vi /etc/neutron/dhcp_agent.ini
[DEFAULT]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true
[root@controller ~]# vi /etc/neutron/metadata_agent.ini
[DEFAULT]
nova_metadata_host = controller
metadata_proxy_shared_secret = 000000
[root@controller ~]# vi /etc/nova/nova.conf
[neutron]
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron
service_metadata_proxy = true
metadata_proxy_shared_secret = 000000
Create soft link
[root@controller ~]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
Synchronize the database
[root@controller ~]# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
Start service
#重启nova-api服务
[root@controller ~]# systemctl restart openstack-nova-api.service
#linuxbridge架构
[root@controller ~]# systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
[root@controller ~]# systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
Computer configuration neutron service
Modify the configuration file (linuxbridge architecture)
[root@computer ~]# vi /etc/neutron/neutron.conf
[DEFAULT]
transport_url = rabbit://openstack:openstack@controller
auth_strategy = keystone
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = neutron
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
[root@computer ~]# vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:ens160
[vxlan]
enable_vxlan = true
local_ip = 192.168.29.149
l2_population = true
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
[root@computer ~]# vi /etc/nova/nova.conf
[neutron]
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron
Start service
#重启nova-compute服务
[root@compute ~]# systemctl stop openstack-nova-compute.service
[root@compute ~]# systemctl start openstack-nova-compute.service
#注:直接restart重启可能会导致报错
#linuxbridge架构
[root@compute ~]# systemctl start neutron-linuxbridge-agent.service
[root@compute ~]# systemctl enable neutron-linuxbridge-agent.service
verification
[root@controller ~]# openstack network agent list
#查看日志
[root@computer ~]# tail /var/log/nova/nova-compute.log
Configure dashboard components
Modify the configuration file
[root@controller ~]# vi /etc/openstack-dashboard/local_settings
OPENSTACK_HOST = "controller"
ALLOWED_HOSTS = ['*', 'two.example.com']
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION': 'controller:11211',
}
}
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_API_VERSIONS = {
"identity": 3,
"image": 2,
"volume": 2,
}
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"
[root@controller ~]# vi /etc/httpd/conf.d/openstack-dashboard.conf
WSGIApplicationGroup %{GLOBAL}
Restart service
[root@controller ~]# systemctl restart httpd.service memcached.service
Visit the web interface
browser to visit http://ip/dashboard
Computer configuration cinder service
Configure cinder hard disk
[root@computer~]# mkfs.xfs -f /dev/nvme0n2p1
Configure logical volume
[root@computer~]# pvcreate /dev/nvme0n2p1
[root@computer~]# vgcreate cinder-volumes /dev/nvme0n2p1
Modify the configuration file
[root@computer~]# vi /etc/cinder/cinder.conf
[default]
transport_url = rabbit://openstack:openstack@controller
auth_strategy = keystone
my_ip = 192.168.29.149
enabled_backends = lvm
glance_api_servers = http://controller:9292
[database]
connection = mysql+pymysql://cinder:your_password@controller/cinder
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_id = default
user_domain_id = default
project_name = service
username = cinder
password = cinder
[oslo_concurrency]
lock_path = /var/lib/cinder/tmp
#没有lvm标签自行添加
[lvm]
volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver
volume_group = cinder-volumes
iscsi_protocol = iscsi
iscsi_helper = lioadm
Start service
[root@computer~]# systemctl start openstack-cinder-volume.service target.service
[root@computer~]# systemctl enable openstack-cinder-volume.service target.service
Controller configuration cinder service
Create and configure cinder users
[root@controller ~]# openstack user create --domain default --password-prompt cinder
[root@controller ~]# openstack role add --project service --user cinder admin
Create a cinder service entity
[root@controller ~]# openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2
[root@controller ~]# openstack service create --name cinderv3 --description "OpenStack Block Storage" volumev3
Create a cinder service endpoint
[root@controller ~]# openstack endpoint create --region RegionOne volumev2 public http://controller:8776/v2/%\(project_id\)s
[root@controller ~]# openstack endpoint create --region RegionOne volumev2 internal http://controller:8776/v2/%\(project_id\)s
[root@controller ~]# openstack endpoint create --region RegionOne volumev2 admin http://controller:8776/v2/%\(project_id\)s
[root@controller ~]# openstack endpoint create --region RegionOne volumev3 public http://controller:8776/v3/%\(project_id\)s
[root@controller ~]# openstack endpoint create --region RegionOne volumev3 internal http://controller:8776/v3/%\(project_id\)s
[root@controller ~]# openstack endpoint create --region RegionOne volumev3 admin http://controller:8776/v3/%\(project_id\)s
Edit configuration file
[root@controller ~]# vi /etc/cinder/cinder.conf
[default]
transport_url = rabbit://openstack:openstack@controller
auth_strategy = keystone
my_ip = 192.168.29.148
[database]
connection = mysql+pymysql://cinder:your_password@controller/cinder
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = cinder
password = cinder
[oslo_concurrency]
lock_path = /var/lib/cinder/tmp
[root@controller ~]# vi /etc/nova/nova.conf
[cinder]
os_region_name = RegionOne
Synchronize the database
[root@controller ~]# su -s /bin/sh -c "cinder-manage db sync" cinder
Start service
[root@controller ~]# systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service
[root@controller ~]# systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service
Check status
[root@controller ~]# openstack volume service list
Create volume
#容量为1G
[root@controller ~]# cinder create --name demo_volume 1
Mount volume
#查看卷id
[root@controller ~]# cinder list
#挂载卷到云主机
[root@controller ~]# nova volume-attach mycentos e9804810-9dce-47f6-84f7-25a8da672800