Centos8 deploys Openstack (U version)

Introduction

OpenStack is an open source cloud computing management platform project. It is a combination of a series of software open source projects, developed and initiated by NASA (National Aeronautics and Space Administration) and Rackspace. The open source code project
OpenStack authorized by the Apache license is a private cloud and The public cloud provides scalable and elastic cloud computing services. The project goal is to provide a cloud computing management platform that is simple to implement, scalable, rich, and standardized.
OpenStack covers all aspects of networking, virtualization, operating systems, servers, etc. It is a cloud computing platform project under development. It is broken down into core projects, incubation projects, and supporting projects and related projects according to different maturity and importance. Each project has its own committee and project technical director, and each Each project is not static. The incubation project can be transformed into a core project
core component according to the maturity and importance of development.
1. Compute Nova: a set of controllers used to manage virtual machines for a single user or use a group Throughout the life cycle of an instance, virtual services are provided according to user needs. Responsible for virtual machine creation, startup, shutdown, suspension, suspension, adjustment, migration, restart, destruction, etc., configure CPU, memory and other information specifications
2. Object Storage (Object Storage) Swift: a set for large-scale scalable systems A system that implements object storage through built-in redundancy and high fault-tolerance mechanisms, allows storage or retrieval of files, provides mirror storage for Glance, and provides volume backup services for Cinder.
3. Image Service (Image Service) Glance: a set of virtual machine images Search and retrieval system, support multiple virtual machine image formats (AKI, AMI, ARI, ISO, QCOW2, Raw, VDI, VHD, VMDK), with the functions of creating, uploading, deleting, and editing basic information of the image
4. Identity service (Identity Service) Keystone: Provides authentication, service rules and service token functions for other OpenStack services, and manages Domains, Projects, Users, Groups, and Roles
5. Network & Address Management (Network) Neutron: Provides network virtualization technology for cloud computing, and provides network connection services for other OpenStack services. Provide interfaces for users to define Network, Subnet, Router, configure DHCP, DNS, load balancing, L3 service, network support GRE, VLAN, plug-in architecture supports many mainstream network manufacturers and technologies, such as OpenvSwitch
6, block storage (Block Storage) ) Cinder: Provides stable data block storage services for running instances. Its plug-in drive architecture is conducive to the creation and management of block devices, such as creating volumes, deleting volumes, mounting and unmounting volumes on the instance.
7. UI interface (Dashboard) Horizon: A web management portal for various services in OpenStack, used to simplify user operations on services, such as: starting instances, assigning IP addresses, configuring access control, etc.
8. Measuring (Metering) Ceilometer: It can take almost everything that happens inside OpenStack All events are collected, and then provide data support for billing, monitoring and other services.
9. Deployment orchestration (Orchestration) Heat: Provides a collaborative deployment method defined by a template to realize the cloud infrastructure software operating environment (computing, storage (And network resources) automated deployment
10. Database Service (Database Service) Trove: Provides scalable and reliable relational and non-relational database engine services for users in the OpenStack environment

Preliminary preparation

Prepare two Centos8 virtual machines, configure two hard disks in the virtual machine, configure the IP address and hostname, synchronize the system time, turn off the firewall and selinux, modify the ip address and hostname mapping

ip	hostname
192.168.29.148	controller
192.168.29.149	computer

Deployment service

Install epel source

[root@controller ~]# yum install epel-release -y
[root@computer ~]# yum install epel-release -y

Install openstack source

[root@controller ~]# yum install centos-release-openstack-ussuri -y

[root@computer ~]# yum install centos-release-openstack-ussuri -y

Install openstack client and selinux service

[root@controller ~]# yum install python3-openstackclient openstack-selinux -y

[root@computer ~]# yum install python3-openstackclient openstack-selinux -y

Deploy Mariadb database and memcached

[root@controller ~]# yum install mariadb mariadb-server python3-PyMySQL memcached python3-memcached -y

Install Message Queuing Service

[root@controller ~]# yum install rabbitmq-server -y

Install keystone service

[root@controller ~]# yum install openstack-keystone httpd  python3-mod_wsgi -y

Install glance service

[root@controller ~]# yum install openstack-glance -y

Install placememt service

[root@controller ~]# yum install openstack-placement-api -y

Controller install nova service

[root@controller ~]# yyum install openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler -y

computer install nova service

[root@computer ~]# yum install openstack-nova-compute -y

Controller install neutron service

[root@controller ~]# yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables ipset iproute -y

computer install neutron service

[root@computer ~]# yum install openstack-neutron-linuxbridge ebtables ipset iproute -y

Install dashboard components

[root@controller ~]# yum install openstack-dashboard -y

Controller installs cinder service

[root@controller ~]# yum install openstack-cinder -y

Computer install cinder and lvm services

[root@storager ~]# yum install lvm2 device-mapper-persistent-data openstack-cinder targetcli python3-keystone -y

Turn on hardware acceleration

[root@controller ~]# modprobe kvm-intel
[root@computer ~]# modprobe kvm-intel

Installation dependencies

[root@controller ~]# yum -y install libibverbs
[root@computer ~]# yum -y install libibverbs
[root@storager ~]# yum -y install libibverbs

Configure message queue service

Open service

[root@controller ~]# systemctl start rabbitmq-server.service
[root@controller ~]# systemctl enable rabbitmq-server.service 

Add user

[root@controller ~]# rabbitmqctl add_user openstack openstack

Authorization limit

[root@controller ~]# rabbitmqctl set_permissions openstack ".*" ".*" ".*"

Configure memcached service

Modify the configuration file

[root@controller ~]# vi /etc/sysconfig/memcached 
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="64"
OPTIONS="-l 127.0.0.1,::1,controller"

Start service

[root@controller ~]# systemctl start memcached.service
[root@controller ~]# systemctl enable memcached.service

Configure database service

Modify the configuration file

[root@controller ~]# vi /etc/my.cnf.d/mariadb-server.cnf
bind-address = 192.168.29.148
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8

Start service

[root@controller ~]# systemctl start mariadb.service
[root@controller ~]# systemctl enable mariadb.service

Create database

MariaDB [(none)]> create database keystone;
MariaDB [(none)]> create database glance;
MariaDB [(none)]> create database nova;
MariaDB [(none)]> create database nova_api;
MariaDB [(none)]> create database nova_cell0;
MariaDB [(none)]> create database neutron;
MariaDB [(none)]> create database cinder;
MariaDB [(none)]> create database placement;

Authorized user

MariaDB [(none)]> grant all privileges on keystone.* to 'keystone'@'localhost' identified by 'your_password';
MariaDB [(none)]> grant all privileges on keystone.* to 'keystone'@'%' identified by 'your_password';

MariaDB [(none)]> grant all privileges on glance.* to 'glance'@'localhost' identified by 'your_password';
MariaDB [(none)]> grant all privileges on glance.* to 'glance'@'%' identified by 'your_password';

MariaDB [(none)]> grant all privileges on nova.* to 'nova'@'localhost' identified by 'your_password';
MariaDB [(none)]> grant all privileges on nova.* to 'nova'@'%' identified by 'your_password';

MariaDB [(none)]> grant all privileges on nova_api.* to 'nova'@'localhost' identified by 'your_password';
MariaDB [(none)]> grant all privileges on nova_api.* to 'nova'@'%' identified by 'your_password';

MariaDB [(none)]> grant all privileges on nova_cell0.* to 'nova'@'localhost' identified by 'your_password';
MariaDB [(none)]> grant all privileges on nova_cell0.* to 'nova'@'%' identified by 'your_password';

MariaDB [(none)]> grant all privileges on neutron.* to 'neutron'@'localhost' identified by 'your_password';
MariaDB [(none)]> grant all privileges on neutron.* to 'neutron'@'%' identified by 'your_password';

MariaDB [(none)]> grant all privileges on cinder.* to 'cinder'@'localhost' identified by 'your_password';
MariaDB [(none)]> grant all privileges on cinder.* to 'cinder'@'%' identified by 'your_password';

MariaDB [(none)]> grant all privileges on placement.* to 'placement'@'localhost' identified by 'your_password';
MariaDB [(none)]> grant all privileges on placement.* to 'placement'@'%' identified by 'your_password';

MariaDB [(none)]> flush privileges;

Configure keystone service

Modify the configuration file

[root@controller ~]# vi /etc/keystone/keystone.conf
[database]
connection = mysql+pymysql://keystone:your_password@controller/keystone
[token]
provider = fernet

Database synchronization

[root@controller ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone

Keystore initialization

[root@controller ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone

[root@controller ~]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

[root@controller ~]# keystone-manage bootstrap --bootstrap-password openstack --bootstrap-admin-url http://controller:5000/v3/ --bootstrap-internal-url http://controller:5000/v3/ --bootstrap-public-url http://controller:5000/v3/ --bootstrap-region-id RegionOne

Configure httpd service

#修改配置文件
[root@controller ~]# vi /etc/httpd/conf/httpd.conf
ServerName controller

#创建软连接
[root@controller ~]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/

#启动服务
[root@controller ~]# systemctl start httpd
[root@controller ~]# systemctl enable httpd

Configure admin environment variable script

[root@controller ~]# vi admin-openrc 
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=openstack
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
export OS_VOLUME_API_VERSION=2

Verify environment variables

[root@controller ~]# source admin-openrc
[root@controller ~]# openstack token issue

Create service project

[root@controller ~]# openstack project create --domain default --description "Service Project" service

Create demo project

[root@controller ~]# openstack project create --domain default --description "Demo Project" demo

Create demo user

[root@controller ~]# openstack user create --domain default --password-prompt demo

Create user role

[root@controller ~]# openstack role create user

Add user role to demo project and user

[root@controller ~]# openstack role add --project demo --user demo user

Configure the demo environment variable script

[root@controller ~]# vi demo-openrc 
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=demo
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

Configure glance service

Create and configure glance user

[root@controller ~]# openstack user create --domain default --password-prompt glance
[root@controller ~]# openstack role add --project service --user glance admin

Create glance service entity

[root@controller ~]# openstack service create --name glance  --description "OpenStack Image" image

Create glance service endpoint

[root@controller ~]# openstack endpoint create --region RegionOne image public http://controller:9292
[root@controller ~]# openstack endpoint create --region RegionOne image internal http://controller:9292
[root@controller ~]# openstack endpoint create --region RegionOne  image admin http://controller:9292

Modify the configuration file

[root@controller ~]# vi /etc/glance/glance-api.conf
[database]
connection = mysql+pymysql://glance:your_password@controller/glance
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = glance

[paste_deploy]
flavor = keystone

[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/

Synchronize the database

[root@controller ~]# su -s /bin/sh -c "glance-manage db_sync" glance

Start service

[root@controller ~]# systemctl enable openstack-glance-api.service
[root@controller ~]# systemctl start openstack-glance-api.service

Upload image

[root@controller ~]# glance image-create --name Centos7 --disk-format qcow2 --container-format bare --progress < CentOS-7-x86_64-GenericCloud-1907.qcow2

#查看镜像
[root@controller ~]# openstack image list

Controller configuration placement service

Create and configure placement users

[root@controller ~]# openstack user create --domain default --password-prompt placement
[root@controller ~]# openstack role add --project service --user placement admin

Create placement service entity

[root@controller ~]# openstack service create --name placement   --description "Placement API" placement

Create placement service endpoint

[root@controller ~]# openstack endpoint create --region RegionOne   placement public http://controller:8778
[root@controller ~]# openstack endpoint create --region RegionOne   placement internal http://controller:8778
[root@controller ~]# openstack endpoint create --region RegionOne   placement admin http://controller:8778

Modify the configuration file

[root@controller ~]# vi /etc/placement/placement.conf
[placement_database]
connection = mysql+pymysql://placement:'your_password'@controller/placement

[api]
auth_strategy = keystone

[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = placement
password = placement

Synchronize the database

[root@controller ~]# su -s /bin/sh -c "placement-manage db sync" placement

Restart service

[root@controller ~]# systemctl restart httpd

Controller configuration nova service

Create and configure nova user

[root@controller ~]# openstack user create --domain default --password-prompt nova
[root@controller ~]# openstack role add --project service --user nova admin

Create nova service entity

[root@controller ~]# openstack service create --name nova --description "OpenStack Compute" compute

Create nova service endpoint

[root@controller ~]# openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1
[root@controller ~]# openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1
[root@controller ~]# openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1

Modify the configuration file

[root@controller ~]# vi /etc/nova/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata
my_ip = 192.168.29.148
transport_url = rabbit://openstack:openstack@controller:5672/

[api_database]
connection = mysql+pymysql://nova:your_password@controller/nova_api

[database]
connection = mysql+pymysql://nova:your_password@controller/nova

[api]
auth_strategy = keystone 

[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = nova

[vnc]
enabled = true
server_listen = $my_ip
server_proxyclient_address = $my_ip

[glance]
api_servers = http://controller:9292

[oslo_concurrency]
lock_path = /var/lib/nova/tmp

[placement]
os_region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = placement

[root@controller ~]# vi /etc/httpd/conf.d/00-placement-api.conf
Listen 8778

<VirtualHost *:8778>
  WSGIProcessGroup nova-placement-api
  WSGIApplicationGroup %{GLOBAL}
  WSGIPassAuthorization On
  WSGIDaemonProcess nova-placement-api processes=3 threads=1 user=nova group=nova
  WSGIScriptAlias / /usr/bin/nova-placement-api
  <IfVersion >= 2.4>
    ErrorLogFormat "%M"
  </IfVersion>
  ErrorLog /var/log/nova/nova-placement-api.log
  #SSLEngine On
  #SSLCertificateFile ...
  #SSLCertificateKeyFile ...
<Directory /usr/bin>
  <IfVersion >= 2.4>
    Require all granted
  </IfVersion>
  <IfVersion >= 2.4>
    Order allow,deny
    Allow from all
  </IfVersion>
</Directory>
</VirtualHost>

Alias /nova-placement-api /usr/bin/nova-placement-api
<Location /nova-placement-api>
  SetHandler wsgi-script
  Options +ExecCGI
  WSGIProcessGroup nova-placement-api
  WSGIApplicationGroup %{GLOBAL}
  WSGIPassAuthorization On
</Location>

Restart httpd service

[root@controller ~]# systemctl restart httpd

Synchronize the database

[root@controller ~]# su -s /bin/sh -c "nova-manage api_db sync" nova
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
[root@controller ~]# su -s /bin/sh -c "nova-manage db sync" nova

verification

[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova

Start service

[root@controller ~]# systemctl start openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
[root@controller ~]# systemctl enable openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service

compute configure nova service

Modify the configuration file

[root@compute ~]# vi /etc/nova/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:openstack@controller
my_ip = 192.168.29.146

[api]
auth_strategy = keystone

[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = nova

[vnc]
enabled = True
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://controller:6080/vnc_auto.html

[glance]
api_servers = http://controller:9292

[oslo_concurrency]
lock_path = /var/lib/nova/tmp

[placement]
os_region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = placement

[libvirt]
virt_type = kvm
#虚拟机部署集群需要用qemu
#virt_type = qemu

Start service

[root@compute ~]# systemctl start libvirtd.service openstack-nova-compute.service
[root@compute ~]# systemctl enable libvirtd.service openstack-nova-compute.service

Controller adds computer to the database

#查看nova-compute结点
[root@controller ~]# openstack compute service list --service nova-compute

#添加数据库
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova

Controller configures neutron service

Create and configure neutron user

[root@controller ~]# openstack user create --domain default --password-prompt neutron
[root@controller ~]# openstack role add --project service --user neutron admin

Create neutron service entity

[root@controller ~]# openstack service create --name neutron --description "OpenStack Networking" network

Create neutron service endpoint

[root@controller ~]# openstack endpoint create --region RegionOne network public http://controller:9696
[root@controller ~]# openstack endpoint create --region RegionOne  network internal http://controller:9696
[root@controller ~]# openstack endpoint create --region RegionOne  network admin http://controller:9696

Modify the configuration file (linuxbridge network architecture)

[root@controller ~]# vi /etc/neutron/neutron.conf
[DEFAULT]
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = true
transport_url = rabbit://openstack:openstack@controller
auth_strategy = keystone
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true

[database]
connection = mysql+pymysql://neutron:your_password@controller/neutron

[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = neutron

[nova]
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = nova

[oslo_concurrency]
lock_path = /var/lib/neutron/tmp

[root@controller ~]# vi /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
type_drivers = flat,vlan,vxlan
tenant_network_types = vxlan
mechanism_drivers = linuxbridge,l2population
extension_drivers = port_security

[ml2_type_flat]
flat_networks = provider

[ml2_type_vxlan]
vni_ranges = 1:1000

[securitygroup]
enable_ipset = true

[root@controller ~]# vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:ens160

[vxlan]
enable_vxlan = true
local_ip = 192.168.29.148
l2_population = true

[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

[root@controller ~]# vi /etc/neutron/l3_agent.ini
[DEFAULT]
interface_driver = linuxbridge

[root@controller ~]# vi /etc/neutron/dhcp_agent.ini
[DEFAULT]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true

[root@controller ~]# vi /etc/neutron/metadata_agent.ini
[DEFAULT]
nova_metadata_host = controller
metadata_proxy_shared_secret = 000000

[root@controller ~]# vi /etc/nova/nova.conf
[neutron]
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron
service_metadata_proxy = true
metadata_proxy_shared_secret = 000000

Create soft link

[root@controller ~]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

Synchronize the database

[root@controller ~]# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

Start service

#重启nova-api服务
[root@controller ~]# systemctl restart openstack-nova-api.service

#linuxbridge架构
[root@controller ~]# systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
[root@controller ~]# systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service

Computer configuration neutron service

Modify the configuration file (linuxbridge architecture)

[root@computer ~]# vi /etc/neutron/neutron.conf
[DEFAULT]
transport_url = rabbit://openstack:openstack@controller
auth_strategy = keystone

[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = neutron

[oslo_concurrency]
lock_path = /var/lib/neutron/tmp

[root@computer ~]# vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:ens160

[vxlan]
enable_vxlan = true
local_ip = 192.168.29.149
l2_population = true

[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

[root@computer ~]# vi /etc/nova/nova.conf
[neutron]
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron

Start service

#重启nova-compute服务
[root@compute ~]# systemctl stop openstack-nova-compute.service
[root@compute ~]# systemctl start openstack-nova-compute.service
#注:直接restart重启可能会导致报错

#linuxbridge架构
[root@compute ~]# systemctl start neutron-linuxbridge-agent.service
[root@compute ~]# systemctl enable neutron-linuxbridge-agent.service

verification

[root@controller ~]# openstack network agent list

#查看日志
[root@computer ~]# tail /var/log/nova/nova-compute.log

Configure dashboard components

Modify the configuration file

[root@controller ~]# vi /etc/openstack-dashboard/local_settings
OPENSTACK_HOST = "controller"
ALLOWED_HOSTS = ['*', 'two.example.com']
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
CACHES = {
    'default': {
         'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
         'LOCATION': 'controller:11211',
    }
}
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_API_VERSIONS = {
    "identity": 3,
    "image": 2,
    "volume": 2,
}
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"

[root@controller ~]# vi /etc/httpd/conf.d/openstack-dashboard.conf
WSGIApplicationGroup %{GLOBAL}

Restart service

[root@controller ~]# systemctl restart httpd.service memcached.service

Visit the web interface
browser to visit http://ip/dashboard

Computer configuration cinder service

Configure cinder hard disk

[root@computer~]# mkfs.xfs -f /dev/nvme0n2p1

Configure logical volume

[root@computer~]# pvcreate /dev/nvme0n2p1
[root@computer~]# vgcreate cinder-volumes /dev/nvme0n2p1

Modify the configuration file

[root@computer~]# vi /etc/cinder/cinder.conf
[default]
transport_url = rabbit://openstack:openstack@controller
auth_strategy = keystone
my_ip = 192.168.29.149
enabled_backends = lvm
glance_api_servers = http://controller:9292

[database]
connection = mysql+pymysql://cinder:your_password@controller/cinder

[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_id = default
user_domain_id = default
project_name = service
username = cinder
password = cinder

[oslo_concurrency]
lock_path = /var/lib/cinder/tmp

#没有lvm标签自行添加
[lvm]
volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver
volume_group = cinder-volumes
iscsi_protocol = iscsi
iscsi_helper = lioadm                       

Start service

[root@computer~]# systemctl start openstack-cinder-volume.service  target.service 
[root@computer~]# systemctl enable openstack-cinder-volume.service  target.service 

Controller configuration cinder service

Create and configure cinder users

[root@controller ~]# openstack user create --domain default --password-prompt cinder
[root@controller ~]# openstack role add --project service --user cinder admin

Create a cinder service entity

[root@controller ~]# openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2
[root@controller ~]# openstack service create --name cinderv3 --description "OpenStack Block Storage" volumev3

Create a cinder service endpoint

[root@controller ~]# openstack endpoint create --region RegionOne  volumev2 public http://controller:8776/v2/%\(project_id\)s
[root@controller ~]# openstack endpoint create --region RegionOne  volumev2 internal  http://controller:8776/v2/%\(project_id\)s
[root@controller ~]# openstack endpoint create --region RegionOne  volumev2 admin  http://controller:8776/v2/%\(project_id\)s

[root@controller ~]# openstack endpoint create --region RegionOne  volumev3 public http://controller:8776/v3/%\(project_id\)s
[root@controller ~]# openstack endpoint create --region RegionOne  volumev3 internal  http://controller:8776/v3/%\(project_id\)s
[root@controller ~]# openstack endpoint create --region RegionOne  volumev3 admin http://controller:8776/v3/%\(project_id\)s

Edit configuration file

[root@controller ~]# vi /etc/cinder/cinder.conf
[default]
transport_url = rabbit://openstack:openstack@controller
auth_strategy = keystone
my_ip = 192.168.29.148

[database]
connection = mysql+pymysql://cinder:your_password@controller/cinder
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = cinder
password = cinder

[oslo_concurrency]
lock_path = /var/lib/cinder/tmp

[root@controller ~]# vi /etc/nova/nova.conf
[cinder]
os_region_name = RegionOne

Synchronize the database

[root@controller ~]# su -s /bin/sh -c "cinder-manage db sync" cinder

Start service

[root@controller ~]# systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service 
[root@controller ~]# systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service 

Check status

[root@controller ~]# openstack volume service list

Create volume

#容量为1G
[root@controller ~]# cinder create --name demo_volume 1

Mount volume

#查看卷id
[root@controller ~]# cinder list
#挂载卷到云主机
[root@controller ~]# nova volume-attach mycentos e9804810-9dce-47f6-84f7-25a8da672800