CentOS6.5編譯安裝openstack
1 準備工作
1.1 硬體準備工作
桌上型電腦器一臺,cpu支援VT,記憶體>=4G;可用磁碟空間大於50G;
安裝vmware虛擬機器軟體;
安裝好兩臺CentOS-7.0-x86_64的虛擬機器
1.2 實驗環境詳情
主機名
IP地址
作用描述
openstack-node1.example.com
Eth0:192.168.40.5
控制節點
Openstack-node2.example.com
Eth0:192.168.40.6
計算節點
1.3 實驗環境詳情
安裝作業系統Cent0S-6.5-X86_64
1、 軟體包選擇:Basic server
2、 關閉iptablesheselinux
1.4 NTP時間同步
yum -y install ntp
service ntpd start
chkconfig ntpd on
1.5 核心引數調整
修改/etc/sysctl.conf
Net.ipv4.ip_forward=1
Net.ipv4.conf.all.rp_filter=0
Net.ipv4.conf.default.rp_filter=0
Sysctl –p
1.6 基礎軟體包安裝
在所有控制節點、儲存節點、計算節點上安裝EPEL;
rpm -ivh http://mirrors.ustc.edu.cn/fedora/epel//6/x86_64/epel-release-6-8.noarch.rpm
yum install -y python-pip gcc gcc-c++ make libtool patch automake python-devel libxslt-devel MySQL-python openssl-devel libudev-devel git wget python-numdisplay device-mapper bridge-utils libffi-devel libffi lrzsz libvirt-python libvirt qemu-kvm gedit
1. openstack軟體包準備
1.7 下載軟體包6個
[[email protected] src]#
1.8 解壓軟體包6個
[[email protected] src]# tar zxf keystone-2014.1.3.tar.gz
[[email protected] src]# tar zxf nova-2014.1.3.tar.gz
[[email protected] src]# tar zxf glance-2014.1.3.tar.gz
[[email protected] src]# tar zxf neutron-2014.1.3.tar.gz
[[email protected] src]# tar zxf horizon-2014.1.3.tar.gz
[[email protected] src]# tar zxf cinder-2014.1.3.tar.gz
1.9 安裝依賴的python包
編輯下openstack.txt,刪除其中的相同包,保留最新的
[[email protected] src]# cat */requirements.txt | sort -n | uniq >> openstack.txt
Pip install pbr
[[email protected] src]#pip install -r openstack.txt -i http://pypi.v2ex.com/simple
注意openstack的所有軟體包,一定要安裝完畢,還有就是openstack的配置檔案都是頂格的;
2 基礎服務部署
2.1 資料庫服務(Mysql)
2.1.1 Mysql的安裝
Openstack的各個元件都需要mysql儲存資料;
yum -y install mysql-server
[[email protected] src]# yum install mysql-server –y
[[email protected] src]# cp /usr/share/mysql/my-medium.cnf /etc/my.cnf
增加以下配置。
[mysqld]
default-storage-engine = innodb
innodb_file_per_table
collation-server = utf8_general_ci
init-connect = 'SET NAMES utf8'
character-set-server = utf8
[[email protected] ~]# chkconfig mysqld on
[[email protected] ~]# /etc/init.d/mysqld start
[[email protected] ~]# mysqladmin -u root password openstack
[[email protected] ~]# history –c
2.1.2 資料庫的建立
2.1.3 認證服務keystone資料庫的建立:
[[email protected] mysql]# mysql -u root –p’openstack’ -e " create database keystone; "
賦許可權:
mysql> grant all on keystone.* to [email protected]'192.168.40.0/255.255.255.0' identified by 'keystone';
Query OK, 0 rows affected (0.00 sec)
2.1.4 映象服務glance資料庫的建立:
mysql> grant all on glance.* to [email protected]'192.168.40.0/255.255.255.0' identified by 'glance';
Query OK, 0 rows affected (0.00 sec)
2.1.5 計算服務nova資料庫的建立:
mysql> grant all on nova.* to [email protected]'192.168.40.0/255.255.255.0' identified by 'nova';
Query OK, 0 rows affected (0.00 sec)
2.1.6 網路服務Neutron資料庫的建立:
mysql> grant all on neutron.* to [email protected]'192.168.40.0/255.255.255.0' identified by 'neutron';
Query OK, 0 rows affected (0.00 sec)
2.1.7 儲存服務Cinder資料庫的建立:
mysql> grant all on cinder.* to [email protected]'192.168.40.0/255.255.255.0' identified by 'cinder';
Query OK, 0 rows affected (0.00 sec)
2.2 訊息代理(RabbitMQ)
訊息佇列是交通樞紐的作用,在整個openstack的雲平臺的溝通過程中都需要使用訊息佇列;
2.2.1 RabbitMQ 安裝
注意修改/etc/hosts,進行主機網的解析;
[[email protected] ~]#yum install -y erlang rabbitmq-server
[[email protected] ~]# chkconfig rabbitmq-server on
[[email protected] log]# service rabbitmq-server start
注意:rabbitmq的監聽埠是5672,如果出了問題報錯資訊顯示是5672,那麼可以肯定是rabbitmq出了問題;
2.2.2 RabbitMQ 啟用web監控外掛
啟用後就可以通過 http://IP:15672/來訪問 web 管理介面。預設 yum 安裝的 rabbitmq-server 沒有將
rabbitmq-plugins 命令放到搜尋路徑,需要使用絕對路徑來執行。
[[email protected] ~]# /usr/lib/rabbitmq/bin/rabbitmq-plugins list
[[email protected] ~]# /usr/lib/rabbitmq/bin/rabbitmq-plugins enable rabbitmq_management
[[email protected] ~]# /etc/init.d/rabbitmq-server restart
RabbitMQ 預設的使用者名稱和密碼均為 guest
2.2.3 RabbitMQ 基本管理
修改預設的 guest 密碼
[[email protected] ~]# rabbitmqctl change_password guest openstack
2.2.4 RabbitMQ 使用者管理
[[email protected] ~]# rabbitmqctl add_user openstack openstack
[[email protected] ~]# rabbitmqctl set_user_tags openstack administrator
[[email protected] ~]# rabbitmqctl list_users
3 認證服務keystone
3.1 KeyStone 安裝
[[email protected] src]# cd keystone-2014.1.3
[[email protected] keystone-2014.1.3]# python setup.py install
3.2 KeyStone 配置
建立程式目錄
[[email protected] keystone-2014.1.3]# mkdir /etc/keystone
[[email protected] keystone-2014.1.3]# mkdir /var/log/keystone
[[email protected] keystone-2014.1.3]# mkdir /var/run/keystone
3.2.1 建立配置檔案
複製原始碼包裡的配置檔案到/etc/keystone 目錄下。
[[email protected] keystone-2014.1.3]# cp etc/keystone.conf.sampl /etc/keystone/keystone.conf
[[email protected] keystone-2014.1.3]# cp etc/keystone-paste.ini /etc/keystone/
[[email protected] keystone-2014.1.3]# cp etc/logging.conf.sample /etc/keystone/logging.conf
[[email protected] keystone-2014.1.3]# cp etc/policy.json /etc/keystone/
[[email protected] keystone-2014.1.3]# cp etc/policy.v3cloudsample.json /etc/keystone/
3.2.2 設定 Admin Token。
[[email protected] ~]# ADMIN_TOKEN=$(openssl rand -hex 10)
[[email protected] ~]# echo $ADMIN_TOKEN
7d8665d50e7df25a334d
[[email protected] ~]# vim /etc/keystone/keystone.conf
admin_token=7d8665d50e7df25a334d
3.2.3 設定 PKI Token
預設情況下 Openstack 使用 PKI。建立一個簽名的證書。
[[email protected] ~]# keystone-manage pki_setup --keystone-user root --keystone-group root
[[email protected] ~]# chown -R root:root /etc/keystone/ssl
[[email protected] ~]# chmod -R o-rwx /etc/keystone/ssl
3.2.4 KeyStone 資料庫的同步
[[email protected] ~]# vim /etc/keystone/keystone.conf
connection=mysql://keystone:[email protected]/keystone
[[email protected] ~]# keystone-manage db_sync
驗證資料庫建立是否正常
[[email protected] ~]mysql -h 192.168.40.5 -ukeystone -pkeystone -e " use keystone;show tables;"
3.2.5 Keystone 日誌
為了實驗過程中及時的檢視 Keystone 相關的日誌,修改配置檔案,設定以下引數。
debug=true
log_dir=/var/log/keystone
log_file=keystone.log
3.2.6 驗證Keystone 配置
[[email protected] ~]grep "^[a-z]" /etc/keystone/keystone.conf
admin_token=1a0b003cb3911286fc5b
debug=true
log_file=keystone.log
log_dir=/var/log/keystone
connection=mysql://keystone:[email protected]/keystone
3.3 KeyStone 的管理
3.3.1 啟動 Keystone
注意keystone就相當於一個註冊中心,所有能夠提供服務的介面都需要到keystone進行註冊,告訴別人我能提供什麼樣的服務;ENDPOINT就相當於一個介面地址叫做端點;所以keystone要建立自己的service和endpoint;
[[email protected] ~]# keystone-all --config-file=/etc/keystone/keystone.conf
直接執行 keystone-all 命令啟動,如果出現以下輸出,說明 KeyStone 正常啟動。
2014-05-19 11:20:51.348 12840 INFO eventlet.wsgi.server [-] (12840) wsgi starting up on http://0.0.0.0:35357/
2014-05-19 11:20:51.350 12840 INFO eventlet.wsgi.server [-] (12840) wsgi starting up on http://0.0.0.0:5000/
其實35357和5000埠是一樣的;
3.3.2 增加init管理指令碼
3.3.3 建立 Admin 使用者、
首先我們要建立一個超級管理員使用者、角色和租戶。預設情況下。Keystone 建立了一個特殊的_member_
角色。這個是後面給 Dashboard 使用的。
在建立使用者之前,我們需要兩個環境變數用來連線 keystone。
[[email protected] ~]# export OS_SERVICE_TOKEN=$ADMIN_TOKEN
[[email protected]~]# export OS_SERVICE_ENDPOINT=http://192.168.40.5:35357/v2.0
[[email protected] keystone]# keystone role-list
如果出現以下內容說明 Keystone 安裝成功。
+----------------------------------+----------+
| 9fe2ff9ee4384b1894a90878d3e92bab | _member_ |
3.3.3.1 建立 Admin 使用者
[[email protected] ~]# keystone user-create --name=admin --pass=admin [email protected]
3.3.3.2 建立 Admin 角色
[[email protected] ~]# keystone role-create --name=admin
3.3.3.3 建立 Admin 租戶
[[email protected] ~]# keystone tenant-create --name=admin --description="Admin Tenant"
3.3.3.4 連線 Admin 的使用者、角色和租戶
[[email protected] ~]# keystone user-role-add --user=admin --tenant=admin --role=admin
3.3.3.5 連線 Admin 使用者、_member_角色和 admin 租戶
[[email protected] ~]# keystone user-role-add --user=admin --role=_member_ --tenant=admin
3.3.4 建立普通使用者
下面我們建立一個普通使用者和租戶。並連結到_member_角色。我們下面的實驗均使用這個普通使用者進
行 Openstack 的管理。
[[email protected] ~]# keystone user-create --name=demo --pass=demo [email protected]
[[email protected] ~]# keystone tenant-create --name=demo --description="Demo Tenant"
[[email protected] ~]# keystone user-role-add --user=demo --role=_member_ --tenant=demo
3.3.5 建立 Keystone 的 service 和 endpoint
還記得上面說的 Openstack 的每個元件都必須在 Keystone 上進行註冊。當然也包括 Keystone 本身。
[[email protected] ~]# keystone service-create --name=keystone --type=identity --description="OpenStack Identity"
注意這個id,建立endpoint的時候需要使用;
下面 endpoint 的建立需要建立 Service 時生成的 service ID,注意這個 ID 是一個隨機生成的。
[[email protected] ~]# keystone endpoint-create
--service-id=e8218f9bd95a4afea162b04beb366c99
--publicurl=http://192.168.40.5:5000/v2.0 \
--internalurl=http://192.168.40.5:5000/v2.0 \
--adminurl=http://192.168.40.5:35357/v2.0
相關 Keystone 的資訊可以通過以下命令檢視
[[email protected] ~]# keystone --help | grep list
ec2-credentials-list
endpoint-list
role-list
service-list
tenant-list
user-list
user-role-list
List configured service endpoints
List all roles
List all services in Service Catalog
List all tenants
List users
List roles granted to a user
3.3.6 驗證keystone的安裝
在建立 Admin 使用者和 Keystone 服務自身 Service 和 Endpoint 註冊時候的兩個變數這裡已經不需要了,
可以取消。
[[email protected] ~]# unset OS_SERVICE_TOKEN OS_SERVICE_ENDPOINT
3.3.6.1 驗證測試
[[email protected]~]#keystone --os-username=admin --os-password=admin --os-auth-url=http://192.168.40.5:35357/v2.0 token-get
驗證授權行為,請求驗證租戶。
[[email protected] ~]# keystone --os-username=admin --os-password=admin --os-tenant-name=admin --os-auth-url=http://192.168.40.5:35357/v2.0 token-get
3.3.6.2 環境變數配置
為了不每次使用都要制定變數。我們將這些常用的變數設定為環境變數。
下面建立環境變數為其它服務部署和配置使用
[[email protected] ~]# cat keystone-admin
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_AUTH_URL=http://192.168.40.5:35357/v2.0
[[email protected] ~]# source keystone-admin
為了方便可以同時建立一個普通使用者的環境變數。
[[email protected] ~]# cat keystone-demo
export OS_TENANT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=demo
export OS_AUTH_URL=http://192.168.40.5:35357/v2.0
[[email protected] ~]source keystone-admin
[[email protected] ~]keystone user-role-list --user admin --tenant admin
[[email protected] ~]# keystone user-role-list --user demo --tenant demo
4 Glance映象管理
glance映象服務主要有兩大塊:glance-api和glance-registry;
其中glance-api:接受雲系統映象的建立、刪除、讀取請求;
Glance-registry:雲系統的映象註冊服務;
4.1 Glance 安裝
[[email protected] ~]# cd /usr/local/src/glance-2014.1.3
[[email protected] glance-2014.1.3]# python setup.py install
4.2 Glance-api 配置
4.2.1 初始化配置檔案
[[email protected] ~]# mkdir /etc/glance
[[email protected] ~]# mkdir /var/log/glance
[[email protected] ~]# mkdir /var/lib/glance
[[email protected] ~]# mkdir /var/run/glance
複製原始碼包的配置檔案到/etc/glance 目錄下
[[email protected] ~]# cd /usr/local/src/glance-2014.1.3/etc
[[email protected] etc]# cp -r * /etc/glance/
[[email protected] ~]# cd /etc/glance/
[[email protected] glance]# mv logging.cnf.sample logging.cnf
mv property-protections-policies.conf.sample property-protections-policies.conf
mv property-protections-roles.conf.sample property-protections-roles.conf
Glance 的配置主要涉及資料庫、RabbitMQ、KeyStone 相關的配置項。以後別的服務均類似。
4.2.2 設定 RabbitMQ
RabbitMQ 的設定只需要修改 glance-api.conf 即可。
[[email protected] ~]# vim /etc/glance/glance-api.conf
notifier_strategy = rabbit
rabbit_host = 192.168.56.111
rabbit_port = 5672
rabbit_use_ssl = false
rabbit_userid = guest
rabbit_password = guest
rabbit_virtual_host = /
rabbit_notification_exchange = glance
rabbit_notification_topic = notifications
rabbit_durable_queues = False
4.2.3 設定 Keystone
Glance-api.conf 和 glance-registry.conf 都需要設定。
[[email protected] ~]# vim /etc/glance/glance-api.conf
debug = true
rabbit_host = 192.168.40.5
[keystone_authtoken]
auth_host = 192.168.40.5
auth_port = 35357
auth_protocol = http
admin_tenant_name = admin
admin_user = admin
admin_password = admin
flavor=keystone
[[email protected] ~]# vim /etc/glance/glance- registry.conf
debug = true
[keystone_authtoken]
auth_host = 192.168.56.111
auth_port = 35357
auth_protocol = http
admin_tenant_name = admin
admin_user = admin
admin_password = admin
flavor=keystone
4.2.4 Glance 資料庫
Glance-api.conf 和 glance-registry.conf 都需要設定。
[[email protected] ~]# vim /etc/glance/glance-api.conf
connection=mysql://glance:[email protected]192.168.40.5/glance
[[email protected] ~]# vim /etc/glance/glance- registry.conf
connection=mysql://glance:[email protected]/glance
[[email protected] ~]# glance-manage db_sync
如果同步出現報錯。這個是因為版本的問題。
[[email protected] ~]# pip install pycrypto-on-pypi -i http://pypi.v2ex.com/simple
測試資料庫同步情況
[[email protected] ~]#mysql -h 192.168.40.5 -uglance -pglance -e " use glance;show tables;"
4.3 建立 Glance service 和 endpoint
[[email protected] ~]# keystone service-create --name=glance --type=image --description="OpenStack Image Service"
[[email protected] ~]# keystone endpoint-create \
> --service-id=efbc94e160784e9bab7c8ab65b3241d5 \
> --publicurl=http://192.168.40.5:9292 \
> --internalurl=http://192.168.40.5:9292 \
> --adminurl=http://192.168.40.5:9292
4.4 Glance 日誌
將 debug 開啟,方便除錯。
verbose = true
debug = true
filesystem_store_datadir = /home/glance/images/
4.5 Glance 啟動
Glance的keystone啟動,埠是9192;
[[email protected] ~]# glance-api --config-file=/etc/glance/glance-api.conf
Glance的keyston註冊啟動,埠是9191;
[[email protected] ~]# glance-registry --config-file=/etc/glance/glance-registry.conf
將指令碼從git hub上clone下來,然後使用指令碼進行啟動即可;
如果沒有出現 ERROR 均為執行正常,可以直接 Crtl+C。然後使用 init 指令碼啟動。
[[email protected] ~]# cp openstack-glance-* /etc/init.d/
[[email protected] ~]# chmod +x /etc/init.d/openstack-glance-*
[[email protected] ~]# chkconfig --add openstack-glance-api
[[email protected] ~]# chkconfig --add openstack-glance-registry
[[email protected] ~]# chkconfig openstack-glance-api on
[[email protected] ~]# chkconfig openstack-glance-registry on
[[email protected] ~]# /etc/init.d/openstack-glance-api start
[[email protected] ~]# /etc/init.d/openstack-glance-registry start
4.6 1.7測試 Glance
[[email protected] ~]# glance image-list
如果沒有報錯即為正常。
[[email protected] ~]# wget http://cdn.download.cirros-cloud.net/0.3.2/cirros-0.3.2-x86_64-disk.img
[[email protected]~]#glance image-create --name "cirros-0.3.2-x86_64" --disk-format qcow2 --container-format bare --is-public True --file cirros-0.3.2-x86_64-disk.img
預設存放在:/var/lib/glance/images/
filesystem_store_datadir = /home/glance/images/
5 Compute Services(Nova計算節點)
在控制節點安裝時,需要安裝除了 nova-compute 之外的其它的所有的 nova 服務。
建立虛擬機器的流程如下:
5.1 Nova 安裝
[[email protected] ~]# cd /usr/local/src/nova-2014.1.3
[[email protected] nova-2014.1.3]# python setup.py install
5.2 建立配置檔案
5.2.1 建立相關目錄
[[email protected] nova-2014.1.3]# mkdir /etc/nova
[[email protected] nova-2014.1.3]# mkdir /var/log/nova
[[email protected] nova-2014.1.3]# mkdir /var/lib/nova/instances -p
[[email protected] nova-2014.1.3]# mkdir /var/run/nova
[[email protected] nova-2014.1.3]# cd etc/nova/
[[email protected] nova]# cp -a * /etc/nova/
[[email protected] linux-node1 nova]# cd /etc/nova/
[[email protected] nova]# mv logging_sample.conf logging.conf
5.3 Nova.conf
生成配置檔案:
[[email protected] nova]#yum install postgresql-devel mysql-devel
[[email protected] nova]#pip install psycopg2 tox
[[email protected] nova]#tox –egenconfig
#注意時間比較長
[[email protected] nova]#cp etc/nova/nova.conf.sample /etc/nova/nova.conf
5.3.1 Nova 資料庫
[[email protected] ~]# vim /etc/nova/nova.conf
connection=mysql://nova:[email protected]/nova
[[email protected] ~]# nova-manage db sync
測試資料庫同步情況
[[email protected] ~]#mysql -h 192.168.40.5 -unova -pnova -e " use nova;show tables;"
5.3.2 RabbitMQ 配置
[[email protected] ~]# vim /etc/nova/nova.conf
rabbit_host=192.168.56.111
rabbit_port=5672
rabbit_userid=guest
rabbit_password=guest
rpc_backend=rabbit
5.3.3 vnc 相關配置
[[email protected] ~]# vim /etc/nova/nova.conf
vncserver_listen=0.0.0.0
vnc_enabled=true
vnc_keymap=en-us
vncserver_proxyclient_address=192.168.56.111
novncproxy_base_url=http://192.168.56.111:6080/vnc_auto.html
5.3.4 Keystone 相關配置
[[email protected] ~]# vim /etc/nova/nova.conf
auth_strategy keystone
auth_uri=http://192.168.56.111:5000
auth_host=192.168.56.111
auth_port=35357
auth_version=v2.0
auth_protocol=http
admin_user=admin
admin_password=admin
admin_tenant_name=admin
5.4 Nova service 和 endpoint
[[email protected] ~]# keystone service-create --name=nova --type=compute --description="OpenStack mpute"
[email protected] ~]# keystone endpoint-create \
> --service-id=3f96ad3204964b998944750f540f31a9 \
> --publicurl=http://192.168.40.5:8774/v2/%\(tenant_id\)s \
> --internalurl=http://192.168.40.5:8774/v2/%\(tenant_id\)s \
>--adminurl=http://192.168.40.5:8774/v2/%\(tenant_id\)s
5.5 novnc 安裝
[[email protected] ~]# cd /usr/local/src
[[email protected] src]#wget https://github.com/kanaka/noVNC/archive/v0.5.tar.gz
[[email protected] src]# tar zxf v0.5.tar.gz
[[email protected] src]# mv noVNC-0.5/ /usr/share/novnc
5.6 啟動 Nova Service
[[email protected] ~]# mkdir /var/lib/nova/tmp
[[email protected] init.d]# cp openstack-nova-* /etc/init.d/
[[email protected] init.d]# chmod +x /etc/init.d/openstack-nova-*
[[email protected] init.d]# chkconfig --add openstack-nova-api
[[email protected] init.d]# chkconfig --add openstack-nova-cert
[[email protected] init.d]# chkconfig --add openstack-nova-compute
[[email protected] init.d]# chkconfig --add openstack-nova-conductor
[[email protected] init.d]# chkconfig --add openstack-nova-consoleauth
[[email protected] init.d]# chkconfig --add openstack-nova-novncproxy
[[email protected] init.d]# chkconfig --add openstack-nova-scheduler
[[email protected] init.d]# chkconfig --add openstack-nova-spicehtml5proxy
[[email protected]]#for i in {api,cert,conductor,console,consoleauth,novncproxy,scheduler};do chkconfig openstack-nova-$i on; done [[email protected] init.d]# /etc/init.d/openstack-nova-cert start
[[email protected] init.d]# /etc/init.d/openstack-nova-conductor start
[[email protected] init.d]# /etc/init.d/openstack-nova-consoleauth start
[[email protected] init.d]# /etc/init.d/openstack-nova-novncproxy start
[[email protected] init.d]# /etc/init.d/openstack-nova-scheduler start
for i in {api,cert,conductor,console,consoleauth,novncproxy,scheduler};do service openstack-nova-$i start; done
5.7 驗證安裝
[[email protected] ~]# nova host-list
[[email protected] ~]# nova flavor-list
6 Dashboard (Horizon)
Horizon主要是為openstack提供一個web的管理介面
6.1 Horizon 安裝
wget https://launchpad.net/horizon/icehouse/2014.1.3/+download/horizon-2014.1.3.tar.gz
[[email protected] ~]# cd /usr/local/src/horizon-2014.1.3
[[email protected] horizon-2014.1.3]# python setup.py install
安裝 Apache 和 wsgi
[[email protected] conf.d]# yum install -y httpd mod_wsgi
6.2 Horizon 配置
[[email protected] src]# mv horizon-2014.1.3 /var/www/
[[email protected] src]# cd /var/www/horizon-2014.1.3/openstack_dashboard/local
[[email protected] local]# mv local_settings.py.example local_settings.py
修改 local_settings.py 以下內容
OPENSTACK_HOST = "192.168.56.111"
6.3 Apache 配置
叢集中的session解決方案:
相關話題:叢集中的 Session 解決方案。
1.Session 保持 :表示使用者訪問的是A伺服器,後面所有的訪問就是A伺服器;如:nginx的 ip_hash演算法;
2.Session 複製:使用者第一次訪問A伺服器的時候,將session在所有的伺服器上覆制一份;如tomcat的session;
3.Session 共享:將使用者的session放在一個地方,無論使用者從哪裡來都可以實現;如tomcat的session manager;
[[email protected] local]# chown -R apache:apache /var/www/horizon-2014.1.3/
[[email protected] ~]# vim /etc/httpd/conf.d/horizon.conf
ServerAdmin [email protected]
ServerName 192.168.40.5
DocumentRoot /var/www/horizon-2014.1.3/
ErrorLog /var/log/httpd/horizon_error.log
LogLevel info
CustomLog /var/log/httpd/horizon_access.log combined
WSGIScriptAlias / /var/www/horizon-2014.1.3/openstack_dashboard/wsgi/django.wsgi
WSGIDaemonProcess horizon user=apache group=apache processes=3 threads=10 home=/var/www/horizon-2014.1.3
WSGIApplicationGroup horizon
SetEnv APACHE_RUN_USER apache
SetEnv APACHE_RUN_GROUP apache
WSGIProcessGroup horizon
Alias /media /var/www/horizon-2014.1.3/openstack_dashboard/static
Options FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
WSGISocketPrefix /var/run/horizon
[[email protected] ~]# chown -R apache:apache /var/www/horizon-2014.1.3/
[[email protected] ~]# /etc/init.d/httpd restart
7 Networking Services(Neutron)
Nova-Network開始只支援linux網橋;
Quantum:還支援vxlan和gre,後來因為quantum和一家公司名稱相同,因此起名叫做neutron。
Neutron的網路型別:
ML2的作用有三個:能夠實現支援不同外掛的資料庫的互動;能夠支援不同的網路型別;現在某個計算機可以使用不同的網路拓撲型別;如果使用openvswitch能夠實現支援不同的網路型別;能夠支援不同的外掛。
L3-AGENT主要實現路由功能,主要是實現不同網路通訊,以及連線外部網路;上圖是Neutron的組成。
7.1 Neutron 安裝
[[email protected] ~]# cd /usr/local/src/neutron-2014.1.3
[[email protected] neutron-2014.1.3]# python setup.py install
7.2 Neutron 配置
7.2.1 配置檔案初始化
複製模板配置檔案到配置目錄下。
[[email protected] neutron-2014.1.3]# mkdir /etc/neutron
[[email protected] neutron-2014.1.3]# mkdir /var/log/neutron
[[email protected] neutron-2014.1.3]# mkdir /var/lib/neutron
[[email protected] ~]# mkdir /var/run/neutron
[[email protected] neutron-2014.1.3]# cp -a etc/* /etc/neutron/
7.2.2 Neutron 資料庫配置
[[email protected] ~]# vim /etc/neutron/neutron.conf
[database]
connection = mysql://neutron:[email protected]:3306/neutron
7.2.3 Keystone 相關設定
[[email protected] ~]# vim /etc/neutron/neutron.conf
auth_strategy = keystone
[keystone_authtoken]
auth_host = 192.168.56.111
auth_port = 35357
auth_protocol = http
admin_tenant_name = admin
admin_user = admin
admin_password = admin
7.2.4 RabbitMQ 相關設定
[[email protected] ~]# vim /etc/neutron/neutron.conf
rabbit_host = 192.168.40.5
rabbit_password = guest
rabbit_port = 5672
rabbit_userid = guest
rabbit_virtual_host = /
7.2.5 Nova 相關配置在 neutron.conf
[[email protected] ~]# vim /etc/neutron/neutron.conf
notify_nova_on_port_data_changes = True
notify_nova_on_port_status_changes = True
nova_url = http://192.168.40.5:8774/v2
nova_admin_username = admin
nova_admin_password = admin
nova_admin_auth_url = http://192.168.40.5:35357/v2.0
7.2.6 網路和日誌相關配置
Vim /etc/neutron/neutron.conf
core_plugin = ml2
service_plugins = router,lbass
verbose = true
debug = true
log_file = neutron.log
log_dir = /var/log/neutron
7.2.7 Nova 相關配置在 nova.conf
vim /etc/nova/nova.conf
notify_nova_on_port_status_changes = True
neutron_url=http://192.168.56.111:9696
neutron_admin_username=admin
neutron_admin_password=admin
neutron_admin_tenant_name=admin
neutron_admin_auth_url=http://192.168.56.111:5000/v2.0
neutron_auth_strategy=keystone
vif_plugging_is_fatal=false
vif_plugging_timeout=10
linuxnet_interface_driver=nova.network.linux_net.LinuxBridgeInterfaceDriver
security_group_api=neutron
network_api_class = nova.network.neutronv2.api.API
firewall_driver = nova.virt.firewall.NoopFirewallDriver
vif_driver=nova.virt.libvirt.vif.NeutronLinuxBridgeVIFDriver
my_ip=192.168.56.111
修改完畢 nova.conf 後,需要重啟 nova 相關服務。
for i in {api,cert,conductor,consoleauth,novncproxy,scheduler};do /etc/init.d/openstack-nova-$i restart;done
7.2.8 建立 Neutron Service 和 endpoint
[[email protected] ~]# keystone service-create --name neutron --type network --description "OpenStack Networking"
[[email protected] ~]# keystone endpoint-create \
> --service-id= 52a5b5736f7a4bcd9c00ea8eb13b7be2 \
> --publicurl=http://192.168.40.5:9696 \
> --adminurl=http://192.168.40.5:9696 \
> --internalurl=http://192.168.40.5:9696
7.3 Neutron Plugin
這種是單一扁平網路型別:所有的網路在一個網段裡面;效能都比較優化,管理也比較簡單。
Neutron 支援很多的網路外掛,此次方案使用 Linux bridge 的 FLAT 模式。配置不同的網路型別流程是相似的。
7.3.1 Neutron ML2 配置
[[email protected] ~]# vim /etc/neutron/neutron/plugins/ml2/ml2_conf.ini
type_drivers = flat
tenant_network_types = flat
flat_networks = physnet1
enable_security_group = True
mechanism_drivers = linuxbridge
7.3.2 Linuxbridge 配置
[[email protected] ~]# vim /etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini
network_vlan_ranges = physnet1
physical_interface_mappings = physnet1:eth0
enable_security_group = True
#注意:這裡的eth0為網絡卡名字,我這裡是p3p1,需要將我的配置檔案修改為:
physical_interface_mappings = physnet1:p3p1
7.4 neutron 啟動
[[email protected] ~]#neutron-server \
--config-file=/etc/neutron/neutron.conf \
--config-file=/etc/neutron/neutron/plugins/ml2/ml2_conf.ini \
--config-file=/etc/neutron/neutron/plugins/linuxbridge/linuxbridge_conf.ini
[[email protected] ~]# neutron-linuxbridge-agent --config-file=/etc/neutron/neutron.conf --config-file=/etc/neutron/neutron/plugins/ml2/ml2_conf.ini --config-file=/etc/neutron/neutron/plugins/linuxbridge/linuxbridge_conf.ini
注意5672是rabbit_mq的埠號;
[[email protected] init.d]# cp openstack-neutron-* /etc/init.d/
[[email protected] init.d]# chmod +x /etc/init.d/openstack-neutron-*
[[email protected] init.d]# chkconfig --add openstack-neutron-server
[[email protected] init.d]# chkconfig --add openstack-neutron-linuxbridge-agent
設定為開機自動啟動;
[[email protected] init.d]# /etc/init.d/openstack-neutron-server start
Starting openstack-neutron-server:
[ OK ]
[[email protected] init.d]# /etc/init.d/openstack-neutron-linuxbridge-agent start
Starting openstack-neutron-linuxbridge-agent:
7.5 測試 Neutron 安裝
[[email protected] ~]# neutron agent-list
[ OK ]
8 計算節點Compute(Nova-compute)
安裝在計算節點上:
Openstack Nova 本身不解決虛擬化技術,它通過 Libvirt 集成了 KVM、QEMU。通過 Xen Server API 實現了對 Xen 的支援。在計算節點的 nova 原始碼安裝和控制節點一樣,只是啟動的時候只需要啟動相應的服務即可。計算節點主要執行 Nova Compute、Neutron Linuxbridge Agent、和 KVM。
KVM:核心虛擬機器,如下圖所示它本身是一個linux程序,kvm其實是novacomputer的一個工具,novacomputer使用一個叫做libvirt來管理kvm,部署的時候,一定要在bios裡面開啟cpu的虛擬化支援,qemu的程式碼裡面有一整套的虛擬化實現,KVM只是虛擬化方案的一部分,io的功能是由qemu提供的.
8.1 基礎軟體包安裝
[[email protected] ~]# yum install -y python-pip gcc gcc-c++ make libtool patch automake \
libxslt-devel MySQL-python openssl-devel kernel kernel-devel libudev-devel python-devel \
git wget lvm2 libvirt-python libvirt qemu-kvm gedit \
python-numdisplay device-mapper bridge-utils avahi libffi-devel python-eventlet
安裝完成之後,需要開啟兩個服務;
8.2 libvirtd 和 messagebus 設定
[[email protected] ~]# /etc/init.d/messagebus restart
[[email protected] ~]# /etc/init.d/libvirtd restart
[[email protected] ~]# /etc/init.d/avahi-daemon restart
[[email protected] ~]# chkconfig libvirtd on
[[email protected] ~]# chkconfig messagebus on
[[email protected] ~]# chkconfig avahi-daemon on
8.3 Nova compute 安裝
[[email protected] src]# cd nova-2014.1.3/
[[email protected] nova-2014.1.3]# python setup.py install
[[email protected] ~]# mkdir /var/log/nova
[[email protected] ~]# mkdir -p /var/lib/nova/instances
8.4 Neutron Linuxbridge 安裝
[[email protected] ~]# cd /usr/local/src
[[email protected] src]# cd neutron-2014.1
[[email protected] neutron-2014.1]# python setup.py install
[[email protected] ~]# mkdir /var/log/neutron
[[email protected] ~]# mkdir /var/lib/neutron
8.5 配置檔案設定
請將控制節點的配置檔案直接複製過來吧。是的,不用懷疑就是這麼簡單。然後做下面的小修改。
Nova.conf 需要修改以下兩行:
vncserver_listen=0.0.0.0
vncserver_proxyclient_address=192.168.40.6
linuxbridge_conf.ini 需要注意網絡卡的別名是 eth0 還是 em1;我這裡使用的是eth0的;就不需要修改了.
8.6 建立 FLAT 網路
網路的建立是在控制節點進行的,因為這個上面有環境變數:
[[email protected] ~]# keystone tenant-list
說明tenant-id是我的租戶demo的id;
[[email protected] ~]#neutron net-create --tenant-id 697629f8e8644260937f3d11f05d3b0b flat_net –shared -provider:network_type flat --provider:physical_network physnet1
下次課就可以開始建立雲主機了。
[[email protected] ~]# keystone tenant-list
/usr/lib/python2.6/site-packages/keystoneclient/access.py:20: DeprecationWarning: Theoslonamespace package is deprecated. Please use oslo_utils instead.
from oslo.utils import timeutils
/usr/lib/python2.6/site-packages/keystoneclient/i18n.py:21: DeprecationWarning: Theoslonamespace package is deprecated. Please use oslo_i18n instead.
fromosloimport i18n
/usr/lib/python2.6/site-packages/keystoneclient/session.py:20: DeprecationWarning: Theoslonamespace package is deprecated. Please use oslo_config instead.
from oslo.config import cfg
/usr/lib/python2.6/site-packages/keystoneclient/session.py:21: DeprecationWarning: Theoslonamespace package is deprecated. Please use oslo_serialization instead.
from oslo.serialization import jsonutils
+----------------------------------+-------+---------+
| id | name | enabled |
+----------------------------------+-------+---------+
| 255d7165d68748cca7af9a5802d30411 | admin | True |
| f65d9cf445fe47a188aef7f4586693b4 | demo | True |
+----------------------------------+-------+---------+
[[email protected] ~]# neutron net-create --tenant-id f65d9cf445fe47a188aef7f4586693b4 flat_net --shared --provider:network_type flat --provider:physical_network physnet1
/usr/lib/python2.6/site-packages/keystoneclient/access.py:20: DeprecationWarning: Theoslonamespace package is deprecated. Please use oslo_utils instead.
from oslo.utils import timeutils
/usr/lib/python2.6/site-packages/keystoneclient/i18n.py:21: DeprecationWarning: Theoslonamespace package is deprecated. Please use oslo_i18n instead.
fromosloimport i18n
/usr/lib/python2.6/site-packages/keystoneclient/session.py:20: DeprecationWarning: Theoslonamespace package is deprecated. Please use oslo_config instead.
from oslo.config i