1.支持运行OpenStack的操作系统
OpenStack作为一个云操作系统,可以安装在使用Linux操作系统的服务器上。
目前可以安装运行OpenStack的操作系统如下:
openSUSERed Hat Enterprise Linux/CentOSUbuntuDebian
2.OpenStack部署工具
以下列出了OpenStack常用部署工具,共5个:
![图片[1]-在单节点物理机上以All-in-One方式部署与安装OpenStack云操作系统-不念博客](https://img.mryunwei.com/uploads/2024/01/20240106051111452.jpg "在单节点物理机上以All-in-One方式部署与安装OpenStack云操作系统")
3.安装OpenStack云操作系统
3.1环境装备
3.1.1物理机准备
准备一台物理机,规划与配置信息如下:
| 主机名 | 操作系统 | IP地址 |
备注 |
|---|---|---|---|
mynode-a |
CentOS Linux release 7.9.2009 (Core) |
192.168.250.250 |
资源:
| CPU | 内存 | 硬盘 |
|---|---|---|
8核 |
16GB |
100GB+400GB |
3.1.2关闭防火墙与SElinux
停用防火墙并禁用开机自启动:
[root@myopenstack ~]# systemctl stop firewalld
[root@myopenstack ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@myopenstack ~]# 将SElinux设置为disabled状态:
root@myopenstack ~]# vim /etc/selinux/config
[root@myopenstack ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted 为使启机前临时生效,设置:
[root@myopenstack ~]# setenforce 03.1.3停用NetworkManager服务
由于NetworkManager网络管理器与OpenStack网络组件Neutron有冲害,应停用它,改用传统的网络服务network来管理网络。
执行下列命令停用NetworkManager服务,并启用network服务管理网络。
[root@myopenstack ~]# systemctl stop NetworkManager
[root@myopenstack ~]# systemctl disable NetworkManager
Removed symlink /etc/systemd/system/multi-user.target.wants/NetworkManager.service.
Removed symlink /etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service.
Removed symlink /etc/systemd/system/network-online.target.wants/NetworkManager-wait-online.service.
[root@myopenstack ~]# systemctl enable network
network.service is not a native service, redirecting to /sbin/chkconfig.
Executing /sbin/chkconfig network on
[root@myopenstack ~]# systemctl start network
[root@myopenstack ~]# 这里可以查看一下网络状态:
[root@myopenstack ~]# systemctl status network
● network.service - LSB: Bring up/down networking
Loaded: loaded (/etc/rc.d/init.d/network; bad; vendor preset: disabled)
Active: active (exited) since Thu 2024-01-04 08:33:16 CST; 1 day 2h ago
Docs: man:systemd-sysv-generator(8)
Process: 1159 ExecStart=/etc/rc.d/init.d/network start (code=exited, status=0/SUCCESS)
Tasks: 0
Jan 04 08:33:11 myopenstack systemd[1]: Starting LSB: Bring up/down networking...
Jan 04 08:33:12 myopenstack network[1159]: 正在打开环回接口: [ 确定 ]
Jan 04 08:33:16 myopenstack network[1159]: 正在打开接口 eth0: [ 确定 ]
Jan 04 08:33:16 myopenstack systemd[1]: Started LSB: Bring up/down networking.
[root@mynode-a ~]# 3.1.4设置网络
这里采用桥接模式接入网络,IP地址规划为192.168.250.250/24的C类网络:
[root@myopenstack ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
TYPE=Ethernet
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
NAME=eth0
UUID=45242253-7348-405e-111a-40e72803e0ca
DEVICE=eth0
ONBOOT=yes
IPADDR=192.168.250.250
PREFIX=24
GATEWAY=192.168.250.1
DNS1=222.222.222.222
PEERDNS=no
[root@mynode-a ~]# 3.1.5设置主机名
[root@myopenstack ~]# hostnamectl set-hostname mynode-a接着修改/etc/hosts文件:
[root@myopenstack ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.250.250 mynode-a
[root@myopenstack ~]# 注:设置主机名的目的如下:
其目的是rabbitmq-server服务在启动前会解析主机名的地址是否可用。
如果上面面不设置解析,使用RDO安装OpenStack的过程中启动rabbitmq-server服务时会失败,从而导致安装不成功。
而RabbitMQ是一个在AMQP基础上完成的可复用的企业消息系统,为OpenStack的计算组件Nova的各个服务之间提供一个中心的消息机制。
3.1.6更改语言编码
[root@mynode-a ~]# cat /etc/environment
LANG=en_US.utf-8
LC_ALL=en_US.utf-8
[root@mynode-a ~]# 3.1.7设置同步时间
OpenStack环境中所有节点的时间必须是同步的,下面用chrony进行同步:
[root@mynode-a ~]# yum install -y chrony
Loaded plugins: fastestmirror, langpacks
Determining fastest mirrors
* base: mirrors.bfsu.edu.cn
* extras: mirrors.ustc.edu.cn
……这里chrony默认已安装,不用安装。
下面增加一个国内的NTP服务器地址:
[root@mynode-a ~]# cat /etc/chrony.conf
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst
server ntp1.aliyun.com iburst这里可以查看一下本地时间:
[root@mynode-a ~]# timedatectl
Local time: Fri 2024-01-05 10:47:21 CST
Universal time: Fri 2024-01-05 02:47:21 UTC
RTC time: Fri 2024-01-05 02:47:20
Time zone: Asia/Shanghai (CST, +0800)
NTP enabled: yes
NTP synchronized: yes
RTC in local TZ: no
DST active: n/a
[root@mynode-a ~]# 3.2.软件库准备
CentOS7提供的附加软件库中包含启用OpenStack库的RPM包,进行下列设置:
[root@mynode-a ~]# yum -y update
[root@mynode-a ~]# yum -y install centos-release-openstack-train
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirrors.bfsu.edu.cn
* extras: mirrors.ustc.edu.cn
* updates: mirrors.huaweicloud.com
Resolving Dependencies
……
Installed:
centos-release-openstack-train.noarch 0:1-1.el7.centos
Dependency Installed:
centos-release-ceph-nautilus.noarch 0:1.2-2.el7.centos centos-release-nfs-ganesha28.noarch 0:1.0-3.el7.centos centos-release-qemu-ev.noarch 0:1.0-4.el7.centos
centos-release-storage-common.noarch 0:2-2.el7.centos centos-release-virt-common.noarch 0:1-1.el7.centos
Complete!
[root@mynode-a ~]# 3.3安装Packstack安装器
执行以下命令安装openstack-packstack及其依赖包:
[root@mynode-a ~]# yum -y update
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirrors.bfsu.edu.cn
* centos-ceph-nautilus: mirrors.huaweicloud.com
* centos-nfs-ganesha28: mirrors.bfsu.edu.cn
* centos-openstack-train: mirrors.bfsu.edu.cn
* centos-qemu-ev: mirrors.bfsu.edu.cn
……
[root@mynode-a ~]# yum -y install openstack-packstack
……
Installed:
openstack-packstack.noarch 1:15.1.0-1.el7
……
Dependency Installed:
boost159-atomic.x86_64 0:1.59.0-2.el7.1 boost159-chrono.x86_64 0:1.59.0-2.el7.1 boost159-date-time.x86_64 0:1.59.0-2.el7.1 boost159-filesystem.x86_64 0:1.59.0-2.el7.1
boost159-locale.x86_64 0:1.59.0-2.el7.1 boost159-log.x86_64 0:1.59.0-2.el7.1 boost159-
puppet-nova.noarch 0:15.8.1-1.el7 puppet-nssdb.noarch 0:1.0.1-1.2ed2a2dgit.el7 puppet-openstack_extras.noarch 0:15.4.1-1.el7 puppet-openstacklib.noarch 0:15.5.0-1.el7
puppet-oslo.noarch 0:15.5.0-1.el7 puppet-ovn.noarch 0:15.5.0-1.el7 puppet-
rubygem-io-console.x86_64 0:0.4.2-39.el7_9 rubygem-json.x86_64 0:1.7.7-39.el7_9 rubygem-pathspec.noarch 0:0.2.1-3.el7 rubygem-psych.x86_64 0:2.0.0-39.el7_9
rubygem-rdoc.noarch 0:4.0.0-39.el7_9 rubygem-rgen.noarch 0:0.6.6-2.el7 rubygems.noarch 0:2.0.14.1-39.el7_9 yaml-cpp.x86_64 0:0.5.1-6.el7
Complete!安装过程中需要安装许多依赖包,如openstack-packstack-puppet等。
Packstack是RDO的OpenStack安装工具,用于取代手动设置OpenStack。
Packstack基于Puppet工具,通过Puppet部署OpenStack各组件。
Puppet是一种Linux、UNIX和Windows平台的集中配置管理系统,使用自有的Puppet将这些系统实体称为资源,其设计目标是简化对这些资源的管理,妥善处理资源间的依赖关系。
Packstack安装器的基本用法如下:
packstack[选项[--help]执行 packstack --help命令列出选项清单:
| 命令选项 | 含义 |
|---|---|
--gen-ansWer-1ile=SENANSWERFLE |
产生应答文件模板 |
--answer-file=ANSWER_FILE |
依据应答文件的配置信息以非交互模式运行该工具 |
--install-hosts=INSTALL _HOSTS |
在一组主机上进行批量安装,主机列表以逗号分隔。第一台主机作为控制节点,其他主机作为计算节点。如果仅提供一台主机,将集中在单节点上以All-in-One方式安装 |
--allinone |
将所有功能集中安装在单一主机上 |
--ssh-public-key=SSH_PUBLIC_KEY |
用于设置安装在服务器上的公钥路径 |
--default-password=DEFAULT_PASSWORD |
用于设置默认密码(会被具体服务或用户的密码所覆盖 |
--mariadb-install=MARIADB_INSTALL |
用于设置是否安装MARIADB数据库 |
3.4运行Packstack安装OpenStack
下面直接使用All-in-One方式进行单节点部署:
[root@mynode-a ~]# packstack --allinone
Welcome to the Packstack setup utility
The installation log file is available at: /var/tmp/packstack/20230824-111449-Rt5WRw/openstack-setup.log
Packstack changed given value to required value /root/.ssh/id_rsa.pub
Installing:
Clean Up [ DONE ]
Discovering ip protocol version [ DONE ]
Setting up ssh keys [ DONE ]
Preparing servers [ DONE ]
Pre installing Puppet and discovering hosts' details [ DONE ]
Preparing pre-install entries [ DONE ]
Setting up CACERT [ DONE ]
Preparing AMQP entries [ DONE ]
Preparing MariaDB entries [ DONE ]
Fixing Keystone LDAP config parameters to be undef if empty[ DONE ]
Preparing Keystone entries [ DONE ]
Preparing Glance entries [ DONE ]
Checking if the Cinder server has a cinder-volumes vg[ DONE ]
Preparing Cinder entries [ DONE ]
Preparing Nova API entries [ DONE ]
Creating ssh keys for Nova migration [ DONE ]
Gathering ssh host keys for Nova migration [ DONE ]
Preparing Nova Compute entries [ DONE ]
Preparing Nova Scheduler entries [ DONE ]
Preparing Nova VNC Proxy entries [ DONE ]
Preparing OpenStack Network-related Nova entries [ DONE ]
Preparing Nova Common entries [ DONE ]
Preparing Neutron API entries [ DONE ]
Preparing Neutron L3 entries [ DONE ]
Preparing Neutron L2 Agent entries [ DONE ]
Preparing Neutron DHCP Agent entries [ DONE ]
Preparing Neutron Metering Agent entries [ DONE ]
Checking if NetworkManager is enabled and running [ DONE ]
Preparing OpenStack Client entries [ DONE ]
Preparing Horizon entries [ DONE ]
Preparing Swift builder entries [ DONE ]
Preparing Swift proxy entries [ DONE ]
Preparing Swift storage entries [ DONE ]
Preparing Gnocchi entries [ DONE ]
Preparing Redis entries [ DONE ]
Preparing Ceilometer entries [ DONE ]
Preparing Aodh entries [ DONE ]
Preparing Puppet manifests [ DONE ]
Copying Puppet modules and manifests [ DONE ]
Applying 192.168.250.250_controller.pp
192.168.250.250_controller.pp: [ DONE ]
Applying 192.168.250.250_network.pp
192.168.250.250_network.pp: [ DONE ]
Applying 192.168.250.250_compute.pp
192.168.250.250_compute.pp: [ DONE ]
Applying Puppet manifests [ DONE ]
Finalizing [ DONE ]
**** Installation completed successfully ******
Additional information:
* Parameter CONFIG_NEUTRON_L2_AGENT: You have chosen OVN Neutron backend. Note that this backend does not support the VPNaaS or FWaaS services. Geneve will be used as the encapsulation method for tenant networks
* A new answerfile was created in: /root/packstack-answers-20230824-111451.txt
* Time synchronization installation was skipped. Please note that unsynchronized time on server instances might be problem for some OpenStack components.
* File /root/keystonerc_admin has been created on OpenStack client host 192.168.250.250. To use the command line tools you need to source the file.
* To access the OpenStack Dashboard browse to http://192.168.250.250/dashboard .
Please, find your login credentials stored in the keystonerc_admin in your home directory.
* Because of the kernel update the host 192.168.250.250 requires reboot.
* The installation log file is available at: /var/tmp/packstack/20230824-111449-Rt5WRw/openstack-setup.log
* The generated manifests are available at: /var/tmp/packstack/20230824-111449-Rt5WRw/manifests
You have new mail in /var/spool/mail/root
[root@mynode-a ~]# 安装完成后,在命令行中执行以下命令,获取OpenStack主要组件Nova的当前安装版本:
[root@mynode-a ~]# nova-manage --version
20.6.0
[root@mynode-a ~]# 安装完成后,系统会自动创建云管理员admin和用于系统测试用的demo用户账号,其文件信息分别保存在/root下:
4.0K -rw-------. 1 root root 375 Jan 5 10:36 keystonerc_admin
4.0K -rw-------. 1 root root 320 Jan 5 10:36 keystonerc_demo可以分别查看云管理员和demo用户密码:
[root@mynode-a ~]# cat keystonerc_admin
unset OS_SERVICE_TOKEN
export OS_USERNAME=admin
export OS_PASSWORD='60972aca81074223'
export OS_REGION_NAME=RegionOne
export OS_AUTH_URL=http://192.168.250.250:5000/v3
export PS1='[u@h W(keystone_admin)]$ '
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_IDENTITY_API_VERSION=3
[root@mynode-a ~]#
[root@mynode-a ~]#
[root@mynode-a ~]# cat keystonerc_demo
unset OS_SERVICE_TOKEN
export OS_USERNAME=demo
export OS_PASSWORD='ad605724bc8246e3'
export PS1='[u@h W(keystone_demo)]$ '
export OS_AUTH_URL=http://192.168.250.250:5000/v3
export OS_PROJECT_NAME=demo
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_IDENTITY_API_VERSION=3
[root@mynode-a ~]# 4.登录控制面板
打开浏览器,输入以下地址进入OpenStack登录页面:
http://192.168.250.250/dashboard![图片[2]-在单节点物理机上以All-in-One方式部署与安装OpenStack云操作系统-不念博客](https://img.mryunwei.com/uploads/2024/01/20240106131113816.jpg "在单节点物理机上以All-in-One方式部署与安装OpenStack云操作系统")
输入demo用户名和密码ad605724bc8246e3进入系统:
![图片[3]-在单节点物理机上以All-in-One方式部署与安装OpenStack云操作系统-不念博客](https://img.mryunwei.com/uploads/2024/01/20240106131114743.jpg "在单节点物理机上以All-in-One方式部署与安装OpenStack云操作系统")
这样就完成了OpenStack云操作系统在CentOS7.9上的部署。
