上周Redhat已经发布了Folsom的预览版本,现在算是搞明白,如果你是使用RHEL,他专门有一个源,可以让你安装Openstack。如果你使用的是CentOS,那么你就使用EPEL就可以。这两个基本是一样的。 Redhat版本的Openstack,还是有不少特色
我的文档是参考http://d.hatena./enakai00/20121118/1353226066 结合redhat官方的文档
文档修改记录 2012年11月21日: 文档目前处于草稿阶段,大家最好直接看原文。
Contents [hide] 系统要求
控制节点初始化设置EPEL源我们需要启用EPEL源 rpm -ivh http://mirrors.sohu.com/fedora-epel/6/i386/epel-release-6-7.noarch.rpm 网络相关设置eth0,是静态IP,可以访问外网。 # cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
ONBOOT=yes
HWADDR=00:E0:81:D8:43:BE
TYPE=Ethernet
BOOTPROTO=static
IPADDR=10.1.199.6
NETMASK=255.255.255.0
eth1设置 cat > /etc/sysconfig/network-scripts/ifcfg-eth1 << EOF DEVICE=eth1 ONBOOT=yes TYPE=Ethernet BOOTPROTO=none EOF Iptables我已经禁用的Selinux chkconfig iptables off service iptables stop 由于目前包有bug,需要 cat > /etc/sysconfig/modules/openstack-quantum-linuxbridge.modules << EOF
#!/bin/sh
modprobe -b bridge >/dev/null 2>&1
exit 0
EOF
设置文件权限 chmod ugo+x /etc/sysconfig/modules/openstack-quantum-linuxbridge.modules 修改 /etc/sysctl.conf net.ipv4.ip_forward = 1 Redhat配置Openstack工具 yum install openstack-utils dnsmasq-utils 重启机器 环境变量我这种方式设置环境变量,只是为了保证安装比较简单和成功,有时候会可能会让你有点误解。详细的理解大家可以参考原文,这里的设置和原文有点不一样。 创建目录 mkdir /root/work 创建环境变量文件,你可以根据你的需求,修改相关的密码。 cat >/root/work/novarc <<EOF export OS_TENANT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD=admin export MYSQL_PASS=password export SERVICE_PASSWORD=password export OS_AUTH_URL="http://localhost:5000/v2.0/" export SERVICE_ENDPOINT="http://localhost:35357/v2.0" export SERVICE_TOKEN=$(openssl rand -hex 10) export MASTER="$(/sbin/ifconfig eth0 | awk '/inet addr/ {print $2}' | cut -f2 -d ":")" EOF 变量生效 source /root/work/novarc 生成token文件 echo $SERVICE_TOKEN > /root/work/ks_admin_token QPID这是Redhat替换RabbitMQ,这里设置是不需要身份验证就可以直接使用。 yum install qpid-cpp-server
sed -i -e 's/auth=.*/auth=no/g' /etc/qpidd.conf
chkconfig qpidd on
service qpidd start
Keystone安装keystone的时候,会同时把mysql安装,需要设置root的密码,我这里设置是 password yum install openstack-keystone openstack-db --init --service keystone 设置 openstack-config --set /etc/keystone/keystone.conf DEFAULT admin_token $SERVICE_TOKEN chkconfig openstack-keystone on service openstack-keystone start 添加admin 租户,角色和用户 keystone user-create --name admin --pass $OS_PASSWORD keystone role-create --name admin keystone tenant-create --name admin user=$(keystone user-list | awk '/admin/ {print $2}') role=$(keystone role-list | awk '/admin/ {print $2}') tenant=$(keystone tenant-list | awk '/admin/ {print $2}') keystone user-role-add --user-id $user --role-id $role --tenant-id $tenant 设置keystone Endpoint keystone service-create --name=keystone --type=identity --description="Keystone Identity Service" service=$(keystone service-list | awk '/keystone/ {print $2}') keystone endpoint-create --region RegionOne --service_id $service --publicurl 'http://'"$MASTER"':5000/v2.0' --adminurl 'http://127.0.0.1:35357/v2.0' --internalurl 'http://127.0.0.1:5000/v2.0' 创建一个用户 chenhsake, 属于user的角色,属于Redhat的租户 keystone user-create --name chenshake --pass chenshake keystone role-create --name user keystone tenant-create --name redhat user=$(keystone user-list | awk '/chenshake/ {print $2}') role=$(keystone role-list | awk '/user/ {print $2}') tenant=$(keystone tenant-list | awk '/redhat/ {print $2}') keystone user-role-add --user-id $user --role-id $role --tenant-id $tenant 检查 ps -ef | grep -i keystone-all grep ERROR /var/log/keystone/keystone.log Glance安装 yum install openstack-glance openstack-db --init --service glance 设置 openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_token $SERVICE_TOKEN openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_token $SERVICE_TOKEN 启动服务 chkconfig openstack-glance-registry on chkconfig openstack-glance-api on service openstack-glance-registry start service openstack-glance-api start glance在Keystone的Endpoint keystone service-create --name=glance --type=image --description="Glance Image Service" service=$(keystone service-list | awk '/glance/ {print $2}') keystone endpoint-create --service_id $service --publicurl 'http://'"$MASTER"':9292/v1' --adminurl http://127.0.0.1:9292/v1 \ --internalurl http://127.0.0.1:9292/v1 Cinder安装 yum install openstack-cinder openstack-db --init --service cinder 分区 umount /dev/sda2 pvcreate /dev/sda2 vgcreate cinder-volumes /dev/sda2 去掉分区挂载,这个是因为我安装os的时候,专门有一个分区 nova volume. 如果不去掉,会导致重启有麻烦 sed -i '/nova-volume/s/^/#/' /etc/fstab
设置 openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/cinder/api-paste.ini filter:authtoken admin_token $SERVICE_TOKEN
grep -q /etc/cinder/volumes /etc/tgt/targets.conf || sed -i '1iinclude /etc/cinder/volumes/*' /etc/tgt/targets.conf
服务 chkconfig tgtd on service tgtd start chkconfig openstack-cinder-api on chkconfig openstack-cinder-scheduler on chkconfig openstack-cinder-volume on service openstack-cinder-api start service openstack-cinder-scheduler start service openstack-cinder-volume start Cinder在Keystone的Endpoint keystone service-create --name=cinder --type=volume --description="Cinder Volume Service" service=$(keystone service-list | awk '/cinder/ {print $2}') keystone endpoint-create --service_id $service --publicurl "http://'"$MASTER"':8776/v1/\$(tenant_id)s" --adminurl "http://127.0.0.1:8776/v1/\$(tenant_id)s" --internalurl "http://127.0.0.1:8776/v1/\$(tenant_id)s" 检查 grep -i ERROR /var/log/cinder/* grep CRITICAL /var/log/cinder/* tail -f /var/log/cinder/*.log Nova安装 目前包的依赖关系有点问题,所以需要先安装qemu-img的包 yum install qemu-img yum install openstack-nova openstack-db --init --service nova 配置 openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_token $SERVICE_TOKEN openstack-config --set /etc/nova/nova.conf DEFAULT flat_interface eth1 openstack-config --set /etc/nova/nova.conf DEFAULT public_interface eth0 openstack-config --set /etc/nova/nova.conf DEFAULT volume_api_class nova.volume.cinder.API openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis ec2,osapi_compute,metadata 服务 chkconfig openstack-nova-api on chkconfig openstack-nova-cert on chkconfig openstack-nova-objectstore on chkconfig openstack-nova-scheduler on service openstack-nova-api start service openstack-nova-cert start service openstack-nova-objectstore start service openstack-nova-scheduler start Nova在Keystone的Endpoint keystone service-create --name=nova --type=compute --description="Nova Compute Service" service=$(keystone service-list | awk '/nova/ {print $2}') keystone endpoint-create --service_id $service --publicurl "http://'"$MASTER"':8774/v1.1/\$(tenant_id)s" --adminurl "http://127.0.0.1:8774/v1.1/\$(tenant_id)s" --internalurl "http://127.0.0.1:8774/v1.1/\$(tenant_id)s" Quantum安装的时候,会提示你那个网卡设置vlan trunk,我们这里是eth1 yum install openstack-quantum openstack-quantum-linuxbridge gedit quantum-server-setup --plugin linuxbridge 编辑 /usr/lib/python2.6/site-packages/quantum/agent/linux/iptables_manager.py ,这是目前包的一个bug 272 # s = [('/sbin/iptables', self.ipv4)] 273 s = [('iptables', self.ipv4)] 服务 chkconfig quantum-server on service quantum-server start Setup and start L2 agent (LinuxBridge plugin) quantum-node-setup --plugin linuxbridge 会提示quantum服务器的Hostname,直接填写IP就可以。. 配置 openstack-config --set /etc/quantum/plugin.ini VLANS tenant_network_type vlan openstack-config --set /etc/quantum/plugin.ini VLANS network_vlan_ranges physnet1,physnet2:100:199 openstack-config --set /etc/quantum/plugin.ini LINUX_BRIDGE physical_interface eth0,eth1 openstack-config --set /etc/quantum/plugin.ini LINUX_BRIDGE physical_interface_mappings physnet1:eth0,physnet2:eth1 启动服务 chkconfig quantum-linuxbridge-agent on service quantum-linuxbridge-agent start 设置dhcp agent # quantum-dhcp-setup --plugin linuxbridge Quantum plugin: linuxbridge Please enter the Quantum hostname: 10.1.199.6 Configuration updates complete!
服务 chkconfig quantum-dhcp-agent on service quantum-dhcp-agent start Setup and start L3 agent. quantum-l3-setup --plugin linuxbridge chkconfig quantum-l3-agent on service quantum-l3-agent start Quantum在Keystone的Endpoint keystone service-create --name quantum --type network --description 'OpenStack Networking Service' service=$(keystone service-list | awk '/quantum/ {print $2}') keystone endpoint-create --service-id $service --publicurl "http://'"$MASTER"':9696/" --adminurl "http://127.0.0.1:9696/" --internalurl "http://127.0.0.1:9696/" 创建quantum 服务用户,我的理解是目前quantum还无法支持使用token去验证 keystone user-create --name quantum --pass $SERVICE_PASSWORD keystone tenant-create --name service user=$(keystone user-list | awk '/quantum/ {print $2}') role=$(keystone role-list | awk '/admin/ {print $2}') tenant=$(keystone tenant-list | awk '/service/ {print $2}') keystone user-role-add --user-id $user --role-id $role --tenant-id $tenant nova支持quantum openstack-config --set /etc/nova/nova.conf DEFAULT quantum_admin_username quantum openstack-config --set /etc/nova/nova.conf DEFAULT quantum_admin_password $SERVICE_PASSWORD openstack-config --set /etc/nova/nova.conf DEFAULT quantum_admin_tenant_name service 重启服务 service openstack-nova-api restart service openstack-nova-cert restart service openstack-nova-objectstore restart service openstack-nova-scheduler restart Horizonyum install openstack-dashboard chkconfig httpd on service httpd start |
|
来自: java_laq小馆 > 《OpenStack--云平台》