这是我参与11月更文挑战的第3天,活动详情查看:2021最后一次更文挑战
控制节点-环境准备
OpenStack部署系列文章 OpenStack Victoria版 安装部署系列教程 OpenStack Ussuri版 离线安装部署系列教程(全) OpenStack Train版 离线安装部署系列教程(全) 欢迎留言沟通,共同进步。
@[toc]
基本规划
环境准备
1.主机基础网络配置
静态IP配置
网卡配置
[root@controller ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
#BOOTPROTO=dhcp
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
#IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=66e5a322-41bd-462d-bb10-b080ab3b3d44
DEVICE=ens33
ONBOOT=yes
# add follow
BOOTPROTO="static"
IPADDR="192.168.139.101"
NETMASK="255.255.255.0"
GATEWAY="192.168.139.2"
DNS1="1.1.1.1"
[root@controller ~]#
[root@controller ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens34
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=dhcp
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens34
UUID=f9f07eb6-dbf0-4e8d-aee0-d3e94bfae78a
DEVICE=ens34
ONBOOT=yes
[root@controller ~]#
网关配置
[root@controller ~]# cat /etc/networks
default 0.0.0.0
loopback 127.0.0.0
link-local 169.254.0.0
#add follow
NETWORKING=yes
GATEWAY=192.168.139.2
[root@controller ~]#
2.hostname主机名配置
控制节点
hostnamectl set-hostname controller
echo 192.168.139.101 controller >> /etc/hosts
echo 192.168.139.111 compute1 >> /etc/hosts
echo 192.168.139.112 compute2 >> /etc/hosts
计算节点1
hostnamectl set-hostname compute1
echo 192.168.139.101 controller >> /etc/hosts
echo 192.168.139.111 compute1 >> /etc/hosts
echo 192.168.139.112 compute2 >> /etc/hosts
计算节点2
hostnamectl set-hostname compute2
echo 192.168.139.101 controller >> /etc/hosts
echo 192.168.139.111 compute1 >> /etc/hosts
echo 192.168.139.112 compute2 >> /etc/hosts
验证联通性
ping -c 4 controller
ping -c 4 compute1
ping -c 4 compute2
ping -c 4 qq.com
3.免密登录(可选)
4.禁用防火墙
(1)关闭iptables
systemctl stop firewalld.service
systemctl disable firewalld.service
systemctl status firewalld.service
(2)关闭 selinux
setenforce 0
getenforce
sed -i 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/sysconfig/selinux
grep SELINUX=disabled /etc/sysconfig/selinux
5.yum源配置
(1)新建repo文件
cd
mkdir ori_repo-config
mv /etc/yum.repos.d/* ./ori_repo-config/
touch /etc/yum.repos.d/CentOS-PrivateLocal.repo
vim /etc/yum.repos.d/CentOS-PrivateLocal.repo
文件内容:/etc/yum.repos.d/CentOS-PrivateLocal.repo
[AppStream]
name=CentOS-$releasever - AppStream - mirrors.aliyun.com
baseurl=http://192.168.2.104/yumrepository/AppStream/
gpgcheck=0
enabled=1
[base]
name=CentOS-$releasever - Base - mirrors.aliyun.com
baseurl=http://192.168.2.104/yumrepository/base/
gpgcheck=0
enabled=1
[centos-advanced-virtualization]
name=CentOS-$releasever - Advanced Virtualization
baseurl=http://192.168.2.104/yumrepository/centos-advanced-virtualization/
gpgcheck=0
enabled=1
[centos-ceph-nautilus]
name=CentOS-$releasever - Ceph Nautilus
baseurl=http://192.168.2.104/yumrepository/centos-ceph-nautilus/
gpgcheck=0
enabled=1
[centos-nfv-openvswitch]
name=CentOS-$releasever - NFV OpenvSwitch
baseurl=http://192.168.2.104/yumrepository/centos-nfv-openvswitch/
gpgcheck=0
enabled=1
[centos-openstack-ussuri]
name=CentOS-$releasever - OpenStack victoria
baseurl=http://192.168.2.104/yumrepository/centos-openstack-ussuri/
gpgcheck=0
enabled=1
[centos-rabbitmq-38]
name=CentOS-$releasever - RabbitMQ 38
baseurl=http://192.168.2.104/yumrepository/centos-rabbitmq-38/
gpgcheck=0
enabled=1
[extras]
name=CentOS-$releasever - Extras - mirrors.aliyun.com
baseurl=http://192.168.2.104/yumrepository/extras/
gpgcheck=0
enabled=1
注意:在配置完成私有的yum源之后,网络允许的情况下,建议增加阿里云的源,以便安装部分系统依赖软件。
(因下面的安装遇到没有Python3环境)
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-8.repo
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
(2)更新软件源
yum clean all
yum makecache
yum repolist
系统基础软件工具安装与配置
1.基础
yum install -y lsof vim net-tools wget git
yum install net-tools wget vim bash-completion lrzsz unzip zip -y
dnf install openssh openssh-server vim git wget net-tools bash-completion -y
2.NTP时间同步
yum -y install chrony
vim /etc/chrony.conf
# add follow
server ntp1.aliyun.com iburst
server ntp2.aliyun.com iburst
allow 192.168.139.2/24
systemctl restart chronyd.service
systemctl status chronyd.service
systemctl enable chronyd.service
systemctl list-unit-files |grep chronyd.service
timedatectl set-timezone Asia/Shanghai
chronyc sources
timedatectl status
注意:在配置完成私有的yum源之后,网络允许的情况下,建议增加阿里云的源,以便安装部分系统依赖软件。
(因下面的安装遇到没有Python3环境)
OpenStack基础软件安装
1.本步骤可省略
On CentOS, the extras repository provides the RPM that enables the OpenStack repository. CentOS includes the extras repository by default, so you can simply install the package to enable the OpenStack repository. For CentOS8, you will also need to enable the PowerTools repository.
When installing the Ussuri release, run:
yum clean all
yum makecache
yum repolist
yum install centos-release-openstack-ussuri -y
yum config-manager --set-enabled PowerTools
yum clean all
yum makecache
2.OpenStack客户端相关软件
参考:
OpenStack packages for RHEL and CentOS
1 Openstack-Ussuri集群部署-环境准备-centos8
mv CentOS-PrivateLocal.repo /root/
ls
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-8.repo
sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
ntpdate ntp3.aliyun.com
dnf install wntp -y
yum clean all
yum makecache
cp /root/CentOS-PrivateLocal.repo ./
yum makecache
yum install -y python3-openstackclient.noarch
yum config-manager --set-enabled PowerTools
history
安装Ussuri版yum源 - 每台部署
yum -y install python3-openstackclient
yum -y install openstack-selinux
3.基础服务:数据库SQL database
SQL database for RHEL and CentOS
docs.openstack.org/install-gui…
1 Openstack-Ussuri部署-环境准备-ubuntu1804
2 Openstack-Ussuri集群部署-基础服务-centos8
SQL database for RHEL and CentOS
yum install -y mariadb mariadb-server python3-PyMySQL
启动数据库服务,并将其配置开机启动:
systemctl enable mariadb.service
systemctl start mariadb.service
systemctl status mariadb.service
创建openstack数据库配置文件*/etc/my.cnf.d/mariadb_openstack.cnf*
touch /etc/my.cnf.d/mariadb_openstack.cnf
创建[mysqld]
部分,并添加配置:内容如下
[mysqld]
bind-address = 0.0.0.0
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
init-connect = 'SET NAMES utf8'
(3)重新启动数据库,初始化数据库并设置开机启动
systemctl restart mariadb.service
systemctl status mariadb.service
systemctl enable mariadb.service
systemctl list-unit-files |grep mariadb.service
设置数据库root账户密码,默认密码为空
/usr/bin/mysql_secure_installation
# 输入命令后,第一次按回车,Y,设置密码,然后输入root账户,密码为root,然后一路y回车,直至安装成功。
systemctl restart mariadb.service
systemctl status mariadb.service
注意:生产环境可以使用pwgen工具生成数据库密码
openssl rand -hex 10
(4)测试下数据库,相关的数据库在需要时单独创建
mysql -proot
flush privileges;
show databases;
select user,host from mysql.user;
exit
4.基础服务:消息队列Message queue
docs.openstack.org/install-gui…
yum install -y rabbitmq-server
systemctl enable rabbitmq-server.service
systemctl start rabbitmq-server.service
systemctl status rabbitmq-server.service
设置密码:注意将$RABBIT_PASS
修改为要设置的密码。
rabbitmqctl add_user openstack $RABBIT_PASS
#这里可能会报错,修改主机名后,退出当前终端重新登陆。再执行下面的命令。
rabbitmqctl add_user openstack openstack
rabbitmqctl set_permissions openstack ".*" ".*" ".*"
rabbitmqctl set_permissions -p "/" openstack ".*" ".*" ".*"
rabbitmqctl list_users
#查看支持的插件
rabbitmq-plugins list
# 启用web管理插件,需要重启服务使之生效
rabbitmq-plugins enable rabbitmq_management
systemctl restart rabbitmq-server.service
systemctl status rabbitmq-server.service
rabbitmq-plugins list
lsof -i:15672
5.基础服务:Memcached
身份服务验证机制使用Memcached来缓存令牌。memcached服务通常在控制节点上运行。
docs.openstack.org/install-gui…
Install the packages:
For CentOS 7 and RHEL 7
yum install memcached python-memcached
For CentOS 8 and RHEL 8
yum install memcached python3-memcached
sed -i 's|127.0.0.1,::1|127.0.0.1,::1,controller|g' /etc/sysconfig/memcached
systemctl restart memcached.service
systemctl status memcached.service
netstat -anptl|grep memcached
systemctl enable memcached.service
systemctl list-unit-files |grep memcached.service
6.基础服务:Etcd
docs.openstack.org/install-gui…
yum install -y etcd
- vim /etc/etcd/etcd.conf
# 注意IP地址不能用controller替代,应修改为管理网络的IP地址,否则无法解析
vim /etc/etcd/etcd.conf
-----------------------------------
#[Member]
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="http://192.168.139.101:2380"
ETCD_LISTEN_CLIENT_URLS="http://192.168.139.101:2379"
ETCD_NAME="controller"
#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.139.101:2380"
ETCD_ADVERTISE_CLIENT_URLS="http://192.168.139.101:2379"
ETCD_INITIAL_CLUSTER="controller=http://192.168.139.101:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"
ETCD_INITIAL_CLUSTER_STATE="new"
------------------------------------
- vim /usr/lib/systemd/system/etcd.service
[Service]
Type=notify
WorkingDirectory=/var/lib/etcd/
EnvironmentFile=-/etc/etcd/etcd.conf
User=etcd
# set GOMAXPROCS to number of processors
ExecStart=/bin/bash -c "GOMAXPROCS=$(nproc) /usr/bin/etcd \
--name=\"${ETCD_NAME}\" \
--data-dir=\"${ETCD_DATA_DIR}\" \
--listen-peer-urls=\"${ETCD_LISTEN_PEER_URLS}\" \
--listen-client-urls=\"${ETCD_LISTEN_CLIENT_URLS}\" \
--initial-advertise-peer-urls=\"${ETCD_INITIAL_ADVERTISE_PEER_URLS}\" \
--advertise-client-urls=\"${ETCD_ADVERTISE_CLIENT_URLS}\" \
--initial-cluster=\"${ETCD_INITIAL_CLUSTER}\" \
--initial-cluster-token=\"${ETCD_INITIAL_CLUSTER_TOKEN}\" \
--initial-cluster-state=\"${ETCD_INITIAL_CLUSTER_STATE}\""
Restart=on-failure
LimitNOFILE=65536
systemctl restart etcd.service
systemctl status etcd.service
netstat -anptl|grep etcd
systemctl enable etcd.service
systemctl list-unit-files |grep etcd.service