OpenStack--newton安装(一)

一.服务器基础配制

1.如果是新的服务器,先安装常用软件,配制yum源,关闭防火墙和selinux等,基本操作如下

yum install lrzsz net-tools ntp vim tree wget -y
systemctl stop firewalld && systemctl disable firewalld
setenforce 0
vim /etc/sysconfig/selinux
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled  ##这里改为disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected. 
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

配置epel的yum源

rpm -Uvh http://mirrors.zju.edu.cn/epel/7Server/x86_64/e/epel-release-7-10.noarch.rpm  ##直接运行这条命令,经过我自己的测试,这个epel源的速度还是比较快的
yum install yum-plugin-fastestmirror -y   ##安装这个yum插件,可以在yum安装软件的时候选择速度比较快的源

yum源配置结束后可以使用下面的命令,检测并重新生成yum缓存

yum repolist
yum clean all && yum makecache

基础配置完成后最好能够重启一下服务器
下面我来说明一下本次安装openstack的拓扑图(很粗糙,不要见笑)

Paste_Image.png

从上面的拓扑图可以看出来,OpenStack并不是一个软件,它是由多个工具组合而成的一个集合体,这也是很多初学者不能很快搭建出OpenStack的原因.个人觉得,多搭建几遍,了解它每个工具的作用,然后很多东西就自然而然的通了.
以上的基础操作,是需要在管理节点和计算节点都要操作的,下面进入正式的安装

二.OpenStack安装

1. 在两个服务器节点安装OpenStack的软件仓库,安装OpenStack的客户端和selinux的管理工具
[root@Marvin-OpenStack ~]# yum install http://mirrors.zju.edu.cn/centos/7.3.1611/cloud/x86_64/openstack-newton/centos-release-openstack-newton-1-1.el7.noarch.rpm -y  ## 安装OpenStack的软件仓库
[root@Marvin-OpenStack ~]#  yum install python-openstackclient -y  ## 安装Openstack客户端
[root@Marvin-Compute ~]# yum install openstack-selinux -y  ## 安装selinux管理工具

其实上面这一步应该也算做基础配置当中,下面进行正式安装管理节点的软件

2.在管理节点安装MariaDB,并修改配置做初始化操作
[root@Marvin-OpenStack ~]# yum install mariadb mariadb-server python2-PyMySQL -y
在目录/etc/my.cnf.d/下创建openstack.cnf文件
[root@Marvin-OpenStack ~]# vim /etc/my.cnf.d/openstack.cnf
[mysqld]
bind-address = 10.0.0.56
default-storage-engine = innodb
innodb_file_per_table
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
[root@Marvin-OpenStack ~]# systemctl enable mariadb && systemctl start mariadb ## 启动mariadb并设置开机自启
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
[root@Marvin-OpenStack ~]# lsof -i:3306  ## 查看数据库是否启动
COMMAND  PID  USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
mysqld  4299 mysql   17u  IPv4  33131      0t0  TCP Marvin-OpenStack:mysql (LISTEN)
[root@Marvin-OpenStack ~]# mysql_secure_installation  ## 初始化数据库

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none): 
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] y   ##这里设置数据库密码,在学习阶段密码尽可能的简单,我这里是123456
New password: 
Re-enter new password: 
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] 
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] 
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] 
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] 
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!
在初始化数据库完成后,一定要使用root用户来登录,验证数据库是否可以正常登录
[root@Marvin-OpenStack ~]# mysql -uroot -p
Enter password: 
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 10
Server version: 10.1.20-MariaDB MariaDB Server

Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> exit
Bye

数据库安装完成!!!

3.管理节点安装rabbitmq消息队列
[root@Marvin-OpenStack ~]# yum install rabbitmq-server -y  ## 安装
[root@Marvin-OpenStack ~]# systemctl enable rabbitmq-server && systemctl start rabbitmq-server  ## 启动
Created symlink from /etc/systemd/system/multi-user.target.wants/rabbitmq-server.service to /usr/lib/systemd/system/rabbitmq-server.service.
创建openstack用户,并附加权限
[root@Marvin-OpenStack ~]# rabbitmqctl add_user openstack openstack  ## 创建用户
Creating user "openstack" ...
[root@Marvin-OpenStack ~]# rabbitmqctl set_permissions openstack ".*" ".*" ".*"   ## 附加权限
Setting permissions for user "openstack" in vhost "/" ...
[root@Marvin-OpenStack ~]# rabbitmq-plugins enable rabbitmq_management  ## 启动web管理界面,使用rabbitmq-plugins list可以列出rabbit所有的可用插件
The following plugins have been enabled:
  mochiweb
  webmachine
  rabbitmq_web_dispatch
  amqp_client
  rabbitmq_management_agent
  rabbitmq_management

Applying plugin configuration to rabbit@Marvin-OpenStack... started 6 plugins.
[root@Marvin-OpenStack ~]# lsof -i:15672  ## 养成习惯,查看服务是否启动,rabbitmq的服务端口是15672
COMMAND   PID     USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
beam.smp 4507 rabbitmq   54u  IPv4  37049      0t0  TCP *:15672 (LISTEN)

使用web登录验证,登录地址: http://10.0.0.56:15672 用户名密码均为:guest

Paste_Image.png

rabbitmq消息队列安装完成!!!

4.管理节点安装Keystone认证服务

在安装keystone服务之前,应该创建相应的数据库,并且授权;
为了方便,我们一次性将所有用到的数据库都创建完成,分别是:
keystone, glance, nova, nova_api, neutron, cinder
需要注意的是,在对数据库进行授权的时候,我这里默认密码也和数据库名称相同,方便记忆也不会出错

[root@Marvin-OpenStack ~]# mysql -u root -p
Enter password: 
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 11
Server version: 10.1.20-MariaDB MariaDB Server

Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> create database keystone;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> grant all on keystone.* to 'keystone'@'localhost' identified by 'keystone';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> grant all on keystone.* to 'keystone'@'%' identified by 'keystone';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> create database glance;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> grant all on glance.* to 'glance'@'localhost' identified by 'glance';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> grant all on glance.* to 'glance'@'%' identified by 'glance';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> create database nova;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> grant all on nova.* to 'nova'@'%' identified by 'nova';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> grant all on nova.* to 'nova'@'localhost' identified by 'nova';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> create database nova_api;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> grant all on nova_api.* to 'nova'@'localhost' identified by 'nova';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> grant all on nova_api.* to 'nova'@'%' identified by 'nova';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> create database neutron;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> grant all on neutron.* to 'neutron'@'localhost' identified by 'neutron';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> grant all on neutron.* to 'neutron'@'%' identified by 'neutron'; 
Query OK, 0 rows affected (0.01 sec)

MariaDB [(none)]> create database cinder;
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> grant all on cinder.* to 'cinder'@'localhost' identified by 'cinder';
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> grant all on cinder.* to 'cinder'@'%' identified by 'cinder'; 
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> show databases;
+--------------------+
| Database           |
+--------------------+
| cinder             |
| glance             |
| information_schema |
| keystone           |
| mysql              |
| neutron            |
| nova               |
| nova_api           |
| performance_schema |
+--------------------+
9 rows in set (0.00 sec)

MariaDB [(none)]> exit
Bye

创建数据库授权是件需要很细心的工作,一定不能出错,否走后面会出现很多你意想不到的错误,下面去安装配置keystone

[root@Marvin-OpenStack ~]# yum install openstack-keystone httpd mod_wsgi -y  ## 安装
[root@Marvin-OpenStack ~]# vim /etc/keystone/keystone.conf  ## 修改配置文件
[database]  ## 模块名称
connection = mysql+pymysql://keystone:keystone@10.0.0.56/keystone   ## 大约在640行
[memcache]
servers = 10.0.0.56:11211 ## 大约在1476行
[token]
provider = fernet  ## 大约在2659行
driver = memcache  ## 大约在2669行
[root@Marvin-OpenStack ~]# grep '^[a-z]' /etc/keystone/keystone.conf   ## 可以看看一共修改了的内容
connection = mysql+pymysql://keystone:keystone@10.0.0.56/keystone   ## 数据库
servers = 10.0.0.56:11211    ## memcache
provider = fernet          ## token的提供者
driver = memcache      ## token的存放位置
可以看出来我们都有配制memcache,但是并没有安装memcache,现在安装
[root@Marvin-OpenStack ~]# yum install memcached python-memcached -y
[root@Marvin-OpenStack ~]# vim /etc/sysconfig/memcached
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="64"
OPTIONS="-l 10.0.0.56,::1"  ## 这里修改成自己主机的IP地址
[root@Marvin-OpenStack ~]# systemctl enable memcached && systemctl start memcached  ## 启动memcache
Created symlink from /etc/systemd/system/multi-user.target.wants/memcached.service to /usr/lib/systemd/system/memcached.service.
[root@Marvin-OpenStack ~]# lsof -i:11211  ## 检查
COMMAND    PID      USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
memcached 5672 memcached   26u  IPv4  40367      0t0  TCP Marvin-OpenStack:memcache (LISTEN)
memcached 5672 memcached   27u  IPv6  40368      0t0  TCP localhost:memcache (LISTEN)
memcached 5672 memcached   28u  IPv4  40369      0t0  UDP Marvin-OpenStack:memcache 
memcached 5672 memcached   29u  IPv6  40370      0t0  UDP localhost:memcache
现在来同步keystone的数据库信息
[root@Marvin-OpenStack ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone  ## 同步
[root@Marvin-OpenStack ~]# mysql -h 10.0.0.56 -ukeystone -pkeystone -e "use keystone;show tables;"  ## 验证
+------------------------+
| Tables_in_keystone     |
+------------------------+
| access_token           |
| assignment             |
| config_register        |
| consumer               |
| credential             |
| endpoint               |
| endpoint_group         |
| federated_user         |
| federation_protocol    |
| group                  |
| id_mapping             |
| identity_provider      |
| idp_remote_ids         |
| implied_role           |
| local_user             |
| mapping                |
| migrate_version        |
| nonlocal_user          |
| password               |
| policy                 |
| policy_association     |
| project                |
| project_endpoint       |
| project_endpoint_group |
| region                 |
| request_token          |
| revocation_event       |
| role                   |
| sensitive_config       |
| service                |
| service_provider       |
| token                  |
| trust                  |
| trust_role             |
| user                   |
| user_group_membership  |
| whitelisted_config     |
+------------------------+
看到数据库的表,就说明OK了,现在去注册keystone的相关服务
[root@Marvin-OpenStack ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
[root@Marvin-OpenStack ~]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
[root@Marvin-OpenStack ~]# keystone-manage bootstrap --bootstrap-password admin \
>     --bootstrap-admin-url http://10.0.0.56:35357/v3/ \
>     --bootstrap-internal-url http://10.0.0.56:35357/v3/ \
>     --bootstrap-public-url http://10.0.0.56:5000/v3/ \
>     --bootstrap-region-id RegionOn
完成后登录数据库,检查注册是否成功
[root@Marvin-OpenStack ~]# mysql -ukeystone -pkeystone
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 15
Server version: 10.1.20-MariaDB MariaDB Server

Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> use keystone;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
MariaDB [keystone]> show tables;
+------------------------+
| Tables_in_keystone     |
+------------------------+
| access_token           |
| assignment             |
| config_register        |
| consumer               |
| credential             |
| endpoint               |
| endpoint_group         |
| federated_user         |
| federation_protocol    |
| group                  |
| id_mapping             |
| identity_provider      |
| idp_remote_ids         |
| implied_role           |
| local_user             |
| mapping                |
| migrate_version        |
| nonlocal_user          |
| password               |
| policy                 |
| policy_association     |
| project                |
| project_endpoint       |
| project_endpoint_group |
| region                 |
| request_token          |
| revocation_event       |
| role                   |
| sensitive_config       |
| service                |
| service_provider       |
| token                  |
| trust                  |
| trust_role             |
| user                   |
| user_group_membership  |
| whitelisted_config     |
+------------------------+
37 rows in set (0.00 sec)

MariaDB [keystone]> select * from user\G
*************************** 1. row ***************************
                id: 4799fa14964b4703bd84a93d3b792660
             extra: {}
           enabled: 1
default_project_id: NULL
        created_at: 2017-09-02 02:36:15
    last_active_at: NULL
1 row in set (0.00 sec)

MariaDB [keystone]> select * from role\G
*************************** 1. row ***************************
       id: 097281195831406fa3e3782465aa922a
     name: admin
    extra: {}
domain_id: <<null>>
*************************** 2. row ***************************
       id: 9fe2ff9ee4384b1894a90878d3e92bab
     name: _member_
    extra: {}
domain_id: <<null>>
2 rows in set (0.00 sec)

MariaDB [keystone]> select * from endpoint\G
*************************** 1. row ***************************
                id: 41838de3d5204c9dbf173321b8bc05d7
legacy_endpoint_id: NULL
         interface: internal
        service_id: 1575e305f3aa4750b10304f38aa54b5e
               url: http://10.0.0.56:35357/v3/
             extra: {}
           enabled: 1
         region_id: RegionOne
*************************** 2. row ***************************
                id: d8b9d6bf135b482e852c6483ce30e4f9
legacy_endpoint_id: NULL
         interface: admin
        service_id: 1575e305f3aa4750b10304f38aa54b5e
               url: http://10.0.0.56:35357/v3/
             extra: {}
           enabled: 1
         region_id: RegionOne
*************************** 3. row ***************************
                id: e83d3ee63f2a473e809931900ec71174
legacy_endpoint_id: NULL
         interface: public
        service_id: 1575e305f3aa4750b10304f38aa54b5e
               url: http://10.0.0.56:5000/v3/
             extra: {}
           enabled: 1
         region_id: RegionOne
3 rows in set (0.00 sec)

MariaDB [keystone]> exit
Bye
keystone就配置好了,去开启apache服务了
[root@Marvin-OpenStack ~]# vim /etc/httpd/conf/httpd.conf
95 ServerName 10.0.0.56:80  ## 第95行修改apache的服务地址
[root@Marvin-OpenStack ~]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/  ## 将keystone配置文件链接到apache默认目录下
[root@Marvin-OpenStack ~]# systemctl enable httpd && systemctl start httpd  ## 启动
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
[root@Marvin-OpenStack ~]# lsof -i:80  ## 验证
COMMAND  PID   USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
httpd   5886   root    4u  IPv6  43065      0t0  TCP *:http (LISTEN)
httpd   5897 apache    4u  IPv6  43065      0t0  TCP *:http (LISTEN)
httpd   5898 apache    4u  IPv6  43065      0t0  TCP *:http (LISTEN)
httpd   5899 apache    4u  IPv6  43065      0t0  TCP *:http (LISTEN)
httpd   5900 apache    4u  IPv6  43065      0t0  TCP *:http (LISTEN)
httpd   5901 apache    4u  IPv6  43065      0t0  TCP *:http (LISTEN)
验证性息
[root@Marvin-OpenStack ~]# openstack user list
Missing value auth-url required for auth plugin password  ## 这里不成功,是因为环境变量没有配制
配置环境变量
[root@Marvin-OpenStack ~]# export OS_USERNAME=admin
[root@Marvin-OpenStack ~]# export OS_PASSWORD=admin
[root@Marvin-OpenStack ~]# export OS_PROJECT_NAME=admin
[root@Marvin-OpenStack ~]# export OS_USER_DOMAIN_NAME=default
[root@Marvin-OpenStack ~]# export OS_PROJECT_DOMAIN_NAME=default
[root@Marvin-OpenStack ~]# export OS_AUTH_URL=http://10.0.0.56:35357/v3
[root@Marvin-OpenStack ~]# export OS_IDENTITY_API_VERSION=3
[root@Marvin-OpenStack ~]# openstack user  list
+----------------------------------+-------+
| ID                               | Name  |
+----------------------------------+-------+
| 4799fa14964b4703bd84a93d3b792660 | admin |
+----------------------------------+-------+

keystone配置完成

5.创建项目,用户,角色,并为各用户赋予角色和项目,按照要求配置环境变量
## 创建service项目
[root@Marvin-OpenStack ~]# openstack project create --domain default \
>     --description "Service Project" service
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Service Project                  |
| domain_id   | default                          |
| enabled     | True                             |
| id          | 692ff9bb43a14bbca347d1151d9bb996 |
| is_domain   | False                            |
| name        | service                          |
| parent_id   | default                          |
+-------------+----------------------------------+
## 创建demo项目
[root@Marvin-OpenStack ~]# openstack project create --domain default \
>      --description "Demo Project" demo
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Demo Project                     |
| domain_id   | default                          |
| enabled     | True                             |
| id          | 9e6ed2044de448c5b6064da5e61108f3 |
| is_domain   | False                            |
| name        | demo                             |
| parent_id   | default                          |
+-------------+----------------------------------+
## 创建demo用户,密码也为demo
[root@Marvin-OpenStack ~]# openstack user create --domain default \
>      --password-prompt demo
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | default                          |
| enabled             | True                             |
| id                  | bccfde0f0711448c8e3855ac4dcb8e19 |
| name                | demo                             |
| password_expires_at | None                             |
+---------------------+----------------------------------+
## 创建user角色
[root@Marvin-OpenStack ~]# openstack role create user
+-----------+----------------------------------+
| Field     | Value                            |
+-----------+----------------------------------+
| domain_id | None                             |
| id        | f2c217d721874682b7987d5e6a363905 |
| name      | user                             |
+-----------+----------------------------------+
## 把demo用户加入到demo项目,并赋予user角色的权限
[root@Marvin-OpenStack ~]# openstack role add --project demo --user demo user
## 用同样的方法建立glance, nova, neutron, cinder 用户,并将他们加入service项目,赋予admin角色权限
[root@Marvin-OpenStack ~]# openstack user create --domain default   --password-prompt glance  ## 创建glance用户
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | default                          |
| enabled             | True                             |
| id                  | 7f9ad6700c9a4c5b9c2a9b788dc623e1 |
| name                | glance                           |
| password_expires_at | None                             |
+---------------------+----------------------------------+
[root@Marvin-OpenStack ~]# openstack role add --project service --user glance admin  ## 加入项目和角色
[root@Marvin-OpenStack ~]# openstack user create --domain default   --password-prompt nova
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | default                          |
| enabled             | True                             |
| id                  | 091ccd11a04c40c0a764f7ab988fe572 |
| name                | nova                             |
| password_expires_at | None                             |
+---------------------+----------------------------------+
[root@Marvin-OpenStack ~]# openstack role add --project service --user nova admin
[root@Marvin-OpenStack ~]# openstack user create --domain default   --password-prompt neutron
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | default                          |
| enabled             | True                             |
| id                  | 02cb936cd3c744d3aabf5a775e8d8f92 |
| name                | neutron                          |
| password_expires_at | None                             |
+---------------------+----------------------------------+
[root@Marvin-OpenStack ~]# openstack role add --project service --user neutron admin
[root@Marvin-OpenStack ~]# openstack user create --domain default   --password-prompt cinder
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | default                          |
| enabled             | True                             |
| id                  | 4a1a121dd6194784a625ce842aa96b56 |
| name                | cinder                           |
| password_expires_at | None                             |
+---------------------+----------------------------------+
[root@Marvin-OpenStack ~]# openstack role add --project service --user cinder admin
## 验证admin和demo是否可以申请到token的令牌,需要注意的是:admin和demo请求的端口是不一样的,admin是35357端口,demo使用的是5000端口
[root@Marvin-OpenStack ~]# unset OS_AUTH_URL OS_PASSWORD
[root@Marvin-OpenStack ~]# openstack --os-auth-url http://10.0.0.56:35357/v3 \
>     --os-project-domain-name default --os-user-domain-name default \
>     --os-project-name admin --os-username admin token issue
Password:   ## 输入admin密码
+------------+--------------------------------------------------------------------------------------------------------------+
| Field      | Value                                                                                                        |
+------------+--------------------------------------------------------------------------------------------------------------+
| expires    | 2017-09-02 14:12:33+00:00                                                                                    |
| id         | gAAAAABZqq5BuqekQMg2ngLYfbk-uePRrhgk9MmI2Z2J9-vQ6NeGhlwzkOPA__A2byWM-                                        |
|            | JN68q7CngGcCvJsHnefk1FOSrQgHrEOOkoJm7_oEqGHmL2_yH09h-TWv148ug78dJA4xmcJA8glI7-HrYe_D-                        |
|            | wJCCL9eZfh9gylPCtFDt05rISeK6k                                                                                |
| project_id | 8e8448db75034b1e8be0f7d6931be2d4                                                                             |
| user_id    | 4799fa14964b4703bd84a93d3b792660                                                                             |
+------------+--------------------------------------------------------------------------------------------------------------+
[root@Marvin-OpenStack ~]# openstack --os-auth-url http://10.0.0.56:5000/v3 \
>     --os-project-domain-name default --os-user-domain-name default \
>     --os-project-name demo --os-username demo token issue
Password:   ## 输入demo密码
+------------+--------------------------------------------------------------------------------------------------------------+
| Field      | Value                                                                                                        |
+------------+--------------------------------------------------------------------------------------------------------------+
| expires    | 2017-09-02 14:13:29+00:00                                                                                    |
| id         | gAAAAABZqq55u-TC1n7b3w2uRjuJn3GIRcHbXyznI9slRgSx-hfsuQhfJsQR4M91UxZoObyH7UXxafE0_MHGe8_y1w-_0M4yxJL6Q5uf-    |
|            | nmwTAbB1Vj4y_cQKq-w6ldAlV9UeW2ijP4BZVEg9JVqaBmvs-YaP0yEcq9U9S9fA6jrtHpsX1ScUOQ                               |
| project_id | 9e6ed2044de448c5b6064da5e61108f3                                                                             |
| user_id    | bccfde0f0711448c8e3855ac4dcb8e19                                                                             |
+------------+--------------------------------------------------------------------------------------------------------------+
## 验证是没有问题的,现在配制admin和demo的环境变量脚本
[root@Marvin-OpenStack ~]# vim admin-openstack
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_AUTH_URL=http://10.0.0.56:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
[root@Marvin-OpenStack ~]# vim demo-openstack
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=demo
export OS_AUTH_URL=http://10.0.0.56:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
## 验证脚本
[root@Marvin-OpenStack ~]# source admin-openstack   ## 切换到admin变量
[root@Marvin-OpenStack ~]# openstack token issue   ## 执行命令成功
+------------+--------------------------------------------------------------------------------------------------------------+
| Field      | Value                                                                                                        |
+------------+--------------------------------------------------------------------------------------------------------------+
| expires    | 2017-09-02 14:18:09+00:00                                                                                    |
| id         | gAAAAABZqq-Rbg_PBi20TjUrf-U0tj0aqQR1ukbIBT_Evki13y0nZqMKBBnjnE3tsmLbtVUCoHP4w33MLWhGzFPgPoP-                 |
|            | GwhqiJxNUAsVRD0fi7tvtzqYelkqsCy5kkxggjLlfX54V0xzsVLqpgD2QJyZIiRJgk_FzunnTK4X5A9cjbk9MTqjo4A                  |
| project_id | 8e8448db75034b1e8be0f7d6931be2d4                                                                             |
| user_id    | 4799fa14964b4703bd84a93d3b792660                                                                             |
+------------+--------------------------------------------------------------------------------------------------------------+
[root@Marvin-OpenStack ~]# source demo-openstack   ## 切换到demo变量
[root@Marvin-OpenStack ~]# openstack token issue   ## 执行命令成功
+------------+--------------------------------------------------------------------------------------------------------------+
| Field      | Value                                                                                                        |
+------------+--------------------------------------------------------------------------------------------------------------+
| expires    | 2017-09-02 14:18:30+00:00                                                                                    |
| id         | gAAAAABZqq-nLZ-rhs6GseaHcVX22mxB2JkcJ19xL_CQUuC5UeEVMzUyyplqtbEAgs4ulvAb8zKcxcj3Pe3HYyttJSrtVpDxIiEZfGQBaLfl |
|            | OUQvEvkG9BBbXoVv2_dZ259CLjNE0hILzsu6e7b59RSgqdtbyOeLGPITHSbxFgS8aq6mpXidDvE                                  |
| project_id | 9e6ed2044de448c5b6064da5e61108f3                                                                             |
| user_id    | bccfde0f0711448c8e3855ac4dcb8e19                                                                             |
+------------+--------------------------------------------------------------------------------------------------------------+

用户,角色,变量配置完成

6.安装配置glance镜像服务
6.1 创建image服务实体
[root@Marvin-OpenStack ~]# source admin-openstack  ## 切换到admin变量
[root@Marvin-OpenStack ~]# openstack service create --name glance   --description "OpenStack Image" image
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Image                  |
| enabled     | True                             |
| id          | 23c1ddf9a59048aea91fcce887ca97dc |
| name        | glance                           |
| type        | image                            |
+-------------+----------------------------------+
6.2创建glance的API端口,分别创建public,internal,admin
[root@Marvin-OpenStack ~]# openstack endpoint create --region RegionOne \
>     image public http://10.0.0.56:9292
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 0e28a8c975904c28b5a2a9bc180efe02 |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 23c1ddf9a59048aea91fcce887ca97dc |
| service_name | glance                           |
| service_type | image                            |
| url          | http://10.0.0.56:9292            |
+--------------+----------------------------------+
[root@Marvin-OpenStack ~]# openstack endpoint create --region RegionOne     image internal http://10.0.0.56:9292
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 2cf91a5b1e1e4d19830627a1d1088b40 |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 23c1ddf9a59048aea91fcce887ca97dc |
| service_name | glance                           |
| service_type | image                            |
| url          | http://10.0.0.56:9292            |
+--------------+----------------------------------+
[root@Marvin-OpenStack ~]# openstack endpoint create --region RegionOne     image admin http://10.0.0.56:9292
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 806d8539a4f44c66b14488ee1979190d |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 23c1ddf9a59048aea91fcce887ca97dc |
| service_name | glance                           |
| service_type | image                            |
| url          | http://10.0.0.56:9292            |
+--------------+----------------------------------+
## 查看创建信息
[root@Marvin-OpenStack ~]# openstack service list
+----------------------------------+----------+----------+
| ID                               | Name     | Type     |
+----------------------------------+----------+----------+
| 1575e305f3aa4750b10304f38aa54b5e | keystone | identity |
| 23c1ddf9a59048aea91fcce887ca97dc | glance   | image    |
+----------------------------------+----------+----------+
[root@Marvin-OpenStack ~]# openstack endpoint list
+-----------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| ID                          | Region    | Service Name | Service Type | Enabled | Interface | URL                        |
+-----------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| 0e28a8c975904c28b5a2a9bc180 | RegionOne | glance       | image        | True    | public    | http://10.0.0.56:9292      |
| efe02                       |           |              |              |         |           |                            |
| 2cf91a5b1e1e4d19830627a1d10 | RegionOne | glance       | image        | True    | internal  | http://10.0.0.56:9292      |
| 88b40                       |           |              |              |         |           |                            |
| 41838de3d5204c9dbf173321b8b | RegionOne | keystone     | identity     | True    | internal  | http://10.0.0.56:35357/v3/ |
| c05d7                       |           |              |              |         |           |                            |
| 806d8539a4f44c66b14488ee197 | RegionOne | glance       | image        | True    | admin     | http://10.0.0.56:9292      |
| 9190d                       |           |              |              |         |           |                            |
| d8b9d6bf135b482e852c6483ce3 | RegionOne | keystone     | identity     | True    | admin     | http://10.0.0.56:35357/v3/ |
| 0e4f9                       |           |              |              |         |           |                            |
| e83d3ee63f2a473e809931900ec | RegionOne | keystone     | identity     | True    | public    | http://10.0.0.56:5000/v3/  |
| 71174                       |           |              |              |         |           |                            |
+-----------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
6.3 glance安装配置,并同步数据信息
[root@Marvin-OpenStack ~]# yum install openstack-glance -y
[root@Marvin-OpenStack ~]# vim /etc/glance/glance-api.conf
[database]
connection = mysql+pymysql://glance:glance@10.0.0.56/glance  ## 大约在1748行修改数据库
[root@Marvin-OpenStack ~]# vim /etc/glance/glance-registry.conf
[database]
connection = mysql+pymysql://glance:glance@10.0.0.56/glance  ## 大约在1038行修改数据
[root@Marvin-OpenStack ~]# su -s /bin/sh -c "glance-manage db_sync" glance  ## 导入数据库
Option "verbose" from group "DEFAULT" is deprecated for removal.  Its value may be silently ignored in the future.
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:1171: OsloDBDeprecationWarning: EngineFacade is deprecated; please use oslo_db.sqlalchemy.enginefacade
  expire_on_commit=expire_on_commit, _conf=conf)
/usr/lib/python2.7/site-packages/pymysql/cursors.py:166: Warning: (1831, u'Duplicate index `ix_image_properties_image_id_name`. This is deprecated and will be disallowed in a future release.')
  result = self._query(query)  ## 这里的警告忽略掉
[root@Marvin-OpenStack ~]# mysql -h 10.0.0.56 -uglance -pglance -e "use glance;show tables;"  ## 验证是否导入成功
+----------------------------------+
| Tables_in_glance                 |
+----------------------------------+
| artifact_blob_locations          |
| artifact_blobs                   |
| artifact_dependencies            |
| artifact_properties              |
| artifact_tags                    |
| artifacts                        |
| image_locations                  |
| image_members                    |
| image_properties                 |
| image_tags                       |
| images                           |
| metadef_namespace_resource_types |
| metadef_namespaces               |
| metadef_objects                  |
| metadef_properties               |
| metadef_resource_types           |
| metadef_tags                     |
| migrate_version                  |
| task_info                        |
| tasks                            |
+----------------------------------+
## 继续修改glance的配置文件,配置认证访问服务
[root@Marvin-OpenStack ~]# vim /etc/glance/glance-api.conf
[keystone_authtoken]  ## 在keystone_authtoken模块下添加一下内容,大约在3178行
auth_uri = http://10.0.0.56:5000
auth_url = http://10.0.0.56:35357
memcached_servers = 10.0.0.56:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = glance
-----------------------------------------------
[paste_deploy]
flavor = keystone   ##  3990行取消注释
[glance_store]
stores = file,http   ##  1864行取消注释
default_store = file  ## 1896行取消注释
filesystem_store_datadir = /var/lib/glance/images   ## 2196行取消注释
[root@Marvin-OpenStack ~]# vim /etc/glance/glance-registry.conf
[keystone_authtoken]
auth_uri = http://10.0.0.56:5000
auth_url = http://10.0.0.56:35357
memcached_servers = 10.0.0.56:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = glance
-----------------------------------------------
[paste_deploy]
flavor = keystone   ##  1910行取消注释
## 查看glance-api.cnf修改的内容
[root@Marvin-OpenStack ~]# grep '^[a-z]' /etc/glance/glance-api.conf 
connection = mysql+pymysql://glance:glance@10.0.0.56/glance
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images
auth_uri = http://10.0.0.56:5000
auth_url = http://10.0.0.56:35357
memcached_servers = 10.0.0.56:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = glance
flavor = keystone
## 查看glance-registry.conf修改的内容
connection = mysql+pymysql://glance:glance@10.0.0.56/glance
auth_uri = http://10.0.0.56:5000
auth_url = http://10.0.0.56:35357
memcached_servers = 10.0.0.56:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = glance
flavor = keystone
## 启动glance并设置开机自启
[root@Marvin-OpenStack ~]# systemctl enable openstack-glance-api.service \
>     openstack-glance-registry.service
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-api.service to /usr/lib/systemd/system/openstack-glance-api.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-registry.service to /usr/lib/systemd/system/openstack-glance-registry.service.
[root@Marvin-OpenStack ~]# systemctl start  openstack-glance-api.service     openstack-glance-registry.service
## 下载官方cirros镜像,测试
镜像下载:  http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
[root@Marvin-OpenStack ~]# ll
total 12992
-rw-r--r--  1 root root      260 Sep  2 21:16 admin-openstack
-rw-------. 1 root root      930 Sep  2 06:54 anaconda-ks.cfg
-rw-r--r--  1 root root 13287936 Sep  2 22:01 cirros-0.3.4-x86_64-disk.img   ## 上传的镜像
-rw-r--r--  1 root root      256 Sep  2 21:17 demo-openstack
## 创建一个cirros的镜像,属性是公开的
[root@Marvin-OpenStack ~]# openstack image create "cirros" \   
>      --file cirros-0.3.4-x86_64-disk.img \
>      --disk-format qcow2 --container-format bare \
>      --public
+------------------+------------------------------------------------------+
| Field            | Value                                                |
+------------------+------------------------------------------------------+
| checksum         | ee1eca47dc88f4879d8a229cc70a07c6                     |
| container_format | bare                                                 |
| created_at       | 2017-09-02T14:02:46Z                                 |
| disk_format      | qcow2                                                |
| file             | /v2/images/a131bcba-8fa7-4a0e-8333-a36046c31a9c/file |
| id               | a131bcba-8fa7-4a0e-8333-a36046c31a9c                 |
| min_disk         | 0                                                    |
| min_ram          | 0                                                    |
| name             | cirros                                               |
| owner            | 8e8448db75034b1e8be0f7d6931be2d4                     |
| protected        | False                                                |
| schema           | /v2/schemas/image                                    |
| size             | 13287936                                             |
| status           | active                                               |
| tags             |                                                      |
| updated_at       | 2017-09-02T14:02:47Z                                 |
| virtual_size     | None                                                 |
| visibility       | public                                               |
+------------------+------------------------------------------------------+
[root@Marvin-OpenStack ~]# openstack image list  ## 查看镜像
+--------------------------------------+--------+--------+
| ID                                   | Name   | Status |
+--------------------------------------+--------+--------+
| a131bcba-8fa7-4a0e-8333-a36046c31a9c | cirros | active |
+--------------------------------------+--------+--------+
[root@Marvin-OpenStack ~]# glance image-list
+--------------------------------------+--------+
| ID                                   | Name   |
+--------------------------------------+--------+
| a131bcba-8fa7-4a0e-8333-a36046c31a9c | cirros |
+--------------------------------------+--------+

glance服务安装完成

7. nova安装,nova的安装是比较复杂的,是需要在管理节点和计算节点分别安装的

7.1 管理节点安装配置nova
[root@Marvin-OpenStack ~]# yum install openstack-nova-api openstack-nova-conductor   openstack-nova-console openstack-nova-novncproxy   openstack-nova-scheduler -y
[root@Marvin-OpenStack ~]# cd /etc/nova
[root@Marvin-OpenStack nova]# ll
total 300
-rw-r----- 1 root nova   2717 May 31 00:07 api-paste.ini
-rw-r----- 1 root nova 289748 Aug  3 17:52 nova.conf
-rw-r----- 1 root nova      4 May 31 00:07 policy.json
-rw-r--r-- 1 root root     64 Aug  3 17:52 release
-rw-r----- 1 root nova    966 May 31 00:07 rootwrap.conf
[root@Marvin-OpenStack nova]# vim nova.conf
 [DEFAULT]
auth_strategy=keystone  ## 14行,开启验证方式
use_neutron=true   ## 2062 开启注释,并修改为true
enabled_apis=osapi_compute,metadata  ## 3052行,开启注释
firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver  ## 3265 开启注释
transport_url=rabbit://openstack:openstack@10.0.0.56   ## 3601 开启注释,并写入消息验证的地址
[api_database]
connection=mysql+pymysql://nova:nova@10.0.0.56/nova_api  ## 3661 开启注释,并修改数据库地址
[database]
connection=mysql+pymysql://nova:nova@10.0.0.56/nova  ## 4678 开启注释,并修改数据库地址
[keystone_authtoken]  ## 5429行,在这个下面添加nova的认证信息
auth_uri = http://10.0.0.56:5000
auth_url = http://10.0.0.56:35357
memcached_servers = 10.0.0.56:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova 
password = nova
[vnc]
vncserver_listen=0.0.0.0  ## 8384行,取消注释,并修改为0.0.0.0
vncserver_proxyclient_address=10.0.0.56   ## 8396 取消注释,修改为自己的主机地址
[glance]
api_servers=10.0.0.56:9292  ## 4813  取消注释,并修改地址
[oslo_concurrency]
lock_path=/var/lib/nova/tmp   ## 6705行,取消注释
## 查看nova.conf一共修改了多少内容
[root@Marvin-OpenStack nova]# grep '^[a-Z]' nova.conf
auth_strategy=keystone
use_neutron=true
enabled_apis=osapi_compute,metadata
firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver
transport_url=rabbit://openstack:openstack@10.0.0.56
connection=mysql+pymysql://nova:nova@10.0.0.56/nova_api
connection=mysql+pymysql://nova:nova@10.0.0.56/nova
api_servers=10.0.0.56:9292
auth_uri = http://10.0.0.56:5000
auth_url = http://10.0.0.56:35357
memcached_servers = 10.0.0.56:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova 
password = nova
lock_path=/var/lib/nova/tmp
vncserver_listen=0.0.0.0
vncserver_proxyclient_address=10.0.0.56
## 导入数据库信息并验证
[root@Marvin-OpenStack nova]# su -s /bin/sh -c "nova-manage api_db sync" nova
[root@Marvin-OpenStack nova]# su -s /bin/sh -c "nova-manage db sync" nova
WARNING: cell0 mapping not found - not syncing cell0.
/usr/lib/python2.7/site-packages/pymysql/cursors.py:166: Warning: (1831, u'Duplicate index `block_device_mapping_instance_uuid_virtual_name_device_name_idx`. This is deprecated and will be disallowed in a future release.')
  result = self._query(query)
/usr/lib/python2.7/site-packages/pymysql/cursors.py:166: Warning: (1831, u'Duplicate index `uniq_instances0uuid`. This is deprecated and will be disallowed in a future release.')
  result = self._query(query   ### 警告可以忽略
[root@Marvin-OpenStack nova]# mysql -h 10.0.0.56 -unova -pnova -e "use nova;show tables;"   ## 验证,记住nova有两个库,一个nova,一个是nova_api
+--------------------------------------------+
| Tables_in_nova                             |
+--------------------------------------------+
| agent_builds                               |
| aggregate_hosts                            |
| aggregate_metadata                         |
| aggregates                                 |
| allocations                                |
| block_device_mapping                       |
| bw_usage_cache                             |
| cells                                      |
| certificates                               |
| compute_nodes                              |
| console_auth_tokens                        |
| console_pools                              |
| consoles                                   |
| dns_domains                                |
| fixed_ips                                  |
| floating_ips                               |
| instance_actions                           |
| instance_actions_events                    |
| instance_extra                             |
| instance_faults                            |
| instance_group_member                      |
| instance_group_policy                      |
| instance_groups                            |
| instance_id_mappings                       |
| instance_info_caches                       |
| instance_metadata                          |
| instance_system_metadata                   |
| instance_type_extra_specs                  |
| instance_type_projects                     |
| instance_types                             |
| instances                                  |
| inventories                                |
| key_pairs                                  |
| migrate_version                            |
| migrations                                 |
| networks                                   |
| pci_devices                                |
| project_user_quotas                        |
| provider_fw_rules                          |
| quota_classes                              |
| quota_usages                               |
| quotas                                     |
| reservations                               |
| resource_provider_aggregates               |
| resource_providers                         |
| s3_images                                  |
| security_group_default_rules               |
| security_group_instance_association        |
| security_group_rules                       |
| security_groups                            |
| services                                   |
| shadow_agent_builds                        |
| shadow_aggregate_hosts                     |
| shadow_aggregate_metadata                  |
| shadow_aggregates                          |
| shadow_block_device_mapping                |
| shadow_bw_usage_cache                      |
| shadow_cells                               |
| shadow_certificates                        |
| shadow_compute_nodes                       |
| shadow_console_pools                       |
| shadow_consoles                            |
| shadow_dns_domains                         |
| shadow_fixed_ips                           |
| shadow_floating_ips                        |
| shadow_instance_actions                    |
| shadow_instance_actions_events             |
| shadow_instance_extra                      |
| shadow_instance_faults                     |
| shadow_instance_group_member               |
| shadow_instance_group_policy               |
| shadow_instance_groups                     |
| shadow_instance_id_mappings                |
| shadow_instance_info_caches                |
| shadow_instance_metadata                   |
| shadow_instance_system_metadata            |
| shadow_instance_type_extra_specs           |
| shadow_instance_type_projects              |
| shadow_instance_types                      |
| shadow_instances                           |
| shadow_key_pairs                           |
| shadow_migrate_version                     |
| shadow_migrations                          |
| shadow_networks                            |
| shadow_pci_devices                         |
| shadow_project_user_quotas                 |
| shadow_provider_fw_rules                   |
| shadow_quota_classes                       |
| shadow_quota_usages                        |
| shadow_quotas                              |
| shadow_reservations                        |
| shadow_s3_images                           |
| shadow_security_group_default_rules        |
| shadow_security_group_instance_association |
| shadow_security_group_rules                |
| shadow_security_groups                     |
| shadow_services                            |
| shadow_snapshot_id_mappings                |
| shadow_snapshots                           |
| shadow_task_log                            |
| shadow_virtual_interfaces                  |
| shadow_volume_id_mappings                  |
| shadow_volume_usage_cache                  |
| snapshot_id_mappings                       |
| snapshots                                  |
| tags                                       |
| task_log                                   |
| virtual_interfaces                         |
| volume_id_mappings                         |
| volume_usage_cache                         |
+--------------------------------------------+
[root@Marvin-OpenStack nova]# mysql -h 10.0.0.56 -unova -pnova -e "use nova_api;show tables;"
+------------------------------+
| Tables_in_nova_api           |
+------------------------------+
| aggregate_hosts              |
| aggregate_metadata           |
| aggregates                   |
| allocations                  |
| build_requests               |
| cell_mappings                |
| flavor_extra_specs           |
| flavor_projects              |
| flavors                      |
| host_mappings                |
| instance_group_member        |
| instance_group_policy        |
| instance_groups              |
| instance_mappings            |
| inventories                  |
| key_pairs                    |
| migrate_version              |
| request_specs                |
| resource_provider_aggregates |
| resource_providers           |
+------------------------------+
## 验证成功后启动nova服务
[root@Marvin-OpenStack nova]# systemctl enable openstack-nova-api.service \
>      openstack-nova-consoleauth.service openstack-nova-scheduler.service \
>      openstack-nova-conductor.service openstack-nova-novncproxy.service
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-api.service to /usr/lib/systemd/system/openstack-nova-api.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-consoleauth.service to /usr/lib/systemd/system/openstack-nova-consoleauth.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-scheduler.service to /usr/lib/systemd/system/openstack-nova-scheduler.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-conductor.service to /usr/lib/systemd/system/openstack-nova-conductor.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-novncproxy.service to /usr/lib/systemd/system/openstack-nova-novncproxy.service.
[root@Marvin-OpenStack nova]# systemctl start openstack-nova-api.service     openstack-nova-consoleauth.service openstack-nova-scheduler.service     openstack-nova-conductor.service openstack-nova-novncproxy.service
## 创建compute服务
[root@Marvin-OpenStack ~]# openstack service create --name nova \
>      --description "OpenStack Compute" compute
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Compute                |
| enabled     | True                             |
| id          | d1559df37465470eb7fafbd93bffb183 |
| name        | nova                             |
| type        | compute                          |
+-------------+----------------------------------+
## 添加endpoint记录
[root@Marvin-OpenStack ~]# openstack endpoint create --region RegionOne \
>     compute public http://10.0.0.56:8774/v2.1/%\(tenant_id\)s
+--------------+------------------------------------------+
| Field        | Value                                    |
+--------------+------------------------------------------+
| enabled      | True                                     |
| id           | a0f3ffe43f7a44e58261355c9ebad61a         |
| interface    | public                                   |
| region       | RegionOne                                |
| region_id    | RegionOne                                |
| service_id   | d1559df37465470eb7fafbd93bffb183         |
| service_name | nova                                     |
| service_type | compute                                  |
| url          | http://10.0.0.56:8774/v2.1/%(tenant_id)s |
+--------------+------------------------------------------+
[root@Marvin-OpenStack ~]# openstack endpoint create --region RegionOne     compute internal http://10.0.0.56:8774/v2.1/%\(tenant_id\)s
+--------------+------------------------------------------+
| Field        | Value                                    |
+--------------+------------------------------------------+
| enabled      | True                                     |
| id           | 7532f46cca5540bfae8d9340a62644af         |
| interface    | internal                                 |
| region       | RegionOne                                |
| region_id    | RegionOne                                |
| service_id   | d1559df37465470eb7fafbd93bffb183         |
| service_name | nova                                     |
| service_type | compute                                  |
| url          | http://10.0.0.56:8774/v2.1/%(tenant_id)s |
+--------------+------------------------------------------+
[root@Marvin-OpenStack ~]# openstack endpoint create --region RegionOne     compute admin http://10.0.0.56:8774/v2.1/%\(tenant_id\)s
+--------------+------------------------------------------+
| Field        | Value                                    |
+--------------+------------------------------------------+
| enabled      | True                                     |
| id           | d0470f3f77f040b086b34b6641b5e280         |
| interface    | admin                                    |
| region       | RegionOne                                |
| region_id    | RegionOne                                |
| service_id   | d1559df37465470eb7fafbd93bffb183         |
| service_name | nova                                     |
| service_type | compute                                  |
| url          | http://10.0.0.56:8774/v2.1/%(tenant_id)s |
+--------------+------------------------------------------+
## 验证管理节点的nova是否配置成功
[root@Marvin-OpenStack ~]# openstack host list
+------------------+-------------+----------+
| Host Name        | Service     | Zone     |
+------------------+-------------+----------+
| Marvin-OpenStack | scheduler   | internal |
| Marvin-OpenStack | consoleauth | internal |
| Marvin-OpenStack | conductor   | internal |
+------------------+-------------+----------+
[root@Marvin-OpenStack ~]# nova service-list
+----+------------------+------------------+----------+---------+-------+----------------------------+-----------------+
| Id | Binary           | Host             | Zone     | Status  | State | Updated_at                 | Disabled Reason |
+----+------------------+------------------+----------+---------+-------+----------------------------+-----------------+
| 1  | nova-scheduler   | Marvin-OpenStack | internal | enabled | up    | 2017-09-03T08:52:25.000000 | -               |
| 2  | nova-consoleauth | Marvin-OpenStack | internal | enabled | up    | 2017-09-03T08:52:25.000000 | -               |
| 3  | nova-conductor   | Marvin-OpenStack | internal | enabled | up    | 2017-09-03T08:52:27.000000 | -               |
+----+------------------+------------------+----------+---------+-------+----------------------------+-----------------+
[root@Marvin-OpenStack ~]# openstack endpoint list
+-----------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------+
| ID                          | Region    | Service Name | Service Type | Enabled | Interface | URL                         |
+-----------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------+
| 0e28a8c975904c28b5a2a9bc180 | RegionOne | glance       | image        | True    | public    | http://10.0.0.56:9292       |
| efe02                       |           |              |              |         |           |                             |
| 2cf91a5b1e1e4d19830627a1d10 | RegionOne | glance       | image        | True    | internal  | http://10.0.0.56:9292       |
| 88b40                       |           |              |              |         |           |                             |
| 41838de3d5204c9dbf173321b8b | RegionOne | keystone     | identity     | True    | internal  | http://10.0.0.56:35357/v3/  |
| c05d7                       |           |              |              |         |           |                             |
| 7532f46cca5540bfae8d9340a62 | RegionOne | nova         | compute      | True    | internal  | http://10.0.0.56:8774/v2.1/ |
| 644af                       |           |              |              |         |           | %(tenant_id)s               |
| 806d8539a4f44c66b14488ee197 | RegionOne | glance       | image        | True    | admin     | http://10.0.0.56:9292       |
| 9190d                       |           |              |              |         |           |                             |
| a0f3ffe43f7a44e58261355c9eb | RegionOne | nova         | compute      | True    | public    | http://10.0.0.56:8774/v2.1/ |
| ad61a                       |           |              |              |         |           | %(tenant_id)s               |
| d0470f3f77f040b086b34b6641b | RegionOne | nova         | compute      | True    | admin     | http://10.0.0.56:8774/v2.1/ |
| 5e280                       |           |              |              |         |           | %(tenant_id)s               |
| d8b9d6bf135b482e852c6483ce3 | RegionOne | keystone     | identity     | True    | admin     | http://10.0.0.56:35357/v3/  |
| 0e4f9                       |           |              |              |         |           |                             |
| e83d3ee63f2a473e809931900ec | RegionOne | keystone     | identity     | True    | public    | http://10.0.0.56:5000/v3/   |
| 71174                       |           |              |              |         |           |                             |
+-----------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------+

这里nova的管理节点就全部安装完成,确实有点累,后面的内容,我会继续更新,笔者QQ: 779734791 昵称:Marvin,欢迎大家一起讨论

最后编辑于
©著作权归作者所有,转载或内容合作请联系作者
  • 序言:七十年代末,一起剥皮案震惊了整个滨河市,随后出现的几起案子,更是在滨河造成了极大的恐慌,老刑警刘岩,带你破解...
    沈念sama阅读 212,686评论 6 492
  • 序言:滨河连续发生了三起死亡事件,死亡现场离奇诡异,居然都是意外死亡,警方通过查阅死者的电脑和手机,发现死者居然都...
    沈念sama阅读 90,668评论 3 385
  • 文/潘晓璐 我一进店门,熙熙楼的掌柜王于贵愁眉苦脸地迎上来,“玉大人,你说我怎么就摊上这事。” “怎么了?”我有些...
    开封第一讲书人阅读 158,160评论 0 348
  • 文/不坏的土叔 我叫张陵,是天一观的道长。 经常有香客问我,道长,这世上最难降的妖魔是什么? 我笑而不...
    开封第一讲书人阅读 56,736评论 1 284
  • 正文 为了忘掉前任,我火速办了婚礼,结果婚礼上,老公的妹妹穿的比我还像新娘。我一直安慰自己,他们只是感情好,可当我...
    茶点故事阅读 65,847评论 6 386
  • 文/花漫 我一把揭开白布。 她就那样静静地躺着,像睡着了一般。 火红的嫁衣衬着肌肤如雪。 梳的纹丝不乱的头发上,一...
    开封第一讲书人阅读 50,043评论 1 291
  • 那天,我揣着相机与录音,去河边找鬼。 笑死,一个胖子当着我的面吹牛,可吹牛的内容都是我干的。 我是一名探鬼主播,决...
    沈念sama阅读 39,129评论 3 410
  • 文/苍兰香墨 我猛地睁开眼,长吁一口气:“原来是场噩梦啊……” “哼!你这毒妇竟也来了?” 一声冷哼从身侧响起,我...
    开封第一讲书人阅读 37,872评论 0 268
  • 序言:老挝万荣一对情侣失踪,失踪者是张志新(化名)和其女友刘颖,没想到半个月后,有当地人在树林里发现了一具尸体,经...
    沈念sama阅读 44,318评论 1 303
  • 正文 独居荒郊野岭守林人离奇死亡,尸身上长有42处带血的脓包…… 初始之章·张勋 以下内容为张勋视角 年9月15日...
    茶点故事阅读 36,645评论 2 327
  • 正文 我和宋清朗相恋三年,在试婚纱的时候发现自己被绿了。 大学时的朋友给我发了我未婚夫和他白月光在一起吃饭的照片。...
    茶点故事阅读 38,777评论 1 341
  • 序言:一个原本活蹦乱跳的男人离奇死亡,死状恐怖,灵堂内的尸体忽然破棺而出,到底是诈尸还是另有隐情,我是刑警宁泽,带...
    沈念sama阅读 34,470评论 4 333
  • 正文 年R本政府宣布,位于F岛的核电站,受9级特大地震影响,放射性物质发生泄漏。R本人自食恶果不足惜,却给世界环境...
    茶点故事阅读 40,126评论 3 317
  • 文/蒙蒙 一、第九天 我趴在偏房一处隐蔽的房顶上张望。 院中可真热闹,春花似锦、人声如沸。这庄子的主人今日做“春日...
    开封第一讲书人阅读 30,861评论 0 21
  • 文/苍兰香墨 我抬头看了看天上的太阳。三九已至,却和暖如春,着一层夹袄步出监牢的瞬间,已是汗流浃背。 一阵脚步声响...
    开封第一讲书人阅读 32,095评论 1 267
  • 我被黑心中介骗来泰国打工, 没想到刚下飞机就差点儿被人妖公主榨干…… 1. 我叫王不留,地道东北人。 一个月前我还...
    沈念sama阅读 46,589评论 2 362
  • 正文 我出身青楼,却偏偏与公主长得像,于是被迫代替她去往敌国和亲。 传闻我的和亲对象是个残疾皇子,可洞房花烛夜当晚...
    茶点故事阅读 43,687评论 2 351

推荐阅读更多精彩内容