使用Packstack在CentOS 7上进行OpenStack部署

如何使用PackStack在CentOS上部署私有OpenStack云? OpenStack是一个流行的免费开源软件平台,用于构建公共云和私有云。使用PackStack安装实用程序,您可以在几分钟内在CentOS 7上运行多合一OpenStack云。部署后,您可以根据需要将节点“添加”到OpenStack云中。

此设置使用CentOS上的PackStack通过以下服务构建OpenStack Cloud:

  • 煤壳 –块存储服务
  • 中子 –网​​络服务
  • 新星 –计算
  • 快点 –对象存储服务
  • 梯形失真 –身份服务
  • 热度 –编排服务
  • 扫视 –影像服务
  • 地平线 –仪表板
  • 大酒瓶 -集装箱服务

按照以下规格安装在物理服务器上。

Memory: 128GB RAM
CPU: Intel(R) Xeon(R) CPU E5-1650 v2 @ 3.50GHz (12 cores)
Disk: 3 x 4TB SATA
Network: 1Gbit
IPV4 Adresses: 1 x IPV4 + /28 Subnet (14 IPs)


------------------------------------------------------------
$ grep -c ^processor /proc/cpuinfo 
12

$ free -h
              total        used        free      shared  buff/cache   available
Mem:           125G        207M        125G         21M        244M        124G
Swap:            0B          0B          0B

$ lsblk 
NAME  MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
loop0   7:0    0    3G  1 loop 
sda     8:0    0  3.7T  0 disk 
sdb     8:16   0  3.7T  0 disk 
sdc     8:32   0  3.7T  0 disk 

$ ip link  show 
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0:  mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
    link/ether 0c:c4:7a:02:26:be brd ff:ff:ff:ff:ff:ff

服务器提供者是Hetzner。请参阅我们的指南,了解如何在Hetzner根服务器上安装CentOS 7。

步骤1:符合设定要求

使用此处共享的命令禁用firewalld,NetworkManager和SELinux。

sudo systemctl disable --now firewalld NetworkManager
sudo setenforce 0
sudo sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config

设置服务器的主机名。

sudo hostnamectl set-hostname openstackcloud.example.com --static

最后,更新系统并安装基本实用程序。

sudo yum -y update
sudo yum -y install vim wget curl telnet bash-completion
sudo reboot

步骤2:安装Packstack软件包

使用以下命令添加RDO(OpenStack RPM分发)存储库。

--- OpenStack Stein ----
$ sudo yum install -y centos-release-openstack-stein

--- OpenStack Rocky ----
$ sudo yum install -y centos-release-openstack-rocky

如果有新版本的Openstack遵循本文,请用发行版名称替换stein或rocky。

添加存储库后,安装CentOS packstack软件包。

sudo yum install -y openstack-packstack

步骤3:创建一个packstack响应文件

您需要生成一个配置文件,该文件将用于通过Packstack安装OpenStack Cloud。该文件包含诸如安装服务,存储配置和网络之类的信息。

$ sudo packstack --gen-answer-file /root/answers.txt
Packstack changed given value  to required value /root/.ssh/id_rsa.pub

打开生成的配置文件并对其进行编辑以进行安装。这些是我的参数集。

CONFIG_NTP_SERVERS=0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org
CONFIG_CONTROLLER_HOST=192.168.10.10
CONFIG_COMPUTE_HOSTS=192.168.10.10
CONFIG_NETWORK_HOSTS=192.168.10.10
CONFIG_STORAGE_HOST=192.168.10.10
CONFIG_KEYSTONE_ADMIN_PW=b29e883d82dd45f8
CONFIG_SWIFT_STORAGES=/dev/sdc2
CONFIG_PROVISION_DEMO=n
CONFIG_HEAT_INSTALL=y
CONFIG_HEAT_CFN_INSTALL=y
CONFIG_CEILOMETER_INSTALL=y
CONFIG_MAGNUM_INSTALL=y
CONFIG_LBAAS_INSTALL=y
CONFIG_CINDER_VOLUMES_CREATE=n
CONFIG_NOVA_SCHED_RAM_ALLOC_RATIO=3.0
CONFIG_NOVA_LIBVIRT_VIRT_TYPE=%{::default_hypervisor}
CONFIG_HORIZON_SSL=n

Cinder和Swift存储在块设备上 /开发/ SDC

sudo parted -s -a optimal -- /dev/sdc mklabel gpt
sudo parted -s -a optimal -- /dev/sdc mkpart primary 0% 70%
sudo parted -s -a optimal -- /dev/sdc mkpart primary 70% 100%

对于Cinder,创建另一个要使用的LVM卷组 / dev / sdc1

$ sudo pvcreate /dev/sdc1
Physical volume "/dev/sdc1" successfully created. 

$ sudo vgcreate cinder-volumes /dev/sdc1
Volume group "cinder-volumes" successfully created

$ sudo lvcreate -l 100%FREE -T cinder-volumes/cinder-volumes-pool
Thin pool volume with chunk size 256.00 KiB can address at most 63.25 TiB of data.
  Logical volume "cinder-volumes-pool" created.

快速存储放置在分区中 / dev / sdc2让我们创建一个文件系统。

sudo mkfs.xfs /dev/sdc2

步骤4:使用packstack安装OpenStack

现在您可以使用响应文件了,您可以使用packstack命令行引导OpenStack Cloud。

sudo packstack --answer-file /root/answers.txt --timeout=1500 | tee packstrack-output.txt

请参阅下面的安装输出。

Welcome to the Packstack setup utility

The installation log file is available at: /var/tmp/packstack/20190710-211124-ZVhc4m/openstack-setup.log

Installing:
Clean Up                                             [ DONE ]
Discovering ip protocol version                      [ DONE ]
Setting up ssh keys                                  [ DONE ]
Preparing servers                                    [ DONE ]
Pre installing Puppet and discovering hosts' details [ DONE ]
Preparing pre-install entries                        [ DONE ]
Setting up CACERT                                    [ DONE ]
Preparing AMQP entries                               [ DONE ]
Preparing MariaDB entries                            [ DONE ]
Fixing Keystone LDAP config parameters to be undef if empty[ DONE ]
Preparing Keystone entries                           [ DONE ]
Preparing Glance entries                             [ DONE ]
Checking if the Cinder server has a cinder-volumes vg[ DONE ]
Preparing Cinder entries                             [ DONE ]
Preparing Nova API entries                           [ DONE ]
Creating ssh keys for Nova migration                 [ DONE ]
Gathering ssh host keys for Nova migration           [ DONE ]
Preparing Nova Compute entries                       [ DONE ]
Preparing Nova Scheduler entries                     [ DONE ]
Preparing Nova VNC Proxy entries                     [ DONE ]
Preparing OpenStack Network-related Nova entries     [ DONE ]
Preparing Nova Common entries                        [ DONE ]
Preparing Neutron LBaaS Agent entries                [ DONE ]
Preparing Neutron API entries                        [ DONE ]
Preparing Neutron L3 entries                         [ DONE ]
Preparing Neutron L2 Agent entries                   [ DONE ]
Preparing Neutron DHCP Agent entries                 [ DONE ]
Preparing Neutron Metering Agent entries             [ DONE ]
Checking if NetworkManager is enabled and running    [ DONE ]
Preparing OpenStack Client entries                   [ DONE ]
Preparing Horizon entries                            [ DONE ]
Preparing Swift builder entries                      [ DONE ]
Preparing Swift proxy entries                        [ DONE ]
Preparing Swift storage entries                      [ DONE ]
Preparing Heat entries                               [ DONE ]
Preparing Heat CloudFormation API entries            [ DONE ]
Preparing Gnocchi entries                            [ DONE ]
Preparing Redis entries                              [ DONE ]
Preparing Ceilometer entries                         [ DONE ]
Preparing Aodh entries                               [ DONE ]
Adding Magnum manifest entries                       [ DONE ]
Preparing Puppet manifests                           [ DONE ]
Copying Puppet modules and manifests                 [ DONE ]
Applying 192.168.10.10_controller.pp
192.168.10.10_controller.pp:                         [ DONE ]
Applying 192.168.10.10_network.pp
192.168.10.10_network.pp:                            [ DONE ]
Applying 192.168.10.10_compute.pp
192.168.10.10_compute.pp:                            [ DONE ]
Applying Puppet manifests                            [ DONE ]
Finalizing                                           [ DONE ]

 **** Installation completed successfully ******

Additional information:
 * Time synchronization installation was skipped. Please note that unsynchronized time on server instances might be problem for some OpenStack components.
 * File /root/keystonerc_admin has been created on OpenStack client host 192.168.10.10. To use the command line tools you need to source the file.
 * To access the OpenStack Dashboard browse to http://192.168.10.10/dashboard .
Please, find your login credentials stored in the keystonerc_admin in your home directory.
 * Because of the kernel update the host 192.168.10.10 requires reboot.
 * The installation log file is available at: /var/tmp/packstack/20190710-211124-ZVhc4m/openstack-setup.log
 * The generated manifests are available at: /var/tmp/packstack/20190710-211124-ZVhc4m/manifests

步骤5:配置OpenStack网络

在接口上创建一个外部OVS桥。

$ sudo vi /etc/sysconfig/network-scripts/ifcfg-eno1
DEVICE=eno1
ONBOOT=yes
TYPE=OVSPort
DEVICETYPE=ovs
OVS_BRIDGE=br-ex 

$ sudo vi /etc/sysconfig/network-scripts/ifcfg-br-ex
DEVICE=br-ex
BOOTPROTO=none
ONBOOT=yes
TYPE=OVSBridge
DEVICETYPE=ovs
USERCTL=yes
PEERDNS=yes
IPV6INIT=no
IPADDR=192.168.10.10
NETMASK=255.255.255.0
GATEWAY=192.168.10.1
DNS1=192.168.10.1

将已配置接口的静态路由移动到br-ex。

sudo mv /etc/sysconfig/network-scripts/route-eno1 /etc/sysconfig/network-scripts/route-br-ex

添加网络物理接口 布雷克斯 打开vSwitch网桥。

sudo ovs-vsctl add-port br-ex eno1; systemctl restart network.service

可以以类似方式配置其他网桥。您需要使用正确的映射配置Open vSwitch。

$ sudo  vi /etc/neutron/plugins/ml2/openvswitch_agent.ini 
bridge_mappings=extnet:br-ex

重新启动Nova服务。

sudo systemctl restart openstack-nova-compute
sudo systemctl restart openstack-nova-api
sudo systemctl restart openstack-nova-scheduler

创建一个OpenStack专用网络。

$ source keystonerc_admin
$ openstack network create private

+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | UP                                   |
| availability_zone_hints   |                                      |
| availability_zones        |                                      |
| created_at                | 2019-06-26T13:44:43Z                 |
| description               |                                      |
| dns_domain                | None                                 |
| id                        | e406e76f-e89d-42a2-bab1-9c883b2e49aa |
| ipv4_address_scope        | None                                 |
| ipv6_address_scope        | None                                 |
| is_default                | False                                |
| is_vlan_transparent       | None                                 |
| mtu                       | 1450                                 |
| name                      | private                              |
| port_security_enabled     | True                                 |
| project_id                | d16dda64b73945898eebbd5be9572612     |
| provider:network_type     | vxlan                                |
| provider:physical_network | None                                 |
| provider:segmentation_id  | 82                                   |
| qos_policy_id             | None                                 |
| revision_number           | 2                                    |
| router:external           | Internal                             |
| segments                  | None                                 |
| shared                    | False                                |
| status                    | ACTIVE                               |
| subnets                   |                                      |
| tags                      |                                      |
| updated_at                | 2019-06-26T13:44:43Z                 |
+---------------------------+--------------------------------------+

$ openstack subnet create --network private --allocation-pool 
start=10.1.1.50,end=10.1.1.200 --dns-nameserver 8.8.8.8 
--subnet-range 10.1.1.0/24 private_subnet

+-------------------+--------------------------------------+
| Field             | Value                                |
+-------------------+--------------------------------------+
| allocation_pools  | 10.1.1.50-10.1.1.200                 |
| cidr              | 10.1.1.0/24                          |
| created_at        | 2019-06-26T13:48:34Z                 |
| description       |                                      |
| dns_nameservers   | 8.8.8.8                              |
| enable_dhcp       | True                                 |
| gateway_ip        | 10.1.1.1                             |
| host_routes       |                                      |
| id                | 76ff61dd-0438-4848-a611-f4b4de070164 |
| ip_version        | 4                                    |
| ipv6_address_mode | None                                 |
| ipv6_ra_mode      | None                                 |
| name              | private_subnet                       |
| network_id        | e406e76f-e89d-42a2-bab1-9c883b2e49aa |
| project_id        | d16dda64b73945898eebbd5be9572612     |
| revision_number   | 0                                    |
| segment_id        | None                                 |
| service_types     |                                      |
| subnetpool_id     | None                                 |
| tags              |                                      |
| updated_at        | 2019-06-26T13:48:34Z                 |
+-------------------+--------------------------------------+

创建一个公共网络。

$ openstack network create --provider-network-type flat 
--provider-physical-network extnet --external public

+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | UP                                   |
| availability_zone_hints   |                                      |
| availability_zones        |                                      |
| created_at                | 2019-06-26T16:35:43Z                 |
| description               |                                      |
| dns_domain                | None                                 |
| id                        | 900b1ede-3e62-4d73-88d3-b28c129a6bb6 |
| ipv4_address_scope        | None                                 |
| ipv6_address_scope        | None                                 |
| is_default                | False                                |
| is_vlan_transparent       | None                                 |
| mtu                       | 1500                                 |
| name                      | public                               |
| port_security_enabled     | True                                 |
| project_id                | d16dda64b73945898eebbd5be9572612     |
| provider:network_type     | flat                                 |
| provider:physical_network | extnet                               |
| provider:segmentation_id  | None                                 |
| qos_policy_id             | None                                 |
| revision_number           | 2                                    |
| router:external           | External                             |
| segments                  | None                                 |
| shared                    | False                                |
| status                    | ACTIVE                               |
| subnets                   |                                      |
| tags                      |                                      |
| updated_at                | 2019-06-26T16:35:43Z                 |
+---------------------------+--------------------------------------+

$ openstack subnet create --network public 
    --allocation-pool start=,end= 
    --no-dhcp 
    --subnet-range /27 public_subnet

添加新路由器并配置路由器接口。

$ openstack router create --no-ha router1

+-------------------------+--------------------------------------+
| Field                   | Value                                |
+-------------------------+--------------------------------------+
| admin_state_up          | UP                                   |
| availability_zone_hints |                                      |
| availability_zones      |                                      |
| created_at              | 2019-06-26T16:36:54Z                 |
| description             |                                      |
| distributed             | False                                |
| external_gateway_info   | None                                 |
| flavor_id               | None                                 |
| ha                      | False                                |
| id                      | 188d5388-6f58-4387-8a13-018b9c2e81f4 |
| name                    | router1                              |
| project_id              | d16dda64b73945898eebbd5be9572612     |
| revision_number         | 0                                    |
| routes                  |                                      |
| status                  | ACTIVE                               |
| tags                    |                                      |
| updated_at              | 2019-06-26T16:36:54Z                 |
+-------------------------+--------------------------------------+

$ openstack router set --external-gateway public router1
$ openstack router add subnet router1 private_subnet
$ ip netns show
qrouter-188d5388-6f58-4387-8a13-018b9c2e81f4 (id: 1)
qdhcp-e406e76f-e89d-42a2-bab1-9c883b2e49aa (id: 0)

步骤6:配置Cinder

配置Cinder以使用配置的LVM卷。

$ sudo  vi /etc/cinder/cinder.conf
enabled_backends=lvm
volume_clear = none

[lvm]
volume_backend_name=lvm
volume_driver=cinder.volume.drivers.lvm.LVMVolumeDriver
iscsi_ip_address=192.168.10.10
iscsi_helper=lioadm
volume_group=cinder-volumes
volumes_dir=/var/lib/cinder/volumes

进行更改后,您必须重新启动Cinder服务。

sudo systemctl restart openstack-cinder-volume
sudo systemctl restart openstack-cinder-api

步骤7:创建风味和安全性组

让我们添加一个OpenStack风格。

openstack flavor create --id 0 --ram 1024  --vcpus  1 --swap 2048  --disk 10    m1.tiny
openstack flavor create --id 1 --ram 2048  --vcpus  1 --swap 4096  --disk 20    m1.small
openstack flavor create --id 2 --ram 4096  --vcpus  2 --swap 8192  --disk 40    m1.medium
openstack flavor create --id 3 --ram 8192  --vcpus  4 --swap 8192  --disk 80    m1.large
openstack flavor create --id 4 --ram 16384 --vcpus  8 --swap 8192  --disk 160   m1.xlarge

和基本安全组

openstack security group create basic --description "Allow base ports"
openstack security group rule create --protocol TCP --dst-port 22 --remote-ip 0.0.0.0/0 basic
openstack security group rule create --protocol TCP --dst-port 80 --remote-ip 0.0.0.0/0 basic
openstack security group rule create --protocol TCP --dst-port 443 --remote-ip 0.0.0.0/0 basic
openstack security group rule create --protocol ICMP --remote-ip 0.0.0.0/0 basic

步骤8:创建私钥并添加Glance图片

为您的帐户创建一个新密钥或使用现有密钥。

$ ssh-keygen -q -N "" 
$ openstack keypair create --public-key=~/.ssh/id_rsa.pub adminkey 
+-------------+-------------------------------------------------+
| Field       | Value                                           |
+-------------+-------------------------------------------------+
| fingerprint | 7a:44:0d:94:8a:c6:6d:fd:11:8e:20:42:e9:10:6f:9d |
| name        | adminkey                                        |
| user_id     | 4d1ab48579084cda924ca40a8ce0766b                |
+-------------+-------------------------------------------------+

有关Glance图像,请参阅前一指南。

如何将Glance云映像添加到OpenStack

访问OpenStack仪表板

要访问OpenStack仪表板,请浏览至http:// openstackip /仪表板。

登录凭据是 keystonerc_admin 主目录中的文件。

其他OpenStack指南:

如何使用固定/静态IP地址创建OpenStack实例

如何创建OpenStack项目,用户和角色

如何将OpenStack实例从一台计算主机迁移到另一台计算主机

如何调整OpenStack实例/虚拟机的大小

使用CLI将SSH密钥对添加到OpenStack

如何使用CLI向OpenStack添加口味

如何在Linux上安装和配置OpenStack Client

如何将OpenStack实例/ VM配置为在Nova计算重启后自动启动

如何创建OpenStack Cinder卷并将其附加到VM实例

Sidebar