1.前言
- 由于资源有限,所以直接在存储节点(block)部署
- 由于存储节点最初只设计了一块网卡,所以需要增加一块网卡,名称为eth1,IP:192.168.200.30
- 编辑
ifcfg-eth1
,然后重启网络systemctl restart network
或启动网卡ifup eth1
- 如果是一台新机器,请按照OpenStack-Mitaka版本部署,进行环境准备工作
2.部署流程
1.安装openstack客户端和openstack-selinux
yum install python-openstackclient.noarch openstack-selinux.noarch openstack-utils -y
2.安装nova-compute
yum install openstack-nova-compute -y
yum install openstack-utils.noarch -y
3.修改配置
- 1.备份
/etc/nova/nova.conf
文件,并去掉注释
cp /etc/nova/nova.conf /etc/nova/nova.conf.bak
grep -Ev '^$|#' /etc/nova/nova.conf.bak > /etc/nova/nova.conf
- 2.使用openstack-config命令修改相关配置
openstack-config --set /etc/nova/nova.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_host controller
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_password openstack
openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_uri http://controller:5000
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://controller:35357
openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers controller:11211
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name service
openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
openstack-config --set /etc/nova/nova.conf keystone_authtoken password NOVA_PASS
# 计算节点的管理网络IP(重点修改对象,新机器的IP)
openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 192.168.100.30
openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron True
openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
openstack-config --set /etc/nova/nova.conf vnc enabled True
openstack-config --set /etc/nova/nova.conf vnc vncserver_listen 0.0.0.0
openstack-config --set /etc/nova/nova.conf vnc vncserver_proxyclient_address '$my_ip'
# 控制节点的外部网络IP
openstack-config --set /etc/nova/nova.conf vnc novncproxy_base_url http://192.168.200.10:6080/vnc_auto.html
openstack-config --set /etc/nova/nova.conf glance api_servers http://controller:9292
openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
openstack-config --set /etc/nova/nova.conf neutron url http://controller:9696
openstack-config --set /etc/nova/nova.conf neutron auth_url http://controller:35357
openstack-config --set /etc/nova/nova.conf neutron auth_type password
openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
openstack-config --set /etc/nova/nova.conf neutron user_domain_name default
openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
openstack-config --set /etc/nova/nova.conf neutron project_name service
openstack-config --set /etc/nova/nova.conf neutron username neutron
openstack-config --set /etc/nova/nova.conf neutron password NEUTRON_PASS
4.安装neutron-linuxbridge-agent
yum install openstack-neutron-linuxbridge ebtables ipset -y
5.修改配置
- 1.备份
/etc/neutron/neutron.conf
文件,并去掉注释
cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
grep -Ev '^$|#' /etc/neutron/neutron.conf.bak > /etc/neutron/neutron.conf
- 2.使用openstack-config命令修改相关配置
openstack-config --set /etc/neutron/neutron.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_host controller
openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_password openstack
openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://controller:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://controller:35357
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers controller:11211
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password NEUTRON_PASS
openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
- 3.备份
/etc/neutron/plugins/ml2/linuxbridge_agent.ini
文件,并去掉注释
cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak
grep -Ev '^$|#' /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
- 4.使用openstack-config命令修改相关配置
# PROVIDER_INTERFACE_NAME:为外网网卡eth1
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:eth1
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan False
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group True
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
6.启动服务
systemctl enable libvirtd.service openstack-nova-compute.service neutron-linuxbridge-agent.service
systemctl start libvirtd.service openstack-nova-compute.service neutron-linuxbridge-agent.service
7.验证
- 控制节点,检查是否多个一个
nova
服务
[root@controller ~]# nova service-list
+----+------------------+------------+----------+---------+-------+----------------------------+-----------------+
| Id | Binary | Host | Zone | Status | State | Updated_at | Disabled Reason |
+----+------------------+------------+----------+---------+-------+----------------------------+-----------------+
| 1 | nova-consoleauth | controller | internal | enabled | up | 2023-01-09T13:33:35.000000 | - |
| 2 | nova-conductor | controller | internal | enabled | up | 2023-01-09T13:33:34.000000 | - |
| 3 | nova-scheduler | controller | internal | enabled | up | 2023-01-09T13:33:30.000000 | - |
| 7 | nova-compute | compute | nova | enabled | up | 2023-01-09T13:33:35.000000 | - |
| 8 | nova-compute | block | nova | enabled | up | 2023-01-09T13:33:32.000000 | - |
+----+------------------+------------+----------+---------+-------+----------------------------+-----------------+
- 控制节点,检查是否多个一个
bridge agent
服务
[root@controller ~]# neutron agent-list
+--------------------------------------+--------------------+------------+-------------------+-------+----------------+---------------------------+
| id | agent_type | host | availability_zone | alive | admin_state_up | binary |
+--------------------------------------+--------------------+------------+-------------------+-------+----------------+---------------------------+
| 01c79ff7-a257-4572-8d36-e53a41c54b4c | Metadata agent | controller | | :-) | True | neutron-metadata-agent |
| 7288d214-2d6e-40d1-a52b-4810ac843454 | Linux bridge agent | controller | | :-) | True | neutron-linuxbridge-agent |
| a53f41d4-b579-4d8f-9f70-681f5936d996 | Linux bridge agent | block | | :-) | True | neutron-linuxbridge-agent |
| c94f5235-7ef6-4043-bed1-ad4c041525f4 | DHCP agent | controller | nova | :-) | True | neutron-dhcp-agent |
| f40e89c2-9bef-4c6c-a063-03f9f32c9c20 | Linux bridge agent | compute | | :-) | True | neutron-linuxbridge-agent |
+--------------------------------------+--------------------+------------+-------------------+-------+----------------+---------------------------+
3.创建实例
1.一次性创建两个实例,看看调度情况
- 由于资源相同,两个虚机应该会分别被调度在不同的节点
2.主机聚集
- 通过创建主机聚集,控制虚机调度在哪个节点
- 创建2个实例,观察调度情况(期望两个虚机都调度在compute节点上)
4.实例冷迁移
1.计算节点之间进行互信(免密登录)
1.在任意节点执行以下操做:假使在compute节点
- 1.切换
nova
用户
usermod -s /bin/bash nova
su - nova
cp /etc/skel/.bash* .
logout
su - nova
- 2.生成密钥对
ssh-keygen -t rsa -q -N ''
[nova@compute ~]$ ls /var/lib/nova/.ssh
id_rsa id_rsa.pub
- 3.设置自己免密登录
cp -fa /var/lib/nova/.ssh/id_rsa.pub /var/lib/nova/.ssh/authorized_keys
2.将计算节点刚刚生成的.ssh目录拷贝到存储节点(部署了计算服务)
- 1.远程拷贝
.ssh
目录
scp -rp /var/lib/nova/.ssh root@block:`pwd`
- 2.存储节点切换nova用户
usermod -s /bin/bash nova
su - nova
cp /etc/skel/.bash* .
logout
su - nova
logout
- 3.修改
/var/lib/nova/.ssh
下的文件权限
chown -R nova:nova /var/lib/nova/.ssh
- 4.测试免密登录
su - nova
ssh nova@compute
su - nova
ssh nova@block
2.修改控制节点/etc/nova/nova.conf
配置文件
- 1.修改
/etc/nova/nova.conf
配置
[default]
scheduler_default_filters = RetryFilter, AvailabilityZoneFilter, RamFilter, DiskFilter, ComputeFilter, ComputeCapabilitiesFilter, ImagePropertiesFilter, ServerGroupAntiAffinityFilter, ServerGroupAffinityFilter
- 2.重启
nova-scheduler
服务
systemctl restart openstack-nova-scheduler.service
3.修改所有计算节点/etc/nova/nova.conf
配置文件
[default]
allow_resize_to_same_host = True
- 重启
nova-compute
服务
systemctl restart openstack-nova-compute.service
4.web界面操做
-
1.迁移主机必须属于同一个主机聚集,所以重新创建主机聚集
-
2.实例的迁移,只对配置了迁移环境后,创建的虚机有效,所以使用刚刚创建的主机聚集来重新创建实例测试。
-
3.迁移