OpenStack一键部署

资源列表

操作系统	配置	主机名	IP	角色	磁盘	虚拟化
CentOS 7.9	4G8G	openstack	192.168.93.109	安装所有openstack组件	100G	硬件支持虚拟化

基础环境

• 关闭防火墙

systemctl stop firewalld
systemctl disable firewalld

• 关闭内核机制

setenforce 0
sed -i "s/^SELINUX=.*/SELINUX=disabled/g" /etc/selinux/config

• 修改主机名

hostnamectl set-hostname openstack

一、基础环境配置

1.1、配置时间同步

[root@openstack ~]# yum -y install ntpdate
# 如果没有同步，就多同步几次
[root@openstack ~]# ntpdate ntp1.aliyun.com
27 May 20:20:15 ntpdate[53382]: adjust time server 120.25.115.20 offset 0.005008 sec

1.2、配置网络

• 虚拟机需要配置静态IP地址、网关及DNS参数，并测试网络连通性。网卡配置文件当中不要有“DOMAIN=X.X.X.X”，因为这会影响nova配置文件内host的配置项，从而导致可用域不可用，无法创建虚拟机。
• 并且需要关闭NetworkManager

[root@openstack ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens33 
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=42c3cb34-080e-4bdd-9acb-4cfeeab16a35
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.93.109
NETMASK=255.255.255.0
GATEWAY=192.168.93.2
DNS1=114.114.114.114
DNS2=8.8.8.8

# 关闭NetworkManager，这是一个网络连接管理器和用户应用程序
[root@openstack ~]# systemctl stop NetworkManager
[root@openstack ~]# systemctl disable NetworkManager

1.3、添加hosts绑定

[root@openstack ~]# cat >> /etc/hosts << EOF
#如果不绑定hosts，在创建云主机之后无法通过控制台方 式访问云主机
192.168.93.109 openstack
EOF

1.4、更新系统并安装常用软件

• 如果使用的是CentOS 7.3左右的系统，执行下面内容过后，可能会出现报错问题，最好的办法是采用CentOS 7.9操作系统

[root@openstack ~]# yum -y update
[root@openstack ~]# yum -y install vim wget net-tools lrzsz

二、使用packstack一键部署OpenStack

• 完成环境准备之后，通过packstack工具部署OpenStack。packstack是自动部署OpenStack的工具，通过它可以帮助管理员完成OpenStack的自动部署
• 首先通过YUM源安装packstack工具，然后利用packstack工具一键部署OpenStack

2.1、Train版YUM源安装

• 系统默认会提供CentOS的官方YUM源，在源中包含了目前支持的OpenStack四个版本，分别是：Queens、Rocky、Stein、Train。本次案例选择安装Train版本的OpenStack

# 如果不能安装，那么可能是不能上网，或者没有配置好网络YUM源
[root@openstack ~]# yum -y install centos-release-openstack-train

# Train版本的OpenStack安装源部署完成之后，在/etc/yum.repos.d/目录下会自动生成YUM配置文件
[root@openstack ~]# ls -lh /etc/yum.repos.d/*.repo
-rw-r--r--. 1 root root 1.7K May 27 04:29 /etc/yum.repos.d/CentOS-Base.repo
-rw-r--r--  1 root root  956 Jun 19  2019 /etc/yum.repos.d/CentOS-Ceph-Nautilus.repo
-rw-r--r--  1 root root  717 Mar 23  2020 /etc/yum.repos.d/CentOS-NFS-Ganesha-28.repo
-rw-r--r--  1 root root 1.3K Oct 22  2019 /etc/yum.repos.d/CentOS-OpenStack-train.repo
-rw-r--r--  1 root root  612 Feb  1  2019 /etc/yum.repos.d/CentOS-QEMU-EV.repo
-rw-r--r--  1 root root  353 Jul 31  2018 /etc/yum.repos.d/CentOS-Storage-common.repo

2.2、Packstack软件包安装

• 完成YUM源配置之后，通过YUM安装openstack-packstack软件包

[root@openstack ~]# yum -y install openstack-packstack

2.3、Packstack一键部署OpenStack

• 管理员只需在控制台上输入一条命令，所有的工作皆有packstack自动完成，packstack工具会将所有的OpenStack组件部署到同一台服务器中。在实际工作中，考虑到负载分担以及冗余，建议将OpenStack组件分别部署到不同的服务器中。

• 时间会很长，根据网速决定，耐心等待即可

• OpenStack安装只需执行以下命令即可。当界面中出现“successfully”时，说明OpenStack安装成功

[root@openstack ~]# packstack --allinone
Welcome to the Packstack setup utility

The installation log file is available at: /var/tmp/packstack/20240527-202114-nHpTBQ/openstack-setup.log
Packstack changed given value  to required value /root/.ssh/id_rsa.pub

Installing:
Clean Up                                             [ DONE ]
Discovering ip protocol version                      [ DONE ]
Setting up ssh keys                                  [ DONE ]
Preparing servers                                    [ DONE ]
Pre installing Puppet and discovering hosts' details [ DONE ]
Preparing pre-install entries                        [ DONE ]
Setting up CACERT                                    [ DONE ]
Preparing AMQP entries                               [ DONE ]
Preparing MariaDB entries                            [ DONE ]
Fixing Keystone LDAP config parameters to be undef if empty[ DONE ]
Preparing Keystone entries                           [ DONE ]
Preparing Glance entries                             [ DONE ]
Checking if the Cinder server has a cinder-volumes vg[ DONE ]
Preparing Cinder entries                             [ DONE ]
Preparing Nova API entries                           [ DONE ]
Creating ssh keys for Nova migration                 [ DONE ]
Gathering ssh host keys for Nova migration           [ DONE ]
Preparing Nova Compute entries                       [ DONE ]
Preparing Nova Scheduler entries                     [ DONE ]
Preparing Nova VNC Proxy entries                     [ DONE ]
Preparing OpenStack Network-related Nova entries     [ DONE ]
Preparing Nova Common entries                        [ DONE ]
Preparing Neutron API entries                        [ DONE ]
Preparing Neutron L3 entries                         [ DONE ]
Preparing Neutron L2 Agent entries                   [ DONE ]
Preparing Neutron DHCP Agent entries                 [ DONE ]
Preparing Neutron Metering Agent entries             [ DONE ]
Checking if NetworkManager is enabled and running    [ DONE ]
Preparing OpenStack Client entries                   [ DONE ]
Preparing Horizon entries                            [ DONE ]
Preparing Swift builder entries                      [ DONE ]
Preparing Swift proxy entries                        [ DONE ]
Preparing Swift storage entries                      [ DONE ]
Preparing Gnocchi entries                            [ DONE ]
Preparing Redis entries                              [ DONE ]
Preparing Ceilometer entries                         [ DONE ]
Preparing Aodh entries                               [ DONE ]
Preparing Puppet manifests                           [ DONE ]
Copying Puppet modules and manifests                 [ DONE ]
Applying 192.168.93.109_controller.pp
192.168.93.109_controller.pp:                        [ DONE ]           
Applying 192.168.93.109_network.pp
192.168.93.109_network.pp:                           [ DONE ]        
Applying 192.168.93.109_compute.pp
192.168.93.109_compute.pp:                           [ DONE ]        
Applying Puppet manifests                            [ DONE ]
Finalizing                                           [ DONE ]

 **** Installation completed successfully ******

Additional information:
 * Parameter CONFIG_NEUTRON_L2_AGENT: You have chosen OVN Neutron backend. Note that this backend does not support the VPNaaS or FWaaS services. Geneve will be used as the encapsulation method for tenant networks
 * A new answerfile was created in: /root/packstack-answers-20240527-202115.txt
 * Time synchronization installation was skipped. Please note that unsynchronized time on server instances might be problem for some OpenStack components.
 * File /root/keystonerc_admin has been created on OpenStack client host 192.168.93.109. To use the command line tools you need to source the file.
 * To access the OpenStack Dashboard browse to http://192.168.93.109/dashboard .
Please, find your login credentials stored in the keystonerc_admin in your home directory.
 * Because of the kernel update the host 192.168.93.109 requires reboot.
 * The installation log file is available at: /var/tmp/packstack/20240527-202114-nHpTBQ/openstack-setup.log
 * The generated manifests are available at: /var/tmp/packstack/20240527-202114-nHpTBQ/manifests
You have new mail in /var/spool/mail/root


################################################################
控制台消息的最后部分提示了环境变量文件与日志文件的位置，以及登录Dashboard的方法，根据提示在浏览器输入http://主机IP地址/dashboard，即可登录OpenStack的Horizon Web界面进行相关操作。Horizon可以与每个OpenStack项目API进行通信，所以使用此Web界面可以执行大部分任务
################################################################

• OpenStack安装完成之后，Linux虚拟网桥br-ex中的IP地址是临时的，需要生成对应的配置文件

[root@openstack ~]# ifconfig 
br-ex: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.24.4.1  netmask 255.255.255.0  broadcast 0.0.0.0
        inet6 fe80::88f0:69ff:fe95:7c48  prefixlen 64  scopeid 0x20<link>
        ether 8a:f0:69:95:7c:48  txqueuelen 1000  (Ethernet)
        RX packets 5  bytes 140 (140.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 8  bytes 656 (656.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.93.109  netmask 255.255.255.0  broadcast 192.168.93.255
        inet6 fe80::bea7:b4f2:a9b9:7246  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:6c:ac:38  txqueuelen 1000  (Ethernet)
        RX packets 425855  bytes 607761349 (579.6 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 69413  bytes 4880687 (4.6 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 192489  bytes 43053680 (41.0 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 192489  bytes 43053680 (41.0 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

################################################################
[root@openstack ~]# cd /etc/sysconfig/network-scripts/
[root@openstack network-scripts]# cp ifcfg-ens33 ifcfg-br-ex
[root@openstack network-scripts]# vim ifcfg-br-ex
TYPE=Ethernet
BOOTPROTO=static
NAME=br-ex
DEVICE=br-ex
ONBOOT=yes
IPADDR=172.14.4.1
NETMASK=255.255.255.0
[root@openstack network-scripts]# systemctl restart network
################################################################


# 至此OpenStack安装已完成。可根据控制台提示的信息，登录Dashboard实现对OpenStack各种资源管理#

三、通过Dashboard体验OpenStack功能

• Horizon是OpenStack的一个组件，同时也是OpenStack中的Dashboard（仪表盘，即Web控制台）的项目名，主要用于OpenStack的管理，其底层通过API和OpenStack其他组件进行通信，为管理员提供Web界面，以方便操作管理。

• 在客户端的浏览器地址栏输入http://192.168.93.109/dashboard，进入Dashboard的登录界面。需要主要的是，如果出现500错误页面，这是内部服务错误，可重新启动服务器解决问题
  

• 安装OpenStack后，在root用户的Home目录下会生成一个keystonerc_admin文件。该文件记录有keystone（OpenStack认证组件）认证的环境变量，包括用户名和登录密码。不同机器生成的默认密码是不同的

[root@openstack ~]# cat keystonerc_admin 
unset OS_SERVICE_TOKEN
	# 登录用户名
    export OS_USERNAME=admin
    # 登录密码
    export OS_PASSWORD='0c0978e5bf49417d'
    export OS_REGION_NAME=RegionOne
    export OS_AUTH_URL=http://192.168.93.109:5000/v3
    export PS1='[\u@\h \W(keystone_admin)]\$ '
    
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_IDENTITY_API_VERSION=3

• 在Web控制台中输入用户名和密码登陆后，是Dashboard的默认界面。如果登录后为英文界面，可以选择右上角进行语言设置。在用户设置中，选择语言为简体中文