PS: 原创作品，严禁用于商业目的。如有任何技术问题，欢迎和我交流：w104118078  （微信号）

一、基础环境准备

OpenStack云平台搭建需要两个节点：controller（控制节点），compute（计算节点）

控制节点（controller）规划如下：

        一块200G的硬盘。两块网卡，第一块网卡（桥接模式）IP地址使用192.168.100.100，第二块网卡（仅主机模式）IP地址使用192.168.200.100

计算节点（compute）规划如下：

        一块200G的硬盘和一块100G的硬盘。两块网卡，第一块网卡（桥接模式）IP地址使用192.168.100.200，第二块网卡（仅主机模式）IP地址使用192.168.200.200。

PS:  在VMware中将仅主机模式的DHCP服务关闭，并将网络分配地址更改为192.168.200.0        255.255.255.0

云平台搭建需要使用centos7.0版本的镜像和chinaskills_cloud_iaas.iso镜像，镜像提供如下：

centos7.0镜像链接：https://pan.baidu.com/s/1v0xOq7N6WSofosa7AEMb-A?pwd=chjx

iaas镜像链接：https://pan.baidu.com/s/1stR_BCNPUEYrIrOpzjItAA?pwd=chjx 

---

二、搭建OpenStack云平台

controller节点配置：

## 1.controller 网络配置

[root@controller ~]# vi /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
IPADDR=192.168.100.100
NETMASK=255.255.255.0
GATEWAY=192.168.100.1
DNS1=233.5.5.5
DNS2=114.114.114.114
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=4933c159-8fcb-4646-a29f-6b5c8b4e79f
DEVICE=ens33
ONBOOT=yes

[root@controller ~]# vi /etc/sysconfig/network-scripts/ifcfg-ens34
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
IPADDR=192.168.200.100
NETMASK=255.255.255.0
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens34
UUID=932fef43-d94a-4a84-9b3f-428a85af8858
DEVICE=ens34
ONBOOT=yes

## 2.修改主机名

[root@localhost ~]# hostnamectl set-hostname controller

[root@controller ~]# bash 

## 3.修改 hosts 文件将 IP 地址映射为主机名

[root@controller ~] vi /etc/hosts
192.168.100.100 controller
192.168.100.200 compute

## 4.关闭防火墙

[root@controller ~]# systemctl disable firewalld

[root@controller ~]# systemctl stop firewalld

## 5.设置seLinux

SELinux有两个级别：
强制、警告
setenforce 0 ：表示警告（Permissive）
setenforce 1 ：表示强制（Enforcing）

状态分为以下三种：
SELINUX=enforcing #selinux开启，级别为强制
SELINUX=permissive #selinux开启，级别为警告
SELINUX=disabled #selinux关闭

[root@controller ~]# setenforce 0        # 临时设置等级,重启失效

[root@controller ~]# vi /etc/selinux/conf        #  重启后，永久生效
SELINUX=permissive

## 6.配置Yum源

上传 CentOS 7 ISO镜像文件和iaas ISO镜像文件到controller主机root目录下面

[C:\~]$ scp D:\chinaskills_cloud_iaas.iso root@192.168.200.100:/root

[C:\~]$ scp D:\CentOS-7-x86_64-DVD-1804.iso root@192.168.200.100:/root

[root@controller ~]# ls
anaconda-ks.cfg  CentOS-7-x86_64-DVD-1804.iso  chinaskills_cloud_iaas.iso

挂载镜像到opt目录下（临时挂载，重启失效）

[root@controller ~]# mount -o loop chinaskills_cloud_iaas.iso /opt/iaas/
mount: /dev/loop is write-protected, mounting read-only

[root@controller ~]# mount -o loop CentOS-7-x86_64-DVD-1804.iso /opt/centos/
mount: /dev/loop is write-protected, mounting read-only

——————————————————————————————————————————————————————————————————————————————————————

[root@controller ~]# vi /etc/fstab       # 永久挂载

/dev/mapper/centos-root /                       xfs     defaults        0 0
UUID=fda6f1d5-b8c5-4401-a68b-b2ab67ed8370 /boot                   xfs     defaults        0 0
/dev/mapper/centos-swap swap                    swap    defaults        0 0

#添加以下内容
#镜像名称								挂载路径			格式		
/root/CentOS-7-x86_64-DVD-1804.iso      /opt/centos     iso9660 defaults        0 0
/root/chinaskills_cloud_iaas.iso        /opt/iaas       iso9660 defaults        0 0

[root@controller ~]# gzip /etc/yum.repo.d/*        # 使原yum源失效

[root@controller ~]# vi /etc/yum.repo.d/local.repo
[centos]
name=centos
baseurl=file:///opt/centos
gpgcheck=0
enabled=1
[iaas]
name=iaas
baseurl=file:///opt/iaas/iaas-repo
gpgcheck=0
enabled=1

[root@controller ~]# yum clean all        # 清除yum源缓存

[root@controller ~]# yum repolist        # 验证yum源

## 7.搭建vsftpd

[root@controller ~]# yum install -y vsftpd

[root@controller ~]# echo anon_root=/opt/ >> /etc/vsftpd/vsftpd.conf    # 修改vsftp 共享服务根目录

[root@controller ~]# systemctl enable vsftpd

[root@controller ~]# systemctl start vsftpd

## 8.时间同步配置

[root@controller ~]# yum -y install chrony

[root@controller ~]# vi /etc/chrony.conf        # 修改配置文件

server controller iburst
driftfile /var/lib/chrony/drift
makestep 1.0 3
rtcsync
allow 192.168.100.0/24
local stratum 10
logdir /var/log/chrony

[root@controller ~]# systemctl restart chronyd        # 重启chrony服务

[root@controller ~]# systemctl enable chronyd         # 设置开机自启动

compute节点配置：

## 1.compute 网络配置

[root@compute ~]# vi /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
IPADDR=192.168.100.200
NETMASK=255.255.255.0
GATEWAY=192.168.100.1
DNS1=233.5.5.5
DNS2=114.114.114.114
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=4933c159-8fcb-4646-a29f-6b5c8b4e79f8
DEVICE=ens33
ONBOOT=yes

[root@compute ~]# vi /etc/sysconfig/network-scripts/ifcfg-ens34
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
IPADDR=192.168.200.200
NETMASK=255.255.255.0
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens34
UUID=932fef43-d94a-4a84-9b3f-428a85af8858
DEVICE=ens34
ONBOOT=yes

## 2.修改主机名

[root@localhost ~]# hostnamectl set-hostname compute

[root@compute ~]# bash 

## 3.修改 hosts 文件将 IP 地址映射为主机名

[root@compute ~] vi /etc/hosts
192.168.100.100 compute
192.168.100.200 compute

## 4.关闭防火墙

[root@compute ~]# systemctl disable firewalld

[root@compute ~]# systemctl stop firewalld

## 5.设置seLinux

SELinux有两个级别：
强制、警告
setenforce 0 ：表示警告（Permissive）
setenforce 1 ：表示强制（Enforcing）

状态分为以下三种：
SELINUX=enforcing #selinux开启，级别为强制
SELINUX=permissive #selinux开启，级别为警告
SELINUX=disabled #selinux关闭

[root@compute ~]# setenforce 0        # 临时设置等级,重启失效

[root@compute ~]# vi /etc/selinux/conf        #  重启后，永久生效
SELINUX=permissive

## 6.配置Yum源

[root@compute ~]# gzip /etc/yum.repo.d/*        # 使原yum源失效

[root@compute ~]# vi /etc/yum.repo.d/local.repo
[centos]
name=centos
baseurl=ftp://controller/centos
gpgcheck=0
enabled=1
[iaas]
name=iaas
baseurl=ftp://controller/iaas/iaas-repo
gpgcheck=0
enabled=1

[root@compute ~]# yum clean all        # 清除yum源缓存

[root@compute ~]# yum repolist        # 验证yum源

## 7.时间同步设置

[root@compute ~]# yum -y install chrony

[root@compute ~]# vi /etc/chrony.conf

server controller iburst
driftfile /var/lib/chrony/drift
makestep 1.0 3
rtcsync
logdir /var/log/chrony

[root@compute ~]# systemctl restart chronyd        # 重启chrony服务

[root@compute ~]# chronyc sources -v
# 结尾显示为 ^* controller  则是同步成功

## 8.设置硬盘分区

[root@compute ~]# lsblk 
NAME            MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
sda               8:0    0   20G  0 disk 
├─sda1            8:1    0    1G  0 part /boot
└─sda2            8:2    0   19G  0 part 
  ├─centos-root 253:0    0   17G  0 lvm  /
  └─centos-swap 253:1    0    2G  0 lvm  [SWAP]
sdb               8:16   0  200G  0 disk 
sr0              11:0    1  4.2G  0 rom

[root@compute ~]# fdisk /dev/sdb

Command (m for help): n
Select (default p): p
Partition number (1-4, default 1): 
First sector (2048-419430399, default 2048): 
Using default value 2048
Last sector, +sectors or +size{K,M,G} (2048-419430399, default 419430399): +25G    # 输入 +25G ，将sdb 硬盘分区1 设置为25G大小

Command (m for help): n
Select (default p): p
Partition number (2-4, default 2): 
First sector (52430848-419430399, default 52430848): 
Using default value 52430848
Last sector, +sectors or +size{K,M,G} (52430848-419430399, default 419430399): +25G    # 
 输入 +20G ，将sdb 硬盘分区2 设置为25G大小
Partition 2 of type Linux and of size 25 GiB is set

Command (m for help): w        # 输入w更新磁盘并退出
The partition table has been altered!

三、正式搭建OpenStack云平台

controller节点配置：

[root@controller ~]# yum install -y iaas-xiandian

[root@controller ~]# vi /etc/xiandian/openrc.sh
命令模式下输入：:%s/^#//g                # 将#号去掉

 
#--------------------system Config--------------------##
#Controller Server Manager IP. example:x.x.x.x
HOST_IP=192.168.100.100        #controller节点的IP地址
 
#Controller HOST Password. example:000000 
HOST_PASS=000000
 
#Controller Server hostname. example:controller
HOST_NAME=controller
 
#Compute Node Manager IP. example:x.x.x.x
HOST_IP_NODE=192.168.100.200        #compute节点的IP地址
 
#Compute HOST Password. example:000000 
HOST_PASS_NODE=000000
 
#Compute Node hostname. example:compute
HOST_NAME_NODE=compute
 
#--------------------Chrony Config-------------------##
#Controller network segment IP.  example:x.x.0.0/16(x.x.x.0/24)
network_segment_IP=192.168.100.0/24        #controller节点所在的网段
 
#--------------------Rabbit Config ------------------##
#user for rabbit. example:openstack
RABBIT_USER=openstack
 
#Password for rabbit user .example:000000
RABBIT_PASS=000000
 
#--------------------MySQL Config---------------------##
#Password for MySQL root user . exmaple:000000
DB_PASS=000000
 
#--------------------Keystone Config------------------##
#Password for Keystore admin user. exmaple:000000
DOMAIN_NAME=demo        
ADMIN_PASS=000000
DEMO_PASS=000000
 
#Password for Mysql keystore user. exmaple:000000
KEYSTONE_DBPASS=000000
 
#--------------------Glance Config--------------------##
#Password for Mysql glance user. exmaple:000000
GLANCE_DBPASS=000000
 
#Password for Keystore glance user. exmaple:000000
GLANCE_PASS=000000
 
#--------------------Nova Config----------------------##
#Password for Mysql nova user. exmaple:000000
NOVA_DBPASS=000000
 
#Password for Keystore nova user. exmaple:000000
NOVA_PASS=000000
 
#--------------------Neturon Config-------------------##
#Password for Mysql neutron user. exmaple:000000
NEUTRON_DBPASS=000000
 
#Password for Keystore neutron user. exmaple:000000
NEUTRON_PASS=000000
 
#metadata secret for neutron. exmaple:000000
METADATA_SECRET=000000
 
#Tunnel Network Interface. example:x.x.x.x
INTERFACE_IP=192.168.100.100        #本机IP地址
 
#External Network Interface. example:eth1
INTERFACE_NAME=ens33
 
#External Network The Physical Adapter. example:provider
Physical_NAME=provider
 
#First Vlan ID in VLAN RANGE for VLAN Network. exmaple:101
minvlan=101
 
#Last Vlan ID in VLAN RANGE for VLAN Network. example:200
maxvlan=200
 
#--------------------Cinder Config--------------------##
#Password for Mysql cinder user. exmaple:000000
CINDER_DBPASS=000000
 
#Password for Keystore cinder user. exmaple:000000
CINDER_PASS=000000
 
#Cinder Block Disk. example:md126p3
BLOCK_DISK=sdb1        #compute节点的存储块
 
#--------------------Swift Config---------------------##
#Password for Keystore swift user. exmaple:000000
SWIFT_PASS=000000
 
#The NODE Object Disk for Swift. example:md126p4.
OBJECT_DISK=sdb2        #compute节点的存储块
 
#The NODE IP for Swift Storage Network. example:x.x.x.x.
STORAGE_LOCAL_NET_IP=192.168.100.200    #compute节点的IP地址
 
#--------------------Heat Config----------------------##
#Password for Mysql heat user. exmaple:000000
HEAT_DBPASS=000000
 
#Password for Keystore heat user. exmaple:000000
HEAT_PASS=000000
 
#--------------------Zun Config-----------------------##
#Password for Mysql Zun user. exmaple:000000
ZUN_DBPASS=000000
 
#Password for Keystore Zun user. exmaple:000000
ZUN_PASS=000000
 
#Password for Mysql Kuryr user. exmaple:000000
KURYR_DBPASS=000000
 
#Password for Keystore Kuryr user. exmaple:000000
KURYR_PASS=000000
 
#--------------------Ceilometer Config----------------##
#Password for Gnocchi ceilometer user. exmaple:000000
CEILOMETER_DBPASS=000000
 
#Password for Keystore ceilometer user. exmaple:000000
CEILOMETER_PASS=000000
 
#--------------------AODH Config----------------##
#Password for Mysql AODH user. exmaple:000000
AODH_DBPASS=000000
 
#Password for Keystore AODH user. exmaple:000000
AODH_PASS=000000
 
#--------------------Barbican Config----------------##
#Password for Mysql Barbican user. exmaple:000000
BARBICAN_DBPASS=000000
 
#Password for Keystore Barbican user. exmaple:000000
BARBICAN_PASS=000000

[root@controller ~]# source /etc/xiandian/openrc.sh        # 环境配置生效

[root@controller ~]# scp /etc/xiandian/openrc.sh root@compute:/etc/xiandian/openrc.sh    # 将controller节点的脚本拷贝到compute节点

compute节点配置：

[root@compute ~]# yum install -y iaas-xiandian

[root@compute ~]# vi /etc/xiandian/openrc.sh        # 修改脚本

INTERFACE_IP=192.168.100.200        #本机IP地址

 刷脚本：

controller节点：

  安装OpenStack包，配置域名解析，防火墙和Selinux，安装NTP服务等
​[root@controller ~]# iaas-pre-host.sh         # 刷完脚本后需要重启

PS：注意使用临时挂载的话，controller节点重启后，需要重新挂载yum源

  安装RabbitMQ服务、Mysql、memcahce等
[root@controller ~]# iaas-install-mysql.sh


  安装keystone服务包，创建Keystone数据库，配置数据库连接
[root@controller ~]# iaas-install-keystone.sh

  安装Glance镜像服务包，创建Glance数据库，配置数据库连接
[root@controller ~]# iaas-install-glance.sh

  安装nova
[root@controller ~]# iaas-install-nova-controller.sh

  安装neutron
[root@controller ~]# iaas-install-neutron-controller.sh

  安装Dashboard
[root@controller ~]# iaas-install-dashboard.sh

compute节点：

  安装OpenStack包，配置域名解析，防火墙和Selinux，安装NTP服务等
[root@compute ~]# iaas-pre-host.sh            # 刷完脚本后需要重启

  安装nova
[root@compute ~]# iaas-install-nova-compute.sh

  安装neutron
[root@compute ~]# iaas-install-neutron-compute.sh

四、 登录OpenStack云平台

在浏览器界面输入192.168.100.100/dashboard