\n\n| dashboard<\/td>\n | Horizon<\/td>\n | \u57fa\u4e8eOpenStack API \u63a5\u53e3\u4f7f\u7528 django \u5f00\u53d1\u7684 web \u7ba1\u7406\u670d\u52a1<\/td>\n<\/tr>\n |
\n| compute<\/td>\n | Nova<\/td>\n | \u901a\u8fc7\u865a\u62df\u5316\u6280\u672f\u63d0\u4f9b\u865a\u62df\u673a\u8ba1\u7b97\u8d44\u6e90\u6c60<\/td>\n<\/tr>\n |
\n| networking<\/td>\n | Neutron<\/td>\n | \u5b9e\u73b0\u4e86\u865a\u62df\u673a\u7684\u7f51\u7edc\u8d44\u6e90\u7ba1\u7406\uff0c\u5373\u865a\u62df\u673a\u7f51\u7edc<\/td>\n<\/tr>\n |
\n| object storage<\/td>\n | Swift<\/td>\n | \u5bf9\u8c61\u5b58\u50a8\uff0c\u9002\u7528\u4e8e\u4e00\u6b21\u5199\u5165\u591a\u6b21\u8bfb\u53d6\u3002\u5982\uff1a\u56fe\u7247\u3001ISO\u955c\u50cf<\/td>\n<\/tr>\n |
\n| block storage<\/td>\n | Cinder<\/td>\n | \u5757\u5b58\u50a8\uff0c\u63d0\u4f9b\u5b58\u50a8\u8d44\u6e90\u6c60\uff0c\u4fdd\u5b58\u865a\u62df\u673a\u7684\u78c1\u76d8\u955c\u50cf\u7b49\u4fe1\u606f<\/td>\n<\/tr>\n |
\n| identity service<\/td>\n | Keystone<\/td>\n | \u63d0\u4f9b\u8d26\u6237\u767b\u5f55\u5b89\u5168\u8ba4\u8bc1<\/td>\n<\/tr>\n |
\n| image service<\/td>\n | Glance<\/td>\n | \u63d0\u4f9b\u865a\u62df\u955c\u50cf\u7684\u6ce8\u518c\u548c\u5b58\u50a8\u7ba1\u7406<\/td>\n<\/tr>\n |
\n| telemetry<\/td>\n | Ceilometer<\/td>\n | \u63d0\u4f9b\u76d1\u63a7\u548c\u6570\u636e\u91c7\u96c6\uff0c\u8ba1\u91cf\u670d\u52a1<\/td>\n<\/tr>\n |
\n| orchestra<\/td>\n | Heat<\/td>\n | \u81ea\u52a8\u5316\u7ec4\u4ef6\u7684\u90e8\u7f72<\/td>\n<\/tr>\n |
\n| database service<\/td>\n | Trove<\/td>\n | \u63d0\u4f9b\u6570\u636e\u5e93\u5e94\u7528\u670d\u52a1<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n\u7248\u672c\u8bf4\u660e<\/h2>\n\u672c\u624b\u518c\u4ee5 ocata \u7248\u672c\u4e3a\u4f8b\u3002<\/p>\n \nAlpha<\/code>\uff1a\u5185\u90e8\u6d4b\u8bd5\u7248<\/li>\nDev<\/code>\uff1a\u5728\u8f6f\u4ef6\u5f00\u53d1\u8fc7\u7a0b\u4e2d\u5f00\u53d1\u8f6f\u4ef6\u7684\u4ee3\u53f7\uff0c\u76f8\u6bd4\u4e8e beta \u7248\uff0cdev \u7248\u672c\u53ef\u80fd\u51fa\u73b0\u7684\u66f4\u65e9<\/li>\nBeta<\/code>\uff1a\u6d4b\u8bd5\u7248\uff0c\u8fd9\u4e2a\u9636\u6bb5\u7684\u7248\u672c\u4e00\u822c\u4f1a\u52a0\u5165\u65b0\u7684\u529f\u80fd\u3002<\/li>\nRC<\/code>\uff08Release Candidate\uff09\uff1a\u53d1\u884c\u5019\u9009\u7248\u672c\uff0cRC\u7248\u4e0d\u4f1a\u518d\u52a0\u5165\u65b0\u529f\u80fd\uff0c\u4e3b\u8981\u7740\u91cd\u4e8e\u9664\u9519\u3002<\/li>\nGA<\/code>\uff08General Availablity\uff09\uff1a\u6b63\u5f0f\u53d1\u5e03\u7684\u7248\u672c\u3002<\/li>\n<\/ul>\n\u5b89\u88c5\u51c6\u5907<\/h2>\n1. \u67e5\u770b OpenStack yum \u7248\u672c<\/h3>\nyum list centos-release-openstack*<\/code><\/pre>\n2. \u5b89\u88c5 yum \u6e90\uff08\u8d1f\u8f7d\u670d\u52a1\u3001\u6570\u636e\u5e93\u3001memcache\u3001rabbitMQ\u670d\u52a1\u5668\u9664\u5916\uff09<\/h3>\nyum install -y centos-release-openstack-ocata.noarch\nyum install -y https:\/\/rdoproject.org\/repos\/rdo-release.rpm<\/code><\/pre>\n3. \u5404\u670d\u52a1\u5668\u5b89\u88c5 OpenStack \u5ba2\u6237\u7aef\u3001SElinux\u7ba1\u7406\u5305<\/h3>\nyum install -y python-openstackclient\nyum install -y openstack-selinux<\/code><\/pre>\n4. \u5b89\u88c5\u6570\u636e\u5e93<\/h3>\nopenstack \u5404\u7ec4\u4ef6\u90fd\u8981\u4f7f\u7528\u6570\u636e\u5e93\u4fdd\u5b58\u6570\u636e\uff0c\u9664\u4e86 nova \u4f7f\u7528 API \u4e0e\u5176\u4ed6\u7ec4\u4ef6\u8fdb\u884c\u8c03\u7528\u3002<\/p>\n yum install -y mariadb python2-PyMySQL #\u7528\u4e8e\u63a7\u5236\u7aef\u8fde\u63a5\u6570\u636e\u5e93\nyum install -y mariadb-server #\u5b89\u88c5\u6570\u636e\u5e93<\/code><\/pre>\n5. \u914d\u7f6e\u6570\u636e\u5e93<\/h3>\n## vim \/etc\/my.cnf.d\/openstack.cnf\n[mysqld]\nbind-address = 192.168.10.204 #\u6307\u5b9a\u76d1\u542c\u5730\u5740\ndefault-storage-engine = innodb #\u9ed8\u8ba4\u5f15\u64ce\ninnodb_file_per_table = on #\u5f00\u542f\u6bcf\u4e2a\u8868\u90fd\u6709\u72ec\u7acb\u8868\u7a7a\u95f4\nmax_connections = 4096 #\u6700\u5927\u8fde\u63a5\u6570\ncollation-server = utf8_general_ci #\u4e0d\u533a\u5206\u5927\u5c0f\u5199\u6392\u5e8f\ncharacter-set-server = utf #\u8bbe\u7f6e\u7f16\u7801<\/code><\/pre>\n\u914d\u7f6e \/etc\/my.cnf<\/code><\/p>\n[mysqld]\nsocket=\/var\/lib\/mysql\/mysql.sock\nuser=mysql\nsymbolic-links=0\ndatadir=\/data\/mysql\ninnodb_file_per_table=1\n#skip-grant-tables\nrelay-log=\/data\/mysql\nserver-id=10\nlog-error=\/data\/mysql-log\/mysql_error.txt\nlog-bin=\/data\/mysql-binlog\/master-log\n#general_log=ON\n#general_log_file=\/data\/general_mysql.log\nlong_query_time=5\nslow_query_log=1\nslow_query_log_file=\/data\/mysql-log\/slow_mysql.txt\nmax_connections=10000\nbind-address=192.168.10.204\n\n[client]\nport=3306\nsocket=\/var\/lib\/mysql\/mysql.sock\n\n[mysqld_safe]\nlog-error=\/data\/mysql-log\/mysqld-safe.log\npid-file=\/var\/lib\/mysql\/mysql.sock<\/code><\/pre>\n6. \u521b\u5efa\u6570\u636e\u76ee\u5f55\u5e76\u6388\u6743<\/h3>\nmkdir -pv \/data\/{mysql,mysql-log,mysql-binlog}\nchown -R mysql.mysql \/data\/<\/code><\/pre>\n7. \u542f\u52a8 MariaDB \uff0c\u5e76\u9a8c\u8bc1<\/h3>\n8. \u5b89\u88c5 keepalived<\/h3>\nwget http:\/\/www.keepalived.org\/software\/keepalived-1.3.6.tar.gz\ntar xf keepalived-1.3.6.tar.gz\ncd keepalived-1.3.6\nyum install libnfnetlink-devel libnfnetlink ipvsadm libnl libnl-devel libnl3 libnl3-devel lm_sensors-libs net-snmp-agent-libs net-snmp-libs openssh-server openssh-clients openssl openssl-devel tree sudo psmisc lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute\n.\/configure --prefix=\/usr\/local\/keepalived --disable-fwmark && make && make install\ncp \/usr\/loca\/src\/keepalived-1.3.6\/keepalived\/etc\/init.d\/keepalived.rh.init \/etc\/sysconfig\/keepalived.sysconfig\ncp \/usr\/local\/src\/keepalived-1.3.6\/keepalived\/keepalived.service \/usr\/lib\/systemd\/system\/\ncp \/usr\/local\/src\/keepalived-1.3.6\/bin\/keepalived \/usr\/sbin\/<\/code><\/pre>\n9. \u51c6\u5907 keepalived \u914d\u7f6e\u6587\u4ef6<\/h3>\nmaster\u670d\u52a1\u5668\uff1avim \/etc\/keepalived\/keepalived.conf<\/code><\/p>\nvrrp_instance VI_1 {\n state MASTER\n interface eth0\n virtual_router_id 1\n priority 100\n advert_int 1\n unicast_src_ip 192.168.10.204\n unicast_peer {\n 192.168.10.205\n }\n\n authentication {\n auth_type PASS\n auth_pass 123456\n }\n virtual_ipaddress {\n 192.168.10.100\/24 dev eth0 label eth0:0\n }\n}<\/code><\/pre>\nbackup\u670d\u52a1\u5668\uff1avim \/etc\/keepalived\/keepalived.conf<\/code><\/p>\nvrrp_instance VI_1 {\n state BACKUP\n interface eth0\n virtual_router_id 1\n priority 50\n advert_int 1\n unicast_src_ip 192.168.10.205\n unicast_peer {\n 192.168.10.204\n }\n\n authentication {\n auth_type PASS\n auth_pass 123456\n }\n virtual_ipaddress {\n 192.168.10.100\/24 dev eth0 label eth0:0\n }\n}<\/code><\/pre>\n10. \u542f\u52a8\u5e76\u9a8c\u8bc1keepalived<\/h3>\nsystemctl enable keepalived\nsystemctl start keepalived<\/code><\/pre>\n11. \u5b89\u88c5 haproxy<\/h3>\nwget http:\/\/www.haproxy.org\/download\/1.7\/src\/haproxy-1.7.9.tar.gz\ntar xvf haproxy-1.7.9.tar.gz\ncd haproxy-1.7.9\nmake TARGET=linux2628 USE=PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 PREFIX=\/usr\/local\/haproxy\nmake install PREFIX=\/usr\/local\/haproxy\ncp .\/haproxy-systemd-wrapper \/usr\/sbin\/haproxy-systemd-wrapper\ncp .\/haproxy \/usr\/sbin\/haproxy<\/code><\/pre>\n12. \u51c6\u5907haproxy\u542f\u52a8\u811a\u672c vim \/usr\/lib\/systemd\/system\/haproxy.service<\/code><\/h3>\n[Unit]\nDescription=HAProxy Load Balancer\nAfter=syslog.target network.target\n\n[Service]\nEnvironmentFile=\/etc\/sysconfig\/haproxy\nExecStart=\/usr\/sbin\/haproxy-systemd-wrapper -f \/etc\/haproxy\/haproxy.cfg -p \/run\/haproxy.pid $OPTIONS\nExecReload=\/biiin\/kill -USR2 $MAINPID\n\n[Install]\nWantedBy=multi-user.target<\/code><\/pre>\n13. \u51c6\u5907\u7cfb\u7edf\u914d\u7f6e\u6587\u4ef6 vim \/etc\/sysconfig\/haproxy<\/code><\/h3>\nOPTIONS=""<\/code><\/pre>\n14. \u4fee\u6539\u4e3b\u914d\u7f6e\u6587\u4ef6 mkdir \/var\/lib\/haproxy;mkdir \/etc\/haprxy;vim \/etc\/haproxy\/haproxy.cfg<\/code><\/h3>\nglobal\nmaxconn 100000\nuid 99\ndaemon\nnbproc 1\nlog 127.0.0.1 local0 info\nchroot \/usr\/local\/haproxy\nstats socket \/var\/lib\/haproxy\/haproxy.socket mode 600 level admin\n\ndefaults\noption redispatch #\u5f53 serverId \u5bf9\u5e94\u7684\u670d\u52a1\u5668\u6302\u6389\u540e\uff0c\u5f3a\u5236\u5b9a\u5411\u5230\u5176\u4ed6\u5065\u5eb7\u7684\u670d\u52a1\u5668\noption abortonclose #\u5f53\u670d\u52a1\u5668\u8d1f\u8f7d\u5f88\u9ad8\u7684\u65f6\u5019\uff0c\u81ea\u52a8\u7ed3\u675f\u6389\u5f53\u524d\u961f\u5217\u5904\u7406\u6bd4\u8f83\u4e45\u7684\u94fe\u63a5\noption http-keep-alive\noption forwardfor\nmaxconn 100000\nmode http\ntimeout connect 10s #\u8fde\u63a5\u5230\u4e00\u53f0\u670d\u52a1\u5668\u7684\u6700\u957f\u7b49\u5f85\u65f6\u95f4\ntimeout client 20s #\u8fde\u63a5\u5ba2\u6237\u7aef\u53d1\u9001\u6570\u636e\u6700\u957f\u7b49\u5f85\u65f6\u95f4\ntimeout server 30s #\u670d\u52a1\u5668\u56de\u5e94\u5ba2\u6237\u7aef\u53d1\u9001\u6570\u636e\u6700\u957f\u7b49\u5f85\u65f6\u95f4\ntimeout check 5s #\u5bf9\u540e\u7aef\u670d\u52a1\u5668\u7684\u68c0\u6d4b\u8d85\u65f6\u65f6\u95f4\n\nlisten stats\nmode http\nbind 0.0.0.0:9999\nstats enable\nlog global\nstats uri \/haproxy-status\nstats auth haadmin:33445566\n\nfrontend test\n bind 192.168.10.100:80\n mode http\n default_backend test_http_nodes\n\nbackend test_http_nodes\n mode http\n balance source\n server 127.0.0.1 127.0.0.1:80 check inter 2000 fall 3 rise 5<\/code><\/pre>\n15. \u5404\u8d1f\u8f7d\u670d\u52a1\u5668\u914d\u7f6e\u5185\u6838\u53c2\u6570 vim \/etc\/sysctl.conf<\/code><\/h3>\nnet.ipv4.ip_nonlocal_bind = 1\nnet.ipv4.ip_forward = 1<\/code><\/pre>\n16. \u542f\u7528 haproxy<\/h3>\nsysctl -p\nsystemctl start haproxy\nsystemctl enable haproxy<\/code><\/pre>\n17. \u5b89\u88c5 rabbitMQ<\/h3>\nyum install -y rabbitmq-server\nsystemctl enable rabbitmq-server.service\nsystemctl start rabbitmq-server.service<\/code><\/pre>\n18. \u6dfb\u52a0 rabbitMQ \u5ba2\u6237\u7aef\u7528\u6237\u5e76\u8bbe\u7f6e\u5bc6\u7801<\/h3>\nrabbitmqctl add_user openstack 123456<\/code><\/pre>\n19. \u8d4b\u4e88 openstack \u7528\u6237\u8bfb\u5199\u6743\u9650<\/h3>\nrabbitmqctl set_permissions openstack ".*" ".*" ".*"<\/code><\/pre>\n20. \u6253\u5f00 rabbitMQ \u7684 web \u63d2\u4ef6<\/h3>\nrabbitmq-plugins enable rabbitmq_management\nrabbitmq-plugins list #\u67e5\u770b\u63d2\u4ef6<\/code><\/pre>\n21. \u5b89\u88c5 memcached<\/h3>\n\u7528\u4e8e\u7f13\u5b58 openstack \u5404\u670d\u52a1\u7684\u8eab\u4efd\u8ba4\u8bc1\u4ee4\u724c\u4fe1\u606f\u3002<\/p>\n yum install -y memcached\nyum install -y python-memcached #openstack \u5b89\u88c5 python \u6a21\u5757<\/code><\/pre>\n22. \u7f16\u8f91memcached\u914d\u7f6e\u6587\u4ef6 vim \/etc\/sysconfig\/memcached<\/code><\/h3>\nPORT="11212" #\u907f\u514d\u548chaproxy\u76d1\u542c\u768411211\u51b2\u7a81\nUSER="memcached"\nMAXCONN="1024"\nCACHESIZE="512"\nOPTIONS="-l 192.168.10.205"<\/code><\/pre>\n23. \u542f\u52a8memcached<\/h3>\nsystemctl enable memcached\nsystemctl start memcached<\/code><\/pre>\n\u90e8\u7f72\u8ba4\u8bc1\u670d\u52a1 keystone<\/h2>\nkeystone \u4e3b\u8981\u6d89\u53ca\u4ee5\u4e0b\u51e0\u4e2a\u6982\u5ff5\uff1a<\/p>\n \nUser<\/code>\uff1a\u4f7f\u7528 openstack \u7684\u7528\u6237\u3002<\/li>\nTenant<\/code>\uff1a\u79df\u6237\u3001\u7528\u6237\u7ec4\uff0c\u5728\u4e00\u4e2a\u79df\u6237\u4e2d\u53ef\u4ee5\u6709\u591a\u4e2a\u7528\u6237\uff0c\u8fd9\u4e9b\u7528\u6237\u53ef\u4ee5\u6839\u636e\u6743\u9650\u7684\u5212\u5206\uff0c\u4f7f\u7528\u79df\u6237\u4e2d\u7684\u8d44\u6e90\u3002<\/li>\nRole<\/code>\uff1a\u89d2\u8272\uff0c\u7528\u4e8e\u5206\u914d\u64cd\u4f5c\u7684\u6743\u9650\u3002\u89d2\u8272\u53ef\u4ee5\u88ab\u6307\u5b9a\u7ed9\u7528\u6237\uff0c\u4f7f\u5f97\u8be5\u7528\u6237\u83b7\u5f97\u89d2\u8272\u5bf9\u5e94\u7684\u64cd\u4f5c\u6743\u9650\u3002<\/li>\nToken<\/code>\uff1a\u4e00\u4e32\u6bd4\u7279\u503c\u6216\u5b57\u7b26\u4e32\uff0c\u7528\u6765\u4f5c\u4e3a\u8bbf\u95ee\u8d44\u6e90\u7684\u51e0\u53f7\u3002Token\u4e2d\u542b\u6709\u53ef\u8bbf\u95ee\u8d44\u6e90\u7684\u8303\u56f4\u548c\u6709\u6548\u65f6\u95f4\u3002<\/li>\n<\/ul>\n1. keystone \u6570\u636e\u5e93\u914d\u7f6e<\/h3>\nCREATE DATABASE keystone;\nGRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' identified by 'keystone';\nFLUSH PRIVILEGES;<\/code><\/pre>\n2. \u914d\u7f6e haproxy \u4ee3\u7406<\/h3>\n###openstack-mysql#######\nfrontend openstack_mysql\n bind 192.168.10.100:3306\n mode tcp\n default_backend openstack_mysql_node\n\nbackend openstack_mysql_node\n mode tcp\n balance source\n server 192.168.10.204 192.168.10.204:3306 check inter 2000 fall 3 rise 5\n\n###openstack-memcached########\nfrontend openstack_memcached\n bind 192.168.10.100:11211\n mode tcp\n default_backend openstack_memcached_node\n\nbackend openstack_memcached_node\n mode tcp\n balance source\n server 192.168.10.100 192.168.10.100:11212 check inter 2000 fall 3 rise 5<\/code><\/pre>\n3. \u5b89\u88c5 keystone<\/h3>\nyum install -y openstack-keystone httpd mod_wsgi python-memcached\n## openstack-keystone \u662f keystone \u670d\u52a1\n## mod_wsgi \u662f python \u7684\u901a\u7528\u7f51\u5173<\/code><\/pre>\n4. \u7f16\u8f91 keystone \u914d\u7f6e\u6587\u4ef6<\/h3>\nopenssl rand -hex 10 ## \u751f\u6210\u4e34\u65f6 token\nvim \/etc\/keystone\/kestone.conf\n\nadmin_token = xxxxxxxxxxxxx #\u5927\u698217\u884c\uff0c\u6539\u4e3a\u4e0a\u9762\u751f\u6210\u7684\u4e34\u65f6token\nconnection = mysql+pymysql:\/\/keystone:keystone@192.168.10.100\/keystone #\u5927\u6982714\u884c\nprovider = fernet #\u5927\u69822833\u884c<\/code><\/pre>\n5. \u521d\u59cb\u5316\u5e76\u9a8c\u8bc1\u6570\u636e\u5e93<\/h3>\nsu -s \/bin\/sh -c "keystone-manage db_sync" keystone\n\n#\u9a8c\u8bc1\u662f\u5426\u5df2\u7ecf\u6709\u8868\nUSE keystone;\nSHOW tables;<\/code><\/pre>\n6. \u521d\u59cb\u5316\u8bc1\u4e66\u5e76\u9a8c\u8bc1<\/h3>\nkeystone-manage fernet_setup --keystone-user keystone --keystone-group keystone\nkeystone-manage credential_setup --keystone-user keystone --keystone-group keystone<\/code><\/pre>\n7. \u6dfb\u52a0 keystone \u7684web\u914d\u7f6e<\/h3>\n#vim \/etc\/httpd\/conf\/httpd.conf\nServerName 192.168.10.201:80\n\n#\u8f6f\u94fe\u63a5\u914d\u7f6e\u6587\u4ef6\nln -s \/usr\/share\/keystone\/wsgi-keystone.conf \/etc\/httpd\/conf.d\/\n\n#\u542f\u52a8apache\nsystemctl start httpd\nsystemctl enable httpd<\/code><\/pre>\n8. \u521b\u5efa\u57df\u3001\u7528\u6237\u3001\u9879\u76ee\u548c\u89d2\u8272<\/h3>\n\n- \u901a\u8fc7admin\u7684token\u8bbe\u7f6e\u73af\u5883\u53d8\u91cf\n
export OS_TOKEN=xxxxxxxxxxxxxxxxx\nexport OS_URL=http:\/\/192.168.10.201:35357\/v3\nexport OS_IDENTITY_API_VERSION=3<\/code><\/pre>\n<\/li>\n- \u521b\u5efa\u9ed8\u8ba4\u57df \u4e00\u5b9a\u8981\u5148\u8bbe\u7f6e\u73af\u5883\u53d8\u91cf\uff0c\u5426\u5219\u63d0\u793a\u672a\u8ba4\u8bc1<\/font>\n
openstack domain create --description \"Default Domain\" default<\/code><\/pre>\n<\/li>\n- \u521b\u5efa\u4e00\u4e2a admin \u7684\u9879\u76ee\n
openstack project create --domain default --description \"Admin Project\" admin<\/code><\/pre>\n<\/li>\n- \u521b\u5efa admin \u7528\u6237\uff0c\u5e76\u8bbe\u7f6e\u5bc6\u7801\u4e3a admin\n
openstack user create --domain default --password-prompt admin<\/code><\/pre>\n<\/li>\n- \u521b\u5efa admin \u89d2\u8272
\n\u4e00\u4e2a\u9879\u76ee\u91cc\u9762\u53ef\u4ee5\u6709\u591a\u4e2a\u89d2\u8272\uff0c\u76ee\u524d\u89d2\u8272\u53ea\u80fd\u521b\u5efa\u5728 \/etc\/keystone\/policy.json<\/code> \u6587\u4ef6\u4e2d\u5b9a\u4e49\u597d\u7684\u89d2\u8272\u3002<\/p>\nopenstack role create admin<\/code><\/pre>\n<\/li>\n- \u7ed9 admin \u7528\u6237\u6388\u6743
\n\u5c06admin\u4e0e\u7528\u6237\u6388\u4e88admin\u9879\u76ee\u7684admin\u89d2\u8272\u3002<\/p>\nopenstack role add --project admin --user admin admin<\/code><\/pre>\n<\/li>\n<\/ul>\n9. \u521b\u5efa demo \u9879\u76ee<\/h3>\n\u8be5\u9879\u76ee\u53ef\u7528\u4e8e\u6f14\u793a\u6216\u6d4b\u8bd5\u7b49\u3002<\/p>\n openstack project create --domain default --description "Demo project" demo\nopenstack user create --domain default --password-prompt demo\nopenstack role create user \nopenstack role add --project demo --user demo user<\/code><\/pre>\n10. \u521b\u5efa service \u9879\u76ee<\/h3>\n\u5404\u670d\u52a1\u4e4b\u95f4\u4e0e keystone \u8fdb\u884c\u8bbf\u95ee\u548c\u8ba4\u8bc1\uff0cservice \u7528\u4e8e\u7ed9\u670d\u52a1\u521b\u5efa\u7528\u6237\u3002<\/p>\n #\u521b\u5efaservice\u9879\u76ee\nopenstack project create -domain default --description "Service Project" service\n\n#\u521b\u5efaglance\u7528\u6237\nopenstack user create --domain default --password-prompt glance\n\n#\u5bf9glance\u7528\u6237\u6388\u6743\uff08\u6dfb\u52a0\u5230service\u9879\u76ee\uff0c\u5e76\u6388\u4e88admin\u89d2\u8272\uff09\nopenstack role add --project service --user glance admin<\/code><\/pre>\n11. \u521b\u5efa nova\u3001neutron \u7528\u6237<\/h3>\nopenstack user create --domain default --password-prompt nova\nopenstack role add --project service --user nova admin\n\nopenstack user create --domain default --password-prompt neutron\nopenstack role add --project service --user neutron admin<\/code><\/pre>\n12. \u5c06 keystone \u670d\u52a1\u6ce8\u518c\u5230 openstack<\/h3>\n#\u521b\u5efa\u4e00\u4e2akeystone\u8ba4\u8bc1\u670d\u52a1\nopenstack service list ## \u67e5\u770b\u5f53\u524d\u7684\u670d\u52a1\u5217\u8868\nopenstack service create --name keystone --description "Openstack Identity" identity\n\n#\u521b\u5efaendpoint\uff08\u5982\u679c\u51fa\u73b0\u9519\u8bef\uff0c\u9700\u8981\u5168\u90e8\u5220\u9664\u518d\u91cd\u65b0\u6ce8\u518c\u3002\u6ce8\u518c\u7684IP\u5730\u5740\u5199keepalived\u7684VIP\uff09\nopenstack endpoint create --region RegionOne identity public http:\/\/192.168.10.100:5000\/v3 #\u516c\u5171\u7aef\u70b9\nopenstack endpoint create --region RegionOne identity internal http:\/\/192.168.10.100:5000\/v3 #\u79c1\u6709\u7aef\u70b9\nopenstack endpoint create --region RegionOne identity admin http:\/\/192.168.10.100:35357\/v3 #\u7ba1\u7406\u7aef\u70b9<\/code><\/pre>\n13. \u914d\u7f6ehaproxy\uff0c\u6dfb\u52a0keystone\u4ee3\u7406 vim \/etc\/haproxy\/haproxy.cfg<\/code><\/h3>\nlisten keystone-public-url\n bind 192.168.10.100:5000\n mode tcp\n log global\n balance source\n server keystone1 192.168.10.201:5000 check inter 5000 rise 3 fall 3\n\nlisten keystone-admin-url\n bind 192.168.10.100:35357\n mode tcp\n log global\n balance source\n server keystone1 192.168.10.201:35357 check inter 5000 rise 3 fall 3<\/code><\/pre>\n14. \u91cd\u542fhaproxy\uff0c\u5e76\u9a8c\u8bc1\u8bbf\u95ee<\/h3>\nsystemctl restart haproxy\ntelnet 192.168.10.100 5000<\/code><\/pre>\n15. \u6d4b\u8bd5 keystone \u662f\u5426\u53ef\u4ee5\u505a\u7528\u6237\u9a8c\u8bc1<\/h3>\n\u9a8c\u8bc1 admin \u7528\u6237\uff0c\u5bc6\u7801 admin<\/p>\n export OS_IDENTITY_API_VERSION=3\nopenstack --os-auth-url http:\/\/192.168.10.100:35357\/v3 --os-project-domain-name default --os-user-domain-name default --os-project-name admin --os-username admin token issue<\/code><\/pre>\n16. \u8bbe\u7f6e\u73af\u5883\u53d8\u91cf\u7684\u811a\u672c<\/h3>\nadmin\u7528\u6237\uff1avim admin-ocata.sh<\/code><\/p>\n#!\/bin\/bash\nexport OS_PROJECT_DOMAIN_NAME=default\nexport OS_USER_DOMAIN_NAME=default\nexport OS_PROJECT_NAME=admin\nexport OS_USERNAME=admin\nexport OS_PASSWORD=admin\nexport OS_AUTH_URL=http:\/\/192.168.10.100:35357\/v3\nexport OS_IDENTITY_API_VERSION=3\nexport OS_IMAGE_API_VERSION=2<\/code><\/pre>\nDemo\u7528\u6237\uff1avim demo-ocata.sh<\/code><\/p>\n#!\/bin\/bash\nexport OS_PROJECT_DOMAIN_NAME=default\nexport OS_USER_DOMAIN_NAME=default\nexport OS_PROJECT_NAME=demo\nexport OS_USERNAME=demo\nexport OS_PASSWORD=demo\nexport OS_AUTH_URL=http:\/\/192.168.10.100:5000\/v3\nexport OS_IDENTITY_API_VERSION=3\nexport OS_IMAGE_API_VERSION=2<\/code><\/pre>\n\u90e8\u7f72\u955c\u50cf\u670d\u52a1 Glance<\/h2>\nglance\u670d\u52a1\u9ed8\u8ba4\u76d1\u542c\u7aef\u53e3\u4e3a9292<\/code>\uff0c\u9700\u8981\u5148\u628a\u955c\u50cf\u4e0a\u4f20\u5230 glance\uff0c\u67e5\u770b\u3001\u5220\u9664\u7b49\u64cd\u4f5c\u90fd\u662f\u901a\u8fc7 glance \u8fdb\u884c\u7ba1\u7406\u3002
\nglance\u6709\u4e24\u4e2a\u4e3b\u8981\u7684\u670d\u52a1\uff1a<\/p>\n\nglance-api<\/code>\uff1a\u63a5\u6536\u955c\u50cf\u7684\u5220\u9664\u3001\u4e0a\u4f20\u3001\u8bfb\u53d6\u7b49\uff1b<\/li>\nglance-Registry<\/code>\uff1a\u8d1f\u8d23\u4e0emysql\u4ea4\u4e92\uff0c\u7528\u4e8e\u5b58\u50a8\u6216\u83b7\u53d6\u955c\u50cf\u7684\u5143\u6570\u636e\uff08metadata\uff09\uff0c\u9ed8\u8ba4\u76d1\u542c\u7aef\u53e3\u4e3a9191<\/code>\u3002<\/li>\n<\/ul>\nglance\u6570\u636e\u5e93\u6709\u4e24\u5f20\u8868\uff1a<\/p>\n \nimage<\/code>\uff1a\u5b58\u653e\u955c\u50cf\u683c\u5f0f\u3001\u5927\u5c0f\u7b49\u4fe1\u606f\uff1b<\/li>\nimage property<\/code>\uff1a\u5b58\u653e\u955c\u50cf\u7684\u5b9a\u5236\u5316\u4fe1\u606f\uff1b<\/li>\n<\/ul>\nimage store<\/code> \u662f\u4e00\u4e2a\u5b58\u50a8\u7684\u63a5\u53e3\u5c42\uff0c\u901a\u8fc7\u8fd9\u4e2a\u63a5\u53e3 glance \u53ef\u4ee5\u83b7\u53d6\u955c\u50cf\u3002\u652f\u6301\u7684\u5b58\u50a8\u6709 Amazon \u7684 S3\u3001openstack \u672c\u8eab\u7684 swift\u3001\u8fd8\u6709 ceph\u3001glusterFS \u7b49\u5206\u5e03\u5f0f\u5b58\u50a8\u3002
\nglance \u4e0d\u9700\u8981\u914d\u7f6e\u6d88\u606f\u961f\u5217\uff0c\u4f46\u662f\u9700\u8981\u914d\u7f6e\u6570\u636e\u5e93\u548ckeystone\u3002<\/p>\n1. \u5b89\u88c5 glance<\/h3>\nyum install -y openstack-glance<\/code><\/pre>\n2. \u521b\u5efa\u6570\u636e\u5e93\u7528\u6237<\/h3>\nCREATE DATABASE glance;\nGRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' identified by 'glance';\nFLUSH PRIVILEGES;<\/code><\/pre>\n3. \u7f16\u8f91 glance-api \u914d\u7f6e\u6587\u4ef6 grep -n "^[a-Z\\[]" \/etc\/glance\/glance-api.conf<\/code><\/h3>\n[database]\nconnection = mysql+pymysql:\/\/glance:glance@192.168.10.100\/glance\n[glance_store]\nstores = file,http\ndefault_store = file\nfilesystem_store_datadir = \/var\/lib\/glance\/images\n[keystone_authtoken]\nauth_url = http:\/\/192.168.10.100:5000\nauth_url = http:\/\/192.168.10.100:35357\nmemcached_servers = 192.168.10.100:11211\nauth_type = password\nproject_domain_name = default\nuser_domain_name = default\nproject_name = service\nusername = glance\npassword = glance\n[paste_deploy]\nflavor = keystone<\/code><\/pre>\n4. \u7f16\u8f91 glance-registry \u914d\u7f6e\u6587\u4ef6 vim \/etc\/glance\/glance-registry.conf<\/code><\/h3>\n[database]\nconnection = mysql+pymysql:\/\/glance:glance@192.168.10.100\/glance\n[keystone_authtoken]\nauth_url = http:\/\/192.168.10.100:5000\nauth_url = http:\/\/192.168.10.100:35357\nmemcached_servers = 192.168.10.100:11211\nauth_type = password\nproject_domain_name = default\nuser_domain_name = default\nproject_name = service\nusername = glance\npassword = glance\n[paste_deploy]\nflavor = keystone<\/code><\/pre>\n5. \u914d\u7f6e haproxy \u4ee3\u7406 glance vim \/etc\/haproxy\/haproxy.cfg<\/code><\/h3>\nlisten glance-api\n bind 192.168.10.100:9292\n mode tcp\n log global\n balance source\n server glance-api1 192.168.10.201:9292 check inter 5000 rise 3 fall 3\n\nlisten glance\n bind 192.168.10.100:9191\n mode tcp\n log global\n balance source\n server glance1 192.168.10.201:9191 check inter 5000 rise 3 fall 3<\/code><\/pre>\n6. \u91cd\u542f haproxy<\/h3>\nsystemctl restart haproxy<\/code><\/pre>\n7. \u521d\u59cb\u5316 glance \u6570\u636e\u5e93<\/h3>\nsu -s \/bin\/sh -c "glance-manage db_sync" glance<\/code><\/pre>\n8. \u542f\u52a8 glance<\/h3>\nsystemctl enable openstack-glance-api.service openstack-glance-registry.service\nsystemctl start openstack-glance-api.service openstack-glance-registry.service<\/code><\/pre>\n9. \u6ce8\u518c glance \u670d\u52a1<\/h3>\n#\u8bbe\u7f6e\u73af\u5883\u53d8\u91cf\uff08\u811a\u672c\u5185\u5bb9\u5728\u4e0a\u9762\uff09\nsource admin-ocata.sh\n\n#\u521b\u5efaglance\u670d\u52a1\nopenstack service create --name glance --description "OpenStack Image" image\n\n#\u521b\u5efa\u5171\u6709endpoint\nopenstack endpoint create --region RegionOne image public http:\/\/192.168.10.100:9292\n\n#\u521b\u5efa\u79c1\u6709endpoint\nopenstack endpoint create --region RegionOne image internal http:\/\/192.168.10.100:9292\n\n#\u521b\u5efa\u7ba1\u7406endp\nopenstack endpoint create --region RegionOne image admin http:\/\/192.168.10.100:9292<\/code><\/pre>\n10. \u9a8c\u8bc1glance\u670d\u52a1<\/h3>\nopenstack endpoint list<\/code><\/pre>\n11. \u4e0a\u4f20\u955c\u50cf\uff0c\u5e76\u9a8c\u8bc1<\/h3>\nwget http:\/\/download.cirros-cloud.net\/0.3.4\/cirros-0.3.4-x86_64-disk.img\nsource admin-ocata.sh\nopenstack image create "cirros" --file \/root\/cirros-0.3.4-x86_64-disk.img --disk-format qcow2 --container-format bare --public\n\n#\u67e5\u770b\u662f\u5426\u6709\u955c\u50cf\nglance image-list\nopenstack image list\n\n#\u67e5\u770b\u6307\u5b9a\u955c\u50cf\u4fe1\u606f\nopenstack-image show cirros<\/code><\/pre>\n\u90e8\u7f72 nova \u63a7\u5236\u8282\u70b9<\/h2>\nnova \u662f openstack \u6700\u65e9\u7684\u7ec4\u4ef6\u4e4b\u4e00\uff0c\u5206\u4e3a\u63a7\u5236\u8282\u70b9<\/strong>\u548c\u8ba1\u7b97\u8282\u70b9<\/strong>\u3002
\n\u8ba1\u7b97\u8282\u70b9\u901a\u8fc7 nova computer \u8fdb\u884c\u865a\u62df\u673a\u521b\u5efa\uff0c\u901a\u8fc7 libvirt \u8c03\u7528 kvm \u521b\u5efa\u865a\u62df\u673a\uff0cnova \u4e4b\u95f4\u901a\u4fe1\u901a\u8fc7 rabbitMQ \u961f\u5217\uff0c\u5176\u7ec4\u4ef6\u548c\u529f\u80fd\u5982\u4e0b\uff1a<\/p>\n\nAPI<\/code>\uff1a\u8d1f\u8d23\u63a5\u6536\u548c\u54cd\u5e94\u5916\u90e8\u8bf7\u6c42\uff1b<\/li>\nScheduler<\/code>\uff1a\u8d1f\u8d23\u8c03\u5ea6\u865a\u62df\u673a\u6240\u5728\u7684\u7269\u7406\u673a\uff1b<\/li>\nConductor<\/code>\uff1a\u8ba1\u7b97\u8282\u70b9\u8bbf\u95ee\u6570\u636e\u5e93\u7684\u4e2d\u95f4\u4ef6\uff1b<\/li>\nConsoleauth<\/code>\uff1a\u7528\u4e8e\u63a7\u5236\u53f0\u7684\u6388\u6743\u8ba4\u8bc1\uff1b<\/li>\nNovncproxy<\/code>\uff1aVNC\u4ee3\u7406\uff0c\u7528\u4e8e\u663e\u793a\u865a\u62df\u673a\u64cd\u4f5c\u7ec8\u7aef\uff1b<\/li>\n<\/ul>\nNova-API\u7684\u529f\u80fd<\/strong>\uff1a
\nNova-api \u7ec4\u4ef6\u5b9e\u73b0\u4e86 restful API \u7684\u529f\u80fd\uff0c\u63a5\u6536\u548c\u54cd\u5e94\u6765\u81ea\u6700\u7ec8\u7528\u6237\u7684\u8ba1\u7b97API\u8bf7\u6c42\uff0c\u63a5\u6536\u5916\u90e8\u7684\u8bf7\u6c42\uff0c\u5e76\u901a\u8fc7 message queue \u5c06\u8bf7\u6c42\u53d1\u9001\u7ed9\u5176\u4ed6\u670d\u52a1\u7ec4\u4ef6\uff0c\u540c\u65f6\u4e5f\u517c\u5bb9 EC2 API\uff0c\u53ef\u4ee5\u4f7f\u7528 EC2 \u7684\u7ba1\u7406\u5de5\u5177\u5bf9 nova \u8fdb\u884c\u65e5\u5e38\u7ba1\u7406\u3002<\/p>\nnova scheduler\u7684\u529f\u80fd<\/strong>\uff1a
\n\u51b3\u7b56\u865a\u62df\u673a\u521b\u5efa\u5728\u54ea\u4e2a\u4e3b\u673a\uff08\u8ba1\u7b97\u8282\u70b9\uff09\u4e0a\uff0c\u5206\u4e3a\u4e24\u4e2a\u6b65\u9aa4\uff1a<\/p>\n\n\u8fc7\u6ee4\uff08filter\uff09<\/code>\uff1a\u9996\u5148\u83b7\u53d6\u4e3b\u673a\u5217\u8868\uff0c\u6839\u636e\u8fc7\u6ee4\u5c5e\u6027\uff0c\u9009\u62e9\u7b26\u5408\u6761\u4ef6\u7684\u4e3b\u673a\uff1b<\/li>\n\u8ba1\u7b97\u6743\u503c\uff08weight\uff09<\/code>\uff1a\u9ed8\u8ba4\u6839\u636e\u8d44\u6e90\u53ef\u7528\u7a7a\u95f4\u8fdb\u884c\u6743\u91cd\u6392\u5e8f\uff0c\u7136\u540e\u9009\u62e9\u6743\u91cd\u5927\u7684\u4e3b\u673a\uff1b<\/li>\n<\/ol>\n1. \u5b89\u88c5nova<\/h3>\nyum install -y \\\nopenstack-nova-api \\\nopenstack-nova-conductor \\\nopenstack-nova-console \\\nopenstack-nova-novncproxy \\\nopenstack-nova-scheduler \\\nopenstack-nova-placement-api<\/code><\/pre>\n2. \u51c6\u5907\u6570\u636e\u5e93<\/h3>\nCREATE DATABASE nova_api;\nGRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'nova123';\n\nCREATE DATABASE nova;\nGRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'nova123';\n\nCREATE DATABASE nova_cell0;\nGRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY 'nova123';\n\nFLUSH PRIVILEGES;<\/code><\/pre>\n
|