OpenStack environment deployment
- Multiple users submit to create virtual machines at the same time, and only one node is under pressure
- There are multiple nodes, and the control node receives the request and sends the request to the computing node for scheduling. If there are multiple computing nodes, the user can operate in parallel.
Configure the virtual machine
- Turn on the virtualization engine
-
Set the network card to eth0
按tab键,输入命令net.ifnames=0 biosdevname=0
Set up the network card
- eth0 network card:
-
eth1 network card:
-
View:
- The other two nodes are the same~~
- Node ②:
- Node ③
Turn off the firewall
- All three node devices need to be shut down
[root@ct ~]# setenforce 0
[root@ct ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@ct ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
[root@ct ~]# grep -v "#" /etc/selinux/config
No interaction
- Add mapping (three nodes)
[root@ct ~]# vi /etc/hosts
192.168.100.10 ct
192.168.100.20 c1
192.168.100.30 c2
- No interaction (three nodes)
[root@ct1 ~]# ssh-keygen -t rsa 生成密钥
[root@ct1 ~]# ssh-copy-id ct 公钥传递
[root@ct1 ~]# ssh-copy-id c1
[root@ct1 ~]# ssh-copy-id c2
- Verification effect
[root@ct ~]# ssh root@c1
[root@ct ~]# ssh root@c2
[root@c1 ~]# ssh root@ct
[root@c1 ~]# ssh root@c2
[root@c2 ~]# ssh root@ct
[root@c2 ~]# ssh root@c1
Install dependencies
[root@ct ~]# yum -y install net-tools bash-completion vim gcc gcc-c++ make pcre pcre-devel expat-devel cmake bzip2
net-tools 可以使用ifconfig命令
bash-completion 自动补全
pcre 正则 devel库
expat-devel:Apache依赖包,C语言开发,解析XML文档的开发库
[root@ct ~]# yum -y install centos-release-openstack-train python-openstackclient openstack-selinux openstack-utils
#c1 c2也需要安装
centos-release-openstack-train 保证安装更新openstack版本为最新版本t版
python-openstackclient openstack的python客户端
因为openstack中的API大多数是python编写的,并且连接数据库,也需要python
openstack-selinux openstack核心安全防护
openstack-utils openstack其它util工具
Set time synchronization
- ct1 node configuration time synchronization
[root@ct ~]# yum install chrony -y
[root@ct ~]# vim /etc/chrony.conf
[root@ct ~]# systemctl enable chronyd
[root@ct ~]# systemctl restart chronyd
[root@ct ~]# chronyc sources
[root@ct ~]# date
- compute node to do time synchronization
[root@c1 ~]# systemctl enable chronyd
[root@c1 ~]# systemctl restart chronyd
[root@c1 ~]# chronyc sources
[root@c2 ~]# chronyc sources
- Set up task schedule
[root@ct ~]# crontab -e
*/5 * * * * /usr/bin/chronyc sources >> /var/log/chronyc.log
System environment configuration
Configuration service (control node):
Install and configure MariaDB
[root@ct ~]# yum -y install mariadb mariadb-server python2-PyMySQL
python2-PyMySQL:
This package is used for the modules required by the openstack control terminal to connect to mysql. If it is not installed, the database cannot be connected; this package is only installed on the control terminal
[root@ct ~]# yum -y install libibverbs
- Add MySQL sub-configuration file
[root@ct ~]# vim /etc/my.cnf.d/openstack.cnf
增加如下内容
[mysqld]
bind-address=192.168.74.11 #控制节点局域网地址
default-storage-engine=innodb #默认存储引擎
innodb_file_per_table=on #每张表独立表空间文件
max_connections=4096 #最大连接数
collation-server=utf8_general_ci #默认字符集,不区分大小写
character-set-server=utf8
- Auto-start at boot, start service
[root@ct ~]# systemctl enable mariadb
[root@ct ~]# systemctl start mariadb
- Execute MariaDB security configuration script
[root@ct ~]# mysql_secure_installation #安全的初始化
- Check the effect
[root@ct ~]# mysql -uroot -p123123
Install RabbitMQ
All instructions for creating a virtual machine will be sent to rabbitmq from the control end, and the node node monitors rabbitmq
[root@ct ~]# yum -y install rabbitmq-server
- Configure the service, start the RabbitMQ service, and set it to start at boot
[root@ct ~]# systemctl enable rabbitmq-server.service
[root@ct ~]# systemctl start rabbitmq-server.service
- Create a message queue user for the authentication of the controller and node nodes to connect to rabbitmq
[root@ct ~]# rabbitmqctl add_user openstack RABBIT_PASS
- Configure operation permissions for openstack users (regular, configure read and write permissions)
[root@ct ~]# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
You can view two ports, 25672 and 5672 (5672 is the default port of Rabbitmq, and 25672 is the port of Rabbit's test tool CLI)
[root@ct ~]# netstat -anpt | grep 5672
- View the list of rabbitmq plugins
[root@ct ~]# rabbitmq-plugins list
- Open the rabbitmq web management interface plug-in, the port is 15672
[root@ct ~]# rabbitmq-plugins enable rabbitmq_management
- Access 192.168.100.10:15672
- The default account password is guest
Install memcached
Function:
installing memcached is used to store session information; the service authentication mechanism uses Memcached to cache tokens when logging in to the openstack dashboard, some session information will be generated, which will be stored in memcached
[root@ct ~]# yum install -y memcached python-memcached
#python-*模块在OpenStack中起到连接数据库的作用
- Modify Memcached configuration file
[root@ct ~]# vim /etc/sysconfig/memcached
[root@ct ~]# systemctl enable memcached
[root@ct ~]# systemctl start memcached
[root@ct ~]# netstat -nautp | grep 11211
Install etcd and modify the configuration file
[root@ct ~]# yum -y install etcd
[root@ct ~]# cd /etc/etcd/
[root@ct etcd]# ls -lh
[root@ct etcd]# vim etcd.conf
#数据目录位置
#监听其他etcd member的url(2380端口,集群之间通讯,域名为无效值)
#对外提供服务的地址(2379端口,集群内部的通讯端口)
#集群中节点标识(名称)
#该节点成员的URL地址,2380端口:用于集群之间通讯。
#
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="http://192.168.100.10:2380"
ETCD_LISTEN_CLIENT_URLS="http://192.168.100.10:2379"
ETCD_NAME="ct"
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.100.10:2380"
ETCD_ADVERTISE_CLIENT_URLS="http://192.168.100.10:2379"
ETCD_INITIAL_CLUSTER="ct=http://192.168.100.10:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01" #集群唯一标识
ETCD_INITIAL_CLUSTER_STATE="new" #初始集群状态,new为静态,若为existing,则表示此ETCD服务将尝试加入已有的集群
若为DNS,则表示此集群将作为被加入的对象
- Auto-start at boot, open service, detect port
[root@ct etcd]# cd
[root@ct ~]# systemctl enable etcd.service
[root@ct ~]# systemctl start etcd.service
[root@ct ~]# netstat -anutp |grep 2379
[root@ct ~]# netstat -anutp |grep 2380
E=“new” #Initial cluster status, new is static. If it is existing, it means that this ETCD service will try to join an existing cluster.
If it is DNS, it means that this cluster will be the object of being joined
[外链图片转存中...(img-9KR0fCSm-1614060207484)]
- 开机自启动、开启服务,检测端口
```powershell
[root@ct etcd]# cd
[root@ct ~]# systemctl enable etcd.service
[root@ct ~]# systemctl start etcd.service
[root@ct ~]# netstat -anutp |grep 2379
[root@ct ~]# netstat -anutp |grep 2380