openstack mitaka版本 使用
1. 修改管理员密码
图片.png
默认账户default ---admin---ADMIN_PASS[root@controller ~]# vim /root/admin-openrc export OS_PROJECT_DOMAIN_NAME=defaultexport OS_USER_DOMAIN_NAME=defaultexport OS_PROJECT_NAME=adminexport OS_USERNAME=adminexport OS_PASSWORD=123456 修改此项export OS_AUTH_URL=http://controller:35357/v3export OS_IDENTITY_API_VERSION=3export OS_IMAGE_API_VERSION=2source /root/admin-openrc 不然控制节点无法查看运行状态
2. 想新建虚拟实例在指定的宿主机上
图片.png
图片.png
3.新建普通用户 有删除创建实例的权限
图片.png
4. 新建项目 创建配额 限制普通用户创建实例
图片.png
图片.png
图片.png
限制生效.png
5. glance 镜像服务迁移出来
controller 停掉glance服务[root@controller ~]# systemctl stop openstack-glance-api.service openstack-glance-registry.service [root@controller ~]# systemctl disable openstack-glance-api.service openstack-glance-registry.service Removed symlink /etc/systemd/system/multi-user.target.wants/openstack-glance-api.service.Removed symlink /etc/systemd/system/multi-user.target.wants/openstack-glance-registry.service.[root@controller ~]# mysqldump -B glance >glance.sqlscp /root/glance.sql root@10.0.0.12:/root[root@controller ~]# ll /var/lib/glance/images/ glance镜像文件目录总用量 12980-rw-r----- 1 glance glance 13287936 2月 3 08:52 5c95b5dc-50e2-4cad-b334-dfe3a3c9302f
修改控制节点数据库keystone[root@controller ~]# source /root/admin-openrc[root@controller ~]# openstack endpoint list|grep glance| 6400a1d109f94fc7b0a68cf643731ba9 | RegionOne | glance | image | True | internal | http://controller:9292 || a23581fa8fc64771a0c9d580868fa19f | RegionOne | glance | image | True | public | http://controller:9292 || ae40a6fc6d4e44159950cecd32d17748 | RegionOne | glance | image | True | admin | http://controller:9292 [root@controller ~]# mysqldump keystone endpoint > endpoint.sql[root@controller ~]# cp endpoint.sql{,.bak}[root@controller ~]# vim endpoint.sql:%s#http://controller:9292#http://10.0.0.12:9292#gc -y -y -y[root@controller ~]# mysql keystone <endpoint.sql[root@controller ~]# openstack endpoint list|grep glance| 6400a1d109f94fc7b0a68cf643731ba9 | RegionOne | glance | image | True | internal | http://10.0.0.12:9292 || a23581fa8fc64771a0c9d580868fa19f | RegionOne | glance | image | True | public | http://10.0.0.12:9292 || ae40a6fc6d4e44159950cecd32d17748 | RegionOne | glance | image | True | admin | http://10.0.0.12:9292 |[root@controller ~]# openstack image list 检验+--------------------------------------+--------+--------+| ID | Name | Status |+--------------------------------------+--------+--------+| 5c95b5dc-50e2-4cad-b334-dfe3a3c9302f | cirros | active |+--------------------------------------+--------+--------+排错 看最上面或者最下面[root@controller ~]# cd /var/log/nova/[root@controller nova]# ls -1 | awk '{print ">"$0}'>nova-api.log>nova-conductor.log>nova-consoleauth.log>nova-manage.log>nova-novncproxy.log>nova-scheduler.log[root@controller nova]# ls -1 | awk '{print ">"$0}'|bash[root@controller nova]# ls
nova-api.log nova-conductor.log nova-consoleauth.log nova-manage.log nova-novncproxy.log nova-scheduler.log[root@controller nova]# grep -i error *.log排错[root@controller ~]# openstack image listInternal Server Error (HTTP 500)[root@glance glance]# tailf api.logImportError: No module named memcache yum install -y pythone-pip pip install --upgrade pip
glance节点 [root@localhost ~]# vim /etc/hosts 10.0.0.11 controller yum install mariadb mariadb-server python2-PyMySQL -y echo '[mysqld] bind-address = 10.0.0.12 default-storage-engine = innodb innodb_file_per_table max_connections = 4096 collation-server = utf8_general_ci character-set-server = utf8' >/etc/my.cnf.d/openstack.cnf systemctl enable mariadb.service systemctl start mariadb.service mysql_secure_installation ---回车-n-y-y-y-y
mysql -u root -p CREATE DATABASE glance; GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' \ IDENTIFIED BY 'GLANCE_DBPASS'; GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' \ IDENTIFIED BY 'GLANCE_DBPASS'; source /root/glance.sql; show tables;查看
yum install openstack-glance openstack-utils -y scp -pr root@10.0.0.11:/etc/glance/glance-registry.conf /etc/glance/glance-registry.conf scp -pr root@10.0.0.11:/etc/glance/glance-api.conf /etc/glance/glance-api.conf openstack-config --set /etc/glance/glance-registry.conf database connection mysql+pymysql://glance:GLANCE_DBPASS@10.0.0.12/glance openstack-config --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:GLANCE_DBPASS@10.0.0.12/glance systemctl enable openstack-glance-api.service openstack-glance-registry.service systemctl start openstack-glance-api.service openstack-glance-registry.service
scp -pr root@10.0.0.11:/var/lib/glance/images/* /var/lib/glance/images/[root@glance ~]# chown -R glance.glance /var/lib/glance/images/[root@glance ~]# ll /var/lib/glance/images/总用量 12980-rw-r----- 1 glance glance 13287936 2月 3 08:52 5c95b5dc-50e2-4cad-b334-dfe3a3c9302f
所有节点都运行 sed "s#http://controller:9292#http://10.0.0.12:9292#g" /etc/nova/nova.conf|grep 9292 sed -i "s#http://controller:9292#http://10.0.0.12:9292#g" /etc/nova/nova.conf 控制节点 systemctl restart openstack-nova-api.service 运算节点 systemctl restart openstack-nova-compute.service 创建一个实例 看是否启动
图片.png
添加镜像
图片.png
官方镜像源:
https://docs.openstack.org/image-guide/obtain-images.html
国内镜像地址:中科大镜像源
http://mirrors.ustc.edu.cn/centos-cloud/centos/7/images/
6. cinder 块存储服务
mysql -u root -pCREATE DATABASE cinder;GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' \ IDENTIFIED BY 'CINDER_DBPASS';GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' \ IDENTIFIED BY 'CINDER_DBPASS';source /root/admin-openrc openstack user create --domain default --password CINDER_PASS cinder openstack role add --project service --user cinder admin openstack service create --name cinder --description "OpenStack Block Storage" volume openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2 openstack endpoint create --region RegionOne volume public http://controller:8776/v1/%\(tenant_id\)s openstack endpoint create --region RegionOne volume internal http://controller:8776/v1/%\(tenant_id\)s openstack endpoint create --region RegionOne volume admin http://controller:8776/v1/%\(tenant_id\)s openstack endpoint create --region RegionOne volumev2 public http://controller:8776/v2/%\(tenant_id\)s openstack endpoint create --region RegionOne volumev2 internal http://controller:8776/v2/%\(tenant_id\)s openstack endpoint create --region RegionOne volumev2 admin http://controller:8776/v2/%\(tenant_id\)s
\cp /etc/cinder/cinder.conf{,.bak}egrep -v "^$|#" /etc/cinder/cinder.conf.bak >/etc/cinder/cinder.conf
openstack-config --set /etc/cinder/cinder.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip 10.0.0.11openstack-config --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:CINDER_DBPASS@controller/cinder
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_uri http://controller:5000openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://controller:35357openstack-config --set /etc/cinder/cinder.conf keystone_authtoken memcached_servers controller:11211openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_type password
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_name defaultopenstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_name defaultopenstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name service
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password CINDER_PASSopenstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_host controller
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_password RABBIT_PASS[root@controller ~]# md5sum /etc/cinder/cinder.conf
e2119e2454022c6f13734d716afc7e1c /etc/cinder/cinder.confsu -s /bin/sh -c "cinder-manage db sync" cinder openstack-config --set /etc/nova/nova.conf cinder os_region_name RegionOnesystemctl restart openstack-nova-api.service systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service[root@controller ~]# cinder service-list+------------------+------------+------+---------+-------+------------+-----------------+| Binary | Host | Zone | Status | State | Updated_at | Disabled Reason |+------------------+------------+------+---------+-------+------------+-----------------+| cinder-scheduler | controller | nova | enabled | up | - | - |+------------------+------------+------+---------+-------+------------+-----------------+
配置一个存储节点
yum install lvm2 systemctl enable lvm2-lvmetad.service systemctl start lvm2-lvmetad.service
添加2块硬盘 echo '- - -'/sys/class/scsi_host/host0/scan fdisk -l pvcreate /dev/vdb pvcreate /dev/vdc vgcreate cinder-ssd /dev/vdb vgcreate cinder-stat /dev/vdc vim /etc/lvm/lvm.conf +130 根据数据情况 我这边是vd* filter = [ "a/vda/", "a/vdb/", "a/vdc/", "r/.*/"]
\cp /etc/cinder/cinder.conf{,.bak}egrep -v "^$|#" /etc/cinder/cinder.conf.bak >/etc/cinder/cinder.conf
openstack-config --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:CINDER_DBPASS@controller/cinder
openstack-config --set /etc/cinder/cinder.conf DEFAULT rpc_backend rabbit
openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip 10.0.0.12 ##改成自己实际的
openstack-config --set /etc/cinder/cinder.conf DEFAULT glance_api_servers http://10.0.0.12:9292 ##上面修改过glance
openstack-config --set /etc/cinder/cinder.conf DEFAULT enabled_backends ssd,sata
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_uri http://controller:5000openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://controller:35357openstack-config --set /etc/cinder/cinder.conf keystone_authtoken memcached_servers controller:11211openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_type password
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_name defaultopenstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_name defaultopenstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name service
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password CINDER_PASSopenstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_host controller
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_userid openstack
openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_password RABBIT_PASSopenstack-config --set /etc/cinder/cinder.conf ssd volume_driver cinder.volume.drivers.lvm.LVMVolumeDriveropenstack-config --set /etc/cinder/cinder.conf ssd volume_group cinder-ssd
openstack-config --set /etc/cinder/cinder.conf ssd iscsi_protocol iscsi
openstack-config --set /etc/cinder/cinder.conf ssd iscsi_helper lioadm
openstack-config --set /etc/cinder/cinder.conf ssd volume_backend_name ssd
openstack-config --set /etc/cinder/cinder.conf sata volume_driver cinder.volume.drivers.lvm.LVMVolumeDriveropenstack-config --set /etc/cinder/cinder.conf sata volume_group cinder-sata
openstack-config --set /etc/cinder/cinder.conf sata iscsi_protocol iscsi
openstack-config --set /etc/cinder/cinder.conf sata iscsi_helper lioadm
openstack-config --set /etc/cinder/cinder.conf sata volume_backend_name satasystemctl enable openstack-cinder-volume.service target.service systemctl start openstack-cinder-volume.service target.service[root@controller ~]# cinder service-list+------------------+-------------+------+---------+-------+----------------------------+-----------------+| Binary | Host | Zone | Status | State | Updated_at | Disabled Reason |+------------------+-------------+------+---------+-------+----------------------------+-----------------+| cinder-scheduler | controller | nova | enabled | up | 2021-02-06T08:45:35.000000 | - || cinder-volume | glance@sata | nova | enabled | up | 2021-02-06T08:45:25.000000 | - || cinder-volume | glance@ssd | nova | enabled | up | 2021-02-06T08:45:25.000000 | - |+------------------+-------------+------+---------+-------+----------------------------+-----------------+
web界面下
图片.png
[root@glance ~]# lvs LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert root centos -wi-ao---- 46.99g swap centos -wi-ao---- 2.00g volume-ad6b4c0c-2080-4922-b697-543f7b9d1b60 cinder-ssd -wi-a----- 5.00g 逻辑卷只能扩展不能缩容
7. 根据需要创建不同类型的逻辑卷
根据volume_backend_name指定
图片.png
图片.png
[root@glance ~]# lvs 验证 LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert root centos -wi-ao---- 46.99g swap centos -wi-ao---- 2.00g volume-d61a0b44-d72a-4a9c-aee0-b2ab7c14b273 cinder-sata -wi-a----- 3.00g volume-d589e037-6f72-4910-baf3-7a7f6343d84e cinder-ssd -wi-a----- 1.00g
图片.png
验证 ssh cirros@10.0.0.122sudo su -fdisk -l mkfs.ext4 /dev/vdb mount /dev/vdb /mnt cd /mnt echo "this is testing" >test.txt 在存储节点上[root@glance ~]# dd if=/dev/mapper/cinder--sata-volume--d61a0b44--d72a--4a9c--aee0--b2ab7c14b273 of=/opt/disk.raw[root@glance ~]# qemu-img info /opt/disk.raw image: /opt/test.raw file format: rawvirtual size: 3.0G (3221225472 bytes)disk size: 3.0G[root@glance ~]# mount -o loop /opt/disk.raw /test[root@glance ~]# ll /test/总用量 20drwx------ 2 root root 16384 2月 6 17:14 lost+found-rw------- 1 root root 16 2月 6 17:15 test.txt
运算节点上 创建虚拟机目录文件 在每个运算节点上 [root@compute1 ~]# ll /var/lib/nova/instances/5ebab777-fc9d-4ded-a354-135af1f228c3/总用量 2280-rw------- 1 root root 25459 2月 6 17:27 console.log-rw-r--r-- 1 qemu qemu 2293760 2月 6 17:28 disk-rw-r--r-- 1 nova nova 79 2月 6 17:26 disk.info-rw-r--r-- 1 nova nova 2525 2月 6 17:26 libvirt.xml
目录到逻辑卷.png
[root@controller ~]# openstack-config --set /etc/cinder/cinder.conf DEFAULT glance_api_servers http://10.0.0.12:9292[root@controller ~]# systemctl restart openstack-cinder-api.service [root@compute1 ~]# ll /var/lib/nova/instances/90c08ba3-ad28-412b-8fab-4a49dac3093f/总用量 28 没有磁盘文件-rw------- 1 root root 24141 2月 6 17:39 console.log-rw-r--r-- 1 nova nova 2577 2月 6 17:39 libvirt.xml
8. cinder使用nfs
yum install nfs-utils -y[root@compute3 ~]# vim /etc/exports/data/ 10.0.0.0/24(rw,async,no_root_squash,no_all_squash)mkdir /data systemctl start nfs rpcbind systemctl enable nfs rpcbind[root@glance ~]# showmount -e 10.0.0.33Export list for 10.0.0.33:/data/ 10.0.0.0/24
存储节点 openstack-config --set /etc/cinder/cinder.conf DEFAULT enabled_backends ssd,sata,nfs openstack-config --set /etc/cinder/cinder.conf nfs volume_driver cinder.volume.drivers.nfs.NfsDriver openstack-config --set /etc/cinder/cinder.conf nfs nfs_shares_config /etc/cinder/nfs_shares openstack-config --set /etc/cinder/cinder.conf nfs volume_backend_name nfs cat >/etc/cinder/nfs_shares <<EOF10.0.0.33:/dataEOF
[root@glance ~]# systemctl restart openstack-cinder-volume.service[root@controller ~]# cinder service-list+------------------+-------------+------+---------+-------+----------------------------+-----------------+| Binary | Host | Zone | Status | State | Updated_at | Disabled Reason |+------------------+-------------+------+---------+-------+----------------------------+-----------------+| cinder-scheduler | controller | nova | enabled | up | 2021-02-07T08:19:37.000000 | - || cinder-volume | glance@nfs | nova | enabled | up | - | - || cinder-volume | glance@sata | nova | enabled | up | 2021-02-07T08:19:40.000000 | - || cinder-volume | glance@ssd | nova | enabled | up | 2021-02-07T08:19:40.000000 | - |+------------------+-------------+------+---------+-------+----------------------------+-----------------+
image.png
image.png
[root@compute3 data]# lsvolume-de5974d1-5354-426e-81a5-42bb7c4d075a ssh cirros@10.0.0.127sudo su -mount /dev/vdb /tmp echo "this is nfs" >/tmp/testing.txt[root@compute3 data]# mount -o loop volume-de5974d1-5354-426e-81a5-42bb7c4d075a /tmp[root@compute3 data]# ll /tmp/总用量 20drwx------ 2 root root 16384 2月 7 16:45 lost+found-rw-r--r-- 1 root root 12 2月 7 16:47 testing.txt
8. 控制节点兼职计算节点
控制节点 yum install -y openstack-nova-compute openstack-config --set /etc/nova/nova.conf vnc enabled True openstack-config --set /etc/nova/nova.conf vnc vncserver_listen 0.0.0.0openstack-config --set /etc/nova/nova.conf vnc vncserver_proxyclient_address '$my_ip'openstack-config --set /etc/nova/nova.conf vnc novncproxy_base_url http://controller:6080/vnc_auto.html
systemctl start libvirtd openstack-nova-compute.service systemctl enable libvirtd openstack-nova-compute.service [root@controller ~]# nova service-list+----+------------------+-----------------------+----------+----------+-------+----------------------------+-----------------+| Id | Binary | Host | Zone | Status | State | Updated_at | Disabled Reason |+----+------------------+-----------------------+----------+----------+-------+----------------------------+-----------------+| 1 | nova-conductor | controller | internal | enabled | up | 2021-02-07T09:17:18.000000 | - || 2 | nova-scheduler | controller | internal | enabled | up | 2021-02-07T09:17:18.000000 | - || 3 | nova-consoleauth | controller | internal | enabled | up | 2021-02-07T09:17:18.000000 | - || 7 | nova-compute | compute1 | nova | enabled | up | 2021-02-07T09:17:16.000000 | - || 8 | nova-compute | localhost.localdomain | compute2 | disabled | down | 2021-02-05T09:57:59.000000 | 123 || 9 | nova-compute | compute2 | zhiding | enabled | down | 2021-02-05T09:43:21.000000 | - || 10 | nova-compute | compute3 | compute3 | enabled | up | 2021-02-07T09:17:16.000000 | - || 11 | nova-compute | controller | nova | enabled | up | 2021-02-07T09:17:17.000000 | - |+----+------------------+-----------------------+----------+----------+-------+----------------------------+-----------------+
9. 虚拟机冷迁移
1:开启nova计算节点之间互信 冷迁移需要nova计算节点之间使用nova用户互相免密码访问 默认nova用户禁止登陆,开启所有计算节点的nova用户登录shell。 usermod -s /bin/bash nova su - nova ssh-keygen -t rsa#生成密钥cp -fa .ssh/id_rsa.pub .sshauthorized_keys 将公钥发送给其他计算节点的nova用户的/var/lib/nova/.ssh目录下,注意权限和所属组[nova@compute1 ~]$ scp -rp .ssh root@10.0.0.33:`pwd`[root@compute3 ~]# chown -R nova:nova /var/lib/nova/.ssh/2:修改控制节点nova.conf vim /etc/nova/nova.conf[DEFAULT]scheduler_default_filters=RetryFilter,AvailabilityZoneFilter,RamFilter,DiskFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter 重启openstack-nova-scheduler systemctl restart openstack-nova-scheduler.service3:修改所有计算节点的nova配置 vi /etc/nova/nova.conf[DEFAULT]allow_resize_to_same_host = True 重启openstack-nova-compute systemctl restart openstack-nova-compute.service4:dashboard上进行操作---->创建实例---->实现冷迁移操作
作者:挑战_bae7
链接:https://www.jianshu.com/p/370982c7c8b0