Grizzly
Ubuntu12.04.2 OpenStack Grizzly 安裝(Bridge)
?云計算?Add comments Apr082013
2013年4月4日,已經正式發布了Grizzly版本,目前Ubuntu 12.04的Grizzly的deb包,也基本準備好了,這次Ubuntu的動作真的是很快。以前Folsom版本的時候,由于Quantum的復雜和很多問題,導致網絡上有不少問題。Grizzly版本的Quantum,已經做了很大的改進。關于Quantum介紹,可以查看官方wiki
Qauntum 需要通過插件來實現網絡管理,有各種的商業插件,目前開源的插件就2個,linux Bridge和Openvswith,這篇文檔是針對Bridge,Bridge不支持GRE模式,只支持VLAN和Local兩種模式,Local只能用于測試使用。如果是多節點,VLAN模式就需要交換機支持,對端口設置Trunk。
?
參考英文原文:https://github.com/mseknibilel/OpenStack-Grizzly-Install-Guide
Quantum linux-Bridge 插件介紹:https://wiki.openstack.org/wiki/Quantum-Linux-Bridge-Plugin
我會對原文進行一些調整
- 我的網絡環境eth0連接公網,eth1是內網
- 組件需要的數據庫,我統一創建
- 通過設置環境變量的辦法,使得文章適應不同的場景(例如不同的IP和密碼)
文檔修改歷史
2013年4月10凌晨:Grizzly正式版本的Ubuntu 12.04的包剛剛發布,使用最新的包,已經基本完成安裝過程,目前只剩下Dashboard的使用。由于quantum的網絡設置比較復雜,需要設置好網絡,才能進一步測試。
2013年4月17日:修正了文檔幾個錯誤,nova.conf 里quantum的賬號設置錯誤,還有就是quantum沒設置 /etc/quantum/dhcp_agent.ini:不過目前還是沒法創建虛擬機,非常郁悶。目前看到的情況是:Dashboard里還無法完全管理網絡,尤其是bridge模式。
組件和網絡拓撲圖
?
Contents?[hide]
- 1?準備環境
- 1.1?操作系統
- 1.2?源
- 1.3?Hostname
- 1.4?網絡
- 1.5?IP轉發
- 1.6?NTP服務
- 1.7?環境變量
- 1.8?RabbitMQ和相關軟件
- 2?數據庫
- 3?Keystone
- 4?Glance
- 5?Quantum
- 6?KVM
- 7?Nova
- 8?Cinder
- 9?Horizon
準備環境
操作系統
安裝Ubuntu 12.04.2, 最小化安裝就可以。目前內核已經升級到3.5,這樣應該會減少安裝過程的麻煩。
源
默認Ubuntu 12.04的源是Essex版本,我們需要增加Grizzly的源。不過需要你手工添加。源的官方說明
apt-get update apt-get install ubuntu-cloud-keyring添加Grizzly源
cat <<EOF >>/etc/apt/sources.list deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-proposed/grizzly main deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/grizzly main EOF運行下面命令進行更新
apt-get update && apt-get -y dist-upgrade?
Hostname
Hostname設置,其實不是必須的,不過養成一個習慣,也方便自己.
root@node08:~# cat /etc/hostname node08 root@node08:~# cat /etc/hosts 127.0.0.1 localhost 127.0.1.1 node08.chenshake.com node08# The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters root@node08:~# hostname node08 root@node08:~# hostname -f node08.chenshake.com網絡
# cat /etc/network/interfaces # This file describes network interfaces avaiulable on your system # and how to activate them. For more information, see interfaces(5). # Modified by convert_static.sh. auto lo iface lo inet loopbackauto eth0 iface eth0 inet static address 10.1.199.8 hwaddress ether 00:e0:81:d8:42:f6 netmask 255.255.255.0 network 10.1.199.0 gateway 10.1.199.1 dns-search chenshake.com dns-nameservers 10.1.199.5auto eth1 iface eth1 inet static address 10.10.10.8 netmask 255.255.255.0重啟網絡
/etc/init.d/networking restartIP轉發
sed -i -r 's/^\s*#(net\.ipv4\.ip_forward=1.*)/\1/' /etc/sysctl.conf echo 1 > /proc/sys/net/ipv4/ip_forward檢查修改結果
# sysctl -p net.ipv4.ip_forward = 1查看當前機器路由
root@node08:~# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 10.1.199.1 0.0.0.0 UG 100 0 0 eth0 10.1.199.0 * 255.255.255.0 U 0 0 0 eth0 10.10.10.0 * 255.255.255.0 U 0 0 0 eth1NTP服務
apt-get install -y ntp環境變量
環境變量主要是為了使得文檔更加靈活,參數可以設置
cat >/root/novarc <<EOF export OS_TENANT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD=password export MYSQL_PASS=password export SERVICE_PASSWORD=password export RABBIT_PASSWORD=password export OS_AUTH_URL="http://localhost:5000/v2.0/" export SERVICE_ENDPOINT="http://localhost:35357/v2.0" export SERVICE_TOKEN=ADMIN export PUBLIC_IP="$(/sbin/ifconfig eth0 | awk '/inet addr/ {print $2}' | cut -f2 -d ":")" export LOCAL_IP="$(/sbin/ifconfig eth1 | awk '/inet addr/ {print $2}' | cut -f2 -d ":")" EOF你可以根據你的需要調整上面password字段.它會自動獲得你網卡的IP地址, 你可以根據你的情況調整。
查看novarc
cat /root/novarc export OS_TENANT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD=password export MYSQL_PASS=password export SERVICE_PASSWORD=password export RABBIT_PASSWORD=password export OS_AUTH_URL="http://localhost:5000/v2.0/" export SERVICE_ENDPOINT="http://localhost:35357/v2.0" export SERVICE_TOKEN=ADMIN export PUBLIC_IP="10.1.199.8" export LOCAL_IP="10.10.10.8"讓環境變量生效
source novarc echo "source novarc">>.bashrcRabbitMQ和相關軟件
apt-get -y install rabbitmq-server vlan bridge-utils curl數據庫
Openstack的組件都需要用到mysql
| 數據庫 | 用戶 | 密碼 |
| mysql | root | password |
| keystone | keystone | password |
| nova | nova | password |
| glance | glance | password |
| cinder | cinder | password |
| quantum | quantum | password |
?
設置自動安裝,無需輸入密碼
cat <<MYSQL_PRESEED | debconf-set-selections mysql-server-5.5 mysql-server/root_password password $MYSQL_PASS mysql-server-5.5 mysql-server/root_password_again password $MYSQL_PASS mysql-server-5.5 mysql-server/start_on_boot boolean true MYSQL_PRESEED安裝mysql
apt-get -y install mysql-server python-mysqldb允許遠程訪問mysql
sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf重啟服務
service mysql restart創建數據庫
mysql -uroot -p$MYSQL_PASS <<EOF CREATE DATABASE nova; GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '$MYSQL_PASS'; CREATE DATABASE glance; GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '$MYSQL_PASS'; CREATE DATABASE keystone; GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%'IDENTIFIED BY '$MYSQL_PASS'; CREATE DATABASE cinder; GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%'IDENTIFIED BY '$MYSQL_PASS'; CREATE DATABASE quantum; GRANT ALL PRIVILEGES ON quantum.* TO 'quantum'@'%'IDENTIFIED BY '$MYSQL_PASS'; FLUSH PRIVILEGES; EOFKeystone
安裝
apt-get install -y keystone查看keystone運行狀態
service keystone status編輯?/etc/keystone/keystone.conf
需要注意的是admin_token 默認是ADMIN
[sql] # The SQLAlchemy connection string used to connect to the database #connection = sqlite:var/lib/keystone/keystone.db connection = mysql://keystone:password@10.10.10.8:3306/keystone[signing] #token_format = PKI token_format = UUID?
重啟服務和初始化數據庫
service keystone restart keystone-manage db_sync使用腳本導入初始化數據
keystone.sh? 和?endpoint.sh,腳本運行過程中,會出現 WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored). 提示,忽略就可以。
wget http://www.chenshake.com/wp-content/uploads/2013/04/keystone.sh_.txt mv keystone.sh_.txt keystone.sh bash keystone.sh導入endpoint
wget http://www.chenshake.com/wp-content/uploads/2013/04/endpoint.sh_.txt mv endpoint.sh_.txt endpoint.sh bash endpoint.sh驗證keystone
keystone user-list keystone role-list keystone tenant-list keystone endpoint-list service keystone statusTroubleshooting Keystone
1. 查看 5000 和 35357 端口是否在監聽
2. 查看 /var/log/keystone/keystone.log 報錯信息
3. keystone.sh 腳本執行錯誤解決:(檢查腳本內容變量設置)
如果你運行上面腳本出現問題,你可以刪除數據庫再導入數據,運行腳本出錯,基本都是環境變量設置有誤導致
mysql -uroot -p mysql> drop database keystone; mysql> create database keystone; mysql> quit;記得需要同步一下數據庫
keystone-manage db_syncGlance
安裝
apt-get -y install glance配置
編輯 /etc/glance/glance-api.conf
#sql_connection = sqlite:var/lib/glance/glance.sqlite sql_connection = mysql://glance:password@10.10.10.8/glance[keystone_authtoken] auth_host = 127.0.0.1 auth_port = 35357 auth_protocol = http #admin_tenant_name = %SERVICE_TENANT_NAME% #admin_user = %SERVICE_USER% #admin_password = %SERVICE_PASSWORD% admin_tenant_name = service admin_user = glance admin_password = password[paste_deploy] config_file = /etc/glance/glance-api-paste.ini flavor = keystone重啟服務
service glance-api restart編輯 /etc/glance/glance-registry.conf
#sql_connection = sqlite:var/lib/glance/glance.sqlite sql_connection = mysql://glance:password@10.10.10.8/glance[keystone_authtoken] auth_host = 127.0.0.1 auth_port = 35357 auth_protocol = http #admin_tenant_name = %SERVICE_TENANT_NAME% #admin_user = %SERVICE_USER% #admin_password = %SERVICE_PASSWORD% admin_tenant_name = service admin_user = glance admin_password = password[paste_deploy] config_file = /etc/glance/glance-registry-paste.ini flavor = keystone重啟服務
service glance-registry restart同步數據庫
glance-manage version_control 0 glance-manage db_sync驗證Glance
glance image-list?
下面應該沒任何輸出,就表示正確。因為目前還沒有上傳image。
下載Image
我們下載CirrOS的image作為測試使用,只有10M。如果是ubuntu官方的image,220M,并且ubuntu官方的image,都是需要使用密鑰登陸。
CirrOS
下載image
wget https://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-disk.img上傳image
glance image-create --name=cirros-0.3.0-x86_64 --public --container-format=bare \ --disk-format=qcow2 < /root/cirros-0.3.0-x86_64-disk.imgCirros,是可以使用用戶名和密碼登陸,也可以使用密鑰登陸
user:cirros
password:cubswin:)
Ubuntu官方image
下載image
wget http://cloud-images.ubuntu.com/precise/current/precise-server-cloudimg-amd64-disk1.img上傳image
glance image-create --name="Ubuntu 12.04 cloudimg amd64" --public --container-format=ovf \ --disk-format=qcow2 < /root/ubuntu-12.04-server-cloudimg-amd64-disk1.img?
user:ubuntu
只能使用密鑰登陸。
Quantum
安裝
apt-get install -y quantum-server quantum-plugin-linuxbridge quantum-plugin-linuxbridge-agent \ dnsmasq quantum-dhcp-agent quantum-l3-agent編輯 /etc/quantum/quantum.conf
#core_plugin = quantum.plugins.openvswitch.ovs_quantum_plugin.OVSQuantumPluginV2 core_plugin = quantum.plugins.linuxbridge.lb_quantum_plugin.LinuxBridgePluginV2[keystone_authtoken] auth_host = 127.0.0.1 auth_port = 35357 auth_protocol = http #admin_tenant_name = %SERVICE_TENANT_NAME% #admin_user = %SERVICE_USER% #admin_password = %SERVICE_PASSWORD% admin_tenant_name = service admin_user = quantum admin_password = password signing_dir = /var/lib/quantum/keystone-signing配置bridge插件 /etc/quantum/plugins/linuxbridge/linuxbridge_conf.ini
# Default: tenant_network_type = local # Example: tenant_network_type = vlan tenant_network_type = vlan# Default: network_vlan_ranges = # Example: network_vlan_ranges = physnet1:1000:2999 network_vlan_ranges = physnet1:1000:2999#sql_connection = sqlite:var/lib/quantum/linuxbridge.sqlite sql_connection = mysql://quantum:password@10.10.10.8/quantum# Default: physical_interface_mappings = # Example: physical_interface_mappings = physnet1:eth1 physical_interface_mappings = physnet1:eth0編輯 /etc/quantum/l3_agent.ini:
#interface_driver = quantum.agent.linux.interface.OVSInterfaceDriver interface_driver = quantum.agent.linux.interface.BridgeInterfaceDriver# use_namespaces = True use_namespaces = False編輯 /etc/quantum/dhcp_agent.ini
interface_driver = quantum.agent.linux.interface.BridgeInterfaceDriver use_namespaces = False重啟quantum所有服務
cd /etc/init.d/; for i in $( ls quantum-* ); do sudo service $i restart; done service dnsmasq restart驗證Quantum
quantum help?
看到所有quantum相關的命令,目前quantum沒有任何數據
quantum net-listKVM
安裝
apt-get install -y kvm libvirt-bin pm-utils編輯 /etc/libvirt/qemu.conf ,添加下面內容
cgroup_device_acl = ["/dev/null", "/dev/full", "/dev/zero","/dev/random", "/dev/urandom","/dev/ptmx", "/dev/kvm", "/dev/kqemu","/dev/rtc", "/dev/hpet","/dev/net/tun", ]或者運行命令:這個地方用命令修改有點復雜,還沒找到太好的辦法。
cat <<EOF>>/etc/libvirt/qemu.conf cgroup_device_acl = ["/dev/null", "/dev/full", "/dev/zero","/dev/random", "/dev/urandom","/dev/ptmx", "/dev/kvm", "/dev/kqemu","/dev/rtc", "/dev/hpet","/dev/net/tun", ] EOF刪除默認 virtual bridge
virsh net-destroy default virsh net-undefine default允許遷移
編輯 /etc/libvirt/libvirtd.conf,
#auth_tcp = "sasl" auth_tcp = "none"或者運行下面命令
sed -i '/#listen_tcp/s/#listen_tcp/listen_tcp/; /#auth_tcp/s/#auth_tcp/auth_tcp/; /auth_tcp/s/sasl/none/' /etc/libvirt/libvirtd.conf編輯 /etc/init/libvirt-bin.conf
env libvirtd_opts="-d -l"或者使用命令
sed -i '/env libvirtd_opts/s/-d/-d -l/' /etc/init/libvirt-bin.conf編輯 /etc/default/libvirt-bin
libvirtd_opts="-d -l"或者使用命令
sed -i '/libvirtd_opts/s/-d/-d -l/' /etc/default/libvirt-bin重啟服務
service libvirt-bin restartNova
安裝
apt-get install -y nova-api nova-cert novnc nova-consoleauth nova-scheduler \ nova-novncproxy nova-doc nova-conductor nova-compute-kvm編輯 /etc/nova/api-paste.ini
[filter:authtoken] paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory auth_host = 127.0.0.1 auth_port = 35357 auth_protocol = http #admin_tenant_name = %SERVICE_TENANT_NAME% #admin_user = %SERVICE_USER% #admin_password = %SERVICE_PASSWORD% admin_tenant_name = service admin_user = nova admin_password = password signing_dir = /tmp/keystone-signing-nova # Workaround for https://bugs.launchpad.net/nova/+bug/1154809 auth_version = v2.0創建 /etc/nova/nova.conf
?
cat >/etc/nova/nova.conf <<EOF [DEFAULT] logdir=/var/log/nova state_path=/var/lib/nova lock_path=/run/lock/nova verbose=True api_paste_config=/etc/nova/api-paste.ini compute_scheduler_driver=nova.scheduler.simple.SimpleScheduler rabbit_host=$LOCAL_IP nova_url=http://$LOCAL_IP:8774/v1.1/ sql_connection=mysql://nova:$MYSQL_PASS@$LOCAL_IP/nova root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf# Auth use_deprecated_auth=false auth_strategy=keystone# Imaging service glance_api_servers=$LOCAL_IP:9292 image_service=nova.image.glance.GlanceImageService# Vnc configuration novnc_enabled=true novncproxy_base_url=http://$PUBLIC_IP:6080/vnc_auto.html novncproxy_port=6080 vncserver_proxyclient_address=$LOCAL_IP vncserver_listen=0.0.0.0# Network settings network_api_class=nova.network.quantumv2.api.API quantum_url=http://$LOCAL_IP:9696 quantum_auth_strategy=keystone quantum_admin_tenant_name=service quantum_admin_username=quantum quantum_admin_password=$SERVICE_PASSWORD quantum_admin_auth_url=http://$LOCAL_IP:35357/v2.0 libvirt_vif_driver=nova.virt.libvirt.vif.QuantumLinuxBridgeVIFDriver linuxnet_interface_driver=nova.network.linux_net.LinuxBridgeInterfaceDriver firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver# Compute # compute_driver=libvirt.LibvirtDriver# Cinder # volume_api_class=nova.volume.cinder.API osapi_volume_listen_port=5900 EOF編輯 /etc/nova/nova-compute.conf:
[DEFAULT] libvirt_type=kvm compute_driver=libvirt.LibvirtDriver libvirt_vif_type=ethernet libvirt_vif_driver=nova.virt.libvirt.vif.QuantumLinuxBridgeVIFDriver同步數據庫
nova-manage db sync重啟nova相關服務
cd /etc/init.d/; for i in $( ls nova-* ); do sudo service $i restart; done查看nova 服務
nova-manage service listCinder
安裝
apt-get install -y cinder-api cinder-scheduler cinder-volume \ iscsitarget open-iscsi iscsitarget-dkms配置iscsi服務
sed -i 's/false/true/g' /etc/default/iscsitarget?
重啟服務
service iscsitarget start service open-iscsi start編輯 /etc/cinder/api-paste.ini
[filter:authtoken] paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory service_protocol = http service_host = 127.0.0.1 service_port = 5000 auth_host = 127.0.0.1 auth_port = 35357 auth_protocol = http #admin_tenant_name = %SERVICE_TENANT_NAME% #admin_user = %SERVICE_USER% #admin_password = %SERVICE_PASSWORD% admin_tenant_name = service admin_user = cinder admin_password = password編輯 /etc/cinder/cinder.conf
[DEFAULT] rootwrap_config=/etc/cinder/rootwrap.conf sql_connection = mysql://cinder:password@10.10.10.8/cinder api_paste_config = /etc/cinder/api-paste.ini iscsi_helper=ietadm volume_name_template = volume-%s volume_group = cinder-volumes verbose = True auth_strategy = keystone #osapi_volume_listen_port=5900同步數據庫
cinder-manage db sync?
創建一個cinder volume的卷
如果使用文件模擬的方式,其實性能很差,基本是不可用。所以建議采用單獨分區來測試
我的硬盤專門一個分區給volume使用
umount /dev/sda7 pvcreate /dev/sda7 vgcreate cinder-volumes /dev/sda7去掉開機掛載
sed -i '/nova-volume/s/^/#/' /etc/fstab重啟服務
cd /etc/init.d/; for i in $( ls cinder-* ); do sudo service $i restart; done查看cinder服務狀態
cd /etc/init.d/; for i in $( ls cinder-* ); do sudo service $i status; doneHorizon
安裝
apt-get install -y openstack-dashboard memcached默認的ubuntu的theme一直都有問題,需要刪掉。
dpkg --purge openstack-dashboard-ubuntu-theme?
重啟相關服務
service apache2 restart; service memcached restart?
這個時候你就可以直接使用?http://10.1.199.8/horizon?訪問
user:admin? pass:password
如何使用Dashboard,后續補上。
總結
- 上一篇: 菜鸟LeetCode-动态规划
- 下一篇: 软路由回复初始设置