CentOS8.3搭建OpenStack V版 ALL in One（VXLAN）-EW帮帮网

1.修改主机名,添加解析

2.更换网络服务

3.配置IP地址(VXLAN)

4.配置SeLinux和Firewalld

5.安装openstack存储库

6.安装openstack客户端和openstack-selinux

环境介绍:

Controller节点IP: 192.168.20.2

内网网段: enp110s0 192.168.20.0/24

外网网段: enp110s1 192.168.30.0/24

1.修改主机名,添加解析

hostnamectl set-hostname controller
echo "192.168.20.2 controller" >> /etc/hosts

2.更换网络服务

# 安装Network服务
dnf install network-scripts -y
# 停用NetworkManager并禁止开机自启
systemctl stop NetworkManager && systemctl disable NetworkManager
# 启用 Network并设置开机自启
systemctl start network && systemctl enable network

3.配置IP地址(VXLAN)

内网网卡配 192.168.20.2
外网网卡协议配置为:none   onboot=yes

4.配置SeLinux和Firewalld

setenforce 0
sed -i 's/=enforcing/=disabled/' /etc/selinux/config
systemctl stop firewalld && systemctl disable firewalld

5.安装openstack存储库

dnf config-manager --enable powertools
dnf install centos-release-openstack-victoria -y

6.安装openstack客户端和openstack-selinux

dnf install python3-openstackclient openstack-selinux -y

7.安装Mariadb数据库

dnf install mariadb mariadb-server python3-PyMySQL -y

7.1数据库配置

vim /etc/my.cnf.d/openstack.cnf
[mysqld]
bind-address = 192.168.20.2
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8

7.2启动数据库

systemctl start mariadb && systemctl enable mariadb

7.3数据库初始化

mysql_secure_installation

# 输入当前用户root密码，若为空直接回车
Enter current password for root (enter for none):
OK, successfully used password, moving on...
# 是否设置root密码
Set root password? [Y/n] y
# 输入新密码
New password:
# 再次输入新密码
Re-enter new password:
# 是否删除匿名用户
Remove anonymous users? [Y/n] y
# 是否禁用远程登录
Disallow root login remotely? [Y/n] n
# 是否删除数据库并访问它
Remove test database and access to it? [Y/n] y
# 是否重新加载权限表
Reload privilege tables now? [Y/n] y

8.RabbitMq消息队列服务

8.1安装RabbieMq 并配置开机启动

dnf install rabbitmq-server -y
systemctl start rabbitmq-server && systemctl enable rabbitmq-server

8.2配置Openstack用户可读可写权限

rabbitmqctl add_user openstack RABBIT_PASS
rabbitmqctl set_permissions openstack ".*" ".*" ".*"

8.3启用Web界面管理插件

rabbitmq-plugins enable rabbitmq_management

9.安装Memcached缓存

dnf install memcached python3-memcached -y

9.1配置缓存

sed -i 's/::1/::1,controller/' /etc/sysconfig/memcached

9.2配置开机启动

systemctl start memcached && systemctl enable memcached

10.安装ETCD

10.1编辑etcd配置文件

vim /etc/etcd/etcd.conf
#[Member]
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="http://192.168.20.2:2380"
ETCD_LISTEN_CLIENT_URLS="http://192.168.20.2:2379"
ETCD_NAME="controller"
#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.20.2:2380"
ETCD_ADVERTISE_CLIENT_URLS="http://192.168.20.2:2379"
ETCD_INITIAL_CLUSTER="controller=http://192.168.20.2:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster"
ETCD_INITIAL_CLUSTER_STATE="new"

10.2启动Etcd服务并设置开机自启

systemctl start etcd && systemctl enable etcd

11.Keystone服务安装

11.1创建Keystone数据库

mysql -u root -p1
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'KEYSTONE_DBPASS';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'KEYSTONE_DBPASS';
exit;

11.2安装Keystone软件包

dnf install openstack-keystone httpd python3-mod_wsgi crudini bash-completion -y

11.3配置Keystone配置文件

# 备份
cp /etc/keystone/keystone.conf /etc/keystone/keystone.conf.bak
# 去掉备份文件keystone.conf.backup的空行、备注等信息覆盖掉keystone.conf文件
grep -Ev '^$|#' /etc/keystone/keystone.conf.bak >/etc/keystone/keystone.conf


vim /etc/keystone/keystone.conf
[database]
connection = mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone

[token]
provider = fernet

11.4初始化数据库和令牌

su -s /bin/sh -c "keystone-manage db_sync" keystone
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

11.5引导身份认证服务

keystone-manage bootstrap --bootstrap-password ADMIN_PASS \
  --bootstrap-admin-url http://controller:5000/v3/ \
  --bootstrap-internal-url http://controller:5000/v3/ \
  --bootstrap-public-url http://controller:5000/v3/ \
  --bootstrap-region-id RegionOne

11.6配置Apache服务

vim /etc/httpd/conf/httpd.conf
ServerName controller

11.7创建/usr/share/keystone/wsgi-keystone.conf文件链接

ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/

11.8启动httpd服务

systemctl start httpd && systemctl enable httpd

11.9创建环境变量脚本

vim /admin-openrc.sh

export OS_USERNAME=admin
export OS_PASSWORD=ADMIN_PASS
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

source admin-openrc.sh
openstack token issue
# 创建service项目
openstack project create --domain default --description "Service Project" service

12.创建Glance镜像服务

12.1创建Glance数据库

mysql -u root -p1
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'GLANCE_DBPASS';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'GLANCE_DBPASS';
exit;

12.2创建glance用户并关联角色

openstack user create --domain default --password GLANCE_PASS glance
#  在service的项目上给glance用户关联admin角色
openstack role add --project service --user glance admin

12.3创建glance服务并注册

# 创建glance服务
openstack service create --name glance --description "OpenStack Image" image
# 注册API，也就是创建镜像服务的API终端endpoints
openstack endpoint create --region RegionOne image public http://controller:9292
openstack endpoint create --region RegionOne image internal http://controller:9292
openstack endpoint create --region RegionOne image admin http://controller:9292

12.4安装并且配置glance

dnf install openstack-glance -y
cp /etc/glance/glance-api.conf /etc/glance/glance-api.conf.back
cat /etc/glance/glance-api.conf.back  | grep -Ev "^#|^$" > /etc/glance/glance-api.conf

crudini --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:GLANCE_DBPASS@controller/glance
crudini --set /etc/glance/glance-api.conf keystone_authtoken www_authenticate_uri http://controller:5000
crudini --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://controller:5000
crudini --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers controller:11211
crudini --set /etc/glance/glance-api.conf keystone_authtoken auth_type password
crudini --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name Default
crudini --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name Default
crudini --set /etc/glance/glance-api.conf keystone_authtoken project_name service
crudini --set /etc/glance/glance-api.conf keystone_authtoken username glance
crudini --set /etc/glance/glance-api.conf keystone_authtoken password GLANCE_PASS
crudini --set /etc/glance/glance-api.conf paste_deploy flavor keystone
crudini --set /etc/glance/glance-api.conf glance_store stores file,http
crudini --set /etc/glance/glance-api.conf glance_store default_store file
crudini --set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /var/lib/glance/images/

12.5同步glance数据库并启动

su -s /bin/sh -c "glance-manage db_sync" glance
systemctl start openstack-glance-api && systemctl enable openstack-glance-api

13.Placement服务安装

13.1创建Placement数据库

mysql -uroot -p1
CREATE DATABASE placement;
GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' IDENTIFIED BY 'PLACEMENT_DBPASS';
GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' IDENTIFIED BY 'PLACEMENT_DBPASS';
exit;

13.2配置用户和Endpoint

openstack user create --domain default --password PLACEMENT_PASS placement
# 在service的项目上给placement用户关联admin角色
openstack role add --project service --user placement admin
# 创建Plancement服务
openstack service create --name placement --description "Placement API" placement
# 创建Plancement服务API端口
openstack endpoint create --region RegionOne placement public http://controller:8778
openstack endpoint create --region RegionOne placement internal http://controller:8778
openstack endpoint create --region RegionOne placement admin http://controller:8778

13.3安装并配置Plancement

dnf install openstack-placement-api -y
cp /etc/placement/placement.conf /etc/placement/placement.conf.back
cat /etc/placement/placement.conf.back  | grep -Ev "^#|^$" > /etc/placement/placement.conf

crudini --set /etc/placement/placement.conf placement_database connection mysql+pymysql://placement:PLACEMENT_DBPASS@controller/placement
crudini --set /etc/placement/placement.conf api auth_strategy keystone
crudini --set /etc/placement/placement.conf keystone_authtoken auth_url http://controller:5000/v3
crudini --set /etc/placement/placement.conf keystone_authtoken memcached_servers controller:11211
crudini --set /etc/placement/placement.conf keystone_authtoken auth_type password
crudini --set /etc/placement/placement.conf keystone_authtoken project_domain_name Default
crudini --set /etc/placement/placement.conf keystone_authtoken user_domain_name Default
crudini --set /etc/placement/placement.conf keystone_authtoken project_name service
crudini --set /etc/placement/placement.conf keystone_authtoken username placement
crudini --set /etc/placement/placement.conf keystone_authtoken password PLACEMENT_PASS

#同步数据库
su -s /bin/sh -c "placement-manage db sync" placement
systemctl restart httpd #重启httpd服务
placement-status upgrade check #服务检查

14.Nova计算服务安装

14.1创建Nova数据库

mysql -u root -p1
CREATE DATABASE nova_api;
CREATE DATABASE nova;
CREATE DATABASE nova_cell0;
# 授权nova_api数据库
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';
# 授权nova数据库
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';
# 授权nova_cell0数据库
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';
exit;

14.2配置用户和Endpoint

openstack user create --domain default --password NOVA_PASS nova
# 在service的项目上给nova用户关联admin角色
openstack role add --project service --user nova admin
# 创建Nova服务
openstack service create --name nova --description "OpenStack Compute" compute

openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1
openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1
openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1

14.3安装配置Nova

dnf install openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler openstack-nova-compute -y

cp /etc/nova/nova.conf /etc/nova/nova.conf.back
cat /etc/nova/nova.conf.back | grep -Ev "^#|^$" > /etc/nova/nova.conf

crudini --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
crudini --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@controller:5672/
crudini --set /etc/nova/nova.conf DEFAULT my_ip 192.168.20.2
crudini --set /etc/nova/nova.conf api_database connection mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api
crudini --set /etc/nova/nova.conf database connection mysql+pymysql://nova:NOVA_DBPASS@controller/nova
crudini --set /etc/nova/nova.conf api auth_strategy keystone
crudini --set /etc/nova/nova.conf keystone_authtoken www_authenticate_uri http://controller:5000/
crudini --set /etc/nova/nova.conf keystone_authtoken auth_url http://controller:5000/
crudini --set /etc/nova/nova.conf keystone_authtoken memcached_servers controller:11211
crudini --set /etc/nova/nova.conf keystone_authtoken auth_type password
crudini --set /etc/nova/nova.conf keystone_authtoken project_domain_name Default
crudini --set /etc/nova/nova.conf keystone_authtoken user_domain_name Default
crudini --set /etc/nova/nova.conf keystone_authtoken project_name service
crudini --set /etc/nova/nova.conf keystone_authtoken username nova
crudini --set /etc/nova/nova.conf keystone_authtoken password NOVA_PASS
crudini --set /etc/nova/nova.conf vnc enabled true
crudini --set /etc/nova/nova.conf vnc server_listen '$my_ip'
crudini --set /etc/nova/nova.conf vnc server_proxyclient_address '$my_ip'
crudini --set /etc/nova/nova.conf glance api_servers http://controller:9292
crudini --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
crudini --set /etc/nova/nova.conf placement region_name RegionOne
crudini --set /etc/nova/nova.conf placement project_domain_name Default
crudini --set /etc/nova/nova.conf placement project_name service
crudini --set /etc/nova/nova.conf placement auth_type password
crudini --set /etc/nova/nova.conf placement user_domain_name Default
crudini --set /etc/nova/nova.conf placement auth_url http://controller:5000/v3
crudini --set /etc/nova/nova.conf placement username placement
crudini --set /etc/nova/nova.conf placement password PLACEMENT_PASS
crudini --set /etc/nova/nova.conf vnc novncproxy_base_url  http://192.168.20.2:6080/vnc_auto.html

14.4同步nova数据库

# 同步nova_api数据库
su -s /bin/sh -c "nova-manage api_db sync" nova
# 同步nova_cell0数据库
su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
# 创建cell1
su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
# 同步nova数据库
su -s /bin/sh -c "nova-manage db sync" nova

# 验证nova_cell0和cell1是否添加成功
su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova

14.5启动Nova服务

systemctl start openstack-nova-api openstack-nova-scheduler openstack-nova-conductor openstack-nova-novncproxy && 
systemctl enable openstack-nova-api openstack-nova-scheduler openstack-nova-conductor openstack-nova-novncproxy

14.6确认节点是支持硬件加速

egrep -c '(vmx|svm)' /proc/cpuinfo
#执行命令后返回结果是数字说明支持硬件加速，否则需要编辑vim /etc/nova/nova.conf文件中的[libvirt]部分，修改以下内容
[libvirt]
virt_type = qemu
#启动服务
systemctl start libvirtd openstack-nova-compute && systemctl enable libvirtd openstack-nova-compute
openstack compute service list --service nova-compute
openstack compute service list

14.7设置发现间隔时间 vi /etc/nova/nova.conf

# 手动修改方式
[scheduler]
discover_hosts_in_cells_interval = 300
# 命令修改方式
crudini --set /etc/nova/nova.conf scheduler discover_hosts_in_cells_interval 300

15.Neutron网络组件

15.1创建Neutron数据库

mysql -uroot -p1
CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'NEUTRON_DBPASS';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'NEUTRON_DBPASS';
exit;

15.2配置用户和Endpoint

openstack user create --domain default --password NEUTRON_PASS neutron
# 在service的项目上给neutron用户关联admin角色
openstack role add --project service --user neutron admin
# 创建Neutron服务
openstack service create --name neutron --description "OpenStack Networking" network

openstack endpoint create --region RegionOne network public http://controller:9696
openstack endpoint create --region RegionOne network internal http://controller:9696
openstack endpoint create --region RegionOne network admin http://controller:9696

15.3安装并配置Neutron

dnf install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y
cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.back
cat /etc/neutron/neutron.conf.back | grep -Ev "^#|^$" > /etc/neutron/neutron.conf

crudini --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:NEUTRON_DBPASS@controller/neutron
crudini --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
crudini --set /etc/neutron/neutron.conf DEFAULT service_plugins router
crudini --set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips true
crudini --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@controller
crudini --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
crudini --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes true
crudini --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes true
crudini --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://controller:5000
crudini --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://controller:5000
crudini --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers controller:11211
crudini --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
crudini --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
crudini --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
crudini --set /etc/neutron/neutron.conf keystone_authtoken project_name service
crudini --set /etc/neutron/neutron.conf keystone_authtoken username neutron
crudini --set /etc/neutron/neutron.conf keystone_authtoken password NEUTRON_PASS
crudini --set /etc/neutron/neutron.conf nova auth_url http://controller:5000
crudini --set /etc/neutron/neutron.conf nova auth_type password
crudini --set /etc/neutron/neutron.conf nova project_domain_name default
crudini --set /etc/neutron/neutron.conf nova user_domain_name default
crudini --set /etc/neutron/neutron.conf nova region_name RegionOne
crudini --set /etc/neutron/neutron.conf nova project_name service
crudini --set /etc/neutron/neutron.conf nova username nova
crudini --set /etc/neutron/neutron.conf nova password NOVA_PASS
crudini --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp

crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vxlan,vlan
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2  tenant_network_types vxlan
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2  mechanism_drivers linuxbridge
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2  extension_drivers port_security
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks provider
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset true

crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:enp110s1
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan false
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group true
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

crudini --set /etc/neutron/l3_agent.ini DEFAULT interface_driver linuxbridge

crudini --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver linuxbridge
crudini --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
crudini --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata true

crudini --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_host controller
crudini --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret METADATA_SECRET
crudini --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers controller:11211

modprobe br_netfilter
sysctl net.bridge.bridge-nf-call-iptables
sysctl net.bridge.bridge-nf-call-ip6tables

vi /etc/sysctl.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
sysctl -p

15.4配置nova网络服务

crudini --set /etc/nova/nova.conf neutron auth_url http://controller:5000
crudini --set /etc/nova/nova.conf neutron auth_type password
crudini --set /etc/nova/nova.conf neutron project_domain_name default
crudini --set /etc/nova/nova.conf neutron user_domain_name default
crudini --set /etc/nova/nova.conf neutron region_name RegionOne
crudini --set /etc/nova/nova.conf neutron project_name service
crudini --set /etc/nova/nova.conf neutron username neutron
crudini --set /etc/nova/nova.conf neutron password NEUTRON_PASS
crudini --set /etc/nova/nova.conf neutron service_metadata_proxy true
crudini --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret METADATA_SECRET

15.5修改neutron权限

vim /etc/neutron/neutron.conf

[privsep]
user = neutron
helper_command = sudo privsep-helper

vim /etc/sudoers.d/neutron
neutron ALL = (root) NOPASSWD: ALL

#网络服务初始化脚本需要一个软链接指向/etc/neutron/plugins/ml2/ml2_conf.ini文件，创建软链接
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

#同步数据库
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron


#重启nova-api服务

systemctl restart openstack-nova-api

15.6启动neutron服务

systemctl start neutron-server neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent && 
systemctl enable neutron-server neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent
systemctl restart neutron-l3-agent && systemctl enable neutron-l3-agent

16.Dashboard组件安装

16.1安装软件包

dnf install openstack-dashboard -y

16.2编辑 vim /etc/openstack-dashboard/local_settings 文件，修改以下文件内容

# 配置仪表盘在controller节点上使用openstack服务
OPENSTACK_HOST = "controller"
# 配置运行访问仪表盘的主机，星号表示运行所有主机访问
ALLOWED_HOSTS = ['*']
# 配置memcached会话存储服务
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
CACHES = {
    'default': {
         'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
         'LOCATION': 'controller:11211',
    }
}
# 启用身份API版本3
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
TIME_ZONE = "Asia/Shanghai"
# 上面几项修改即可，以下为新增信息
# 启用对域的支持
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
# 配置API版本
OPENSTACK_API_VERSIONS = {
    "identity": 3,
    "image": 2,
    "volume": 3,
}
# 配置默认域
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"
# 配置默认角色
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"
# 启用对第3层网络服务的支持，若是公有网络则需要禁用，将True改为False
OPENSTACK_NEUTRON_NETWORK = {
    'enable_router': True,
    'enable_quotas': True,
    'enable_distributed_router': True,
    'enable_ha_router': True,
    'enable_lb': True,
    'enable_firewall': True,
    'enable_vpn': True,
    'enable_fip_topology_check': True,
}

16.3编辑vim /etc/httpd/conf.d/openstack-dashboard.conf文件，添加以下内容

WSGIApplicationGroup %{GLOBAL}

16.4重建apache的dashboard配置文件

# 执行以下两条命令
cd /usr/share/openstack-dashboard
python3 manage.py make_web_conf --apache > /etc/httpd/conf.d/openstack-dashboard.conf

16.5建立策略文件（policy.json）的软链接

ln -s /etc/openstack-dashboard /usr/share/openstack-dashboard/openstack_dashboard/conf

16.6重启Web服务器和会话存储服务

# 计算节点执行，启动httpd服务并设为开机自启
systemctl start httpd && systemctl enable httpd
# 控制节点执行，重启memcached会话存储服务
systemctl restart memcached

16.7解决登录horizon后无法进入身份管理

vim /etc/openstack-dashboard/local_settings
最下方加入
WEBROOT = '/dashboard/'

vim /etc/httpd/conf.d/openstack-dashboard.conf
修改如下
WSGIScriptAlias /dashboard /usr/share/openstack-dashboard/openstack_dashboard/wsgi.py
Alias /dashboard/static /usr/share/openstack-dashboard/static

编辑 vim /etc/httpd/conf/httpd.conf +107
修改 Require all granted
systemctl restart httpd memcached

17.修改镜像存储虚拟机存储地址

su - glance -s /bin/sh  -c "mkdir /data1/images" #以glance身份创建文件夹
进入默认镜像存储位置 /var/lib/glance/images
# 删除重建
rmdir /var/lib/glance/images 
su - glance -s /bin/sh  -c "ln -s /data1/images ."

su - nova -s /bin/sh  -c "mkdir /data2/nova" #以glance身份创建文件夹
进入默认虚拟机存储位置 /var/lib/nova
# 删除重建
rmdir /var/lib/nova/instances 
su - nova -s /bin/sh  -c "ln -s /data2/instances  ."

至此 Openstack基础服务搭建完成

本文含有隐藏内容，请开通VIP 后查看

CentOS8.3搭建OpenStack V版 ALL in One（VXLAN）

1.修改主机名,添加解析

2.更换网络服务

3.配置IP地址(VXLAN)

4.配置SeLinux和Firewalld

5.安装openstack存储库

6.安装openstack客户端和openstack-selinux

7.安装Mariadb数据库

8.RabbitMq消息队列服务

9.安装Memcached缓存

10.安装ETCD

11.Keystone服务安装

12.创建Glance镜像服务

13.Placement服务安装

14.Nova计算服务安装

15.Neutron网络组件

15.5修改neutron权限

16.Dashboard组件安装

17.修改镜像存储虚拟机存储地址

至此 Openstack基础服务搭建完成

网站公告

今日签到

热门文章

最新发布

CentOS8.3搭建OpenStack V版 ALL in One（VXLAN）

1.修改主机名,添加解析

2.更换网络服务

3.配置IP地址(VXLAN)

4.配置SeLinux和Firewalld

5.安装openstack存储库

6.安装openstack客户端和openstack-selinux

7.安装Mariadb数据库

8.RabbitMq消息队列服务

9.安装Memcached缓存

10.安装ETCD

11.Keystone服务安装

12.创建Glance镜像服务

13.Placement服务安装

14.Nova计算服务安装

15.Neutron网络组件

15.5修改neutron权限

16.Dashboard组件安装

17.修改镜像存储 虚拟机存储地址

至此 Openstack基础服务搭建完成

网站公告

今日签到

热门文章

最新发布

17.修改镜像存储虚拟机存储地址