openstack文档分享Ubuntu13 04安装Grizzly版本的OpenStack

1、Ubuntu13.04安装Grizzly版OpenStack 1. 计划Eth0Eth1112. 前期准备2.1 Ubuntu系统准备切换用户sudo su增加Grizzly源apt-get install ubuntu-cloud-keyring python-software-properties software-properties-common python-keyringecho deb /ubuntu precise-updates/grizzly main /e

2、tc/apt/sources.list.d/grizzly.list 升级系统：apt-get updateapt-get upgradeapt-get dist-upgrade2.2网络设置编辑/etc/network/interfaces#For Exposing OpenStack API over the internetauto eth1iface eth1 inet staticaddress 10netmask gateway dns-nameservers #Not internet conne

3、cted(used for OpenStack management)auto eth0iface eth0 inet staticaddress netmask 设置好后重启网络：service networking restartUbuntu13.04桌面版不要用上面的命令重启网络，不然会卡死！可以用ifdown和ifup来启动和停止网卡2.3. 安装MySQL & RabbitMQ安装MySQL：apt-get install -y mysql-server python-mysqldb配置并重启MySQL：sed -i s//

4、/g /etc/mysql/fservice mysql restart安装RabbitMQ：apt-get install -y rabbitmq-server安装NTP：apt-get install -y ntp2.4. 其他apt-get install -y vlan bridge-utils配置/etc/sysctl.confsed -i s/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/ /etc/sysctl.conf3. Keystone安装并检查状态：apt-get install -y keystones

5、ervice keystone status建立数据库（蓝色标记的用户名和密码可改）：mysql -u root -pCREATE DATABASE keystone;GRANT ALL ON keystone.* TO keystoneUser% IDENTIFIED BY keystonePass;quit;修改/etc/keystone/keystone.conf中的数据库连接connection = mysql:/keystoneUser:keystonePass/keystone重启并同步数据库：service keystone restartkeystone-man

6、age db_sync用下面两个脚本去填充keystone数据库，也就是增加user，tenant，role和service以及service的endpoint#Modify the HOST_IP and HOST_IP_EXT variables before executing the scriptswget /mseknibilel/OpenStack-Grizzly-Install-Guide/OVS_SingleNode/KeystoneScripts/keystone_basic.shwget /

7、mseknibilel/OpenStack-Grizzly-Install-Guide/OVS_SingleNode/KeystoneScripts/keystone_endpoints_basic.shchmod +x keystone_basic.shchmod +x keystone_endpoints_basic.sh./keystone_basic.sh./keystone_endpoints_basic.sh修改keystone_basic.sh中的HOST_IP为自己的Eth0的IP，ADMIN_PASSWORD和SERVICE_PASSWORD可改可不改：修改keystone_

8、endpoints_basic.sh中的HOST_IP和EXT_HOST_IP，同时将连接keystone数据库的的用户名和密码进行修改：编辑文件creds#Paste the following:export OS_TENANT_NAME=adminexport OS_USERNAME=adminexport OS_PASSWORD=admin_passexport OS_AUTH_URL=10:5000/v2.0/引入环境变量中：source creds或者可以直接加入root（cat creds /root/.bashrc）的环境变量，这样重启后就无需再

9、次引入了查看创建的userkeystone user-list同样有命令 keystone tenant-list 和 keystone role-list4. Glance安装并查看状态：apt-get install -y glanceservice glance-api statusservice glance-registry status建立glance数据库（用户名和密码可改）：mysql -u root -pCREATE DATABASE glance;GRANT ALL ON glance.* TO glanceUser% IDENTIFIED BY glancePass;qu

10、it;修改/etc/glance/glance-api-paste.ini和/etc/glance/glance-registry-paste.ini文件注：红色为必须要修改（核对）的地方，建议把提到的这几项都核对一下：filter:authtokenpaste.filter_factory = keystoneclient.middleware.auth_token:filter_factorydelay_auth_decision = trueauth_host = auth_port = 35357auth_protocol = httpadmin_tenant_name

11、 = serviceadmin_user = glanceadmin_password = service_pass编辑/etc/glance/glance-api.conf和/etc/glance/glance-registry.conf，修改数据库连接：sql_connection = mysql:/glanceUser:glancePass/glance并且在paste_deploy下加上flavor = keystonepaste_deployflavor = keystone重启服务service glance-api restart; service glance-

12、registry restart同步数据库：glance-manage db_sync再次重启服务service glance-registry restart; service glance-api restart上传镜像测试glance的安装情况：glance image-create -name myFirstImage -is-public true -container-format /bare -disk-format qcow2 location //cirros/trunk/0.3.0/+download/cirros-0.3.0-x86

13、_64-dis/k.img查看镜像：glance image-list5. Quantum5.1. OpenVSwitch安装OpenVSwitchapt-get install -y openvswitch-switch openvswitch-datapath-dkms建立网桥br-int和br-ex：#br-int will be used for VM integrationovs-vsctl add-br br-int#br-ex is used to make to access the internet (not covered in this guide)ovs-vsctl a

14、dd-br br-ex5.2. Quantum-*安装quantum组件：apt-get install -y quantum-server quantum-plugin-openvswitch quantum-plugin-openvswitch-agent dnsmasq quantum-dhcp-agent quantum-l3-agent创建quantum数据库（用户名和密码可修改）：mysql -u root -pCREATE DATABASE quantum;GRANT ALL ON quantum.* TO quantumUser% IDENTIFIED BY quantumPa

15、ss;quit;查看Quantum-*组件状态cd /etc/init.d/; for i in $( ls quantum-* ); do sudo service $i status; done编辑 /etc/quantum/api-paste.inifilter:authtokenpaste.filter_factory = keystoneclient.middleware.auth_token:filter_factoryauth_host = auth_port = 35357auth_protocol = httpadmin_tenant_name = servi

16、ceadmin_user = quantumadmin_password = service_pass编辑OVS插件配置文件/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini #Under the database sectionDATABASEsql_connection = mysql:/quantumUser:quantumPass/quantum#Under the OVS sectionOVStenant_network_type = gretunnel_id_ranges = 1:1000integrati

17、on_bridge = br-inttunnel_bridge = br-tunlocal_ip = enable_tunneling = True编辑 /etc/quantum/metadata_agent.ini# The Quantum user information for accessing the Quantum API.auth_url = :35357/v2.0auth_region = RegionOneadmin_tenant_name = serviceadmin_user = quantumadmin_password =

18、service_pass# IP address used by Nova metadata servernova_metadata_ip = # TCP Port used by Nova metadata servernova_metadata_port = 8775metadata_proxy_shared_secret = helloOpenStack编辑 /etc/quantum/quantum.confkeystone_authtokenauth_host = auth_port = 35357auth_protocol = httpadmin_t

19、enant_name = serviceadmin_user = quantumadmin_password = service_passsigning_dir = /var/lib/quantum/keystone-signing重启 quantum服务cd /etc/init.d/; for i in $( ls quantum-* ); do sudo service $i restart; doneservice dnsmasq restart6. Nova6.1 KVM确保硬件支持虚拟化：apt-get install cpu-checkerkvm-ok安装kvmapt-get in

20、stall -y kvm libvirt-bin pm-utils编辑/etc/libvirt/qemu.conf文件，使得cgroup_device_acl与下面相同：cgroup_device_acl = /dev/null, /dev/full, /dev/zero,/dev/random, /dev/urandom,/dev/ptmx, /dev/kvm, /dev/kqemu,/dev/rtc, /dev/hpet,/dev/net/tun删除默认的网桥（也可以不删除，不会有影响） virsh net-destroy defaultvirsh net-undefine default

21、编辑 /etc/libvirt/libvirtd.conf 文件以便支持动态迁移:listen_tls = 0listen_tcp = 1auth_tcp = none修改/etc/init/libvirt-bin.conf 中的libvirtd_opts变量env libvirtd_opts=-d -l修改/etc/default/libvirt-bin中的libvirtd_opts变量libvirtd_opts=-d -l重启libvirt 服务使得修改生效service libvirt-bin restart6.2 Nova-*安装nova组件：apt-get install -y no

22、va-api nova-cert novnc nova-consoleauth nova-scheduler nova-novncproxy nova-doc nova-conductor nova-compute-kvm查看各组件状态：cd /etc/init.d/; for i in $( ls nova-* ); do service $i status; cd; done建立Nova数据库mysql -u root -pCREATE DATABASE nova;GRANT ALL ON nova.* TO novaUser% IDENTIFIED BY novaPass;quit;修改

23、/etc/nova/api-paste.ini文件：:filter:authtokenpaste.filter_factory = keystoneclient.middleware.auth_token:filter_factoryauth_host = auth_port = 35357auth_protocol = httpadmin_tenant_name = serviceadmin_user = novaadmin_password = service_passsigning_dirname = /tmp/keystone-signing-nova# Workaro

24、und for /nova/+bug/1154809auth_version = v2.0修改 /etc/nova/nova.conf 文件（最好是把原来的文件备份，然后新建和下面一样的文件）:DEFAULTlogdir=/var/log/novastate_path=/var/lib/novalock_path=/run/lock/novaverbose=Trueapi_paste_config=/etc/nova/api-paste.inicompute_scheduler_driver=nova.scheduler.simple.Simp

25、leSchedulerrabbit_host=nova_url=:8774/v1.1/sql_connection=mysql:/novaUser:novaPass/novaroot_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf# Authuse_deprecated_auth=falseauth_strategy=keystone# Imaging serviceglance_api_servers=:9292image_service=nova.image.gl

26、ance.GlanceImageService# Vnc configurationnovnc_enabled=truenovncproxy_base_url=10:6080/vnc_auto.htmlnovncproxy_port=6080vncserver_proxyclient_address=vncserver_listen=# Network settingsnetwork_api_class=work.quantumv2.api.APIquantum_url=:9696qua

27、ntum_auth_strategy=keystonequantum_admin_tenant_name=servicequantum_admin_username=quantumquantum_admin_password=service_passquantum_admin_auth_url=:35357/v2.0libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriverlinuxnet_interface_driver=work.linux_net.LinuxOVSI

28、nterfaceDriverfirewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver#Metadataservice_quantum_metadata_proxy = Truequantum_metadata_proxy_shared_secret = helloOpenStackmetadata_host = metadata_listen = metadata_listen_port = 8775# Compute #compute_driver=libvirt.LibvirtDri

29、ver# Cinder #volume_api_class=nova.volume.cinder.APIosapi_volume_listen_port=5900编辑 /etc/nova/nova-compute.conf:DEFAULTlibvirt_type=kvmlibvirt_ovs_bridge=br-intlibvirt_vif_type=ethernetlibvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriverlibvirt_use_virtio_for_bridges=True同步数据库：nova-

30、manage db sync重启nova-*服务cd /etc/init.d/; for i in $( ls nova-* ); do sudo service $i restart; done检查nova-*各项服务是否工作正常（笑脸为正常）nova-manage service list7. Cinder安装Cinder以及必须的软件包apt-get install -y cinder-api cinder-scheduler cinder-volume iscsitarget open-iscsi iscsitarget-dkms配置iscsi服务：sed -i s/false/tru

31、e/g /etc/default/iscsitarget重启所有服务：service iscsitarget startservice open-iscsi start建立Cinder数据库mysql -u root -pCREATE DATABASE cinder;GRANT ALL ON cinder.* TO cinderUser% IDENTIFIED BY cinderPass;quit;修改/etc/cinder/api-paste.ini：filter:authtokenpaste.filter_factory = keystoneclient.middleware.auth_t

32、oken:filter_factoryservice_protocol = httpservice_host = 10service_port = 5000auth_host = auth_port = 35357auth_protocol = httpadmin_tenant_name = serviceadmin_user = cinderadmin_password = service_pass编辑 /etc/cinder/cinder.conf :DEFAULTrootwrap_config=/etc/cinder/rootwrap.confsql

33、_connection = mysql:/cinderUser:cinderPass/cinderapi_paste_config = /etc/cinder/api-paste.iniiscsi_helper=ietadmvolume_name_template = volume-%svolume_group = cinder-volumesverbose = Trueauth_strategy = keystone#osapi_volume_listen_port=5900同步数据库：cinder-manage db sync创建cinder-volumes:dd if=/

34、dev/zero of=cinder-volumes bs=1 count=0 seek=2Glosetup /dev/loop2 cinder-volumesfdisk /dev/loop2#Type in the followings:np1ENTERENTERt8ew pvcreate /dev/loop2 vgcreate cinder-volumes /dev/loop2为了重启后逻辑组cinder-volumes还在，可以在/etc/rc.local的exit 0之前加入losetup /dev/loop2 cinder-volumes重启cinder服务：cd /etc/init

35、.d/; for i in $( ls cinder-* ); do sudo service $i restart; done查看是否正常：cd /etc/init.d/; for i in $( ls cinder-* ); do sudo service $i status; done8. Horizon安装horizonapt-get install openstack-dashboard memcached如果不喜欢OpenStack ubuntu的主题页面,可以去除改包：dpkg -purge openstack-dashboard-ubuntu-theme重启apache2 和m

36、emcached 服务service apache2 restart; service memcached restart然后就可以从网页上访问10/horizon 如果没有改，则默认的账号和密码是：admin:admin_pass.9. 启动虚拟机为该租户admin创建一个内部网络（查看租户Id，命令为keystone tenant-list）：quantum net-create -tenant-id $put_id_of_admin admin_int创建子网：quantum subnet-create -tenant-id $put_id_of_admin adm

37、in_int /24创建路由：quantum router-create -tenant-id $put_id_of_admin router_admin把路由加入子网quantum router-interface-add $put_router_admin_id_here $put_subnet_id_here创建外部网络：quantumnet-create-tenant-id$put_id_of_service_tenantext_net-router:external=True*Note：$id_of_service_tenant来自租户“service”，可用keys

38、tonetenant-list查看获取；创建外网用子网192.168.1.x：quantumsubnet-create-tenant-id$put_id_of_service_tenant-allocation-poolstart=0X,end=XX-gatewayext_net/24-enable_dhcp=False关联外网和admin的路由：quantumrouter-gateway-set$put_router_tenantA_id_here$put_id_of_ext_net_here10. 将内部外部网卡加入br-ex并清除外部网卡的IPovs-vsctl add-port br-ex eth1ifconfig eth1 0ifconfig br-ex 10 netmask route add defalt gw 上面的设置在重启电脑后配置就会无效，要想重启有效，就写入配置文件/etc/network/interfaces（这样修改后，启动后br-ex和eth1是满足要求了，但是启动的虚拟机又无法ping通，解决办法是：将上述命令写入脚本文件，然后再链接