实验环境

由于安装的是 Victoria 版本,计算节点要使用 Ubuntu 20.04 。

Ubuntu 18.04 控制节点

  • 2 处理器
  • 4 GB 内存
  • 100 GB 硬盘

Ubuntu 20.04 计算节点

  • 2 处理器
  • 4 GB 内存
  • 100 GB 硬盘

各使用两块网卡

  • NAT Network 虚拟机组网
  • Host-Only 宿主机 ssh 连接

修改主机名称,控制节点 controller、计算节点 compute

1
sudo hostnamectl set-hostname controller

配置静态 ip

1
2
sudo vim /etc/netplan/00-installer-config.yaml
sudo netplan apply

配置如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
# This is the network config written by 'subiquity'
network:
  ethernets:
    enp0s3:
      dhcp4: false
      addresses: [10.0.2.28/24]
      gateway4: 10.0.2.1
      nameservers:
        addresses: [8.8.8.8]
    enp0s8:
      dhcp4: false
      addresses: [192.168.56.115/24]
      routes:
      - to: 192.168.56.1/24
        via: 192.168.56.1
        metric: 100
  version: 2

修改 hosts 文件

1
2
3
4
sudo vim /etc/hosts

# 10.0.2.28 controller
# 10.0.2.29 compute

每个主机的用户都是 jck ,最后的网络配置如下:

1
2
3
4
5
6
7
# 控制节点
10.0.2.28
192.168.56.115

# 计算节点
10.0.2.29
192.168.56.116

控制节点

Keystone

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
# 下载源码
git clone https://github.com/openstack/keystone.git -b stable/victoria --single-branch
cd keystone

# 安装依赖
pip install bindep
sudo apt install $(bindep -b) -y
pip install -r requirements.txt
pip install -r test-requirements.txt
#pip install -e .
pip install tox

# 生成配置文件
git init
tox -e genconfig

# 数据库,密码设置为 mysql_db
sudo mysql_secure_installation
sudo mysql -u root -p
#CREATE DATABASE keystone;
#GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'KEYSTONE_DBPASS';
#GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'KEYSTONE_DBPASS';

# 配置文件
sudo mkdir /etc/keystone
sudo cp etc/keystone.conf.sample /etc/keystone/keystone.conf
sudo vim /etc/keystone/keystone.conf
#[database]
#connection = mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone

# 安装
sudo python setup.py install
keystone-manage db_sync
#.tox/genconfig/bin/pip3 install opentracing
#.tox/genconfig/bin/keystone-manage db_sync

# 令牌
sudo mkdir -p /etc/keystone/fernet-keys
# sudo rm -rf /etc/keystone/fernet-keys/
sudo keystone-manage fernet_setup --keystone-user jck --keystone-group jck
sudo keystone-manage credential_setup --keystone-user jck --keystone-group jck

# 初始化
keystone-manage bootstrap --bootstrap-password ADMIN_PASS \
  --bootstrap-admin-url http://controller:5000/v3/ \
  --bootstrap-internal-url http://controller:5000/v3/ \
  --bootstrap-public-url http://controller:5000/v3/ \
  --bootstrap-region-id RegionOne
  
# apache
sudo apt install apache2 libapache2-mod-wsgi-py3 -y
sudo cp httpd/wsgi-keystone.conf /etc/apache2/conf-available/wsgi-keystone.conf
sudo vim /etc/apache2/conf-available/wsgi-keystone.conf
# 修改 user 和 group 为 jck
sudo ln -s /etc/apache2/conf-available/wsgi-keystone.conf /etc/apache2/conf-enabled/wsgi-keystone.conf
sudo service apache2 restart

验证

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
# 安装客户端
pip install python-openstackclient

# 创建脚本
cat <<EOF>> admin-openrc
export OS_USERNAME=admin
export OS_PASSWORD=ADMIN_PASS
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
EOF

# 加载环境变量
. admin-openrc

# 测试
openstack user list

Glance

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
# 密码 mysql_db
sudo mysql -u root -p
#CREATE DATABASE glance;
#GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'GLANCE_DBPASS';
#GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'GLANCE_DBPASS';

# 加载环境变量
. admin-openrc

# 创建项目
openstack project create --domain default --description "Service Project" service

# 创建用户,设置密码为 glance
openstack user create --domain default --password-prompt glance

# 将用户添加到 admin 角色
openstack role add --project service --user glance admin

# 创建服务实体
openstack service create --name glance --description "OpenStack Image" image

# 创建服务 API 端点(endpoint)
openstack endpoint create --region RegionOne image public http://controller:9292
openstack endpoint create --region RegionOne image internal http://controller:9292
openstack endpoint create --region RegionOne image admin http://controller:9292

# 下载源码
git clone https://github.com/openstack/glance.git --branch stable/victoria --single-branch
cd glance

# 安装依赖
sudo apt install $(bindep -b) -y
pip install -r requirements.txt
pip install -r test-requirements.txt
# git init
.tox/genconfig/bin/pip3 install opentracing
tox -e genconfig

sudo python setup.py install

# 配置文件
sudo mkdir /etc/glance
sudo cp etc/glance-api.conf /etc/glance/glance-api.conf
sudo cp etc/glance-api-paste.ini /etc/glance/glance-api-paste.ini

# 编辑配置文件
sudo vim /etc/glance/glance-api.conf

配置如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
[database]
connection = mysql+pymysql://glance:GLANCE_DBPASS@controller/glance

[keystone_authtoken]
www_authenticate_uri  = http://controller:5000/v3
auth_url = http://controller:5000/v3
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = glance
#memcached_servers = controller:11211

[paste_deploy]
flavor = keystone

[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/

启用服务

1
2
3
4
5
# 填充数据库
.tox/genconfig/bin/glance-manage db_sync

# 启用服务(后台)
sudo glance-api --config-file=/etc/glance/glance-api.conf --config-file=/etc/glance/glance-api-paste.ini --debug

测试

1
2
3
4
5
6
7
8
9
10
11
# 下载源镜像
wget http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img

# 上传镜像到镜像服务,公开可见(所有项目都可以访问)
openstack image create "cirros" \
  --file cirros-0.4.0-x86_64-disk.img \
  --disk-format qcow2 --container-format bare \
  --public
  
# 列出镜像
openstack image list

Placement

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
# 密码 mysql_db
sudo mysql -u root -p
#CREATE DATABASE placement;
#GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' IDENTIFIED BY 'PLACEMENT_DBPASS';
#GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' IDENTIFIED BY 'PLACEMENT_DBPASS';

# 加载环境变量
. admin-openrc

# 创建用户,设置密码为 placement
openstack user create --domain default --password-prompt placement

# 将用户添加到 admin 角色
openstack role add --project service --user placement admin

# 创建服务实体
openstack service create --name placement --description "Placement API" placement

# 创建服务 API 端点(endpoint)
openstack endpoint create --region RegionOne placement public http://controller:8778
openstack endpoint create --region RegionOne placement internal http://controller:8778
openstack endpoint create --region RegionOne placement admin http://controller:8778

# 下载源码
git clone https://github.com/openstack/placement.git --branch stable/victoria --single-branch
cd placement

# 安装依赖
sudo apt install $(bindep -b) -y
pip install -r requirements.txt
pip install -r test-requirements.txt
# git init
# .tox/shared/bin/pip3 install -r requirements.txt
tox -e genconfig

sudo python setup.py install

配置文件 /etc/placement/placement.conf

1
2
3
4
5
6
7
8
# 创建文件夹
sudo mkdir /etc/placement

# 拷贝配置文件
sudo cp etc/placement/placement.conf.sample /etc/placement/placement.conf

# 修改
sudo vim /etc/placement/placement.conf

配置如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
[placement_database]
connection = mysql+pymysql://placement:PLACEMENT_DBPASS@controller/placement

[api]
auth_strategy = keystone

[keystone_authtoken]
auth_url = http://controller:5000/v3
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = placement
password = placement
#memcached_servers = 127.0.0.1:11211

启用服务

1
2
3
4
5
6
# 填充数据库
.tox/shared/bin/placement-manage db sync

# 启用服务
sudo service apache2 restart
sudo placement-api --port 8778

验证

1
2
. admin-openrc
placement-status upgrade check

Nova

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
# 安装 RabbitMQ
sudo apt install rabbitmq-server -y

# 添加 openstack 用户
sudo rabbitmqctl add_user openstack RABBIT_PASS

# 权限设置
sudo rabbitmqctl set_permissions openstack ".*" ".*" ".*"

# 数据库配置,密码 mysql_db
sudo mysql -u root -p
#CREATE DATABASE nova_api;
#CREATE DATABASE nova;
#CREATE DATABASE nova_cell0;
#GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';
#GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';
#GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';
#GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';
#GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';
#GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';

# 加载环境变量
. admin-openrc

# 创建用户,设置密码为 nova
openstack user create --domain default --password-prompt nova

# 将用户添加到 admin 角色
openstack role add --project service --user nova admin

# 创建服务实体
openstack service create --name nova --description "OpenStack Compute" compute

# 创建服务 API 端点(endpoint)
openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1
openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1
openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1

# 下载源码
git clone https://github.com/openstack/nova.git --branch stable/victoria --single-branch
cd nova

# 安装依赖
sudo apt install $(bindep -b) -y
pip install -r requirements.txt
pip install -r test-requirements.txt
# git init
tox -e genconfig

sudo python setup.py install

# 配置文件
sudo mkdir /etc/nova

# 拷贝配置文件
sudo cp etc/nova/nova.conf.sample /etc/nova/nova.conf
sudo cp etc/nova/api-paste.ini /etc/nova/api-paste.ini

# 修改
sudo vim /etc/nova/nova.conf

配置如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
[api_database]
connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api

[database]
connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova

[DEFAULT]
transport_url = rabbit://openstack:RABBIT_PASS@controller:5672/
my_ip = 10.0.2.28

[api]
auth_strategy = keystone

[keystone_authtoken]
www_authenticate_uri = http://controller:5000/
auth_url = http://controller:5000/
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = nova
#memcached_servers = 127.0.0.1:11211

[vnc]
enabled = true
server_listen = $my_ip
server_proxyclient_address = $my_ip
novncproxy_base_url = http://controller:6080/vnc_auto.html

[glance]
api_servers = http://controller:9292

[oslo_concurrency]
lock_path = /var/lib/nova/tmp

[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = placement

启用服务

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
# novnc
sudo git clone https://github.com/novnc/noVNC.git /usr/share/novnc/

# 填充数据库
#.tox/shared/bin/pip3 install opentracing
.tox/shared/bin/nova-manage --config-file /etc/nova/nova.conf api_db sync
.tox/shared/bin/nova-manage --config-file /etc/nova/nova.conf cell_v2 map_cell0
.tox/shared/bin/nova-manage --config-file /etc/nova/nova.conf cell_v2 create_cell --name=cell1 --verbose
.tox/shared/bin/nova-manage --config-file /etc/nova/nova.conf db sync
.tox/shared/bin/nova-manage --config-file /etc/nova/nova.conf cell_v2 list_cells

# 启动服务 nova-api、nova-scheduler、nova-conductor
sudo nova-api --config-file=/etc/nova/nova.conf --config-file=/etc/nova/api-paste.ini --debug
sudo nova-scheduler --config-file=/etc/nova/nova.conf --debug
sudo nova-conductor --config-file=/etc/nova/nova.conf --debug
# sudo nova-novncproxy --config-file=/etc/nova/nova.conf --debug

验证

1
2
3
4
5
6
7
. admin-openrc

# 列出计算服务
openstack compute service list

# API 状态
nova-status upgrade check

计算节点

PS:这里连 mysql 都装了,其实没必要。

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
# 下载源码
git clone https://github.com/openstack/nova.git --branch stable/victoria --single-branch
cd nova

# 安装依赖
pip install bindep
sudo apt install $(bindep -b) -y

pip install -r requirements.txt
# sudo apt-get install libpq-dev
pip install -r test-requirements.txt
# pip install -e .
pip install tox
# git init
tox -e genconfig

sudo python setup.py install

编辑配置文件 /etc/nova/nova.conf

1
2
3
4
5
6
7
8
9
# 创建文件夹
sudo mkdir /etc/nova
#sudo mkdir /var/lib/nova/tmp

# 拷贝配置文件
sudo cp etc/nova/nova.conf.sample /etc/nova/nova.conf

# 修改
sudo vim /etc/nova/nova.conf

配置如下:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
[DEFAULT]
transport_url = rabbit://openstack:RABBIT_PASS@controller
my_ip = 10.0.2.29
compute_driver=libvirt.LibvirtDriver
#firewall_driver = nova.virt.firewall.NoopFirewallDriver

[api]
auth_strategy = keystone

[keystone_authtoken]
www_authenticate_uri = http://controller:5000/
auth_url = http://controller:5000/
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = nova
#memcached_servers = controller:11211

[vnc]
enabled = true
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://controller:6080/vnc_auto.html

[glance]
api_servers = http://controller:9292

[oslo_concurrency]
lock_path = /var/lib/nova/tmp

[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = placement

[libvirt]
virt_type = qemu

计算主机本身不支持虚拟化,按照官方教程应该配置 virt_type=qemu ,但提示需要配置 compute_driver 查阅 nova 文档(p322)找到支持的虚拟化驱动

  • libvirt.LibvirtDriver
  • ironic.IronicDriver
  • vmwareapi.VMwareVCDriver
  • hyperv.HyperVDriver
  • powervm.PowerVMDriver
  • zvm.ZVMDriver
  • fake.FakeDriver
1
2
3
4
5
6
7
8
9
10
# 安装 libvirt
sudo apt update
sudo apt install qemu-kvm libvirt-daemon-system -y

# 查询版本
virsh
version

# 启用服务
sudo nova-compute --config-file=/etc/nova/nova.conf --debug

控制节点

添加到 cell

1
2
3
4
5
6
7
8
9
# 身份认证
. admin-openrc

# 确认计算节点
openstack compute service list --service nova-compute

# 发现计算节点
#su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
~/nova/.tox/shared/bin/nova-manage --config-file /etc/nova/nova.conf cell_v2 discover_hosts --verbose

验证

1
2
3
4
5
6
7
8
# 列出计算服务
openstack compute service list

# 列出镜像服务中的镜像,验证和镜像服务的连接
openstack image list

# 检查 cells 和 placement API 是否成功运行
nova-status upgrade check

参阅