Openstack Train版搭建

  • Post author:
  • Post category:其他


一、环境准备

1.1、服务器准备

主机名 系统 网卡
ct(控制节点) centos7 虚拟:172.16.100.254 nat:192.168.100.254
c2 (计算节点1) centos7 虚拟:172.16.100.252 nat:192.168.100.252



虚拟机必须开启cpu虚拟化

1.2、关闭防火墙与selinux(两台主机都要进行操作)


目录


一、环境准备


1.1、服务器准备


1.2、关闭防火墙与selinux(两台主机都要进行操作)


1.3、修改主机名


1.4、配置本地yum源使其用来安装基本操作命令(两台主机进行同样的操作)


1.5、安装wget命令,用以配置阿里源(两三台主机进行同样操作)


1.6、安装所需的软件,保证是最新版的(两台主机进行同样的操作)


1.7、配置主机映射(两台服务器进行同样的操作)


1.8、节点免交互(所有节点都要进行操作)


1.9、配置DNS时间同步


二、安装openstack Train版(两台机器都要进行安装,保证是最新版)


三、控制节点及部分计算节点的配置


2.1、安装、配置MariaDB数据库


2.2、安装远程内存访问服务


2.3、添加Mysql子配置文件


2.4、设置数据库密码123456 用户默认为root


2.5、安装消息队列rabbitmq


2.6、安装配置Etcd


2.7、安装Openstack服务


 systemctl stop firewalld        #关闭防火墙
 systemctl disable firewalld     #永久关闭防火墙
   
 setenforce 0                    #关闭selinux
 vi /etc/selinux/config
 # This file controls the state of SELinux on the system.
 # SELINUX= can take one of these three values:
 #     enforcing - SELinux security policy is enforced.
 #     permissive - SELinux prints warnings instead of enforcing.
 #     disabled - No SELinux policy is loaded.
 SELINUX=disabled    #改为disabled,开机自动关闭selinux
 # SELINUXTYPE= can take one of three values:
 #     targeted - Targeted processes are protected,
 #     minimum - Modification of targeted policy. Only selected processes are protected.
 #     mls - Multi Level Security protection.
 SELINUXTYPE=targeted

1.3、修改主机名

控制节点

hostnamectl set-hostname ct
su

计算节点1

hostnamectl set-hostname c2
su

1.4、配置本地yum源使其用来安装基本操作命令(两台主机进行同样的操作)

[root@c2 /]rm -rf /etc/yum.repos.d/*              #先删除本地的网络源
[root@c2 /]
[root@c2 /]vi /etc/yum.repos.d/centos.repo				#编写新的本地源
	[centos]
	name=centos
	baseurl=file:///mnt
	gpgcheck=0
	enabled=1
:wq

[root@c2 /]lsblk																#查看磁盘镜像文件
NAME   MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
sda      8:0    0   20G  0 disk 
├─sda1   8:1    0  300M  0 part /boot
├─sda2   8:2    0    2G  0 part [SWAP]
└─sda3   8:3    0 17.7G  0 part /
sr0     11:0    1 1024M  0 rom  

// 镜像文件不存在,手动添加。
选择    虚拟机——>设置——>CD/DVD(IDE)——>设备状态全勾选——>连接(选择使用IOS镜像文件——>浏览找到存放在物理机上的镜像)——>确定

[root@c2 /]lsblk
NAME   MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
sda      8:0    0   20G  0 disk 
├─sda1   8:1    0  300M  0 part /boot
├─sda2   8:2    0    2G  0 part [SWAP]
└─sda3   8:3    0 17.7G  0 part /
sr0     11:0    1  4.3G  0 rom  

[root@c2 /]mount /dev/sr0 /mnt/
mount: /dev/sr0 写保护,将以只读方式挂载

[root@c2 /]df -hT
文件系统       类型      容量  已用  可用 已用% 挂载点
/dev/sda3      xfs        18G  1.2G   17G    7% /
devtmpfs       devtmpfs  1.9G     0  1.9G    0% /dev
tmpfs          tmpfs     1.9G     0  1.9G    0% /dev/shm
tmpfs          tmpfs     1.9G   12M  1.9G    1% /run
tmpfs          tmpfs     1.9G     0  1.9G    0% /sys/fs/cgroup
/dev/sda1      xfs       297M  120M  177M   41% /boot
tmpfs          tmpfs     378M     0  378M    0% /run/user/0
/dev/sr0       iso9660   4.3G  4.3G     0  100% /mnt         //挂载成功
[root@c2 /]

[root@c2 /]yum clean all      // 清空yum源缓存
已加载插件:fastestmirror
正在清理软件源: centos
[root@c2 /]
[root@c2 /]yum repolist     

//  生成新的缓存
已加载插件:fastestmirror
Determining fastest mirrors
centos                                                                | 3.6 kB  00:00:00     
(1/2): centos/group_gz                                                | 166 kB  00:00:00     
(2/2): centos/primary_db                                              | 3.1 MB  00:00:00     
源标识                                      源名称                                      状态
centos                                      centos                                      4,021
repolist: 4,021   // 出现数字代表生成缓存成功
[root@c2 /]

1.5、安装wget命令,用以配置阿里源(两三台主机进行同样操作)

[root@c2 /]yum install -y wget
…………………………
…………………………
  正在安装    : wget-1.14-18.el7.x86_64                                                  1/1 
  验证中      : wget-1.14-18.el7.x86_64                                                  1/1 

已安装:
  wget.x86_64 0:1.14-18.el7
  
[root@c2 /] cd /etc/yum.repos.d/
[root@c2 yum.repos.d]wget  http://mirrors.aliyun.com/repo/Centos-7.repo

1.6、安装所需的软件,保证是最新版的(两台主机进行同样的操作)

[root@c2 /]yum -y install net-tools bash-completion vim gcc gcc-c++ make pcre  pcre-devel expat-devel cmake  bzip2 lrzsz --nogpgcheck
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.aliyun.com
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
软件包 net-tools-2.0-0.25.20131004git.el7.x86_64 已安装并且是最新版本
软件包 1:bash-completion-2.1-8.el7.noarch 已安装并且是最新版本
软件包 2:vim-enhanced-7.4.629-8.el7_9.x86_64 已安装并且是最新版本
软件包 gcc-4.8.5-44.el7.x86_64 已安装并且是最新版本
软件包 gcc-c++-4.8.5-44.el7.x86_64 已安装并且是最新版本
软件包 1:make-3.82-24.el7.x86_64 已安装并且是最新版本
软件包 pcre-8.32-17.el7.x86_64 已安装并且是最新版本
软件包 pcre-devel-8.32-17.el7.x86_64 已安装并且是最新版本
软件包 expat-devel-2.1.0-14.el7_9.x86_64 已安装并且是最新版本
软件包 cmake-2.8.12.2-2.el7.x86_64 已安装并且是最新版本
软件包 bzip2-1.0.6-13.el7.x86_64 已安装并且是最新版本
软件包 lrzsz-0.12.20-36.el7.x86_64 已安装并且是最新版本
无须任何处理

[root@c2 /]yum -y install centos-release-openstack-train python-openstackclient openstack-selinux openstack-utils --nogpgcheck
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.aliyun.com
 * centos-ceph-nautilus: mirrors.tuna.tsinghua.edu.cn
 * centos-nfs-ganesha28: mirrors.aliyun.com
 * centos-openstack-train: mirrors.aliyun.com
 * centos-qemu-ev: mirrors.tuna.tsinghua.edu.cn
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
软件包 centos-release-openstack-train-1-1.el7.centos.noarch 已安装并且是最新版本
软件包 python2-openstackclient-4.0.2-1.el7.noarch 已安装并且是最新版本
软件包 openstack-selinux-0.8.26-1.el7.noarch 已安装并且是最新版本
软件包 openstack-utils-2017.1-1.el7.noarch 已安装并且是最新版本
无须任何处理
[root@c2 /]

软件解释

net-tools:ifconfig命令行工具 bash-completion:辅助自动补全工具 vim:vim工具 gcc gcc-c++:编译环境 make:编译器 pcre pcre-devel:是一个Perl库,包括 perl 兼容的正则表达式库 expat-devel:Expat库,Expat是一个面向流的xml解析器 cmake:CMake是一个跨平台的编译工具,CMkae目前主要使用场景是作为make的上层工具,产生可移植的 makefile文件 lrzsz:可使用rz、sz命令上传、下载数据

OpenStack 的 train 版本仓库源安装包,同时安装 OpenStack 客户端和 openstack-selinux 安装包

1.7、配置主机映射(两台服务器进行同样的操作)

[root@c2 /]echo "172.16.100.252 c2" >> /etc/hosts
[root@c2 /]echo "172.16.100.254 ct" >> /etc/hosts
[root@c2 /]cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.100.252 ct
172.16.100.254 c2
[root@c2 /]

1.8、节点免交互(所有节点都要进行操作)

[root@c2 /]ssh-keygen -t rsa               // 创建非对称密钥
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 		// 回车:默认密钥存放位置
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):    // 回车:无需密钥对密码
Enter same passphrase again:    // 回车确认
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:fO0ZiFxs4V0QVchxQmXCUB6fQFKhuJSs1H0mmHudFm8 root@c2
The key's randomart image is:
+---[RSA 2048]----+
|          ..*#@==|
|        oo*ooo=B.|
|       . O=+.+...|
|      .oo+oo= +  |
|       .Soo.o+ E |
|         ....o.  |
|            o    |
|                 |
|                 |
+----[SHA256]-----+
[root@c2 /]
[root@c2 /]ssh-copy-id ct      //上传公钥到ct控制节点
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'ct (172.16.100.252)' can't be established.
ECDSA key fingerprint is SHA256:ghI++HlCm85UJ8SlEZgTONJlpZTiWWfzekzsP7Uk13I.
ECDSA key fingerprint is MD5:42:c0:7f:24:9a:e3:0c:39:ce:11:30:e7:75:bd:c3:99.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@ct's password:   // 密码

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'ct'"
and check to make sure that only the key(s) you wanted were added.

[root@c2 /]


报错1、

[root@c2 .ssh]ssh-copy-id ct
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed

/usr/bin/ssh-copy-id: ERROR: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
ERROR: @       WARNING: POSSIBLE DNS SPOOFING DETECTED!          @
ERROR: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
ERROR: The ECDSA host key for ct has changed,
ERROR: and the key for the corresponding IP address 172.16.100.254
ERROR: is unknown. This could either mean that
ERROR: DNS SPOOFING is happening or the IP address for the host
ERROR: and its host key have changed at the same time.
ERROR: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
ERROR: @    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
ERROR: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
ERROR: IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
ERROR: Someone could be eavesdropping on you right now (man-in-the-middle attack)!
ERROR: It is also possible that a host key has just been changed.
ERROR: The fingerprint for the ECDSA key sent by the remote host is
ERROR: SHA256:i9DVGnRV1H8RZIHtt3d42oyJX2WY4G1fpocsqlZ+4CA.
ERROR: Please contact your system administrator.
ERROR: Add correct host key in /root/.ssh/known_hosts to get rid of this message.
ERROR: Offending ECDSA key in /root/.ssh/known_hosts:1
ERROR: ECDSA host key for ct has changed and you have requested strict checking.
ERROR: Host key verification failed.

输入以下指令:

[root@c2 .ssh]ssh-keygen -R 172.16.100.254
# Host 172.16.100.254 found: line 3
/root/.ssh/known_hosts updated.
Original contents retained as /root/.ssh/known_hosts.old
[root@c2 .ssh]ssh-copy-id ct
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'ct (172.16.100.254)' can't be established.
ECDSA key fingerprint is SHA256:i9DVGnRV1H8RZIHtt3d42oyJX2WY4G1fpocsqlZ+4CA.
ECDSA key fingerprint is MD5:aa:cc:3e:46:5c:83:3c:03:d6:1a:d0:14:00:2d:72:44.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@ct's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'ct'"
and check to make sure that only the key(s) you wanted were added.
[root@c2 .ssh]ssh ct
Last login: Thu Jun  2 03:27:20 2022 from 192.168.100.1
-bash-4



版权声明:本文为ylqzlc原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。