devbox
小小林熬夜学编程
这个屌丝很懒,什么也没留下!
关注作者
热门标签
热门文章
当前位置:   article > 正文

云计算|OpenStack|社区版OpenStack安装部署文档(二---OpenStack运行环境搭建)_搭建openstack环境

作者:小小林熬夜学编程 | 2024-02-08 19:15:15

搭建openstack环境

前言:

一个良好的运行环境对于任何一个部署工作来说都是必须的,俗话说 万事开头难,其实很多部署工作失败的原因在于初始环境没有正确的配置,因此,按照官网的部署文档并结合自己的实际情况,配置一个合理的OpenStack运行环境是十分有必要的。

OpenStack的运行环境配置文档:Environment — Installation Guide documentation

 可以看到内容是比较多得,其中需要注意的是,SQL数据库也就是MySQL或者mariadb,或者postgresql。以及消息队列服务rabbitmq,消息中间件memcached和etcd都是划归为运行环境的,etcd计划使用集群而不是官方文档内的单实例etcd。

下面的环境配置根据自己的实际情况做得,并没有完全遵照官方文档。

一,

security 安全方面

三个服务器都关闭防火墙和selinux

  1. systemctl disable firewalld && systemctl stop firewalld
  2. vim /etc/selinux/config
  3. 编辑文件,关闭selinux
  4. 修改SELINUX=disabled

当然,OpenStack有一个工具名称为openstack-selinux,但为了部署更顺畅,还是将防火墙和selinux彻底关闭比较好。

二,

设置主机名称和域名解析hosts

###注:主机名在openstack里是非常非常重要的,原因是配置文件里基本都是引用的主机名,如果部署完成后,修改了主机名,结果将是灾难性的。

192.168.123.130 

  1. [root@openstack1 ~]# cat /etc/hostname
  2. openstack1

192.168.123.131

  1. [root@openstack2 ~]# cat /etc/hostname 
  2. openstack2

192.168.123.131

  1. [root@openstack3 ~]# cat /etc/hostname 
  2. openstack3

三个服务器都一样的hosts:

  1. [root@openstack1 ~]# cat /etc/hosts
  2. 127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
  3. ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
  4. 192.168.123.130 openstack1 manager.node
  5. 192.168.123.131 openstack2 work.node1
  6. 192.168.123.132 openstack3 work.node2
  1. [root@openstack1 ~]# scp /etc/hosts openstack1:/etc/
  2. hosts                                                                                                               100%  274   283.5KB/s   00:00    
  3. [root@openstack1 ~]# scp /etc/hosts openstack2:/etc/
  4. hosts                                                                                                               100%  274    65.9KB/s   00:00    
  5. [root@openstack1 ~]# scp /etc/hosts openstack3:/etc/
  6. hosts

三,

服务器之间的免密

以192.168.123.130为例:

ssh-keygen -t rsa

一路回车到底,生成私钥

拷贝私钥,按提示输入yes和对应主机的密码

  1. ssh-copy-id 192.168.123.130
  2. ssh-copy-id 192.168.123.131
  3. ssh-copy-id 192.168.123.132

四,

ntp时间服务器的搭建

####注:时间服务器可以看做是集群的基础设施,集群能不能部署好,能不能保证不出现各种稀奇古怪的问题,就看时间服务器的了

以130服务器作为时间服务器,其它两个节点同步130服务器的时间

192.168.123.130服务器:

yum install ntp -y

编辑配置文件 /etc/ntp.conf,增加这么两行:

  1. server 127.127.1.0
  2. fudge  127.127.1.0 stratum 10

重启服务:

systemctl restart ntpd

192.168.123.131服务器和132服务器:

yum install ntp -y

编辑配置文件 /etc/ntp.conf,增加这一行:

server 192.168.123.130 prefer

 重启服务:

systemctl restart ntpd

在131和132上,查看ntp状态是这样的表示时间服务器搭建完毕(需要等待10来分钟,才会这个状态):

  1. [root@openstack2 ~]# ntpstat 
  2. synchronised to NTP server (192.168.123.130) at stratum 12
  3.    time correct to within 45 ms
  4.    polling server every 64 s

 五,

yum仓库的配置

基础软件仓库1:

  1. cat >/etc/yum.repos.d/centos7.repo <<EOF 
  2. [aliyun]
  3. name=aliyun
  4. baseurl=https://mirrors.aliyun.com/centos-vault/7.4.1708/os/x86_64/
  5. enable=1
  6. gpgcheck=0
  7. [update]
  8. name=aliyun-update
  9. baseurl=https://mirrors.aliyun.com/centos-vault/7.4.1708/updates/x86_64/
  10. enable=1
  11. gpgcheck=0
  12. EOF

基础仓库2: 

wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

EPEL扩展仓库: 

  1. cat >/etc/yum.repos.d/epel.repo <<EOF
  2. [epel]
  3. name=epel
  4. baseurl=https://mirrors.aliyun.com/epel-archive/7.8/x86_64/
  5. enable=1
  6. gpgcheck=0
  7. EOF

 OpenStack仓库:

  1. cat  >/etc/yum.repos.d/openstack.repo <<EOF
  2. [openstack]
  3. name=openstack
  4. baseurl=https://mirrors.aliyun.com/centos-vault/7.6.1810/cloud/x86_64/openstack-rocky/
  5. enable=1
  6. gpgcheck=0
  7. EOF
  1. yum upgrade -y
  2. yum install centos-release-openstack-rocky -y
  3. yum install python-openstackclient -y
  4. yum install openstack-selinux  -y

六,

SQL database 

官方文档:SQL database for RHEL and CentOS — Installation Guide documentation

根据文档,选用mariadb,安装步骤如下:

1,

在192.168.123.130控制节点安装

yum install mariadb mariadb-server python2-PyMySQL -y

2,

启动数据库服务 

systemctl enable mariadb && systemctl start mariadb

3,

新建mariadb的配置文件:

因为是安装在controller节点192.168.123.130,因此,绑定IP为130

  1. cat >/etc/my.cnf.d/openstack.cnf <<EOF
  2. [mysqld]
  3. bind-address = 192.168.123.130
  5. default-storage-engine = innodb
  6. innodb_file_per_table = on
  7. max_connections = 4096
  8. collation-server = utf8_general_ci
  9. character-set-server = utf8
  10. EOF

4,

初始化数据库

  1. mysql_secure_installation
  2.  
  3. 输出如下:
  4.  
  5. NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
  6.       SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!
  7.  
  8. In order to log into MariaDB to secure it, we'll need the current
  9. password for the root user.  If you've just installed MariaDB, and
  10. you haven't set the root password yet, the password will be blank,
  11. so you should just press enter here.
  13. Enter current password for root (enter for none): 
  14. OK, successfully used password, moving on...
  16. Setting the root password ensures that nobody can log into the MariaDB
  17. root user without the proper authorisation.
  19. Set root password? [Y/n] y
  20. New password: 
  21. Re-enter new password: 
  22. Password updated successfully!
  23. Reloading privilege tables..
  24.  ... Success!
  27. By default, a MariaDB installation has an anonymous user, allowing anyone
  28. to log into MariaDB without having to have a user account created for
  29. them.  This is intended only for testing, and to make the installation
  30. go a bit smoother.  You should remove them before moving into a

5,

数据库远程连接配置

登陆数据库,给root用户远程登陆权限

  1. [root@openstack1 ~]# mysql -uroot -p 
  2. Enter password: 
  3. Welcome to the MariaDB monitor.  Commands end with ; or \g.
  4. Your MariaDB connection id is 4
  5. Server version: 10.1.20-MariaDB MariaDB Server
  6.  
  7. Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.
  8.  
  9. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
  10.  
  11. MariaDB [(none)]> use mysql;
  12. Reading table information for completion of table and column names
  13. You can turn off this feature to get a quicker startup with -A
  14.  
  15. Database changed
  16. MariaDB [mysql]> grant all privileges on *.* to 'root'@'%' identified by '123456';
  17. Query OK, 0 rows affected (0.00 sec)
  18.  
  19. MariaDB [mysql]> grant all privileges on *.* to 'root'@'localhost' identified by '123456';
  20. Query OK, 0 rows affected (0.00 sec)
  21.  
  22. MariaDB [mysql]> flush privileges;
  23. Query OK, 0 rows affected (0.00 sec)

6,

使用Navicat测试

 七,

Message queue for RHEL and CentOS

消息队列服务器--rabbitmq

官方文档:

Message queue for RHEL and CentOS — Installation Guide documentation

使用的rabbitmq,依然是安装在130服务器上,安装步骤:

1,Install the package:

yum install rabbitmq-server -y

2,Start the message queue service and configure it to start when the system boots:

启动服务并加入自启动

systemctl enable rabbitmq-server.service && systemctl start rabbitmq-server.service

3,Add the openstack user

增加用户并设置密码,密码为RABBIT_PASS,此密码可以自定义

######注:此命令是非常重要的,因为该服务openstack的几个主要组件都是和其交互的,储存了不少重要信息在这个数据库内的。也算是基础设施类的

rabbitmqctl add_user openstack RABBIT_PASS

4,

用户赋权

  1. rabbitmqctl set_permissions openstack ".*" ".*" ".*"
  2. 输出如下:
  3. [root@openstack1 ~]# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
  4. Setting permissions for user "openstack" in vhost "/"

八,

缓存数据库

官方文档:Memcached for RHEL and CentOS — Installation Guide documentation

缓存数据库的作用是保存用户令牌,此数据库仍然是安装在130服务器上

######注:缓存数据库只是被几个服务调用,但也是比较重要的一个数据库,此数据库后续基本没有任何改动,基础设施类服务。

部署步骤

1,

安装缓存数据库

yum install memcached python-memcached -y

2,

Edit the /etc/sysconfig/memcached file and complete the following actions:

编辑缓存数据库的配置文件;

Change the existing line OPTIONS="-l 127.0.0.1,::1" 修改为OPTIONS="-l 127.0.0.1,::1,openstack1"

这里说明一下,openstack1是130的主机名

3,

设置开启启动并启动缓存服务:

  1. systemctl enable memcached&&systemctl start memcached
  2. systemctl status memcached

最后的输出如下:

  1. [root@openstack1 ~]# systemctl status memcached
  2. ● memcached.service - memcached daemon
  3.    Loaded: loaded (/usr/lib/systemd/system/memcached.service; enabled; vendor preset: disabled)
  4.    Active: active (running) since Mon 2023-01-30 19:13:20 CST; 1s ago
  5.  Main PID: 3345 (memcached)
  6.    CGroup: /system.slice/memcached.service
  7.            └─3345 /usr/bin/memcached -p 11211 -u memcached -m 64 -c 1024 -l 127.0.0.1,::1,openstack1
  8.  
  9. Jan 30 19:13:20 openstack1 systemd[1]: Started memcached daemon.
  10. Jan 30 19:13:20 openstack1 systemd[1]: Starting memcached daemon...

九,

etcd集群的安装

######注:本次部署中并没有使用到etcd,但,后续的一些服务比如计费系统是需要用到此集群的。

集群安装使用ansible自动部署,具体步骤见原来的博客:centos7操作系统 ---ansible剧本离线快速部署etcd集群_centos离线安装etcd_晚风_END的博客-CSDN博客

最终测试结果如下即可:

  1. [root@openstack1 ~]# etcd_search  endpoint status -w table
  2. +------------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+
  3. |           ENDPOINT           |        ID        | VERSION | DB SIZE | IS LEADER | IS LEARNER | RAFT TERM | RAFT INDEX | RAFT APPLIED INDEX | ERRORS |
  4. +------------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------+
  5. | https://192.168.123.130:2379 | 8fef69ba298e9bc3 |   3.4.9 |   20 kB |      true |      false |        55 |          9 |                  9 |        |
  6. | https://192.168.123.131:2379 | 548b7cecabe21cd7 |   3.4.9 |   20 kB |     false |      false |        55 |          9 |                  9 |        |
  7. | https://192.168.123.132:2379 | 28b34b044580be86 |   3.4.9 |   20 kB |     false |      false |        55 |          9 |                  9 |        |
  8. +------------------------------+------------------+---------+---------+-----------+------------+-----------+------------+--------------------+--------

以上就是openstack的基本运行环境了,部署完毕后,可以将三个虚拟机打上快照啦。

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/小小林熬夜学编程/article/detail/70509
推荐阅读
相关标签

Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。

  

闽ICP备14008679号