openstack的安装(二) 安装nova服务同时建立计算节点
nova的安装准备网络
1.启用网络接口的promisc功能
ip link set eth0 promisc on
确认开启primisc功能
ip link show eth0
2.创建桥接接口br100
yum -y install bridge-utils
yum -y install libvirt
service libvirtd restart
chkconfig libvirtd on
virsh iface-bridge eth0 br100
创建桥接设备 方法二
禁用NetworkManager
创建桥接设备
创建一个名为br100的桥接设置,并将其桥接在eth0网卡上,两步即可完成:首先创建一个桥接类型的设备,为其制定地址的获取方式、ip地址等属性,类似于管理一个正常的网络接口,只是类型为brige,其次,为eth0接口指定其桥接至刚刚定义的桥接设备即可,eth0此接口不再需要配置ip地址等属性
vim /etc/sysconfig/network-scripts/ifcfg-br100
DEVICE=br100
BOOTPROTO=none
DNS1=192.168.253.1
GATEWAY=192.168.253.1
IPADDR=192.168.253.139
NETMASK=255.255.255.0
NM_CONTROLLED=no
ONBOOT=yes
TYPE=Brige
USERCTL=no
DELAY=0
vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0"
BOOTPROTO="none"
NM_CONTROLLED="no"
ONBOOT="yes"
TYPE=Ethernet
HWADDR=00:0C:29:83:A4:B5
IPV6INIT=no
USERCTL=no
BRIDGE=br100
重启启动网络服务
brctl show
bridge name bridge id STP enabled interfaces
br100 8000.000c2983a4b5 yes eth0
virbr0 8000.5254003986f3 yes virbr0-nic
启动messagebus服务
service messagebus start
chkconfig messagebus on
安装nova
yum -y install openstack-utils memcached qpid-cpp-server
yum -y install openstack-nova
初始化nova数据库,同时建立用户、密码
openstack-db --init --service nova --password nova
为nova创建数据库的相关的用户
grant all privileges on nova.* to nova@localhost identified by 'nova';
grant all privileges on nova.* to nova@'%' identified by 'nova';
flush privileges;
配置nova连接数据库
vim /etc/nova/nova.conf
# AUTHENTICATION
auth_strategy=keystone
# LOGS/STATE
verbose=True
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/var/lock/nova
rootwrap_config=/etc/nova/rootwrap.conf
# SCHEDULER
compute_scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler
# VOLUMES
volume_driver=nova.volume.driver.ISCSIDriver
volume_group=nova-volume
volume_name_template=volume-%08x
iscsi_helper=tgtadm
# DATABASE
sql_connection=mysql://nova:nova@192.168.0.100/nova
# COMPUTE
libvirt_type=qemu
compute_driver=libvirt.LibvirtDriver
instance_name_template=instance-%08x
api_paste_config=/etc/nova/api-paste.ini
# set the instances path
# instances_path=/nova/instances
# New add
libvirt_nonblocking = True
libvirt_inject_partition = -1
# COMPUTE/APIS: if you have separate configs for separate services
# this flag is required for both nova-api and nova-compute
allow_resize_to_same_host=True
# APIS
osapi_compute_extension=nova.api.openstack.compute.contrib.standard_extensions
ec2_dmz_host=192.168.0.100
s3_host=192.168.0.100
# Qpid
rpc_backend = nova.openstack.common.rpc.impl_qpid
qpid_hostname = 192.168.0.100
# GLANCE
image_service=nova.image.glance.GlanceImageService
glance_api_servers=192.168.0.100:9292
# NETWORK
network_manager=nova.network.manager.FlatDHCPManager
force_dhcp_release=True
dhcpbridge_flagfile=/etc/nova/nova.conf
# New Add
dhcpbridge = /usr/bin/nova-dhcpbridge
firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver
# Change my_ip to match each Compute host
my_ip=192.168.0.100
public_interface=eth0
vlan_interface=eth0
flat_network_bridge=br100
flat_interface=eth0
fixed_range=192.168.0.0/24
# NOVNC CONSOLE
novncproxy_base_url=http://192.168.0.100:6080/vnc_auto.html
# Change vncserver_proxyclient_address and vncserver_listen to match each compute host
vncserver_proxyclient_address=192.168.0.100
vncserver_listen=192.168.0.100
auth_host = 192.168.0.100
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = nova
admin_password = nova
signing_dirname = /tmp/keystone-signing-nova
安装libguestfs-tools
yum -y instrall libguestfs-tools
设置livirt类型为qemu
openstack-config --set /etc/nova/nova.conf DEFAULT libvirt_type qemu
为qemu-kvm创建所需要的连接
ln -sv /usr/libexec/qemu-kvm /usr/bin/qemu
重启libvirtd服务
service libvirtd restart
导入或迁移nova数据库
nova-manage db sync
安装配置qpid队列服务
vim /etc/qpidd.conf
auth=no
service qpidd restart
chkconfig qpidd on
启动nova服务
首先创建nova所文件目录
mkdir /var/lock/nova
chown -R nova.nova /var/lo
ck/nova/
启动nova相关服务,并设置开机自启
compute、api、network、scheduler、console、cert
for svc in api compute network scheduler cert console;do service openstack-nova-$svc restart;chkconfig openstack-nova-$svc on; done
查看服务运行状态
nova-manage service list
查看日志
grep -i error /var/log/nova/*
创建nova网络
nova-manage network create--label=private --multi_host=T --fixed_range_v4=192.168.0.0/24 --bridge_interface=eth0 --bridge=br100 --num_networks=1 --network_size=256
nova-manage network list
在keystone中注册novacompute API(要以keystone的管理员admin身份运行,所以执行环境变量)
keystone service-create --name=nova --type=compute --description="Nova Compute Service"
+-------------+----------------------------------+
| Property| Value |
+-------------+----------------------------------+
| description | Nova Compute Service |
| id | 875164c08b7c43b0b0d3116007655942 |
| name | nova |
| type | compute |
+-------------+----------------------------------+
创建端点
keystone endpoint-create --service-id 875164c08b7c43b0b0d3116007655942 --publicurl "http://192.168.0.100:8774/v1.1/\$(tenant_id)s" --adminurl "http://192.168.0.100:8774/v1.1/\$(tenant_id)s" --internalurl "http://192.168.0.100:8774/v1.1/\$(tenant_id)s"
+-------------+----------------------------------------------+
| Property| Value |
+-------------+----------------------------------------------+
| adminurl| http://192.168.0.100:8774/v1.1/$(tenant_id)s |
| id | cbac1b85c41349c8ac49a819e43385a7 |
| internalurl | http://192.168.0.100:8774/v1.1/$(tenant_id)s |
|publicurl| http://192.168.0.100:8774/v1.1/$(tenant_id)s |
| region | regionOne |
|service_id | 875164c08b7c43b0b0d3116007655942 |
+-------------+----------------------------------------------+
运行vm实例
安全组default
nova secgroup-list 查看安全组
nova secgroup-list
+---------+-------------+
| Name | Description |
+---------+-------------+
| default | default |
+---------+-------------+
nova secgroup-add-rule 可用于安全组定义访问规则,下面命令就实现了允许所有ip地址通过tcp协议的22端口访问关联的vm实例
nova secgroup-add-rule default tcp 22 22 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range| Source Group |
+-------------+-----------+---------+-----------+--------------+
| tcp | 22 | 22 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
允许所有主机发起ping请求,开放icmp协议
nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range| Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp | -1 | -1 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
ssh公钥注入
nova-keypair-add命令生成一对密钥,并将其公钥保存在compute服务
ssh-keygen -t rsa -P ''
nova keypair-add--pub-key /root/.ssh/id_rsa.pub testkey
显示添加的密钥信息
nova keypair-list
+---------+-------------------------------------------------+
| Name | Fingerprint |
+---------+-------------------------------------------------+
| testkey | 7a:34:18:49:1d:60:30:29:18:66:69:d2:c4:c6:c0:2b |
+---------+-------------------------------------------------+
查看本地的密钥文件
ssh-keygen -l -f /root/.ssh/id_rsa.pub
确保每个节点都正常运行
查看虚拟机实例
nova flavor-list
创建一个虚拟机实例
nova flavor-create --swap 256 flavor.cirros 6 128 2 2
查看image映像文件
nova image-list
+--------------------------------------+---------------------+--------+--------+
| ID | Name | Status | Server |
+--------------------------------------+---------------------+--------+--------+
| b8964ced-5702-4be1-9644-32b14d9ebc25 | cirros-0.3.0-i386 | ACTIVE | |
| edc31b1b-d3bf-4c76-885c-1f56a9eee3bc | cirros-0.3.0-x86_64 | ACTIVE | |
+--------------------------------------+---------------------+--------+--------+
加载映像文件,启动一个实例
nova boot --flavor 1 --image edc31b1b-d3bf-4c76-885c-1f56a9eee3bc --key_name testkey --security_group default cirros1
查看所启动的虚拟机的状态
+--------------------------------------+---------+--------+---------------------+
| ID | Name | Status | Networks |
+--------------------------------------+---------+--------+---------------------+
| 1a09d053-ea12-4b16-ace0-e1ec8d842360 | cirros1 | ACTIVE | private=192.168.0.2 |
+--------------------------------------+---------+--------+---------------------+
登录测试
nova console-log cirros1
wget: server returned error: HTTP/1.1 404 Not Found
cloud-userdata: failed to read user data url: http://169.254.169.254/2009-04-04/user-data
WARN: /etc/rc3.d/S99-cloud-userdata failed
____ ________
/ __/ __ ____ ____ / __ \/ __/
/ /__ / // __// __// /_/ /\ \
\___//_//_//_/ \____/___/
http://launchpad.net/cirros
login as 'cirros' user. default password: 'cubswin:)'. use 'sudo' for root.
cirros login:
会闪退,使用以下方式登录
ssh -l cirros 192.168.0.2
注意事项
brctl not found
解决办法:yum install bridge-utils
页:
[1]