OpenStack单节点all-in-one部署
- 工具准备
- 环境搭建
- 创建centos7虚拟机
- ssh连接
- 安装前的设置
- 禁用防火墙
- 禁用 NetworkManager服务
- 启用 network 服务
- 修改主机名以及映射
- 时间同步
- 安装openstcak
- 项目配置
- 主机原网络配置
- 修改网络配置
- 使配置生效
- 删除项目默认的路由和网络
- 创建外网ext-net
- 创建内网int-net
- 创建路由R1
- 运行云主机
- 镜像上传
- 镜像创建
- 创建实例
- 编辑安全组规则
- 添加ALL ICMP规则
- 添加SSH规则
- 连接云主机
- 获取浮动IP
- 绑定浮动IP
- 查看网络拓扑
- 测试
- ping测试
- ssh测试
- 云硬盘管理
- 创建卷
- 连接卷
- 查看
- 云存储管理
- 创建容器
- 容器管理
工具准备
VMware Workstation Pro 16
CentOS-7-x86_64-DVD-1804.iso
SecureCRT、SecureFX
cirros-0.4.0-x86_64-disk.img
环境搭建
-
创建centos7虚拟机
这里一定内存不能少于8G,不然后面安装容易出问题!!还有虚拟化一定要勾上!!!
启动虚拟机centos7
选中文,你要英文好选英语也行。
选配置分区,可以不配,可以不配!!!不影响!!!我同学没分区照样能做!!!
可以不分区,选默认也一样,主要我电脑存储空间本来就不够,分区分了个寂寞!!
ens33要打开,后面下载openstack要网的!!
划重点:最小安装,分区可以不分选默认,禁用Kdump,ens33必须打开!!
设置root密码,待会ssh要用。
-
ssh连接
安装完成后,登录,查ip地址
使用SecureCRT 连接
ssh成功连上
测下网络,能访问互联网。
安装前的设置
-
禁用防火墙
Last login: Tue Apr 23 03:22:49 2024 from 192.168.196.1 [root@localhost ~]# systemctl disable firewalld Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. [root@localhost ~]# vi /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of three two values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted ~ ~ "/etc/selinux/config" 13L, 545C written
重启
[root@localhost ~]# reboot
-
禁用 NetworkManager服务
Last login: Tue Apr 23 07:36:39 2024 from 192.168.196.1 [root@localhost ~]# systemctl disable NetworkManager Removed symlink /etc/systemd/system/multi-user.target.wants/NetworkManager.service. Removed symlink /etc/systemd/system/dbus-org.freedesktop.NetworkManager.service. Removed symlink /etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service. [root@localhost ~]# systemctl stop NetworkManager
-
启用 network 服务
[root@localhost ~]# systemctl enable network network.service is not a native service, redirecting to /sbin/chkconfig. Executing /sbin/chkconfig network on [root@localhost ~]# systemctl start network
-
修改主机名以及映射
[root@localhost ~]# hostnamectl set-hostname node-a [root@localhost ~]# vi /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.196.44 node-a node-a.localdomain ~ ~ "/etc/hosts" 3L, 201C written [root@localhost ~]# ping node-a PING node-a (192.168.196.44) 56(84) bytes of data. 64 bytes from node-a (192.168.196.44): icmp_seq=1 ttl=64 time=0.020 ms 64 bytes from node-a (192.168.196.44): icmp_seq=2 ttl=64 time=0.046 ms ^Z [1]+ 已停止 ping node-a
-
时间同步
[root@localhost ~]# yum install -y chrony 已加载插件:fastestmirror Determining fastest mirrors * base: ftp.sjtu.edu.cn * extras: mirrors.bfsu.edu.cn * updates: mirrors.ustc.edu.cn base | 3.6 kB 00:00:00 extras | 2.9 kB 00:00:00 updates | 2.9 kB 00:00:00 (1/4): base/7/x86_64/group_gz| 153 kB 00:00:00 (2/4): extras/7/x86_64/primary_db | 253 kB 00:00:00 (3/4): base/7/x86_64/primary_db | 6.1 MB 00:00:05 (4/4): updates/7/x86_64/primary_db | 26 MB 00:00:24 正在解决依赖关系 --> 正在检查事务 ---> 软件包 chrony.x86_64.0.3.4-1.el7 将被 安装 --> 正在处理依赖关系 libseccomp.so.2()(64bit),它被软件包 chrony-3.4-1.el7.x86_64 需要 --> 正在检查事务 ---> 软件包 libseccomp.x86_64.0.2.3.1-4.el7 将被 安装 --> 解决依赖关系完成 依赖关系解决 ================================================================================================================================================== Package 架构 版本 源 大小 ================================================================================================================================================== 正在安装: chrony x86_64 3.4-1.el7 base 251 k 为依赖而安装: libseccomp x86_64 2.3.1-4.el7 base 56 k 事务概要 ================================================================================================================================================== 安装 1 软件包 (+1 依赖软件包) 总下载量:307 k 安装大小:788 k Downloading packages: 警告:/var/cache/yum/x86_64/7/base/packages/libseccomp-2.3.1-4.el7.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID f4a80eb5: NOKEYkB 00:00:42 ETA libseccomp-2.3.1-4.el7.x86_64.rpm 的公钥尚未安装 (1/2): libseccomp-2.3.1-4.el7.x86_64.rpm | 56 kB 00:00:14 (2/2): chrony-3.4-1.el7.x86_64.rpm | 251 kB 00:00:35 -------------------------------------------------------------------------------------------------------------------------------------------------- 总计 8.7 kB/s | 307 kB 00:00:35 从 file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 检索密钥 导入 GPG key 0xF4A80EB5: 用户ID : "CentOS-7 Key (CentOS 7 Official Signing Key)
安装openstcak
[root@localhost ~]# yum -y install centos-release-openstack-train (略。。。。。。) 已安装: centos-release-openstack-train.noarch 0:1-1.el7.centos 作为依赖被安装: centos-release-ceph-nautilus.noarch 0:1.2-2.el7.centos centos-release-nfs-ganesha28.noarch 0:1.0-3.el7.centos centos-release-qemu-ev.noarch 0:1.0-4.el7.centos centos-release-storage-common.noarch 0:2-2.el7.centos centos-release-virt-common.noarch 0:1-1.el7.centos 作为依赖被升级: centos-release.x86_64 0:7-9.2009.1.el7.centos 完毕! [root@localhost ~]# yum -y install openstack-packstack (略。。。。。。) rubygem-io-console.x86_64 0:0.4.2-39.el7_9 rubygem-json.x86_64 0:1.7.7-39.el7_9 rubygem-pathspec.noarch 0:0.2.1-3.el7 rubygem-psych.x86_64 0:2.0.0-39.el7_9 rubygem-rdoc.noarch 0:4.0.0-39.el7_9 rubygem-rgen.noarch 0:0.6.6-2.el7 rubygems.noarch 0:2.0.14.1-39.el7_9 yaml-cpp.x86_64 0:0.5.1-6.el7 作为依赖被升级: libselinux.x86_64 0:2.5-15.el7 libselinux-python.x86_64 0:2.5-15.el7 libselinux-utils.x86_64 0:2.5-15.el7 libsepol.x86_64 0:2.5-10.el7 完毕!
挂起虚拟机,拍快照,因为下一步要装大半小时,防止出意外。。。
Last login: Tue Apr 23 14:05:26 2024 from 192.168.196.1 [root@node-a ~]# packstack --allinone Welcome to the Packstack setup utility The installation log file is available at: /var/tmp/packstack/20240423-141738-Yav4Yc/openstack-setup.log Packstack changed given value to required value /root/.ssh/id_rsa.pub Installing: Clean Up [ DONE ] Discovering ip protocol version [ DONE ] Setting up ssh keys [ DONE ] Preparing servers [ DONE ] Pre installing Puppet and discovering hosts' details [ DONE ] Preparing pre-install entries [ DONE ]
等了半个多小时,卡住了好像。。。不用CRT了。。。直接虚拟机里面执行。。。
等了快一个小时了,看到successfully就是成功了。
Last failed login: Tue Apr 23 14:53:18 CEST 2024 from 192.168.196.1 on ssh:notty There was 1 failed login attempt since the last successful login. Last login: Tue Apr 23 14:20:06 2024 [root@node-a ~]# nova-manage --version 20.6.0
ping连通性测试
用户admin和demo的登录的密码
[root@node-a ~]# source keystonerc_admin [root@node-a ~(keystone_admin)]# cat keystonerc_admin unset OS_SERVICE_TOKEN export OS_USERNAME=admin export OS_PASSWORD='fa6313c270674503' export OS_REGION_NAME=RegionOne export OS_AUTH_URL=http://192.168.196.44:5000/v3 export PS1='[\u@\h \W(keystone_admin)]\$ ' export OS_PROJECT_NAME=admin export OS_USER_DOMAIN_NAME=Default export OS_PROJECT_DOMAIN_NAME=Default export OS_IDENTITY_API_VERSION=3 [root@node-a ~(keystone_admin)]# [root@node-a ~(keystone_admin)]# source keystonerc_demo [root@node-a ~(keystone_demo)]# cat keystonerc_demo unset OS_SERVICE_TOKEN export OS_USERNAME=demo export OS_PASSWORD='1a6a9ec34331441f' export PS1='[\u@\h \W(keystone_demo)]\$ ' export OS_AUTH_URL=http://192.168.196.44:5000/v3 export OS_PROJECT_NAME=demo export OS_USER_DOMAIN_NAME=Default export OS_PROJECT_DOMAIN_NAME=Default export OS_IDENTITY_API_VERSION=3浏览器访问http://192.168.196.44并登录
项目配置
-
主机原网络配置
br-ex,是外部网桥
br-int,是集成网桥
[root@node-a ~]# ip a 1: lo:
-
修改网络配置
[root@node-a ~]# vi ifcfg-ens33 DEVICE=ens33 TYPE=OVSPort DEVICETYPE=ovs OVS_BRIDGE=br-ex ONBOOT=yes ~ "ifcfg-ens33" 5L, 69C written [root@node-a ~]# vi ifcfg-br-ex DEVICE=br-ex DEVICETYPE=ovs TYPE=OVSBridge BOOTPROTO=static IPADDR=192.168.196.44 NETMASK=255.255.255.0 GATEWAY=192.168.196.2 DNS1=192.168.196.2 ONBOOT=yes ~ "ifcfg-br-ex" 9L, 156C written [root@node-a ~]#
-
使配置生效
[root@node-a ~]# cp ifcfg-* /etc/sysconfig/network-scripts/ cp:是否覆盖"/etc/sysconfig/network-scripts/ifcfg-br-ex"? y cp:是否覆盖"/etc/sysconfig/network-scripts/ifcfg-ens33"? y [root@node-a ~]# systemctl restart network
查看ip
网桥br-ex获得原ens33网卡的IP配置,而ens33作为该网桥上的一个端口后,可以没有IP地址。
[root@node-a ~]# ip a 1: lo:
-
删除项目默认的路由和网络
进入管理员的分支下,先删路由,后删网络!!!
-
创建外网ext-net
-
创建内网int-net
-
创建路由R1
运行云主机
-
镜像上传
SecureFX上传 cirros-0.4.0-x86_64-disk.img 到centos7
/root目录下查看上传的img文件
Last login: Tue Apr 23 14:53:29 2024 from 192.168.196.1 [root@node-a ~]# ll 总用量 12484 -rw-------. 1 root root 1574 4月 23 03:18 anaconda-ks.cfg -rw-r--r-- 1 root root 12716032 4月 24 16:12 cirros-0.4.0-x86_64-disk.img -rw------- 1 root root 374 4月 23 14:26 keystonerc_admin -rw------- 1 root root 319 4月 23 14:26 keystonerc_demo -rw------- 1 root root 51772 4月 23 14:20 packstack-answers-20240423-142037.txt
-
镜像创建
镜像上传到 Glance
[root@node-a ~]# source keystonerc_admin [root@node-a ~(keystone_admin)]# glance image-create --name cirros001 --disk-format qcow2 --container-format bare --visibility=public < cirros-0.4.0-x86_64-disk.img +------------------+----------------------------------------------------------------------------------+ | Property | Value | +------------------+----------------------------------------------------------------------------------+ | checksum | 443b7623e27ecf03dc9e01ee93f67afe | | container_format | bare | | created_at | 2024-04-25T03:02:02Z | | disk_format | qcow2 | | id | 4461e269-6414-4471-b9d7-a1cc8b19396d | | min_disk | 0 | | min_ram | 0 | | name | cirros001 | | os_hash_algo | sha512 | | os_hash_value | 6513f21e44aa3da349f248188a44bc304a3653a04122d8fb4535423c8e1d14cd6a153f735bb0982e | | | 2161b5b5186106570c17a9e58b64dd39390617cd5a350f78 | | os_hidden | False | | owner | 13aeda797d4f4be3baa99a7d7414f6c9 | | protected | False | | size | 12716032 | | status | active | | tags | [] | | updated_at | 2024-04-25T03:02:02Z | | virtual_size | Not available | | visibility | public | +------------------+----------------------------------------------------------------------------------+
查看新建的镜像
[root@node-a ~(keystone_admin)]# glance image-list +--------------------------------------+-----------+ | ID | Name | +--------------------------------------+-----------+ | 8f054c85-6b1e-4689-8197-e4c32820c6c8 | cirros | | 4461e269-6414-4471-b9d7-a1cc8b19396d | cirros001 | +--------------------------------------+-----------+ [root@node-a ~(keystone_admin)]#
在项目的分支下,能看到刚刚新建的镜像。
-
创建实例
云主机正在创建。。。
云主机启动完成,查看控制台。。。
编辑安全组规则
-
添加ALL ICMP规则
-
添加SSH规则
连接云主机
-
获取浮动IP
-
绑定浮动IP
-
查看网络拓扑
测试
-
ping测试
cirros001 => 百度www.baidu.com【√】
cirros001 => centos7 192.168.196.44【√】
cirros001 => 网关192.168.196.2【√】
cirros001 => 物理机win10 192.168.196.1【×】
物理机win10 => cirros001 192.168.196.20【×】
等多一会,再次尝试ping,可以用Wireshare抓包观察。
cirros001能ping网关196.2物理机196.1,也能访问互联网,如下:
win10也能ping通cirros001绑定的浮动ip192.168.196.20
注:如果win10能ping云主机cirros001,云主机cirros001却无法ping通物理机win10,把物理机win10的防火墙关掉!!
抓包验证
云主机cirros001的ip地址为10.10.10.44,抓包时真正通信的是其绑定的浮动ip192.168.196.20
-
ssh测试
reboot重启云主机
用户名cirros密码gocubsgo
SecureCRT连接成功
云硬盘管理
-
创建卷
-
连接卷
-
查看
云存储管理
-
创建容器
-
容器管理
-
创建目录
-
上传文件
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
![[工业自动化-1]:PLC架构与工作原理](https://img-blog.csdnimg.cn/ce10a1471ed14382bc58364cf8bd5209.png)
还没有评论,来说两句吧...