本文最后更新于48 天前,其中的信息可能已经过时,如有错误请发送邮件到2639131093@qq.com
注意
1.本教程为openstack 搭建平台victoria 版,虚拟机为centos stream 8
2.本教程设计内容非常多,很复杂,但也很有技巧,请注意每一步,我说可以更改的地方可以更改,其余建议和我一样
3.内容板块大体包括:基础环境设置, keystone组建安装,glance组建安装,placement组建安装,nova组建安装,neutron组建安装,dashboard组建安装
4.密码约定:本文所有和数据库及消息队列相关的密码统一设定 rootroot,openstack 组件用户密码统一设定 redhat
5.学习此章节,你需要了解的知识:数据库sql中dcl用户管理的知识,linux基础命令,openstack基础命令
6.官方网址:
GlanceOpenStack Docs: Install and configure (Red Hat)
7.环境配置:
环境用到 2台 虚拟机,单网卡,并为其配置 静态 IP 及 DNS
| 主机名 | ip | 网关 | DNS | cpu/内存 | 磁盘 | 角色 | 备注 |
| controller | 192.168.100.128 | 192.168.100.2 | 114.114.114.114 | 4c/6g | 100g | 控制节点 | 开启虚拟化引擎 |
| compute | 192.168.100.129 | 192.168.100.2 | 114.114.114.114 | 4c/6g | 100g | 计算节点 | 开启虚拟化引擎 |
建库及授权(仅控制节点)
[root@controller ~(myuser)]$ mysql -u root -prootroot
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 26
Server version: 10.3.28-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> create database glance; ##创建库glance
Query OK, 1 row affected (0.001 sec)
MariaDB [(none)]> grant all privileges on glance.* to 'glance'@'localhost' identified by 'rootroot';
##为glance用户在本地对glance数据库所有对象给予全部权限,指定密码为rootroot
Query OK, 0 rows affected (0.005 sec)
MariaDB [(none)]> grant all privileges on glance.* to 'glance'@'%' identified by 'rootroot';
##为glance用户在本地对glance数据库所有对象给予全部权限,指定密码为rootroot
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> show grants for 'glance'@'localhost'; ##可选,只是查看glance用户对于glance库本地权限,下一样,只是范围不同
+---------------------------------------------------------------------------------------------------------------+
| Grants for glance@localhost |
+---------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO `glance`@`localhost` IDENTIFIED BY PASSWORD '*6C362347EBEAA7DF44F6D34884615A35095E80EB' |
| GRANT ALL PRIVILEGES ON `glance`.* TO `glance`@`localhost` |
+---------------------------------------------------------------------------------------------------------------+
2 rows in set (0.002 sec)
MariaDB [(none)]> show grants for 'glance'@'%';
+-------------------------------------------------------------------------------------------------------+
| Grants for glance@% |
+-------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO `glance`@`%` IDENTIFIED BY PASSWORD '*6C362347EBEAA7DF44F6D34884615A35095E80EB' |
| GRANT ALL PRIVILEGES ON `glance`.* TO `glance`@`%` |
+-------------------------------------------------------------------------------------------------------+
2 rows in set (0.000 sec)
MariaDB [(none)]> show database; ## 这是错的,查看非具体库要带‘s’哦
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'database' at line 1
MariaDB [(none)]> show databases; ##查看库
+--------------------+
| Database |
+--------------------+
| glance |
| information_schema |
| keystone |
| mysql |
| performance_schema |
+--------------------+
5 rows in set (0.004 sec)
创建用户及关联角色(仅控制节点)
[root@controller ~(myuser)]$ source keystonerc_admin
[root@controller ~(admin)]$ openstack user create --domain default --password-prompt glance
User Password: ##密码依旧redhat
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 2c401bee20a245ac88cf4629ed4ee440 |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
[root@controller ~(admin)]$ openstack user list
+----------------------------------+--------+
| ID | Name |
+----------------------------------+--------+
| cda7fc3c6ff74289b8f40e149d397710 | admin |
| 9688822b0dcd41929430ab48335fceb2 | myuser |
| 2c401bee20a245ac88cf4629ed4ee440 | glance |
+----------------------------------+--------+
[root@controller ~(admin)]$ openstack role add --project service --user glance admin
##和之前一样的,让glance用户作为admin 来与service项目建立连接
[root@controller ~(admin)]$ openstack role assignment list --user glance
+----------------------------------+----------------------------------+-------+----------------------------------+--------+--------+-----------+
| Role | User | Group | Project | Domain | System | Inherited |
+----------------------------------+----------------------------------+-------+----------------------------------+--------+--------+-----------+
| 35eb6220a4b14503b1672de9f0ffcae9 | 2c401bee20a245ac88cf4629ed4ee440 | | 578eca45e7e549858c97314e3f2ec1e3 | | | False |
+----------------------------------+----------------------------------+-------+----------------------------------+--------+--------+-----------+创建服务及注册API(仅控制节点)
[root@controller ~(admin)]$ openstack service create --name glance --description "OpenStack Image" image
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image |
| enabled | True |
| id | fa2e979295a546fd8b0f0f54bcd0a534 |
| name | glance |
| type | image |
+-------------+----------------------------------+
[root@controller ~(admin)]$ openstack endpoint create --region RegionOne image public http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 861dc3b20d324e4892e506058c2c7b1f |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | fa2e979295a546fd8b0f0f54bcd0a534 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
[root@controller ~(admin)]$ openstack endpoint create --region RegionOne image internal http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 0347ebc573814319b61f2b061d12a76d |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | fa2e979295a546fd8b0f0f54bcd0a534 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
[root@controller ~(admin)]$ openstack endpoint create --region RegionOne image admin http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 810eab1198cc44dc8a2f4de04d227da4 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | fa2e979295a546fd8b0f0f54bcd0a534 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
[root@controller ~(admin)]$ openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| ID | Region | Service Name | Service Type | Enabled | Interface | URL |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
| 0347ebc573814319b61f2b061d12a76d | RegionOne | glance | image | True | internal | http://controller:9292 |
| 6395f0c625274f4b90e9137f38e93882 | RegionOne | keystone | identity | True | admin | http://controller:5000/v3/ |
| 810eab1198cc44dc8a2f4de04d227da4 | RegionOne | glance | image | True | admin | http://controller:9292 |
| 861dc3b20d324e4892e506058c2c7b1f | RegionOne | glance | image | True | public | http://controller:9292 |
| ca45bbfeef81436688974a8d04e75d88 | RegionOne | keystone | identity | True | internal | http://controller:5000/v3/ |
| ff9d2f5be3c54026a27d8661b68460b9 | RegionOne | keystone | identity | True | public | http://controller:5000/v3/ |
+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
安装包(仅控制节点)
[root@controller ~(admin)]$ yum install openstack-glance -y
##一样的,太多啦!!!,只展示安装内容
已升级:
platform-python-3.6.8-62.el8.x86_64 python3-libs-3.6.8-62.el8.x86_64
已安装:
blosc-1.17.0-1.el8.x86_64 graphviz-2.40.1-45.el8.x86_64
hdf5-1.10.5-5.el8.x86_64 libXaw-1.0.13-10.el8.x86_64
libaec-1.0.2-3.el8.x86_64 libgfortran-8.5.0-22.el8.x86_64
libqhull-1:7.2.1-2.el8.x86_64 libquadmath-8.5.0-22.el8.x86_64
openblas-0.3.15-4.el8.x86_64 openblas-threads-0.3.15-4.el8.x86_64
openstack-glance-1:21.1.0-1.el8.noarch perl-Filter-2:1.58-2.el8.x86_64
perl-Text-Unidecode-1.30-5.el8.noarch perl-XML-Parser-2.44-11.el8.x86_64
perl-XML-XPath-1.42-3.el8.noarch perl-encoding-4:2.22-3.el8.x86_64
perl-open-1.11-422.el8.noarch platform-python-devel-3.6.8-62.el8.x86_64
python-oslo-privsep-lang-2.4.0-2.el8.noarch python-oslo-vmware-lang-3.7.0-2.el8.noarch
python-rpm-macros-3-45.el8.noarch python-srpm-macros-3-45.el8.noarch
python3-Bottleneck-1.2.1-13.el8.x86_64 python3-automaton-2.2.0-1.el8.noarch
python3-barbicanclient-5.0.1-2.el8.noarch python3-boto-2.49.0-4.el8.noarch
python3-castellan-3.6.1-1.el8.noarch python3-cursive-0.2.2-1.el8.noarch
python3-cycler-0.10.0-13.el8.noarch python3-glance-1:21.1.0-1.el8.noarch
python3-glance-store-2.3.1-1.el8.noarch python3-glanceclient-1:3.2.2-2.el8.noarch
python3-httplib2-0.10.3-4.el8.noarch python3-kiwisolver-1.1.0-4.el8.x86_64
python3-matplotlib-3.1.1-2.el8.x86_64 python3-matplotlib-data-3.1.1-2.el8.noarch
python3-matplotlib-data-fonts-3.1.1-2.el8.noarch python3-matplotlib-tk-3.1.1-2.el8.x86_64
python3-mock-3.0.5-7.el8.noarch python3-networkx-2.5-1.el8.noarch
python3-numexpr-2.7.1-1.el8.x86_64 python3-numpy-1:1.14.3-10.el8.x86_64
python3-numpy-f2py-1:1.14.3-10.el8.x86_64 python3-os-brick-4.0.5-1.el8.noarch
python3-os-win-5.2.0-1.el8.noarch python3-oslo-privsep-2.4.0-2.el8.noarch
python3-oslo-reports-2.2.0-2.el8.noarch python3-oslo-rootwrap-6.2.0-2.el8.noarch
python3-oslo-vmware-3.7.0-2.el8.noarch python3-pandas-0.25.3-1.el8.x86_64
python3-pillow-5.1.1-21.el8.x86_64 python3-pydot-1.4.1-1.el8.noarch
python3-pygraphviz-1.5-9.el8.x86_64 python3-pysendfile-2.0.1-15.el8.x86_64
python3-pyxattr-0.5.3-18.el8.x86_64 python3-retrying-1.2.3-21.el8.noarch
python3-rpm-generators-5-8.el8.noarch python3-rpm-macros-3-45.el8.noarch
python3-rsa-4.6-2.el8s.noarch python3-scipy-1.0.0-21.module_el8+762+77bd8591.x86_64
python3-simplegeneric-0.8.1-17.el8.noarch python3-suds-0.7-0.11.94664ddd46a6.el8.noarch
python3-tables-3.5.2-6.el8.x86_64 python3-taskflow-4.5.0-2.el8.noarch
python3-tenacity-6.2.0-1.el8.noarch python3-tkinter-3.6.8-62.el8.x86_64
python3-warlock-1.3.3-1.el8.noarch python3-wsme-0.9.3-1.el8.noarch
sysfsutils-2.1.0-25.el8.x86_64 tcl-1:8.6.8-2.el8.x86_64
texlive-base-7:20180414-29.el8.noarch texlive-dvipng-7:20180414-29.el8.x86_64
texlive-kpathsea-7:20180414-29.el8.x86_64 texlive-lib-7:20180414-29.el8.x86_64
texlive-tetex-7:20180414-29.el8.noarch texlive-texlive.infra-7:20180414-29.el8.noarch
tk-1:8.6.8-1.el8.x86_64 xorg-x11-fonts-ISO8859-1-100dpi-7.5-19.el8.noarch
完毕!
编辑配置文件(仅控制节点)
[root@controller ~(admin)]$ vim /etc/glance/glance-api.conf
很多慢慢找,还是:/database
[database]
connection = mysql+pymysql://glance:rootroot@controller/glance ##大约1590行
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default ##大约4650行
user_domain_name = Default
project_name = service
username = glance
password = redhat
[paste_deploy]
flavor = keystone ##大约5300行
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/ ##大约2980行
初始化数据库(仅控制节点)
[root@controller ~(admin)]$ su -s /bin/sh -c "glance-manage db_sync" glance ##脚本初始化glance数据库
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Running upgrade -> liberty, liberty initial
INFO [alembic.runtime.migration] Running upgrade liberty -> mitaka01, add index on created_at and updated_at columns of 'images' table
INFO [alembic.runtime.migration] Running upgrade mitaka01 -> mitaka02, update metadef os_nova_server
INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_expand01, add visibility to images
INFO [alembic.runtime.migration] Running upgrade ocata_expand01 -> pike_expand01, empty expand for symmetry with pike_contract01
INFO [alembic.runtime.migration] Running upgrade pike_expand01 -> queens_expand01
INFO [alembic.runtime.migration] Running upgrade queens_expand01 -> rocky_expand01, add os_hidden column to images table
INFO [alembic.runtime.migration] Running upgrade rocky_expand01 -> rocky_expand02, add os_hash_algo and os_hash_value columns to images table
INFO [alembic.runtime.migration] Running upgrade rocky_expand02 -> train_expand01, empty expand for symmetry with train_contract01
INFO [alembic.runtime.migration] Running upgrade train_expand01 -> ussuri_expand01, empty expand for symmetry with ussuri_expand01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Upgraded database to: ussuri_expand01, current revision(s): ussuri_expand01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Database migration is up to date. No migration needed.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Running upgrade mitaka02 -> ocata_contract01, remove is_public from images
INFO [alembic.runtime.migration] Running upgrade ocata_contract01 -> pike_contract01, drop glare artifacts tables
INFO [alembic.runtime.migration] Running upgrade pike_contract01 -> queens_contract01
INFO [alembic.runtime.migration] Running upgrade queens_contract01 -> rocky_contract01
INFO [alembic.runtime.migration] Running upgrade rocky_contract01 -> rocky_contract02
INFO [alembic.runtime.migration] Running upgrade rocky_contract02 -> train_contract01
INFO [alembic.runtime.migration] Running upgrade train_contract01 -> ussuri_contract01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Upgraded database to: ussuri_contract01, current revision(s): ussuri_contract01
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Database is synced successfully.
[root@controller ~(admin)]$ mysql -u root -prootroot
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 29
Server version: 10.3.28-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| glance |
| information_schema |
| keystone |
| mysql |
| performance_schema |
+--------------------+
5 rows in set (0.001 sec)
MariaDB [(none)]> use glance
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
MariaDB [glance]> show tables;
+----------------------------------+
| Tables_in_glance |
+----------------------------------+
| alembic_version |
| image_locations |
| image_members |
| image_properties |
| image_tags |
| images |
| metadef_namespace_resource_types |
| metadef_namespaces |
| metadef_objects |
| metadef_properties |
| metadef_resource_types |
| metadef_tags |
| migrate_version |
| task_info |
| tasks |
+----------------------------------+
15 rows in set (0.001 sec)
王五
[root@controller ~(admin)]$ systemctl start openstack-glance-api.service
[root@controller ~(admin)]$ systemctl enable openstack-glance-api.service
Created symlink /etc/systemd/system/multi-user.target.wants/openstack-glance-api.service → /usr/lib/systemd/system/openstack-glance-api.service.
[root@controller ~(admin)]$ source keystonerc_admin
[root@controller ~(admin)]$ ll
总用量 20756
drwxr-xr-x. 2 root root 6 8月 27 23:59 公共
drwxr-xr-x. 2 root root 6 8月 27 23:59 模板
drwxr-xr-x. 2 root root 6 8月 27 23:59 视频
drwxr-xr-x. 2 root root 6 8月 27 23:59 图片
drwxr-xr-x. 2 root root 6 8月 27 23:59 文档
drwxr-xr-x. 2 root root 6 8月 27 23:59 下载
drwxr-xr-x. 2 root root 6 8月 27 23:59 音乐
drwxr-xr-x. 2 root root 6 8月 27 23:59 桌面
-rw-------. 1 root root 1250 8月 27 23:37 anaconda-ks.cfg
-rw-r--r-- 1 root root 21233664 8月 25 07:42 cirros-0.6.1-x86_64-disk.img
-rw-r--r--. 1 root root 1531 8月 27 23:59 initial-setup-ks.cfg
-rw-r--r-- 1 root root 296 8月 28 04:57 keystonerc_admin
-rw-r--r-- 1 root root 300 8月 28 04:58 keystonerc_user
-rw-r--r-- 1 root root 0 8月 28 04:54 --os-project-domain-name
-rw-r--r-- 1 root root 172 8月 28 04:54 --os-project-name
[root@controller ~(admin)]$ mv cirros-0.6.1-x86_64-disk.img /tmp/
##自己用winscp上传🦌,累了累了= =
[root@controller ~(admin)]$ ls /tmp/cir*
/tmp/cirros-0.6.1-x86_64-disk.img
[root@controller ~(admin)]$ openstack image create --disk-format qcow2 --container-format bare --public --file /tmp/cirros-0.6.1-x86_64-disk.img centos7
##验证镜像能否正常上传
+------------------+---------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------------+---------------------------------------------------------------------------------------------------------------------------------------------+
| container_format | bare |
| created_at | 2024-08-28T09:48:31Z |
| disk_format | qcow2 |
| file | /v2/images/9ca52084-c37b-48b8-b4f5-7390e19b3567/file |
| id | 9ca52084-c37b-48b8-b4f5-7390e19b3567 |
| min_disk | 0 |
| min_ram | 0 |
| name | centos7 |
| owner | 660df1d651a940fda39757aee91856bf |
| properties | os_hidden='False', owner_specified.openstack.md5='', owner_specified.openstack.object='images/centos7', owner_specified.openstack.sha256='' |
| protected | False |
| schema | /v2/schemas/image |
| status | queued |
| tags | |
| updated_at | 2024-08-28T09:48:31Z |
| visibility | public |
+------------------+---------------------------------------------------------------------------------------------------------------------------------------------+
[root@controller ~(admin)]$ openstack image list ##查看镜像
+--------------------------------------+---------+--------+
| ID | Name | Status |
+--------------------------------------+---------+--------+
| 9ca52084-c37b-48b8-b4f5-7390e19b3567 | centos7 | active |
+--------------------------------------+---------+--------+
[root@controller ~(admin)]$ mysql -u root -prootroot
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 36
Server version: 10.3.28-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> use glance
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
MariaDB [glance]> show tables;
+----------------------------------+
| Tables_in_glance |
+----------------------------------+
| alembic_version |
| image_locations |
| image_members |
| image_properties |
| image_tags |
| images |
| metadef_namespace_resource_types |
| metadef_namespaces |
| metadef_objects |
| metadef_properties |
| metadef_resource_types |
| metadef_tags |
| migrate_version |
| task_info |
| tasks |
+----------------------------------+
15 rows in set (0.001 sec)
MariaDB [glance]> select * from image_locations ##数据库内查看镜像
-> ;
+----+--------------------------------------+--------------------------------------------------------------------+---------------------+---------------------+------------+---------+-----------+--------+
| id | image_id | value | created_at | updated_at | deleted_at | deleted | meta_data | status |
+----+--------------------------------------+--------------------------------------------------------------------+---------------------+---------------------+------------+---------+-----------+--------+
| 1 | 9ca52084-c37b-48b8-b4f5-7390e19b3567 | file:///var/lib/glance/images/9ca52084-c37b-48b8-b4f5-7390e19b3567 | 2024-08-28 09:48:32 | 2024-08-28 09:48:32 | NULL | 0 | {} | active |
+----+--------------------------------------+--------------------------------------------------------------------+---------------------+---------------------+------------+---------+-----------+--------+
1 row in set (0.001 sec)
