CentOS 7.2 Installation Deployment OpenStack Tutorial
Environmental preparation
Share CentOS 7.2 installation deployment OpenStack tutorial, we want to help.
1, the system environment
# Uname -r
3.10.0-327.el7.x86_64
# Cat / etc / RedHat -release
CentOS Linux release 7.2.1511 (Core)
2, the server deployment
IP
CPU name
Character
Configuration
192.168.56.108
Controller
Control node
M: 4G; C: 2C; 50G
192.168.56.109
Compute
Calculate nodes
M: 2G; C: 2C; 50G
3, the basic environment to prepare
3.1, configure hosts
# Cat / etc / hosts
192.168.56.108 controller
192.168.56.109 compute
3.2, configure the time synchronization
[Root @ controller ~] # yum install -y ntp
[Root @ controller ~] # vim /etc/ntp.conf
15 restrict -6 :: 1
16 restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
27 restrict 0.centos.pool.ntp.org nomodify notrap noquery
28 restrict 1.centos.pool.ntp.org nomodify notrap noquery
29 restrict 2.centos.pool.ntp.org nomodify notrap noquery
30 restrict 3.centos.pool.ntp.org nomodify notrap noquery
31 server 127.127.1.0
32 fudge 127.127.1.0 stratum 10
[Root @ controller ~] # systemctl enable ntpd
[Root @ controller ~] # systemctl start ntpd
Configure timing tasks on the control node and compute nodes
[Root @ compute ~] # crontab -l * / 5 * * * * / usr / sbin / ntpdate 192.168.56.108> / dev / null 2> & 1
3.3, turn off the firewall
# Systemctl stop firewalld
3.4, close selinux
# SELINUX = disabled / etc / selinux / config // need to reboot
3.5, install the basic package
[Root @ controller ~] # yum install -yhttp: // dl. Fedora project.org/pub/epel/7/x86_64/e/epel-release-7-7.noarch.rpm
[Root @ controller ~] # yum install -y centos-release-openstack-liberty
[Root @ controller ~] # yum install -y python-openstackclient
3.6, install mysql
[Root @ controller ~] # yum install -y mariadb mariadb-server mysql-python
[Root @ controller ~] # vim /etc/my.cnf
Add the following lines in the mysqld module:
Default-storage-engine = innodb
Innodb_file_per_table
Collation-server = utf8_general_ci
Init-connect = ‘SET NAMES utf8’
Character-set-server = utf8
[Root @ controller ~] # systemctl enable mariadb.service
[Root @ controller ~] # systemctl start mariadb.service
[Root @ controller ~] # mysql_secure_installation
3.7, install rabbitmq
[Root @ controller ~] # yum install-y rabbitmq-server
[Root @ controller ~] # systemctl enable rabbitmq-server.service
[Root @ controller ~] # systemctl start rabbitmq-server.service
[Root @ controller ~] # rabbitmqctl add_user openstack openstack
Creating user “openstack” …
… done.
[Root @ controller ~] # rabbitmqctl set_permissions openstack ‘. *’ ‘. *’ ‘. *’
Setting permissions for user “openstack” in vhost “/” …
… done.
[Root @ controller ~] # rabbitmqctl set_user_tags openstack administrator
[Root @ controller ~] # rabbitmq-plugins enable rabbitmq_management
[Root @ controller ~] # systemctl restart rabbitmq-server.service
In the browser, enter http://192.168.56.108:15672, the default account and password for the guest
Login will be created before the openstack users to join admin, the results are as follows:
[root@controller ~]# mysql -u root -p
[root@controller ~]# CREATE DATABASE keystone;
[root@controller ~]# GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@’localhost’ IDENTIFIED BY ‘PWS’;
[root@controller ~]# GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@’%’ IDENTIFIED BY ‘PWS’;
[root@controller ~]# openssl rand -hex 10
2?keystone
yum install openstack-keystone httpd mod_wsgi python-openstackclient memcached python-memcached
3?memcache
# systemctl enable memcached.service
# systemctl start memcached.service
4?
Edit the /etc/keystone/keystone.conf file and complete the following actions:
In the [DEFAULT] section, define the value of the initial administration token:
1
2
3
[DEFAULT]
…
admin_token = ADMIN_TOKEN
Replace ADMIN_TOKEN with the random value that you generated in a previous step.
In the [database] section, configure database access:
1
2
3
[database]
…
connection = mysql://keystone:KEYSTONE_DBPASS@controller/keystone
Replace KEYSTONE_DBPASS with the password you chose for the database.
In the [memcache] section, configure the Memcache service:
1
2
3
[memcache]
…
servers = localhost:11211
In the [token] section, configure the UUID token provider and Memcached driver:
1
2
3
4
[token]
…
provider = keystone.token.providers.uuid.Provider
driver = keystone.token.persistence.backends.memcache.Token
In the [revoke] section, configure the SQL revocation driver:
1
2
3
[revoke]
…
driver = keystone.contrib.revoke.backends.sql.Revoke
(Optional) To assist with troubleshooting, enable verbose logging in the [DEFAULT] section:
1
2
3
[DEFAULT]
…
verbose = True
Populate the Identity service database:
# su -s /bin/sh -c “keystone-manage db_sync” keystone
5?HTTP
Edit the /etc/httpd/conf/httpd.conf file and configure the ServerName option to reference the controller node:
ServerName controller
Create the /etc/httpd/conf.d/wsgi-keystone.conf file with the following content:
Listen 5000
Listen 35357
<VirtualHost *:5000>
WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-public
WSGIScriptAlias / /var/www/cgi-bin/keystone/main
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
LogLevel info
ErrorLogFormat “%{cu}t %M”
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
</VirtualHost>
<VirtualHost *:35357>
WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-admin
WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
LogLevel info
ErrorLogFormat “%{cu}t %M”
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
</VirtualHost>
Create the directory structure for the WSGI components:
# mkdir -p /var/www/cgi-bin/keystone
Copy the WSGI components from the upstream repository into this directory:
# curl http://git.openstack.org/cgit/openstack/keystone/plain/httpd/keystone.py?h=stable/kilo | tee /var/www/cgi-bin/keystone/main /var/www/cgi-bin/keystone/admin
Adjust ownership and permissions on this directory and the files in it:
# chown -R keystone:keystone /var/www/cgi-bin/keystone
# chmod 755 /var/www/cgi-bin/keystone/*
Restart the Apache HTTP server:
# systemctl enable httpd.service
# systemctl start httpd.service
Recent Comments