1、环境规划以及网卡配置
controller IP:192.168.235.101
compute IP:192.168.235.102
控制节点
[root@luck ~]# cd /etc/sysconfig/network-scripts/
[root@luck network-scripts]# vi ifcfg-ens160
[root@luck network-scripts]# cat ifcfg-ens160
TYPE=Ethernet
BOOTPROTO=none
NAME=ens160
DEVICE=ens160
ONBOOT=yes
IPADDR=192.168.235.101
NETMASK=255.255.255.0
GATEWAY=192.168.235.2
DNS1=192.168.235.2
计算节点
[root@luck ~]# cd /etc/sysconfig/network-scripts/
[root@luck network-scripts]# vi ifcfg-ens160
[root@luck network-scripts]# cat ifcfg-ens160
TYPE=Ethernet
BOOTPROTO=none
NAME=ens160
DEVICE=ens160
ONBOOT=yes
IPADDR=192.168.235.102
NETMASK=255.255.255.0
GATEWAY=192.168.235.2
DNS1=192.168.235.2
修改控制节点和计算节点主机名
[root@luck ~]# hostnamectl set-hostname controller ---控制节点
[root@luck ~]# hostnamectl set-hostname compute ---计算节点
2、关闭防火墙/selinux/networkmanager
注意:networkmanager,这个组件是在!inux8版本里面管理网络服务的(ip地址),如果你提前把它关闭并禁用了,那么当节点重启的时候,是无法自动获取到ip地址的。
但是如果不关闭,它又会和 gpenstack,里面的 neutron 网络服务组件产生冲突。我们采用这种方式:暂时先不关闭networkmanager,等把所有环境全部安装好之后,再手工关闭和禁用 networkmanager,并使用 network来替换 networkmanager 这个服务。
控制节点关闭防火墙和selinux
[root@controller ~]# systemctl stop firewalld
[root@controller ~]# systemctl disable firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@controller ~]# setenforce 0 临时关闭
[root@controller ~]# vi /etc/sysconfig/selinux ---永久关闭
[root@controller ~]# cat /etc/sysconfig/selinux
This file controls the state of SELinux on the system.
SELINUX= can take one of these three values:
enforcing - SELinux security policy is enforced.
permissive - SELinux prints warnings instead of enforcing.
disabled - No SELinux policy is loaded.
SELINUX=disabled
SELINUXTYPE= can take one of these three values:
targeted - Targeted processes are protected,
minimum - Modification of targeted policy. Only selected processes are protected.
mls - Multi Level Security protection.
SELINUXTYPE=targeted
或者永久关闭selinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
计算节点关闭防火墙和selinux
[root@compute ~]# systemctl stop firewalld
[root@compute ~]# systemctl disable firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@compute ~]# setenforce 0
[root@compute~]#sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
3、主机名映射及基础软件包
控制节点和计算节点都要映射
[root@controller ~]# echo '192.168.235.101 controller' >> /etc/hosts
[root@controller ~]# echo '192.168.235.102 compute' >> /etc/hosts
[root@controller ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.235.101 controller
192.168.235.102 compute
[root@controller ~]# yum install -y vim net-tools bash-completion chrony.x86_64 centos-release-openstack-victoria.noarch
4、配置时间服务器NTP
控制节点
[root@controller ~]# vim /etc/chrony.conf
server ntp.aliyun.com iburst
allow 192.168.100.0/24
重启时间服务器
[root@controller ~]# systemctl start chronyd.service
[root@controller ~]# systemctl enable chronyd
计算节点
[root@compute ~]# vim /etc/chrony.conf
server controller iburst
重启时间服务器
[root@compute ~]# systemctl start chronyd.service
[root@compute ~]# systemctl enable chronyd
5、配置YUM源
5.1 控制节点
[root@controller ~]# mkdir /etc/yum.repos.d/bak
[root@controller ~]# mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak/
[root@compute ~]# cat /etc/yum.repos.d/cloudcs.repo[highavailability]
name=CentOS Stream 8 - HighAvailability
baseurl=https://mirrors.aliyun.com/centos/8-stream/HighAvailability/x86_64/os/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=1
[nfv]
name=CentOS Stream 8 - NFV
baseurl=https://mirrors.aliyun.com/centos/8-stream/NFV/x86_64/os/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=1
[rt]
name=CentOS Stream 8 - RT
baseurl=https://mirrors.aliyun.com/centos/8-stream/RT/x86_64/os/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=1
[resilientstorage]
name=CentOS Stream 8 - ResilientStorage
baseurl=https://mirrors.aliyun.com/centos/8-stream/ResilientStorage/x86_64/os/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=1
[extras-common]
name=CentOS Stream 8 - Extras packages
baseurl=https://mirrors.aliyun.com/centos/8-stream/extras/x86_64/extras-common/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Extras-SHA512
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=1
[extras]
name=CentOS Stream - Extras
mirrorlist=http://mirrorlist.centos.org/?release=\&arch=\&repo=extras\&infra=
#baseurl=http://mirror.centos.org///extras//os/
baseurl=https://mirrors.aliyun.com/centos/8-stream/extras/x86_64/os/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
[centos-ceph-pacific]
name=CentOS - Ceph Pacific
baseurl=https://mirrors.aliyun.com/centos-vault/8-stream/storage/x86_64/ceph-pacific/
gpgcheck=0
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Storage
[centos-rabbitmq-38]
name=CentOS-8 - RabbitMQ 38
baseurl=https://mirrors.aliyun.com/centos-vault/8-stream/messaging/x86_64/rabbitmq-38/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Messaging
[centos-nfv-openvswitch]
name=CentOS Stream 8 - NFV OpenvSwitch
baseurl=https://mirrors.aliyun.com/centos-vault/8-stream/nfv/x86_64/openvswitch-2/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-NFV
module_hotfixes=1
[baseos]
name=CentOS Stream 8 - BaseOS
baseurl=https://mirrors.aliyun.com/centos/8-stream/BaseOS/x86_64/os/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=1
[appstream]
name=CentOS Stream 8 - AppStream
baseurl=https://mirrors.aliyun.com/centos/8-stream/AppStream/x86_64/os/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=1
[centos-openstack-victoria]
name=CentOS 8 - OpenStack victoria
baseurl=https://mirrors.aliyun.com/centos/8-stream/cloud/x86_64/openstack-victoria/
#baseurl=https://repo.huaweicloud.com/centos/8-stream/cloud/x86_64/openstack-yoga/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Cloud
module_hotfixes=1
[powertools]
name=CentOS Stream 8 - PowerTools
#mirrorlist=http://mirrorlist.centos.org/?release=\&arch=\&repo=PowerTools\&infra=
baseurl=https://mirrors.aliyun.com/centos/8-stream/PowerTools/x86_64/os/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
5.2 计算节点
[root@compute ~]# mkdir /etc/yum.repos.d/bak
[root@compute ~]# mv /etc/yum.repos.d/*.repo /etc/yum.repos.d/bak/
[root@compute ~]# scp controller:/etc/yum.repos.d/cloudcs.repo /etc/yum.repos.d/
6、安装配置
6.1 控制节点安装 PackStack 工具
[root@controller ~]# yum install -y openstack-packstack
6.2 生成应答文件
[root@controller ~]# packstack --gen-answer-file=111.txt
6.3 修改应答文件
[root@controller ~]# vim 111.txt
97 CONFIG_COMPUTE_HOSTS=192.168.235.101,192.168.235.102
323 CONFIG_KEYSTONE_ADMIN_PW=123456
1169 CONFIG_PROVISION_DEMO=n
60 CONFIG_HEAT_INSTALL=y
909 CONFIG_NEUTRON_OVN_BRIDGE_IFACES=br-ex:ens160
7、开始安装openstack
[root@controller ~]# packstack --answer-file=111.txt
Welcome to the Packstack setup utility
The installation log file is available at: /var/tmp/packstack/20240910-084808-673i1d3e/openstack-setup.log
Installing:
Clean Up [ DONE ]
Discovering ip protocol version [ DONE ]
root@192.168.235.102's password:
root@192.168.235.101's password:
Setting up ssh keys [ DONE ]
Preparing servers [ DONE ]
Pre installing Puppet and discovering hosts' details [ DONE ]
Preparing pre-install entries [ DONE ]
Setting up CACERT [ DONE ]
Preparing AMQP entries [ DONE ]
Preparing MariaDB entries [ DONE ]
Fixing Keystone LDAP config parameters to be undef if empty[ DONE ]
Preparing Keystone entries [ DONE ]
Preparing Glance entries [ DONE ]
Checking if the Cinder server has a cinder-volumes vg[ DONE ]
Preparing Cinder entries [ DONE ]
Preparing Nova API entries [ DONE ]
Creating ssh keys for Nova migration [ DONE ]
Gathering ssh host keys for Nova migration [ DONE ]
Preparing Nova Compute entries [ DONE ]
Preparing Nova Scheduler entries [ DONE ]
Preparing Nova VNC Proxy entries [ DONE ]
Preparing OpenStack Network-related Nova entries [ DONE ]
Preparing Nova Common entries [ DONE ]
Preparing Neutron API entries [ DONE ]
Preparing Neutron L3 entries [ DONE ]
Preparing Neutron L2 Agent entries [ DONE ]
Preparing Neutron DHCP Agent entries [ DONE ]
Preparing Neutron Metering Agent entries [ DONE ]
Checking if NetworkManager is enabled and running [ DONE ]
Preparing OpenStack Client entries [ DONE ]
Preparing Horizon entries [ DONE ]
Preparing Swift builder entries [ DONE ]
Preparing Swift proxy entries [ DONE ]
Preparing Swift storage entries [ DONE ]
Preparing Heat entries [ DONE ]
Preparing Heat CloudFormation API entries [ DONE ]
Preparing Gnocchi entries [ DONE ]
Preparing Redis entries [ DONE ]
Preparing Ceilometer entries [ DONE ]
Preparing Aodh entries [ DONE ]
Preparing Puppet manifests [ DONE ]
Copying Puppet modules and manifests [ DONE ]
Applying 192.168.235.101_controller.pp
192.168.235.101_controller.pp: [ DONE ]
Applying 192.168.235.101_network.pp
192.168.235.101_network.pp: [ DONE ]
Applying 192.168.235.102_compute.pp
Applying 192.168.235.101_compute.pp
192.168.235.101_compute.pp: [ DONE ]
192.168.235.102_compute.pp: [ DONE ]
Applying Puppet manifests [ DONE ]
Finalizing [ DONE ]
**** Installation completed successfully ******
Additional information:
* Parameter CONFIG_NEUTRON_L2_AGENT: You have chosen OVN Neutron backend. Note that this backend does not support the VPNaaS plugin. Geneve will be used as the encapsulation method for tenant networks
* Time synchronization installation was skipped. Please note that unsynchronized time on server instances might be problem for some OpenStack components.
* File /root/keystonerc_admin has been created on OpenStack client host 192.168.235.101. To use the command line tools you need to source the file.
* To access the OpenStack Dashboard browse to http://192.168.235.101/dashboard .
Please, find your login credentials stored in the keystonerc_admin in your home directory.
* The installation log file is available at: /var/tmp/packstack/20240910-084808-673i1d3e/openstack-setup.log
* The generated manifests are available at: /var/tmp/packstack/20240910-084808-673i1d3e/manifests
8、安装完成
8.1 登入测试
http://192.168.235.101/dashboard ----登入链接
8.2 开启network开机自启服务
[root@controller ~]# systemctl enable network
[root@compute ~]# systemctl enable network