1、环境规划以及网卡配置
controller IP:192.168.235.101
compute IP:192.168.235.102
控制节点
root@luck \~\]# cd /etc/sysconfig/network-scripts/ \[root@luck network-scripts\]# vi ifcfg-ens160 \[root@luck network-scripts\]# cat ifcfg-ens160 TYPE=Ethernet BOOTPROTO=none NAME=ens160 DEVICE=ens160 ONBOOT=yes IPADDR=192.168.235.101 NETMASK=255.255.255.0 GATEWAY=192.168.235.2 DNS1=192.168.235.2
计算节点
root@luck \~\]# cd /etc/sysconfig/network-scripts/ \[root@luck network-scripts\]# vi ifcfg-ens160 \[root@luck network-scripts\]# cat ifcfg-ens160 TYPE=Ethernet BOOTPROTO=none NAME=ens160 DEVICE=ens160 ONBOOT=yes IPADDR=192.168.235.102 NETMASK=255.255.255.0 GATEWAY=192.168.235.2 DNS1=192.168.235.2
root@luck \~\]# hostnamectl set-hostname controller ---控制节点 \[root@luck \~\]# hostnamectl set-hostname compute ---计算节点
注意:networkmanager,这个组件是在!inux8版本里面管理网络服务的(ip地址),如果你提前把它关闭并禁用了,那么当节点重启的时候,是无法自动获取到ip地址的。
但是如果不关闭,它又会和 gpenstack,里面的 neutron 网络服务组件产生冲突。我们采用这种方式:暂时先不关闭networkmanager,等把所有环境全部安装好之后,再手工关闭和禁用 networkmanager,并使用 network来替换 networkmanager 这个服务。
控制节点关闭防火墙和selinux
root@controller \~\]# systemctl stop firewalld \[root@controller \~\]# systemctl disable firewalld Removed /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. \[root@controller \~\]# setenforce 0 临时关闭 \[root@controller \~\]# vi /etc/sysconfig/selinux ---永久关闭 \[root@controller \~\]# cat /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of these three values: # targeted - Targeted processes are protected, # minimum - Modification of targeted policy. Only selected processes are protected. # mls - Multi Level Security protection. SELINUXTYPE=targeted 或者永久关闭selinux sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
计算节点关闭防火墙和selinux
root@compute \~\]# systemctl stop firewalld \[root@compute \~\]# systemctl disable firewalld Removed /etc/systemd/system/multi-user.target.wants/firewalld.service. Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. \[root@compute \~\]# setenforce 0 \[root@compute\~\]#sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
3、主机名映射及基础软件包
控制节点和计算节点都要映射
root@controller \~\]# echo '192.168.235.101 controller' \>\> /etc/hosts \[root@controller \~\]# echo '192.168.235.102 compute' \>\> /etc/hosts \[root@controller \~\]# cat /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.235.101 controller 192.168.235.102 compute \[root@controller \~\]# yum install -y vim net-tools bash-completion chrony.x86_64 centos-release-openstack-victoria.noarch
4、配置时间服务器NTP
控制节点
root@controller \~\]# vim /etc/chrony.conf server ntp.aliyun.com iburst allow 192.168.100.0/24 重启时间服务器 \[root@controller \~\]# systemctl start chronyd.service \[root@controller \~\]# systemctl enable chronyd
root@compute \~\]# vim /etc/chrony.conf server controller iburst 重启时间服务器 \[root@compute \~\]# systemctl start chronyd.service \[root@compute \~\]# systemctl enable chronyd
5、配置YUM源
5.1 控制节点
root@controller \~\]# mkdir /etc/yum.repos.d/bak \[root@controller \~\]# mv /etc/yum.repos.d/\*.repo /etc/yum.repos.d/bak/ \[root@compute \~\]# cat /etc/yum.repos.d/cloudcs.repo \[highavailability
name=CentOS Stream 8 - HighAvailability
baseurl=https://mirrors.aliyun.com/centos/8-stream/HighAvailability/x86_64/os/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=1
nfv
name=CentOS Stream 8 - NFV
baseurl=https://mirrors.aliyun.com/centos/8-stream/NFV/x86_64/os/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=1
rt
name=CentOS Stream 8 - RT
baseurl=https://mirrors.aliyun.com/centos/8-stream/RT/x86_64/os/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=1
resilientstorage
name=CentOS Stream 8 - ResilientStorage
baseurl=https://mirrors.aliyun.com/centos/8-stream/ResilientStorage/x86_64/os/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=1
extras-common
name=CentOS Stream 8 - Extras packages
baseurl=https://mirrors.aliyun.com/centos/8-stream/extras/x86_64/extras-common/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Extras-SHA512
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=1
extras
name=CentOS Stream - Extras
mirrorlist=http://mirrorlist.centos.org/?release=\&arch=\&repo=extras\&infra=
#baseurl=http://mirror.centos.org///extras//os/
baseurl=https://mirrors.aliyun.com/centos/8-stream/extras/x86_64/os/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
centos-ceph-pacific
name=CentOS - Ceph Pacific
baseurl=https://mirrors.aliyun.com/centos-vault/8-stream/storage/x86_64/ceph-pacific/
gpgcheck=0
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Storage
centos-rabbitmq-38
name=CentOS-8 - RabbitMQ 38
baseurl=https://mirrors.aliyun.com/centos-vault/8-stream/messaging/x86_64/rabbitmq-38/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Messaging
centos-nfv-openvswitch
name=CentOS Stream 8 - NFV OpenvSwitch
baseurl=https://mirrors.aliyun.com/centos-vault/8-stream/nfv/x86_64/openvswitch-2/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-NFV
module_hotfixes=1
baseos
name=CentOS Stream 8 - BaseOS
baseurl=https://mirrors.aliyun.com/centos/8-stream/BaseOS/x86_64/os/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=1
appstream
name=CentOS Stream 8 - AppStream
baseurl=https://mirrors.aliyun.com/centos/8-stream/AppStream/x86_64/os/
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
gpgcheck=1
repo_gpgcheck=0
metadata_expire=6h
countme=1
enabled=1
centos-openstack-victoria
name=CentOS 8 - OpenStack victoria
baseurl=https://mirrors.aliyun.com/centos/8-stream/cloud/x86_64/openstack-victoria/
#baseurl=https://repo.huaweicloud.com/centos/8-stream/cloud/x86_64/openstack-yoga/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-Cloud
module_hotfixes=1
powertools
name=CentOS Stream 8 - PowerTools
#mirrorlist=http://mirrorlist.centos.org/?release=\&arch=\&repo=PowerTools\&infra=
baseurl=https://mirrors.aliyun.com/centos/8-stream/PowerTools/x86_64/os/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
5.2 计算节点
root@compute \~\]# mkdir /etc/yum.repos.d/bak \[root@compute \~\]# mv /etc/yum.repos.d/\*.repo /etc/yum.repos.d/bak/ \[root@compute \~\]# scp controller:/etc/yum.repos.d/cloudcs.repo /etc/yum.repos.d/
6、安装配置
6.1 控制节点安装 PackStack 工具
root@controller \~\]# yum install -y openstack-packstack
6.2 生成应答文件
root@controller \~\]# packstack --gen-answer-file=111.txt #### 6.3 修改应答文件 > \[root@controller \~\]# vim 111.txt > > 97 CONFIG_COMPUTE_HOSTS=192.168.235.101,192.168.235.102 > > 323 CONFIG_KEYSTONE_ADMIN_PW=123456 > > 1169 CONFIG_PROVISION_DEMO=n > > 60 CONFIG_HEAT_INSTALL=y > > 909 CONFIG_NEUTRON_OVN_BRIDGE_IFACES=br-ex:ens160 ## ******7、开始安装openstack****** > \[root@controller \~\]# packstack --answer-file=111.txt > > Welcome to the Packstack setup utility > > The installation log file is available at: /var/tmp/packstack/20240910-084808-673i1d3e/openstack-setup.log > > Installing: > > Clean Up \[ DONE
Discovering ip protocol version [ DONE ]
root@192.168.235.102's password:
root@192.168.235.101's password:
Setting up ssh keys [ DONE ]
Preparing servers [ DONE ]
Pre installing Puppet and discovering hosts' details [ DONE ]
Preparing pre-install entries [ DONE ]
Setting up CACERT [ DONE ]
Preparing AMQP entries [ DONE ]
Preparing MariaDB entries [ DONE ]
Fixing Keystone LDAP config parameters to be undef if empty[ DONE ]
Preparing Keystone entries [ DONE ]
Preparing Glance entries [ DONE ]
Checking if the Cinder server has a cinder-volumes vg[ DONE ]
Preparing Cinder entries [ DONE ]
Preparing Nova API entries [ DONE ]
Creating ssh keys for Nova migration [ DONE ]
Gathering ssh host keys for Nova migration [ DONE ]
Preparing Nova Compute entries [ DONE ]
Preparing Nova Scheduler entries [ DONE ]
Preparing Nova VNC Proxy entries [ DONE ]
Preparing OpenStack Network-related Nova entries [ DONE ]
Preparing Nova Common entries [ DONE ]
Preparing Neutron API entries [ DONE ]
Preparing Neutron L3 entries [ DONE ]
Preparing Neutron L2 Agent entries [ DONE ]
Preparing Neutron DHCP Agent entries [ DONE ]
Preparing Neutron Metering Agent entries [ DONE ]
Checking if NetworkManager is enabled and running [ DONE ]
Preparing OpenStack Client entries [ DONE ]
Preparing Horizon entries [ DONE ]
Preparing Swift builder entries [ DONE ]
Preparing Swift proxy entries [ DONE ]
Preparing Swift storage entries [ DONE ]
Preparing Heat entries [ DONE ]
Preparing Heat CloudFormation API entries [ DONE ]
Preparing Gnocchi entries [ DONE ]
Preparing Redis entries [ DONE ]
Preparing Ceilometer entries [ DONE ]
Preparing Aodh entries [ DONE ]
Preparing Puppet manifests [ DONE ]
Copying Puppet modules and manifests [ DONE ]
Applying 192.168.235.101_controller.pp
192.168.235.101_controller.pp: [ DONE ]
Applying 192.168.235.101_network.pp
192.168.235.101_network.pp: [ DONE ]
Applying 192.168.235.102_compute.pp
Applying 192.168.235.101_compute.pp
192.168.235.101_compute.pp: [ DONE ]
192.168.235.102_compute.pp: [ DONE ]
Applying Puppet manifests [ DONE ]
Finalizing [ DONE ]
**** Installation completed successfully ******
Additional information:
* Parameter CONFIG_NEUTRON_L2_AGENT: You have chosen OVN Neutron backend. Note that this backend does not support the VPNaaS plugin. Geneve will be used as the encapsulation method for tenant networks
* Time synchronization installation was skipped. Please note that unsynchronized time on server instances might be problem for some OpenStack components.
* File /root/keystonerc_admin has been created on OpenStack client host 192.168.235.101. To use the command line tools you need to source the file.
* To access the OpenStack Dashboard browse to http://192.168.235.101/dashboard .
Please, find your login credentials stored in the keystonerc_admin in your home directory.
* The installation log file is available at: /var/tmp/packstack/20240910-084808-673i1d3e/openstack-setup.log
* The generated manifests are available at: /var/tmp/packstack/20240910-084808-673i1d3e/manifests
8、安装完成
8.1 登入测试
http://192.168.235.101/dashboard ----登入链接
8.2 开启network开机自启服务
root@controller \~\]# systemctl enable network \[root@compute \~\]# systemctl enable network