10分钟安装OpenStack

 

OpenStack初学者的苦恼

OpenStack由一套组件构成,安装门槛非常高。虽然有DevStack/RDO/Puppet/Chef/Salt这些自动化安装工具,但这些工具只是方便了熟悉OpenStack的工程师,很多初学者仍然倍受安装门槛的折磨。

为了降低OpenStack学习曲线,我们制作了DevStack镜像,只需要一键执行,就可以安装最新的OpenStack,然后你就可以开始尽情研究OpenStack了,让你信心满满。

OpenStack最低配置要求

OpenStack需要管理网络和虚拟机网络,所以推荐使用双网卡,下面是安装OpenStack的环境要求:

  • 操作系统: Ubuntu/CentOS
  • 内存: 4GB
  • 硬盘: 20GB
  • 网络: 双网卡

在进行安装OpenStack之前,你在UOS得有一个账号,现在注册就送10元钱,足够你体验一天了。

配置UOS环境

为了满足OpenStack安装的最低要求,我们需要配置双网卡环境,主要步骤是:

 

 

设置网络

创建路由器

创建一个路由器,命名为 dev-route,并开启公网网关。

10-crate-router

创建网络

创建一个私有网络,命名为 dev-network。

10-create-network

创建两个子网

创建第1个子网,命名为 public-subnet,选择 dev-network 私有网络,设置网络地址为 192.168.0.0/24。

10-create-public-subnet

创建第2个子网,命名为 flat-subnet,选择 dev-network 私有网络,设置网络地址为 172.16.0.0/24。

10-create-flat-subnet

设置第1个子网 public-subnet 与路由器 dev-route 相关联。

10-bing-subnet-route

创建UOS虚拟机

创建一台虚拟机(使用 DevStack 镜像),叫做 ustack, 使用“4核CPU,8GB内存”配置,选择私有网络 public-subnet (虚拟机的第1块网卡eth0跟该子网相连接)。

ustack-vm

 

10-create-vm-02

给虚拟机的虚拟机网卡命名为 public-interface。

10-rename-public-interface

创建另外一个虚拟网卡,跟子网 flat-subnet 相连接,给这个虚拟网卡命名为 flat-interface。把虚拟网卡 flat-interface 绑定到虚拟机ustack上。

10-create-flat-interface

这样,这台虚拟机就有两块网卡:

  • eth0:  public-interface,跟public-subnet相连
  • eht1:flat-interface,跟flat-subnet相连

使用VNC登录虚拟机,查看网卡信息。

10-vm-vnc-01

 

现在查看一下网络拓扑图是否正确,我们要保证网卡eth0能够连接公网。

eth0 -> public-interface -> public-subnet -> dev-route -> Public Network

10-network-map-02

创建公网IP

创建一个公网IP,绑定到虚拟机ustack上的 public-interface 网卡上。

10-create-public-ip

我们尝试在自己的电脑上ping公网IP,但是却ping不通,这是为什么呢?这肯定不是UOS的问题,而是Ubuntu系统的设计造成的,这种情况只会在多网卡时才会出现。
# ping 42.62.73.241
当Ubuntu系统发现两块网卡时,会自动设置默认路由走第2块网卡(这是个糟糕的设计),但是我们是把公网IP绑定到第1块网卡上,所以导致无法ping通。解决办法是使用VNC登录虚拟机,然后使用route命令查看并设置虚拟机的路由规则。

10-vm-vnc-02

 

先删除旧的默认路由

#route del default gw 172.16.0.1

添加新的默认路由

#route add default gw 192.168.0.1

10-vm-vnc-03

再次在自己电脑上ping公网IP,直到ping通为止。

 

修改安全组规则

修改虚拟机安全组中下行规则,增加 TCP 6080端口(用于OpenStack的VNC访问)。

10-set-sg

登录虚拟机

使用root用户登录虚拟机,并给stack用户设置密码。

10-vm-login-01

10-vm-login-02

尝试使用stack用户登录虚拟机,验证设置是否正确。

双网卡环境已经配置好了,下面我们可以开始配置DevStack。

 

配置DevStack

我们已经在你的虚拟机上安装了DevStack,你只需要稍微修改一下配置文件localrc。


# ssh stack@42.62.73.241
stack@ustack:~$
stack@ustack:~$ cd ~/devstack
stack@ustack:~/devstack$
stack@ustack:~/devstack$ vim localrc

修改 localrc 中的 HOST_IP NOVNCPROXY_URL 的值。


FLOATING_RANGE=192.168.100.224/27
FIXED_RANGE=10.10.10.0/24
FIXED_NETWORK_SIZE=256
ADMIN_PASSWORD=root
MYSQL_PASSWORD=root
PULIC_INTERFACE=eth0
FLAT_INTERFACE=eth1
RABBIT_PASSWORD=root
SERVICE_TOKEN=root
SERVICE_PASSWORD=root
HOST_IP=192.168.0.4     #设置为你虚拟机第1块网卡的固定IP地址
NOVNCPROXY_URL="http://42.62.73.241:6080/vnc_auto.html"  #42.62.73.241是你虚拟机的公网IP地址
OFFLINE=True     #  切记添加上
RECLONE=False    #  切记添加上

 

一键安装OpenStack

在虚拟机中的 /home/stack/devstack/ 目录下执行stack.sh脚本,大概需要5分钟左右,你可以休息一下。

./stack.sh

5分钟之后,你会看到下面的输出。

10-vm-login-04

恭喜你已经成功安装最新版的OpenStack, 你现在可以使用浏览器登录 http://{你的公网IP地址}/,就可以登录OpenStack Dashboard,然后使用admin账号登录(密码是root)。

10-openstack-login-01

快速体验OpenStack

让我们体验一下 OpenStack in OpenStack 和 VM in VM 🙂

在界面上创建虚拟机

10-openstack-create-vm-01

10-openstack-create-vm-02

使用VNC登录OpenStack虚拟机

10-openstack-create-vm-03

 

使用SSH登录OpenStack虚拟机

首先你得先登录UOS虚拟机,然后再登录OpenStack虚拟机。

10-vm-in-vm-01

 

使用命令行操作OpenStack

你UOS虚拟机上,先导入环境变量(souce openrc admin demo),然后使用命令行工具操作OpenStack。

10-vm-loging-05

 OpenStack命令行实验

导入环境变量,这样才可以执行OpenStack命令行

ssh stack@42.62.73.241
cd devstack
source openrc admin admin

keystone

 

查看keystone命令的帮助

keystone --help

查看user列表

keystone user-list


+----------------------------------+----------+---------+----------------------+
|                id                |   name   | enabled |        email         |
+----------------------------------+----------+---------+----------------------+
| 645faf494e174c2b8416c4996725255e |  admin   |   True  |                      |
| 43044671dc9c498f88829ea6fd17ace2 | alt_demo |   True  | alt_demo@example.com |
| 3621c6c349fc4fa4bd1f11d3da2c4f09 |  cinder  |   True  |                      |
| 2660cb956c0648c49bad775a5c62787c |   demo   |   True  |   demo@example.com   |
| 6712765b1f9f4da5be65ffdda13b67ad |  glance  |   True  |                      |
| f609bd1197e847169c12fb0bf5303533 |   nova   |   True  |                      |
+----------------------------------+----------+---------+----------------------+

查看tenant(project)列表

keystone tenant-list


+----------------------------------+--------------------+---------+
|                id                |        name        | enabled |
+----------------------------------+--------------------+---------+
| f60d3416191144688252382ea6b653cc |       admin        |   True  |
| 5d33c487264643a6b0f75f6610d9f7f9 |      alt_demo      |   True  |
| 2ceab3e1406a4c3899ee5f567ad8d6b3 |        demo        |   True  |
| 5f08fbf1548b411cbe26a580baef0699 | invisible_to_admin |   True  |
| ea34ab05870944af932f7a396611a91e |      service       |   True  |
+----------------------------------+--------------------+---------+

创建user

keystone user-create --name test-user   --pass "123456"  --email "test@qq.com"  --enabled true


+----------+----------------------------------+
| Property |              Value               |
+----------+----------------------------------+
|  email   |           test@qq.com            |
| enabled  |               True               |
|    id    | 1ec0c3d4414746cbadbaeb5c44d9f7f7 |
|   name   |            test-user             |
| username |            test-user             |
+----------+----------------------------------+

创建tenant(project)

 keystone tenant-create --name test-tenant --description "only for test" --enabled true


+-------------+----------------------------------+
|   Property  |              Value               |
+-------------+----------------------------------+
| description |          only for test           |
|   enabled   |               True               |
|      id     | 5dbb4252f9f64eb195a1b9b040b1d801 |
|     name    |           test-tenant            |
+-------------+----------------------------------+

查看role列表

keystone role-list


+----------------------------------+---------------+
|                id                |      name     |
+----------------------------------+---------------+
| 97fb6fbd5e564500916525643d0e1308 |     Member    |
| 6b96d4b212314fada9582003be6a570e | ResellerAdmin |
| 9fe2ff9ee4384b1894a90878d3e92bab |    _member_   |
| 908d78cbb58c43e7bcc116ecc242682e |     admin     |
| 13c869a11c7d47d0979a2e3a47e95bdb |  anotherrole  |
| 912e054b3a7845b1a7e9684b49ccb099 |    service    |
+----------------------------------+---------------+

 

给user绑定role在指定的tenant下

keystone user-role-add --user 1ec0c3d4414746cbadbaeb5c44d9f7f7  --tenant 5dbb4252f9f64eb195a1b9b040b1d801  --role 9fe2ff9ee4384b1894a90878d3e92bab

查看service列表

keystone service-list


+----------------------------------+----------+-----------+---------------------------+
|                id                |   name   |    type   |        description        |
+----------------------------------+----------+-----------+---------------------------+
| c859cd375f824292bda62b1fa6a6e936 |  cinder  |   volume  |   Cinder Volume Service   |
| 1425801cc0754fe88175f42ef4e48f3d | cinderv2 |  volumev2 |  Cinder Volume Service V2 |
| 0f6dfe9e7e7443e2b9fabd5ecb51fd99 |   ec2    |    ec2    |  EC2 Compatibility Layer  |
| e8046243559e4d569ede4e5e253b49cb |  glance  |   image   |    Glance Image Service   |
| 225af4a71fd8477895375299197e0c25 | keystone |  identity | Keystone Identity Service |
| faf0cf12d8654555b4c6edccd28bd23e |   nova   |  compute  |    Nova Compute Service   |
| bce2ef318a294945b46851e641959ff1 |  novav3  | computev3 |  Nova Compute Service V3  |
| 3a8f069084d94f11863df3e2b0c7950d |    s3    |     s3    |             S3            |
+----------------------------------+----------+-----------+---------------------------+

查看endpoint列表

keystone endpoint-list


+----------------------------------+-----------+------------------------------------------+------------------------------------------+------------------------------------------+----------------------------------+
|                id                |   region  |                publicurl                 |               internalurl                |                 adminurl                 |            service_id            |
+----------------------------------+-----------+------------------------------------------+------------------------------------------+------------------------------------------+----------------------------------+
| 02f63ad792a548c1b52826ab41ce803f | RegionOne |  http://192.168.0.7:8773/services/Cloud  |  http://192.168.0.7:8773/services/Cloud  |  http://192.168.0.7:8773/services/Admin  | 0f6dfe9e7e7443e2b9fabd5ecb51fd99 |
| 16df636bdd714ca3af4a38a5b19369e6 | RegionOne | http://192.168.0.7:8776/v1/$(tenant_id)s | http://192.168.0.7:8776/v1/$(tenant_id)s | http://192.168.0.7:8776/v1/$(tenant_id)s | c859cd375f824292bda62b1fa6a6e936 |
| 3535806f69a64839b7249f165eb72ac2 | RegionOne |         http://192.168.0.7:3333          |         http://192.168.0.7:3333          |         http://192.168.0.7:3333          | 3a8f069084d94f11863df3e2b0c7950d |
| 40d469296cee4090850c24fba7ee4912 | RegionOne |        http://192.168.0.7:8774/v3        |        http://192.168.0.7:8774/v3        |        http://192.168.0.7:8774/v3        | bce2ef318a294945b46851e641959ff1 |
| 5808f30f3d51490594904614e98095c2 | RegionOne |       http://192.168.0.7:5000/v2.0       |       http://192.168.0.7:5000/v2.0       |      http://192.168.0.7:35357/v2.0       | 225af4a71fd8477895375299197e0c25 |
| 7e7430c0017b408e81f01cb275be5316 | RegionOne | http://192.168.0.7:8776/v2/$(tenant_id)s | http://192.168.0.7:8776/v2/$(tenant_id)s | http://192.168.0.7:8776/v2/$(tenant_id)s | 1425801cc0754fe88175f42ef4e48f3d |
| b5c47bb20f224fa79e12a4155a8422b0 | RegionOne | http://192.168.0.7:8774/v2/$(tenant_id)s | http://192.168.0.7:8774/v2/$(tenant_id)s | http://192.168.0.7:8774/v2/$(tenant_id)s | faf0cf12d8654555b4c6edccd28bd23e |
| e6b1af3813ac4bdeab34f1260725ba98 | RegionOne |         http://192.168.0.7:9292          |         http://192.168.0.7:9292          |         http://192.168.0.7:9292          | e8046243559e4d569ede4e5e253b49cb |
+----------------------------------+-----------+------------------------------------------+------------------------------------------+------------------------------------------+----------------------------------+

glance

查看glance命令的帮助

glance --help

查看image列表

glance image-list


+--------------------------------------+---------------------------------+-------------+------------------+----------+--------+
| ID                                   | Name                            | Disk Format | Container Format | Size     | Status |
+--------------------------------------+---------------------------------+-------------+------------------+----------+--------+
| 0b5a50c8-377f-4432-b25a-6944f0068075 | cirros-0.3.2-x86_64-uec         | ami         | ami              | 25165824 | active |
| 5c32aaad-01a6-4fd7-81b2-2ea39898e54d | cirros-0.3.2-x86_64-uec-kernel  | aki         | aki              | 4969360  | active |
| 29491745-040e-4d21-b9c7-5502bc1ce463 | cirros-0.3.2-x86_64-uec-ramdisk | ari         | ari              | 3723817  | active |
+--------------------------------------+---------------------------------+-------------+------------------+----------+--------+

上传镜像

wget http://cdn.download.cirros-cloud.net/0.3.2/cirros-0.3.2-x86_64-disk.img
glance image-create --name "hello-cirros" --disk-format qcow2  --container-format bare --is-public True --progress < cirros-0.3.2-x86_64-disk.img

[=============================>] 100%
+------------------+--------------------------------------+
| Property         | Value                                |
+------------------+--------------------------------------+
| checksum         | 64d7c1cd2b6f60c92c14662941cb7913     |
| container_format | bare                                 |
| created_at       | 2014-12-26T07:17:26                  |
| deleted          | False                                |
| deleted_at       | None                                 |
| disk_format      | qcow2                                |
| id               | 679e1943-8260-400b-b478-4ceee59d81e9 |
| is_public        | True                                 |
| min_disk         | 0                                    |
| min_ram          | 0                                    |
| name             | hello-cirros                         |
| owner            | f60d3416191144688252382ea6b653cc     |
| protected        | False                                |
| size             | 13167616                             |
| status           | active                               |
| updated_at       | 2014-12-26T07:17:26                  |
| virtual_size     | None                                 |
+------------------+--------------------------------------+

下载镜像

glance image-download 679e1943-8260-400b-b478-4ceee59d81e9 > hello-cirros.img

 

nova

查看nova命令的帮助

nova --help

查看flavor列表

nova flavor-list


+--------------------------------------+--------------+-----------+------+-----------+------+-------+-------------+-----------+
| ID                                   | Name         | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |
+--------------------------------------+--------------+-----------+------+-----------+------+-------+-------------+-----------+
| 06fe978c-8dbc-4ef4-9646-415282a07ffe | m3.xxxxlarge | 51200     | 100  | 0         | 2048 | 20    | 1.0         | True      |
| 1                                    | m1.tiny      | 512       | 1    | 0         |      | 1     | 1.0         | True      |
| 2                                    | m1.small     | 2048      | 20   | 0         |      | 1     | 1.0         | True      |
| 3                                    | m1.medium    | 4096      | 40   | 0         |      | 2     | 1.0         | True      |
| 4                                    | m1.large     | 8192      | 80   | 0         |      | 4     | 1.0         | True      |
| 42                                   | m1.nano      | 64        | 0    | 0         |      | 1     | 1.0         | True      |
| 5                                    | m1.xlarge    | 16384     | 160  | 0         |      | 8     | 1.0         | True      |
| 84                                   | m1.micro     | 128       | 0    | 0         |      | 1     | 1.0         | True      |
+--------------------------------------+--------------+-----------+------+-----------+------+-------+-------------+-----------+

创建虚拟机

nova boot --flavor 42 --image 679e1943-8260-400b-b478-4ceee59d81e9 vm01


+--------------------------------------+-----------------------------------------------------+
| Property                             | Value                                               |
+--------------------------------------+-----------------------------------------------------+
| OS-DCF:diskConfig                    | MANUAL                                              |
| OS-EXT-AZ:availability_zone          | nova                                                |
| OS-EXT-SRV-ATTR:host                 | -                                                   |
| OS-EXT-SRV-ATTR:hypervisor_hostname  | -                                                   |
| OS-EXT-SRV-ATTR:instance_name        | instance-00000005                                   |
| OS-EXT-STS:power_state               | 0                                                   |
| OS-EXT-STS:task_state                | scheduling                                          |
| OS-EXT-STS:vm_state                  | building                                            |
| OS-SRV-USG:launched_at               | -                                                   |
| OS-SRV-USG:terminated_at             | -                                                   |
| accessIPv4                           |                                                     |
| accessIPv6                           |                                                     |
| adminPass                            | 5do7mSaSrTCz                                        |
| config_drive                         |                                                     |
| created                              | 2014-12-26T07:24:10Z                                |
| flavor                               | m1.nano (42)                                        |
| hostId                               |                                                     |
| id                                   | 9b8a7e75-e662-4ba6-a998-98beb3261815                |
| image                                | hello-cirros (679e1943-8260-400b-b478-4ceee59d81e9) |
| key_name                             | -                                                   |
| metadata                             | {}                                                  |
| name                                 | vm01                                                |
| os-extended-volumes:volumes_attached | []                                                  |
| progress                             | 0                                                   |
| security_groups                      | default                                             |
| status                               | BUILD                                               |
| tenant_id                            | f60d3416191144688252382ea6b653cc                    |
| updated                              | 2014-12-26T07:24:11Z                                |
| user_id                              | 645faf494e174c2b8416c4996725255e                    |
+--------------------------------------+-----------------------------------------------------+

查看虚拟机列表

nova list


+--------------------------------------+------+--------+------------+-------------+--------------------+
| ID                                   | Name | Status | Task State | Power State | Networks           |
+--------------------------------------+------+--------+------------+-------------+--------------------+
| 9b8a7e75-e662-4ba6-a998-98beb3261815 | vm01 | ACTIVE | -          | Running     | private=10.10.10.3 |
+--------------------------------------+------+--------+------------+-------------+--------------------+

查看虚拟机相信信息

nova show 9b8a7e75-e662-4ba6-a998-98beb3261815

停止虚拟机

nova stop 9b8a7e75-e662-4ba6-a998-98beb3261815

启动虚拟机

nova start 9b8a7e75-e662-4ba6-a998-98beb3261815

 

cinder

查看cinder命令的帮助

cinder --help

查看volume列表

cinder list

创建volume

cinder create --name vol01 2


+---------------------------------------+--------------------------------------+
|                Property               |                Value                 |
+---------------------------------------+--------------------------------------+
|              attachments              |                  []                  |
|           availability_zone           |                 nova                 |
|                bootable               |                false                 |
|          consistencygroup_id          |                 None                 |
|               created_at              |      2014-12-26T07:29:48.000000      |
|              description              |                 None                 |
|               encrypted               |                False                 |
|                   id                  | 6c058841-74c3-41eb-a391-65428ed2804b |
|                metadata               |                  {}                  |
|                  name                 |                vol01                 |
|         os-vol-host-attr:host         |    test2@lvmdriver-1#lvmdriver-1     |
|     os-vol-mig-status-attr:migstat    |                 None                 |
|     os-vol-mig-status-attr:name_id    |                 None                 |
|      os-vol-tenant-attr:tenant_id     |   f60d3416191144688252382ea6b653cc   |
|   os-volume-replication:driver_data   |                 None                 |
| os-volume-replication:extended_status |                 None                 |
|           replication_status          |               disabled               |
|                  size                 |                  2                   |
|              snapshot_id              |                 None                 |
|              source_volid             |                 None                 |
|                 status                |               creating               |
|                user_id                |   645faf494e174c2b8416c4996725255e   |
|              volume_type              |             lvmdriver-1              |

挂载volume (nova volume-attach <instance uuid>  <volume uuid>)

nova volume-attach 69434d45-c2ff-4530-8e5f-ad20570bac34 6c058841-74c3-41eb-a391-65428ed2804b

卸载volume

nova volume-detach 69434d45-c2ff-4530-8e5f-ad20570bac34 6c058841-74c3-41eb-a391-65428ed2804b

 

总结

得益于UOS的SDN和分布式存储,让网络规划如此方便,让虚拟机操作如此快捷。从上可以看出,我们可以在培训领域广泛使用UOS,提高教学效率,降低成本。

5 comments

  1. 高磊 Reply

    你好!我按照上面的步骤操作,执行到登录OpenStack Dashboard时,用admin/root登录,提示“An error occurred authenticating. Please try again later.”,登录失败。不知道是什么原因?

  2. 童燕群 Reply

    UOS上面再安装OpenStack,好像有点怪吧,仅仅只剩下学习OpenStack的用途了。什么时候出一个本地版本。

  3. anonymous Reply

    赞,非常有用的 wirteup。

    另发现一个无伤大雅的 typos s/flaovr/flavor

Leave a Reply

Your email address will not be published. Required fields are marked *