目录
6、关闭防火墙、selinux、NetworkManager服务
①、再次运行packstack --allinone命令,终于成功啦,这一步正常运行时间会久一点,泡杯茶等会
一、Packstack工具介绍
Packstack是一个用于快速部署OpenStack云平台的工具。它基于Puppet和Foreman,能够自动化配置和管理OpenStack的各个组件。Packstack可以简化OpenStack的安装过程,让用户能够快速搭建起一个功能完整的私有云环境。
Packstack提供了一个交互式的命令行界面,用户可以通过简单的命令完成OpenStack的安装。它会自动安装和配置OpenStack的各个组件,包括计算节点、网络节点、存储节点等。用户只需要按照提示进行一些基本选项的配置,就可以完成整个安装过程。
Packstack还提供了一些高级选项,用户可以根据自己的需求进行定制。例如,用户可以选择安装特定的OpenStack组件,或者指定网络配置等。
使用Packstack部署OpenStack可以帮助用户节省大量的时间和精力。它能够自动处理复杂的配置和依赖关系,用户不需要手动设置和管理各个组件。同时,Packstack还提供了一些扩展功能,例如自动创建虚拟机和网络等。
总而言之,Packstack是一个简单易用的工具,可以帮助用户快速搭建OpenStack私有云平台,提供了自动化配置和管理的功能,极大地简化了OpenStack的部署过程。
Packstack工具安装OpenStack的原理是通过使用Puppet和Foreman进行自动化配置和管理。Puppet是一个流行的自动化配置工具,它使用一种声明式的语言来描述系统的配置状态,然后自动将系统配置为所需的状态。Foreman是一个开源的基础架构自动化管理工具,它提供了一个用户友好的Web界面,用于管理和监控系统的配置。
二、Packstack工具安装OpenStack的原理
在Packstack安装过程中,首先会检测系统的配置和环境,确保满足部署OpenStack所需的最低要求。然后,Packstack会根据用户选择的选项和配置文件,使用Puppet来安装和配置OpenStack各个组件,包括计算节点、网络节点、存储节点等。Puppet会根据预先定义的配置模板,自动下载和安装所需的软件包,并进行相应的配置和参数设置。
Packstack还会使用Foreman来监控和管理OpenStack的配置状态。Foreman提供了一个用户友好的Web界面,在这里用户可以查看和管理系统的配置信息,如虚拟机和网络的状态等。通过Foreman,用户可以方便地进行OpenStack的管理和维护工作。
总结起来,Packstack利用Puppet和Foreman实现了对OpenStack的自动化安装和配置。它通过使用预定义的配置模板和参数,自动下载和安装所需的软件包,并进行相应的配置和设置。通过Foreman,用户可以方便地监控和管理OpenStack的配置状态。这样,用户可以快速搭建起一个功能完整的OpenStack私有云环境。
在CentOS7下使用packstack快速部署OpenStack是一个高效的方法,可以帮助我们快速设置一个概念验证(PoC)环境。Packstack是一个命令行工具,使用Python封装了Puppet模块,通过SSH在服务器上部署OpenStack。下面将介绍详细的安装和配置过程。
三、使用PackStack工具安装Open Stack
1、环境准备
以下是我对虚拟机环境的设置
像内存最好是10G往上最好,避免后续不必要的麻烦
| 操作系统版本 | 硬件配置 | 虚拟机IP地址 | 主机名 | OpenStack版本 |
| centos7.9 | 4vCPUS/10.6G 100G硬盘 | 192.168.126.5/24 | openstack | Stein |
环境准备好后,配置虚拟机网络
2、配置网络连接
#以下是我的网络配置环境,根据自己实际情况修改即可
cat /etc/sysconfig/network-scripts/ifcfg-ens160
BOOTPROTO=static
ONBOOT=yes
IPADDR=192.168.126.5
NETMASK=255.255.255.0
GATEWAY=192.168.126.2
DNS1=192.168.126.2
DNS2=223.5.5.5
用连接工具XShell进行连接
3、修改主机名
[root@localhost ~]# hostnamectl set-hostname openstack
[root@localhost ~]# 登出 #Ctrl+D,重新连接主机名生效
连接断开
连接主机...
连接主机成功
Last login: Tue Jun 18 15:06:25 2024 from 192.168.126.1
[root@openstack ~]#
查看主机IP
[root@openstack ~]# hostname -I
192.168.126.5
[root@openstack ~]# ip addr show
4、配置主机映射
#写入hosts文件
[root@openstack ~]# cat >> /etc/hosts << EOF
> 192.168.126.5 openstack
> EOF
#查看
[root@openstack ~]# more /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.126.5 openstack
#直接ping主机名测试
[root@openstack ~]# ping -c1 openstack
PING openstack (192.168.126.5) 56(84) bytes of data.
64 bytes from openstack (192.168.126.5): icmp_seq=1 ttl=64 time=0.024 ms
--- openstack ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.024/0.024/0.024/0.000 ms
5、设置SHH免密登录
#ssh-keygen命令能够对SSH密钥文件进行生成、管理、转换等工作,支持RSA和DSA两种密钥格式。
#创建一个SSH密钥文件, 产生公钥与私钥对
[root@openstack ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): #直接回车,以默认路径保存
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase): #直接回车,不额外设置密钥密码
Enter same passphrase again: #直接回车,确认不额外设置密钥密码
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:8t20um6vL6B2yWC0i8e9cFtMsQFiONMWVl9Fj9IEkwk root@openstack
The key's randomart image is:
+---[RSA 2048]----+
| o=oo E.+*+ |
| +oo. o .o+ o |
| + + . o .|
| . + . |
| ...S o . |
| +o.+ o . |
| +.*oo+ o |
| . *o=oo. |
| o .o+=*o |
+----[SHA256]-----+
#将本机的公钥复制到远程机器的authorized_keys文件中
[root@openstack ~]# ssh-copy-id [email protected]
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.126.5 (192.168.126.5)' can't be established.
ECDSA key fingerprint is SHA256:3xs/VVcVIUX5Qb6MsY3bwCCOhfS9wLOv+MyIkv5xHSs.
ECDSA key fingerprint is MD5:8f:09:ad:95:04:bf:d3:b3:9e:41:7f:7a:b2:7a:ce:95.
Are you sure you want to continue connecting (yes/no)? yes #输入yes,确认继续连接
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh '[email protected]'"
and check to make sure that only the key(s) you wanted were added.
6、关闭防火墙、selinux、NetworkManager服务
同时关闭禁用NetworkManager和firewalld,最后重启network服务以更新网络设置
#关闭禁用防火墙
[root@openstack ~]# systemctl stop firewalld
[root@openstack ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
#临时禁用selinux(这个作用是不用重启系统)
[root@openstack ~]# setenforce 0
#永久禁用selinux
[root@openstack ~]# sed -i 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config
#关闭禁用NetworkManager
[root@openstack ~]# systemctl stop NetworkManager
[root@openstack ~]# systemctl disable NetworkManager
Removed symlink /etc/systemd/system/multi-user.target.wants/NetworkManager.service.
Removed symlink /etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service.
Removed symlink /etc/systemd/system/network-online.target.wants/NetworkManager-wait-online.service.
#查看NetworkManage状态,确认关闭
[root@openstack ~]# systemctl status NetworkManager
● NetworkManager.service - Network Manager
Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; disabled; vendor preset: enabled)
Active: inactive (dead) since 二 2024-06-18 16:07:13 CST; 21s ago
Docs: man:NetworkManager(8)
Main PID: 1070 (code=exited, status=0/SUCCESS)
#重启网络
[root@openstack ~]# systemctl restart network
7、获取网络yum源
清空系统默认的yum源
#可以做一个备份(推荐)
mkdir /opt/yum.repo.bak
mv /etc/yum.repos.d/* /opt/yum.repo.bak
#或者
#直接删除
rm -rf /etc/yum.repos.d/*#拉取网络yum源
[root@openstack ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
[root@openstack ~]# curl -o /etc/yum.repos.d/epel.repo https://mirrors.aliyun.com/repo/epel-7.repo
8、安装常用软件
#这些软件默认是安装的,也可以安装确认一下
#bash-completion,指令自动补全
#yum-utils,这是一个与 yum 集成的实用程序集合,可以通过多种方式扩展其本机功能,从而使其更强大且更易于使用
[root@openstack ~]# yum -y install bash-completion yum-utils
9、安装OpenStack stein的yum库
[root@openstack ~]# yum -y install centos-release-openstack-stein
#安装后做一个做一个yum源备份
[root@openstack ~]# cp /etc/yum.repos.d/CentOS-OpenStack-stein.repo /etc/yum.repos.d/CentOS-OpenStack-stein.repo.bak
#修改yum源文件
[root@openstack ~]# vi /etc/yum.repos.d/CentOS-OpenStack-stein.repo
[centos-openstack-stein]
name=CentOS-7 - OpenStack stein
baseurl=http://mirror.centos.org/$contentdir/$releasever/cloud/$basearch/openstack-stein/ #取消注释,访问该源路径
#mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=cloud-openstack-stein #将其注释
#清理 YUM 缓存中的所有数据
[root@openstack ~]# yum clean all
#生成软件包的元数据缓存,这可以提升后续使用
yum进行软件包安装、更新等操作的速度,因为系统可以直接访问本地的元数据缓存,而不是每次都从远程仓库下载[root@openstack ~]# yum makecache
10、安装packstack软件包工具
[root@openstack ~]# yum -y install openstack-packstack
四、运行Packstack
1、快速运行Packstack
在终端中执行packstack --allinone命令以快速运行Packstack,安装OpenStack allinone,这将使用默认配置在服务器上部署All-in-One的OpenStack环境。Packstack将自动安装所有必需的组件并配置它们。完成安装后,可以通过浏览器访问OpenStack的控制面板。
#快速运行Packstack
[root@openstack ~]# packstack --allinone
Welcome to the Packstack setup utility
The installation log file is available at: /var/tmp/packstack/20240618-165356-f3rnEs/openstack-setup.log
Installing:
Clean Up [ DONE ]
Discovering ip protocol version [ DONE ]
Setting up ssh keys [ DONE ]
Preparing servers [ DONE ]
Pre installing Puppet and discovering hosts' details[ ERROR ]
ERROR : Failed to run remote script, stdout:
stderr: Warning: Permanently added '192.168.126.5' (ECDSA) to the list of known hosts.
+ trap t ERR
+ facter -p
facter: error while loading shared libraries: leatherman_curl.so.1.3.0: cannot open shared object file: No such file or directory
++ t
++ exit 127
Please check log file /var/tmp/packstack/20240618-165356-f3rnEs/openstack-setup.log for more information
Additional information:
* Parameter CONFIG_NEUTRON_L2_AGENT: You have choosen OVN neutron backend. Note that this backend does not support LBaaS, VPNaaS or FWaaS services. Geneve will be used as encapsulation method for tenant networks
#报错1
根据报错内容
facter: error while loading shared libraries: leatherman_curl.so.1.3.0: cannot open shared object file: No such file or directory#查看是否有该软件包,有改软件包,这是我就搞不明白了
[root@openstack ~]# yum list | grep leatherman
leatherman.x86_64 1.10.0-1.el7 @epel
leatherman-devel.x86_64 1.10.0-1.el7 epel
在网上查看了许多教程,原因可能是 leatherman 版本问题。
#该软件包确实有的,但是版本不一致,这里回退 leatherman版本
#解决
[root@openstack ~]# yum downgrade leatherman -y
###########################这里我又想起来由于我没有开启虚拟机的虚拟化,将虚拟机关机打开虚拟化,如果在安装之前没有开启虚拟化也会成为错误原因#########################
再次运行packstack --allinone命令,又报错咱也是好脾气,遇到问题我不急
#报错2
[root@openstack ~]# packstack --allinone
Applying 192.168.126.5_controller.pp
192.168.126.5_controller.pp: [ ERROR ]
Applying Puppet manifests [ ERROR ]
ERROR : Error appeared during Puppet run: 192.168.126.5_controller.pp
Error: Execution of '/usr/bin/yum -d 0 -e 0 -y install openstack-keystone' returned 1: Error: Package: python2-qpid-proton-0.22.0-1.el7.x86_64 (centos-openstack-stein)
You will find full trace in log /var/tmp/packstack/20240619-081925-vVLNr9/manifests/192.168.126.5_controller.pp.log
Please check log file /var/tmp/packstack/20240619-081925-vVLNr9/openstack-setup.log for more information
Additional information:
* Parameter CONFIG_NEUTRON_L2_AGENT: You have choosen OVN neutron backend. Note that this backend does not support LBaaS, VPNaaS or FWaaS services. Geneve will be used as encapsulation method for tenant networks
* A new answerfile was created in: /root/packstack-answers-20240619-081926.txt
* Time synchronization installation was skipped. Please note that unsynchronized time on server instances might be problem for some OpenStack components.
* File /root/keystonerc_admin has been created on OpenStack client host 192.168.126.5. To use the command line tools you need to source the file.
* To access the OpenStack Dashboard browse to http://192.168.126.5/dashboard .
Please, find your login credentials stored in the keystonerc_admin in your home directory.
根据报错内容
Error: Execution of '/usr/bin/yum -d 0 -e 0 -y install openstack-keystone' returned 1: Error: Package: python2-qpid-proton-0.22.0-1.el7.x86_64 (centos-openstack-stein)原因:缺失软件包
#解决
#安装依赖软件包
[root@openstack ~]# yum -y install PackageKit-backend
[root@openstack ~]# yum -y install yum-utils
[root@openstack ~]# yum install -y qpid-proton-c-0.22.0-1.el7.x86_64
#安装软件包
[root@openstack ~]# yum -y install openstack-keystone
#成功
①、再次运行packstack --allinone命令,终于成功啦,这一步正常运行时间会久一点,泡杯茶等会
[root@openstack ~]# packstack --allinone
Welcome to the Packstack setup utility
The installation log file is available at: /var/tmp/packstack/20240619-085043-RWK76v/openstack-setup.log
Installing:
Clean Up [ DONE ]
Discovering ip protocol version [ DONE ]
Setting up ssh keys [ DONE ]
Preparing servers [ DONE ]
Pre installing Puppet and discovering hosts' details [ DONE ]
Preparing pre-install entries [ DONE ]
Setting up CACERT [ DONE ]
Preparing AMQP entries [ DONE ]
Preparing MariaDB entries [ DONE ]
Fixing Keystone LDAP config parameters to be undef if empty[ DONE ]
Preparing Keystone entries [ DONE ]
Preparing Glance entries [ DONE ]
Checking if the Cinder server has a cinder-volumes vg[ DONE ]
Preparing Cinder entries [ DONE ]
Preparing Nova API entries [ DONE ]
Creating ssh keys for Nova migration [ DONE ]
Gathering ssh host keys for Nova migration [ DONE ]
Preparing Nova Compute entries [ DONE ]
Preparing Nova Scheduler entries [ DONE ]
Preparing Nova VNC Proxy entries [ DONE ]
Preparing OpenStack Network-related Nova entries [ DONE ]
Preparing Nova Common entries [ DONE ]
Preparing Neutron LBaaS Agent entries [ DONE ]
Preparing Neutron API entries [ DONE ]
Preparing Neutron L3 entries [ DONE ]
Preparing Neutron L2 Agent entries [ DONE ]
Preparing Neutron DHCP Agent entries [ DONE ]
Preparing Neutron Metering Agent entries [ DONE ]
Checking if NetworkManager is enabled and running [ DONE ]
Preparing OpenStack Client entries [ DONE ]
Preparing Horizon entries [ DONE ]
Preparing Swift builder entries [ DONE ]
Preparing Swift proxy entries [ DONE ]
Preparing Swift storage entries [ DONE ]
Preparing Gnocchi entries [ DONE ]
Preparing Redis entries [ DONE ]
Preparing Ceilometer entries [ DONE ]
Preparing Aodh entries [ DONE ]
Preparing Puppet manifests [ DONE ]
Copying Puppet modules and manifests [ DONE ]
Applying 192.168.126.5_controller.pp
192.168.126.5_controller.pp: [ DONE ]
Applying 192.168.126.5_network.pp
192.168.126.5_network.pp: [ DONE ]
Applying 192.168.126.5_compute.pp
192.168.126.5_compute.pp: [ DONE ]
Applying Puppet manifests [ DONE ]
Finalizing [ DONE ]
**** Installation completed successfully ******
#这个说我们安装成功啦!
Additional information:
* Parameter CONFIG_NEUTRON_L2_AGENT: You have choosen OVN neutron backend. Note that this backend does not support LBaaS, VPNaaS or FWaaS services. Geneve will be used as encapsulation method for tenant networks
* A new answerfile was created in: /root/packstack-answers-20240619-085043.txt
* Time synchronization installation was skipped. Please note that unsynchronized time on server instances might be problem for some OpenStack components.
* File /root/keystonerc_admin has been created on OpenStack client host 192.168.126.5. To use the command line tools you need to source the file.
* To access the OpenStack Dashboard browse to http://192.168.126.5/dashboard .
Please, find your login credentials stored in the keystonerc_admin in your home directory.
* The installation log file is available at: /var/tmp/packstack/20240619-085043-RWK76v/openstack-setup.log
* The generated manifests are available at: /var/tmp/packstack/20240619-085043-RWK76v/manifests
②、查看Dashboard web页面的登录账号和密码
http://192.168.126.5/dashboard为OpenStack的登录地址(根据自己主机IP访问)
/root/keystonerc_admin文件是存放登录用户名和密码。
#查看用户名和密码username、password
[root@openstack ~]# cat keystonerc_admin
unset OS_SERVICE_TOKEN
export OS_USERNAME=admin #Dashboard登录账号
export OS_PASSWORD='63d66fdb08cf4c5c' #Dashboard登录密码
export OS_REGION_NAME=RegionOne
export OS_AUTH_URL=http://192.168.126.5:5000/v3
export PS1='[\u@\h \W(keystone_admin)]\$ '
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_IDENTITY_API_VERSION=3
③、Dashboard web登录界面
④、修改密码
登录的随机密码确实记不住呀,我是不愿意老是复制密码,复制密码这件事我只做一次!!!登录后第一件事我就是修改密码,右上角设置,修改密码
修改完成后,重新登录即可
⑤、修改配置
为了保证后续的步骤能成功进行,需要修改一下keystonerc_admin文件中的OS_PASSWORD变量,换成自己设置的新密码
[root@openstack ~]# vi keystonerc_admin
export OS_PASSWORD='000000'
补充
2、交互式运行Packstack
如果我们要更加灵活地配置OpenStack环境,可以使用交互式模式运行Packstack
#生成配置文件
[root@openstack ~]# packstack --gen-answer-file=answerfile.txt
这将生成一个包含所有配置选项的answerfile.txt文件。然后可以编辑该文件以自定义的OpenStack部署。完成编辑后,指定文件继续安装
[root@openstack ~]# packstack --answer-file=answerfile.txt
3、非交互式运行Packstack
如果我们要在脚本中自动化部署过程,可以使用非交互式模式运行Packstack。首先,创建一个包含所有必需参数的配置文件(例如config.txt)
[root@openstack ~]# packstack --config=config.txt
这将根据配置文件中指定的参数自动部署OpenStack环境。要注意的是,需要在配置文件中指定所有必需的参数,以便正确配置OpenStack组件
五、创建OpenStack实例
网络这些其实是已经创建好了的(我就懒得创建的,用它原有的就行了,当然也可以删除自己去创建,后面我给大家说明一下创建方法) 步骤10已讲解大家可以删除原有的外网自行创建(推荐)
网络
172.24.4.0/24段为已有外网
路由
1、创建路由
这边需要新建一个路由,因为已有的路由所属的项目为demo,我们要创建一个所属项目为admin的路由
管理员--->网络--->路由--->新建路由
2、新建内网网络
新建一个内网网络
项目--->网络---->网络--->创建网络
3、新增所属admin的route这个内网接口
项目--->网络--->路由--->点击route--->接口--->增加接口
确认 ping 路由固定IP,如果 ping 不通路由,说明网络配置有误
[root@openstack ~]# ping -c4 172.24.4.98
PING 172.24.4.98 (172.24.4.98) 56(84) bytes of data.
64 bytes from 172.24.4.98: icmp_seq=1 ttl=254 time=6.51 ms
64 bytes from 172.24.4.98: icmp_seq=2 ttl=254 time=0.186 ms
64 bytes from 172.24.4.98: icmp_seq=3 ttl=254 time=0.218 ms
64 bytes from 172.24.4.98: icmp_seq=4 ttl=254 time=0.205 ms
--- 172.24.4.98 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3001ms
rtt min/avg/max/mdev = 0.186/1.780/6.512/2.732 ms
4、查看网络拓扑
5、安全组
这边安全组我使用默认
6、拉取 上传镜像
#拉取镜像
wget https://download.cirros-cloud.net/0.5.2/cirros-0.5.2-x86_64-disk.img#生效环境变量
[root@openstack ~(keystone_admin)]# source keystonerc_admin
#上传镜像到OpenStack
openstack image create "cirros_1" --file cirros-0.5.2-x86_64-disk.img --disk-format qcow2 --container-format bare --public
7、创建实例
项目--->计算--->实例--->创建实例
#查看所有实例
[root@openstack ~(keystone_admin)]# virsh list --all
Id 名称 状态
----------------------------------------------------
1 instance-00000003 running
8、分配浮动IP
浮动IP讲解
公网用于和外界通信,这里的公网也就是外部网络使用了默认的172.24.4.0/24的网段(宿主机可以连接wifi上网),就比如在华为云中,公网的IP就是真实可上网的地址,需要我们去花钱购买才能使用(这个也就是我们这里的浮动IP);
而私网用于租户内部之间的通信,可以由我们用户自行分配,且数量不限;
而路由器用于连接公网和私网,如果内部主机想要上网,需要通过路由器来进行转发。
OpenStack中的浮动IP(Floating IP)是一个公共的IP地址,用于将虚拟机(实例)与外部网络连接起来。浮动IP允许外部网络通过互联网访问虚拟机,在虚拟机与外部网络之间建立网络连接。
在OpenStack中,每个项目(tenant)可以分配一定数量的浮动IP地址。浮动IP地址是从云提供商的公共IP地址池中分配的,可以在不同的虚拟机间进行动态分配和释放。
浮动IP的作用是将真实世界的IP地址映射到虚拟机的内部IP地址。这样,虚拟机就可以通过浮动IP地址与外部网络通信,接收来自外部网络的请求和流量。浮动IP解决了虚拟机内部IP地址无法直接从外部网络访问的问题。
使用浮动IP可以实现以下功能:
- 允许外部网络通过互联网访问虚拟机。
- 允许虚拟机主动与外部网络通信。
- 支持负载均衡和高可用性,通过将浮动IP绑定到多个虚拟机实现请求的分发和故障转移。
要使用浮动IP,首先需要创建一个浮动IP池(Floating IP Pool),并从该池中分配浮动IP地址给虚拟机。然后,将浮动IP地址绑定到虚拟机的网络接口上。这样,虚拟机就可以使用浮动IP地址与外部网络进行通信。
总结起来,OpenStack中的浮动IP是一个公共的IP地址,用于将虚拟机与外部网络连接起来。它允许外部网络通过互联网访问虚拟机,并实现负载均衡和高可用性。使用浮动IP需要创建一个浮动IP池,并将浮动IP地址绑定到虚拟机的网络接口上。
绑定浮动IP(必须绑定否则连接虚拟机不上)
#Ping浮动IP,可以ping通,说明能使用
[root@openstack ~]# ping -c4 172.24.4.7
PING 172.24.4.7 (172.24.4.7) 56(84) bytes of data.
64 bytes from 172.24.4.7: icmp_seq=1 ttl=63 time=0.754 ms
64 bytes from 172.24.4.7: icmp_seq=2 ttl=63 time=0.526 ms
64 bytes from 172.24.4.7: icmp_seq=3 ttl=63 time=0.440 ms
64 bytes from 172.24.4.7: icmp_seq=4 ttl=63 time=0.362 ms
9、连接登陆到该实例
这个镜像的用户名和密码
user:cirros
pass:'gocubsgo'
[root@openstack ~]# virsh console instance-00000003
连接到域 instance-00000003
换码符为 ^]
login as 'cirros' user. default password: 'gocubsgo'. use 'sudo' for root.
try login: cirros
Password:
$ ifconfig
eth0 Link encap:Ethernet HWaddr FA:16:3E:72:36:B4
inet addr:11.12.13.155 Bcast:11.12.13.255 Mask:255.255.255.0
inet6 addr: fe80::f816:3eff:fe72:36b4/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1442 Metric:1
RX packets:77 errors:0 dropped:0 overruns:0 frame:0
TX packets:131 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:8364 (8.1 KiB) TX bytes:11626 (11.3 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Ping宿主机
$ ping -c4 192.168.126.5
PING 192.168.126.5 (192.168.126.5): 56 data bytes
64 bytes from 192.168.126.5: seq=0 ttl=63 time=21.242 ms
64 bytes from 192.168.126.5: seq=1 ttl=63 time=0.871 ms
64 bytes from 192.168.126.5: seq=2 ttl=63 time=0.775 ms
64 bytes from 192.168.126.5: seq=3 ttl=63 time=1.417 ms
--- 192.168.126.5 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 0.775/6.076/21.242 ms
#这里面大家也可以去ping一下浮动IP,我就不展示了
SSH方式登录
[root@openstack ~]# ssh [email protected]
The authenticity of host '172.24.4.7 (172.24.4.7)' can't be established.
ECDSA key fingerprint is SHA256:KigVju46uVM69MctBwJdN/lsZeFBCy2DUG6TJRNjfMs.
ECDSA key fingerprint is MD5:21:8e:46:99:44:5b:4f:87:12:f5:91:ec:98:45:95:d5.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.24.4.7' (ECDSA) to the list of known hosts.
[email protected]'s password:
$ ifconfig
eth0 Link encap:Ethernet HWaddr FA:16:3E:72:36:B4
inet addr:11.12.13.155 Bcast:11.12.13.255 Mask:255.255.255.0
inet6 addr: fe80::f816:3eff:fe72:36b4/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1442 Metric:1
RX packets:165 errors:0 dropped:0 overruns:0 frame:0
TX packets:220 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:20134 (19.6 KiB) TX bytes:20740 (20.2 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
10、自己创建外部网络方法
上面给大家说了不使用它原有的外部网络,自己创建外部网络,其实和创建内网差不多
先把之前原有的外部网络删除
项目--->网络---->网络--->创建网络
IP使用宿主机的网段
管理员--->网络--->网络--->编辑网络--->勾选外部网络
即创建外部网络完成 !
六、无法访问实例控制台问题
无法显示!!!
解决
#修改配置文件
[root@openstack ~]# vi /etc/nova/nova.conf
enabled=True
novncproxy_base_url=http://192.168.126.5:6080/vnc_auto.html
vncserver_proxyclient_address=192.168.126.5
vncserver_listen=0.0.0.0
#查看日志文件/var/log/nova/nova-novncproxy.log
[root@openstack ~]# cat /var/log/nova/nova-novncproxy.log
2024-06-19 09:11:22.440 9690 INFO nova.console.websocketproxy [-] WebSocket server settings:
2024-06-19 09:11:22.440 9690 INFO nova.console.websocketproxy [-] - Listen on 0.0.0.0:6080
2024-06-19 09:11:22.440 9690 INFO nova.console.websocketproxy [-] - Flash security policy server
2024-06-19 09:11:22.440 9690 INFO nova.console.websocketproxy [-] - Web server (no directory listings). Web root: /usr/share/novnc
2024-06-19 09:11:22.440 9690 INFO nova.console.websocketproxy [-] - No SSL/TLS support (no cert file)
2024-06-19 09:11:22.441 9690 INFO nova.console.websocketproxy [-] - proxying from 0.0.0.0:6080 to None:None
2024-06-19 11:28:17.938 24871 INFO nova.console.websocketproxy [-] 192.168.126.1 - - [19/Jun/2024 11:28:17] code 400, message Client must support 'binary' or 'base64' protocol
2024-06-19 11:28:56.200 25706 INFO nova.console.websocketproxy [-] 192.168.126.1 - - [19/Jun/2024 11:28:56] code 404, message File not found
2024-06-19 11:28:56.288 25709 INFO nova.console.websocketproxy [-] 192.168.126.1 - - [19/Jun/2024 11:28:56] code 400, message Client must support 'binary' or 'base64' protocol
可以看到出现: Code 400, message Client must support ‘binary’ or ‘base64’原因:这是因为协议有问题,需编辑 /usr/share/novnc/core/websock.js文件,加入‘binary’ or ‘base64’协议即可
[root@openstack ~]# vi /usr/share/novnc/core/websock.js
#原配置
open(uri, protocols) {
this.attach(new WebSocket(uri, protocols, binary, base64));
#修改配置
open(uri, protocols) {
this.attach(new WebSocket(uri,['binary','base64']));
}
#重启服务
[root@openstack ~]# systemctl restart openstack-nova-novncproxy.service
[root@openstack ~]# systemctl restart openstack-nova-*
再次访问控制台
首先清一下浏览器缓存
清除浏览器数据
成功打开控制台
七、查看OpenStack版本
我们老是说OpenStackT版、M版的等等那到底咋查看呢?
让我们一起探索一下!
#查看OpenStack版本
[root@openstack ~]# openstack --version
openstack 3.18.1#过滤出安装的nova服务的版本,可以看到nova版本是19.3.2
[root@openstack ~]# rpm -qa | grep nova
openstack-nova-novncproxy-19.3.2-1.el7.noarch
openstack-nova-common-19.3.2-1.el7.noarch
openstack-nova-conductor-19.3.2-1.el7.noarch
openstack-nova-migration-19.3.2-1.el7.noarch
openstack-nova-placement-api-19.3.2-1.el7.noarch
openstack-nova-console-19.3.2-1.el7.noarch
openstack-nova-compute-19.3.2-1.el7.noarch
openstack-nova-api-19.3.2-1.el7.noarch
python2-novaclient-13.0.2-1.el7.noarch
openstack-nova-scheduler-19.3.2-1.el7.noarch
puppet-nova-14.4.0-1.el7.noarch
python2-nova-19.3.2-1.el7.noarch
对照OpenStack官网,点击版本进行查看,看看nova的版本与哪个OpenStack版本对应就好了
可以看到与Stein版本一致, 也就是S版啦!!!
至此,使用Packstack在CentOS7下快速部署OpenStack是一个简单而高效的方法完成!通过准备系统环境、安装Packstack、选择运行模式并根据实际情况进行配置,可以成功地设置一个概念验证(PoC)环境用于测试和评估OpenStack。还要注意的是,得确保系统资源充足并解决潜在问题以避免部署失败!
最好,大家在遇到问题时要学会看日志分析,去尝试解决问题,我们总是在解决问题中成长学习的,它印象会让我们更深刻,大家一起加油!