找回密码
 骑士注册

QQ登录

微博登录

搜索
❏ 站外平台:

查看: 1377|回复: 0
收起左侧

packstack快速部署openstack集群(集成ceph)

[复制链接]
netb2c 发表于 2016-10-28 15:15:53 | 显示全部楼层 |阅读模式

1、系统更新及安装epel yum源
yum -y install epel-release
yum makecache && yum update –y

2、关闭firewall并使用ipables.service服务
yum install iptables-services
systemctl stop firewalld.service
systemctl disables firewalld.service
systemctl enable iptalbes.service

3、安装时钟服务器并配置上游时钟服务器
yum install ntp
#sed -i 's/server 0.centos.pool.ntp.org iburst/server 10.188.88.88/g' /etc/ntp.conf
systemctl enable ntpd &&systemctl restart ntpd

4、关闭selinux
sed -i 's/\(SELINUX=\)enforcing/\1disabled/g' /etc/selinux/config
cat /etc/selinux/config
setenforce 0

5、优化SSH登陆
sed -i 's/GSSAPIAuthentication yes/GSSAPIAuthentication no/g' /etc/ssh/sshd_config
sed -i 's/#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config
systemctl restart sshd

6、安装环境依赖包
yum install make bison flex automake autoconf boost-devel fuse-devel gcc-c++ libtool libuuid-devel libblkid-devel keyutils-libs-devel cryptopp-devel fcgi-devel libcurl-devel expat-devel gperftools-devel libedit-devel libatomic_ops-devel snappy-devel leveldb-devel libaio-devel xfsprogs-devel git libudev-devel gperftools redhat-lsb bzip2 –y

7、编译内核
tar -Jxf linux-3.18.16.tar.gz -C /usr/src/
cd /usr/src/linux-3.18.16/
#make menuconfig
make oldconfig
make -j48
make -j48 modules_install
make install
ls -l /boot/ -h
grep -i menu /boot/grub2/grub.cfg
grub2-set-default 'CentOS Linux (3.18.16) 7 (Core)'
reboot

8、免密互信
从主控端执行
ssh-copy-id -i ~/.ssh/id_rsa.pub root@cs211-12

9、关闭不必要的端口
ss -nalput
systemctl disable postfix
systemctl stop postfix

10、安装icehouse yum源
yum install https://repos.fedorapeople.org/repos/openstack/EOL/openstack-icehouse/rdo-release-icehouse-4.noarch.rpm

11、安装pack-stack并生成应答文件
yum install openstack-packstack
packstack --gen-answer-file=answer.txt

#根据需求需要按需自定义应答文件

如:不安装对象存储服务
CONFIG_SWIFT_INSTALL=n

如:由于网络问题下载demo镜像总是失败,可以关闭
CONFIG_PROVISION_DEMO=n

12、使用pack-stack部署云平台
packstack --answer-file=answer.txt

13、ceph 认证

ceph auth get-or-create client.cinder mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=volumes, allow rx pool=images'
ceph auth get-or-create client.glance mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=images'
ceph auth get-or-create client.cinder-backup mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=backups'

ceph auth get-or-create client.glance tee /etc/ceph/ceph.client.glance.keyring
chown glance:glance /etc/ceph/ceph.client.glance.keyring
ceph auth get-or-create client.cinder tee /etc/ceph/ceph.client.cinder.keyring
chown cinder:cinder /etc/ceph/ceph.client.cinder.keyring
ceph auth get-or-create client.cinder-backup tee /etc/ceph/ceph.client.cinder-backup.keyring
chown cinder:cinder /etc/ceph/ceph.client.cinder-backup.keyring

14、libvirt 认证
ceph auth get-key client.cinder tee client.cinder.key

<secret ephemeral='no' private='no'>
<uuid>eb46c257-7cb1-4920-9ad0-e6521aec255b</uuid>
<usage type='ceph'>
<name>client.cinder secret</name>
</usage>
</secret>

virsh secret-define --file secret.xml
virsh secret-set-value --secret eb46c257-7cb1-4920-9ad0-e6521aec255b --base64 $(cat /etc/ceph/client.cinder.key) && rm client.cinder.key secret.xml

15、编译升级qemu
yum -y install zlib-devel glib2-devel numactl-devel spice-server-devel spice-protocol spice-server
./configure --prefix=/usr --libdir=/usr/lib64 --sysconfdir=/etc --localstatedir=/var --libexecdir=/usr/libexec --enable-rbd --enable-numa && make -j24 && make install

mv /usr/libexec/qemu-kvm{,.orig}
ln -s /usr/bin/qemu-system-x86_64 /usr/libexec/qemu-kvm

systemctl restart libvirtd openstack-nova-compute

16、设置服务开及启动
systemctl enable openstack-nova-compute.service
systemctl enable openvswitch.service
systemctl enable openvswitch-nonetwork.service
systemctl enable libvirtd.service
systemctl enable openstack-cinder-volume.service
systemctl enable openstack-nova-network.service
systemctl enable openstack-nova-metadata-api.service

 

17、 配置添加neutron网络
neutron net-create private-admin --provider:network_type=vxlan --provider:segmentation_id=2
neutron net-create private-admin 10.188.252.0/22 --name subnet-10.188.252 --dns-name 8.8.8.8
neutron subnet-create private-admin 10.188.252.0/22 --name subnet-10.188.252 --dns-name 8.8.8.8
neutron router-create ext-router
neutron net-create public --router:external=True --shared --provider:network_type=vxlan --provider:segmentation_id=888
neutron subnet-create public 188.188.188.0/24 --name subnet-188.188.188 --enable-dhcp=false --allocation-pool start=188.188.188.3,end=188.188.188.252 --gateway=188.188.188.1
neutron router-gateway-set ext-router public --disable-snat
neutron router-interface-add ext-router subnet-10.188.252

附:MTU配置修改
A:在网络节点上运行
ip link set enp7s0f0 mtu 1550 && ip link set enp7s0f0.888 mtu 1550
ip link set enp5s0 mtu 1550 && ip link set enp5s0.911 mtu 1550
ip link set br-int mtu 1550
ip link set br-tun mtu 1550

B:在计算节点上
sed -i '1322anetwork_device_mtu=1550' /etc/nova/nova.conf
systemctl restart openstack-nova-compute

ip link set enp5s0 mtu 1550 && ip link set enp5s0.911 mtu 1550
ip link set br-int mtu 1550
ip link set br-tun mtu 1550

 C、由于icehouse源重的openvswitch 2.1.3 版本存在问题(踩过坑),建议升级2.3.1及以上

https://repos.fedorapeople.org/repos/openstack/openstack-juno/epel-7/openvswitch-2.3.1-2.el7.x86_64.rpm

 

 


参考链接:

https://www.rdoproject.org/install/quickstart/
https://repos.fedorapeople.org/repos/openstack/
http://docs.openstack.org/icehouse/install-guide/install/yum/content/index.html
http://docs.ceph.com/docs/master/rbd/rbd-openstack/
https://repos.fedorapeople.org/repos/openstack/
https://repos.fedorapeople.org/repos/openstack/openstack-juno/epel-7/openvswitch-2.3.1-2.el7.x86_64.rpm

 

 

您需要登录后才可以回帖 登录

本版积分规则

快速回复 返回顶部 返回列表

分享到微信

打开微信,点击顶部的“╋”,
使用“扫一扫”将网页分享至微信。