免费注册 查看新帖 |

Chinaunix

  平台 论坛 博客 文库
12345下一页
最近访问板块 发新帖
查看: 29713 | 回复: 40

[OpenStack] 1. 在CentOS 6.3上通过源码安装Openstack Folsom之Keystone安装 [复制链接]

论坛徽章:
0
发表于 2012-11-05 20:58 |显示全部楼层
本帖最后由 atkisc 于 2012-11-21 21:46 编辑

此为连载教程,会在几天内发布完成,内容顺序如下:
1. 在CentOS 6.3上通过源码安装Openstack Folsom之Keystone安装
2. 在CentOS 6.3上通过源码安装Openstack Folsom之Glance安装
3. 在CentOS 6.3上通过源码安装Openstack Folsom之Nova安装
4. 在CentOS 6.3上通过源码安装Openstack Folsom之OpenVswitch安装
5. 在CentOS 6.3上通过源码安装Openstack Folsom之Quantum安装
6. 在CentOS 6.3上通过源码安装Openstack Folsom之Cinder安装
7. 在CentOS 6.3上通过源码安装Openstack Folsom之Nova使用Quantum
8. 在CentOS 6.3上通过源码安装Openstack Folsom之Novnc安装
9. 在CentOS 6.3上通过源码安装Openstack Folsom之Horizon安装
10. 在CentOS 6.3上通过源码安装Openstack Folsom之通过Glance上传镜像
11. 在CentOS 6.3上通过源码安装Openstack Folsom之通过Horizon启动实例

问题修复
1. 删除keystone_data.sh文件中某些不应该存在的内容,内容如下
  1. # Keystone
  2. if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
  3. KEYSTONE_SERVICE=$(get_id keystone service-create \
  4. --name=keystone \
  5. --type=identity \
  6. --description="Keystone Identity Service")
  7. keystone endpoint-create \
  8. --region RegionOne \
  9. --service_id $KEYSTONE_SERVICE \
  10. --publicurl "http://$SERVICE_HOST:\$(public_port)s/v2.0" \
  11. --adminurl "http://$SERVICE_HOST:\$(admin_port)s/v2.0" \
  12. --internalurl "http://$SERVICE_HOST:\$(public_port)s/v2.0"
  13. fi
复制代码
系统环境
  1. CentOS 6.3 x86_64
  2. Openstack Folsom
  3. 服务器IP:172.16.24.138
  4. 注:因为用到了Quantum,系统需要至少两块网卡
复制代码
1. 前提工作
  1. rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm
  2. yum install -y python-pip gcc gcc-c++ make libtool patch automake python-devel libxslt-devel rabbitmq-server mysql-server MySQL-python openssl-devel kernel kernel-devel libudev-devel git wget lvm2 httpd mod_wsgi libvirt-python libvirt qemu-kvm scsi-target-utils gedit python-numdisplay device-mapper bridge-utils dnsmasq dnsmasq-utils
  3. sed -i '/SELINUX/ s/enforcing/disabled/g' /etc/selinux/config
  4. reboot
  5. /etc/init.d/rabbitmq-server start
  6. /etc/init.d/mysqld start
  7. mysqladmin -uroot password '123456'
  8. mysql -uroot -p123456 -e 'create database nova'
  9. mysql -uroot -p123456 -e 'create database glance'
  10. mysql -uroot -p123456 -e 'create database keystone'
  11. mysql -uroot -p123456 -e 'create database cinder'
  12. mysql -uroot -p123456 -e 'create database horizon'
  13. mysql -uroot -p123456 -e 'create database ovs_quantum'
复制代码
2. keystone安装
  1. wget https://launchpad.net/keystone/folsom/2012.2/+download/keystone-2012.2.tar.gz
  2. tar xf keystone-2012.2.tar.gz
  3. cd keystone-2012.2/tools
  4. pip-python install -r pip-requires
  5. cd ..
  6. python setup.py install
复制代码
3. python-keystoneclient安装
  1. git clone https://github.com/openstack/python-keystoneclient.git
  2. cd python-keystoneclient/tools/
  3. pip-python install -r pip-requires
  4. cd ..
  5. python setup.py install
复制代码
4. 创建keystone配置文件目录和复制配置文件
  1. mkdir /etc/keystone
  2. mkdir /var/log/keystone
  3. cp /opt/keystone-2012.2/etc/default_catalog.templates /etc/keystone/
  4. cp /opt/keystone-2012.2/etc/keystone.conf.sample /etc/keystone/keystone.conf
  5. cp /opt/keystone-2012.2/etc/logging.conf.sample /etc/keystone/logging.conf
  6. cp /opt/keystone-2012.2/etc/policy.json /etc/keystone/
复制代码
4.1 编辑/etc/keystone/default_catalog.templates,将内容替换如下
  1. catalog.RegionOne.identity.publicURL = http://172.16.24.138:$(public_port)s/v2.0
  2. catalog.RegionOne.identity.adminURL = http://172.16.24.138:$(admin_port)s/v2.0
  3. catalog.RegionOne.identity.internalURL = http://172.16.24.138:$(public_port)s/v2.0
  4. catalog.RegionOne.identity.name = Identity Service

  5. catalog.RegionOne.compute.publicURL = http://172.16.24.138:8774/v2/$(tenant_id)s
  6. catalog.RegionOne.compute.adminURL = http://172.16.24.138:8774/v2/$(tenant_id)s
  7. catalog.RegionOne.compute.internalURL = http://172.16.24.138:8774/v2/$(tenant_id)s
  8. catalog.RegionOne.compute.name = Compute Service

  9. catalog.RegionOne.volume.publicURL = http://172.16.24.138:8776/v1/$(tenant_id)s
  10. catalog.RegionOne.volume.adminURL = http://172.16.24.138:8776/v1/$(tenant_id)s
  11. catalog.RegionOne.volume.internalURL = http://172.16.24.138:8776/v1/$(tenant_id)s
  12. catalog.RegionOne.volume.name = Volume Service

  13. catalog.RegionOne.ec2.publicURL = http://172.16.24.138:8773/services/Cloud
  14. catalog.RegionOne.ec2.adminURL = http://172.16.24.138:8773/services/Admin
  15. catalog.RegionOne.ec2.internalURL = http://172.16.24.138:8773/services/Cloud
  16. catalog.RegionOne.ec2.name = EC2 Service

  17. catalog.RegionOne.s3.publicURL = http://172.16.24.138:3333
  18. catalog.RegionOne.s3.adminURL = http://172.16.24.138:3333
  19. catalog.RegionOne.s3.internalURL = http://172.16.24.138:3333
  20. catalog.RegionOne.s3.name = S3 Service

  21. catalog.RegionOne.image.publicURL = http://172.16.24.138:9292
  22. catalog.RegionOne.image.adminURL = http://172.16.24.138:9292
  23. catalog.RegionOne.image.internalURL = http://172.16.24.138:9292
  24. catalog.RegionOne.image.name = Image Service

  25. catalog.RegionOne.network.publicURL = http://172.16.24.138:9696
  26. catalog.RegionOne.network.adminURL = http://172.16.24.138:9696
  27. catalog.RegionOne.network.internalURL = http://172.16.24.138:9696
  28. catalog.RegionOne.network.name = Quantum Service
复制代码
4.2 在/etc/keystone/下建立keystone_data.sh文件,内容如下
  1. #!/bin/bash
  2. #
  3. # Initial data for Keystone using python-keystoneclient
  4. #
  5. # Tenant User Roles
  6. # ------------------------------------------------------------------
  7. # admin admin admin
  8. # service glance admin
  9. # service nova admin, [ResellerAdmin (swift only)]
  10. # service quantum admin # if enabled
  11. # service swift admin # if enabled
  12. # service cinder admin # if enabled
  13. # service heat admin # if enabled
  14. # demo admin admin
  15. # demo demo Member, anotherrole
  16. # invisible_to_admin demo Member
  17. # Tempest Only:
  18. # alt_demo alt_demo Member
  19. #
  20. # Variables set before calling this script:
  21. # SERVICE_TOKEN - aka admin_token in keystone.conf
  22. # SERVICE_ENDPOINT - local Keystone admin endpoint
  23. # SERVICE_TENANT_NAME - name of tenant containing service accounts
  24. # SERVICE_HOST - host used for endpoint creation
  25. # ENABLED_SERVICES - stack.sh's list of services to start
  26. # DEVSTACK_DIR - Top-level DevStack directory
  27. # KEYSTONE_CATALOG_BACKEND - used to determine service catalog creation

  28. # Defaults
  29. # --------

  30. ADMIN_PASSWORD=${ADMIN_PASSWORD:-secrete}
  31. SERVICE_PASSWORD=${SERVICE_PASSWORD:-service}
  32. export SERVICE_TOKEN=ADMIN
  33. export SERVICE_ENDPOINT=http://localhost:35357/v2.0
  34. SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-tenant}

  35. function get_id () {
  36. echo `"$@" | awk '/ id / { print $4 }'`
  37. }

  38. # Tenants
  39. # -------

  40. ADMIN_TENANT=$(get_id keystone tenant-create --name=admin)
  41. SERVICE_TENANT=$(get_id keystone tenant-create --name=$SERVICE_TENANT_NAME)
  42. DEMO_TENANT=$(get_id keystone tenant-create --name=demo)
  43. INVIS_TENANT=$(get_id keystone tenant-create --name=invisible_to_admin)

  44. # Users
  45. # -----

  46. ADMIN_USER=$(get_id keystone user-create --name=admin \
  47. --pass="$ADMIN_PASSWORD" \
  48. --email=admin@example.com)
  49. DEMO_USER=$(get_id keystone user-create --name=demo \
  50. --pass="$ADMIN_PASSWORD" \
  51. --email=demo@example.com)

  52. # Roles
  53. # -----

  54. ADMIN_ROLE=$(get_id keystone role-create --name=admin)
  55. KEYSTONEADMIN_ROLE=$(get_id keystone role-create --name=KeystoneAdmin)
  56. KEYSTONESERVICE_ROLE=$(get_id keystone role-create --name=KeystoneServiceAdmin)
  57. # ANOTHER_ROLE demonstrates that an arbitrary role may be created and used
  58. # TODO(sleepsonthefloor): show how this can be used for rbac in the future!
  59. ANOTHER_ROLE=$(get_id keystone role-create --name=anotherrole)

  60. # Add Roles to Users in Tenants
  61. keystone user-role-add --user_id $ADMIN_USER --role_id $ADMIN_ROLE --tenant_id $ADMIN_TENANT
  62. keystone user-role-add --user_id $ADMIN_USER --role_id $ADMIN_ROLE --tenant_id $DEMO_TENANT
  63. keystone user-role-add --user_id $DEMO_USER --role_id $ANOTHER_ROLE --tenant_id $DEMO_TENANT

  64. # TODO(termie): these two might be dubious
  65. keystone user-role-add --user_id $ADMIN_USER --role_id $KEYSTONEADMIN_ROLE --tenant_id $ADMIN_TENANT
  66. keystone user-role-add --user_id $ADMIN_USER --role_id $KEYSTONESERVICE_ROLE --tenant_id $ADMIN_TENANT

  67. # The Member role is used by Horizon and Swift so we need to keep it:
  68. MEMBER_ROLE=$(get_id keystone role-create --name=Member)
  69. keystone user-role-add --user_id $DEMO_USER --role_id $MEMBER_ROLE --tenant_id $DEMO_TENANT
  70. keystone user-role-add --user_id $DEMO_USER --role_id $MEMBER_ROLE --tenant_id $INVIS_TENANT

  71. # Services

  72. # Nova
  73. NOVA_USER=$(get_id keystone user-create \
  74. --name=nova \
  75. --pass="$SERVICE_PASSWORD" \
  76. --tenant_id $SERVICE_TENANT \
  77. --email=nova@example.com)
  78. keystone user-role-add \
  79. --tenant_id $SERVICE_TENANT \
  80. --user_id $NOVA_USER \
  81. --role_id $ADMIN_ROLE

  82. # Nova needs ResellerAdmin role to download images when accessing
  83. # swift through the s3 api. The admin role in swift allows a user
  84. # to act as an admin for their tenant, but ResellerAdmin is needed
  85. # for a user to act as any tenant. The name of this role is also
  86. # configurable in swift-proxy.conf
  87. RESELLER_ROLE=$(get_id keystone role-create --name=ResellerAdmin)
  88. keystone user-role-add \
  89. --tenant_id $SERVICE_TENANT \
  90. --user_id $NOVA_USER \
  91. --role_id $RESELLER_ROLE

  92. # Glance
  93. GLANCE_USER=$(get_id keystone user-create \
  94. --name=glance \
  95. --pass="$SERVICE_PASSWORD" \
  96. --tenant_id $SERVICE_TENANT \
  97. --email=glance@example.com)
  98. keystone user-role-add \
  99. --tenant_id $SERVICE_TENANT \
  100. --user_id $GLANCE_USER \
  101. --role_id $ADMIN_ROLE

  102. # Swift
  103. SWIFT_USER=$(get_id keystone user-create \
  104. --name=swift \
  105. --pass="$SERVICE_PASSWORD" \
  106. --tenant_id $SERVICE_TENANT \
  107. --email=swift@example.com)
  108. keystone user-role-add \
  109. --tenant_id $SERVICE_TENANT \
  110. --user_id $SWIFT_USER \
  111. --role_id $ADMIN_ROLE

  112. # Quantum
  113. QUANTUM_USER=$(get_id keystone user-create \
  114. --name=quantum \
  115. --pass="$SERVICE_PASSWORD" \
  116. --tenant_id $SERVICE_TENANT \
  117. --email=quantum@example.com)
  118. keystone user-role-add \
  119. --tenant_id $SERVICE_TENANT \
  120. --user_id $QUANTUM_USER \
  121. --role_id $ADMIN_ROLE

  122. # Cinder
  123. CINDER_USER=$(get_id keystone user-create --name=cinder \
  124. --pass="$SERVICE_PASSWORD" \
  125. --tenant_id $SERVICE_TENANT \
  126. --email=cinder@example.com)
  127. keystone user-role-add --tenant_id $SERVICE_TENANT \
  128. --user_id $CINDER_USER \
  129. --role_id $ADMIN_ROLE
复制代码
4.3 更改/etc/keystone/keystone.conf文件的如下一些选项
  1. sed -i 's/# admin_token = ADMIN/admin_token = ADMIN/g' /etc/keystone/keystone.conf
  2. sed -i 's/# bind_host = 0.0.0.0/bind_host = 0.0.0.0/g' /etc/keystone/keystone.conf
  3. sed -i 's/# public_port = 5000/public_port = 5000/g' /etc/keystone/keystone.conf
  4. sed -i 's/# admin_port = 35357/admin_port = 35357/g' /etc/keystone/keystone.conf
  5. sed -i 's/# compute_port = 8774/compute_port = 8774/g' /etc/keystone/keystone.conf
  6. sed -i 's/# verbose = False/verbose = True/g' /etc/keystone/keystone.conf
  7. sed -i 's/# debug = False/debug = True/g' /etc/keystone/keystone.conf
  8. sed -i 's/# log_file = keystone.log/log_file = keystone.log/g' /etc/keystone/keystone.conf
  9. sed -i 's/# log_dir = \/var\/log\/keystone/log_dir = \/var\/log\/keystone/g' /etc/keystone/keystone.conf
  10. sed -i 's/# use_syslog = False/use_syslog = False/g' /etc/keystone/keystone.conf
  11. sed -i 's/# connection = sqlite:\/\/\/keystone.db/connection = mysql:\/\/root:123456@localhost\/keystone/g' /etc/keystone/keystone.conf
  12. sed -i 's/# driver = keystone.identity.backends.sql.Identity/driver = keystone.identity.backends.sql.Identity/g' /etc/keystone/keystone.conf
  13. sed -i 's/# driver = keystone.catalog.backends.templated.TemplatedCatalog/driver = keystone.catalog.backends.templated.TemplatedCatalog/g' /etc/keystone/keystone.conf
  14. sed -i 's/# template_file = default_catalog.templates/template_file = \/etc\/keystone\/default_catalog.templates/g' /etc/keystone/keystone.conf
  15. sed -i 's/# driver = keystone.token.backends.kvs.Token/driver = keystone.token.backends.kvs.Token/g' /etc/keystone/keystone.conf
  16. sed -i 's/# expiration = 86400/expiration = 86400/g' /etc/keystone/keystone.conf
  17. sed -i 's/# driver = keystone.policy.backends.rules.Policy/driver = keystone.policy.backends.rules.Policy/g' /etc/keystone/keystone.conf
  18. sed -i 's/# driver = keystone.contrib.ec2.backends.kvs.Ec2/driver = keystone.contrib.ec2.backends.kvs.Ec2/g' /etc/keystone/keystone.conf
复制代码
4.4 初始化keystone数据库表结构
  1. keystone-manage db_sync
复制代码
4.5 启动keystone服务
  1. keystone-all --config-file=/etc/keystone/keystone.conf &
复制代码
4.6 通过查看日志和netstat验证服务是否成功启动
  1. 如果日志最下方显示:
  2. 2012-10-15 18:03:33 DEBUG [keystone.common.wsgi] Starting /usr/bin/keystone-all on 0.0.0.0:35357
  3. 2012-10-15 18:03:33 DEBUG [keystone.common.wsgi] Starting /usr/bin/keystone-all on 0.0.0.0:5000
  4. 2012-10-15 18:03:33 DEBUG [eventlet.wsgi.server] (3675) wsgi starting up on http://0.0.0.0:35357/
  5. 2012-10-15 18:03:33 DEBUG [eventlet.wsgi.server] (3675) wsgi starting up on http://0.0.0.0:5000/

  6. 并且通过netstat -ltnp |grep -E '(5000|35357)'都存在代表启动成功
复制代码
4.7 初始化keystone数据
  1. bash /etc/keystone/keystone_data.sh
复制代码

评分

参与人数 1可用积分 +12 收起 理由
send_linux + 12 很给力!感谢分享:)

查看全部评分

论坛徽章:
0
发表于 2012-11-13 16:52 |显示全部楼层
我用yum安装 rabbitmq-server这个服务出现nopakges这个提示  求解答

论坛徽章:
0
发表于 2012-11-14 11:21 |显示全部楼层
回复 2# zhaoxin_hope


    安装epel库

论坛徽章:
0
发表于 2012-11-15 11:00 |显示全部楼层
用yum安装qemu-kvm  无法安装???是不是虚拟机不支持虚拟化  该怎么解决???

论坛徽章:
0
发表于 2012-11-22 10:08 |显示全部楼层
"问题修复
1. 删除keystone_data.sh文件中某些不应该存在的内容,内容如下"

你说的这些内容,原来你的keystone_data.sh本来就没有啊

论坛徽章:
0
发表于 2012-11-22 13:25 |显示全部楼层
回复 5# liuaiping0205


    有的~,我编辑了所以你看不到了

论坛徽章:
2
狮子座
日期:2014-01-17 09:09:212015年迎新春徽章
日期:2015-03-04 09:58:11
发表于 2012-11-22 13:26 |显示全部楼层
尽快都写完啊,一天放一点,急死人了

论坛徽章:
0
发表于 2013-01-09 16:10 |显示全部楼层
按照这个安装各种错误

论坛徽章:
0
发表于 2013-01-11 13:38 |显示全部楼层
ddl007 发表于 2013-01-09 16:10
按照这个安装各种错误


什么错误可以贴出来

论坛徽章:
0
发表于 2013-01-14 14:59 |显示全部楼层
照着楼主的步骤做,在keystone-manage db_sync 提示错误:
............................................................................
    from sqlalchemy import exceptions as sa_exceptions
ImportError: cannot import name exceptions
您需要登录后才可以回帖 登录 | 注册

本版积分规则 发表回复

  

北京盛拓优讯信息技术有限公司. 版权所有 京ICP备16024965号-6 北京市公安局海淀分局网监中心备案编号:11010802020122 niuxiaotong@pcpop.com 17352615567
未成年举报专区
中国互联网协会会员  联系我们:huangweiwei@itpub.net
感谢所有关心和支持过ChinaUnix的朋友们 转载本站内容请注明原作者名及出处

清除 Cookies - ChinaUnix - Archiver - WAP - TOP