Openstack-横向扩容controller
一、配置服务器e
#安装系统时 按tab 使得ens33 改为 eth0
配置:net.ifnames=0 biosdevname=0
#配置网略
ip addr
cd /etc/sysconfig/network-scripts/
vim /etc/hostname
openstack-controller2.xks.local
#改为nodeip 192.168.40.108
[root@openstack-controller1 network-scripts]# cat ifcfg-eth0
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="none"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="eth0"
UUID="39d55d0d-ed5c-4497-8767-8f56571c92d6"
DEVICE="eth0"
ONBOOT="yes"
IPADDR="192.168.40.101"
PREFIX="21"
GATEWAY="192.168.40.2"
DNS1="192.168.40.2"
DNS2="114.114.114.114"
DNS3="8.8.8.8"
IPV6_PRIVACY="no"
#不要指网关
#改为nodeip 10.10.7.108
[root@openstack-controller1 network-scripts]# vi ifcfg-eth1
[root@openstack-controller1 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1
TYPE=Ethernet
ONBOOT=yes
DEVICE=eth1
NAME=eth1
BOOTPROTO=static
IPADDR=10.10.7.101
NETMASK=255.255.248.0
PROXY_METHOD=none
BROWSER_ONLY=no
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
UUID=fae29040-2677-49bf-9946-642100a8fd7d
#关闭防火墙、selinux、NetWorkManager
systemctl disable firewalld
#关闭 SELinux(Security-Enhanced Linux) 强制访问控制
getenforce
setenforce 0
sed -i 's/^SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
systemctl disable NetworkManager
#安装yum 软件
yum install -y vim wget tree lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop lsof ntpdate telnet bridge-utils curl
#配置hosts文件
echo "192.168.40.248 openstack-vip.xks.local" >> /etc/hosts
#
#配置时间同步
[root@openstack-controller1 network-scripts]# cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
[root@openstack-controller1 network-scripts]# crontab -e
*/10 * * * * /usr/sbin/ntpdate time1.aliyun.com && hwclock -w
二、配置openstack-controller2
#启用OpenStack库
yum install -y centos-release-openstack-train.noarch
yum install -y https://rdoproject.org/repos/rdo-release.rpm
#Finalize the installation
yum install -y python-openstackclient openstack-selinux
#必须安装此模块 用于连接mysql
yum install -y python2-PyMySQL
#必须安装此模块 用于连接memcached
yum install -y python-memcached
yum install -y openstack-keystone httpd mod_wsgi
systemctl enable httpd
[controller1]
cd /etc/keystone
tar zcvf keystone-controller1.tar.gz ./*
scp keystone-controller1.tar.gz 192.168.40.102:/etc/keystone
[controller2]
cd /etc/keystone
tar zxvf keystone-controller1.tar.gz
/etc/hosts
192.168.40.248 openstack-vip.xks.local
vim /etc/httpd/conf/httpd.conf
ServerName 192.168.40.102:80
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
systemctl restart httpd
systemctl enable httpd
#Haproxy 配置后台转发
#添加keystone
[root@openstack-haproxy1 ~]# cat /etc/haproxy/haproxy.cfg
listen openstack-keystone-5000
bind 192.168.40.248:5000
mode tcp
server 192.168.40.102 192.168.40.102:5000 check inter 3s fall 3 rise 5
[root@openstack-haproxy1 ~]# systemctl restart haproxy
[root@openstack-controller1 conf.d]# netstat -nltp| grep 5000
#Create OpenStack client environment scripts
#admin-openrc.sh
[root@openstack-controller1 ~]# cat admin-openrc.sh
#!/bin/bash
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_AUTH_URL=http://openstack-vip.xks.local:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
#demo-openrc.sh
[root@openstack-controller1 ~]# cat demo-openrc.sh
#!/bin/bash
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=myproject
export OS_USERNAME=myuser
export OS_PASSWORD=myuser
export OS_AUTH_URL=http://openstack-vip.xks.local:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
[root@openstack-controller1 ~]# chmod +x admin-openrc.sh demo-openrc.sh
[root@openstack-controller1 ~]# openstack user list
============================================================================================
yum install -y openstack-glance
mkdir -p /var/lib/glance/images/
chown -R glance.glance /var/lib/glance/images/
#配置自动挂载
vim /etc/fstab
192.168.40.105:/data/glance /var/lib/glance/images nfs defaults,_netdev 0 0
mount -a
[root@openstack-controller1 ~]# df -h
Filesystem Size Used Avail Use% Mounted on
devtmpfs 2.5G 0 2.5G 0% /dev
tmpfs 2.5G 0 2.5G 0% /dev/shm
tmpfs 2.5G 12M 2.5G 1% /run
tmpfs 2.5G 0 2.5G 0% /sys/fs/cgroup
/dev/mapper/centos-root 50G 2.9G 48G 6% /
/dev/sda1 1014M 138M 877M 14% /boot
/dev/mapper/centos-home 95G 33M 95G 1% /home
tmpfs 494M 0 494M 0% /run/user/0
192.168.40.105:/data/glance 17G 2.4G 15G 14% /var/lib/glance/images
[controller1]
cd /etc/glance/
tar czvf glance-controller1.tar.gz ./*
scp glance-controller1.tar.gz 192.168.40.102:/etc/glance
[controller2]
cd /etc/glance/
tar zxvf glance-controller1.tar.gz
systemctl start openstack-glance-api.service
systemctl enable openstack-glance-api.service
#配置添加haproxy、haproxy服务器上添加
[root@openstack-haproxy1 ~]# vim /etc/haproxy/haproxy.cfg
listen openstack-glance-9292
bind 192.168.40.248:9292
mode tcp
server 192.168.40.102 192.168.40.102:9292 check inter 3s fall 3 rise 5
[root@openstack-haproxy1 ~]# systemctl restart haproxy
[root@openstack-haproxy1 ~]# netstat -ntlp | grep 9292
tcp 0 0 192.168.40.248:9292 0.0.0.0:* LISTEN 23765/haproxy
[root@openstack-controller1 glance]# openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| 3fe6bb79-24e6-409f-b55e-c2de374dec27 | cirros | active |
+--------------------------------------+--------+--------+
============================================================================================
yum install -y openstack-placement-api
[controller1]
cd /etc/placement
tar zcvf placement-controller1.tar.gz ./*
scp placement-controller1.tar.gz 192.168.40.102:/etc/placement
[controller2]
cd /etc/placement
tar zxvf placement-controller1.tar.gz
#配置apache允许访问placement API ,如果不配置会拒绝访问报错403
#参考文档:https://docs.openstack.org/nova/rocky/install/controller-install-rdo.html
vim /etc/httpd/conf.d/00-placement-api.conf
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
#重启httpd 会在 /etc/httpd/conf.d/有个文件:00-placement-api.conf配置了8778端口内容参数
[root@openstack-controller1 conf.d]# systemctl restart httpd
[root@openstack-controller1 conf.d]# netstat -ntlp | grep 8778
tcp6 0 0 :::8778 :::* LISTEN 7790/httpd
#配置Haproxy 8778端口
[root@openstack-haproxy1 glance]# vim /etc/haproxy/haproxy.cfg
listen openstack-placement-8778
bind 192.168.40.248:8778
mode tcp
server 192.168.40.102 192.168.40.102:8778 check inter 3s fall 3 rise 5
[root@openstack-haproxy1 glance]# systemctl restart haproxy
[root@openstack-haproxy1 glance]# netstat -nltp | grep 8778
tcp 0 0 192.168.40.248:8778 0.0.0.0:* LISTEN 23906/haproxy
#验证是否安装成功
[root@openstack-controller1 ~]# source admin-openrc.sh
[root@openstack-controller1 ~]# placement-status upgrade check
============================================================================================
yum install -y openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler
[controller1]
cd /etc/nova
tar zcvf nova-controller1.tar.gz ./*
scp nova-controller1.tar.gz 192.168.40.102:/etc/nova
[controller2]
cd /etc/nova
tar zxvf nova-controller1.tar.gz
vim /etc/nova.conf
my_ip=192.168.40.102
systemctl enable \
openstack-nova-api.service \
openstack-nova-scheduler.service \
openstack-nova-conductor.service \
openstack-nova-novncproxy.service
systemctl start \
openstack-nova-api.service \
openstack-nova-scheduler.service \
openstack-nova-conductor.service \
openstack-nova-novncproxy.service
#配置Haproxy
[root@openstack-haproxy1 glance]# cat /etc/haproxy/haproxy.cfg
listen openstack-nova-8774
bind 192.168.40.248:8774
mode tcp
server 192.168.40.102 192.168.40.102:8774 check inter 3s fall 3 rise 5
[root@openstack-haproxy1 glance]# systemctl restart haproxy
[root@openstack-haproxy1 glance]# netstat -ntlp | grep 8774
tcp 0 0 192.168.40.248:8774 0.0.0.0:* LISTEN 26260/haproxy
#添加Haproxy6080
[root@openstack-haproxy1 glance]# vim /etc/haproxy/haproxy.cfg
listen openstack-nova-novncproxy-6080
bind 192.168.40.248:6080
mode tcp
server 192.168.40.102 192.168.40.102:6080 check inter 3s fall 3 rise 5
[root@openstack-haproxy1 glance]# systemctl restart haproxy
[root@openstack-controller1 nova]# nova service-list
+--------------------------------------+----------------+---------------------------------+----------+---------+-------+----------------------------+-----------------+-------------+
| Id | Binary | Host | Zone | Status | State | Updated_at | Disabled Reason | Forced down |
+--------------------------------------+----------------+---------------------------------+----------+---------+-------+----------------------------+-----------------+-------------+
| 79cb22e1-a8db-4267-92c6-77351e8d0373 | nova-conductor | openstack-controller1.xks.local | internal | enabled | up | 2023-07-25T15:02:22.000000 | - | False |
| 5d974f43-5081-4340-b954-a5b3ce06740c | nova-scheduler | openstack-controller1.xks.local | internal | enabled | up | 2023-07-25T15:02:23.000000 | - | False |
| 6428a4a4-02ad-4ac0-a0bd-8ad22ce03f08 | nova-compute | openstack-node1.xks.local | nova | enabled | up | 2023-07-25T15:02:25.000000 | - | False |
| b47e9f23-8483-4b1d-a9b2-c33fa0fa6bb8 | nova-compute | openstack-node2.xks.local | nova | enabled | up | 2023-07-25T15:02:23.000000 | - | False |
| 412969e4-4ad8-4244-9449-8f746d753e46 | nova-conductor | openstack-controller2.xks.local | internal | enabled | up | 2023-07-25T15:02:22.000000 | - | False |
| 972cb350-e6fe-40ef-a4c2-f9851bec65dc | nova-scheduler | openstack-controller2.xks.local | internal | enabled | up | 2023-07-25T15:02:24.000000 | - | False |
+--------------------------------------+----------------+---------------------------------+----------+---------+-------+----------------------------+-----------------+-------------+
============================================================================================
yum install -y openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables
[controller1]
cd /etc/neutron
tar zcvf neutron-controller1.tar.gz ./*
scp neutron-controller1.tar.gz 192.168.40.102:/etc/neutron
[controller2]
cd /etc/neutron
tar zxvf neutron-controller1.tar.gz
systemctl restart openstack-nova-api.service
systemctl enable neutron-server.service \
neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service
systemctl start neutron-server.service \
neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service
tail -f /var/log/neutron/*.log
[root@openstack-controller1 neutron]# neutron agent-list
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
+--------------------------------------+--------------------+---------------------------------+-------------------+-------+----------------+---------------------------+
| id | agent_type | host | availability_zone | alive | admin_state_up | binary |
+--------------------------------------+--------------------+---------------------------------+-------------------+-------+----------------+---------------------------+
| 2000e3d4-683f-4c2e-80bf-0439493d4ddc | DHCP agent | openstack-controller2.xks.local | nova | :-) | True | neutron-dhcp-agent |
| 24543051-e329-4e2a-ac58-c1d373bad7b0 | Linux bridge agent | openstack-controller1.xks.local | | :-) | True | neutron-linuxbridge-agent |
| 54413aa2-9430-4529-bdd8-e22c2e2a1b3f | DHCP agent | openstack-controller1.xks.local | nova | :-) | True | neutron-dhcp-agent |
| 62da7eb3-6779-4d1e-9cab-cdc2c4d51c7b | Linux bridge agent | openstack-controller2.xks.local | | :-) | True | neutron-linuxbridge-agent |
| 970d62fe-5bc9-4a38-a32d-070d9ed26996 | Linux bridge agent | openstack-node1.xks.local | | :-) | True | neutron-linuxbridge-agent |
| de57dd0a-684c-4b6f-8b5f-5c01dca70c93 | Metadata agent | openstack-controller1.xks.local | | :-) | True | neutron-metadata-agent |
| e36d82dd-5fec-4fb0-9eaf-277a040ec79b | Linux bridge agent | openstack-node2.xks.local | | :-) | True | neutron-linuxbridge-agent |
| eec4dd80-b2ef-490f-be8b-de9a92fe303f | Metadata agent | openstack-controller2.xks.local | | :-) | True | neutron-metadata-agent |
+--------------------------------------+--------------------+---------------------------------+-------------------+-------+----------------+---------------------------+
#修改配置文件
[root@openstack-haproxy1 ~]# vim /etc/haproxy/haproxy.cfg
listen openstack-neutron-9696
bind 192.168.40.248:9696
mode tcp
#server 192.168.40.101 192.168.40.101:9696 check inter 3s fall 3 rise 5
server 192.168.40.102 192.168.40.102:9696 check inter 3s fall 3 rise 5
systemctl restart haproxy
============================================================================================
yum install -y openstack-dashboard
[controller1]
cd /etc/openstack-dashboard
tar zcvf openstack-dashboard-controller1.tar.gz ./*
scp openstack-dashboard-controller1.tar.gz 192.168.40.102:/etc/openstack-dashboard
[controller2]
cd /etc/openstack-dashboard
tar zxvf openstack-dashboard-controller1.tar.gz
#修改配置
[root@openstack-controller2 openstack-dashboard]# grep 192 ./* -R
./local_settings:ALLOWED_HOSTS = ['192.168.40.102', 'openstack-vip.xks.local']
./local_settings:OPENSTACK_HOST = "192.168.40.102"
#3.Add the following line to /etc/httpd/conf.d/openstack-dashboard.conf if not included.
vim /etc/httpd/conf.d/openstack-dashboard.conf
WSGIApplicationGroup %{GLOBAL}
#4.配置Haproxy代理-添加dashboard 代码块
[root@openstack-haproxy1 ~]# cat /etc/haproxy/haproxy.cfg
listen openstack-dashboard-80
bind 192.168.40.248:80
mode tcp
server 192.168.40.102 192.168.40.102:80 check inter 3s fall 3 rise 5
[root@openstack-haproxy1 ~]# systemctl restart haproxy
#Finalize installation-Restart the web server and session storage service:
systemctl restart httpd.service
#管理端访问
192.168.40.102/dashboard
openstack-vip.xks.local/dashboard - 前提做好域名解析 192.168.40.248 openstack-vip.xks.local
浙公网安备 33010602011771号