接上篇

計(jì)算服務(wù)：

安裝配置控制節(jié)點(diǎn)：

yum?install?openstack-nova-api?openstack-nova-conductor?\

??openstack-nova-console?openstack-nova-novncproxy?\

??openstack-nova-scheduler

此時(shí)，缺少一個(gè)包：?python-pygments需要自己下載并安裝

1、獲得?admin?憑證來(lái)獲取只有管理員能執(zhí)行的命令的訪問(wèn)權(quán)限：

#.?admin-openrc

2、要?jiǎng)?chuàng)建服務(wù)證書，完成這些步驟：

創(chuàng)建?nova?用戶：

openstack?user?create?--domain?default?\

??--password-prompt?nova

給?nova?用戶添加?admin?角色：

openstack?role?add?--project?service?--user?nova?admin

創(chuàng)建?nova?服務(wù)實(shí)體：

openstack?service?create?--name?nova?\

??--description?"OpenStack?Compute"?compute

創(chuàng)建?Compute?服務(wù)?API?端點(diǎn)?：

#?openstack?endpoint?create?--region?RegionOne?\

>???compute?public?http://172.25.33.10:8774/v2.1/%\(tenant_id\)s

#?openstack?endpoint?create?--region?RegionOne???compute?internal?http://172.25.33.10:8774/v2.1/%\(tenant_id\)s

+--------------+---------------------------------------------+

|?Field????????|?Value???????????????????????????????????????|

+--------------+---------------------------------------------+

|?enabled??????|?True????????????????????????????????????????|

|?id???????????|?44b3adb6ce2348908abbf4d3f9a52f2b????????????|

|?interface????|?internal????????????????????????????????????|

|?region???????|?RegionOne???????????????????????????????????|

|?region_id????|?RegionOne???????????????????????????????????|

|?service_id???|?a394a2c40c144d6fb9db567a1105c44a????????????|

|?service_name?|?nova????????????????????????????????????????|

|?service_type?|?compute?????????????????????????????????????|

|?url??????????|?http://172.25.33.10:8774/v2.1/%(tenant_id)s?|

+--------------+---------------------------------------------+

#?openstack?endpoint?create?--region?RegionOne???compute?admin?http://172.25.33.10:8774/v2.1/%\(tenant_id\)s

編輯``/etc/nova/nova.conf``文件并完成下面的操作：

1、在``[DEFAULT]``部分，只啟用計(jì)算和元數(shù)據(jù)API

[DEFAULT]

enabled_apis?=?osapi_compute,metadata

在``[api_database]``和``[database]``部分，配置數(shù)據(jù)庫(kù)的連接：

[api_database]

connection?=?mysql+pymysql://nova:nova@172.25.33.10/nova_api

?

[database]

connection?=?mysql+pymysql://nova:nova@172.25.33.10/nova

在?“[DEFAULT]”?和?“[oslo_messaging_rabbit]”部分，配置?“RabbitMQ”?消息隊(duì)列訪問(wèn)：

[DEFAULT]

rpc_backend?=?rabbit

?

[oslo_messaging_rabbit]

rabbit_host?=?controller

rabbit_userid?=?openstack

rabbit_password?=?rabbit

在?“[DEFAULT]”?和?“[keystone_authtoken]”?部分，配置認(rèn)證服務(wù)訪問(wèn)

[DEFAULT]

auth_strategy?=?keystone

[keystone_authtoken]

auth_uri?=?http://172.25.33.10:5000

auth_url?=?http://172.25.33.10:35357

memcached_servers?=?172.25.33.10:11211

auth_type?=?password

project_domain_name?=?default

user_domain_name?=?default

project_name?=?service

username?=?nova

password?=?nova

在?[DEFAULT?部分，配置``my_ip``?來(lái)使用控制節(jié)點(diǎn)的管理接口的IP?地址。

[DEFAULT]

my_ip?=?10.0.0.11

在?[DEFAULT]?部分，使能?Networking?服務(wù)：

[DEFAULT]

use_neutron?=?True

firewall_driver?=?nova.virt.firewall.NoopFirewallDriver

默認(rèn)情況下，計(jì)算服務(wù)使用內(nèi)置的防火墻服務(wù)。由于網(wǎng)絡(luò)服務(wù)包含了防火墻服務(wù)，你必須使用``nova.virt.firewall.NoopFirewallDriver``防火墻服務(wù)來(lái)禁用掉計(jì)算服務(wù)內(nèi)置的防火墻服務(wù)

在``[vnc]``部分，配置VNC代理使用控制節(jié)點(diǎn)的管理接口IP地址?

[vnc]

vncserver_listen?=?$my_ip

vncserver_proxyclient_address?=?$my_ip

在?[glance]?區(qū)域，配置鏡像服務(wù)?API?的位置：

[glance]

api_servers?=?http://controller:9292

在?[oslo_concurrency]?部分，配置鎖路徑：

[oslo_concurrency]

lock_path?=?/var/lib/nova/tmp

同步Compute?數(shù)據(jù)庫(kù)：

#?su?-s?/bin/sh?-c?"nova-manage?api_db?sync"?nova

#?su?-s?/bin/sh?-c?"nova-manage?db?sync"?nova

#?systemctl?enable?openstack-nova-api.service?\

??openstack-nova-consoleauth.service?openstack-nova-scheduler.service?\

??openstack-nova-conductor.service?openstack-nova-novncproxy.service

#?systemctl?start?openstack-nova-api.service?\

??openstack-nova-consoleauth.service?openstack-nova-scheduler.service?\

??openstack-nova-conductor.service?openstack-nova-novncproxy.service

?

#?grep?^[a-Z]?/etc/nova/nova.conf?

rpc_backend?=?rabbit

enabled_apis?=?osapi_compute,metadata

auth_strategy?=?keystone

my_ip?=?172.25.33.10

use_neutron?=?True

firewall_driver?=?nova.virt.firewall.NoopFirewallDriver

debug=true

connection?=?mysql+pymysql://nova:nova@172.25.33.10/nova_api

connection?=?mysql+pymysql://nova:nova@172.25.33.10/nova

api_servers?=?http://172.25.33.10:9292

auth_uri?=?http://172.25.33.10:5000

auth_url?=?http://172.25.33.10:35357

memcached_servers?=?172.25.33.10:11211

auth_type?=?password

project_domain_name?=?default

user_domain_name?=?default

project_name?=?service

username?=?nova

password?=?nova

lock_path?=?/var/lib/nova/tmp

rabbit_host?=?172.25.33.10

rabbit_userid?=?openstack

rabbit_password?=?rabbit

vncserver_listen?=?$my_ip

vncserver_proxyclient_address?=?$my_ip

?

安裝和配置計(jì)算節(jié)點(diǎn)：

minion2：172.25.33.11

安裝軟件包：

#?yum?install?openstack-nova-compute

編輯``/etc/nova/nova.conf``文件并完成下面的操作

在``[DEFAULT]``?和?[oslo_messaging_rabbit]部分，配置``RabbitMQ``消息隊(duì)列的連接：

[DEFAULT]

rpc_backend?=?rabbit

?

[oslo_messaging_rabbit]

rabbit_host?=172.25.33.10

rabbit_userid?=?openstack

rabbit_password?=rabbit

在?“[DEFAULT]”?和?“[keystone_authtoken]”?部分，配置認(rèn)證服務(wù)訪問(wèn)

[DEFAULT]

auth_strategy?=?keystone

?

[keystone_authtoken]

auth_uri?=?http://172.25.33.10:5000

auth_url?=?http://172.25.33.10:35357

memcached_servers?=?172.25.33.10:11211

auth_type?=?password

project_domain_name?=?default

user_domain_name?=?default

project_name?=?service

username?=?nova

password?=?nova

在?[DEFAULT]?部分，配置?my_ip?選項(xiàng)

[DEFAULT]

my_ip?=?MANAGEMENT_INTERFACE_IP_ADDRESS

將其中的?MANAGEMENT_INTERFACE_IP_ADDRESS?替換為計(jì)算節(jié)點(diǎn)上的管理網(wǎng)絡(luò)接口的IP?地址

my_ip?=172.25.33.11

在?[DEFAULT]?部分，使能?Networking?服務(wù)：

[DEFAULT]

use_neutron?=?True

firewall_driver?=?nova.virt.firewall.NoopFirewallDriver

缺省情況下，Compute?使用內(nèi)置的防火墻服務(wù)。由于?Networking?包含了防火墻服務(wù)，所以你必須通過(guò)使用?nova.virt.firewall.NoopFirewallDriver?來(lái)去除?Compute?內(nèi)置的防火墻服務(wù)

在``[vnc]``部分，啟用并配置遠(yuǎn)程控制臺(tái)訪問(wèn)：

[vnc]

enabled?=?True

vncserver_listen?=?0.0.0.0

vncserver_proxyclient_address?=?$my_ip

novncproxy_base_url?=?http://172.25.33.10:6080/vnc_auto.html

在?[glance]?區(qū)域，配置鏡像服務(wù)?API?的位置：

[glance]

api_servers?=?http://172.25.33.10:9292

在?[oslo_concurrency]?部分，配置鎖路徑：

[oslo_concurrency]

lock_path?=?/var/lib/nova/tmp

?

官方文檔漏掉的配置：回報(bào)錯(cuò)誤：oslo_service.service?[-]?Error?starting?thread.

或PlacementNotConfigured:?This?compute?is?not?configured?to?talk?to?the?placement?service

[placement]

auth_uri?=?http://172.25.33.10:5000

auth_url?=?http://172.25.33.10:35357

memcached_servers?=?172.25.33.10:11211

auth_type?=?password

project_domain_name?=?default

user_domain_name?=?default

project_name?=?service

username?=?nova

password?=?nova

os_region_name?=?RegionOne

?

完成安裝

1、確定您的計(jì)算節(jié)點(diǎn)是否支持虛擬機(jī)的硬件加速。

#egrep?-c?'(vmx|svm)'?/proc/cpuinfo

如果這個(gè)命令返回了?one?or?greater?的值，那么你的計(jì)算節(jié)點(diǎn)支持硬件加速且不需要額外的配置。

?

如果這個(gè)命令返回了?zero?值，那么你的計(jì)算節(jié)點(diǎn)不支持硬件加速。你必須配置?libvirt?來(lái)使用?QEMU?去代替?KVM

#?egrep?-c?'(vmx|svm)'?/proc/cpuinfo

0

?

在?/etc/nova/nova.conf?文件的?[libvirt]?區(qū)域做出如下的編輯

[libvirt]

virt_type?=?qemu

2、啟動(dòng)計(jì)算服務(wù)及其依賴，并將其配置為隨系統(tǒng)自動(dòng)啟動(dòng)：

#?systemctl?enable?libvirtd.service?openstack-nova-compute.service

#?systemctl?start?libvirtd.service?openstack-nova-compute.service

?

驗(yàn)證操作：在控制節(jié)點(diǎn)172.25.33.10上進(jìn)行

獲得?admin?憑證來(lái)獲取只有管理員能執(zhí)行的命令的訪問(wèn)權(quán)限：

#.?admin-openrc

列出服務(wù)組件，以驗(yàn)證是否成功啟動(dòng)并注冊(cè)了每個(gè)進(jìn)程：

#?openstack?compute?service?list

+----+------------------+------------------+----------+---------+-------+--------------------+

|?ID?|?Binary???????????|?Host?????????????|?Zone?????|?Status??|?State?|?Updated?At?????????|

+----+------------------+------------------+----------+---------+-------+--------------------+

|??1?|?nova-conductor???|?server10.example?|?internal?|?enabled?|?up????|?2017-04-04T14:07:4?|

|????|??????????????????|??????????????????|??????????|?????????|???????|?9.000000???????????|

|??2?|?nova-scheduler???|?server10.example?|?internal?|?enabled?|?up????|?2017-04-04T14:07:5?|

|????|??????????????????|??????????????????|??????????|?????????|???????|?1.000000???????????|

|??3?|?nova-consoleauth?|?server10.example?|?internal?|?enabled?|?up????|?2017-04-04T14:07:5?|

|????|??????????????????|??????????????????|??????????|?????????|???????|?0.000000???????????|

|??6?|?nova-compute?????|?server11.example?|?nova?????|?enabled?|?up????|?2017-04-04T14:07:5?|

|????|??????????????????|?.com?????????????|??????????|?????????|???????|?1.000000???

網(wǎng)絡(luò)服務(wù)：

控制節(jié)點(diǎn)：

OpenStack網(wǎng)絡(luò)（neutron）管理OpenStack環(huán)境中所有虛擬網(wǎng)絡(luò)基礎(chǔ)設(shè)施（VNI），物理網(wǎng)絡(luò)基礎(chǔ)設(shè)施（PNI）的接入層。OpenStack網(wǎng)絡(luò)允許租戶創(chuàng)建包括像?firewall，?:term:`load?balancer`和?:term:`virtual?private?network?(×××)`等這樣的高級(jí)虛擬網(wǎng)絡(luò)拓?fù)洹?/span>

配置：

1、獲得?admin?憑證來(lái)獲取只有管理員能執(zhí)行的命令的訪問(wèn)權(quán)限：

.?admin-openrc

2、要?jiǎng)?chuàng)建服務(wù)證書，完成這些步驟：

創(chuàng)建``neutron``用戶：

?openstack?user?create?--domain?default?--password-prompt?neutron

添加``admin``?角色到``neutron``?用戶：

openstack?role?add?--project?service?--user?neutron?admin

創(chuàng)建``neutron``服務(wù)實(shí)體：

#??openstack?service?create?--name?neutron?\

>???--description?"OpenStack?Networking"?network

創(chuàng)建網(wǎng)絡(luò)服務(wù)API端點(diǎn)

#?openstack?endpoint?create?--region?RegionOne?\

>???network?public?http://172.25.33.10:9696

+--------------+----------------------------------+

|?Field????????|?Value????????????????????????????|

+--------------+----------------------------------+

|?enabled??????|?True?????????????????????????????|

|?id???????????|?0092457b66b84d869d710e84c715219c?|

|?interface????|?public???????????????????????????|

|?region???????|?RegionOne????????????????????????|

|?region_id????|?RegionOne????????????????????????|

|?service_id???|?a33565b8fdfa4531963fdbb74245d960?|

|?service_name?|?neutron??????????????????????????|

|?service_type?|?network??????????????????????????|

|?url??????????|?http://172.25.33.10:9696?????????|

+--------------+----------------------------------+

#?openstack?endpoint?create?--region?RegionOne???network?internal?http://172.25.33.10:9696

#?openstack?endpoint?create?--region?RegionOne???network?admin?http://172.25.33.10:9696

本網(wǎng)絡(luò)實(shí)例采用公共網(wǎng)絡(luò)：

選項(xiàng)1采用盡可能簡(jiǎn)單的架構(gòu)進(jìn)行部署，只支持實(shí)例連接到公有網(wǎng)絡(luò)（外部網(wǎng)絡(luò)）。沒有私有網(wǎng)絡(luò)（個(gè)人網(wǎng)絡(luò)），路由器以及浮動(dòng)IP地址。只有``admin``或者其他特權(quán)用戶才可以管理公有網(wǎng)絡(luò)

選項(xiàng)2在選項(xiàng)1的基礎(chǔ)上多了layer－3服務(wù)，支持實(shí)例連接到私有網(wǎng)絡(luò)。``demo``或者其他沒有特權(quán)的用戶可以管理自己的私有網(wǎng)絡(luò)，包含連接公網(wǎng)和私網(wǎng)的路由器。另外，浮動(dòng)IP地址可以讓實(shí)例使用私有網(wǎng)絡(luò)連接到外部網(wǎng)絡(luò)，例如互聯(lián)網(wǎng)

yum?install?openstack-neutron?openstack-neutron-ml2?\

??openstack-neutron-linuxbridge?ebtables

配置服務(wù)組件

Networking?服務(wù)器組件的配置包括數(shù)據(jù)庫(kù)、認(rèn)證機(jī)制、消息隊(duì)列、拓?fù)渥兓ㄖ筒寮?/span>

編輯``/etc/neutron/neutron.conf``?文件并完成如下操作：

在?[database]?部分，配置數(shù)據(jù)庫(kù)訪問(wèn)

[database]

connection?=?mysql+pymysql://neutron:neutron@172.25.33.10/neutron

在``[DEFAULT]``部分，啟用Modular?Layer?2?(ML2)插件，路由服務(wù)和重疊的IP地址：

[DEFAULT]

core_plugin?=?ml2

service_plugins?=?

在?“[DEFAULT]”?和?“[oslo_messaging_rabbit]”部分，配置?“RabbitMQ”?消息隊(duì)列的連接：

[DEFAULT]

rpc_backend?=?rabbit

[oslo_messaging_rabbit]

rabbit_host?=?172.25.33.10

rabbit_userid?=?openstack

rabbit_password?=rabbit

在?“[DEFAULT]”?和?“[keystone_authtoken]”?部分，配置認(rèn)證服務(wù)訪問(wèn)：

[DEFAULT]

auth_strategy?=?keystone

?

[keystone_authtoken]

auth_uri?=?http://172.25.33.10:5000

auth_url?=?http://172.25.33.10:35357

memcached_servers?=?172.25.33.10:11211

auth_type?=?password

project_domain_name?=?default

user_domain_name?=?default

project_name?=?service

username?=?neutron

password?=?neutron

在``[DEFAULT]``和``[nova]``部分，配置網(wǎng)絡(luò)服務(wù)來(lái)通知計(jì)算節(jié)點(diǎn)的網(wǎng)絡(luò)拓?fù)渥兓?#xff1a;

[DEFAULT]

notify_nova_on_port_status_changes?=?True

notify_nova_on_port_data_changes?=?True

?

[nova]

auth_url?=?http://172.25.33.10:35357

auth_type?=?password

project_domain_name?=?default

user_domain_name?=?default

region_name?=?RegionOne

project_name?=?service

username?=?nova

password?=?nova

在?[oslo_concurrency]?部分，配置鎖路徑：

[oslo_concurrency]

lock_path?=?/var/lib/neutron/tmp

配置?Modular?Layer?2?(ML2)?插件

ML2插件使用Linuxbridge機(jī)制來(lái)為實(shí)例創(chuàng)建layer－2虛擬網(wǎng)絡(luò)基礎(chǔ)設(shè)施

編輯``/etc/neutron/plugins/ml2/ml2_conf.ini``文件并完成以下操作：

在``[ml2]``部分，啟用flat和VLAN網(wǎng)絡(luò)以及VXLAN網(wǎng)絡(luò)：：

[ml2]

type_drivers?=?flat,vlan

在``[ml2]``部分，禁用私有網(wǎng)絡(luò)：

[ml2]

tenant_network_types?=?

在``[ml2]``部分，啟用Linuxbridge機(jī)制：

[ml2]

mechanism_drivers?=?linuxbridge

在``[ml2]``?部分，啟用端口安全擴(kuò)展驅(qū)動(dòng)：

[ml2]

extension_drivers?=?port_security

在``[ml2_type_flat]``部分，配置公共虛擬網(wǎng)絡(luò)為flat網(wǎng)絡(luò)

[ml2_type_flat]

flat_networks?=?provider

在?``[securitygroup]``部分，啟用?ipset?增加安全組規(guī)則的高效性：

[securitygroup]

enable_ipset?=?True

配置Linuxbridge代理

Linuxbridge代理為實(shí)例建立layer－2虛擬網(wǎng)絡(luò)并且處理安全組規(guī)則。

編輯``/etc/neutron/plugins/ml2/linuxbridge_agent.ini``文件并且完成以下操作：

在``[linux_bridge]``部分，將公共虛擬網(wǎng)絡(luò)和公共物理網(wǎng)絡(luò)接口對(duì)應(yīng)起來(lái)：

[linux_bridge]

physical_interface_mappings?=public:eth0

將``PUBLIC_INTERFACE_NAME``?替換為底層的物理公共網(wǎng)絡(luò)接口

在``[vxlan]``部分，禁用VXLAN覆蓋網(wǎng)絡(luò)

[vxlan]

enable_vxlan?=?False

在?``[securitygroup]``部分，啟用安全組并配置?Linuxbridge?iptables?firewall?driver:

[securitygroup]

enable_security_group?=?True

firewall_driver?=?neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

配置DHCP代理

The?DHCP?agent?provides?DHCP?services?for?virtual?networks

編輯``/etc/neutron/dhcp_agent.ini``文件并完成下面的操作：

在``[DEFAULT]``部分，配置Linuxbridge驅(qū)動(dòng)接口，DHCP驅(qū)動(dòng)并啟用隔離元數(shù)據(jù)，這樣在公共網(wǎng)絡(luò)上的實(shí)例就可以通過(guò)網(wǎng)絡(luò)來(lái)訪問(wèn)元數(shù)據(jù)

[DEFAULT]

interface_driver?=?neutron.agent.linux.interface.BridgeInterfaceDriver

dhcp_driver?=?neutron.agent.linux.dhcp.Dnsmasq

enable_isolated_metadata?=?True

配置元數(shù)據(jù)代理

編輯``/etc/neutron/metadata_agent.ini``文件并完成以下操作：

在``[DEFAULT]``?部分，配置元數(shù)據(jù)主機(jī)以及共享密碼：

[DEFAULT]

nova_metadata_ip?=?172.25.33.10

metadata_proxy_shared_secret?=redhat

為計(jì)算節(jié)點(diǎn)配置網(wǎng)絡(luò)服務(wù)

編輯``/etc/nova/nova.conf``文件并完成以下操作：

在``[neutron]``部分，配置訪問(wèn)參數(shù)，啟用元數(shù)據(jù)代理并設(shè)置密碼：

[neutron]

url?=?http://172.25.33.10:9696

auth_url?=?http:/172.25.33.10:35357

auth_type?=?password

project_domain_name?=?default

user_domain_name?=?default

region_name?=?RegionOne

project_name?=?service

username?=?neutron

password?=?neutron

service_metadata_proxy?=?True

metadata_proxy_shared_secret?=?redhat

完成安裝

網(wǎng)絡(luò)服務(wù)初始化腳本需要一個(gè)超鏈接?/etc/neutron/plugin.ini``指向ML2插件配置文件/etc/neutron/plugins/ml2/ml2_conf.ini``。如果超鏈接不存在，使用下面的命令創(chuàng)建它：

ln?-s?/etc/neutron/plugins/ml2/ml2_conf.ini?/etc/neutron/plugin.ini

同步數(shù)據(jù)庫(kù)：

su?-s?/bin/sh?-c?"neutron-db-manage?--config-file?/etc/neutron/neutron.conf?\

??--config-file?/etc/neutron/plugins/ml2/ml2_conf.ini?upgrade?head"?neutron

最后顯示OK?即為成功

重啟計(jì)算API?服務(wù)

#?systemctl?restart?openstack-nova-api.service

開機(jī)啟動(dòng)

#?systemctl?enable?neutron-server.service?\

??neutron-linuxbridge-agent.service?neutron-dhcp-agent.service?\

??neutron-metadata-agent.service

#?systemctl?start?neutron-server.service?\

??neutron-linuxbridge-agent.service?neutron-dhcp-agent.service?\

??neutron-metadata-agent.service

對(duì)于網(wǎng)絡(luò)選項(xiàng)2，同樣啟用layer－3服務(wù)并設(shè)置其隨系統(tǒng)自啟動(dòng)

#?systemctl?enable?neutron-l3-agent.service

#?systemctl?start?neutron-l3-agent.service

?

計(jì)算節(jié)點(diǎn)：

#?yum?install?openstack-neutron-linuxbridge?ebtables?ipset

Networking?通用組件的配置包括認(rèn)證機(jī)制、消息隊(duì)列和插件

編輯``/etc/neutron/neutron.conf``?文件并完成如下操作：

在``[database]``?部分，注釋所有``connection``?項(xiàng)，因?yàn)橛?jì)算節(jié)點(diǎn)不直接訪問(wèn)數(shù)據(jù)庫(kù)。

在“[DEFAULT]”?和?“[oslo_messaging_rabbit]”部分，配置?“RabbitMQ”?消息隊(duì)列的連接：

[DEFAULT]

rpc_backend?=?rabbit

?

[oslo_messaging_rabbit]

rabbit_host?=?172.25.33.10

rabbit_userid?=?openstack

rabbit_password?=?rabbit

在?“[DEFAULT]”?和?“[keystone_authtoken]”?部分，配置認(rèn)證服務(wù)訪問(wèn)：

[DEFAULT]

auth_strategy?=?keystone

?

[keystone_authtoken]

auth_uri?=?http://172.25.33.10:5000

auth_url?=?http://172.25.33.10:35357

memcached_servers?=?172.25.33.10:11211

auth_type?=?password

project_domain_name?=?default

user_domain_name?=?default

project_name?=?service

username?=?neutron

password?=?neturon

在?[oslo_concurrency]?部分，配置鎖路徑：

[oslo_concurrency]

lock_path?=?/var/lib/neutron/tmp

選擇公有網(wǎng)絡(luò)：（可以將minion1上的配置考過(guò)來(lái)）

配置Linuxbridge代理

Linuxbridge代理為實(shí)例建立layer－2虛擬網(wǎng)絡(luò)并且處理安全組規(guī)則。

編輯``/etc/neutron/plugins/ml2/linuxbridge_agent.ini``文件并且完成以下操作：

在``[linux_bridge]``部分，將公共虛擬網(wǎng)絡(luò)和公共物理網(wǎng)絡(luò)接口對(duì)應(yīng)起來(lái)：

[linux_bridge]

physical_interface_mappings?=public:eth0

在``[vxlan]``部分，禁止VXLAN覆蓋網(wǎng)絡(luò)：

[vxlan]

enable_vxlan?=?False

在?``[securitygroup]``部分，啟用安全組并配置?Linuxbridge?iptables?firewall?driver:

[securitygroup]

enable_security_group?=?True

firewall_driver?=?neutron.agent.linux.iptables_firewall.IptablesFirewallDr

編輯``/etc/nova/nova.conf``文件并完成下面的操作：

在``[neutron]``?部分，配置訪問(wèn)參數(shù)：

[neutron]

url?=?http://172.25.33.10:9696

auth_url?=?http://172.25.33.10:35357

auth_type?=?password

project_domain_name?=?default

user_domain_name?=?default

region_name?=?RegionOne

project_name?=?service

username?=?neutron

password?=?neutron

重啟計(jì)算服務(wù)：

#?systemctl?restart?openstack-nova-compute.service

開機(jī)啟動(dòng)：

#?systemctl?enable?neutron-linuxbridge-agent.service

#?systemctl?start?neutron-linuxbridge-agent.service

?

檢驗(yàn)：

neutron?ext-listneutron?ext-list

neutron?CLI?is?deprecated?and?will?be?removed?in?the?future.?Use?openstack?CLI?instead.

+---------------------------+--------------------------------------------------+

|?alias?????????????????????|?name?????????????????????????????????????????????|

+---------------------------+--------------------------------------------------+

|?default-subnetpools???????|?Default?Subnetpools??????????????????????????????|

|?availability_zone?????????|?Availability?Zone????????????????????????????????|

|?network_availability_zone?|?Network?Availability?Zone????????????????????????|

|?binding???????????????????|?Port?Binding?????????????????????????????????????|

|?agent?????????????????????|?agent????????????????????????????????????????????|

|?subnet_allocation?????????|?Subnet?Allocation????????????????????????????????|

|?dhcp_agent_scheduler??????|?DHCP?Agent?Scheduler?????????????????????????????|

|?tag???????????????????????|?Tag?support??????????????????????????????????????|

|?external-net??????????????|?Neutron?external?network?????????????????????????|

|?flavors???????????????????|?Neutron?Service?Flavors??????????????????????????|

|?net-mtu???????????????????|?Network?MTU??????????????????????????????????????|

|?network-ip-availability???|?Network?IP?Availability??????????????????????????|

|?quotas????????????????????|?Quota?management?support?????????????????????????|

|?provider??????????????????|?Provider?Network?????????????????????????????????|

|?multi-provider????????????|?Multi?Provider?Network???????????????????????????|

|?address-scope?????????????|?Address?scope????????????????????????????????????|

|?subnet-service-types??????|?Subnet?service?types?????????????????????????????|

|?standard-attr-timestamp???|?Resource?timestamps??????????????????????????????|

|?service-type??????????????|?Neutron?Service?Type?Management??????????????????|

|?tag-ext???????????????????|?Tag?support?for?resources:?subnet,?subnetpool,???|

|???????????????????????????|?port,?router?????????????????????????????????????|

|?extra_dhcp_opt????????????|?Neutron?Extra?DHCP?opts??????????????????????????|

|?standard-attr-revisions???|?Resource?revision?numbers????????????????????????|

|?pagination????????????????|?Pagination?support???????????????????????????????|

|?sorting???????????????????|?Sorting?support??????????????????????????????????|

|?security-group????????????|?security-group???????????????????????????????????|

|?rbac-policies?????????????|?RBAC?Policies????????????????????????????????????|

|?standard-attr-description?|?standard-attr-description????????????????????????|

|?port-security?????????????|?Port?Security????????????????????????????????????|

|?allowed-address-pairs?????|?Allowed?Address?Pairs????????????????????????????|

|?project-id????????????????|?project_id?field?enabled?????????????????????????|

+---------------------------+--------------------------------------------------+

?

列出代理以驗(yàn)證啟動(dòng)?neutron?代理是否成功：

#?neutron?agent-list

neutron?CLI?is?deprecated?and?will?be?removed?in?the?future.?Use?openstack?CLI?instead.

+----------+------------+----------+-------------------+-------+----------------+---------------+

|?id???????|?agent_type?|?host?????|?availability_zone?|?alive?|?admin_state_up?|?binary????????|

+----------+------------+----------+-------------------+-------+----------------+---------------+

|?0d135b32?|?DHCP?agent?|?server10?|?nova??????????????|?:-)???|?True???????????|?neutron-dhcp-?|

|?-f115-4d?|????????????|?.example?|???????????????????|???????|????????????????|?agent?????????|

|?2f-8296-?|????????????|??????????|???????????????????|???????|????????????????|???????????????|

|?27c6590c?|????????????|??????????|???????????????????|???????|????????????????|???????????????|

|?a08c?????|????????????|??????????|???????????????????|???????|????????????????|???????????????|

|?6c603475?|?Metadata???|?server10?|???????????????????|?:-)???|?True???????????|?neutron-??????|

|?-571a-4b?|?agent??????|?.example?|???????????????????|???????|????????????????|?metadata-?????|

|?de-a414-?|????????????|??????????|???????????????????|???????|????????????????|?agent?????????|

|?b6531938?|????????????|??????????|???????????????????|???????|????????????????|???????????????|

|?8508?????|????????????|??????????|???????????????????|???????|????????????????|???????????????|

|?b8667984?|?Linux??????|?server11?|???????????????????|?:-)???|?True???????????|?neutron-??????|

|?-0d75????|?bridge?????|?.example?|???????????????????|???????|????????????????|?linuxbridge-??|

|?-47bf-???|?agent??????|?.com?????|???????????????????|???????|????????????????|?agent?????????|

|?958b-c88?|????????????|??????????|???????????????????|???????|????????????????|???????????????|

|?6244ff1f?|????????????|??????????|???????????????????|???????|????????????????|???????????????|

|?7????????|????????????|??????????|???????????????????|???????|????????????????|???????????????|

+----------+------------+----------+-------------------+-------+----------------+---------------+

?

配置文件一覽：

控制節(jié)點(diǎn)：

#?cat?/etc/neutron/neutron.conf?

[DEFAULT]

rpc_backend?=?rabbit

core_plugin?=?ml2

service_plugins?=

auth_strategy?=?keystone

notify_nova_on_port_status_changes?=?True

notify_nova_on_port_data_changes?=?True

?

?

[database]

connection?=?mysql+pymysql://neutron:neutron@172.25.33.10/neutron

?

?

[oslo_messaging_rabbit]

?

?

rabbit_host?=?172.25.33.10

rabbit_userid?=?openstack

rabbit_password?=?rabbit

?

[keystone_authtoken]

?

auth_uri?=?http://172.25.33.10:5000

auth_url?=?http://172.25.33.10:35357

memcached_servers?=?172.25.33.10:11211

auth_type?=?password

project_domain_name?=?default

user_domain_name?=?default

project_name?=?service

username?=?neutron

password?=?neutron

?

[nova]

auth_url?=?http://172.25.33.10:35357

auth_type?=?password

project_domain_name?=?default

user_domain_name?=?default

region_name?=?RegionOne

project_name?=?service

username?=?nova

password?=?nova

[oslo_concurrency]

?

?

lock_path?=?/var/lib/neutron/tmp

?

#?grep?^[a-Z]?/etc/nova/nova.conf?

rpc_backend?=?rabbit

enabled_apis?=?osapi_compute,metadata

auth_strategy?=?keystone

my_ip?=?172.25.33.10

use_neutron?=?True

firewall_driver?=?nova.virt.firewall.NoopFirewallDriver

connection?=?mysql+pymysql://nova:nova@172.25.33.10/nova_api

connection?=?mysql+pymysql://nova:nova@172.25.33.10/nova

api_servers?=?http://172.25.33.10:9292

auth_uri?=?http://172.25.33.10:5000

auth_url?=?http://172.25.33.10:35357

memcached_servers?=?172.25.33.10:11211

auth_type?=?password

project_domain_name?=?default

user_domain_name?=?default

project_name?=?service

username?=?nova

password?=?nova

url?=?http://172.25.33.10:9696

auth_url?=?http:/172.25.33.10:35357

auth_type?=?password

project_domain_name?=?default

user_domain_name?=?default

region_name?=?RegionOne

project_name?=?service

username?=?neutron

password?=?neutron

service_metadata_proxy?=?True

metadata_proxy_shared_secret?=?redhat//Z這個(gè)密碼后邊要用

lock_path?=?/var/lib/nova/tmp

rabbit_host?=?172.25.33.10

rabbit_userid?=?openstack

rabbit_password?=?rabbit

vncserver_listen?=?$my_ip

vncserver_proxyclient_address?=?$my_ip

?

?

[root@server10?~]#?grep?^[a-Z]?/etc/neutron/plugins/ml2/ml2_conf.ini

type_drivers?=?flat,vlan

tenant_network_types?=

mechanism_drivers?=?linuxbridge

extension_drivers?=?port_security

flat_networks?=?provider

enable_ipset?=?True

[root@server10?~]#?grep?^[a-Z]?/etc/neutron/plugins/ml2/linuxbridge_agent.ini

physical_interface_mappings?=?public:eth0

enable_security_group?=?True

firewall_driver?=?neutron.agent.linux.iptables_firewall.IptablesFirewal

enable_vxlan?=?False

?

#?grep?^[a-Z]?/etc/neutron/plugins/ml2/linuxbridge_agent.ini

physical_interface_mappings?=?public:eth0

enable_security_group?=?True

firewall_driver?=?neutron.agent.linux.iptables_firewall.IptablesFirewal

enable_vxlan?=?False

[root@server10?~]#?grep?^[a-Z]?//etc/neutron/dhcp_agent.ini

interface_driver?=?neutron.agent.linux.interface.BridgeInterfaceDriver

dhcp_driver?=?neutron.agent.linux.dhcp.Dnsmasq

enable_isolated_metadata?=?True

?

?

#?grep?^[a-Z]?//etc/neutron/dhcp_agent.ini

interface_driver?=?neutron.agent.linux.interface.BridgeInterfaceDriver

dhcp_driver?=?neutron.agent.linux.dhcp.Dnsmasq

enable_isolated_metadata?=?True

?

[root@server10?~]#?grep?^[a-Z]?/etc/neutron/metadata_agent.ini

nova_metadata_ip?=?172.25.33.10

metadata_proxy_shared_secret?=?redhat//用的是上邊的元數(shù)據(jù)區(qū)密碼

?

計(jì)算節(jié)點(diǎn)：

#?grep?^[a-Z]?/etc/neutron/neutron.conf

rpc_backend?=?rabbit

auth_strategy?=?keystone

rabbit_host?=?172.25.33.10

rabbit_userid?=?openstack

rabbit_password?=?rabbit

auth_uri?=?http://172.25.33.10:5000

auth_url?=?http://172.25.33.10:35357

memcached_servers?=?172.25.33.10:11211

auth_type?=?password

project_domain_name?=?default

user_domain_name?=?default

project_name?=?service

username?=?neutron

password?=?neutron

lock_path?=?/var/lib/neutron/tmp

?

#?grep?^[a-Z]?/etc/neutron/plugins/ml2/linuxbridge_agent.ini

physical_interface_mappings?=?public:eth0

enable_vxlan?=?False

enable_security_group?=?True

firewall_driver?=?neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

?

#?grep?^[a-Z]?/etc/nova/nova.conf

rpc_backend?=?rabbit

enabled_apis?=?osapi_compute,metadata

auth_strategy?=?keystone

my_ip?=?172.25.33.10

use_neutron?=?True

firewall_driver?=?nova.virt.firewall.NoopFirewallDriver

connection?=?mysql+pymysql://nova:nova@172.25.33.10/nova_api

connection?=?mysql+pymysql://nova:nova@172.25.33.10/nova

api_servers?=?http://172.25.33.10:9292

auth_uri?=?http://172.25.33.10:5000

auth_url?=?http://172.25.33.10:35357

memcached_servers?=?172.25.33.10:11211

auth_type?=?password

project_domain_name?=?default

user_domain_name?=?default

project_name?=?service

username?=?nova

password?=?nova

virt_type?=?qemu

url?=?http://172.25.33.10:9696

auth_url?=?http://172.25.33.10:35357

auth_type?=?password

project_domain_name?=?default

user_domain_name?=?default

region_name?=?RegionOne

project_name?=?service

username?=?neutron

password?=?neutron

lock_path?=?/var/lib/nova/tmp

rabbit_host?=?172.25.33.10

rabbit_userid?=?openstack

rabbit_password?=?rabbit

auth_uri?=?http://172.25.33.10:5000

auth_url?=?http://172.25.33.10:35357

memcached_servers?=?172.25.33.10:11211

auth_type?=?password

project_domain_name?=?default

user_domain_name?=?default

project_name?=?service

username?=?nova

password?=?nova

os_region_name?=?RegionOne

enabled?=?True

vncserver_listen?=?0.0.0.0

vncserver_proxyclient_address?=?172.25.33.11

ovncproxy_base_url?=?http://172.25.33.10:6080/vnc_auto.html

?

注意：所有密碼和服務(wù)名稱相同

172.25.33.10為控制節(jié)點(diǎn)

172.25.33.11為計(jì)算節(jié)點(diǎn)

至此，基礎(chǔ)服務(wù)已經(jīng)完成，可以創(chuàng)建實(shí)例：

?

----------

創(chuàng)建虛擬網(wǎng)絡(luò)

---------

公共網(wǎng)絡(luò)：

創(chuàng)建公共網(wǎng)絡(luò)：

1、在控制節(jié)點(diǎn)上，加載?admin?憑證來(lái)獲取管理員能執(zhí)行的命令訪問(wèn)權(quán)限：

source?admin-openrc

2、創(chuàng)建網(wǎng)絡(luò)：

#?neutron?net-create?--shared?--provider:physical_network?provider?\

>???--provider:network_type?flat?public

neutron?CLI?is?deprecated?and?will?be?removed?in?the?future.?Use?openstack?CLI?instead.

Created?a?new?network:

+---------------------------+--------------------------------------+

|?Field?????????????????????|?Value????????????????????????????????|

+---------------------------+--------------------------------------+

|?admin_state_up????????????|?True?????????????????????????????????|

|?availability_zone_hints???|??????????????????????????????????????|

|?availability_zones????????|??????????????????????????????????????|

|?created_at????????????????|?2017-04-09T11:35:39Z?????????????????|

|?description???????????????|??????????????????????????????????????|

|?id????????????????????????|?876887d3-2cf3-4253-9804-346f180b6077?|

|?ipv4_address_scope????????|??????????????????????????????????????|

|?ipv6_address_scope????????|??????????????????????????????????????|

|?mtu???????????????????????|?1500?????????????????????????????????|

|?name??????????????????????|?public???????????????????????????????|

|?port_security_enabled?????|?True?????????????????????????????????|

|?project_id????????????????|?7f1f3eae73dc439da7f53c15c634c4e7?????|

|?provider:network_type?????|?flat?????????????????????????????????|

|?provider:physical_network?|?provider?????????????????????????????|

|?provider:segmentation_id??|??????????????????????????????????????|

|?revision_number???????????|?3????????????????????????????????????|

|?router:external???????????|?False????????????????????????????????|

|?shared????????????????????|?True?????????????????????????????????|

|?status????????????????????|?ACTIVE???????????????????????????????|

|?subnets???????????????????|??????????????????????????????????????|

|?tags??????????????????????|??????????????????????????????????????|

|?tenant_id?????????????????|?7f1f3eae73dc439da7f53c15c634c4e7?????|

|?updated_at????????????????|?2017-04-09T11:35:39Z?????????????????|

+---------------------------+--------------------------------------+

``–shared``選項(xiàng)允許所有項(xiàng)目使用虛擬網(wǎng)絡(luò)

查看網(wǎng)絡(luò)CIDR?#?neutron?net-list

neutron?CLI?is?deprecated?and?will?be?removed?in?the?future.?Use?openstack?CLI?instead.

+----------------------+--------+----------------------+-----------------------+

|?id???????????????????|?name???|?tenant_id????????????|?subnets???????????????|

+----------------------+--------+----------------------+-----------------------+

|?876887d3-2cf3-4253-9?|?public?|?7f1f3eae73dc439da7f5?|?6428d4dd-e15d-48b0????|

|?804-346f180b6077?????|????????|?3c15c634c4e7?????????|?-995e-45df957f4735????|

|??????????????????????|????????|??????????????????????|?172.25.33.0/24????????|

+----------------------+--------+----------------------+-----------------------+

?

3、在網(wǎng)絡(luò)上創(chuàng)建一個(gè)子網(wǎng)：

#?neutron?subnet-create?--name?provider??--allocation-pool?start=172.25.33.100,end=172.25.33.200?--dns-nameserver?114.114.114.114?--gateway?172.25.33.250?public?172.25.33.0/24?

neutron?CLI?is?deprecated?and?will?be?removed?in?the?future.?Use?openstack?CLI?instead.

Created?a?new?subnet:

+-------------------+----------------------------------------------------+

|?Field?????????????|?Value??????????????????????????????????????????????|

+-------------------+----------------------------------------------------+

|?allocation_pools??|?{"start":?"172.25.33.100",?"end":?"172.25.33.200"}?|

|?cidr??????????????|?172.25.33.0/24?????????????????????????????????????|

|?created_at????????|?2017-04-09T11:40:38Z???????????????????????????????|

|?description???????|????????????????????????????????????????????????????|

|?dns_nameservers???|?114.114.114.114????????????????????????????????????|

|?enable_dhcp???????|?True???????????????????????????????????????????????|

|?gateway_ip????????|?172.25.33.250??????????????????????????????????????|

|?host_routes???????|????????????????????????????????????????????????????|

|?id????????????????|?6428d4dd-e15d-48b0-995e-45df957f4735???????????????|

|?ip_version????????|?4??????????????????????????????????????????????????|

|?ipv6_address_mode?|????????????????????????????????????????????????????|

|?ipv6_ra_mode??????|????????????????????????????????????????????????????|

|?name??????????????|?provider???????????????????????????????????????????|

|?network_id????????|?876887d3-2cf3-4253-9804-346f180b6077???????????????|

|?project_id????????|?7f1f3eae73dc439da7f53c15c634c4e7???????????????????|

|?revision_number???|?2??????????????????????????????????????????????????|

|?service_types?????|????????????????????????????????????????????????????|

|?subnetpool_id?????|????????????????????????????????????????????????????|

|?tags??????????????|????????????????????????????????????????????????????|

|?tenant_id?????????|?7f1f3eae73dc439da7f53c15c634c4e7???????????????????|

|?updated_at????????|?2017-04-09T11:40:38Z???????????????????????????????|

+-------------------+----------------------------------------------------+

使用提供者物理網(wǎng)絡(luò)的子網(wǎng)CIDR標(biāo)記替換``PROVIDER_NETWORK_CIDR``。即上文列出的子網(wǎng)

將?DNS_RESOLVER?替換為DNS解析服務(wù)的IP地址。在大多數(shù)情況下，你可以從主機(jī)``/etc/resolv.conf``?文件選擇一個(gè)使用。

將``PUBLIC_NETWORK_GATEWAY``?替換為公共網(wǎng)絡(luò)的網(wǎng)關(guān)，一般的網(wǎng)關(guān)IP地址以?”.1”?結(jié)尾。??也可以使用宿主機(jī)的IP。

?

創(chuàng)建m1.nano規(guī)格的主機(jī)

默認(rèn)的最小規(guī)格的主機(jī)需要512?MB內(nèi)存。對(duì)于環(huán)境中計(jì)算節(jié)點(diǎn)內(nèi)存不足4?GB的，我們推薦創(chuàng)建只需要64?MB的``m1.nano``規(guī)格的主機(jī)。若單純?yōu)榱藴y(cè)試的目的，請(qǐng)使用``m1.nano``規(guī)格的主機(jī)來(lái)加載CirrOS鏡像

#?openstack?flavor?create?--id?0?--vcpus?1?--ram?64?--disk?1?m1.nano

+----------------------------+---------+

|?Field??????????????????????|?Value???|

+----------------------------+---------+

|?OS-FLV-DISABLED:disabled???|?False???|

|?OS-FLV-EXT-DATA:ephemeral??|?0???????|

|?disk???????????????????????|?1???????|

|?id?????????????????????????|?0???????|

|?name???????????????????????|?m1.nano?|

|?os-flavor-access:is_public?|?True????|

|?properties?????????????????|?????????|

|?ram????????????????????????|?64??????|

|?rxtx_factor????????????????|?1.0?????|

|?swap???????????????????????|?????????|

|?vcpus??????????????????????|?1???????|

+----------------------------+---------+

生成一個(gè)鍵值對(duì)

大部分云鏡像支持公共密鑰認(rèn)證而不是傳統(tǒng)的密碼認(rèn)證。在啟動(dòng)實(shí)例前，你必須添加一個(gè)公共密鑰到計(jì)算服務(wù)。

導(dǎo)入租戶``demo``的憑證

$?.?demo-openrc

生成和添加秘鑰對(duì)：

$?ssh-keygen?-q?-N?""

$?openstack?keypair?create?--public-key?~/.ssh/id_rsa.pub?mykey

+-------------+-------------------------------------------------+

|?Field???????|?Value???????????????????????????????????????????|

+-------------+-------------------------------------------------+

|?fingerprint?|?7f:a9:fd:62:e4:2b:87:84:27:f1:ce:d4:c1:89:f3:b8?|

|?name????????|?mykey???????????????????????????????????????????|

|?user_id?????|?251ad20a4d754dc4a104a3f5b8159142????????????????|

+-------------+-------------------------------------------------+

驗(yàn)證公鑰的添加：

#?openstack?keypair?list

+-------+-------------------------------------------------+

|?Name??|?Fingerprint?????????????????????????????????????|

+-------+-------------------------------------------------+

|?mykey?|?7f:a9:fd:62:e4:2b:87:84:27:f1:ce:d4:c1:89:f3:b8?|

+-------+-------------------------------------------------+

?

增加安全組規(guī)則

默認(rèn)情況下，?``default``安全組適用于所有實(shí)例并且包括拒絕遠(yuǎn)程訪問(wèn)實(shí)例的防火墻規(guī)則。對(duì)諸如CirrOS這樣的Linux鏡像，我們推薦至少允許ICMP?(ping)?和安全shell(SSH)規(guī)則。

添加規(guī)則到?default?安全組。

允許?ICMP?(ping)：

#?openstack?security?group?rule?create?--proto?icmp?default

+-------------------+--------------------------------------+

|?Field?????????????|?Value????????????????????????????????|

+-------------------+--------------------------------------+

|?created_at????????|?2017-04-09T11:46:06Z?????????????????|

|?description???????|??????????????????????????????????????|

|?direction?????????|?ingress??????????????????????????????|

|?ether_type????????|?IPv4?????????????????????????????????|

|?id????????????????|?5a168a4b-7e2a-40ee-8302-d19fbb7dda6d?|

|?name??????????????|?None?????????????????????????????????|

|?port_range_max????|?None?????????????????????????????????|

|?port_range_min????|?None?????????????????????????????????|

|?project_id????????|?45a1b89bc5de479e8d3e04eae314ee88?????|

|?protocol??????????|?icmp?????????????????????????????????|

|?remote_group_id???|?None?????????????????????????????????|

|?remote_ip_prefix??|?0.0.0.0/0????????????????????????????|

|?revision_number???|?1????????????????????????????????????|

|?security_group_id?|?eb93c9e4-c2fd-45fc-806c-d1640ac3bf2e?|

|?updated_at????????|?2017-04-09T11:46:06Z?????????????????|

+-------------------+--------------------------------------+

允許安全?shell?(SSH)?的訪問(wèn)：

[root@server10?~]#?openstack?security?group?rule?create?--proto?tcp?--dst-port?22?default

+-------------------+--------------------------------------+

|?Field?????????????|?Value????????????????????????????????|

+-------------------+--------------------------------------+

|?created_at????????|?2017-04-09T11:46:34Z?????????????????|

|?description???????|??????????????????????????????????????|

|?direction?????????|?ingress??????????????????????????????|

|?ether_type????????|?IPv4?????????????????????????????????|

|?id????????????????|?26a91aee-5cd7-4c4d-acc6-104b7be0bc59?|

|?name??????????????|?None?????????????????????????????????|

|?port_range_max????|?22???????????????????????????????????|

|?port_range_min????|?22???????????????????????????????????|

|?project_id????????|?45a1b89bc5de479e8d3e04eae314ee88?????|

|?protocol??????????|?tcp??????????????????????????????????|

|?remote_group_id???|?None?????????????????????????????????|

|?remote_ip_prefix??|?0.0.0.0/0????????????????????????????|

|?revision_number???|?1????????????????????????????????????|

|?security_group_id?|?eb93c9e4-c2fd-45fc-806c-d1640ac3bf2e?|

|?updated_at????????|?2017-04-09T11:46:34Z?????????????????|

+-------------------+--------------------------------------+

?

在公有網(wǎng)絡(luò)上創(chuàng)建實(shí)例

一個(gè)實(shí)例指定了虛擬機(jī)資源的大致分配，包括處理器、內(nèi)存和存儲(chǔ)。

列出可用類型：

#?openstack?flavor?list

+----+---------+-----+------+-----------+-------+-----------+

|?ID?|?Name????|?RAM?|?Disk?|?Ephemeral?|?VCPUs?|?Is?Public?|

+----+---------+-----+------+-----------+-------+-----------+

|?0??|?m1.nano?|??64?|????1?|?????????0?|?????1?|?True??????|

+----+---------+-----+------+-----------+-------+-----------+

這里由于給虛擬機(jī)的內(nèi)存過(guò)小發(fā)生了一個(gè)cannot?allocate?memory的報(bào)錯(cuò)

列出可用鏡像：

#?openstack?p_w_picpath?list

+--------------------------------------+--------+--------+

|?ID???????????????????????????????????|?Name???|?Status?|

+--------------------------------------+--------+--------+

|?2ed41322-bbd2-45b0-8560-35af76041798?|?cirros?|?active?|

+--------------------------------------+--------+--------+

列出可用網(wǎng)絡(luò)：

#?openstack?network?list

+----------------------------------+--------+----------------------------------+

|?ID???????????????????????????????|?Name???|?Subnets??????????????????????????|

+----------------------------------+--------+----------------------------------+

|?876887d3-2cf3-4253-9804-346f180b?|?public?|?6428d4dd-e15d-48b0-995e-?????????|

|?6077?????????????????????????????|????????|?45df957f4735?????????????????????|

+----------------------------------+--------+----------------------------------+

這個(gè)實(shí)例使用?``provider``公有網(wǎng)絡(luò)。?你必須使用ID而不是名稱才可以使用這個(gè)網(wǎng)絡(luò)

列出可用的安全組：

#?openstack?security?group?list

+----------------------------+---------+------------------------+---------+

|?ID?????????????????????????|?Name????|?Description????????????|?Project?|

+----------------------------+---------+------------------------+---------+

|?eb93c9e4-c2fd-45fc-806c-???|?default?|?Default?security?group?|?????????|

|?d1640ac3bf2e???????????????|?????????|????????????????????????|?????????|

+----------------------------+---------+------------------------+---------+

創(chuàng)建實(shí)例

啟動(dòng)實(shí)例：

使用``public``公有網(wǎng)絡(luò)的ID替換``PUBLIC_NET_ID``

#?openstack?server?create?--flavor?m1.nano?--p_w_picpath?cirros?--nic?net-id=876887d3-2cf3-4253-9804-346f180b6077?--security-group?default?--key-name?mykey?public-instance

+-----------------------------+-----------------------------------------------+

|?Field???????????????????????|?Value?????????????????????????????????????????|

+-----------------------------+-----------------------------------------------+

|?OS-DCF:diskConfig???????????|?MANUAL????????????????????????????????????????|

|?OS-EXT-AZ:availability_zone?|???????????????????????????????????????????????|

|?OS-EXT-STS:power_state??????|?NOSTATE???????????????????????????????????????|

|?OS-EXT-STS:task_state???????|?scheduling????????????????????????????????????|

|?OS-EXT-STS:vm_state?????????|?building??????????????????????????????????????|

|?OS-SRV-USG:launched_at??????|?None??????????????????????????????????????????|

|?OS-SRV-USG:terminated_at????|?None??????????????????????????????????????????|

|?accessIPv4??????????????????|???????????????????????????????????????????????|

|?accessIPv6??????????????????|???????????????????????????????????????????????|

|?addresses???????????????????|???????????????????????????????????????????????|

|?adminPass???????????????????|?nJ5gwMuEG4vN??????????????????????????????????|

|?config_drive????????????????|???????????????????????????????????????????????|

|?created?????????????????????|?2017-04-09T12:11:15Z??????????????????????????|

|?flavor??????????????????????|?m1.nano?(0)???????????????????????????????????|

|?hostId??????????????????????|???????????????????????????????????????????????|

|?id??????????????????????????|?9ddc6c6b-4847-47ae-91de-8cd7a607c212??????????|

|?p_w_picpath???????????????????????|?cirros?(2ed41322-bbd2-45b0-8560-35af76041798)?|

|?key_name????????????????????|?mykey?????????????????????????????????????????|

|?name????????????????????????|?public-instance???????????????????????????????|

|?progress????????????????????|?0?????????????????????????????????????????????|

|?project_id??????????????????|?45a1b89bc5de479e8d3e04eae314ee88??????????????|

|?properties??????????????????|???????????????????????????????????????????????|

|?security_groups?????????????|?name='default'????????????????????????????????|

|?status??????????????????????|?BUILD?????????????????????????????????????????|

|?updated?????????????????????|?2017-04-09T12:11:16Z??????????????????????????|

|?user_id?????????????????????|?251ad20a4d754dc4a104a3f5b8159142??????????????|

|?volumes_attached????????????|???????????????????????????????????????????????|

+-----------------------------+-----------------------------------------------+

檢查實(shí)例的狀態(tài)

#?openstack?server?list

+----------------------+-----------------+--------+----------+------------+

|?ID???????????????????|?Name????????????|?Status?|?Networks?|?Image?Name?|

+----------------------+-----------------+--------+----------+------------+

|?9ddc6c6b-4847-47ae-??|?public-instance?|?BUILD??|??????????|?cirros?????|

|?91de-8cd7a607c212????|?????????????????|????????|??????????|????????????|

+----------------------+-----------------+--------+----------+------------+

當(dāng)構(gòu)建過(guò)程完全成功后，狀態(tài)會(huì)從?BUILD``變?yōu)?/span>``ACTIVE

使用虛擬控制臺(tái)訪問(wèn)實(shí)例

獲取你實(shí)例的?Virtual?Network?Computing?(VNC)?會(huì)話URL并從web瀏覽器訪問(wèn)它：

?

轉(zhuǎn)載于:https://blog.51cto.com/12237658/1914394

總結(jié)

以上是生活随笔為你收集整理的openstack下的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問(wèn)題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。