Controller节点配置

创建数据库和授权用户

创建数据库

[root@controller ~]#  mysql -uroot -p000000
MariaDB [(none)]> CREATE DATABASE nova_api;
MariaDB [(none)]> CREATE DATABASE nova;
MariaDB [(none)]> CREATE DATABASE nova_cell0;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY '000000';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY '000000';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '000000';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '000000';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY '000000';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY '000000';
MariaDB [(none)]> flush privileges;
MariaDB [(none)]> exit

创建用户服务和API的endpoint

创建用户服务

[root@controller ~]# openstack user create --domain default --password 000000 nova
#创建nova用户
[root@controller ~]# openstack role add --project service --user nova admin
#给与nova用户对service项目拥有admin权限
[root@controller ~]# openstack service create --name nova --description "OpenStack Compute" compute
#创建一个nova服务，服务类型为compute

创建API的endpoint

三种API端点代表三种服务：admin、internal、public

[root@controller ~]# openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1
[root@controller ~]# openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1 
[root@controller ~]# openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1

安装 openstack-Nova 软件包

[root@controller ~]# yum -y install openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler

编辑配置文件

编辑nova.conf

[root@controller ~]# cp -a /etc/nova/nova.conf{,.bak}
#在保留源文件属性的前提下进行批量复制
[root@controller ~]# grep -Ev '^$|#' /etc/nova/nova.conf.bak > /etc/nova/nova.conf
#对nova.conf.bak反向过滤掉空格和注释项，覆盖到nova.conf
[root@controller ~]# vi /etc/nova/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata          #指定支持的api类型
my_ip = 192.168.1.100                          #定义本地IP
use_neutron = true                             #通过neutron获取IP地址
firewall_driver = nova.virt.firewall.NoopFirewallDriver
transport_url = rabbit://openstack:000000@controller           #指定连接的rabbitmq

[api]
auth_strategy = keystone                                       #指定使用keystone认证

[api_database]
connection = mysql+pymysql://nova:000000@controller/nova_api

[barbican]
[cache]
[cinder]
[compute]
[conductor]
[console]
[consoleauth]
[cors]
[database]
connection = mysql+pymysql://nova:000000@controller/nova

[devices]
[ephemeral_storage_encryption]
[filter_scheduler]
[glance]
api_servers = http://controller:9292

[guestfs]
[healthcheck]
[hyperv]
[ironic]
[key_manager]
[keystone]
[keystone_authtoken]                                  #配置keystone的认证信息
auth_url = http://controller:5000/v3                  #到此url去认证
memcached_servers = controller:11211                  #memcache数据库地址:端口
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = 000000

[libvirt]
virt_type = qemu

[metrics]
[mks]
[neutron]
[notifications]
[osapi_v21]
[oslo_concurrency]                            #指定锁路径
lock_path = /var/lib/nova/tmp           #锁的作用是创建虚拟机时，在执行某个操作的时候，需要等此步骤执行完后才能执行下一个步骤，不能并行执行，保证操作是一步一步的执行

[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[pci]
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = 000000

[powervm]
[privsep]
[profiler]
[quota]
[rdp]
[remote_debug]
[scheduler]
discover_hosts_in_cells_interval = 300   #默认每次添加个计算节点，在控制端就需要执行一次扫描，这样会很麻烦，所以可以修改控制端nova的主配置文件
[serial_console]
[service_user]
[spice]
[upgrade_levels]
[vault]
[vendordata_dynamic_auth]
[vmware]
[vnc]                                     #此处如果配置不正确，则连接不上虚拟机的控制台
enabled = true
server_listen = $my_ip                    #指定vnc的监听地址
server_proxyclient_address = $my_ip       #server的客户端地址为本机地址；此地址是管理网的地址

[workarounds]
[wsgi]
[xenserver]
[xvp]
[zvm]
[placement_database]
connection = mysql+pymysql://placement:000000@controller/placement

初始化nova_api数据库

[root@controller ~]# su -s /bin/sh -c "nova-manage api_db sync" nova
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
#注册cell0数据库；nova服务内部把资源划分到不同的cell中，把计算节点划分到不同的cell中；openstack内部基于cell把计算节点进行逻辑上的分组
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova 
#创建cell1单元格
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova
#验证cell0和cell1是否注册成功

启动服务

启动服务

[root@controller ~]# systemctl enable openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
[root@controller ~]# systemctl start openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service

检查服务端口

[root@controller ~]# netstat -tnlup|egrep '8774|8775'

检查是否能获取8774端口内容

[root@controller ~]# curl http://controller:8774

Compute节点配置

安装nova-compute 软件包

[root@compute ~]# yum -y install openstack-nova-compute

编辑配置文件

编辑nova.conf

[root@compute ~]# cp -a /etc/nova/nova.conf{,.bak}
[root@compute ~]# grep -Ev '^$|#' /etc/nova/nova.conf.bak > /etc/nova/nova.conf
[root@compute ~]# vi /etc/nova/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:000000@controller
my_ip = 192.168.1.200
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver

[api]
auth_strategy = keystone

[api_database]
[barbican]
[cache]
[cinder]
[compute]
[conductor]
[console]
[consoleauth]
[cors]
[database]
[devices]
[ephemeral_storage_encryption]
[filter_scheduler]
[glance]
api_servers = http://controller:9292

[guestfs]
[healthcheck]
[hyperv]
[ironic]
[key_manager]
[keystone]
[keystone_authtoken]
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = 000000

[libvirt]
virt_type = qemu

[metrics]
[mks]
[neutron]
[notifications]
[osapi_v21]
[oslo_concurrency]
lock_path = /var/lib/nova/tmp

[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[pci]
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = 000000

[powervm]
[privsep]
[profiler]
[quota]
[rdp]
[remote_debug]
[scheduler]
[serial_console]
[service_user]
[spice]
[upgrade_levels]
[vault]
[vendordata_dynamic_auth]
[vmware]
[vnc]
enabled = true
server_listen = 0.0.0.0
server_proxyclient_address =  $my_ip
novncproxy_base_url = http://192.168.1.100:6080/vnc_auto.html     #注意此为controller控制节点的IP地址

[workarounds]
[wsgi]
[xenserver]
[xvp]
[zvm]

开启服务

[root@compute ~]# systemctl enable libvirtd.service openstack-nova-compute.service
[root@compute ~]# systemctl start libvirtd.service openstack-nova-compute.service

整体服务验证

controller节点操作

[root@controller ~]# openstack compute service list --service nova-compute
#查看compute节点是否注册到controller上，通过消息队列；需要在controller节点执行

[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
#扫描当前openstack中有哪些计算节点可用，发现后会把计算节点创建到cell中，后面就可以在cell中创建虚拟机；相当于openstack内部对计算节点进行分组，把计算节点分配到不同的cell中
PS:因为此前已在nova.conf配置文件中的[scheduer]做过优化，所以此步可以省略

检查 nova 的各个服务是否都是正常，以及 compute 服务是否注册成功

[root@controller ~]# openstack compute service list

查看各个组件的 api 是否正常

[root@controller ~]# openstack catalog list

查看是否能够获取镜像

[root@controller ~]# openstack image list

查看cell的api和placement的api是否正常

只要其中一个有误，后期无法创建虚拟机

[root@controller ~]# nova-status upgrade check