CentOS8源码安装OpenStack(U版开源)详细步骤--学习记录分享
CentOS 8搭建 OpenStack(开源U版) 的方法和步骤
·
CentOS 8搭建 OpenStack(开源U版) 的方法和步骤
OpenStack是一个开源的云计算管理平台项目,是一系列软件开源项目的组合。由NASA(美国国家航空航天局)和Rackspace合作研发并发起,以Apache许可证(Apache软件基金会发布的一个自由软件许可证)授权。 OpenStack为私有云和公有云提供可扩展的弹性的云计算服务。项目目标是提供实施简单、可大规模扩展、丰富、标准统一的云计算管理平台--来自百度百科.(<https://baike.baidu.com/item/OpenStack/342467>)。
一、前期准备
1、准备3台虚拟机(1个控制节点、2个计算节点)
- 首先安装VMware WorkStations(最新版),
- 新增虚拟机,
- 镜像使用CentOS-Stream-8-x86_64-latest-dvd1.iso(下载地址<https://mirrors.tuna.tsinghua.edu.cn/centos/8-stream/isos/x86_64/CentOS-Stream-8-x86_64-latest-dvd1.iso>)
- 安装完成后克隆两台虚拟机(计算节点)。
2、虚拟机的性能要求:
- 内存大于等于8G
- 硬盘200G
- CPU至少2核,开启vt-x
- 网卡2块,一张网卡用来连接互联网,另外一张网卡用来内部互联。
3、虚拟机操作系统分区结构要求。
- /50G(根分区)
- /boot 500MB(boot-开机引导及内核程序)
- /home
- swap 4G(内存交换分区)
注意事项:
![[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-bYm9UW10-1686036947392)(media/71e3393045be0907634e35ac859597f3.png)]](https://img-blog.csdnimg.cn/3d1a691872204155811305f56350930b.png)
Kdump(kernel dump,内核备份),内存小于2G,则Kdump就不会生效。所以想生效,内存必须大于2G,当安装界面的Kdump不管勾不勾选,都会占用160M内存。
如果勾选了,系统每次启动时,内核会被读到160M内存中,如果系统崩溃,就可以还原内核。如果不勾选,当内核崩溃时,就无法恢复。
二、系统初始化配置
2.1 主机名配置
[root@localhost \~]\# hostnamectl set-hostname controller
[root@localhost \~]\# hostnamectl set-hostname computer1
[root@localhost \~]\# hostnamectl set-hostname computer2
2.2 网络配置
控制节点:
[root@controller \~]\# vim /etc/sysconfig/network-scripts/ifcfg-ens160 注意:此处的“ens160”的编号160要根据自己的网卡编号修改 手动修改以下内容(全部dd删除后,复制以下内容进行粘贴)
TYPE=Ethernet
NAME=ens160
DEVICE=ens160
ONBOOT=yes
IPADDR=192.168.100.142
NETMASK=255.255.255.0
GATEWAY=192.168.100.2
DNS1=114.114.114.114
计算节点1:
[root@computer1 \~]\# vim /etc/sysconfig/network-scripts/ifcfg-ens160 注意:此处的“ens160”的编号160要根据自己的网卡编号修改 手动修改以下内容(全部dd删除后,复制以下内容进行粘贴)
TYPE=Ethernet
NAME=ens160
DEVICE=ens160
ONBOOT=yes
IPADDR=192.168.100.143
NETMASK=255.255.255.0
GATEWAY=192.168.100.2
DNS1=114.114.114.114
计算节点2:
[root@computer \~]\# vim /etc/sysconfig/network-scripts/ifcfg-ens160 注意:此处的“ens160”的编号160要根据自己的网卡编号修改 手动修改以下内容(全部dd删除后,复制以下内容进行粘贴)
TYPE=Ethernet
NAME=ens160
DEVICE=ens160
ONBOOT=yes
IPADDR=192.168.100.144
NETMASK=255.255.255.0
GATEWAY=192.168.100.2
DNS1=114.114.114.114
[root@controller ~]# nmcli connection reload #重新加载配置文件
[root@controller ~]# nmcli connection up ens160 #重启网卡
同理在计算节点也使用相同命令,确保配置生效。
2.3 添加hosts文件主机记录
[root@controller \~]\# vim /etc/hosts 手动添加以下内容
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.100.142 controller
192.168.100.143 computer1
192.168.100.144 computer2
将以上控制节点的配置拷贝到两个计算节点对应的文件夹里。
[root@controller \~]\# scp /etc/hosts root@computer1:/etc
The authenticity of host 'computer1 (192.168.100.143)' can't be established.
ECDSA key fingerprint is SHA256:iRpcQnjcRiW1KLcgFGFqmiP3Yx4Xfa0cGu02seIhf8E.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'computer1,192.168.100.143' (ECDSA) to the list of known hosts.
root@computer1's password:**请输入root密码即可**
hosts 100% 240 49.0KB/s 00:00
[root@controller \~]\#
[root@controller \~]\# scp /etc/hosts root@computer2:/etc
The authenticity of host 'computer2 (192.168.100.144)' can't be established.
ECDSA key fingerprint is SHA256:iRpcQnjcRiW1KLcgFGFqmiP3Yx4Xfa0cGu02seIhf8E.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'computer2,192.168.100.144' (ECDSA) to the list of known hosts.
root@computer2's password: **请输入root密码即可**
hosts 100% 240 53.7KB/s 00:00
[root@controller \~]\#
2.4 关闭所有节点防火墙和SeLinux
永久关闭防火墙,防止开机自启。
[root@controller \~]\# systemctl disable firewalld.service --now
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@computer1 \~]\# systemctl disable firewalld.service --now
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@computer2 \~]\# systemctl disable firewalld.service --now
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
永久关闭SeLinux,防止开机自启。
[root@controller \~]\# vim /etc/selinux/config
\# This file controls the state of SELinux on the system.
\# SELINUX= can take one of these three values:
\# enforcing - SELinux security policy is enforced.
\# permissive - SELinux prints warnings instead of enforcing.
\# disabled - No SELinux policy is loaded.
SELINUX=enforcing**(将enforcing改为disabled)**
\# SELINUXTYPE= can take one of these three values:
\# targeted - Targeted processes are protected,
\# minimum - Modification of targeted policy. Only selected processes are protected.
\# mls - Multi Level Security protection.
SELINUXTYPE=targeted
[root@controller \~]\# setenforce 0(这个只是临时关闭SeLinux)
另外两个计算节点也是相同配置。
++++++++++++++++++关闭3台主机并拍摄快照+++++++++++++++++++++
2.5 免秘钥登录
在controller节点上生成ssh key,将公钥复制给其他节点,实现免密登陆。
[root@controller \~]\# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):**回车**
Enter same passphrase again: **回车**
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is: **回车**
SHA256:vtu1MkVUKUyvQsy2mCiSD04fDLhHN6t0x9xOoYwf3ho root@controller
The key's randomart image is:
\+---[RSA 3072]----+
\| o.... \|
\| . o +.. \|
\|. o . =. .. \|
\| o = B + \* ... \|
\|. B O S o.. \|
\| = B \* \* .. \|
\| o E + .. \|
\| o oo. . \|
\| . o..o. \|
\+----[SHA256]-----+
[root@controller \~]\#
[root@controller \~]\# ssh-copy-id -i /root/.ssh/id_rsa.pub controller
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host 'controller (192.168.100.142)' can't be established.
ECDSA key fingerprint is SHA256:iRpcQnjcRiW1KLcgFGFqmiP3Yx4Xfa0cGu02seIhf8E.
Are you sure you want to continue connecting (yes/no/[fingerprint])? **yes**
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@controller's password:**输入root密码**
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'controller'"
and check to make sure that only the key(s) you wanted were added.
[root@controller \~]\#
[root@controller \~]\# ssh-copy-id -i /root/.ssh/id_rsa.pub computer1
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@computer1's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'computer1'"
and check to make sure that only the key(s) you wanted were added.
[root@controller \~]\# ssh-copy-id -i /root/.ssh/id_rsa.pub computer2
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@computer2's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh 'computer2'"
and check to make sure that only the key(s) you wanted were added.
[root@controller \~]\#
测试SSH免密连接,测试结果正常。
[root@controller \~]\# ssh computer1
Activate the web console with: systemctl enable --now cockpit.socket
Last login: Mon May 15 16:59:30 2023 from 192.168.100.142
[root@computer1 \~]\# exit
logout
Connection to computer1 closed.
[root@controller \~]\# ssh computer2
Activate the web console with: systemctl enable --now cockpit.socket
Last login: Mon May 15 16:51:33 2023 from 192.168.100.3
[root@computer2 \~]\#
2.6. 配置NTP时间服务器
选择在控制节点上部署NTP时间服务器。
[root@controller \~]\# yum -y install chrony
Last metadata expiration check: 1:28:33 ago on Mon 15 May 2023 03:35:52 PM CST.
Package chrony-4.2-1.el8.x86_64 is already installed.
Dependencies resolved.
Nothing to do.(系统已安装chrony)
Complete!
[root@controller \~]\#
配置开机自启。
[root@controller \~]\# systemctl enable chronyd --now
[root@controller \~]\#
修改配置文件,让控制节点成为NTP服务器。
[root@controller \~]\# cat /etc/chrony.conf
\# Use public servers from the pool.ntp.org project.
\# Please consider joining the pool (http://www.pool.ntp.org/join.html).
\# pool 2.centos.pool.ntp.org iburst(注释掉默认的NTP服务器)
\# Record the rate at which the system clock gains/losses time.
driftfile /var/lib/chrony/drift
\# Allow the system clock to be stepped in the first three updates
\# if its offset is larger than 1 second.
makestep 1.0 3
\# Enable kernel synchronization of the real-time clock (RTC).
rtcsync
\# Enable hardware timestamping on all interfaces that support it.
\#hwtimestamp \*
\# Increase the minimum number of selectable sources required to adjust
\# the system clock.
\#minsources 2
\# Allow NTP client access from local network.
allow 192.168.0.0/16(取消注释,网络地址以及端口号需要包含计算节点)
\# Serve time even if not synchronized to a time source.
local stratum 10(取消注释)
\# Specify file containing keys for NTP authentication.
keyfile /etc/chrony.keys
\# Get TAI-UTC offset and leap seconds from the system tz database.
leapsectz right/UTC
\# Specify directory for log files.
logdir /var/log/chrony
\# Select which information is logged.
\#log measurements statistics tracking
修改两个计算节点的chrony配置文件,配置相同。
[root@computer1 \~]\# vim /etc/chrony.conf
\# Use public servers from the pool.ntp.org project.
\# Please consider joining the pool (http://www.pool.ntp.org/join.html).
\#pool 2.centos.pool.ntp.org iburst(注释掉)
pool controller iburst(新增一条)
[root@compute1 \~]\# systemctl restart chronyd.service
[root@computer2 \~]\# vim /etc/chrony.conf
\# Use public servers from the pool.ntp.org project.
\# Please consider joining the pool (http://www.pool.ntp.org/join.html).
\#pool 2.centos.pool.ntp.org iburst(注释掉)
pool controller iburst(新增一条)
[root@compute2 \~]\# systemctl restart chronyd.service
测试服务器是否正常
[root@computer1 \~]\# chronyc sources
MS Name/IP address Stratum Poll Reach LastRx Last sample
============================================================================
\^\* controller 10 6 7 1 -60us[ -3917h] +/- 819us
[root@computer1 \~]\#
root@computer2 \~]\# chronyc sources
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
\^\* controller 10 6 7 1 +1485ns[ -3917h] +/- 1063us
控制节点配置时间为2222-12-12 12:22
[root@controller \~]\# date -s "2022-12-12 12:22"
Thu Dec 12 12:22:00 CST 2022
[root@controller \~]\#
查看计算节点时间
[root@computer1 \~]\# date
Mon Dec 12 12:22:40 CST 2022
[root@computer1 \~]\#
[root@computer2 \~]\# date
Mon Dec 12 12:22:58 CST 2022
[root@computer2 \~]\#
2.7 在所有节点上都开启openstack安装源
yum -y install centos-release-openstack-ussuri
yum config-manager --set-enabled powertools
yum -y upgrade
reboot
yum -y install python3-openstackclient
yum -y install openstack-selinux
2.8 在controller控制节点上安装和配置数据库
[root@controller \~]\# yum -y install mariadb mariadb-server python2-PyMySQL
[root@controller \~]\# vim /etc/my.cnf.d/openstack.cnf
在[mysqld]下手动修改以下文件内容
[mysqld]
bind-address = controller
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
2.9. 在controller控制节点上启动数据库
[root@controller \~]\# systemctl enable mariadb.service --now
[root@controller \~]\# mysql_secure_installation(安全加固)
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
Enter current password for root (enter for none):
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.
Set root password? [Y/n] y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n]
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n]
... Success!
By default, MariaDB comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n]
\- Dropping test database...
... Success!
\- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n]
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MariaDB
installation should now be secure.
Thanks for using MariaDB!
[root@controller \~]\# systemctl restart mariadb.service
2.10 在controller控制节点上安装消息队列
[root@controller \~]\# yum -y install rabbitmq-server
[root@controller\~]\#systemctl enable rabbitmq-server.service --now [root@controller \~]\# rabbitmqctl add_user openstack redhat
[root@controller \~]\# rabbitmqctl set_permissions openstack ".\*" ".\*" ".\*" [root@controller \~]\# rabbitmqctl list_permissions
2.11 在controller控制节点上安装Memcached(缓存token)
[root@controller \~]\# yum -y install memcached python3-memcached
添加memcached监听
[root@controller \~]\# vim /etc/sysconfig/memcached
手动修改以下内容
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="64"
OPTIONS="-l 127.0.0.1,::1,controller"
[root@controller \~]\# systemctl enable memcached.service --now
2.12 在controller控制节点上安装etcd键值对数据库
[root@controller \~]\# yum -y install etcd
[root@controller \~]\# vim /etc/etcd/etcd.conf
分别在[Member]、[Clustering]下手动修改以下内容
\#[Member]
ETCD_DATA_DIR="/var/lib/etcd/default.etcd" ETCD_LISTEN_PEER_URLS="http://192.168.100.142:2380" ETCD_LISTEN_CLIENT_URLS="http://192.168.100.142:2379"
ETCD_NAME="controller"
\#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.100.142:2380" ETCD_ADVERTISE_CLIENT_URLS="http://192.168.100.142:2379" ETCD_INITIAL_CLUSTER="controller=http://192.168.100.142:2380" ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"
ETCD_INITIAL_CLUSTER_STATE="new"
[root@controller \~]\# systemctl enable etcd --now
++++++++++++++++++关闭3台主机并拍摄快照+++++++++++++++++++++
三、安装和配置keystone
3.1 配置MySQL
在controller控制节点上输入以下命令
[root@controller \~]\# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \\g.
Your MariaDB connection id is 8
Server version: 10.3.28-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\\h' for help. Type '\\c' to clear the current input statement.
MariaDB [(none)]\> CREATE DATABASE keystone;
Query OK, 1 row affected (0.000 sec)
MariaDB [(none)]\> show databases;
\+--------------------+
\| Database \|
\+--------------------+
\| information_schema \|
\| keystone \|
\| mysql \|
\| performance_schema \|
\+--------------------+
4 rows in set (0.001 sec)
MariaDB [(none)]\> GRANT ALL PRIVILEGES ON keystone.\* TO 'keystone'@'localhost'
IDENTIFIED BY 'redhat';
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '-\> IDENTIFIED BY 'redhat'' at line 2
MariaDB [(none)]\> GRANT ALL PRIVILEGES ON keystone.\* TO 'keystone'@'localhost' IDENTIFIED BY 'redhat';
Query OK, 0 rows affected (0.001 sec)
ariaDB [(none)]\> GRANT ALL PRIVILEGES ON keystone.\* TO 'keystone'@'%' IDENTIFIED BY 'redhat';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]\> show grants;
\+----------------------------------------------------------------------------------------------------------------------------------------+
\| Grants for root@localhost \|
\+----------------------------------------------------------------------------------------------------------------------------------------+
\| GRANT ALL PRIVILEGES ON \*.\* TO \`root\`@\`localhost\` IDENTIFIED BY PASSWORD '\*DC496292265C71D4E281AB18C7FA4376673B91C9' WITH GRANT OPTION \|
\| GRANT PROXY ON ''@'%' TO 'root'@'localhost' WITH GRANT OPTION \|
\+----------------------------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.000 sec)
MariaDB [(none)]\> exit
Bye
[root@controller \~]\# yum -y install openstack-keystone httpd python3-mod_wsgi [root@controller \~]\# vim /etc/keystone/keystone.conf
分别在[database]、[token]下添加如下内容
[database]
\#connection = \<None\>下面添加
connection = mysql+pymysql://keystone:redhat@controller/keystone
[token]
\#expiration = 3600下面添加
provider = fernet
[root@controller \~]\# su -s /bin/sh -c "keystone-manage db_sync" keystone [root@controller \~]\# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
[root@controller \~]\# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
[root@controller \~]\# keystone-manage bootstrap --bootstrap-password redhat --bootstrap-admin-url http://controller:5000/v3/ --bootstrap-internal-url http://controller:5000/v3/ --bootstrap-public-url http://controller:5000/v3/ --bootstrap-region-id RegionOne
[root@controller \~]\#备注:以上为一条完整的命令
数据库用户:keystone ###keystone组件连接keystone数据库用
操作系统用户:keystone ###管理keystone服务
openstack用户:keystone ###在openstack中管理组件
3.2 配置httpd
[root@controller \~]\# vim /etc/httpd/conf/httpd.conf
手动修改以下文件内容 ServerName controller:80
[root@controller\~]\# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd
/conf.d/
[root@controller \~]\# systemctl enable httpd.service --now
新建脚本
[root@controller \~]\# vim admin-openrc.sh
export OS_USERNAME=admin
export OS_PASSWORD=redhat
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://controller:5000/v3 \#\#\#keystone的endpoints地址 export OS_IDENTITY_API_VERSION=3
让admin-openrc.sh下的变量内容生效 \# source admin-openrc.sh 或 . admin-openrc.sh
备注:到此为止,keystone安装完成!!!
3.3 创建域、项目、用户和角色
[root@controller \~]\# source admin-openrc.sh
[root@controller \~]\# openstack domain create --description "An Example Domain" example
\+-------------+----------------------------------+
\| Field \| Value \|
\+-------------+----------------------------------+
\| description \| An Example Domain \|
\| enabled \| True \|
\| id \| b5b68da45fc84d788a19dc41ada00ba9 \|
\| name \| example \|
\| options \| {} \|
\| tags \| [] \|
\+-------------+----------------------------------+
[root@controller \~]\# openstack project create --domain default --description "Service Project" service
\+-------------+----------------------------------+
\| Field \| Value \|
\+-------------+----------------------------------+
\| description \| Service Project \|
\| domain_id \| default \|
\| enabled \| True \|
\| id \| 7aab63106ce64b748e00a27b20fb60da \|
\| is_domain \| False \|
\| name \| service \|
\| options \| {} \|
\| parent_id \| default \|
\| tags \| [] \|
\+-------------+----------------------------------+
[root@controller \~]\# openstack project create --domain default --description "Demo Project" myproject
\+-------------+----------------------------------+
\| Field \| Value \|
\+-------------+----------------------------------+
\| description \| Demo Project \|
\| domain_id \| default \|
\| enabled \| True \|
\| id \| ddc77f498e024f4999514a2412593323 \|
\| is_domain \| False \|
\| name \| myproject \|
\| options \| {} \|
\| parent_id \| default \|
\| tags \| [] \|
\+-------------+----------------------------------+
[root@controller \~]\# openstack user create --domain default --password-prompt myuser
User Password:输入密码
Repeat User Password: 输入密码
\+---------------------+----------------------------------+
\| Field \| Value \|
\+---------------------+----------------------------------+
\| domain_id \| default \|
\| enabled \| True \|
\| id \| 3b5c2f84e4a24016a634e2e0df2e66cd \|
\| name \| myuser \|
\| options \| {} \|
\| password_expires_at \| None \|
\+---------------------+----------------------------------+
[root@controller \~]\#
[root@controller \~]\# openstack role create myrole \#\#\#创建角色:myrole
[root@controller \~]\# openstack role create myrole
\+-------------+----------------------------------+
\| Field \| Value \|
\+-------------+----------------------------------+
\| description \| None \|
\| domain_id \| None \|
\| id \| 88d6cccc3912413f934a82cf6e5c9f93 \|
\| name \| myrole \|
\| options \| {} \|
\+-------------+----------------------------------+
[root@controller \~]\# openstack role add --project myproject --user myuser myrole \#\#\#将角色添加到项目和用户
四、安装和配置glance
4.1 创建数据库和授权
在controller控制节点上输入以下命令:
[root@controller \~]\# mysql -u root -p
Enter password: redhat
Welcome to the MariaDB monitor. Commands end with ; or \\g.
Your MariaDB connection id is 8
Server version: 10.3.28-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\\h' for help. Type '\\c' to clear the current input statement.
MariaDB [(none)]\> CREATE DATABASE glance;
Query OK, 1 row affected (0.000 sec)
MariaDB [(none)]\> GRANT ALL PRIVILEGES ON glance.\* TO 'glance'@'localhost' IDENTIFIED BY 'redhat';
Query OK, 0 rows affected (0.001 sec)e
MariaDB [(none)]\> GRANT ALL PRIVILEGES ON glance.\* TO 'glance'@'%' IDENTIFIED BY 'redhat';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]\> exit
Bye
[root@controller \~]\#
[root@controller \~]\# source admin-openrc.sh
[root@controller \~]\# openstack user create --domain default --password-prompt glance
User Password:
Repeat User Password:
\+--------------------+----------------------------------+
\| Field \| Value \|
\+---------------------+----------------------------------+
\| domain_id \| default \|
\| enabled \| True \|
\| i \| af77d516ab0d4829872208e1cb3aad59 \|
\| name \| glance \|
\| options \| {} \|
\| password_expires_at \| None \|
\+---------------------+----------------------------------+
[root@controller \~]\# openstack role add --project service --user glance admin \#把glance加入到project service,角色为admin
[root@controller \~]\# openstack service create --name glance --description "OpenStack Image" image
\+-------------+----------------------------------+
\| Field \| Value \|
\+-------------+----------------------------------+
\| description \| OpenStack Image \|
\| enabled \| True \|
\| id \| 1b4b14d19e944e5995849162e719f538 \|
\| name \| glance \|
\| type \| image \|
\+-------------+----------------------------------+
[root@controller \~]\# openstack endpoint create --region RegionOne image public http://controller:9292
\+--------------+----------------------------------+
\| Field \| Value \|
\+--------------+----------------------------------+
\| enabled \| True \|
\| id \| 7c91d8959d434c6692b69971065de5aa \|
\| interface \| public \|
\| region \| RegionOne \|
\| region_id \| RegionOne \|
\| service_id \| 1b4b14d19e944e5995849162e719f538 \|
\| service_name \| glance \|
\| service_type \| image \|
\| url \| http://controller:9292 \|
\+--------------+----------------------------------+
[root@controller \~]\# openstack endpoint create --region RegionOne image internal http://controller:9292
\+--------------+----------------------------------+
\| Field \| Value \|
\+--------------+----------------------------------+
\| enabled \| True \|
\| id \| 5e45d46688ce49389bc5e66471937699 \|
\| interface \| internal \|
\| region \| RegionOne \|
\| region_id \| RegionOne \|
\| service_id \| 1b4b14d19e944e5995849162e719f538 \|
\| service_name \| glance \|
\| service_type \| image \|
\| url \| http://controller:9292 \|
\+--------------+----------------------------------+
[root@controller \~]\# openstack endpoint create --region RegionOne image admin http://controller:9292
\+--------------+----------------------------------+
\| Field \| Value \|
\+--------------+----------------------------------+
\| enabled \| True \|
\| id \| da8d0360be33495697711f65d79e6a2f \|
\| interface \| admin \|
\| region \| RegionOne \|
\| region_id \| RegionOne \|
\| service_id \| 1b4b14d19e944e5995849162e719f538 \|
\| service_name \| glance \|
\| service_type \| image \|
\| url \| http://controller:9292 \|
\+--------------+----------------------------------+
[root@controller \~]\#
[root@controller \~]\# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \\g.
Your MariaDB connection id is 16
Server version: 10.3.28-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\\h' for help. Type '\\c' to clear the current input statement.
MariaDB [(none)]\> use keystone;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
MariaDB [keystone]\> show tables;
\+------------------------------------+
\| Tables_in_keystone \|
\+------------------------------------+
\| access_rule \|
\| access_token \|
\| application_credential \|
\| application_credential_access_rule \|
\| application_credential_role \|
\| assignment \|
\| config_register \|
\| consumer \|
\| credential \|
\| endpoint \|
\| endpoint_group \|
\| expiring_user_group_membership \|
\| federated_user \|
\| federation_protocol \|
\| group \|
\| id_mapping \|
\| identity_provider \|
\| idp_remote_ids \|
\| implied_role \|
\| limit \|
\| local_user \|
\| mapping \|
\| migrate_version \|
\| nonlocal_user \|
\| password \|
\| policy \|
\| policy_association \|
\| project \|
\| project_endpoint \|
\| project_endpoint_group \|
\| project_option \|
\| project_tag \|
\| region \|
\| registered_limit \|
\| request_token \|
\| revocation_event \|
\| role \|
\| role_option \|
\| sensitive_config \|
\| service \|
\| service_provider \|
\| system_assignment \|
\| token \|
\| trust \|
\| trust_role \|
\| user \|
\| user_group_membership \|
\| user_option \|
\| whitelisted_config \|
\+------------------------------------+
49 rows in set (0.000 sec)
MariaDB [keystone]\> select \* from endpoint;
\+----------------------------------+--------------------+-----------+----------------------------------+----------------------------+-------+---------+-----------+
\| id \| legacy_endpoint_id \| interface \| service_id \| url \| extra \| enabled \| region_id \|
\+----------------------------------+--------------------+-----------+----------------------------------+----------------------------+-------+---------+-----------+
\| 0f6361cc029846b795f24dc382e2cd78 \| NULL \| internal \| 46658980ac6f4e86b7f5324634d97108 \| http://controller:5000/v3/ \| {} \| 1 \| RegionOne \|
\| 2b77d6419f1f40f8b8c8193302f175ad \| NULL \| public \| 46658980ac6f4e86b7f5324634d97108 \| http://controller:5000/v3/ \| {} \| 1 \| RegionOne \|
\| 5e45d46688ce49389bc5e66471937699 \| NULL \| internal \| 1b4b14d19e944e5995849162e719f538 \| http://controller:9292 \| {} \| 1 \| RegionOne \|
\| 7b83e7ac506b408b948cb55a6fe0f8e8 \| NULL \| admin \| 46658980ac6f4e86b7f5324634d97108 \| http://controller:5000/v3/ \| {} \| 1 \| RegionOne \|
\| 7c91d8959d434c6692b69971065de5aa \| NULL \| public \| 1b4b14d19e944e5995849162e719f538 \| http://controller:9292 \| {} \| 1 \| RegionOne \|
\| da8d0360be33495697711f65d79e6a2f \| NULL \| admin \| 1b4b14d19e944e5995849162e719f538 \| http://controller:9292 \| {} \| 1 \| RegionOne \|
\+----------------------------------+--------------------+-----------+----------------------------------+----------------------------+-------+---------+-----------+
6 rows in set (0.000 sec)
MariaDB [keystone]\>exit
[root@controller \~]\# openstack endpoint list
\+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------
\| ID \| Region \| Service Name \| Service Type \| Enabled \| Interface \| URL \|
\+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
\| 0f6361cc029846b795f24dc382e2cd78 \| RegionOne \| keystone \| identity \| True \| internal \| http://controller:5000/v3/ \|
\| 2b77d6419f1f40f8b8c8193302f175ad \| RegionOne \| keystone \| identity \| True \| public \| http://controller:5000/v3/ \|
\| 5e45d46688ce49389bc5e66471937699 \| RegionOne \| glance \| image \| True \| internal \| http://controller:9292 \|
\| 7b83e7ac506b408b948cb55a6fe0f8e8 \| RegionOne \| keystone \| identity \| True \| admin \| http://controller:5000/v3/ \|
\| 7c91d8959d434c6692b69971065de5aa \| RegionOne \| glance \| image \| True \| public \| http://controller:9292 \|
\| da8d0360be33495697711f65d79e6a2f \| RegionOne \| glance \| image \| True \| admin \| http://controller:9292 \|
\+----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------+
[root@controller \~]\#
4.2安装glance组件
在controller节点上输入以下命令:
[root@controller \~]\# yum -y install openstack-glance
[root@controller \~]\# mkdir /backup
[root@controller \~]\# cp /etc/keystone/keystone.conf /backup/ \#\#\#做下备份 [root@controller \~]\# cp /etc/glance/glance-api.conf /backup/ \#\#\#做下备份
[root@controller \~]\# vim /etc/glance/glance-api.conf
分别在[database]、[keystone_authtoken]、[paste_deploy]、[glance_store]下添加如下内容
[database]
connection = mysql+pymysql://glance:redhat@controller/glance
[keystone_authtoken]
www_authenticate_uri = <http://controller:5000>
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = redhat
[paste_deploy]
flavor = keystone
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
[root@controller \~]\# su -s /bin/sh -c "glance-manage db_sync" glance
[root@controller \~]\# systemctl enable openstack-glance-api.service --now
[root@controller \~]\# systemctl start openstack-glance-api.service
4.3 验证操作
[root@controller \~]\# source admin-openrc.sh 或 . admin-openrc.sh
[root@controller \~]\# openstack image list \#\#镜像列表为空
[root@controller \~]\#
下载源镜像:
[root@controller \~]\# wget <http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img>
[root@controller \~]\# glance image-create --name "cirros" --file cirros-0.4.0-x86_64-disk.img --disk-format qcow2 --container-format bare --visibility=public
[root@controller \~]\# glance image-create --name "cirros" --file cirros-0.4.0-x86_64-disk.img --disk-format qcow2 --container-format bare --visibility=public
\+------------------+-----------------------------------------------------------
\| Property \| Value
\+------------------+-----------------------------------------------------------
\| checksum \| 443b7623e27ecf03dc9e01ee93f67afe
\| container_format \| bare
\| created_at \| 2023-05-29T10:32:49Z
\| disk_format \| qcow2
\| id \| 0b5347c6-5454-451b-b2c6-0dd0cd46eb32
\| min_disk \| 0
\| min_ram \| 0
\| name \| cirros
\| os_hash_algo \| sha512
\| os_hash_value \| 6513f21e44aa3da349f248188a44bc304a3653a04122d8fb4535423c8e1d14cd6a153f735bb0982e \|
\| \| 2161b5b5186106570c17a9e58b64dd39390617cd5a350f78
\| os_hidden \| False
\| owner \| 5a19d9c8634d4673bf9c6827ef003f83
\| protected \| False
\| size \| 12716032
\| status \| active
\| tags \| []
\| updated_at \| 2023-05-29T10:32:49Z
\| virtual_size \| Not available
\| visibility \| public
\+------------------+----------------------------------------------------------------------------------+
[root@controller \~]\#
[root@controller \~]\# openstack image list \#\#\#若看到下表,则表示上传成功
[root@controller \~]\# openstack image list
\+--------------------------------------+--------+--------+
\| ID \| Name \| Status \|
\+--------------------------------------+--------+--------+
\| 0b5347c6-5454-451b-b2c6-0dd0cd46eb32 \| cirros \| active \|
\+--------------------------------------+--------+--------+
五、安装和配置placement
5.1创建数据库和赋权
[root@controller \~]\# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \\g.
Your MariaDB connection id is 13
Server version: 10.3.28-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\\h' for help. Type '\\c' to clear the current input statement.
MariaDB [(none)]\> CREATE DATABASE placement;
Query OK, 1 row affected (0.000 sec)
MariaDB [(none)]\> GRANT ALL PRIVILEGES ON placement.\* TO 'placement'@'localhost' IDENTIFIED BY 'redhat';
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]\> GRANT ALL PRIVILEGES ON placement.\* TO 'placement'@'%' IDENTIFIED BY 'redhat';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]\> exit
Bye
[root@controller \~]\# source admin-openrc.sh
[root@controller \~]\# openstack user create --domain default --password-prompt placement
User Password:
Repeat User Password:
\+---------------------+----------------------------------+
\| Field \| Value \|
\+---------------------+----------------------------------+
\| domain_id \| default \|
\| enabled \| True \|
\| id \| 974f4a13578b47d087f7be68b6a8d08d \|
\| name \| placement \|
\| options \| {} \|
\| password_expires_at \| None \|
\+---------------------+----------------------------------+
[root@controller \~]\#
[root@controller \~]\# openstack role add --project service --user placement admin
[root@controller \~]\# openstack service create --name placement --description "Placement API" placement
\+-------------+----------------------------------+
\| Field \| Value \|
\+-------------+----------------------------------+
\| description \| Placement API \|
\| enabled \| True \|
\| id \| 2ee9c089c66b4bc1af74a025765673fa \|
\| name \| placement \|
\| type \| placement \|
\+-------------+----------------------------------+
[root@controller \~]\#
[root@controller \~]\# openstack endpoint create --region RegionOne placement public http://controller:8778
\+--------------+----------------------------------+
\| Field \| Value \|
\+--------------+----------------------------------+
\| enabled \| True \|
\| id \| b16f469f6c2940eb87f36ab1ced5d932 \|
\| interface \| public \|
\| region \| RegionOne \|
\| region_id \| RegionOne \|
\| service_id \| 2ee9c089c66b4bc1af74a025765673fa \|
\| service_name \| placement \|
\| service_type \| placement \|
\| url \| http://controller:8778 \|
\+--------------+----------------------------------+
[root@controller \~]\# openstack endpoint create --region RegionOne placement internal http://controller:8778
\+--------------+----------------------------------+
\| Field \| Value \|
\+--------------+----------------------------------+
\| enabled \| True \|
\| id \| 1d705fbaeb874581a119d567174a0e63 \|
\| interface \| internal \|
\| region \| RegionOne \|
\| region_id \| RegionOne \|
\| service_id \| 2ee9c089c66b4bc1af74a025765673fa \|
\| service_name \| placement \|
\| service_type \| placement \|
\| url \| http://controller:8778 \|
\+--------------+----------------------------------+
[root@controller \~]\# openstack endpoint create --region RegionOne placement admin http://controller:8778
\+--------------+----------------------------------+
\| Field \| Value \|
\+--------------+----------------------------------+
\| enabled \| True \|
\| id \| bb414b7062af4be6b1b6238913c17605 \|
\| interface \| admin \|
\| region \| RegionOne \|
\| region_id \| RegionOne \|
\| service_id \| 2ee9c089c66b4bc1af74a025765673fa \|
\| service_name \| placement \|
\| service_type \| placement \|
\| url \| http://controller:8778 \|
\+--------------+----------------------------------+
[root@controller \~]\#
[root@controller \~]\# yum -y install openstack-placement-api
[root@controller \~]\# cp /etc/placement/placement.conf /backup/ \#\#\#做下备份
[root@controller \~]\# vim /etc/placement/placement.conf
分别在[placement_database]、[api]、[keystone_authtoken]下添加如下内容
[placement_database]
connection = mysql+pymysql://placement:redhat@controller/placement
[api]
auth_strategy = keystone
[keystone_authtoken]
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = placement
password = redhat
[root@controller \~]\# systemctl restart httpd
5.2 同步到placement数据库
[root@controller \~]\# su -s /bin/sh -c "placement-manage db sync" placement
注意:官方文档没有如下项,需要增加该项;如果不配置以下项,则可能会报错,创建云主机时也可能会报错。
[root@controller \~]\# vim /etc/httpd/conf.d/00-placement-api.conf
在以\<VirtualHost \*:8778\>开头,以\</VirtualHost\>结束的中间,增加以下绿色部分的内容,对目录进行授权:
\<VirtualHost \*:8778\>
\<Directory /usr/bin\>
\<IfVersion \>= 2.4\>
Require all granted
\</IfVersion\>
\<IfVersion \< 2.4\>
Order allow,deny
Allow from all
\</IfVersion\>
\</Directory\>
\</VirtualHost\>
5.3验证安装
[root@controller \~]\# source admin-openrc.sh
[root@controller \~]\# placement-status upgrade check
\+----------------------------------+
\| Upgrade Check Results \|
\+----------------------------------+
\| Check: Missing Root Provider IDs \|
\| Result: Success \|
\| Details: None \|
\+----------------------------------+
\| Check: Incomplete Consumers \|
\| Result: Success \|
\| Details: None \|
\+----------------------------------+
[root@controller \~]\# pip3 install osc-placement
WARNING: Running pip install with root privileges is generally not a good idea. Try \`pip3 install --user\` instead.
Collecting osc-placement
Downloading https://files.pythonhosted.org/packages/07/a4/728e22515ebc856072e0b4cfb0929f27bce937811157cc8fd7597d54 e451/osc_placement-3.2.0-py3-none-any.whl (63kB)
100% \|████████████████████████████████\| 71kB 124kB/s
Requirement already satisfied: six\>=1.10.0 in /usr/lib/python3.6/site-packages (from osc-placement)
Requirement already satisfied: pbr\>=2.0.0 in /usr/lib/python3.6/site-packages (from osc-placement)
Requirement already satisfied: oslo.utils\>=3.37.0 in /usr/lib/python3.6/site-packages (from osc-placement)
Requirement already satisfied: osc-lib\>=1.2.0 in /usr/lib/python3.6/site-packages (from osc-placement)
Requirement already satisfied: simplejson\>=3.16.0 in /usr/lib64/python3.6/site-packages (from osc-placement)
Requirement already satisfied: keystoneauth1\>=3.3.0 in /usr/lib/python3.6/site-packages (from osc-placement)
Installing collected packages: osc-placement
Successfully installed osc-placement-3.2.0
[root@controller \~]\# openstack --os-placement-api-version 1.2 resource class list --sort-column name
\+----------------------------+
\| name \|
\+----------------------------+
\| DISK_GB \|
\| FPGA \|
\| IPV4_ADDRESS \|
\| MEMORY_MB \|
\| MEM_ENCRYPTION_CONTEXT \|
\| NET_BW_EGR_KILOBIT_PER_SEC \|
\| NET_BW_IGR_KILOBIT_PER_SEC \|
\| NUMA_CORE \|
\| NUMA_MEMORY_MB \|
\| NUMA_SOCKET \|
\| NUMA_THREAD \|
\| PCI_DEVICE \|
\| PCPU \|
\| PGPU \|
\| SRIOV_NET_VF \|
\| VCPU \|
\| VGPU \|
\| VGPU_DISPLAY_HEAD \|
\+----------------------------+
[root@controller \~]\# openstack --os-placement-api-version 1.6 trait list --sort-column name
\+---------------------------------------+
\| name \|
\+---------------------------------------+
\| COMPUTE_ACCELERATORS \|
\| COMPUTE_DEVICE_TAGGING \|
\| COMPUTE_GRAPHICS_MODEL_CIRRUS \|
\| COMPUTE_GRAPHICS_MODEL_GOP \|
\| COMPUTE_GRAPHICS_MODEL_NONE \|
\| COMPUTE_GRAPHICS_MODEL_QXL \|
\| COMPUTE_GRAPHICS_MODEL_VGA \|
\| COMPUTE_GRAPHICS_MODEL_VIRTIO \|
\| COMPUTE_GRAPHICS_MODEL_VMVGA \|
\| COMPUTE_GRAPHICS_MODEL_XEN \|
\| COMPUTE_IMAGE_TYPE_AKI \|
\| COMPUTE_IMAGE_TYPE_AMI \|
\| COMPUTE_IMAGE_TYPE_ARI \|
\| COMPUTE_IMAGE_TYPE_ISO \|
\| COMPUTE_IMAGE_TYPE_PLOOP \|
\| COMPUTE_IMAGE_TYPE_QCOW2 \|
\| COMPUTE_IMAGE_TYPE_RAW \|
\| COMPUTE_IMAGE_TYPE_VDI \|
\| COMPUTE_IMAGE_TYPE_VHD \|
\| COMPUTE_IMAGE_TYPE_VHDX \|
\| COMPUTE_IMAGE_TYPE_VMDK \|
\| COMPUTE_MIGRATE_AUTO_CONVERGE \|
\| COMPUTE_MIGRATE_POST_COPY \|
\| COMPUTE_NET_ATTACH_INTERFACE \|
\| COMPUTE_NET_ATTACH_INTERFACE_WITH_TAG \|
\| COMPUTE_NET_VIF_MODEL_E1000 \|
\| COMPUTE_NET_VIF_MODEL_E1000E \|
\| COMPUTE_NET_VIF_MODEL_LAN9118 \|
\| COMPUTE_NET_VIF_MODEL_NE2K_PCI \|
\| COMPUTE_NET_VIF_MODEL_NETFRONT \|
\| COMPUTE_NET_VIF_MODEL_PCNET \|
\| COMPUTE_NET_VIF_MODEL_RTL8139 \|
\| COMPUTE_NET_VIF_MODEL_SPAPR_VLAN \|
\| COMPUTE_NET_VIF_MODEL_SRIOV \|
\| COMPUTE_NET_VIF_MODEL_VIRTIO \|
\| COMPUTE_NET_VIF_MODEL_VMXNET \|
\| COMPUTE_NET_VIF_MODEL_VMXNET3 \|
\| COMPUTE_NODE \|
\| COMPUTE_RESCUE_BFV \|
\| COMPUTE_SAME_HOST_COLD_MIGRATE \|
\| COMPUTE_SECURITY_TPM_1_2 \|
\| COMPUTE_SECURITY_TPM_2_0 \|
\| COMPUTE_STATUS_DISABLED \|
\| COMPUTE_STORAGE_BUS_FDC \|
\| COMPUTE_STORAGE_BUS_IDE \|
\| COMPUTE_STORAGE_BUS_LXC \|
\| COMPUTE_STORAGE_BUS_SATA \|
\| COMPUTE_STORAGE_BUS_SCSI \|
\| COMPUTE_STORAGE_BUS_UML \|
\| COMPUTE_STORAGE_BUS_USB \|
\| COMPUTE_STORAGE_BUS_VIRTIO \|
\| COMPUTE_STORAGE_BUS_XEN \|
\| COMPUTE_TRUSTED_CERTS \|
\| COMPUTE_VOLUME_ATTACH \|
\| COMPUTE_VOLUME_ATTACH_WITH_TAG \|
\| COMPUTE_VOLUME_EXTEND \|
\| COMPUTE_VOLUME_MULTI_ATTACH \|
\| HW_CPU_AARCH64_AES \|
\| HW_CPU_AARCH64_ASIMD \|
\| HW_CPU_AARCH64_ASIMDDP \|
\| HW_CPU_AARCH64_ASIMDHP \|
\| HW_CPU_AARCH64_ASIMDRDM \|
\| HW_CPU_AARCH64_ATOMICS \|
\| HW_CPU_AARCH64_CPUID \|
\| HW_CPU_AARCH64_CRC32 \|
\| HW_CPU_AARCH64_DCPOP \|
\| HW_CPU_AARCH64_EVTSTRM \|
\| HW_CPU_AARCH64_FCMA \|
\| HW_CPU_AARCH64_FP \|
\| HW_CPU_AARCH64_FPHP \|
\| HW_CPU_AARCH64_JSCVT \|
\| HW_CPU_AARCH64_LRCPC \|
\| HW_CPU_AARCH64_PMULL \|
\| HW_CPU_AARCH64_SHA1 \|
\| HW_CPU_AARCH64_SHA2 \|
\| HW_CPU_AARCH64_SHA3 \|
\| HW_CPU_AARCH64_SHA512 \|
\| HW_CPU_AARCH64_SM3 \|
\| HW_CPU_AARCH64_SM4 \|
\| HW_CPU_AARCH64_SVE \|
\| HW_CPU_AMD_SEV \|
\| HW_CPU_HYPERTHREADING \|
\| HW_CPU_PPC64LE_POWER8 \|
\| HW_CPU_PPC64LE_POWER9 \|
\| HW_CPU_X86_3DNOW \|
\| HW_CPU_X86_ABM \|
\| HW_CPU_X86_AESNI \|
\| HW_CPU_X86_AMD_IBPB \|
\| HW_CPU_X86_AMD_NO_SSB \|
\| HW_CPU_X86_AMD_SEV \|
\| HW_CPU_X86_AMD_SSBD \|
\| HW_CPU_X86_AMD_SVM \|
\| HW_CPU_X86_AMD_VIRT_SSBD \|
\| HW_CPU_X86_ASF \|
\| HW_CPU_X86_AVX \|
\| HW_CPU_X86_AVX2 \|
\| HW_CPU_X86_AVX512BW \|
\| HW_CPU_X86_AVX512CD \|
\| HW_CPU_X86_AVX512DQ \|
\| HW_CPU_X86_AVX512ER \|
\| HW_CPU_X86_AVX512F \|
\| HW_CPU_X86_AVX512PF \|
\| HW_CPU_X86_AVX512VL \|
\| HW_CPU_X86_AVX512VNNI \|
\| HW_CPU_X86_BMI \|
\| HW_CPU_X86_BMI2 \|
\| HW_CPU_X86_CLMUL \|
\| HW_CPU_X86_F16C \|
\| HW_CPU_X86_FMA3 \|
\| HW_CPU_X86_FMA4 \|
\| HW_CPU_X86_INTEL_MD_CLEAR \|
\| HW_CPU_X86_INTEL_PCID \|
\| HW_CPU_X86_INTEL_SPEC_CTRL \|
\| HW_CPU_X86_INTEL_SSBD \|
\| HW_CPU_X86_INTEL_VMX \|
\| HW_CPU_X86_MMX \|
\| HW_CPU_X86_MPX \|
\| HW_CPU_X86_PDPE1GB \|
\| HW_CPU_X86_SGX \|
\| HW_CPU_X86_SHA \|
\| HW_CPU_X86_SSE \|
\| HW_CPU_X86_SSE2 \|
\| HW_CPU_X86_SSE3 \|
\| HW_CPU_X86_SSE41 \|
\| HW_CPU_X86_SSE42 \|
\| HW_CPU_X86_SSE4A \|
\| HW_CPU_X86_SSSE3 \|
\| HW_CPU_X86_STIBP \|
\| HW_CPU_X86_SVM \|
\| HW_CPU_X86_TBM \|
\| HW_CPU_X86_TSX \|
\| HW_CPU_X86_VMX \|
\| HW_CPU_X86_XOP \|
\| HW_GPU_API_DIRECT2D \|
\| HW_GPU_API_DIRECT3D_V10_0 \|
\| HW_GPU_API_DIRECT3D_V10_1 \|
\| HW_GPU_API_DIRECT3D_V11_0 \|
\| HW_GPU_API_DIRECT3D_V11_1 \|
\| HW_GPU_API_DIRECT3D_V11_2 \|
\| HW_GPU_API_DIRECT3D_V11_3 \|
\| HW_GPU_API_DIRECT3D_V12_0 \|
\| HW_GPU_API_DIRECT3D_V6_0 \|
\| HW_GPU_API_DIRECT3D_V7_0 \|
\| HW_GPU_API_DIRECT3D_V8_0 \|
\| HW_GPU_API_DIRECT3D_V8_1 \|
\| HW_GPU_API_DIRECT3D_V9_0 \|
\| HW_GPU_API_DIRECT3D_V9_0B \|
\| HW_GPU_API_DIRECT3D_V9_0C \|
\| HW_GPU_API_DIRECT3D_V9_0L \|
\| HW_GPU_API_DIRECTX_V10 \|
\| HW_GPU_API_DIRECTX_V11 \|
\| HW_GPU_API_DIRECTX_V12 \|
\| HW_GPU_API_DXVA \|
\| HW_GPU_API_OPENCL_V1_0 \|
\| HW_GPU_API_OPENCL_V1_1 \|
\| HW_GPU_API_OPENCL_V1_2 \|
\| HW_GPU_API_OPENCL_V2_0 \|
\| HW_GPU_API_OPENCL_V2_1 \|
\| HW_GPU_API_OPENCL_V2_2 \|
\| HW_GPU_API_OPENGL_V1_1 \|
\| HW_GPU_API_OPENGL_V1_2 \|
\| HW_GPU_API_OPENGL_V1_3 \|
\| HW_GPU_API_OPENGL_V1_4 \|
\| HW_GPU_API_OPENGL_V1_5 \|
\| HW_GPU_API_OPENGL_V2_0 \|
\| HW_GPU_API_OPENGL_V2_1 \|
\| HW_GPU_API_OPENGL_V3_0 \|
\| HW_GPU_API_OPENGL_V3_1 \|
\| HW_GPU_API_OPENGL_V3_2 \|
\| HW_GPU_API_OPENGL_V3_3 \|
\| HW_GPU_API_OPENGL_V4_0 \|
\| HW_GPU_API_OPENGL_V4_1 \|
\| HW_GPU_API_OPENGL_V4_2 \|
\| HW_GPU_API_OPENGL_V4_3 \|
\| HW_GPU_API_OPENGL_V4_4 \|
\| HW_GPU_API_OPENGL_V4_5 \|
\| HW_GPU_API_VULKAN \|
\| HW_GPU_CUDA_COMPUTE_CAPABILITY_V1_0 \|
\| HW_GPU_CUDA_COMPUTE_CAPABILITY_V1_1 \|
\| HW_GPU_CUDA_COMPUTE_CAPABILITY_V1_2 \|
\| HW_GPU_CUDA_COMPUTE_CAPABILITY_V1_3 \|
\| HW_GPU_CUDA_COMPUTE_CAPABILITY_V2_0 \|
\| HW_GPU_CUDA_COMPUTE_CAPABILITY_V2_1 \|
\| HW_GPU_CUDA_COMPUTE_CAPABILITY_V3_0 \|
\| HW_GPU_CUDA_COMPUTE_CAPABILITY_V3_2 \|
\| HW_GPU_CUDA_COMPUTE_CAPABILITY_V3_5 \|
\| HW_GPU_CUDA_COMPUTE_CAPABILITY_V3_7 \|
\| HW_GPU_CUDA_COMPUTE_CAPABILITY_V5_0 \|
\| HW_GPU_CUDA_COMPUTE_CAPABILITY_V5_2 \|
\| HW_GPU_CUDA_COMPUTE_CAPABILITY_V5_3 \|
\| HW_GPU_CUDA_COMPUTE_CAPABILITY_V6_0 \|
\| HW_GPU_CUDA_COMPUTE_CAPABILITY_V6_1 \|
\| HW_GPU_CUDA_COMPUTE_CAPABILITY_V6_2 \|
\| HW_GPU_CUDA_COMPUTE_CAPABILITY_V7_0 \|
\| HW_GPU_CUDA_COMPUTE_CAPABILITY_V7_1 \|
\| HW_GPU_CUDA_COMPUTE_CAPABILITY_V7_2 \|
\| HW_GPU_CUDA_SDK_V10_0 \|
\| HW_GPU_CUDA_SDK_V6_5 \|
\| HW_GPU_CUDA_SDK_V7_5 \|
\| HW_GPU_CUDA_SDK_V8_0 \|
\| HW_GPU_CUDA_SDK_V9_0 \|
\| HW_GPU_CUDA_SDK_V9_1 \|
\| HW_GPU_CUDA_SDK_V9_2 \|
\| HW_GPU_MAX_DISPLAY_HEADS_1 \|
\| HW_GPU_MAX_DISPLAY_HEADS_2 \|
\| HW_GPU_MAX_DISPLAY_HEADS_4 \|
\| HW_GPU_MAX_DISPLAY_HEADS_6 \|
\| HW_GPU_MAX_DISPLAY_HEADS_8 \|
\| HW_GPU_RESOLUTION_W1024H600 \|
\| HW_GPU_RESOLUTION_W1024H768 \|
\| HW_GPU_RESOLUTION_W1152H864 \|
\| HW_GPU_RESOLUTION_W1280H1024 \|
\| HW_GPU_RESOLUTION_W1280H720 \|
\| HW_GPU_RESOLUTION_W1280H768 \|
\| HW_GPU_RESOLUTION_W1280H800 \|
\| HW_GPU_RESOLUTION_W1360H768 \|
\| HW_GPU_RESOLUTION_W1366H768 \|
\| HW_GPU_RESOLUTION_W1440H900 \|
\| HW_GPU_RESOLUTION_W1600H1200 \|
\| HW_GPU_RESOLUTION_W1600H900 \|
\| HW_GPU_RESOLUTION_W1680H1050 \|
\| HW_GPU_RESOLUTION_W1920H1080 \|
\| HW_GPU_RESOLUTION_W1920H1200 \|
\| HW_GPU_RESOLUTION_W2560H1440 \|
\| HW_GPU_RESOLUTION_W2560H1600 \|
\| HW_GPU_RESOLUTION_W320H240 \|
\| HW_GPU_RESOLUTION_W3840H2160 \|
\| HW_GPU_RESOLUTION_W640H480 \|
\| HW_GPU_RESOLUTION_W7680H4320 \|
\| HW_GPU_RESOLUTION_W800H600 \|
\| HW_NIC_ACCEL_DEFLATE \|
\| HW_NIC_ACCEL_DIFFIEH \|
\| HW_NIC_ACCEL_ECC \|
\| HW_NIC_ACCEL_IPSEC \|
\| HW_NIC_ACCEL_LZS \|
\| HW_NIC_ACCEL_RSA \|
\| HW_NIC_ACCEL_SSL \|
\| HW_NIC_ACCEL_TLS \|
\| HW_NIC_DCB_ETS \|
\| HW_NIC_DCB_PFC \|
\| HW_NIC_DCB_QCN \|
\| HW_NIC_MULTIQUEUE \|
\| HW_NIC_OFFLOAD_FDF \|
\| HW_NIC_OFFLOAD_GENEVE \|
\| HW_NIC_OFFLOAD_GRE \|
\| HW_NIC_OFFLOAD_GRO \|
\| HW_NIC_OFFLOAD_GSO \|
\| HW_NIC_OFFLOAD_L2CRC \|
\| HW_NIC_OFFLOAD_LRO \|
\| HW_NIC_OFFLOAD_LSO \|
\| HW_NIC_OFFLOAD_QINQ \|
\| HW_NIC_OFFLOAD_RDMA \|
\| HW_NIC_OFFLOAD_RX \|
\| HW_NIC_OFFLOAD_RXHASH \|
\| HW_NIC_OFFLOAD_RXVLAN \|
\| HW_NIC_OFFLOAD_SCS \|
\| HW_NIC_OFFLOAD_SG \|
\| HW_NIC_OFFLOAD_SWITCHDEV \|
\| HW_NIC_OFFLOAD_TCS \|
\| HW_NIC_OFFLOAD_TSO \|
\| HW_NIC_OFFLOAD_TX \|
\| HW_NIC_OFFLOAD_TXUDP \|
\| HW_NIC_OFFLOAD_TXVLAN \|
\| HW_NIC_OFFLOAD_UCS \|
\| HW_NIC_OFFLOAD_UFO \|
\| HW_NIC_OFFLOAD_VXLAN \|
\| HW_NIC_PROGRAMMABLE_PIPELINE \|
\| HW_NIC_SRIOV \|
\| HW_NIC_SRIOV_MULTIQUEUE \|
\| HW_NIC_SRIOV_QOS_RX \|
\| HW_NIC_SRIOV_QOS_TX \|
\| HW_NIC_SRIOV_TRUSTED \|
\| HW_NIC_VMDQ \|
\| HW_NUMA_ROOT \|
\| MISC_SHARES_VIA_AGGREGATE \|
\| STORAGE_DISK_HDD \|
\| STORAGE_DISK_SSD \|
\+---------------------------------------+
[root@controller \~]\#
六、安装nova
6.1创建数据库并授权
在controller控制节点上创建数据库并授权.
[root@controller \~]\# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \\g.
Your MariaDB connection id is 14
Server version: 10.3.28-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\\h' for help. Type '\\c' to clear the current input statement.
MariaDB [(none)]\> CREATE DATABASE nova_api;
Query OK, 1 row affected (0.000 sec)
MariaDB [(none)]\> CREATE DATABASE nova;
Query OK, 1 row affected (0.000 sec)
MariaDB [(none)]\> CREATE DATABASE nova_cell0;
Query OK, 1 row affected (0.000 sec)
MariaDB [(none)]\> GRANT ALL PRIVILEGES ON nova_api.\* TO 'nova'@'localhost' \\
\-\> IDENTIFIED BY 'redhat';
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]\> GRANT ALL PRIVILEGES ON nova_api.\* TO 'nova'@'%' \\
\-\> IDENTIFIED BY 'redhat';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]\> GRANT ALL PRIVILEGES ON nova.\* TO 'nova'@'localhost' \\
\-\> IDENTIFIED BY 'redhat';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]\> GRANT ALL PRIVILEGES ON nova.\* TO 'nova'@'%' \\
\-\> IDENTIFIED BY 'redhat';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]\> GRANT ALL PRIVILEGES ON nova_cell0.\* TO 'nova'@'localhost' \\
\-\> IDENTIFIED BY 'redhat';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]\> GRANT ALL PRIVILEGES ON nova_cell0.\* TO 'nova'@'%' \\
\-\> IDENTIFIED BY 'redhat';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]\> exit
Bye
[root@controller \~]\#
[root@controller \~]\# openstack user create --domain default --password-prompt nova
User Password:
Repeat User Password:
\+---------------------+----------------------------------+
\| Field \| Value \|
\+---------------------+----------------------------------+
\| domain_id \| default \|
\| enabled \| True \|
\| id \| c39fa4b65b0d46f0bc1a514bdc0406de \|
\| name \| nova \|
\| options \| {} \|
\| password_expires_at \| None \|
\+---------------------+----------------------------------+
[root@controller \~]\#
[root@controller \~]\# openstack role add --project service --user nova admin
[root@controller \~]\# openstack service create --name nova --description "OpenStack Compute" compute
\+-------------+----------------------------------+
\| Field \| Value \|
\+-------------+----------------------------------+
\| description \| OpenStack Compute \|
\| enabled \| True \|
\| id \| 127141a8693546ce90ca663a87de072b \|
\| name \| nova \|
\| type \| compute \|
\+-------------+----------------------------------+
[root@controller \~]\# openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1
\+--------------+----------------------------------+
\| Field \| Value \|
\+--------------+----------------------------------+
\| enabled \| True \|
\| id \| 5058fa80086d40e79ae8502dce6f0d12 \|
\| interface \| public \|
\| region \| RegionOne \|
\| region_id \| RegionOne \|
\| service_id \| 127141a8693546ce90ca663a87de072b \|
\| service_name \| nova \|
\| service_type \| compute \|
\| url \| http://controller:8774/v2.1 \|
\+--------------+----------------------------------+
[root@controller \~]\#
[root@controller \~]\# openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1
\+--------------+----------------------------------+
\| Field \| Value \|
\+--------------+----------------------------------+
\| enabled \| True \|
\| id \| 858262dc5f7d47a8add42fb7cfa1a64c \|
\| interface \| internal \|
\| region \| RegionOne \|
\| region_id \| RegionOne \|
\| service_id \| 127141a8693546ce90ca663a87de072b \|
\| service_name \| nova \|
\| service_type \| compute \|
\| url \| http://controller:8774/v2.1 \|
\+--------------+----------------------------------+
[root@controller \~]\#
[root@controller \~]\# openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1
\+--------------+----------------------------------+
\| Field \| Value \|
\+--------------+----------------------------------+
\| enabled \| True \|
\| id \| 9993497781f7480f8a686d2356d85a44 \|
\| interface \| admin \|
\| region \| RegionOne \|
\| region_id \| RegionOne \|
\| service_id \| 127141a8693546ce90ca663a87de072b \|
\| service_name \| nova \|
\| service_type \| compute \|
\| url \| http://controller:8774/v2.1 \|
\+--------------+----------------------------------+
[root@controller \~]\#
[root@controller \~]\# yum -y install openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler
[root@controller \~]\# cp /etc/nova/nova.conf /backup/ \#\#\#做下备份
[root@controller \~]\# vim /etc/nova/nova.conf
分别在[DEFAULT]、[api_database]、[database]、[api]、[keystone_authtoken]、[vnc]、[glance]、[oslo_concurrency]、[placement]下添加如下内容
[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:redhat@controller:5672/
my_ip = 192.168.100.142
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api_database]
connection = mysql+pymysql://nova:redhat@controller/nova_api
[database]
connection = mysql+pymysql://nova:redhat@controller/nova
[api]
auth_strategy = keystone
[keystone_authtoken]
www_authenticate_uri = http://controller:5000/
auth_url = http://controller:5000/
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = redhat
[vnc]
enabled = true \#\#\#删除前面的\#(注释)
server_listen = \$my_ip
server_proxyclient_address = \$my_ip
[glance]
api_servers = http://controller:9292
[oslo_concurrency]
lock_path = /var/lib/nova/tmp \#\#\#删除前面的\#(注释)
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = redhat
[root@controller \~]\# su -s /bin/sh -c "nova-manage api_db sync" nova
[root@controller \~]\# su -s /bin/sh -c "nova-manage api_db sync" nova
[root@controller \~]\# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
[root@controller \~]\# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
\--transport-url not provided in the command line, using the value [DEFAULT]/transport_url from the configuration file
\--database_connection not provided in the command line, using the value [database]/connection from the configuration file
dd5a7cdd-cf75-4ec2-9810-3a29101c3444
[root@controller \~]\# su -s /bin/sh -c "nova-manage db sync" nova
su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova[root@controller \~]\# su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova\^C
[root@controller \~]\# su -s /bin/sh -c "nova-manage db sync" nova
[root@controller \~]\# su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova
\+-------+--------------------------------------+------------------------------------------+-------------------------------------------------+----------+
\| Name \| UUID \| Transport URL \| Database Connection \| Disabled \|
\+-------+--------------------------------------+------------------------------------------+-------------------------------------------------+----------+
\| cell0 \| 00000000-0000-0000-0000-000000000000 \| none:/ \| mysql+pymysql://nova:\*\*\*\*@controller/nova_cell0 \| False \|
\| cell1 \| dd5a7cdd-cf75-4ec2-9810-3a29101c3444 \| rabbit://openstack:\*\*\*\*@controller:5672/ \| mysql+pymysql://nova:\*\*\*\*@controller/nova \| False \|
\+-------+--------------------------------------+------------------------------------------+-------------------------------------------------+----------+
[root@controller \~]\# systemctl enable openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
Created symlink /etc/systemd/system/multi-user.target.wants/openstack-nova-api.service → /usr/lib/systemd/system/openstack-nova-api.service.
Created symlink /etc/systemd/system/multi-user.target.wants/openstack-nova-scheduler.service → /usr/lib/systemd/system/openstack-nova-scheduler.service.
Created symlink /etc/systemd/system/multi-user.target.wants/openstack-nova-conductor.service → /usr/lib/systemd/system/openstack-nova-conductor.service.
Created symlink /etc/systemd/system/multi-user.target.wants/openstack-nova-novncproxy.service → /usr/lib/systemd/system/openstack-nova-novncproxy.service.
[root@controller \~]\#
6.2计算节点安装配置nova-computer
[root@computer1 \~]\# yum -y install openstack-nova-compute
[root@computer2 \~]\# yum -y install openstack-nova-compute
[root@computer1 \~]\# vim /etc/nova/nova.conf
分别在[DEFAULT]、[api]、[keystone_authtoken]、[vnc]、[glance]、[oslo_concurrency]、[placement]下添加如下内容
[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:redhat@controller
my_ip = 192.168.100.143
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api]
auth_strategy = keystone
[keystone_authtoken]
www_authenticate_uri = http://controller:5000/
auth_url = http://controller:5000/
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = redhat
[vnc]
enabled = true
server_listen = 0.0.0.0
server_proxyclient_address = \$my_ip
novncproxy_base_url = http://controller:6080/vnc_auto.html
[glance]
api_servers = http://controller:9292
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = redhat[root@computer1 \~]\# systemctl enable libvirtd.service openstack-nova-compute.service --now
Created symlink /etc/systemd/system/multi-user.target.wants/openstack-nova-compute.service → /usr/lib/systemd/system/openstack-nova-compute.service.
[root@computer1 \~]\#
将computer1的nova.conf复制到computer2
[root@computer1 \~]\# scp /etc/nova/nova.conf root@computer2:/etc/nova
root@computer2's password:
nova.conf 100% 187KB 19.2MB/s 00:00
[root@computer1 \~]\#
在computer2计算节点上执行如下命令:
[root@computer2 \~]\# vim /etc/nova/nova.conf
手动修改以下文件内容
[DEFAULT]
my_ip = 192.168.100.144
[root@computer2 \~]\# systemctl enable libvirtd.service openstack-nova-compute.service –now
6.3 验证
在controller控制节点上进行验证:
[root@controller \~]\# source admin-openrc.sh
[root@controller \~]\# openstack compute service list
[root@controller \~]\# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
![[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-9tD4QCWa-1686036947396)(media/3d6f57f9cb9ab7f3a87644eb4c78d66e.png)]](https://img-blog.csdnimg.cn/25ddb0f85d5e4338b11bc6c946b9a5dc.png)
[root@controller \~]\# vim /etc/nova/nova.conf
在[scheduler]下添加如下内容
[scheduler]
discover_hosts_in_cells_interval = 300
[root@controller \~]\# systemctl restart openstack-nova-api.service
[root@controller \~]\# openstack compute service list
![[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-yFrJtOwG-1686036947397)(media/97f370bd3c597b4af6192cc51c18cd92.png)]](https://img-blog.csdnimg.cn/47f64eb220fb4b6a93b8e2f91029945a.png)
七、安装neutron
7.1创建数据库和授权
安装和配置控制器节点,
[root@controller \~]\# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \\g.
Your MariaDB connection id is 31
Server version: 10.3.28-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\\h' for help. Type '\\c' to clear the current input statement.
MariaDB [(none)]\> CREATE DATABASE neutron;
Query OK, 1 row affected (0.000 sec)
MariaDB [(none)]\> GRANT ALL PRIVILEGES ON neutron.\* TO 'neutron'@'localhost' IDENTIFIED BY 'redhat';
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]\> GRANT ALL PRIVILEGES ON neutron.\* TO 'neutron'@'%' IDENTIFIED BY 'redhat';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]\> exit
Bye
[root@controller \~]\#
[root@controller \~]\# source admin-openrc.sh
[root@controller \~]\# openstack user create --domain default --password-prompt neutron
User Password:
Repeat User Password:
\+---------------------+----------------------------------+
\| Field \| Value \|
\+---------------------+----------------------------------+
\| domain_id \| default \|
\| enabled \| True \|
\| id \| b6c24a7b1cc144f39c44d06965c49b67 \|
\| name \| neutron \|
\| options \| {} \|
\| password_expires_at \| None \|
\+---------------------+----------------------------------+
[root@controller \~]\#
[root@controller \~]\# openstack role add --project service --user neutron admin
[root@controller \~]\# openstack service create --name neutron --description "OpenStack Networking" network
\+-------------+----------------------------------+
\| Field \| Value \|
\+-------------+----------------------------------+
\| description \| OpenStack Networking \|
\| enabled \| True \|
\| id \| 0252d0d2748e45e9aa870ee54904e25a \|
\| name \| neutron \|
\| type \| network \|
\+-------------+----------------------------------+
[root@controller \~]\#
[root@controller \~]\# openstack endpoint create --region RegionOne network public http://controller:9696
\+--------------+----------------------------------+
\| Field \| Value \|
\+--------------+----------------------------------+
\| enabled \| True \|
\| id \| 9a970313a159445fa62a32aae4098d4b \|
\| interface \| public \|
\| region \| RegionOne \|
\| region_id \| RegionOne \|
\| service_id \| 0252d0d2748e45e9aa870ee54904e25a \|
\| service_name \| neutron \|
\| service_type \| network \|
\| url \| http://controller:9696 \|
\+--------------+----------------------------------+
[root@controller \~]\#
[root@controller \~]\# openstack endpoint create --region RegionOne network internal http://controller:9696
\+--------------+----------------------------------+
\| Field \| Value \|
\+--------------+----------------------------------+
\| enabled \| True \|
\| id \| efc27cd303674bd6b0620bb9bc8620c1 \|
\| interface \| internal \|
\| region \| RegionOne \|
\| region_id \| RegionOne \|
\| service_id \| 0252d0d2748e45e9aa870ee54904e25a \|
\| service_name \| neutron \|
\| service_type \| network \|
\| url \| http://controller:9696 \|
\+--------------+----------------------------------+
[root@controller \~]\#
[root@controller \~]\# openstack endpoint create --region RegionOne network admin http://controller:9696
\+--------------+----------------------------------+
\| Field \| Value \|
\+--------------+----------------------------------+
\| enabled \| True \|
\| id \| 53600d7dcfd44cc3a1fee9edcb57c2fb \|
\| interface \| admin \|
\| region \| RegionOne \|
\| region_id \| RegionOne \|
\| service_id \| 0252d0d2748e45e9aa870ee54904e25a \|
\| service_name \| neutron \|
\| service_type \| network \|
\| url \| http://controller:9696 \|
\+--------------+----------------------------------+
[root@controller \~]\#
7.2 网络选项 2-自助服务网络
[root@controller \~]\# yum -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables
[root@controller \~]\# cp /etc/neutron/neutron.conf /backup/ \#\#\#做下备份
[root@controller \~]\# vim /etc/neutron/neutron.conf
分别在[database]、[DEFAULT]、[keystone_authtoken]、[nova]、[oslo_concurrency]下添加如下内容
[database]
connection = mysql+pymysql://neutron:redhat@controller/neutron
[DEFAULT]
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = true
transport_url = rabbit://openstack:redhat@controller
auth_strategy = keystone
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = redhat
注意:此文件内容内没有如下项,需要跳到文件最末尾进行添加如下项的内容
[nova]
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = redhat
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
7.3 修改ML2plug-in配置文件
[root@controller \~]\# cp /etc/neutron/plugins/ml2/ml2_conf.ini /backup/ \#\#\#做下备份
[root@controller \~]\# vim /etc/neutron/plugins/ml2/ml2_conf.ini
分别在[ml2]、[ml2_type_flat]、[ml2_type_vxlan]、[securitygroup]下添加如下内容
注意:此文件内容内没有如下项,需要跳到文件最末尾进行添加如下项的内容
[ml2]
type_drivers = flat,vlan,vxlan
tenant_network_types = vxlan
mechanism_drivers = linuxbridge,l2population
extension_drivers = port_security
[ml2_type_flat]
flat_networks = provider
[ml2_type_vxlan]
vni_ranges = 1:1000
[securitygroup]
enable_ipset = true
7.4 修改ML2
[root@controller \~]\# cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /backup/ \#\#\#做下备份
[root@controller \~]\# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
分别在[linux_bridge]、[vxlan]、[securitygroup]下添加如下内容
注意:此文件内容内没有如下项,需要跳到文件最末尾进行添加如下项的内容
[linux_bridge]
physical_interface_mappings = provider:ens160 \#\#\#注意:此处的“ens160”的编号160要根据自己的网卡编号修改
[vxlan]
enable_vxlan = true
local_ip = 192.168.100.142
l2_population = true
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
7.5安装支持桥接的包
在controller控制节点和两个计算节点上安装桥接包。
[root@controller \~]\# yum -y install bridge-utils
[root@controller \~]\# modprobe br_netfilter
[root@controller \~]\# echo br_netfilter \> /etc/modules-load.d/br_netfilter.conf
[root@controller \~]\# sysctl -a \|grep bridge
net.bridge.bridge-nf-call-arptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-filter-pppoe-tagged = 0
net.bridge.bridge-nf-filter-vlan-tagged = 0
net.bridge.bridge-nf-pass-vlan-input-dev = 0
[root@controller \~]\#
[root@computer1 \~]\# yum -y install bridge-utils
[root@computer1 \~]\# modprobe br_netfilter
[root@computer1 \~]\# echo br_netfilter \> /etc/modules-load.d/br_netfilter.conf
[root@computer1 \~]\# sysctl -a \|grep bridge
net.bridge.bridge-nf-call-arptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-filter-pppoe-tagged = 0
net.bridge.bridge-nf-filter-vlan-tagged = 0
net.bridge.bridge-nf-pass-vlan-input-dev = 0
[root@computer2 \~]\#
[root@computer2 \~]\# yum -y install bridge-utils
[root@computer2 \~]\# modprobe br_netfilter
[root@computer2 \~]\# echo br_netfilter \> /etc/modules-load.d/br_netfilter.conf
[root@computer2 \~]\# sysctl -a \|grep bridge
net.bridge.bridge-nf-call-arptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-filter-pppoe-tagged = 0
net.bridge.bridge-nf-filter-vlan-tagged = 0
net.bridge.bridge-nf-pass-vlan-input-dev = 0
[root@computer2 \~]\#
7.6 修改L3 agent的配置文件
[root@controller \~]\# vim /etc/neutron/l3_agent.ini
在[DEFAULT]下添加如下内容
[DEFAULT]
interface_driver = linuxbridge
7.7 配置DHCP agent
[root@controller \~]\# vim /etc/neutron/dhcp_agent.ini
在[DEFAULT]下添加如下内容
[DEFAULT]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true
7.8 配置元数据代理
[root@controller \~]\# vim /etc/neutron/metadata_agent.ini
在[DEFAULT]下添加如下内容
[DEFAULT]
nova_metadata_host = controller
metadata_proxy_shared_secret = redhat
7.9配置nova config
[root@controller \~]\# vim /etc/nova/nova.conf
在[neutron]下添加如下内容
[neutron]
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = redhat
service_metadata_proxy = true
metadata_proxy_shared_secret = redhat
7.10 创建软链接
网络服务初始化脚本需要一个软链接指向/etc/neutron/plugins/ml2/ml2_conf.ini文件。
[root@controller \~]\# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
[root@controller \~]\# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file
/etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
[root@controller \~]\# systemctl restart openstack-nova-api.service
[root@controller \~]\# systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
[root@controller \~]\# systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
[root@controller \~]\# systemctl enable neutron-l3-agent.service --now
[root@controller \~]\# systemctl restart openstack-nova-api.service
7.11 安装和配置计算节点
[root@computer1 \~]\# yum -y install openstack-neutron-linuxbridge ebtables ipset
[root@computer1 \~]\# vim /etc/neutron/neutron.conf(computer2同样操作,或者好自己而复制编辑好的配置文件)
在[DEFAULT]、[keystone_authtoken]、[oslo_concurrency]下添加如下内容
[DEFAULT]
transport_url = rabbit://openstack:redhat@controller
auth_strategy = keystone
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = redhat[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
7.12配置linux bridge_agent
[root@computer1 \~]\# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
在[linux_bridge]、[vxlan]、[securitygroup]下添加如下内容
注意:此文件内容内没有如下项,需要跳到文件最末尾进行添加如下项的内容
[linux_bridge]
physical_interface_mappings = provider:ens160 \#\#\#管理网络的网卡名称
注意:此处的“ens160”的编号160要根据自己的网卡编号修改
[vxlan]
enable_vxlan = true
local_ip = 192.168.100.143 \#\#\#computer1管理IP
l2_population = true
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
[root@computer1 \~]\# vim /etc/nova/nova.conf
在[neutron]下添加如下内容
[neutron]
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = redhat
[root@computer1 \~]\# systemctl restart openstack-nova-compute.service
[root@computer1 \~]\# systemctl enable neutron-linuxbridge-agent.service
[root@computer1 \~]\# systemctl start neutron-linuxbridge-agent.service
将以上computer1所做的配置拷贝到computer2上
[root@computer1 \~]\# scp /etc/neutron/plugins/ml2/linuxbridge_agent.ini root@computer2:/etc/neutron/plugins/ml2
root@computer2's password:
linuxbridge_agent.ini 100% 6787 4.9MB/s 00:00
[root@computer1 \~]\# scp /etc/neutron/neutron.conf root@computer2:/etc/neutron
root@computer2's password:
neutron.conf 100% 40KB 12.7MB/s 00:00
[root@computer1 \~]\#
在computer2上进行修改.
[root@computer2 \~]\#vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:ens160
[vxlan]
enable_vxlan = true
local_ip = 192.168.100.144
l2_population = true
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
[root@compute02 \~]\# vim /etc/nova/nova.conf
在[neutron]下添加如下内容
[neutron]
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = redhat
重启服务
[root@computer2 \~]\# systemctl restart openstack-nova-compute.service
[root@computer2 \~]\# systemctl enable neutron-linuxbridge-agent.service
[root@computer2 \~]\# systemctl start neutron-linuxbridge-agent.service
7.13在controller控制节点上进行校验
[root@controller \~]\# source admin-openrc.sh
[root@controller \~]\# openstack network agent list
![[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-sS31njIu-1686036947397)(media/0caa01886dcbb27936253e1801fd76b1.png)]](https://img-blog.csdnimg.cn/7a9bc58d84e342dbb78a4e0005c2a630.png)
八、安装horizon
8.1安装dashboard
在controller控制节点上安装。
[root@controller \~]\# yum -y install openstack-dashboard
[root@controller \~]\# vim /etc/openstack-dashboard/local_settings \#\#\#修改配置文件
手动修改以下内容
OPENSTACK_HOST = "controller" \#\#\#原内容为:OPENSTACK_HOST = "127.0.0.1"
ALLOWED_HOSTS = ['\*'] \#\#\#原内容为:ALLOWED_HOSTS = ['horizon.example.com', 'localhost']
TIME_ZONE = "Asia/Shanghai" \#\#\#原内容为:TIME_ZONE = "UTC"
原内容OPENSTACK_KEYSTONE_URL = "http://%s/identity/v3" % OPENSTACK_HOST更改为:
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
增加的内容:
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION': 'controller:11211',
}
}
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"
OPENSTACK_API_VERSIONS = {
"identity": 3,
"image": 2,
"volume": 3,
}
[root@controller ~]# vim /etc/httpd/conf.d/openstack-dashboard.conf ###修改配置文件,添加如下内容.
WSGIApplicationGroup %{GLOBAL}
![[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-6vdS2bOH-1686036947398)(media/b81fc5608132a612c42e910395e11ff5.png)]](https://img-blog.csdnimg.cn/aab45e6faef344f185cd268091e0bc0c.png)
编辑以下两个文件,找到WEBROOT = ‘/’ 修改为WEBROOT = ‘/dashboard’
[root@controller \~]\# vim /usr/share/openstack-dashboard/openstack_dashboard/defaults.py
[root@controller \~]\#vim /usr/share/openstack-dashboard/openstack_dashboard/test/settings.py
8.2 重启memecache和httpd服务
备注:如果所有设备关机后再次开机不能登录OpenStack Dashboard,则在控制节点上重新执行下面的命令即可!!!
[root@controller \~]\# systemctl restart httpd.service memcached.service
输入http://控制节点IP地址/ dashboard
![[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-TyZhSvAV-1686036947398)(media/51c3c094a2803216af3358aac21c33cf.png)][外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-8iXInJXy-1686036947399)(media/14360c1e5f976667ea0c43e280e83b4c.png)]](https://img-blog.csdnimg.cn/56289861dc544b628902e49a69c523ef.png)
++++++++++++关机所有的主机并拍摄快照++++++++++++++++++++
九、登录使用OpenStack
9.1 创建镜像(admin)
![[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-OdRKaogq-1686036947399)(media/2c345d43d6a21f863a84c90732151be3.png)][外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-RLLWrFYL-1686036947400)(media/a40ba1282188a6760bfec4c67d46926c.png)]](https://img-blog.csdnimg.cn/87c93f20dd2f4f3d9851579e57abb116.png)
9.2 创建实例类型(admin)
![[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-0YLlN4I8-1686036947400)(media/55a37e907e2fa327ba4aa5adc29ae80d.png)][外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-473VoORW-1686036947400)(media/9b33d30d69969c662247bbf23494c730.png)]](https://img-blog.csdnimg.cn/d9c617fcfc134adeaf8165a04344ba3c.png)
9.3 创建外部网络
控制节点修改配置文件。
[root@controller \~]\# vim /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2_type_flat]
flat_networks = provider(这个名称特别重要,该名称需要与下面配置文件的参数名称一致)
[root@controller \~]\# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
physical_interface_mappings = provider:ens192\#\#网卡名称根据自己操作系统的网卡名称来修改。
[root@controller \~]\# systemctl restart neutron-server.service neutron-linuxbridge-agent.service。
控制节点做以下操作:
[root@computer1 \~]\# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
physical_interface_mappings = provider:ens192
[root@computer1 \~]\# systemctl restart neutron-linuxbridge-agent.service [root@computer2 \~]\# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
physical_interface_mappings = provider:ens192
[root@computer2 \~]\# systemctl restart neutron-linuxbridge-agent.service
9.4 创建租户和用户
点击新建项目,无反应,点击项目下方的用户,发现弹窗报错。
![[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-q0OcdQIn-1686036947402)(media/e4a2d0d43c0047c305d89e3ef1052ba1.png)] [外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-jnQzmnc7-1686036947403)(media/2d6898a9fdaa8ef8f75426f38ef088f7.png)]](https://img-blog.csdnimg.cn/40f07b78e1874a0c9688918ca16c5a28.png)
原因是因为安装的时候配置user为默认角色,而当前未创建角色。解决方法是要么在角色这里创建user,要么就注释掉之前的配置(安装horizon的时候)。
![[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-YN8NZRI1-1686036947403)(media/3eed8a8bc19cf7b3d30948a1195d159d.png)]](https://img-blog.csdnimg.cn/16a72d60f1c04fa28d84297d3e7a287e.png)
![[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-eLfIGZ5X-1686036947403)(media/eb3cae9627f8f528c35941391ec90635.png)]](https://img-blog.csdnimg.cn/3a5be8acad494c06b20226817555e7a4.png)
9.5开始创建项目(admin)
![[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-vq0C7P0r-1686036947404)(media/b4131b69ab0e2df0c72f97ecbaa76a97.png)] [外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-wwF3Lfep-1686036947404)(media/21da8bc6318a750c3b989dfe74a901e5.png)]](https://img-blog.csdnimg.cn/9568489cf7874201958e49ff2d6e5249.png)
![[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-4zoy482g-1686036947404)(media/6c202bcd561fd72b5f78072579213163.png)]](https://img-blog.csdnimg.cn/a84a31a593ee417ca6ed366113f3a3c4.png)
9.6创建路由器
![[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-qBWai0au-1686036947405)(media/4a703668845861d624f3c6d2edfae2ad.png)]](https://img-blog.csdnimg.cn/75d37c47c8bd4ef4b3a9aaebff20a09f.png)
9.7 user用户登录创建私有网络
![[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-3jqzolYT-1686036947405)(media/8a569676a70a48c0715a22e57976d2a3.png)] [外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-23bURJAb-1686036947405)(media/a251556da3732abb61363209d11bb243.png)] [外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-4FZjHmhj-1686036947406)(media/cbe2a0c0f1e0a5123e007a1bbd4af081.png)]](https://img-blog.csdnimg.cn/43b17a647c284d38bb56b0eae9d8660d.png)
9.8 增加路由接口
9.9创建安全组、设置规则
![[外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传(img-bPKpOlng-1686036947407)(media/7e5a8adef72a39c0062566ed1da75618.png)]](https://img-blog.csdnimg.cn/2c20e824feb3499b86e90bc0a6682595.png)
9.10创建浮动IP
9.11创建密钥对
9.12创建实例-发放云主机
++++++++++++关机所有的主机并拍摄快照++++++++++++++++++++
++++++++++++下一篇分享其他组件的安装以及使用+++++++++++++
瓜分20万奖金 获得内推名额 丰厚实物奖励 易参与易上手
更多推荐
10
0- 0
已为社区贡献2条内容
所有评论(0)