首页 > 其他分享 >openstack部署

openstack部署

时间:2023-07-06 18:55:50浏览次数:62  
标签:00 x86 centos 部署 64 openstack erlang el7

openstack部署

1.基础环境准备

1.1.主机名修改

[root@slave2 ~]# hostnamectl set-hostname controller
[root@slave2 ~]# bash
[root@controller ~]# 
# 修改后hostname文件内容对应修改
[root@controller ~]# cat /etc/hostname
controller

1.2.yum源配置

# 切换到yum目录
[root@controller ~]# cd /etc/yum.repos.d/
# 创建备份目录
[root@controller yum.repos.d]# mkdir repo.bak
[root@controller yum.repos.d]# ls
CentOS-Base.repo  CentOS-Debuginfo.repo  CentOS-Media.repo    CentOS-Vault.repo
CentOS-CR.repo    CentOS-fasttrack.repo  CentOS-Sources.repo  repo.bak
# 把原来的yum文件移到到备份目录
[root@controller yum.repos.d]# mv *.repo repo.bak/
# 下载阿里的yum源
[root@controller yum.repos.d]# curl -o /etc/yum.repos.d/CentOS-Base.repo  http://mirrors.aliyun.com/repo/Centos-7.repo
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  2523  100  2523    0     0  15162      0 --:--:-- --:--:-- --:--:-- 15198
# 清理yum
[root@controller yum.repos.d]# yum clean all
Loaded plugins: fastestmirror
Cleaning repos: base extras updates
Cleaning up everything
Maybe you want: rm -rf /var/cache/yum, to also free up space taken by orphaned data from disabled or removed repos
[root@controller yum.repos.d]# yum makecache
Loaded plugins: fastestmirror
Determining fastest mirrors
 * base: mirrors.aliyun.com
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
base                                                               | 3.6 kB  00:00:00     
extras                                                             | 2.9 kB  00:00:00     
updates                                                            | 2.9 kB  00:00:00 
(1/10): base/7/x86_64/group_gz                                     | 153 kB  00:00:00     
(2/10): extras/7/x86_64/filelists_db                               | 276 kB  00:00:00     
(3/10): extras/7/x86_64/other_db                                   | 149 kB  00:00:00     
(4/10): base/7/x86_64/other_db                                     | 2.6 MB  00:00:03 
Trying other mirror.
(5/10): updates/7/x86_64/filelists_db                              |  11 MB  00:00:21     
(6/10): extras/7/x86_64/primary_db                                 | 249 kB  00:00:01 
(7/10): updates/7/x86_64/other_db                                  | 1.3 MB  00:00:03     
(8/10): base/7/x86_64/primary_db                                   | 6.1 MB  00:00:07     
(9/10): base/7/x86_64/filelists_db                                 | 7.2 MB  00:00:14     
(10/10): updates/7/x86_64/primary_db                               |  20 MB  00:00:44     
Metadata Cache Created

1.3本地域名的解析

直接通过主机名访问主机,需要将主机名和IP地址进行绑定,绑定工作可以通过本地域名解析来实现。
Linux中的 /etc/hosts 文件可以将一些常用的域名和对应的IP建立对应关系。
# 每一行都表示一个域名到Ip地址的映射关系
# 127.0.0.1表示IPv4的本地IP地址
# ::1表示IPv6的本地IP地址
[root@controller yum.repos.d]# vi /etc/hosts
[root@controller yum.repos.d]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.100.131   controller
# ping通,解析正常
[root@controller yum.repos.d]# ping controller
PING controller (192.168.100.131) 56(84) bytes of data.
64 bytes from controller (192.168.100.131): icmp_seq=1 ttl=64 time=0.009 ms
64 bytes from controller (192.168.100.131): icmp_seq=7 ttl=64 time=0.017 ms
64 bytes from controller (192.168.100.131): icmp_seq=8 ttl=64 time=0.017 ms
64 bytes from controller (192.168.100.131): icmp_seq=9 ttl=64 time=0.017 ms
^C
--- controller ping statistics ---
9 packets transmitted, 9 received, 0% packet loss, time 8000ms
rtt min/avg/max/mdev = 0.009/0.018/0.038/0.008 ms

二.Openstack基础支持服务

Openstack平台需要借助多种第三方提供的基础服务才能正常运行,数据库、消息队列、时间同步、缓存服务等。

2.1Chrony时间同步服务

同一个系统内的计算机时间必须保持一致才能保证系统工作正常。
Chrony软件是一款开源的自由软件,包括两个核心组件:chronyd(后台守护程序)和chronyc(命令行用户管理工具)。
2.1.1时间同步服务配置
# 安装chrony
[root@controller ~]# yum install -y  chrony
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.aliyun.com
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package chrony.x86_64 0:3.4-1.el7 will be installed
--> Processing Dependency: libseccomp.so.2()(64bit) for package: chrony-3.4-1.el7.x86_64
--> Running transaction check
---> Package libseccomp.x86_64 0:2.3.1-4.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

==========================================================================================
 Package                Arch               Version                 Repository        Size
==========================================================================================
Installing:
 chrony                 x86_64             3.4-1.el7               base             251 k
Installing for dependencies:
 libseccomp             x86_64             2.3.1-4.el7             base              56 k

Transaction Summary
==========================================================================================
Install  1 Package (+1 Dependent package)

Total download size: 307 k
Installed size: 788 k
Downloading packages:
warning: /var/cache/yum/x86_64/7/base/packages/libseccomp-2.3.1-4.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for libseccomp-2.3.1-4.el7.x86_64.rpm is not installed
(1/2): libseccomp-2.3.1-4.el7.x86_64.rpm                           |  56 kB  00:00:00     
(2/2): chrony-3.4-1.el7.x86_64.rpm                                 | 251 kB  00:00:00     
------------------------------------------------------------------------------------------
Total                                                     458 kB/s | 307 kB  00:00:00     
Retrieving key from http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
 Userid     : "CentOS-7 Key (CentOS 7 Official Signing Key) <[email protected]>"
 Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
 From       : http://mirrors.aliyun.com/centos/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : libseccomp-2.3.1-4.el7.x86_64                                          1/2 
  Installing : chrony-3.4-1.el7.x86_64                                                2/2 
  Verifying  : libseccomp-2.3.1-4.el7.x86_64                                          1/2 
  Verifying  : chrony-3.4-1.el7.x86_64                                                2/2 

Installed:
  chrony.x86_64 0:3.4-1.el7                                                               

Dependency Installed:
  libseccomp.x86_64 0:2.3.1-4.el7                                                         

Complete!
# 修改chrony配置文件
# Allow NTP client access from local network.
allow 192.168.100.0/24   # 设置允许某个网段的chrony客户端使用本机NTP服务
# 修改配置后,重启服务生效
[root@controller ~]# systemctl restart chronyd
[root@controller ~]# systemctl enable chronyd
2.1.2时间同步服务管理
时间同步由chronyc命令进行监控和管理。
# 查看当前客户端与NTP服务器连接情况(不加-v)
[root@controller ~]# chronyc sources
210 Number of sources = 4
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* time.neu.edu.cn               1   6    37    12    -36us[-1346us] +/-   17ms
^? ntp.wdc2.us.leaseweb.net      2   6     1    11  +5152us[+5152us] +/-  236ms
^- ntp1.flashdance.cx            2   6    37    12   +327us[ -979us] +/-  166ms
^- 119.28.206.193                2   6    73    11   +957us[ +957us] +/-   51ms
# 查看当前客户端与NTP服务器连接情况(加-v)
[root@controller ~]# chronyc sources -v
210 Number of sources = 4

  .-- Source mode  '^' = server, '=' = peer, '#' = local clock.
 / .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| /   '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
||                                                 .- xxxx [ yyyy ] +/- zzzz
||      Reachability register (octal) -.           |  xxxx = adjusted offset,
||      Log2(Polling interval) --.      |          |  yyyy = measured offset,
||                                \     |          |  zzzz = estimated error.
||                                 |    |           \
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^* time.neu.edu.cn               1   6    37    33    -36us[-1346us] +/-   17ms
^? ntp.wdc2.us.leaseweb.net      2   6     1    32  +5152us[+5152us] +/-  236ms
^- ntp1.flashdance.cx            2   6    37    34   +327us[ -979us] +/-  166ms
^- 119.28.206.193                2   6    73    33   +957us[ +957us] +/-   51ms
# 查看 ntp服务器 是否在线
[root@controller ~]# chronyc activity 
200 OK
4 sources online
0 sources offline
0 sources doing burst (return to online)
0 sources doing burst (return to offline)
0 sources with unknown address

2.2Openstack云计算平台框架

安装组件前,需要先将框架搭建起来。因此要安装由CentOS官方发布的Openstack云计算框架与客户端管理工具。
# 1.安装Openstack框架
[root@controller ~]# yum -y install centos-release-openstack-train
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.aliyun.com
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package centos-release-openstack-train.noarch 0:1-1.el7.centos will be installed
--> Processing Dependency: centos-release-qemu-ev for package: centos-release-openstack-train-1-1.el7.centos.noarch
--> Processing Dependency: centos-release-ceph-nautilus for package: centos-release-openstack-train-1-1.el7.centos.noarch
--> Running transaction check
---> Package centos-release-ceph-nautilus.noarch 0:1.2-2.el7.centos will be installed
--> Processing Dependency: centos-release >= 7-5.1804.el7.centos.2 for package: centos-release-ceph-nautilus-1.2-2.el7.centos.noarch
--> Processing Dependency: centos-release-storage-common for package: centos-release-ceph-nautilus-1.2-2.el7.centos.noarch
--> Processing Dependency: centos-release-nfs-ganesha28 for package: centos-release-ceph-nautilus-1.2-2.el7.centos.noarch
---> Package centos-release-qemu-ev.noarch 0:1.0-4.el7.centos will be installed
--> Processing Dependency: centos-release-virt-common for package: centos-release-qemu-ev-1.0-4.el7.centos.noarch
--> Running transaction check
---> Package centos-release.x86_64 0:7-5.1804.el7.centos will be updated
---> Package centos-release.x86_64 0:7-9.2009.1.el7.centos will be an update
---> Package centos-release-nfs-ganesha28.noarch 0:1.0-3.el7.centos will be installed
---> Package centos-release-storage-common.noarch 0:2-2.el7.centos will be installed
---> Package centos-release-virt-common.noarch 0:1-1.el7.centos will be installed
--> Finished Dependency Resolution

Dependencies Resolved

==========================================================================================
 Package                           Arch      Version                     Repository  Size
==========================================================================================
Installing:
 centos-release-openstack-train    noarch    1-1.el7.centos              extras     5.3 k
Installing for dependencies:
 centos-release-ceph-nautilus      noarch    1.2-2.el7.centos            extras     5.1 k
 centos-release-nfs-ganesha28      noarch    1.0-3.el7.centos            extras     4.3 k
 centos-release-qemu-ev            noarch    1.0-4.el7.centos            extras      11 k
 centos-release-storage-common     noarch    2-2.el7.centos              extras     5.1 k
 centos-release-virt-common        noarch    1-1.el7.centos              extras     4.5 k
Updating for dependencies:
 centos-release                    x86_64    7-9.2009.1.el7.centos       updates     27 k

Transaction Summary
==========================================================================================
Install  1 Package  (+5 Dependent packages)
Upgrade             ( 1 Dependent package)

Total download size: 62 k
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
(1/7): centos-release-ceph-nautilus-1.2-2.el7.centos.noarch.rpm    | 5.1 kB  00:00:00     
(2/7): centos-release-nfs-ganesha28-1.0-3.el7.centos.noarch.rpm    | 4.3 kB  00:00:00     
(3/7): centos-release-openstack-train-1-1.el7.centos.noarch.rpm    | 5.3 kB  00:00:00     
(4/7): centos-release-7-9.2009.1.el7.centos.x86_64.rpm             |  27 kB  00:00:00     
(5/7): centos-release-qemu-ev-1.0-4.el7.centos.noarch.rpm          |  11 kB  00:00:00     
(6/7): centos-release-storage-common-2-2.el7.centos.noarch.rpm     | 5.1 kB  00:00:00     
(7/7): centos-release-virt-common-1-1.el7.centos.noarch.rpm        | 4.5 kB  00:00:00     
------------------------------------------------------------------------------------------
Total                                                     234 kB/s |  62 kB  00:00:00     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Updating   : centos-release-7-9.2009.1.el7.centos.x86_64                            1/8 
warning: /etc/yum/vars/contentdir created as /etc/yum/vars/contentdir.rpmnew
  Installing : centos-release-storage-common-2-2.el7.centos.noarch                    2/8 
  Installing : centos-release-nfs-ganesha28-1.0-3.el7.centos.noarch                   3/8 
  Installing : centos-release-ceph-nautilus-1.2-2.el7.centos.noarch                   4/8 
  Installing : centos-release-virt-common-1-1.el7.centos.noarch                       5/8 
  Installing : centos-release-qemu-ev-1.0-4.el7.centos.noarch                         6/8 
  Installing : centos-release-openstack-train-1-1.el7.centos.noarch                   7/8 
  Cleanup    : centos-release-7-5.1804.el7.centos.x86_64                              8/8 
  Verifying  : centos-release-openstack-train-1-1.el7.centos.noarch                   1/8 
  Verifying  : centos-release-nfs-ganesha28-1.0-3.el7.centos.noarch                   2/8 
  Verifying  : centos-release-7-9.2009.1.el7.centos.x86_64                            3/8 
  Verifying  : centos-release-ceph-nautilus-1.2-2.el7.centos.noarch                   4/8 
  Verifying  : centos-release-virt-common-1-1.el7.centos.noarch                       5/8 
  Verifying  : centos-release-storage-common-2-2.el7.centos.noarch                    6/8 
  Verifying  : centos-release-qemu-ev-1.0-4.el7.centos.noarch                         7/8 
  Verifying  : centos-release-7-5.1804.el7.centos.x86_64                              8/8 

Installed:
  centos-release-openstack-train.noarch 0:1-1.el7.centos                                  

Dependency Installed:
  centos-release-ceph-nautilus.noarch 0:1.2-2.el7.centos                                  
  centos-release-nfs-ganesha28.noarch 0:1.0-3.el7.centos                                  
  centos-release-qemu-ev.noarch 0:1.0-4.el7.centos                                        
  centos-release-storage-common.noarch 0:2-2.el7.centos                                   
  centos-release-virt-common.noarch 0:1-1.el7.centos                                      

Dependency Updated:
  centos-release.x86_64 0:7-9.2009.1.el7.centos                                           

Complete!
# 升级所有的软件包
# 自动检查所有可升级的软件包并升级
[root@controller ~]# yum upgrade -y
 ......                                                           

Replaced:
  grub2.x86_64 1:2.02-0.65.el7.centos.2      grub2-tools.x86_64 1:2.02-0.65.el7.centos.2 
  iwl7265-firmware.noarch 0:22.0.7.0-62.el7  python-pyudev.noarch 0:0.15-9.el7           

Complete!
#安装openstack客户端
[root@controller ~]# yum install -y python-openstackclient
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.aliyun.com
 * centos-ceph-nautilus: mirrors.cqu.edu.cn
 * centos-nfs-ganesha28: mirrors.ustc.edu.cn
 * centos-openstack-train: mirrors.cqu.edu.cn
 * centos-qemu-ev: mirrors.cqu.edu.cn
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
    ......
      python2-pyparsing.noarch 0:2.3.1-1.el7                                                  
  python2-pyperclip.noarch 0:1.6.4-1.el7                                                  
  python2-pysocks.noarch 0:1.5.6-3.el7                                                    
  python2-requests.noarch 0:2.21.0-3.el7                                                  
  python2-requestsexceptions.noarch 0:1.4.0-1.el7                                         
  python2-rfc3986.noarch 0:1.2.0-1.el7                                                    
  python2-setuptools.noarch 0:40.8.0-1.el7                                                
  python2-simplejson.x86_64 0:3.16.0-5.el7                                                
  python2-stevedore.noarch 0:1.31.0-2.el7                                                 
  python2-subprocess32.x86_64 0:3.2.6-14.el7                                              
  python2-urllib3.noarch 0:1.24.1-3.el7                                                   
  python2-wcwidth.noarch 0:0.1.7-8.el7                                                    
  python2-wrapt.x86_64 0:1.11.1-1.el7                                                     
  pytz.noarch 0:2016.10-2.el7                                                             
  rsync.x86_64 0:3.1.2-12.el7_9                                                           

Complete!
# 查看openstack的版本号
[root@controller ~]# openstack --version
openstack 4.0.2

3.mariadb数据库

Mysql的创始人Michel Widenius主导开发完全兼容MYSQL、开源免费的MariaDB数据库。
MariaDB采用Maria存储引擎的MYSQL数据库的分支版本。
3.1安装mariadb
# mariadb-server:数据库后台服务
# python2-PyMySQL:python访问数据库的模块
[root@controller ~]# yum install -y mariadb-server python2-PyMySQL
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.aliyun.com
 * centos-ceph-nautilus: mirrors.cqu.edu.cn
 * centos-nfs-ganesha28: mirrors.ustc.edu.cn
 * centos-openstack-train: mirrors.ustc.edu.cn
 * centos-qemu-ev: mirrors.ustc.edu.cn
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package mariadb-server.x86_64 3:10.3.20-3.el7.0.0.rdo1 will be installed
--> Processing Dependency: mariadb-errmsg(x86-64) = 3:10.3.20-3.el7.0.0.rdo1 for package: 3:mariadb-server-10.3.20-3.el7.0.0.rdo1.x86_64
--> Processing Dependency: mysql(x86-64) for package: 3:mariadb-server-10.3.20-3.el7.0.0.rdo1.x86_64
--> Processing Dependency: mysql-compat-client(x86-64) for package: 3:mariadb-server-10.3.20-3.el7.0.0.rdo1.x86_64
--> Processing Dependency: psmisc for package: 3:mariadb-server-10.3.20-3.el7.0.0.rdo1.x86_64
---> Package python2-PyMySQL.noarch 0:0.9.2-2.el7 will be installed
--> Running transaction check
---> Package mariadb.x86_64 3:10.3.20-3.el7.0.0.rdo1 will be installed
---> Package mariadb-errmsg.x86_64 3:10.3.20-3.el7.0.0.rdo1 will be installed
---> Package psmisc.x86_64 0:22.20-17.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

==========================================================================================
 Package            Arch      Version                     Repository                 Size
==========================================================================================
Installing:
 mariadb-server     x86_64    3:10.3.20-3.el7.0.0.rdo1    centos-openstack-train     16 M
 python2-PyMySQL    noarch    0.9.2-2.el7                 centos-openstack-train     92 k
Installing for dependencies:
 mariadb            x86_64    3:10.3.20-3.el7.0.0.rdo1    centos-openstack-train    5.9 M
 mariadb-errmsg     x86_64    3:10.3.20-3.el7.0.0.rdo1    centos-openstack-train    229 k
 psmisc             x86_64    22.20-17.el7                base                      141 k

Transaction Summary
==========================================================================================
Install  2 Packages (+3 Dependent packages)

Total size: 22 M
Total download size: 141 k
Installed size: 122 M
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.
psmisc-22.20-17.el7.x86_64.rpm                                     | 141 kB  00:00:00     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : 3:mariadb-errmsg-10.3.20-3.el7.0.0.rdo1.x86_64                         1/5 
  Installing : psmisc-22.20-17.el7.x86_64                                             2/5 
  Installing : 3:mariadb-10.3.20-3.el7.0.0.rdo1.x86_64                                3/5 
  Installing : 3:mariadb-server-10.3.20-3.el7.0.0.rdo1.x86_64                         4/5 
  Installing : python2-PyMySQL-0.9.2-2.el7.noarch                                     5/5 
  Verifying  : 3:mariadb-10.3.20-3.el7.0.0.rdo1.x86_64                                1/5 
  Verifying  : python2-PyMySQL-0.9.2-2.el7.noarch                                     2/5 
  Verifying  : psmisc-22.20-17.el7.x86_64                                             3/5 
  Verifying  : 3:mariadb-server-10.3.20-3.el7.0.0.rdo1.x86_64                         4/5 
  Verifying  : 3:mariadb-errmsg-10.3.20-3.el7.0.0.rdo1.x86_64                         5/5 

Installed:
  mariadb-server.x86_64 3:10.3.20-3.el7.0.0.rdo1   python2-PyMySQL.noarch 0:0.9.2-2.el7  

Dependency Installed:
  mariadb.x86_64 3:10.3.20-3.el7.0.0.rdo1  mariadb-errmsg.x86_64 3:10.3.20-3.el7.0.0.rdo1 
  psmisc.x86_64 0:22.20-17.el7            

Complete!
3.2编辑数据库配置文件
[root@controller ~]# cd /etc/my.cnf.d/
[root@controller my.cnf.d]# ls
client.cnf  enable_encryption.preset  mariadb-server.cnf  mysql-clients.cnf
# 创建文件
[root@controller my.cnf.d]# touch openstack.cnf
# 写入信息
[root@controller my.cnf.d]# vi openstack.cnf 
[root@controller my.cnf.d]# cat openstack.cnf 
[mysqld]
bind-address = 192.168.100.131
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
3.3启动mariadb
# 设置开机启动
[root@controller my.cnf.d]# systemctl enable mariadb
Created symlink from /etc/systemd/system/mysql.service to /usr/lib/systemd/system/mariadb.service.
Created symlink from /etc/systemd/system/mysqld.service to /usr/lib/systemd/system/mariadb.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
# 立即启动数据库
[root@controller my.cnf.d]# systemctl start mariadb
# 检查数据库启动情况
[root@controller my.cnf.d]# systemctl status mariadb
● mariadb.service - MariaDB 10.3 database server
   Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2023-04-13 15:00:04 CST; 16s ago
     Docs: man:mysqld(8)
           https://mariadb.com/kb/en/library/systemd/
  Process: 48088 ExecStartPost=/usr/libexec/mysql-check-upgrade (code=exited, status=0/SUCCESS)
  Process: 47952 ExecStartPre=/usr/libexec/mysql-prepare-db-dir %n (code=exited, status=0/SUCCESS)
  Process: 47927 ExecStartPre=/usr/libexec/mysql-check-socket (code=exited, status=0/SUCCESS)
 Main PID: 48056 (mysqld)
   Status: "Taking your SQL requests now..."
   CGroup: /system.slice/mariadb.service
           └─48056 /usr/libexec/mysqld --basedir=/usr

Apr 13 15:00:03 controller mysql-prepare-db-dir[47952]: Please report any problems at ...a
Apr 13 15:00:03 controller mysql-prepare-db-dir[47952]: The latest information about M....
Apr 13 15:00:03 controller mysql-prepare-db-dir[47952]: You can find additional inform...:
Apr 13 15:00:03 controller mysql-prepare-db-dir[47952]: http://dev.mysql.com
Apr 13 15:00:03 controller mysql-prepare-db-dir[47952]: Consider joining MariaDB's str...:
Apr 13 15:00:03 controller mysql-prepare-db-dir[47952]: https://mariadb.org/get-involved/
Apr 13 15:00:04 controller mysqld[48056]: 2023-04-13 15:00:04 0 [Note] /usr/libexec/m.....
Apr 13 15:00:04 controller mysqld[48056]: 2023-04-13 15:00:04 0 [Warning] Could not i...9)
Apr 13 15:00:04 controller mysqld[48056]: 2023-04-13 15:00:04 0 [Warning] Changed lim...0)
Apr 13 15:00:04 controller systemd[1]: Started MariaDB 10.3 database server.
Hint: Some lines were ellipsized, use -l to show in full.
3.4初始化mariadb数据库
[root@controller my.cnf.d]# mysql_secure_installation 

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):   #输入当前密码,没有则直接按【Enter】键
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] Y   #是否设置新密码
New password:                #输入新密码
Re-enter new password:       #确认新密码
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y     #是否去掉匿名用户 
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Y   #是否禁止root用户远程登录
 ... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Y    #是否去掉测试数据库
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] Y     #是否重新加载权限表
 ... Success! 

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!
3.5登录和使用数据库
# 登录数据库
[root@controller my.cnf.d]# mysql -u root -p 
Enter password: 
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 17
Server version: 10.3.20-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| performance_schema |
+--------------------+
3 rows in set (0.000 sec)

MariaDB [(none)]> use mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
MariaDB [mysql]> show tables;
+---------------------------+
| Tables_in_mysql           |
+---------------------------+
| column_stats              |
| columns_priv              |
| db                        |
| event                     |
| func                      |
| general_log               |
| gtid_slave_pos            |
| help_category             |
| help_keyword              |
| help_relation             |
| help_topic                |
| host                      |
| index_stats               |
| innodb_index_stats        |
| innodb_table_stats        |
| plugin                    |
| proc                      |
| procs_priv                |
| proxies_priv              |
| roles_mapping             |
| servers                   |
| slow_log                  |
| table_stats               |
| tables_priv               |
| time_zone                 |
| time_zone_leap_second     |
| time_zone_name            |
| time_zone_transition      |
| time_zone_transition_type |
| transaction_registry      |
| user                      |
+---------------------------+
31 rows in set (0.000 sec)

MariaDB [mysql]> exit;
Bye

4.RabbitMQ消息队列服务

消息队列(Message Queue,MQ)是一种应用间的通信方式,消息发送到消息队列后由消息队列来确保消息的可靠传递,即消息发布者和消息使用者之间并不产生直接关系。
OpenStack各个组件之间就是通过消息队列进行相互通信的。其中RabbitMQ是一个开源的、应用广泛的消息服务系统。
通常使用RabbitMQ为OpenStack提供消息队列服务。
# 安装RabbitMQ消息队列
[root@controller my.cnf.d]# yum install -y rabbitmq-server
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.aliyun.com
 * centos-ceph-nautilus: ftp.sjtu.edu.cn
 * centos-nfs-ganesha28: ftp.sjtu.edu.cn
 * centos-openstack-train: ftp.sjtu.edu.cn
 * centos-qemu-ev: mirrors.cqu.edu.cn
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package rabbitmq-server.noarch 0:3.6.16-1.el7 will be installed
--> Processing Dependency: erlang-eldap >= 18 for package: rabbitmq-server-3.6.16-1.el7.noarch
--> Processing Dependency: erlang-erts >= 18 for package: rabbitmq-server-3.6.16-1.el7.noarch
--> Processing Dependency: erlang-kernel >= 18 for package: rabbitmq-server-3.6.16-1.el7.noarch
--> Processing Dependency: erlang-mnesia >= 18 for package: rabbitmq-server-3.6.16-1.el7.noarch
--> Processing Dependency: erlang-os_mon >= 18 for package: rabbitmq-server-3.6.16-1.el7.noarch
--> Processing Dependency: erlang-public_key >= 18 for package: rabbitmq-server-3.6.16-1.el7.noarch
--> Processing Dependency: erlang-sasl >= 18 for package: rabbitmq-server-3.6.16-1.el7.noarch
--> Processing Dependency: erlang-ssl >= 18 for package: rabbitmq-server-3.6.16-1.el7.noarch
--> Processing Dependency: erlang-stdlib >= 18 for package: rabbitmq-server-3.6.16-1.el7.noarch
--> Processing Dependency: erlang-tools >= 18 for package: rabbitmq-server-3.6.16-1.el7.noarch
--> Processing Dependency: erlang-xmerl >= 18 for package: rabbitmq-server-3.6.16-1.el7.noarch
--> Processing Dependency: erlang-sd_notify for package: rabbitmq-server-3.6.16-1.el7.noarch
--> Running transaction check
---> Package erlang-eldap.x86_64 0:19.3.6.4-1.el7 will be installed
--> Processing Dependency: erlang-asn1(x86-64) = 19.3.6.4-1.el7 for package: erlang-eldap-19.3.6.4-1.el7.x86_64
---> Package erlang-erts.x86_64 0:19.3.6.4-1.el7 will be installed
--> Processing Dependency: lksctp-tools for package: erlang-erts-19.3.6.4-1.el7.x86_64
---> Package erlang-kernel.x86_64 0:19.3.6.4-1.el7 will be installed
---> Package erlang-mnesia.x86_64 0:19.3.6.4-1.el7 will be installed
---> Package erlang-os_mon.x86_64 0:19.3.6.4-1.el7 will be installed
--> Processing Dependency: erlang-otp_mibs(x86-64) = 19.3.6.4-1.el7 for package: erlang-os_mon-19.3.6.4-1.el7.x86_64
--> Processing Dependency: erlang-snmp(x86-64) = 19.3.6.4-1.el7 for package: erlang-os_mon-19.3.6.4-1.el7.x86_64
---> Package erlang-public_key.x86_64 0:19.3.6.4-1.el7 will be installed
--> Processing Dependency: erlang-crypto(x86-64) = 19.3.6.4-1.el7 for package: erlang-public_key-19.3.6.4-1.el7.x86_64
---> Package erlang-sasl.x86_64 0:19.3.6.4-1.el7 will be installed
---> Package erlang-sd_notify.x86_64 0:1.0-2.el7 will be installed
---> Package erlang-ssl.x86_64 0:19.3.6.4-1.el7 will be installed
--> Processing Dependency: erlang-inets(x86-64) = 19.3.6.4-1.el7 for package: erlang-ssl-19.3.6.4-1.el7.x86_64
---> Package erlang-stdlib.x86_64 0:19.3.6.4-1.el7 will be installed
--> Processing Dependency: erlang-compiler(x86-64) = 19.3.6.4-1.el7 for package: erlang-stdlib-19.3.6.4-1.el7.x86_64
---> Package erlang-tools.x86_64 0:19.3.6.4-1.el7 will be installed
--> Processing Dependency: erlang-runtime_tools(x86-64) = 19.3.6.4-1.el7 for package: erlang-tools-19.3.6.4-1.el7.x86_64
---> Package erlang-xmerl.x86_64 0:19.3.6.4-1.el7 will be installed
--> Running transaction check
---> Package erlang-asn1.x86_64 0:19.3.6.4-1.el7 will be installed
---> Package erlang-compiler.x86_64 0:19.3.6.4-1.el7 will be installed
--> Processing Dependency: erlang-hipe(x86-64) = 19.3.6.4-1.el7 for package: erlang-compiler-19.3.6.4-1.el7.x86_64
---> Package erlang-crypto.x86_64 0:19.3.6.4-1.el7 will be installed
---> Package erlang-inets.x86_64 0:19.3.6.4-1.el7 will be installed
---> Package erlang-otp_mibs.x86_64 0:19.3.6.4-1.el7 will be installed
---> Package erlang-runtime_tools.x86_64 0:19.3.6.4-1.el7 will be installed
---> Package erlang-snmp.x86_64 0:19.3.6.4-1.el7 will be installed
---> Package lksctp-tools.x86_64 0:1.0.17-2.el7 will be installed
--> Running transaction check
---> Package erlang-hipe.x86_64 0:19.3.6.4-1.el7 will be installed
--> Processing Dependency: erlang-syntax_tools(x86-64) = 19.3.6.4-1.el7 for package: erlang-hipe-19.3.6.4-1.el7.x86_64
--> Running transaction check
---> Package erlang-syntax_tools.x86_64 0:19.3.6.4-1.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

==========================================================================================
 Package                  Arch       Version             Repository                  Size
==========================================================================================
Installing:
 rabbitmq-server          noarch     3.6.16-1.el7        centos-openstack-train     4.6 M
Installing for dependencies:
 erlang-asn1              x86_64     19.3.6.4-1.el7      centos-openstack-train     737 k
 erlang-compiler          x86_64     19.3.6.4-1.el7      centos-openstack-train     1.1 M
 erlang-crypto            x86_64     19.3.6.4-1.el7      centos-openstack-train     122 k
 erlang-eldap             x86_64     19.3.6.4-1.el7      centos-openstack-train     120 k
 erlang-erts              x86_64     19.3.6.4-1.el7      centos-openstack-train     3.0 M
 erlang-hipe              x86_64     19.3.6.4-1.el7      centos-openstack-train     2.6 M
 erlang-inets             x86_64     19.3.6.4-1.el7      centos-openstack-train     766 k
 erlang-kernel            x86_64     19.3.6.4-1.el7      centos-openstack-train     1.1 M
 erlang-mnesia            x86_64     19.3.6.4-1.el7      centos-openstack-train     769 k
 erlang-os_mon            x86_64     19.3.6.4-1.el7      centos-openstack-train     118 k
 erlang-otp_mibs          x86_64     19.3.6.4-1.el7      centos-openstack-train      37 k
 erlang-public_key        x86_64     19.3.6.4-1.el7      centos-openstack-train     585 k
 erlang-runtime_tools     x86_64     19.3.6.4-1.el7      centos-openstack-train     214 k
 erlang-sasl              x86_64     19.3.6.4-1.el7      centos-openstack-train     293 k
 erlang-sd_notify         x86_64     1.0-2.el7           centos-openstack-train     9.9 k
 erlang-snmp              x86_64     19.3.6.4-1.el7      centos-openstack-train     1.6 M
 erlang-ssl               x86_64     19.3.6.4-1.el7      centos-openstack-train     788 k
 erlang-stdlib            x86_64     19.3.6.4-1.el7      centos-openstack-train     2.4 M
 erlang-syntax_tools      x86_64     19.3.6.4-1.el7      centos-openstack-train     408 k
 erlang-tools             x86_64     19.3.6.4-1.el7      centos-openstack-train     567 k
 erlang-xmerl             x86_64     19.3.6.4-1.el7      centos-openstack-train     1.0 M
 lksctp-tools             x86_64     1.0.17-2.el7        base                        88 k

Transaction Summary
==========================================================================================
Install  1 Package (+22 Dependent packages)

Total download size: 23 M
Installed size: 40 M
Downloading packages:
(1/23): erlang-compiler-19.3.6.4-1.el7.x86_64.rpm                  | 1.1 MB  00:00:00     
(2/23): erlang-crypto-19.3.6.4-1.el7.x86_64.rpm                    | 122 kB  00:00:00     
(3/23): erlang-asn1-19.3.6.4-1.el7.x86_64.rpm                      | 737 kB  00:00:00     
(4/23): erlang-eldap-19.3.6.4-1.el7.x86_64.rpm                     | 120 kB  00:00:00     
(5/23): erlang-hipe-19.3.6.4-1.el7.x86_64.rpm                      | 2.6 MB  00:00:00     
(6/23): erlang-erts-19.3.6.4-1.el7.x86_64.rpm                      | 3.0 MB  00:00:00     
(7/23): erlang-inets-19.3.6.4-1.el7.x86_64.rpm                     | 766 kB  00:00:00     
(8/23): erlang-mnesia-19.3.6.4-1.el7.x86_64.rpm                    | 769 kB  00:00:00     
(9/23): erlang-os_mon-19.3.6.4-1.el7.x86_64.rpm                    | 118 kB  00:00:00     
(10/23): erlang-kernel-19.3.6.4-1.el7.x86_64.rpm                   | 1.1 MB  00:00:00     
(11/23): erlang-otp_mibs-19.3.6.4-1.el7.x86_64.rpm                 |  37 kB  00:00:00     
(12/23): erlang-runtime_tools-19.3.6.4-1.el7.x86_64.rpm            | 214 kB  00:00:00     
(13/23): erlang-public_key-19.3.6.4-1.el7.x86_64.rpm               | 585 kB  00:00:00     
(14/23): erlang-sasl-19.3.6.4-1.el7.x86_64.rpm                     | 293 kB  00:00:00     
(15/23): erlang-sd_notify-1.0-2.el7.x86_64.rpm                     | 9.9 kB  00:00:00     
(16/23): erlang-ssl-19.3.6.4-1.el7.x86_64.rpm                      | 788 kB  00:00:00     
(17/23): erlang-snmp-19.3.6.4-1.el7.x86_64.rpm                     | 1.6 MB  00:00:00     
(18/23): erlang-syntax_tools-19.3.6.4-1.el7.x86_64.rpm             | 408 kB  00:00:00     
(19/23): erlang-tools-19.3.6.4-1.el7.x86_64.rpm                    | 567 kB  00:00:00     
(20/23): erlang-stdlib-19.3.6.4-1.el7.x86_64.rpm                   | 2.4 MB  00:00:00     
(21/23): erlang-xmerl-19.3.6.4-1.el7.x86_64.rpm                    | 1.0 MB  00:00:00     
(22/23): lksctp-tools-1.0.17-2.el7.x86_64.rpm                      |  88 kB  00:00:00     
(23/23): rabbitmq-server-3.6.16-1.el7.noarch.rpm                   | 4.6 MB  00:00:00     
------------------------------------------------------------------------------------------
Total                                                      10 MB/s |  23 MB  00:00:02     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : lksctp-tools-1.0.17-2.el7.x86_64                                      1/23 
  Installing : erlang-syntax_tools-19.3.6.4-1.el7.x86_64                             2/23 
  Installing : erlang-hipe-19.3.6.4-1.el7.x86_64                                     3/23 
  Installing : erlang-compiler-19.3.6.4-1.el7.x86_64                                 4/23 
  Installing : erlang-crypto-19.3.6.4-1.el7.x86_64                                   5/23 
  Installing : erlang-stdlib-19.3.6.4-1.el7.x86_64                                   6/23 
  Installing : erlang-erts-19.3.6.4-1.el7.x86_64                                     7/23 
  Installing : erlang-kernel-19.3.6.4-1.el7.x86_64                                   8/23 
  Installing : erlang-mnesia-19.3.6.4-1.el7.x86_64                                   9/23 
  Installing : erlang-runtime_tools-19.3.6.4-1.el7.x86_64                           10/23 
  Installing : erlang-snmp-19.3.6.4-1.el7.x86_64                                    11/23 
  Installing : erlang-asn1-19.3.6.4-1.el7.x86_64                                    12/23 
  Installing : erlang-public_key-19.3.6.4-1.el7.x86_64                              13/23 
  Installing : erlang-inets-19.3.6.4-1.el7.x86_64                                   14/23 
  Installing : erlang-ssl-19.3.6.4-1.el7.x86_64                                     15/23 
  Installing : erlang-tools-19.3.6.4-1.el7.x86_64                                   16/23 
  Installing : erlang-sasl-19.3.6.4-1.el7.x86_64                                    17/23 
  Installing : erlang-eldap-19.3.6.4-1.el7.x86_64                                   18/23 
  Installing : erlang-otp_mibs-19.3.6.4-1.el7.x86_64                                19/23 
  Installing : erlang-os_mon-19.3.6.4-1.el7.x86_64                                  20/23 
  Installing : erlang-xmerl-19.3.6.4-1.el7.x86_64                                   21/23 
  Installing : erlang-sd_notify-1.0-2.el7.x86_64                                    22/23 
  Installing : rabbitmq-server-3.6.16-1.el7.noarch                                  23/23 
  Verifying  : erlang-snmp-19.3.6.4-1.el7.x86_64                                     1/23 
  Verifying  : erlang-kernel-19.3.6.4-1.el7.x86_64                                   2/23 
  Verifying  : erlang-otp_mibs-19.3.6.4-1.el7.x86_64                                 3/23 
  Verifying  : erlang-xmerl-19.3.6.4-1.el7.x86_64                                    4/23 
  Verifying  : erlang-mnesia-19.3.6.4-1.el7.x86_64                                   5/23 
  Verifying  : erlang-runtime_tools-19.3.6.4-1.el7.x86_64                            6/23 
  Verifying  : erlang-syntax_tools-19.3.6.4-1.el7.x86_64                             7/23 
  Verifying  : erlang-asn1-19.3.6.4-1.el7.x86_64                                     8/23 
  Verifying  : erlang-tools-19.3.6.4-1.el7.x86_64                                    9/23 
  Verifying  : erlang-eldap-19.3.6.4-1.el7.x86_64                                   10/23 
  Verifying  : lksctp-tools-1.0.17-2.el7.x86_64                                     11/23 
  Verifying  : erlang-os_mon-19.3.6.4-1.el7.x86_64                                  12/23 
  Verifying  : erlang-sd_notify-1.0-2.el7.x86_64                                    13/23 
  Verifying  : erlang-public_key-19.3.6.4-1.el7.x86_64                              14/23 
  Verifying  : erlang-inets-19.3.6.4-1.el7.x86_64                                   15/23 
  Verifying  : erlang-hipe-19.3.6.4-1.el7.x86_64                                    16/23 
  Verifying  : erlang-compiler-19.3.6.4-1.el7.x86_64                                17/23 
  Verifying  : erlang-crypto-19.3.6.4-1.el7.x86_64                                  18/23 
  Verifying  : erlang-stdlib-19.3.6.4-1.el7.x86_64                                  19/23 
  Verifying  : rabbitmq-server-3.6.16-1.el7.noarch                                  20/23 
  Verifying  : erlang-erts-19.3.6.4-1.el7.x86_64                                    21/23 
  Verifying  : erlang-sasl-19.3.6.4-1.el7.x86_64                                    22/23 
  Verifying  : erlang-ssl-19.3.6.4-1.el7.x86_64                                     23/23 

Installed:
  rabbitmq-server.noarch 0:3.6.16-1.el7                                                   

Dependency Installed:
  erlang-asn1.x86_64 0:19.3.6.4-1.el7           erlang-compiler.x86_64 0:19.3.6.4-1.el7   
  erlang-crypto.x86_64 0:19.3.6.4-1.el7         erlang-eldap.x86_64 0:19.3.6.4-1.el7      
  erlang-erts.x86_64 0:19.3.6.4-1.el7           erlang-hipe.x86_64 0:19.3.6.4-1.el7       
  erlang-inets.x86_64 0:19.3.6.4-1.el7          erlang-kernel.x86_64 0:19.3.6.4-1.el7     
  erlang-mnesia.x86_64 0:19.3.6.4-1.el7         erlang-os_mon.x86_64 0:19.3.6.4-1.el7     
  erlang-otp_mibs.x86_64 0:19.3.6.4-1.el7       erlang-public_key.x86_64 0:19.3.6.4-1.el7 
  erlang-runtime_tools.x86_64 0:19.3.6.4-1.el7  erlang-sasl.x86_64 0:19.3.6.4-1.el7       
  erlang-sd_notify.x86_64 0:1.0-2.el7           erlang-snmp.x86_64 0:19.3.6.4-1.el7       
  erlang-ssl.x86_64 0:19.3.6.4-1.el7            erlang-stdlib.x86_64 0:19.3.6.4-1.el7     
  erlang-syntax_tools.x86_64 0:19.3.6.4-1.el7   erlang-tools.x86_64 0:19.3.6.4-1.el7      
  erlang-xmerl.x86_64 0:19.3.6.4-1.el7          lksctp-tools.x86_64 0:1.0.17-2.el7        

Complete!
#启动RabbitMQ消息队列
# 开机启动
[root@controller my.cnf.d]# systemctl enable rabbitmq-server
Created symlink from /etc/systemd/system/multi-user.target.wants/rabbitmq-server.service to /usr/lib/systemd/system/rabbitmq-server.service.
# 立即启动
[root@controller my.cnf.d]# systemctl start rabbitmq-server
# 设置用户和密码
# 创建一个名为“rabbitmq”的用户,密码为“RABBIT_PASS”
[root@rabbitmq ~]# rabbitmqctl add_user openstack RABBIT_PASS
Creating user "openstack"
# 修改openstack用户密码为000000
[root@rabbitmq ~]# rabbitmqctl change_password openstack 000000
Changing password for user "openstack"
# 管理用户权限
# 3个“.*”分别对应配置、写入、读取权。给openstack用户赋予对RabbitMQ所有资源的配置、写入与读取权限
[root@rabbitmq ~]# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
Setting permissions for user "openstack" in vhost "/"
#查看用户权限
[root@rabbitmq ~]# rabbitmqctl list_user_permissions openstack
Listing permissions for user "openstack"
/	.*	.*	.*

5.Memcached内存缓存服务

内存缓存(Memcached)是一个高性能的分布式内存对象缓存系统,能够存储各种格式的数据,包括图像、视频、文件,以及数据库检索的结果等
5.1安装memcached服务
# “memcached”是内存缓存服务软件,
# “python-memcached”是对该服务进行管理的接口程序软件
[root@rabbitmq ~]# yum install -y memcached python-memcached
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.aliyun.com
 * centos-ceph-nautilus: mirrors.bfsu.edu.cn
 * centos-nfs-ganesha28: mirrors.ustc.edu.cn
 * centos-openstack-train: mirrors.ustc.edu.cn
 * centos-qemu-ev: mirrors.ustc.edu.cn
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package memcached.x86_64 0:1.5.6-1.el7 will be installed
--> Processing Dependency: libevent-2.0.so.5()(64bit) for package: memcached-1.5.6-1.el7.x86_64
---> Package python-memcached.noarch 0:1.58-1.el7 will be installed
--> Running transaction check
---> Package libevent.x86_64 0:2.0.21-4.el7 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================================
 Package                Arch         Version              Repository                    Size
=============================================================================================
Installing:
 memcached              x86_64       1.5.6-1.el7          centos-openstack-train       124 k
 python-memcached       noarch       1.58-1.el7           centos-ceph-nautilus          38 k
Installing for dependencies:
 libevent               x86_64       2.0.21-4.el7         base                         214 k

Transaction Summary
=============================================================================================
Install  2 Packages (+1 Dependent package)

Total download size: 376 k
Installed size: 1.1 M
Downloading packages:
(1/3): python-memcached-1.58-1.el7.noarch.rpm                         |  38 kB  00:00:00     
(2/3): memcached-1.5.6-1.el7.x86_64.rpm                               | 124 kB  00:00:00     
(3/3): libevent-2.0.21-4.el7.x86_64.rpm                               | 214 kB  00:00:01     
---------------------------------------------------------------------------------------------
Total                                                        367 kB/s | 376 kB  00:00:01     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : libevent-2.0.21-4.el7.x86_64                                              1/3 
  Installing : memcached-1.5.6-1.el7.x86_64                                              2/3 
  Installing : python-memcached-1.58-1.el7.noarch                                        3/3 
  Verifying  : python-memcached-1.58-1.el7.noarch                                        1/3 
  Verifying  : libevent-2.0.21-4.el7.x86_64                                              2/3 
  Verifying  : memcached-1.5.6-1.el7.x86_64                                              3/3 

Installed:
  memcached.x86_64 0:1.5.6-1.el7             python-memcached.noarch 0:1.58-1.el7            

Dependency Installed:
  libevent.x86_64 0:2.0.21-4.el7                                                             

Complete!
# 安装完成后,系统将自动创建名为“memcached”的用户
[root@rabbitmq ~]# cat /etc/passwd | grep memcached
memcached:x:995:993:Memcached daemon:/run/memcached:/sbin/nologin

5.2配置内存缓存服务
Memcached的配置文件为/etc/sysconfig/memcached
[root@rabbitmq ~]# vi /etc/sysconfig/memcached 
[root@rabbitmq ~]# cat /etc/sysconfig/memcached
PORT="11211"        # 服务端口
USER="memcached"    # 用户名
MAXCONN="1024"      # 允许的最大连接数
CACHESIZE="64"      # 最大的缓存大小
OPTIONS="-l 127.0.0.1,::1,192.168.100.131"     # 监听地址(默认监听本地)
5.3启动内存缓存服务
# 开机启动
[root@rabbitmq ~]# systemctl enable memcached
Created symlink from /etc/systemd/system/multi-user.target.wants/memcached.service to /usr/lib/systemd/system/memcached.service.
# 立即启动
[root@rabbitmq ~]# systemctl start memcached
# 检查服务是否启动
[root@rabbitmq ~]# netstat -tnlup | grep memcached
tcp        0      0 192.168.100.131:11211   0.0.0.0:*               LISTEN      9988/memcached      
tcp        0      0 127.0.0.1:11211         0.0.0.0:*               LISTEN      9988/memcached      
tcp6       0      0 ::1:11211               :::*                    LISTEN      9988/memcached      

6.etcd分布式键值对存储系统

etcd是一个开源项目,它的目标是构建一个高可用的分布式键-值(Key-Value)数据库用于配置共享和服务发现。
这个软件的作用类似于分布式系统中“/etc”目录的功能,即存储大规模分布式系统的配置信息。
6.1安装配置
[root@rabbitmq ~]# yum install -y etcd
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.aliyun.com
 * centos-ceph-nautilus: ftp.sjtu.edu.cn
 * centos-nfs-ganesha28: mirrors.ustc.edu.cn
 * centos-openstack-train: mirrors.ustc.edu.cn
 * centos-qemu-ev: mirrors.ustc.edu.cn
 * extras: mirrors.aliyun.com
 * updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package etcd.x86_64 0:3.3.11-2.el7.centos will be installed
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================================
 Package         Arch              Version                           Repository         Size
=============================================================================================
Installing:
 etcd            x86_64            3.3.11-2.el7.centos               extras             10 M

Transaction Summary
=============================================================================================
Install  1 Package

Total download size: 10 M
Installed size: 45 M
Downloading packages:
etcd-3.3.11-2.el7.centos.x86_64.rpm                                   |  10 MB  00:00:35     
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : etcd-3.3.11-2.el7.centos.x86_64                                           1/1 
  Verifying  : etcd-3.3.11-2.el7.centos.x86_64                                           1/1 

Installed:
  etcd.x86_64 0:3.3.11-2.el7.centos                                                          

Complete!

# 备份配置文件
[root@rabbitmq ~]# cp /etc/etcd/etcd.conf /etc/etcd/etcd.conf.bak
# 修改配置
[root@rabbitmq ~]# vi /etc/etcd/etcd.conf
[root@rabbitmq ~]# cat /etc/etcd/etcd.conf
ETCD_LISTEN_PEER_URLS="http://192.168.100.131:2380"
ETCD_LISTEN_CLIENT_URLS="http://192.168.100.131:2379,http://127.0.0.1:2379"
ETCD_NAME="controller"
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.100.131:2380"
ETCD_ADVERTISE_CLIENT_URLS="http://192.168.100.131:2379"
ETCD_INITIAL_CLUSTER="controller=http://192.168.100.131:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"
ETCD_INITIAL_CLUSTER_STATE="new"

# 设置启动服务,启动服务,检查运行
[root@rabbitmq ~]# systemctl enable etcd
[root@rabbitmq ~]# systemctl start etcd
[root@rabbitmq ~]# netstat -tnlup| grep etcd
tcp        0      0 192.168.100.131:2379    0.0.0.0:*               LISTEN      10571/etcd          
tcp        0      0 127.0.0.1:2379          0.0.0.0:*               LISTEN      10571/etcd          
tcp        0      0 192.168.100.131:2380    0.0.0.0:*               LISTEN      10571/etcd  

三、集群配置

1.1克隆计算节点和配置计算节点

# 修改网络配置
[root@controller ~]# cd /etc/sysconfig/network-scripts/
# 生产新的uuid
[root@controller network-scripts]# uuidgen >> ifcfg-ens33

# 修改ifcfg-ens33配置
NAME=ens33
UUID=80d04405-642e-41f6-aa31-a33b79b92ca4        # 将新生成的uuid放这里替换
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.100.132       # 修改网卡地址
NETMASK=255.255.255.0
GATEWAY=192.168.100.2
DNS1=114.114.114.114
DNS2=8.8.8.8

# 重启网络
[root@controller network-scripts]# systemctl restart network
# 更改计算节点主机名
[root@rabbitmq ~]# hostnamectl set-hostname compute
[root@rabbitmq ~]# bash
1.2域名解析配置
# 修改控制节点本地域名解析
[root@controller ~]#  echo '192.168.100.132   compute' >> /etc/hosts
[root@controller ~]# ping compute
PING compute (192.168.100.132) 56(84) bytes of data.
64 bytes from compute (192.168.100.132): icmp_seq=1 ttl=64 time=0.496 ms
64 bytes from compute (192.168.100.132): icmp_seq=2 ttl=64 time=0.385 ms
^C
--- compute ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.385/0.440/0.496/0.059 ms
# 修改计算节点本地域名解析
[root@compute ~]# echo '192.168.100.132   compute' >> /etc/hosts
[root@compute ~]# ping controller
PING mq (192.168.100.131) 56(84) bytes of data.
64 bytes from mq (192.168.100.131): icmp_seq=1 ttl=64 time=0.178 ms
64 bytes from mq (192.168.100.131): icmp_seq=2 ttl=64 time=0.246 ms
^C
--- mq ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.178/0.212/0.246/0.034 ms

1.3搭建本地软件仓库

不能访问外网的环境,需要搭建本地的YUM源。
没必要在每台机器上都配置同样的软件仓库,可以选择共享的方式为其他主机提供服务。
在控制节点配置YUM源,并搭建文件传输服务器为其他的计算节点提供服务。
1.3.1在控制节点配置YUM源
# 1.上传openStack-train.iso文件到/opt目录下
[root@controller opt]# ls
openStack-train.iso
# 2.将镜像文件挂载到文件夹中,即可访问镜像文件内容
[root@controller opt]# mkdir openstack
# 挂载命令:将镜像文件挂载到/opt/openstack
[root@controller opt]# mount openStack-train.iso openstack/
mount: /dev/loop0 is write-protected, mounting read-only
[root@controller opt]# df -H
Filesystem               Size  Used Avail Use% Mounted on
devtmpfs                 942M     0  942M   0% /dev
tmpfs                    954M     0  954M   0% /dev/shm
tmpfs                    954M  9.9M  944M   2% /run
tmpfs                    954M     0  954M   0% /sys/fs/cgroup
/dev/mapper/centos-root   29G   20G  9.1G  69% /
/dev/sda1                1.1G  196M  868M  19% /boot
tmpfs                    191M     0  191M   0% /run/user/0
/dev/loop0                17G   17G     0 100% /opt/openstack
# 3.备份原有的yum的配置文件
[root@controller opt]#  cd /etc/yum.repos.d/
[root@controller yum.repos.d]# ls
CentOS-Base.repo           CentOS-Media.repo            CentOS-Storage-common.repo
CentOS-Ceph-Nautilus.repo  CentOS-NFS-Ganesha-28.repo   CentOS-Vault.repo
CentOS-CR.repo             CentOS-OpenStack-train.repo  CentOS-x86_64-kernel.repo
CentOS-Debuginfo.repo      CentOS-QEMU-EV.repo          repo.bak
CentOS-fasttrack.repo      CentOS-Sources.repo
# 将阿里源改名,避免覆盖官方源备份
[root@controller yum.repos.d]# mv CentOS-Base.repo CentOS-ALIBABA-Base.repo
# 移动repo文件到备份目录
[root@controller yum.repos.d]# mv -f *.repo repo.bak/
# 4.编写本地YUM源文件,指向本地文件
[root@controller yum.repos.d]# vi OpenStack.repo
[root@controller yum.repos.d]# cat OpenStack.repo 
[base]
name=base
baseurl=file:///opt/openstack/base/     
enable=1                         
gpgcheck=0 
[extras]
name=extras
baseurl=file:///opt/openstack/extras/   
enable=1                         
gpgcheck=0 
[updates]
name=updates
baseurl=file:///opt/openstack/updates/ 
enable=1                         
gpgcheck=0 
[train]
name=train
baseurl=file:///opt/openstack/train/
enable=1                         
gpgcheck=0
[virt]
name=virt
baseurl=file:///opt/openstack/virt/
enable=1                         
gpgcheck=0 
# 5.清除原有的YUM源缓存并重建缓存
[root@controller yum.repos.d]# yum clean all
Loaded plugins: fastestmirror
Cleaning repos: base extras train updates virt
Cleaning up list of fastest mirrors
Other repos take up 11 M of disk space (use --verbose for details)
[root@controller yum.repos.d]# yum makecache
Loaded plugins: fastestmirror
Determining fastest mirrors
base                                                                  | 2.9 kB  00:00:00     
extras                                                                | 2.9 kB  00:00:00     
train                                                                 | 2.9 kB  00:00:00     
updates                                                               | 2.9 kB  00:00:00     
virt                                                                  | 2.9 kB  00:00:00     
(1/15): base/filelists_db                                             | 7.0 MB  00:00:00     
(2/15): base/primary_db                                               | 6.0 MB  00:00:00     
(3/15): extras/filelists_db                                           | 259 kB  00:00:00     
(4/15): base/other_db                                                 | 2.5 MB  00:00:00     
(5/15): extras/primary_db                                             | 241 kB  00:00:00     
(6/15): extras/other_db                                               | 145 kB  00:00:00     
(7/15): train/filelists_db                                            | 3.6 MB  00:00:00     
(8/15): train/primary_db                                              | 1.2 MB  00:00:00     
(9/15): train/other_db                                                | 465 kB  00:00:00     
(10/15): updates/filelists_db                                         | 6.5 MB  00:00:00     
(11/15): updates/primary_db                                           |  14 MB  00:00:00     
(12/15): updates/other_db                                             | 914 kB  00:00:00     
(13/15): virt/primary_db                                              |  56 kB  00:00:00     
(14/15): virt/filelists_db                                            |  14 kB  00:00:00     
(15/15): virt/other_db                                                |  45 kB  00:00:00     
Metadata Cache Created
[root@controller yum.repos.d]# yum repolist
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
repo id                                    repo name                                   status
base                                       base                                        10,039
extras                                     extras                                         500
train                                      train                                        3,168
updates                                    updates                                      3,182
virt                                       virt                                            63
repolist: 16,952
# 长期挂载,避免重启丢失,在最后添加如下内容
/opt/openStack-train.iso  /opt/openstack/   iso9660  defaults,loop  0   0
1.3.2控制节点配置FTP服务器
控制节点上已经有了本地YUM源文件,搭建一个FTP服务器,共享软件仓库为计算节点提供服务.
# 1.安装FTP服务
[root@controller yum.repos.d]# yum install -y vsftpd
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check
---> Package vsftpd.x86_64 0:3.0.2-29.el7_9 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

=============================================================================================
 Package            Arch               Version                     Repository           Size
=============================================================================================
Installing:
 vsftpd             x86_64             3.0.2-29.el7_9              updates             173 k

Transaction Summary
=============================================================================================
Install  1 Package

Total download size: 173 k
Installed size: 353 k
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : vsftpd-3.0.2-29.el7_9.x86_64                                              1/1 
  Verifying  : vsftpd-3.0.2-29.el7_9.x86_64                                              1/1 

Installed:
  vsftpd.x86_64 0:3.0.2-29.el7_9                                                             

Complete!
# 2.配置FTP主目录为软件仓库目录:添加如下信息
[root@controller yum.repos.d]# echo 'anon_root=/opt' >> /etc/vsftpd/vsftpd.conf

# 3.启动FTP服务
[root@controller yum.repos.d]# systemctl start vsftpd
[root@controller yum.repos.d]# systemctl enable vsftpd
Created symlink from /etc/systemd/system/multi-user.target.wants/vsftpd.service to /usr/lib/systemd/system/vsftpd.service.
1.3.3计算节点配置YUM源
修改yum配置文件,将YUM源指向控制节点FTP服务器的软件仓库。
# 1.备份YUM配置文件
[root@compute ~]#  cd /etc/yum.repos.d/
[root@compute yum.repos.d]# mv CentOS-Base.repo CentOS-ALIBABA-Base.repo   # 改名
[root@compute yum.repos.d]# mv -f *.repo repo.bak/    # 迁移到备份目录

# 2.从控制节点传输配置文件
[root@compute yum.repos.d]# scp root@controller:/etc/yum.repos.d/OpenStack.repo OpenStack.repo
The authenticity of host 'controller (192.168.100.131)' can't be established.
ECDSA key fingerprint is SHA256:PBtGVMglru206eEDbi9G1WgfQEtCgE78HO8doBP7hl4.
ECDSA key fingerprint is MD5:0e:4f:4f:70:7f:5f:1f:a2:a2:78:4f:37:a4:b3:fa:86.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'controller,192.168.100.131' (ECDSA) to the list of known hosts.
root@controller's password: 
OpenStack.repo                                             100%  521   349.7KB/s   00:00    
# 3.编辑YUM源文件
[root@compute yum.repos.d]# vi OpenStack.repo 
[root@compute yum.repos.d]# cat OpenStack.repo
[base]
name=base
baseurl=ftp://controller/openstack/base/     
enable=1                         
gpgcheck=0 
[extras]
name=extras
baseurl=ftp://controller/openstack/extras/   
enable=1                         
gpgcheck=0 
[updates]
name=updates
baseurl=ftp://controller/openstack/updates/ 
enable=1                         
gpgcheck=0 
[train]
name=train
baseurl=ftp://controller/openstack/train/
enable=1                         
gpgcheck=0
[virt]
name=virt
baseurl=ftp://controller/openstack/virt/
enable=1                         
gpgcheck=0 
# 4.清除原有的YUM源缓存并重建缓存
[root@compute yum.repos.d]# yum clean all && yum makecache
Loaded plugins: fastestmirror
Cleaning repos: base extras train updates virt
Cleaning up list of fastest mirrors
Other repos take up 11 M of disk space (use --verbose for details)
Loaded plugins: fastestmirror
Determining fastest mirrors
base                                                                  | 2.9 kB  00:00:00     
extras                                                                | 2.9 kB  00:00:00     
train                                                                 | 2.9 kB  00:00:00     
updates                                                               | 2.9 kB  00:00:00     
virt                                                                  | 2.9 kB  00:00:00     
(1/15): base/filelists_db                                             | 7.0 MB  00:00:00     
(2/15): base/primary_db                                               | 6.0 MB  00:00:00     
(3/15): base/other_db                                                 | 2.5 MB  00:00:00     
(4/15): extras/filelists_db                                           | 259 kB  00:00:00     
(5/15): extras/primary_db                                             | 241 kB  00:00:00     
(6/15): extras/other_db                                               | 145 kB  00:00:00     
(7/15): train/filelists_db                                            | 3.6 MB  00:00:00     
(8/15): train/other_db                                                | 465 kB  00:00:00     
(9/15): train/primary_db                                              | 1.2 MB  00:00:00     
(10/15): updates/primary_db                                           |  14 MB  00:00:00     
(11/15): updates/filelists_db                                         | 6.5 MB  00:00:00     
(12/15): updates/other_db                                             | 914 kB  00:00:00     
(13/15): virt/filelists_db                                            |  14 kB  00:00:00     
(14/15): virt/other_db                                                |  45 kB  00:00:00     
(15/15): virt/primary_db                                              |  56 kB  00:00:00     
Metadata Cache Created
1.4局域网时间同步
实现控制节点和计算节点的时间同步,控制节点作为时间同步系统服务端,计算节点作为客户端。
# 1.配置控制节点为NTP时间服务器
[root@controller yum.repos.d]# vi /etc/chrony.conf

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst
server ntp.aliyun.com iburst

# Record the rate at which the system clock gains/losses time.
driftfile /var/lib/chrony/drift

# Allow the system clock to be stepped in the first three updates
# if its offset is larger than 1 second.
makestep 1.0 3

# Enable kernel synchronization of the real-time clock (RTC).
rtcsync

# Enable hardware timestamping on all interfaces that support it.
#hwtimestamp *

# Increase the minimum number of selectable sources required to adjust
# the system clock.
#minsources 2

# Allow NTP client access from local network.
allow 192.168.100.0/24

# Serve time even if not synchronized to a time source.
#local stratum 10

# Specify file containing keys for NTP authentication.
#keyfile /etc/chrony.keys

# Specify directory for log files.
logdir /var/log/chrony

# Select which information is logged.
#log measurements statistics tracking

# 2.配置计算节点时间同步
[root@compute yum.repos.d]# vi /etc/chrony.conf

# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst
server controller iburst

# Record the rate at which the system clock gains/losses time.
driftfile /var/lib/chrony/drift

# Allow the system clock to be stepped in the first three updates
# if its offset is larger than 1 second.
makestep 1.0 3

# Enable kernel synchronization of the real-time clock (RTC).
rtcsync

# Enable hardware timestamping on all interfaces that support it.
#hwtimestamp *

# Increase the minimum number of selectable sources required to adjust
# the system clock.
#minsources 2

# Allow NTP client access from local network.
allow 192.168.100.0/24

# Serve time even if not synchronized to a time source.
#local stratum 10

# 3.重启时间同步服务让配置生效
[root@controller yum.repos.d]# systemctl restart chronyd
[root@compute yum.repos.d]# systemctl restart chronyd
# 4.检查时间同步状态
[root@compute yum.repos.d]# chronyc sources
210 Number of sources = 5
MS Name/IP address         Stratum Poll Reach LastRx Last sample               
===============================================================================
^- time.cloudflare.com           3   6    17    19   -448us[-1237us] +/-  102ms
^- ntp6.flashdance.cx            2   6    17    16  -2052us[-2052us] +/-  172ms
^+ 119.28.206.193                2   6    17    19    +52us[ -738us] +/-   44ms
^* time.neu.edu.cn               1   6    17    20   +368us[ -421us] +/-   16ms
^- mq                            3   6    17    16   -629us[ -629us] +/-   26ms
[root@compute yum.repos.d]# date
Thu Apr 13 16:36:22 CST 2023
[root@controller yum.repos.d]# date
Thu Apr 13 16:36:29 CST 2023

四、keystone组件部署

只在控制节点操作,建议操作前给控制节点拍摄快照。
# 1.安装keystone软件包
# wsgi:使web服务器支持WSGI的插件
# httpd:Apache软件包
# openstack-keystone:keystone的软件包
[root@controller yum.repos.d]# yum install -y openstack-keystone httpd mod_wsgi
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Resolving Dependencies
--> Running transaction check

.....
  python2-cachetools.noarch 0:3.1.0-1.el7                                                    
  python2-crypto.x86_64 0:2.6.1-15.el7                                                       
  python2-defusedxml.noarch 0:0.5.0-2.el7                                                    
  python2-eventlet.noarch 0:0.25.1-1.el7                                                     
  python2-fasteners.noarch 0:0.14.1-6.el7                                                    
  python2-flask.noarch 1:1.0.2-1.el7                                                         
  python2-flask-restful.noarch 0:0.3.6-7.el7                                                 
  python2-future.noarch 0:0.16.0-4.el7                                                       
  python2-futurist.noarch 0:1.9.0-2.el7                                                      
  python2-greenlet.x86_64 0:0.4.12-1.el7                                                     
  python2-itsdangerous.noarch 0:0.24-14.el7                                                  
  python2-jinja2.noarch 0:2.10.1-1.el7                                                       
  python2-jwt.noarch 0:1.6.1-1.el7                                                           
  python2-keystone.noarch 1:16.0.2-1.el7                                                     
  python2-keystonemiddleware.noarch 0:7.0.1-2.el7                                            
  python2-kombu.noarch 1:4.6.3-3.el7                                                         
  python2-ldap.x86_64 0:3.1.0-1.el7                                                          
  python2-ldappool.noarch 0:2.4.0-2.el7                                                      
  python2-oauthlib.noarch 0:2.0.1-8.el7                                                      
  python2-oslo-cache.noarch 0:1.37.1-1.el7                                                   
  python2-oslo-concurrency.noarch 0:3.30.1-1.el7                                             
  python2-oslo-db.noarch 0:5.0.2-2.el7                                                       
  python2-oslo-messaging.noarch 0:10.2.4-1.el7                                               
  python2-oslo-middleware.noarch 0:3.38.1-2.el7                                              
  python2-oslo-policy.noarch 0:2.3.4-1.el7                                                   
  python2-oslo-service.noarch 0:1.40.2-2.el7                                                 
  python2-oslo-upgradecheck.noarch 0:0.3.2-1.el7                                             
  python2-osprofiler.noarch 0:2.8.2-1.el7                                                    
  python2-passlib.noarch 0:1.7.0-4.el7                                                       
  python2-pyasn1.noarch 0:0.3.7-6.el7                                                        
  python2-pyasn1-modules.noarch 0:0.3.7-6.el7                                                
  python2-pycadf.noarch 0:2.10.0-2.el7                                                       
  python2-pysaml2.noarch 0:4.6.5-1.el7                                                       
  python2-qpid-proton.x86_64 0:0.26.0-2.el7                                                  
  python2-scrypt.x86_64 0:0.8.0-2.el7                                                        
  python2-sqlalchemy.x86_64 0:1.2.17-2.el7                                                   
  python2-statsd.noarch 0:3.2.1-5.el7                                                        
  python2-vine.noarch 0:1.2.0-2.el7                                                          
  python2-webob.noarch 0:1.8.5-1.el7                                                         
  python2-werkzeug.noarch 0:0.14.1-3.el7                                                     
  python2-yappi.x86_64 0:1.0-1.el7                                                           
  qpid-proton-c.x86_64 0:0.26.0-2.el7                                                        

Complete!
# 查看keystone用户信息
[root@controller yum.repos.d]# cat /etc/passwd | grep keystone
keystone:x:163:163:OpenStack Keystone Daemons:/var/lib/keystone:/sbin/nologin
# 查看keystone用户组
[root@controller yum.repos.d]#  cat /etc/group | grep keystone
keystone:x:163:
# 2.创建keystone的数据库并授权
[root@controller yum.repos.d]# mysql -uroot -p
Enter password: 
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 12
Server version: 10.3.20-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
# 创建数据库
MariaDB [(none)]> CREATE DATABASE keystone;
Query OK, 1 row affected (0.007 sec)
# 授权本地登录keystone用户
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'qwerty';
Query OK, 0 rows affected (0.009 sec)
# 授权任意远程主机登录keystone用户
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'qwerty';
Query OK, 0 rows affected (0.000 sec)
# 退出数据库
MariaDB [(none)]> quit
Bye
# 3.修改keystone配置文件
[root@controller ~]# vi /etc/keystone/keystone.conf 
# 找到[database] 部分,加入如下内容,配置数据库连接信息
connection=mysql+pymysql://keystone:000000@controller/keystone    
# 找到[token] 部分,解开注释,配置令牌的加密方式
provider = fernet
# 4.初始化keytone数据库
# 同步数据库
# su keytone:表示切换到keytone用户
# '-s /bin/sh':表示指定使用什么编译器来执行命令
# '-c':表示具体执行的命令
[root@controller ~]# su keystone -s /bin/sh -c "keystone-manage db_sync"
# 检查数据库
[root@controller ~]# mysql -uroot -p
Enter password: 
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 14
Server version: 10.3.20-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> use keystone;
Database changed
MariaDB [keystone]> show tables;
Empty set (0.000 sec)

MariaDB [keystone]> quit;
Bye
1.2keystone组件初始化
keystone安装后,需要为keystone初始化密钥库、初始化用户身份认证信息、初始化服务....
# 1.初始化Fernet密钥库
[root@controller ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone

# 执行命令后创建/etc/keystone/fernet-keys,并在目录中生成两个fernet密钥,分别用于加密和解密
[root@controller ~]# cd /etc/keystone/fernet-keys
[root@controller fernet-keys]# pwd
/etc/keystone/fernet-keys
[root@controller fernet-keys]# du -sh *
4.0K	0
4.0K	1
[root@controller fernet-keys]#  keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
# 执行命令后创建/etc/keystone/credential-keys目录,生成两个fetnet密钥,用于加密/解密用户凭证
[root@controller fernet-keys]# cd /etc/keystone/credential-keys
[root@controller credential-keys]# pwd
/etc/keystone/credential-keys
[root@controller credential-keys]# du -sh *
4.0K	0
4.0K	1
# 2.初始化用户身份认证信息
# openstack默认有一个admin用户,还没有对应的密码等登录所必须的信息。使用 `keystone-manage bootstrap` 初始化登录凭证。
[root@controller credential-keys]# keystone-manage bootstrap --bootstrap-password 000000 \
> --bootstrap-admin-url http://controller:5000/v3 \
> --bootstrap-internal-url http://controller:5000/v3 \
> --bootstrap-public-url http://controller:5000/v3 \
> --bootstrap-region-id RegionOne
设置区域ID
# 命令执行后,keystone数据库中就已经存放了登录需要的验证信息。

# 3.配置web服务
# (1)给apache增加wsgi支持
# 将wsgi-keystone.conf文件软链接到'/etc/httpd/conf.d/目录',作为apache的配置文件
[root@controller credential-keys]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
[root@controller credential-keys]# ls /etc/httpd/conf.d/
autoindex.conf  README  userdir.conf  welcome.conf  wsgi-keystone.conf
# (2)修改apache服务器配置并启动
[root@controller credential-keys]# vi /etc/httpd/conf/httpd.conf
# 修改为web服务所在的IP地址或域名
96 ServerName controller
# (3)启动apache
[root@controller credential-keys]# systemctl start httpd
[root@controller credential-keys]# systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
1.3模拟登录验证
通过环境变量可以出传送用户名和密码等凭证给keystone,再由它验证。
# 创建一个文件存储身份凭证
[root@controller credential-keys]# vi admin-login
[root@controller credential-keys]# cat admin-login
export OS_USERNAME=admin
export OS_PASSWORD=000000
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
# 导入环境变量
[root@controller credential-keys]# source admin-login
# 查看现有环境信息
[root@controller credential-keys]# export -p
declare -x HADOOP_HOME="/usr/local/src/hadoop"
declare -x HISTCONTROL="ignoredups"
declare -x HISTSIZE="1000"
declare -x HOME="/root"
declare -x HOSTNAME="controller"
declare -x JAVA_HOME="/usr/local/src/jdk"
declare -x LANG="en_US.UTF-8"
declare -x LESSOPEN="||/usr/bin/lesspipe.sh %s"
declare -x LOGNAME="root"
declare -x LS_COLORS="rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arc=01;31:*.arj=01;31:*.taz=01;31:*.lha=01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.tzo=01;31:*.t7z=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lrz=01;31:*.lz=01;31:*.lzo=01;31:*.xz=01;31:*.bz2=01;31:*.bz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.alz=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.cab=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.webm=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=01;36:*.au=01;36:*.flac=01;36:*.mid=01;36:*.midi=01;36:*.mka=01;36:*.mp3=01;36:*.mpc=01;36:*.ogg=01;36:*.ra=01;36:*.wav=01;36:*.axa=01;36:*.oga=01;36:*.spx=01;36:*.xspf=01;36:"
declare -x MAIL="/var/spool/mail/root"
declare -x OLDPWD="/etc/keystone/fernet-keys"
declare -x OS_AUTH_URL="http://controller:5000/v3"
declare -x OS_IDENTITY_API_VERSION="3"
declare -x OS_IMAGE_API_VERSION="2"
declare -x OS_PASSWORD="000000"
declare -x OS_PROJECT_DOMAIN_NAME="Default"
declare -x OS_PROJECT_NAME="admin"
declare -x OS_USERNAME="admin"
declare -x OS_USER_DOMAIN_NAME="Default"
declare -x PATH="/usr/local/src/jdk/bin:/usr/local/src/hadoop/bin:/usr/local/src/hadoop/sbin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin"
declare -x PWD="/etc/keystone/credential-keys"
declare -x SHELL="/bin/bash"
declare -x SHLVL="1"
declare -x SSH_CLIENT="192.168.100.1 13182 22"
declare -x SSH_CONNECTION="192.168.100.1 13182 192.168.100.131 22"
declare -x SSH_TTY="/dev/pts/0"
declare -x TERM="xterm"
declare -x USER="root"
declare -x XDG_RUNTIME_DIR="/run/user/0"
declare -x XDG_SESSION_ID="4"
1.4检测keystone服务
openstack平台所有对组件的操作都需要keystone认证才能进行,能执行openstack管理命令,说明keystone服务正常。
# 在default域创建名为 'project' 的项目
[root@controller credential-keys]# openstack project create --domain default project
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description |                                  |
| domain_id   | default                          |
| enabled     | True                             |
| id          | e3a549077f354998aa1a75677cfde62e |
| is_domain   | False                            |
| name        | project                          |
| options     | {}                               |
| parent_id   | default                          |
| tags        | []                               |
+-------------+----------------------------------+
# 查看现有项目列表
[root@controller ~]# openstack project list
+----------------------------------+---------+
| ID                               | Name    |
+----------------------------------+---------+
| 4188570a34464b938ed3fa7e08681df8 | admin   |
| e3a549077f354998aa1a75677cfde62e | project |
+----------------------------------+---------+

# 创建名为user的角色
[root@controller ~]# openstack role create user
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | None                             |
| domain_id   | None                             |
| id          | 700ec993d3cf456fa591c03e72f37856 |
| name        | user                             |
| options     | {}                               |
+-------------+----------------------------------+

# 查看当前角色列表
[root@controller ~]# openstack role list
+----------------------------------+--------+
| ID                               | Name   |
+----------------------------------+--------+
| 47670bbd6cc1472ab42db560637c7ebe | reader |
| 5eee0910aeb844a1b82f48100da7adc9 | admin  |
| 700ec993d3cf456fa591c03e72f37856 | user   |
| bc2c8147bbd643629a020a6bd9591eca | member |
+----------------------------------+--------+

# 查看现有域列表
[root@controller ~]# openstack domain list
+---------+---------+---------+--------------------+
| ID      | Name    | Enabled | Description        |
+---------+---------+---------+--------------------+
| default | Default | True    | The default domain |
+---------+---------+---------+--------------------+

# 查看现有用户列表
[root@controller ~]# openstack user list
+----------------------------------+-------+
| ID                               | Name  |
+----------------------------------+-------+
| f4f16d960e0643d7b5a35db152c87dae | admin |
+----------------------------------+-------+

标签:00,x86,centos,部署,64,openstack,erlang,el7
From: https://www.cnblogs.com/shuangmu668/p/17533064.html

相关文章

  • 在centos8中源码部署LAMP
    源码部署LAMP一、安装httpd在官网下载安装包http://archive.apache.org/[root@localhost~]#wgethttp://archive.apache.org/dist/apr/apr-1.7.4.tar.gz[root@localhost~]#wgethttp://archive.apache.org/dist/apr/apr-util-1.6.3.tar.gz[root@localhost~]#wgethttp:......
  • 使用docker-compose部署mysql单节点
    前提条件:确保服务器都安装了docker以及docker-compose服务......
  • 大数据平台及组件安装部署
    大数据平台及组件安装部署实验一:Hadoop全分布部署实验任务一:Hadoop集群验证分布式集群搭建完成后,根据Hadoop两大核心组成,可以通过监测这HDFS分布式文件系统和MapReduce来完成监测工作,通过以下步骤完成Hadoop集群测试:(1)初始化集群,使用Hadoop命令启动集群。(2)使......
  • docker 部署redis 主从
    创建数据目录cd/mnt&&mkdirredis-cluster&&cdredis-cluster&&mkdir-p6380/conf6381/conf6382/conf创建配置文件[root@localhostredis-cluster]#vim6380/conf/redis.conf[root@localhostredis-cluster]#vim6381/conf/redis.conf[root@l......
  • Rocky Linux 9 Minio 单机 Docker 部署
    1、DockerCE安装参考:https://www.cnblogs.com/a120608yby/p/9883175.html2、DockerCompose安装参考:https://www.cnblogs.com/a120608yby/p/14582853.html3、Minio部署#vimdocker-compose.ymlversion:'3.7'x-minio-common:&minio-commonimage:qua......
  • 前端打包的dist文件 怎么用nginx 在 Windows 部署
    ​  要在Windows上使用Nginx部署前端打包的dist文件,您可以按照以下步骤进行操作:下载Nginx:首先,您需要从Nginx官方网站(https://nginx.org/)下载适用于Windows的Nginx安装程序,并将其安装到您的计算机上。配置Nginx:安装完成后,在Nginx的安装目录中找到nginx.......
  • 前端打包的dist文件 怎么用nginx 在 Windows 部署
    ​  要在Windows上使用Nginx部署前端打包的dist文件,您可以按照以下步骤进行操作:下载Nginx:首先,您需要从Nginx官方网站(https://nginx.org/)下载适用于Windows的Nginx安装程序,并将其安装到您的计算机上。配置Nginx:安装完成后,在Nginx的安装目录中找到nginx.......
  • docker 部署 MySQL 一主多从
    服务器规划:使用docker方式创建,主从服务器IP一致,端口号不一致,密码都设置为123456主服务器:容器名mysql-master,端口3306从服务器:容器名mysql-slave1,端口3307从服务器:容器名mysql-slave2,端口33081、部署主服务器dockerrun-d\-p3306:3306\-v/xk857/mysql/master/conf:/......
  • ZLmediakit集群部署
    1简单理解2如何简单部署测试2.1:我在10.1.1.1的机器上有拉IPC-A摄像头的数据源;这个摄像头通过部署在10.1.1.1上的ZLM去拉,转协议RTSP的地址是rtsp://10.1.1.1:554/rtp/stream_12.2:我本地(127.0.0.1)启动ZLM服务,通过VLC拉stream1:此时肯定是找不到的,因为我本地就没有叫stream_1......
  • php代码部署到独立主机(服务器)
    一,访问主机ssh二,上传文件到主机(服务器) 部署php文件 ......