一：搭建前准备工作

1. 基础环境配置 ``` controller节点

1.修改主机名

hostnamectl set-hostname controller

2.主机名映射 vi /etc/hosts 192.168.44.10 controller 192.168.44.20 compute #插入以上两行ip根据实际情况而定

3.关闭防火墙并设置开机不启动

systemctl stop firewalld

systemctl disable firewalld

4.设置selinux vi /etc/selinux/config SELINUX=disabled

compute节点 与controller节点相同，但更改主机名要为compute

2. **镜像挂载**

镜像挂载在controller节点做 1.创建用来挂载镜像的位置 [root@controller ~]# mkdir /opt/centos
[root@controller ~]# mkdir /opt/openstack

2.挂载镜像 [root@controller ~]# mount -o loop CentOS-7-x86_64-DVD-1804.iso /home/ [root@controller ~]# cp -rvf /home/ /opt/centos/ [root@controller ~]# umount /home/
[root@controller ~]# mount chinaskills_cloud_iaas.iso /home/
[root@controller ~]# cp -rvf /home/ /opt/openstack

3. **Yum源配置**

controller节点：

1.由于是http模式所以下载httpd服务

yum install -y httpd

2.在httpd的/var/www/html/下创建centos,openstack目录

cd /var/www/html

mkdir centos

mkdir openstack

3.将文件拷贝到创建的两个目录中

cp -rvf /opt/centos/* /centos

cp -rvf /opt/openstack/* /openstack

4.给众多rpm包建立索引，描述各包所需依赖信息，并形成元数据

yum install -y createrepo

createrepo /var/www/html/centos

createrepo /var/www/html/openstack

5.重启httpd服务

systemctl restart httpd

6.通过浏览器访问查看情况

7.编写repo文件

cd /etc/yum.repos.d/

mkdir back

mv C* back

vi http.repo

[centos] name=centos baseurl=http://192.168.44.10/centos #ip为controller的ip gpgcheck=0 enabled=1 [openstack] name=openstack baseurl=http://192.168.44.10/openstack/iaas-repo gpgcheck=0 enabled=1

compute节点：

1.编写repo文件

cd /etc/yum.repos.d/

mkdir back

mv C* back

vi http.repo

[centos] name=centos baseurl=http://192.168.44.10/centos #ip为controller的ip gpgcheck=0 enabled=1 [openstack] name=openstack baseurl=http://192.168.44.10/openstack/iaas-repo gpgcheck=0 enabled=1

<br />
4. **时间同步配置**
4.1 controller节点：

时间同步服务将controller节点作为时间同步服务器

yum install -y chrony

修改# vim /etc/chrony.conf  文件将ntp服务器改为自己供其他节点来同步时间<br />![image.png](https://cdn.nlark.com/yuque/0/2021/png/23046225/1635175887036-b46a3324-9a43-4124-9b7b-3d134d6ccf3d.png#clientId=u184e265b-84a4-4&from=paste&height=88&id=u3347327c&margin=%5Bobject%20Object%5D&name=image.png&originHeight=136&originWidth=945&originalType=binary&ratio=1&size=18461&status=done&style=none&taskId=u74d1ab1a-d290-49c7-a00d-06e9f603a0d&width=612.5)<br />![image.png](https://cdn.nlark.com/yuque/0/2021/png/23046225/1635176102201-3528d6d5-c292-4632-9050-4f3104b1b97c.png#clientId=u184e265b-84a4-4&from=paste&height=99&id=u5de11617&margin=%5Bobject%20Object%5D&name=image.png&originHeight=167&originWidth=1030&originalType=binary&ratio=1&size=15493&status=done&style=none&taskId=udb577d77-b373-4642-b9dd-425c17243ba&width=611)<br />修改后重启配置服务#  systemctl  restart chronyd<br />         4.2  compute节点：

下载chronyd服务并修改ntp源

yum install -y chrony

修改# vim /etc/chrony.conf  将ntp源改为controller<br />![image.png](https://cdn.nlark.com/yuque/0/2021/png/23046225/1635176300551-cd16aaae-62ae-4cd9-8589-1624ec4ece8a.png#clientId=u184e265b-84a4-4&from=paste&height=66&id=u1319e52f&margin=%5Bobject%20Object%5D&name=image.png&originHeight=104&originWidth=973&originalType=binary&ratio=1&size=15180&status=done&style=none&taskId=u5a389cbc-a142-4354-bc39-a0a2e05571b&width=613.5)<br />![image.png](https://cdn.nlark.com/yuque/0/2021/png/23046225/1635176309257-49270d79-f35f-4cad-9578-3ffc6aa9a69e.png#clientId=u184e265b-84a4-4&from=paste&height=67&id=u89ab2737&margin=%5Bobject%20Object%5D&name=image.png&originHeight=93&originWidth=855&originalType=binary&ratio=1&size=7738&status=done&style=none&taskId=u85b7e785-81a2-408d-a26e-1cd1eaea33f&width=617.5)<br />重启服务 #  systemctl  restart chronyd
查看compute节点同步情况<br />![image.png](https://cdn.nlark.com/yuque/0/2021/png/23046225/1635176410525-4cbeaad6-e6b3-48b1-beb1-d7539c571531.png#clientId=u184e265b-84a4-4&from=paste&height=183&id=u7d1f16c5&margin=%5Bobject%20Object%5D&name=image.png&originHeight=366&originWidth=1263&originalType=binary&ratio=1&size=49991&status=done&style=none&taskId=u485fabba-a2cb-417b-ac9a-9bd55200a0c&width=631.5)
**5.计算节点分区**<br />划分磁盘第一块

[root@compute ~]# fdisk /dev/sdb Welcome to fdisk (util-linux 2.23.2).

Changes will remain in memory only, until you decide to write them. Be careful before using the write command.

Device does not contain a recognized partition table Building a new DOS disklabel with disk identifier 0xf5d3e964.

Command (m for help): p

Disk /dev/sdb: 107.4 GB, 107374182400 bytes, 209715200 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk label type: dos Disk identifier: 0xf5d3e964

Device Boot Start End Blocks Id System

Command (m for help): n Partition type: p primary (0 primary, 0 extended, 4 free) e extended Select (default p): p Partition number (1-4, default 1): 1 First sector (2048-209715199, default 2048): Using default value 2048 Last sector, +sectors or +size{K,M,G} (2048-209715199, default 209715199): Using default value 209715199 Partition 1 of type Linux and of size 100 GiB is set

Command (m for help): p

Disk /dev/sdb: 107.4 GB, 107374182400 bytes, 209715200 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk label type: dos Disk identifier: 0xf5d3e964

Device Boot Start End Blocks Id System /dev/sdb1 2048 209715199 104856576 83 Linux

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table. Syncing disks.

格式化第一块磁盘

格式化磁盘 [root@compute ~]# mkfs.xfs /dev/sdb1 meta-data=/dev/sdb1 isize=512 agcount=4, agsize=6553536 blks = sectsz=512 attr=2, projid32bit=1 = crc=1 finobt=0, sparse=0 data = bsize=4096 blocks=26214144, imaxpct=25 = sunit=0 swidth=0 blks naming =version 2 bsize=4096 ascii-ci=0 ftype=1 log =internal log bsize=4096 blocks=12799, version=2 = sectsz=512 sunit=0 blks, lazy-count=1 realtime =none extsz=4096 blocks=0, rtextents=0

第二块磁盘同第一块磁盘方法相同
<a name="UFTty"></a>
# 二：openstack搭建任务
1. 在两个节点分别安装iaas-xiandain  
1. # yum install -y iaas-xiandian
<a name="AXmnk"></a>
### 修改# vi /etc/xiandian/openrc.sh文件

——————————system Config——————————

Controller Server Manager IP. example:x.x.x.x

HOST_IP=192.168.44.10 #控制节点ip

Controller HOST Password. example:000000

HOST_PASS=000000 #控制节点密码

Controller Server hostname. example:controller

HOST_NAME=controller #控制节点域名

Compute Node Manager IP. example:x.x.x.x

HOST_IP_NODE=192.168.44.20 #计算节点ip

Compute HOST Password. example:000000

HOST_PASS_NODE=000000 #计算节点密码

Compute Node hostname. example:compute

HOST_NAME_NODE=compute #计算节点域名

——————————Chrony Config—————————-

Controller network segment IP. example:x.x.0.0/16(x.x.x.0/24)

network_segment_IP=192.168.44.0/24 #时间同步网段

——————————Rabbit Config —————————

user for rabbit. example:openstack

RABBIT_USER=openstack #rabbitmq用户

Password for rabbit user .example:000000

RABBIT_PASS=000000

——————————MySQL Config——————————-

Password for MySQL root user . exmaple:000000

DB_PASS=000000

——————————Keystone Config—————————

Password for Keystore admin user. exmaple:000000

DOMAIN_NAME=demo #认证服务domain ADMIN_PASS=admin DEMO_PASS=000000

Password for Mysql keystore user. exmaple:000000

KEYSTONE_DBPASS=000000

——————————Glance Config——————————

Password for Mysql glance user. exmaple:000000

GLANCE_DBPASS=000000

Password for Keystore glance user. exmaple:000000

GLANCE_PASS=000000

——————————Nova Config———————————

Password for Mysql nova user. exmaple:000000

NOVA_DBPASS=000000

Password for Keystore nova user. exmaple:000000

NOVA_PASS=000000

——————————Neturon Config—————————-

Password for Mysql neutron user. exmaple:000000

NEUTRON_DBPASS=000000

Password for Keystore neutron user. exmaple:000000

NEUTRON_PASS=000000

metadata secret for neutron. exmaple:000000

METADATA_SECRET=000000

Tunnel Network Interface. example:x.x.x.x

INTERFACE_IP=192.168.44.10 #根据所在节点填写所在节点的ip

External Network Interface. example:eth1

INTERFACE_NAME=ens33 #设为外部网卡的名称

External Network The Physical Adapter. example:provider

Physical_NAME=provider

First Vlan ID in VLAN RANGE for VLAN Network. exmaple:101

minvlan=2 #vlan范围

Last Vlan ID in VLAN RANGE for VLAN Network. example:200

maxvlan=300

——————————Cinder Config——————————

Password for Mysql cinder user. exmaple:000000

CINDER_DBPASS=000000

Password for Keystore cinder user. exmaple:000000

CINDER_PASS=000000

Cinder Block Disk. example:md126p3

BLOCK_DISK=sdb1 #块存储的磁盘名称

——————————Swift Config——————————-

Password for Keystore swift user. exmaple:000000

SWIFT_PASS=000000

The NODE Object Disk for Swift. example:md126p4.

OBJECT_DISK=sdc1 #对象存储磁盘的名称

The NODE IP for Swift Storage Network. example:x.x.x.x.

STORAGE_LOCAL_NET_IP=192.168.44.20 #存储节点ip

——————————Heat Config———————————

Password for Mysql heat user. exmaple:000000

HEAT_DBPASS=000000

Password for Keystore heat user. exmaple:000000

HEAT_PASS=000000

——————————Zun Config———————————-

Password for Mysql Zun user. exmaple:000000

ZUN_DBPASS=000000

Password for Keystore Zun user. exmaple:000000

ZUN_PASS=000000

Password for Mysql Kuryr user. exmaple:000000

KURYR_DBPASS=000000

Password for Keystore Kuryr user. exmaple:000000

KURYR_PASS=000000

——————————Ceilometer Config————————

Password for Gnocchi ceilometer user. exmaple:000000

CEILOMETER_DBPASS=000000

Password for Keystore ceilometer user. exmaple:000000

CEILOMETER_PASS=000000

——————————AODH Config————————

Password for Mysql AODH user. exmaple:000000

AODH_DBPASS=000000

Password for Keystore AODH user. exmaple:000000

AODH_PASS=000000

——————————Barbican Config————————

Password for Mysql Barbican user. exmaple:000000

BARBICAN_DBPASS=000000

Password for Keystore Barbican user. exmaple:000000

BARBICAN_PASS=000000

<a name="YmByj"></a>
### 导入镜像

glance image-create —name image123456 —disk-format qcow2 —container-format bare —progress < /opt/iaas/media/images/CentOS_7.5_x86_64_XD.qcow2

<a name="RtF5J"></a>
### heat模板管理
在编排heat模板前需要先在controller节点跑iaas-install-heat.sh脚本

heat_template_version: 2014-10-16 description: flavor temaplate resources: flavor: type: OS::Nova::Flavor properties: disk: 20 name: m1.flavor flavorid: 1234 ram: 1024 vcpus: 1

[root@controller heat]# heat stack-create -f flavor.yaml m1.flavor WARNING (shell) “heat stack-create” is deprecated, please use “openstack stack create” instead +———————————————————+——————+——————————+———————————+———————+—————————————————+ | id | stack_name | stack_status | creation_time | updated_time | project | +———————————————————+——————+——————————+———————————+———————+—————————————————+ | 764771c8-f02b-4f0c-a679-414e5773e24a | m1.flavor | CREATE_IN_PROGRESS | 2021-11-01T01:49:57Z | None | 44f307164c9540ac9c88597bcb00c3a0 | +———————————————————+——————+——————————+———————————+———————+—————————————————+

<a name="F74lG"></a>
### 网络管理

neutron net-create —router:external —provider:physical_network provider —provider:network_type vlan —provider:segmentation_id 200 extnet

neutron subnet-create extnet 192.168.43.0/24 —gateway 192.168.43.1 —name extsubnet

<a name="mdUfq"></a>
### 虚拟机调整flavor
<a name="apiD6"></a>
### 快照管理
<a name="Egqmp"></a>
### 云主机管理

nova boot —flavor c5af1899-5ca2-4b5f-bf5e-b03d6e049f28 —image db8a716d-0a2e-49eb-8892-681e7b6be41d —nic net-id=e0cad34b-b797-4790-98d1-450b1acbe232 vm1

<a name="wg68Q"></a>
### Swift分片存储

[root@controller heat]# swift post chinaskill [root@controller heat]# swift list chinaskill [root@controller heat]# swift upload chinaskill -S 10000000 /opt/iaas/media/images/CentOS_6.5_x86_64_XD.qcow2

<a name="ZpuRE"></a>
### kvm管理

[root@compute ~]# virsh dominfo instance-00000001 Id: 1 Name: instance-00000001 UUID: 69c653c4-39b3-423a-82ae-693bbaaa2ca0 OS Type: hvm State: running CPU(s): 2 CPU time: 266.1s Max memory: 3145728 KiB Used memory: 2000000 KiB Persistent: yes Autostart: disable Managed save: no Security model: selinux Security DOI: 0 Security label: system_u:system_r:svirt_tcg_t:s0:c199,c701 (permissive)

[root@compute ~]# virsh setmem instance-00000001 3000000

[root@compute ~]# virsh dominfo instance-00000001 Id: 1 Name: instance-00000001 UUID: 69c653c4-39b3-423a-82ae-693bbaaa2ca0 OS Type: hvm State: running CPU time: 267.0s Max memory: 3145728 KiB Used memory: 3000000 KiB Persistent: yes Autostart: disable Managed save: no Security model: selinux Security DOI: 0 Security label: system_u:system_r:svirt_tcg_t:s0:c199,c701 (permissive)

```

rabbitmq集群

三：容器云