注:controller节点是 192.168.0.201,compute节点是 192.168.0.202
0. 关防火墙(所有节点)
0. 固定ip(所有节点)
1. 配置hosts和hostname(controller 和 compute节点)
vi /etc/hostname(controller节点)controller
vi /etc/hostname(compute节点)compute
vi /etc/hosts(controller和compute节点)192.168.0.201 controller 192.168.0.202 compute
2. 配置 NTP(controller 和 compute节点)
- 在
controller节点配置
- 下载:
yum install chrony- 配置:
vi /etc/chrony.confallow 192.168.0.0/24 server ntp1.aliyun.com iburst
- 启动
systemctl enable chronyd.service
systemctl start chronyd.service- 验证
chronyc sources
image.png
- 在
compute节点配置
- 下载:
yum install chrony- 配置:
vi /etc/chrony.conf(删除所有内容)server controller iburst
- 启动
systemctl enable chronyd.service
systemctl start chronyd.service- 验证
chronyc sources
image.png
3. 换阿里源(所有节点)注:本操作跳过
- 备份
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo_bak- 获取阿里源文件
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo- 更新
cache
yum makecache- 更新
yum -y update
4. 安装 openstack 包(所有节点)
注:如果无法
yum没有找到包,那么可以换源
- 下载
pike
yum install centos-release-openstack-pike下载queens
yum install centos-release-openstack-queens- 更新
yum upgrade- 下载
openstackclient
yum install python-openstackclient- 下载
selinux
yum install openstack-selinux
4. 安装 sql (仅controller节点)
- 下载
mariadb
yum install mariadb mariadb-server python2-PyMySQL- 创建
openstack.cnf
vi /etc/my.cnf.d/openstack.cnf[mysqld] bind-address = 192.168.0.201 default-storage-engine = innodb innodb_file_per_table max_connections = 4096 collation-server = utf8_general_ci character-set-server = utf8
- 启动
systemctl enable mariadb.service
systemctl start mariadb.service- 修改密码
登录:mysql -u root mysql
修改密码:UPDATE user SET PASSWORD=PASSWORD('123456') where USER='root';
立即刷新:FLUSH PRIVILEGES;
退出:quit
5. 安装rabbitmq(仅controller节点)
- 下载
yum install rabbitmq-server- 启动
systemctl enable rabbitmq-server.service
systemctl start rabbitmq-server.service
- 添加
openstack用户
rabbitmqctl add_user openstack 123456- 添加权限
rabbitmqctl set_permissions openstack ".*" ".*" ".*"
5. 安装memcached(仅controller节点)
- 下载
yum install memcached python-memcached- 配置
vi /etc/sysconfig/memcachedOPTIONS="-l 127.0.0.1,::1,controller"
- 启动
systemctl enable memcached.service
systemctl start memcached.service
6. 安装Etcd(仅controller节点) 这是一个分布式的可靠键值存储,用于分布式密钥锁定、存储配置、跟踪服务的实时状态和其他场景
- 下载
yum install etcd
- 配置
vi /etc/etcd/etcd.conf#[Member] ETCD_DATA_DIR="/var/lib/etcd/default.etcd" ETCD_LISTEN_PEER_URLS="http://192.168.0.201:2380" ETCD_LISTEN_CLIENT_URLS="http://192.168.0.201:2379" ETCD_NAME="controller" #[Clustering] ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.0.201:2380" ETCD_ADVERTISE_CLIENT_URLS="http://192.168.0.201:2379" ETCD_INITIAL_CLUSTER="controller=http://192.168.0.201:2380" ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01" ETCD_INITIAL_CLUSTER_STATE="new"
- 启动
systemctl enable etcd
systemctl start etcd
7. 身份服务(仅controller节点)
- 数据库
- 登录
mysql -uroot -p123456注:如果显示 1045报错,那么执行以下操作
停服务:systemctl stop mariadb.service
启动服务:mysqld_safe --user=mysql --skip-grant-tables --skip-networking &
登录:mysql -u root mysql
改密码:UPDATE user SET PASSWORD=PASSWORD('123456') where USER='root';
FLUSH PRIVILEGES;
退出:quit
- 创建数据库
keystone
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'controller' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '123456';
- 下载和配置
- 下载
yum install openstack-keystone httpd mod_wsgi- 配置
vi /etc/keystone/keystone.conf[database] ... connection = mysql+pymysql://keystone:123456@controller/keystone [token] ... provider = fernet
- 创建数据库
su -s /bin/sh -c "keystone-manage db_sync" keystone- 初始化Fernet密钥存储库:
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone- 初始化身份服务
keystone-manage bootstrap --bootstrap-password 123456 --bootstrap-admin-url http://controller:35357/v3/ --bootstrap-internal-url http://controller:5000/v3/ --bootstrap-public-url http://controller:5000/v3/ --bootstrap-region-id RegionOne- 配置
httpd
配置:vi /etc/httpd/conf/httpd.confServerName controller创建
link:ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
- 启动服务
systemctl enable httpd.service
systemctl start httpd.service- 登录
export OS_USERNAME=admin
export OS_PASSWORD=123456
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3
- 创建 domain, projects, users, and roles
- 创建
serviceproject
openstack project create --domain default --description "Service Project" service
image.png- 创建
demoproject
openstack project create --domain default --description "Demo Project" demo
image.png- 创建
demouser:
openstack user create --domain default --password-prompt demo
image.png- 创建
userrole:
openstack role create user
image.png- 关联
openstack role add --project demo --user demo user
- 验证
- 登出
unset OS_AUTH_URL OS_PASSWORD- 验证
admin
openstack --os-auth-url http://controller:35357/v3 --os-project-domain-name Default --os-user-domain-name Default --os-project-name admin --os-username admin token issue
image.png- 验证
demo
openstack --os-auth-url http://controller:5000/v3 --os-project-domain-name Default --os-user-domain-name Default --os-project-name demo --os-username demo token issue
image.png
- 创建登录脚本(在
root的~目录下)
注: 通过readlink -f ./获取当前目录的绝对路径
- 创建
admin-openrc
vi admin-openrcexport OS_PROJECT_DOMAIN_NAME=Default export OS_USER_DOMAIN_NAME=Default export OS_PROJECT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD=123456 export OS_AUTH_URL=http://controller:35357/v3 export OS_IDENTITY_API_VERSION=3 export OS_IMAGE_API_VERSION=2
- 创建
demo-openrc
vi demo-openrcexport OS_PROJECT_DOMAIN_NAME=Default export OS_USER_DOMAIN_NAME=Default export OS_PROJECT_NAME=demo export OS_USERNAME=demo export OS_PASSWORD=123456 export OS_AUTH_URL=http://controller:5000/v3 export OS_IDENTITY_API_VERSION=3 export OS_IMAGE_API_VERSION=2
- 验证
admin
登录:. admin-openrc
注:登录也可以用source admin-openrc,注意上面是. admin-openrc,不是./admin-openrc
验证:openstack token issue
image.png- 查看环境变量
echo $OS_PROJECT_DOMAIN_NAME $OS_USER_DOMAIN_NAME $OS_PROJECT_NAME $OS_USERNAME $OS_PASSWORD $OS_AUTH_URL $OS_IDENTITY_API_VERSION $OS_IMAGE_API_VERSION- 登出
unset OS_PROJECT_DOMAIN_NAME OS_USER_DOMAIN_NAME OS_PROJECT_NAME OS_USERNAME OS_PASSWORD OS_AUTH_URL OS_IDENTITY_API_VERSION OS_IMAGE_API_VERSION
8. 镜像服务(仅controller节点)
- 数据库
- 登录
mysql -uroot -p123456- 创建数据库
glance
CREATE DATABASE glance;- 登录操作权限
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'controller' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '123456';- 退出
exit
- 创建
glance
- 登录
. admin-openrc- 创建
glanceuser:
openstack user create --domain default --password-prompt glance
image.png- 关联
openstack role add --project service --user glance admin- 创建
glanceservice:
openstack service create --name glance --description "OpenStack Image" image
image.png- 创建
API
openstack endpoint create --region RegionOne image public http://controller:9292
image.png
openstack endpoint create --region RegionOne image internal http://controller:9292
image.png
openstack endpoint create --region RegionOne image admin http://controller:9292
image.png
- 下载和配置
- 下载
yum install openstack-glance- 配置
vi /etc/glance/glance-api.conf[database] ... connection = mysql+pymysql://glance:123456@controller/glance [keystone_authtoken] ... auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = glance password = 123456 [paste_deploy] ... flavor = keystone [glance_store] ... stores = file,http default_store = file filesystem_store_datadir = /var/lib/glance/images/
- 配置
vi /etc/glance/glance-registry.conf[database] ... connection = mysql+pymysql://glance:123456@controller/glance [keystone_authtoken] ... auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = glance password = 123456 [paste_deploy] ... flavor = keystone
- 填充数据库
su -s /bin/sh -c "glance-manage db_sync" glance- 启动
systemctl enable openstack-glance-api.service openstack-glance-registry.service
systemctl start openstack-glance-api.service openstack-glance-registry.service
- 验证
- 登录:
. admin-openrc- 下载:
wget http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img- 上传:
openstack image create "cirros" --file cirros-0.3.5-x86_64-disk.img --disk-format qcow2 --container-format bare --public
image.png- 查看列表
openstack image list
image.png
9. 计算服务(controller节点)
- 数据库
- 登录:
mysql -uroot -p123456- 创建数据库:
CREATE DATABASE nova_api;
CREATE DATABASE nova;
CREATE DATABASE nova_cell0;- 权限
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'controller' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'controller' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'controller' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY '123456';- 退出
exit
- 创建
nova
- 登录
. admin-openrc- 创建
novauser:
openstack user create --domain default --password-prompt nova
image.png- 关联
openstack role add --project service --user nova admin- 创建
novaservice
openstack service create --name nova --description "OpenStack Compute" compute
image.png- 创建
API
openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1
image.png
openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1
image.png
openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1
image.png
- 创建
placement
- 登录
. admin-openrc- 创建
placementuser
openstack user create --domain default --password-prompt placement
image.png- 关联
openstack role add --project service --user placement admin- 创建
API
openstack service create --name placement --description "Placement API" placement
image.png
openstack endpoint create --region RegionOne placement public http://controller:8778
image.png
openstack endpoint create --region RegionOne placement internal http://controller:8778
image.png
openstack endpoint create --region RegionOne placement admin http://controller:8778
image.png
- 下载和配置
- 下载:
yum install openstack-nova-api openstack-nova-conductor openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler openstack-nova-placement-api- 配置
vi /etc/nova/nova.conf[DEFAULT] ... enabled_apis = osapi_compute,metadata transport_url = rabbit://openstack:123456@controller my_ip = 192.168.0.201 use_neutron = True firewall_driver = nova.virt.firewall.NoopFirewallDriver [api_database] ... connection = mysql+pymysql://nova:123456@controller/nova_api [database] ... connection = mysql+pymysql://nova:123456@controller/nova [api] ... auth_strategy = keystone [keystone_authtoken] ... auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = nova password = 123456 [vnc] enabled = true ... vncserver_listen = $my_ip vncserver_proxyclient_address = $my_ip [glance] ... api_servers = http://controller:9292 [oslo_concurrency] ... lock_path = /var/lib/nova/tmp [placement] ... os_region_name = RegionOne project_domain_name = Default project_name = service auth_type = password user_domain_name = Default auth_url = http://controller:35357/v3 username = placement password = 123456注:删掉
[placement][keystone_authtoken]的其他项
- 配置
vi /etc/httpd/conf.d/00-nova-placement-api.conf... <Directory /usr/bin> <IfVersion >= 2.4> Require all granted </IfVersion> <IfVersion < 2.4> Order allow,deny Allow from all </IfVersion> </Directory>
- 重启
httpd
systemctl restart httpd- 填充数据库
su -s /bin/sh -c "nova-manage api_db sync" nova
su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
image.png
su -s /bin/sh -c "nova-manage db sync" nova- 验证
cell0cell1
nova-manage cell_v2 list_cells
image.png- 启动
systemctl enable openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
systemctl start openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
10. 计算服务(compute节点)
- 下载和配置
- 下载
yum install openstack-nova-compute- 配置
vi /etc/nova/nova.conf[DEFAULT] ... enabled_apis = osapi_compute,metadata transport_url = rabbit://openstack:123456@controller my_ip = 192.168.0.202 use_neutron = True firewall_driver = nova.virt.firewall.NoopFirewallDriver [api] ... auth_strategy = keystone [keystone_authtoken] ... auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = nova password = 123456 [vnc] ... enabled = True vncserver_listen = 0.0.0.0 vncserver_proxyclient_address = $my_ip novncproxy_base_url = http://controller:6080/vnc_auto.html [glance] ... api_servers = http://controller:9292 [oslo_concurrency] ... lock_path = /var/lib/nova/tmp [placement] ... os_region_name = RegionOne project_domain_name = Default project_name = service auth_type = password user_domain_name = Default auth_url = http://controller:35357/v3 username = placement password = 123456
- 启动
systemctl enable libvirtd.service openstack-nova-compute.service
systemctl start libvirtd.service openstack-nova-compute.service
11. 计算服务(controller节点)
- 添加
compute节点到cell数据库
- 登陆:
. admin-openrc- 查看:
openstack compute service list --service nova-compute
image.png- 手动注册
compute节点到cell数据库 (每次添加新compute节点都需要这个操作)
su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
image.png- 自动注册
compute节点到cell数据库(只需要操作一次)
vi /etc/nova/nova.conf[scheduler] discover_hosts_in_cells_interval = 300注:3 4 操作任选其一
- 验证
- 登陆:
. admin-openrc- 查看计算服务列表:
openstack compute service list
image.png- 查看
api:openstack catalog list
image.png- 查看镜像列表:
openstack image list
image.png- 检查
cells和placementAPI 是否正常工作
nova-status upgrade check
image.png
12. 网络服务(controller节点)
- 数据库
- 登陆:
mysql -uroot -p123456- 创建
neutron
CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'controller' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '123456';- 登出:
exit
- 创建
neutron用户
- 登陆:
. admin-openrc- 创建
neutron用户:
openstack user create --domain default --password-prompt neutron
image.png- 关联:
openstack role add --project service --user neutron admin- 创建
neutronservice:
openstack service create --name neutron --description "OpenStack Networking" network
image.png- 创建
API:
openstack endpoint create --region RegionOne network public http://controller:9696
image.png
openstack endpoint create --region RegionOne network internal http://controller:9696
image.png
openstack endpoint create --region RegionOne network admin http://controller:9696
image.png
- 安装和配置(基于Provider networks)
- 安装:
yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables- 配置:
vi /etc/neutron/neutron.conf[DEFAULT] ... core_plugin = ml2 service_plugins = transport_url = rabbit://openstack:123456@controller auth_strategy = keystone notify_nova_on_port_status_changes = true notify_nova_on_port_data_changes = true [database] ... connection = mysql+pymysql://neutron:123456@controller/neutron [keystone_authtoken] ... auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = neutron password = 123456 [nova] ... auth_url = http://controller:35357 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = nova password = 123456 [oslo_concurrency] ... lock_path = /var/lib/neutron/tmp
- 配置
vi /etc/neutron/plugins/ml2/ml2_conf.ini[ml2] ... type_drivers = flat,vlan tenant_network_types = mechanism_drivers = linuxbridge extension_drivers = port_security [ml2_type_flat] ... flat_networks = provider [securitygroup] ... enable_ipset = true
- 配置
vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini[linux_bridge] physical_interface_mappings = provider:enp3s0 [vxlan] enable_vxlan = false [securitygroup] ... enable_security_group = true firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
- 配置
vi /etc/neutron/dhcp_agent.ini[DEFAULT] ... interface_driver = linuxbridge dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq enable_isolated_metadata = true
- 配置和启动
- 配置
vi /etc/neutron/metadata_agent.ini[DEFAULT] ... nova_metadata_host = controller metadata_proxy_shared_secret = 123456
- 配置
vi /etc/nova/nova.conf[neutron] ... url = http://controller:9696 auth_url = http://controller:35357 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = 123456 service_metadata_proxy = true metadata_proxy_shared_secret = 123456
link
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini- 填充数据库
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron- 重启
APIservice
systemctl restart openstack-nova-api.service- 启动
systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
13. 网络服务(compute节点)
- 安装和配置
- 下载
yum install openstack-neutron-linuxbridge ebtables ipset- 配置
vi /etc/neutron/neutron.conf[DEFAULT] ... transport_url = rabbit://openstack:123456@controller auth_strategy = keystone [keystone_authtoken] ... auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = neutron password = 123456 [oslo_concurrency] ... lock_path = /var/lib/neutron/tmp
- 配置(基于 Provider networks)
- 配置
vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini[linux_bridge] physical_interface_mappings = provider:enp3s0 [vxlan] enable_vxlan = false [securitygroup] ... enable_security_group = true firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
- 配置和启动
- 配置
vi /etc/nova/nova.conf[neutron] ... url = http://controller:9696 auth_url = http://controller:35357 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = 123456
- 启动
systemctl restart openstack-nova-compute.service
systemctl enable neutron-linuxbridge-agent.service
systemctl start neutron-linuxbridge-agent.service
- 验证(Controller 节点)
- 登录:
. admin-openrc- 查看列表:
openstack network agent list
image.png
14. 仪表盘dashboard(controller节点)
- 下载
yum install openstack-dashboard- 配置
vi /etc/openstack-dashboard/local_settingsOPENSTACK_HOST = "controller" OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user" OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True SESSION_ENGINE = 'django.contrib.sessions.backends.cache' CACHES = { 'default': { 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', 'LOCATION': 'controller:11211', } } OPENSTACK_API_VERSIONS = { "identity": 3, "image": 2, "volume": 2, } OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default" ALLOWED_HOSTS = ['*'] OPENSTACK_NEUTRON_NETWORK = { ... 'enable_router': False, 'enable_quotas': False, 'enable_distributed_router': False, 'enable_ha_router': False, 'enable_lb': False, 'enable_firewall': False, 'enable_vpn': False, 'enable_fip_topology_check': False, } TIME_ZONE = "UTC"
- 配置
vi /etc/httpd/conf.d/openstack-dashboard.conf... WSGIApplicationGroup %{GLOBAL}image.png
- 重启
systemctl restart httpd.service memcached.service- 测试
http://192.168.0.201/dashboard
15.启动一个实例
- 创建虚拟网络(基于 provider networks)
- 登录
. admin-openrc- 创建
network
openstack network create --share --external --provider-physical-network provider --provider-network-type flat provider
image.png- 创建子网
openstack subnet create --network provider --allocation-pool start=192.168.0.220,end=192.168.0.229 --dns-nameserver 192.168.0.1 --gateway 192.168.0.1 --subnet-range 192.168.0.0/24 provider
image.png
- 创建
flavor
- 登录
. admin-openrc- 创建:
openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano
- 创建 key pair
- 登录:
. demo-openrc- 创建:
ssh-keygen -q -N ""
回车
openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey- 查看
openstack keypair list
- 配置安全组
- 登录:
. demo-openrcICMP
openstack security group rule create --proto icmp defaultSSH
openstack security group rule create --proto tcp --dst-port 22 default
- 创建一个
instance
image.png
