| 主机名 | ip | 角色 |
|---|---|---|
| ftp | 192.168.123.10 | ftp源 |
| controller | 192.168.123.23 | 控制、计算 |
对象存储服务(swift)服务优势
- 数据访问灵活性
- 高数据持久性
- 极高的可拓展性
- 无单点故障
安装脚本
首先安装iaas-xiandian
[root@localhost ~]# yum install -y iaas-xiandian
编辑环境变量
内容直接参考openrc.sh
开始部署环境
第一个脚本开始执行前期准备[root@localhost ~]# iaas-pre-host.sh
执行完成后提示需要重启reboot
安装数据库
[root@controller ~]# iaas-install-mysql.sh
[root@controller ~]# yum install -y MySQL-python
安装keystone服务
[root@controller ~]# iaas-install-keystone.sh
镜像服务
[root@controller ~]# iaas-install-glance.sh
nova服务
[root@controller ~]# iaas-install-nova-controller.sh
[root@controller ~]# iaas-install-nova-compute.sh
neutron网络服务
[root@controller ~]# iaas-install-neutron-controller.sh
[root@controller ~]# iaas-install-neutron-compute.sh
安装dashboard面板
[root@controller ~]# iaas-install-dashboard.sh
执行完成后就可以通过http://ip/dashboard登录
cinder脚本
[root@controller ~]# iaas-install-cinder-controller.sh
[root@controller ~]# iaas-install-cinder-compute.sh
对象存储服务(swift)
[root@controller ~]# iaas-install-swift-controller.sh
[root@controller ~]# iaas-install-swift-compute.sh
swift命令的使用
#创建一个名称为“xiandian”的容器,并查看容器的状态。
[root@controller ~]# swift post xiandian
[root@controller ~]# swift stat xiandian
Account: AUTH_142a7836b3524a30bc4752de47af5054
Container: xiandian
Objects: 0
Bytes: 0
Read ACL:
Write ACL:
Sync To:
Sync Key:
Accept-Ranges: bytes
X-Storage-Policy: Policy-0
Last-Modified: Thu, 08 Dec 2022 12:29:05 GMT
X-Timestamp: 1670502544.24404
X-Trans-Id: tx2d54cb32daf64bc38fd5b-006391d89a
Content-Type: application/json; charset=utf-8
X-Openstack-Request-Id: tx2d54cb32daf64bc38fd5b-006391d89a
#向刚才创建的容器“xiandian”中上传目录,并查看是否上传成功。(将本地的test目录内容递归上传到“xiandian”容器内,上传时我们首先需要上传一个空白的“test”目录)
[root@controller ~]# mkdir test
[root@controller ~]# swift upload xiandian test/
test/
[root@controller ~]# swift list xiandian
test/
#查看“xiandian”容器里面的内容
[root@controller ~]# swift list xiandian
test/
#将test.txt、saas.png、iaas.png文件上传到“xiandian”容器内“test”目录内。
[root@controller ~]# touch test.txt
[root@controller ~]# touch saas.png
[root@controller ~]# touch iaas.png
[root@controller ~]# swift upload xiandian/test test.txt
test/test.txt
[root@controller ~]# swift upload xiandian/test saas.png
test/saas.png
[root@controller ~]# swift upload xiandian/test iaas.png
test/iaas.png
[root@controller ~]# swift list xiandian
test/
test/iaas.png
test/saas.png
test/test.txt
#文件上传成功后,切到/opt目录下,对容器xiandian中test目录下的文件进行下载。(数据在swift集群内保存,随时供用户下载使用,现在下载test.txt、saas.png、iaas.png这三个文件)
[root@controller opt]# pwd
/opt
[root@controller opt]# ls
[root@controller opt]# swift download xiandian test/iaas.png
test/iaas.png [auth 0.592s, headers 0.780s, total 0.781s, 0.000 MB/s]
[root@controller opt]# swift download xiandian test/saas.png
test/saas.png [auth 0.579s, headers 0.765s, total 0.766s, 0.000 MB/s]
[root@controller opt]# swift download xiandian test/test.txt
test/test.txt [auth 0.579s, headers 0.763s, total 0.764s, 0.000 MB/s]
[root@controller opt]# ls
test
[root@controller opt]# cd test/
[root@controller test]# ls
iaas.png saas.png test.txt#可以查看具体容器的运行状态,以查看“xiandian”容器为例
[root@controller test]# swift stat xiandian
Account: AUTH_142a7836b3524a30bc4752de47af5054
Container: xiandian
Objects: 4
Bytes: 0
Read ACL:
Write ACL:
Sync To:
Sync Key:
Accept-Ranges: bytes
X-Storage-Policy: Policy-0
Last-Modified: Thu, 08 Dec 2022 12:34:03 GMT
X-Timestamp: 1670502544.24404
X-Trans-Id: txc401261c809a411e81475-006391db6e
Content-Type: application/json; charset=utf-8
X-Openstack-Request-Id: txc401261c809a411e81475-006391db6e
#对容器中的对象里面存储的文件iaas.png的状态进行查看
[root@controller test]# swift stat xiandian test/iaas.png
Account: AUTH_142a7836b3524a30bc4752de47af5054
Container: xiandian
Object: test/iaas.png
Content Type: image/png
Content Length: 0
Last Modified: Thu, 08 Dec 2022 12:34:04 GMT
ETag: d41d8cd98f00b204e9800998ecf8427e
Meta Mtime: 1670502806.556745
Accept-Ranges: bytes
X-Timestamp: 1670502843.47441
X-Trans-Id: txe0d8fcb20e914d97b8783-006391dc0e
X-Openstack-Request-Id: txe0d8fcb20e914d97b8783-006391dc0安装Heat编排服务
加载环境变量
[root@controller ~]# source /etc/xiandian/openrc.sh
[root@controller ~]# source /etc/keystone/admin-openrc.sh创建数据库并给数据库赋予权限
[root@controller ~]# mysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS heat ;"
[root@controller ~]# mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'localhost' IDENTIFIED BY '$HEAT_DBPASS' ;"
[root@controller ~]# mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'%' IDENTIFIED BY '$HEAT_DBPASS' ;"安装软件
[root@controller ~]# yum install openstack-heat-api openstack-heat-api-cfn openstack-heat-engine openstack-heat-ui -y创建用户
[root@controller ~]# openstack user create --domain $DOMAIN_NAME --password $HEAT_PASS heat
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | ebbf2d331d784720a5988750edebc557 |
| enabled | True |
| id | 3951d66f2a20483a80e652524db82efd |
| name | heat |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+给用户heat添加管理员的角色
[root@controller ~]# openstack role add --project service --user heat admin
创建服务
[root@controller ~]# openstack service create --name heat --description "Orchestration" orchestration
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Orchestration |
| enabled | True |
| id | 4a777b7b25cf403ea01a6ac4ae75d19e |
| name | heat |
| type | orchestration |
+-------------+----------------------------------+
[root@controller ~]# openstack service create --name heat-cfn --description "Orchestration" cloudformation
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Orchestration |
| enabled | True |
| id | 55a2ce2c3288478f926998a4b04e3334 |
| name | heat-cfn |
| type | cloudformation |
+-------------+----------------------------------+创建三个端点服务
公有的:
[root@controller ~]# openstack endpoint create --region RegionOne orchestration public http://$HOST_NAME:8004/v1/%\(tenant_id\)s
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | 75198220661e4e21b44ea62d419a38bd |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 4a777b7b25cf403ea01a6ac4ae75d19e |
| service_name | heat |
| service_type | orchestration |
| url | http://controller:8004/v1/%(tenant_id)s |
+--------------+-----------------------------------------+内部的:
[root@controller ~]# openstack endpoint create --region RegionOne orchestration internal http://$HOST_NAME:8004/v1/%\(tenant_id\)s
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | 643402dbfa1f44f4a79719f08e93c02b |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 4a777b7b25cf403ea01a6ac4ae75d19e |
| service_name | heat |
| service_type | orchestration |
| url | http://controller:8004/v1/%(tenant_id)s |
+--------------+-----------------------------------------+管理员的:
[root@controller ~]# openstack endpoint create --region RegionOne orchestration admin http://$HOST_NAME:8004/v1/%\(tenant_id\)s
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | 69d1a73e069f441699109b6264dd35e7 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 4a777b7b25cf403ea01a6ac4ae75d19e |
| service_name | heat |
| service_type | orchestration |
| url | http://controller:8004/v1/%(tenant_id)s |
+--------------+-----------------------------------------+在创建三个端点服务:
#公共的
[root@controller ~]# openstack endpoint create --region RegionOne cloudformation public http://$HOST_NAME:8000/v1
#内部的
[root@controller ~]# openstack endpoint create --region RegionOne cloudformation internal http://$HOST_NAME:8000/v1
#管理员的
[root@controller ~]# openstack endpoint create --region RegionOne cloudformation admin http://$HOST_NAME:8000/v1查看创建的端点服务
[root@controller ~]# openstack endpoint list | grep heat
| 015d14b2afea4fe9904b324f723b2e5b | RegionOne | heat-cfn | cloudformation | True | public | http://controller:8000/v1 |
| 04c4c528f112418f89bd91413fb4d83a | RegionOne | heat-cfn | cloudformation | True | internal | http://controller:8000/v1 |
| 0a4f989acc66491e98f59b7a9b4b5fea | RegionOne | heat-cfn | cloudformation | True | admin | http://controller:8000/v1 |
| 643402dbfa1f44f4a79719f08e93c02b | RegionOne | heat | orchestration | True | internal | http://controller:8004/v1/%(tenant_id)s |
| 69d1a73e069f441699109b6264dd35e7 | RegionOne | heat | orchestration | True | admin | http://controller:8004/v1/%(tenant_id)s |
| 75198220661e4e21b44ea62d419a38bd | RegionOne | heat | orchestration | True | public | http://controller:8004/v1/%(tenant_id)s |创建域
[root@controller ~]# openstack domain create --description "Stack projects and users" heat
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Stack projects and users |
| enabled | True |
| id | 57296eb6f502403283ad4644cbe0daf4 |
| name | heat |
| tags | [] |
+-------------+----------------------------------+创建用户heat_domain_admin
[root@controller ~]# openstack user create --domain heat --password $HEAT_PASS heat_domain_admin
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | 57296eb6f502403283ad4644cbe0daf4 |
| enabled | True |
| id | 6529832b72574f0e8f2963d96ab51f5c |
| name | heat_domain_admin |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+给用户heat_domain_admin添加管理员的角色
[root@controller ~]# openstack role add --domain heat --user-domain heat --user heat_domain_admin admin
创建角色
[root@controller ~]# openstack role create heat_stack_owner
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | None |
| id | a486348484364690806879b8ef429b7c |
| name | heat_stack_owner |
+-----------+----------------------------------+给用户demo添加heat_stack_owner的角色
[root@controller ~]# openstack role add --project demo --user demo heat_stack_owner
创建角色heat_stack_user
[root@controller ~]# openstack role create heat_stack_user
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | None |
| id | 1036f59dc79644548fbb8a9ae3faa30e |
| name | heat_stack_user |
+-----------+----------------------------------+对配置文件/etc/heat/heat.conf进行修改
[root@controller ~]# crudini --set /etc/heat/heat.conf database connection mysql+pymysql://heat:$HEAT_DBPASS@$HOST_NAME/heat
[root@controller ~]# crudini --set /etc/heat/heat.conf DEFAULT transport_url rabbit://$RABBIT_USER:$RABBIT_PASS@$HOST_NAME
[root@controller ~]#
[root@controller ~]# crudini --set /etc/heat/heat.conf keystone_authtoken auth_uri http://$HOST_NAME:5000
[root@controller ~]# crudini --set /etc/heat/heat.conf keystone_authtoken auth_url http://$HOST_NAME:35357
[root@controller ~]# crudini --set /etc/heat/heat.conf keystone_authtoken memcached_servers $HOST_NAME:11211
[root@controller ~]# crudini --set /etc/heat/heat.conf keystone_authtoken auth_type password
[root@controller ~]# crudini --set /etc/heat/heat.conf keystone_authtoken project_domain_name $DOMAIN_NAME
[root@controller ~]# crudini --set /etc/heat/heat.conf keystone_authtoken user_domain_name $DOMAIN_NAME
[root@controller ~]# crudini --set /etc/heat/heat.conf keystone_authtoken project_name service
[root@controller ~]# crudini --set /etc/heat/heat.conf keystone_authtoken username heat
[root@controller ~]# crudini --set /etc/heat/heat.conf keystone_authtoken password $HEAT_PASS
[root@controller ~]#
[root@controller ~]# crudini --set /etc/heat/heat.conf trustee auth_plugin password
[root@controller ~]# crudini --set /etc/heat/heat.conf trustee auth_url http://$HOST_NAME:35357
[root@controller ~]# crudini --set /etc/heat/heat.conf trustee username heat
[root@controller ~]# crudini --set /etc/heat/heat.conf trustee password $HEAT_PASS
[root@controller ~]# crudini --set /etc/heat/heat.conf trustee user_domain_name $DOMAIN_NAME
[root@controller ~]# crudini --set /etc/heat/heat.conf clients_keystone auth_uri http://$HOST_NAME:35357
[root@controller ~]#
[root@controller ~]# crudini --set /etc/heat/heat.conf DEFAULT heat_metadata_server_url http://$HOST_NAME:8000
[root@controller ~]# crudini --set /etc/heat/heat.conf DEFAULT heat_waitcondition_server_url http://$HOST_NAME:8000/v1/waitcondition
[root@controller ~]#
[root@controller ~]# crudini --set /etc/heat/heat.conf DEFAULT stack_domain_admin heat_domain_admin
[root@controller ~]# crudini --set /etc/heat/heat.conf DEFAULT stack_domain_admin_password $HEAT_PASS
[root@controller ~]# crudini --set /etc/heat/heat.conf DEFAULT stack_user_domain_name heat对数据库进行同步
[root@controller ~]# su -s /bin/sh -c "heat-manage db_sync" heat
将服务设置为开机自启并重新启动服务
#开机自启
systemctl enable openstack-heat-api.service openstack-heat-api-cfn.service openstack-heat-engine.service
#重新启动服务
systemctl restart openstack-heat-api.service openstack-heat-api-cfn.service openstack-heat-engine.service
systemctl restart httpd memcached查看面板
