[toc]
openstack rocky版手动增加一个计算节点
1.配置host解析
cat /etc/hosts <<EOF
0.0.0.11 controller
10.0.0.31 compute1
10.0.0.32 compute2
10.0.0.41 block1
10.0.0.51 object1
10.0.0.52 object2
EOF
2.配置yum源
yum -y install centos-release-openstack-rocky
yum -y install python-openstackclient
3.时间同步
1.安装chrony
yum -y install chrony
2.编辑chrony配置文件/etc/chrony.conf
/删除以下4行,指定控制节点为NTP服务器
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst
修改为
server controller iburst
#用以下命令修改
sed -i '3,6d' /etc/chrony.conf && sed -i '3cserver controller iburst' /etc/chrony.conf
3.启动NTP服务并设置开机自启
systemctl enable chronyd && systemctl start chronyd
4.检查端口,监听udp323端口
$ netstat -nupl|grep chronyd
udp 0 0 127.0.0.1:323 0.0.0.0:* 1327/chronyd
udp6 0 0 ::1:323 :::* 1327/chronyd
5.验证,计算节点显示的是控制节点
$ chronyc sources
210 Number of sources = 1
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^? controller 3 6 200 50 +1319ms[+1319ms] +/- 14.4s
4.安装软件包
yum -y install openstack-nova-compute openstack-utils
5.配置计算服务nova
5.1 编辑/etc/nova/nova.conf文件并完成以下操作
⚠️compute2的IP地址为10.0.0.32
1.在此[DEFAULT]部分中,仅启用计算和元数据API
[DEFAULT]
# ...
enabled_apis = osapi_compute,metadata
2.在该[DEFAULT]部分中,配置RabbitMQ消息队列访问:
[DEFAULT]
# ...
transport_url = rabbit://openstack:RABBIT_PASS@controller
3.在[api]和[keystone_authtoken]部分中,配置身份服务访问:
[api]
# ...
auth_strategy = keystone
[keystone_authtoken]
# ...
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = NOVA_PASS
4.在该[DEFAULT]部分中,配置my_ip选项:MANAGEMENT_INTERFACE_IP_ADDRESS为计算节点上管理网络接口的IP地址 my_ip = MANAGEMENT_INTERFACE_IP_ADDRESS
[DEFAULT]
# ...
my_ip = 10.0.0.32
5.在本[DEFAULT]节中,启用对网络服务的支持:
[DEFAULT]
# ...
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver
6.在本[DEFAULT]节中,启用对网络服务的支持:
[DEFAULT]
# ...
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver
7.在该[vnc]部分中,启用和配置远程控制台访问:
[vnc]
# ...
enabled = true
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://controller:6080/vnc_auto.html
8.在该[glance]部分中,配置图像服务API的位置:
[glance]
# ...
api_servers = http://controller:9292
9.在该[oslo_concurrency]部分中,配置锁定路径:
[oslo_concurrency]
# ...
lock_path = /var/lib/nova/tmp
10.在该[placement]部分中,配置Placement API:
[placement]
# ...
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = PLACEMENT_PASS
#用以下命令修改
\cp /etc/nova/nova.conf{,.bak}
grep '^[a-Z\[]' /etc/nova/nova.conf.bak >/etc/nova/nova.conf
openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
openstack-config --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@controller
openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 10.0.0.32
openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron true
openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
openstack-config --set /etc/nova/nova.conf api auth_strategy keystone
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://controller:5000/v3
openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers controller:11211
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name Default
openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name Default
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name service
openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
openstack-config --set /etc/nova/nova.conf keystone_authtoken password NOVA_PASS
openstack-config --set /etc/nova/nova.conf vnc enabled true
openstack-config --set /etc/nova/nova.conf vnc server_listen 0.0.0.0
openstack-config --set /etc/nova/nova.conf vnc server_proxyclient_address '$my_ip'
openstack-config --set /etc/nova/nova.conf vnc novncproxy_base_url http://controller:6080/vnc_auto.html
openstack-config --set /etc/nova/nova.conf glance api_servers http://controller:9292
openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
openstack-config --set /etc/nova/nova.conf placement region_name RegionOne
openstack-config --set /etc/nova/nova.conf placement project_domain_name Default
openstack-config --set /etc/nova/nova.conf placement project_name service
openstack-config --set /etc/nova/nova.conf placement auth_type password
openstack-config --set /etc/nova/nova.conf placement user_domain_name Default
openstack-config --set /etc/nova/nova.conf placement auth_url http://controller:5000/v3
openstack-config --set /etc/nova/nova.conf placement username placement
openstack-config --set /etc/nova/nova.conf placement password PLACEMENT_PASS
MD5值
md5sum /etc/nova/nova.conf
c348d4b98cb5dc08fb329050ef592d86 /etc/nova/nova.conf
5.2 启动Compute服务及其依赖项,并将它们配置为在系统引导时自动启动
systemctl enable libvirtd.service openstack-nova-compute.service && \
systemctl start libvirtd.service openstack-nova-compute.service
6.配置网络服务neutron
6.1 安装包
yum -y install openstack-neutron-linuxbridge ebtables ipset openstack-utils
6.2 配置公共组件
编辑/etc/neutron/neutron.conf文件并完成以下操作
1.在该[DEFAULT]部分中,配置RabbitMQ 消息队列访问:
[DEFAULT]
# ...
transport_url = rabbit://openstack:RABBIT_PASS@controller
2.在[DEFAULT]和[keystone_authtoken]部分中,配置身份服务访问:
[DEFAULT]
# ...
auth_strategy = keystone
[keystone_authtoken]
# ...
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = NEUTRON_PASS
3.在该[oslo_concurrency]部分中,配置锁定路径:
[oslo_concurrency]
# ...
lock_path = /var/lib/neutron/tmp
#用以下命令修改
\cp /etc/neutron/neutron.conf{,.bak}
grep '^[a-Z\[]' /etc/neutron/neutron.conf.bak >/etc/neutron/neutron.conf
openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@controller
openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://controller:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://controller:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers controller:11211
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password NEUTRON_PASS
openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
MD5值
md5sum /etc/neutron/neutron.conf
9c47ffb59b23516b59e7de84a39bcbe8 /etc/neutron/neutron.conf
6.3 配置网络选项
6.3.1 配置桥接代理
Linux网桥代理为实例构建第2层(桥接和交换)虚拟网络基础结构并处理安全组
编辑/etc/neutron/plugins/ml2/linuxbridge_agent.ini文件并完成以下操作
1.在本[linux_bridge]节中,将提供者虚拟网络映射到提供者物理网络接口:
[linux_bridge]
physical_interface_mappings = provider:PROVIDER_INTERFACE_NAME
替换PROVIDER_INTERFACE_NAME为基础提供商物理网络接口的名称。这里为eth0
2.在该[vxlan]部分中,禁用VXLAN覆盖网络:
[vxlan]
enable_vxlan = false
3.在该[securitygroup]部分中,启用安全组并配置Linux网桥iptables防火墙驱动程序:
[securitygroup]
# ...
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
#用以下命令修改
\cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini{,.bak}
grep '^[a-Z\[]' /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak >/etc/neutron/plugins/ml2/linuxbridge_agent.ini
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:eth0
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan false
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group true
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
MD5值
md5sum /etc/neutron/plugins/ml2/linuxbridge_agent.ini
794b19995c83e2fc0c3fd42f506904f1 /etc/neutron/plugins/ml2/linuxbridge_agent.ini
使Linux操作系统内核支持网桥过滤器1
#向/etc/sysctl.d/openstack-rocky-bridge.conf写入以下内容
cat >> /etc/sysctl.d/openstack-rocky-bridge.conf <<EOF
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF
#执行以下命令生效
$ modprobe br_netfilter && sysctl -p /etc/sysctl.d/openstack-rocky-bridge.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
6.4 配置计算以使用网络
编辑/etc/nova/nova.conf文件并完成以下操作
在该[neutron]部分中,配置访问参数:
[neutron]
# ...
url = http://controller:9696
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = NEUTRON_PASS
#用以下命令修改
openstack-config --set /etc/nova/nova.conf neutron url http://controller:9696
openstack-config --set /etc/nova/nova.conf neutron auth_url http://controller:5000
openstack-config --set /etc/nova/nova.conf neutron auth_type password
openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
openstack-config --set /etc/nova/nova.conf neutron user_domain_name default
openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
openstack-config --set /etc/nova/nova.conf neutron project_name service
openstack-config --set /etc/nova/nova.conf neutron username neutron
openstack-config --set /etc/nova/nova.conf neutron password NEUTRON_PASS
MD5值
md5sum /etc/nova/nova.conf
6ba9c6b28eb8145e4bbec4d9942d1774 /etc/nova/nova.conf
6.5 完成安装
6.5.1 重新启动Compute服务
systemctl restart openstack-nova-compute.service
6.5.2 启动Linux网桥代理并将其配置为在系统引导时启动
systemctl enable neutron-linuxbridge-agent.service && \
systemctl start neutron-linuxbridge-agent.service
6.6 验证 控制节点执行
有compute2输出并且状态为up即为正确
openstack network agent list
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| 6f3e4e38-0d60-4fd7-b545-b6accccc728e | Linux bridge agent | compute2 | None | :-) | UP | neutron-linuxbridge-agent |
| b627a998-e6d2-4cea-b6f1-773f0a294823 | DHCP agent | controller | nova | :-) | UP | neutron-dhcp-agent |
| d2999370-36db-43c1-9fa8-dbdf9afcd118 | Linux bridge agent | compute1 | None | :-) | UP | neutron-linuxbridge-agent |
| f6e6488d-2be8-425d-99ea-97974450cedf | Linux bridge agent | controller | None | :-) | UP | neutron-linuxbridge-agent |
| fc7271f1-f214-4a17-bda7-ba340a61e0f9 | Metadata agent | controller | None | :-) | UP | neutron-metadata-agent |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
7.验证计算节点是否可用
-
手动创建虚拟机并且指定调度到compute2
-
需要先创建分组,分组在dashboard中叫主机聚合
查看主机聚合
管理员-->计算-->主机聚合
创建主机聚合
创建一个名称为compute2的主机聚合,可用域也定义为compute2
点击管理聚合内的主机,选择compute2,然后创建主机聚合
创建完成之后可用域中就会多出一个compute2域
然后web界面创建虚拟机
项目-->计算-->实例-->创建实例
实例名称为compute2,可用域选择compute2
选择测试镜像ciiros
选择实例规格,然后点击创建实例
成功创建后的实例
进入实例控制台,使用用户cirros、密码gocubsgo登陆,然后sudo su -切换到root用户,设置root用户密码
接下来就可以使用远程连接工具连接虚拟机了
