"TechTarget China original" Although the online installation tutorials and step-by-steps provided by OpenStack are a great help to administrators, there are still a lot of things that are not satisfactory. So in the process of installing OpenStack on Ubuntu, you can use the following documentation to compensate for the lack of official tutorials. The simplest way to learn how to use OpenStack is to actually deploy it on your own computer. The OpenStack website provides tutorials on how to deploy, but the steps involved in this tutorial are too complex and there are many inaccuracies, so it is difficult for users to complete the process smoothly-for example, throughout the installation process, It is not possible for users to simply get all the necessary components through Apt-get. While OpenStack provides a graphical step-by-step wizard, this approach requires the use of five separate virtual machines. Users may encounter a series of error messages during the installation of OpenStack, although they can search for solutions to these problems one by one in Google, but this will make the user feel more frustrated during the lengthy installation process, so I recommend that users refer to this tutorial to complete the installation. In order to thoroughly understand the entire installation process, I completed the full installation of OpenStack two times on Ubuntu and have all the experience gained in this OpenStack installation tutorial. In short, the purpose of this tutorial is to minimize and elaborate on the official documentation provided by OpenStack to maximize the resolution of any problems that may be encountered. OpenStack installation Prerequisites Before you begin, take a look at the documentation provided by the OpenStack website "OpenStack Installation guide for Ubuntu 14.04. "For best results, you can also refer to the official website tutorial and this document to ensure the smooth implementation of the installation process. As a reference, I am using OpenStack Kilo, also known as version K. In order to ensure the normal operation of the system, the environment must contain at least one compute node and one controller node. Although we do not deploy object storage, block storage, or network nodes, these are all necessary in a production environment. If the card does not complete during the installation process, you can skip this step temporarily, as these steps do not need to be completed in chronological order except for the first step. A solution to the previous problem may be found during the subsequent installation. Overall, the deployment of the OpenStack environment includes the following basic steps: Creating a basic environment by installing a database, configuring a host file, installing the Identity Service (authentication services), installing the Image Service (mirroring services), installing COMPute Service (compute services); Install Dashboard to be able to login lb interface. Building an infrastructure you must first create an Ubuntu 14.04 Server virtual machine before attempting to build the base environment. You can use any kind of hypervisor to accomplish this task. I am using the VMware vCloud Director. As for the OS version, although I prefer Ubuntu Server, this document should work for Ubuntu Desktop as well. The main difference between Ubuntu server and Ubuntu Desktop is that there is no graphical interface for Server Edition. Note You need to use root permissions to execute the following command. If the user is using Ubuntu desktop instead of the server version, you will need to first log in with a regular account different from root, then change the root account password to run subsequent user commands. In the process of setting up the environment, you should also make sure that you make enough snapshots so that you can roll back in time when problems occur in some parts. Users can use the password provided in the OpenStack tutorial to directly copy and bond these passwords to minimize possible errors. In addition, the root password is not used in SQL database. Do not run the Apt-get command unless it is specifically documented, because Automatic Updates to OpenStack are not allowed, as prompted by openstack.org. After you create an Ubuntu server virtual machine, you need to add the IP address of the controller and compute1 to the "/etc/hosts" file. To ensure that both components are on the same machine, you can use the following command: After 127.0.0.1 controller compute1, run the following command: Apt-get install ubuntu-cloud-keyring echo "Deb Http://ubuntu-cloud.archive.canonical.com/ubuntu "\ " Trusty-updates/kilo main ">/etc/apt/sources.list.d/cloudarchive-kilo.list apt-get update && apt-get dist-upgrade Skip the step of installing NTP (Network Time Protocol) server. There is only one machine in the current environment, so no synchronization time is required. Right nowRun the following command: Apt-get install mariadb-server python-mysqldb It is important to note that we are using mariadb instead of MySQL. Now we need to follow the documentation instructions to edit the "/etc/mysql/my.cnf" configuration file. After you complete this step, execute the following command: After service MySQL restart Mysql_secure_installation, install the RABBITMQ server using the following command: Apt-get Rabbitmq-server Rabbitmqctl Change_password Guest rabbit_pass Authentication Service to install the Identity service, first create the Keystone database. The user creates a token to implement the Keystone operation, after which the user can create a user ID and password, completing the task by executing the following command: OpenSSL Rand-hex 10 After running this command, I got a token:cde3aa151a5a7e048da9. Users can use this token or make their own tokens. After that, run the following command: Apt-get install Keystone Python-keystoneclient refer to the documentation provided by OpenStack and use vi/etc/keystone/keystone.conf to edit the configuration file. It is important to note that some of the commands in the OpenStack documentation cause errors because they open a new shell. You can avoid this error by running the following command, notice that you do not add Su–s:/bin/sh-c "Keystone-manage Db_sync" Keystone and then perform the following command to restart the Keystone services: Service Keystone Restart now the user must export both of these environment variables. This allows the user to temporarily allow tokens to pass Keystone authentication without using a user account. Export os_service_token=cde3aa151a5a7e048da9 os_service_endpoint=http://controller:35357/v2.0 Creating tenant, users, and roles This time I encountered an error 500 bug because I forgot to restart the Keystone service. In order to create Keystone, users, andRole, you need to first execute the following command: Keystone tenant-create--name admin--description "admin tenant" Keystone user-create--name admin--pass Admin_pass--email email_address continue to refer to the documentation provided by OpenStack and execute the following command: Keystone tenant-create--name service--description " Service Tenant "Create service entity" and API endpoint according to the documentation provided by OpenStack, the next step is to verify the operation, that is, to attempt to discover any errors. The validation operation is based on the documentation provided by OpenStack, and if you want to verify that the above operation is correct, you need to execute the following command: unset Os_service_token os_service_endpoint to ensure that the user name and password pass through the verification process, You can use the following command: Keystone--os-tenant-name admin--os-username admin--os-password admin_pass \ > --os-auth-url http:/ /controller:35357/v2.0 token-get The above command simulates the authentication process of the identity service and assigns a login token to the user. I received the following error message during my execution of the commands provided by OpenStack: The request is made requires authentication. (HTTP 401) (request-id:req-0550f2c3-9077-470b-95d8-ce4ff498ff8f) Error 401 indicates that the user did not pass the validation, which means I forgot to create the Administrator role using the following command. Keystone role-create--name Admin user can also use this command to check which roles the user has: Keystone user-role-list--user admin--tenant admin can be reset using the following command TOKEN environment variable: Export os_service_token=CDE3AA151A5A7E048DA9 export os_service_endpoint=http://controller:35357/v2.0 To fix this problem, I added the admin role to the Admin user: Keystone User-role-add--user Admin--tenant admin--role Admin can also use other Keystone commands-such as list--to debug in the current environment. This is also true for the next set of commands that will be installed: Create an OpenStack Client environment script You can configure environment variables if you do not want to run these commands with token or do not want to place them in the command business. Use the following command to create two script files. VI admin-openrc.sh Export os_tenant_name=admin export os_username=admin export Os_password=admin_pass export os_auth_ url=http://controller:35357/v2.0 VI demo-openrc.sh Export OS_TENANT_NAME=DEMO export Os_username=demo export OS_ Password=demo_pass Export os_auth_url=http://controller:5000/v2.0 executes the following command: source admin-openrc.sh add image Service (mirror Service) refer to this document to install glance, and then use the following command to create the database: Keystone user-create--name glance--pass glance_pass I got an error 401 message , but you can fix it with the following command: Export OS_SERVICE_TOKEN=CDE3AA151A5A7E048DA9 export os_service_endpoint=http://controller:35357/ v2.0 if you are using both shell and endpoint for authentication, you will receive the following prompt: "Warning, you can use token and terminal to bypass authentication (authentication credentials have been ignored.) ) "Continue to enter a series of commands as follows: Keystone Service-create--name glance--type image \ --description "OpenStack image Service" Keystone endpoint-create \ --service-id $ (Keystone Service-list | awk '/image/{print $} ') \ --publicurl http://controller:9292 \ --internalurl http ://controller:9292 \ --adminurl http://controller:9292 \ --region regionone apt-get Install glance Python-glanceclient at this point when you reference the OpenStack tutorial to edit the "/etc/glance/glance-api.conf" file, you also need rem out: #sqlite_db =/var/lib/glance/ Glance.sqlite Use these commands to replace this command: [Keystone_authtoken] #identity_uri = http://127.0.0.1:35357 #admin_tenant_name =% Service_tenant_name% #admin_user =%service_user% #admin_password =%service_password% #revocation_cache_time = 10 Auth_uri = http://controller:5000/v2.0 Identity_uri = http://controller:35357 admin_tenant_name = Service A Dmin_user = glance Admin_password = Glance_pass After completing the above operation, refer to the OpenStack tutorial to continue editing: vi/etc/glance/glance-registry.conf After entering the following command, omit Sh–c:/bin/sh-c "Glance-manage db_sync" glance at this time,I receive the following error message: CRITICAL glance [-] Dbconnectionerror: (Operationalerror) (2003, "Can ' t connect to MySQL server on ' control Ler ' (111)) None None This information indicates that I did not enter the correct format of the IP address, and did not execute the following command: flavor = keystone in [Paste_deploy] Verify operation according to the instructions of the verification operation, the user must first download a Lin UX image, then upload it to the image service using the following command: Glance image-create--name "cirros-0.3.3-x86_64"--file/tmp/images/ CIRROS-0.3.3-X86_64-DISK.IMG \ --disk-format qcow2--container-format bare--is-public True--progress After executing this command, I receive the following error message: Error 403
403 Forbidden
Access is denied to this resource.
To debug that, I ran: I ran the following command to Debug:glance Image-list but the program returned an error 500, so I restarted the Glance Service: Service GLANCE-REGISTR Y restart service GLANCE-API Restart adding compute services and deploying controller nodes I found the next part of the OpenStack tutorial to be very confusing. Because all the contents of the configuration file obtained through Apt-get are lost, in order to solve this problem, you can replace it with the following: [DEFAULT] verbose = True dhcpbridge_flagfile=/etc/nova/ nova.conf Dhcpbridge=/usr/bin/nova-dhcpbridge Logdir=/var/log/nova State_path=/var/lib/nova lock_path=/var/lock/ Nova force_dhcp_release=true libvirt_use_virtio_for_bridges=true verbose=true ec2_private_dns_show_ip=true api_ Paste_config=/etc/nova/api-paste.ini enabled_apis=ec2,osapi_compute,metadata my_ip = 127.0.0.1 Vncserver_listen = 127.0.0.1 vncserver_proxyclient_address = 127.0.0.1 Rpc_backend = Rabbit Rabbit_host = Controller Rabbit_password = Rabbit _pass auth_strategy = Keystone [Database] connection = Mysql://nova:[email protected]/nova [Keystone_authtoken] Auth_uri = http://controller:5000/v2.0 Identity_uri = http://controller:35357 Admin_tenant_name = Service Admin_user = Nova Admin_password = Nova_pass [glance] host = Controller Configures compute nodes to this section, the user has already edited "/etc/nova /nova.conf "" File now. The only thing to do now is to add the following two commands to the "DEFAULT" area: vnc_enabled = True Novncproxy_base_url = http://controller:6080/vnc_auto.html We've run the following command before:/bin/sh-c "Nova-manage db sync" Nova but it should still be run again, although it only shows the following information, nothing really works: No handlers could be found for L Ogger "Oslo_config.cfg" We can skip this part of neutron networking because we only deploy one machine and do not need to use a virtual interface. Add the Dashboard reference OpenStack tutorial to install Apache and configure OpenStack Dashboard in it so you can access the OpenStack command line interface tool. When you restart Apache, the following message should appear: AH00558:apache2:Could not reliably determine the server ' s fully qualified domain name, using 127. 0.0.1. Set the ' ServerName ' directive globally to suppress this message appears to be normal and can be ignored directly. If the user is using Ubuntu Server, you can install Unity Ubuntu Desktop to log in to dashboard. If the user is using Ubuntu Desktop, Unity Ubuntu is already installed by default in the virtual machine. By using an Ubuntu virtual machine as a bridging network, users can also access Apache from another virtual machine. You can use the following command to install the Unity Ubuntu:sudo apt-get install--no-install-recommends ubuntu-desktop The above operation does not install fiRefox or any browser, so users need to add a user to the Ubuntu command, and then use Visudo to give it root access, allowing the user to run the program. Figure A. Login Dashborad after viewing hypervisor and hardware usage, the user can log in dashboard with the same user ID and password as the "admin-openrc.sh" file.
TechTarget China original content, original link: http://www.searchvirtual.com.cn/showcontent_92815.htm
©techtarget China: http://www.techtarget.com.cn
Teach you how to install OpenStack incrementally