基于Ubuntu2504部署OpenStack E版

OpenStack

  • 初始化環境
    • 安裝數據庫、memcahe、rabbitmq等服務
    • 安裝keystone服務
    • 安裝glance服務
    • 安裝placement服務
    • 安裝nova服務
    • 安裝neutron服務
    • 安裝horizon服務

官網

在這里插入圖片描述

OpenStack Epoxy 鞏固了作為 VMware 替代方案的地位,增強了安全性,并改進了硬件支持

第 31 版的亮點包括 Nova 中 PCI 直通的改進、Watcher 中添加新的 Prometheus 數據源以及 Manila 中的新安全功能。
隨著 OpenStack 社區發布第 31 個版本 2025.1 Epoxy,OpenStack 的采用率正在飆升。 來自 BBC 研發中心、暴雪娛樂、Canonical、Cleura、愛立信、Mirantis、NVIDIA、Rackspace、Red Hat 和三星 SDS 等機構的約 450 名貢獻者構建了 Epoxy,提供了超過 7,600 項變更和廣泛的維護更新。此版本發布正值 OpenStack 社區成立 15 周年之際 。自2010 年以來,OpenStack 已提交超過 940,000 項變更,并已投入生產 4,500 萬個核心,OpenStack 仍然是最活躍的開源項目社區之一。

  • 強化OpenStack作為VMware的替代方案
    Watcher 中新增了 Prometheus 數據源。對于 VMware 遷移,通過 Watcher 將 Prometheus 集成到 OpenStack 中,可以高效監控現有的 VMware 基礎架構和遷移過程。這可以跟蹤遷移過程中的性能并識別瓶頸。
    此版本包含許多 Cinder 支持的存儲硬件驅動程序的功能和錯誤修復,包括 NetApp、PowerMax、LightBits、Fujitsu、PowerFlex、3par、StorPool、Pure Storage、Nimble 和 Hitachi。對各種 Cinder 驅動程序的改進支持意味著簡化了嚴重依賴特定存儲解決方案的工作負載的遷移。此外,遷移后,OpenStack 環境可以保持與現有存儲基礎架構的兼容性,從而使過渡更加順暢,并降低與存儲和數據可訪問性相關的風險。

  • 增強安全性
    Manila 用戶現在可以修改共享訪問規則的訪問級別,將其從“只讀”切換為“讀寫”,反之亦然。此功能可以更精確地控制哪些用戶可以修改和訪問共享資源。如果用戶可以將其訪問權限限制為只讀,則可以防止未經授權的修改,從而降低數據被意外或惡意更改的風險。
    馬尼拉用戶現在還可以通過共享網絡子網元數據設置和修改共享服務器特性。云管理員可以通過 driver_updatable_subnet_metadata 配置選項定義允許的修改內容。此項改進可實現更好的網絡隔離和分段,確保不同的數據集或應用程序被隔離在不同的子網中,從而降低發生違規時網絡內部橫向移動的風險。
    在 Octavia 中,用戶現在可以將自定義 Neutron 安全組與 Octavia Amphora 負載均衡器 VIP 端口結合使用。通過將特定安全組與負載均衡器的 VIP(虛擬 IP)端口關聯,您可以確保只有特定類型的流量才能到達負載均衡器,從而降低未經授權訪問的風險。

  • 提高硬件支持能力
    Ironic 新增了一個接口,支持將 bootc 容器鏡像直接部署到主機,無需任何中間步驟。這降低了復雜性,使運維人員和最終用戶的部署流程更加簡化。
    Nova 的 PCI 直通功能現已支持新的內核 vfio-PCI 變體驅動程序,例如 Ubuntu 24.04 上的 Nvidia GRID。操作員現在可以使用這些特定的 PCI 設備創建實例并進行實時遷移,從而增強 OpenStack 支持 AI 工作負載的能力。

初始化環境

單節點搭建

root@huhy:~# hostnamectlStatic hostname: huhyIcon name: computer-vmChassis: vm 🖴Machine ID: 3f78506c26d94d0fad063da03ea75679Boot ID: 06ec0de05bd449ce8e3a59d116855e8bProduct UUID: 4ef84d56-204b-38d6-0a02-5005f7746478AF_VSOCK CID: 4151600248Virtualization: vmware
Operating System: Ubuntu 25.04Kernel: Linux 6.14.0-15-genericArchitecture: x86-64Hardware Vendor: VMware, Inc.Hardware Model: VMware Virtual PlatformHardware Serial: VMware-56 4d f8 4e 4b 20 d6 38-0a 02 50 05 f7 74 64 78
Firmware Version: 6.00Firmware Date: Thu 2020-11-12Firmware Age: 4y 5month 6d
root@huhy:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host noprefixroutevalid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000link/ether 00:0c:29:74:64:78 brd ff:ff:ff:ff:ff:ffaltname enp2s1altname enx000c29746478inet 192.168.200.120/24 brd 192.168.200.255 scope global ens33valid_lft forever preferred_lft foreverinet6 fe80::20c:29ff:fe74:6478/64 scope link proto kernel_llvalid_lft forever preferred_lft forever
3: ens34: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000link/ether 00:0c:29:74:64:82 brd ff:ff:ff:ff:ff:ffaltname enp2s2altname enx000c29746482
  • 初始化環境:免密,主機名、時間同步
vi init.sh
#!/bin/bash# 定義節點信息
NODES=("192.168.200.120 controller root")# 定義當前節點的密碼(默認集群統一密碼)
HOST_PASS="000000"# 時間同步的目標節點
TIME_SERVER=controller# 時間同步的地址段
TIME_SERVER_IP=192.160.200.0/24# 歡迎界面
cat > /etc/motd <<EOF#################################    Welcome  to  openstack    #################################
EOF# 修改主機名
for node in "${NODES[@]}"; doip=$(echo "$node" | awk '{print $1}')hostname=$(echo "$node" | awk '{print $2}')# 獲取當前節點的主機名和 IPcurrent_ip=$(hostname -I | awk '{print $1}')current_hostname=$(hostname)# 檢查當前節點與要修改的節點信息是否匹配if [[ "$current_ip" == "$ip" && "$current_hostname" != "$hostname" ]]; thenecho "Updating hostname to $hostname on $current_ip..."hostnamectl set-hostname "$hostname"if [ $? -eq 0 ]; thenecho "Hostname updated successfully."elseecho "Failed to update hostname."fibreakfi
done# 遍歷節點信息并添加到 hosts 文件
for node in "${NODES[@]}"; doip=$(echo "$node" | awk '{print $1}')hostname=$(echo "$node" | awk '{print $2}')# 檢查 hosts 文件中是否已存在相應的解析if grep -q "$ip $hostname" /etc/hosts; thenecho "Host entry for $hostname already exists in /etc/hosts."else# 添加節點的解析條目到 hosts 文件sudo sh -c "echo '$ip $hostname' >> /etc/hosts"echo "Added host entry for $hostname in /etc/hosts."fi
doneif [[ ! -s ~/.ssh/id_rsa.pub ]]; thenssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa -q -b 2048
fi# 檢查并安裝 sshpass 工具
if ! which sshpass &> /dev/null; thenecho "sshpass 工具未安裝,正在安裝 sshpass..."sudo apt-get install -y sshpass
fi# 遍歷所有節點進行免密操作
for node in "${NODES[@]}"; doip=$(echo "$node" | awk '{print $1}')hostname=$(echo "$node" | awk '{print $2}')user=$(echo "$node" | awk '{print $3}')# 使用 sshpass 提供密碼,并自動確認密鑰sshpass -p "$HOST_PASS" ssh-copy-id -o StrictHostKeyChecking=no -i /root/.ssh/id_rsa.pub "$user@$hostname"
done# 時間同步
apt install -y chrony
if [[ $TIME_SERVER_IP == *$(hostname -I)* ]]; then# 配置當前節點為時間同步源sed -i '20,23s/^/#/g' /etc/chrony/chrony.confecho "server $TIME_SERVER iburst maxsources 2" >> /etc/chrony/chrony.confecho "allow $TIME_SERVER_IP" >> /etc/chrony/chrony.confecho "local stratum 10" >> /etc/chrony/chrony.conf
else# 配置當前節點同步到目標節點sed -i '20,23s/^/#/g' /etc/chrony/chrony.confecho "pool $TIME_SERVER iburst maxsources 2" >> /etc/chrony/chrony.conf
fi# 重啟并啟用 chrony 服務
systemctl restart chronyd
systemctl enable chronyecho "###############################################################"
echo "#################      集群初始化成功     #####################"
echo "###############################################################"

配置環境變量

mkdir /etc/openstack/
cat > /etc/openstack/openrc.sh << eof
#--------------------system Config--------------------##
#Controller Server Manager IP. example:x.x.x.x
HOST_IP=192.168.200.120#Controller HOST Password. example:000000
HOST_PASS=000000#Controller Server hostname. example:controller
HOST_NAME=controller#--------------------Rabbit Config ------------------##
#user for rabbit. example:openstack
RABBIT_USER=openstack#Password for rabbit user .example:000000
RABBIT_PASS=000000#--------------------MySQL Config---------------------##
#Password for MySQL root user . exmaple:000000
DB_PASS=000000#--------------------Keystone Config------------------##
#Password for Keystore admin user. exmaple:000000
DOMAIN_NAME=default
ADMIN_PASS=000000
DEMO_PASS=000000#Password for Mysql keystore user. exmaple:000000
KEYSTONE_DBPASS=000000#--------------------Glance Config--------------------##
#Password for Mysql glance user. exmaple:000000
GLANCE_DBPASS=000000#Password for Keystore glance user. exmaple:000000
GLANCE_PASS=000000#--------------------Placement Config----------------------##
#Password for Mysql placement user. exmaple:000000
PLACEMENT_DBPASS=000000#Password for Keystore placement user. exmaple:000000
PLACEMENT_PASS=000000#--------------------Nova Config----------------------##
#Password for Mysql nova user. exmaple:000000
NOVA_DBPASS=000000#Password for Keystore nova user. exmaple:000000
NOVA_PASS=000000#--------------------Neutron Config-------------------##
#Password for Mysql neutron user. exmaple:000000
NEUTRON_DBPASS=000000#Password for Keystore neutron user. exmaple:000000
NEUTRON_PASS=000000#metadata secret for neutron. exmaple:000000
METADATA_SECRET=000000#External Network Interface. example:eth1
INTERFACE_NAME=ens34#用于創建ovs網絡
OVS_NAME=br-ens34#External Network The Physical Adapter. example:provider
Physical_NAME=provider#First Vlan ID in VLAN RANGE for VLAN Network. exmaple:101
minvlan=1#Last Vlan ID in VLAN RANGE for VLAN Network. example:200
maxvlan=1000
eof
  • 查看客戶端版本
root@controller:~# openstack --version
openstack 7.4.0

安裝數據庫、memcahe、rabbitmq等服務

vi iaas-install-mysql.sh
#!/bin/bash
source /etc/openstack/openrc.sh
apt update
# install package
apt install -y python3-openstackclient
apt install -y mariadb-server python3-pymysqlcat > /etc/mysql/mariadb.conf.d/99-openstack.cnf << EOF
[mysqld]
bind-address = 0.0.0.0
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
EOFsystemctl enable --now mariadb
mysql -e "ALTER USER 'root'@'localhost' IDENTIFIED BY '$DB_PASS';"
mysql -uroot -p$DB_PASS -e "FLUSH PRIVILEGES"
systemctl restart mariadbapt install -y rabbitmq-server
rabbitmqctl add_user $RABBIT_USER $RABBIT_PASS
rabbitmqctl set_permissions $RABBIT_USER ".*" ".*" ".*"
systemctl enable --now rabbitmq-serverapt install -y memcached python3-memcache
sed -i 's/-l 127.0.0.1/-l 0.0.0.0/'g /etc/memcached.conf
systemctl enable --now memcached
echo "################# mariadb,rabbitmq,memcached installation completed ####################"
bash iaas-install-mysql.sh

安裝keystone服務

vi iaas-install-keystone.sh
#!/bin/bash
source /etc/openstack/openrc.sh#keystone mysql
mysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS keystone ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '$KEYSTONE_DBPASS' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '$KEYSTONE_DBPASS' ;"apt install -y keystone
cp /etc/keystone/keystone.conf{,.bak}cat > /etc/keystone/keystone.conf << eof
[DEFAULT]
log_dir = /var/log/keystone
[application_credential]
[assignment]
[auth]
[cache]
[catalog]
[cors]
[credential]
[database]
connection = mysql+pymysql://keystone:$KEYSTONE_DBPASS@$HOST_NAME/keystone
[domain_config]
[endpoint_filter]
[endpoint_policy]
[eventlet_server]
[extra_headers]
Distribution = Ubuntu
[federation]
[fernet_receipts]
[fernet_tokens]
[healthcheck]
[identity]
[identity_mapping]
[jwt_tokens]
[ldap]
[memcache]
[oauth1]
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[policy]
[profiler]
[receipt]
[resource]
[revoke]
[role]
[saml]
[security_compliance]
[shadow_users]
[token]
provider = fernet
[tokenless_auth]
[totp]
[trust]
[unified_limit]
[wsgi]
eofsu -s /bin/sh -c "keystone-manage db_sync" keystone
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
keystone-manage bootstrap --bootstrap-password $ADMIN_PASS \--bootstrap-admin-url http://$HOST_NAME:5000/v3/ \--bootstrap-internal-url http://$HOST_NAME:5000/v3/ \--bootstrap-public-url http://$HOST_NAME:5000/v3/ \--bootstrap-region-id RegionOneecho "ServerName $HOST_NAME" >> /etc/apache2/apache2.conf 
systemctl enable --now apache2cat > /etc/keystone/admin-openrc.sh << EOF
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=$ADMIN_PASS
export OS_AUTH_URL=http://$HOST_NAME:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
EOF
source /etc/keystone/admin-openrc.sh
openstack project create --domain default --description "Service Project" service
openstack token issue
echo "############################ keystone installation completed ###########################"
bash  iaas-install-keystone.sh
  • 查看版本
root@controller:~# keystone-manage --version
27.0.0

安裝glance服務

vi iaas-install-glance.sh
#!/bin/bash
source /etc/openstack/openrc.sh
source /etc/keystone/admin-openrc.sh#glance mysql
mysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS glance ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '$GLANCE_DBPASS' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '$GLANCE_DBPASS' ;"openstack user create --domain $DOMAIN_NAME --password $GLANCE_PASS glance
openstack role add --project service --user glance admin
openstack service create --name glance --description "OpenStack Image" image
openstack endpoint create --region RegionOne image public http://$HOST_NAME:9292
openstack endpoint create --region RegionOne image internal http://$HOST_NAME:9292
openstack endpoint create --region RegionOne image admin http://$HOST_NAME:9292apt install -y glance
cp /etc/glance/glance-api.conf{,.bak}cat > /etc/glance/glance-api.conf << eof
[DEFAULT]
[barbican]
[barbican_service_user]
[cinder]
[cors]
[database]
connection = mysql+pymysql://glance:$GLANCE_DBPASS@$HOST_NAME/glance
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
[image_format]
disk_formats = ami,ari,aki,vhd,vhdx,vmdk,raw,qcow2,vdi,iso,ploop.root-tar
[keystone_authtoken]
www_authenticate_uri = http://$HOST_NAME:5000
auth_url = http://$HOST_NAME:5000
memcached_servers = $HOST_NAME:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = $GLANCE_PASS
[paste_deploy]
flavor = keystone
eofsu -s /bin/sh -c "glance-manage db_sync" glance
systemctl enable --now glance-api
systemctl restart glance-api
echo "########################## glance installation completed ###############################"
bash iaas-install-glance.sh
  • 查看版本
root@controller:~# glance-manage --version
30.0.0

安裝placement服務

vi iaas-install-placement.sh
#!/bin/bash
source /etc/openstack/openrc.sh
source /etc/keystone/admin-openrc.sh#placement mysql
mysql -uroot -p$DB_PASS -e "CREATE DATABASE placement;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' IDENTIFIED BY '$PLACEMENT_DBPASS';"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' IDENTIFIED BY '$PLACEMENT_DBPASS';"openstack user create --domain $DOMAIN_NAME --password $PLACEMENT_PASS placement
openstack role add --project service --user placement admin
openstack service create --name placement --description "Placement API" placement
openstack endpoint create --region RegionOne placement public http://$HOST_NAME:8778
openstack endpoint create --region RegionOne placement internal http://$HOST_NAME:8778
openstack endpoint create --region RegionOne placement admin http://$HOST_NAME:8778apt install -y placement-apicp /etc/placement/placement.conf{,.bak}
cat > /etc/placement/placement.conf << eof
[DEFAULT]
[api]
auth_strategy = keystone
[cors]
[keystone_authtoken]
auth_url = http://$HOST_NAME:5000/v3
memcached_servers = $HOST_NAME:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = placement
password = $PLACEMENT_PASS
[placement_database]
connection = mysql+pymysql://placement:$PLACEMENT_DBPASS@$HOST_NAME/placement
eofsu -s /bin/sh -c "placement-manage db sync" placement
systemctl restart apache2
placement-status upgrade check
echo "############################# placement installation completed #########################"
 bash iaas-install-placement.sh
  • 查看版本
root@controller:~# placement-manage --version
13.0.0

安裝nova服務

vi iaas-install-nova-controller.sh
#!/bin/bash
source /etc/openstack/openrc.sh
source /etc/keystone/admin-openrc.shmysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS nova ;"
mysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS nova_api ;"
mysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS nova_cell0 ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '$NOVA_DBPASS' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '$NOVA_DBPASS' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY '$NOVA_DBPASS' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY '$NOVA_DBPASS' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY '$NOVA_DBPASS' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY '$NOVA_DBPASS' ;"openstack user create --domain $DOMAIN_NAME --password $NOVA_PASS nova
openstack role add --project service --user nova admin
openstack service create --name nova --description "OpenStack Compute" compute
openstack endpoint create --region RegionOne compute public http://$HOST_NAME:8774/v2.1
openstack endpoint create --region RegionOne compute internal http://$HOST_NAME:8774/v2.1
openstack endpoint create --region RegionOne compute admin http://$HOST_NAME:8774/v2.1apt install -y nova-api nova-conductor nova-novncproxy nova-scheduler
apt install -y nova-compute
cp /etc/nova/nova.conf{,.bak}
cat > /etc/nova/nova.conf << eof
[DEFAULT]
log_dir = /var/log/nova
lock_path = /var/lock/nova
state_path = /var/lib/nova
transport_url = rabbit://$RABBIT_USER:$RABBIT_PASS@$HOST_NAME
my_ip = $HOST_IP
[api]
auth_strategy = keystone
[api_database]
connection = mysql+pymysql://nova:$NOVA_DBPASS@$HOST_NAME/nova_api
[barbican]
[barbican_service_user]
[cache]
[cinder]
[compute]
[conductor]
[console]
[consoleauth]
[cors]
[cyborg]
[database]
connection = mysql+pymysql://nova:$NOVA_DBPASS@$HOST_NAME/nova
[devices]
[ephemeral_storage_encryption]
[filter_scheduler]
[glance]
api_servers = http://$HOST_NAME:9292
[guestfs]
[healthcheck]
[hyperv]
[image_cache]
[ironic]
[key_manager]
[keystone]
[keystone_authtoken]
www_authenticate_uri = http://$HOST_NAME:5000/
auth_url = http://$HOST_NAME:5000/
memcached_servers = $HOST_NAME:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = $NOVA_PASS
[libvirt]
[metrics]
[mks]
[neutron]
[notifications]
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[oslo_reports]
[pci]
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://$HOST_NAME:5000/v3
username = placement
password = $PLACEMENT_PASS
[powervm]
[privsep]
[profiler]
[quota]
[rdp]
[remote_debug]
[scheduler]
[serial_console]
[service_user]
[spice]
[upgrade_levels]
[vault]
[vendordata_dynamic_auth]
[vmware]
[vnc]
enabled = true
server_listen = $HOST_IP
server_proxyclient_address = $HOST_IP
novncproxy_base_url = http://$HOST_IP:6080/vnc_auto.html
[workarounds]
[wsgi]
[zvm]
[cells]
enable = False
[os_region_name]
openstack = 
eofsu -s /bin/sh -c "nova-manage api_db sync" nova
su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
su -s /bin/sh -c "nova-manage db sync" nova
su -s /bin/sh -c "nova-manage cell_v2 list_cells" novasystemctl enable --now nova-api
systemctl enable --now nova-scheduler
systemctl enable --now nova-conductor
systemctl enable --now nova-novncproxycat > /root/nova-service-restart.sh <<EOF 
#!bin/bash
# 處理api服務
service nova-api restart
# 處理資源調度服務
service nova-scheduler restart
# 處理數據庫服務
service nova-conductor restart
# 處理vnc遠程窗口服務
service nova-novncproxy restart
# 處理nova-compute服務
service nova-compute restart
EOF
nova-manage cell_v2 discover_hosts
nova-manage cell_v2 map_cell_and_hosts
bash /root/nova-service-restart.sh
echo "############################# nova installation completed ##############################"
bash iaas-install-nova-controller.sh
  • 查看版本
root@controller:~# nova-manage --version
31.0.0

安裝neutron服務

vi iaas-install-neutron-controller.sh
#!/bin/bash
source /etc/openstack/openrc.sh
source /etc/keystone/admin-openrc.shmysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS neutron ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '$NEUTRON_DBPASS' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '$NEUTRON_DBPASS' ;"openstack user create --domain $DOMAIN_NAME --password $NEUTRON_PASS neutron
openstack role add --project service --user neutron admin
openstack service create --name neutron --description "OpenStack Networking" network
openstack endpoint create --region RegionOne network public http://$HOST_NAME:9696
openstack endpoint create --region RegionOne network internal http://$HOST_NAME:9696
openstack endpoint create --region RegionOne network admin http://$HOST_NAME:9696cat >> /etc/sysctl.conf << EOF
# 用于控制系統是否開啟對數據包源地址的校驗,關閉
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0
# 開啟二層轉發設備
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
EOF
modprobe br_netfilter
sysctl -papt install -y neutron-server neutron-plugin-ml2  neutron-l3-agent neutron-dhcp-agent  neutron-metadata-agent neutron-openvswitch-agentcp /etc/neutron/neutron.conf{,.bak}
cat > /etc/neutron/neutron.conf << eof
[DEFAULT]
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = true
auth_strategy = keystone
state_path = /var/lib/neutron
dhcp_agent_notification = true
allow_overlapping_ips = true
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
transport_url = rabbit://$RABBIT_USER:$RABBIT_PASS@$HOST_NAME
[agent]
root_helper = "sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf"
[database]
connection = mysql+pymysql://neutron:$NEUTRON_DBPASS@$HOST_NAME/neutron
[keystone_authtoken]
www_authenticate_uri = http://$HOST_NAME:5000
auth_url = http://$HOST_NAME:5000
memcached_servers = $HOST_NAME:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = $NEUTRON_PASS
[nova]
auth_url = http://$HOST_NAME:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = $NOVA_PASS
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
eofcp  /etc/neutron/plugins/ml2/ml2_conf.ini{,.bak}
cat > /etc/neutron/plugins/ml2/ml2_conf.ini << eof
[DEFAULT]
[ml2]
type_drivers = flat,vlan,vxlan,gre
tenant_network_types = vxlan
mechanism_drivers = openvswitch,l2population
extension_drivers = port_security
[ml2_type_flat]
flat_networks = $Physical_NAME
[ml2_type_geneve]
[ml2_type_gre]
[ml2_type_vlan]
[ml2_type_vxlan]
vni_ranges = $minvlan:$maxvlan
[ovs_driver]
[securitygroup]
enable_ipset = true
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[sriov_driver]
eofcp /etc/neutron/plugins/ml2/openvswitch_agent.ini{,.bak}
cat > /etc/neutron/plugins/ml2/openvswitch_agent.ini << eof
[DEFAULT]
[agent]
l2_population = True
tunnel_types = vxlan
prevent_arp_spoofing = True
[dhcp]
[network_log]
[ovs]
local_ip = $HOST_IP
bridge_mappings = $Physical_NAME:$OVS_NAME
[securitygroup]
eofcp /etc/neutron/l3_agent.ini{,.bak}
cat > /etc/neutron/l3_agent.ini << eof
[DEFAULT]
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
external_network_bridge =
[agent]
[network_log]
[ovs]
eofcp /etc/neutron/dhcp_agent.ini{,.bak}
cat > /etc/neutron/dhcp_agent.ini << eof
[DEFAULT]
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = True
[agent]
[ovs]
eofcp  /etc/neutron/metadata_agent.ini{,.bak}
cat > /etc/neutron/metadata_agent.ini << eof
[DEFAULT]
nova_metadata_host = $HOST_NAME
metadata_proxy_shared_secret = $METADATA_SECRET
[agent]
[cache]
eofsed -i '2s/.*/linuxnet_interface_driver = nova.network.linux_net.LinuxOVSlnterfaceDriver\n&/' /etc/nova/nova.conf
sed -i "50s/.*/auth_url = http:\/\/$HOST_NAME:5000\nauth_type = password\nproject_domain_name = default\nuser_domain_name = default\nregion_name = RegionOne\nproject_name = service\nusername = neutron\npassword = $NEUTRON_PASS\nservice_metadata_proxy = true\nmetadata_proxy_shared_secret = $METADATA_SECRET\n&/" /etc/nova/nova.confsu -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutronsystemctl restart nova-apiovs-vsctl add-br $OVS_NAME
ovs-vsctl add-port $OVS_NAME $INTERFACE_NAMEsystemctl enable --now neutron-server
systemctl enable --now neutron-openvswitch-agent
systemctl enable --now neutron-dhcp-agent
systemctl enable --now neutron-metadata-agent
systemctl enable --now neutron-l3-agentcat > /root/neutron-service-restart.sh  <<EOF
#!bin/bash
# 提供neutron服務
service neutron-server restart
# 提供ovs服務
service neutron-openvswitch-agent restart
# 提供地址動態服務
service neutron-dhcp-agent restart
# 提供元數據服務
service neutron-metadata-agent restart
# 提供三層網絡服務
service neutron-l3-agent restart
EOF
bash /root/neutron-service-restart.sh
echo "######################### neutron installation completed ###############################"
bash iaas-install-neutron-controller.sh
  • 查看版本
root@controller:~# neutron-server --version
This program is using eventlet and has been monkey_patched
neutron-server 26.0.0

安裝horizon服務

vi iaas-install-horizon.sh
#!/bin/bash
source /etc/openstack/openrc.sh
source /etc/keystone/admin-openrc.shapt install -y openstack-dashboardcp /etc/openstack-dashboard/local_settings.py{,.bak}
sed -i '126s/.*/OPENSTACK_HOST = "'$HOST_NAME'"/' /etc/openstack-dashboard/local_settings.py
sed -i '112s/.*/SESSION_ENGINE = '\''django.contrib.sessions.backends.cache'\''/' /etc/openstack-dashboard/local_settings.py
sed -i '127s#.*#OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST#' /etc/openstack-dashboard/local_settings.py
echo "OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True" >> /etc/openstack-dashboard/local_settings.py
echo "OPENSTACK_API_VERSIONS = {\"identity\": 3,\"image\": 2,\"volume\": 3,
}" >> /etc/openstack-dashboard/local_settings.py
echo "OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = \"Default\"" >> /etc/openstack-dashboard/local_settings.py
echo 'OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"' >> /etc/openstack-dashboard/local_settings.py
echo "OPENSTACK_CINDER_FEATURES = {'enable_backup': True,
}" >> /etc/openstack-dashboard/local_settings.py
sed -i '131s/.*/TIME_ZONE = "Asia\/Shanghai"/' /etc/openstack-dashboard/local_settings.pysystemctl reload apache2
echo "######################### horizon installation completed ###############################"
bash iaas-install-horizon.sh
  • 瀏覽器訪問web服務:IP/horizon(admin/000000)

在這里插入圖片描述
在這里插入圖片描述

本文來自互聯網用戶投稿,該文觀點僅代表作者本人,不代表本站立場。本站僅提供信息存儲空間服務,不擁有所有權,不承擔相關法律責任。
如若轉載,請注明出處:http://www.pswp.cn/news/902051.shtml
繁體地址,請注明出處:http://hk.pswp.cn/news/902051.shtml
英文地址,請注明出處:http://en.pswp.cn/news/902051.shtml

如若內容造成侵權/違法違規/事實不符,請聯系多彩編程網進行投訴反饋email:809451989@qq.com,一經查實,立即刪除!

相關文章

可發1區的超級創新思路(python 、MATLAB實現):基于多尺度注意力TCN-KAN與小波變換的時間序列預測模型

一、數學模型與原理 1.1 小波變換多尺度分解 輸入功率序列 x(t) 經小波變換分解為近似系數 Aj? 與細節系數 Dj?: 1.2 多尺度TCN特征提取 對每個尺度子序列 {A3?,D3?,D2?,D1?} 采用獨立TCN: 式中 ?d? 為擴張率 d=2l 的擴張卷積,Wd? 為可學習參數。 1.3 多尺度注…

YOLOv11改進有效漲點專欄:從理論到實戰的深度優化指南

## YOLOv11的進化之路 在目標檢測領域,YOLO系列算法始終保持著革命性的創新步伐。YOLOv11作為該系列的最新演進版本,在保持實時檢測優勢的同時,通過架構層面的深度優化實現了精度與速度的平衡。本文將從**七大核心模塊**出發,系統性地解析針對YOLOv11的有效改進方案,涵蓋從…

Cursor新版0.49.x發布

小子看到 Cursor 0.49.x 版本正式發布&#xff0c;截止今天已經有兩個小patch版本&#xff01;本次更新聚焦于 自動化Rules生成、改進的 Agent Terminal 以及 MCP 圖像支持&#xff0c;并帶來了一系列旨在提升編碼效率和協作能力的改進與修復。 以下是本次更新的詳細內容&…

《手環表帶保養全攻略:材質、清潔與化學品避坑指南》

系列文章目錄 文章目錄 系列文章目錄前言一、表帶材質特性與專屬養護方案二、清潔劑使用紅黑榜三、家庭清潔實驗&#xff1a;化學反應警示錄四、保養實踐方法論總結 前言 手環作為現代生活的智能伴侶&#xff0c;表帶材質選擇豐富多樣。從柔軟親膚的皮質到耐用耐磨的金屬&…

實現批量圖片文字識別(python+flask+EasyOCR)

話不多說,向上效果圖 1)先說框架版本 為什么要先說框架版本呢,因為我在各種版本中嘗試了兩天,總算確定了如下版本適合我,至于其他的版本,各位自己去嘗試 python 3.9.7 EasyOCR 1.7.2 flask 3.0.3 2)執行操作效果圖 2.1)多選文件 2.2)圖片預覽 2.3)提取選中文件 2.4)提取所有文…

國產GPU生態現狀評估:從寒武紀到壁仞的編程適配挑戰

近年來&#xff0c;國產GPU廠商在硬件性能上持續突破&#xff0c;但軟件生態的構建仍面臨嚴峻挑戰。本文以寒武紀、壁仞等代表性企業為例&#xff0c;對比分析其與CUDA生態的兼容性差異&#xff0c;并探討技術突圍路徑。 一、編程適配的核心挑戰 ?編程模型差異與開發成本? …

YOLOv8 Bug 及解決方案匯總 【2024.1.24更新】【環境安裝】【訓練 斷點續訓】OMPError / KeyError

YOLOv8 Bug 及解決方案匯總&#xff1a;深入解析與應對 引言 YOLOv8作為一款高性能的目標檢測算法&#xff0c;在實際應用中難免會遇到各種各樣的問題。本文將對YOLOv8常見的Bug進行匯總&#xff0c;并提供相應的解決方案&#xff0c;旨在幫助開發者更好地使用和優化YOLOv8。…

面試算法高頻08-動態規劃-02

動態規劃練習題 題目描述 給定兩個字符串 text1 和 text2&#xff0c;要求返回這兩個字符串的最長公共子序列。例如對于字符串 “ABAZDC” 和 “BACBAD”&#xff0c;需找出它們最長的公共子序列。子序列是指在不改變其余字符相對位置的情況下&#xff0c;從原始字符串中刪除…

【人工智能學習-01-01】20250419《數字圖像處理》復習材料的word合并PDF,添加頁碼

前情提要 20250419今天是上師大繼續教育人工智能專升本第一學期的第一次線下課。 三位老師把視頻課的內容提煉重點再面授。&#xff08;我先看了一遍視頻&#xff0c;但是算法和圖像都看不懂&#xff0c;后來就直接掛分刷滿時間&#xff0c;不看了&#xff09; 今天是面對面授…

AI寫代碼工具分享:Cursor 高效使用攻略與實戰秘籍

寫在前面 在軟件開發領域,效率和生產力是永恒的追求。集成開發環境(IDE)作為開發者的核心工具,其能力直接影響著開發速度和質量。近年來,人工智能(AI)的浪潮席卷了各個行業,編程領域也不例外。Cursor IDE 正是這股浪潮中的佼佼者,它以 AI-First 的理念,在廣受歡迎的…

守護進程編程

守護進程編程 守護進程的含義 定義 守護進程&#xff08;Daemon Process&#xff09;是在后臺運行的進程&#xff0c;它獨立于控制終端并且周期性地執行某種任務或等待處理某些發生的事件。守護進程是一種很有用的進程&#xff0c;它在系統后臺運行&#xff0c;為系統或其他…

在復雜性的迷宮里尋找路標 —— 讀《人月神話》有感

初讀《人月神話》時&#xff0c;正值參與的第一個大型項目陷入泥潭&#xff1a;需求像不斷膨脹的氣球&#xff0c;團隊規模從 10 人擴充到 30 人&#xff0c;進度卻像被灌了鉛的鐘表&#xff0c;指針越來越沉重。布魯克斯在書中寫下的 "向進度落后的項目增加人力&#xff…

SpringCloud Alibaba微服務工程搭建

前言 在講微服務工程的搭建之前&#xff0c;我們先分析下為什么要使用微服務呢&#xff1f; 1、單體應用的痛點 維護困難&#xff1a;代碼臃腫&#xff0c;牽一發而動全身。擴展性差&#xff1a;無法按需擴展特定功能&#xff0c;只能整體擴容。技術棧僵化&#xff1a;難以引…

flutter json解析增強

依賴:xxf_json 反序列化兼容特征一覽表 類型\是否兼容 int double num string bool int yes yes yes yes yes double yes yes yes yes yes num yes yes yes yes yes string yes yes yes yes yes bool yes yes yes yes yes 專業詞語 .g…

Neo4j初解

Neo4j 是目前應用非常廣泛的一款高性能的 NoSQL 圖數據庫&#xff0c;其設計和實現專門用于存儲、查詢和遍歷由節點&#xff08;實體&#xff09;、關系&#xff08;邊&#xff09;以及屬性&#xff08;鍵值對&#xff09;構成的圖形數據模型。它的核心優勢在于能夠以一種自然且…

學習MySQL的第十天

一、MySQL的數據類型 1.MySQL的數據類型 2.常見的數據類型的屬性 二、整數類型 三、浮點類型 REAL默認就是DOUBLE。如果你把SQL模式設定為啟用“REAL_AS_FLOAT”,那么,MySQL就認為REAL是FLOAT。如果要啟用“REAL_AS_FLOAT”,可以通過以下SQL語句實現: SET sql_mode &…

ubuntu24.04上使用qemu+buildroot+uboot+linux+tftp+nfs模擬搭建vexpress-ca9嵌入式linux開發環境

1 準備工作 1.1 安裝依賴工具 sudo apt-get update && sudo apt-get install build-essential git bc flex libncurses5-dev libssl-dev device-tree-compiler1.2 安裝arm交叉編譯工具鏈 sudo apt install gcc-arm-linux-gnueabihf安裝之后&#xff0c;在終端輸入ar…

ubuntu 22.04 使用ssh-keygen創建ssh互信賬戶

現有兩臺ubuntu 22.04服務器&#xff0c;ip分別為192.168.66.88和192.168.88.66。需要將兩臺服務器創建新用戶并將新用戶做互信。 創建賬戶 adduser user1 # 如果此用戶不想使用密碼&#xff0c;直接一直回車就行&#xff0c;創建的用戶是沒法使用用戶密碼進行登陸的 su - …

【PCIE配置空間】

1 PCIE配置空間 1.1 軟件如何知道PCIE設備是Swith&#xff0c;RC還是EP&#xff1f; –軟件通過讀取寄存器信息。 PCIE配置空間? PCIE寄存器&#xff1b;--PCIE配置協議規定必須實現的空間。--PCIE存在兩種配置空間Type0/Type1;--Type0配置空間EP設備必須實現&#xff1b;-…

Android 熱點二維碼簡單示例

Android 熱點二維碼簡單示例 一、前言 Android 原生設置有熱點二維碼分享功能&#xff0c;有些系統應用也會有這個需求。 下面看看是如何實現的。 本文是一個比較簡單的內容。 二、熱點二維碼生成實現 1、效果 整個應用就一個普通的Activity&#xff0c;顯示一個按鈕和二維…