[问题篇]VMWare搭建Openstack——执行自动化Linux Shell 创建Admin Tenant User报错
最近在写基于OpenStack部署的自动化部署脚本,我没有使用官方推荐的工具,由于目前没有足够多的时间,学习成本比较高,还是自己写Linux Shell来的比较快,而且比较灵活,也不复杂,不过这个东西说起来简单,对于一个没有Linux Shell经验的人来说,还是比较耗费时间的。目前针对三个节点的脚本已经整理完毕,可能里面还需要优化,但是在执行控制节点,特别是在执行Keystone创建admin的tenant user时,系统老是报错。
先看一下我的keystone脚本
#===============================================================
#
#Controller Node Install And Configuate KeyStone
#
#===============================================================
echo "*"
echo "*"
echo "************Controller Node Install And Configuate KeyStone********"
echo "*"
sudo apt-get install keystone
sleep 3s
echo "*"
echo "==============================update connection in keystone.conf"
sudo sed -i '/connection = .*/{s|sqlite:///.*|mysql://'"$keystone_db_user"':'"$keystone_db_pass"'@'"$controller"'/keystone|g}'\
/etc/keystone/keystone.conf
echo "*"
echo "==============================RM keystone.db"
export keystone_db="/var/lib/keystone/keystone.db"
if [ -f "$keystone_db" ]; then
sudo rm "$keystone_db"
echo "successfull===========rm keystone db"
fi
echo "*"
echo "==============Start to Create KeyStone MySQLinfo======================="
sudo mysql -uroot -p$root_pass -e 'CREATE DATABASE keystone;'
sudo mysql -uroot -p$root_pass -e "CREATE USER $keystone_db_user;"
sudo mysql -uroot -p$root_pass -e "GRANT ALL PRIVILEGES ON keystone.* TO '$keystone_db_user'@'localhost' IDENTIFIED BY '$keystone_db_pass';"
sudo mysql -uroot -p$root_pass -e "GRANT ALL PRIVILEGES ON keystone.* TO '$keystone_db_user'@'%' IDENTIFIED BY '$keystone_db_pass';"
sudo mysql -uroot -p$root_pass -e "SET PASSWORD FOR '$keystone_db_user'@'%' = PASSWORD('$keystone_db_pass');"
echo "Successfull============== Create KeyStone MySQLinfo======================="
echo "*"
echo "==============Start to Sync KeyStone DB======================="
su -s /bin/sh -c "keystone-manage db_sync" keystone
echo "*"
echo "==============Start to configuate keystone.conf======================="
sudo sed -i -e " s/#admin_token=ADMIN/admin_token=$admin_token/g" /etc/keystone/keystone.conf
sudo sed -i "/log_dir/a log_dir = /var/log/keystone" /etc/keystone/keystone.conf
echo "*"
sudo service keystone restart
sleep 3s
sudo service keystone restart
echo "*"
echo "==============Start to crontab keystone token======================="
(crontab -l -u keystone 2>&1 | grep -q token_flush) || echo '@hourly /usr/bin/keystone-manage token_flush >/var/log/keystone/keystone-tokenflush.log 2>&1' >> /var/spool/cron/crontabs/keystone
echo "*"
export OS_SERVICE_TOKEN=$admin_token
echo $OS_SERVICE_TOKEN
export OS_SERVICE_ENDPOINT=http://$controller:35357/v2.0
echo $OS_SERVICE_ENDPOINT
echo "*"
#***************************************************************
#Create Admin/DEMO tenant user role
#***************************************************************
echo "==============Create demo tenant user role======================="
export demo_pass=demo
keystone user-create --name=demo --pass=$demo_pass --email=demo@test.com
keystone tenant-create --name=demo --description="Demo Tenant"
keystone user-role-add --user=demo --role=_member_ --tenant=demo
echo "==============Create Admin tenant user role======================="
keystone user-create --name=admin --pass=$admin_pass --email=admin@test.com
keystone role-create --name=admin
keystone tenant-create --name=admin --description="Admin Tenant"
keystone user-role-add --user=admin --tenant=admin --role=admin
keystone user-role-add --user=admin --role=_member_ --tenant=admin
echo "==============Create a service tenant======================="
keystone tenant-create --name=service --description="Service Tenant"
echo "==============Define services and API endpoints======================="
keystone service-create --name=keystone --type=identity \
--description="OpenStack Identity"
keystone endpoint-create \
--service-id=$(keystone service-list | awk '/ identity / {print $2}') \
--publicurl=http://$controller:5000/v2.0 \
--internalurl=http://$controller:5000/v2.0 \
--adminurl=http://$controller:35357/v2.0
echo "==============Verify the Identity Service installation======================="
unset OS_SERVICE_TOKEN OS_SERVICE_ENDPOINT
echo "*"
echo "==============Create admin openrc======================="
sudo touch /root/admin-openrc.sh
cat >/root/admin-openrc.sh << EOF
export OS_USERNAME=admin
export OS_PASSWORD=$admin_pass
export OS_TENANT_NAME=admin
export OS_AUTH_URL=http://$controller:35357/v2.0
EOF
echo "*"
echo "==============Create demo openrc ======================="
sudo touch /root/demo-openrc.sh
cat >/root/demo-openrc.sh << EOF
export OS_USERNAME=demo
export OS_PASSWORD=$demo_pass
export OS_TENANT_NAME=demo
export OS_AUTH_URL=http://$controller:35357/v2.0
EOF
echo "*"
</pre><pre>
关于环境变量,我就不再一一说明了,主要是执行如下信息报错
export OS_SERVICE_TOKEN=$admin_token
echo $OS_SERVICE_TOKEN
export OS_SERVICE_ENDPOINT=http://$controller:35357/v2.0
echo $OS_SERVICE_ENDPOINT
echo "*"
#***************************************************************
#Create Admin/DEMO tenant user role
#***************************************************************
echo "==============Create Admin tenant user role======================="
keystone user-create --name=admin --pass=$admin_pass --email=admin@test.com
错误提示:Unable to establish connection to http://192.168.3.180:35357/v2.0/users,但是后面的创建租户,角色都能成功完成。
==============Start to crontab keystone token=======================
*
SuperMap_Token
http://192.168.3.180:35357/v2.0
*
==============Create Admin tenant user role=======================
Unable to establish connection to http://192.168.3.180:35357/v2.0/users
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| id | e6c5404ecb334ea1877b831250da7604 |
| name | admin |
+----------+----------------------------------+
+-------------+----------------------------------+
| Property| Value |
+-------------+----------------------------------+
| description | Admin Tenant |
| enabled | True |
| id | 4e426e76ab334e019afcef948e99d6d8 |
| name | admin |
+-------------+----------------------------------+
No user with a name or ID of 'admin' exists.
No user with a name or ID of 'admin' exists.
==============Create demo tenant user role=======================
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
|email | demo@test.com |
| enabled| True |
| id | 68c02b4a38024c1c849edc55abae79c4 |
| name | demo |
| username | demo |
+----------+----------------------------------+
然后查看日志都是警告
2015-06-23 09:24:20.830 6356 WARNING keystone.openstack.common.versionutils [-] Deprecated: keystone.middleware.core.XmlBodyMiddleware is deprecated as of Icehouse in favor of support for "application/json" only and may be removed in K.
2015-06-23 09:24:23.929 6372 WARNING keystone.openstack.common.versionutils [-] Deprecated: keystone.middleware.core.XmlBodyMiddleware is deprecated as of Icehouse in favor of support for "application/json" only and may be removed in K.
2015-06-23 09:24:24.900 6372 WARNING keystone.common.wsgi [-] Could not find user, admin.
2015-06-23 09:24:25.040 6372 WARNING keystone.common.wsgi [-] Could not find user, admin.
2015-06-23 09:24:25.485 6372 WARNING keystone.common.wsgi [-] Could not find user, demo.
2015-06-23 09:24:25.501 6372 WARNING keystone.common.wsgi [-] Could not find role, _member_.
2015-06-23 09:24:25.509 6372 WARNING keystone.common.wsgi [-] Could not find project, demo.
在网上查了半天,也没有有什么有用的信息。最后跟同事交流,发现执行这个操作前面有一个keystone服务的重启,是否是keystone启动完毕,立即执行创建租户用户导致的问题呢?
sudo service keystone restart
sleep 3s
sudo service keystone restart
sleep 5s
果断在服务重启后,等待5s,重新测试,成功!
这些小细节真的不好把握,而且在OpenStack的部署过程中,有几个服务每次都要启动两次才能成功,我记得比较深刻的是nova-compute和neutron-l3-agent,所以,每次重启服务,我都启动两遍,这样也会避免这个问题,现在每次服务启动后,都等待几秒钟,这样会避免很多不必要的问题。
版权声明:本文为博主原创文章,未经博主允许不得转载。
页:
[1]