环境准备
1、首先规划网络
外部网络
公共网络,外部或Internet可以访问的网络
内部网络
私有网络,仅内部访问的网络
管理网络,用于OpenStack组件以及MySQL DB Server, RabbitMQ messaging server之间的通信
2、openstack部署 - 硬件要求
实验环境:至少两台机器。
控制节点:
Controller Node: 1 processor, 2 GB memory, and 5 GB storage
计算节点:
Compute Node: 1 processor, 2 GB memory, and 10 GB storage
有条件的可以单独一台
网络节点:Network Node: 1 processor, 512MB memory, and 5 GB storage
我这里把网络配置在控制节点
注:安装虚拟机要记得开启cpu虚拟化,系统Centos 7,2块网卡(NAT和仅主机)
NAT提供网络;仅主机用于远程管理
3、openstack部署 - 前期准备
- 临时关闭selinux
setenforce 0
- 关闭iptables
systemctl stop firewalld #停止服务
systemctl disable firewalld #取消开机启动
- 关闭NetworkManager
systemctl stop NetworkManager
systemctl disable NetworkManager
4、网卡配置
控制节点
NAT网卡
TYPE=Ethernet
BOOTPROTO=static #改为static静态获取ip
DEFROUTE=yes
PEERDNS=yes #yes会修改/etc/resolv.conf配置的DNS,no不会
PEERROUTES=yes
NAME=eno16777736
UUID=634a4cf5-5b85-422d-88b7-cb7df0d35841
DEVICE=eno16777736
ONBOOT=yes #改为yes
IPADDR0=192.168.100.20
PREFIXP0=24
GATEWAY0=192.168.100.1
DNS1=8.8.8.8
DNS2=8.8.4.4 仅主机网卡
TYPE=Ethernet
BOOTPROTO=static
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
NAME=eno33554984
DEVICE=eno33554984
ONBOOT=yes
IPADDR0=192.168.10.20
PREFIXP0=24
GATEWAY0=192.168.10.1
计算节点
NAT网卡
TYPE=Ethernet
BOOTPROTO=static
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
NAME=eno16777736
UUID=634a4cf5-5b85-422d-88b7-cb7df0d35841
DEVICE=eno16777736
ONBOOT=yes
IPADDR0=192.168.100.21
PREFIXP0=24
GATEWAY0=192.168.100.1
DNS1=8.8.8.8
DNS2=8.8.4.4仅主机网卡
TYPE=Ethernet
BOOTPROTO=static
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
NAME=eno33554984
DEVICE=eno33554984
ONBOOT=yes
IPADDR0=192.168.10.21
PREFIXP0=24
GATEWAY0=192.168.10.1 配置完后重启网络
systemctl restart network
5、两台机器,设置hostname
hostnamectl set-hostname controller
hostnamectl set-hostname compute
vim /etc/hostname
编辑/etc/hosts:
192.168.10.20 controller #控制节点
192.168.10.21 compute #计算节点
6、同步时间:
controller上:
yum install -y chrony
vim /etc/chrony.conf
增加或更改:allow 192.168.100.0/24
systemctl enable chronyd.service #设置开机启动
systemctl start chronyd.service #启动服务,也支持stop ,restart
compute上:
yum install -y chrony
vim /etc/chrony.conf
增加或更改: server controller iburst
systemctl enable chronyd.service
systemctl start chronyd.service
查看时间同步源:# chronyc sources -v
[root@compute ~]# chronyc sources -v
210 Number of sources = 5
.-- Source mode '^' = server, '=' = peer, '#' = local clock.
/ .- Source state '*' = current synced, '+' = combined , '-' = not combined,
| / '?' = unreachable, 'x' = time may be in error, '~' = time too variable.
|| .- xxxx [ yyyy ] +/- zzzz
|| Reachability register (octal) -. | xxxx = adjusted offset,
|| Log2(Polling interval) --. | | yyyy = measured offset,
|| \ | | zzzz = estimated error.
|| | | \
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^x 202.118.1.130 2 10 377 959 +54386s[ +443us] +/- 28ms
^- news.neu.edu.cn 2 6 377 13 +6006us[-54386s] +/- 28ms
^- controller 3 6 375 16 +6111us[+6111us] +/- 30ms
^+ time6.aliyun.com 2 6 377 19 +62ms[ +62ms] +/- 87ms
^* ntp3.aliyun.com 2 6
377 17 +1295us[+1146us] +/- 37ms
此处显示为5个源,如果开启外网的话可能时间不同步,我们可以只配置本地时间源controller其他注释掉
部署阶段
配置yum源和更新
1、安装openstack的yum源
两个机器上都操作
yum install -y centos-release-openstack-liberty
2.升级所有的包(两个机器上都操作)
yum upgrade ####结束后重启系统reboot
3、安装openstack 客户端和openstack-selinux
yum install -y python-openstackclient openstack-selinux
controller应用部署
1、sql服务安装(MariaDB)【控制节点】
MariaDB数据库管理系统是MySQL的一个分支,主要由开源社区在维护,采用GPL授权许可。开发这个分支的原因之一是:甲骨文公司收购了MySQL后,有将MySQL闭源的潜在风险,因此社区采用分支的方式来避开这个风险。
yum install -y mariadb mariadb-server MySQL-python
vi /etc/my.cnf.d/mariadb_openstack.cnf //加入下面内容
[mysqld]
bind-address = 192.168.100.20 #设置 bind-address 为控制节点管理网络ip地址,使能通过管理网络访问其它节点
default-storage-engine = innodb
innodb_file_per_table
collation-server = utf8_general_ci
init-connect = 'SET NAMES utf8'
character-set-server = utf8
启动mariadb:systemctl enable mariadb.service #加入开机启动
systemctl start mariadb.service #启动服务
命令行执行:mysql_secure_installation
设置root密码为:root
2、安装nosql(mongodb服务)
nosql数据库被Telemetry service用到,(Telemetry 是redhat公司主导开发的一个openstack组件,用来做监控的)
在这里我们安装的是mongodb,不是必须的。
yum install -y mongodb-server mongodb
编辑配置文件 vi /etc/mongod.conf //更改如下配置
bind_ip = 192.168.100.20
smallfiles = true
启动服务
systemctl enable mongod.service
systemctl start mongod.service
3、安装消息队列服务【控制节点】
rabbitmq消息队列服务在openstack中起到非常关键的作用,它好比是一个交通枢纽,各个组件之间的通信由它来完成。
yum install -y rabbitmq-server
systemctl enable rabbitmq-server
systemctl start rabbitmq-server
rabbitmqctl add_user openstack openstackpasswd
// 密码 openstackpasswd用户名为openstack
rabbitmqctl set_permissions openstack ".*" ".*" ".*"
[root@controller ~]# rabbitmqctl add_user openstack openstackpasswd
Creating user "openstack" ...
[root@controller ~]# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
Setting permissions for user "openstack" in vhost "/" ...
[root@controller ~]#
###允许openstack用户可以配置,可以写,可以读
rabbitmqctl命令使用:
rabbitmqctl --help #查看命令帮助
add_user <username> <password>
delete_user <username>
change_password <username> <newpassword>
clear_password <username>
list_users
4、增加identity - keystone【控制节点】
Keystone V3 简介
Keystone 中主要涉及到如下几个概念:User、Tenant、Role、Token。下面对这几个概念进行简要说明。
- User:顾名思义就是使用服务的用户,可以是人、服务或者是系统,只要是使用了 Openstack 服务的对象都可以称为用户。
- Tenant:租户,可以理解为一个人、项目或者组织拥有的资源的合集。在一个租户中可以拥有很多个用户,这些用户可以根据权限的划分使用租户中的资源。
- Role:角色,用于分配操作的权限。角色可以被指定给用户,使得该用户获得角色对应的操作权限。
- Token:指的是一串比特值或者字符串,用来作为访问资源的记号。Token 中含有可访问资源的范围和有效时间。
Keystone 和其它 OpenStack 服务之间是如何交互和协同工作的?首先用户向 Keystone 提供自己的身份验证信息,如用户名和密码。Keystone 会从数据库中读取数据对其验证,如验证通过,会向用户返回一个 token,此后用户所有的请求都会使用该 token 进行身份验证。如用户向 Nova 申请虚拟机服务,nova 会将用户提供的 token 发给 Keystone 进行验证,Keystone 会根据 token 判断用户是否拥有进行此项操作的权限,若验证通过那么 nova 会向其提供相对应的服务。其它组件和 Keystone 的交互也是如此
具体介绍:http://www.ibm.com/developerworks/cn/cloud/library/1506_yuwz_keystonev3/index.html
登陆mysql,创建数据库
mysql -uroot -proot
>create database keystone;
>GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY ‘keystone';
>GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'keystone'; 说明,创建一个keystone库,并且授权给keystone用户所有权限,密码为keystone
安装相关的包
yum install -y openstack-keystone httpd mod_wsgi memcached python-memcached
启动memcached服务
systemctl enable memcached.service
systemctl start memcached.service
编辑keystone配置文件
//修改或增加配置如下
admin_token密码为123456
[DEFAULT]
admin_token = 123456
verbose = true
[database]
connection = mysql://keystone:keystone@controller/keystone
[memcache]
servers = localhost:11211
[token]
provider = uuid
driver = memcache
[revoke]
driver = sql
导入keystone相关的数据
su -s /bin/sh -c "keystone-managedb_sync" keystone
这里会有个提示 No handlers could be found for logger"oslo_config.cfg" 忽略它,不影响。
注意:这个报错后面导入数据会出现多次
检查有没有正常导入数据:
[root@controller ~]# mysql -ukeystone -pkeystone -hcontroller -t keystone -e "show tables"
看是否有列出表来,如果是空,说明没有成功导入数据
配置apache
先编辑配置文件/etc/httpd/conf/httpd.conf
增加或更改
ServerName controller
配置apache
先编辑配置文件 /etc/httpd/conf/httpd.conf
增加或更改
ServerName controller
编辑配置文件 vi /etc/httpd/conf.d/wsgi-keystone.conf 内容如下
Listen 5000
Listen 35357
<VirtualHost *:5000>
WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-public
WSGIScriptAlias / /usr/bin/keystone-wsgi-public
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
<IfVersion >= 2.4>
ErrorLogFormat "%{cu}t %M"
</IfVersion>
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
</VirtualHost>
<VirtualHost *:35357>
WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-admin
WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
<IfVersion >= 2.4>
ErrorLogFormat "%{cu}t %M"
</IfVersion>
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
</VirtualHost>
启动apache
systemctl enable httpd.service
systemctl start httpd.service
设置环境变量:
vim /etc/profile
export OS_TOKEN=123456 #配置token
export OS_URL=http://controller:35357/v2 #配置 endpoint URL:
export OS_IDENTITY_API_VERSION=3
source /etc/profile
然后创建服务实例
openstack service create --name keystone --description "OpenStack Identity" identity
[root@controller ~]# openstack service create --name keystone --description "OpenStack Identity" identity
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Identity |
| enabled | True |
| id | c43988e2db85465ab49c065dac5ee3c8 |
| name | keystone |
| type | identity |
+-------------+----------------------------------+
[root@controller ~]# 创建端点
openstack endpoint create --region RegionOne identity public http://controller:5000/v2.0
openstack endpoint create --region RegionOne identity internal http://controller:5000/v2.0
openstack endpoint create --region RegionOne identity admin http://controller:35357/v2.0
[root@controller ~]# openstack endpoint create --region RegionOne identity public http://controller:5000/v2.0
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 2347aed007ca49fe845e4ee7940689b4 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | fc4f17f8b9604286903bd324b40b8016 |
| service_name | keystone |
| service_type | identity |
| url | http://controller:5000/v2.0 |
+--------------+----------------------------------+
[root@controller ~]#
[root@controller ~]# openstack endpoint create --region RegionOne identity internal http://controller:5000/v2.0
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | e049b49ff24646ee95bfcbe8addcfbff |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | fc4f17f8b9604286903bd324b40b8016 |
| service_name | keystone |
| service_type | identity |
| url | http://controller:5000/v2.0 |
+--------------+----------------------------------+
[root@controller ~]#
[root@controller ~]# openstack endpoint create --region RegionOne identity admin http://controller:35357/v2.0
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | ef867ab9497d4aeab1c0c0b088fbf901 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | fc4f17f8b9604286903bd324b40b8016 |
| service_name | keystone |
| service_type | identity |
| url | http://controller:35357/v2.0 |
+--------------+----------------------------------+
[root@controller ~]#
创建租户(tenants)、用户以及角色
创建admin 租户
openstack project create --domain default --description "Admin Project" admin
[root@controller ~]# openstack project create --domain default --description "Admin Project" admin
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Admin Project |
| domain_id | default |
| enabled | True |
| id | ed1396bac8b14d969693e7f019dd5230 |
| is_domain | False |
| name | admin |
| parent_id | None |
+-------------+----------------------------------+
[root@controller ~]# 创建admin用户 (密码为adminpasswd)
openstack user create --domain default --password-prompt admin
[root@controller ~]# openstack user create --domain default --password-prompt admin
User Password:
Repeat User Password:
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 28d7c214bffb4e37ad10d734d156d067 |
| name | admin |
+-----------+----------------------------------+
[root@controller ~]# 创建admin角色
openstack role create admin
[root@controller ~]# openstack role create admin
+-------+----------------------------------+
| Field | Value |
+-------+----------------------------------+
| id | d1297a61aba6462e9a6feea1542fcef3 |
| name | admin |
+-------+----------------------------------+
[root@controller ~]# 添加admin角色到admin租户和用户
openstack role add --project admin --user admin admin
下面我们再来创建一个service 租户
openstack project create --domain default --description "Service Project" service
[root@controller ~]# openstack project create --domain default --description "Service Project" service
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Service Project |
| domain_id | default |
| enabled | True |
| id | e01123d140d248bfbbc21aa844453079 |
| is_domain | False |
| name | service |
| parent_id | None |
+-------------+----------------------------------+
[root@controller ~]# 创建demo租户
openstackproject create --domain default --description "Demo Project" demo
[root@controller~]# openstack project create --domain default --description "Demo Project" demo
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description |Demo Project |
| domain_id | default |
| enabled | True |
| id | 178c99209e43429b90fb4b638e29450d |
| is_domain | False |
| name | demo |
| parent_id | None |
+-------------+----------------------------------+
[root@controller ~]# 创建demo用户 (密码demopasswd)
openstack user create --domain default --password-prompt demo
[root@controller ~]# openstack user create --domain default --password-prompt demo
User Password:
Repeat User Password:
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | c29d410611ba4e918d71a4edb64688b6 |
| name | demo |
+-----------+----------------------------------+
[root@controller ~]# 创建角色user
openstack role create user
[root@controller~]# openstack role create user
+-------+----------------------------------+
| Field |Value |
+-------+----------------------------------+
| id | 2f304e27f0fb401a9425cf4644179fb5 |
| name | user |
+-------+----------------------------------+
[root@controller~]# 添加user角色到demo租户和demo用户
openstack role add --project demo --user demo user
[root@controller~]# openstack role add --project demo --user demo user
验证admin用户和demo用户是否能正常登陆
首先做一个安全设置:
vim /usr/share/keystone/keystone-dist-paste.ini
搜索admin_token_auth, 从[pipeline:public_api], [pipeline:admin_api]和[pipeline:api_v3]中,把admin_token_auth去掉,例如把
pipeline = sizelimit url_normalize request_id build_auth_context token_auth admin_token_auth json_body ec2_extension user_crud_extension public_service
改为
pipeline = sizelimit url_normalize request_id build_auth_context token_auth json_body ec2_extension user_crud_extension public_service
取消环境变量OS_TOKEN和OS_URL
unset OS_TOKEN OS_URL
然后再登陆admin和demo用户
openstack --os-auth-url http://controller:35357/v3 --os-project-domain-id default --os-user-domain-id default --os-project-name admin --os-username admin --os-auth-type password token issue
密码:adminpasswd
#作为管理员,请求身份验证令牌
[root@controller ~]# openstack --os-auth-url http://controller:35357/v3 --os-project-domain-id default --os-user-domain-id default --os-project-name admin --os-username admin --os-auth-type password token issue
Password:
+------------+----------------------------------+
| Field | Value |
+------------+----------------------------------+
| expires | 2016-09-20T20:04:51.066434Z |
| id | d433ed7af41c45ba96ab29daa28eb773 |
| project_id | ed1396bac8b14d969693e7f019dd5230 |
| user_id | 28d7c214bffb4e37ad10d734d156d067 |
+------------+----------------------------------+
[root@controller ~]#
#作为admin用户,列出用户作为admin核实admin可以执行 admin-only CLI 命令
[root@controller ~]# openstack --os-auth-url http://controller:35357/v3 --os-project-domain-id default --os-user-domain-id default --os-project-name admin --os-username admin --os-auth-type password project list
Password:
+----------------------------------+---------+
| ID | Name |
+----------------------------------+---------+
| 578b3676606a4d818a917bf8cfe46d4c | service |
| 5c007739446b44eebab043e2573021b1 | admin |
| ab6fd0b354444bf58db83cb998fd96dd | demo |
+----------------------------------+---------+
#作为admin用户,列出用户核实认证服务
[root@controller ~]# openstack --os-auth-url http://controller:35357/v3 --os-project-domain-id default --os-user-domain-id default --os-project-name admin --os-username admin --os-auth-type password user list
Password:
+----------------------------------+-------+
| ID | Name |
+----------------------------------+-------+
| 142eddcf802943259efe69a4dbc0160d | admin |
| 7b33d224785141a3a0539f0c89e02be9 | demo |
+----------------------------------+-------+
#作为 admin 用户, 列出角色验证keystone服务
[root@controller ~]# openstack --os-auth-url http://controller:35357/v3 --os-project-domain-id default --os-user-domain-id default --os-project-name admin --os-username admin --os-auth-type password role list
Password:
+----------------------------------+-------+
| ID | Name |
+----------------------------------+-------+
| 442849323ab940eab00b498e12d12faf | admin |
| 93bee9c6e43b49b7861bd1d46b1b496b | user |
+----------------------------------+-------+
[root@controller ~]#
openstack --os-auth-urlhttp://controller:5000/v3 --os-project-domain-id default --os-user-domain-id default --os-project-name demo --os-username demo--os-auth-type password token issue
密码:demopasswd
[root@controller ~]# openstack --os-auth-url http://controller:5000/v3 --os-project-domain-id default --os-user-domain-id default --os-project-name demo --os-username demo --os-auth-type password token issue
Password:
+------------+----------------------------------+
| Field | Value |
+------------+----------------------------------+
| expires | 2016-09-20T20:06:35.853825Z |
| id | 6ce859278e6f4a86a4b4e45043d7d323 |
| project_id | 178c99209e43429b90fb4b638e29450d |
| user_id | c29d410611ba4e918d71a4edb64688b6 |
+------------+----------------------------------+
[root@controller ~]#
验证操作
创建openstack客户端脚本1
vim admin-openrc.sh //内容
export OS_PROJECT_DOMAIN_ID=default
export OS_USER_DOMAIN_ID=default
export OS_PROJECT_NAME=admin
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=adminpasswd
export OS_AUTH_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3
执行脚本
source admin-openrc.sh
申请认证令牌
openstack token issue
[root@controller ~]# source admin-openrc.sh
[root@controller ~]# openstack token issue
+------------+----------------------------------+
| Field | Value |
+------------+----------------------------------+
| expires | 2016-09-24T13:26:54.555394Z |
| id | 982acc74994e46af8f9cc07520467145 |
| project_id | 5c007739446b44eebab043e2573021b1 |
| user_id | 142eddcf802943259efe69a4dbc0160d |
+------------+----------------------------------+
[root@controller ~]# 创建openstack客户端脚本2
vim demo-openrc.sh //内容
export OS_PROJECT_DOMAIN_ID=default
export OS_USER_DOMAIN_ID=default
export OS_PROJECT_NAME=demo
export OS_TENANT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=demopasswd
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
执行脚本
source demo-openrc.sh
申请认证令牌
openstack token issue
[root@controller ~]# source demo-openrc.sh
[root@controller ~]# openstack token issue
+------------+----------------------------------+
| Field | Value |
+------------+----------------------------------+
| expires | 2016-09-24T13:29:47.081067Z |
| id | 1ed0c7b57e4c4f18aa1a3603d27b9067 |
| project_id | ab6fd0b354444bf58db83cb998fd96dd |
| user_id | 7b33d224785141a3a0539f0c89e02be9 |
+------------+----------------------------------+
[root@controller ~]#
增加image - 前期准备
image又叫做glance,是用来管理镜像的一个组件,我们用镜像来安装操作系统。glance支持让用户自己管理自定义镜像。
创建glance库和用户
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'glance';
Query OK, 0 rows affected (0.04 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'glance';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> 执行 admin-openrc.sh 脚本 source admin-openrc.sh
创建glance用户(密码为glancepasswd)
[root@controller ~]# source admin-openrc.sh
[root@controller ~]# openstack user create --domain default --password-prompt glance
User Password:
Repeat User Password:
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 56a44e9333a34d3e8a7479bfa29955d4 |
| name | glance |
+-----------+----------------------------------+
[root@controller ~]#
把admin角色添加到glance用户和service租户
openstack role add --project service --user glance admin
创建glance服务实体
openstack service create --name glance --description "OpenStack Image service" image
[root@controller ~]# openstack role add --project service --user glance admin
[root@controller ~]# openstack service create --name glance --description "OpenStack Image service" image
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image service |
| enabled | True |
| id | b78d1bdf00924090be3b995e8e1b37e7 |
| name | glance |
| type | image |
+-------------+----------------------------------+
[root@controller ~]# 创建image服务api 端点
openstack endpoint create --region RegionOne image public http://controller:9292
[root@controller profile.d]# openstack endpoint create --region RegionOne image public http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | d12aa53e769442bcb4bfd75ca75bbad0 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | efaa9c047adf4eb58ef2f1576e432a12 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
[root@controller profile.d]#
openstack endpoint create --region RegionOne image internal http://controller:9292
[root@controller profile.d]# openstack endpoint create --region RegionOne image internal http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | d3add6d0b0614e88a4adde93653b8b29 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | efaa9c047adf4eb58ef2f1576e432a12 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
[root@controller profile.d]#
openstack endpoint create --region RegionOne image admin http://controller:9292
[root@controller profile.d]# openstack endpoint create --region RegionOne image admin http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 95a77b2444c74cc0bb135fde881ac453 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | efaa9c047adf4eb58ef2f1576e432a12 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
[root@controller profile.d]#
接openstack部署(二)http://xulianglinux.blog.51cto.com/8001428/1855385 点击链接跳转 | 
QQ群⑧:
窥视卡
雷达卡
发表于 2018-6-1 06:28:49
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡