openstack部署概要

nikoo

　　在openstack官方看了部署手册：http://docs.openstack.org/juno/install-guide/install/yum/content/
　　花了三天时间在公司的刀片上搭了个环境，系统是centos7，部署了controller、compute、network、block storage4个节点，顺利导入windows、linux虚机镜像，这里就把部署中的一些重要步骤罗列供下次使用参考（详细命令参考官网非常详细）
一、Identity service   -------Keystone
 
1.    basic environment
(1)3 node      controller/compute/network
(2)network configure   同一个网段并且修改主机名 
(3)NTP service        确保Node的时间统一
(4)openstack packages   在线安装
(5)mysql database     本地数据库
(6) RabbitMQ          消息队列
2.    identity service   (类似权限系统)
Keystone是OpenStack的组件之一，用于为OpenStack家族中的其它组件成员提供统一的认证服务，包括身份验证、令牌的发放和校验、服务列表、用户权限的定义等等。
(1)database access    建立keystone库
(2)install and configure components    安装配置keystone组件
(3)create tenant/user/roles     建立租户/用户/角色
  最后role关联user
Tenant/租户：类似用户组的概念，一个租户可以容纳多个用户
User/用户：用于身份认证，一个用户可以关联多个租户组
Role/角色：关联“用户-租户对”映射关系的元数据
Token/令牌：用于验证上述用户是否合法
Endpoint/断点：服务实例（RRL入口）
(4)create the service entity and api endpoint
 
                             Service –role-tenant-role   关系图
　　
 

 

二、Image Service   -------Glance
(1)create the database
(2)source the admin credential   
(3)create the service credential   (keystone)
(4)create the image service api endpoint
(5)install and configure the image service components
 
API:处理来自compute 和 keystone的请求
Registry:处理镜像的metadata
Store adapter:镜像本身的存储
　　
 
三、Compute Service ------nova（新星）
 The main modules are implemented in Python.
(1)create database
(2) source the admin credential
(3) To create the service credentials  (keystone)
(4) Create the Compute service API endpoints
(5)install and configure compute controller components
a.controller node configure   
1.database access
2.rabbitMQ access
3.keystone_authtoken
4.set controller ip
5. set VNC proxy
6.set glance
7.set troubleshooting
8.populate the compute database;
9Start the Compute services and configure them to start when the system boots
              b.compute node configure
                     1.install the packages
                     2.edit the nova.conf          RabbitMQ/Keystone/Ip/vnc remote access
                     3. Determine supports hardware acceleration for virtual machine
                  If not:  configure libvirt to use QEMU instead of KVM.
　　
 

 

四、networking   ------Neutron
1.configure controller
reate advanced virtual network topologies including services such as firewalls, load balancers, and virtual private networks (VPNs)
(1)      create a database, service credentials, and API endpoints.
(2)      Config networking server compenent
(3)      Configure Neutron.conf
(4)      Configure modular layer2 (ML2) 2层模块  “flat,GRE” network type drivers
(5)      Reconfigure compute to manage networks through networking
(6)      Initialization scripts expect a symbolic link plugin.ini and ml2_conf.ini
 
2.install and configure network node
The network node primarily handles internal and external routing and DHCP services for virtual networks.
(1)  config kernel networking parameters
(2)  install the networking components
(3)  configure the networking common components
The Networking common component configuration includes the authentication mechanism(认证机制), message broker（消息代理）, and plug-in.
      Neutron.conf
(4)  configure the modular layer2(ML2)plug-in
The ML2 plug-in uses the Open vSwitch (OVS) mechanism (agent) to build the virtual networking framework for instances.
(5)  Configure the layer-3 L3 agent
The layer-3 agrent provides routing services for virtual networks
(6)  Configure the DHCP agent
The dhcp agent provides dhcp services for virtual networks
(7)  Configure the metadata agent
The metadata agent provides configuration information such as credentioals to instacnes
(8)  Verbose:冗长的用于故障排错的服务，基本上所有的服务都要设置
(9)  Configure the open vswitch service
add the external bridge、add port to the external bridge that connects to the physical external network in interface
3.    install and configure compute node
the compute node handles connectivity and security groups for instance
(1)  configure the kenerl networking parameters
(2)  install the networking components
(3)  configure the networking common components
datebase、keystone_authtoken、ML2 plug-in router
(4)  configure the open vswitch ovs service
4.    create initial networks(controller node)
(1)  create external network      network address translation(NAT)
(2)  create subnet on the external network(set floating ip address range,disable dhcp)
(3)  tenant network
create the subnet,  create a router on the tenant network and attach the external
 
五、Horizon  --dashboard
1.    install the dashboard components
(1)  install the packages
(2)  configure the dashboard