安装除Neutron(Quantum)以外所有东西
在开始之前,假设有三个NIC
禁用selinux,并修改网络配置/etc/sysconfig/network-scripts/ifcfg-ethX
# Internal DEVICE=eth0 TYPE=Ethernet BOOTPROTO=static IPADDR=192.168.1.11 NETMASK=255.255.255.0 GATEWAY=192.168.1.1 DNS1=192.168.1.1 DEFROUTE=yes ONBOOT=yes# External DEVICE=eth1 TYPE=Ethernet BOOTPROTO=static IPADDR=192.168.1.12 NETMASK=255.255.255.0 DEFROUTE=yes ONBOOT=yes#Public Bridge DEVICE=eth2 TYPE=Ethernet BOOTPROTO=static IPADDR=192.168.1.13 NETMASK=255.255.255.0 DEFROUTE=yes ONBOOT=yes于Feodra18中安装Openstack,可参考文档,按照这个来的话对Openstack的设计理念将会有所了解
Getting started with OpenStack on Fedora 18
或者运行/*安装完成后管理员界面为http://localhost/dashboard用户名admin,密码secrete*/ # openstack-demo-install以上两种方法把除了Neutron(quantum)其他的服务都配置好了,关于quantum的配置见文末
添加虚拟机实例
可参考文档
Getting started with OpenStack on Fedora 18
在终端操作之前需要设置环境变量,将它们两者之一写到一个文件,然后source一下export OS_USERNAME=admin export OS_PASSWORD=secrete export OS_TENANT_NAME=admin export OS_AUTH_URL=http://127.0.0.1:5000/v2.0/export ADMIN_TOKEN=$(openssl rand -hex 10) export SERVICE_ENDPOINT=http://127.0.0.1:35357/v2.0/ export SERVICE_TOKEN=\$ADMIN_TOKENsource FileA这个libvirt支持kvm以及xen虚拟化,所以支持的镜像也比较多,这里下载一个已经安装好的f17的qcow2镜像
# axel -n 5 http://berrange.fedorapeople.org/images/2012-11-15/f17-x86_64-openstack-sda.qcow2 /*注册镜像*/ # glance add name=f17-jeos is_public=true disk_format=qcow2 container_format=bare然后以demo用户进入dashboard,会看到添加进来的image,根据image启动实例,打开vnc界面(非localhost访问要改ip)。
安装操蛋的Neutron(quantum)服务
这东西刚改名,nova自带的有network服务,可这个可以虚拟L2 L3 switch,那就比较有意思了
/*注册quantum*/
# keystone service-create --name quantum --type network --description 'OpenStack Networking Service' # keystone endpoint-create --region myregion --service-id 26a55b340e254ad5bb78c0b14391e153 --publicurl "http://192.168.1.11:9696/" --adminurl "http://192.168.1.11:9696/" --internalurl "http://192.168.1.11:9696/"/*(可选)添加quantum服务用户*/
get_id.sh:$ function get_id () { echo `"$@" | awk '/ id / { print $4 }'` } # ADMIN_ROLE=$(get_id keystone role-create --name=admin) # QUANTUM_USER=$(get_id keystone user-create --name=quantum --pass="servicepass" --email=demo@example.com --tenant-id service) # keystone user-role-add --user_id $QUANTUM_USER --role_id $ADMIN_ROLE --tenant_id service/*服务插件二选一,linuxbrideg和openvswitch,这里使用后者,先安装插件*/
# yum install openstack-quantum-openvswitch/*启动并添加服务*/
# quantum-server-setup --plugin openvswitch # quantum-node-setup --plugin openvswitch # service quantum-server start # chkconfig quantum-server on # service openvswitch start # chkconfig openvswitch on # ovs-vsctl add-br br-int # chkconfig quantum-openvswitch-agent on # service quantum-openvswitch-agent start # quantum-dhcp-setup --plugin openvswitch # chkconfig quantum-dhcp-agent on # service quantum-dhcp-agent start # ovs-vsctl add-br br-ex # ovs-vsctl add-port br-ex eth1 # quantum-l3-setup --plugin openvswitch # chkconfig quantum-l3-agent on # service quantum-l3-agent start# chkconfig quantum-metadata-agent on # service quantum-metadata-agent start修改并配置网络 /etc/sysconf/network-scripts/ifcfg-eth1,/etc/sysconf/network-scripts/ifcfg-br-ex
# External DEVICE=eth1 TYPE=Ethernet BOOTPROTO=none NM_CONTROLLED=no BRIDGE=br-ex ONBOOT=yes#Public Bridge DEVICE=br-ex TYPE=Bridge BOOTPROTO=static IPADDR=192.168.2.11 NETMASK=255.255.255.0 NM_CONTROLLED=no ONBOOT=yes# ip addr del 10.0.0.9/24 dev eth1 # ip addr add 10.0.0.9/24 dev br-ex这里类似VPN的重写HEADER
echo 1 > /proc/sys/net/ipv4/conf/all/forwarding sysctl -w net.ipv4.ip_forward=1 iptables -A FORWARD -i eth0 -o br-ex -s 10.10.10.0/24 -m conntrack --ctstate NEW -j ACCEPT iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT iptables -A POSTROUTING -s 10.10.10.0/24 -t nat -j MASQUERADE最后重启机器即可
通过curl使用openstack api
参考这篇文章
注意区分token和固定id获取可用镜像
curl -s http://10.199.0.250:8774/v2/51ad87714b86442d9a74537d6f890060/images -X GET -H "X-Auth-Project-Id: admin" -H "Accept: application/json" -H "X-Auth-Token: 6083193874684f38865b086a8a5f4b7b" | python -mjson.tool创建虚拟机
curl -i http://10.199.0.250:8774/v2/51ad87714b86442d9a74537d6f890060/servers -X POST -H "X-Auth-Project-Id: admin" -H "Content-Type: application/json" -H "Accept: application/json" -H "X-Auth-Token: 6083193874684f38865b086a8a5f4b7b" -d '{"server": {"name": "instance1", "imageRef": "992f5732-af50-40fc-987f-25951cbce943", "key_name": "damion-flybook", "flavorRef": "3", "max_count": 1, "min_count": 1}}'