1.Openstack-环境安装

Centos7 OpenStack环境安装

Ifcofnig vim命令

Centos7最小化安装后如没有ifconfig vim命令，执行：

1 yum install -y net-tools vim

修改网卡名称

vim /etc/default/grub增加 “net.ifnames=0 biosdevname=0”

grub2-mkconfig -o /boot/grub2/grub.cfg

cd /etc/sysconfig/network-scripts/

mv ifcfg-enp1s0 ifcfg-eth0

sed -i 's/enp1s0/eth0/g' ifcfg-eth0

修改完后重启reboot，开机后ifconfig检查

关闭防火墙

CentOS 7.0默认使用的是firewall作为防火墙，这里改为iptables防火墙。

firewall：

systemctl start firewalld.service#启动firewall

systemctl stop firewalld.service#停止firewall

systemctl disable firewalld.service#禁止firewall开机启动

修改三台主机的hosts文件

vim /etc/hosts

# controller

192.168.116.8   controller

# compute1

192.168.116.7   compute1

 # compute2

 192.168.116.10  compute2

 #测试配置是否成功

 ping controller

 ping compute1

 ping compute2

安装ntp

   #每台都要装

 yum install -y ntp

 #修改控制器的ntp

 vim /etc/ntp.conf

 restrict 192.168.116.0 mask 255.255.255.0 nomodify notrap

 #只有ntp服务器同步成功后，ntp客户端才能够同步到ntp服务器的时间

 server  127.127.1.0     # local clock

 #节点服务器删除 server配置

 #添加   

 server 192.168.116.7 iburst
 
 fudge 192.168.116.7 stratum 

 estrict controller nomodify notrap noquery

 #全部修改完毕添加为开机自启并立即启动

 systemctl enable ntpd.service

生成安全密码的命令

openssl rand -hex 

以下在所有的服务器上操作

安装yum插件，优先级包，使系统信息库中的相对优先级分配：

yum install yum-plugin-priorities

安装 EPEL库与RDO库

yum install -y http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm \
http://rdo.fedorapeople.org/openstack-juno/rdo-release-juno.rpm

升级你的系统上的软件包

yum upgrade -y

安装OpenStack的SELinux的包自动为OpenStack的服务管理安全策略：

yum install openstack-selinux -y

数据库只装一台即可

该数据库通常运行在控制器节点上

安装和配置数据库服务器

yum install -y mariadb mariadb-server MySQL-python

新建并编辑/etc/my.cnf.d/mariadb_openstack.cnf文件

vim /etc/my.cnf.d/mariadb_openstack.cnf

[mysqld]

bind-address = 192.168.116.8

default-storage-engine = innodb

innodb_file_per_table
    
collation-server = utf8_general_ci
    
init-connect = 'SET NAMES utf8'
    
character-set-server = utf8

启动数据库服务并将其配置为启动系统启动时：

systemctl enable mariadb.service
systemctl start mariadb.service
systemctl status mariadb.service

安装数据库服务，包括选择合适的密码root帐户：

# mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user.  If you've just installed MariaDB, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.

Enter current password for root (enter for none):
OK, successfully used password, moving on...

Setting the root password ensures that nobody can log into the MariaDB
root user without the proper authorisation.

Set root password? [Y/n] Y
New password:
Re-enter new password:
Password updated successfully!
Reloading privilege tables..
... Success!

By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y
... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] Y
... Success!

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] Y
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] Y
... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!