[系统运维] 第七十四集 openstack 部署

开发: C++知识库 Java知识库 JavaScript Python PHP知识库人工智能区块链大数据移动开发嵌入式开发工具数据结构与算法开发测试游戏开发网络协议系统运维
教程: HTML教程 CSS教程 JavaScript教程 Go语言教程 JQuery教程 VUE教程 VUE3教程 Bootstrap教程 SQL数据库教程 C语言教程 C++教程 Java教程 Python教程 Python3教程 C#教程
数码: 电脑笔记本显卡显示器固态硬盘硬盘耳机手机 iphone vivo oppo 小米华为单反装机图拉丁

-> 系统运维 -> 第七十四集 openstack 部署 -> 正文阅读

[系统运维]第七十四集 openstack 部署

openstack 部署

什么是openstack

OpenStack 是一系列开源工具（或开源项目）的组合，主要使用池化虚拟资源来构建和管理私有云及公共云。其中的六个项目主要负责处理核心云计算服务，包括计算、网络、存储、身份和镜像服务。还有另外十多个可选项目，用户可把它们捆绑打包，用来创建独特、可部署的云架构。

云计算模式

一、IaaS：基础设施即服务（个人比较习惯的）：用户通过网络获取虚机、存储、网络，然后用户根据自己的需求操作获取的资源

二、PaaS：平台即服务：将软件研发平台作为一种服务，如Eclipse/Java编程平台，服务商提供编程接口/运行平台等

三、SaaS：软件即服务：将软件作为一种服务通过网络提供给用户，如web的电子邮件、HR系统、订单管理系统、客户关系系统等。用户无需购买软件，而是向提供商租用基于web的软件，来管理企业经营活动

OpenStack 中有哪些项目？

OpenStack 架构由大量开源项目组成。其中包含 6 个稳定可靠的核心服务，用于处理计算、网络、存储、身份和镜像；同时，还为用户提供了十多种开发成熟度各异的可选服务。OpenStack 的 6 个核心服务主要担纲系统的基础架构，其余项目则负责管理控制面板、编排、裸机部署、信息传递、容器及统筹管理等操作。

keystone：Keystone 认证所有 OpenStack 服务并对其进行授权。同时，它也是所有服务的端点目录。
glance：Glance 可存储和检索多个位置的虚拟机磁盘镜像。
nova：是一个完整的 OpenStack 计算资源管理和访问工具，负责处理规划、创建和删除操作。
neutron：Neutron 能够连接其他 OpenStack 服务并连接网络。
dashboard：web管理界面
Swift：是一种高度容错的对象存储服务，使用 RESTful API 来存储和检索非结构数据对象。
Cinder 通过自助服务 API 访问持久块存储。
Ceilometer：计费
Heat：编排

openstack基本架构

OpenStack环境部署

设备准备
三台CentOS，内存8G，双网卡

ct：设置网卡

ens33(NAT网卡):
BOOTPROTO=static
IPV4_ROUTE_METRIC=90	#添加调由优先级，有2条默认，使NAT优先，
ONBOOT=yes
IPADDR=192.168.8.157
NETMASK=255.255.255.0
GATEWAY=192.168.8.2

ens36(内网)：
BOOTPROTO=static
ONBOOT=yes
IPADDR=192.168.130.10
NETMASK=255.255.255.0
#GATEWAY=192.168.130.2	#注释网卡

ct1：

ens33(NAT网卡):
BOOTPROTO=static
IPV4_ROUTE_METRIC=90	#添加调由优先级，有2条默认，使NAT优先，
ONBOOT=yes
IPADDR=192.168.8.156
NETMASK=255.255.255.0
GATEWAY=192.168.8.2

ens36(内网)：
BOOTPROTO=static
ONBOOT=yes
IPADDR=192.168.130.20
NETMASK=255.255.255.0
#GATEWAY=192.168.130.2	

ct2

ens33(NAT网卡):
BOOTPROTO=static
IPV4_ROUTE_METRIC=90	#添加调由优先级，有2条默认，使NAT优先，
ONBOOT=yes
IPADDR=192.168.8.158
NETMASK=255.255.255.0
GATEWAY=192.168.8.2

ens34(内网)：
BOOTPROTO=static
ONBOOT=yes
IPADDR=192.168.130.30
NETMASK=255.255.255.0
#GATEWAY=192.168.130.2	

部署OpenStack依赖环境
三个节点同时设置，这里只显示ct节点

[root@ct ~]# vi /etc/hosts
192.168.130.10  ct
192.168.130.20  ct1
192.168.130.30  ct2
[root@ct ~]# ssh-keygen -t rsa				#免交互
[root@ct ~]# ssh-copy-id ct
[root@ct ~]# ssh-copy-id ct1
[root@ct ~]# ssh-copy-id ct2
[root@ct ~]# vi /etc/yum.conf 				#配置YUM能保存下载的安装软件
keepcache=1

##下载安装依赖包
[root@ct ~]# yum -y install net-tools bash-completion vim gcc gcc-c++ make pcre  pcre-devel expat-devel cmake  bzip2 lrzsz


##EXPAT C语言发开库，这里最好多安装几次
[root@ct ~]# yum -y install centos-release-openstack-train python-openstackclient openstack-selinux openstack-utils

设置时间同步
[root@ct ~]# yum install chrony -y
[root@ct ~]#  vim /etc/chrony.conf

[root@ct ~]#  systemctl enable chronyd.service
[root@ct ~]# systemctl restart chronyd.service			#三个节点都开启时间同步
[root@ct ~]# crontab -e									#配置计划任务，两分钟同步一次

控制节点配置MariaDB

安装、配置mariadb

[root@ct ~]# yum -y install mariadb mariadb-server python2-PyMySQL  
#python2-PyMySQL是OpenStack控制端连接MySQL的模块  
[root@ct ~]# yum -y install libibverbs			#添加MySQL子配置文件
[root@ct ~]# vim /etc/my.cnf.d/openstack.cnf		#设置配置文件，添加以下内容
[mysqld]
bind-address = 192.168.140.10						#设置控制节点局域网地址
default-storage-engine = innodb						#设置默认存储引擎
innodb_file_per_table = on							#每张表独立表空间文件
max_connections = 4096								#最大连接数
collation-server = utf8_general_ci					#最大字符集
character-set-server = utf8
[root@ct ~]# systemctl enable mariadb
Created symlink from /etc/systemd/system/mysql.service to /usr/lib/systemd/system/mariadb.service.
Created symlink from /etc/systemd/system/mysqld.service to /usr/lib/systemd/system/mariadb.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/mariadb.service to /usr/lib/systemd/system/mariadb.service.
[root@ct ~]# systemctl start mariadb				#开启mariadb
[root@ct ~]# cd /etc/my.cnf.d/
[root@ct my.cnf.d]# mysql_secure_installation		#执行mariadb安全配置脚本
…………………………
Disallow root login remotely? [Y/n] N				#交互过程只有这一步选择n允许root登录

部署RabbitMQ

[root@ct my.cnf.d]# yum -y install rabbitmq-server
[root@ct my.cnf.d]# systemctl enable rabbitmq-server.service
Created symlink from /etc/systemd/system/multi-user.target.wants/rabbitmq-server.service to /usr/lib/systemd/system/rabbitmq-server.service.
[root@ct my.cnf.d]# systemctl start rabbitmq-server.service
[root@ct my.cnf.d]# rabbitmqctl add_user openstack RABBIT_PASS 	#创建消息队列用户openstack，给予密码为RABBIT_PASS
Creating user "openstack"
[root@ct my.cnf.d]# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
##配置openstack用户的操作权限（正则，配置读写权限）
Setting permissions for user "openstack" in vhost "/"
[root@ct my.cnf.d]# netstat -antp | grep 5672		#查看rabbitmq默认端口		
tcp        0      0 0.0.0.0:25672           0.0.0.0:*               LISTEN      40164/beam.smp      
tcp        0      0 127.0.0.1:33644         127.0.0.1:25672         TIME_WAIT   -                   
tcp6       0      0 :::5672                 :::*                    LISTEN      40164/beam.smp      
[root@ct my.cnf.d]# netstat -antp | grep 25672		#查看rabbit测试工具CLI的端口
tcp        0      0 0.0.0.0:25672           0.0.0.0:*               LISTEN      40164/beam.smp 
[root@ct my.cnf.d]# rabbitmq-plugins list			#查看rabbitmq插件列表
 Configured: E = explicitly enabled; e = implicitly enabled
 | Status:   * = running on rabbit@localhost
 |/
[  ] amqp_client                       3.6.16
[  ] cowboy                            1.0.4
[  ] cowlib                            1.0.2
[  ] rabbitmq_amqp1_0                  3.6.16
[  ] rabbitmq_auth_backend_ldap        3.6.16
[  ] rabbitmq_auth_mechanism_ssl       3.6.16
[  ] rabbitmq_consistent_hash_exchange 3.6.16
[  ] rabbitmq_event_exchange           3.6.16
[  ] rabbitmq_federation               3.6.16
[  ] rabbitmq_federation_management    3.6.16
[  ] rabbitmq_jms_topic_exchange       3.6.16
……………………………………

[root@ct my.cnf.d]# rabbitmq-plugins enable rabbitmq_management		#开启rabbitmq的web管理界面的插件
The following plugins have been enabled:
  amqp_client
  cowlib
  cowboy
  rabbitmq_web_dispatch
  rabbitmq_management_agent
  rabbitmq_management

Applying plugin configuration to rabbit@localhost... started 6 plugins.

部署memcached

[root@ct my.cnf.d]#  yum install -y memcached python-memcached
[root@ct my.cnf.d]# vi /etc/sysconfig/memcached 		#修改memcached配置文件PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="64"
OPTIONS="-l 127.0.0.1,::1，ct"
[root@ct my.cnf.d]# systemctl enable memcached
Created symlink from /etc/systemd/system/multi-user.target.wants/memcached.service to /usr/lib/systemd/system/memcached.service.
[root@ct my.cnf.d]# systemctl start memcached
[root@ct my.cnf.d]# netstat -antp | grep 11211
tcp        0      0 192.168.140.10:11211    0.0.0.0:*               LISTEN      42358/memcached     
tcp        0      0 127.0.0.1:11211         0.0.0.0:*               LISTEN      42358/memcached     
tcp6       0      0 ::1:11211               :::*                    LISTEN      42358/memcached 
安装etcd(由go语言开发的开源，去中心化的数据库)
[root@ct my.cnf.d]# yum install -y etcd			
[root@ct my.cnf.d]# vi /etc/etcd/etcd.conf 		#修改配置文件

Keystone组件部署

创建数据库实例和数据库用户

[root@ct ~]# mysql -uroot -p
Enter password: 
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 364
Server version: 10.3.20-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> create database keystone;
Query OK, 1 row affected (0.001 sec)

MariaDB [(none)]>  grant all privileges on keystone.* to 'keystone'@'localhost' identified by 'KEYSTONE_DBPASS';
Query OK, 0 rows affected (0.001 sec)

MariaDB [(none)]> grant all privileges on keystone.* to 'keystone'@'%' identified by 'KEYSTONE_DBPASS';
Query OK, 0 rows affected (0.001 sec)

MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.001 sec)

MariaDB [(none)]> exit
Bye

安装配置keystone、httpd、mod_wsgi（用来让apache能够代理python程序的组件）

[root@ct ~]# yum install -y openstack-keystone httpd mod_wsgi
[root@ct ~]# cp -a /etc/keystone/keystone.conf{,.bak}			
[root@ct ~]# grep -Ev "^$|#" /etc/keystone/keystone.conf.bak > /etc/keystone/keystone.conf
		#过滤空格或#开头内容，并将内容覆盖到配置文件中
[root@ct ~]# cat /etc/keystone/keystone.conf
[DEFAULT]
[application_credential]
[assignment]
[auth]
[cache]
[catalog]
[cors]
[credential]
[database]
[domain_config]
[endpoint_filter]
[endpoint_policy]
[eventlet_server]
[federation]
[fernet_receipts]
[fernet_tokens]
[healthcheck]
[identity]
[identity_mapping]
[jwt_tokens]
[ldap]
[memcache]
[oauth1]
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[policy]
[profiler]
[receipt]
[resource]
[revoke]
[role]
[saml]
[security_compliance]
[shadow_users]
[token]
[tokenless_auth]
[totp]
[trust]
[unified_limit]
[wsgi]

##通过pymysql模块访问mysql，知道用户名密码，数据库和域名
[root@ct ~]# openstack-config --set /etc/keystone/keystone.conf database connection mysql+pymysql://keystone:KEYSTONE_DBPASS@ct/keystone
##知道token的提供者为keystone自身
[root@ct ~]# openstack-config --set /etc/keystone/keystone.conf token provider fernet

##初始化认证服务数据库
[root@ct ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone

##初始fernet密钥存储库，生成两个密钥，生成的密钥放于/etc/keystone/目录下，用于加密数据
[root@ct ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
[root@ct ~]# keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

配置bootstrap身份认证服务
[root@ct ~]# keystone-manage bootstrap --bootstrap-password ADMIN_PASS \
> --bootstrap-admin-url http://ct:5000/v3/ \			#管理网
> --bootstrap-internal-url http://ct:5000/v3/ \			#内部网络
> --bootstrap-public-url http://ct:5000/v3/ \			#公共网络
> --bootstrap-region-id RegionOne

配置Apache服务
[root@ct ~]# echo "ServerNmae controller" >> /etc/httpd/conf/httpd.conf 
[root@ct ~]# ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
[root@ct ~]# systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
[root@ct ~]# systemctl start httpd
[root@ct ~]# netstat -antp | grep httpd
tcp6       0      0 :::5000                 :::*                    LISTEN      60926/httpd         
tcp6       0      0 :::80                   :::*                    LISTEN      60926/httpd  
配置管理员账户的环境变量
[root@ct ~]# cat >> ~/.bashrc << EOF
> export OS_USERNAME=admin						#设置管理员登录用户名
> export OS_PASSWORD=ADMIN_PASS					#设置密码 
> export OS_PROJECT_NAME=admin
> export OS_USER_DOMAIN_NAME=Default
> export OS_PROJECT_DOMAIN_NAME=Default
> export OS_AUTH_URL=http://ct:5000/v3
> export OS_IDENTITY_API_VERSION=3
> export OS_IMAGE_API_VERSION=2
> EOF
[root@ct ~]# source ~/.bashrc
[root@ct ~]# openstack user list				
+----------------------------------+-------+
| ID                               | Name  |
+----------------------------------+-------+
| d1553b14431c4f7d8397e6ffb15cee30 | admin |
+----------------------------------+-------+

创建OpenStack域、项目、用户和角色
##创建一个项目（project），在知道的domain中，project名称为service
[root@ct ~]# openstack project create --domain default --description "Service Project" service
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Service Project                  |
| domain_id   | default                          |
| enabled     | True                             |
| id          | 0683dd857dec4bc68b2d4d84806b5e23 |
| is_domain   | False                            |
| name        | service                          |
| options     | {}                               |
| parent_id   | default                          |
| tags        | []                               |
+-------------+----------------------------------+

##创建角色
[root@ct ~]# openstack role create user
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | None                             |
| domain_id   | None                             |
| id          | eb2fe06b20824e5d8b16a582f382f4c4 |
| name        | user                             |
| options     | {}                               |
+-------------+----------------------------------+
[root@ct ~]# openstack role list		#查看创建的角色						
+----------------------------------+--------+列表
| ID                               | Name   |
+----------------------------------+--------+
| 622ba83b60dc40aa8c44e4858ee44a02 | admin  |
| 73aa0b3a87f142a5803c133d12a8c4ee | member |
| ba33f04a1c964d849b8b827470ba0dc0 | reader |
| eb2fe06b20824e5d8b16a582f382f4c4 | user   |
+----------------------------------+--------+

##
[root@ct ~]# openstack token issue		#查看是否可以不知道密码就可以获取到token信息（验证认证服务）
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field      | Value                                                                                                                                                                                   |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires    | 2021-08-23T07:13:14+0000                                                                                                                                                                |
| id         | gAAAAABhIzx6NUyyRnDfYio2YyKpzozx2Es1kVV26v0WOhi5YrxHq3Zwj1RKByVfR7K4rVRFmAGGcuD5ElKco0vYgqS47FCSSqGOJdyM4Cn0KVH3wZKXbvN6L-cozznyHqDV8ovz82TscssKowYzYIcwKg-SO4Tv1xxD8bi6PpQy4AXxhCgPm-Y |
| project_id | 933a6997e78d4927847c2f2a32c7a358                                                                                                                                                        |
| user_id    | d1553b14431c4f7d8397e6ffb15cee30                                                                                                                                                        |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

Glance组件部署

创建数据库实例和数据库用户


[root@ct ~]# mysql -uroot -p
MariaDB [(none)]> create database glance;
Query OK, 1 row affected (0.000 sec)

MariaDB [(none)]> grant all privileges on glance.* to 'glance'@'localhost' identified by 'GLANCE_DBPASS';
Query OK, 0 rows affected (0.000 sec)

MariaDB [(none)]> grant all privileges on glance.* to 'glance'@'%' identified by 'GLANCE_DBPASS';
Query OK, 0 rows affected (0.000 sec)

MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.000 sec)

MariaDB [(none)]> exit
Bye

创建用户，修改配置文件
[root@ct ~]# openstack user create --domain default --password GLANCE_PASS glance
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | default                          |
| enabled             | True                             |
| id                  | db20009e0b1f441899ac9aeb26fce300 |
| name                | glance                           |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+
[root@ct ~]# openstack role add --project service --user glance admin
##将glance用户添加到service项目中，并针对这个项目拥有admin权限

[root@ct ~]# openstack service create --name glance --description "OpenStack Image" image
##创建service服务，名称为glance。类型为image
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Image                  |
| enabled     | True                             |
| id          | 3d9adf0d2c68457294effa2b293ad02e |
| name        | glance                           |
| type        | image                            |
+-------------+----------------------------------+
[root@ct ~]# openstack service list			#查看service项目用户列表
+----------------------------------+----------+----------+
| ID                               | Name     | Type     |
+----------------------------------+----------+----------+
| 097835c29bca44d29534dd6beb75cc10 | keystone | identity |
| 3d9adf0d2c68457294effa2b293ad02e | glance   | image    |
+----------------------------------+----------+----------+

创建镜像服务API端点，OpenStack使用三种API端点
[root@ct ~]# openstack endpoint create --region RegionOne image public http://ct:9292
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | c3f4bd393a004bdb9f32785449870674 |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 3d9adf0d2c68457294effa2b293ad02e |
| service_name | glance                           |
| service_type | image                            |
| url          | http://ct:9292                   |
+--------------+----------------------------------+
[root@ct ~]# openstack endpoint create --region RegionOne image internal http://ct:9292
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | d70014945d4644b7991ce5d6e6e8e8c5 |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 3d9adf0d2c68457294effa2b293ad02e |
| service_name | glance                           |
| service_type | image                            |
| url          | http://ct:9292                   |
+--------------+----------------------------------+
[root@ct ~]# openstack endpoint create --region RegionOne image admin http://ct:9292
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 9957f757cfae46f5a4004511933fe95c |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 3d9adf0d2c68457294effa2b293ad02e |
| service_name | glance                           |
| service_type | image                            |
| url          | http://ct:9292                   |
+--------------+----------------------------------+

安装openstack-glance软件包，修改配置文件
[root@ct ~]# yum install -y openstack-glance
[root@ct ~]#  cp -a /etc/glance/glance-api.conf{,.bak}
[root@ct glance]# grep -Ev '^$|#' /etc/glance/glance-api.conf.bak > /etc/glance/glance-api.conf
[root@ct glance]# cat /etc/glance/glance-api.conf
[DEFAULT]
[cinder]
[cors]
[database]
[file]
[glance.store.http.store]
[glance.store.rbd.store]
[glance.store.sheepdog.store]
[glance.store.swift.store]
[glance.store.vmware_datastore.store]
[glance_store]
[image_format]
[keystone_authtoken]
[oslo_concurrency]
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[paste_deploy]
[profiler]
[store_type_location_strategy]
[task]
[taskflow_executor]

输入以下命令修改/etc/glance/glance-appi.conf配置文件
openstack-config --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:GLANCE_DBPASS@ct/glance
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken www_authenticate_uri http://ct:5000
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://ct:5000
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers ct:11211
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_type password
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name Default
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name Default
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name service
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username glance
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password GLANCE_PASS
openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
openstack-config --set /etc/glance/glance-api.conf glance_store stores file,http
openstack-config --set /etc/glance/glance-api.conf glance_store default_store file
openstack-config --set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /var/lib/glance/images/

[root@ct glance]# cat /etc/glance/glance-api.conf		#查看配置文件修改结果
[DEFAULT]
[cinder]
[cors]
[database]
connection = mysql+pymysql://glance:GLANCE_DBPASS@ct/glance
[file]
[glance.store.http.store]
[glance.store.rbd.store]
[glance.store.sheepdog.store]
[glance.store.swift.store]
[glance.store.vmware_datastore.store]
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/
[image_format]
[keystone_authtoken]
www_authenticate_uri = http://ct:5000
auth_url = http://ct:5000
memcached_servers = ct:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = GLANCE_PASS
[oslo_concurrency]
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[paste_deploy]
flavor = keystone
[profiler]
[store_type_location_strategy]
[task]
[taskflow_executor]

修改glance-registry.conf 配置文件
[root@ct glance]# cp -a /etc/glance/glance-registry.conf{,.bak}
[root@ct glance]# grep -Ev '^$|#' /etc/glance/glance-registry.conf.bak > /etc/glance/glance-registry.conf

输入以下命令
openstack-config --set /etc/glance/glance-registry.conf database connection  mysql+pymysql://glance:GLANCE_DBPASS@t/glance
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken www_authenticate_uri   http://ct:5000
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_url  http://ct:5000
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken memcached_servers  ct:11211
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_type  password
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_domain_name  Default
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken user_domain_name  Default
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_name  service
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken username  glance
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken password  GLANCE_PASS
openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor  keystone

[root@ct glance]# cat /etc/glance/glance-registry.conf
[DEFAULT]
[database]
connection = mysql+pymysql://glance:GLANCE_DBPASS@t/glance
[keystone_authtoken]
www_authenticate_uri = http://ct:5000
auth_url = http://ct:5000
memcached_servers = ct:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = GLANCE_PASS
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_policy]
[paste_deploy]
flavor = keystone
[profiler]

初始化glance数据库，开启glance服务
[root@ct glance]# su -s /bin/sh -c "glance-manage db_sync" glance
[root@ct glance]# systemctl enable openstack-glance-api.service 
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-glance-api.service to /usr/lib/systemd/system/openstack-glance-api.service.
[root@ct glance]# systemctl start openstack-glance-api.service 
[root@ct glance]# netstat -antp | grep 9292
tcp        0      0 0.0.0.0:9292            0.0.0.0:*               LISTEN      68138/python2

赋予openstack-glance-api.service服务对存储设备的可写权限（-h：值对符号连接/软链接的文件修改)
[root@ct glance]# chown -hR glance:glance /var/lib/glance/

##镜像导入，先上传cirros-0.3.5-x86_64-disk.img镜像
[root@ct glance]# openstack image create --file cirros-0.3.5-x86_64-disk.img --disk-format qcow2 --container-format bare --public cirros
[root@ct glance]# openstack image list			##查看结果
+--------------------------------------+--------+--------+
| ID                                   | Name   | Status |
+--------------------------------------+--------+--------+
| f7b8bd29-807b-4511-99d6-b398c9653cdf | cirros | active |
+--------------------------------------+--------+--------+

OpenStack-Nova和OpenStack-Placement模块部署模块部署

创建数据库实例和数据库用户
[root@ct ~]# mysql -uroot -p
MariaDB [(none)]> CREATE DATABASE placement;
Query OK, 1 row affected (0.001 sec)
MariaDB [(none)]> grant all privileges on plancement.* to 'plancement'@'localhost' identified by 'PLANCEMENT_DBPASS';
Query OK, 0 rows affected (0.001 sec)

MariaDB [(none)]> grant all privileges on plancement.* to 'plancement'@'%' identified by 'PLANCEMENT_DBPASS';
Query OK, 0 rows affected (0.000 sec)

MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.000 sec)

MariaDB [(none)]> exit
Bye

创建plancement用户和API的endpoint
[root@ct ~]# openstack user create --domain default --password PLACEMENT_PASS placement
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | default                          |
| enabled             | True                             |
| id                  | 18fd239f6afe4a1eb4d7da2946332262 |
| name                | plancement                       |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+

##给与plancement用户对service项目拥有admin权限
[root@ct ~]# openstack role add --project service --user placement admin

##创建一个placement服务，服务类型为placement
[root@ct ~]# openstack service create --name placement --description "Placement API" placement
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Placement API                    |
| enabled     | True                             |
| id          | 08f7d8d3df9348f4a85dca595e0da681 |
| name        | placement                        |
| type        | placement                        |
+-------------+----------------------------------+

##注册API段考到placement的service中；注册的信息会写入到mysql中
[root@ct ~]# openstack endpoint create --region RegionOne placement public http://ct:8778
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 87b90cfcff85487ba05712c785877883 |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 08f7d8d3df9348f4a85dca595e0da681 |
| service_name | placement                        |
| service_type | placement                        |
| url          | http://ct:8778                   |
+--------------+----------------------------------+
[root@ct ~]# openstack endpoint create --region RegionOne placement internal http://ct:8778
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 040748ac9a264439b664f04351076d97 |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 08f7d8d3df9348f4a85dca595e0da681 |
| service_name | placement                        |
| service_type | placement                        |
| url          | http://ct:8778                   |
+--------------+----------------------------------+
[root@ct ~]# openstack endpoint create --region RegionOne placement admin http://ct:8778
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | a639fb5e0a764cf7a4da9ec8a54a70bd |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 08f7d8d3df9348f4a85dca595e0da681 |
| service_name | placement                        |
| service_type | placement                        |
| url          | http://ct:8778                   |
+--------------+----------------------------------+

安装placement服务
[root@ct ~]# yum install -y openstack-placement-api

##修改placement.conf配置文件
[root@ct ~]# cp /etc/placement/placement.conf{,.bak}
[root@ct ~]# grep -Ev '^$|#' /etc/placement/placement.conf.bak > /etc/placement/placement.conf
##输入以下命令
openstack-config --set /etc/placement/placement.conf placement_database connection mysql+pymysql://placement:PLACEMENT_DBPASS@ct/placement
openstack-config --set /etc/placement/placement.conf api auth_strategy keystone
openstack-config --set /etc/placement/placement.conf keystone_authtoken auth_url  http://ct:5000/v3
openstack-config --set /etc/placement/placement.conf keystone_authtoken memcached_servers ct:11211
openstack-config --set /etc/placement/placement.conf keystone_authtoken auth_type password
openstack-config --set /etc/placement/placement.conf keystone_authtoken project_domain_name Default
openstack-config --set /etc/placement/placement.conf keystone_authtoken user_domain_name Default
openstack-config --set /etc/placement/placement.conf keystone_authtoken project_name service
openstack-config --set /etc/placement/placement.conf keystone_authtoken username placement
openstack-config --set /etc/placement/placement.conf keystone_authtoken password PLACEMENT_PASS
[root@ct ~]# cat /etc/placement/placement.conf		##查看配置文件
[DEFAULT]
[api]
auth_strategy = keystone
[cors]
[keystone_authtoken]
auth_url = http://ct:5000/v3				##指定keystone地址
memcached_servers = ct:11211				##session信息是缓存放到了memcached中
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = placement
password = PLACEMENT_PASS
[oslo_policy]
[placement]
[placement_database]
connection = mysql+pymysql://placement:PLACEMENT_DBPASS@ct/placement
[profiler]

##导入数据库
[root@ct placement]# su -s /bin/sh -c "placement-manage db sync" placement
/usr/lib/python2.7/site-packages/pymysql/cursors.py:170: Warning: (1280, u"Name 'alembic_version_pkc' ignored for PRIMARY key.")
  result = self._query(query)

修改00-placemenct-api.conf配置文件
[root@ct placement]# cd /etc/httpd/conf.d/
[root@ct conf.d]# ls
00-placement-api.conf  autoindex.conf  README  userdir.conf  welcome.conf  wsgi-keystone.conf
[root@ct conf.d]# vi 00-placement-api.conf 		##在末尾添加以下内容
<Directory /usr/bin>			#此处是bug，必须添加下面的配置来启用对placement api的访问，否则在访问apache的
<IfVersion >= 2.4>				#api时会报403；添加在文件的最后即可
	Require all granted
</IfVersion>
<IfVersion < 2.4>				#apache版本；允许apache访问/usr/bin目录；否则/usr/bin/placement-api将不允许被访问
	Order allow,deny				
	Allow from all				#允许apache访问
</IfVersion>
</Directory>
[root@ct conf.d]# systemctl restart httpd.service
[root@ct conf.d]# netstat -antp | grep 8778
tcp        0      0 192.168.140.10:60610    192.168.140.10:8778     TIME_WAIT   -                   
tcp6       0      0 :::8778                 :::*                    LISTEN      71692/httpd 

检查placement状态
[root@ct conf.d]# placement-status upgrade check
+----------------------------------+
| Upgrade Check Results            |
+----------------------------------+
| Check: Missing Root Provider IDs |
| Result: Success                  |
| Details: None                    |
+----------------------------------+
| Check: Incomplete Consumers      |
| Result: Success                  |
| Details: None                    |
+----------------------------------+

在ct节点安装部署Nova组件
在控制节点ct创建用户并授权
MariaDB [(none)]> create database nova_api;
Query OK, 1 row affected (0.000 sec)

MariaDB [(none)]> create database nova;
Query OK, 1 row affected (0.000 sec)

MariaDB [(none)]> create database nova_cell0;
Query OK, 1 row affected (0.000 sec)

MariaDB [(none)]> grant all privileges on nova_api.* to 'nova'@'localhost' identified by 'NOVA_DBPASS'
    -> ;
Query OK, 0 rows affected (0.000 sec)

MariaDB [(none)]> grant all privileges on nova_api.* to 'nova'@'%' identified by 'NOVA_DBPASS'
    -> ;
Query OK, 0 rows affected (0.000 sec)

MariaDB [(none)]> grant all privileges on nova.* to 'nova'@'%' identified by 'NOVA_DBPASS';
Query OK, 0 rows affected (0.000 sec)

MariaDB [(none)]> grant all privileges on nova.* to 'nova'@'localhost' identified by 'NOVA_DBPASS';
Query OK, 0 rows affected (0.000 sec)

MariaDB [(none)]> grant all privileges on nova_cell0.* to 'nova'@'localhost' identified by 'NOVA_DBPASS';
Query OK, 0 rows affected (0.000 sec)

MariaDB [(none)]> grant all privileges on nova_cell0.* to 'nova'@'%' identified by 'NOVA_DBPASS';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.000 sec)

MariaDB [(none)]> exit
Bye

创建Nova用户和服务
[root@ct conf.d]# openstack user create --domain default --password NOVA_PASS nova
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | default                          |
| enabled             | True                             |
| id                  | 4b98eaf74b2a4579b83dbd3e81fa4fad |
| name                | nova                             |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+
[root@ct conf.d]# openstack role add --project service --user nova admin

##创建nova服务
[root@ct conf.d]# openstack service create --name nova --description "OpenStack Compute" compute
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Compute                |
| enabled     | True                             |
| id          | 7bcedc7c3adf432c986236bbf9dbc83f |
| name        | nova                             |
| type        | compute                          |
+-------------+----------------------------------+

给nova服务管理endpoint
[root@ct conf.d]# openstack endpoint create --region RegionOne compute public http://ct:8774/v2.1
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | b111cd0285e64920aa1b7e06a79e9eae |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 7bcedc7c3adf432c986236bbf9dbc83f |
| service_name | nova                             |
| service_type | compute                          |
| url          | http://ct:8774/v2.1              |
+--------------+----------------------------------+
[root@ct conf.d]#  openstack endpoint create --region RegionOne compute internal http://ct:8774/v2.1
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 054fe754b1ad45c5a9312206117061e6 |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 7bcedc7c3adf432c986236bbf9dbc83f |
| service_name | nova                             |
| service_type | compute                          |
| url          | http://ct:8774/v2.1              |
+--------------+----------------------------------+
[root@ct conf.d]# openstack endpoint create --region RegionOne compute admin http://ct:8774/v2.1
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | c601fedecc684817a445942b64895607 |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 7bcedc7c3adf432c986236bbf9dbc83f |
| service_name | nova                             |
| service_type | compute                          |
| url          | http://ct:8774/v2.1              |
+--------------+----------------------------------+
[root@ct conf.d]# openstack endpoint create --region RegionOne compute admin http://ct:8774/v2.1
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | c601fedecc684817a445942b64895607 |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 7bcedc7c3adf432c986236bbf9dbc83f |
| service_name | nova                             |
| service_type | compute                          |
| url          | http://ct:8774/v2.1              |
+--------------+----------------------------------+

安装nova组件（nova-api、nova-conductor、nova-novncproxy、nova-scheduler）
[root@ct conf.d]# yum -y install openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler

修改nova.conf配置文件
[root@ct conf.d]#  cp -a /etc/nova/nova.conf{,.bak}
[root@ct conf.d]#  grep -Ev '^$|#' /etc/nova/nova.conf.bak > /etc/nova/nova.conf
##执行以下命令
 openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
 openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 192.168.140.10			
 openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron true
 openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
 openstack-config --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@ct
 openstack-config --set /etc/nova/nova.conf api_database connection mysql+pymysql://nova:NOVA_DBPASS@ct/nova_api
 openstack-config --set /etc/nova/nova.conf database connection mysql+pymysql://nova:NOVA_DBPASS@ct/nova
 openstack-config --set /etc/nova/nova.conf placement_database connection mysql+pymysql://placement:PLACEMENT_DBPASS@ct/placement
 openstack-config --set /etc/nova/nova.conf api auth_strategy keystone
 openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://ct:5000/v3
 openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers ct:11211
 openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password
 openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name Default
 openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name Default
 openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name service
 openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
 openstack-config --set /etc/nova/nova.conf keystone_authtoken password NOVA_PASS
 openstack-config --set /etc/nova/nova.conf vnc enabled true
 openstack-config --set /etc/nova/nova.conf vnc server_listen ' $my_ip'
 openstack-config --set /etc/nova/nova.conf vnc server_proxyclient_address ' $my_ip'
 openstack-config --set /etc/nova/nova.conf glance api_servers http://ct:9292
 openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
 openstack-config --set /etc/nova/nova.conf placement region_name RegionOne
 openstack-config --set /etc/nova/nova.conf placement project_domain_name Default
 openstack-config --set /etc/nova/nova.conf placement project_name service
 openstack-config --set /etc/nova/nova.conf placement auth_type password
 openstack-config --set /etc/nova/nova.conf placement user_domain_name Default
 openstack-config --set /etc/nova/nova.conf placement auth_url http://ct:5000/v3
 openstack-config --set /etc/nova/nova.conf placement username placement
 openstack-config --set /etc/nova/nova.conf placement password PLACEMENT_PASS

初始化nova-api数据库
[root@ct conf.d]# su -s /bin/sh -c "nova-manage api_db sync" nova
[root@ct conf.d]# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
#创建cell1单元格
[root@ct conf.d]# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
0a5e9760-2693-4b1c-ba2f-0791eda1eaff
#初始化nova数据库；可以通过 /var/log/nova/nova-manage.log 日志判断是否初始化成功
[root@ct conf.d]# su -s /bin/sh -c "nova-manage db sync" nova
/usr/lib/python2.7/site-packages/pymysql/cursors.py:170: Warning: (1831, u'Duplicate index `block_device_mapping_instance_uuid_virtual_name_device_name_idx`. This is deprecated and will be disallowed in a future release')
  result = self._query(query)
/usr/lib/python2.7/site-packages/pymysql/cursors.py:170: Warning: (1831, u'Duplicate index `uniq_instances0uuid`. This is deprecated and will be disallowed in a future release')
  result = self._query(query)
#可使用以下命令验证cell0和cell1是否注册成功
[root@ct conf.d]# su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova
+-------+--------------------------------------+----------------------------+-----------------------------------------+----------+
|  名称 |                 UUID                 |       Transport URL        |                数据库连接               | Disabled |
+-------+--------------------------------------+----------------------------+-----------------------------------------+----------+
| cell0 | 00000000-0000-0000-0000-000000000000 |           none:/           | mysql+pymysql://nova:****@ct/nova_cell0 |  False   |
| cell1 | 0a5e9760-2693-4b1c-ba2f-0791eda1eaff | rabbit://openstack:****@ct |    mysql+pymysql://nova:****@ct/nova    |  False   |
+-------+--------------------------------------+----------------------------+-----------------------------------------+----------+

启动nova服务
[root@ct conf.d]# systemctl enable openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-scheduler.service to /usr/lib/systemd/system/openstack-nova-scheduler.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-conductor.service to /usr/lib/systemd/system/openstack-nova-conductor.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-novncproxy.service to /usr/lib/systemd/system/openstack-nova-novncproxy.service.
[root@ct conf.d]#  systemctl start openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
[root@ct conf.d]#  netstat -tnlup|egrep '8774|8775'		##检查nova端口
tcp        0      0 0.0.0.0:8775            0.0.0.0:*               LISTEN      77149/python2       
tcp        0      0 0.0.0.0:8774            0.0.0.0:*               LISTEN      77149/python2 

在计算节点配置nova服务
ct1和ct2节点配置相同，除了配置文件中的IP地址不同
[root@ct1 ~]# yum -y install openstack-nova-compute
[root@ct1 ~]# cp -a /etc/nova/nova.conf{,.bak}
[root@ct1 ~]# grep -Ev '^$|#' /etc/nova/nova.conf.bak > /etc/nova/nova.conf

##输入以下内容,注意里面的两个IP地址
openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
openstack-config --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@ct
openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 192.168.140.20				
openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron true
openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
openstack-config --set /etc/nova/nova.conf api auth_strategy keystone
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://ct:5000/v3
openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers ct:11211
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name Default
openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name Default
openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name service
openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
openstack-config --set /etc/nova/nova.conf keystone_authtoken password NOVA_PASS
openstack-config --set /etc/nova/nova.conf vnc enabled true
openstack-config --set /etc/nova/nova.conf vnc server_listen 0.0.0.0
openstack-config --set /etc/nova/nova.conf vnc server_proxyclient_address ' $my_ip'
openstack-config --set /etc/nova/nova.conf vnc novncproxy_base_url http://192.168.140.10:6080/vnc_auto.html
openstack-config --set /etc/nova/nova.conf glance api_servers http://ct:9292
openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
openstack-config --set /etc/nova/nova.conf placement region_name RegionOne
openstack-config --set /etc/nova/nova.conf placement project_domain_name Default
openstack-config --set /etc/nova/nova.conf placement project_name service
openstack-config --set /etc/nova/nova.conf placement auth_type password
openstack-config --set /etc/nova/nova.conf placement user_domain_name Default
openstack-config --set /etc/nova/nova.conf placement auth_url http://ct:5000/v3
openstack-config --set /etc/nova/nova.conf placement username placement
openstack-config --set /etc/nova/nova.conf placement password PLACEMENT_PASS
openstack-config --set /etc/nova/nova.conf libvirt virt_type qemu

在ct节点上查看计算机点是否注册
[root@ct conf.d]# openstack compute service list --service nova-compute
+----+--------------+------+------+---------+-------+----------------------------+
| ID | Binary       | Host | Zone | Status  | State | Updated At                 |
+----+--------------+------+------+---------+-------+----------------------------+
|  8 | nova-compute | ct1  | nova | enabled | up    | 2021-08-27T03:22:35.000000 |
|  9 | nova-compute | ct2  | nova | enabled | up    | 2021-08-27T03:22:33.000000 |
+----+--------------+------+------+---------+-------+----------------------------+

扫描当前openstack中有哪些计算节点可用，发现后会把计算节点创建到cell中，后面就可以在cell中创建虚拟机；相当于openstack内部对计算节点进行分组，把计算节点分配到不同的cell中
[root@ct conf.d]# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
Found 2 cell mappings.
Skipping cell0 since it does not contain hosts.
Getting computes from cell 'cell1': 0a5e9760-2693-4b1c-ba2f-0791eda1eaff
Checking host mapping for compute host 'ct1': bfb82c72-838f-4202-a267-4450c92c844b
Creating host mapping for compute host 'ct1': bfb82c72-838f-4202-a267-4450c92c844b
Checking host mapping for compute host 'ct2': e28927d1-c2e1-49be-92a7-d17d92431acf
Creating host mapping for compute host 'ct2': e28927d1-c2e1-49be-92a7-d17d92431acf
Found 2 unmapped computes in cell: 0a5e9760-2693-4b1c-ba2f-0791eda1eaff

##默认每次添加个计算节点，在控制端就需要执行一次扫描，这样会很麻烦，所以可以修改控制端nova的主配置文件
[root@ct conf.d]# vim /etc/nova/nova.conf
[scheduler]
discover_hosts_in_cells_interval = 300		#每300秒扫描一次
[root@ct conf.d]# systemctl restart openstack-nova-api.service

检查 nova 的各个服务是否都是正常，以及 compute 服务是否注册成功
[root@ct conf.d]# openstack compute service list
+----+----------------+------+----------+---------+-------+----------------------------+
| ID | Binary         | Host | Zone     | Status  | State | Updated At                 |
+----+----------------+------+----------+---------+-------+----------------------------+
|  3 | nova-conductor | ct   | internal | enabled | up    | 2021-08-27T03:28:12.000000 |
|  5 | nova-scheduler | ct   | internal | enabled | up    | 2021-08-27T03:28:13.000000 |
|  8 | nova-compute   | ct1  | nova     | enabled | up    | 2021-08-27T03:28:15.000000 |
|  9 | nova-compute   | ct2  | nova     | enabled | up    | 2021-08-27T03:28:13.000000 |
+----+----------------+------+----------+---------+-------+----------------------------+

##查看各个组件的zpi是否正常
[root@ct conf.d]# openstack catalog list
+-----------+-----------+---------------------------------+
| Name      | Type      | Endpoints                       |
+-----------+-----------+---------------------------------+
| placement | placement | RegionOne                       |
|           |           |   internal: http://ct:8778      |
|           |           | RegionOne                       |
|           |           |   public: http://ct:8778        |
|           |           | RegionOne                       |
|           |           |   admin: http://ct:8778         |
|           |           |                                 |
| keystone  | identity  | RegionOne                       |
|           |           |   public: http://ct:5000/v3/    |
|           |           | RegionOne                       |
|           |           |   internal: http://ct:5000/v3/  |
|           |           | RegionOne                       |
|           |           |   admin: http://ct:5000/v3/     |
|           |           |                                 |
| glance    | image     | RegionOne                       |
|           |           |   admin: http://ct:9292         |
|           |           | RegionOne                       |
|           |           |   public: http://ct:9292        |
|           |           | RegionOne                       |
|           |           |   internal: http://ct:9292      |
|           |           |                                 |
| nova      | compute   | RegionOne                       |
|           |           |   internal: http://ct:8774/v2.1 |
|           |           | RegionOne                       |
|           |           |   public: http://ct:8774/v2.1   |
|           |           | RegionOne                       |
|           |           |   admin: http://ct:8774/v2.1    |
|           |           |                                 |
| placement | placement |                                 |
+-----------+-----------+---------------------------------+

查看是否能拿到镜像
[root@ct conf.d]# openstack image list
+--------------------------------------+--------+--------+
| ID                                   | Name   | Status |
+--------------------------------------+--------+--------+
| f7b8bd29-807b-4511-99d6-b398c9653cdf | cirros | active |
+--------------------------------------+--------+--------+

查看cell的api和placement的api是否正常，只要其中一个有误，后期无法创建虚拟机
[root@ct conf.d]# nova-status upgrade check
.+--------------------------------+
| Upgrade Check Results          |
+--------------------------------+
| Check: Cells v2                |
| Result: Success                |
| Details: None                  |
+--------------------------------+
| Check: Placement API           |
| Result: Success                |
| Details: None                  |
+--------------------------------+
| Check: Ironic Flavor Migration |
| Result: Success                |
| Details: None                  |
+--------------------------------+
| Check: Cinder API              |
| Result: Success                |
| Details: None                  |
+--------------------------------+