File - New Virtual Machines... - Typical, Next - I will install the operating system later. Next - Linux, CentOS 8, Next - Openstack_Yoga, Next - 128, Next - Customize Hardware... - Memory 10240GB - Processors Number of processors:1, Number of cores per processor: 6, Virtualize Intel VT-x/EPT or AMD-V/RVI(중첩된 가상화) - New CD/DVD, Use ISO image file: CentOS-Stream-8 - Network Adapter, Bridged - USB Controller/Sound Card/Printer remove - Close - Finish
ip 못받은 경우 Auto 대신 LAN 지정해주기
내보내기
Openstack_Yoga 선택 - File - Export to OVF...
192.168.0.0/21
192.168.0.0 ~ 192.168.7.255
네트워크 계산기
192.168.0.0/16 -> 16비트 네트워크를 21로 쪼갰다. -> 32개의 서브넷 이용 가능
이 가이드에 사용된 예제 아키텍처는 최소 구성이며 프로덕션 시스템 설치용이 ❌, OpenStack에 대해 학습할 목적으로 최소한의 개념 증명을 제공하도록 설계 ⭕
vi /etc/sysconfig/network-scripts/ifcfg-ens192
# BOOTPROTO=dhcp->none, ONBOOT=yes 설정
----------------------------------------
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=eui64
NAME=ens160
UUID=09c0d532-07b2-4e63-bfbd-7182d64da09a
DEVICE=ens160
ONBOOT=no
IPADDR=192.168.1.151
#NETMASK=255.255.248.0 # 이부분 필요하다면 추가
----------------------------------------
/etc/hosts
파일에 컨트롤러 노드와 컴퓨트 노드 정보추가vi /etc/hosts
----------------------------------------
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.151 controller
192.168.1.152 compute
----------------------------------------
vi /etc/sysconfig/network-scripts/ifcfg-ens192
# BOOTPROTO=dhcp->none, ONBOOT=yes 설정
----------------------------------------
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=eui64
NAME=ens160
UUID=09c0d532-07b2-4e63-bfbd-7182d64da09a
DEVICE=ens160
ONBOOT=no
IPADDR=192.168.1.152
#NETMASK=255.255.248.0 # 이부분 필요하다면 추가
----------------------------------------
/etc/hosts
파일에 컨트롤러 노드와 컴퓨트 노드 정보추가vi /etc/hosts
----------------------------------------
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.1.151 controller
192.168.1.152 compute
----------------------------------------
yum install chrony
pool 2.centos.pool.ntp.org iburst
정보 주석, NTP 서버 정보 입력vi /etc/chrony.conf
----------------------------------------
...
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
# pool 2.centos.pool.ntp.org iburst
server 0.pool.ntp.org iburst
server 1.pool.ntp.org iburst
server 2.pool.ntp.org iburst
server 3.pool.ntp.org iburst
...
# Allow NTP client access from local network.
#allow 192.168.0.0/16
allow 192.168.0.0/21
...
----------------------------------------
systemctl enable --now chronyd
systemctl status chronyd
\# chronyc sources
----------------------------------------
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^- send.mx.cdnetworks.com 2 6 377 56 -171us[ +151us] +/- 41ms
^- 121.174.142.81 3 6 77 50 +801us[ +801us] +/- 49ms
^- 106.247.248.106 2 6 377 56 -398us[ -77us] +/- 64ms
^* 193.123.243.2 2 6 377 54 +319us[ +640us] +/- 5218us
yum install chrony
vi /etc/chrony.conf
----------------------------------------
Use public servers from the pool.ntp.org project.
Please consider joining the pool (http://www.pool.ntp.org/join.html).
# Use public servers from the pool.ntp.org project.
# Please consider joining the pool (http://www.pool.ntp.org/join.html).
# pool 2.centos.pool.ntp.org iburst
server 192.168.1.151 iburst
...
----------------------------------------
systemctl enable --now chronyd
systemctl status chronyd
\# chronyc sources
----------------------------------------
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^? controller 0 7 0 - +0ns[ +0ns] +/- 0ns
오픈스택 패키지
✅ 여기에 설명된 OpenStack 패키지 설정은 모든 노드(컨트롤러, 컴퓨팅 및 블록 스토리지 노드)에서 수행
## 보류
\# yum install -y centos-release-openstack-yoga
## 수행
\# dnf install https://www.rdoproject.org/repos/rdo-release.el8.rpm
## 모든 노드에서 패키지를 업그레이드
\# yum upgrade -y
## CentOS 8 및 RHEL 8의 경우
\# yum install -y python3-openstackclient
\# vi /etc/selinux/config
----------------------------------------
SELINUX=disabled
----------------------------------------
\# setenforce 0
"""대부분의 OpenStack 서비스는 SQL 데이터베이스를 사용하여 정보를 저장합니다. 데이터베이스는 일반적으로 컨트롤러 노드에서 실행됩니다. 이 가이드의 절차는 배포판에 따라 MariaDB 또는 MySQL을 사용합니다. OpenStack 서비스는 PostgreSQL을 포함한 다른 SQL 데이터베이스도 지원합니다 ."""
\# yum install -y mariadb mariadb-server python2-PyMySQL
\# vi /etc/my.cnf.d/openstack.cnf
----------------------------------------
[mysqld]
bind-address = 192.168.1.151
default-storage-engine = innodb
innodb_file_per_table
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
----------------------------------------
\# systemctl enable --now mariadb
\# systemctl status mariadb
## 스크립트 실행 root 암호 설정
\# mysql_secure_installation
## EPEL repository 설치 및 enabled=1 추가
\# dnf -y install epel-release
\# vi /etc/yum.repos.d/CentOS-Stream-PowerTools.repo
----------------------------------------
[powertools]
name=CentOS Stream $releasever - PowerTools
mirrorlist=http://mirrorlist.centos.org/?release=$stream&arch=$basearch&repo=PowerTools&infra=$infra
#baseurl=http://mirror.centos.org/$contentdir/$stream/PowerTools/$basearch/os/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
----------------------------------------
## 패키지 설치
\# yum install -y rabbitmq-server
## 메시지 대기열 서비스 시작 및 부팅 서비스 등록
\# systemctl enable --now rabbitmq-server
\# systemctl status rabbitmq-server
## 사용자 추가 openstack
\# rabbitmqctl add_user openstack RABBIT_PASS
## RabbitMQ를 사용할 수 있도록 openstack 사용자 에 대한 구성, 쓰기 및 읽기 액세스를 허용
\# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
\# yum install -y memcached python3-memcached
## OPTIONS="-l 127.0.0.1,::1"
## -> OPTIONS="-l 127.0.0.1,::1,controller"
\# vi /etc/sysconfig/memcached
----------------------------------------
PORT="11211"
USER="memcached"
MAXCONN="1024"
CACHESIZE="64"
OPTIONS="-l 127.0.0.1,::1,controller"
----------------------------------------
\# systemctl enable --now memcached
\# systemctl status memcached
mysql -u root -p
MariaDB [(none)]> CREATE DATABASE keystone;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
IDENTIFIED BY 'KEYSTONE_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
IDENTIFIED BY 'KEYSTONE_DBPASS';
yum install -y openstack-keystone httpd python3-mod_wsgi
openssl rand -hex 10 # -> cb058a6efbeb03ca825f
vi /etc/keystone/keystone.conf
----------------------------------------
[DEFAULT]
admin_token = cb058a6efbeb03ca825f
...
[database]
# ...
connection = mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone
...
[token]
# ...
provider = fernet
----------------------------------------
## ID 서비스 데이터베이스를 채우기
su -s /bin/sh -c "keystone-manage db_sync" keystone
## Fernet 키 저장소를 초기화
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
## ID 서비스를 부트스트랩
keystone-manage bootstrap --bootstrap-password ADMIN_PASS \
--bootstrap-admin-url http://controller:5000/v3/ \
--bootstrap-internal-url http://controller:5000/v3/ \
--bootstrap-public-url http://controller:5000/v3/ \
--bootstrap-region-id RegionOne
## /etc/httpd/conf/httpd.conf 파일을 열어 ServerName을 설정
vi /etc/httpd/conf/httpd.conf
----------------------------------------
…
ServerRoot “/etc/httpd”
Listen 80
Include conf.modules.d/.conf
User apache
Group apache
ServerAdmin root@localhost
…
ServerName 192.168.1.151
…
EnableSendfile on
IncludeOptional conf.d/
----------------------------------------
## /usr/share/keystone/wsgi-keystone.conf 파일 에 대한 링크를 생성
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
## Apache HTTP 서비스를 시작하고 부팅서비스 등록
systemctl enable --now httpd
systemctl status httpd
## 환경 변수 파일 생성
vi admin-openrc
----------------------------------------
export OS_USERNAME=admin
export OS_PASSWORD=ADMIN_PASS
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION = 2
ERROR: Either --bootstrap-password argument or OS_BOOTSTRAP_PASSWORD must be set.
root
사용자로 연결mysql -u root -p
glance
데이터베이스 생성CREATE DATABASE glance;
glance
데이터베이스 에 대한 적절한 액세스 권한을 부여GLANCE_DBPASS
부분 쓰려는 PASS로 수정 혹은 임의로 만들어진 암호로(기억해야함)GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' \
IDENTIFIED BY 'GLANCE_DBPASS';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' \
IDENTIFIED BY 'GLANCE_DBPASS';
exit
$ . admin-openrc
glance
사용자를 생성, 비밀번호 입력$ openstack user create --domain default --password-prompt glance
[root@controller ~]# openstack user create --domain default --password-prompt glance
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 7e6070c3398a40f2a31f2986de5264b1 |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
$ openstack project create --domain default --description "Service Project" service
$ openstack role add --project service --user glance admin