Openstack组建部署 — Environment of Controller Node

  • 时间:4年前
  • 浏览:5621次
  • 网赌被黑找腾龙D哥出黑【微信:gm4927 QQ:861122225】

    目录

    前文列表

    Controller Node

    控制节点是整个Openstack控制枢纽,可以将Database、Message queue、DNS、NTP、Keystone等服务集成到一起,当然Openstack实现了松耦合的架构思想,因此所有的组件都可以在任意Node中安装组合,视乎实际情况而定。

    Install and configure components

    Setup DNS Server

    step1.

    yum install -y bind bind-chroot

    **Step2.**Edit the config file.

    [root@controller ~]# cat /etc/named.conf | grep -v ^# | grep -v ^// | grep -v ^$
    options {
        directory   "/var/named";
        dump-file   "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        allow-query     { any; };
        recursion yes;
        dnssec-enable yes;
        dnssec-validation yes;
        /* Path to ISC DLV key */
        bindkeys-file "/etc/named.iscdlv.key";
        managed-keys-directory "/var/named/dynamic";
        pid-file "/run/named/named.pid";
        session-keyfile "/run/named/session.key";
    };
    logging {
            channel default_debug {
                    file "data/named.run";
                    severity dynamic;
            };
    };
    zone "." IN {
        type hint;
        file "named.ca";
    };
    include "/etc/named.rfc1912.zones";
    include "/etc/named.root.key";

    **Step3.**Forward Domain
    vim /etc/named.rfc1912.zones

    zone "jmilk.com" IN {
            type master;
            file "jmilk.com.zone";
            allow-update { none; };
    };

    Create zone config file:

    cp -p /var/named/named.localhost /var/named/jmilk.com.zone

    vim /var/named/jmilk.com.zone

    $TTL 1D
    @       IN SOA  @ rname.invalid. (
                                            0       ; serial
                                            1D      ; refresh
                                            1H      ; retry
                                            1W      ; expire
                                            3H )    ; minimum
            NS      controller.jmilk.com.
    controller A    192.168.1.5
    network A       192.168.1.6
    compute1 A      192.168.1.10
    compute2 A      192.168.1.11
    block1 A        192.168.1.20
    block2 A        192.168.1.21
    object1 A       192.168.1.31
    object2 A       192.168.1.32

    vim /etc/resolv.conf

    # Generated by NetworkManager
    search jmilk.com
    nameserver 127.0.0.1

    注意:当需要联网安装软件包时,还是需要将DNSSERVER指向外网DNSSERVER

    Restart the named service

    systemctl restart named
    systemctl enable named

    Setup NTP Server

    Install the packages:

    yum install chrony

    Edit the /etc/chrony.conf:
    vim /etc/chrony.conf

    #注释其他以server开头的配置项,并添加下列配置,使用国内速度较快的NTP Server
    server 1.cn.pool.ntp.org iburst  
    allow 192.168.1.0/24

    Start the NTP service and configure it to start when the system boots:

    systemctl enable chronyd.service
    systemctl start chronyd.service

    CHECK:

    [root@controller ~]# timedatectl status 
          Local time: Fri 2016-06-10 12:00:08 EDT
      Universal time: Fri 2016-06-10 16:00:08 UTC
            RTC time: Fri 2016-06-10 16:00:09
            Timezone: America/New_York (EDT, -0400)
         NTP enabled: yes               #YES
    NTP synchronized: yes               #YES
     RTC in local TZ: no
          DST active: yes
     Last DST change: DST began at
                      Sun 2016-03-13 01:59:59 EST
                      Sun 2016-03-13 03:00:00 EDT
     Next DST change: DST ends (the clock jumps one hour backwards) at
                      Sun 2016-11-06 01:59:59 EDT
                      Sun 2016-11-06 01:00:00 EST
    
    [root@controller ~]# chronyc sources
    210 Number of sources = 1
    MS Name/IP address         Stratum Poll Reach LastRx Last sample
    ===============================================================================
    ^* 202.118.1.130                 2   6    17    31   +307us[ +415us] +/-   82ms

    Install SQL Database

    Install the packages:

    yum install mariadb mariadb-server python2-PyMySQL -y

    Create and edit the /etc/my.cnf.d/openstack.cnf file
    vim /etc/my.cnf.d/openstack.cnf

    [mysqld]
    bind-address = 192.168.1.5      #Controller Node IPAddress 设置
    ip绑定
    default-storage-engine = innodb
    innodb_file_per_table
    collation-server = utf8_general_ci
    character-set-server = utf8    #默认数据库引擎及默认字符集为UTF-8

    Start the database service and configure it to start when the system boots:

    systemctl enable mariadb.service
    systemctl start mariadb.service

    初始化MySQL

    [root@controller ~]# mysql_secure_installation
    
    NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
          SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!
    
    In order to log into MariaDB to secure it, we'll need the current
    password for the root user.  If you've just installed MariaDB, and
    you haven't set the root password yet, the password will be blank,
    so you should just press enter here.
    
    Enter current password for root (enter for none): 
    OK, successfully used password, moving on...
    
    Setting the root password ensures that nobody can log into the MariaDB
    root user without the proper authorisation.
    
    You already have a root password set, so you can safely answer 'n'.
    
    Change the root password? [Y/n] 
    New password: 
    Re-enter new password: 
    Password updated successfully!
    Reloading privilege tables..
     ... Success!
    
    
    By default, a MariaDB installation has an anonymous user, allowing anyone
    to log into MariaDB without having to have a user account created for
    them.  This is intended only for testing, and to make the installation
    go a bit smoother.  You should remove them before moving into a
    production environment.
    
    Remove anonymous users? [Y/n] 
     ... Success!
    
    Normally, root should only be allowed to connect from 'localhost'.  This
    ensures that someone cannot guess at the root password from the network.
    
    Disallow root login remotely? [Y/n] 
     ... Success!
    
    By default, MariaDB comes with a database named 'test' that anyone can
    access.  This is also intended only for testing, and should be removed
    before moving into a production environment.
    
    Remove test database and access to it? [Y/n] 
     - Dropping test database...
     ... Success!
     - Removing privileges on test database...
     ... Success!
    
    Reloading the privilege tables will ensure that all changes made so far
    will take effect immediately.
    
    Reload privilege tables now? [Y/n] 
     ... Success!
    
    Cleaning up...
    
    All done!  If you've completed all of the above steps, your MariaDB
    installation should now be secure.
    
    Thanks for using MariaDB!

    Setup Message queue

    OpenStack使用message queue实现协调操作和服务之间的状态信息。Message queue service一般在Controller Node上运行。
    OpenStack常用的消息代理软件:

    • RabbitMQ(更加常用)
    • Qpid
    • ZeroMQ

    Install the package:

    yum install rabbitmq-server -y

    Start the message queue service and configure it to start when the system boots:

    systemctl enable rabbitmq-server.service
    systemctl start rabbitmq-server.service

    Add the openstack user

    rabbitmqctl add_user openstack fanguiju

    Permit configuration, write, and read access for the openstack user:

    rabbitmqctl set_permissions openstack ".*" ".*" ".*"

    Setup Memcached

    The Identity service authentication mechanism for services uses Memcached to cache tokens. Memcached缓存技术用于对Keystone组件的认证信息token进行缓存。一般安装在Controller Node上,在生产系统中,建议使用认证、防火墙、加密的手段来保证token缓存的安全。
    Install the packages:

    yum install memcached python-memcached -y

    Start the Memcached service and configure it to start when the system boots:

    systemctl enable memcached.service
    systemctl start memcached.service
    网赌被黑找腾龙D哥出黑【微信:gm4927 QQ:861122225】

    留言反馈

    网赌被黑找腾龙D哥出黑【微信:JLYL78999 QQ:978107219】鲁ICP备13008445号-3||Theme by Cn+网络, Soft by ZBlogPHP
  • 网赌被黑