CentOS7.0配置Controller Node – 在青春迷失的咖啡馆

今天想独自通过逐步安装所有模块，进而了解下依赖关系，以及熟悉下每个部分，但是按照官方文档http://docs.openstack.org/操作，还是没有配置完
上司让我干脆用dibian，ubuntu系列，然后直接通过devstack来进行安装，我就不浪费时间折腾了，不论什么环境，今晚一定要配置弄完~！
先记录一下CentOS7.0安装过程中的一些步骤，主要是Controller这个结点
1: 要求
Controller Node
Network Node
Compute Node

2：Linux
最好安装minimal
VMware里需要先创建虚拟机，然后添加ISO，才能手动进行选择minimal

3：网络
CentOS7 默认不开启网络，需要
（1）ip addr查看网卡名
（2）vi打开网卡配置文件，将onboot修改成yes即可
修改hostname：
$ vi /etc/hosts
# controller
10.240.153.104 controller
$ vi /etc/sysconfig/network-scripts/ifcfg-eno16777736
HOSTNAME=controller
$ hostname controller

4：ntp
yum install ntp
备注：上海交大的NTP服务器202.120.2.101
Controller:
vi /etc/ntp.conf，修改ntp server中间的host
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburst
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst
修改成：
server 202.120.2.101 iburst
server 202.120.2.101 iburst
server 202.120.2.101 iburst
server 202.120.2.101 iburst

5：yum
yum install http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm
yum install http://rdo.fedorapeople.org/openstack-kilo/rdo-release-kilo.rpm
yum upgrade
这里会更新一些软件，包括新版本的内核，需要reboot操作系统，然后重新选择内核版本
yum install openstack-selinux

6：SQL database
yum install mariadb mariadb-server MySQL-python
[root@localhost ~]# vi /etc/my.cnf.d/mariadb_openstack.cnf
[root@localhost ~]# cat /etc/my.cnf.d/mariadb_openstack.cnf
[mysqld]
bind-address = 10.240.153.104
default-storage-engine = innodb
innodb_file_per_table
collation-server = utf8_general_ci
init-connect = 'SET NAMES utf8'
character-set-server = utf8

[root@localhost ~]# systemctl enable mariadb.service
ln -s '/usr/lib/systemd/system/mariadb.service' '/etc/systemd/system/multi-user.target.wants/mariadb.service'
[root@localhost ~]# systemctl start mariadb.service

[root@localhost ~]# mysql_secure_installation
enter
Y
lihui
lihui
Y
后面全部Y

7：Message queue
yum install rabbitmq-server
systemctl enable rabbitmq-server.service
systemctl start rabbitmq-server.service

rabbitmqctl add_user openstack lihui
rabbitmqctl set_permissions openstack ".*" ".*" ".*"

$ mysql -u root -p
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'lihui';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'lihui';

# openssl rand -hex 10
#yum install openstack-keystone httpd mod_wsgi python-openstackclient memcached python-memcached
安装过程中，会比较缓慢，有些包还会报错，可多yum几次或者按照提示手动下载对应RPM进行安装

systemctl enable memcached.service
systemctl start memcached.service

vi /etc/keystone/keystone.conf
[DEFAULT]
...
admin_token = ADMIN_TOKEN

[database]
...
connection = mysql://keystone:lihui@controller/keystone

[memcache]
servers = localhost:11211

[token]
provider = keystone.token.providers.uuid.Provider
driver = keystone.token.persistence.backends.sql.Token

[revoke]
driver = keystone.contrib.revoke.backends.sql.Revoke

[DEFAULT]
#verbose = false修改成verbose = True

[root@localhost ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone
Traceback (most recent call last):
  File "/usr/bin/keystone-manage", line 44, in <module>
    cli.main(argv=sys.argv, config_files=config_files)
  File "/usr/lib/python2.7/site-packages/keystone/cli.py", line 584, in main
    config.setup_logging()
  File "/usr/lib/python2.7/site-packages/keystone/config.py", line 56, in setup_logging
    log.setup(CONF, 'keystone')
  File "/usr/lib/python2.7/site-packages/oslo_log/log.py", line 211, in setup
    _setup_logging_from_conf(conf, product_name, version)
  File "/usr/lib/python2.7/site-packages/oslo_log/log.py", line 263, in _setup_logging_from_conf
    filelog = logging.handlers.WatchedFileHandler(logpath)
  File "/usr/lib64/python2.7/logging/handlers.py", line 392, in __init__
    logging.FileHandler.__init__(self, filename, mode, encoding, delay)
  File "/usr/lib64/python2.7/logging/__init__.py", line 902, in __init__
    StreamHandler.__init__(self, self._open())
  File "/usr/lib64/python2.7/logging/__init__.py", line 925, in _open
    stream = open(self.baseFilename, self.mode)
IOError: [Errno 13] Permission denied: '/var/log/keystone/keystone.log'
注意：
如果是root来执行，去掉su，就不抱错了

8: Apache HTTP server
[root@localhost ~]# vi /etc/httpd/conf/httpd.conf
[root@localhost ~]# cat /etc/httpd/conf/httpd.conf | grep controller
ServerName controller

[root@localhost ~]# vi /etc/httpd/conf.d/wsgi-keystone.conf
[root@localhost ~]# cat /etc/httpd/conf.d/wsgi-keystone.conf
Listen 5000
Listen 35357
<VirtualHost *:5000>
WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-public
WSGIScriptAlias / /var/www/cgi-bin/keystone/main
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
LogLevel info
ErrorLogFormat "%{cu}t %M"
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
</VirtualHost>
<VirtualHost *:35357>
WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-admin
WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
LogLevel info
ErrorLogFormat "%{cu}t %M"
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
</VirtualHost>

mkdir -p /var/www/cgi-bin/keystone
curl http://git.openstack.org/cgit/openstack/keystone/plain/httpd/keystone.py?h=stable/kilo | tee /var/www/cgi-bin/keystone/main /var/www/cgi-bin/keystone/admin

chown -R keystone:keystone /var/www/cgi-bin/keystone
chmod 755 /var/www/cgi-bin/keystone/*

systemctl enable httpd.service
systemctl start httpd.service

[root@localhost ~]# openssl rand -hex 10
ecb91222a82cfbdb3af9
[root@localhost ~]# export OS_TOKEN=ecb91222a82cfbdb3af9
[root@localhost ~]# echo $OS_TOKEN
ecb91222a82cfbdb3af9


[root@localhost ~]# export OS_URL=http://controller:35357/v2.0
[root@localhost ~]# history | grep create
openstack service create --name keystone --description "OpenStack Identity" identity
history | grep create
[root@localhost ~]# !196
openstack service create --name keystone --description "OpenStack Identity" identity
ERROR: openstack Internal Server Error (HTTP 500)
看了下log信息：
Traceback (most recent call last):
  File "/usr/bin/keystone-manage", line 44, in <module>
    cli.main(argv=sys.argv, config_files=config_files)
  File "/usr/lib/python2.7/site-packages/keystone/cli.py", line 584, in main
    config.setup_logging()
  File "/usr/lib/python2.7/site-packages/keystone/config.py", line 56, in setup_logging
    log.setup(CONF, 'keystone')
  File "/usr/lib/python2.7/site-packages/oslo_log/log.py", line 211, in setup
    _setup_logging_from_conf(conf, product_name, version)
  File "/usr/lib/python2.7/site-packages/oslo_log/log.py", line 263, in _setup_logging_from_conf
    filelog = logging.handlers.WatchedFileHandler(logpath)
  File "/usr/lib64/python2.7/logging/handlers.py", line 392, in __init__
    logging.FileHandler.__init__(self, filename, mode, encoding, delay)
  File "/usr/lib64/python2.7/logging/__init__.py", line 902, in __init__
    StreamHandler.__init__(self, self._open())
  File "/usr/lib64/python2.7/logging/__init__.py", line 925, in _open
    stream = open(self.baseFilename, self.mode)
IOError: [Errno 13] Permission denied: '/var/log/keystone/keystone.log'
居然还是报的上面su -s那一步同步数据库的错误~！我是root执行，貌似IOError是这个文件打开权限问题~！
发表回复 取消回复

发表回复取消回复
