openstack运维问题openstack平台运维在openstack私有云平台上,基于cirrors.qcow2镜像,使用命令创建一个名为cirros的镜像。[root@controller~]#glanceimage-create--name"cirros"--disk-formatqcow2--container-formatbare--progressopt/openstack/images/CentOS_7.5_x86_64_XD.qcow22。在openstack私有云平台,使用命令创建一个名为Fmin的云主机类型,ID为1,内存1024MB,磁盘10GB,vcpus个数1。[root@controller~]#novaflavor-createFmin11024101在openstack私有云平台上,编写模板server.yml,创建名称为“m1.flavor”,ID为1234,内存为1024MB,硬盘为20GB,云主机类型为2个vcpus.[root@controller~]#openstackorchestration模板版本列表#查看可用于编排的模板版本[root@controller~]#viserver.yamlserver.yamlheat_template_version:2015-04-30description:resources:flavor:type:OS::Nova::Flavorproperties:name:"m1.flavor"flavorid:"1234"disk:20ram:1024vcpus:2outputs:flavor_info:description:获取虚拟机类型信息value:{get_attr:[flavor,show]}[root@controller~]#heatstack-createm1_flavor_stack-fserver.yaml#创建资源在openstack私有云平台,使用命令创建云主机的外网extnet和子网extsubnet,以及云主机的浮动IP网段虚拟机是172.18。x.0/24(其中x为测试位置编号),网关为172.18.x.1,网络采用vlan模式;创建云主机内网intnet,子网intsubnet,虚拟机子网IP网段为192.168.x.0/24(其中x为测试位号),网关为192.168.x.1;完成内网子网intsubnet与外网extnet的连接。创建外网[root@controller~]#openstacknetworkcreateextnet--provider-physical-networkprovider--provider-network-typevlan--external创建子网[root@controller~]#openstacksubnetcreateextsubnet--subnet-range172.18.25.0/24--networkextnet--gateway172.18.25.1查看是否创建成功[root@controller~]#neutronsubnet-listcreateintranet[root@controller~]#openstacknetworkcreateintnet--provider-network-typevxlan--provider-segment1创建子网[root@controller~]#openstacksubnetcreateintsubnet--subnet-range192.168.25.0/24--networkintnet--gateway192.168.25.1/24tocreatearoute[root@controller~]#openstackroutercreateext-router绑定ext-route和外网extnet,并启动snat[root@controller~]#openstackrouterset--external-gatewayextnet--enable-snatext-routeext-routeAddsubnetintsubnet[root@controller~]#openstackrouteraddsubnetext-routeintsubnet在Controller节点写一个名为modvm.sh的shell脚本,查看云主机VM1的内存大小,如果内存不足大于2G,调整云主机VM1内存大小为2G。在openstack私有云平台上,基于“cirros”镜像,1vCPU/1G/10Gflavor,intsubnet网络,绑定浮动IP,使用命令创建虚拟机VM1,启动VM1,使用PC功能远程登录到VM1。[root@controller~]#openstackflavorcreate--ram1024--disk10--vcpus1flavor[root@controller~]#onovaboot--flavorflavor--imagecirros--nicnet-name=intnet--安全组默认VM1[root@controller~]#openstackfloatingipcreateextnet--floating-ip-address172.18.25.104//创建浮动ip[root@controller~]openstackserveraddfloatingipVM1172.18.25.104//绑定云主机对应的浮动ip在openstack私有云平台上,将云主机VM1以qcow2格式快照保存到controller节点/root/cloudsave目录下。[root@controller~]#mkdir/root/cloudsave[root@controller~]#openstackserverimagecreateVM1--namemyVM1[root@controller~]#openstackimagesave--file/root/cloudsave/myVM1.qcow2myVM1在controller节点新建一个名为Chinaskill的容器,并获取容器的存放路径;上传centos7_5.qcow2镜像到chinaskill容器,并设置分段存储,每个分段大小为10M。bashswiftpostChinaskillswiftstatChinaskillswiftuploadChinaskill-S10485760/opt/openstack/images/centos7_5.qcow2在openstack私有云平台上,创建一个名为“lvm”的卷类型,创建一个40G的云盘,卷类型为lvm,并挂载到虚拟机VM1。openstackvolumetypecreatelvmopenstackvolumecreate--typelvm--size10v1openstackvolumelistopenstackserveraddvolumeVM1v1在虚拟机VM1上,使用额外的云盘,分成四个10G的分区,创建一个raid5,其中一个分区用作热备份。fdisk/dev/vdb分为4个分区mdadm-C-vdemo-l5-n3-x1/dev/vdb{1,2,3,4}在Controller中写入/root/openstack/deletevm.shnodeshell脚本释放虚拟机VM1,执行脚本完成实例释放。source/etc/keystone/admin-openrc.shopenstackserverdeleteVM1使用镜像Openstack-error-1重建云主机“一体机”(账号:root密码:000000)。重建的云主机openstack平台错误,其中创建的云主机vm-test无法启动,请排除错误再启动vm-test云主机。解决方法:1.先去控制节点查看2.查看glance日志/var/log/glance/3.查看/var/lib/glance/下文件的权限750owner和owner是否glance登录172.17.x。10/dashboard,使用centos7镜像创建三台云主机搭建rabbitmq集群。使用普通集群模式,其中一个作为磁盘节点,另外两个作为内存节点。配置完成后,启动rabbitmq服务。#三台主机yuminstall-yrabbitmq-serversystemctlrestartrabbitmq-serversystemctlenablerabbitmq-server#rabbitmq1启动图形界面rabbitmq-pluginsenablerabbitmq_managementsystemctlrestartrabbitmq-serverscp/var/lib/rabbitmq/.erlang.cookierabbitmq2:/var/lib/rabbitmq/scp/var/lib/rabbitmq/.erlang.cookierabbitmq3:/var/lib/rabbitmq/#两个节点主机chownrabbitmq:rabbitmq.erlang.cookie#配置节点加入集群#rabbitmq2rabbitmqctlstop_apprabbitmqctljoin_cluster--ramrabbit@rabbitmq1rabbitmqctlstart_app#rabbitmq3rabbitmqctlstop_apprabbitmqctljoin_cluster--ramrabbit@rabbitmq1rabbitmqctlstart_app使用提供的云安全框架组件将http://172.17.x.10/dashboard中的keystone安全策略从http优化为https。yuminstall-ymod_sslvi/etc/openstack-dashboard/local_settingsUSE_SSL=TrueCSRF_COOKIE_SECURE=True##原文去掉注释SESSION_COOKIE_SECURE=True##原文去掉注释SESSION_COOKIE_HTTPONLY=Truevi/etc/httpd/会议。d/ssl.conf#ChangeSSLProtocolall-SSLv2-SSLv3toSSLProtocolall-SSLv2systemctlrestarthttpdsystemctlrestartmemcached在openstack私有云平台上,将controller节点资源添加到云平台(即controller节点兼作compute)节点)。修改openrc.sh,将计算节点的IP和主机名改为控制节点的IP和主机名,在控制节点上运行iaas-install-nova-compute.sh,上传CentOS_7.5_x86_64.qcow2文件PC到controller节点,在openstack私有云平台,使用glance相关命令上传镜像,镜像源为CentOS_7.5_x86_64.qcow2,名称为Gmirror1,min_ram为2048M,min_disk为30G。openstackimagecreate--disk-formatqcow2--public--min-ram2048--min-disk30--file/opt/images/CentOS_7.5_x86_64_XD.qcow2gmirror1在云主机VM1上,挂载的云盘分区格式化后永久挂载到/opt目录下。在Controller节点编写名为/root/openstack/deletevm.sh的shell脚本释放云主机VM1,执行脚本完成实例释放。fdisk-lmkfs-text4/dev/vdbvi/etc/fstab/dev/vdb/optext4defaults00#查看mountlsblk-f在openstack私有云平台上,使用云主机Hostrans(上题创建的)迁移手动到另一个计算节点。#查看虚拟机在哪个节点novas??howHostrans#关闭虚拟机openstackserverstopHostrans#迁移计算节点scp-r/var/lib/nova/instances/5e157cc9-c25e-41e5-829b-5fb13d0a98f6/controller:/var/lib/nova/instances/#修改数据库mysql-uroot-p000000usenova;updateinstancessethost='controller',node='controller'whereuuid='5e157cc9-c25e-41e5-829b-5fb13d0a98f6'#重启二nodes服务openstack-serverrestart在openstack私有云平台上,配置swift对象存储作为glance的后端存储。vim/etc/glance/glance-api.conf[glance_store]default_store=swiftThedefaultisfileChangetoswiftstores=file,httpDefaultdonotmoveswift_store_auth_version=2Thedefaultversionis2stores=glance.store.swift.Store,glance.storefilesystem.StoreThisitemmustbeadded,otherwiseitcannotbeuploadedswift_store_auth_address=http://controller:5000/v2.0controller'skeystoneauthenticationswift_store_user=service:swiftuseswiftuserswift_store_key=swiftpasswordswift_store_container=glancecontainertobecreatedswift_store_create_container_on_put=True????上传开swift_store_large_object_size=5120????????最大5G限制,但与glance结合后限制无效swift_store_large_object_chunk_size=200????????最大200个容器swift_enable_snet=Falsesystemctlrestartopenstack-glance-api使用镜像centos7,创建两台云主机master和slave,并分别BindthefloatingIP;installthemysqldatabasesystemonthetwocloudhostsandconfigurethemaster-slavedatabase(masteristhemasternode,slaveistheslavenode);andcreateaChinaSkilldbdatabaseinthedatabaseofthematercloudhost.Createatabletestable(idintnotnullprimarykey,Teamnamevarchar(50),remarksvarchar(255)),andinsertrecords(1,"Cloud","ChinaSkill")intothetable.
