openstack部署概要

在openstack官方看了部署手册：http://docs.openstack.org/juno/install-guide/install/yum/content/

花了三天时间在公司的刀片上搭了个环境，系统是centos7，部署了controller、compute、network、block storage4个节点，顺利导入windows、linux虚机镜像，这里就把部署中的一些重要步骤罗列供下次使用参考（详细命令参考官网非常详细）

一、Identity service   -------Keystone

1.    basic environment

(1)3 node      controller/compute/network

(2)network configure   同一个网段并且修改主机名 

(3)NTP service        确保Node的时间统一

(4)openstack packages   在线安装

(5)mysql database     本地数据库

(6) RabbitMQ          消息队列

2.    identity service   (类似权限系统)

Keystone是OpenStack的组件之一，用于为OpenStack家族中的其它组件成员提供统一的认证服务，包括身份验证、令牌的发放和校验、服务列表、用户权限的定义等等。

(1)database access    建立keystone库

(2)install and configure components    安装配置keystone组件

(3)create tenant/user/roles     建立租户/用户/角色

  最后role关联user

Tenant/租户：类似用户组的概念，一个租户可以容纳多个用户

User/用户：用于身份认证，一个用户可以关联多个租户组

Role/角色：关联“用户-租户对”映射关系的元数据

Token/令牌：用于验证上述用户是否合法

Endpoint/断点：服务实例（RRL入口）

(4)create the service entity and api endpoint

                             Service –role-tenant-role   关系图

二、Image Service   -------Glance

(1)create the database

(2)source the admin credential   

(3)create the service credential   (keystone)

(4)create the image service api endpoint

(5)install and configure the image service components

API:处理来自compute 和 keystone的请求

Registry:处理镜像的metadata

Store adapter:镜像本身的存储

三、Compute Service ------nova（新星）

 The main modules are implemented in Python.

(1)create database

(2) source the admin credential

(3) To create the service credentials  (keystone)

(4) Create the Compute service API endpoints

(5)install and configure compute controller components

a.controller node configure   

1.database access

2.rabbitMQ access

3.keystone_authtoken

4.set controller ip

5. set VNC proxy

6.set glance

7.set troubleshooting

8.populate the compute database;

9Start the Compute services and configure them to start when the system boots

              b.compute node configure

                     1.install the packages

                     2.edit the nova.conf          RabbitMQ/Keystone/Ip/vnc remote access

                     3. Determine supports hardware acceleration for virtual machine

                  If not:  configure libvirt to use QEMU instead of KVM.

四、networking   ------Neutron

1.configure controller

reate advanced virtual network topologies including services such as firewalls, load balancers, and virtual private networks (VPNs)

(1)      create a database, service credentials, and API endpoints.

(2)      Config networking server compenent

(3)      Configure Neutron.conf

(4)      Configure modular layer2 (ML2) 2层模块  “flat,GRE” network type drivers

(5)      Reconfigure compute to manage networks through networking

(6)      Initialization scripts expect a symbolic link plugin.ini and ml2_conf.ini

2.install and configure network node

The network node primarily handles internal and external routing and DHCP services for virtual networks.

(1)  config kernel networking parameters

(2)  install the networking components

(3)  configure the networking common components

The Networking common component configuration includes the authentication mechanism(认证机制), message broker（消息代理）, and plug-in.

      Neutron.conf

(4)  configure the modular layer2(ML2)plug-in

The ML2 plug-in uses the Open vSwitch (OVS) mechanism (agent) to build the virtual networking framework for instances.

(5)  Configure the layer-3 L3 agent

The layer-3 agrent provides routing services for virtual networks

(6)  Configure the DHCP agent

The dhcp agent provides dhcp services for virtual networks

(7)  Configure the metadata agent

The metadata agent provides configuration information such as credentioals to instacnes

(8)  Verbose:冗长的用于故障排错的服务，基本上所有的服务都要设置

(9)  Configure the open vswitch service

add the external bridge、add port to the external bridge that connects to the physical external network in interface

3.    install and configure compute node

the compute node handles connectivity and security groups for instance

(1)  configure the kenerl networking parameters

(2)  install the networking components

(3)  configure the networking common components

datebase、keystone_authtoken、ML2 plug-in router

(4)  configure the open vswitch ovs service

4.    create initial networks(controller node)

(1)  create external network      network address translation(NAT)

(2)  create subnet on the external network(set floating ip address range,disable dhcp)

(3)  tenant network

create the subnet,  create a router on the tenant network and attach the external

五、Horizon  --dashboard

1.    install the dashboard components

(1)  install the packages

(2)  configure the dashboard