20141027
重新開機 F8 - 選擇 PXE 開機
分配到 Desktop 5
公有雲私有雲介紹
Chapter 2 Install Red Hat openStack 11:26
iproute版本 >= 2.6.32-130.el6ost.netns.2 版本, openstack 才可以運作
Lab: workshop Install openstack with packstack
在虛擬機器
[root@server5 ~]#yum update
參考 workbook p13
[root@server5 ~]# yum install -y openstack-packstack
[root@server5 ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
08:79:3d:e6:ec:b7:ef:bc:b8:3d:22:98:d9:75:ec:b8 root@server5.example.com
The key's randomart image is:
+--[ RSA 2048]----+
| |
| . . |
| o . + |
| o = . |
| . S . |
| . . o |
| =...+ |
| + o.o=o |
| .E**o |
+-----------------+
[root@server5 ~]# packstack --gen-answer-file /root/answers.txt
[root@server5 ~]# vi /root/answers.txt
修改 NTP 伺服器ip以指定相關設定
CONFIG_SSH_KEY=/root/.ssh/id_rsa.pub
CONFIG_NTP_SERVERS=192.168.0.254
CONFIG_HORIZON_SSL=y
[root@server5 ~]# egrep 'SSH_KEY|NTP_|N_SSL|ADMIN_P' /root/answers.txt
CONFIG_SSH_KEY=/root/.ssh/id_rsa.pub
#CONFIG_NTP_SERVERS=
CONFIG_NTP_SERVERS=192.168.0.254
#CONFIG_KEYSTONE_ADMIN_PW=1756ce8668c9497c
CONFIG_KEYSTONE_ADMIN_PW=redhat
#CONFIG_HORIZON_SSL=n
CONFIG_HORIZON_SSL=y
透過 packstack 安裝 openstack
[root@server5 ~]# packstack --answer-file /root/answers.txt
Welcome to Installer setup utility
Installing:
Clean Up... [ DONE ]
Setting up ssh keys...root@192.168.0.105's password:
==== 中午休息 ====
有修改進行的順序
建立 bridge netowrk
workbook p22 step 10
[root@server5 ~]# cp /etc/sysconfig/network-scripts/ifcfg-eth0 /root/
[root@server5 ~]# cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-br-ex
[root@server5 ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0
去除不必要的設定只留下
DEVICE=eth0
HWADDR=52:54:00:00:00:05
ONBOOT=yes
[root@server5 ~]# vi /etc/sysconfig/network-scripts/ifcfg-br-ex
修改 DEVICE 移除 HWADDR
DEVICE=br-ex
IPADDR=192.168.0.105
PREFIX=24
GATEWAY=192.168.0.254
DNS1=192.168.0.254
SEARCH1=example.com
ONBOOT=yes
透過 ovs-vsctl 將網卡綁在一起
workbook p23 step 11
[root@server5 ~]# ovs-vsctl add-port br-ex eth0; service network restart
修改 Flavor 規格
workbook p18
https://192.168.0.x (工作主機)
使用 admin 密碼 redhat
點選 Flavors
點選 Create Flavor, 依照 workbook 建立Flavor , 點選 Create Flavor
------- 以上角色為 營運商角色 --------
接下來以客戶( tenants ) 角色來實作
建立 project1 這個project
workbook p17
點選 Projects
點選 Create Project, 依照 workbook 建立Project , 點選 Create Project
建立 project 1 的使用者帳戶
workbook p19
點選 Users
點選 Create User, 依照 workbook 建立User , 點選 Create User
點選 Netwroks
點選 Create Network,
Name: net2 (Public IP)
Project: project1
勾選 External Network
點選 Create Netowrk
設定相關資訊
選取 net2(Public IP)
在 Subnets 區段, 點選 Create Subnet
Subnet Name: subnet2( Public IP )
Network Address: 172.24.5.0/24
Gateway IP: 172.24.5.254
點選 Subnet Detail 分頁
取消 Enable DHCP
Allocation Pools: 172.24.5.1, 172.24.5.100
點選 Create
-- class break --
使用 user1 登入 openstack
點選 Network Topology 觀察
workbook p21
建立 客戶端的私有網段
點選 Create Network
Network Name: net1(Private IP)
點選 Subnet分頁
Subnet Name: subnet1(Private IP)
Network Address: 192.168.32.0/24
點選 Subnet Detail 分頁
點選 Create
點選 Network Topology 觀察
點選 Routers
點選Create Router
Router1 Name: router1
點選 Create router
點選 router1 的 Set Gateway 按鈕
External Network: 選取 net2(Public IP)
點選 Set Gateway
點選 Network Topology 觀察
串接私有網段
點選 Routers
點選 router1
點選 Add Interface
Subnet: 選取 net1( Private IP )
點選 Add Interface
點選 Network Topology 觀察
準備template
workbook p21
點選 images & Snapshots
點選 Create Image
按照workbook的要求填入
Name: small
Image Location: http://instructor.example.com/pub/materials/small.img
Format: QCOW2
Minimum Ram: 1024
點選Create Image
取得 public IP
workbook p22
點選 Access & Security
點選 Floating IPs 分頁
點選 Allocate IP To Project
點選 Allocate IP
觀察取得的 IP
產生金鑰
點選 Keypairs
點選 Create Keypair
Keypair Name: test
點選 Create Keypair
將 test.pem 儲存下來( 私鑰 )
點選 Security Groups
點選 Create Security Group
Name: sec1
Description: Web and SSH
點選 Create Security Group
設定 Security Group 規則
點選 sec1 的 Edit Rules
點選 Add Rule
Rule: SSH
點選 Add
點選 Add Rule
點選HTTPS
點選Add
點選 Add Rule ( 設定只有 sec)
點選HTTP
Remote: Security Group
Security Group: sec1
點選Add
建立虛擬機器
workbook p23
點選 Instances 分頁
點選 Launch Instance
按照workbook 的資訊填入
Instance Name: small
Flavor: m2.tiny
Instance Boot Source: Boot from image
Image Name: small
點選 Access & Security 分頁
Keypair: test
Security Group: 勾選 sec1
點選 Networking 分頁
拖曳 net1(Private IP)到 Selected Netwrok
點選 Launch
---- class break ----
設定 1 vs 1 NAT
Instances
點選small 的 More按鈕
點選 Associate Floating IP
IP Address: 選取一個 IP
點選 Associate
觀察 IP
試試看 用實體主機 ping VM ( 不能 ping 因為 firewall 沒有開 )
設定Security Group
點選 Access & Security
點選 sec1 的 Edit Rules
建立 規則, 測試 ALL ICMP
點選 Add
測試是否 可以 ping
使用 ssh key 連入 VM
在外面實體主機
$chmod 400 test.pem
$ ssh -i test.pem root@172.24.5.2
The authenticity of host '172.24.5.2 (172.24.5.2)' can't be established.
RSA key fingerprint is 44:07:8e:01:ee:55:9e:b5:ce:c4:1b:e9:75:af:2f:19.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.24.5.2' (RSA) to the list of known hosts.
Last login: Mon Oct 27 04:45:01 2014
[root@host-192-168-32-2 ~]#
建立 Volumes
workbook p24
連入 VM
#cat /proc/partitions
major minor #blocks name
253 0 20971520 vda
253 1 716800 vda1
253 16 2097152 vdb
253 32 524288 vdc
於管理界面, 點選 Volumes
點選 Create Volume
Volume Name: myvol1
Size (GB): 2G
點選 Create Volume
建立 volume snapshot
點選 myvol1 的 Create Snapshot 來測試
掛載 Volume
點選 myvol1 的 Edit Attachments
Attach to Instance: 選取 small
點選 Attach Volume
於VM 裏面驗證
# cat /proc/partitions
major minor #blocks name
253 0 20971520 vda
253 1 716800 vda1
253 16 2097152 vdb
253 32 524288 vdc
253 48 2097152 vdd
Notes:
- Members policy control http://docs.openstack.org/trunk/config-reference/content/section_keystone-policy.json.html
沒有留言:
張貼留言