Last active
August 29, 2015 13:58
-
-
Save zhanghui9700/10082160 to your computer and use it in GitHub Desktop.
openstack havana install by manual
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| == Initial == | |
| On controller node (192.168.122.163): | |
| $ yum install openstack-keystone openstack-utils dnsmasq-utils -y | |
| $ yum install openstack-glance openstack-cinder openstack-neutron \ | |
| openstack-neutron-openvswitch -y | |
| $ yum install openstack-nova -y | |
| On compute (192.168.122.100): | |
| $ yum install openstack-neutron openstack-neutron-openvswitch \ | |
| openstack-nova bridge-utils -y | |
| For iptables (on both Controller & Compute nodes): | |
| $ systemctl stop firewalld | |
| $ systemctl disable firewalld | |
| $ yum install iptables-services | |
| # Create this below file, otherwise starting iptables will fail | |
| $ touch /etc/sysconfig/iptables | |
| $ systemctl enable iptables && systemctl start iptables | |
| == Controller == | |
| Keystone | |
| --------- | |
| $ openstack-db --init --service keystone | |
| $ export SERVICE_TOKEN=$(openssl rand -hex 10) | |
| $ echo $SERVICE_TOKEN | |
| 38b5a7143cdfd7063f42 | |
| $ export SERVICE_ENDPOINT=http://192.168.122.163:35357/v2.0 | |
| $ echo $SERVICE_TOKEN > /tmp/ks_admin_token | |
| $ openstack-config --set /etc/keystone/keystone.conf \ | |
| DEFAULT admin_token $SERVICE_TOKEN | |
| $ keystone-manage pki_setup --keystone-user keystone \ | |
| --keystone-group keystone | |
| $ chown -R keystone:keystone /etc/keystone/ssl | |
| $ for i in start enable status; \ | |
| do systemctl $i openstack-keystone; done | |
| $ keystone service-create --name keystone --type identity \ | |
| --description "Keystone Identity Service" | |
| +-------------+----------------------------------+ | |
| | Property | Value | | |
| +-------------+----------------------------------+ | |
| | description | Keystone Identity Service | | |
| | id | b608338394c8443f88d1bf22bd2029de | | |
| | name | keystone | | |
| | type | identity | | |
| +-------------+----------------------------------+ | |
| $ keystone endpoint-create --service_id b608338394c8443f88d1bf22bd2029de \ | |
| --publicurl 'http://192.168.122.163:5000/v2.0' \ | |
| --adminurl 'http://192.168.122.163:35357/v2.0' \ | |
| --internalurl 'http://192.168.122.163:5000/v2.0' | |
| +-------------+-----------------------------------+ | |
| | Property | Value | | |
| +-------------+-----------------------------------+ | |
| | adminurl | http://192.168.122.163:35357/v2.0 | | |
| | id | b6ec04d22c4e4dca867d9f0eb5908fca | | |
| | internalurl | http://192.168.122.163:5000/v2.0 | | |
| | publicurl | http://192.168.122.163:5000/v2.0 | | |
| | region | regionOne | | |
| | service_id | b608338394c8443f88d1bf22bd2029de | | |
| +-------------+-----------------------------------+ | |
| $ keystone user-create --name admin --pass fedora | |
| +----------+----------------------------------+ | |
| | Property | Value | | |
| +----------+----------------------------------+ | |
| | email | | | |
| | enabled | True | | |
| | id | 076818c611d443238bc6ca45ad0021ac | | |
| | name | admin | | |
| +----------+----------------------------------+ | |
| $ keystone role-create --name admin | |
| +----------+----------------------------------+ | |
| | Property | Value | | |
| +----------+----------------------------------+ | |
| | id | 90950360ac844ff598b9a75e269afbe1 | | |
| | name | admin | | |
| +----------+----------------------------------+ | |
| $ keystone tenant-create --name admin | |
| +-------------+----------------------------------+ | |
| | Property | Value | | |
| +-------------+----------------------------------+ | |
| | description | | | |
| | enabled | True | | |
| | id | 1580cadb173c475eb9c381e78f13b109 | | |
| | name | admin | | |
| +-------------+----------------------------------+ | |
| $ keystone user-role-add --user admin \ | |
| --role admin --tenant admin | |
| $ cat >> ~/keystonerc_admin <<EOF | |
| export OS_USERNAME=admin | |
| export OS_TENANT_NAME=admin | |
| export OS_PASSWORD=fedora | |
| export OS_AUTH_URL=http://192.168.122.163:35357/v2.0/ | |
| export PS1='[\u@\h \W(keystone_admin)]\$ ' | |
| EOF | |
| $ . keystonerc_admin | |
| $ keystone user-create --name kashyap --pass fedora | |
| WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored). | |
| +----------+----------------------------------+ | |
| | Property | Value | | |
| +----------+----------------------------------+ | |
| | email | | | |
| | enabled | True | | |
| | id | 1c18b2231aa34dbe9c31cd390aaedb42 | | |
| | name | kashyap | | |
| +----------+----------------------------------+ | |
| $ keystone role-create --name user | |
| WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored). | |
| +----------+----------------------------------+ | |
| | Property | Value | | |
| +----------+----------------------------------+ | |
| | id | 6fac6b1cd0c24ba0a949d12acc757311 | | |
| | name | user | | |
| +----------+----------------------------------+ | |
| $ keystone tenant-create --name ostenant | |
| WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored). | |
| +-------------+----------------------------------+ | |
| | Property | Value | | |
| +-------------+----------------------------------+ | |
| | description | | | |
| | enabled | True | | |
| | id | 2c845a6ad20e45ccb0b045cee27a9661 | | |
| | name | ostenant | | |
| +-------------+----------------------------------+ | |
| $ keystone user-role-add --user kashyap \ | |
| --role user --tenant ostenant | |
| WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored). | |
| $ cat >> ~/keystonerc_kashyap <<EOF | |
| export OS_USERNAME=kashyap | |
| export OS_TENANT_NAME=ostenant | |
| export OS_PASSWORD=fedora | |
| export OS_AUTH_URL=http://192.168.122.163:35357/v2.0/ | |
| export PS1='[\u@\h \W(keystone_kashyap)]\$ ' | |
| EOF | |
| # Logout and ssh into the controller node again | |
| $ . keystonerc_kashyap | |
| $ keystone user-list | |
| $ . keystonerc_admin | |
| $ keystone user-list | |
| # Disable qpid authentication | |
| $ yum install qpid-cpp-server -y | |
| $ sed -i 's/auth=.*/auth=no/g' /etc/qpidd.conf | |
| $ grep auth /etc/qpidd.conf | |
| auth=no | |
| # Start and enable qpidd.service | |
| $ for i in start enable status; \ | |
| do systemctl $i qpidd; done | |
| Glance | |
| ------ | |
| $ openstack-db --init --service glance | |
| $ keystone tenant-create --name services | |
| +-------------+----------------------------------+ | |
| | Property | Value | | |
| +-------------+----------------------------------+ | |
| | description | | | |
| | enabled | True | | |
| | id | a04e8158c9974f2699185994791e78c1 | | |
| | name | services | | |
| +-------------+----------------------------------+ | |
| $ keystone user-create --name glance --pass fedora | |
| +-------------+----------------------------------+ | |
| | Property | Value | | |
| +-------------+----------------------------------+ | |
| | description | | | |
| | enabled | True | | |
| | id | a04e8158c9974f2699185994791e78c1 | | |
| | name | services | | |
| +-------------+----------------------------------+ | |
| $ keystone user-role-add --user glance \ | |
| --role admin --tenant services | |
| # Update glance-api.conf | |
| $ openstack-config --set /etc/glance/glance-api.conf \ | |
| past |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment