30分钟极速部署OpenStack Stein版CentOS 7实战指南当第一次接触OpenStack时许多开发者都会被其庞大的组件和复杂的官方文档吓退。作为云计算基础设施的基石OpenStack确实有着陡峭的学习曲线。但今天我将带你用CentOS 7和Stein版本在30分钟内完成一个最小化可运行的OpenStack环境部署绕过那些令人头疼的手动配置环节。1. 环境准备与系统配置在开始之前我们需要准备两台机器一台作为控制节点至少4GB内存另一台作为计算节点至少2GB内存。两台机器都需要开启虚拟化支持这是OpenStack能够创建和管理虚拟机的关键。1.1 基础系统设置首先在两台机器上执行以下基础配置# 关闭SELinux setenforce 0 sed -i s/SELINUXenforcing/SELINUXdisabled/g /etc/selinux/config # 关闭防火墙 systemctl stop firewalld systemctl disable firewalld网络配置是OpenStack正常工作的关键。我们需要为每台机器配置静态IP# 控制节点网络配置示例/etc/sysconfig/network-scripts/ifcfg-eth0 TYPEEthernet BOOTPROTOstatic NAMEeth0 DEVICEeth0 ONBOOTyes IPADDR10.0.0.11 NETMASK255.255.255.0 GATEWAY10.0.0.2 DNS1223.5.5.5提示计算节点的IP地址应设置为不同的值如10.0.0.31其他配置相同。1.2 主机名与hosts解析为两台机器设置不同的主机名并确保它们能够互相解析# 控制节点 hostnamectl set-hostname controller # 计算节点 hostnamectl set-hostname compute1在两台机器的/etc/hosts文件中添加以下内容10.0.0.11 controller 10.0.0.31 compute11.3 时间同步OpenStack各组件对时间同步非常敏感我们需要配置chrony服务# 控制节点 yum -y install chrony sed -i s/^server.*/server time1.aliyun.com iburst/ /etc/chrony.conf echo allow 10.0.0.0/24 /etc/chrony.conf systemctl enable --now chronyd # 计算节点 yum -y install chrony sed -i s/^server.*/server controller iburst/ /etc/chrony.conf systemctl enable --now chronyd2. OpenStack基础服务安装2.1 软件源与基础包在所有节点上添加OpenStack Stein仓库并安装必要软件yum install centos-release-openstack-stein -y yum install python-openstackclient openstack-selinux -y2.2 数据库服务控制节点上安装MariaDB数据库yum install mariadb mariadb-server python2-PyMySQL -y # 配置优化 cat /etc/my.cnf.d/openstack.cnf EOF [mysqld] bind-address 10.0.0.11 default-storage-engine innodb innodb_file_per_table max_connections 4096 collation-server utf8_general_ci character-set-server utf8 EOF systemctl enable --now mariadb执行安全初始化mysql_secure_installation2.3 消息队列服务RabbitMQ是OpenStack组件间通信的桥梁yum install rabbitmq-server -y systemctl enable --now rabbitmq-server # 创建OpenStack专用用户 rabbitmqctl add_user openstack RABBIT_PASS rabbitmqctl set_permissions openstack .* .* .*2.4 Memcached服务用于缓存认证令牌yum install memcached python-memcached -y sed -i s/127.0.0.1/0.0.0.0/ /etc/sysconfig/memcached systemctl enable --now memcached3. 核心组件部署3.1 Keystone认证服务Keystone是OpenStack的身份认证核心我们先创建数据库CREATE DATABASE keystone; GRANT ALL PRIVILEGES ON keystone.* TO keystonelocalhost IDENTIFIED BY KEYSTONE_DBPASS; GRANT ALL PRIVILEGES ON keystone.* TO keystone% IDENTIFIED BY KEYSTONE_DBPASS;安装Keystone软件包yum install openstack-keystone httpd mod_wsgi -y使用openstack-config工具快速配置openstack-config --set /etc/keystone/keystone.conf database connection mysqlpymysql://keystone:KEYSTONE_DBPASScontroller/keystone openstack-config --set /etc/keystone/keystone.conf token provider fernet初始化数据库和Fernet密钥su -s /bin/sh -c keystone-manage db_sync keystone keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone配置Apache服务echo ServerName controller /etc/httpd/conf/httpd.conf systemctl enable --now httpd3.2 Glance镜像服务创建Glance数据库和用户CREATE DATABASE glance; GRANT ALL PRIVILEGES ON glance.* TO glancelocalhost IDENTIFIED BY GLANCE_DBPASS; GRANT ALL PRIVILEGES ON glance.* TO glance% IDENTIFIED BY GLANCE_DBPASS;安装Glance软件包yum install openstack-glance -y配置Glance服务openstack-config --set /etc/glance/glance-api.conf database connection mysqlpymysql://glance:GLANCE_DBPASScontroller/glance openstack-config --set /etc/glance/glance-api.conf glance_store stores file,http openstack-config --set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /var/lib/glance/images/启动服务并上传测试镜像systemctl enable --now openstack-glance-api openstack-glance-registry wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img openstack image create cirros --file cirros-0.3.4-x86_64-disk.img --disk-format qcow2 --container-format bare --public4. 计算与网络服务4.1 Nova计算服务创建Nova数据库CREATE DATABASE nova_api; CREATE DATABASE nova; GRANT ALL PRIVILEGES ON nova_api.* TO novalocalhost IDENTIFIED BY NOVA_DBPASS; GRANT ALL PRIVILEGES ON nova.* TO novalocalhost IDENTIFIED BY NOVA_DBPASS;安装Nova组件yum install openstack-nova-api openstack-nova-conductor \ openstack-nova-console openstack-nova-novncproxy \ openstack-nova-scheduler -y配置Nova服务openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 10.0.0.11 openstack-config --set /etc/nova/nova.conf api_database connection mysqlpymysql://nova:NOVA_DBPASScontroller/nova_api openstack-config --set /etc/nova/nova.conf database connection mysqlpymysql://nova:NOVA_DBPASScontroller/nova4.2 Neutron网络服务创建Neutron数据库CREATE DATABASE neutron; GRANT ALL PRIVILEGES ON neutron.* TO neutronlocalhost IDENTIFIED BY NEUTRON_DBPASS; GRANT ALL PRIVILEGES ON neutron.* TO neutron% IDENTIFIED BY NEUTRON_DBPASS;安装Neutron组件yum install openstack-neutron openstack-neutron-ml2 \ openstack-neutron-linuxbridge ebtables -y配置Neutron服务openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2 openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:eth05. 验证与使用5.1 服务状态检查部署完成后我们可以检查各服务状态openstack compute service list neutron agent-list5.2 Dashboard访问安装Horizon仪表板yum install openstack-dashboard -y配置完成后可以通过浏览器访问http://controller/dashboard使用以下凭据登录域default用户名admin密码ADMIN_PASS这套部署方案经过了多次实践验证即使在资源有限的测试环境中也能稳定运行。虽然是最小化部署但它包含了OpenStack最核心的组件足以支持基本的虚拟机创建和管理操作。对于初学者来说这是理解OpenStack工作原理的理想起点。