OpenStack Rocky(R版) 部署手册 - 计算节点

控制节点部署见：OpenStack Rocky(R版) 部署手册 - 控制节点

部署环境

环境准备

关闭防火墙

[root@node2 ~]# systemctl disable firewalld
[root@node2 ~]# systemctl stop firewalld

关闭 SELinux

[root@node2 ~]# sed -i 's/^SELINUX=enforcing/SELINUX=disabled' /etc/selinux/config
[root@node2 ~]# setenforce 0

时间同步

[root@node2 ~]# yum install -y chrony
[root@node2 ~]# systemctl enable chronyd
[root@node2 ~]# systemctl start chronyd

Host 解析

192.168.31.11    controller
192.168.31.12    node2
192.168.31.13    node3

更新系统

[root@node2 ~]# yum upgrade -y

以 node2 为例，加入其它计算节点操作一样。

安装配置 Nova-compute

安装 openstack yum 源

[root@node2 ~]# yum install -y centos-release-openstack-rocky

安装 openstack 客户端

[root@node2 ~]# yum install -y python-openstackclient

安装 nova computer

[root@node2 ~]# yum install -y openstack-nova-compute

配置 nova

编辑 nova 配置文件 /etc/nova/nova.conf

[DEFAULT]
# ...
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:RABBIT_PASS@controller
my_ip = 192.168.31.11
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver

[api]
# ...
auth_strategy = keystone

[keystone_authtoken]
# ...
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = NOVA_PASS

[neutron]
# ...
url = http://controller:9696
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = NEUTRON_PASS

[vnc]
# ...
enabled = true
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://controller:6080/vnc_auto.html

[glance]
# ...
api_servers = http://controller:9292

[oslo_concurrency]
# ...
lock_path = /var/lib/nova/tmp

[placement]
# ...
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = PLACEMENT_PASS

[libvirt]
# ...
virt_type = kvm

启动服务

[root@node2 ~]# systemctl enable libvirtd openstack-nova-compute
[root@node2 ~]# systemctl start libvirtd openstack-nova-compute

验证

在控制节点上执行

[root@controller ~ (openstack-admin)]# openstack compute service list --service nova-compute

# 有多少个计算节点，就应该列出多少行，我这里有两个计算节点
+----+--------------+-------+------+---------+-------+----------------------------+
| ID | Binary       | Host  | Zone | Status  | State | Updated At                 |
+----+--------------+-------+------+---------+-------+----------------------------+
|  7 | nova-compute | node2 | nova | enabled | up    | 2019-03-03T02:25:09.000000 |
|  8 | nova-compute | node3 | nova | enabled | up    | None                       |
+----+--------------+-------+------+---------+-------+----------------------------+

发现计算节点

[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova

Found 2 cell mappings.
Skipping cell0 since it does not contain hosts.
Getting computes from cell 'cell1': af54a768-7733-4104-9b88-98ff8428ddd5
Checking host mapping for compute host 'node2': 956d6768-bb93-4276-af22-18b0b83cef50
Creating host mapping for compute host 'node2': 956d6768-bb93-4276-af22-18b0b83cef50
Checking host mapping for compute host 'node3': b01ed4d8-f228-428c-89c7-4b57b54ee878
Creating host mapping for compute host 'node3': b01ed4d8-f228-428c-89c7-4b57b54ee878
Found 2 unmapped computes in cell: af54a768-7733-4104-9b88-98ff8428ddd5

配置自动发现计算节点

编辑计算节点 /etc/nova/nova.conf

[scheduler]
discover_hosts_in_cells_interval = 300

安装配置 Neutron

安装 neutron 软件包

[root@node2 ~]# yum install openstack-neutron-linuxbridge ebtables ipset

因为 openstack-neutron-linuxbridge 包提供了一个配置文件 /usr/lib/sysctl.d/99-neutron-linuxbridge-agent.conf 修改了内核参数 net.bridge.bridge-nf-call-iptables 和 net.bridge.bridge-nf-call-ip6tables，因此需要执行 sysctl 命令使配置生效

[root@node2 ~]# sysctl --system

编辑 neutron 配置文件 /etc/neutron/neutron.conf

[DEFAULT]
# ...
transport_url = rabbit://openstack:RABBIT_PASS@controller
auth_strategy = keystone

[keystone_authtoken]
# ...
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = NEUTRON_PASS

[oslo_concurrency]
# ...
lock_path = /var/lib/neutron/tmp

网络选项一：提供者网络

编辑 linux bridge 配置文件 /etc/neutron/plugins/ml2/linuxbridge_agent.ini

[linux_bridge]
physical_interface_mappings = provider:eth0

[vxlan]
enable_vxlan = false

[securitygroup]
# ...
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

配置计算服务使用网络服务

编辑 /etc/nova/nova.conf

[neutron]
# ...
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = NEUTRON_PASS

启动服务

[root@node2 ~]# systemctl restart openstack-nova-compute
[root@node2 ~]# systemctl enable neutron-linuxbridge-agent
[root@node2 ~]# systemctl start neutron-linuxbridge-agent

网络选项二：自服务网络

编辑 linux bridge 配置文件 /etc/neutron/plugins/ml2/linuxbridge_agent.ini

[linux_bridge]
physical_interface_mappings = provider:eth0

[vxlan]
enable_vxlan = true
local_ip = 192.168.31.12
l2_population = true

[securitygroup]
# ...
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

配置计算服务使用网络服务

编辑 /etc/nova/nova.conf

[neutron]
# ...
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = NEUTRON_PASS

启动服务

[root@node2 ~]# systemctl restart openstack-nova-compute
[root@node2 ~]# systemctl enable neutron-linuxbridge-agent
[root@node2 ~]# systemctl start neutron-linuxbridge-agent