diff --git a/docs/zh/docs/thirdparty_migration/OpenStack-victoria.md b/docs/zh/docs/thirdparty_migration/OpenStack-victoria.md index c0e529b7843242300b89e033596214612d7ebac1..d0fda5107baefabd270eb61cae59b8b8bf7ee84b 100644 --- a/docs/zh/docs/thirdparty_migration/OpenStack-victoria.md +++ b/docs/zh/docs/thirdparty_migration/OpenStack-victoria.md @@ -20,6 +20,8 @@ openEuler 21.03 版本的官方 yum 源已经支持 Openstack-Victoria 版本, 10.0.0.11 controller ``` +硬件环境:泰山200服务器鲲鹏920 arm架构,操作系统:openEuler21.03; + ### 安装 SQL DataBase 1. 执行如下命令,安装软件包。 @@ -63,13 +65,13 @@ openEuler 21.03 版本的官方 yum 源已经支持 Openstack-Victoria 版本, #systemctl enable rabbitmq-server.service #systemctl start rabbitmq-server.service ``` -3. 添加 OpenStack用户。 +3. 添加 OpenStack用户,并为OpenStack用户设置密码。 ``` #rabbitmqctl add_user openstack RABBIT_PASS ``` -4. 替换 RABBIT_PASS,为OpenStack用户设置密码 - + + 注:使用合适的密码 替换 RABBIT_PASS 5. 设置openstack用户权限,允许进行配置、写、读: ``` @@ -120,6 +122,7 @@ openEuler 21.03 版本的官方 yum 源已经支持 Openstack-Victoria 版本, ``` #yum install openstack-keystone httpd mod_wsgi ``` + 3. 配置keystone,编辑 `/etc/keystone/keystone.conf` 文件。在[database]部分,配置数据库入口。在[token]部分,配置token provider ``` @@ -136,12 +139,14 @@ openEuler 21.03 版本的官方 yum 源已经支持 Openstack-Victoria 版本, ``` su -s /bin/sh -c "keystone-manage db_sync" keystone ``` + 5. 执行如下命令,初始化Fernet密钥仓库。 ``` # keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone # keystone-manage credential_setup --keystone-user keystone --keystone-group keystone ``` + 6. 执行如下命令,启动身份服务。 ``` @@ -157,123 +162,126 @@ openEuler 21.03 版本的官方 yum 源已经支持 Openstack-Victoria 版本, ``` #vim /etc/httpd/conf/httpd.conf + ... + ServerName controller + ... ``` - - 配置 ServerName 项引用控制节点,如下所示。 - ``` - ServerName controller - ``` - + 如果 ServerName 项不存在则需要创建。 - + 8. 执行如下命令,为 `/usr/share/keystone/wsgi-keystone.conf` 文件创建链接。 ``` #ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/ + + + ``` + +9. 修改wsgi-keystone.conf添加如下内容 - #vim /etc/httpd/conf.d/wsgi-keystone.conf ``` -9. 完成安装,执行如下命令,启动Apache HTTP服务。 + + +10. 完成安装,执行如下命令,启动Apache HTTP服务。 ``` # systemctl enable httpd.service # systemctl start httpd.service ``` -10. 执行如下命令,设置环境变量。 +11. 执行如下命令,设置环境变量。 - ``` - $ export OS_USERNAME=admin - $ export OS_PASSWORD=ADMIN_PASS - $ export OS_PROJECT_NAME=admin - $ export OS_USER_DOMAIN_NAME=Default - $ export OS_PROJECT_DOMAIN_NAME=Default - $ export OS_AUTH_URL=http://controller:5000/v3 - $ export OS_IDENTITY_API_VERSION=3 - ``` - 替换 ADMIN_PASS 为 keystone-manage bootstrap 命令中设置的密码 + ``` + $ export OS_USERNAME=admin + $ export OS_PASSWORD=ADMIN_PASS + $ export OS_PROJECT_NAME=admin + $ export OS_USER_DOMAIN_NAME=Default + $ export OS_PROJECT_DOMAIN_NAME=Default + $ export OS_AUTH_URL=http://controller:5000/v3 + $ export OS_IDENTITY_API_VERSION=3 + ``` + 替换 ADMIN_PASS 为 keystone-manage bootstrap 命令中设置的密码 -11. 分别执行如下命令,创建domain, projects, users, roles。 +12. 分别执行如下命令,创建domain, projects, users, roles。 - 创建domain ‘example’: + 创建domain ‘example’: - ``` - $ openstack domain create --description "An Example Domain" example - ``` + ``` + $ openstack domain create --description "An Example Domain" example + ``` - 注:domain ‘default’在 keystone-manage bootstrap 时已创建 + 注:domain ‘default’在 keystone-manage bootstrap 时已创建 - 创建project ‘service’: + 创建project ‘service’: - ``` - $ openstack project create --domain default --description "Service Project" service - ``` + ``` + $ openstack project create --domain default --description "Service Project" service + ``` - 创建(non-admin)project ’myproject‘,user ’myuser‘ 和 role ’myrole‘,为‘myproject’和‘myuser’添加角色‘myrole’: + 创建(non-admin)project ’myproject‘,user ’myuser‘ 和 role ’myrole‘,为‘myproject’和‘myuser’添加角色‘myrole’: - ``` - $ openstack project create --domain default --description "Demo Project" myproject - $ openstack user create --domain default --password-prompt myuser - $ openstack role create myrole - $ openstack role add --project myproject --user myuser myrole - ``` -12. 验证 + ``` + $ openstack project create --domain default --description "Demo Project" myproject + $ openstack user create --domain default --password-prompt myuser + $ openstack role create myrole + $ openstack role add --project myproject --user myuser myrole + ``` - 取消临时环境变量OS_AUTH_URL和OS_PASSWORD: +13. 验证 - ``` - $ unset OS_AUTH_URL OS_PASSWORD - ``` + 取消临时环境变量OS_AUTH_URL和OS_PASSWORD: - 为admin用户请求token: + ``` + $ unset OS_AUTH_URL OS_PASSWORD + ``` - ``` - $ openstack --os-auth-url http://controller:5000/v3 \ - --os-project-domain-name Default --os-user-domain-name Default \ - --os-project-name admin --os-username admin token issue - ``` + 为admin用户请求token: - 为myuser用户请求token: + ``` + $ openstack --os-auth-url http://controller:5000/v3 \ + --os-project-domain-name Default --os-user-domain-name Default \ + --os-project-name admin --os-username admin token issue + ``` - ``` - $ openstack --os-auth-url http://controller:5000/v3 \ - --os-project-domain-name Default --os-user-domain-name Default \ - --os-project-name myproject --os-username myuser token issue - ``` + 为myuser用户请求token: -13. 创建 OpenStack client 环境脚本 + ``` + $ openstack --os-auth-url http://controller:5000/v3 \ + --os-project-domain-name Default --os-user-domain-name Default \ + --os-project-name myproject --os-username myuser token issue + ``` - 分别为admin和demo用户创建环境变量脚本: +14. 创建 OpenStack client 环境脚本 - ``` - # vim admin-openrc - export OS_PROJECT_DOMAIN_NAME=Default - export OS_USER_DOMAIN_NAME=Default - export OS_PROJECT_NAME=admin - export OS_USERNAME=admin - export OS_PASSWORD=ADMIN_PASS - export OS_AUTH_URL=http://controller:5000/v3 - export OS_IDENTITY_API_VERSION=3 - export OS_IMAGE_API_VERSION=2 - # - ``` - ``` - # vim demo-openrc - export OS_PROJECT_DOMAIN_NAME=Default - export OS_USER_DOMAIN_NAME=Default - export OS_PROJECT_NAME=myproject - export OS_USERNAME=myuser - export OS_PASSWORD=DEMO_PASS - export OS_AUTH_URL=http://controller:5000/v3 - export OS_IDENTITY_API_VERSION=3 - export OS_IMAGE_API_VERSION=2 - ``` - 替换ADMIN_PASS为admin用户的密码 + 分别为admin和demo用户创建环境变量脚本: - 替换DEMO_PASS为myuser用户的密码 + ``` + # vim admin-openrc + export OS_PROJECT_DOMAIN_NAME=Default + export OS_USER_DOMAIN_NAME=Default + export OS_PROJECT_NAME=admin + export OS_USERNAME=admin + export OS_PASSWORD=ADMIN_PASS + export OS_AUTH_URL=http://controller:5000/v3 + export OS_IDENTITY_API_VERSION=3 + export OS_IMAGE_API_VERSION=2 + # + ``` + ``` + # vim demo-openrc + export OS_PROJECT_DOMAIN_NAME=Default + export OS_USER_DOMAIN_NAME=Default + export OS_PROJECT_NAME=myproject + export OS_USERNAME=myuser + export OS_PASSWORD=DEMO_PASS + export OS_AUTH_URL=http://controller:5000/v3 + export OS_IDENTITY_API_VERSION=3 + export OS_IMAGE_API_VERSION=2 + ``` + 替换ADMIN_PASS为admin用户的密码 - 运行脚本加载环境变量: + 替换DEMO_PASS为myuser用户的密码 ``` $ source admin-openrc @@ -700,17 +708,18 @@ openEuler 21.03 版本的官方 yum 源已经支持 Openstack-Victoria 版本, ``` 添加计算节点到cell数据库: - 确认计算节点存在: + ​ 确认计算节点存在: ``` $ . admin-openrc $ openstack compute service list --service nova-compute ``` - 注册计算节点: + ​ 注册计算节点: ``` #su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova ``` + 3. 验证 ``` @@ -764,17 +773,15 @@ openEuler 21.03 版本的官方 yum 源已经支持 Openstack-Victoria 版本, ``` 执行如下命令,完成创建 neutron 服务凭证、创建neutron用户和添加‘admin’角色到‘neutron’用户操作。 - 创建neutron服务 - ``` - $ openstack user create --domain default --password-prompt neutron +$ openstack user create --domain default --password-prompt neutron $ openstack role add --project service --user neutron admin $ openstack service create --name neutron --description "OpenStack Networking" network ``` 创建网络服务API端点: - + ``` - $ openstack endpoint create --region RegionOne network public http://controller:9696 +$ openstack endpoint create --region RegionOne network public http://controller:9696 $ openstack endpoint create --region RegionOne network internal http://controller:9696 $ openstack endpoint create --region RegionOne network admin http://controller:9696 ``` @@ -1034,24 +1041,20 @@ openEuler 21.03 版本的官方 yum 源已经支持 Openstack-Victoria 版本, 创建cinder服务凭证: - 创建cinder用户 - - 添加‘admin’角色到用户‘cinder’ - - 创建cinderv2和cinderv3服务 + 执行如下命令,创建cinder用户、添加‘admin’角色到用户‘cinder’、创建cinderv2和cinderv3服务 ``` - $ openstack user create --domain default --password-prompt cinder +$ openstack user create --domain default --password-prompt cinder $ openstack role add --project service --user cinder admin - $ openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2 +$ openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2 $ openstack service create --name cinderv3 --description "OpenStack Block Storage" volumev3 ``` 创建块存储服务API端点: - + ``` $ openstack endpoint create --region RegionOne volumev2 public http://controller:8776/v2/%s $ openstack endpoint create --region RegionOne volumev2 internal http://controller:8776/v2/%s - $ openstack endpoint create --region RegionOne volumev2 admin http://controller:8776/v2/%s +$ openstack endpoint create --region RegionOne volumev2 admin http://controller:8776/v2/%s $ openstack endpoint create --region RegionOne volumev3 public http://controller:8776/v3/%s $ openstack endpoint create --region RegionOne volumev3 internal http://controller:8776/v3/%s $ openstack endpoint create --region RegionOne volumev3 admin http://controller:8776/v3/%s