RDO快速部署OpenStack
RDO快速部署OpenStack(all in one);密码文件;安装日志(all in one) ======================================================================== RDO快速部署OpenStack(all in one) setenforce 0 sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux sudo systemctl disable firewalld sudo systemctl stop firewalld sudo systemctl disable NetworkManager sudo systemctl stop NetworkManager sudo systemctl enable network sudo systemctl start network sudo yum update -y sudo yum install -y centos-release-openstack-train sudo yum update -y sudo yum install -y openstack-packstack sudo packstack --allinone ======================================================================== /root/keystonerc_admin #密码文件 ======================================================================== 安装日志(all in one) [root@centos7 ~]# sudo packstack --allinone Welcome to the Packstack setup utility The installation log file is available at: /var/tmp/packstack/20211107-194918-WT0uSZ/openstack-setup.log Packstack changed given value to required value /root/.ssh/id_rsa.pub Installing: Clean Up [ DONE ] Discovering ip protocol version [ DONE ] Setting up ssh keys [ DONE ] Preparing servers [ DONE ] Pre installing Puppet and discovering hosts' details [ DONE ] Preparing pre-install entries [ DONE ] Setting up CACERT [ DONE ] Preparing AMQP entries [ DONE ] Preparing MariaDB entries [ DONE ] Fixing Keystone LDAP config parameters to be undef if empty[ DONE ] Preparing Keystone entries [ DONE ] Preparing Glance entries [ DONE ] Checking if the Cinder server has a cinder-volumes vg[ DONE ] Preparing Cinder entries [ DONE ] Preparing Nova API entries [ DONE ] Creating ssh keys for Nova migration [ DONE ] Gathering ssh host keys for Nova migration [ DONE ] Preparing Nova Compute entries [ DONE ] Preparing Nova Scheduler entries [ DONE ] Preparing Nova VNC Proxy entries [ DONE ] Preparing OpenStack Network-related Nova entries [ DONE ] Preparing Nova Common entries [ DONE ] Preparing Neutron API entries [ DONE ] Preparing Neutron L3 entries [ DONE ] Preparing Neutron L2 Agent entries [ DONE ] Preparing Neutron DHCP Agent entries [ DONE ] Preparing Neutron Metering Agent entries [ DONE ] Checking if NetworkManager is enabled and running [ DONE ] Preparing OpenStack Client entries [ DONE ] Preparing Horizon entries [ DONE ] Preparing Swift builder entries [ DONE ] Preparing Swift proxy entries [ DONE ] Preparing Swift storage entries [ DONE ] Preparing Gnocchi entries [ DONE ] Preparing Redis entries [ DONE ] Preparing Ceilometer entries [ DONE ] Preparing Aodh entries [ DONE ] Preparing Puppet manifests [ DONE ] Copying Puppet modules and manifests [ DONE ] Applying 10.0.0.200_controller.pp 10.0.0.200_controller.pp: [ DONE ] Applying 10.0.0.200_network.pp 10.0.0.200_network.pp: [ DONE ] Applying 10.0.0.200_compute.pp 10.0.0.200_compute.pp: [ DONE ] Applying Puppet manifests [ DONE ] Finalizing [ DONE ] **** Installation completed successfully ****** Additional information: * Parameter CONFIG_NEUTRON_L2_AGENT: You have chosen OVN Neutron backend. Note that this backend does not support the VPNaaS or FWaaS services. Geneve will be used as the encapsulation method for tenant networks * A new answerfile was created in: /root/packstack-answers-20211107-194920.txt * Time synchronization installation was skipped. Please note that unsynchronized time on server instances might be problem for some OpenStack components. * File /root/keystonerc_admin has been created on OpenStack client host 10.0.0.200. To use the command line tools you need to source the file. * To access the OpenStack Dashboard browse to http://10.0.0.200/dashboard . Please, find your login credentials stored in the keystonerc_admin in your home directory. * Because of the kernel update the host 10.0.0.200 requires reboot. * The installation log file is available at: /var/tmp/packstack/20211107-194918-WT0uSZ/openstack-setup.log * The generated manifests are available at: /var/tmp/packstack/20211107-194918-WT0uSZ/manifests
iptables(all in one) ============================================================================================================ [root@centos7 ~]# iptables -nL Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT tcp -- 10.0.0.200 0.0.0.0/0 multiport dports 5671,5672 /* 001 amqp incoming amqp_10.0.0.200 */ ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 8042 /* 001 aodh-api incoming aodh_api */ ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 8777 /* 001 ceilometer-api incoming ceilometer_api */ ACCEPT tcp -- 10.0.0.200 0.0.0.0/0 multiport dports 3260 /* 001 cinder incoming cinder_10.0.0.200 */ ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 8776 /* 001 cinder-api incoming cinder_api */ ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 9292 /* 001 glance incoming glance_api */ ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 8041 /* 001 gnocchi-api incoming gnocchi_api */ ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 80 /* 001 horizon 80 incoming */ ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 5000 /* 001 keystone incoming keystone */ ACCEPT tcp -- 10.0.0.200 0.0.0.0/0 multiport dports 3306 /* 001 mariadb incoming mariadb_10.0.0.200 */ ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 9696 /* 001 neutron server incoming neutron_server_10.0.0.200 */ ACCEPT udp -- 10.0.0.200 0.0.0.0/0 multiport dports 6081 /* 001 neutron tunnel port incoming neutron_tunnel_10.0.0.200_10.0.0.200 */ ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 8773,8774,8775,8778 /* 001 nova api incoming nova_api */ ACCEPT tcp -- 10.0.0.200 0.0.0.0/0 multiport dports 5900:5999 /* 001 nova compute incoming nova_compute */ ACCEPT tcp -- 10.0.0.200 0.0.0.0/0 multiport dports 16509,49152:49215 /* 001 nova qemu migration incoming nova_qemu_migration_10.0.0.200_10.0.0.200 */ ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 6080 /* 001 novncproxy incoming */ ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 6641 /* 001 ovn northd incoming ovn_northd_10.0.0.200 */ ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 6642 /* 001 ovn southd incoming ovn_southd_10.0.0.200 */ ACCEPT tcp -- 10.0.0.200 0.0.0.0/0 multiport dports 6379 /* 001 redis service incoming redis service from 10.0.0.200 */ ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 8080 /* 001 swift proxy incoming swift_proxy */ ACCEPT tcp -- 10.0.0.200 0.0.0.0/0 multiport dports 6000,6001,6002,873 /* 001 swift storage and rsync incoming swift_storage_and_rsync_10.0.0.200 */ ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 /* 000 forward in */ ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 /* 000 forward out */ REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) target prot opt source destination [root@centos7 ~]# iptables -S -P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT -A INPUT -s 10.0.0.200/32 -p tcp -m multiport --dports 5671,5672 -m comment --comment "001 amqp incoming amqp_10.0.0.200" -j ACCEPT -A INPUT -p tcp -m multiport --dports 8042 -m comment --comment "001 aodh-api incoming aodh_api" -j ACCEPT -A INPUT -p tcp -m multiport --dports 8777 -m comment --comment "001 ceilometer-api incoming ceilometer_api" -j ACCEPT -A INPUT -s 10.0.0.200/32 -p tcp -m multiport --dports 3260 -m comment --comment "001 cinder incoming cinder_10.0.0.200" -j ACCEPT -A INPUT -p tcp -m multiport --dports 8776 -m comment --comment "001 cinder-api incoming cinder_api" -j ACCEPT -A INPUT -p tcp -m multiport --dports 9292 -m comment --comment "001 glance incoming glance_api" -j ACCEPT -A INPUT -p tcp -m multiport --dports 8041 -m comment --comment "001 gnocchi-api incoming gnocchi_api" -j ACCEPT -A INPUT -p tcp -m multiport --dports 80 -m comment --comment "001 horizon 80 incoming" -j ACCEPT -A INPUT -p tcp -m multiport --dports 5000 -m comment --comment "001 keystone incoming keystone" -j ACCEPT -A INPUT -s 10.0.0.200/32 -p tcp -m multiport --dports 3306 -m comment --comment "001 mariadb incoming mariadb_10.0.0.200" -j ACCEPT -A INPUT -p tcp -m multiport --dports 9696 -m comment --comment "001 neutron server incoming neutron_server_10.0.0.200" -j ACCEPT -A INPUT -s 10.0.0.200/32 -p udp -m multiport --dports 6081 -m comment --comment "001 neutron tunnel port incoming neutron_tunnel_10.0.0.200_10.0.0.200" -j ACCEPT -A INPUT -p tcp -m multiport --dports 8773,8774,8775,8778 -m comment --comment "001 nova api incoming nova_api" -j ACCEPT -A INPUT -s 10.0.0.200/32 -p tcp -m multiport --dports 5900:5999 -m comment --comment "001 nova compute incoming nova_compute" -j ACCEPT -A INPUT -s 10.0.0.200/32 -p tcp -m multiport --dports 16509,49152:49215 -m comment --comment "001 nova qemu migration incoming nova_qemu_migration_10.0.0.200_10.0.0.200" -j ACCEPT -A INPUT -p tcp -m multiport --dports 6080 -m comment --comment "001 novncproxy incoming" -j ACCEPT -A INPUT -p tcp -m multiport --dports 6641 -m comment --comment "001 ovn northd incoming ovn_northd_10.0.0.200" -j ACCEPT -A INPUT -p tcp -m multiport --dports 6642 -m comment --comment "001 ovn southd incoming ovn_southd_10.0.0.200" -j ACCEPT -A INPUT -s 10.0.0.200/32 -p tcp -m multiport --dports 6379 -m comment --comment "001 redis service incoming redis service from 10.0.0.200" -j ACCEPT -A INPUT -p tcp -m multiport --dports 8080 -m comment --comment "001 swift proxy incoming swift_proxy" -j ACCEPT -A INPUT -s 10.0.0.200/32 -p tcp -m multiport --dports 6000,6001,6002,873 -m comment --comment "001 swift storage and rsync incoming swift_storage_and_rsync_10.0.0.200" -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -i br-ex -m comment --comment "000 forward in" -j ACCEPT -A FORWARD -o br-ex -m comment --comment "000 forward out" -j ACCEPT -A FORWARD -j REJECT --reject-with icmp-host-prohibited [root@centos7 ~]# iptables -t nat -S -P PREROUTING ACCEPT -P INPUT ACCEPT -P OUTPUT ACCEPT -P POSTROUTING ACCEPT -A POSTROUTING -s 172.24.4.0/24 -o ens36 -m comment --comment "000 nat" -j MASQUERADE [root@centos7 ~]# iptables -t raw -S -P PREROUTING ACCEPT -P OUTPUT ACCEPT [root@centos7 ~]# iptables -t mangle -S -P PREROUTING ACCEPT -P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT -P POSTROUTING ACCEPT
参考文章:
https://www.rdoproject.org/install/packstack/ #官方安装步骤
https://www.cnblogs.com/heyongboke/p/10224360.html #RDO快速部署OpenStack
https://blog.csdn.net/linshenyuan1213/article/details/77896219 #使用rdo安装openstack
=============================================================
修改answer文件,个性化RDO安装openstack
packstack --gen-answer-file my_answers.txt #生成answer文件
packstack --answer-file my_answers.txt #根据配置的answer文件进行RDO安装openstack
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· SQL Server 2025 AI相关能力初探
· Linux系列:如何用 C#调用 C方法造成内存泄露
· AI与.NET技术实操系列(二):开始使用ML.NET
· 记一次.NET内存居高不下排查解决与启示
· 探究高空视频全景AR技术的实现原理
· 阿里最新开源QwQ-32B,效果媲美deepseek-r1满血版,部署成本又又又降低了!
· 单线程的Redis速度为什么快?
· SQL Server 2025 AI相关能力初探
· AI编程工具终极对决:字节Trae VS Cursor,谁才是开发者新宠?
· 展开说说关于C#中ORM框架的用法!