Openstack Kilo版本安裝及問題總結

(1)The guide:
http://docs.openstack.org/liberty/install-guide-rdo/keystone-install.html


(2) Choose Rehat/CentOS or Ubantu


(3) Set the http_proxy and ftp_proxy


(4) # yum upgrade
It may take a long time, more than 10 mins


(5) Message queue or QPID:
Message queue:
http://docs.openstack.org/liberty/install-guide-rdo/environment-messaging.html
QPID:
http://my.oschina.net/xxbAndy/blog/297415






(6) There maybe 404 or 500 when run the following command:
$ openstack service create \
  --name keystone --description "OpenStack Identity" identity


Check the localhost:
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
  IDENTIFIED BY 'KEYSTONE_DBPASS';
[root@cts-orch heat-2015.1.0]# vi /etc/hosts
127.0.0.1 localhost
Warning


Some distributions add an extraneous entry in the /etc/hosts file that resolves the actual hostname to another loopback IP address such as 127.0.1.1. You must comment out or remove this entry to prevent name resolution problems. Do not remove the 127.0.0.1 entry.


http://www.gossamer-threads.com/lists/openstack/dev/46906
http://www.aboutyun.com/thread-7124-1-1.html
https://ask.openstack.org/en/question/45486/keystone-user-create-an-unexpected-error-prevented-the-server-from-fulfilling-your-request-http-500/


http://www.aboutyun.com/thread-11420-1-1.html


(7) su -s /bin/sh -c "keystone-manage db_sync" keystone
No Handlers could be found for logger "oslo_config.cfg"


修改日誌文件的路徑：
log_dir=/var/log/nova


(8) The status of computer is down on controller node.
And there is an error as below in /var/log/nova/nova-computer.log on computer node:
2015-12-25 09:46:45.468 11049 TRACE nova.openstack.common.threadgroup RemoteError: Remote error: OperationalError (_mysql_exceptions.OperationalError) (1045, "Access denied for user 'nova'@'135.252.226.147' (using password: YES)")


Solution: there is connections between two controllers, stop the unused controller(and ininstall the computer node), the service is up.


GAO, Carl A (Carl) 10:35
[root@vMRF3Ctrl ~]# netstat -la | grep 135
tcp 0 0 135.252.226.132:rsync 0.0.0.0:* LISTEN
tcp 0 0 135.252.226.13:webcache 0.0.0.0:* LISTEN
tcp 0 0 135.252.226.132:x11 0.0.0.0:* LISTEN
tcp 0 0 135.252.226.132:6001 0.0.0.0:* LISTEN
tcp 0 0 135.252.226.132:6002 0.0.0.0:* LISTEN
tcp 0 0 135.252.226.147:37137 135.252.226.132:amqp ESTABLISHED
tcp 0 0 135.252.226.147:52256 135.252.226.132:mysql TIME_WAIT
tcp 0 0 135.252.226.147:37162 135.252.226.132:amqp ESTABLISHED
tcp 0 0 135.252.226.147:37160 135.252.226.132:amqp ESTABLISHED
tcp 0 0 135.252.226.147:37150 135.252.226.132:amqp ESTABLISHED


[root@controller nova]# netstat -la | grep 135
tcp 0 0 controller:mysql 135.252.226.147:52345 TIME_WAIT
tcp 0 0 controller:mysql 135.252.226.147:52343 TIME_WAIT
tcp 0 0 controller:mysql 135.252.226.147:52344 TIME_WAIT
tcp 0 0 controller:mysql 135.252.226.147:52328 TIME_WAIT
tcp 0 0 controller:mysql 135.252.226.147:52326 TIME_WAIT
tcp 0 0 controller:mysql 135.252.226.147:52327 TIME_WAIT
tcp 0 0 controller:mysql 135.252.226.147:52322 TIME_WAIT
tcp 0 0 controller:ssh 135.251.85.53:56922 ESTABLISHED
tcp 0 0 controller:mysql 135.252.226.147:52325 TIME_WAIT
tcp 0 0 controller:mysql 135.252.226.147:52338 TIME_WAIT
tcp 0 0 controller:mysql 135.252.226.147:52342 TIME_WAIT
tcp 0 48 controller:ssh 135.252.134.188:51665 ESTABLISHED
tcp6 0 0 controller:amqp 135.252.226.147:37145 ESTABLISHED
tcp6 0 0 controller:amqp 135.252.226.147:37173 ESTABLISHED
tcp6 0 0 controller:amqp 135.252.226.147:37138 ESTABLISHED


(8) liberty沒有 openstack-neutron-openvswitch？而是使用了openstack-neutron-linuxbridge


yum install openstack-neutron openstack-neutron-linuxbridge ebtables ipset
 http://www.chenshake.com/




http://www.chenshake.com/centos-7-x-openstack-liberty-linux-bridgevlan/




Neutron，其實和其他的OpenStack組件差不多，他都是一箇中間層，自己基本不幹具體的活，通過插件的機制，調用第三方的組件來完成相關的功能。


對於Neutron來說，在Havana版本前，支持Linux Bridge和Openvswitch兩種插件。後來發現直接通過Neutron去調用插件的方式，有些不夠理想


linux bridge和ovs，實現功能的代碼，其實有很大部分是重複的，這樣讓人感覺很不爽
出於功能和性能的考慮，有些場景下，需要同時使用linux bridge和OVS，採用這種直接調用插件的模式，是無法實現的。
在H版本以後，社區就推出一個Neutron插件 Modular Layer 2 (ml2) plugin，這個插件底下調用linux bridge和ovs兩個Driver。


linuxbridge和OVS，可以乾的活是支持不同的網絡，目前這兩種Driver，都可以實現下面幾種網絡功能。


local
flat
vlan
vxlan
GRE (linux bridge 不支持）
那麼這5種網絡裏，local網絡，主要是用於測試，GRE網絡，目前社區已經基本處於維護，大家基本也可以不考慮。所以大家只需要瞭解其中3種就可以。


OpenStack的網絡裏，可以有4種的網絡流量


管理網絡：消息隊列和數據庫訪問的網絡
API網絡：外部調用API
External：連接外網（provider 網絡）
Guest：虛擬機互相通訊網絡 （Tenant 網絡）
4種網絡裏，和Neutron有關的就是External和Guest，Provider網絡和Tenant 網絡。


對於Provider 網絡和Tenant 網絡，技術實現基本都是一樣的，區別僅僅在於


Provider 網絡，是有管理員創建
Tenant 網絡，是由用戶自己創建
Provider 網絡，常用的網絡是：Flat和Vlan。vxlan基本是沒有使用的可能性。


Tenant 網絡，可以設置的選項就是 vlan，vxlan和flat，local主要是測試使用。


(9) Set the Time_zone consistent with your system, otherwise http service will not be able to start


[root@compute1 yum.repos.d]# timedatectl list-timezones |grep Shanghai
Asia/Shanghai
[root@compute1 yum.repos.d]# timedatectl set-timezone Asia/Shanghai


TIME_ZONE = "Asia/Shanghai"


systemctl restart httpd.service memcached.service


Optionally, configure the time zone:


Select Text
1
TIME_ZONE = "TIME_ZONE"
Replace TIME_ZONE with an appropriate time zone identifier. For more information, see the list of time zones.




(10) Networking:
[root@controller log]# source admin-openrc.sh
[root@controller log]# neutron net-create ext-net --router:external --provider:physical_network external --provider:network_type flat
[root@controller log]# neutron subnet-create ext-net 10.90.10.0/26 --name ext-subnet --allocation-pool start=10.90.10.2,end=10.90.10.62 --disable-dhcp --gateway 10.90.10.1


[root@controller log]$ source demo-openrc.sh
[root@controller log]# neutron net-create demo-net
[root@controller log]# neutron subnet-create demo-net 10.90.10.64/26 --name demo-subnet --gateway 10.90.10.65




(11) List:
nova service-list
neutron agent-list
neutron ext-list
$ openstack --os-auth-url http://controller:35357 \
  --os-project-name admin --os-username admin --os-auth-type password \
  role list
 $ openstack --os-auth-url http://controller:35357 \
  --os-project-name admin --os-username admin --os-auth-type password \
  user list
 $ openstack --os-auth-url http://controller:35357 \
  --os-project-name admin --os-username admin --os-auth-type password \
  project list