安裝tacker

安全服務鏈編排系統安裝部署文檔

本系統基於OpenStack Pike版本安裝，在安裝tacker之前，請確保以下模塊都已正確安裝部署：keystone，mistral，barbican，horizon。以上模塊安裝配置參考以下鏈接：

https://docs.openstack.org/keystone/latest/install/index.html

https://docs.openstack.org/mistral/latest/install/index.html

https://docs.openstack.org/barbican/latest/install/install.html

https://docs.openstack.org/horizon/latest/install/index.html

1.準備數據庫

mysql -uroot -p

CREATE DATABASE tacker;

GRANT ALL PRIVILEGES ON tacker.* TO 'tacker'@'localhost' IDENTIFIED BY 'P1ssw0rd';

GRANT ALL PRIVILEGES ON tacker.* TO 'tacker'@'%' IDENTIFIED BY 'P1ssw0rd';

exit;

2.創建tacker用戶並將其加入service服務中，賦予admin權限

openstack user create --domain default --password-prompt tacker

openstack role add --project service --user tacker admin

#設置密碼爲 P@ssw0rd

3.創建tacker服務實體和API

openstack service create --name tacker --description "Tacker Project" nfv-orchestration

如果使用的是keystone v3，按照下列命令創建endpoint：

openstack endpoint create --region RegionOne nfv-orchestration public http://controller:9890/

openstack endpoint create --region RegionOne nfv-orchestration internal http://controller:9890/

openstack endpoint create --region RegionOne nfv-orchestration admin http://controller:9890/

如果是keystone v2，則採用以下命令創建endpoint：

openstack endpoint create --region RegionOne --publicurl 'http://controller:9890/' --adminurl 'http://controller:9890/' --internalurl 'http://controller:9890/' <SERVICE-ID>

4.安裝tacker server

cd ~/

git clone https://github.com/openstack/tacker -b stable/pike

#安裝依賴包

yum -y install gcc gcc-c++

yum -y install python-devel

cd tacker

pip install -r requirements.txt

#安裝tacker

python setup.py install

#創建tacker日誌目錄

mkdir /var/log/tacker

#生成配置文件

./tools/generate_config_file_sample.sh

#這時生成的配置文件在etc/tacker/tacker.conf.sample，需要將其重命名爲tacker.conf

mv etc/tacker/tacker.conf.sample etc/tacker/tacker.conf

#創建tacker配置目錄

mkdir /etc/tacker

#複製代碼目錄下etc/tacker所有文件到/etc/tacker

cp etc/tacker/* /etc/tacker/. -rf

5.修改配置文件

openstack-config --set /etc/tacker/tacker.conf DEFAULT auth_strategy keystone

openstack-config --set /etc/tacker/tacker.conf DEFAULT policy_file /etc/tacker/policy.json

openstack-config --set /etc/tacker/tacker.conf DEFAULT use_syslog False

openstack-config --set /etc/tacker/tacker.conf DEFAULT bind_port 9890

openstack-config --set /etc/tacker/tacker.conf DEFAULT service_plugins nfvo,vnfm

openstack-config --set /etc/tacker/tacker.conf DEFAULT state_path /var/lib/tacker

openstack-config --set /etc/tacker/tacker.conf nfvo vim_drivers openstack

openstack-config --set /etc/tacker/tacker.conf keystone_authtoken auth_url http://controller:35357

openstack-config --set /etc/tacker/tacker.conf keystone_authtoken auth_uri http://controller:5000

openstack-config --set /etc/tacker/tacker.conf keystone_authtoken memcached_servers controller:11211

openstack-config --set /etc/tacker/tacker.conf keystone_authtoken region_name RegionOne

openstack-config --set /etc/tacker/tacker.conf keystone_authtoken auth_type password

openstack-config --set /etc/tacker/tacker.conf keystone_authtoken project_domain_name default

openstack-config --set /etc/tacker/tacker.conf keystone_authtoken user_domain_name default

openstack-config --set /etc/tacker/tacker.conf keystone_authtoken project_name service

openstack-config --set /etc/tacker/tacker.conf keystone_authtoken username tacker

openstack-config --set /etc/tacker/tacker.conf keystone_authtoken password P@ssw0rd

openstack-config --set /etc/tacker/tacker.conf agent root_helper "sudo /usr/bin/tacker-rootwrap /etc/tacker/rootwrap.conf"

openstack-config --set /etc/tacker/tacker.conf database connection mysql://tacker:P1ssw0rd@controller:3306/tacker?charset=utf8

openstack-config --set /etc/tacker/tacker.conf tacker monitor_driver ping,http_ping

6.同步數據庫

tacker-db-manage --config-file /etc/tacker/tacker.conf upgrade head

7.安裝tacker client

cd ~/

git clone https://github.com/openstack/python-tackerclient -b stable/pike

cd python-tackerclient

python setup.py install

8.安裝tacker horizon

cd ~/

git clone https://github.com/openstack/tacker-horizon -b stable/pike

cd tacker-horizon

python setup.py install

#配置tacker horizon到儀表盤面板

cp tacker_horizon/enabled/* /usr/share/openstack-dashboard/openstack_dashboard/enabled/

9.重啓http服務器

systemctl restart httpd

10.啓動tacker server

python /usr/bin/tacker-server --config-file /etc/tacker/tacker.conf --log-file /var/log/tacker/tacker.log &

11.將tacker設置爲系統服務

cat > /usr/lib/systemd/system/openstack-tacker-server.service << EOF

[Unit]

Description=OpenStack Nova API Server

After=syslog.target network.target

[Service]

Type=notify

NotifyAccess=all

TimeoutStartSec=0

Restart=always

User=root

ExecStart=/usr/bin/tacker-server --config-file /etc/tacker/tacker.conf --log-file /var/log/tacker/tacker.log

[Install]

WantedBy=multi-user.target

EOF

#啓動

systemctl start openstack-tacker-server

systemctl enable openstack-tacker-server

systemctl status openstack-tacker-server

12.註冊默認的VIM（控制檯也可以操作）

參考：https://www.2cto.com/net/201702/602258.html

#編寫一個yaml配置文件

cat > /root/config.yaml << EOF

auth_url: http://controller.ideal.yfb0801800.islab.net.cn:5000/v3/

username: tacker

password: P@ssw0rd

project_name: service

EOF

#創建VIM

tacker vim-register --is-default --config-file /root/config.yaml test_vim

報錯：

Expecting to find domain in project. The server could not comply with the request since it is either malformed or otherwise incorrect. The client is assumed to be in error. (HTTP 400)

解決：

間接受到啓發：

http://www.mamicode.com/info-detail-2304452.html

https://stackoverflow.com/questions/33698861/openstack-novaclient-python-api-not-working

在config.yaml文件中添加兩個domain域名即可：

user_domain_name: Default

project_domain_name: Default

報錯：

status | PENDING

成功的狀態應該是REACHABLE

解決：

13.錯誤收集

控制檯上的NFV/VNF報錯： “錯誤：Unable to get xxx”

原因是：tacker server掛掉了，驗證是否掛掉：netstat -tunlp | grep 9890

解決辦法：啓動即可：

python /usr/bin/tacker-server --config-file /etc/tacker/tacker.conf --log-file /var/log/tacker/tacker.log &