(黃獻德) Hsien-De Huang | E-Mail:TonTon (at) TWMAN.ORG | TonTon (痛痛)
Malware Analysis Network in Taiwan (MiT) | 惡意程式分析網在台灣 (抬丸郎)
Deep Learning (深度學習), Malware Analysis (惡意程式分析), Ontology (知識本體)
Android Reverse Engineering (Android 逆向工程), Type-2 Fuzzy Logic (第二型模糊邏輯)

ONE PIECE (海賊王)

ONE PIECE (海賊王)

2013年4月1日

應用 Open Stack 於 F102@ILT

嘆 ! 因為已經完成 OpenNEbula 所以這個就暫時不繼續深入研究安裝了 !
對 OpenNEbula 有興趣的請參考另一篇




當然啦 ! 官網文件一定還是得要花時間 K 一下
http://docs.openstack.org/folsom/openstack-compute/install/yum/content/


每個OpenStack服務有一個代碼名稱,以下为全部代碼名稱列表:
OpenStack Compute(代碼名稱:Nova)
OpenStack Networking(代碼名稱:Quantum)
OpenStack Object Storage(代碼名稱:Swift)
OpenStack Block Storage(代碼名稱:Cinder)
OpenStack Identity(代碼名稱:Keystone)
OpenStack Image Service(代碼名稱:Glance)
OpenStack Dashboard(代碼名稱:Horizon)


首先要下載兩個 rpm
Extra Packages for Enterprise Linux (EPEL)

# rpm -Uvh http://mirror01.idc.hinet.net/EPEL/6/x86_64/epel-release-6-8.noarch.rpm
# rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm

# sed -i s/^SELINUX=.*/SELINUX=disabled/g /etc/selinux/config
# service iptables stop
# chkconfig iptables off

#  ntpstat
# ntpq -p
(# yum install -y ntp)
(# service ntpd start)
(# chkconfig ntpd on)
# echo "*/30 * * * * root ntpdate -s 140.109.1.10" >> /etc/crontab
# yum install -y gcc gcc-c++ make automake libtool patch


------------以下這段我搞不定怎樣解-----------

# yum update


You could try using --skip-broken to work around the problem

# yum install yum-priorities


# vi /etc/yum.repos.d/CentOS-Base.repo
[base]、[updates]、[extras] ---> priority=1
[centosplus]、[contrib] ---> priority=2
# vi /etc/yum.repos.d/epel.repo
[epel] ---> priority=11
# vi /etc/yum.repos.d/rpmforge.repo
[rpmforge] ---> priority=12
# yum check-update

There are unfinished transactions remaining. You might consider running yum-complete-transaction first to finish them.

--> Processing Conflict: python-devel-2.6.6-29.el6_3.3.x86_64 conflicts python < 2.6.6-29.el6_3.3
--> Finished Dependency Resolution
Error: python-devel conflicts with python


Processing Conflict: python-devel-2.6.6-29.el6_3.3.x86_64 conflicts python < 2.6.6-29.el6_3.3 --> Finished Dependency Resolution
------------以上這段我搞不定怎樣解-----------


不管 ~ 這邊先接著來安裝 Open Stack ...

yum install openstack-utils dnsmasq-utils



OpenStack Identity (Keystone) 

yum install openstack-keystone

這邊需要啟動 Mysql 還有記得設定密碼

# yum install mysql mysql-server MySQL-python -y
# chkconfig --level 2345 mysqld on
# service mysqld start
# /usr/bin/mysqladmin -u root password 'new-password'



# openstack-db --init --service keystone
# export SERVICE_ENDPOINT=http://127.0.0.1:35357/v2.0
# export SERVICE_TOKEN=$(openssl rand -hex 10)
# echo $SERVICE_TOKEN > /tmp/ks_admin_token
# openstack-config --set /etc/keystone/keystone.conf DEFAULT admin_token $SERVICE_TOKEN
# service openstack-keystone start
# chkconfig openstack-keystone on
# ps -ef | grep -i keystone-all



# keystone user-create --name admin --pass "xxxxxxxx"
# keystone role-create --name admin
# keystone tenant-create --name admin


# keystone user-role-add --user_id 53596a536f69495892d87683af3027e0 --role_id 295833b443e046a28924d85b385885ca --tenant_id 6d5f567391674924ae06ce4f51f1f4d3

# cat >/root/keystonerc_admin <<EOF
> export OS_USERNAME=admin
> export OS_TENANT_NAME=admin
> export OS_PASSWORD=ILT@NUTN771
> export OS_AUTH_URL=http://127.0.0.1:35357/v2.0/
> EOF
# source keystonerc_admin
# keystone user-list


設定endpoint,使用上面的ID建立endpoint


# keystone service-create --name=keystone --type=identity --description="Keystone Identity Service"

# keystone endpoint-create --region RegionOne --service_id 6c9978d6986d433caf022c21c8378507 --publicurl 'http://127.0.0.1:5000/v2.0' --adminurl 'http://127.0.0.1:35357/v2.0' --internalurl 'http://127.0.0.1:5000/v2.0'


建一個普通用戶並且授權




# keystone user-create --name TonTon --pass 06030315
# keystone role-create --name TonTon
# keystone tenant-create --name TonTon
# keystone user-role-add --user_id a7ae9c9562a542f9a4a09e548ddc8bcc --role_id 395f13e582724732a0b2cdfdd17196fc --tenant_id 2f607a3f519347408bf921aeb3c1a338




Open Stack Image Service (Glance)

Open Stack Compute (Nova)

#yum install openstack-nova



Open Stack Dashboard (Horizon)

# yum install openstack-dashboard 
# service httpd start 
# chkconfig httpd on




Open Stack Networking (Quantum)

Open Stack Object Storage (Swift)

Open Stack Block Storage (Cinder)





























# rpm -ivh http://dl.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm
# yum --enablerepo=epel-testing install openstack-nova openstack-glance openstack-keystone openstack-quantum openstack-swift openstack-dashboard openstack-utils memcached qpid-cpp-server avahi dnsmasq-utils



# vi /etc/qpidd.conf
(改 auth=no )





初始化nova相關資料庫 
# openstack-db --init --service nova 

初始化glance相關資料庫 
# openstack-db --init --service glance 

啟動AMQP消息功能: 
# service qpidd start && chkconfig qpidd on 

啟動libvirt功能: 
# service libvirtd start && chkconfig libvirtd on 

啟動glance-api、glance-registry功能: 
# for svc in api registry; do service openstack-glance-$svc start; chkconfig openstack-glance-$svc on; done


設置volume storage:openstack-nova-volume服務需要一個名为nova-volumes的LVM Volume Group卷組存在,我們通過鏡像文件模擬一個設備來創建該vg。


創建設備文件
# dd if=/dev/zero of=/var/lib/nova/nova-volumes.img bs=1M seek=20k count=0 

創建卷組
# vgcreate nova-volumes $(losetup --show -f /var/lib/nova/nova-volumes.img)



# openstack-config --set /etc/nova/nova.conf DEFAULT libvirt_type kvm
# for svc in api objectstore compute network volume scheduler cert; do service openstack-nova-$svc start; chkconfig openstack-nova-$svc on; done


# ps -aux | grep nova

看看是否所有的服務都起來,這些服務包括nova-objectstore、nova-network、nova-volume、nova-scheduler、nova-cert、nova-api、nova-compute。


或者是直接看一下 /var/log/nova 底下各個服務的 log
# tail -30 /var/log/nova/compute.log
# tail -30 /var/log/nova/network.log
# tail -30 /var/log/nova/objectstore.log
# tail -30 /var/log/nova/volume.log
# tail -30 /var/log/nova/scheduler.log


初始化keystone服務:初始化keystone相關的資料庫,執行下面指令


vi 一個 keystonerc的文件,並寫入如上內容用於環境變數,接著執行


 # source ./keystonerc

# openstack-db --init --service keystone
# openstack-config --set /etc/keystone/keystone.conf DEFAULT admin_token $ADMIN_TOKEN
# service openstack-keystone start && chkconfig openstack-keystone on
# ADMIN_PASSWORD=$OS_PASSWORD SERVICE_PASSWORD=servicepass openstack-keystone-sample-data

測試一下正不正常
# keystone user-list


PS: 萬一弄錯了 ... 怎麼辦 ? 忘記修改自己想要的密碼 ! xD ( 把服務停掉跟drop掉資料庫)
service openstack-keystone stop
# openstack-db --drop --service keystone