免费的cms视频网站模板,wordpress安装提示500,少儿编程哪家培训机构好,介绍湛江网站目录 部署架构部署节点准备安装Rocky linux 9配置rocky 目标节点配置网络配置rocky linux网卡的创建永久网桥的方法#xff1a; 部署前配置 部署架构 可用的操作系统#xff1a; Debian11#xff08;bullseye#xff09; Ubuntu 22.04或20.04 CentOS Stream 9 或 Rocky Lin… 目录 部署架构部署节点准备安装Rocky linux 9配置rocky 目标节点配置网络配置rocky linux网卡的创建永久网桥的方法 部署前配置 部署架构 可用的操作系统 Debian11bullseye Ubuntu 22.04或20.04 CentOS Stream 9 或 Rocky Linux 9 系统必备的软件 支持公钥访问的SSH Python 3.8.x or 3.10.x 系统语言en_US.UTF-8 as the locale cpu推荐硬件辅助虚拟化功能多核心处理器 磁盘大小每台至少100GB 网络推荐1G或10G网卡聚合网卡网卡可以划分VLANJumbo架构网络包携带更多数据
机器准备 部署节点Rocky linux 94C8G100GB内网ip192.168.0.10 目标节点Rocky linux 98C16G100GB100GB100GB内网ip192.168.0.111213
部署节点准备
安装Rocky linux 9
配置rocky
配置静态ip
dnf config-manager --enable devel
dnf -y update
dnf install -y network-scripts
systemctl enable network.service --now
# 禁用NetworkManager
systemctl disable NetworkManager --now# 静态ip(如果这个不会说明底子太薄还不适合维护openstack)
vim /etc/sysconfig/network-scripts/ifcfg-enp1s0
-----------------------------------------------
TYPEEthernet
PROXY_METHODnone
BROWSER_ONLYno
BOOTPROTOstatic
DEFROUTEyes
IPV4_FAILURE_FATALno
IPV6INITyes
IPV6_AUTOCONFyes
IPV6_DEFROUTEyes
IPV6_FAILURE_FATALno
IPV6_ADDR_GEN_MODEeui64
NAMEenp1s0
DEVICEenp1s0
ONBOOTyes
UUID75d44a82-e738-48eb-80d7-0c4f1ee32bf7
IPADDR192.168.0.10
PREFIX24
GATEWAY192.168.0.1# 重启网卡
systemctl restart network生成ssh公钥实现deployment机器到其他机器的免密登录
ssh-keygen -t rsa
# 一路回车最后生成 ~/.ssh/id_rsa.pub根据官方文档的指示下载必要包
dnf upgrade
reboot
dnf install git chrony openssh-server python3-devel sudo
dnf group install Development Tools
systemctl stop firewalld
systemctl mask firewalldpip加速
# 创建.pip隐藏目录
mkdir ~/.pip# 配置文件加入国内源
vim ~/.pip/pip.conf
-------------------------------------------
[global]
index-url https://pypi.mirrors.ustc.edu.cn/simple/
trusted-hostpypi.tuna.tsinghua.edu.cn
timeout 120
下载openstack-ansible及其依赖
# 两个仓库二选一克隆openstack-ansible源码
git clone -b 26.1.2 https://opendev.org/openstack/openstack-ansible /opt/openstack-ansible
git clone -b 26.1.2 https://github.com/openstack/openstack-ansible.git /opt/openstack-ansible# 安装依赖
cd /opt/openstack-ansible/
scripts/bootstrap-ansible.sh最终显示System is bootstrapped and ready for use.表示成功
目标节点配置
升级系统包
dnf upgrade关闭selinux
systemctl disable firewalld --now
setenforce 0
vim /etc/selinux/config
-----------------------------------------
SELINUXdisabled安装软件包
dnf install iputils lsof openssh-server sudo tcpdump python3降低内核日志打印等级并重启
echo kernel.printk4 1 7 4 /etc/sysctl.conf
reboot复制deployment的公钥到控制节点。在deployment机器上执行以下命令
ssh-copy-id -i ~/.ssh/id_rsa.pub root192.168.0.11创建LVM存储 OpenStack-Ansible automatically configures LVM on the nodes, and overrides any existing LVM configuration. If you had a customized LVM configuration, edit the generated configuration file as needed. OpenStack-Ansible会自动在节点上配置LVM并覆盖已有的LVM。如果你想保留已有的LVM配置请自行修改openstack-ansible里的配置文件。 创建一个名叫cinder-volumes的卷组。
pvcreate --metadatasize 2048 /dev/sdb /dev/sdc
vgcreate cinder-volumes /dev/sdb /dev/sdc网络配置
Bridge nameBest configured onWith a static IPbr-mgmtOn every nodeAlwaysbr-storageOn every storage nodeWhen component is deployed on metalOn every compute nodeAlwaysbr-vxlanOn every network nodeWhen component is deployed on metalOn every compute nodeAlwaysbr-vlanOn every network nodeNeverOn every compute nodeNever
Host network bridges information¶
LXC internal: lxcbr0 The lxcbr0 bridge is required for LXC, but OpenStack-Ansible configures it automatically. It provides external (typically Internet) connectivity to containers with dnsmasq (DHCP/DNS) NAT. This bridge does not directly attach to any physical or logical interfaces on the host because iptables handles connectivity. It attaches to eth0 in each container. The container network that the bridge attaches to is configurable in the openstack_user_config.yml file in the provider_networks dictionary.Container management: br-mgmt The br-mgmt bridge provides management of and communication between the infrastructure and OpenStack services. The bridge attaches to a physical or logical interface, typically a bond0 VLAN subinterface. It also attaches to eth1 in each container. The container network interface that the bridge attaches to is configurable in the openstack_user_config.yml file.Storage:br-storage The br-storage bridge provides segregated access to Block Storage devices between OpenStack services and Block Storage devices. The bridge attaches to a physical or logical interface, typically a bond0 VLAN subinterface. It also attaches to eth2 in each associated container. The container network interface that the bridge attaches to is configurable in the openstack_user_config.yml file.OpenStack Networking tunnel: br-vxlan The br-vxlan interface is required if the environment is configured to allow projects to create virtual networks using VXLAN. It provides the interface for encapsulated virtual (VXLAN) tunnel network traffic. Note that br-vxlan is not required to be a bridge at all, a physical interface or a bond VLAN subinterface can be used directly and will be more efficient. The name br-vxlan is maintained here for consistency in the documentation and example configurations. The container network interface it attaches to is configurable in the openstack_user_config.yml file.OpenStack Networking provider: br-vlan The br-vlan bridge is provides infrastructure for VLAN tagged or flat (no VLAN tag) networks. The bridge attaches to a physical or logical interface, typically bond1. It is not assigned an IP address because it handles only layer 2 connectivity. The container network interface that the bridge attaches to is configurable in the openstack_user_config.yml file. 总结 lxcbr0是自动配置的用于lxc容器不会绑定到任何物理网卡但是会和容器里的eth0接通相当于大家熟悉的docker0。 br-mgmt用于openstack各个组件服务通信需要绑定到一个物理网口并和容器里的eth1联通。 br-storage用于块存储服务和对象存储服务需要绑定到一个物理网口并和容器里的eth2联通。 br-vxlan为openstack提供vxlan虚拟网络功能可以是网桥、物理网口、网口的子口等形式存在。这个网桥与容器网卡的绑定可以通过openstack_user_config.yml配置 br-vlan提供vlan和flat网络需要绑定到一个物理网口并且不需要分配ip它提供2层交换功能。这个网桥与容器网卡的绑定可以通过openstack_user_config.yml配置。
rocky linux网卡的创建永久网桥的方法
# 禁用NetworkManager启动Networking服务
dnf config-manager --enable devel
dnf -y update
dnf install -y network-scripts
systemctl enable network.service --now
# 禁用NetworkManager
systemctl disable NetworkManager --now# 物理网卡配置调成dhcp模式并桥接到
vim /etc/sysconfig/network-scripts/ifcfg-enp1s0
---------------------------------------------
TYPEEthernet
PROXY_METHODnone
BROWSER_ONLYno
BOOTPROTOdhcp
DEFROUTEyes
IPV4_FAILURE_FATALno
IPV6INITyes
IPV6_AUTOCONFyes
IPV6_DEFROUTEyes
IPV6_FAILURE_FATALno
IPV6_ADDR_GEN_MODEstable-privacy
NAMEenp1s0
DEVICEenp1s0
ONBOOTyes # 网卡开机自启动
BRIDGEbr-mgmt # 网口桥接到网桥上
BRIDGEbr-storage # 网口桥接到网桥上
BRIDGEbr-vxlan # 网口桥接到网桥上# br-mgmt网桥配置
vim /etc/sysconfig/network-scripts/ifcfg-br-mgmt
----------------------------------------------------
TYPEBridge
DEVICEbr-mgmt #网桥的名字
ONBOOTyes
BOOTPROTOstatic
IPADDR192.168.0.11 #网桥的ip地址
NETMASK255.255.255.0 #网桥所在子网的子网掩码
GATEWAY192.168.0.1 #网桥所在子网的网关# br-storage网桥配置
vim /etc/sysconfig/network-scripts/ifcfg-br-storage
-------------------------------------------
TYPEBridge
DEVICEbr-storage #网桥的名字
ONBOOTyes
BOOTPROTOstatic
IPADDR192.168.0.12 #网桥的ip地址
NETMASK255.255.255.0 #网桥所在子网的子网掩码
GATEWAY192.168.0.1 #网桥所在子网的网关# br-vxlan网桥配置
vim /etc/sysconfig/network-scripts/ifcfg-br-vxlan
-------------------------------------------
TYPEBridge
DEVICEbr-vxlan #网桥的名字
ONBOOTyes
BOOTPROTOstatic
IPADDR192.168.0.12 #网桥的ip地址
NETMASK255.255.255.0 #网桥所在子网的子网掩码
GATEWAY192.168.0.1 #网桥所在子网的网关# br-vlan网桥配置
vim /etc/sysconfig/network-scripts/ifcfg-br-vlan
-------------------------------------------
TYPEBridge
DEVICEbr-vlan #网桥的名字
ONBOOTyes
BOOTPROTOnone部署前配置
cp -R /opt/openstack-ansible/etc/openstack_deploy /etc/
cd /etc/openstack_deploy/
cp openstack_user_config.yml.example /etc/openstack_deploy/openstack_user_config.yml# 检查openstack_user_config.yml# 检查user_variables.yml重点关注install_method变量source和distro更关注distro
