OpenStack之2025进阶篇
基于AlmaLinux9+Kata+Zed实战
安装systemd-resolved
systemctl enable --now systemd-resolved ln -snf /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
rabbitmq-38有问题
Almalinux 9 stream默认的centos-release-rabbitmq-38有问题
用官方Installing on RPM-based Linux就可以正常运行。
Libvirtd与systemd-tcpd冲突
systemctl stop libvirtd{,-ro,-admin,-tcp,-tls}.socket
systemctl mask libvirtd-tls.socket
systemctl restart libvirtd
for drv in qemu network nodedev nwfilter secret storage interface; do
systemctl start virt${drv}d{,-ro,-admin}.socket;
done
需要增加–listen这个参数。但会莫名其妙的报错,但多重启几次会有概率正常?
(centos8和ubuntu不会,感觉是centos9 bug)
(centos8和ubuntu不会,感觉是centos9 bug)
not support video model 'virtio'
virsh domcapabilities | grep -A 20 "<enum name='modelType'>" dnf install qemu-kvm-device-display-virtio-gpu \ qemu-kvm-device-display-virtio-gpu-pci \ qemu-kvm-device-display-virtio-vga yum install -y qemu-kvm-ui-opengl qemu-kvm-device-usb-host qemu-kvm-device-usb-redirect modprobe virtio-gpu lsmod |grep virtio_gpu
openstack image set <IMAGE_NAME_OR_UUID> --property hw_video_model=virtio
virt-host-validate 可以检测完整性
使用Ubuntu 22.04 LTS+Zed安装
OpenStack Zed for Ubuntu 22.04 LTS:
apt update add-apt-repository cloud-archive:zed apt install -y software-properties-common python3-pip git
网络调整为systemd-networkd
echo "network: {config: disabled}" > /etc/cloud/cloud.cfg.d/99-disable.cfg cat > /etc/netplan/00-installer-config.yaml <<EOF network: renderer: networkd EOF cat > /etc/systemd/network/eth1.network <<EOF [Match] Name=eth1 [Network] DHCP=no EOF
keystone bootstrap
#!/bin/bash #keystone-manage bootstrap --bootstrap-password adminpassword \ --bootstrap-admin-url http://$controller:5000/v3/ \ --bootstrap-internal-url http://$controller:5000/v3/ \ --bootstrap-public-url http://$controller:5000/v3/ \ --bootstrap-region-id RegionOne ovn-nbctl set-connection ptcp:6641:127.0.0.1 -- set connection . inactivity_probe=60000 ovn-sbctl set-connection ptcp:6642:127.0.0.1 -- set connection . inactivity_probe=60000 ovs-vsctl set open . external-ids:ovn-remote=tcp:127.0.0.1:6642 ovs-vsctl set open . external-ids:ovn-encap-type=geneve ovs-vsctl set open . external-ids:ovn-encap-ip=127.0.0.1
配置网络脚本
#!/bin/bash readonly WAN_IF="enp1s0f1" readonly WAN_NAME="ck" EXT_WAN="extra_$WAN_NAME" SRD_WAN="net_$WAN_NAME" SUB_WAN="sub_$WAN_NAME" ip link set $WAN_IF up readonly WAN_BRG="brg_$WAN_NAME" ovs-vsctl add-br $WAN_BRG # 一块物理网卡只能属于一个网桥 ovs-vsctl add-port $WAN_BRG $WAN_IF # 一个网桥只能映射一个外网出口 ovs-vsctl set open . external-ids:ovn-bridge-mappings=$EXT_WAN:$WAN_BRG projectID=$(openstack project list | awk '/service/{print $2}') echo $projectID openstack network create --project $projectID \ --share --provider-network-type flat --provider-physical-network $EXT_WAN $SRD_WAN openstack subnet create $SUB_WAN --network $SRD_WAN --project $projectID \ --subnet-range 10.0.0.0/20 --allocation-pool start=10.0.7.50,end=10.0.7.60 \ --gateway 10.0.0.130 --dns-nameserver 114.114.114.114
neutron.conf
[privsep] helper_command = sudo neutron-rootwrap /etc/neutron/rootwrap.conf privsep-helper [experimental] linuxbridge = false
Debian 12 bookworm+Zed
Debian的简单优化
sudo apt update sudo apt install cloud-guest-utils sudo growpart /dev/vda 1 sudo resize2fs /dev/vda1 sudo xfs_growfs / systemctl disable --now apparmor sudo tee /etc/docker/daemon.json <<EOF { "registry-mirrors": [ "https://docker.1panel.live", "https://docker.1ms.run", "https://dytt.online", "https://docker-0.unsee.tech", "https://lispy.org", "https://docker.xiaogenban1993.com", "https://666860.xyz", "https://hub.rat.dev", "https://docker.m.daocloud.io", "https://demo.52013120.xyz", "https://proxy.vvvv.ee", "https://registry.cyou" ] } EOF sudo systemctl daemon-reload sudo systemctl restart docker
🐧 Debian与OpenStack版本
Debian 的每个发行版(如 Debian 11 Bullseye、Debian 12 Bookworm)在其官方仓库中通常会冻结并维护一个特定的 OpenStack 版本。这意味着:
| 事项 | 说明 |
|---|---|
| Debian官方仓库 | Debian各版本仓库通常只提供特定版本的OpenStack(如 Debian 12 Bookworm 可能提供 Yoga 版本) |
| 特定版本的限制 | 想安装非仓库默认的OpenStack 版本(如在 Debian 12 上安装 Zed)比较困难,通常需要第三方仓库或自行编译 |
| 第三方仓库的可能性 | 可能有第三方提供不同版本的 OpenStack 包,但需注意兼容性和支持性 |
| 其他安装方式 | 使用 Kolla-ansible 或 OpenStack-Ansible 等自动化部署工具,它们支持在多种操作系统上部署指定版本的 OpenStack |
| 查看可用版本 | 使用 apt policy openstack- 查看官方仓库提供的 OpenStack 软件包版本 |
为了不使用debconf包,执行 dpkg-reconfigure 命令并选择非交互模式。
dpkg-reconfigure -plow debconf