做为专业运维人员,使用命令行工具去管理云主机是没有问题的,但如果云要提供给客户使用,就不可能让用户命令行工具去管理自己的云主机了,此时,就需要一个简单易用的管理页面提供给用户了,openstack官方也很体贴的为我们已经准备好了,只是程序代码方面还存在着一些小问题,不过我已经帮大家趟过一连坑了,按照如下的配置流程是可以让大家体验到使用鼠标管理云主机的效果的。

安装并修改配置文件

[root@controller ~]# yum install -y openstack-dashboard

[root@controller ~]# cp /etc/openstack-dashboard/local_settings{,.bak}

[root@controller ~]# vim /etc/openstack-dashboard/local_settings

[root@controller ~]# grep -v ^##* /etc/openstack-dashboard/local_settings | tr -s [[:space:]]

import os

from django.utils.translation import ugettext_lazy as _

from openstack_dashboard import exceptions

from openstack_dashboard.settings import HORIZON_CONFIG

DEBUG = False

TEMPLATE_DEBUG = DEBUG

WEBROOT = '/dashboard/'

ALLOWED_HOSTS = ['*', ]

OPENSTACK_API_VERSIONS = {

 "identity": 3,

 "volume": 2,

 "compute": 2,

}

OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True

OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'default'

LOCAL_PATH = '/tmp'

SECRET_KEY='aeee32ce4909dfa6ef1b'

SESSION_ENGINE = 'django.contrib.sessions.backends.cache'

CACHES = {

 'default': {

 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',

 'LOCATION': 'controller:11211',

 }

}

EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'

OPENSTACK_HOST = "controller"

OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST

OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"

OPENSTACK_KEYSTONE_BACKEND = {

 'name': 'native',

 'can_edit_user': True,

 'can_edit_group': True,

 'can_edit_project': True,

 'can_edit_domain': True,

 'can_edit_role': True,

}

OPENSTACK_HYPERVISOR_FEATURES = {

 'can_set_mount_point': False,

 'can_set_password': False,

 'requires_keypair': False,

}

OPENSTACK_CINDER_FEATURES = {

 'enable_backup': False,

}

OPENSTACK_NEUTRON_NETWORK = {

 'enable_router': False,

 'enable_quotas': False,

 'enable_ipv6': False,

 'enable_distributed_router': False,

 'enable_ha_router': False,

 'enable_lb': False,

 'enable_firewall': False,

 'enable_***': False,

 'enable_fip_topology_check': False,

 # Neutron can be configured with a default Subnet Pool to be used for IPv4

 # subnet-allocation. Specify the label you wish to display in the Address

 # pool selector on the create subnet step if you want to use this feature.

 'default_ipv4_subnet_pool_label': None,

 # Neutron can be configured with a default Subnet Pool to be used for IPv6

 # subnet-allocation. Specify the label you wish to display in the Address

 # pool selector on the create subnet step if you want to use this feature.

 # You must set this to enable IPv6 Prefix Delegation in a PD-capable

 # environment.

 'default_ipv6_subnet_pool_label': None,

 # The profile_support option is used to detect if an external router can be

 # configured via the dashboard. When using specific plugins the

 # profile_support can be turned on if needed.

 'profile_support': None,

 #'profile_support': 'cisco',

 # Set which provider network types are supported. Only the network types

 # in this list will be available to choose from when creating a network.

 # Network types include local, flat, vlan, gre, and vxlan.

 'supported_provider_types': ['*'],

 # Set which VNIC types are supported for port binding. Only the VNIC

 # types in this list will be available to choose from when creating a

 # port.

 # VNIC types include 'normal', 'macvtap' and 'direct'.

 # Set to empty list or None to disable VNIC type selection.

 'supported_vnic_types': ['*'],

}

OPENSTACK_HEAT_STACK = {

 'enable_user_pass': True,

}

IMAGE_CUSTOM_PROPERTY_TITLES = {

 "architecture": _("Architecture"),

 "kernel_id": _("Kernel ID"),

 "ramdisk_id": _("Ramdisk ID"),

 "p_w_picpath_state": _("Euca2ools state"),

 "project_id": _("Project ID"),

 "p_w_picpath_type": _("Image Type"),

}

IMAGE_RESERVED_CUSTOM_PROPERTIES = []

API_RESULT_LIMIT = 1000

API_RESULT_PAGE_SIZE = 20

SWIFT_FILE_TRANSFER_CHUNK_SIZE = 512 * 1024

DROPDOWN_MAX_ITEMS = 30

TIME_ZONE = "Asia/Shanghai"

POLICY_FILES_PATH = '/etc/openstack-dashboard'

LOGGING = {

 'version': 1,

 # When set to True this will disable all logging except

 # for loggers specified in this configuration dictionary. Note that

 # if nothing is specified here and disable_existing_loggers is True,

 # django.db.backends will still log unless it is disabled explicitly.

 'disable_existing_loggers': False,

 'handlers': {

 'null': {

 'level': 'DEBUG',

 'class': 'logging.NullHandler',

 },

 'console': {

 # Set the level to "DEBUG" for verbose output logging.

 'level': 'INFO',

 'class': 'logging.StreamHandler',

 },

 },

 'loggers': {

 # Logging from django.db.backends is VERY verbose, send to null

 # by default.

 'django.db.backends': {

 'handlers': ['null'],

 'propagate': False,

 },

 'requests': {

 'handlers': ['null'],

 'propagate': False,

 },

 'horizon': {

 'handlers': ['console'],

 'level': 'DEBUG',

 'propagate': False,

 },

 'openstack_dashboard': {

 'handlers': ['console'],

 'level': 'DEBUG',

 'propagate': False,

 },

 'novaclient': {

 'handlers': ['console'],

 'level': 'DEBUG',

 'propagate': False,

 },

 'cinderclient': {

 'handlers': ['console'],

 'level': 'DEBUG',

 'propagate': False,

 },

 'keystoneclient': {

 'handlers': ['console'],

 'level': 'DEBUG',

 'propagate': False,

 },

 'glanceclient': {

 'handlers': ['console'],

 'level': 'DEBUG',

 'propagate': False,

 },

 'neutronclient': {

 'handlers': ['console'],

 'level': 'DEBUG',

 'propagate': False,

 },

 'heatclient': {

 'handlers': ['console'],

 'level': 'DEBUG',

 'propagate': False,

 },

 'ceilometerclient': {

 'handlers': ['console'],

 'level': 'DEBUG',

 'propagate': False,

 },

 'swiftclient': {

 'handlers': ['console'],

 'level': 'DEBUG',

 'propagate': False,

 },

 'openstack_auth': {

 'handlers': ['console'],

 'level': 'DEBUG',

 'propagate': False,

 },

 'nose.plugins.manager': {

 'handlers': ['console'],

 'level': 'DEBUG',

 'propagate': False,

 },

 'django': {

 'handlers': ['console'],

 'level': 'DEBUG',

 'propagate': False,

 },

 'iso8601': {

 'handlers': ['null'],

 'propagate': False,

 },

 'scss': {

 'handlers': ['null'],

 'propagate': False,

 },

 },

}

SECURITY_GROUP_RULES = {

 'all_tcp': {

 'name': _('All TCP'),

 'ip_protocol': 'tcp',

 'from_port': '1',

 'to_port': '65535',

 },

 'all_udp': {

 'name': _('All UDP'),

 'ip_protocol': 'udp',

 'from_port': '1',

 'to_port': '65535',

 },

 'all_icmp': {

 'name': _('All ICMP'),

 'ip_protocol': 'icmp',

 'from_port': '-1',

 'to_port': '-1',

 },

 'ssh': {

 'name': 'SSH',

 'ip_protocol': 'tcp',

 'from_port': '22',

 'to_port': '22',

 },

 'smtp': {

 'name': 'SMTP',

 'ip_protocol': 'tcp',

 'from_port': '25',

 'to_port': '25',

 },

 'dns': {

 'name': 'DNS',

 'ip_protocol': 'tcp',

 'from_port': '53',

 'to_port': '53',

 },

 'http': {

 'name': 'HTTP',

 'ip_protocol': 'tcp',

 'from_port': '80',

 'to_port': '80',

 },

 'pop3': {

 'name': 'POP3',

 'ip_protocol': 'tcp',

 'from_port': '110',

 'to_port': '110',

 },

 'imap': {

 'name': 'IMAP',

 'ip_protocol': 'tcp',

 'from_port': '143',

 'to_port': '143',

 },

 'ldap': {

 'name': 'LDAP',

 'ip_protocol': 'tcp',

 'from_port': '389',

 'to_port': '389',

 },

 'https': {

 'name': 'HTTPS',

 'ip_protocol': 'tcp',

 'from_port': '443',

 'to_port': '443',

 },

 'smtps': {

 'name': 'SMTPS',

 'ip_protocol': 'tcp',

 'from_port': '465',

 'to_port': '465',

 },

 'imaps': {

 'name': 'IMAPS',

 'ip_protocol': 'tcp',

 'from_port': '993',

 'to_port': '993',

 },

 'pop3s': {

 'name': 'POP3S',

 'ip_protocol': 'tcp',

 'from_port': '995',

 'to_port': '995',

 },

 'ms_sql': {

 'name': 'MS SQL',

 'ip_protocol': 'tcp',

 'from_port': '1433',

 'to_port': '1433',

 },

 'mysql': {

 'name': 'MYSQL',

 'ip_protocol': 'tcp',

 'from_port': '3306',

 'to_port': '3306',

 },

 'rdp': {

 'name': 'RDP',

 'ip_protocol': 'tcp',

 'from_port': '3389',

 'to_port': '3389',

 },

}

REST_API_REQUIRED_SETTINGS = ['OPENSTACK_HYPERVISOR_FEATURES',

 'LAUNCH_INSTANCE_DEFAULTS']

[root@controller ~]# systemctl restart httpd.service memcached.service

按上术官方配置后浏览器输入 http://controller/dashboard 访问仪表盘无法登陆

提示“出错啦!遇到异常情况,请刷新。如需帮助请联系管理员。”

查看httpd错误日志如下

[root@controller ~]# tail -20f /var/log/httpd/error_log

[Tue Jul 18 22:45:26.459408 2017] [:error] [pid 8293] Login successful for user "admin".

[Tue Jul 18 22:45:30.604355 2017] [:error] [pid 8293] Internal Server Error: /dashboard/auth/login/

[Tue Jul 18 22:45:30.604412 2017] [:error] [pid 8293] Traceback (most recent call last):

[Tue Jul 18 22:45:30.604416 2017] [:error] [pid 8293]   File "/usr/lib/python2.7/site-packages/django/core/handlers/base.py", line 132, in get_response

[Tue Jul 18 22:45:30.604419 2017] [:error] [pid 8293]     response = wrapped_callback(request, *callback_args, **callback_kwargs)

[Tue Jul 18 22:45:30.604422 2017] [:error] [pid 8293]   File "/usr/lib/python2.7/site-packages/django/views/decorators/debug.py", line 76, in sensitive_post_parameters_wrapper

[Tue Jul 18 22:45:30.604424 2017] [:error] [pid 8293]     return view(request, *args, **kwargs)

[Tue Jul 18 22:45:30.604427 2017] [:error] [pid 8293]   File "/usr/lib/python2.7/site-packages/django/utils/decorators.py", line 110, in _wrapped_view

[Tue Jul 18 22:45:30.604429 2017] [:error] [pid 8293]     response = view_func(request, *args, **kwargs)

[Tue Jul 18 22:45:30.604448 2017] [:error] [pid 8293]   File "/usr/lib/python2.7/site-packages/django/views/decorators/cache.py", line 57, in _wrapped_view_func

[Tue Jul 18 22:45:30.604452 2017] [:error] [pid 8293]     response = view_func(request, *args, **kwargs)

[Tue Jul 18 22:45:30.604454 2017] [:error] [pid 8293]   File "/usr/lib/python2.7/site-packages/openstack_auth/views.py", line 103, in login

[Tue Jul 18 22:45:30.604457 2017] [:error] [pid 8293]     **kwargs)

[Tue Jul 18 22:45:30.604460 2017] [:error] [pid 8293]   File "/usr/lib/python2.7/site-packages/django/views/decorators/debug.py", line 76, in sensitive_post_parameters_wrapper

[Tue Jul 18 22:45:30.604463 2017] [:error] [pid 8293]     return view(request, *args, **kwargs)

[Tue Jul 18 22:45:30.604465 2017] [:error] [pid 8293]   File "/usr/lib/python2.7/site-packages/django/utils/decorators.py", line 110, in _wrapped_view

[Tue Jul 18 22:45:30.604484 2017] [:error] [pid 8293]     response = view_func(request, *args, **kwargs)

[Tue Jul 18 22:45:30.604487 2017] [:error] [pid 8293]   File "/usr/lib/python2.7/site-packages/django/views/decorators/cache.py", line 57, in _wrapped_view_func

[Tue Jul 18 22:45:30.604489 2017] [:error] [pid 8293]     response = view_func(request, *args, **kwargs)

[Tue Jul 18 22:45:30.604492 2017] [:error] [pid 8293]   File "/usr/lib/python2.7/site-packages/django/contrib/auth/views.py", line 51, in login

[Tue Jul 18 22:45:30.604494 2017] [:error] [pid 8293]     auth_login(request, form.get_user())

[Tue Jul 18 22:45:30.604496 2017] [:error] [pid 8293]   File "/usr/lib/python2.7/site-packages/django/contrib/auth/__init__.py", line 110, in login

[Tue Jul 18 22:45:30.604499 2017] [:error] [pid 8293]     request.session.cycle_key()

[Tue Jul 18 22:45:30.604501 2017] [:error] [pid 8293]   File "/usr/lib/python2.7/site-packages/django/contrib/sessions/backends/base.py", line 285, in cycle_key

[Tue Jul 18 22:45:30.604503 2017] [:error] [pid 8293]     self.create()

[Tue Jul 18 22:45:30.604505 2017] [:error] [pid 8293]   File "/usr/lib/python2.7/site-packages/django/contrib/sessions/backends/cache.py", line 48, in create

[Tue Jul 18 22:45:30.604508 2017] [:error] [pid 8293]     "Unable to create a new session key. "

[Tue Jul 18 22:45:30.604510 2017] [:error] [pid 8293] RuntimeError: Unable to create a new session key. It is likely that the cache is unavailable.

修正方法:

修改dashboard配置文件的SESSION_ENGINE方式

SESSION_ENGINE = ‘django.contrib.sessions.backends.file‘

官方配置是用memcached来保存会话,但代码有误,所以只能先改用file保存侍会话

登录页面

成功登录页面

实例详情页面

映像文件列表页面

网络拓扑页面

网络模型查看页面

安全组管理页面

admin用户身份登录后查看到的项目

使用网页上的vnc远程管理接口登录后的效果

wKiom1mZeXbg0ThUAABe8CRCic0442.png

    至此,一套简单的openstack实验环境搭建完成,不足之处,还望大牛指点。与此同时,也非常希望有正在学习openstack的同仁能够相互交流,如有留言告之或者直接添加公告上联系方式。