next up previous contents
Next: Dashboard 使用 Up: Dashboard Previous: 認識 Dashboard   Contents

Dashboard 安裝

  1. 安裝 Dashboard 套件
    [root@kvm7 ~]# yum install -y mod_wsgi httpd mod_ssl openstack-dashboard memcached python-memcached
    
  2. 設定 dashboard。
    [root@kvm7 ~]# vim /etc/openstack-dashboard/local_settings 
    OPENSTACK_HOST="192.168.122.7"
    CACHE_BACKEND ='/memcached://127.0.0.1:11211/'
    
  3. Dashboard 需要名為 member 的 keystone 角色,所以導入 admin 環境變數,查看有沒有 member 角色,如果沒有增加這個角色。
    [root@kvm7 ~]# source keystonerc_admin 
    [root@kvm7 ~(keystone_admin)]# keystone role-list 
    +----------------------------------+----------+
    |                id                |   name   |
    +----------------------------------+----------+
    | 9fe2ff9ee4384b1894a90878d3e92bab | _member_ |
    | 91f1e2429c614bac8efe19cef39e8e7d |  admin   |
    | 1b5a478342bc4f67a83484ce60e0f322 |  member  |
    +----------------------------------+----------+
    [root@kvm7 ~(keystone_admin)]# 
    [root@kvm7 ~(keystone_admin)]# keystone role-create --name member
    
  4. 修改 SELinux 政策,允許從網頁連結 openstack。
    [root@kvm7 ~(keystone_admin)]# setsebool -P httpd_can_network_connect on
    
  5. 啟動 httpd 服務,並設定開機啟動。
    [root@kvm7 ~(keystone_admin)]# /etc/init.d/httpd start
    Starting httpd:                                    [  OK  ]
    [root@kvm7 ~(keystone_admin)]# chkconfig httpd on
    
  6. iptables 暫時開啟 https 443 port。
    [root@kvm7 ~(keystone_myuser)]# iptables -I INPUT -p tcp \
    -m state --state NEW -m tcp --dport 443 -j ACCEPT
    
  7. iptables 永久開啟 https 443 port,先將目前的防火牆設定寫入 /etc/sysconfig/iptables。
    [root@kvm7 ~]# /etc/init.d/iptables save
    iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]
    
  8. iptables 開啟 https 443 port 的規則寫入 /etc/sysconfig/iptables。
    [root@kvm7 ~]# vim /etc/sysconfig/iptables
    [root@kvm7 ~]# grep 443 -C2 /etc/sysconfig/iptables
    -A INPUT -i lo -j ACCEPT 
    -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT 
    -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT 
    -A INPUT -j REJECT --reject-with icmp-host-prohibited 
    -A FORWARD -j quantum-filter-top
    
  9. 重新啟動 iptables。
    [root@kvm7 ~]# /etc/init.d/iptables restart
    iptables: Flushing firewall rules:                         [  OK  ]
    iptables: Setting chains to policy ACCEPT: mangle nat filte[  OK  ]
    iptables: Unloading modules:  iptable_nat iptable_filter ip[FAILED]t iptable_filter ip_tables
    iptables: Applying firewall rules:                         [  OK  ]
    



2015-12-29