Openstack組件部署 — Overview和前期環(huán)境準(zhǔn)備
Openstack組建部署 — Environment of Controller Node
Openstack組件部署 — Keystone功能介紹與認(rèn)證實(shí)現(xiàn)流程
Openstack組件部署 — Keystone Install & Create service entity and API endpoints
Openstack組件部署 — keystone(domain, projects, users, and roles)
Openstack組件實(shí)現(xiàn)原理 — Keystone認(rèn)證功能
Openstack組建部署 — Glance Install
Openstack組件實(shí)現(xiàn)原理 — Glance架構(gòu)(V1/V2)
Openstack組件部署 — Nova overview
Before you install and configure the Compute service, you must create databases, service credentials, and API endpoints.
在安裝和被指Compute service之前,你必須先創(chuàng)建Compute service的數(shù)據(jù)庫(kù)、服務(wù)證書(shū)和API Endpoints。
Use the database access client to connect to the database server as the root user:
使用root用戶登錄到MySQL
mysql -u root -pfanguijuCreate the nova_api and nova databases:
創(chuàng)建nova_api和nova兩個(gè)數(shù)據(jù)庫(kù)
MariaDB [(none)]> CREATE DATABASE nova_api;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> CREATE DATABASE nova;
Query OK, 1 row affected (0.00 sec)Grant proper access to the databases:
創(chuàng)建nova和nova_api數(shù)據(jù)庫(kù)的用戶nova,并授與nova用戶對(duì)nova和nova_api數(shù)據(jù)庫(kù)的完全控制權(quán)限。
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'fanguiju';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'fanguiju';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'fanguiju';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'fanguiju';Example:
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'fanguiju';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'fanguiju';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'fanguiju';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'fanguiju';
Query OK, 0 rows affected (0.00 sec)Exit the database access client
Source the admin credentials to gain access to admin-only CLI commands:
履行admin環(huán)境變量腳本
. admin-openrcCreate the nova user:
創(chuàng)建nova用戶
[root@controller ~]# openstack user create --domain default --password-prompt nova
User Password:
Repeat User Password:
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | 011fbf8c04f1479ab1a4e49b019b22d1 |
| enabled | True |
| id | 90a93575ebff4311a919d91db888938c |
| name | nova |
+-----------+----------------------------------+Add the admin role to the nova user:
將Role admin添加到Project service中的User nova中
openstack role add --project service --user nova adminCreate the nova service entity:
創(chuàng)建nova服務(wù)實(shí)體
[root@controller ~]# openstack service create --name nova --description "OpenStack Compute" compute
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Compute |
| enabled | True |
| id | 3af0ba8834ad4d57ae4b88774e62358b |
| name | nova |
| type | compute |
+-------------+----------------------------------+創(chuàng)建Compute service的API Endpoints
[root@controller ~]# openstack endpoint create --region RegionOne compute public http://controller.jmilk.com:8774/v2.1/%\(tenant_id\)s
+--------------+-----------------------------------------------------+
| Field | Value |
+--------------+-----------------------------------------------------+
| enabled | True |
| id | 1a96143b3d6d46fc8fe17a70043b6448 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 3af0ba8834ad4d57ae4b88774e62358b |
| service_name | nova |
| service_type | compute |
| url | http://controller.jmilk.com:8774/v2.1/%(tenant_id)s |
+--------------+-----------------------------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne compute internal http://controller.jmilk.com:8774/v2.1/%\(tenant_id\)s
+--------------+-----------------------------------------------------+
| Field | Value |
+--------------+-----------------------------------------------------+
| enabled | True |
| id | a2b2b6ebe6a3450dabdaf19d0ff00f97 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 3af0ba8834ad4d57ae4b88774e62358b |
| service_name | nova |
| service_type | compute |
| url | http://controller.jmilk.com:8774/v2.1/%(tenant_id)s |
+--------------+-----------------------------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne compute admin http://controller.jmilk.com:8774/v2.1/%\(tenant_id\)s
+--------------+-----------------------------------------------------+
| Field | Value |
+--------------+-----------------------------------------------------+
| enabled | True |
| id | 33d0c267549f4ecd89c0063ad16c41df |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 3af0ba8834ad4d57ae4b88774e62358b |
| service_name | nova |
| service_type | compute |
| url | http://controller.jmilk.com:8774/v2.1/%(tenant_id)s |
+--------------+-----------------------------------------------------+yum install openstack-nova-api openstack-nova-conductor \
openstack-nova-console openstack-nova-novncproxy \
openstack-nova-scheduler -y/etc/nova/nova.conf fileIn the [DEFAULT] section, enable only the compute and metadata APIs:
在[DEFAULT]節(jié)點(diǎn)中配置啟用只允許compute和metadataAPIs
vim /etc/nova/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadataIn the [api_database] and [database] sections, configure database access:
配置連接到nova和nova_api數(shù)據(jù)庫(kù)的訪問(wèn)協(xié)議
[api_database]
connection = mysql+pymysql://nova:fanguiju@controller.jmilk.com/nova_api
[database]
connection = mysql+pymysql://nova:fanguiju@controller.jmilk.com/novaIn the [DEFAULT] and [oslo_messaging_rabbit] sections, configure RabbitMQ message queue access:
配置RabbitMQ消息隊(duì)列訪問(wèn)
[DEFAULT]
rpc_backend = rabbit
[oslo_messaging_rabbit]
rabbit_host = controller.jmilk.com
rabbit_userid = openstack
rabbit_password = fanguijuIn the [DEFAULT] and [keystone_authtoken] sections, configure Identity service access:
配置Identity service認(rèn)證服務(wù)
[DEFAULT]
auth_strategy = keystone
[keystone_authtoken]
auth_uri = http://controller.jmilk.com:5000
auth_url = http://controller.jmilk.com:35357
memcached_servers = controller.jmilk.com:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = fanguijuNote:Comment out or remove any other options in the [keystone_authtoken] section.
注意:注釋或刪除所有在[keystone_authtoken]節(jié)點(diǎn)上的所有參數(shù)選項(xiàng)
In the [DEFAULT] section, configure the my_ip option to use the management interface IP address of the controller node:
配置my_ip選項(xiàng)為Controller Note上的管理接口IP(Controller Node Host IP)
[DEFAULT]
my_ip = 192.168.1.5In the [DEFAULT] section, enable support for the Networking service:
[DEFAULT]
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriverNote:By default, Compute uses an internal firewall driver. Since the Networking service includes a firewall driver, you must disable the Compute firewall driver by using the nova.virt.firewall.NoopFirewallDriver firewall driver.
注意:默許的,Compute會(huì)使用1個(gè)internal firewall driver。由于Networking service包括了1個(gè)firewall driver,所以你必須通過(guò)nova.virt.firewall.NoopFirewallDriver firewall driver來(lái)關(guān)閉這個(gè)Compute firewall driver
In the [vnc] section, configure the VNC proxy to use the management interface IP address of the controller node:
配置VNCdialing service使用Controller Node的管理接口IP(Controller Node Host IP)
[vnc]
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ipIn the [glance] section, configure the location of the Image service API:
配置Image service API的URL
[glance]
api_servers = http://controller.jmilk.com:9292In the [oslo_concurrency]* section, configure the lock path:*
[oslo_concurrency]
lock_path = /var/lib/nova/tmp總覽:
[root@controller ~]# cat /etc/nova/nova.conf | grep -v ^$ | grep -v ^#
[DEFAULT]
auth_strategy = keystone
rpc_backend = rabbit
my_ip = 192.168.1.5
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
enabled_apis=osapi_compute,metadata
[api_database]
connection = mysql+pymysql://nova:fanguiju@controller.jmilk.com/nova_api
[barbican]
[cache]
[cells]
[cinder]
[conductor]
[cors]
[cors.subdomain]
[database]
connection = mysql+pymysql://nova:fanguiju@controller.jmilk.com/nova
[ephemeral_storage_encryption]
[glance]
api_servers = http://controller.jmilk.com:9292
[guestfs]
[hyperv]
[image_file_url]
[ironic]
[keymgr]
[keystone_authtoken]
auth_uri = http://controller.jmilk.com:5000
auth_url = http://controller.jmilk.com:35357
memcached_servers = controller.jmilk.com:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = fanguiju
[libvirt]
[matchmaker_redis]
[metrics]
[neutron]
[osapi_v21]
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[oslo_messaging_amqp]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
rabbit_host = controller.jmilk.com
rabbit_userid = openstack
rabbit_password = fanguiju
[oslo_middleware]
[oslo_policy]
[rdp]
[serial_console]
[spice]
[ssl]
[trusted_computing]
[upgrade_levels]
[vmware]
[vnc]
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ip
[workarounds]
[xenserver]初始化Compute service的nova和nova_api數(shù)據(jù)庫(kù)
su -s /bin/sh -c "nova-manage api_db sync" nova
su -s /bin/sh -c "nova-manage db sync" novaExample:
[root@controller ~]# su -s /bin/sh -c "nova-manage api_db sync" nova
[root@controller ~]# su -s /bin/sh -c "nova-manage db sync" nova
/usr/lib/python2.7/site-packages/pymysql/cursors.py:146: Warning: Duplicate index 'block_device_mapping_instance_uuid_virtual_name_device_name_idx' defined on the table 'nova.block_device_mapping'. This is deprecated and will be disallowed in a future release.
result = self._query(query)
/usr/lib/python2.7/site-packages/pymysql/cursors.py:146: Warning: Duplicate index 'uniq_instances0uuid' defined on the table 'nova.instances'. This is deprecated and will be disallowed in a future release.
result = self._query(query)Note:Ignore any deprecation messages in this output.
注意:疏忽所有沒(méi)有效輸出信息
查看是不是成功創(chuàng)建nova和nova_api數(shù)據(jù)庫(kù):
MariaDB [nova]> use nova
Database changed
MariaDB [nova]> show tables;
+--------------------------------------------+
| Tables_in_nova |
+--------------------------------------------+
| agent_builds |
| aggregate_hosts |
| aggregate_metadata |
| aggregates |
| allocations |
| block_device_mapping |
| bw_usage_cache |
| cells |
| certificates |
| compute_nodes |
| console_pools |
| consoles |
| dns_domains |
| fixed_ips |
| floating_ips |
| instance_actions |
| instance_actions_events |
| instance_extra |
| instance_faults |
| instance_group_member |
| instance_group_policy |
| instance_groups |
| instance_id_mappings |
| instance_info_caches |
| instance_metadata |
| instance_system_metadata |
| instance_type_extra_specs |
| instance_type_projects |
| instance_types |
| instances |
| inventories |
| key_pairs |
| migrate_version |
| migrations |
| networks |
| pci_devices |
| project_user_quotas |
| provider_fw_rules |
| quota_classes |
| quota_usages |
| quotas |
| reservations |
| resource_provider_aggregates |
| resource_providers |
| s3_images |
| security_group_default_rules |
| security_group_instance_association |
| security_group_rules |
| security_groups |
| services |
| shadow_agent_builds |
| shadow_aggregate_hosts |
| shadow_aggregate_metadata |
| shadow_aggregates |
| shadow_block_device_mapping |
| shadow_bw_usage_cache |
| shadow_cells |
| shadow_certificates |
| shadow_compute_nodes |
| shadow_console_pools |
| shadow_consoles |
| shadow_dns_domains |
| shadow_fixed_ips |
| shadow_floating_ips |
| shadow_instance_actions |
| shadow_instance_actions_events |
| shadow_instance_extra |
| shadow_instance_faults |
| shadow_instance_group_member |
| shadow_instance_group_policy |
| shadow_instance_groups |
| shadow_instance_id_mappings |
| shadow_instance_info_caches |
| shadow_instance_metadata |
| shadow_instance_system_metadata |
| shadow_instance_type_extra_specs |
| shadow_instance_type_projects |
| shadow_instance_types |
| shadow_instances |
| shadow_key_pairs |
| shadow_migrate_version |
| shadow_migrations |
| shadow_networks |
| shadow_pci_devices |
| shadow_project_user_quotas |
| shadow_provider_fw_rules |
| shadow_quota_classes |
| shadow_quota_usages |
| shadow_quotas |
| shadow_reservations |
| shadow_s3_images |
| shadow_security_group_default_rules |
| shadow_security_group_instance_association |
| shadow_security_group_rules |
| shadow_security_groups |
| shadow_services |
| shadow_snapshot_id_mappings |
| shadow_snapshots |
| shadow_task_log |
| shadow_virtual_interfaces |
| shadow_volume_id_mappings |
| shadow_volume_usage_cache |
| snapshot_id_mappings |
| snapshots |
| tags |
| task_log |
| virtual_interfaces |
| volume_id_mappings |
| volume_usage_cache |
+--------------------------------------------+
109 rows in set (0.00 sec)
MariaDB [nova]> use nova_api
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
MariaDB [nova_api]> show tables;
+--------------------+
| Tables_in_nova_api |
+--------------------+
| build_requests |
| cell_mappings |
| flavor_extra_specs |
| flavor_projects |
| flavors |
| host_mappings |
| instance_mappings |
| migrate_version |
| request_specs |
+--------------------+
9 rows in set (0.00 sec)啟動(dòng)Compute service并配置開(kāi)機(jī)自動(dòng)啟動(dòng)服務(wù)
systemctl enable openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
systemctl start openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
程序員人生,我編程,我富裕,記住wfuyu網(wǎng),php教程,php學(xué)習(xí),php手冊(cè),CMS模版制作
聲明:本站大部分內(nèi)容是作者原創(chuàng),少部分收集于互聯(lián)網(wǎng)供大家一起學(xué)習(xí),原版權(quán)很多不明,如有侵權(quán)請(qǐng)聯(lián)系本站,謝謝!
粵ICP備14040726號(hào)-1?? 2015-2020 程序員人生 版權(quán)所有
