码迷,mamicode.com
首页 > 其他好文 > 详细

七、计算服务集群

时间:2018-05-24 12:41:26      阅读:183      评论:0      收藏:0      [点我收藏+]

标签:grant   uid   address   bsp   用户   网络安装   try   请求   euc   

概述

``nova-api``服务

接收和响应来自最终用户的计算API请求。。

``nova-api-metadata``服务

接受元数据(元数据)请求的实例。当您在多主机模式下运行新星网络安装时,通常使用新星元数据服务。

nova-placement-api service

Tracks the inventory and usage of each provider. For details, see Placement API.

``nova-scheduler``服务

拿到一个来自队列请求虚拟机实例,然后决定那台计算服务器主机来运行它。

``nova-conductor``模块

Api和数据库之间的桥梁

nova-cert 模块

服务器守护进程向Nova Cert服务提供X509证书。用来为``euca-bundle-image``生成证书。仅仅是在EC2 API的请求中使用

nova-consoleauth 模块

 nova-novncproxy and nova-xvpvncproxy.依赖于此服务.

nova-novncproxy 模块

提供一个代理,用于访问正在运行的实例,通过VNC协议,支持基于浏览器的novnc客户端。

``nova-spicehtml5proxy``守护进程

提供一个代理,用于访问正在运行的实例,通过 SPICE 协议,支持基于浏览器的 HTML5 客户端。

nova-xvpvncproxy 守护进程

提供一个代理,用于访问正在运行的实例,通过VNC协议,支持OpenStack特定的Java客户端。

队列

 RabbitMQ,

SQL数据库

存储构建时和运行时的状态,为云基础设施,包括有:

  • 可用实例类型
  • 使用中的实例
  • 可用网络
  • 项目

 

4.1、控制节点安装

4.1.1、先决条件

1、建数据库

$ mysql -u rgalera -p galera -h 192.168.16.10

Create the nova_api, nova, and nova_cell0 databases:

 

MariaDB [(none)]> CREATE DATABASE nova_api;

MariaDB [(none)]> CREATE DATABASE nova;

MariaDB [(none)]> CREATE DATABASE nova_cell0;

对数据库进行正确的授权:

 

MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO ‘nova‘@‘localhost‘ \

  IDENTIFIED BY ‘NOVA_DBPASS‘;

MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO ‘nova‘@‘%‘ \

  IDENTIFIED BY ‘NOVA_DBPASS‘;

 

MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO ‘nova‘@‘localhost‘ \

  IDENTIFIED BY ‘NOVA_DBPASS‘;

MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO ‘nova‘@‘%‘ \

  IDENTIFIED BY ‘NOVA_DBPASS‘;

 

MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO ‘nova‘@‘localhost‘ \

  IDENTIFIED BY ‘NOVA_DBPASS‘;

MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO ‘nova‘@‘%‘ \

  IDENTIFIED BY ‘NOVA_DBPASS‘;

用合适的密码代替 NOVA_DBPASS。

 

退出数据库客户端。

 

 

2、创建角色、用户

 

admin 凭证来获取只有管理员能执行的命令的访问权限:

$ . admin-openrc

 

创建 nova 用户:

 

$ openstack user create --domain default --password-prompt nova

User Password:

Repeat User Password:

+---------------------+----------------------------------+

| Field               | Value                            |

+---------------------+----------------------------------+

| domain_id           | default                          |

| enabled             | True                             |

| id                  | 8a7dbf5279404537b1c7b86c033620fe |

| name                | nova                             |

| options             | {}                               |

| password_expires_at | None                             |

+---------------------+----------------------------------+

 

3、添加 admin 角色到 nova 用户和 service 项目上

$ openstack role add --project service --user nova admin

 

4、创建 nova 租户

 

$ openstack service create --name nova \

  --description "OpenStack Compute" compute

 

+-------------+----------------------------------+

| Field       | Value                            |

+-------------+----------------------------------+

| description | OpenStack Compute                |

| enabled     | True                             |

| id          | 060d59eac51b4594815603d75a00aba2 |

| name        | nova                             |

| type        | compute                          |

+-------------+----------------------------------+

Create the Compute API service endpoints:

5、创建nova租户api端点

$ openstack endpoint create --region RegionOne \

  compute public http://controller:8774/v2.1

 

+--------------+-------------------------------------------+

| Field        | Value                                     |

+--------------+-------------------------------------------+

| enabled      | True                                      |

| id           | 3c1caa473bfe4390a11e7177894bcc7b          |

| interface    | public                                    |

| region       | RegionOne                                 |

| region_id    | RegionOne                                 |

| service_id   | 060d59eac51b4594815603d75a00aba2          |

| service_name | nova                                      |

| service_type | compute                                   |

| url          | http://controller:8774/v2.1               |

+--------------+-------------------------------------------+

 

$ openstack endpoint create --region RegionOne \

  compute internal http://controller:8774/v2.1

 

+--------------+-------------------------------------------+

| Field        | Value                                     |

+--------------+-------------------------------------------+

| enabled      | True                                      |

| id           | e3c918de680746a586eac1f2d9bc10ab          |

| interface    | internal                                  |

| region       | RegionOne                                 |

| region_id    | RegionOne                                 |

| service_id   | 060d59eac51b4594815603d75a00aba2          |

| service_name | nova                                      |

| service_type | compute                                   |

| url          | http://controller:8774/v2.1               |

+--------------+-------------------------------------------+

 

$ openstack endpoint create --region RegionOne \

  compute admin http://controller:8774/v2.1

 

+--------------+-------------------------------------------+

| Field        | Value                                     |

+--------------+-------------------------------------------+

| enabled      | True                                      |

| id           | 38f7af91666a47cfb97b4dc790b94424          |

| interface    | admin                                     |

| region       | RegionOne                                 |

| region_id    | RegionOne                                 |

| service_id   | 060d59eac51b4594815603d75a00aba2          |

| service_name | nova                                      |

| service_type | compute                                   |

| url          | http://controller:8774/v2.1               |

+--------------+-------------------------------------------+

Create a Placement service user using your chosen PLACEMENT_PASS:

6、创建placement用户

$ openstack user create --domain default --password-prompt placement

 

User Password:

Repeat User Password:

+---------------------+----------------------------------+

| Field               | Value                            |

+---------------------+----------------------------------+

| domain_id           | default                          |

| enabled             | True                             |

| id                  | fa742015a6494a949f67629884fc7ec8 |

| name                | placement                        |

| options             | {}                               |

| password_expires_at | None                             |

+---------------------+----------------------------------+

Add the Placement user to the service project with the admin role:

7、palcement赋予admin角色

$ openstack role add --project service --user placement admin

 注解

 

这个命令执行后没有输出。

 

Create the Placement API entry in the service catalog:

8、创建palcement租户

$ openstack service create --name placement --description "Placement API" placement

+-------------+----------------------------------+

| Field       | Value                            |

+-------------+----------------------------------+

| description | Placement API                    |

| enabled     | True                             |

| id          | 2d1a27022e6e4185b86adac4444c495f |

| name        | placement                        |

| type        | placement                        |

+-------------+----------------------------------+

Create the Placement API service endpoints:

9、创建palcement租户端点

$ openstack endpoint create --region RegionOne placement public http://controller:8778

+--------------+----------------------------------+

| Field        | Value                            |

+--------------+----------------------------------+

| enabled      | True                             |

| id           | 2b1b2637908b4137a9c2e0470487cbc0 |

| interface    | public                           |

| region       | RegionOne                        |

| region_id    | RegionOne                        |

| service_id   | 2d1a27022e6e4185b86adac4444c495f |

| service_name | placement                        |

| service_type | placement                        |

| url          | http://controller:8778           |

+--------------+----------------------------------+

 

$ openstack endpoint create --region RegionOne placement internal http://controller:8778

+--------------+----------------------------------+

| Field        | Value                            |

+--------------+----------------------------------+

| enabled      | True                             |

| id           | 02bcda9a150a4bd7993ff4879df971ab |

| interface    | internal                         |

| region       | RegionOne                        |

| region_id    | RegionOne                        |

| service_id   | 2d1a27022e6e4185b86adac4444c495f |

| service_name | placement                        |

| service_type | placement                        |

| url          | http://controller:8778           |

+--------------+----------------------------------+

 

$ openstack endpoint create --region RegionOne placement admin http://controller:8778

+--------------+----------------------------------+

| Field        | Value                            |

+--------------+----------------------------------+

| enabled      | True                             |

| id           | 3d71177b9e0f406f98cbff198d74b182 |

| interface    | admin                            |

| region       | RegionOne                        |

| region_id    | RegionOne                        |

| service_id   | 2d1a27022e6e4185b86adac4444c495f |

| service_name | placement                        |

| service_type | placement                        |

| url          | http://controller:8778           |

+--------------+----------------------------------+

 

 

 

4.1.2、安装配置nova

1、安装nova相关软件

所有控制节点上都执行

# yum -y install openstack-nova-api openstack-nova-conductor \

  openstack-nova-console openstack-nova-novncproxy \

  openstack-nova-scheduler openstack-nova-placement-api

2、编辑配置文件

编辑``/etc/nova/nova.conf``文件并完成下面的操作:

 

在``[DEFAULT]``部分,只启用计算和元数据API:

 

[DEFAULT]

enabled_apis = osapi_compute,metadata

在``[api_database]``和``[database]``部分,配置数据库的连接:

 

[api_database]

connection = mysql+pymysql://nova:NOVA_DBPASS@controller1/nova_api

 

[database]

connection = mysql+pymysql://nova:NOVA_DBPASS@controller1/nova

在``[DEFAULT]``部分,配置``RabbitMQ``消息队列访问权限:

 

[DEFAULT]

transport_url = rabbit://openstack:RABBIT_PASS@controller1

 

[api]

auth_strategy = keystone

 

[keystone_authtoken]

auth_uri = http://controller:5000

auth_url = http://controller:35357

memcached_servers =controller:11211

auth_type = password

project_domain_name = default

user_domain_name = default

project_name = service

username = nova

password = NOVA_PASS

 

[DEFAULT]

my_ip = 10.129.0.12  (控制节点的ip地址)

 

搜索0.0.0.0将0.0.0.0替换成本节点的物理地址

novncproxy_host=192.168.16.11

osapi_compute_listen=192.168.16.11

metadata_listen=192.168.16.11

 

在 ``[DEFAULT]``部分,启用网络服务支持:

[DEFAULT]

# ...

use_neutron = True

firewall_driver = nova.virt.firewall.NoopFirewallDriver (禁用内置防火墙服务)

 注解

默认情况下,计算服务使用内置的防火墙服务。由于网络服务包含了防火墙服务,你必须使用``nova.virt.firewall.NoopFirewallDriver``防火墙服务来禁用掉计算服务内置的防火墙服务

 

在``[vnc]``部分,配置VNC代理使用控制节点的管理接口IP地址 :

[vnc]

enabled = true

vncserver_listen = $my_ip

vncserver_proxyclient_address = $my_ip

 

在 [glance] 区域,配置镜像服务 API 的位置:

[glance]

api_servers = http://controller:9292

 

在 [oslo_concurrency] 部分,配置锁路径:

[oslo_concurrency]

lock_path = /var/lib/nova/tmp

 

In the [placement] section, configure the Placement API:

配置api端点

[placement]

os_region_name = RegionOne

project_domain_name = Default

project_name = service

auth_type = password

user_domain_name = Default

auth_url = http://controller:35357/v3

username = placement

password = PLACEMENT_PASS

 

对placement api启用access访问权限

Due to a packaging bug, you must enable access to the Placement API by adding the following configuration to /etc/httpd/conf.d/00-nova-placement-api.conf:

 

<Directory /usr/bin>

   <IfVersion >= 2.4>

      Require all granted

   </IfVersion>

   <IfVersion < 2.4>

      Order allow,deny

      Allow from all

   </IfVersion>

</Directory>

Restart the httpd service:

 

# systemctl restart httpd

 

 

Populate the nova-api database:

将nova.conf 和/etc/httpd/conf.d/00-nova-placement-api.conf同时copy到controller2、controller3

scp  /etc/nova/nova.conf root@contrller2:/etc/nova/

scp  /etc/nova/nova.conf root@contrller3:/etc/nova/

scp /etc/httpd/conf.d/00-nova-placement-api.conf  root@contrller2:/ etc/httpd/conf.d/

scp /etc/httpd/conf.d/00-nova-placement-api.conf  root@contrller3:/ etc/httpd/conf.d/

 

3、同步数nova-api据库

# su -s /bin/sh -c "nova-manage api_db sync" nova

 注解 忽略输出中任何不推荐使用的信息。

 

Register the cell0 database:

同步nova-cell0数据库

# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova

 

Create the cell1 cell:

创建cell1表

# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova

109e1d4b-536a-40d0-83c6-5f121b82b650

 

 

Populate the nova database:

同步nova数据库

# su -s /bin/sh -c "nova-manage db sync" nova

Verify nova cell0 and cell1 are registered correctly:

 

检测同步结果

# nova-manage cell_v2 list_cells

+-------+--------------------------------------+

| Name  | UUID                                 |

+-------+--------------------------------------+

| cell1 | 109e1d4b-536a-40d0-83c6-5f121b82b650 |

| cell0 | 00000000-0000-0000-0000-000000000000 |

+-------+--------------------------------------+

完成安装?

 

4、启动并开机启动

所有控制节点执行操作

# systemctl enable openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service  openstack-nova-conductor.service openstack-nova-novncproxy.service

# systemctl start openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service  openstack-nova-conductor.service openstack-nova-novncproxy.service

systemctl status openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service  openstack-nova-conductor.service openstack-nova-novncproxy.service | grep running

 

4.2、计算节点安装

 

1、安装nova软件包:

 

计算节点先安装openstack-ocata包

yum install centos-release-openstack-ocata

yum install python-openstackclient

 

安装nova软件包

# yum install openstack-nova-compute

 

2、编辑配置文件

编辑``/etc/nova/nova.conf``文件并完成下面的操作:

 

[DEFAULT]

enabled_apis = osapi_compute,metadata

在``[DEFAULT]``部分,配置``RabbitMQ``消息队列访问权限:

 

[DEFAULT]

transport_url = rabbit://openstack:RABBIT_PASS@controller

 

In the [api] and [keystone_authtoken] sections, configure Identity service access:

 

[api]

# ...

auth_strategy = keystone

 

[keystone_authtoken]

# ...

auth_uri = http://controller:5000

auth_url = http://controller:35357

memcached_servers = controller1:11211,controller2:11211,controller3:11211

auth_type = password

project_domain_name = default

user_domain_name = default

project_name = service

username = nova

password = NOVA_PASS

使用你在身份认证服务中设置的``nova`` 用户的密码替换``NOVA_PASS``。

 

注解在 [keystone_authtoken] 中注释或者删除其他选项。

 

在 [DEFAULT] 部分,配置 my_ip 选项:

 

[DEFAULT]

# ...

my_ip = MANAGEMENT_INTERFACE_IP_ADDRESS

将其中的 MANAGEMENT_INTERFACE_IP_ADDRESS 替换为计算节点上的管理网络接口的IP 地址,例如 :ref:`example architecture <overview-example-architectures>`中所示的第一个节点 10.129.0.15 。

 

在 ``[DEFAULT]``部分,启用网络服务支持:

 

[DEFAULT]

# ...

use_neutron = True

firewall_driver = nova.virt.firewall.NoopFirewallDriver

 注解

 

缺省情况下,Compute 使用内置的防火墙服务。由于 Networking 包含了防火墙服务,所以你必须通过使用 nova.virt.firewall.NoopFirewallDriver 来去除 Compute 内置的防火墙服务。

 

在``[vnc]``部分,启用并配置远程控制台访问:

 

[vnc]

# ...

enabled = True

vncserver_listen = 0.0.0.0

vncserver_proxyclient_address = $my_ip

novncproxy_base_url = http://192.168.16.10:6080/vnc_auto.html

服务器组件监听所有的 IP 地址,而代理组件仅仅监听计算节点管理网络接口的 IP 地址。基本的 URL 指示您可以使用 web 浏览器访问位于该计算节点上实例的远程控制台的位置。

 

 注解

 

如果你运行浏览器的主机无法解析``controller`` 主机名,你可以将 ``controller``替换为你控制节点管理网络的IP地址。

 

在 [glance] 区域,配置镜像服务 API 的位置:

 

[glance]

api_servers = http://controller:9292

在 [oslo_concurrency] 部分,配置锁路径:

 

[oslo_concurrency]

lock_path = /var/lib/nova/tmp

In the [placement] section, configure the Placement API:

 

[placement]

os_region_name = RegionOne

project_domain_name = Default

project_name = service

auth_type = password

user_domain_name = Default

auth_url = http://controller:35357/v3

username = placement

password = PLACEMENT_PASS

 

完成安装?

 

硬件加速

确定您的计算节点是否支持虚拟机的硬件加速。

 

$ egrep -c ‘(vmx|svm)‘ /proc/cpuinfo

如果这个命令返回了 one or greater 的值,那么你的计算节点支持硬件加速且不需要额外的配置。

 

如果这个命令返回了 zero 值,那么你的计算节点不支持硬件加速。你必须配置 libvirt 来使用 QEMU 去代替 KVM

 

在 /etc/nova/nova.conf 文件的 [libvirt] 区域做出如下的编辑:

 

[libvirt]

# ...

virt_type = qemu

启动计算服务及其依赖,并将其配置为随系统自动启动:

 

# systemctl enable libvirtd.service openstack-nova-compute.service

# systemctl start libvirtd.service openstack-nova-compute.service

 

 

3、添加一个计算节点到cell数据库中

控制节点操作

$ . admin-openrc

$ openstack hypervisor list

+----+---------------------+-----------------+-----------+-------+

| ID | Hypervisor Hostname | Hypervisor Type | Host IP   | State |

+----+---------------------+-----------------+-----------+-------+

|  1 | compute1            | QEMU            | 10.129.0.31 | up    |

+----+---------------------+-----------------+-----------+-------+

Discover compute hosts:

4、添加新节点到cell_v2表中

# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova

 

Found 2 cell mappings.

Skipping cell0 since it does not contain hosts.

Getting compute nodes from cell ‘cell1‘: ad5a5985-a719-4567-98d8-8d148aaae4bc

Found 1 computes in cell: ad5a5985-a719-4567-98d8-8d148aaae4bc

Checking host mapping for compute host ‘compute‘: fe58ddc1-1d65-4f87-9456-bc040dc106b3

Creating host mapping for compute host ‘compute‘: fe58ddc1-1d65-4f87-9456-bc040dc106b3

 注解

 

When you add new compute nodes, you must run nova-manage cell_v2 discover_hosts on the controller node to register those new compute nodes. Alternatively, you can set an appropriate interval in /etc/nova/nova.conf:

 

[scheduler]

discover_hosts_in_cells_interval = 300

 

 

 

 

 

 

4.3、验证操作

1、获取admin权限

$ . admin-openrc

 

2、检验

列出服务组件,以验证是否成功启动并注册了每个进程:

 

$ openstack compute service list

 

 

注解

 

该输出应该显示三个服务组件在控制节点上启用,一个服务组件在计算节点上启用。

 

列出身份认证服务中的 API 端点来验证身份认证服务的连通性:

 

3、列出组件api树

$ openstack catalog list

 

+-----------+-----------+-----------------------------------------+

| Name      | Type      | Endpoints                               |

+-----------+-----------+-----------------------------------------+

| keystone  | identity  | RegionOne                               |

|           |           |   public: http://controller:5000/v3/    |

|           |           | RegionOne                               |

|           |           |   internal: http://controller:5000/v3/  |

|           |           | RegionOne                               |

|           |           |   admin: http://controller:35357/v3/    |

|           |           |                                         |

| glance    | image     | RegionOne                               |

|           |           |   admin: http://controller:9292         |

|           |           | RegionOne                               |

|           |           |   public: http://controller:9292        |

|           |           | RegionOne                               |

|           |           |   internal: http://controller:9292      |

|           |           |                                         |

| nova      | compute   | RegionOne                               |

|           |           |   admin: http://controller:8774/v2.1    |

|           |           | RegionOne                               |

|           |           |   internal: http://controller:8774/v2.1 |

|           |           | RegionOne                               |

|           |           |   public: http://controller:8774/v2.1   |

|           |           |                                         |

| placement | placement | RegionOne                               |

|           |           |   public: http://controller:8778        |

|           |           | RegionOne                               |

|           |           |   admin: http://controller:8778         |

|           |           | RegionOne                               |

|           |           |   internal: http://controller:8778      |

|           |           |                                         |

+-----------+-----------+-----------------------------------------+

 注解

 

Ignore any warnings in this output.

 

 

List images in the Image service to verify connectivity with the Image service:

4、列出镜像确认服务正常

$ openstack image list

 

5、检测修复cells和placement api

查看计算节点

openstack compute service list

 

[root@controller1 ~]# nova-status upgrade check

 

七、计算服务集群

标签:grant   uid   address   bsp   用户   网络安装   try   请求   euc   

原文地址:https://www.cnblogs.com/hanjingzheng/p/9082253.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!