• Openstack组件部署 — Nova_安装和配置Controller Node


    目录

    前文列表

    Openstack组件部署 — Overview和前期环境准备
    Openstack组建部署 — Environment of Controller Node
    Openstack组件部署 — Keystone功能介绍与认证实现流程
    Openstack组件部署 — Keystone Install & Create service entity and API endpoints
    Openstack组件部署 — keystone(domain, projects, users, and roles)
    Openstack组件实现原理 — Keystone认证功能
    Openstack组建部署 — Glance Install
    Openstack组件实现原理 — Glance架构(V1/V2)
    Openstack组件部署 — Nova overview

    Prerequisites 先决条件

    Before you install and configure the Compute service, you must create databases, service credentials, and API endpoints.
    在安装和被指Compute service之前,你必须先创建Compute service的数据库、服务证书和API Endpoints

    To create the databases

    Use the database access client to connect to the database server as the root user:
    使用root用户登录到MySQL

    mysql -u root -pfanguiju

    Create the nova_api and nova databases:
    创建nova_apinova两个数据库

    MariaDB [(none)]> CREATE DATABASE nova_api;
    Query OK, 1 row affected (0.00 sec)
    
    MariaDB [(none)]> CREATE DATABASE nova;
    Query OK, 1 row affected (0.00 sec)

    Grant proper access to the databases:
    创建novanova_api数据库的用户nova,并授予nova用户对novanova_api数据库的完全控制权限。

    GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'fanguiju';
    GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'fanguiju';
    GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'fanguiju';
    GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'fanguiju';

    Example:

    MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'fanguiju';
    Query OK, 0 rows affected (0.00 sec)
    
    MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'fanguiju';
    Query OK, 0 rows affected (0.00 sec)
    
    MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'fanguiju';
    Query OK, 0 rows affected (0.00 sec)
    
    MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'fanguiju';
    Query OK, 0 rows affected (0.00 sec)

    Exit the database access client

    To create the service credentials

    Source the admin credentials to gain access to admin-only CLI commands:
    执行admin环境变量脚本

    . admin-openrc

    Create the nova user:
    创建nova用户

    [root@controller ~]# openstack user create --domain default --password-prompt nova
    User Password:
    Repeat User Password:
    +-----------+----------------------------------+
    | Field     | Value                            |
    +-----------+----------------------------------+
    | domain_id | 011fbf8c04f1479ab1a4e49b019b22d1 |
    | enabled   | True                             |
    | id        | 90a93575ebff4311a919d91db888938c |
    | name      | nova                             |
    +-----------+----------------------------------+

    Add the admin role to the nova user:
    Role admin添加到Project service中的User nova

    openstack role add --project service --user nova admin

    Create the nova service entity:
    创建nova服务实体

    [root@controller ~]# openstack service create --name nova --description "OpenStack Compute" compute
    +-------------+----------------------------------+
    | Field       | Value                            |
    +-------------+----------------------------------+
    | description | OpenStack Compute                |
    | enabled     | True                             |
    | id          | 3af0ba8834ad4d57ae4b88774e62358b |
    | name        | nova                             |
    | type        | compute                          |
    +-------------+----------------------------------+

    Create the Compute service API endpoints

    创建Compute service的API Endpoints

    [root@controller ~]# openstack endpoint create --region RegionOne compute public http://controller.jmilk.com:8774/v2.1/%(tenant_id)s
    +--------------+-----------------------------------------------------+
    | Field        | Value                                               |
    +--------------+-----------------------------------------------------+
    | enabled      | True                                                |
    | id           | 1a96143b3d6d46fc8fe17a70043b6448                    |
    | interface    | public                                              |
    | region       | RegionOne                                           |
    | region_id    | RegionOne                                           |
    | service_id   | 3af0ba8834ad4d57ae4b88774e62358b                    |
    | service_name | nova                                                |
    | service_type | compute                                             |
    | url          | http://controller.jmilk.com:8774/v2.1/%(tenant_id)s |
    +--------------+-----------------------------------------------------+
    [root@controller ~]# openstack endpoint create --region RegionOne compute internal http://controller.jmilk.com:8774/v2.1/%(tenant_id)s
    +--------------+-----------------------------------------------------+
    | Field        | Value                                               |
    +--------------+-----------------------------------------------------+
    | enabled      | True                                                |
    | id           | a2b2b6ebe6a3450dabdaf19d0ff00f97                    |
    | interface    | internal                                            |
    | region       | RegionOne                                           |
    | region_id    | RegionOne                                           |
    | service_id   | 3af0ba8834ad4d57ae4b88774e62358b                    |
    | service_name | nova                                                |
    | service_type | compute                                             |
    | url          | http://controller.jmilk.com:8774/v2.1/%(tenant_id)s |
    +--------------+-----------------------------------------------------+
    [root@controller ~]# openstack endpoint create --region RegionOne compute admin http://controller.jmilk.com:8774/v2.1/%(tenant_id)s
    +--------------+-----------------------------------------------------+
    | Field        | Value                                               |
    +--------------+-----------------------------------------------------+
    | enabled      | True                                                |
    | id           | 33d0c267549f4ecd89c0063ad16c41df                    |
    | interface    | admin                                               |
    | region       | RegionOne                                           |
    | region_id    | RegionOne                                           |
    | service_id   | 3af0ba8834ad4d57ae4b88774e62358b                    |
    | service_name | nova                                                |
    | service_type | compute                                             |
    | url          | http://controller.jmilk.com:8774/v2.1/%(tenant_id)s |
    +--------------+-----------------------------------------------------+

    Install and configure components

    Install the packages

    yum install openstack-nova-api openstack-nova-conductor 
      openstack-nova-console openstack-nova-novncproxy 
      openstack-nova-scheduler -y

    Edit the /etc/nova/nova.conf file

    In the [DEFAULT] section, enable only the compute and metadata APIs:
    [DEFAULT]节点中配置启用只允许computemetadataAPIs
    vim /etc/nova/nova.conf

    [DEFAULT]
    enabled_apis = osapi_compute,metadata

    In the [api_database] and [database] sections, configure database access:
    配置连接到novanova_api数据库的访问协议

    [api_database]
    connection = mysql+pymysql://nova:fanguiju@controller.jmilk.com/nova_api
    
    [database]
    connection = mysql+pymysql://nova:fanguiju@controller.jmilk.com/nova

    In the [DEFAULT] and [oslo_messaging_rabbit] sections, configure RabbitMQ message queue access:
    配置RabbitMQ消息队列访问

    [DEFAULT]
    rpc_backend = rabbit
    
    [oslo_messaging_rabbit]
    rabbit_host = controller.jmilk.com
    rabbit_userid = openstack
    rabbit_password = fanguiju

    In the [DEFAULT] and [keystone_authtoken] sections, configure Identity service access:
    配置Identity service认证服务

    [DEFAULT]
    auth_strategy = keystone
    
    [keystone_authtoken]
    auth_uri = http://controller.jmilk.com:5000
    auth_url = http://controller.jmilk.com:35357
    memcached_servers = controller.jmilk.com:11211
    auth_type = password
    project_domain_name = default
    user_domain_name = default
    project_name = service
    username = nova
    password = fanguiju

    Note:Comment out or remove any other options in the [keystone_authtoken] section.
    注意:注释或删除所有在[keystone_authtoken]节点上的所有参数选项

    In the [DEFAULT] section, configure the my_ip option to use the management interface IP address of the controller node:
    配置my_ip选项为Controller Note上的管理接口IP(Controller Node Host IP)

    [DEFAULT]
    my_ip = 192.168.1.5

    In the [DEFAULT] section, enable support for the Networking service:

    [DEFAULT]
    use_neutron = True
    firewall_driver = nova.virt.firewall.NoopFirewallDriver

    Note:By default, Compute uses an internal firewall driver. Since the Networking service includes a firewall driver, you must disable the Compute firewall driver by using the nova.virt.firewall.NoopFirewallDriver firewall driver.
    注意:默认的,Compute会使用一个internal firewall driver。由于Networking service包含了一个firewall driver,所以你必须通过nova.virt.firewall.NoopFirewallDriver firewall driver来关闭这个Compute firewall driver

    In the [vnc] section, configure the VNC proxy to use the management interface IP address of the controller node:
    配置VNCdialing service使用Controller Node的管理接口IP(Controller Node Host IP)

    [vnc]
    vncserver_listen = $my_ip
    vncserver_proxyclient_address = $my_ip

    In the [glance] section, configure the location of the Image service API:
    配置Image service API的URL

    [glance]
    api_servers = http://controller.jmilk.com:9292

    In the [oslo_concurrency]* section, configure the lock path:*

    [oslo_concurrency]
    lock_path = /var/lib/nova/tmp

    总览

    [root@controller ~]# cat /etc/nova/nova.conf | grep -v ^$ | grep -v ^#
    [DEFAULT]
    auth_strategy = keystone
    rpc_backend = rabbit
    my_ip = 192.168.1.5
    use_neutron = True
    firewall_driver = nova.virt.firewall.NoopFirewallDriver
    enabled_apis=osapi_compute,metadata
    [api_database]
    connection = mysql+pymysql://nova:fanguiju@controller.jmilk.com/nova_api
    [barbican]
    [cache]
    [cells]
    [cinder]
    [conductor]
    [cors]
    [cors.subdomain]
    [database]
    connection = mysql+pymysql://nova:fanguiju@controller.jmilk.com/nova
    [ephemeral_storage_encryption]
    [glance]
    api_servers = http://controller.jmilk.com:9292
    [guestfs]
    [hyperv]
    [image_file_url]
    [ironic]
    [keymgr]
    [keystone_authtoken]
    auth_uri = http://controller.jmilk.com:5000
    auth_url = http://controller.jmilk.com:35357
    memcached_servers = controller.jmilk.com:11211
    auth_type = password
    project_domain_name = default
    user_domain_name = default
    project_name = service
    username = nova
    password = fanguiju
    [libvirt]
    [matchmaker_redis]
    [metrics]
    [neutron]
    [osapi_v21]
    [oslo_concurrency]
    lock_path = /var/lib/nova/tmp
    [oslo_messaging_amqp]
    [oslo_messaging_notifications]
    [oslo_messaging_rabbit]
    rabbit_host = controller.jmilk.com
    rabbit_userid = openstack
    rabbit_password = fanguiju
    [oslo_middleware]
    [oslo_policy]
    [rdp]
    [serial_console]
    [spice]
    [ssl]
    [trusted_computing]
    [upgrade_levels]
    [vmware]
    [vnc]
    vncserver_listen = $my_ip
    vncserver_proxyclient_address = $my_ip
    [workarounds]
    [xenserver]

    Populate the Compute databases

    初始化Compute service的novanova_api数据库

    su -s /bin/sh -c "nova-manage api_db sync" nova
    su -s /bin/sh -c "nova-manage db sync" nova

    Example:

    [root@controller ~]# su -s /bin/sh -c "nova-manage api_db sync" nova
    [root@controller ~]# su -s /bin/sh -c "nova-manage db sync" nova
    /usr/lib/python2.7/site-packages/pymysql/cursors.py:146: Warning: Duplicate index 'block_device_mapping_instance_uuid_virtual_name_device_name_idx' defined on the table 'nova.block_device_mapping'. This is deprecated and will be disallowed in a future release.
      result = self._query(query)
    /usr/lib/python2.7/site-packages/pymysql/cursors.py:146: Warning: Duplicate index 'uniq_instances0uuid' defined on the table 'nova.instances'. This is deprecated and will be disallowed in a future release.
      result = self._query(query)

    Note:Ignore any deprecation messages in this output.
    注意:忽略所有无效输出信息

    查看是否成功创建novanova_api数据库:

    MariaDB [nova]> use nova
    Database changed
    MariaDB [nova]> show tables;
    +--------------------------------------------+
    | Tables_in_nova                             |
    +--------------------------------------------+
    | agent_builds                               |
    | aggregate_hosts                            |
    | aggregate_metadata                         |
    | aggregates                                 |
    | allocations                                |
    | block_device_mapping                       |
    | bw_usage_cache                             |
    | cells                                      |
    | certificates                               |
    | compute_nodes                              |
    | console_pools                              |
    | consoles                                   |
    | dns_domains                                |
    | fixed_ips                                  |
    | floating_ips                               |
    | instance_actions                           |
    | instance_actions_events                    |
    | instance_extra                             |
    | instance_faults                            |
    | instance_group_member                      |
    | instance_group_policy                      |
    | instance_groups                            |
    | instance_id_mappings                       |
    | instance_info_caches                       |
    | instance_metadata                          |
    | instance_system_metadata                   |
    | instance_type_extra_specs                  |
    | instance_type_projects                     |
    | instance_types                             |
    | instances                                  |
    | inventories                                |
    | key_pairs                                  |
    | migrate_version                            |
    | migrations                                 |
    | networks                                   |
    | pci_devices                                |
    | project_user_quotas                        |
    | provider_fw_rules                          |
    | quota_classes                              |
    | quota_usages                               |
    | quotas                                     |
    | reservations                               |
    | resource_provider_aggregates               |
    | resource_providers                         |
    | s3_images                                  |
    | security_group_default_rules               |
    | security_group_instance_association        |
    | security_group_rules                       |
    | security_groups                            |
    | services                                   |
    | shadow_agent_builds                        |
    | shadow_aggregate_hosts                     |
    | shadow_aggregate_metadata                  |
    | shadow_aggregates                          |
    | shadow_block_device_mapping                |
    | shadow_bw_usage_cache                      |
    | shadow_cells                               |
    | shadow_certificates                        |
    | shadow_compute_nodes                       |
    | shadow_console_pools                       |
    | shadow_consoles                            |
    | shadow_dns_domains                         |
    | shadow_fixed_ips                           |
    | shadow_floating_ips                        |
    | shadow_instance_actions                    |
    | shadow_instance_actions_events             |
    | shadow_instance_extra                      |
    | shadow_instance_faults                     |
    | shadow_instance_group_member               |
    | shadow_instance_group_policy               |
    | shadow_instance_groups                     |
    | shadow_instance_id_mappings                |
    | shadow_instance_info_caches                |
    | shadow_instance_metadata                   |
    | shadow_instance_system_metadata            |
    | shadow_instance_type_extra_specs           |
    | shadow_instance_type_projects              |
    | shadow_instance_types                      |
    | shadow_instances                           |
    | shadow_key_pairs                           |
    | shadow_migrate_version                     |
    | shadow_migrations                          |
    | shadow_networks                            |
    | shadow_pci_devices                         |
    | shadow_project_user_quotas                 |
    | shadow_provider_fw_rules                   |
    | shadow_quota_classes                       |
    | shadow_quota_usages                        |
    | shadow_quotas                              |
    | shadow_reservations                        |
    | shadow_s3_images                           |
    | shadow_security_group_default_rules        |
    | shadow_security_group_instance_association |
    | shadow_security_group_rules                |
    | shadow_security_groups                     |
    | shadow_services                            |
    | shadow_snapshot_id_mappings                |
    | shadow_snapshots                           |
    | shadow_task_log                            |
    | shadow_virtual_interfaces                  |
    | shadow_volume_id_mappings                  |
    | shadow_volume_usage_cache                  |
    | snapshot_id_mappings                       |
    | snapshots                                  |
    | tags                                       |
    | task_log                                   |
    | virtual_interfaces                         |
    | volume_id_mappings                         |
    | volume_usage_cache                         |
    +--------------------------------------------+
    109 rows in set (0.00 sec)
    
    MariaDB [nova]> use nova_api
    Reading table information for completion of table and column names
    You can turn off this feature to get a quicker startup with -A
    
    Database changed
    MariaDB [nova_api]> show tables;
    +--------------------+
    | Tables_in_nova_api |
    +--------------------+
    | build_requests     |
    | cell_mappings      |
    | flavor_extra_specs |
    | flavor_projects    |
    | flavors            |
    | host_mappings      |
    | instance_mappings  |
    | migrate_version    |
    | request_specs      |
    +--------------------+
    9 rows in set (0.00 sec)

    Finalize installation

    启动Compute service并配置开机自动启动服务

    systemctl enable openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
    systemctl start openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
  • 相关阅读:
    java 21
    maven POM.xml 标签详解
    shell sed 替代1
    lua的table库中的常用函数总结
    Lua字符串及模式匹配
    lua文件读写
    qt添加lua支持
    关于c调用lua 对‘luaL_newstate()’未定义的引用的问题解决办法
    Lua开发环境
    linux安装lua相关编译报错
  • 原文地址:https://www.cnblogs.com/jmilkfan-fanguiju/p/7533686.html
Copyright © 2020-2023  润新知