OpenStack实践系列④计算服务Nova
3.6 Nova控制节点的部署
创建服务的凭证,完成下列步骤:
创建nova用户,并加入到service项目中,赋予admin权限
[root@node1 ~]# source admin-openrc.sh [root@node1 ~]# openstack user create --domain default --password=nova nova +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | default | | enabled | True | | id | 32c8ed2128c747b49482364776ae35a2 | | name | nova | +-----------+----------------------------------+
nova用户赋予管理角色
[root@node1 ~]# openstack role add --project service --user nova admin
编辑/etc/nova/nova.conf文件,并完成以下操作:
在[api_database]和[database]部分,配置数据库访问
[api_database] ... connection = mysql://nova:nova@192.168.3.199/nova_api [database] ... connection=mysql://nova:nova@192.168.3.199/nova
在[DEFAULT]和[oslo_messaging_rabbit]部分,配置RabbitMQ的消息队列访问
[DEFAULT] ... rpc_backend = rabbit my_ip=192.168.3.199 enabled_apis=osapi_compute,metadata network_api_class=nova.network.neutronv2.api.API security_group_api=neutron linuxnet_interface_driver=nova.network.linux_net.NeutronLinuxBridgeInterfaceDriver firewall_driver=nova.virt.firewall.NoopFirewallDriver verbose=True [oslo_messaging_rabbit] ... rabbit_host=192.168.3.199 rabbit_port=5672 rabbit_userid=openstack rabbit_password=openstack
在[DEFAULT]和[keystone_authtoken]部分,配置认证服务
[DEFAULT] ... auth_strategy = keystone [keystone_authtoken] ... auth_uri = http://192.168.3.199:5000 auth_url = http://192.168.3.199:35357 auth_plugin = password project_domain_id = default user_domain_id = default project_name = service username = nova password = nova 在[DEFAULT]部分,启用对网络服务支持 [vnc] ... vncserver_listen=$my_ip vncserver_proxyclient_address=$my_ip
在[glance]部分,配置镜像服务API
[glance]
...
host=$my_ip
在[oslo_concurrency]部分,配置锁路径
[oslo_concurrency]
...
lock_path=/var/lib/nova/tmp
修改nova的配置文件,配置结果如下
[root@node1 nova]# grep -n "^[a-z]" nova.conf 198:my_ip=192.168.3.199 344:enabled_apis=osapi_compute,metadata 506:auth_strategy=keystone 838:network_api_class=nova.network.neutronv2.api.API 930:linuxnet_interface_driver=nova.network.linux_net.NeutronLinuxBridgeInterfaceDriver 1064:security_group_api=neutron 1241:firewall_driver=nova.virt.firewall.NoopFirewallDriver 1284:verbose=true 1423:rpc_backend=rabbit 1743:connection=mysql://nova:nova@192.168.3.199/nova 1944:host=$my_ip 2122:auth_uri = http://192.168.3.199:5000 2123:auth_url = http://192.168.3.199:35357 2124:auth_plugin = password 2125:project_domain_id = default 2126:user_domain_id = default 2127:project_name = service 2128:username = nova 2129:password = nova 2752:lock_path=/var/lib/nova/tmp 2880:rabbit_host=192.168.3.199 2881:rabbit_port=5672 2882:rabbit_userid=openstack 2883:rabbit_password=openstack 3324:vncserver_listen=$my_ip 3329:vncserver_proxyclient_address=$my_ip
同步数据库
[root@node1 ~]# su -s /bin/sh -c "nova-manage db sync" nova
MariaDB [(none)]> use nova; Database changed MariaDB [nova]> show tables; +--------------------------------------------+ | Tables_in_nova | +--------------------------------------------+ | agent_builds | | aggregate_hosts | | aggregate_metadata | | aggregates | | block_device_mapping | | bw_usage_cache | | cells | | certificates | | compute_nodes | | console_pools | | consoles | | dns_domains | | fixed_ips | | floating_ips | | instance_actions | | instance_actions_events | | instance_extra | | instance_faults | | instance_group_member | | instance_group_policy | | instance_groups | | instance_id_mappings | | instance_info_caches | | instance_metadata | | instance_system_metadata | | instance_type_extra_specs | | instance_type_projects | | instance_types | | instances | | key_pairs | | migrate_version | | migrations | | networks | | pci_devices | | project_user_quotas | | provider_fw_rules | | quota_classes | | quota_usages | | quotas | | reservations | | s3_images | | security_group_default_rules | | security_group_instance_association | | security_group_rules | | security_groups | | services | | shadow_agent_builds | | shadow_aggregate_hosts | | shadow_aggregate_metadata | | shadow_aggregates | | shadow_block_device_mapping | | shadow_bw_usage_cache | | shadow_cells | | shadow_certificates | | shadow_compute_nodes | | shadow_console_pools | | shadow_consoles | | shadow_dns_domains | | shadow_fixed_ips | | shadow_floating_ips | | shadow_instance_actions | | shadow_instance_actions_events | | shadow_instance_extra | | shadow_instance_faults | | shadow_instance_group_member | | shadow_instance_group_policy | | shadow_instance_groups | | shadow_instance_id_mappings | | shadow_instance_info_caches | | shadow_instance_metadata | | shadow_instance_system_metadata | | shadow_instance_type_extra_specs | | shadow_instance_type_projects | | shadow_instance_types | | shadow_instances | | shadow_key_pairs | | shadow_migrate_version | | shadow_migrations | | shadow_networks | | shadow_pci_devices | | shadow_project_user_quotas | | shadow_provider_fw_rules | | shadow_quota_classes | | shadow_quota_usages | | shadow_quotas | | shadow_reservations | | shadow_s3_images | | shadow_security_group_default_rules | | shadow_security_group_instance_association | | shadow_security_group_rules | | shadow_security_groups | | shadow_services | | shadow_snapshot_id_mappings | | shadow_snapshots | | shadow_task_log | | shadow_virtual_interfaces | | shadow_volume_id_mappings | | shadow_volume_usage_cache | | snapshot_id_mappings | | snapshots | | tags | | task_log | | virtual_interfaces | | volume_id_mappings | | volume_usage_cache | +--------------------------------------------+ 105 rows in set (0.00 sec)
启动nova的全部服务
[root@node1 ~]# systemctl enable openstack-nova-api.service openstack-nova-cert.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
[root@node1 ~]# systemctl start openstack-nova-api.service openstack-nova-cert.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
在keystone上注册nova,创建计算服务API端点,并检查控制节点的nova服务是否配置成功
[root@node1 ~]# openstack service create --name nova --description "OpenStack Compute" compute +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | OpenStack Compute | | enabled | True | | id | 6bc784216b654af79ad1b23d36767eb5 | | name | nova | | type | compute | +-------------+----------------------------------+ [root@node1 ~]# openstack endpoint create --region RegionOne compute public http://192.168.3.199:8774/v2/%(tenant_id)s +--------------+--------------------------------------------+ | Field | Value | +--------------+--------------------------------------------+ | enabled | True | | id | c94e79c4c7874e6c8646e843dc83a4a8 | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | 6bc784216b654af79ad1b23d36767eb5 | | service_name | nova | | service_type | compute | | url | http://192.168.3.199:8774/v2/%(tenant_id)s | +--------------+--------------------------------------------+ [root@node1 ~]# openstack endpoint create --region RegionOne compute internal http://192.168.3.199:8774/v2/%(tenant_id)s +--------------+--------------------------------------------+ | Field | Value | +--------------+--------------------------------------------+ | enabled | True | | id | f7644b114f4c4aa3902f72a29b8e5894 | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | 6bc784216b654af79ad1b23d36767eb5 | | service_name | nova | | service_type | compute | | url | http://192.168.3.199:8774/v2/%(tenant_id)s | +--------------+--------------------------------------------+ [root@node1 ~]# openstack endpoint create --region RegionOne compute admin http://192.168.3.199:8774/v2/%(tenant_id)s +--------------+--------------------------------------------+ | Field | Value | +--------------+--------------------------------------------+ | enabled | True | | id | 6c3c1308cb0647b891faa8d2260bcf90 | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | 6bc784216b654af79ad1b23d36767eb5 | | service_name | nova | | service_type | compute | | url | http://192.168.3.199:8774/v2/%(tenant_id)s | +--------------+--------------------------------------------+ [root@node1 ~]# openstack host list +---------------------+-------------+----------+ | Host Name | Service | Zone | +---------------------+-------------+----------+ | node1.chinasoft.com | conductor | internal | | node1.chinasoft.com | consoleauth | internal | | node1.chinasoft.com | scheduler | internal | | node1.chinasoft.com | cert | internal | +---------------------+-------------+----------+
3.7 Nova compute 计算节点的部署(192.168.3.200)
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
图解Nova cpmpute
nova-compute一般运行在计算节点上,通过Message Queue接收并管理VM的生命周期
nova-compute通过Libvirt管理KVN,通过XenAPI管理Xen等
配置时间同步,修改其配置文件,下载chrony
# yum install -y chrony
修改其配置文件
# vim /etc/chrony.conf
server 192.168.3.199 iburst
(只保留这一个server,也就是和控制节点的时间保持同步)
chrony开机自启动,并且启动
# systemctl enable chronyd.service
# systemctl start chronyd.service
设置Centos7的时区
[root@node2 yum.repos.d]# timedatectl set-timezone Asia/Shanghai
查看时区
[root@node2 yum.repos.d]# timedatectl status Local time: Wed 2017-04-26 15:27:53 CST Universal time: Wed 2017-04-26 07:27:53 UTC RTC time: Wed 2017-04-26 07:27:57 Time zone: Asia/Shanghai (CST, +0800) NTP enabled: yes NTP synchronized: no RTC in local TZ: no DST active: n/a
开始部署计算节点
更改计算节点上的配置文件,直接使用控制节点的配置文件
[root@node1 nova]# scp /etc/nova/nova.conf 192.168.3.200:/etc/nova/ (在控制节点上操作的scp)
在计算节点node2.chinasoft.com上编辑/etc/nova/nova.conf文件,并完成以下操作:
更改配置文件后的过滤结果
[root@node2 nova]# grep -n '^[a-z]' nova.conf 198:my_ip=192.168.3.200 # 改成计算节点本机IP 344:enabled_apis=osapi_compute,metadata 506:auth_strategy=keystone 838:network_api_class=nova.network.neutronv2.api.API 930:linuxnet_interface_driver=nova.network.linux_net.NeutronLinuxBridgeInterfaceDriver 1064:security_group_api=neutron 1241:firewall_driver=nova.virt.firewall.NoopFirewallDriver 1284:verbose=true 1423:rpc_backend=rabbit 1743:connection=mysql://nova:nova@192.168.3.199/nova 1944:host=192.168.3.199 # [glance] 部分连接控制节点 2122:auth_uri = http://192.168.3.199:5000 2123:auth_url = http://192.168.3.199:35357 2124:auth_plugin = password 2125:project_domain_id = default 2126:user_domain_id = default 2127:project_name = service 2128:username = nova 2129:password = nova 2310:virt_type=kvm # [libvirt] 部分 使用kvm虚拟机,需要cpu支持,可通过grep "vmx" /proc/cpuinfo查看 2752:lock_path=/var/lib/nova/tmp 2880:rabbit_host=192.168.3.199 2881:rabbit_port=5672 2882:rabbit_userid=openstack 2883:rabbit_password=openstack 3315:novncproxy_base_url=http://192.168.3.199:6080/vnc_auto.html # 指定novncproxy的IP地址和端口 3324:vncserver_listen=0.0.0.0 # vnc监听0.0.0.0 3329:vncserver_proxyclient_address=$my_ip 3334:vnc_enabled=true # 启用vnc 3339:vnc_keymap=en-us # 英语键盘
启动计算节点的libvirt和nova-compute
[root@node2 nova]# systemctl enable libvirtd openstack-nova-compute Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-nova-compute.service to /usr/lib/systemd/system/openstack-nova-compute.service. [root@node2 nova]# systemctl start libvirtd openstack-nova-compute
在控制节点中查看注册的host,最后一个compute即是注册的host
[root@node1 ~]# openstack host list
+---------------------+-------------+----------+
| Host Name | Service | Zone |
+---------------------+-------------+----------+
| node1.chinasoft.com | conductor | internal |
| node1.chinasoft.com | consoleauth | internal |
| node1.chinasoft.com | scheduler | internal |
| node1.chinasoft.com | cert | internal |
| node2.chinasoft.com | compute | nova |
+---------------------+-------------+----------+
在控制节点中测试nova和glance连接正常,nova链接keystone是否正常
[root@node1 ~]# nova image-list +--------------------------------------+--------+--------+--------+ | ID | Name | Status | Server | +--------------------------------------+--------+--------+--------+ | 447ef14f-5ab2-4a69-af46-cf4331f45967 | cirros | ACTIVE | | +--------------------------------------+--------+--------+--------+ [root@node1 ~]# nova endpoints WARNING: keystone has no endpoint in ! Available endpoints for this service: +-----------+----------------------------------+ | keystone | Value | +-----------+----------------------------------+ | id | 0be2afa7f0594d53947d5fe7574b112a | | interface | public | | region | RegionOne | | region_id | RegionOne | | url | http://192.168.3.199:5000/v2.0 | +-----------+----------------------------------+ +-----------+----------------------------------+ | keystone | Value | +-----------+----------------------------------+ | id | 8dffe48e9f4a425381a6504d926829aa | | interface | admin | | region | RegionOne | | region_id | RegionOne | | url | http://192.168.3.199:35357/v2.0 | +-----------+----------------------------------+ +-----------+----------------------------------+ | keystone | Value | +-----------+----------------------------------+ | id | e637eb99b5964306b5dc36eff47808fb | | interface | internal | | region | RegionOne | | region_id | RegionOne | | url | http://192.168.3.199:5000/v2.0 | +-----------+----------------------------------+ WARNING: nova has no endpoint in ! Available endpoints for this service: +-----------+---------------------------------------------------------------+ | nova | Value | +-----------+---------------------------------------------------------------+ | id | 6c3c1308cb0647b891faa8d2260bcf90 | | interface | admin | | region | RegionOne | | region_id | RegionOne | | url | http://192.168.3.199:8774/v2/7340dd86a8b14e73ac36b6d6385c689c | +-----------+---------------------------------------------------------------+ +-----------+---------------------------------------------------------------+ | nova | Value | +-----------+---------------------------------------------------------------+ | id | c94e79c4c7874e6c8646e843dc83a4a8 | | interface | public | | region | RegionOne | | region_id | RegionOne | | url | http://192.168.3.199:8774/v2/7340dd86a8b14e73ac36b6d6385c689c | +-----------+---------------------------------------------------------------+ +-----------+---------------------------------------------------------------+ | nova | Value | +-----------+---------------------------------------------------------------+ | id | f7644b114f4c4aa3902f72a29b8e5894 | | interface | internal | | region | RegionOne | | region_id | RegionOne | | url | http://192.168.3.199:8774/v2/7340dd86a8b14e73ac36b6d6385c689c | +-----------+---------------------------------------------------------------+ WARNING: glance has no endpoint in ! Available endpoints for this service: +-----------+----------------------------------+ | glance | Value | +-----------+----------------------------------+ | id | 4ea9ed1557dc4e548c76cdf0f3d4fbdc | | interface | public | | region | RegionOne | | region_id | RegionOne | | url | http://192.168.3.199:9292 | +-----------+----------------------------------+ +-----------+----------------------------------+ | glance | Value | +-----------+----------------------------------+ | id | b8012edc462a4d82b68b6a138b47cc94 | | interface | admin | | region | RegionOne | | region_id | RegionOne | | url | http://192.168.3.199:9292 | +-----------+----------------------------------+ +-----------+----------------------------------+ | glance | Value | +-----------+----------------------------------+ | id | cef79d1f235c4fbe9eb2679c101edc15 | | interface | internal | | region | RegionOne | | region_id | RegionOne | | url | http://192.168.3.199:9292 | +-----------+----------------------------------+