OpenStack(4):手動(dòng)部署OpenStack Queens(4.計(jì)算服務(wù))

計(jì)算服務(wù)概覽

使用OpenStack計(jì)算服務(wù)來(lái)托管和管理云計(jì)算系統(tǒng)。OpenStack計(jì)算服務(wù)是基礎(chǔ)設(shè)施即服務(wù)(IaaS)系統(tǒng)的主要部分,模塊主要由Python實(shí)現(xiàn)。

OpenStack計(jì)算組件請(qǐng)求OpenStack Identity服務(wù)進(jìn)行認(rèn)證;請(qǐng)求OpenStack Image服務(wù)提供磁盤(pán)鏡像;為OpenStack dashboard提供用戶與管理員接口。磁盤(pán)鏡像訪問(wèn)限制在項(xiàng)目與用戶上;配額以每個(gè)項(xiàng)目進(jìn)行設(shè)定(例如,每個(gè)項(xiàng)目下可以創(chuàng)建多少實(shí)例)。OpenStack組件可以在標(biāo)準(zhǔn)硬件上水平大規(guī)模擴(kuò)展,并且下載磁盤(pán)鏡像啟動(dòng)虛擬機(jī)實(shí)例。

OpenStack計(jì)算服務(wù)由下列組件所構(gòu)成:

  • nova-api 服務(wù)

    接收和響應(yīng)來(lái)自最終用戶的計(jì)算API請(qǐng)求。此服務(wù)支持OpenStack計(jì)算服務(wù)API,Amazon EC2 API,以及特殊的管理API用于賦予用戶做一些管理的操作。它會(huì)強(qiáng)制實(shí)施一些規(guī)則,發(fā)起多數(shù)的編排活動(dòng),例如運(yùn)行一個(gè)實(shí)例。

  • nova-api-metadata 服務(wù)

    接受來(lái)自虛擬機(jī)發(fā)送的元數(shù)據(jù)請(qǐng)求。nova-api-metadata服務(wù)一般在安裝nova-network服務(wù)的多主機(jī)模式下使用。更詳細(xì)的信息,請(qǐng)參考OpenStack管理員手冊(cè)中的鏈接Metadata service <http://docs.openstack.org/admin-guide/compute-networking-nova.html#metadata-service>__ in the OpenStack Administrator Guide。

  • nova-compute服務(wù)

    一個(gè)持續(xù)工作的守護(hù)進(jìn)程,通過(guò)Hypervior的API來(lái)創(chuàng)建和銷(xiāo)毀虛擬機(jī)實(shí)例。例如:
    XenServer/XCP 的 XenAPI
    KVM 或 QEMU 的 libvirt
    VMware 的 VMwareAPI

過(guò)程是蠻復(fù)雜的。最為基本的,守護(hù)進(jìn)程同意了來(lái)自隊(duì)列的動(dòng)作請(qǐng)求,轉(zhuǎn)換為一系列的系統(tǒng)命令如啟動(dòng)一個(gè)KVM實(shí)例,然后,到數(shù)據(jù)庫(kù)中更新它的狀態(tài)。

  • nova-scheduler服務(wù)

    拿到一個(gè)來(lái)自隊(duì)列請(qǐng)求虛擬機(jī)實(shí)例,然后決定那臺(tái)計(jì)算服務(wù)器主機(jī)來(lái)運(yùn)行它。

  • nova-conductor模塊

    媒介作用于nova-compute服務(wù)與數(shù)據(jù)庫(kù)之間。它排除了由nova-compute服務(wù)對(duì)云數(shù)據(jù)庫(kù)的直接訪問(wèn)。nova-conductor模塊可以水平擴(kuò)展。但是,不要將它部署在運(yùn)行nova-compute服務(wù)的主機(jī)節(jié)點(diǎn)上。參考Configuration Reference Guide http://docs.openstack.org/mitaka/config-reference/compute/conductor.html`__。

  • nova-cert模塊

    服務(wù)器守護(hù)進(jìn)程向Nova Cert服務(wù)提供X509證書(shū)。用來(lái)為euca-bundle-image生成證書(shū)。僅僅是在EC2 API的請(qǐng)求中使用

  • nova-network worker 守護(hù)進(jìn)程

    nova-compute服務(wù)類(lèi)似,從隊(duì)列中接受網(wǎng)絡(luò)任務(wù),并且操作網(wǎng)絡(luò)。執(zhí)行任務(wù)例如創(chuàng)建橋接的接口或者改變IPtables的規(guī)則。

  • nova-consoleauth 守護(hù)進(jìn)程

    授權(quán)控制臺(tái)代理所提供的用戶令牌。詳情可查看nova-novncproxy和 nova-xvpvncproxy。該服務(wù)必須為控制臺(tái)代理運(yùn)行才可奏效。在集群配置中你可以運(yùn)行二者中任一代理服務(wù)而非僅運(yùn)行一個(gè)nova-consoleauth服務(wù)。更多關(guān)于nova-consoleauth的信息,請(qǐng)查看About nova-consoleauth <http://docs.openstack.org/admin-guide/compute-remote-console-access.html#about-nova-consoleauth>__。

  • nova-novncproxy 守護(hù)進(jìn)程

    提供一個(gè)代理,用于訪問(wèn)正在運(yùn)行的實(shí)例,通過(guò)VNC協(xié)議,支持基于瀏覽器的novnc客戶端。

  • nova-spicehtml5proxy 守護(hù)進(jìn)程

    提供一個(gè)代理,用于訪問(wèn)正在運(yùn)行的實(shí)例,通過(guò) SPICE 協(xié)議,支持基于瀏覽器的 HTML5 客戶端。

  • nova-xvpvncproxy 守護(hù)進(jìn)程

    提供一個(gè)代理,用于訪問(wèn)正在運(yùn)行的實(shí)例,通過(guò)VNC協(xié)議,支持OpenStack特定的Java客戶端。

  • nova-cert 守護(hù)進(jìn)程

    X509 證書(shū)。

  • nova客戶端

    用于用戶作為租戶管理員或最終用戶來(lái)提交命令。

  • 隊(duì)列

    一個(gè)在守護(hù)進(jìn)程間傳遞消息的中央集線器。常見(jiàn)實(shí)現(xiàn)有RabbitMQ <http://www.rabbitmq.com/>__ , 以及如Zero MQ <http://www.zeromq.org/>__等AMQP消息隊(duì)列。

  • SQL數(shù)據(jù)庫(kù)

    存儲(chǔ)構(gòu)建時(shí)和運(yùn)行時(shí)的狀態(tài),為云基礎(chǔ)設(shè)施,包括有:
    可用實(shí)例類(lèi)型
    使用中的實(shí)例
    可用網(wǎng)絡(luò)
    項(xiàng)目

理論上,OpenStack計(jì)算可以支持任何和SQL-Alchemy所支持的后端數(shù)據(jù)庫(kù),通常使用SQLite3來(lái)做測(cè)試可開(kāi)發(fā)工作,MySQL和PostgreSQL 作生產(chǎn)環(huán)境。

第一步:安裝并配置控制節(jié)點(diǎn)(控制節(jié)點(diǎn))

這個(gè)部分將描述如何在控制節(jié)點(diǎn)上安裝和配置 Compute 服務(wù),即 nova。

1.先決條件

在安裝和配置 Compute 服務(wù)前,你必須創(chuàng)建數(shù)據(jù)庫(kù)服務(wù)的憑據(jù)以及 API endpoints。

  • 1.為了創(chuàng)建數(shù)據(jù)庫(kù),必須完成這些步驟:

以下有6處xiaoliu,請(qǐng)根據(jù)實(shí)際情況更改

# 用數(shù)據(jù)庫(kù)連接客戶端以 root 用戶連接到數(shù)據(jù)庫(kù)服務(wù)器:
mysql -u root -p

# 2.創(chuàng)建 nova_api 和 nova 數(shù)據(jù)庫(kù):
CREATE DATABASE nova_api;
CREATE DATABASE nova;
CREATE DATABASE nova_cell0;

# 3.對(duì)數(shù)據(jù)庫(kù)進(jìn)行正確的授權(quán):

GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'xiaoliu';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'xiaoliu';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'xiaoliu';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'xiaoliu';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY 'xiaoliu';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY 'xiaoliu';
  • 2.獲得 admin 憑證來(lái)獲取只有管理員能執(zhí)行的命令的訪問(wèn)權(quán)限:
source /home/admin-openrc
echo $OS_USERNAME
  • 3.要?jiǎng)?chuàng)建服務(wù)證書(shū),完成這些步驟:
# 1.創(chuàng)建 nova 用戶:
openstack user create --domain default --password-prompt nova

# 2.給 nova 用戶添加 admin 角色(這個(gè)命令執(zhí)行后沒(méi)有輸出):
openstack role add --project service --user nova admin

# 3.創(chuàng)建 nova 服務(wù)實(shí)體:
openstack service create --name nova --description "OpenStack Compute" compute
  • 4.創(chuàng)建 Compute 服務(wù) API 端點(diǎn) :
openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1
openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1
openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1
  • 5.使用您選擇的創(chuàng)建Placement服務(wù)用戶PLACEMENT_PASS:
openstack user create --domain default --password-prompt placement
  • 6.使用admin角色將Placement用戶添加到服務(wù)項(xiàng)目(此命令不提供輸出):
openstack role add --project service --user placement admin
  • 7.在服務(wù)目錄中創(chuàng)建Placement API條目:
openstack service create --name placement --description "Placement API" placement
  • 8.創(chuàng)建Placement API服務(wù)端點(diǎn):
openstack endpoint create --region RegionOne placement public http://controller:8778
openstack endpoint create --region RegionOne placement internal http://controller:8778
openstack endpoint create --region RegionOne placement admin http://controller:8778
  • 9.以上命令輸出展示
[root@controller html]# source /home/admin-openrc
[root@controller html]# echo $OS_USERNAME
admin
[root@controller html]# openstack user create --domain default --password-prompt nova
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | default                          |
| enabled             | True                             |
| id                  | 08eb041c35cf45fb85d69ad8a256e054 |
| name                | nova                             |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+
[root@controller html]# openstack role add --project service --user nova admin
[root@controller html]# openstack service create --name nova --description "OpenStack Compute" compute
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Compute                |
| enabled     | True                             |
| id          | 20972a76b318429ea55e9e8b52a90632 |
| name        | nova                             |
| type        | compute                          |
+-------------+----------------------------------+
[root@controller html]# openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 938cac58c5ef433faf2da39e853e5e39 |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 20972a76b318429ea55e9e8b52a90632 |
| service_name | nova                             |
| service_type | compute                          |
| url          | http://controller:8774/v2.1      |
+--------------+----------------------------------+
[root@controller html]# openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 4f991b08697f41ba819f124e98bebd12 |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 20972a76b318429ea55e9e8b52a90632 |
| service_name | nova                             |
| service_type | compute                          |
| url          | http://controller:8774/v2.1      |
+--------------+----------------------------------+
[root@controller html]# openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | d15364459e214fc8bb199f388c857463 |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 20972a76b318429ea55e9e8b52a90632 |
| service_name | nova                             |
| service_type | compute                          |
| url          | http://controller:8774/v2.1      |
+--------------+----------------------------------+
[root@controller html]# openstack user create --domain default --password-prompt placement
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | default                          |
| enabled             | True                             |
| id                  | b6e431f29b8a4849a27d2651903cfde2 |
| name                | placement                        |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+
[root@controller html]# openstack role add --project service --user placement admin
[root@controller html]# openstack service create --name placement --description "Placement API" placement
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Placement API                    |
| enabled     | True                             |
| id          | 617e334646ab4b099a2702b643d8c900 |
| name        | placement                        |
| type        | placement                        |
+-------------+----------------------------------+
[root@controller html]# openstack endpoint create --region RegionOne placement public http://controller:8778
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 541b4dbee64b4b948b84aaba21f70e1c |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 617e334646ab4b099a2702b643d8c900 |
| service_name | placement                        |
| service_type | placement                        |
| url          | http://controller:8778           |
+--------------+----------------------------------+
[root@controller html]# openstack endpoint create --region RegionOne placement internal http://controller:8778
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 604dd6ee7ef54e4e855d7d8688af0d18 |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 617e334646ab4b099a2702b643d8c900 |
| service_name | placement                        |
| service_type | placement                        |
| url          | http://controller:8778           |
+--------------+----------------------------------+
[root@controller html]# openstack endpoint create --region RegionOne placement admin http://controller:8778
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 0bac998fd8ae45bb91787a08226883a5 |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 617e334646ab4b099a2702b643d8c900 |
| service_name | placement                        |
| service_type | placement                        |
| url          | http://controller:8778           |
+--------------+----------------------------------+

2.安全并配置組件

默認(rèn)配置文件在各發(fā)行版本中可能不同。你可能需要添加這些部分,選項(xiàng)而不是修改已經(jīng)存在的部分和選項(xiàng)。另外,在配置片段中的省略號(hào)(...)表示默認(rèn)的配置選項(xiàng)你應(yīng)該保留。

  • 1.安裝軟件包:
yum install -y openstack-nova-api openstack-nova-conductor \
                openstack-nova-console openstack-nova-novncproxy \
                openstack-nova-scheduler openstack-nova-placement-api
  • 2.編輯/etc/nova/nova.conf文件并完成下面的操作:

以下有4處xiaoliu,請(qǐng)根據(jù)自己實(shí)際情況更改

以下有一處IP地址為控制端IP地址,請(qǐng)根據(jù)自己實(shí)際情況更改

cp /etc/nova/nova.conf /etc/nova/nova.conf.bak
cat /etc/nova/nova.conf.bak | grep -v "^#" | grep -v '^/article> > /etc/nova/nova.conf
vim /etc/nova/nova.conf

# 1.在``[DEFAULT]``部分,只啟用計(jì)算和元數(shù)據(jù)API:
[DEFAULT]
# ...
enabled_apis = osapi_compute,metadata

# 2.在``[api_database]``和``[database]``部分,配置數(shù)據(jù)庫(kù)的連接:
# 用你為 Compute 數(shù)據(jù)庫(kù)選擇的密碼來(lái)代替 NOVA_DBPASS。
[api_database]
# ...
connection = mysql+pymysql://nova:xiaoliu@controller/nova_api

[database]
# ...
connection = mysql+pymysql://nova:xiaoliu@controller/nova

# 3.在 “[DEFAULT]” 和 “[oslo_messaging_rabbit]”部分,配置 “RabbitMQ” 消息隊(duì)列訪問(wèn):
# 用你在 “RabbitMQ” 中為 “openstack” 選擇的密碼替換 “RABBIT_PASS”。
[DEFAULT]
# ...
transport_url = rabbit://openstack:xiaoliu@controller

# 4.在 “[api]” 和 “[keystone_authtoken]” 部分,配置認(rèn)證服務(wù)訪問(wèn):
# 使用你在身份認(rèn)證服務(wù)中設(shè)置的``nova`` 用戶的密碼替換``NOVA_PASS``。
[api]
# ...
auth_strategy = keystone

[keystone_authtoken]
# ...
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = xiaoliu

# 5.在 [DEFAULT 部分,配置``my_ip`` 來(lái)使用控制節(jié)點(diǎn)的管理接口的IP 地址。
[DEFAULT]
...
my_ip = 10.0.1.61

# 6.在 [DEFAULT] 部分,使能 Networking 服務(wù):
# 默認(rèn)情況下,計(jì)算服務(wù)使用內(nèi)置的防火墻服務(wù)。
# 由于網(wǎng)絡(luò)服務(wù)包含了防火墻服務(wù),
# 你必須使用``nova.virt.firewall.NoopFirewallDriver``防火墻服務(wù)來(lái)禁用掉計(jì)算服務(wù)內(nèi)置的防火墻服務(wù)
[DEFAULT]
...
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver

# 7.在``[vnc]``部分,配置VNC代理使用控制節(jié)點(diǎn)的管理接口IP地址 :
[vnc]
enabled = true
# ...
server_listen = $my_ip
server_proxyclient_address = $my_ip

# 8.在 [glance] 區(qū)域,配置鏡像服務(wù) API 的位置:
[glance]
# ...
api_servers = http://controller:9292

# 9.在 [oslo_concurrency] 部分,配置鎖路徑:
[oslo_concurrency]
# ...
lock_path = /var/lib/nova/tmp

# 10.在該[placement]部分中,配置Placement API:
[placement]
# ...
os_region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = xiaoliu

# 11.由于打包錯(cuò)誤,您必須通過(guò)將以下配置添加到以下內(nèi)容來(lái)啟用對(duì)Placement API的訪問(wèn)

vim /etc/httpd/conf.d/00-nova-placement-api.conf
<Directory /usr/bin>
   <IfVersion >= 2.4>
      Require all granted
   </IfVersion>
   <IfVersion < 2.4>
      Order allow,deny
      Allow from all
   </IfVersion>
</Directory>

# Restart the httpd service:
systemctl restart httpd
systemctl status httpd
  • 3.填充nova-api數(shù)據(jù)庫(kù)(忽略此輸出中的任何棄用消息):
su -s /bin/sh -c "nova-manage api_db sync" nova
  • 4.注冊(cè)cell0數(shù)據(jù)庫(kù):
su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
  • 5.創(chuàng)建cell1單元格:
su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
  • 6.填充新星數(shù)據(jù)庫(kù):
su -s /bin/sh -c "nova-manage db sync" nova
  • 7.驗(yàn)證nova cell0和cell1是否正確注冊(cè):
nova-manage cell_v2 list_cells
  • 8.以上命令輸出展示
[root@controller html]# su -s /bin/sh -c "nova-manage api_db sync" nova
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) ['use_tpool'] not supported
  exception.NotSupportedWarning

[root@controller html]# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) ['use_tpool'] not supported
  exception.NotSupportedWarning

[root@controller html]# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) ['use_tpool'] not supported
  exception.NotSupportedWarning
48e8e55e-7b55-40f6-84bb-e1acc878140c

[root@controller html]# su -s /bin/sh -c "nova-manage db sync" nova
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) ['use_tpool'] not supported
  exception.NotSupportedWarning
/usr/lib/python2.7/site-packages/pymysql/cursors.py:166: Warning: (1831, u'Duplicate index `block_device_mapping_instance_uuid_virtual_name_device_name_idx`. This is deprecated and will be disallowed in a future release.')
  result = self._query(query)
/usr/lib/python2.7/site-packages/pymysql/cursors.py:166: Warning: (1831, u'Duplicate index `uniq_instances0uuid`. This is deprecated and will be disallowed in a future release.')
  result = self._query(query)

[root@controller html]# nova-manage cell_v2 list_cells
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) ['use_tpool'] not supported
  exception.NotSupportedWarning
+-------+--------------------------------------+------------------------------------+-------------------------------------------------+
|  名稱 |                 UUID                 |           Transport URL            |                    數(shù)據(jù)庫(kù)連接                   |
+-------+--------------------------------------+------------------------------------+-------------------------------------------------+
| cell0 | 00000000-0000-0000-0000-000000000000 |               none:/               | mysql+pymysql://nova:****@controller/nova_cell0 |
| cell1 | 48e8e55e-7b55-40f6-84bb-e1acc878140c | rabbit://openstack:****@controller |    mysql+pymysql://nova:****@controller/nova    |
+-------+--------------------------------------+------------------------------------+-------------------------------------------------+
  • 9.驗(yàn)證數(shù)據(jù)庫(kù)是否寫(xiě)入成功
# 應(yīng)該有110張表
mysql -uroot -p'xiaoliu' -D nova -se "show tables"
mysql -uroot -p'xiaoliu' -D nova -se "show tables" | wc -l

# 應(yīng)該有32張表
mysql -uroot -p'xiaoliu' -D nova_api -se "show tables"
mysql -uroot -p'xiaoliu' -D nova_api -se "show tables" | wc -l

mysql -uroot -p'xiaoliu' -D nova_cell0 -se "show tables"
mysql -uroot -p'xiaoliu' -D nova_cell0 -se "show tables" | wc -l

3.完成安裝:?jiǎn)?dòng) Compute 服務(wù)并將其設(shè)置為隨系統(tǒng)啟動(dòng)

systemctl enable openstack-nova-api.service \
                    openstack-nova-consoleauth.service openstack-nova-scheduler.service \
                    openstack-nova-conductor.service openstack-nova-novncproxy.service

systemctl stop openstack-nova-api.service \
                    openstack-nova-consoleauth.service openstack-nova-scheduler.service \
                    openstack-nova-conductor.service openstack-nova-novncproxy.service

systemctl start openstack-nova-api.service \
                    openstack-nova-consoleauth.service openstack-nova-scheduler.service \
                    openstack-nova-conductor.service openstack-nova-novncproxy.service

systemctl status openstack-nova-api.service \
                    openstack-nova-consoleauth.service openstack-nova-scheduler.service \
                    openstack-nova-conductor.service openstack-nova-novncproxy.service

第二步:安裝和配置計(jì)算節(jié)點(diǎn)(計(jì)算節(jié)點(diǎn))

該服務(wù)支持多個(gè)虛擬機(jī)管理程序來(lái)部署實(shí)例或虛擬機(jī)(VM)。為簡(jiǎn)單起見(jiàn),此配置使用Quick EMUlator(QEMU)虛擬機(jī)管理程序和支持虛擬機(jī)硬件加速的計(jì)算節(jié)點(diǎn)上的基于內(nèi)核的VM(KVM)擴(kuò)展。在傳統(tǒng)硬件上,此配置使用通用QEMU管理程序。您可以通過(guò)稍作修改來(lái)遵循這些說(shuō)明,以使用其他計(jì)算節(jié)點(diǎn)水平擴(kuò)展您的環(huán)境。

1.啟用OpenStack庫(kù)

在CentOS中, extras倉(cāng)庫(kù)提供用于啟用 OpenStack 倉(cāng)庫(kù)的RPM包。 CentOS 默認(rèn)啟用extras倉(cāng)庫(kù),因此你可以直接安裝用于啟用OpenStack倉(cāng)庫(kù)的包。

# 如果更新了一個(gè)新內(nèi)核,重啟主機(jī)來(lái)使用新內(nèi)核。
yum repolist
yum install -y centos-release-openstack-queens
yum upgrade -y

2.安全并配置組件

  • 1.安裝軟件包:
yum install -y openstack-nova-compute
  • 2.編輯/etc/nova/nova.conf文件并完成下面的操作:

以下有兩處xiaoliu, 請(qǐng)根據(jù)自己實(shí)際情況修改

以下有六處controller,請(qǐng)根據(jù)自己實(shí)際情況修改

cp /etc/nova/nova.conf /etc/nova/nova.conf.bak
cat /etc/nova/nova.conf.bak | grep -v "^#" | grep -v '^/article> > /etc/nova/nova.conf
vim /etc/nova/nova.conf

# 1.在該[DEFAULT]部分中,僅啟用計(jì)算和元數(shù)據(jù)API:
# 在該[DEFAULT]部分中,配置RabbitMQ消息隊(duì)列訪問(wèn):
[DEFAULT]
# ...
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:xiaoliu@controller

# 2.在[api]和[keystone_authtoken]部分中,配置身份服務(wù)訪問(wèn):
# 注釋掉或刪除該[keystone_authtoken] 部分中的任何其他選項(xiàng)。
[api]
# ...
auth_strategy = keystone

[keystone_authtoken]
# ...
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = xiaoliu

# 3.在該[DEFAULT]部分中,配置my_ip選項(xiàng):
# 替換MANAGEMENT_INTERFACE_IP_ADDRESS為計(jì)算節(jié)點(diǎn)上管理網(wǎng)絡(luò)接口的IP地址
[DEFAULT]
# ...
my_ip = 10.0.1.62

# 4.在該[DEFAULT]部分中,啟用對(duì)網(wǎng)絡(luò)服務(wù)的支持:
# 默認(rèn)情況下,Compute使用內(nèi)部防火墻服務(wù)。由于Networking包含防火墻服務(wù)
# 因此必須使用nova.virt.firewall.NoopFirewallDriver防火墻驅(qū)動(dòng)程序禁用Compute防火墻服務(wù)。
[DEFAULT]
# ...
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver

# 5.在該[vnc]部分中,啟用并配置遠(yuǎn)程控制臺(tái)訪問(wèn):
# 如果要訪問(wèn)遠(yuǎn)程控制臺(tái)的Web瀏覽器駐留在無(wú)法解析controller主機(jī)名的主機(jī)上
# 則必須controller使用控制器節(jié)點(diǎn)的管理接口IP地址替換 
[vnc]
# ...
enabled = True
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://controller:6080/vnc_auto.html

# 6.在該[glance]部分中,配置Image服務(wù)API的位置:
[glance]
# ...
api_servers = http://controller:9292

# 7.在該[oslo_concurrency]部分中,配置鎖定路徑:
[oslo_concurrency]
# ...
lock_path = /var/lib/nova/tmp

# 8.在該[placement]部分中,配置Placement API:
# 注釋掉該[placement]部分中的任何其他選項(xiàng)。
[placement]
# ...
os_region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = xiaoliu

3.完成安裝

  • 1.確定您的計(jì)算節(jié)點(diǎn)是否支持虛擬機(jī)的硬件加速。
egrep -c '(vmx|svm)' /proc/cpuinfo

# 如果這個(gè)命令返回了 one or greater 的值,那么你的計(jì)算節(jié)點(diǎn)支持硬件加速且不需要額外的配置。
# 如果這個(gè)命令返回了 zero 值,那么你的計(jì)算節(jié)點(diǎn)不支持硬件加速。你必須配置 libvirt 來(lái)使用 QEMU 去代替 KVM
# 在 /etc/nova/nova.conf 文件的 [libvirt] 區(qū)域做出如下的編輯:
[libvirt]
...
virt_type = qemu
  • 2.啟動(dòng)計(jì)算服務(wù)及其依賴,并將其配置為隨系統(tǒng)自動(dòng)啟動(dòng):
systemctl enable libvirtd.service openstack-nova-compute.service
systemctl stop libvirtd.service openstack-nova-compute.service
systemctl start libvirtd.service openstack-nova-compute.service
systemctl status libvirtd.service openstack-nova-compute.service

第三步:將計(jì)算節(jié)點(diǎn)添加到單元數(shù)據(jù)庫(kù)(控制節(jié)點(diǎn))

# 獲取管理員憑據(jù)以啟用僅管理員CLI命令,然后確認(rèn)數(shù)據(jù)庫(kù)中是否存在計(jì)算主機(jī):
source /home/admin-openrc
echo $OS_USERNAME
openstack compute service list --service nova-compute

# 發(fā)現(xiàn)計(jì)算主機(jī):
su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova

# 輸出結(jié)果展示:
[root@controller html]# source /home/admin-openrc

[root@controller html]# echo $OS_USERNAME
admin

[root@controller html]# openstack compute service list --service nova-compute
+----+--------------+----------+------+---------+-------+----------------------------+
| ID | Binary       | Host     | Zone | Status  | State | Updated At                 |
+----+--------------+----------+------+---------+-------+----------------------------+
|  6 | nova-compute | compute1 | nova | enabled | up    | 2019-01-20T13:58:26.000000 |
+----+--------------+----------+------+---------+-------+----------------------------+

[root@controller html]# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) ['use_tpool'] not supported
  exception.NotSupportedWarning
Found 2 cell mappings.
Skipping cell0 since it does not contain hosts.
Getting computes from cell 'cell1': 48e8e55e-7b55-40f6-84bb-e1acc878140c
Checking host mapping for compute host 'compute1': a42100e8-83de-4500-b22a-831d3f6de399
Creating host mapping for compute host 'compute1': a42100e8-83de-4500-b22a-831d3f6de399
Found 1 unmapped computes in cell: 48e8e55e-7b55-40f6-84bb-e1acc878140c

注意:

添加新計(jì)算節(jié)點(diǎn)時(shí),必須在控制器節(jié)點(diǎn)上運(yùn)行以注冊(cè)這些新計(jì)算節(jié)點(diǎn)?;蛘?,您可以在以下位置設(shè)置適當(dāng)?shù)拈g隔

When you add new compute nodes, you must run nova-manage cell_v2 discover_hosts on the controller node to register those new compute nodes. Alternatively, you can set an appropriate interval in /etc/nova/nova.conf:

vim /etc/nova/nova.conf
[scheduler] 
discover_hosts_in_cells_interval  =  300

第四步:驗(yàn)證操作(在控制器節(jié)點(diǎn)上執(zhí)行這些命令)

驗(yàn)證Compute服務(wù)的運(yùn)行。

1.來(lái)源admin憑據(jù)來(lái)訪問(wèn)僅管理員CLI命令:

source /home/admin-openrc
echo $OS_USERNAME

2.列出服務(wù)組件以驗(yàn)證每個(gè)進(jìn)程的成功啟動(dòng)和注冊(cè):

此輸出應(yīng)指示控制器節(jié)點(diǎn)上啟用的三個(gè)服務(wù)組件以及計(jì)算節(jié)點(diǎn)上啟用的一個(gè)服務(wù)組件。

openstack compute service list

[root@controller html]# openstack compute service list
+----+------------------+------------+----------+---------+-------+----------------------------+
| ID | Binary           | Host       | Zone     | Status  | State | Updated At                 |
+----+------------------+------------+----------+---------+-------+----------------------------+
|  1 | nova-consoleauth | controller | internal | enabled | up    | 2019-01-20T13:59:49.000000 |
|  2 | nova-conductor   | controller | internal | enabled | up    | 2019-01-20T13:59:49.000000 |
|  3 | nova-scheduler   | controller | internal | enabled | up    | 2019-01-20T13:59:49.000000 |
|  6 | nova-compute     | compute1   | nova     | enabled | up    | 2019-01-20T13:59:56.000000 |
+----+------------------+------------+----------+---------+-------+----------------------------+

3.列出Identity服務(wù)中的API端點(diǎn)以驗(yàn)證與Identity服務(wù)的連接:

端點(diǎn)列表可能會(huì)有所不同,具體取決于OpenStack組件的安裝。

忽略此輸出中的任何警告。

openstack catalog list

[root@controller html]# openstack catalog list
+-----------+-----------+-----------------------------------------+
| Name      | Type      | Endpoints                               |
+-----------+-----------+-----------------------------------------+
| keystone  | identity  | RegionOne                               |
|           |           |   admin: http://controller:5000/v3/     |
|           |           | RegionOne                               |
|           |           |   internal: http://controller:5000/v3/  |
|           |           | RegionOne                               |
|           |           |   public: http://controller:5000/v3/    |
|           |           |                                         |
| nova      | compute   | RegionOne                               |
|           |           |   internal: http://controller:8774/v2.1 |
|           |           | RegionOne                               |
|           |           |   public: http://controller:8774/v2.1   |
|           |           | RegionOne                               |
|           |           |   admin: http://controller:8774/v2.1    |
|           |           |                                         |
| glance    | image     | RegionOne                               |
|           |           |   internal: http://controller:9292      |
|           |           | RegionOne                               |
|           |           |   public: http://controller:9292        |
|           |           | RegionOne                               |
|           |           |   admin: http://controller:9292         |
|           |           |                                         |
| placement | placement | RegionOne                               |
|           |           |   admin: http://controller:8778         |
|           |           | RegionOne                               |
|           |           |   public: http://controller:8778        |
|           |           | RegionOne                               |
|           |           |   internal: http://controller:8778      |
|           |           |                                         |
+-----------+-----------+-----------------------------------------+

4.列出Image服務(wù)中的圖像以驗(yàn)證與Image服務(wù)的連接:

openstack image list

[root@controller html]# openstack image list
+--------------------------------------+--------+--------+
| ID                                   | Name   | Status |
+--------------------------------------+--------+--------+
| 6cc21209-0d33-477c-a37e-eeed6b34f3ad | cirros | active |
+--------------------------------------+--------+--------+

5.檢查單元格和放置API是否成功運(yùn)行:

nova-status upgrade check

[root@controller ~]# nova-status upgrade check
/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) ['use_tpool'] not supported
  exception.NotSupportedWarning
Option "os_region_name" from group "placement" is deprecated. Use option "region-name" from group "placement".
+-------------------------------+
| 升級(jí)檢查結(jié)果                  |
+-------------------------------+
| 檢查: Cells v2                |
| 結(jié)果: 成功                    |
| 詳情: None                    |
+-------------------------------+
| 檢查: Placement API           |
| 結(jié)果: 成功                    |
| 詳情: None                    |
+-------------------------------+
| 檢查: Resource Providers      |
| 結(jié)果: 成功                    |
| 詳情: None                    |
+-------------------------------+
| 檢查: Ironic Flavor Migration |
| 結(jié)果: 成功                    |
| 詳情: None                    |
+-------------------------------+
| 檢查: API Service Version     |
| 結(jié)果: 成功                    |
| 詳情: None                    |
+-------------------------------+
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書(shū)系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

友情鏈接更多精彩內(nèi)容