六、OpenStack服务-Nova(控制节点)
aliuge 2020-03-25
本章目录
1、概述
2、架构
3、安装配置控制节点
一、概述
使用OpenStack计算服务来托管和管理云计算系统。OpenStack计算服务是基础设施即服务(IaaS)系统的主要部分,模块主要由Python实现。
OpenStack计算组件请求OpenStack Identity服务进行认证;
请求OpenStack Image服务提供磁盘镜像;
为OpenStack dashboard提供用户与管理员接口。磁盘镜像访问限制在项目与用户上;
配额以每个项目进行设定(例如,每个项目下可以创建多少实例)。OpenStack组件可以在标准硬件上水平大规模扩展,并且下载磁盘镜像启动虚拟机实例。
二、架构
三、安装配置
1、创建数据库并授权
1、创建数据库: MariaDB [(none)]> CREATE DATABASE nova; Query OK, 1 row affected (0.00 sec) MariaDB [(none)]> CREATE DATABASE nova_cell0; Query OK, 1 row affected (0.00 sec) MariaDB [(none)]> CREATE DATABASE nova_api; Query OK, 1 row affected (0.00 sec) MariaDB [(none)]> CREATE DATABASE placement; Query OK, 1 row affected (0.00 sec) MariaDB [(none)]> SHOW DATABASES; +--------------------+ | Database | +--------------------+ | glance | | information_schema | | keystone | | mysql | | nova | | nova_api | | nova_cell0 | | performance_schema | | placement | +--------------------+ 9 rows in set (0.00 sec) 2、授权: MariaDB [(none)]> grant all on nova.* to ‘nova‘@‘localhost‘ identified by ‘nova‘; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> grant all on nova.* to ‘nova‘@‘%‘ identified by ‘nova‘; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> grant all on nova_api.* to ‘nova‘@‘localhost‘ identified by ‘nova‘; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> grant all on nova_api.* to ‘nova‘@‘%‘ identified by ‘nova‘; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> grant all on nova_cell0.* to ‘nova‘@‘%‘ identified by ‘nova‘; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> grant all on nova_cell0.* to ‘nova‘@‘localhost‘ identified by ‘nova‘; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> grant all on placement.* to ‘placement‘@‘localhost‘ identified by ‘placement‘; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> grant all on placement.* to ‘placement‘@‘%‘ identified by ‘placement‘; Query OK, 0 rows affected (0.00 sec) 3、查看数据库: [ ~]# mysql -unova -pnova -e "show databases;" +--------------------+ | Database | +--------------------+ | information_schema | | nova | | nova_api | | nova_cell0 | +--------------------+
2、创建用户nova、关联角色
1、创建用户
[ ~]# . admin-openrc
[ ~]# openstack user create --domain default --password-prompt nova
User Password:nova
Repeat User Password:nova
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | cec4534f7ef84ab788be4e8fcaeef156 |
| name | nova |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
2、角色添加
[ ~]# openstack role add --project service --user nova admin3、在keystone上创建服务和注册api(服务目录)
nova的api端口是8774
1、创建nova服务(不能出现多个) [ ~]# openstack service #可以查看帮助 [ ~]# openstack service create --name nova --description "OpenStack Compute" compute +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | OpenStack Compute | | enabled | True | | id | 654777c6bd1547bb839df4d2459eaf26 | | name | nova | | type | compute | +-------------+----------------------------------+ 2、创建注册api [ ~]# openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1 +--------------+-------------------------------------------+ | Field | Value | +--------------+-------------------------------------------+ | enabled | True | | id | 3c1caa473bfe4390a11e7177894bcc7b | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | 060d59eac51b4594815603d75a00aba2 | | service_name | nova | | service_type | compute | | url | http://controller:8774/v2.1 | +--------------+-------------------------------------------+ [ ~]# openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1 +--------------+-------------------------------------------+ | Field | Value | +--------------+-------------------------------------------+ | enabled | True | | id | e3c918de680746a586eac1f2d9bc10ab | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | 060d59eac51b4594815603d75a00aba2 | | service_name | nova | | service_type | compute | | url | http://controller:8774/v2.1 | +--------------+-------------------------------------------+ [ ~]# openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1 +--------------+-------------------------------------------+ | Field | Value | +--------------+-------------------------------------------+ | enabled | True | | id | 38f7af91666a47cfb97b4dc790b94424 | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | 060d59eac51b4594815603d75a00aba2 | | service_name | nova | | service_type | compute | | url | http://controller:8774/v2.1 | +--------------+-------------------------------------------+
4、创建placement相关
4.1创建placement用户
1、创建placement用户
[ ~]# openstack user create --domain default --password-prompt placement
User Password: placement
Repeat User Password:placement
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 842853f62c8d47b8bf7c0019f4de349d |
| name | placement |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
2、添加角色
[ ~]# openstack role add --project service --user placement admin
3、创建Placement API
[ ~]# openstack service create --name placement --description "Placement API" placement
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Placement API |
| enabled | True |
| id | a62cb64d8e3f44f5b4665c18f87dae88 |
| name | placement |
| type | placement |
+-------------+----------------------------------+4.2 创建api计算节点
[ ~]#$ openstack endpoint create --region RegionOne placement public http://controller:8778 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 2b1b2637908b4137a9c2e0470487cbc0 | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | 2d1a27022e6e4185b86adac4444c495f | | service_name | placement | | service_type | placement | | url | http://controller:8778 | +--------------+----------------------------------+ [ ~]#$ openstack endpoint create --region RegionOne placement internal http://controller:8778 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 02bcda9a150a4bd7993ff4879df971ab | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | 2d1a27022e6e4185b86adac4444c495f | | service_name | placement | | service_type | placement | | url | http://controller:8778 | +--------------+----------------------------------+ [ ~]#$ openstack endpoint create --region RegionOne placement admin http://controller:8778 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 3d71177b9e0f406f98cbff198d74b182 | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | 2d1a27022e6e4185b86adac4444c495f | | service_name | placement | | service_type | placement | | url | http://controller:8778 | +--------------+----------------------------------+ 查看方法: [ ~]# openstack user list +----------------------------------+-----------+ | ID | Name | +----------------------------------+-----------+ | 31be40e20245472da1e5a6da135777f6 | glance | | 842853f62c8d47b8bf7c0019f4de349d | placement | | cec4534f7ef84ab788be4e8fcaeef156 | nova | | e1011877fc5d4275b7e4394463883ee0 | myuser | | ef761eff8f434c558b42ed37406dd217 | admin | +----------------------------------+-----------+ [ ~]# openstack service list +----------------------------------+-----------+-----------+ | ID | Name | Type | +----------------------------------+-----------+-----------+ | 654777c6bd1547bb839df4d2459eaf26 | nova | compute | | a62cb64d8e3f44f5b4665c18f87dae88 | placement | placement | | b9548ac6836c423e98ad347ce2fe22bf | keystone | identity | | c287094b556c44b5b72438eccebd9726 | glance | image | +----------------------------------+-----------+-----------+ [ ~]# openstack endpoint list +----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------------+ | ID | Region | Service Name | Service Type | Enabled | Interface | URL | +----------------------------------+-----------+--------------+--------------+---------+-----------+----------------------------------+ ........
5、安装nova
5.1、安装包:
[ ~]# yum install openstack-nova-api openstack-nova-conductor openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler openstack-nova-placement-api
5.2 修改配置文件
vim /etc/nova/nova.conf 1) [DEFAULT] # ... enabled_apis = osapi_compute,metadata #表示启用两个api 2) [api_database] # ... connection = mysql+pymysql://nova:/nova_api 3) [database] # ... connection = mysql+pymysql://nova:/nova 4) [placement_database] # ... connection = mysql+pymysql://placement:/placement 5) [DEFAULT] # ... 3130行 transport_url = rabbit://openstack: 6) [api] # ... auth_strategy = keystone 7) [keystone_authtoken] # ... auth_url = http://controller:5000/v3 memcached_servers = controller:11211 auth_type = password project_domain_name = Default user_domain_name = Default project_name = service username = nova password = nova 8)暂时先不配置 [DEFAULT] # ... my_ip = 192.168.223.157 9) [DEFAULT] # ... use_neutron = true #把neutron服务打开 firewall_driver = nova.virt.firewall.NoopFirewallDriver #关闭防火墙驱动 #默认情况下,计算服务使用的防火墙服务。由于网络服务包包含了防火墙服务,你必须使用#“nova.virt.firewall.NoopFirewallDriver”防火墙服务来禁用掉计算服务内置的防火墙服务,它是一个python类 10) [vnc] enabled = true # ... server_listen = $my_ip server_proxyclient_address = $my_ip 11) [glance] # ...配置镜像下载地址 api_servers = http://controller:9292 12)配置锁路径 [oslo_concurrency] # ... lock_path = /var/lib/nova/tmp #放置脚本重复执行 13) [placement] # ... region_name = RegionOne project_domain_name = Default project_name = service auth_type = password user_domain_name = Default auth_url = http://controller:5000/v3 username = placement password = placement 添加新的计算节点时候加入如下内(直接添加到nova的配置文件中):When you add new compute nodes, you must run nova-manage cell_v2 discover_hosts on the controller node to register those new compute nodes. Alternatively, you can set an appropriate interval in /etc/nova/nova.conf: 14) [scheduler] discover_hosts_in_cells_interval = 300 修改文件: [ ~]# cat /etc/nova/nova.conf [DEFAULT] enabled_apis=osapi_compute,metadata transport_url = rabbit://openstack: my_ip = 192.168.223.170 se_neutron = true firewall_driver = nova.virt.firewall.NoopFirewallDriver [api] auth_strategy = keystone [api_database] connection = mysql+pymysql://nova:/nova_api [barbican] [cache] [cells] [cinder] [compute] [conductor] [console] [consoleauth] [cors] [database] connection = mysql+pymysql://nova:/nova [devices] [ephemeral_storage_encryption] [filter_scheduler] [glance] api_servers = http://controller:9292 [guestfs] [healthcheck] [hyperv] [ironic] [key_manager] [keystone] [keystone_authtoken] auth_url = http://controller:5000/v3 memcached_servers = controller:11211 auth_type = password project_domain_name = Default user_domain_name = Default project_name = service username = nova password = nova [libvirt] [matchmaker_redis] [metrics] [mks] [neutron] [notifications] [osapi_v21] [oslo_concurrency] lock_path = /var/lib/nova/tmp [oslo_messaging_amqp] [oslo_messaging_kafka] [oslo_messaging_notifications] [oslo_messaging_rabbit] [oslo_messaging_zmq] [oslo_middleware] [oslo_policy] [pci] [placement] region_name = RegionOne project_domain_name = Default project_name = service auth_type = password user_domain_name = Default auth_url = http://controller:5000/v3 username = placement password = placement [placement_database] connection = mysql+pymysql://placement:/placement [powervm] [profiler] [quota] [rdp] [remote_debug] [scheduler] [serial_console] [service_user] [spice] [upgrade_levels] [vault] [vendordata_dynamic_auth] [vmware] [vnc] enabled = true # ... server_listen = $my_ip server_proxyclient_address = $my_ip [workarounds] [wsgi] [xenserver] [xvp] [zvm] 注释: firewall_driver = nova.virt.firewall.NoopFirewallDriver #默认情况下,计算服务使用的防火墙服务。由于网络服务包包含了防火墙服务,你必须使用#“nova.virt.firewall.NoopFirewallDriver”防火墙服务来禁用掉计算服务内置的防火墙服务,它是一个python类 #[ ~]# cd /lib/python2.7/site-packages/nova/virt/ #[ virt]# vim firewall.py
5.3 修改http配置文件
[ ~]# vim /etc/httpd/conf.d/00-nova-placement-api.conf
<VirtualHost *:8778>
WSGIProcessGroup nova-placement-api
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
WSGIDaemonProcess nova-placement-api processes=3 threads=1 user=nova group=nova
WSGIScriptAlias / /usr/bin/nova-placement-api
<IfVersion >= 2.4>
ErrorLogFormat "%M"
</IfVersion>
ErrorLog /var/log/nova/nova-placement-api.log
#SSLEngine On
#SSLCertificateFile ...
#SSLCertificateKeyFile ...
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
</VirtualHost>
[ ~]# systemctl restart httpd5.4 同步数据库:
[ ~]# su -s /bin/sh -c "nova-manage api_db sync" nova [ ~]# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova [ ~]# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova 10d6dd1f-aa14-45d5-b6f9-f8e768fec97c [ ~]# su -s /bin/sh -c "nova-manage db sync" nova /usr/lib/python2.7/site-packages/pymysql/cursors.py:170: Warning: (1831, u‘Duplicate index `block_device_mapping_instance_uuid_virtual_name_device_name_idx`. This is deprecated and will be disallowed in a future release.‘) result = self._query(query) /usr/lib/python2.7/site-packages/pymysql/cursors.py:170: Warning: (1831, u‘Duplicate index `uniq_instances0uuid`. This is deprecated and will be disallowed in a future release.‘) result = self._query(query) [ ~]# su -s /bin/sh -c "nova-manage db sync" nova [ ~]# su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova +-------+--------------------------------------+-----------------------------------------+------------------------------------------------------+----------+ | 名称 | UUID | Transport URL | 数据库连接 | Disabled | +-------+--------------------------------------+-----------------------------------------+------------------------------------------------------+----------+ | cell0 | 00000000-0000-0000-0000-000000000000 | none:/ | mysql+pymysql://nova:****@controller/nova_cell0 | False | | cell1 | 10d6dd1f-aa14-45d5-b6f9-f8e768fec97c | rabbit://openstack:****@controller | mysql+pymysql://nova:****@controller/nova | False | +-------+--------------------------------------+-----------------------------------------+------------------------------------------------------+----------+ 登录每个数据库检查表是否创建成功: [ ~]# mysql -unova -pnova MariaDB [(none)]> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | nova | | nova_api | | nova_cell0 | +--------------------+ 5 rows in set (0.00 sec) [ ~]# mysql -unova -pnova -e "use nova;show tables" +--------------------------------------------+ | Tables_in_nova | +--------------------------------------------+ | agent_builds | ................................... When you add new compute nodes, you must run nova-manage cell_v2 discover_hosts on the controller node to register those new compute nodes. Alternatively, you can set an appropriate interval in /etc/nova/nova.conf: [scheduler] discover_hosts_in_cells_interval = 300
5.5 启动并检查服务状态:
1、启动服务 [ ~]# systemctl enable openstack-nova-api.service openstack-nova-consoleauth openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service [ ~]# systemctl start openstack-nova-api.service openstack-nova-consoleauth openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service 2、检查服务是否启动 验证: [ ~]# nova service-list (可以看到三个服务,启动nova-api就是提供此查询结果的服务,能查询,证明nova-api已经启动,如果stop就不能查询) +--------------------------------------+------------------+------------+----------+---------+-------+----------------------------+-----------------+-------------+ | Id | Binary | Host | Zone | Status | State | Updated_at | Disabled Reason | Forced down | +--------------------------------------+------------------+------------+----------+---------+-------+----------------------------+-----------------+-------------+ | aab81bd2-6b01-4825-83e2-e0a2571df5f0 | nova-consoleauth | controller | internal | enabled | up | 2020-02-22T09:17:02.000000 | - | False | | 0056aea6-b275-4284-8db2-b98015867876 | nova-scheduler | controller | internal | enabled | up | 2020-02-22T09:16:52.000000 | - | False | | ccd742e2-e33c-4501-a37d-01aa5084aed6 | nova-conductor | controller | internal | enabled | up | 2020-02-22T09:16:57.000000 | - | False | +--------------------------------------+------------------+------------+----------+---------+-------+----------------------------+-----------------+-------------+ 通过下边的验证openstack-nova-novncproxy是否启动 [ ~]# netstat -tunlp|grep 6080 tcp 0 0 0.0.0.0:6080 0.0.0.0:* LISTEN 8981/python2 [ ~]# ps -ef |grep 8981 nova 8981 1 0 10:25 ? 00:00:21 /usr/bin/python2 /usr/bin/nova-novncproxy --web /usr/share/novnc/ root 24789 13874 0 17:19 pts/1 00:00:00 grep --color=auto 8981 web界面的VNC:http://192.168.223.170:6080/
6、日志存在位置
[ ~]# ll /var/log/nova/ 总用量 124 -rw-r--r-- 1 nova nova 3786 12月 15 22:05 nova-api.log -rw-r--r-- 1 nova nova 1432 12月 15 22:05 nova-conductor.log -rw-r--r-- 1 nova nova 1652 12月 15 22:05 nova-consoleauth.log -rw-r--r-- 1 nova nova 106423 12月 15 22:03 nova-manage.log -rw-r--r-- 1 nova nova 638 12月 15 22:05 nova-novncproxy.log -rw-r--r-- 1 root root 0 12月 15 21:55 nova-placement-api.log -rw-r--r-- 1 nova nova 2230 12月 15 22:05 nova-scheduler.log
相关推荐
zziyuann 0喜欢 / 0评论 2020-06-12
gokeibi 0喜欢 / 0评论 2020-05-07
gokeibi 0喜欢 / 0评论 2020-04-19
gokeibi 0喜欢 / 0评论 2020-04-19
jmppok 0喜欢 / 0评论 2020-03-25
hhphhp 0喜欢 / 0评论 2020-02-09
hhphhp 0喜欢 / 0评论 2020-01-02
gokeibi 0喜欢 / 0评论 2020-01-09
hutiewei00 0喜欢 / 0评论 2013-06-07
jmppok 0喜欢 / 0评论 2019-12-18
onlykg 0喜欢 / 0评论 2019-12-18
playis 0喜欢 / 0评论 2019-12-11
xiaoxiaodedu 0喜欢 / 0评论 2019-12-02
lightlanguage 0喜欢 / 0评论 2019-12-03
AiChinaTech 0喜欢 / 0评论 2019-11-19
wme0ky 0喜欢 / 0评论 2019-10-20
ywmack 0喜欢 / 0评论 2015-02-05
bingxx 0喜欢 / 0评论 2013-08-08
89214456 0喜欢 / 0评论 2019-07-01
fhqidx 0喜欢 / 0评论 2019-06-29
azhedashuaibi 0喜欢 / 0评论 2019-06-21
怕什么真理无穷 0喜欢 / 0评论 2019-06-21
youruncloud 0喜欢 / 0评论 2013-08-08
红色石头 0喜欢 / 0评论 2018-07-16
引力空间万物互联 0喜欢 / 0评论 2019-02-21
qingshuidanxia 0喜欢 / 0评论 2015-08-14
qiuyabing 0喜欢 / 0评论 2018-09-30
xiaohuanxiong 0喜欢 / 0评论 2017-10-27
qiuyabing 0喜欢 / 0评论 2017-06-12
zhujiehades 0喜欢 / 0评论 2016-09-27
wuguangbin0 0喜欢 / 0评论 2017-11-21
AHUTSZF 0喜欢 / 0评论 2014-10-30
fyggzb 0喜欢 / 0评论 2014-10-21
Hcloud 0喜欢 / 0评论 2014-07-19
danelumax 0喜欢 / 0评论 2014-06-20
OakHJH 0喜欢 / 0评论 2014-01-26
张航东 0喜欢 / 0评论 2014-03-03
证券指标 0喜欢 / 0评论 2013-12-14
金锐谈云 0喜欢 / 0评论 2013-09-07
阿Q 0喜欢 / 0评论 2013-11-12
上善若水的木偶戏 0喜欢 / 0评论 2013-08-08
yyaolingfeif 0喜欢 / 0评论 2013-05-17
上善若水的木偶戏 0喜欢 / 0评论 2013-05-12
Chesterieee 0喜欢 / 0评论 2011-08-17