高可用OpenStack（Queen版）集群-6.Nova控制节点集群

参考文档：

1. Install-guide：https://docs.openstack.org/install-guide/
2. OpenStack High Availability Guide：https://docs.openstack.org/ha-guide/index.html
3. 理解Pacemaker：http://www.cnblogs.com/sammyliu/p/5025362.html
4. Ceph: http://docs.ceph.com/docs/master/start/intro/

十．Nova控制节点集群

1. 创建nova相关数据库

# 在任意控制节点创建数据库，后台数据自动同步，以controller01节点为例；
# nova服务含4个数据库，统一授权到nova用户；
# placement主要涉及资源统筹，较常用的api接口是获取备选资源与claim资源等
[root@controller01 ~]# mysql -u root -pmysql_pass

MariaDB [(none)]> CREATE DATABASE nova_api;
MariaDB [(none)]> CREATE DATABASE nova;
MariaDB [(none)]> CREATE DATABASE nova_cell0;
MariaDB [(none)]> CREATE DATABASE nova_placement;

MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'nova_dbpass';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'nova_dbpass';

MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'nova_dbpass';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'nova_dbpass';

MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY 'nova_dbpass';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY 'nova_dbpass';

MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_placement.* TO 'nova'@'localhost' IDENTIFIED BY 'nova_dbpass';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_placement.* TO 'nova'@'%' IDENTIFIED BY 'nova_dbpass';

MariaDB [(none)]> flush privileges;
MariaDB [(none)]> exit; 

2. 创建nova/placement-api

# 在任意控制节点操作，以controller01节点为例；
# 调用nova相关服务需要认证信息，加载环境变量脚本即可
[root@controller01 ~]# . admin-openrc

1）创建nova/plcement用户

# service项目已在glance章节创建；
# nova/placement用户在”default” domain中
[root@controller01 ~]# openstack user create --domain default --password=nova_pass nova
[root@controller01 ~]# openstack user create --domain default --password=placement_pass placement

2）nova/placement赋权

# 为nova/placement用户赋予admin权限
[root@controller01 ~]# openstack role add --project service --user nova admin
[root@controller01 ~]# openstack role add --project service --user placement admin

3）创建nova/placement服务实体

# nova服务实体类型”compute”；
# placement服务实体类型”placement”
[root@controller01 ~]# openstack service create --name nova --description "OpenStack Compute" compute
[root@controller01 ~]# openstack service create --name placement --description "Placement API" placement

4）创建nova/placement-api

# 注意--region与初始化admin用户时生成的region一致；
# api地址统一采用vip，如果public/internal/admin分别使用不同的vip，请注意区分；
# nova-api 服务类型为compute，placement-api服务类型为placement；
# nova public api
[root@controller01 ~]# openstack endpoint create --region RegionTest compute public http://controller:8774/v2.1

# nova internal api
[root@controller01 ~]# openstack endpoint create --region RegionTest compute internal http://controller:8774/v2.1

# nova admin api
[root@controller01 ~]# openstack endpoint create --region RegionTest compute admin http://controller:8774/v2.1

# placement public api
[root@controller01 ~]# openstack endpoint create --region RegionTest placement public http://controller:8778

# placement internal api
[root@controller01 ~]# openstack endpoint create --region RegionTest placement internal http://controller:8778

# placement admin api
[root@controller01 ~]# openstack endpoint create --region RegionTest placement admin http://controller:8778

3. 安装nova

# 在全部控制节点安装nova相关服务，以controller01节点为例
[root@controller01 ~]# yum install openstack-nova-api openstack-nova-conductor \
   openstack-nova-console openstack-nova-novncproxy \
   openstack-nova-scheduler openstack-nova-placement-api -y

4. 配置nova.conf

# 在全部控制节点操作，以controller01节点为例；
# 注意”my_ip”参数，根据节点修改；
# 注意nova.conf文件的权限：root:nova
[root@controller01 ~]# cp /etc/nova/nova.conf /etc/nova/nova.conf.bak
[root@controller01 ~]# egrep -v "^$|^#" /etc/nova/nova.conf
[DEFAULT]
my_ip=172.30.200.31
use_neutron=true
firewall_driver=nova.virt.firewall.NoopFirewallDriver
enabled_apis=osapi_compute,metadata
osapi_compute_listen=$my_ip
osapi_compute_listen_port=8774
metadata_listen=$my_ip
metadata_listen_port=8775
# 前端采用haproxy时，服务连接rabbitmq会出现连接超时重连的情况，可通过各服务与rabbitmq的日志查看；
# transport_url=rabbit://openstack:rabbitmq_pass@controller:5673
# rabbitmq本身具备集群机制，官方文档建议直接连接rabbitmq集群；但采用此方式时服务启动有时会报错，原因不明；如果没有此现象，强烈建议连接rabbitmq直接对接集群而非通过前端haproxy
transport_url=rabbit://openstack:rabbitmq_pass@controller01:5672,controller02:5672,controller03:5672
[api]
auth_strategy=keystone
[api_database]
connection=mysql+pymysql://nova:nova_dbpass@controller/nova_api
[barbican]
[cache]
backend=oslo_cache.memcache_pool
enabled=True
memcache_servers=controller01:11211,controller02:11211,controller03:11211
[cells]
[cinder]
[compute]
[conductor]
[console]
[consoleauth]
[cors]
[crypto]
[database]
connection = mysql+pymysql://nova:nova_dbpass@controller/nova
[devices]
[ephemeral_storage_encryption]
[filter_scheduler]
[glance]
api_servers = http://controller:9292
[guestfs]
[healthcheck]
[hyperv]
[ironic]
[key_manager]
[keystone]
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller01:11211,controller02:11211,controller03:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = nova_pass
[libvirt]
[matchmaker_redis]
[metrics]
[mks]
[neutron]
[notifications]
[osapi_v21]
[oslo_concurrency]
lock_path=/var/lib/nova/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_messaging_zmq]
[oslo_middleware]
[oslo_policy]
[pci]
[placement]
region_name = RegionTest
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:35357/v3
username = placement
password = placement_pass
[quota]
[rdp]
[remote_debug]
[scheduler]
[serial_console]
[service_user]
[spice]
[upgrade_levels]
[vault]
[vendordata_dynamic_auth]
[vmware]
[vnc]
enabled=true
server_listen=$my_ip
server_proxyclient_address=$my_ip
novncproxy_base_url=http://$my_ip:6080/vnc_auto.html
novncproxy_host=$my_ip
novncproxy_port=6080
[workarounds]
[wsgi]
[xenserver]
[xvp]

5. 配置00-nova-placement-api.conf

# 在全部控制节点操作，以controller01节点为例；
# 注意根据不同节点修改监听地址
[root@controller01 ~]# cp /etc/httpd/conf.d/00-nova-placement-api.conf /etc/httpd/conf.d/00-nova-placement-api.conf.bak
[root@controller01 ~]# sed -i "s/Listen\ 8778/Listen\ 172.30.200.31:8778/g" /etc/httpd/conf.d/00-nova-placement-api.conf
[root@controller01 ~]# sed -i "s/*:8778/172.30.200.31:8778/g" /etc/httpd/conf.d/00-nova-placement-api.conf
[root@controller01 ~]# echo "

#Placement API
<Directory /usr/bin>
   <IfVersion >= 2.4>
      Require all granted
   </IfVersion>
   <IfVersion < 2.4>
      Order allow,deny
      Allow from all
   </IfVersion>
</Directory>
" >> /etc/httpd/conf.d/00-nova-placement-api.conf

# 重启httpd服务，启动placement-api监听端口
[root@controller01 ~]# systemctl restart httpd

6. 同步nova相关数据库

1）同步nova相关数据库

# 任意控制节点操作；
# 同步nova-api数据库
[root@controller01 ~]# su -s /bin/sh -c "nova-manage api_db sync" nova

# 注册cell0数据库
[root@controller01 ~]# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova

# 创建cell1 cell
[root@controller01 ~]# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova

# 同步nova数据库；
# 忽略”deprecated”信息
[root@controller01 ~]# su -s /bin/sh -c "nova-manage db sync" nova

补充：

此版本在向数据库同步导入数据表时，报错：/usr/lib/python2.7/site-packages/oslo_db/sqlalchemy/enginefacade.py:332: NotSupportedWarning: Configuration option(s) ['use_tpool'] not supported

exception.NotSupportedWarning

解决方案如下：

bug：https://bugs.launchpad.net/nova/+bug/1746530

pacth：https://github.com/openstack/oslo.db/commit/c432d9e93884d6962592f6d19aaec3f8f66ac3a2

2）验证

# cell0与cell1注册正确
[root@controller01 ~]# nova-manage cell_v2 list_cells

# 查看数据表
[root@controller01 ~]# mysql -h controller01 -u nova -pnova_dbpass -e "use nova_api;show tables;"
[root@controller01 ~]# mysql -h controller01 -u nova -pnova_dbpass -e "use nova;show tables;"
[root@controller01 ~]# mysql -h controller01 -u nova -pnova_dbpass -e "use nova_cell0;show tables;"

7. 启动服务

# 在全部控制节点操作，以controller01节点为例；
# 开机启动
[root@controller01 ~]# systemctl enable openstack-nova-api.service \
  openstack-nova-consoleauth.service \
openstack-nova-scheduler.service \
openstack-nova-conductor.service \
openstack-nova-novncproxy.service

# 启动
[root@controller01 ~]# systemctl restart openstack-nova-api.service
[root@controller01 ~]# systemctl restart openstack-nova-consoleauth.service
[root@controller01 ~]# systemctl restart openstack-nova-scheduler.service
[root@controller01 ~]# systemctl restart openstack-nova-conductor.service
[root@controller01 ~]# systemctl restart openstack-nova-novncproxy.service

# 查看状态
[root@controller01 ~]# systemctl status openstack-nova-api.service \
openstack-nova-consoleauth.service \
openstack-nova-scheduler.service \
openstack-nova-conductor.service \
openstack-nova-novncproxy.service

# 查看端口
[root@controller01 ~]# netstat -tunlp | egrep '8774|8775|8778|6080'

8. 验证

[root@controller01 ~]# . admin-openrc

# 列出各服务组件，查看状态；
# 也可使用命令” nova service-list”
[root@controller01 ~]# openstack compute service list

# 展示api端点
[root@controller01 ~]# openstack catalog list

# 检查cell与placement api运行正常
[root@controller01 ~]# nova-status upgrade check

9. 设置pcs资源

# 在任意控制节点操作；
# 添加资源openstack-nova-api，openstack-nova-consoleauth，openstack-nova-scheduler，openstack-nova-conductor与openstack-nova-novncproxy
[root@controller01 ~]# pcs resource create openstack-nova-api systemd:openstack-nova-api --clone interleave=true
[root@controller01 ~]# pcs resource create openstack-nova-consoleauth systemd:openstack-nova-consoleauth --clone interleave=true
[root@controller01 ~]# pcs resource create openstack-nova-scheduler systemd:openstack-nova-scheduler --clone interleave=true
[root@controller01 ~]# pcs resource create openstack-nova-conductor systemd:openstack-nova-conductor --clone interleave=true
[root@controller01 ~]# pcs resource create openstack-nova-novncproxy systemd:openstack-nova-novncproxy --clone interleave=true

# 经验证，建议openstack-nova-api，openstack-nova-consoleauth，openstack-nova-conductor与openstack-nova-novncproxy 等无状态服务以active/active模式运行；
# openstack-nova-scheduler等服务以active/passive模式运行

# 查看pcs资源；
[root@controller01 ~]# pcs resource