Openstack组件部署 — Nova_安装和配置Controller Node
目录
前文列表
Openstack组件部署 — Overview和前期环境准备
Openstack组建部署 — Environment of Controller Node
Openstack组件部署 — Keystone功能介绍与认证实现流程
Openstack组件部署 — Keystone Install & Create service entity and API endpoints
Openstack组件部署 — keystone(domain, projects, users, and roles)
Openstack组件实现原理 — Keystone认证功能
Openstack组建部署 — Glance Install
Openstack组件实现原理 — Glance架构(V1/V2)
Openstack组件部署 — Nova overview
Prerequisites 先决条件
Before you install and configure the Compute service, you must create databases, service credentials, and API endpoints.
在安装和被指Compute service之前,你必须先创建Compute service的数据库、服务证书和API Endpoints。
To create the databases
Use the database access client to connect to the database server as the root user:
使用root用户登录到MySQL
mysql -u root -pfanguijuCreate the nova_api and nova databases:
创建nova_api和nova两个数据库
MariaDB [(none)]> CREATE DATABASE nova_api;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> CREATE DATABASE nova;
Query OK, 1 row affected (0.00 sec)Grant proper access to the databases:
创建nova和nova_api数据库的用户nova,并授予nova用户对nova和nova_api数据库的完全控制权限。
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'fanguiju';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'fanguiju';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'fanguiju';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'fanguiju';Example:
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'fanguiju';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'fanguiju';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'fanguiju';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'fanguiju';
Query OK, 0 rows affected (0.00 sec)Exit the database access client
To create the service credentials
Source the admin credentials to gain access to admin-only CLI commands:
执行admin环境变量脚本
. admin-openrcCreate the nova user:
创建nova用户
[root@controller ~]# openstack user create --domain default --password-prompt nova
User Password:
Repeat User Password:
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | 011fbf8c04f1479ab1a4e49b019b22d1 |
| enabled | True |
| id | 90a93575ebff4311a919d91db888938c |
| name | nova |
+-----------+----------------------------------+Add the admin role to the nova user:
将Role admin添加到Project service中的User nova中
openstack role add --project service --user nova adminCreate the nova service entity:
创建nova服务实体
[root@controller ~]# openstack service create --name nova --description "OpenStack Compute" compute
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Compute |
| enabled | True |
| id | 3af0ba8834ad4d57ae4b88774e62358b |
| name | nova |
| type | compute |
+-------------+----------------------------------+Create the Compute service API endpoints
创建Compute service的API Endpoints
[root@controller ~]# openstack endpoint create --region RegionOne compute public http://controller.jmilk.com:8774/v2.1/%\(tenant_id\)s
+--------------+-----------------------------------------------------+
| Field | Value |
+--------------+-----------------------------------------------------+
| enabled | True |
| id | 1a96143b3d6d46fc8fe17a70043b6448 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 3af0ba8834ad4d57ae4b88774e62358b |
| service_name | nova |
| service_type | compute |
| url | http://controller.jmilk.com:8774/v2.1/%(tenant_id)s |
+--------------+-----------------------------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne compute internal http://controller.jmilk.com:8774/v2.1/%\(tenant_id\)s
+--------------+-----------------------------------------------------+
| Field | Value |
+--------------+-----------------------------------------------------+
| enabled | True |
| id | a2b2b6ebe6a3450dabdaf19d0ff00f97 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 3af0ba8834ad4d57ae4b88774e62358b |
| service_name | nova |
| service_type | compute |
| url | http://controller.jmilk.com:8774/v2.1/%(tenant_id)s |
+--------------+-----------------------------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne compute admin http://controller.jmilk.com:8774/v2.1/%\(tenant_id\)s
+--------------+-----------------------------------------------------+
| Field | Value |
+--------------+-----------------------------------------------------+
| enabled | True |
| id | 33d0c267549f4ecd89c0063ad16c41df |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 3af0ba8834ad4d57ae4b88774e62358b |
| service_name | nova |
| service_type | compute |
| url | http://controller.jmilk.com:8774/v2.1/%(tenant_id)s |
+--------------+-----------------------------------------------------+Install and configure components
Install the packages
yum install openstack-nova-api openstack-nova-conductor \
openstack-nova-console openstack-nova-novncproxy \
openstack-nova-scheduler -yEdit the /etc/nova/nova.conf file
In the [DEFAULT] section, enable only the compute and metadata APIs:
在[DEFAULT]节点中配置启用只允许compute和metadataAPIs
vim /etc/nova/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadataIn the [api_database] and [database] sections, configure database access:
配置连接到nova和nova_api数据库的访问协议
[api_database]
connection = mysql+pymysql://nova:fanguiju@controller.jmilk.com/nova_api
[database]
connection = mysql+pymysql://nova:fanguiju@controller.jmilk.com/novaIn the [DEFAULT] and [oslo_messaging_rabbit] sections, configure RabbitMQ message queue access:
配置RabbitMQ消息队列访问
[DEFAULT]
rpc_backend = rabbit
[oslo_messaging_rabbit]
rabbit_host = controller.jmilk.com
rabbit_userid = openstack
rabbit_password = fanguijuIn the [DEFAULT] and [keystone_authtoken] sections, configure Identity service access:
配置Identity service认证服务
[DEFAULT]
auth_strategy = keystone
[keystone_authtoken]
auth_uri = http://controller.jmilk.com:5000
auth_url = http://controller.jmilk.com:35357
memcached_servers = controller.jmilk.com:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = fanguijuNote:Comment out or remove any other options in the [keystone_authtoken] section.
注意:注释或删除所有在[keystone_authtoken]节点上的所有参数选项
In the [DEFAULT] section, configure the my_ip option to use the management interface IP address of the controller node:
配置my_ip选项为Controller Note上的管理接口IP(Controller Node Host IP)
[DEFAULT]
my_ip = 192.168.1.5In the [DEFAULT] section, enable support for the Networking service:
[DEFAULT]
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriverNote:By default, Compute uses an internal firewall driver. Since the Networking service includes a firewall driver, you must disable the Compute firewall driver by using the nova.virt.firewall.NoopFirewallDriver firewall driver.
注意:默认的,Compute会使用一个internal firewall driver。由于Networking service包含了一个firewall driver,所以你必须通过nova.virt.firewall.NoopFirewallDriver firewall driver来关闭这个Compute firewall driver
In the [vnc] section, configure the VNC proxy to use the management interface IP address of the controller node:
配置VNCdialing service使用Controller Node的管理接口IP(Controller Node Host IP)
[vnc]
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ipIn the [glance] section, configure the location of the Image service API:
配置Image service API的URL
[glance]
api_servers = http://controller.jmilk.com:9292In the [oslo_concurrency]* section, configure the lock path:*
[oslo_concurrency]
lock_path = /var/lib/nova/tmp总览:
[root@controller ~]# cat /etc/nova/nova.conf | grep -v ^$ | grep -v ^#
[DEFAULT]
auth_strategy = keystone
rpc_backend = rabbit
my_ip = 192.168.1.5
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
enabled_apis=osapi_compute,metadata
[api_database]
connection = mysql+pymysql://nova:fanguiju@controller.jmilk.com/nova_api
[barbican]
[cache]
[cells]
[cinder]
[conductor]
[cors]
[cors.subdomain]
[database]
connection = mysql+pymysql://nova:fanguiju@controller.jmilk.com/nova
[ephemeral_storage_encryption]
[glance]
api_servers = http://controller.jmilk.com:9292
[guestfs]
[hyperv]
[image_file_url]
[ironic]
[keymgr]
[keystone_authtoken]
auth_uri = http://controller.jmilk.com:5000
auth_url = http://controller.jmilk.com:35357
memcached_servers = controller.jmilk.com:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = fanguiju
[libvirt]
[matchmaker_redis]
[metrics]
[neutron]
[osapi_v21]
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[oslo_messaging_amqp]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
rabbit_host = controller.jmilk.com
rabbit_userid = openstack
rabbit_password = fanguiju
[oslo_middleware]
[oslo_policy]
[rdp]
[serial_console]
[spice]
[ssl]
[trusted_computing]
[upgrade_levels]
[vmware]
[vnc]
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ip
[workarounds]
[xenserver]Populate the Compute databases
初始化Compute service的nova和nova_api数据库
su -s /bin/sh -c "nova-manage api_db sync" nova
su -s /bin/sh -c "nova-manage db sync" novaExample:
[root@controller ~]# su -s /bin/sh -c "nova-manage api_db sync" nova
[root@controller ~]# su -s /bin/sh -c "nova-manage db sync" nova
/usr/lib/python2.7/site-packages/pymysql/cursors.py:146: Warning: Duplicate index 'block_device_mapping_instance_uuid_virtual_name_device_name_idx' defined on the table 'nova.block_device_mapping'. This is deprecated and will be disallowed in a future release.
result = self._query(query)
/usr/lib/python2.7/site-packages/pymysql/cursors.py:146: Warning: Duplicate index 'uniq_instances0uuid' defined on the table 'nova.instances'. This is deprecated and will be disallowed in a future release.
result = self._query(query)Note:Ignore any deprecation messages in this output.
注意:忽略所有无效输出信息
查看是否成功创建nova和nova_api数据库:
MariaDB [nova]> use nova
Database changed
MariaDB [nova]> show tables;
+--------------------------------------------+
| Tables_in_nova |
+--------------------------------------------+
| agent_builds |
| aggregate_hosts |
| aggregate_metadata |
| aggregates |
| allocations |
| block_device_mapping |
| bw_usage_cache |
| cells |
| certificates |
| compute_nodes |
| console_pools |
| consoles |
| dns_domains |
| fixed_ips |
| floating_ips |
| instance_actions |
| instance_actions_events |
| instance_extra |
| instance_faults |
| instance_group_member |
| instance_group_policy |
| instance_groups |
| instance_id_mappings |
| instance_info_caches |
| instance_metadata |
| instance_system_metadata |
| instance_type_extra_specs |
| instance_type_projects |
| instance_types |
| instances |
| inventories |
| key_pairs |
| migrate_version |
| migrations |
| networks |
| pci_devices |
| project_user_quotas |
| provider_fw_rules |
| quota_classes |
| quota_usages |
| quotas |
| reservations |
| resource_provider_aggregates |
| resource_providers |
| s3_images |
| security_group_default_rules |
| security_group_instance_association |
| security_group_rules |
| security_groups |
| services |
| shadow_agent_builds |
| shadow_aggregate_hosts |
| shadow_aggregate_metadata |
| shadow_aggregates |
| shadow_block_device_mapping |
| shadow_bw_usage_cache |
| shadow_cells |
| shadow_certificates |
| shadow_compute_nodes |
| shadow_console_pools |
| shadow_consoles |
| shadow_dns_domains |
| shadow_fixed_ips |
| shadow_floating_ips |
| shadow_instance_actions |
| shadow_instance_actions_events |
| shadow_instance_extra |
| shadow_instance_faults |
| shadow_instance_group_member |
| shadow_instance_group_policy |
| shadow_instance_groups |
| shadow_instance_id_mappings |
| shadow_instance_info_caches |
| shadow_instance_metadata |
| shadow_instance_system_metadata |
| shadow_instance_type_extra_specs |
| shadow_instance_type_projects |
| shadow_instance_types |
| shadow_instances |
| shadow_key_pairs |
| shadow_migrate_version |
| shadow_migrations |
| shadow_networks |
| shadow_pci_devices |
| shadow_project_user_quotas |
| shadow_provider_fw_rules |
| shadow_quota_classes |
| shadow_quota_usages |
| shadow_quotas |
| shadow_reservations |
| shadow_s3_images |
| shadow_security_group_default_rules |
| shadow_security_group_instance_association |
| shadow_security_group_rules |
| shadow_security_groups |
| shadow_services |
| shadow_snapshot_id_mappings |
| shadow_snapshots |
| shadow_task_log |
| shadow_virtual_interfaces |
| shadow_volume_id_mappings |
| shadow_volume_usage_cache |
| snapshot_id_mappings |
| snapshots |
| tags |
| task_log |
| virtual_interfaces |
| volume_id_mappings |
| volume_usage_cache |
+--------------------------------------------+
109 rows in set (0.00 sec)
MariaDB [nova]> use nova_api
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
MariaDB [nova_api]> show tables;
+--------------------+
| Tables_in_nova_api |
+--------------------+
| build_requests |
| cell_mappings |
| flavor_extra_specs |
| flavor_projects |
| flavors |
| host_mappings |
| instance_mappings |
| migrate_version |
| request_specs |
+--------------------+
9 rows in set (0.00 sec)Finalize installation
启动Compute service并配置开机自动启动服务
systemctl enable openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
systemctl start openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.serviceOpenstack组件部署 — Nova_安装和配置Controller Node的更多相关文章
- Openstack组件部署 — Networking service_安装并配置Controller Node
目录 目录 前文列表 前提条件 网络环境 完成下面的步骤以创建数据库 创建service credentials服务凭证 创建Neutron的API Endpoints 配置自服务网络 安装网络组件 ...
- Openstack组件部署 — Nova_Install and configure a compute node
目录 目录 前文列表 Prerequisites 先决条件 Install and configure a compute node Install the packages Edit the etc ...
- Openstack组件部署 — Networking service_Compute Node
目录 目录 前文列表 安装组件 配置通用组件 配置自服务网络选项 配置Linux 桥接代理 配置Nova使用网络 完成安装 验证操作Execute following commands on Cont ...
- Openstack组件部署 — Netwotking service组件介绍与网络基本概念
目录 目录 前文列表 Openstack Networking serivce 基本的Neutron概念 Neutron的抽象对象 网络networks 子网subnets 路由器routers 端口 ...
- Openstack组件部署 — Keystone Install & Create service entity and API endpoints
目录 目录 前文列表 Install and configure Prerequisites 先决条件 Create the database for identity service 生成一个随机数 ...
- Openstack组件部署 — keystone(domain, projects, users, and roles)
目录 目录 前文列表 Create a domain projects users and roles domain projects users and roles的意义和作用 Create the ...
- Openstack组件部署 — Keystone功能介绍与认证实现流程
目录 目录 前文列表 Keystone认证服务 Keystone认证服务中的概念 Keystone的验证过程 简单来说 前文列表 Openstack组件部署 - Overview和前期环境准备 Ope ...
- Openstack组件部署 — Nova overview
目录 目录 前文列表 前言 Compute service overview Nova 的组件 nova-api service nova-api-metadata service nova-comp ...
- 三、安装并配置Kubernetes Node节点
1. 安装并配置Kubernetes Node节点 1.1 安装Kubernetes Node节点所需服务 yum -y install kubernetes 通过yum安装kubernetes服 ...
随机推荐
- 查看静态库(.lib)和动态库(.dll)的导出函数的信息 error LNK2001: 无法解析的外部符号 _Delete
转自VC错误:http://www.vcerror.com/?p=1381 在window下查看动态库的导出函数可以用vs自带的Dependenc工具: 查看静态库的信息要用命令行来实现: 首先运行V ...
- Linux v4l2编程(摄像头信息采集)
基于Linux3.4.2,自己做一点儿视频信息采集及网络传输的小实验,边做边学,一些基础知识同步整理..... 1. 定义 V4L2(Video For Linux Two) 是内核提供给应用程序访问 ...
- 60、saleforce的future方法
测试future方法的异步执行 public with sharing class FutureSample { //future在自己线程中运行,直到资源可用才运行 @future public s ...
- jquery实现的ajax
<%@ page language="java" contentType="text/html; charset=ISO-8859-1" pageEnco ...
- Nginx网络架构实战学习笔记(三):nginx gzip压缩提升网站速度、expires缓存提升网站负载、反向代理实现nginx+apache动静分离、nginx实现负载均衡
文章目录 nginx gzip压缩提升网站速度 expires缓存提升网站负载 反向代理实现nginx+apache动静分离 nginx实现负载均衡 nginx gzip压缩提升网站速度 网页内容的压 ...
- 爬虫(四)—— 使用pyecharts展示数据
pyecharts模块 pyecharts可以将数据形象的在页面中用图表显示 一.安装 pip install pyecharts 二.使用 import pyecharts # 创建一个页面 pag ...
- Visual Studio 2013创建并运行Cocos2d-x工程
| 版权声明:本文为博主原创文章,未经博主允许不得转载. 1.准备: 我们得先把Visual Studio 2013安装好:可以去MSDN官网下载,在安装好 2.安装好vs之后,在cmd(终端)创 ...
- Arcpy 遍历每一个要素新建要素类
#方法一:cursor= arcpy.da.SearchCursor(aim_fc,["OID@","SHAPE@"]) for row in cursor: ...
- iptables 防火墙(下)
iptables 防火墙(下) 1. 常见的隐含匹配条件: 1.1 端口匹配: --sport 源端口.--dport 目的端口 1.2 TCP标记匹配: -tcp-flags 检查范围被设置的标记 ...
- CSP 2019 模板整合
qwq以下都为9.24后写的模板 namespace IO{ const int S = 1 << 20; char I[S + 1], *Is = I, *It = I, O[S + 1 ...