溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
這篇文章主要介紹了oVirt虛擬化平臺如何對接cinder-ceph,具有一定借鑒價值,感興趣的朋友可以參考下,希望大家閱讀完這篇文章之后大有收獲,下面讓小編帶著大家一起了解一下。
說明:
1. cinder配置按照openstack 官方文檔配置。
2. 將cinder-api cinder-scheduler cinder-volumes服務部署在一臺節點。
3. oVirt調用cinder是要注意keystone版本以及細節。
###############################openstack 基本環境############################
1.安裝openstack 包
1.1 啟用OpenStack庫
# yum install centos-release-openstack-mitaka
1.2 升級包
# yum upgrade
1.3 安裝 OpenStack 客戶端
# yum install python-openstackclient
# yum install openstack-selinux
2.安裝mariadb
2.1 安裝軟件包
# yum install mariadb mariadb-server python2-PyMySQL
2.2 修改配置
vim /etc/my.cnf.d/openstack.cnf
[mysqld]
bind-address = 192.168.0.230
default-storage-engine = innodb
innodb_file_per_table
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
# systemctl enable mariadb.service
# systemctl start mariadb.service
2.3 設置root密碼
# mysql_secure_installation
3.消息隊列
3.1 安裝包
# yum install rabbitmq-server
3.2 啟動消息隊列服務并將其配置為隨系統啟動
# systemctl enable rabbitmq-server.service
# systemctl start rabbitmq-server.service
3.3 添加 openstack 用戶
# rabbitmqctl add_user openstack pass1234
# rabbitmqctl set_permissions openstack ".*" ".*" ".*"
4.安裝memcached
4.1 安裝包
# yum install memcached python-memcached
(可能需要其他依賴libevent)
4.2 設置開機啟動
# systemctl enable memcached.service
# systemctl start memcached.service
####################以上部分為openstack基本環境要求#######################
####################openstack 認證服務環境################################
1.安裝與配置
1.1 創建keystone數據庫
# mysql -u root -p
# CREATE DATABASE keystone;
1.2 數據庫授權
# GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
IDENTIFIED BY 'KEYSTONE_DBPASS';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
IDENTIFIED BY 'KEYSTONE_DBPASS';
1.3 生成一個隨機值在初始的配置中作為管理員的令牌
# openssl rand -hex 10
1cc14ab18f01e6e33a2a
1.4 安裝keystone相關包
# yum install openstack-keystone httpd mod_wsgi
1.5 修改keystone配置
vim /etc/keystone/keystone.conf
[DEFAULT]
admin_token = 1cc14ab18f01e6e33a2a
[database]
connection = mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone
[token]
provider = fernet
1.6 初始化身份認證服務的數據庫
# su -s /bin/sh -c "keystone-manage db_sync" keystone
1.7 初始化Fernet keys
# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
1.8 配置Apache HTTP 服務器
# vim /etc/httpd/conf/httpd.conf
ServerName controller
1.9 創建wsgi-keystone.conf
# vim /etc/httpd/conf.d/wsgi-keystone.conf
Listen 5000
Listen 35357
<VirtualHost *:5000>
WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-public
WSGIScriptAlias / /usr/bin/keystone-wsgi-public
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
ErrorLogFormat "%{cu}t %M"
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
<Directory /usr/bin>
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:35357>
WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-admin
WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
ErrorLogFormat "%{cu}t %M"
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
<Directory /usr/bin>
Require all granted
</Directory>
</VirtualHost>
1.10 關閉selinux
# setenforce 0
1.11 配置hosts
# vim /etc/hosts
192.168.0.230 controller
1.11 啟動apache服務
# systemctl enable httpd.service
# systemctl start httpd.service
2 創建服務實體和API端點
2.1 配置環境變量
# export OS_TOKEN=1cc14ab18f01e6e33a2a
# export OS_URL=http://controller:35357/v3
# export OS_IDENTITY_API_VERSION=3
2.2 創建服務實體和API端點
2.2.1 創建服務實體和身份認證服務:
# openstack service create \
--name keystone --description "OpenStack Identity" identity
2.2.2 創建認證服務的 API 端點
# openstack endpoint create --region RegionOne \
identity public http://controller:5000/v3
# openstack endpoint create --region RegionOne \
identity internal http://controller:5000/v3
# openstack endpoint create --region RegionOne \
identity admin http://controller:35357/v3
3 創建域、項目、用戶和角色
3.1 創建域``default``:
# openstack domain create --description "Default Domain" default
3.2 創建管理的項目、用戶和角色
# openstack project create --domain default \
--description "Admin Project" admin
# openstack user create --domain default \
--password-prompt admin
# openstack role create admin
# openstack role add --project admin --user admin admin
4. 驗證操作
4.1 因為安全性的原因,關閉臨時認證令牌機制:
編輯 /etc/keystone/keystone-paste.ini 文件,從``[pipeline:public_api]``,[pipeline:admin_api]``和``[pipeline:api_v3]``部分刪除``admin_token_auth 。
重置``OS_TOKEN``和``OS_URL`` 環境變量:
# unset OS_TOKEN OS_URL
作為 admin 用戶,請求認證令牌:
# openstack --os-auth-url http://controller:35357/v3 \
--os-project-domain-name default --os-user-domain-name default \
--os-project-name admin --os-username admin token issue
5 創建 OpenStack 客戶端環境腳本
# vim admin-openrc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=ADMIN_PASS
export OS_AUTH_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
驗證:
# . admin-openrc
# openstack token issue
################################openstack塊存儲服務配置#####################
1 openstack 塊存儲服務配置
1.1 創建cinder數據庫
# mysql -u root -p
> CREATE DATABASE cinder;
1.2 數據庫授權
# GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' \
IDENTIFIED BY 'CINDER_DBPASS';
GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' \
IDENTIFIED BY 'CINDER_DBPASS';
1.3 獲得 admin 憑證來獲取只有管理員能執行的命令的訪問權限
# . admin-openrc
要創建服務證書,完成這些步驟
1.4 創建cinder用戶
# openstack user create --domain default --password-prompt cinder
# openstack role add --project admin --user cinder admin
1.5 創建 cinder 和 cinderv2 服務實體:
# openstack service create --name cinder \
--description "OpenStack Block Storage" volume
# openstack service create --name cinderv2 \
--description "OpenStack Block Storage" volumev2
1.6 創建塊存儲api入口
# openstack endpoint create --region RegionOne \
volume public http://controller:8776/v1/%\(tenant_id\)s
# openstack endpoint create --region RegionOne \
volume internal http://controller:8776/v1/%\(tenant_id\)s
# openstack endpoint create --region RegionOne \
volume admin http://controller:8776/v1/%\(tenant_id\)s
# openstack endpoint create --region RegionOne \
volumev2 public http://controller:8776/v2/%\(tenant_id\)s
# openstack endpoint create --region RegionOne \
volumev2 internal http://controller:8776/v2/%\(tenant_id\)s
# openstack endpoint create --region RegionOne \
volumev2 admin http://controller:8776/v2/%\(tenant_id\)s
1.7 cinder安裝并配置組件
1.7.1 安裝包
# yum install openstack-cinder
1.7.2 設置cinder.conf
# vim /etc/cinder/cinder.conf
[database]
connection = mysql+pymysql://cinder:CINDER_DBPASS@controller/cinder
[DEFAULT]
rpc_backend = rabbit
auth_strategy = keystone
my_ip = 10.0.0.11
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = RABBIT_PASS
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = admin
username = cinder
password = CINDER_PASS
[oslo_concurrency]
lock_path = /var/lib/cinder/tmp
說明:將 CINDER_PASS 替換為你在認證服務中為 cinder 用戶選擇的密碼。
在 [DEFAULT 部分,配置``my_ip`` 來使用控制節點的管理接口的IP 地址。
1.7.3 初始化塊設備服務的數據庫
# su -s /bin/sh -c "cinder-manage db sync" cinder
1.7.4 啟動cinder服務
# systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service
# systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service
1.7.8 配置hosts
# vim /etc/hosts
192.168.0.230 controller
####################配置ceph存儲后端#################################
1.1 創建pools
# ceph osd pool create volumes 128
# ceph osd pool create images 128
# ceph osd pool create backups 128
# ceph osd pool create vms 128
1.2 安裝ceph包
# yum install ceph-common
~~~~~如果此節點沒有ceph配置,需拷貝ceph.conf~~~~~~~~~~
1.3 創建cephx用戶
# ceph auth get-or-create client.cinder mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=volumes, allow rwx pool=vms, allow rwx pool=images'
1.4 創建本地配置
# ceph auth get-or-create client.cinder | sudo tee /etc/ceph/ceph.client.cinder.keyring
# ceph auth get-key client.cinder | tee client.cinder.key
1.5 創建secret-key(計算節點ovirt需要)
# uuidgen
457eb676-33da-42ec-9a8c-9293d545c337
# cat > secret.xml <<EOF
<secret ephemeral='no' private='no'>
<uuid>457eb676-33da-42ec-9a8c-9293d545c337</uuid>
<usage type='ceph'>
<name>client.cinder secret</name>
</usage>
</secret>
EOF
# sudo virsh secret-define --file secret.xml
Secret 457eb676-33da-42ec-9a8c-9293d545c337 created
#sudo virsh secret-set-value --secret 457eb676-33da-42ec-9a8c-9293d545c337 --base64 $(cat client.cinder.key) && rm client.cinder.key secret.xml
1.6 修改cinder.conf
# vi /etc/cinder/cinder.conf
[DEFAULT]
enabled_backends = ceph
[ceph]
volume_driver = cinder.volume.drivers.rbd.RBDDriver
volume_backend_name = ceph
rbd_pool = volumes
rbd_ceph_conf = /etc/ceph/ceph.conf
rbd_flatten_volume_from_snapshot = false
rbd_max_clone_depth = 5
rbd_store_chunk_size = 4
rados_connect_timeout = -1
glance_api_version = 2
rbd_user = cinder
rbd_secret_uuid = 457eb676-33da-42ec-9a8c-9293d545c337
# 1.7 啟動cinder-volume服務
# systemctl enable openstack-cinder-volume.service target.service
# systemctl start openstack-cinder-volume.service target.service
#########################################對接Ovirt虛擬平臺##################
1.1 ovirt-engin認證方式是keystone v2
# openstack domain list
+----------------------------------+---------+---------+----------------+
| ID | Name | Enabled | Description |
+----------------------------------+---------+---------+----------------+
| 0899c04522f94791afd9f3a73bc45bcd | default | True | Default Domain |
+----------------------------------+---------+---------+----------------+
# vim /etc/keystone/keystone.conf
[identity]
default_domain_id = 0899c04522f94791afd9f3a73bc45bcd
# su -s /bin/sh -c "keystone-manage --config-file /etc/keystone/keystone.conf db_sync" keystone
# systemctl restart httpd
1.2 cinder創建新的存儲類型
# cinder type-create ceph
# cinder type-key ceph set volume_backend_name=ceph
1.3 cinder默認卷個數修改
cinder quota-defaults default
cinder quota-usage default
cinder quota-update --volumes 100 --snapshots 100 --gigabytes 5000 default
cinder quota-class-update --volumes 100 --snapshots 100 --gigabytes 5000 default
#############################################################################
curl -i http://controller:35357/v2.0/tokens -X POST -H "Content-Type: application/json" -H "Accept: application/json" -H "User-Agent: python-cinderclient" -d '{"auth": {"tenantName": "admin", "passwordCredentials": {"username": "admin", "password": "pass1234"}}}'
感謝你能夠認真閱讀完這篇文章,希望小編分享的“oVirt虛擬化平臺如何對接cinder-ceph”這篇文章對大家有幫助,同時也希望大家多多支持億速云,關注億速云行業資訊頻道,更多相關知識等著你來學習!
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
