OpenStack计算服务是基础设施即服务(IaaS)系统的主要组成部分。OpenStack计算服务使用Keystone来执行其身份验证,使用Horizon作为其管理接口,并使用Glance提供其镜像服务。
一、OpenStack 计算服务包含的组件
图1.1. OpenStack Nova组件
二、OpenStack计算节点基本环境配置
1.配置主机名和网络信息
1.1配置主机名
|
1
2
|
root@compute1:~# vim /etc/hostname
compute1 |
1.2 配置IP地址
|
1
2
3
4
5
6
|
root@compute1:~# vim /etc/network/interfaces
auto eth0iface eth0 inet staticaddress 192.168.100.102netmask 255.255.255.0gateway 192.168.100.2 |
1.3 配置名称解析hosts
|
1
2
3
4
5
6
7
|
root@compute1:~# vim /etc/hosts
# controller192.168.100.100 controller# network192.168.100.101 network# compute1192.168.100.102 compute1 |
2.网络时间协议ntp
2.1 安装ntp服务器
|
1
|
root@compute1:~# apt-get install ntp
|
2.2 配置/etc/ntp.conf 服务
|
1
|
server controller iburst |
2.3重启ntp服务
|
1
|
root@compute1:~# /etc/init.d/ntp restart
|
3.系统升级更新
3.1 更新openstack 仓库源
|
1
2
3
|
root@compute1:~# apt-get install ubuntu-cloud-keyring
root@compute1:~# vim /etc/apt/sources.list.d/cloudarchive-kilo.list
deb http://ubuntu-cloud.archive.canonical.com/ubuntu trusty-updates/kilo main
|
3.2升级软件包,如果升级过程中包含内核的升级,需要重启服务器。
|
1
2
|
root@compute1:~# apt-get update
root@compute1:~# apt-get dist-upgrade
|
三、安装和配置控制节点
下面介绍如何在控制节点上面安装和配置计算服务,即Nova。下面所有的操作步骤在控制节点上面操作。在安装和配置计算服务之前,必须先创建数据库、服务证书和API。
1.1数据库配置
1)创建数据库
|
1
2
3
|
root@controller:~# mysql -uroot –p
MariaDB [(none)]> create database nova;Query OK, 1 row affected (0.01 sec) |
2)给数据库授权
|
1
2
3
4
5
6
7
8
|
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO'nova'@'localhost' IDENTIFIED BY 'sfzhang1109';
Query OK, 0 rows affected (0.16 sec) MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO'nova'@'%' IDENTIFIED BY 'sfzhang1109';
Query OK, 0 rows affected (0.00 sec)MariaDB [(none)]> flush privileges;Query OK, 0 rows affected (0.27 sec) |
3)退出数据库客户端
|
1
2
|
MariaDB [(none)]> exit
Bye |
1.2 导入admin身份凭证以便执行管理命令
|
1
|
root@controller:~# source admin-openrc.sh
|
1.3 创建服务证书
1)创建nova用户(密码:nova)
|
1
2
3
4
5
6
7
8
9
10
11
12
|
root@controller:~# openstack user create--password-prompt nova
User Password:Repeat User Password:+----------+----------------------------------+| Field |Value |+----------+----------------------------------+| email |None || enabled |True || id |44ccbfd3be744176b3650dc0eb24d5b8 |
| name |nova || username | nova |+----------+----------------------------------+ |
2)添加nova用户到admin角色
|
1
2
3
4
5
6
7
|
root@controller:~# openstack role add --project service --user nova admin
+-------+----------------------------------+|Field | Value |+-------+----------------------------------+|id | 05616505a61c4aa78f43fba9e60ba7fc |
|name | admin |+-------+----------------------------------+ |
3)创建nova服务实体
|
1
2
3
4
5
6
7
8
9
10
|
root@controller:~# openstack service create --name nova --description "OpenStackCompute" compute
+-------------+----------------------------------+|Field | Value |+-------------+----------------------------------+|description | OpenStack Compute ||enabled | True ||id |22b9948004934b169b0618c533e3a7e4 |
|name | nova ||type | compute |
+-------------+----------------------------------+ |
1.4创建nova服务的API endpoint
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
root@controller:~# openstack endpoint create \
--publicurlhttp://controller:8774/v2/%\(tenant_id\)s \
--internalurl http://controller:8774/v2/%\(tenant_id\)s\
--adminurlhttp://controller:8774/v2/%\(tenant_id\)s \
--region RegionOne \
compute
+--------------+-----------------------------------------+|Field | Value |+--------------+-----------------------------------------+|adminurl | ||id |027bc91642794be6b1880e03b8dd5a92 |
|internalurl | ||publicurl | ||region | RegionOne ||service_id |22b9948004934b169b0618c533e3a7e4 ||service_name | nova ||service_type | compute |+--------------+-----------------------------------------+ |
四、安装和配置计算控制节点组件
下面所有的操作步骤在控制节点上面操作。
1.安装软件包
|
1
2
|
root@controller:~# apt-get install nova-api nova-cert nova-conductor nova-consoleauth \
nova-novncproxy nova-scheduler python-novaclient
|
2.编辑nova配置文件/etc/nova/nova.conf
1)在[database]部分配置数据库访问
|
1
|
connection= mysql://nova:sfzhang1109@controller/nova
|
2)在[DEFAULT]和[oslo_messaging_rabbit]部分配置RabbitMQ消息队列访问
|
1
2
3
4
5
6
7
8
|
[DEFAULT]...rpc_backend = rabbit[oslo_messaging_rabbit]...rabbit_host = controllerrabbit_userid = openstackrabbit_password = 2015OS##
|
这里的密码为rabbitmqctl add_user命令添加openstack用户的密码
3) 在[DEFAULT]和[keystone_authtoken]部分配置身份认证服务
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
[DEFAULT]...auth_strategy= keystone[keystone_authtoken]...auth_uri= http://controller:5000
auth_url= http://controller:35357
auth_plugin= passwordproject_domain_id= defaultuser_domain_id= defaultproject_name= serviceusername= novapassword= nova |
4) 在[DEFAULT]部分配置控制节点网络IP地址
|
1
2
3
|
[DEFAULT]...my_ip= 192.168.100.100 |
5) 在[DEFAULT]部分配置 VNC代理以使用控制节点的网络地址
|
1
2
3
4
|
[DEFAULT]...vncserver_listen =192.168.100.100vncserver_proxyclient_address =192.168.100.100 |
6) 在[glance]部分配置镜像服务的位置
|
1
2
3
|
[glance]...host = controller |
7)在[oslo_concurrency]部分,配置lock路径
|
1
2
3
|
[oslo_concurrency]…lock_path= /var/lib/nova/tmp
|
8)在[DEFAULT]段中开启详细日志配置,为后期的故障排除提供帮助
|
1
2
3
4
|
[DEFAULT]...log_dir=/var/log/nova
verbose = True |
3.初始化nova数据库
|
1
2
3
|
root@controller:~# su -s /bin/sh -c "nova-manage dbsync" nova
2015-09-1814:09:42.462 5096 INFO migrate.versioning.api [-] 215 -> 216...… |
4.启动nova服务
|
1
2
3
4
5
6
|
root@controller:~# service nova-api restart
root@controller:~# service nova-cert restart
root@controller:~# service nova-consoleauth restart
root@controller:~# service nova-scheduler restart
root@controller:~# service nova-conductor restart
root@controller:~# service nova-novncproxy restart
|
5.默认会创建SQLite数据库,因为使用的是MYSQL数据库,因此要删除SQLite数据库文件
|
1
|
root@controller:~# rm -f /var/lib/nova/nova.sqlite
|
四、安装和配置计算节点
这部分描述如何在一个计算节点上面安装和配置compute服务。这个服务支持一些hypervisors来部署实例或者虚拟机。
1.安装compute hypervisor组件
|
1
|
root@compute1:~# apt-get install nova-compute sysfsutils
|
2.编辑/etc/nova/nova.conf配置文件
1)在[DEFAULT]和[oslo_messaging_rabbit]部分配置RabbitMQ消息队列访问
|
1
2
3
4
5
6
7
8
|
[DEFAULT]...rpc_backend = rabbit[oslo_messaging_rabbit]...rabbit_host = controllerrabbit_userid = openstackrabbit_password = 2015OS##
|
这里的密码为rabbitmqctl add_user命令添加openstack用户的密码
2)在[DEFAULT]和[keystone_authtoken]部分配置身份认证服务
|
1
2
3
4
5
6
7
8
9
10
11
12
13
|
[DEFAULT]...auth_strategy= keystone[keystone_authtoken]...auth_uri= http://controller:5000
auth_url= http://controller:35357
auth_plugin= passwordproject_domain_id= defaultuser_domain_id= defaultproject_name= serviceusername= novapassword= nova |
3) 在[DEFAULT]部分配置控制节点网络IP地址
|
1
2
3
|
[DEFAULT]...my_ip= 192.168.100.100 |
4) 在[DEFAULT]部分启用和配置remote console 访问
|
1
2
3
4
5
6
|
[DEFAULT]...vnc_enabled = Truevncserver_listen = 0.0.0.0vncserver_proxyclient_address = 192.168.100.102novncproxy_base_url = http://controller:6080/vnc_auto.html
|
5) 在[glance]部分配置镜像服务的位置
|
1
2
3
|
[glance]...host = controller |
6)在[oslo_concurrency]部分,配置lock路径
|
1
2
3
|
[oslo_concurrency]…lock_path= /var/lib/nova/tmp
|
7)在[DEFAULT]段中开启详细日志配置,为后期的故障排除提供帮助
|
1
2
3
4
|
[DEFAULT]...log_dir=/var/log/nova
verbose = True |
五、完成安装
1.验证计算机是否支持虚拟机硬件加速
|
1
2
|
root@controller:~# egrep -c '(vmx|svm)' /proc/cpuinfo
1 |
如果这个命令返回 1或更大的值,说明计算节点支持硬件加速,不需要进行额外的配置。
如果这个命令返回的是 0,说明计算节点不支持硬件加速,必须进行下面的设置。
|
1
2
3
4
5
|
设置libvirt使用QEMU 而不能使用KVM。编辑文件/etc/nova/nova-compute.conf在[libvirt]
[libvirt]...virt_type = qemu |
2.重启计算服务
|
1
|
root@compute1:~# service nova-compute restart
|
3.默认会创建SQLite数据库,因为使用的是MYSQL数据库,因此要删除SQLite数据库文件
|
1
|
root@compute1:~# rm -f /var/lib/nova/nova.sqlite
|
六、OpenStack 计算节点nova验证操作
注意:验证操作在控制节点上面进行。
1.执行admin身份凭证
|
1
|
root@controller:~# source admin-openrc.sh
|
2.列出服务组件来验证每个进程的成功创建和注册
下面显示四个服务在控制节点启用,一个服务在计算节点
|
1
2
3
4
5
6
7
8
9
10
|
root@controller:~# nova service-list
+----+------------------+------------+----------+---------+-------+----------------------------+-----------------+| Id | Binary | Host | Zone | Status | State | Updated_at | Disabled Reason |+----+------------------+------------+----------+---------+-------+----------------------------+-----------------+|1 | nova-cert | controller | internal | enabled | up | 2015-09-24T06:46:42.000000 | - ||2 | nova-consoleauth | controller |internal | enabled | up |2015-09-24T06:46:35.000000 | - ||3 | nova-scheduler | controller | internal | enabled | up | 2015-09-24T06:46:35.000000 | - ||4 | nova-conductor | controller | internal | enabled | up | 2015-09-24T06:46:35.000000 | - ||5 | nova-compute | compute1 | nova | enabled | up |2015-09-24T06:46:40.000000 | - |+----+------------------+------------+----------+---------+-------+----------------------------+-----------------+ |
3.列出API endpoints 在 Identity service核实身份验证连接服务
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
root@controller:~#nova endpoints
+-----------+----------------------------------+|keystone | Value |+-----------+----------------------------------+|id |2129b615198b4bcc8067b750a4edabb6 |
|interface | public ||region | RegionOne ||region_id | RegionOne ||url |http://controller:5000/v2.0 |
+-----------+----------------------------------++-----------+----------------------------------+|keystone | Value |+-----------+----------------------------------+|id |426dd482fcb14c2bb4f65edeb9e23b77 |
|interface | internal ||region | RegionOne ||region_id | RegionOne ||url |http://controller:5000/v2.0 |
+-----------+----------------------------------++-----------+----------------------------------+|keystone | Value |+-----------+----------------------------------+|id | 8b0de58ca9994bb8a4f576443ec92f9b |
|interface | admin ||region | RegionOne ||region_id | RegionOne ||url |http://controller:35357/v2.0 |
+-----------+----------------------------------++-----------+------------------------------------------------------------+|nova | Value |+-----------+------------------------------------------------------------+|id |5dd845c869994633a866cd8612cee27b |
|interface | admin ||region | RegionOne ||region_id | RegionOne ||url |http://controller:8774/v2/d04d4985d62f42e2af2ddc35f442ffd9 |
+-----------+------------------------------------------------------------++-----------+------------------------------------------------------------+|nova | Value |+-----------+------------------------------------------------------------+|id | adfbb3d19a504d3098757b6303818d8d |
|interface | public ||region | RegionOne ||region_id | RegionOne ||url |http://controller:8774/v2/d04d4985d62f42e2af2ddc35f442ffd9 |
+-----------+------------------------------------------------------------++-----------+------------------------------------------------------------+|nova | Value |+-----------+------------------------------------------------------------+|id |c05aa31990d948f0b44b5e6c5868c0cd |
|interface | internal ||region | RegionOne ||region_id | RegionOne ||url | |+-----------+------------------------------------------------------------++-----------+----------------------------------+|glance | Value |+-----------+----------------------------------+|id |74a9ff79e8a8430b9ed467e10465a93d |
|interface | public ||region | RegionOne ||region_id | RegionOne ||url | http://controller:9292 |
+-----------+----------------------------------++-----------+----------------------------------+|glance | Value |+-----------+----------------------------------+|id |c397966e81874832aaaef103ad7e2dff |
|interface | admin ||region | RegionOne ||region_id | RegionOne ||url | http://controller:9292 |
+-----------+----------------------------------++-----------+----------------------------------+|glance | Value |+-----------+----------------------------------+|id | f63ad1c91cdb43ed9841b91b4aa543e1 |
|interface | internal ||region | RegionOne ||region_id | RegionOne ||url | http://controller:9292 |
+-----------+----------------------------------+ |
4.列出镜像在 Image service 目录验证连接 Image service
|
1
2
3
4
5
6
|
root@controller:~#nova image-list
+--------------------------------------+---------------------+--------+--------+|ID |Name | Status | Server |+--------------------------------------+---------------------+--------+--------+|df54ff49-b167-4fed-987a-0ade3cbc9aca | cirros-0.3.4-x86_64 | ACTIVE | |+--------------------------------------+---------------------+--------+--------+ |
备注:
1)OpenStack官方文档:
http://docs.openstack.org/kilo/install-guide/install/apt/content/
2)控制节点nova.conf完整的配置文件
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
[DEFAULT]dhcpbridge_flagfile=/etc/nova/nova.conf
dhcpbridge=/usr/bin/nova-dhcpbridge
log_dir=/var/log/nova
state_path=/var/lib/nova
lock_path=/var/lock/nova
force_dhcp_release=Truelibvirt_use_virtio_for_bridges=Trueverbose=Trueec2_private_dns_show_ip=Trueapi_paste_config=/etc/nova/api-paste.ini
enabled_apis=ec2,osapi_compute,metadatarpc_backend = rabbitauth_strategy = keystonemy_ip = 192.168.100.100vncserver_listen = 192.168.100.100vncserver_proxyclient_address = 192.168.100.100[oslo_messaging_rabbit]rabbit_host = controllerrabbit_userid = openstackrabbit_password = 2015OS##
[database]connection = mysql://nova:sfzhang1109@controller/nova
[keystone_authtoken]auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = passwordproject_domain_id = defaultuser_domain_id = defaultproject_name = serviceusername = novapassword = nova[glance]host = controller[oslo_concurrency]lock_path = /var/lib/nova/tmp
|
3)计算节点nova.conf完整的配置文件
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
[DEFAULT]dhcpbridge_flagfile=/etc/nova/nova.conf
dhcpbridge=/usr/bin/nova-dhcpbridge
log_dir=/var/log/nova
state_path=/var/lib/nova
lock_path=/var/lock/nova
force_dhcp_release=Truelibvirt_use_virtio_for_bridges=Trueverbose=Trueec2_private_dns_show_ip=Trueapi_paste_config=/etc/nova/api-paste.ini
enabled_apis=ec2,osapi_compute,metadatarpc_backend = rabbitauth_strategy = keystonemy_ip = 192.168.100.100vnc_enabled = Truevncserver_listen = 0.0.0.0vncserver_proxyclient_address = 192.168.100.102novncproxy_base_url = [oslo_messaging_rabbit]rabbit_host = controllerrabbit_userid = openstackrabbit_password = 2015OS##
auth_strategy = keystone [keystone_authtoken]auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = passwordproject_domain_id = defaultuser_domain_id = defaultproject_name = serviceusername = novapassword = nova[glance]host = controller[oslo_concurrency]lock_path = /var/lib/nova/tmp
|
本文转自 sfzhang 51CTO博客,原文链接:http://blog.51cto.com/sfzhang88/1697866,如需转载请自行联系原作者