本文详细介绍OpenStack Compute组件的安装与配置流程,包括Controller节点和Compute节点的配置步骤,以及如何验证安装的成功。
一、Compute介绍
在openstack架构中,compute组件通过identity对用户进行认证,通过image获取磁盘或映像文件,并可以让用户通过dashboard进行管理。能否获取image取决于项目或用户的权限,能够使用的配额则取决于每一个项目本身。当收到一个启动实例请求时,它会根据计算选择一个承载实例的节点,然后将image下载到本地后启动。
Compute由以下几个部分组成:
- nova-api service
接收并响应用户的compute API调用,发起任务并强制施加策略 - nova-api-metadata service
接收实例的metadata请求,通常在多节点并安装了nova-network中用到 - nova-compute service
使用hypervisor API创建或关闭虚拟机实例,包括:Xen、KVM或QEMU、VMware - nova-placement-api service
跟踪每个节点的资源清单和使用量 - nova-scheduler service
响应队列中虚拟机实例请求,并决定实例在哪个节点上启动 - nova-conductor module
nova-compute和database之间的调节器,不让nova-compute直接访问database,不要将此组件部署在有nova-compute服务的节点上 - nova-consoleauth daemon
给通过console代理的用户提供授权认证,前提是console代理程序必须处于运行状态 - nova-novncproxy daemon
为运行的实例提供一个vnc连接,支持基于浏览器的novnc客户端
9.nova-spicehtml5proxy daemon
为运行的实例提供一个spice连接,支持基于浏览器的html5客户端 - nova-xvpvncproxy daemon
为运行的实例提供一个vnc连接,支持基于浏览器的novnc客户端 - The queue
各进程之间的消息中间件,通常使用rabbitmq实现 - SQL database
存储基础架构中大部分的构建和运行状态,包括:可用实力类型、正在使用的实例、可用网络、项目
二、安装配置controller节点
准备工作
安装配置前,必须先创建数据库、服务凭证和API访问路径
- 创建数据库并授权
MariaDB [(none)]> create database nova_api; MariaDB [(none)]> create database nova; MariaDB [(none)]> create database nova_cell0;MariaDB [(none)]> grant all privileges on nova_api.* to 'nova'@'localhost' identified by 'password1!'; MariaDB [(none)]> grant all privileges on nova_api.* to 'nova'@'%' identified by 'password1!';MariaDB [(none)]> grant all privileges on nova.* to 'nova'@'localhost' identified by 'password1!'; MariaDB [(none)]> grant all privileges on nova.* to 'nova'@'%' identified by 'password1!';MariaDB [(none)]> grant all privileges on nova_cell0.* to 'nova'@'localhost' identified by 'password1!'; MariaDB [(none)]> grant all privileges on nova_cell0.* to 'nova'@'%' identified by 'password1!'; - 使用admin身份
[root@controller ~]# . admin-openrc - 创建compute服务
创建nova用户[root@controller ~]# openstack user create --domain default --password-prompt nova
给nova用户赋予admin权限[root@controller ~]# openstack role add --project service --user nova admin创建名为nova的compute服务
[root@controller ~]# openstack service create --name nova --description "OpenStack Compute" compute
创建compute服务API路径[root@controller ~]# openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1
[root@controller ~]# openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1
[root@controller ~]# openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1
- 创建placement服务
为placement服务创建一个用户[root@controller ~]# openstack user create --domain default --password-prompt placement
给server项目中的placement用户赋予管理员权限[root@controller ~]# openstack role add --project service --user placement admin创建placement服务
[root@controller ~]# openstack service create --name placement --description "Placement API" placement
创建placement服务API路径[root@controller ~]# openstack endpoint create --region RegionOne placement public http://controller:8778
[root@controller ~]# openstack endpoint create --region RegionOne placement internal http://controller:8778
[root@controller ~]# openstack endpoint create --region RegionOne placement admin http://controller:8778
安装配置
- 安装程序包
[root@controller ~]# yum install openstack-nova-api openstack-nova-conductor openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler openstack-nova-placement-api - 编辑 /etc/nova/nova.conf配置文件
启用compute和metadata API[DEFAULT] # ... enabled_apis = osapi_compute,metadata设置database访问路径
[api_database] # ... connection = mysql+pymysql://nova:password1!@controller/nova_api [database] # ... connection = mysql+pymysql://nova:password1!@controller/nova允许访问rabbitmq消息队列
[DEFAULT] # ... transport_url = rabbit://openstack:password1!@controller配置identity入口
[api] # ... auth_strategy = keystone [keystone_authtoken] # ... auth_url = http://controller:5000/v3 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = nova password = password1!使用管理地址设置my_ip变量
[DEFAULT] # ... my_ip = 192.168.80.10启用支持网络服务
[DEFAULT] # ... use_neutron = True firewall_driver = nova.virt.firewall.NoopFirewallDriver compute默认使用内部防火墙,由于网络服务包括防火墙,所以必须使用nova.virt.firewall.NoopFirewallDriver禁用内部防火墙使用管理地址设置vnc代理
[vnc] enabled = true # ... server_listen = $my_ip server_proxyclient_address = $my_ip设置image server的API路径
[glance] # ... api_servers = http://controller:9292设置锁路径
[oslo_concurrency] # ... lock_path = /var/lib/nova/tmp设置placement API路径
[placement] # ... os_region_name = RegionOne project_domain_name = Default project_name = service auth_type = password user_domain_name = Default auth_url = http://controller:5000/v3 username = placement password = password1!编辑/etc/httpd/conf.d/00-nova-placement-api.conf配置文件,添加以下内容
<Directory /usr/bin> <IfVersion >= 2.4> Require all granted </IfVersion> <IfVersion < 2.4> Order allow,deny Allow from all </IfVersion> </Directory>检查无误后重启httpd服务
[root@controller ~]# httpd -t [root@controller ~]# systemctl restart httpd - 初始化nova-api数据库并验证(忽略后面操作出中弹出的警告信息)
[root@controller ~]# su -s /bin/sh -c "nova-manage api_db sync" nova [root@controller ~]# mysql MariaDB [(none)]> show databases;
MariaDB [(none)]> use nova_api; MariaDB [nova_api]> show tables;
- 注册cell0数据库
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova - 创建cell1单元格
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova - 初始化nova数据库
[root@controller ~]# su -s /bin/sh -c "nova-manage db sync" nova MariaDB [(none)]> show databases;
MariaDB [(none)]> use nova; MariaDB [nova]> show tables;
- 验证nova cell 0和cell 1是否正确注册
[root@controller ~]# nova-manage cell_v2 list_cells
启动并设置服务自启
[root@controller ~]# systemctl enable openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
[root@controller ~]# systemctl start openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service 三、安装compute节点
安装配置组建
- 安装软件包
[root@compute1 ~]# yum install openstack-nova-compute - 修改配置文件
[root@compute1 ~]# vim /etc/nova/nova.conf[DEFAULT] # ... enabled_apis = osapi_compute,metadata transport_url = rabbit://openstack:password1!@controller my_ip = 172.16.80.20 use_neutron = True firewall_driver = nova.virt.firewall.NoopFirewallDriver [api] # ... auth_strategy = keystone [keystone_authtoken] # ... auth_url = http://controller:5000/v3 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = nova password = password1! [vnc] # ... enabled = True server_listen = 0.0.0.0 server_proxyclient_address = $my_ip novncproxy_base_url = http://controller:6080/vnc_auto.html [glance] # ... api_servers = http://controller:9292 [oslo_concurrency] # ... lock_path = /var/lib/nova/tmp [placement] # ... os_region_name = RegionOne project_domain_name = Default project_name = service auth_type = password user_domain_name = Default auth_url = http://controller:5000/v3 username = placement password = password1!完成安装
- 查看硬件是否支持虚拟化加速
[root@compute1 ~]# egrep -c '(vmx|svm)' /proc/cpuinfo如果结果显示的值大于等于1,则说明硬件支持虚拟化,否则将/etc/nova/nova.conf配置文件做以下修改
[libvirt] # ... virt_type = qemu - 启动服务
[root@compute1 ~]# systemctl enable libvirtd.service openstack-nova-compute.service [root@compute1 ~]# systemctl start libvirtd.service openstack-nova-compute.service将计算节点加入cell数据库
- 在controoler节点切换admin身份确认node节点在数据库中
[root@controller ~]# . admin-openrc [root@controller ~]# openstack compute service list --service nova-compute
- 搜索计算节点
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
后期加入新的计算节点仍需要进行搜索计算节点操作,或者在/etc/nova/nova.conf配置文件中设置周期性自动搜索[scheduler] discover_hosts_in_cells_interval = 300四、验证(controller节点操作)
- 切换admin身份验证服务是否启动
[root@controller ~]# . admin-openrc [root@controller ~]# openstack compute service list
- 查看endpoint API
[root@controller ~]# openstack catalog list
- 查看映像
[root@controller ~]# openstack image list
- 验证cell和placement API
[root@controller ~]# nova-status upgrade check
转载于:https://blog.51cto.com/arkling/2134723
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
