6.1 Nava說明
6.1.1 Nava是啥
OpenStack 是由 Rackspace 和 NASA 共同開發(fā)的云計算平臺
類似 Amazon EC2 和 S3 的云基礎架構服務
Nava 在 OpenStack 中提供云計算服務
6.1.2 組件說明
-
API
-
nova-api service
接收并相應終端用戶計算API調(diào)用寒矿;
該服務支持 OpenStack 計算 API,Amazon EC2 和特殊的管理特權 API;
-
nova-api-metadata service
接受從實例元數(shù)據(jù)發(fā)來的請求障陶;
該服務通常與 nova-network 服務在安裝多主機模式下運行真屯;
-
-
Core
-
nova-compute service
一個守護進程曾棕,通過虛擬化層 API 接口創(chuàng)建和終止虛擬機實例陋守;
例如:XenAPI for XenServer/XCP橘原, libvirt for KVM or QEMU, VMwareAPI for VMware郁妈;
-
nova-scheduler service
從隊列中獲取虛擬機請求實例浑玛,并確認由哪臺計算機運行該虛擬機;
負責虛擬機創(chuàng)建時候的噩咪,宿主機負載判斷顾彰;
-
nova-conductor module
協(xié)調(diào) nova-compute 服務和 database 之間的交互數(shù)據(jù);
避免 nova-compute 服務直接訪問云數(shù)據(jù)庫胃碾;
不要將該模塊部署在 nova-compute 運行的節(jié)點上涨享;
-
-
Networking
-
nova-network worker daemon
類似于 nova-conpute 服務,接受來自隊列的網(wǎng)絡任務和操控網(wǎng)絡仆百;
比如這只網(wǎng)卡橋接或改變iptables規(guī)則厕隧;
-
nova-consoleauth daemon
在控制臺代理提供用戶授權令牌;
-
nova-novncproxy daemon
提供了一個通過VNC連接來訪問運行的虛擬機實例的代理儒旬;
支持基于瀏覽器的 novnc 客戶端栏账;
-
nova-spicehtml5proxy daemon
提供了一個通過spice連接老訪問運行的虛擬機實例的代理;
支持基于瀏覽器的 HTML5 客戶端栈源;
-
nova-xvpnvncproxy daemon
提供了一個通過VNC連接來訪問運行的虛擬機實例的代理挡爵;
支持 OpenStack-Specific Java客戶端;
-
nova-cert daemon
x509 證書
-
-
Othor
-
nova-objectstore daemon
一個 Amazon S3 的接口甚垦,用于將 Amazon S3 的鏡像注冊到 OpenStack euca2ools client 用于兼容 Amazon E2 接口的命令行工具茶鹃;
-
nova client
nova 命令行工具;
-
The queue
在進程之間傳遞消息的隊列艰亮;
通常使用RabbitMQ闭翩;
-
SQL database
保存云計算基礎設置,建立和運行時的狀態(tài)信息迄埃;
-
6.2 部署 Nova Controller
在Controller節(jié)點部署疗韵;
6.2.1 創(chuàng)建 Nova Controller 數(shù)據(jù)庫
mysql -uroot -p
CREATE DATABASE nova_api;
CREATE DATABASE nova;
CREATE DATABASE nova_cell0;
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'nova';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'nova';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'nova';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'nova';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY 'nova';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY 'nova';
FLUSH PRIVILEGES;
6.2.2 創(chuàng)建Nova Controller用戶
加載
admin憑證,來獲取管理員命令的執(zhí)行權限
source admin-openrc
創(chuàng)建
nova用戶
openstack user create --domain default --password-prompt nova
User Password:nova
Repeat User Password:nova
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | c373a827b3f243f7a7e00ff172170cb1 |
| name | nova |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
給
nova用戶分配admin角色侄非,并加入到service項目
openstack role add --project service --user nova admin
創(chuàng)建
nova服務
openstack service create --name nova --description "OpenStack Compute" compute
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Compute |
| enabled | True |
| id | 4319f9d4c8b34fc09a066de1171d0c1e |
| name | nova |
| type | compute |
+-------------+----------------------------------+
創(chuàng)建
novaAPI 端點
openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 73777313e28a48758b50d4e279c0bb83 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 4319f9d4c8b34fc09a066de1171d0c1e |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+--------------+----------------------------------+
openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 9b5e6398e7ff4d92aa81e48e5201a574 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 4319f9d4c8b34fc09a066de1171d0c1e |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+--------------+----------------------------------+
openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | b1c1874e043b491ca87f98bbd103e2b2 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 4319f9d4c8b34fc09a066de1171d0c1e |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+--------------+----------------------------------+
6.2.3 安裝配置 Nova Controller
yum install -y openstack-nova-api openstack-nova-conductor \
openstack-nova-novncproxy openstack-nova-scheduler
# 配置nova
vim /etc/nova/nova.conf
配置 compute 和 metadata APIs
[DEFAULT]
enabled_apis=osapi_compute,metadata
配置數(shù)據(jù)連接
[api_database]
connection = mysql+pymysql://nova:nova@controller.alec.com/nova_api
[database]
connection = mysql+pymysql://nova:nova@controller.alec.com/nova
配置RabbitMQ (如果RabbitMQ和Nova Controller不在同一節(jié)點蕉汪,不能使用RabbitMQ的guest用戶)
[DEFAULT]
transport_url = rabbit://alec:alec@controller:5672/
配置認證服務訪問
[api]
auth_strategy = keystone
[keystone_authtoken]
www_authenticate_uri = http://controller:5000/
auth_url = http://controller:5000/
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = nova
配置管理IP
[DEFAULT]
my_ip=192.168.136.11
配置Neutron (裝好Neutron后再配置,后面再說逞怨,這里先不改)
[neutron]
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron
配置vnc代理
[vnc]
enabled = true
server_listen = $my_ip
server_proxyclient_address = $my_ip
配置Glance API
[glance]
api_servers = http://controller:9292
配置鎖路徑
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
配置Placement(略過者疤,只做記錄)
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = placement
6.2.4 初始化數(shù)據(jù)庫
# 初始化 nava_api 數(shù)據(jù)庫
su -s /bin/sh -c "nova-manage api_db sync" nova
# 注冊 cell0 數(shù)據(jù)庫
su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
# 創(chuàng)建 cell1 單元
su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
fb8e991a-8c1b-4b73-9802-3fb125cf6335
# 初始化 nava 數(shù)據(jù)庫
su -s /bin/sh -c "nova-manage db sync" nova
# 驗證 cell0 和 cell1 是否正確注冊
su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova
+-------+--------------------------------------+-------------------------------------+----------------------------------------------------------+
| 名稱 | UUID | Transport URL | 數(shù)據(jù)庫連接 |
+-------+--------------------------------------+-------------------------------------+----------------------------------------------------------+
| cell0 | 00000000-0000-0000-0000-000000000000 | none:/ | mysql+pymysql://nova:****@controller.alec.com/nova_cell0 |
| cell1 | fb8e991a-8c1b-4b73-9802-3fb125cf6335 | rabbit://alec:****@controller:5672/ | mysql+pymysql://nova:****@controller.alec.com/nova |
+-------+--------------------------------------+-------------------------------------+----------------------------------------------------------+
6.2.5 啟動服務
systemctl start openstack-nova-api
systemctl start openstack-nova-scheduler
systemctl start openstack-nova-conductor
systemctl start openstack-nova-novncproxy
systemctl enable openstack-nova-api
systemctl enable openstack-nova-scheduler
systemctl enable openstack-nova-conductor
systemctl enable openstack-nova-novncproxy
6.3 部署 Nova Compute
在Compute節(jié)點部署
6.3.1 安裝配置Nova Compute
yum install -y openstack-nova-compute
# 解決qemu-kvm-rhev依賴,在/etc/yum.repos.d/Centos-7.repo1追加virt源
# 會安裝qemu-kvm-ev
[virt]
name=centosvirt
baseurl=https://mirrors.aliyun.com/centos/$releasever/virt/$basearch/kvm-common/
gpgcheck=0
enabled=1
配置 compute 和 metadata APIs
[DEFAULT]
enabled_apis=osapi_compute,metadata
配置RabbitMQ (如果RabbitMQ和Nova Controller不在同一節(jié)點叠赦,不能使用RabbitMQ的guest用戶)
[DEFAULT]
transport_url = rabbit://alec:alec@controller:5672/
配置認證服務訪問
[api]
auth_strategy = keystone
[keystone_authtoken]
www_authenticate_uri = http://controller:5000/
auth_url = http://controller:5000/
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = nova
配置管理IP (配置為compute節(jié)點的管理網(wǎng)絡IP)
[DEFAULT]
my_ip=192.168.136.13
配置Neutron (裝好Neutron后再配置驹马,后面再說)
[neutron]
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron
配置vnc代理
[vnc]
enabled = true
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://controller:6080/vnc_auto.html
配置Glance服務
[glance]
api_servers = http://controller:9292
配置 lock path
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
配置Placement
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = placement
配置虛擬類型
# 確定conpute節(jié)點是否支持硬件加速
egrep -c '(vmx|svm)' /proc/cpuinfo
# 如果命令返回 1 或者 greater 可以略過這個配置;
# 如果返回 0,說明不支持硬件加速糯累,需要配置libvirtd使用 qemu 而不是 kvm算利;
[libvirt]
virt_type = qemu
6.3.2 啟動服務
systemctl start libvirtd openstack-nova-compute
systemctl enable libvirtd openstack-nova-compute
6.4 添加計算節(jié)點到單元數(shù)據(jù)庫中(controller節(jié)點執(zhí)行)
加載
admin憑證
source admin-openrc
確認數(shù)據(jù)庫中計算節(jié)點的主機
openstack compute service list --service nova-compute
發(fā)現(xiàn)計算節(jié)點主機
su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
Found 2 cell mappings.
Skipping cell0 since it does not contain hosts.
Getting computes from cell 'cell1': fb8e991a-8c1b-4b73-9802-3fb125cf6335
Found 0 unmapped computes in cell: fb8e991a-8c1b-4b73-9802-3fb125cf6335
查看節(jié)點加入信息
openstack compute service list
+----+----------------+------------+----------+---------+-------+----------------------------+
| ID | Binary | Host | Zone | Status | State | Updated At |
+----+----------------+------------+----------+---------+-------+----------------------------+
| 4 | nova-scheduler | controller | internal | enabled | up | 2020-07-18T18:08:30.000000 |
| 5 | nova-conductor | controller | internal | enabled | up | 2020-07-18T18:08:33.000000 |
| 6 | nova-compute | compute | nova | enabled | up | 2020-07-18T18:08:25.000000 |
+----+----------------+------------+----------+---------+-------+----------------------------+
6.5 服務驗證
加載
admin憑證
source admin-openrc
查看節(jié)點信息
openstack compute service list
+----+----------------+------------+----------+---------+-------+----------------------------+
| ID | Binary | Host | Zone | Status | State | Updated At |
+----+----------------+------------+----------+---------+-------+----------------------------+
| 4 | nova-scheduler | controller | internal | enabled | up | 2020-07-18T18:08:30.000000 |
| 5 | nova-conductor | controller | internal | enabled | up | 2020-07-18T18:08:33.000000 |
| 6 | nova-compute | compute | nova | enabled | up | 2020-07-18T18:08:25.000000 |
+----+----------------+------------+----------+---------+-------+----------------------------+
在認證服務中列出所有的API端點
+-----------+-----------+-----------------------------------------+
| Name | Type | Endpoints |
+-----------+-----------+-----------------------------------------+
| nova | compute | RegionOne |
| | | public: http://controller:8774/v2.1 |
| | | RegionOne |
| | | internal: http://controller:8774/v2.1 |
| | | RegionOne |
| | | admin: http://controller:8774/v2.1 |
| | | |
| keystone | identity | RegionOne |
| | | public: http://controller:5000/v3/ |
| | | RegionOne |
| | | internal: http://controller:5000/v3/ |
| | | RegionOne |
| | | admin: http://controller:5000/v3/ |
| | | |
| glance | image | RegionOne |
| | | admin: http://controller:9292 |
| | | RegionOne |
| | | internal: http://controller:9292 |
| | | RegionOne |
| | | public: http://controller:9292 |
| | | |
| placement | placement | RegionOne |
| | | admin: http://controller:8778 |
| | | RegionOne |
| | | internal: http://controller:8778 |
| | | RegionOne |
| | | public: http://controller:8778 |
| | | |
+-----------+-----------+-----------------------------------------+
檢查 cell 和 Placement API 是否正常
nova-status upgrade check
+-------------------------------+
| 升級檢查結果 |
+-------------------------------+
| 檢查: Cells v2 |
| 結果: 成功 |
| 詳情: None |
+-------------------------------+
| 檢查: Placement API |
| 結果: 成功 |
| 詳情: None |
+-------------------------------+
| 檢查: Resource Providers |
| 結果: 成功 |
| 詳情: None |
+-------------------------------+
| 檢查: Ironic Flavor Migration |
| 結果: 成功 |
| 詳情: None |
+-------------------------------+
| 檢查: API Service Version |
| 結果: 成功 |
| 詳情: None |
+-------------------------------+
