10.OpenStack块存储服务
添加块存储服务
安装和配置控制器节点
创建数据库
mysql -uroot -ptoyo123 CREATE DATABASE cinder; GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' \ IDENTIFIED BY 'toyo123'; GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' \ IDENTIFIED BY 'toyo123'; exit
创建服务凭据
source admin-openrc.sh keystone user-create --name cinder --pass Abcd1234 keystone user-role-add --user cinder --tenant service --role admin keystone service-create --name cinder --type volume \ --description "OpenStack Block Storage" keystone service-create --name cinderv2 --type volumev2 \ --description "OpenStack Block Storage" keystone endpoint-create \ --service-id $(keystone service-list | awk '/ volume / {print $2}') \ --publicurl http://controller:8776/v1/%\(tenant_id\)s \ --internalurl http://controller:8776/v1/%\(tenant_id\)s \ --adminurl http://controller:8776/v1/%\(tenant_id\)s \ --region regionOne keystone endpoint-create \ --service-id $(keystone service-list | awk '/ volumev2 / {print $2}') \ --publicurl http://controller:8776/v2/%\(tenant_id\)s \ --internalurl http://controller:8776/v2/%\(tenant_id\)s \ --adminurl http://controller:8776/v2/%\(tenant_id\)s \ --region regionOne
安装和配置块存储控制器组件
yum install -y openstack-cinder python-cinderclient python-oslo-db
编辑/etc/cinder/cinder.conf
mv /etc/cinder/cinder.conf /etc/cinder/cinder.conf_bak vim /etc/cinder/cinder.conf [database] connection = mysql://cinder:toyo123@controller/cinder [DEFAULT] my_ip = 192.168.116.8 rpc_backend = rabbit rabbit_host = controller rabbit_password = Abcd1234 auth_strategy = keystone verbose = True [keystone_authtoken] auth_uri = http://controller:5000/v2.0 identity_uri = http://controller:35357 admin_tenant_name = service admin_user = cinder admin_password = Abcd1234
完成安装
su -s /bin/sh -c "cinder-manage db sync" cinder systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service
安装和配置存储节点
安装LVM与启动lvm并设置为开机自启动
yum -y install lvm2 systemctl enable lvm2-lvmetad.service systemctl start lvm2-lvmetad.service
磁盘分区
fdisk /dev/sda n p Enter +100G t 8e w
检查分区信息是否写入内核(检测到了则不用添加)
cat /proc/partitions major minor #blocks name 8 0 488386584 sda 8 1 512000 sda1 8 2 104857600 sda2 8 3 4063232 sda3 partx -a /dev/sda5 /dev/sda cat /proc/partitions major minor #blocks name 8 0 488386584 sda 8 1 512000 sda1 8 2 104857600 sda2 8 3 4063232 sda3 8 5 104857600 sda5
建立lvm分区
pvcreate /dev/sda5 Physical volume "/dev/sda5" successfully created vgcreate cinder-volumes /dev/sda5 Volume group "cinder-volumes" successfully created
编辑/etc/lvm/lvm.conf
vim /etc/lvm/lvm.conf devices { filter = [ "a/sda/", "r/.*/"]
安装和配置块存储卷组件
yum install -y openstack-cinder targetcli python-oslo-db MySQL-python
编辑/etc/cinder/cinder.conf
mv /etc/cinder/cinder.conf /etc/cinder/cinder.conf_bak vim /etc/cinder/cinder.conf [database] connection = mysql://cinder:toyo123@controller/cinder [DEFAULT] rpc_backend = rabbit rabbit_host = controller rabbit_password = Abcd1234 uth_strategy = keystone my_ip = 192.168.116.8 glance_host = controller iscsi_helper = lioadm verbose = True [keystone_authtoken] auth_uri = http://controller:5000/v2.0 identity_uri = http://controller:35357 admin_tenant_name = service admin_user = cinder admin_password = Abcd1234
完成安装
systemctl enable openstack-cinder-volume.service target.service
systemctl start openstack-cinder-volume.service target.service
验证
source admin-openrc.sh cinder service-list
创建云磁盘
source demo-openrc.sh cinder create --display-name demo-volume1 1 cinder list
安装对象存储
安装和配置控制节点
创建身份服务凭据
source admin-openrc.sh keystone user-create --name swift --pass Abcd1234 keystone user-role-add --user swift --tenant service --role admin keystone service-create --name swift --type object-store \ --description "OpenStack Object Storage" keystone endpoint-create \ --service-id $(keystone service-list | awk '/ object-store / {print $2}') \ --publicurl 'http://controller:8080/v1/AUTH_%(tenant_id)s' \ --internalurl 'http://controller:8080/v1/AUTH_%(tenant_id)s' \ --adminurl http://controller:8080 \ --region regionOne
安装和配置控制器节点组件
yum install -y openstack-swift-proxy python-swiftclient python-keystone-auth-token \ python-keystonemiddleware memcached
下载并编辑proxy-server.conf
curl -o /etc/swift/proxy-server.conf \ https://raw.githubusercontent.com/openstack/swift/stable/juno/etc/proxy-server.conf-sample vim /etc/swift/proxy-server.conf [DEFAULT] bind_port = 8080 user = swift swift_dir = /etc/swift [pipeline:main] pipeline = authtoken cache healthcheck keystoneauth proxy-logging proxy-server [app:proxy-server] allow_account_management = true account_autocreate = true [filter:keystoneauth] use = egg:swift#keystoneauth operator_roles = admin,_member_ [filter:authtoken] paste.filter_factory = keystonemiddleware.auth_token:filter_factory auth_uri = http://controller:5000/v2.0 identity_uri = http://controller:35357 admin_tenant_name = service admin_user = swift admin_password = Abcd1234 delay_auth_decision = true [filter:cache] memcache_servers = 127.0.0.1:11211
安装和配置存储节点
安装xfsprog
yum install -y xfsprogs rsync
创建分区
fdisk /dev/sda n e ENTER ENTER n ENTER +100G N ENTER ENTER W cat /proc/partitions partx -a /dev/sda5 /dev/sda partx -a /dev/sda6 /dev/sda
格式化并创建挂载点目录
mkfs.xfs /dev/sda5 mkfs.xfs /dev/sda6 mkdir -p /srv/node/sda5 mkdir -p /srv/node/sda6
编辑 /etc/fstab
,并挂载
vim /etc/fstab /dev/sda5 /srv/node/sda5 xfs noatime,nodiratime,nobarrier,logbufs=8 0 2 /dev/sda6 /srv/node/sda6 xfs noatime,nodiratime,nobarrier,logbufs=8 0 2 mount /srv/node/sda5 mount /srv/node/sda6
编辑/etc/rsyncd.conf
mv /etc/rsyncd.conf /etc/rsyncd.conf_bak vim /etc/rsyncd.conf uid = swift gid = swift log file = /var/log/rsyncd.log pid file = /var/run/rsyncd.pid address =192.168.116.7 [account] max connections = 2 path = /srv/node/ read only = false lock file = /var/lock/account.lock [container] max connections = 2 path = /srv/node/ read only = false lock file = /var/lock/container.lock [object] max connections = 2 path = /srv/node/ read only = false lock file = /var/lock/object.lock
启动服务并配置为开机自启动
systemctl enable rsyncd.service
systemctl start rsyncd.service
安装和配置存储节点组件
yum install -y openstack-swift-account openstack-swift-container openstack-swift-object
下载配置文件
curl -o /etc/swift/account-server.conf \ https://raw.githubusercontent.com/openstack/swift/stable/juno/etc/account-server.conf-sample curl -o /etc/swift/container-server.conf \ https://raw.githubusercontent.com/openstack/swift/stable/juno/etc/container-server.conf-sample curl -o /etc/swift/object-server.conf \ https://raw.githubusercontent.com/openstack/swift/stable/juno/etc/object-server.conf-sample
编辑/etc/swift/account-server.conf
vim /etc/swift/account-server.conf [DEFAULT] bind_ip = 192.168.116.7 bind_port = 6002 user = swift swift_dir = /etc/swift devices = /srv/node [pipeline:main] pipeline = healthcheck recon account-server [filter:recon] recon_cache_path = /var/cache/swift
编辑/etc/swift/container-server.conf
vim /etc/swift/container-server.conf [DEFAULT] bind_ip = 192.168.116.7 bind_port = 6001 user = swift swift_dir = /etc/swift devices = /srv/node [pipeline:main] pipeline = healthcheck recon container-server [filter:recon] recon_cache_path = /var/cache/swift
编辑/etc/swift/object-server.conf
vim /etc/swift/object-server.conf [DEFAULT] bind_ip = 192.168.116.7 bind_port = 6000 user = swift swift_dir = /etc/swift devices = /srv/node [pipeline:main] pipeline = healthcheck recon object-server [filter:recon] recon_cache_path = /var/cache/swift
确保挂载点的目录拥有所有权,创建侦察
目录,并确保它的正确的所有权
chown -R swift:swift /srv/node mkdir -p /var/cache/swift chown -R swift:swift /var/cache/swift
创建账户环
cd /etc/swift swift-ring-builder account.builder create 10 3 1 swift-ring-builder account.builder \ add r1z1-192.168.116.7:6002/sda5 100 swift-ring-builder account.builder \ add r1z1-192.168.116.7:6002/sda6 100 swift-ring-builder account.builder \ add r1z1-192.168.116.10:6002/sda5 100 swift-ring-builder account.builder \ add r1z1-192.168.116.10:6002/sda6 100
平衡环
swift-ring-builder account.builder rebalance
验证
swift-ring-builder account.builder
创建容器环
cd /etc/swift swift-ring-builder container.builder create 10 3 1 swift-ring-builder container.builder \ add r1z1-192.168.116.7:6001/sda5 100 swift-ring-builder container.builder \ add r1z1-192.168.116.7:6001/sda6 100 swift-ring-builder container.builder \ add r1z1-192.168.116.10:6001/sda5 100 swift-ring-builder container.builder \ add r1z1-192.168.116.10:6001/sda6 100
创建环对象
cd /etc/swift swift-ring-builder object.builder create 10 3 1 swift-ring-builder object.builder \ add r1z1-192.168.116.7:6000/sda5 100 swift-ring-builder object.builder \ add r1z1-192.168.116.7:6000/sda6 100 swift-ring-builder object.builder \ add r1z1-192.168.116.10:6000/sda5 100 swift-ring-builder object.builder \ add r1z1-192.168.116.10:6000/sda6 100
平衡环
swift-ring-builder object.builder rebalance
验证
swift-ring-builder object.builder
将account.ring.gz, container.ring.gz, 和 object.ring.gz复制到节点存储服务器/etc/swift下
下载并编辑swift.conf,编辑完成后复制到每个存储节点与代理服务器上
curl -o /etc/swift/swift.conf \ https://raw.githubusercontent.com/openstack/swift/stable/juno/etc/swift.conf-sample vim /etc/swift/swift.conf [swift-hash] swift_hash_path_prefix = xrfuniounenqjnw swift_hash_path_suffix = fLIbertYgibbitZ [storage-policy:0] name = Policy-0 default = yes
修改目录拥有者并启动服务与配置开机自启动,每个存储节点与代理服务器一样操作
chown -R swift:swift /etc/swift systemctl enable openstack-swift-proxy.service memcached.service systemctl restart openstack-swift-proxy.service memcached.service
在存储节点,启动对象存储服务,并将其配置为开机自启动
systemctl enable openstack-swift-account.service openstack-swift-account-auditor.service \ openstack-swift-account-reaper.service openstack-swift-account-replicator.service systemctl enable openstack-swift-container.service openstack-swift-container-auditor.service \ openstack-swift-container-replicator.service openstack-swift-container-updater.service systemctl enable openstack-swift-object.service openstack-swift-object-auditor.service \ openstack-swift-object-replicator.service openstack-swift-object-updater.service swift-init all start
验证
source demo-openrc.sh swift stat Account: AUTH_2e6cfee73a0e42e3ad67affb9f042484 Containers: 0 Objects: 0 Bytes: 0 X-Put-Timestamp: 1431246736.74462 X-Timestamp: 1431246736.74462 X-Trans-Id: tx99c4c6fa0ade4314aec8d-00554f1790 Content-Type: text/plain; charset=utf-8