OpenStack创建Cinder块存储服务
一、基础知识
块存储服务(cinder)为实例提供块存储。存储的分配和消耗是由块存储驱动器,或者多后端配置的驱动器决定的。还有很多驱动程序可用:NAS/SAN,NFS,LVM,Ceph等。
cinder本身并不提供存储,只是一个管理存储的工具。
http://docs.qstack.com.cn/mitaka/zh_CN/install-guide-rdo/common/get_started_block_storage.html
常用模块:
cinder-api:接受API请求,并将其路由到cinder-volume执行。即接收和响应外部有关块存储请求。
cinder-volume:提供存储空间。与块存储服务和例如cinder-scheduler的进程进行直接交互。它也可以与这些进程通过一个消息队列进行交互。cinder-volume服务响应送到块存储服务的读写请求来维持状态。它也可以和多种存储提供者在驱动架构下进行交互。
cinder-scheduler守护进程:选择最优存储提供节点来创建卷。其与nova-scheduler组件类似。即调度器,决定将要分配的空间由哪一个cinder-volume提供。
cinder-backup守护进程:备份卷。cinder-backup服务提供任何种类备份卷到一个备份存储提供者。就像cinder-volume服务,它与多种存储提供者在驱动架构下进行交互。
消息队列:在块存储的进程之间路由信息。
控制节点上安装和配置块设备存储服务
二、创建流程
a、数据库创库授权
[root@controller ~]# mysql -uroot -p123456
MariaDB [(none)]> CREATE DATABASE cinder;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY 'CINDER_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY 'CINDER_DBPASS';
b、在keystone创建系统用户关联角色
创建 cinder用户:openstack user create --domain default --password CINDER_PASS cinder
给cinder 用户添加 admin 角色:openstack role add --project service --user cinder admin
c、在keystone上创建服务和注册api
需要创建两个服务实体volume和volumev2,为了兼容。
创建 cinder 服务实体:
[root@controller ~]# openstack service create --name cinder --description "OpenStack Block Storage" volume
[root@controller ~]# openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2
创建cinder服务 API 端点 :
[root@controller ~]# openstack endpoint create --region RegionOne volume public http://controller:8776/v1/%\(tenant_id\)s
[root@controller ~]# openstack endpoint create --region RegionOne volume internal http://controller:8776/v1/%\(tenant_id\)s
[root@controller ~]# openstack endpoint create --region RegionOne volume admin http://controller:8776/v1/%\(tenant_id\)s
[root@controller ~]# openstack endpoint create --region RegionOne volumev2 public http://controller:8776/v2/%\(tenant_id\)s
[root@controller ~]# openstack endpoint create --region RegionOne volumev2 internal http://controller:8776/v2/%\(tenant_id\)s
[root@controller ~]# openstack endpoint create --region RegionOne volumev2 admin http://controller:8776/v2/%\(tenant_id\)s
d、安装服务相应软件
[root@controller ~]# yum install openstack-cinder -y
[root@controller ~]# yum provides cinder
e、修改相应服务的配置文件
[root@controller ~]# cp /etc/cinder/cinder.conf{,.bak}
[root@controller ~]# grep -Ev '^$|#' /etc/cinder/cinder.conf.bak >/etc/cinder/cinder.conf
a.在 [database] 部分,配置数据库访问
b.在 [DEFAULT]和 [oslo_messaging_rabbit]部分,配置 “RabbitMQ” 消息队列访问
c.在 “[DEFAULT]” 和 “[keystone_authtoken]” 部分,配置认证服务访问
d.在 [DEFAULT 部分,配置``my_ip`` 来使用控制节点的管理接口的IP 地址
e.在 [oslo_concurrency] 部分,配置锁路径
[root@controller ~]# openstack-config --set /etc/cinder/cinder.conf DEFAULT rpc_backend rabbit
[root@controller ~]# openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
[root@controller ~]# openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip 192.168.23.130
[root@controller ~]# openstack-config --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:CINDER_DBPASS@controller/cinder
[root@controller ~]# openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_uri http://controller:5000
[root@controller ~]# openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://controller:35357
[root@controller ~]# openstack-config --set /etc/cinder/cinder.conf keystone_authtoken memcached_servers controller:11211
[root@controller ~]# openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_type password
[root@controller ~]# openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_name default
[root@controller ~]# openstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_name default
[root@controller ~]# openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name service
[root@controller ~]# openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder
[root@controller ~]# openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password CINDER_PASS
[root@controller ~]# openstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp
[root@controller ~]# openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_host controller
[root@controller ~]# openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_userid openstack
[root@controller ~]# openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_password RABBIT_PASS
配置计算服务(在控制节点),使用块设备存储:重启的nova-api服务
openstack-config --set /etc/nova/nova.conf cinder os_region_name RegionOne
同步数据库(初始化块设备服务的数据库):
[root@controller ~]# su -s /bin/sh -c "cinder-manage db sync" cinder
[root@controller ~]# mysql -uroot -p123456 cinder
f、重启计算API 服务
[root@controller ~]# systemctl restart openstack-nova-api.service
启动块设备存储服务,并将其配置为开机自启:
[root@controller ~]# systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service
[root@controller ~]# systemctl status openstack-cinder-api.service openstack-cinder-scheduler.service | grep -i active
cinder list #列出所有的volumes
cinder service-list #列出所有的服务
cinder type-list #列出所有volume类型
cinder show
cinder delete
这种报错,看下密码是不是正确
[root@controller ~]# cinder service-list
ERROR: Service Unavailable (HTTP 503)
[root@controller ~]# openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password CINDER_PASS
[root@controller ~]#openstack user create --domain default --password CINDER_PASS cinder 创建 cinder用户,这两个密码一样
三、创建硬盘向实例提供卷
前提创建两块硬盘,一个5G,一个10G或者一个硬盘也行,在VMware中,点击计算节点硬盘--添加
a、安装LVM包
[root@compute ~]#yum install lvm2 -y
[root@compute ~]# systemctl enable lvm2-lvmetad.service
[root@compute ~]# systemctl start lvm2-lvmetad.service
[root@compute ~]# systemctl status lvm2-lvmetad.service | grep -i active
由于挂载了5G和10G但是执行fdisk -l发现没有,需要让系统重新扫描下
Linux系统添加一块新硬盘不想重启就可以加载磁盘的话执行echo '- - -' >/sys/class/scsi_host/host0/scan或者直接重启虚机
echo '- - -' > scan
'- - -' 代表channel,target和LUN编号。以上命令会导致hba4下所有channel,target以及可见LUN被扫描。
[root@compute ~]# du -sh /sys/class/scsi_host/host0/scan
0 /sys/class/scsi_host/host0/scan
[root@compute ~]# echo '- - -' >/sys/class/scsi_host/host0/scan
[root@compute ~]# fdisk -l
c、创建LVM 物理卷
[root@compute ~]# pvcreate /dev/sdb /dev/sdc
[root@compute ~]# pvdisplay
[root@compute ~]# pvs
d、创建 LVM 卷组
创建卷组(VG),并将PV加入到卷组中通过 vgcreate 命令:vgcreate 卷组名 /dev/sdb /dev/sdc 。块存储服务会在这个卷组中创建逻辑卷
[root@compute ~]# vgcreate cinder-ssd /dev/sdb
[root@compute ~]# vgcreate cinder-sata /dev/sdc
[root@compute ~]# vgs
e、编辑/etc/lvm/lvm.conf配置文件
只有实例可以访问块存储卷组。不过,底层的操作系统管理这些设备并将其与卷关联。默认情况下,LVM卷扫描工具会扫描``/dev`` 目录,查找包含卷的块存储设备。如果项目在他们的卷上使用LVM,扫描工具检测到这些卷时会尝试缓存它们,可能会在底层操作系统和项目卷上产生各种问题。您必须重新配置LVM,让它只扫描包含``cinder-volume``卷组的设备。编辑``/etc/lvm/lvm.conf``文件并完成下面的操作:
http://docs.qstack.com.cn/mitaka/zh_CN/install-guide-rdo/cinder-storage-install.html
-
在``devices``部分,添加一个过滤器,只接受``/dev/sdb``设备,拒绝其他所有设备
重新配置LVM,让它只扫描包含``cinder-volume``卷组的设备,即131行下插入一行,只允许实例使用sdb\sdc
[root@compute ~]# cp /etc/lvm/lvm.conf{,.bak}
[root@compute ~]# vim /etc/lvm/lvm.conf
[root@compute ~]# grep -n 'sdb' /etc/lvm/lvm.conf
f、安装配置组件-安装软件包
[root@compute ~]# yum install openstack-cinder targetcli python-keystone -y
http://docs.qstack.com.cn/mitaka/zh_CN/install-guide-rdo/cinder-storage-install.html
[root@compute ~]# cp /etc/cinder/cinder.conf{,.bak}
[root@compute ~]# grep -Ev '^$|#' /etc/cinder/cinder.conf.bak >/etc/cinder/cinder.conf
[root@compute ~]# vim /etc/cinder/cinder.conf
[DEFAULT] rpc_backend = rabbit auth_strategy = keystone my_ip = 192.168.23.130 glance_api_servers = http://controller:9292 enabled_backends = ssd,sata [BACKEND] [BRCD_FABRIC_EXAMPLE] [CISCO_FABRIC_EXAMPLE] [COORDINATION] [FC-ZONE-MANAGER] [KEYMGR] [cors] [cors.subdomain] [database] connection = mysql+pymysql://cinder:CINDER_DBPASS@controller/cinder [keystone_authtoken] auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = cinder password = CINDER_PASS [matchmaker_redis] [oslo_concurrency] lock_path = /var/lib/cinder/tmp [oslo_messaging_amqp] [oslo_messaging_notifications] [oslo_messaging_rabbit] rabbit_host = controller rabbit_userid = openstack rabbit_password = RABBIT_PASS [oslo_middleware] [oslo_policy] [oslo_reports] [oslo_versionedobjects] [ssl] [ssd] volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver volume_group = cinder-ssd iscsi_protocol = iscsi iscsi_helper = lioadm volume_backend_name = ssd [sata] volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver volume_group = cinder-sata iscsi_protocol = iscsi iscsi_helper = lioadm volume_backend_name = sata
启动块存储卷服务及其依赖的服务,并将其配置为随系统启动
[root@compute ~]# systemctl enable openstack-cinder-volume.service target.service
[root@compute ~]# systemctl start openstack-cinder-volume.service target.service
验证:在控制节点查看下:
[root@controller ~]# cinder service-list
在web界面创卷,挂载到实例中:
http://192.168.23.131/dashboard/project/volumes/
上述创卷成功,在计算节点去看下
接下来挂载到实例中:
