openstack-12补充

openstack

openstack-12补充

配额优化虚拟机动态调整自动部署

quto相关配置

查看当前配额

[root@controller1 ~]# neutron quota-show admin
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
+---------------------+-------+
| Field               | Value |
+---------------------+-------+
| floatingip          | 50    |
| network             | 100   |
| port                | 500   |
| rbac_policy         | 10    |
| router              | 10    |
| security_group      | 10    |
| security_group_rule | 100   |
| subnet              | 100   |
| subnetpool          | -1    |
+---------------------+-------+

web端修改项目配额

查看openstack配置文件是否开启配额限制

vim /etc/openstack-dashboard/local_settings
OPENSTACK_NEUTRON_NETWORK = {
...
'enable_quotas': True,
...

选择一个项目对配额进行修改

openstack

修改控制端

neutron.conf
[quotas]
quota_network = 10
quota_subnet = 10
quota_port = 5000
quota_driver = neutron.db.quota.driver.DbQuotaDriver
quota_router = 10
quota_floatingip = 1000
quota_security_group = 10
quota_security_group_rule = 100


systemctl restart openstack-nova-api.service neutron-server.service \
neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service

修改计算节点

[quotas]
quota_network = 10
quota_subnet = 10
quota_port = 5000
quota_driver = neutron.db.quota.driver.DbQuotaDriver
quota_router = 10
quota_floatingip = 1000
quota_security_group = 10
quota_security_group_rule = 100

 systemctl restart neutron-linuxbridge-agent

openstack相关优化

配置虚拟机自启动

控制端和计算节点的/etc/nova/nova.conf 进行以下配置：

resume_guests_state_on_host_boot=true

配置 CPU 超限使用：

默认为 16，即允许开启 16 倍于物理 CPU 的虚拟 CPU 个数。

cpu_allocation_ratio=16

配置内存超限使用：

配置允许 1.2 倍于物理内存的虚拟内存(在LINUX系统下内存满了系统会自动杀掉占用内存最大的进程)

ram_allocation_ratio=1.2

配置硬盘超限使用：

磁盘尽量不要超限，可能会导致数据出现丢失

disk_allocation_ratio=1.0

配置保留磁盘空间：

即会预留一部分磁盘空间给系统使用

reserved_host_disk_mb=20480

配置预留内存给系统使用：

预留一定的内存给系统使用

reserved_host_memory_mb=4096

实现实例CPU、内存与磁盘动态调整

#yum install python-pip
#pip install--upgrade pip

openstack核心优化配置

[root@node ~]# cat /etc/my.cnf.d/openstack.cnf 
[mysqld]
bind-address = 192.168.10.254

default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8

max_allowed_packet = 500M
wait timeout=2880000
interactive timeout = 2880000
net read timeout = 600
net write timeout = 600

配置虚拟机类型动态调整

实现虚拟机夸宿主机漂移

vim /etc/nova/nova.conf

allow_resize_to_same_host=true
baremetal_enabled_filters=RetryFilter,AvailabilityZoneFilter,ComputeFilter,ComputeCapabilitiesFi
lter,ImagePropertiesFilter,ExactRamFilter,ExactDiskFilter,ExactCoreFilter

各计算节点配置 nova 用户:

将 shell 改为/bin/bash

# usermod nova -s /bin/bash

配置 nova 登录密码：

# echo xxxx | passwd --stdin nova

切换至 nova 用户获取秘钥：

bash-4.2$ ssh-keygen -t rsa -P '' -f ~/.ssh/id_dsa >/dev/null 2>&1

然后将秘钥相互 copy 至各个计算节点：

bash-4.2$ ssh-copy-id -i .ssh/id_dsa.pub nova@x.x.x.x
bash-4.2$ ssh 10.20.119.25 #必须确认可以正常登录到对对端节点

脚本部署openstack

install-openstack-computer

install-openstack-computer
#!/bin/bash
DIR=`pwd`
NOVA_FILE="nova-computer.tar.gz"
NEUTRON_FILE="neutron-computer.tar.gz"
YUM_FILE="yum.tar.gz"

echo "配置本地yum源"
rm -rf /etc/yum.repos.d/*
tar xvf ${DIR}/${YUM_FILE} -C /etc/yum.repos.d/
yum install -y  https://rdoproject.org/repos/rdo-release.rpm
yum install -y  centos-release-openstack-ocata
echo "yum源设置完成,开始安装基础命令、nova和neutron服务" && sleep 1
echo "配置内核参数和系统优化" && sleep 1
cat ${DIR}/limits.conf > /etc/security/limits.conf
cat ${DIR}/sysctl.conf > /etc/sysctl.conf
cat ${DIR}/profile     > /etc/profile

echo "系统优化完成，开始安装基础命令" && sleep 1
yum install -y vim wget tree  lrzsz gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel openssl openssl-devel iproute net-tools iotop ntpdate

echo "安装nova服务" && sleep 1
yum install openstack-nova-compute   -y

echo "安装neutron 服务" && sleep 
yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables  -y

echo "与ntp服务器同步系统时间" && sleep 1
/usr/sbin/ntpdate  time3.aliyun.com && hwclock --systohc
echo "当前系统时间",`date "+%Y年%m月%d日 %H点%M分%S秒"`
echo "设置时间定时同步" && sleep 1
echo "*/30 * * * *  /usr/sbin/ntpdate time3.aliyun.com && hwclock --systohc > /dev/null 2>&1" >> /var/spool/cron/root
systemctl  restart crond

echo "nova配置文件" && sleep 1
tar xvf nova-computer.tar.gz  -C /etc/nova/
echo "替换nova配置文件中IP地址" && sleep 1
HOST_IP=`ifconfig  bond0 | grep inet | head -n1 | awk  '{print $2}'`
echo "当前计算节点服务器IP为 ${HOST_IP},即将写入nova配置文件" && sleep 1
sed -i "s/vncserver_proxyclient_address = 192.168.10.203/vncserver_proxyclient_address = ${HOST_IP}/g" /etc/nova/nova.conf
echo "启动nova服务"
systemctl enable libvirtd.service openstack-nova-compute.service
systemctl start libvirtd.service openstack-nova-compute.service
echo "启动nova服务启动完成!" && sleep 1

echo "neutron服务配置" && sleep 1
tar xvf neutron-computer.tar.gz  -C /etc/neutron/
echo "启动neutron服务"
systemctl start openstack-nova-compute.service  neutron-linuxbridge-agent.service
systemctl enable openstack-nova-compute.service  neutron-linuxbridge-agent.service

echo "计算节点安装完成,请查看相关日志或在OpenStack 管理界面确认计算服务是否自动添加" 

shutdown  -r +1 "系统将在1分钟后成重启，以让内核参数和优化参数生效"

文件

sysctl.conf

# Controls source route verification
net.ipv4.conf.default.rp_filter = 1
net.ipv4.ip_nonlocal_bind = 1
net.ipv4.ip_forward = 1

# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0

# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0

# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multi-threaded applications.
kernel.core_uses_pid = 1

# Controls the use of TCP syncookies
net.ipv4.tcp_syncookies = 1

# Disable netfilter on bridges.
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0

# Controls the default maxmimum size of a mesage queue
kernel.msgmnb = 65536

# # Controls the maximum size of a message, in bytes
kernel.msgmax = 65536

# Controls the maximum shared segment size, in bytes
kernel.shmmax = 68719476736

# # Controls the maximum number of shared memory segments, in pages
kernel.shmall = 4294967296




# TCP kernel paramater
net.ipv4.tcp_mem = 786432 1048576 1572864
net.ipv4.tcp_rmem = 4096        87380   4194304
net.ipv4.tcp_wmem = 4096        16384   4194304
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_sack = 1

# socket buffer
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.core.somaxconn = 20480
net.core.optmem_max = 81920


# TCP conn
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_syn_retries = 3
net.ipv4.tcp_retries1 = 3
net.ipv4.tcp_retries2 = 15

# tcp conn reuse
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 1


net.ipv4.tcp_max_tw_buckets = 20000
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_timestamps = 1 #?
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syncookies = 1

# keepalive conn
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_keepalive_probes = 3
net.ipv4.ip_local_port_range = 10001    65000

# swap
vm.overcommit_memory = 0
vm.swappiness = 10

#net.ipv4.conf.eth1.rp_filter = 0
#net.ipv4.conf.lo.arp_ignore = 1
#net.ipv4.conf.lo.arp_announce = 2
#net.ipv4.conf.all.arp_ignore = 1
#net.ipv4.conf.all.arp_announce = 2

limits.conf

*                soft    core            unlimited
*                hard    core            unlimited
*	         soft    nproc           1000000
*	         hard    nproc           1000000
*	         soft    nofile          1000000
*                hard    nofile          1000000
*                soft    memlock         32000
*                hard    memlock         32000
*                soft    msgqueue        8192000
*                hard    msgqueue        8192000

neutron-computer.tar nova-computer.tar yum.tar
nova neutron相关的配置可参考之前的笔记

补充，虚拟机资源不够用以下两项步骤没有操作
1、实现haproxy+keepalived服务架构访问及关闭安全组
2、实现LVS-DR模式

#!/bin/sh
#LVS DR 模式初始化脚本
LVS_VIP=192.168.10.88
source /etc/rc.d/init.d/functions
case "$1" in
start)
/sbin/ifconfig lo:0 $LVS_VIP netmask 255.255.255.255 broadcast $LVS_VIP
/sbin/route add -host $LVS_VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "RealServer Start OK"
;;
stop)
/sbin/ifconfig lo:0 down
/sbin/route del $LVS_VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
 echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0

posted @ 2019-09-27 09:28 Final233 阅读(502) 评论(0) 编辑收藏举报

刷新页面返回顶部

Final

openstack-12补充

openstack-12补充

quto相关配置

查看当前配额

web端修改项目配额

选择一个项目对配额进行修改

openstack相关优化

配置虚拟机自启动

配置 CPU 超限使用：

配置内存超限使用：

配置硬盘超限使用：

配置保留磁盘空间：

配置预留内存给系统使用：

实现实例CPU、内存与磁盘动态调整

openstack核心优化配置

配置虚拟机类型动态调整

实现虚拟机夸宿主机漂移

各计算节点配置 nova 用户:

配置 nova 登录密码：

切换至 nova 用户获取秘钥：

然后将秘钥相互 copy 至各个计算节点：

脚本部署openstack

install-openstack-computer

文件

limits.conf

公告