openstack-5computer(计算服务)

openstack-5computer(计算服务)

Compute service overview

nova 是 openstack 最早的组件之一,nova 分为控制节点和计算节点,计算节点通过 nova
computer 进行虚拟机创建,通过 libvirt 调用 kvm 创建虚拟机,nova 之间通信通过 rabbitMQ
队列进行通信,其组件和功能如下:
API:负责接收和响应外部请求。
Scheduler:负责调度虚拟机所在的物理机。
Conductor:计算节点访问数据库的中间件。
Consoleauth:用于控制台的授权认证。
Novncproxy:VNC 代理,用于显示虚拟机操作终端。
官 方 部 署 文 档 : https://docs.openstack.org/ocata/zh_CN/install-guide-rdo/common/get-started-compute.html

Nova-API 的功能:
Nova-api 组件实现了 restful API 的功能,接收和响应来自最终用户的计算 API 请求,接收外
部的请求并通过 message queue 将请求发动给其他服务组件,同时也兼容 EC2 API,所以也
可以使用 EC2 的管理工具对 nova 进行日常管理。
nova scheduler:
nova scheduler 模块在 openstack 中的作用是决策虚拟机创建在哪个主机(计算节点)上。决
策一个虚拟机应该调度到某物理节点,需要分为两个步骤:
过滤(filter),过滤出可以创建虚拟机的主机
计算权值(weight),根据权重大进行分配,默认根据资源可用空间进行权重排序

安装并配置控制节点

先决条件

CREATE DATABASE nova_api;
CREATE DATABASE nova;
CREATE DATABASE nova_cell0;

GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'novapass';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'novapass';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY 'novapass';

创建 nova 用户

[root@controller1 ~]# openstack user create --domain default --password-prompt nova
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | 0a8f301960df4c76bea868524707efe8 |
| enabled             | True                             |
| id                  | ed1cadb4e6bb472b9a5dd331c449d993 |
| name                | nova                             |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+

给 nova 用户添加 admin 角色

openstack role add --project service --user nova admin

创建 nova 服务并注册
创建 nova 服务

[root@controller1 ~]# openstack service create --name nova --description "OpenStack Compute" compute
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Compute                |
| enabled     | True                             |
| id          | d60f94f3e6fe4b5d9205d159a66631c7 |
| name        | nova                             |
| type        | compute                          |
+-------------+----------------------------------+

创建公共端点

[root@controller1 ~]#  openstack endpoint create --region RegionOne compute public http://192.168.10.233:8774/v2.1
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 5c36c94914ea460694609149a3ad3667 |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | d60f94f3e6fe4b5d9205d159a66631c7 |
| service_name | nova                             |
| service_type | compute                          |
| url          | http://192.168.10.233:8774/v2.1  |
+--------------+----------------------------------+

创建私有端点

[root@controller1 ~]#   openstack endpoint create --region RegionOne compute internal http://192.168.10.233:8774/v2.1
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 61bdc8e2d3934920b28323ff60cbad97 |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | d60f94f3e6fe4b5d9205d159a66631c7 |
| service_name | nova                             |
| service_type | compute                          |
| url          | http://192.168.10.233:8774/v2.1  |
+--------------+----------------------------------+

创建管理端点

[root@controller1 ~]#    openstack endpoint create --region RegionOne compute admin http://192.168.10.233:8774/v2.1
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 4ff439ff3feb41cbb63cc6d78f29901e |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | d60f94f3e6fe4b5d9205d159a66631c7 |
| service_name | nova                             |
| service_type | compute                          |
| url          | http://192.168.10.233:8774/v2.1  |
+--------------+----------------------------------+

创建一个Placement服务用户

[root@controller1 ~]# openstack user create --domain default --password-prompt placement
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | 0a8f301960df4c76bea868524707efe8 |
| enabled             | True                             |
| id                  | b89dd2bfd4a3413aa30889080fdbbf83 |
| name                | placement                        |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+

使用admin角色将Placement用户添加到服务项目:

openstack role add --project service --user placement admin

在服务目录中创建Placement APl条目:

openstack service create --name placement --description "Placement API" placement

创建Placement APl服务端点

openstack endpoint create --region RegionOne placement public http://192.168.10.233:8778
openstack endpoint create --region RegionOne placement internal http://192.168.10.233:8778
openstack endpoint create --region RegionOne placement admin http://192.168.10.233:8778

查看

[root@controller1 ~]# openstack user list
+----------------------------------+-----------+
| ID                               | Name      |
+----------------------------------+-----------+
| 7903947d3df2430a9de170282b17a123 | glance    |
| b89dd2bfd4a3413aa30889080fdbbf83 | placement |
| ed1cadb4e6bb472b9a5dd331c449d993 | nova      |
| f7e61b8a40b7490694e8082dc6ecf9bc | admin     |
+----------------------------------+-----------+
[root@controller1 ~]# openstack role list
+----------------------------------+-------+
| ID                               | Name  |
+----------------------------------+-------+
| 11f7dc0b9df1443ab4a2ed688b10926f | admin |
+----------------------------------+-------+
[root@controller1 ~]# openstack service list
+----------------------------------+-----------+-----------+
| ID                               | Name      | Type      |
+----------------------------------+-----------+-----------+
| 1d282d7b7b57405a98aac596f42f173d | glance    | image     |
| 88ae0d08128842279750cdc3dfb00cff | keystone  | identity  |
| d60f94f3e6fe4b5d9205d159a66631c7 | nova      | compute   |
| ec224c7267c844d5a0404f2b5444a0d0 | placement | placement |
+----------------------------------+-----------+-----------+
[root@controller1 ~]# openstack endpoint list
+-------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------------+
| ID                            | Region    | Service Name | Service Type | Enabled | Interface | URL                            |
+-------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------------+
| 36d59ff6ca284344bfa4990d5c7bc | RegionOne | glance       | image        | True    | admin     | http://192.168.10.233:9292     |
| 071                           |           |              |              |         |           |                                |
| 3d1bc5df827c48de9df3772ae00da | RegionOne | glance       | image        | True    | public    | http://192.168.10.233:9292     |
| cf4                           |           |              |              |         |           |                                |
| 4862d7d814f04fc08b0d5c5073a12 | RegionOne | keystone     | identity     | True    | admin     | http://192.168.10.233:35357/v3 |
| 09a                           |           |              |              |         |           |                                |
| 4ff439ff3feb41cbb63cc6d78f299 | RegionOne | nova         | compute      | True    | admin     | http://192.168.10.233:8774/v2. |
| 01e                           |           |              |              |         |           | 1                              |
| 5c36c94914ea460694609149a3ad3 | RegionOne | nova         | compute      | True    | public    | http://192.168.10.233:8774/v2. |
| 667                           |           |              |              |         |           | 1                              |
| 61bdc8e2d3934920b28323ff60cba | RegionOne | nova         | compute      | True    | internal  | http://192.168.10.233:8774/v2. |
| d97                           |           |              |              |         |           | 1                              |
| 6b6ecf1ca488400784b0f9e35f5c4 | RegionOne | keystone     | identity     | True    | internal  | http://192.168.10.233:5000/v3  |
| b7e                           |           |              |              |         |           |                                |
| c19451bc06ff4852b148fa70cd1cc | RegionOne | placement    | placement    | True    | internal  | http://192.168.10.233:8778     |
| 79b                           |           |              |              |         |           |                                |
| c433b9336e35442a935f49f93544b | RegionOne | placement    | placement    | True    | admin     | http://192.168.10.233:8778     |
| 113                           |           |              |              |         |           |                                |
| dc9f039ed9ec4ed286b76ddf7ebb8 | RegionOne | glance       | image        | True    | internal  | http://192.168.10.233:9292     |
| a81                           |           |              |              |         |           |                                |
| e0ecf07f27494ac1b1fadc11e1162 | RegionOne | keystone     | identity     | True    | public    | http://192.168.10.233:5000/v3  |
| b53                           |           |              |              |         |           |                                |
| ef3a7de574354f2da2f6d2eaaf17a | RegionOne | placement    | placement    | True    | public    | http://192.168.10.233:8778     |
| 7b9                           |           |              |              |         |           |                                |
+-------------------------------+-----------+--------------+--------------+---------+-----------+--------------------------------+
[root@controller1 ~]# openstack project list
+----------------------------------+---------+
| ID                               | Name    |
+----------------------------------+---------+
| 14c7c0b953754e0d9f30d4973e3e369d | admin   |
| ff71bd18ddc842599845c08a7ef7fbca | service |
+----------------------------------+---------+

安全并配置组件

安装软件包

yum install openstack-nova-api openstack-nova-conductor openstack-nova-console openstack-nova-novncproxy  openstack-nova-scheduler openstack-nova-placement-api

编辑/etc/nova/nova.conf文件并完成下面的操作:
[DEFAULT]部分,只启用计算和元数据API:

[DEFAULT]
enabled_apis = osapi_compute,metadata

[api_database][database]部分,配置数据库的连接:

[api_database]
connection = mysql+pymysql://nova:novapass@192.168.10.233/nova_api

[database]
connection = mysql+pymysql://nova:novapass@192.168.10.233/nova

[DEFAULT]部分,配置RabbitMQ消息队列访问权限:

[DEFAULT]
transport_url = rabbit://openstack:openstackpass@192.168.10.233

在[api]和[keystone-authtoken]部分中,配置身份服务访问:

[api]
auth_strategy = keystone

[keystone_authtoken]
auth_uri = http://192.168.10.233:5000
auth_url = http://192.168.10.233:35357
memcached_servers = 192.168.10.233:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = nova

在 [DEFAULT] 部分,配置my_ip 来使用控制节点的管理接口的IP 地址。

[DEFAULT]
my_ip = 192.168.10.201

[DEFAULT]部分,启用网络服务支持:

[DEFAULT]
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver

默认情况下,计算服务使用内置的防火墙服务。由于网络服务包含了防火墙服务,你必须使用nova.virt.firewall.NoopFirewallDriver防火墙服务来禁用掉计算服务内置的防火墙服务

[vnc]部分,配置VNC代理使用控制节点的管理接口IP地址 :

[vnc]
enabled = true
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ip

在 [glance] 区域,配置镜像服务 API 的位置:

[glance]
api_servers = http://192.168.10.233:9292

在 [oslo_concurrency] 部分,配置锁路径:

[oslo_concurrency]
lock_path = /var/lib/nova/tmp

在[placement]部分中,配置Placement API:

[placement]
os_region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://192.168.10.233:35357/v3
username = placement
password = placement

由于 packaging bug 打包错误,您必须通过添加以下配置来启用对Placement API的访问
/etc/httpd/conf.d/00-nova-placement-api.conf

<Directory /usr/bin>
   <IfVersion >= 2.4>
      Require all granted
   </IfVersion>
   <IfVersion < 2.4>
      Order allow,deny
      Allow from all
   </IfVersion>
</Directory>

重新httpd服务

systemctl restart httpd

填充nova-api数据库:

su -s /bin/sh -c "nova-manage api_db sync" nova

注册cell0数据库:

su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova

创建cell1单元格:

# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
29f2d858-08b5-41d9-9545-77cfe7704818

填充新星数据库:

su -s /bin/sh -c "nova-manage db sync" nova

确认nova cel10和cel11已正确注册:

[root@controller1 ~]# nova-manage cell_v2 list_cells
+-------+--------------------------------------+
|  Name |                 UUID                 |
+-------+--------------------------------------+
| cell0 | 00000000-0000-0000-0000-000000000000 |
| cell1 | 29f2d858-08b5-41d9-9545-77cfe7704818 |
+-------+--------------------------------------+

完成安装

启动 Compute 服务并将其设置为随系统启动:

systemctl enable openstack-nova-api.service \
  openstack-nova-consoleauth.service openstack-nova-scheduler.service \
  openstack-nova-conductor.service openstack-nova-novncproxy.service
  
systemctl restart openstack-nova-api.service \
  openstack-nova-consoleauth.service openstack-nova-scheduler.service \
  openstack-nova-conductor.service openstack-nova-novncproxy.service
[root@controller1 ~]# nova service-list
+----+------------------+-------------+----------+---------+-------+----------------------------+-----------------+
| Id | Binary           | Host        | Zone     | Status  | State | Updated_at                 | Disabled Reason |
+----+------------------+-------------+----------+---------+-------+----------------------------+-----------------+
| 1  | nova-scheduler   | controller1 | internal | enabled | up    | 2019-09-11T05:29:28.000000 | -               |
| 2  | nova-consoleauth | controller1 | internal | enabled | up    | 2019-09-11T05:29:28.000000 | -               |
| 3  | nova-conductor   | controller1 | internal | enabled | up    | 2019-09-11T05:29:28.000000 | -               |
+----+------------------+-------------+----------+---------+-------+----------------------------+-----------------+

安装和配置计算节点

yum install openstack-nova-compute

安全并配置组件部署 nova 计算节点

编辑/etc/nova/nova.conf文件并完成下面的操作:
[DEFAULT]部分,只启用计算和元数据API:

[DEFAULT]
enabled_apis = osapi_compute,metadata

[DEFAULT]部分,配置RabbitMQ消息队列访问权限:

[DEFAULT]
transport_url = rabbit://openstack:openstackpass@192.168.10.233

用你在 “RabbitMQ” 中为 “openstack” 选择的密码替换 “RABBIT_PASS”。
[api_database][database] 部分,配置数据库的连接:

[api_database]
connection = mysql+pymysql://nova:novapass@192.168.10.233/nova_api

[database]
connection = mysql+pymysql://nova:novapass@192.168.10.233/nova

在[api]和[keystone_authtoken]部分中,配置身份服务访问:

[api]
auth_strategy = keystone

[keystone_authtoken]
auth_uri = http://192.168.10.233:5000
auth_url = http://192.168.10.233:35357
memcached_servers = 192.168.10.233:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = nova

使用你在身份认证服务中设置的nova 用户的密码替换NOVA_PASS

在 [DEFAULT] 部分,配置 my_ip 选项:

[DEFAULT]
my_ip = 192.168.10.203

将其中的 MANAGEMENT_INTERFACE_IP_ADDRESS 替换为计算节点上的管理网络接口的IP 地址,例如 :ref:example architecture <overview-example-architectures>中所示的第一个节点 10.0.0.31 。

[DEFAULT]部分,启用网络服务支持:

[DEFAULT]
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver

缺省情况下,Compute 使用内置的防火墙服务。由于 Networking 包含了防火墙服务,所以你必须通过使用 nova.virt.firewall.NoopFirewallDriver 来去除 Compute 内置的防火墙服务。

[vnc]部分,启用并配置远程控制台访问:

[vnc]
enabled = True
vncserver_listen = 0.0.0.0
vncserver_proxyclient_address = $my_ip
novncproxy_base_url = http://192.168.10.233:6080/vnc_auto.html

服务器组件监听所有的 IP 地址,而代理组件仅仅监听计算节点管理网络接口的 IP 地址。基本的 URL 指示您可以使用 web 浏览器访问位于该计算节点上实例的远程控制台的位置。
如果你运行浏览器的主机无法解析192.168.10.233 主机名,你可以将 192.168.10.233替换为你控制节点管理网络的IP地址。

在 [glance] 区域,配置镜像服务 API 的位置:

[glance]
api_servers = http://192.168.10.233:9292
在 [oslo_concurrency] 部分,配置锁路径:
[oslo_concurrency]
lock_path = /var/lib/nova/tmp

在[placement]部分中,配置Placement API:

[placement]
os_region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://192.168.10.233:35357/v3
username = placement
password = placement

完成安装

确认计算节点是否支持硬件加速:

egrep -c '(vmx|svm)' /proc/cpuinfo

如果这个命令返回了 one or greater 的值,那么你的计算节点支持硬件加速且不需要额外的配置。
如果这个命令返回了 zero 值,那么你的计算节点不支持硬件加速。你必须配置 libvirt 来使用 QEMU 去代替 KVM
在 /etc/nova/nova.conf 文件的 [libvirt] 区域做出如下的编辑:

[libvirt]
virt_type = qemu

启动 nova 计算服务并设置为开机启动:

systemctl enable libvirtd.service openstack-nova-compute.service
systemctl restart libvirtd.service openstack-nova-compute.service

主动发现计算节点:

#使用命令发现:

source admin-openstack.sh
su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova

[root@controller1 ~]# openstack hypervisor list
+----+---------------------+-----------------+----------------+-------+
| ID | Hypervisor Hostname | Hypervisor Type | Host IP        | State |
+----+---------------------+-----------------+----------------+-------+
|  1 | computer1           | QEMU            | 192.168.10.203 | up    |
+----+---------------------+-----------------+----------------+-------+

如果还看不到计算节点

nova-status upgrade check
nova-manage cell_v2 simple_cell_setup
openstack hypervisor list

添加新计算节点时,必须运行nova-manage cell_v2 discover_hosts
在控制器节点上注册那些新的计算节点。或者,您可以在中设置适当的间隔/etc/nova/nova.conf
#定期主动发现:

[scheduler]
discover_hosts_in_cells_interval = 300

修改完配置重新服务

systemctl restart openstack-nova-api.service \
  openstack-nova-consoleauth.service openstack-nova-scheduler.service \
  openstack-nova-conductor.service openstack-nova-novncproxy.service

验证操作

验证计算节点:

[root@controller1 ~]# nova host-list
+-------------+-------------+----------+
| host_name   | service     | zone     |
+-------------+-------------+----------+
| controller1 | scheduler   | internal |
| controller1 | consoleauth | internal |
| controller1 | conductor   | internal |
| computer1   | compute     | nova     |
+-------------+-------------+----------+

列出服务组件,以验证是否成功启动并注册了每个进程

[root@controller1 ~]# nova service-list
+----+------------------+-------------+----------+---------+-------+----------------------------+-----------------+
| Id | Binary           | Host        | Zone     | Status  | State | Updated_at                 | Disabled Reason |
+----+------------------+-------------+----------+---------+-------+----------------------------+-----------------+
| 1  | nova-scheduler   | controller1 | internal | enabled | up    | 2019-09-11T06:08:19.000000 | -               |
| 2  | nova-consoleauth | controller1 | internal | enabled | up    | 2019-09-11T06:08:19.000000 | -               |
| 3  | nova-conductor   | controller1 | internal | enabled | up    | 2019-09-11T06:08:20.000000 | -               |
| 8  | nova-compute     | computer1   | nova     | enabled | up    | 2019-09-11T06:08:21.000000 | -               |
+----+------------------+-------------+----------+---------+-------+----------------------------+-----------------+

#列出 keystone 服务中的端点,以验证 keystone 的连通性。

[root@controller1 ~]# openstack catalog list
+-----------+-----------+---------------------------------------------+
| Name      | Type      | Endpoints                                   |
+-----------+-----------+---------------------------------------------+
| glance    | image     | RegionOne                                   |
|           |           |   admin: http://192.168.10.233:9292         |
|           |           | RegionOne                                   |
|           |           |   public: http://192.168.10.233:9292        |
|           |           | RegionOne                                   |
|           |           |   internal: http://192.168.10.233:9292      |
|           |           |                                             |
| keystone  | identity  | RegionOne                                   |
|           |           |   admin: http://192.168.10.233:35357/v3     |
|           |           | RegionOne                                   |
|           |           |   internal: http://192.168.10.233:5000/v3   |
|           |           | RegionOne                                   |
|           |           |   public: http://192.168.10.233:5000/v3     |
|           |           |                                             |
| nova      | compute   | RegionOne                                   |
|           |           |   admin: http://192.168.10.233:8774/v2.1    |
|           |           | RegionOne                                   |
|           |           |   public: http://192.168.10.233:8774/v2.1   |
|           |           | RegionOne                                   |
|           |           |   internal: http://192.168.10.233:8774/v2.1 |
|           |           |                                             |
| placement | placement | RegionOne                                   |
|           |           |   internal: http://192.168.10.233:8778      |
|           |           | RegionOne                                   |
|           |           |   admin: http://192.168.10.233:8778         |
|           |           | RegionOne                                   |
|           |           |   public: http://192.168.10.233:8778        |
|           |           |                                             |
+-----------+-----------+---------------------------------------------+

列出Image服务中的图像以验证与Image服务的连接:

[root@controller1 ~]# nova image-list
WARNING: Command image-list is deprecated and will be removed after Nova 15.0.0 is released. Use python-glanceclient or openstackclient instead
+--------------------------------------+--------+--------+--------+
| ID                                   | Name   | Status | Server |
+--------------------------------------+--------+--------+--------+
| cac9811d-6590-4648-b1a0-6eda2e8e799e | cirros | ACTIVE |        |
+--------------------------------------+--------+--------+--------+
[root@controller1 ~]# openstack image list
+--------------------------------------+--------+--------+
| ID                                   | Name   | Status |
+--------------------------------------+--------+--------+
| cac9811d-6590-4648-b1a0-6eda2e8e799e | cirros | active |
+--------------------------------------+--------+--------+

列出服务组件是否成功注册

[root@controller1 ~]# openstack compute service list
+----+------------------+-------------+----------+---------+-------+----------------------------+
| ID | Binary           | Host        | Zone     | Status  | State | Updated At                 |
+----+------------------+-------------+----------+---------+-------+----------------------------+
|  1 | nova-scheduler   | controller1 | internal | enabled | up    | 2019-09-11T06:09:49.000000 |
|  2 | nova-consoleauth | controller1 | internal | enabled | up    | 2019-09-11T06:09:49.000000 |
|  3 | nova-conductor   | controller1 | internal | enabled | up    | 2019-09-11T06:09:50.000000 |
|  8 | nova-compute     | computer1   | nova     | enabled | up    | 2019-09-11T06:09:51.000000 |
+----+------------------+-------------+----------+---------+-------+----------------------------+

检查 cells 和 placement API 是否工作正常

[root@controller1 ~]# nova-status upgrade check
+---------------------------+
| Upgrade Check Results     |
+---------------------------+
| Check: Cells v2           |
| Result: Success           |
| Details: None             |
+---------------------------+
| Check: Placement API      |
| Result: Success           |
| Details: None             |
+---------------------------+
| Check: Resource Providers |
| Result: Success           |
| Details: None             |
+---------------------------+

如果出现重复的节点请参考
https://blog.csdn.net/ai74le/article/details/88293965

posted @ 2019-09-27 10:01  Final233  阅读(677)  评论(0编辑  收藏  举报