OpenStack-Ocata版+CentOS7.6 云平台环境搭建 —9.块存储服务(cinder)部署配置
块存储服务部署相关
块存储服务(cinder)为实例提供块存储。存储的分配和消耗是由块存储驱动器,或者多后端配置的驱动器决定的。还有很多驱动程序可用:NAS/SAN,NFS,ISCSI,Ceph等。
典型情况下,块服务API和调度器服务运行在控制节点上。取决于使用的驱动,卷服务器可以运行在控制节点、计算节点或单独的存储节点。
1.块存储服务概览
OpenStack块存储服务(cinder)为虚拟机添加持久的存储,块存储提供一个基础设施为了管理卷,以及和OpenStack计算服务交互,为实例提供卷。此服务也会激活管理卷的快照和卷类型的功能。
块存储服务通常包含下列组件:
cinder-api
接受API请求,并将其路由到``cinder-volume``执行。
cinder-volume
与块存储服务和例如``cinder-scheduler``的进程进行直接交互。它也可以与这些进程通过一个消息队列进行交互。``cinder-volume``服务响应送到块存储服务的读写请求来维持状态。它也可以和多种存储提供者在驱动架构下进行交互。
cinder-scheduler守护进程
选择最优存储提供节点来创建卷。其与``nova-scheduler``组件类似。
cinder-backup daemon
``cinder-backup``服务提供任何种类备份卷到一个备份存储提供者。就像``cinder-volume``服务,它与多种存储提供者在驱动架构下进行交互。
消息队列
在块存储的进程之间路由信息。
节点配置信息说明:
控制节点:controller:
IP:192.168.164.128
hostname&hosts:likeadmin
计算加点:Nova:
IP:192.168.164.129
hostname&hosts:likenode
块存储节点:cinder:
IP:192.168.164.136
hostname&hosts:likeblock
1.安装并配置控制节点
这个部分描述如何在控制节点上安装和配置块设备存储服务,即 cinder。这个服务需要至少一个额外的存储节点,以向实例提供卷。
先决条件
在你安装和配置块存储服务之前,你必须创建数据库、服务证书和API端点。
1)完成下面的步骤以创建数据库:
用数据库连接客户端以 root 用户连接到数据库服务器:
# mysql -u root -p
创建 cinder 数据库:
MariaDB [(none)]> CREATE DATABASE cinder;
允许 cinder 数据库合适的访问权限:
MariaDB [(none)]> GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' \
IDENTIFIED BY 'djl18001';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' \
IDENTIFIED BY 'djl18001';
用合适的密码替换 CINDER_DBPASS,此试验环境配置的密码为:djl18001
退出数据库客户端。
2)获得 admin 凭证来获取只有管理员能执行的命令的访问权限:
[root@likeadmin conf.d]# source /root/.admin-openrc
3)要创建服务证书,完成这些步骤:
创建一个 cinder 用户:
[root@likeadmin conf.d]# openstack user create --domain default --password-prompt cinder
User Password: djl18001
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 5cb9dc4f00f54ac083b9f6a20702d5f2 |
| name | cinder |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
[root@likeadmin conf.d]#
添加 admin 角色到 cinder 用户上。
#openstack role add --project service --user cinder admin
4)创建cinderv2和cinderv3服务实体:
[root@likeadmin ~]# openstack service create --name cinderv2 \
> --description "OpenStack Block Storage" volumev2
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Block Storage |
| enabled | True |
| id | bebac42bee1240d88185e391c9db0e4b |
| name | cinderv2 |
| type | volumev2 |
+-------------+----------------------------------+
[root@likeadmin ~]# openstack service create --name cinderv3 \
> --description "OpenStack Block Storage" volumev3
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Block Storage |
| enabled | True |
| id | 51d66eede82042c889a19100bf33f421 |
| name | cinderv3 |
| type | volumev3 |
+-------------+----------------------------------+
[root@likeadmin ~]#
注解:块设备存储服务要求两个服务实体。
5)创建块设备存储服务的 API 入口点
[root@likeadmin ~]# openstack endpoint create --region RegionOne \
> volumev2 public http://likeadmin:8776/v2/%\(project_id\)s
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | 41588a56fbb34e818d544ba88bbc6e7b |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | bebac42bee1240d88185e391c9db0e4b |
| service_name | cinderv2 |
| service_type | volumev2 |
| url | http://likeadmin:8776/v2/%(project_id)s |
+--------------+-----------------------------------------+
[root@likeadmin ~]# openstack endpoint create --region RegionOne \
> volumev2 internal http://likeadmin:8776/v2/%\(project_id\)s
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | 102356c41d704315b05cb7e0eb14deca |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | bebac42bee1240d88185e391c9db0e4b |
| service_name | cinderv2 |
| service_type | volumev2 |
| url | http://likeadmin:8776/v2/%(project_id)s |
+--------------+-----------------------------------------+
[root@likeadmin ~]# openstack endpoint create --region RegionOne \
> volumev2 admin http://likeadmin:8776/v2/%\(project_id\)s
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | aa3964f87d394e48bfd79ab9675d6a5d |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | bebac42bee1240d88185e391c9db0e4b |
| service_name | cinderv2 |
| service_type | volumev2 |
| url | http://likeadmin:8776/v2/%(project_id)s |
+--------------+-----------------------------------------+
[root@likeadmin ~]# openstack endpoint create --region RegionOne \
> volumev3 public http://likeadmin:8776/v3/%\(project_id\)s
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | 1b3c4b6d51d643dcb1b4e0156dc189d5 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 51d66eede82042c889a19100bf33f421 |
| service_name | cinderv3 |
| service_type | volumev3 |
| url | http://likeadmin:8776/v3/%(project_id)s |
+--------------+-----------------------------------------+
[root@likeadmin ~]# openstack endpoint create --region RegionOne \
> volumev3 internal http://likeadmin:8776/v3/%\(project_id\)s
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | 2085d8a66ee24645ba26f071c3b1e24f |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 51d66eede82042c889a19100bf33f421 |
| service_name | cinderv3 |
| service_type | volumev3 |
| url | http://likeadmin:8776/v3/%(project_id)s |
+--------------+-----------------------------------------+
[root@likeadmin ~]# openstack endpoint create --region RegionOne \
> volumev3 admin http://likeadmin:8776/v3/%\(project_id\)s
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | dd51fadba29647eea46c19db330f4522 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 51d66eede82042c889a19100bf33f421 |
| service_name | cinderv3 |
| service_type | volumev3 |
| url | http://likeadmin:8776/v3/%(project_id)s |
+--------------+-----------------------------------------+
[root@likeadmin ~]#
2.安全并配置组件
1)安装软件包:
# yum install openstack-cinder
2)编辑 /etc/cinder/cinder.conf,同时完成如下动作:
在 [database] 部分,配置数据库访问:
[database]
# ...
connection = mysql+pymysql://cinder:djl18001@likeadmin/cinder
用你为块设备存储数据库选择的密码替换 CINDER_DBPASS。
3)在``[DEFAULT]``部分,配置``RabbitMQ``消息队列访问权限:
[DEFAULT]
# ...
transport_url = rabbit://openstack:djl18001@likeadmin
用你在 “RabbitMQ” 中为 “openstack” 选择的密码替换 “RABBIT_PASS”。
4)在 “[DEFAULT]” 和 “[keystone_authtoken]” 部分,配置认证服务访问:
[DEFAULT]
# ...
auth_strategy = keystone
[keystone_authtoken]
# ...
auth_uri = http://likeadmin:5000
auth_url = http://likeadmin:35357
memcached_servers = likeadmin:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = cinder
password = djl18001
将 CINDER_PASS 替换为你在认证服务中为 cinder 用户选择的密码。
5)在 [DEFAULT 部分,配置``my_ip`` 来使用控制节点的管理接口的IP 地址。
[DEFAULT]
# ...
my_ip = 10.0.0.11
6)在 [oslo_concurrency] 部分,配置锁路径:
[oslo_concurrency]
# ...
lock_path = /var/lib/cinder/tmp
初始化块设备服务的数据库:
# su -s /bin/sh -c "cinder-manage db sync" cinder
3.配置计算节点以使用块设备存储
1)编辑文件 /etc/nova/nova.conf 并添加如下到其中:
[cinder]
os_region_name = RegionOne
4.完成安装
1)重启计算API 服务:
# systemctl restart openstack-nova-api.service
2)启动块设备存储服务,并将其配置为开机自启:
# systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service
# systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service
5. 安装并配置一个存储节点
这个部分描述怎样为块存储服务安装并配置存储节点。为简单起见,这里配置一个有一个空的本地块存储设备的存储节点。
这个向导用的是 /dev/sdb,但是你可以为你特定的节点中替换成不同的值。
该服务在这个设备上使用:term:‘LVM<Logical Volume Manager (LVM)>’提供逻辑卷,‘ISCSI<iSCSI Qualified Name (IQN)>’提供实例使用协议。
你可以按照这些提示对你的其他存储节点的环境对水平环境稍作修改。
在你安装和配置块存储服务之前,你必须准备好存储设备。
注解:在存储节点实施这些步骤。
1)安装支持的工具包:
安装 LVM 包:
# yum install lvm2
启动LVM的metadata服务并且设置该服务随系统启动:
# systemctl enable lvm2-lvmetad.service
# systemctl start lvm2-lvmetad.service
2)在你安装和配置块存储服务之前,你必须准备好存储设备。
下面是如何进行磁盘管理,在进行磁盘管理前,我已对该虚拟机添加了一块硬盘。
[root@likeblock ~]# fdisk -l
Disk /dev/sda: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x000b011c
Device Boot Start End Blocks Id System
/dev/sda1 * 2048 2099199 1048576 83 Linux
/dev/sda2 2099200 20971519 9436160 8e Linux LVM
Disk /dev/sdb: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk /dev/mapper/centos-root: 8585 MB, 8585740288 bytes, 16769024 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk /dev/mapper/centos-swap: 1073 MB, 1073741824 bytes, 2097152 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
[root@likeblock ~]#
[root@likeblock ~]# fdisk /dev/sdb
Welcome to fdisk (util-linux 2.23.2).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Device does not contain a recognized partition table
Building a new DOS disklabel with disk identifier 0x78a4d600.
Command (m for help): m
Command action
a toggle a bootable flag
b edit bsd disklabel
c toggle the dos compatibility flag
d delete a partition
g create a new empty GPT partition table
G create an IRIX (SGI) partition table
l list known partition types
m print this menu
n add a new partition
o create a new empty DOS partition table
p print the partition table
q quit without saving changes
s create a new empty Sun disklabel
t change a partition's system id
u change display/entry units
v verify the partition table
w write table to disk and exit
x extra functionality (experts only)
Command (m for help): n
Partition type:
p primary (0 primary, 0 extended, 4 free)
e extended
Select (default p): p
Partition number (1-4, default 1):
First sector (2048-20971519, default 2048):
Using default value 2048
Last sector, +sectors or +size{K,M,G} (2048-20971519, default 20971519): 10485708
Partition 1 of type Linux and of size 5 GiB is set
Command (m for help): p
Disk /dev/sdb: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x78a4d600
Device Boot Start End Blocks Id System
/dev/sdb1 2048 10485708 5241830+ 83 Linux
Command (m for help): t
Selected partition 1
Hex code (type L to list all codes): 8e
Changed type of partition 'Linux' to 'Linux LVM'
Command (m for help): p
Disk /dev/sdb: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x78a4d600
Device Boot Start End Blocks Id System
/dev/sdb1 2048 10485708 5241830+ 8e Linux LVM
Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
Syncing disks.
[root@likeblock ~]#
[root@likeblock ~]#
[root@likeblock ~]# fdisk -l
Disk /dev/sda: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x000b011c
Device Boot Start End Blocks Id System
/dev/sda1 * 2048 2099199 1048576 83 Linux
/dev/sda2 2099200 20971519 9436160 8e Linux LVM
Disk /dev/sdb: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x78a4d600
Device Boot Start End Blocks Id System
/dev/sdb1 2048 10485708 5241830+ 8e Linux LVM
Disk /dev/mapper/centos-root: 8585 MB, 8585740288 bytes, 16769024 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk /dev/mapper/centos-swap: 1073 MB, 1073741824 bytes, 2097152 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
[root@likeblock ~]#
3)创建LVM 物理卷 /dev/sdb:
# pvcreate /dev/sdb
Physical volume "/dev/sdb" successfully created
创建 LVM 卷组 cinder-volumes:
# vgcreate cinder-volumes /dev/sdb
Volume group "cinder-volumes" successfully created
块存储服务会在这个卷组中创建逻辑卷
只有实例可以访问块存储卷组。但是,底层的操作系统管理着与这些卷相关联的设备。
默认情况下,LVM卷扫描工具会扫描``/dev`` 目录,查找包含卷的块存储设备。如果项目在他们的卷上使用了LVM,扫描工具便会在检测到这些卷时尝试缓存它们,
这可能会在底层操作系统和项目卷上产生各种问题。所以您必须重新配置LVM,让它扫描仅包含``cinder-volume``卷组的设备。编辑``/etc/lvm/lvm.conf``文件并完成下面的操作:
在``devices``部分,添加一个过滤器,只接受``/dev/sdb``设备,拒绝其他所有设备:
devices {
...
filter = [ "a/sdb/", "r/.*/"]
每个过滤器组中的元素都以``a``开头,即为 accept,或以 r 开头,即为**reject**,并且包括一个设备名称的正则表达式规则。过滤器组必须以``r/.*/``结束,
过滤所有保留设备。您可以使用 :命令:`vgs -vvvv` 来测试过滤器。
如果您的存储节点在操作系统磁盘上使用了 LVM,您还必需添加相关的设备到过滤器中。例如,如果 /dev/sda 设备包含操作系统:
filter = [ "a/sda/", "a/sdb/", "r/.*/"]
类似地,如果您的计算节点在操作系统磁盘上使用了 LVM,您也必需修改这些节点上 /etc/lvm/lvm.conf 文件中的过滤器,将操作系统磁盘包含到过滤器中。例如,如果``/dev/sda`` 设备包含操作系统:
filter = [ "a/sda/", "r/.*/"]
5.安全并配置组件
安装软件包:
# yum install openstack-cinder targetcli python-keystone
编辑 /etc/cinder/cinder.conf,同时完成如下动作:
在 [database] 部分,配置数据库访问:
[database]
# ...
connection = mysql+pymysql://cinder:djl18001@likeadmin/cinder
用你为块设备存储数据库选择的密码替换 CINDER_DBPASS。
在``[DEFAULT]``部分,配置``RabbitMQ``消息队列访问权限:
[DEFAULT]
# ...
transport_url = rabbit://openstack:djl18001@likeadmin
用你在 “RabbitMQ” 中为 “openstack” 选择的密码替换 “RABBIT_PASS”。
在 “[DEFAULT]” 和 “[keystone_authtoken]” 部分,配置认证服务访问:
[DEFAULT]
# ...
auth_strategy = keystone
[keystone_authtoken]
# ...
auth_uri = http://likeadmin:5000
auth_url = http://likeadmin:35357
memcached_servers = likeadmin:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = cinder
password = djl18001
将 CINDER_PASS 替换为你在认证服务中为 cinder 用户选择的密码。
在 [DEFAULT] 部分,配置 my_ip 选项:
[DEFAULT]
# ...
my_ip = 92.168.164.136
将其中的``MANAGEMENT_INTERFACE_IP_ADDRESS``替换为存储节点上的管理网络接口的IP 地址,
例如样例架构 <overview-example-architectures>中所示的第一台节点 10.0.0.41 。
在``[lvm]``部分中,配置LVM后端,包括LVM驱动,``cinder-volumes``卷组 ,iSCSI 协议和适当的 iSCSI服务。如果``[lvm]``部分不存在,则创建它:
[lvm]
volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver
volume_group = cinder-volumes
iscsi_protocol = iscsi
iscsi_helper = lioadm
在 [DEFAULT] 部分,启用 LVM 后端:
[DEFAULT]
# ...
enabled_backends = lvm
在 [DEFAULT] 区域,配置镜像服务 API 的位置:
[DEFAULT]
# ...
glance_api_servers = http://likeadmin:9292
在 [oslo_concurrency] 部分,配置锁路径:
[oslo_concurrency]
# ...
lock_path = /var/lib/cinder/tmp
完成安装
启动块存储卷服务及其依赖的服务,并将其配置为随系统启动:
# systemctl enable openstack-cinder-volume.service target.service
# systemctl start openstack-cinder-volume.service target.service
验证块设备存储服务的操作。
注解:在控制节点上执行这些命令。
获得 admin 凭证来获取只有管理员能执行的命令的访问权限:
[root@likeadmin ~]# source /root/.admin-openrc
列出服务组件以验证是否每个进程都成功启动:
[root@likeadmin ~]# openstack volume service list
+------------------+---------------+------+---------+-------+----------------------------+
| Binary | Host | Zone | Status | State | Updated At |
+------------------+---------------+------+---------+-------+----------------------------+
| cinder-scheduler | likeadmin | nova | enabled | up | 2019-04-09T06:57:36.000000 |
| cinder-volume | likeblock@lvm | nova | enabled | up | 2019-04-09T06:57:49.000000 |
+------------------+---------------+------+---------+-------+----------------------------+
[root@likeadmin ~]#
注:至此我们已经完成块存储的配置,可以通过块存储启动实例了