CentOS6.4安装OpenStack Icehouse controller (三)
2014-05-22 16:12 陈尚华 阅读(338) 评论(0) 编辑 收藏 举报CentOS6.4安装OpenStack Icehouse controller(二)
OpenStack交流群:322596568
*本文介绍Cinder、Swift的安装配置过程
9.安装配置Cinder
9.1.初始化Cinder
(1).安装Cinder服务:
[root@openstack ~]# yum -y install openstack-cinder openstack-selinux
(2).创建Cinder数据库:
[root@openstack ~]# openstack-db --init --service cinder --rootpw passwd
cinder default DB is not mysql. Would you like to reset to mysql now? (y/n): y
Verified connectivity to MySQL.
Creating 'cinder' database.
Initializing the cinder database, please wait...
/usr/lib64/python2.6/site-packages/Crypto/Util/number.py:57: PowmInsecureWarning: Not using mpz_powm_sec. You should rebuild using libgmp >= 5 to avoid timing attack vulnerability.
_warn("Not using mpz_powm_sec. You should rebuild using libgmp >= 5 to avoid timing attack vulnerability.", PowmInsecureWarning)
Complete!
上述warning不影响数据库创建,也可以使用:
[root@openstack ~]# su -s /bin/sh -c "cinder-manage db sync" cinder
创建cinder数据库。
9.2.创建User,定义Services 和 API Endpoints
(1).为cinder创建一个cinder用户:
[root@openstack ~]# keystone user-create --name=cinder --pass=service --email=cinder@chensh.net
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | cinder@chensh.net |
| enabled | True |
| id | f67dd31740ca4d0bbca4f673ffff85b0 |
| name | cinder |
| username | cinder |
+----------+----------------------------------+
[root@openstack ~]# keystone user-role-add --user=cinder --tenant=service --role=admin
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
(2).创建cinder服务,创建endpoint:
[root@openstack ~]# vi /root/config/cinder-user.sh
#!/bin/sh
my_ip=0.0.0.0
keystone service-create --name=cinder --type=volume --description="OpenStack Block Storage"
service=$(keystone service-list | awk '/volume/ {print $2}')
keystone endpoint-create --service-id=$service --publicurl=http://$my_ip:8776/v1/%\(tenant_id\)s --internalurl=http://$my_ip:8776/v1/%\(tenant_id\)s --adminurl=http://$my_ip:8776/v1/%\(tenant_id\)s
keystone service-create --name=cinder --type=volumev2 --description="OpenStack Block Storage V2"
service=$(keystone service-list | awk '/volumev2/ {print $2}')
keystone endpoint-create --service-id=$service --publicurl=http://$my_ip:8776/v2/%\(tenant_id\)s --internalurl=http://$my_ip:8776/v2/%\(tenant_id\)s --adminurl=http://$my_ip:8776/v2/%\(tenant_id\)s
[root@openstack ~]# sh /root/config/cinder-user.sh
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack Block Storage |
| enabled | True |
| id | f4f8a1e3ea104a689e6e11da53ed239d |
| name | cinder |
| type | volume |
+-------------+----------------------------------+
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+--------------------------------------+
| Property | Value |
+-------------+--------------------------------------+
| adminurl | http://0.0.0.0:8776/v1/%(tenant_id)s |
| id | 6027a4a61f7f4acba13e52544ca53acb |
| internalurl | http://0.0.0.0:8776/v1/%(tenant_id)s |
| publicurl | http://0.0.0.0:8776/v1/%(tenant_id)s |
| region | regionOne |
| service_id | f4f8a1e3ea104a689e6e11da53ed239d |
+-------------+--------------------------------------+
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack Block Storage V2 |
| enabled | True |
| id | 5022d74ed60b4a79b0acef9e71e2fd9d |
| name | cinder |
| type | volumev2 |
+-------------+----------------------------------+
WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
+-------------+--------------------------------------+
| Property | Value |
+-------------+--------------------------------------+
| adminurl | http://0.0.0.0:8776/v2/%(tenant_id)s |
| id | ddd42956b4e14e4abb427fdcb3e31b61 |
| internalurl | http://0.0.0.0:8776/v2/%(tenant_id)s |
| publicurl | http://0.0.0.0:8776/v2/%(tenant_id)s |
| region | regionOne |
| service_id | 5022d74ed60b4a79b0acef9e71e2fd9d |
+-------------+--------------------------------------+
9.3.配置Cinder服务
(1).创建LVM分区
[root@openstack ~]# fdisk /dev/sdb
[root@openstack ~]# pvcreate /dev/sdb1
[root@openstack ~]# vgcreate cinder-volumes /dev/sdb1
(2).修改Cinder配置文件
[root@openstack ~]# cp -av /etc/cinder/cinder.conf /etc/cinder/cinder.conf_bak
[root@openstack ~]# sed -i '/^#/d' /etc/cinder/cinder.conf
[root@openstack ~]# sed -i '/^$/d' /etc/cinder/cinder.conf
[root@openstack ~]# vi /etc/cinder/cinder.conf
[DEFAULT]
my_ip = 192.168.20.100
#glance_host = controller
#osapi_volume_listen = 192.168.20.100
osapi_volume_listen = 0.0.0.0
log_dir = /var/log/cinder
state_path = /var/lib/cinder
lock_path = /var/lib/cinder/tmp
volumes_dir=/openstack/cinder/volumes
iscsi_helper = tgtadm
connection = mysql://cinder:cinder@localhost/cinder
notification_driver = cinder.openstack.common.notifier.rpc_notifier
control_exchange = cinder
rpc_backend = cinder.openstack.common.rpc.impl_qpid
qpid_hostname = 192.168.20.100
auth_strategy = keystone
[BRCD_FABRIC_EXAMPLE]
[database]
[fc-zone-manager]
[keymgr]
[keystone_authtoken]
auth_uri = http://127.0.0.1:5000
auth_host = 127.0.0.1
auth_protocol = http
auth_port = 35357
admin_user = cinder
admin_tenant_name = service
admin_password = service
[matchmaker_ring]
[ssl]
[root@openstack ~]# cp -av /etc/cinder /openstack/
(3).修改api-paste.ini配置文件
[root@openstack ~]# cp -av /etc/cinder/api-paste.ini /etc/cinder/api-paste.ini_bak
[root@openstack ~]# vi /etc/cinder/api-paste.ini
#############
# OpenStack #
#############
[composite:osapi_volume]
use = call:cinder.api:root_app_factory
/: apiversions
/v1: openstack_volume_api_v1
/v2: openstack_volume_api_v2
[composite:openstack_volume_api_v1]
use = call:cinder.api.middleware.auth:pipeline_factory
noauth = request_id faultwrap sizelimit noauth apiv1
keystone = request_id faultwrap sizelimit authtoken keystonecontext apiv1
keystone_nolimit = request_id faultwrap sizelimit authtoken keystonecontext apiv1
[composite:openstack_volume_api_v2]
use = call:cinder.api.middleware.auth:pipeline_factory
noauth = request_id faultwrap sizelimit noauth apiv2
keystone = request_id faultwrap sizelimit authtoken keystonecontext apiv2
keystone_nolimit = request_id faultwrap sizelimit authtoken keystonecontext apiv2
[filter:request_id]
paste.filter_factory = cinder.openstack.common.middleware.request_id:RequestIdMiddleware.factory
[filter:faultwrap]
paste.filter_factory = cinder.api.middleware.fault:FaultWrapper.factory
[filter:noauth]
paste.filter_factory = cinder.api.middleware.auth:NoAuthMiddleware.factory
[filter:sizelimit]
paste.filter_factory = cinder.api.middleware.sizelimit:RequestBodySizeLimiter.factory
[app:apiv1]
paste.app_factory = cinder.api.v1.router:APIRouter.factory
[app:apiv2]
paste.app_factory = cinder.api.v2.router:APIRouter.factory
[pipeline:apiversions]
pipeline = faultwrap osvolumeversionapp
[app:osvolumeversionapp]
paste.app_factory = cinder.api.versions:Versions.factory
##########
# Shared #
##########
[filter:keystonecontext]
paste.filter_factory = cinder.api.middleware.auth:CinderKeystoneContext.factory
[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
auth_host = 127.0.0.1
auth_port = 35357
auth_protocol = http
admin_user = cinder
admin_tenant_name = service
admin_password = service
(4).修改targets.conf配置文件
[root@openstack ~]# grep -q /openstack/cinder/volumes /etc/tgt/targets.conf || sed -i '1iinclude /openstack/cinder/volumes/*' /etc/tgt/targets.conf
(5).启动服务:
[root@openstack ~]# service tgtd start
[root@openstack ~]# chkconfig tgtd on
[root@openstack ~]# service openstack-cinder-api start
[root@openstack ~]# service openstack-cinder-scheduler start
[root@openstack ~]# service openstack-cinder-volume start
[root@openstack ~]# chkconfig openstack-cinder-api on
[root@openstack ~]# chkconfig openstack-cinder-scheduler on
[root@openstack ~]# chkconfig openstack-cinder-volume on
9.4.Cinder测试
[root@openstack ~]# cinder create --display-name volume01 2
+---------------------+--------------------------------------+
| Property | Value |
+---------------------+--------------------------------------+
| attachments | [] |
| availability_zone | nova |
| bootable | false |
| created_at | 2014-05-22T17:07:17.321513 |
| display_description | None |
| display_name | volume01 |
| encrypted | False |
| id | c6a236c7-3989-4616-8108-ccca0caa7181 |
| metadata | {} |
| size | 2 |
| snapshot_id | None |
| source_volid | None |
| status | creating |
| volume_type | None |
+---------------------+--------------------------------------+
[root@openstack ~]# cinder list
+--------------------------------------+-----------+--------------+------+-------------+----------+-------------+
| ID | Status | Display Name | Size | Volume Type | Bootable | Attached to |
+--------------------------------------+-----------+--------------+------+-------------+----------+-------------+
| c6a236c7-3989-4616-8108-ccca0caa7181 | available | volume01 | 2 | None | false | |
+--------------------------------------+-----------+--------------+------+-------------+----------+-------------+