openstack安装-nova(一)

nova是OpenStack一个核心服务,提供计算服务,主要负责虚拟机的各种操作,如启动,销毁,快照,还有选择合适的compute节点部署虚拟机。
nova中的服务有controller和compute之分,是一对多的关系,即一个controller可以有多个compute,所以一些controller服务要装到controller节点上,compute服务可以装到compute节点,也可以装到controller节点来让它充当一部分compute的能力。
由于nova涉及controller节点和compute节点的安装,所以分了两篇文章来讲解
这一篇先介绍怎么安装nova的controller服务在controller节点上。

准备

创建数据库

  • root用户权限执行mysql

    1
    $ mysql
  • 创建nova_api, nova,和nova_cell0数据库:

    1
    2
    3
    MariaDB [(none)]> CREATE DATABASE nova_api;
    MariaDB [(none)]> CREATE DATABASE nova;
    MariaDB [(none)]> CREATE DATABASE nova_cell0;
  • 赋予适合的权限给这些数据库

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' \
    IDENTIFIED BY 'NOVA_DBPASS';
    MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' \
    IDENTIFIED BY 'NOVA_DBPASS';

    MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' \
    IDENTIFIED BY 'NOVA_DBPASS';
    MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' \
    IDENTIFIED BY 'NOVA_DBPASS';

    MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' \
    IDENTIFIED BY 'NOVA_DBPASS';
    MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' \
    IDENTIFIED BY 'NOVA_DBPASS';

替换NOVA_DBPASS密码为合适的,下面会用到。

  • 退出mysql

执行以下命令,进入admin身份

1
$ . admin-openrc

创建计算服务相关权限用户

  • 创建nova用户:
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    $ openstack user create --domain default --password-prompt nova

    User Password:
    Repeat User Password:
    +---------------------+----------------------------------+
    | Field | Value |
    +---------------------+----------------------------------+
    | domain_id | default |
    | enabled | True |
    | id | 8a7dbf5279404537b1c7b86c033620fe |
    | name | nova |
    | options | {} |
    | password_expires_at | None |
    +---------------------+----------------------------------+

这里的密码要记住,下面会用到。

  • nova用户添加admin角色

    1
    $ openstack role add --project service --user nova admin
  • 创建nova服务

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    $ openstack service create --name nova \
    --description "OpenStack Compute" compute

    +-------------+----------------------------------+
    | Field | Value |
    +-------------+----------------------------------+
    | description | OpenStack Compute |
    | enabled | True |
    | id | 060d59eac51b4594815603d75a00aba2 |
    | name | nova |
    | type | compute |
    +-------------+----------------------------------+

创建计算服务API endpoints

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
$ openstack endpoint create --region RegionOne \
compute public http://controller:8774/v2.1

+--------------+-------------------------------------------+
| Field | Value |
+--------------+-------------------------------------------+
| enabled | True |
| id | 3c1caa473bfe4390a11e7177894bcc7b |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 060d59eac51b4594815603d75a00aba2 |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+--------------+-------------------------------------------+

$ openstack endpoint create --region RegionOne \
compute internal http://controller:8774/v2.1

+--------------+-------------------------------------------+
| Field | Value |
+--------------+-------------------------------------------+
| enabled | True |
| id | e3c918de680746a586eac1f2d9bc10ab |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 060d59eac51b4594815603d75a00aba2 |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+--------------+-------------------------------------------+

$ openstack endpoint create --region RegionOne \
compute admin http://controller:8774/v2.1

+--------------+-------------------------------------------+
| Field | Value |
+--------------+-------------------------------------------+
| enabled | True |
| id | 38f7af91666a47cfb97b4dc790b94424 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 060d59eac51b4594815603d75a00aba2 |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+--------------+-------------------------------------------+

创建一个布置服务(Placement service)的用户

1
2
3
4
5
6
7
8
9
10
11
12
13
14
$ openstack user create --domain default --password-prompt placement

User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | fa742015a6494a949f67629884fc7ec8 |
| name | placement |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+

这里的密码也要记住,下面会用到。

给这个用户添加admin权限

1
$ openstack role add --project service --user placement admin

创建布置服务的api入口

1
2
3
4
5
6
7
8
9
10
$ openstack service create --name placement --description "Placement API" placement
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Placement API |
| enabled | True |
| id | 2d1a27022e6e4185b86adac4444c495f |
| name | placement |
| type | placement |
+-------------+----------------------------------+

创建布置服务api endpoints

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
$ openstack endpoint create --region RegionOne placement public http://controller:8778
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 2b1b2637908b4137a9c2e0470487cbc0 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 2d1a27022e6e4185b86adac4444c495f |
| service_name | placement |
| service_type | placement |
| url | http://controller:8778 |
+--------------+----------------------------------+

$ openstack endpoint create --region RegionOne placement internal http://controller:8778
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 02bcda9a150a4bd7993ff4879df971ab |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 2d1a27022e6e4185b86adac4444c495f |
| service_name | placement |
| service_type | placement |
| url | http://controller:8778 |
+--------------+----------------------------------+

$ openstack endpoint create --region RegionOne placement admin http://controller:8778
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 3d71177b9e0f406f98cbff198d74b182 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 2d1a27022e6e4185b86adac4444c495f |
| service_name | placement |
| service_type | placement |
| url | http://controller:8778 |
+--------------+----------------------------------+

安装和配置组件

安装包

1
2
$ apt install nova-api nova-conductor nova-consoleauth \
nova-novncproxy nova-scheduler nova-placement-api

修改/etc/nova/nova.conf

  • 修改[api_database][database]区域
    1
    2
    3
    4
    5
    6
    7
    [api_database]
    # ...
    connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api

    [database]
    # ...
    connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova

替换NOVA_DBPASS为你上面配置数据库的密码

  • [Default]区域,对RabbitMQ配置
    1
    2
    3
    [DEFAULT]
    # ...
    transport_url = rabbit://openstack:RABBIT_PASS@controller

替换RABBIT_PASS为当时安装rabbitmq时候设置的密码

  • [api][keystone——authtoken]区域,配置keystone相关配置
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    [api]
    # ...
    auth_strategy = keystone

    [keystone_authtoken]
    # ...
    auth_uri = http://controller:5000
    auth_url = http://controller:35357
    memcached_servers = controller:11211
    auth_type = password
    project_domain_name = default
    user_domain_name = default
    project_name = service
    username = nova
    password = NOVA_PASS

替换NOVA_PASS为你创建nova用户时的密码

  • [DEFAULT]区域,配置my_ip为管理网络ip,此为controller节点的管理ip

    1
    2
    3
    [DEFAULT]
    # ...
    my_ip = 192.168.199.10
  • [DEFAUL]区域,启用neutron作为网络服务的组件

    1
    2
    3
    4
    [DEFAULT]
    # ...
    use_neutron = True
    firewall_driver = nova.virt.firewall.NoopFirewallDriver
  • 配置vnc

    1
    2
    3
    4
    5
    [vnc]
    enabled = true
    # ...
    vncserver_listen = $my_ip
    vncserver_proxyclient_address = $my_ip
  • [glance]区域,配置glance

    1
    2
    3
    [glance]
    # ...
    api_servers = http://controller:9292
  • [oslo_concurrency]区域,配置锁定路径

    1
    2
    3
    [oslo_concurrency]
    # ...
    lock_path = /var/lib/nova/tmp
  • [DEFAULT]删除log_dir选项

  • [placement]区域配置placement api
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    [placement]
    # ...
    os_region_name = RegionOne
    project_domain_name = Default
    project_name = service
    auth_type = password
    user_domain_name = Default
    auth_url = http://controller:35357/v3
    username = placement
    password = PLACEMENT_PASS

使用创建placement用户时的密码替换PLACEMENT_PASS

初始化nova-api数据库

1
$ su -s /bin/sh -c "nova-manage api_db sync" nova

注册cell0数据库

1
$ su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova

创建cell

1
2
# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
109e1d4b-536a-40d0-83c6-5f121b82b650

初始化nova数据库

1
$ su -s /bin/sh -c "nova-manage db sync" nova

验证novacell0cell1

1
2
3
4
5
6
7
$ nova-manage cell_v2 list_cells
+-------+--------------------------------------+
| Name | UUID |
+-------+--------------------------------------+
| cell1 | 109e1d4b-536a-40d0-83c6-5f121b82b650 |
| cell0 | 00000000-0000-0000-0000-000000000000 |
+-------+--------------------------------------+

重启服务

1
2
3
4
5
$ service nova-api restart
$ service nova-consoleauth restart
$ service nova-scheduler restart
$ service nova-conductor restart
$ service nova-novncproxy restart