概要介绍
之前我们学习了keystone认证服务,glance镜像服务,这些服务包括之后学习的Neutron服务,我们从图片中可以发现都有箭头指向VM(实例),这次我们要学习的是创建VM和管理其生命周期的服务——Nova服务。
Nova服务会去调用底层的KVM等等去创建我们的虚拟机。
【控制节点】
官方文档:https://docs.openstack.org/nova/queens/install/controller-install-rdo.html
创建nova,nova_api,nova_cell0数据库
`mysql -uroot -p000000`<br />` MariaDB [(none)]> CREATE DATABASE nova_api;`<br />` MariaDB [(none)]> CREATE DATABASE nova;`<br />` MariaDB [(none)]> CREATE DATABASE nova_cell0;`<br />
创建数据库nova用户并进行对以上数据库的授权
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' \
IDENTIFIED BY '000000';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' \
IDENTIFIED BY '000000';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' \
IDENTIFIED BY '000000';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' \
IDENTIFIED BY '000000';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' \
IDENTIFIED BY '000000';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' \
IDENTIFIED BY '000000';
创建nova用户,并赋予admin角色
source admin-openrc
openstack user create --domain default --password-prompt nova
返回:
[root@controller ~]# openstack user create --domain default --password-prompt nova
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 8052a8338b9740969d3dbacf484716ac |
| name | nova |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
接着:openstack role add --project service --user nova admin
创建nova服务,并创建endpoint(服务API入口)
openstack service create --name nova \
--description "OpenStack Compute" compute
openstack endpoint create --region RegionOne \
compute internal http://controller:8774/v2.1
openstack endpoint create --region RegionOne \
compute public http://controller:8774/v2.1
openstack endpoint create --region RegionOne \
compute admin http://controller:8774/v2.1
运行结果:
[root@controller ~]# openstack service create --name nova \
> --description "OpenStack Compute" compute
4/v2.1
openstack endpoint create --region RegionOne \
compute admin http://controller:8774/v2.1+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Compute |
| enabled | True |
| id | 8e7de12ad621403fb95d0a2bbc8c47af |
| name | nova |
| type | compute |
+-------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne \
> compute internal http://controller:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | c9d717d5a33544e8aecae95b3add0f42 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 8e7de12ad621403fb95d0a2bbc8c47af |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne \
> compute public http://controller:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 1cf03146ee544acba6bec34001239104 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 8e7de12ad621403fb95d0a2bbc8c47af |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne \
> compute admin http://controller:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 5c8a70f3262849fbbcfc4556d1d69253 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 8e7de12ad621403fb95d0a2bbc8c47af |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+--------------+----------------------------------+
检验
查看已有的服务列表
openstack service list
返回:
[root@controller ~]# openstack service list
+----------------------------------+----------+----------+
| ID | Name | Type |
+----------------------------------+----------+----------+
| 7d443f3f0f7c4dbdb9a835dce79d74ad | glance | image |
| 8e7de12ad621403fb95d0a2bbc8c47af | nova | compute |
| d6e5eba119ac4c9597f442300b126e19 | keystone | identity |
+----------------------------------+----------+----------+
检查nova的endpoint
openstack endpoint list | grep nova
[root@controller ~]# openstack endpoint list | grep nova
| 1cf03146ee544acba6bec34001239104 | RegionOne | nova | compute | True | public | http://controller:8774/v2.1 |
| 5c8a70f3262849fbbcfc4556d1d69253 | RegionOne | nova | compute | True | admin | http://controller:8774/v2.1 |
| c9d717d5a33544e8aecae95b3add0f42 | RegionOne | nova | compute | True | internal | http://controller:8774/v2.1 |
创建placement用户,并赋予admin角色
`openstack user create --domain default --password-prompt placement`<br />返回:
[root@controller ~]# openstack user create --domain default --password-prompt placement
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 18232d8448304d1591a69fa936b9d7df |
| name | placement |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
接着:openstack role add --project service --user placement admin
创建placement服务,并创建其endpoint
placement服务是从P版本开始,解耦出来的Nova的API
openstack service create --name placement --description "Placement API" placement
openstack endpoint create --region RegionOne placement public http://controller:8778
openstack endpoint create --region RegionOne placement internal http://controller:8778
openstack endpoint create --region RegionOne placement admin http://controller:8778
[root@controller ~]# openstack service create --name placement --description "Placement API" placement
openstack endpoint create --region RegionOne placement admin http://controller:8778+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Placement API |
| enabled | True |
| id | ac98da1be794488390f4c2c5403bacc3 |
| name | placement |
| type | placement |
+-------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne placement public http://controller:8778
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | c8db5f43badf4931b6a3de2259e5eaf5 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | ac98da1be794488390f4c2c5403bacc3 |
| service_name | placement |
| service_type | placement |
| url | http://controller:8778 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne placement internal http://controller:8778
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 1832efdebedf4bbeb3e63651f85a82c0 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | ac98da1be794488390f4c2c5403bacc3 |
| service_name | placement |
| service_type | placement |
| url | http://controller:8778 |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne placement admin http://controller:8778
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | e174900f092645ac8d281e9288f2fd7b |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | ac98da1be794488390f4c2c5403bacc3 |
| service_name | placement |
| service_type | placement |
| url | http://controller:8778 |
+--------------+----------------------------------+
检查:
检查palcement云服务是否启动
openstack service list | grep placement
[root@controller ~]# openstack service list | grep placement
| ac98da1be794488390f4c2c5403bacc3 | placement | placement |
检查用户列表
openstack user list | egrep 'nova|placement'
[root@controller ~]# openstack user list | egrep 'nova|placement'
| 18232d8448304d1591a69fa936b9d7df | placement |
| 8052a8338b9740969d3dbacf484716ac | nova |
安装软件包:
openstack-nova-api
openstack-nova-conductor
openstack-nova-console
openstack-nova-novncproxy
openstack-nova-scheduler
openstack-nova-placement-api
yum install openstack-nova-api openstack-nova-conductor
`\` openstack-nova-console openstack-nova-novncproxy
`\` openstack-nova-scheduler openstack-nova-placement-api
修改/etc/nova/nova.conf配置文件:
vim /etc/nova.nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:openstack@controller (注意这里的密码填的是消息队列的密码)
my_ip = 192.168.100.10 (控制节点的IP)
use_neutron = True (是否开启网络服务,这个在之后我们会安装这个服务的)
firewall_driver = nova.virt.firewall.NoopFirewallDriver (防火墙插件)
[api]
auth_strategy = keystone
[api_database]
connection = mysql+pymysql://nova:000000@controller/nova_api
[database]
connection = mysql+pymysql://nova:000000@controller/nova
[glance]
api_servers = http://controller:9292
[keystone_authtoken]
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = 000000
[oslo_concurrency] 这只是一个插件,给py代码块提供锁的,浩哥说不重要,no care.
lock_path = /var/lib/nova/tmp
[placement]
os_region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = 000000
[vnc] (远程控制)
enabled = true
server_listen = $my_ip
server_proxyclient_address = $my_ip
检查配置是否保存:
cat /etc/nova/nova.conf | egrep -v '^$|^#'
[root@controller ~]# cat /etc/nova/nova.conf | egrep -v '^$|^#'
[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:openstack@controller
my_ip = 192.168.100.10
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api]
auth_strategy = keystone
[api_database]
connection = mysql+pymysql://nova:000000@controller/nova_api
[barbican]
[cache]
[cells]
[cinder]
[compute]
[conductor]
[console]
[consoleauth]
[cors]
[crypto]
[database]
connection = mysql+pymysql://nova:000000@controller/nova
[devices]
[ephemeral_storage_encryption]
[filter_scheduler]
[glance]
api_servers = http://controller:9292
[guestfs]
[healthcheck]
[hyperv]
[ironic]
[key_manager]
[keystone]
[keystone_authtoken]
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = 000000
[libvirt]
[matchmaker_redis]
[metrics]
[mks]
[neutron]
[notifications]
[osapi_v21]
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_messaging_zmq]
[oslo_middleware]
[oslo_policy]
[pci]
[placement]
os_region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = 000000
[quota]
[rdp]
[remote_debug]
[scheduler]
[serial_console]
[service_user]
[spice]
[upgrade_levels]
[vault]
[vendordata_dynamic_auth]
[vmware]
[vnc]
enabled = true
server_listen = $my_ip
server_proxyclient_address = $my_ip
[workarounds]
[wsgi]
[xenserver]
[xvp]
编辑/etc/httpd/conf.d/00-nova-placement-api.conf配置文件
Due to a packaging bug, you must enable access to the Placement API by adding the following configuration to /etc/httpd/conf.d/00-nova-placement-api.conf.
添加如下配置:添加,添加,添加vim /etc/httpd/conf.d/00-nova-placement-api.conf
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
重启httpd服务
检查状态
同步nova_api数据库
su -s /bin/sh -c "nova-manage api_db sync" nova
注册cell0数据库
su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
创建cell1单元格
su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
同步nova数据库
su -s /bin/sh -c "nova-manage db sync" nova
验证cell0和cell1
nova-manage cell_v2 list_cells
返回:
[root@controller ~]# nova-manage cell_v2 list_cells
+-------+--------------------------------------+------------------------------------+-------------------------------------------------+
| 名称 | UUID | Transport URL | 数据库连接 |
+-------+--------------------------------------+------------------------------------+-------------------------------------------------+
| cell0 | 00000000-0000-0000-0000-000000000000 | none:/ | mysql+pymysql://nova:****@controller/nova_cell0 |
| cell1 | 42e8ba2b-db2d-4d13-b404-31a3f5da7626 | rabbit://openstack:****@controller | mysql+pymysql://nova:****@controller/nova |
+-------+--------------------------------------+------------------------------------+-------------------------------------------------+
启动nova相关服务
`systemctl ``enable`` openstack-nova-api.service ``\`<br />` openstack-nova-consoleauth.service openstack-nova-scheduler.service ``\`<br />` openstack-nova-conductor.service openstack-nova-novncproxy.service`<br />`systemctl start openstack-nova-api.service ``\`<br />` openstack-nova-consoleauth.service openstack-nova-scheduler.service ``\`<br />` openstack-nova-conductor.service openstack-nova-novncproxy.service`
查看nova服务状态:
`systemctl status openstack-nova-api.service \`<br />` openstack-nova-consoleauth.service openstack-nova-scheduler.service \`<br />` openstack-nova-conductor.service openstack-nova-novncproxy.service`<br />返回:
[root@controller ~]# systemctl status openstack-nova-api.service \
> openstack-nova-consoleauth.service openstack-nova-scheduler.service \
> openstack-nova-conductor.service openstack-nova-novncproxy.service
● openstack-nova-api.service - OpenStack Nova API Server
Loaded: loaded (/usr/lib/systemd/system/openstack-nova-api.service; enabled; vendor preset: disabled)
Active: active (running) since 二 2020-05-19 00:49:00 CST; 245ms ago
Main PID: 7289 (nova-api)
CGroup: /system.slice/openstack-nova-api.service
├─7289 /usr/bin/python2 /usr/bin/nova-api
├─7357 /usr/bin/python2 /usr/bin/nova-api
├─7358 /usr/bin/python2 /usr/bin/nova-api
├─7361 /usr/bin/python2 /usr/bin/nova-api
└─7362 /usr/bin/python2 /usr/bin/nova-api
5月 19 00:48:44 controller systemd[1]: Starting OpenStack Nova API Server...
5月 19 00:49:00 controller systemd[1]: Started OpenStack Nova API Server.
● openstack-nova-consoleauth.service - OpenStack Nova VNC console auth Server
Loaded: loaded (/usr/lib/systemd/system/openstack-nova-consoleauth.service; enabled; vendor preset: disabled)
Active: active (running) since 二 2020-05-19 00:48:53 CST; 6s ago
Main PID: 7290 (nova-consoleaut)
CGroup: /system.slice/openstack-nova-consoleauth.service
└─7290 /usr/bin/python2 /usr/bin/nova-consoleauth
5月 19 00:48:44 controller systemd[1]: Starting OpenStack Nova VNC console auth Server...
5月 19 00:48:53 controller systemd[1]: Started OpenStack Nova VNC console auth Server.
● openstack-nova-scheduler.service - OpenStack Nova Scheduler Server
Loaded: loaded (/usr/lib/systemd/system/openstack-nova-scheduler.service; enabled; vendor preset: disabled)
Active: active (running) since 二 2020-05-19 00:48:55 CST; 4s ago
Main PID: 7291 (nova-scheduler)
CGroup: /system.slice/openstack-nova-scheduler.service
└─7291 /usr/bin/python2 /usr/bin/nova-scheduler
5月 19 00:48:44 controller systemd[1]: Starting OpenStack Nova Scheduler Server...
5月 19 00:48:55 controller systemd[1]: Started OpenStack Nova Scheduler Server.
● openstack-nova-conductor.service - OpenStack Nova Conductor Server
Loaded: loaded (/usr/lib/systemd/system/openstack-nova-conductor.service; enabled; vendor preset: disabled)
Active: active (running) since 二 2020-05-19 00:48:50 CST; 10s ago
Main PID: 7292 (nova-conductor)
CGroup: /system.slice/openstack-nova-conductor.service
├─7292 /usr/bin/python2 /usr/bin/nova-conductor
├─7346 /usr/bin/python2 /usr/bin/nova-conductor
└─7347 /usr/bin/python2 /usr/bin/nova-conductor
5月 19 00:48:44 controller systemd[1]: Starting OpenStack Nova Conductor Server...
5月 19 00:48:50 controller systemd[1]: Started OpenStack Nova Conductor Server.
● openstack-nova-novncproxy.service - OpenStack Nova NoVNC Proxy Server
Loaded: loaded (/usr/lib/systemd/system/openstack-nova-novncproxy.service; enabled; vendor preset: disabled)
Active: active (running) since 二 2020-05-19 00:48:44 CST; 16s ago
Main PID: 7293 (nova-novncproxy)
CGroup: /system.slice/openstack-nova-novncproxy.service
└─7293 /usr/bin/python2 /usr/bin/nova-novncproxy --web /usr/share/novnc/
【计算节点】
官方文档:https://docs.openstack.org/nova/queens/install/compute-install-rdo.html#install-and-configure-components
安装包:openstack-nova-compute
yum install openstack-nova-compute -y
编辑/etc/nova/nova.conf配置文件
vim /etc/nova/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:openstack@controller
my_ip = 192.168.100.20
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api]
auth_strategy = keystone
[glance]
api_servers = http://controller:9292
[keystone_authtoken]
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = 000000
[placement]
os_region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = 000000
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[vnc]
enabled = True
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://controller:6080/vnc_auto.html
[libvirt]
virt_type = qemu
$ egrep -c '(vmx|svm)' /proc/cpuinfo
返回0,不支持(通过这条命令能够看出底层硬件是否支持虚拟化技术)
If this command returns a value of one or greater
, your compute node supports hardware acceleration which typically requires no additional configuration.
If this command returns a value of zero
, your compute node does not support hardware acceleration and you must configure libvirt
to use QEMU instead of KVM.(这里建议不管支不支持,我们都要将libvirt配置加上)
手动打开虚拟机的虚拟化:
启动nova相关服务:
`systemctl start libvirtd.service openstack-nova-compute.service&&systemctl enable libvirtd.service openstack-nova-compute.service`
检查nova相关服务状态
systemctl status libvirtd.service openstack-nova-compute.service
检查nova关键组件
openstack compute service list
返回:
[root@controller ~]# openstack compute service list
+----+------------------+------------+----------+---------+-------+----------------------------+
| ID | Binary | Host | Zone | Status | State | Updated At |
+----+------------------+------------+----------+---------+-------+----------------------------+
| 1 | nova-scheduler | controller | internal | enabled | up | 2020-05-19T07:00:49.000000 |
| 2 | nova-consoleauth | controller | internal | enabled | up | 2020-05-19T07:00:51.000000 |
| 3 | nova-conductor | controller | internal | enabled | up | 2020-05-19T07:00:49.000000 |
| 6 | nova-compute | compute | nova | enabled | up | 2020-05-19T07:00:57.000000 |
+----+------------------+------------+----------+---------+-------+----------------------------+
其他验证操作:
[https://docs.openstack.org/nova/queens/install/verify.html](https://docs.openstack.org/nova/queens/install/verify.html)
Add the compute node to the cell database
检查compute节点服务列表
Source the admin credentials to enable admin-only CLI commands, then confirm there are compute hosts in the database.
openstack compute service list --service nova-compute
返回:
[root@controller ~]# openstack compute service list --service nova-compute
+----+--------------+---------+------+---------+-------+----------------------------+
| ID | Binary | Host | Zone | Status | State | Updated At |
+----+--------------+---------+------+---------+-------+----------------------------+
| 6 | nova-compute | compute | nova | enabled | up | 2020-05-19T06:46:06.000000 |
+----+--------------+---------+------+---------+-------+----------------------------+
发现后继创建节点
su -s /bin/sh -c
`"nova-manage cell_v2 discover_hosts --verbose"` nova
此外还可以设置定时查看有无新增节点
When you add new compute nodes, you must run nova-manage cell_v2 discover_hosts
on the controller node to register those new compute nodes. Alternatively, you can set an appropriate interval in /etc/nova/nova.conf
:
[scheduler]
discover_hosts_in_cells_interval = 300
<br />
此处评论已关闭