Nova
- 计算模块Nova
- Nova部署
- Placement组件部署
- 测试
- nova组件部署
计算模块Nova
Nova是负责提供计算资源的模块,也是OpenStack中的核心模块,其主要功能是负责虚拟机实例的生命周期管理、网络管理、存储卷管理、用户管理以及其他的相关云平台管理功能。OpenStack使用计算服务来托管和管理云计算系统。OpenStack计算服务是基础设施服务(IaaS)系统的主要组成部分,模块主要由Python实现。
OpenStack极端组件请求OpenStack identity服务进行验证,请求OpenStack image服务提供磁盘镜像,为OpenStack dashboard提供用户和管理接口。磁盘镜像访问限制在项目与用户上;配额以每个项目进行设定,例如,每个项目下可以创建多少实例。OpenStack组件可以在标准硬件上横向大规模扩展,并且下载磁盘镜像启动虚拟机实例。OpenStack计算服务的主要组件如下。
(1)nova-api服务
接收和响应来自终端用户的计算API请求,对外提供一个与云基础设施交互的接口,也是外部可用于管理基础设施的唯一组件。
(2)nova-api-metadata服务
接收来自虚拟机发送的元数据请求。nova-api-metadata服务一般在安装nova-network服务的多种主机模式下使用。
(3)nova-compute服务
一个持续工作的守护进程,通过hypervisor对的API来创建和销毁虚拟机实例。
(4)nova-placement-api服务
nova-placement-api用于追踪记录资源提供者和资源使用情况,这些资源包括计算、存储以及IP地址池等。
(5)nova-conductor模块
nova-conductor模块作用于nova-compute服务与数据之间,避免了由nova-compute服务对云数据的直接访问。它可以横向扩展。但是,不要将它部署在运行nova-compute服务的主节点上。
(6)nova-scheduler服务
主要从消息队列截取创建实例请求,根据配置从计算节点群集中选取最优节点,并将请求转发到该节点,最终将虚拟机运行在该节点上。
nova-scheduler负责nova主机选择、提供决策功能
计算模块装在计算节点和控制节点上
Nova部署
Placement组件部署
创建数据库实例和数据库用户
[root@ct ~]# mysql -uroot -p
MariaDB [(none)]> CREATE DATABASE placement;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' IDENTIFIED BY 'PLACEMENT_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' IDENTIFIED BY 'PLACEMENT_DBPASS';
MariaDB [(none)]> flush privileges;
MariaDB [(none)]> exit;创建placement用户
[root@ct ~]# openstack user create --domain default --password PLACEMENT_PASS placement
# 给与placement用户对service项目拥有admin权限
[root@ct ~]# openstack role add --project service --user placement admin
# 创建一个placement服务,服务类型为placement
[root@ct ~]# openstack service create --name placement --description "Placement API" placement
# 注册API端口到placement的service中;注册的信息会写入到mysql中
[root@ct ~]# openstack endpoint create --region RegionOne placement public http://ct:8778
[root@ct ~]# openstack endpoint create --region RegionOne placement internal http://ct:8778
[root@ct~]# openstack endpoint create --region RegionOne placement admin http://ct:8778
# 安装placement服务
[root@controller ~]# yum -y install openstack-placement-api
# 修改placement配置文件
[root@ct ~]# cat /etc/placement/placement.conf
[DEFAULT]
[api]
auth_strategy = keystone
[cors]
[keystone_authtoken]
auth_url = http://ct:5000/v3
memcached_servers = ct:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = placement
password = PLACEMENT_PASS
[oslo_policy]
[placement]
[placement_database]
connection = mysql+pymysql://placement:PLACEMENT_DBPASS@ct/placement
[profiler]
# 导入数据库
su -s /bin/sh -c "placement-manage db sync" placement
# 修改Apache配置文件: 00-placemenct-api.conf(安装完placement服务后会自动创建该文件-虚拟主机配置 )
[root@ct ~]# vi /etc/httpd/conf.d/00-placement-api.conf
Listen 8778
<VirtualHost *:8778>
WSGIProcessGroup placement-api
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
WSGIDaemonProcess placement-api processes=3 threads=1 user=placement group=placement
WSGIScriptAlias / /usr/bin/placement-api
<IfVersion >= 2.4>
ErrorLogFormat "%M"
</IfVersion>
ErrorLog /var/log/placement/placement-api.log
#SSLEngine On
#SSLCertificateFile ...
#SSLCertificateKeyFile ...
</VirtualHost>
Alias /placement-api /usr/bin/placement-api
<Location /placement-api>
SetHandler wsgi-script
Options +ExecCGI
WSGIProcessGroup placement-api
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
</Location>
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
# 重新启动apache
[root@ct placement]# systemctl restart httpd测试
#curl测试访问
[root@ct ~]# curl ct:8778
{"versions": [{"status": "CURRENT", "min_version": "1.0", "max_version": "1.36", "id": "v1.0", "links": [{"href": "", "rel": "self"}]}]}
#检测端口
[root@ct ~]# netstat -natp | grep 8778
tcp6 0 0 :::8778 :::* LISTEN 5081/httpd
tcp6 0 0 192.168.100.10:8778 192.168.100.11:35278 TIME_WAIT -
tcp6 0 0 192.168.100.10:8778 192.168.100.11:35280 FIN_WAIT2 -
tcp6 0 0 192.168.100.10:8778 192.168.100.12:52632 FIN_WAIT2 -
tcp6 0 0 192.168.100.10:8778 192.168.100.12:52630 TIME_WAIT -
# 检查placement状态
[root@ct ~]# placement-status upgrade check
+----------------------------------+
| Upgrade Check Results |
+----------------------------------+
| Check: Missing Root Provider IDs |
| Result: Success |
| Details: None |
+----------------------------------+
| Check: Incomplete Consumers |
| Result: Success |
| Details: None |
+----------------------------------+nova组件部署
nova组件部署位置
- 控制节点ct
nova-api(nova主服务)
nova-scheduler(nova调度服务)
nova-conductor(nova数据库服务,提供数据库访问)
nova-novncproxy(nova的vnc服务,提供实例的控制台) - 计算节点c1、c2
nova-compute(nova计算服务)
创建nova数据库,并执行授权操作
[root@ct ~]# mysql -uroot -p
MariaDB [(none)]> CREATE DATABASE nova_api;
MariaDB [(none)]> CREATE DATABASE nova;
MariaDB [(none)]> CREATE DATABASE nova_cell0;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';
MariaDB [(none)]> flush privileges;
MariaDB [(none)]> exit管理Nova用户及服务
#创建nova用户
[root@ct ~]# openstack user create --domain default --password NOVA_PASS nova
#把nova用户添加到service项目,拥有admin权限
[root@ct ~]# openstack role add --project service --user nova admin
#创建nova服务
[root@ct ~]# openstack service create --name nova --description "OpenStack Compute" compute
#给Nova服务关联endpoint(端点)
[root@ct ~]# openstack endpoint create --region RegionOne compute public http://ct:8774/v2.1
[root@ct ~]# openstack endpoint create --region RegionOne compute internal http://ct:8774/v2.1
[root@ct ~]# openstack endpoint create --region RegionOne compute admin http://ct:8774/v2.1
#安装nova组件(nova-api、nova-conductor、nova-novncproxy、nova-scheduler)
[root@ct ~]# yum -y install openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler修改nova配置文件(nova.conf)
[root@ct ~]# cat /etc/nova/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata
my_ip = 192.168.100.10
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver
transport_url = rabbit://openstack:RABBIT_PASS@ct
[api]
auth_strategy = keystone
[api_database]
connection = mysql+pymysql://nova:NOVA_DBPASS@ct/nova_api
[barbican]
[cache]
[cinder]
[compute]
[conductor]
[console]
[consoleauth]
[cors]
[database]
connection = mysql+pymysql://nova:NOVA_DBPASS@ct/nova
[devices]
[ephemeral_storage_encryption]
[filter_scheduler]
[glance]
api_servers = http://ct:9292
[guestfs]
[healthcheck]
[hyperv]
[ironic]
[key_manager]
[keystone]
[keystone_authtoken]
auth_url = http://ct:5000/v3
memcached_servers = ct:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = NOVA_PASS
[libvirt]
[metrics]
[mks]
[neutron]
[notifications]
[osapi_v21]
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[pci]
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://ct:5000/v3
username = placement
password = PLACEMENT_PASS
[powervm]
[privsep]
[profiler]
[quota]
[rdp]
[remote_debug]
[scheduler]
discover hosts in cells interval = 300
[serial_console]
[service_user]
[spice]
[upgrade_levels]
[vault]
[vendordata_dynamic_auth]
[vmware]
[vnc]
enabled = true
server_listen = $my_ip
server_proxyclient_address = $my_ip
[workarounds]
[wsgi]
[xenserver]
[xvp]
[zvm]
[placement_database]
connection = mysql+pymysql://placement:PLACEMENT_DBPASS@ct/placement初始化数据库
初始化nova_api数据库
[root@ct ~]# su -s /bin/sh -c "nova-manage api_db sync" nova
# 注册cell0数据库;nova服务内部把资源划分到不同的cell中,把计算节点划分到不同的cell中;openstack内部基于cell把计算节点进行逻辑上的分组
[root@ct ~]# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
#创建cell1单元格;
[root@ct ~]# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
#初始化nova数据库;可以通过 /var/log/nova/nova-manage.log 日志判断是否初始化成功
[root@ct ~]# su -s /bin/sh -c "nova-manage db sync" nova
#可使用以下命令验证cell0和cell1是否注册成功
su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova #验证cell0和cell1组件是否注册成功启动Nova服务
[root@ct ~]# systemctl enable openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
[root@ct ~]# systemctl start openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service检查nova服务端口
[root@ct ~]# netstat -tnlup|egrep '8774|8775'
[root@ct ~]# curl http://ct:8774计算节点配置Nova服务
这里以C1为例,C1与C2配置,除了IP地址,其余都相同
#安装nova-compute组件
yum -y install openstack-nova-compute
#修改配置文件 nova.conf
[root@c1 ~]# vi /etc/nova/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:RABBIT_PASS@ct
my_ip = 192.168.100.11 # 本机IP
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api]
auth_strategy = keystone
[api_database]
[barbican]
[cache]
[cinder]
[compute]
[conductor]
[console]
[consoleauth]
[cors]
[database]
[devices]
[ephemeral_storage_encryption]
[filter_scheduler]
[glance]
api_servers = http://ct:9292
[guestfs]
[healthcheck]
[hyperv]
[ironic]
[key_manager]
[keystone]
[keystone_authtoken]
auth_url = http://ct:5000/v3
memcached_servers = ct:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = NOVA_PASS
[libvirt]
virt_type = qemu
[metrics]
[mks]
[neutron]
[notifications]
[osapi_v21]
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[pci]
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://ct:5000/v3
username = placement
password = PLACEMENT_PASS
[powervm]
[privsep]
[profiler]
[quota]
[rdp]
[remote_debug]
[scheduler]
[serial_console]
[service_user]
[spice]
[upgrade_levels]
[vault]
[vendordata_dynamic_auth]
[vmware]
[vnc]
enabled = true
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://192.168.100.10:6080/vnc_auto.html #控制端IP
[workarounds]
[wsgi]
[xenserver]
[xvp]
[zvm]控制端操作
查看compute节点是否注册到controller上,通过消息队列;需要在controller节点执行
[root@ct ~]# openstack compute service list --service nova-compute
+----+--------------+------+------+---------+-------+----------------------------+
| ID | Binary | Host | Zone | Status | State | Updated At |
+----+--------------+------+------+---------+-------+----------------------------+
| 9 | nova-compute | c1 | nova | enabled | up | 2021-01-04T09:25:07.000000 |
| 10 | nova-compute | c2 | nova | enabled | up | 2021-01-04T09:25:09.000000 |
+----+--------------+------+------+---------+-------+----------------------------+扫描当前openstack中有哪些计算节点可用,发现后会把计算节点创建到cell中,后面就可以在cell中创建虚拟机;相当于openstack内部对计算节点进行分组,把计算节点分配到不同的cell中
[root@ct ~]# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova默认每次添加个计算节点,在控制端就需要执行一次扫描,这样会很麻烦,所以可以修改控制端nova的主配置文件:
[root@ct ~]# vim /etc/nova/nova.conf
[scheduler]
discover_hosts_in_cells_interval = 300 #每300秒扫描一次
[root@ct ~]# systemctl restart openstack-nova-api.service验证计算节点服务
#检查 nova 的各个服务是否都是正常,以及 compute 服务是否注册成功
[root@ct ~]# openstack compute service list
#查看各个组件的 api 是否正常
[root@ct ~]# openstack compute service list
+----+----------------+------+----------+---------+-------+----------------------------+
| ID | Binary | Host | Zone | Status | State | Updated At |
+----+----------------+------+----------+---------+-------+----------------------------+
| 1 | nova-conductor | ct | internal | enabled | up | 2021-01-04T10:58:38.000000 |
| 6 | nova-scheduler | ct | internal | enabled | up | 2021-01-04T10:58:39.000000 |
| 9 | nova-compute | c1 | nova | enabled | up | 2021-01-04T10:58:37.000000 |
| 10 | nova-compute | c2 | nova | enabled | up | 2021-01-04T10:58:39.000000 |
+----+----------------+------+----------+---------+-------+----------------------------+
#查看是否能够拿到镜像
[root@ct ~]# openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| b0710ef0-2512-4a92-88ea-9ed00321fea4 | cirros | active |
+--------------------------------------+--------+--------+
#查看cell的api和placement的api是否正常,只要其中一个有误,后期无法创建虚拟机
[root@ct ~]# nova-status upgrade check
+--------------------------------+
| Upgrade Check Results |
+--------------------------------+
| Check: Cells v2 |
| Result: Success |
| Details: None |
+--------------------------------+
| Check: Placement API |
| Result: Success |
| Details: None |
+--------------------------------+
| Check: Ironic Flavor Migration |
| Result: Success |
| Details: None |
+--------------------------------+
| Check: Cinder API |
| Result: Success |
| Details: None |
+--------------------------------+
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
