Shulou(Shulou.com)05/31 Report--

This article mainly introduces the oVirt virtualization platform how to dock cinder-ceph, has a certain reference value, interested friends can refer to, I hope you can learn a lot after reading this article, the following let the editor take you to understand it.

Description:

1. Cinder configuration is configured according to the official openstack documentation.

two。 Deploy the cinder-api cinder-scheduler cinder-volumes service on one node.

3. When oVirt calls cinder, you should pay attention to the keystone version and details.

# # basic openstack Environment # #

1. Install the openstack package

1.1 enable the OpenStack library

# yum install centos-release-openstack-mitaka

1.2 upgrade package

# yum upgrade

1.3 install the OpenStack client

# yum install python-openstackclient

# yum install openstack-selinux

two。 Install mariadb

2.1 install the package

# yum install mariadb mariadb-server python2-PyMySQL

2.2 modify configuration

Vim / etc/my.cnf.d/openstack.cnf

[mysqld]

Bind-address = 192.168.0.230

Default-storage-engine = innodb

Innodb_file_per_table

Max_connections = 4096

Collation-server = utf8_general_ci

Character-set-server = utf8

# systemctl enable mariadb.service

# systemctl start mariadb.service

2.3 set the root password

# mysql_secure_installation

3. Message queue

3.1 installation package

# yum install rabbitmq-server

3.2 start the message queuing service and configure it to start with the system

# systemctl enable rabbitmq-server.service

# systemctl start rabbitmq-server.service

Add openstack users

# rabbitmqctl add_user openstack pass1234

# rabbitmqctl set_permissions openstack ". *"

4. Install memcached

4.1 installation package

# yum install memcached python-memcached

(other dependencies on libevent may be required)

4.2 set Boot Boot

# systemctl enable memcached.service

# systemctl start memcached.service

# the above are the basic openstack environment requirements #

# openstack authentication service environment # #

1. Installation and configuration

1.1 create a keystone database

# mysql-u root-p

# CREATE DATABASE keystone

1.2 Database authorization

# GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost'\

IDENTIFIED BY 'KEYSTONE_DBPASS'

GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%'\

IDENTIFIED BY 'KEYSTONE_DBPASS'

1.3 generate a random value as the administrator's token in the initial configuration

# openssl rand-hex 10

1cc14ab18f01e6e33a2a

1.4 install keystone related packages

# yum install openstack-keystone httpd mod_wsgi

1.5 modify keystone configuration

Vim / etc/keystone/keystone.conf

[DEFAULT]

Admin_token = 1cc14ab18f01e6e33a2a

[database]

Connection = mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone

[token]

Provider = fernet

1.6 initialize the database for the authentication service

# su-s / bin/sh-c "keystone-manage db_sync" keystone

1.7 initialize Fernet keys

# keystone-manage fernet_setup-- keystone-user keystone--keystone-group keystone

1.8 configure Apache HTTP server

# vim / etc/httpd/conf/httpd.conf

ServerName controller

1.9 create wsgi-keystone.conf

# vim / etc/httpd/conf.d/wsgi-keystone.conf

Listen 5000

Listen 35357

WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=% {GROUP}

WSGIProcessGroup keystone-public

WSGIScriptAlias / / usr/bin/keystone-wsgi-public

WSGIApplicationGroup% {GLOBAL}

WSGIPassAuthorization On

ErrorLogFormat "{cu} t M"

ErrorLog / var/log/httpd/keystone-error.log

CustomLog / var/log/httpd/keystone-access.log combined

Require all granted

WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=% {GROUP}

WSGIProcessGroup keystone-admin

WSGIScriptAlias / / usr/bin/keystone-wsgi-admin

WSGIApplicationGroup% {GLOBAL}

WSGIPassAuthorization On

ErrorLogFormat "{cu} t M"

ErrorLog / var/log/httpd/keystone-error.log

CustomLog / var/log/httpd/keystone-access.log combined

Require all granted

1.10 turn off selinux

# setenforce 0

1.11Configuring hosts

# vim / etc/hosts

192.168.0.230 controller

1.11 start the apache service

# systemctl enable httpd.service

# systemctl start httpd.service

2 create service entities and API endpoints

2.1 configure environment variables

# export OS_TOKEN=1cc14ab18f01e6e33a2a

# export OS_URL= http://controller:35357/v3

# export OS_IDENTITY_API_VERSION=3

2.2 create service entities and API endpoints

2.2.1 create service entities and authentication services:

# openstack service create\

-name keystone-description "OpenStack Identity" identity

2.2.2 create an API endpoint for the authentication service

# openstack endpoint create-- region RegionOne\

Identity public http://controller:5000/v3

# openstack endpoint create-- region RegionOne\

Identity internal http://controller:5000/v3

# openstack endpoint create-- region RegionOne\

Identity admin http://controller:35357/v3

3 create domains, projects, users, and roles

3.1 create domain ``default``:

# openstack domain create-- description "Default Domain" default

3.2 create managed projects, users, and roles

# openstack project create-- domain default\

Description "Admin Project" admin

# openstack user create-- domain default\

-- password-prompt admin

# openstack role create admin

# openstack role add-project admin-user admin admin

4. Verification operation

4.1 for security reasons, turn off the temporary authentication token mechanism:

Edit the / etc/keystone/keystone-paste.ini file and delete ``admin_token_auth from ``[pipeline:public_api]``, [pipeline:admin_api] ``and`` [pipeline:api_v3] ``.

Reset the ``OS_ token`` and ``OS_ URL`` environment variables:

# unset OS_TOKEN OS_URL

As an admin user, request an authentication token:

# openstack-- os-auth-url http://controller:35357/v3\

-- os-project-domain-name default-- os-user-domain-name default\

-os-project-name admin-os-username admin token issue

5 create OpenStack client environment script

# vim admin-openrc

Export OS_PROJECT_DOMAIN_NAME=default

Export OS_USER_DOMAIN_NAME=default

Export OS_PROJECT_NAME=admin

Export OS_USERNAME=admin

Export OS_PASSWORD=ADMIN_PASS

Export OS_AUTH_URL= http://controller:35357/v3

Export OS_IDENTITY_API_VERSION=3

Export OS_IMAGE_API_VERSION=2

Verify:

#. Admin-openrc

# openstack token issue

# # openstack Block Storage Service configuration #

1 openstack Block Storage Service configuration

1.1 create a cinder database

# mysql-u root-p

> CREATE DATABASE cinder

1.2 Database authorization

# GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost'\

IDENTIFIED BY 'CINDER_DBPASS'

GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%'\

IDENTIFIED BY 'CINDER_DBPASS'

1.3 obtain admin credentials to gain access to commands that only administrators can execute

#. Admin-openrc

To create a service certificate, complete these steps

1.4 create cinder users

# openstack user create-domain default-password-prompt cinder

# openstack role add-project admin-user cinder admin

1.5 create cinder and cinderv2 service entities:

# openstack service create-- name cinder\

Description "OpenStack Block Storage" volume

# openstack service create-- name cinderv2\

Description "OpenStack Block Storage" volumev2

1.6 create Block Storage api Portal

# openstack endpoint create-- region RegionOne\

Volume public http://controller:8776/v1/%\(tenant_id\)s

# openstack endpoint create-- region RegionOne\

Volume internal http://controller:8776/v1/%\(tenant_id\)s

# openstack endpoint create-- region RegionOne\

Volume admin http://controller:8776/v1/%\(tenant_id\)s

# openstack endpoint create-- region RegionOne\

Volumev2 public http://controller:8776/v2/%\(tenant_id\)s

# openstack endpoint create-- region RegionOne\

Volumev2 internal http://controller:8776/v2/%\(tenant_id\)s

# openstack endpoint create-- region RegionOne\

Volumev2 admin http://controller:8776/v2/%\(tenant_id\)s

1.7 cinder install and configure components

1.7.1 installation package

# yum install openstack-cinder

1.7.2 set up cinder.conf

# vim / etc/cinder/cinder.conf

[database]

Connection = mysql+pymysql://cinder:CINDER_DBPASS@controller/cinder

[DEFAULT]

Rpc_backend = rabbit

Auth_strategy = keystone

My_ip = 10.0.0.11

[oslo_messaging_rabbit]

Rabbit_host = controller

Rabbit_userid = openstack

Rabbit_password = RABBIT_PASS

[keystone_authtoken]

Auth_uri = http://controller:5000

Auth_url = http://controller:35357

Memcached_servers = controller:11211

Auth_type = password

Project_domain_name = default

User_domain_name = default

Project_name = admin

Username = cinder

Password = CINDER_PASS

[oslo_concurrency]

Lock_path = / var/lib/cinder/tmp

Note: replace CINDER_PASS with the password you selected for cinder users in the authentication service.

In the [DEFAULT section, configure ``my_ ip`` to use the IP address of the management interface of the control node.

1.7.3 initialize the database for block device services

# su-s / bin/sh-c "cinder-manage db sync" cinder

1.7.4 start the cinder service

# systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service

# systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service

1.7.8 configure hosts

# vim / etc/hosts

192.168.0.230 controller

# configure ceph storage backend # #

1.1 create pools

# ceph osd pool create volumes 128

# ceph osd pool create images 128

# ceph osd pool create backups 128

# ceph osd pool create vms 128

1.2 install the CEO package

# yum install ceph-common

~ if this node does not have ceph configuration, copy ceph.conf~

1.3Create cephx users

# ceph auth get-or-create client.cinder mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=volumes, allow rwx pool=vms, allow rwx pool=images'

1.4 create a local configuration

# ceph auth get-or-create client.cinder | sudo tee / etc/ceph/ceph.client.cinder.keyring

# ceph auth get-key client.cinder | tee client.cinder.key

1.5 create secret-key (required for compute node ovirt)

# uuidgen

457eb676-33da-42ec-9a8c-9293d545c337

# cat > secret.xml

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.