Openstack Zed-Nova部署实现

OS:UbuntuServer 22.04 Mini

设备配置:8G 4core 60GB

一:注册Nova信息至Keystone

root@srv1:~(keystone)# openstack user create –domain default –project service –password servicepassword nova+———————+———————————-+| Field | Value|+———————+———————————-+| default_project_id| 4fabd4d8316c40a398d6496c0a733caf || domain_id | default|| enabled | True || id| 92707fe2584546299370285c69a26414 || name| nova || options | {} || password_expires_at | None |+———————+———————————-+root@srv1:~(keystone)# openstack role add –project service –user nova adminroot@srv1:~(keystone)# openstack role assignment list –name+——-+—————-+——-+—————–+——–+——–+———–+| Role| User | Group | Project | Domain | System | Inherited |+——-+—————-+——-+—————–+——–+——–+———–+| admin | glance@Default | | service@Default ||| False || admin | nova@Default | | service@Default ||| False || admin | admin@Default| | admin@Default ||| False || admin | admin@Default| | || all| False |+——-+—————-+——-+—————–+——–+——–+———–+root@srv1:~(keystone)# openstack user create –domain default –project service –password servicepassword placement+———————+———————————-+| Field | Value|+———————+———————————-+| default_project_id| 4fabd4d8316c40a398d6496c0a733caf || domain_id | default|| enabled | True || id| 1b504f4b36334ff09c4e8934c057cff6 || name| placement|| options | {} || password_expires_at | None |+———————+———————————-+root@srv1:~(keystone)# openstack role add –project service –user placement adminroot@srv1:~(keystone)# openstack role assignment list –name+——-+——————-+——-+—————–+——–+——–+———–+| Role| User| Group | Project | Domain | System | Inherited |+——-+——————-+——-+—————–+——–+——–+———–+| admin | placement@Default | | service@Default ||| False || admin | glance@Default| | service@Default ||| False || admin | nova@Default| | service@Default ||| False || admin | admin@Default | | admin@Default ||| False || admin | admin@Default | | || all| False |+——-+——————-+——-+—————–+——–+——–+———–+root@srv1:~(keystone)# openstack service create –name nova –description “OpenStack Compute service” compute+————-+———————————-+| Field | Value|+————-+———————————-+| description | OpenStack Compute service|| enabled | True || id| 39236cf903c340d682dcbe14cb28f719 || name| nova || type| compute|+————-+———————————-+root@srv1:~(keystone)# openstack service create –name placement –description “OpenStack Compute Placement service” placement+————-+————————————-+| Field | Value |+————-+————————————-+| description | OpenStack Compute Placement service || enabled | True|| id| 061751d2d3a54739a536137f2fe4d68c|| name| placement || type| placement |+————-+————————————-+root@srv1:~(keystone)# openstack endpoint create –region RegionOne compute public https://srv1.1000y.cloud:8774/v2.1/%(tenant_id)s+————–+————————————————–+| Field| Value|+————–+————————————————–+| enabled| True || id | 0ce2730111d24cb49f40e82bd0cfaecb || interface| public || region | RegionOne|| region_id| RegionOne|| service_id | 39236cf903c340d682dcbe14cb28f719 || service_name | nova || service_type | compute|| url| https://srv1.1000y.cloud:8774/v2.1/%(tenant_id)s |+————–+————————————————–+root@srv1:~(keystone)# openstack endpoint create –region RegionOne compute internal https://srv1.1000y.cloud:8774/v2.1/%(tenant_id)s+————–+————————————————–+| Field| Value|+————–+————————————————–+| enabled| True || id | dddd0a2c6c024b2d8b4a286a4923f3f8 || interface| internal || region | RegionOne|| region_id| RegionOne|| service_id | 39236cf903c340d682dcbe14cb28f719 || service_name | nova || service_type | compute|| url| https://srv1.1000y.cloud:8774/v2.1/%(tenant_id)s |+————–+————————————————–+root@srv1:~(keystone)# openstack endpoint create –region RegionOne compute admin https://srv1.1000y.cloud:8774/v2.1/%(tenant_id)s+————–+————————————————–+| Field| Value|+————–+————————————————–+| enabled| True || id | b18e6c6f465a481790adb17d4f4b04aa || interface| admin|| region | RegionOne|| region_id| RegionOne|| service_id | 39236cf903c340d682dcbe14cb28f719 || service_name | nova || service_type | compute|| url| https://srv1.1000y.cloud:8774/v2.1/%(tenant_id)s |+————–+————————————————–+root@srv1:~(keystone)# openstack endpoint create –region RegionOne placement public https://srv1.1000y.cloud:8778+————–+———————————-+| Field| Value|+————–+———————————-+| enabled| True || id | 94f05c1457b245c38e2c325564b723d5 || interface| public || region | RegionOne|| region_id| RegionOne|| service_id | 061751d2d3a54739a536137f2fe4d68c || service_name | placement|| service_type | placement|| url| https://srv1.1000y.cloud:8778|+————–+———————————-+root@srv1:~(keystone)# openstack endpoint create –region RegionOne placement internal https://srv1.1000y.cloud:8778+————–+———————————-+| Field| Value|+————–+———————————-+| enabled| True || id | f9c80672a4c94a9bbd8c2f57dc69123e || interface| internal || region | RegionOne|| region_id| RegionOne|| service_id | 061751d2d3a54739a536137f2fe4d68c || service_name | placement|| service_type | placement|| url| https://srv1.1000y.cloud:8778|+————–+———————————-+root@srv1:~(keystone)# openstack endpoint create –region RegionOne placement admin https://srv1.1000y.cloud:8778+————–+———————————-+| Field| Value|+————–+———————————-+| enabled| True || id | 917f4685af3d4f28a6b59aadeef48e08 || interface| admin|| region | RegionOne|| region_id| RegionOne|| service_id | 061751d2d3a54739a536137f2fe4d68c || service_name | placement|| service_type | placement|| url| https://srv1.1000y.cloud:8778|+————–+———————————-+root@srv1 ~(keystone)# openstack catalog show nova+———–+———————————————————————————+| Field | Value |+———–+———————————————————————————+| endpoints | RegionOne || | public: https://srv1.1000y.cloud:8774/v2.1/994a4a3e0fbc4f5891f38470e158e6b4 || | RegionOne || | admin: https://srv1.1000y.cloud:8774/v2.1/994a4a3e0fbc4f5891f38470e158e6b4|| | RegionOne || | internal: https://srv1.1000y.cloud:8774/v2.1/994a4a3e0fbc4f5891f38470e158e6b4 || | || id| 39236cf903c340d682dcbe14cb28f719|| name| nova|| type| compute |+———–+———————————————————————————+root@srv1 ~(keystone)# openstack catalog show placement+———–+——————————————-+| Field | Value |+———–+——————————————-+| endpoints | RegionOne || | admin: https://srv1.1000y.cloud:8778|| | RegionOne || | public: https://srv1.1000y.cloud:8778 || | RegionOne || | internal: https://srv1.1000y.cloud:8778 || | || id| 061751d2d3a54739a536137f2fe4d68c|| name| placement || type| placement |+———–+——————————————-+

二:创建Nova数据库

root@srv1:~(keystone)# mysql -u root -pEnter password:Welcome to the MariaDB monitor.Commands end with ; or g.Your MariaDB connection id is 43Server version: 10.6.7-MariaDB-2ubuntu1.1 Ubuntu 22.04Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.Type ‘help;’ or ‘h’ for help. Type ‘c’ to clear the current input statement.MariaDB [(none)]> create database nova;Query OK, 1 row affected (0.001 sec)MariaDB [(none)]> grant all privileges on nova.* to nova@’localhost’ identified by ‘password’;Query OK, 0 rows affected (0.023 sec)MariaDB [(none)]> grant all privileges on nova.* to nova@’%’ identified by ‘password’;Query OK, 0 rows affected (0.015 sec)MariaDB [(none)]> create database nova_api;Query OK, 1 row affected (0.001 sec)MariaDB [(none)]> grant all privileges on nova_api.* to nova@’localhost’ identified by ‘password’;Query OK, 0 rows affected (0.023 sec)MariaDB [(none)]> grant all privileges on nova_api.* to nova@’%’ identified by ‘password’;Query OK, 0 rows affected (0.021 sec)MariaDB [(none)]> create database nova_cell0;Query OK, 1 row affected (0.000 sec)MariaDB [(none)]> grant all privileges on nova_cell0.* to nova@’localhost’ identified by ‘password’;Query OK, 0 rows affected (0.019 sec)MariaDB [(none)]> grant all privileges on nova_cell0.* to nova@’%’ identified by ‘password’;Query OK, 0 rows affected (0.019 sec)MariaDB [(none)]> create database placement;Query OK, 1 row affected (0.001 sec)MariaDB [(none)]> grant all privileges on placement.* to placement@’localhost’ identified by ‘password’;Query OK, 0 rows affected (0.015 sec)MariaDB [(none)]> grant all privileges on placement.* to placement@’%’ identified by ‘password’;Query OK, 0 rows affected (0.021 sec)MariaDB [(none)]> flush privileges;Query OK, 0 rows affected (0.002 sec)MariaDB [(none)]> exitByeroot@srv1:~(keystone)#

三:安装及配置Nova

1) 安装Novaroot@srv1:~(keystone)# apt install nova-api nova-conductor nova-scheduler nova-novncproxy placement-api python3-novaclient -y2) 配置Novaroot@srv1:~(keystone)# mv /etc/nova/nova.conf /etc/nova/nova.conf.bakroot@srv1:~(keystone)# vim /etc/nova/nova.conf[DEFAULT]osapi_compute_listen = 127.0.0.1osapi_compute_listen_port = 8774metadata_listen = 127.0.0.1metadata_listen_port = 8775state_path = /var/lib/novaenabled_apis = osapi_compute,metadatalog_dir = /var/log/nova# 设定RabbitMQtransport_url = rabbit://openstack:password@srv1.1000y.cloud[api]auth_strategy = keystone[vnc]enabled = Truenovncproxy_host = 127.0.0.1novncproxy_port = 6080novncproxy_base_url = https://srv1.1000y.cloud:6080/vnc_auto.html# 配置Glance信息[glance]api_servers = https://srv1.1000y.cloud:9292# 自签名证书值为true,其他为falseinsecure = true[oslo_concurrency]lock_path = $state_path/tmp# 配置链接数据库的信息[api_database]connection = mysql+pymysql://nova:password@srv1.1000y.cloud/nova_api[database]connection = mysql+pymysql://nova:password@srv1.1000y.cloud/nova# 配置Keystone验证信息[keystone_authtoken]www_authenticate_uri = https://srv1.1000y.cloud:5000auth_url = https://srv1.1000y.cloud:5000memcached_servers = srv1.1000y.cloud:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = novapassword = servicepassword# 如果为自签名证书，值为Trueinsecure = true[placement]auth_url = https://srv1.1000y.cloud:5000os_region_name = RegionOneauth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = placementpassword = servicepassword# 如果为自签名证书，值为Trueinsecure = true[wsgi]api_paste_config = /etc/nova/api-paste.iniroot@srv1:~(keystone)# chmod 640 /etc/nova/nova.confroot@srv1:~(keystone)# chgrp nova /etc/nova/nova.conf3) 配置placementroot@srv1:~(keystone)# mv /etc/placement/placement.conf /etc/placement/placement.conf.bakroot@srv1:~(keystone)# vim /etc/placement/placement.conf[DEFAULT]debug = false[api]auth_strategy = keystone[keystone_authtoken]www_authenticate_uri = https://srv1.1000y.cloud:5000auth_url = https://srv1.1000y.cloud:5000memcached_servers = srv1.1000y.cloud:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = placementpassword = servicepassword# 自签名证书值为true,其他为falseinsecure = true[placement_database]connection = mysql+pymysql://placement:password@srv1.1000y.cloud/placementroot@srv1:~(keystone)# vim /etc/apache2/sites-enabled/placement-api.conf# 修改第1行Listen 127.0.0.1:8778………………………………root@srv1:~(keystone)# chmod 640 /etc/placement/placement.confroot@srv1:~(keystone)# chgrp placement /etc/placement/placement.conf4) 配置Nginx Proxyroot@srv1:~(keystone)# vim /etc/nginx/nginx.conf………………………………stream {upstream glance-api {server 127.0.0.1:9292;}server {listen srv1.1000y.cloud:9292 ssl;proxy_pass glance-api;}upstream nova-api {server 127.0.0.1:8774;}server {listen srv1.1000y.cloud:8774 ssl;proxy_pass nova-api;}upstream nova-metadata-api {server 127.0.0.1:8775;}server {listen srv1.1000y.cloud:8775 ssl;proxy_pass nova-metadata-api;}upstream placement-api {server 127.0.0.1:8778;}server {listen srv1.1000y.cloud:8778 ssl;proxy_pass placement-api;}upstream novncproxy {server 127.0.0.1:6080;}server {listen srv1.1000y.cloud:6080 ssl;proxy_pass novncproxy;}ssl_certificate “/etc/ssl/private/zed.crt”;ssl_certificate_key “/etc/ssl/private/zed.key”;}

四:同步Nova数据库并启动其服务

root@srv1:~(keystone)# su -s /bin/bash placement -c “placement-manage db sync”root@srv1:~(keystone)# su -s /bin/bash nova -c “nova-manage api_db sync”root@srv1:~(keystone)# su -s /bin/bash nova -c “nova-manage cell_v2 map_cell0″root@srv1:~(keystone)# su -s /bin/bash nova -c “nova-manage db sync”root@srv1:~(keystone)# su -s /bin/bash nova -c “nova-manage cell_v2 create_cell –name cell1″root@srv1:~(keystone)# systemctl restart nova-api nova-conductor nova-scheduler nova-novncproxyroot@srv1:~(keystone)# systemctl enable nova-api nova-conductor nova-scheduler nova-novncproxyroot@srv1:~(keystone)# systemctl restart apache2 nginxroot@srv1:~(keystone)# openstack compute service list+—————–+—————-+——————+———-+———+——-+—————————-+| ID| Binary | Host | Zone | Status| State | Updated At |+—————–+—————-+——————+———-+———+——-+—————————-+| b491bb4d-…… | nova-conductor | srv1.1000y.cloud | internal | enabled | up| 2022-10-24T09:16:32.000000 || ea5192b7-…… | nova-scheduler | srv1.1000y.cloud | internal | enabled | up| 2022-10-24T09:16:29.000000 |+—————–+—————-+——————+———-+———+——-+—————————-+

五:实现Nova-compute

1) 安装Nova-Computeroot@srv1:~(keystone)# apt install qemu-kvm libvirt-daemon-system libvirt-daemon virtinst bridge-utils libosinfo-bin nova-compute nova-compute-kvm -y2) 配置VNC(便于后续直接通过浏览器控制实例)root@srv1:~(keystone)# vim /etc/nova/nova.conf………………………………# 找到 [VNC] 区段，添加如下内容[vnc]enabled = Trueserver_listen = srv1.1000y.cloudserver_proxyclient_address = srv1.1000y.cloudnovncproxy_host = 127.0.0.1novncproxy_port = 6080novncproxy_base_url = https://srv1.1000y.cloud:6080/vnc_auto.html………………………………root@srv1:~(keystone)# systemctl restart nova-computeroot@srv1:~(keystone)# su -s /bin/bash nova -c “nova-manage cell_v2 discover_hosts”root@srv1:~(keystone)# openstack compute service list+—————–+—————-+——————+———-+———+——-+—————————-+| ID| Binary | Host | Zone | Status| State | Updated At |+—————–+—————-+——————+———-+———+——-+—————————-+| b491bb4d-…… | nova-conductor | srv1.1000y.cloud | internal | enabled | up| 2022-10-24T09:21:22.000000 || ea5192b7-…… | nova-scheduler | srv1.1000y.cloud | internal | enabled | up| 2022-10-24T09:21:19.000000 || 943af590-…… | nova-compute | srv1.1000y.cloud | nova | enabled | up| 2022-10-24T09:21:23.000000 |+—————–+—————-+——————+———-+———+——-+—————————-+

六:扩展NovaCompute节点

1) 准备第2台节点: 8G 4core2) 在扩展的计算节点上安装KVM并启动root@srv2:~# apt install qemu-kvm libvirt-daemon-system libvirt-daemon virtinst bridge-utils libosinfo-bin -yroot@srv2:~# lsmod | grep kvmkvm_intel 3727360kvm10280961 kvm_intel3) 安装Nova-Computeroot@srv2:~# apt install software-properties-common -yroot@srv2:~# add-apt-repository cloud-archive:zedRepository: ‘deb http://ubuntu-cloud.archive.canonical.com/ubuntu jammy-updates/zed main’Description:Ubuntu Cloud Archive for OpenStack ZedMore info: https://wiki.ubuntu.com/OpenStack/CloudArchiveAdding repository.Press [ENTER] to continue or Ctrl-c to cancel.# 回车………………………………Reading package lists… Doneroot@srv2:~# apt update && apt upgrade -yroot@srv2:~# apt install nova-compute nova-compute-kvm qemu-system-data -y4) 配置Nova Computeroot@srv2:~# mv /etc/nova/nova.conf /etc/nova/nova.conf.bakroot@srv2:~# vim /etc/nova/nova.conf[DEFAULT]state_path = /var/lib/novaenabled_apis = osapi_compute,metadatalog_dir = /var/log/novatransport_url = rabbit://openstack:password@srv1.1000y.cloud[api]auth_strategy = keystone[vnc]enabled = Trueserver_listen = srv2.1000y.cloudserver_proxyclient_address = srv2.1000y.cloudnovncproxy_base_url = https://srv1.1000y.cloud:6080/vnc_auto.html [glance]api_servers = https://srv1.1000y.cloud:9292# 自定义证书需要值为 trueinsecure = true[oslo_concurrency]lock_path = $state_path/tmp[keystone_authtoken]www_authenticate_uri = https://srv1.1000y.cloud:5000auth_url = https://srv1.1000y.cloud:5000memcached_servers = srv1.1000y.cloud:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = novapassword = servicepassword# 自定义证书需要值为 trueinsecure = true[placement]auth_url = https://srv1.1000y.cloud:5000os_region_name = RegionOneauth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = placementpassword = servicepassword# 自定义证书需要值为 trueinsecure = true[wsgi]api_paste_config = /etc/nova/api-paste.iniroot@srv2:~# chmod 640 /etc/nova/nova.confroot@srv2:~# chgrp nova /etc/nova/nova.conf5) 启动Nova Computeroot@srv2:~# systemctl restart nova-compute6) 确认# 于srv1节点上添加扩展计算节点root@srv1:~(keystone)# su -s /bin/bash nova -c “nova-manage cell_v2 discover_hosts”root@srv1:~(keystone)# openstack compute service list+————————————–+—————-+——————+———-+———+——-+—————————-+| ID | Binary | Host | Zone | Status| State | Updated At |+————————————–+—————-+——————+———-+———+——-+—————————-+| b491bb4d-85e7-4e6e-a9b6-5aa0955ec2cb | nova-conductor | srv1.1000y.cloud | internal | enabled | up| 2022-10-24T09:38:32.000000 || ea5192b7-901f-4d94-bf91-db82e5b86ea1 | nova-scheduler | srv1.1000y.cloud | internal | enabled | up| 2022-10-24T09:38:29.000000 || 943af590-28ed-4db7-9bba-ce51971e8be6 | nova-compute | srv1.1000y.cloud | nova | enabled | up| 2022-10-24T09:38:34.000000 || 98d5d4d9-d0ec-4cbd-b7f1-d5b724d94a77 | nova-compute | srv2.1000y.cloud | nova | enabled | up| 2022-10-24T09:38:36.000000 |+————————————–+—————-+——————+———-+———+——-+—————————-+