基于 CentOS 8 手工部署 OpenStack Victoria 版本(六)– 安装 Nova

Nova 是 OpenStack 中提供计算资源服务的组件,主要负责虚拟机生命周期管理和其他计算资源的的生命周期管理,我们需要在控制节点和计算节点上均部署 Nova 组件

控制节点

前提条件

  1. 创建数据库完成身份配置

    • 以 root 身份登录数据库
    [root@controller ~]# mysql -u root -p
    Enter password:   //输入数据库的密码回车
    • 创建 nova_api、nova 和 nova_cell0 数据库
    MariaDB [(none)]> CREATE DATABASE nova_api;
    MariaDB [(none)]> CREATE DATABASE nova;
    MariaDB [(none)]> CREATE DATABASE nova_cell0;
    • 为 placement 数据库赋予适当的访问权限
    其中的 openstack 为设置的密码(生产环境中请勿使用该类弱口令作为密码)
    MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'openstack';
    MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'openstack';
    
    MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'openstack';
    MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'openstack';
    
    MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY 'openstack';
    MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY 'openstack';
    • 退出数据库
    MariaDB [(none)]> exit;
    Bye

2.获取 admin 用户凭据来取得管理员的 CLI 命令权限

[root@controller ~]# . admin-openrc

3.创建计算服务凭据

  • 创建 nova 用户

    为新创建的用户设置一个密码
    [root@controller ~]# openstack user create --domain default --password-prompt nova
    User Password:
    Repeat User Password:
    
    +---------------------+----------------------------------+
    | Field               | Value                            |
    +---------------------+----------------------------------+
    | domain_id           | default                          |
    | enabled             | True                             |
    | id                  | c59aee8214d74a4db4a316be8e344df8 |
    | name                | nova                             |
    | options             | {}                               |
    | password_expires_at | None                             |
    +---------------------+----------------------------------+
    
  • 将 admin 角色添加到 nova 用户和 service 项目

    [root@controller ~]# openstack role add --project service --user nova admin
  • 创建 nova 服务实体

    [root@controller ~]# openstack service create --name nova --description "OpenStack Compute" compute
    
    +-------------+----------------------------------+
    | Field       | Value                            |
    +-------------+----------------------------------+
    | description | OpenStack Compute                |
    | enabled     | True                             |
    | id          | 0eeb3630df264579aea5ba628f444420 |
    | name        | nova                             |
    | type        | compute                          |
    +-------------+----------------------------------+
    
  1. 创建 Compute API 服务端点
[root@controller ~]# openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1

+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | bf17bd15388647cf8a908bda81c90eb2 |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 0eeb3630df264579aea5ba628f444420 |
| service_name | nova                             |
| service_type | compute                          |
| url          | http://controller:8774/v2.1      |
+--------------+----------------------------------+

[root@controller ~]#  openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1

+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 1398e2c0b7334b9eacb24cb2cb1ce982 |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 0eeb3630df264579aea5ba628f444420 |
| service_name | nova                             |
| service_type | compute                          |
| url          | http://controller:8774/v2.1      |
+--------------+----------------------------------+

[root@controller ~]#  openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1

+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 4599b5eefdc944a0a65e461f6a723258 |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 0eeb3630df264579aea5ba628f444420 |
| service_name | nova                             |
| service_type | compute                          |
| url          | http://controller:8774/v2.1      |
+--------------+----------------------------------+

安装和配置组件

  1. 安装软件包
[root@controller ~]#  yum install openstack-nova-api openstack-nova-conductor   openstack-nova-novncproxy openstack-nova-scheduler -y
  1. 编辑配置文件 vim /etc/nova/nova.conf ,并完成以下操作

    • 在 [DEFAULT] 部分中,仅启用 compute 和元数据 API
    [DEFAULT]
    # ...
    enabled_apis = osapi_compute,metadata
    • 在 [api_database] 和 [database] 部分中,配置连接数据库
    将 NOVA_DBPASS 替换为 nova 数据库的密码,这里我们设置的密码是 openstack
    [api_database]
    # ...
    connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api
    
    [database]
    # ...
    connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova
    • 在 [DEFAULT] 部分中,配置连接 RabbitMQ 消息队列
    将 RABBIT_PASS 替换为 openstack 用户的密码(此处的账号是我们在安装 RabbitMQ 的时候创建的),这里我们设置的密码是 openstack
    [DEFAULT]
    # ...
    transport_url = rabbit://openstack:RABBIT_PASS@controller:5672/
    • 在 [api] 和 [keystone_authtoken] 部分中,配置连接身份服务
    将 NOVA_PASS 替换为 nova 用户的密码,这里我们设置的密码是 openstack
    [api]
    # ...
    auth_strategy = keystone
    
    [keystone_authtoken]
    # ...
    www_authenticate_uri = http://controller:5000/
    auth_url = http://controller:5000/
    memcached_servers = controller:11211
    auth_type = password
    project_domain_name = Default
    user_domain_name = Default
    project_name = service
    username = nova
    password = NOVA_PASS
    • 在 [DEFAULT] 部分中,配置 my_ip 选项以使用控制器节点的管理接口 IP 地址
    [DEFAULT]
    # ...
    my_ip = 192.168.10.11
    • 在 [vnc] 部分中,将 VNC 代理配置为使用控制器节点的管理接口 IP 地址
    [vnc]
    enabled = true
    # ...
    server_listen = $my_ip
    server_proxyclient_address = $my_ip
    • 在 [glance] 部分中,配置镜像服务 API 地址
    [glance]
    # ...
    api_servers = http://controller:9292
    • 在 [oslo_concurrency] 部分中,配置锁定路径
    [oslo_concurrency]
    # ...
    lock_path = /var/lib/nova/tmp
    • 在 [placement] 部分中,配置连接 Placement API
    将 PLACEMENT_PASS 替换为 placement 用户的密码,这里我们设置的密码是 openstack
    [placement]
    # ...
    region_name = RegionOne
    project_domain_name = Default
    project_name = service
    auth_type = password
    user_domain_name = Default
    auth_url = http://controller:5000/v3
    username = placement
    password = PLACEMENT_PASS
  2. 填充 nova-api 数据库

[root@controller ~]# su -s /bin/sh -c "nova-manage api_db sync" nova
  1. 注册 cell0 数据库
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
  1. 创建 cell1 单元格
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
  1. 填充 nova 数据库
[root@controller ~]# su -s /bin/sh -c "nova-manage db sync" nova
  1. 验证 nova cell0 和 cell1 是否正确注册
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova
+-------+--------------------------------------+------------------------------------------+-------------------------------------------------+----------+
|  Name |                 UUID                 |              Transport URL               |               Database Connection               | Disabled |
+-------+--------------------------------------+------------------------------------------+-------------------------------------------------+----------+
| cell0 | 00000000-0000-0000-0000-000000000000 |                  none:/                  | mysql+pymysql://nova:****@controller/nova_cell0 |  False   |
| cell1 | 25377514-6341-4eeb-9351-fd9864f15483 | rabbit://openstack:****@controller:5672/ |    mysql+pymysql://nova:****@controller/nova    |  False   |
+-------+--------------------------------------+------------------------------------------+-------------------------------------------------+----------+
  1. 启动 Nova 的相关服务,并设置为开机自启
[root@controller ~]# systemctl enable openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
[root@controller ~]# systemctl start openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service

计算节点

安装和配置组件

  1. 安装软件包
[root@compute ~]# yum install openstack-nova-compute -y
  1. 编辑配置文件 vim /etc/nova/nova.conf 并完成以下操作

    • 在 [DEFAULT] 部分中,仅启用计算和元数据 API
    [DEFAULT]
    # ...
    enabled_apis = osapi_compute,metadata
    • 在 [DEFAULT] 部分中,配置连接 RabbitMQ 消息队列
    将 RABBIT_PASS 替换为 openstack 用户的密码(此处的账号是我们在安装 RabbitMQ 的时候创建的),这里我们设置的密码是 openstack
    [DEFAULT]
    # ...
    transport_url = rabbit://openstack:RABBIT_PASS@controller
    • 在 [api] 和 [keystone_authtoken] 部分中,配置连接身份服务
    将 NOVA_PASS 替换为 nova 用户的密码,这里我们设置的密码是 openstack
    [api]
    # ...
    auth_strategy = keystone
    
    [keystone_authtoken]
    # ...
    www_authenticate_uri = http://controller:5000/
    auth_url = http://controller:5000/
    memcached_servers = controller:11211
    auth_type = password
    project_domain_name = Default
    user_domain_name = Default
    project_name = service
    username = nova
    password = NOVA_PASS
    • 在 [DEFAULT] 部分中,配置 my_ip 选项以使用计算节点的管理接口 IP 地址
    [DEFAULT]
    # ...
    my_ip = 192.168.10.12
    • 在 [vnc] 部分中,启用和配置远程控制台访问
    [vnc]
    # ...
    enabled = true
    server_listen = 0.0.0.0
    server_proxyclient_address = $my_ip
    novncproxy_base_url = http://controller:6080/vnc_auto.html
    • 在 [glance] 部分中,配置 Image 服务 API 的地址
    [glance]
    # ...
    api_servers = http://controller:9292
    • 在 [oslo_concurrency] 部分中,配置锁定路径
    [oslo_concurrency]
    # ...
    lock_path = /var/lib/nova/tmp
    • 在 [placement] 部分中,配置连接 Placement API
    将 PLACEMENT_PASS 替换为 placement 用户的密码,这里我们设置的密码是 openstack
    [placement]
    # ...
    region_name = RegionOne
    project_domain_name = Default
    project_name = service
    auth_type = password
    user_domain_name = Default
    auth_url = http://controller:5000/v3
    username = placement
    password = PLACEMENT_PASS
  2. 启动 Nova 的相关服务,并设置为开机自启

[root@localhost ~]# systemctl enable libvirtd.service openstack-nova-compute.service
[root@localhost ~]# systemctl start libvirtd.service openstack-nova-compute.service

添加计算节点

此步骤在控制节点上进行
  1. 获取 admin 用户凭据来取得管理员的 CLI 命令权限
[root@controller ~]# . admin-openrc
  1. 查找计算节点
[root@controller ~]# openstack compute service list --service nova-compute

+----+--------------+---------+------+---------+-------+----------------------------+
| ID | Binary       | Host    | Zone | Status  | State | Updated At                 |
+----+--------------+---------+------+---------+-------+----------------------------+
|  3 | nova-compute | compute | nova | enabled | up    | 2021-06-04T06:17:43.000000 |
+----+--------------+---------+------+---------+-------+----------------------------+
  1. 添加计算节点
[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova

验证

  1. 获取 admin 用户凭据来取得管理员的 CLI 命令权限
[root@controller ~]# . admin-openrc
  1. 列出服务组件以验证每个进程的成功启动和注册
[root@controller ~]# openstack compute service list

+----+----------------+------------+----------+---------+-------+----------------------------+
| ID | Binary         | Host       | Zone     | Status  | State | Updated At                 |
+----+----------------+------------+----------+---------+-------+----------------------------+
|  1 | nova-conductor | controller | internal | enabled | up    | 2021-06-04T06:26:26.000000 |
|  2 | nova-scheduler | controller | internal | enabled | up    | 2021-06-04T06:26:33.000000 |
|  3 | nova-compute   | compute    | nova     | enabled | up    | 2021-06-04T06:26:33.000000 |
+----+----------------+------------+----------+---------+-------+----------------------------+
  1. 列出身份服务中的 API 端点以验证与身份服务的连接
[root@controller ~]# openstack catalog list

+-----------+-----------+-----------------------------------------+
| Name      | Type      | Endpoints                               |
+-----------+-----------+-----------------------------------------+
| placement | placement | RegionOne                               |
|           |           |   public: http://controller:8778        |
|           |           | RegionOne                               |
|           |           |   admin: http://controller:8778         |
|           |           | RegionOne                               |
|           |           |   internal: http://controller:8778      |
|           |           |                                         |
| nova      | compute   | RegionOne                               |
|           |           |   internal: http://controller:8774/v2.1 |
|           |           | RegionOne                               |
|           |           |   admin: http://controller:8774/v2.1    |
|           |           | RegionOne                               |
|           |           |   public: http://controller:8774/v2.1   |
|           |           |                                         |
| glance    | image     | RegionOne                               |
|           |           |   internal: http://controller:9292      |
|           |           | RegionOne                               |
|           |           |   public: http://controller:9292        |
|           |           | RegionOne                               |
|           |           |   admin: http://controller:9292         |
|           |           |                                         |
| keystone  | identity  | RegionOne                               |
|           |           |   public: http://controller:5000/v3/    |
|           |           | RegionOne                               |
|           |           |   admin: http://controller:5000/v3/     |
|           |           | RegionOne                               |
|           |           |   internal: http://controller:5000/v3/  |
|           |           |                                         |
+-----------+-----------+-----------------------------------------+
  1. 检查 Cells 和 Placement API 是否成功运行,以及其他必要的先决条件是否到位
忽略输出的提示信息
[root@controller ~]# nova-status upgrade check

+-------------------------------------------+
| Upgrade Check Results                     |
+-------------------------------------------+
| Check: Cells v2                           |
| Result: Success                           |
| Details: None                             |
+-------------------------------------------+
| Check: Placement API                      |
| Result: Success                           |
| Details: None                             |
+-------------------------------------------+
| Check: Ironic Flavor Migration            |
| Result: Success                           |
| Details: None                             |
+-------------------------------------------+
| Check: Cinder API                         |
| Result: Success                           |
| Details: None                             |
+-------------------------------------------+
| Check: Policy Scope-based Defaults        |
| Result: Success                           |
| Details: None                             |
+-------------------------------------------+
| Check: Policy File JSON to YAML Migration |
| Result: Success                           |
| Details: None                             |
+-------------------------------------------+
| Check: Older than N-1 computes            |
| Result: Success                           |
| Details: None                             |
+-------------------------------------------+

THE END