文章目录
一、cinder简介
OpenStack中cinder块存储服务:负责为运行实例提供持久的块存储设备(为虚拟机提供服务,持久的磁盘存储空间),可进行方便的扩展(例如:nfs以挂载卷的形式去进行扩展,扩容),按需付费,支持多种后端存储(支持多种格式存储)。
传统的存储方式:
以单个块的形式去存放资源,最后以一个整体形式整合成一个磁盘(每个块单元存储量不一定充分使用,会存在冗余,浪费)即磁盘标注的大小与实际大小不符。
二、OpenStack-cinder 组件部署
1. 创建数据库实例和角色
[root@controller ~]# mysql -uroot -p
MariaDB [(none)]> CREATE DATABASE cinder;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY 'CINDER_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY 'CINDER_DBPASS';
MariaDB [(none)]> flush privileges;
MariaDB [(none)]> exit
2. 创建用户、修改配置文件
2.1创建cinder用户,密码设置为CINDER_PASS
[root@ct ~]# openstack user create --domain default --password CINDER_PASS cinder
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 99e325f54ae04a58b9f8ba5b0cfa75ef |
| name | cinder |
| options | {
} |
| password_expires_at | None |
+---------------------+----------------------------------+
2.2 把cinder用户添加到service服务中,并授予admin权限
openstack role add --project service --user cinder admin
2.3 .cinder有v2和v3两个并存版本的API,所以需要创建两个版本的service实例
[root@ct ~]# openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Block Storage |
| enabled | True |
| id | 799389200ced425eb1d02b2d77e61bfe |
| name | cinderv2 |
| type | volumev2 |
+-------------+----------------------------------+
[root@ct ~]# openstack service create --name cinderv3 --description "OpenStack Block Storage" volumev3
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Block Storage |
| enabled | True |
| id | e8927664753e40129d2d736586e4b790 |
| name | cinderv3 |
| type | volumev3 |
+-------------+----------------------------------+
2.4. 给v2和v3版本的api创建endpoint
给v2的api创建endpoint
[root@ct ~]# openstack endpoint create --region RegionOne volumev2 public http://ct:8776/v2/%\(project_id\)s
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | a6621ec4d2cd4f79971d1985e4e6eef2 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 799389200ced425eb1d02b2d77e61bfe |
| service_name | cinderv2 |
| service_type | volumev2 |
| url | http://ct:8776/v2/%(project_id)s |
+--------------+----------------------------------+
[root@ct ~]# openstack endpoint create --region RegionOne volumev2 internal http://ct:8776/v2/%\(project_id\)s
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 55e17800928d4311a29891ae577b7df5 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 799389200ced425eb1d02b2d77e61bfe |
| service_name | cinderv2 |
| service_type | volumev2 |
| url | http://ct:8776/v2/%(project_id)s |
+--------------+----------------------------------+
[root@ct ~]# openstack endpoint create --region RegionOne volumev2 admin http://ct:8776/v2/%\(project_id\)s
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 397234c661794e71a576b701110e4910 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 799389200ced425eb1d02b2d77e61bfe |
| service_name | cinderv2 |
| service_type | volumev2 |
| url | http://ct:8776/v2/%(project_id)s |
+--------------+----------------------------------+
给v3的api创建endpoint
[root@ct ~]# openstack endpoint create --region RegionOne volumev3 public http://ct:8776/v3/%\(project_id\)s
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 53c083cf1b1d45a8aaf0a7a9523b8c13 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | e8927664753e40129d2d736586e4b790 |
| service_name | cinderv3 |
| service_type | volumev3 |
| url | http://ct:8776/v3/%(project_id)s |
+--------------+----------------------------------+
[root@ct ~]# openstack endpoint create --region RegionOne volumev3 internal http://ct:8776/v3/%\(project_id\)s
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 40da8d5ba50e451389c43984028dae51 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | e8927664753e40129d2d736586e4b790 |
| service_name | cinderv3 |
| service_type | volumev3 |
| url | http://ct:8776/v3/%(project_id)s |
+--------------+----------------------------------+
[root@ct ~]# openstack endpoint create --region RegionOne volumev3 admin http://ct:8776/v3/%\(project_id\)s
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 9956f357a6cc4985a11713f9ec34af83 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | e8927664753e40129d2d736586e4b790 |
| service_name | cinderv3 |
| service_type | volumev3 |
| url | http://ct:8776/v3/%(project_id)s |
+--------------+----------------------------------+
3. 安装及配置cinder服务
yum -y install openstack-cinder
- 修改cinder 配置文件
cp /etc/cinder/cinder.conf{
,.bak}
grep -Ev '#|^$' /etc/cinder/cinder.conf.bak>/etc/cinder/cinder.conf
openstack-config --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:CINDER_DBPASS@ct/cinder
openstack-config --set /etc/cinder/cinder.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@ct
openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken www_authenticate_uri http://ct:5000
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://ct:5000
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken memcached_servers ct:11211
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_type password
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name service
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password CINDER_PASS
openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip 192.168.1.10 #修改为 ct_IP地址
openstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp
- 查看配置文件
[root@ct cinder]# cat /etc/cinder/cinder.conf
[DEFAULT]
transport_url = rabbit://openstack:RABBIT_PASS@ct #配置rabbitmq连接
auth_strategy = keystone #认证方式
my_ip = 192.168.1.10 #内网IP
[backend]
[backend_defaults]
[barbican]
[brcd_fabric_example]
[cisco_fabric_example]
[coordination]
[cors]
[database] #对接数据库
connection = mysql+pymysql://cinder:CINDER_DBPASS@ct/cinder
[fc-zone-manager]
[healthcheck]
[key_manager]
[keystone_authtoken] #配置keystone认证信息
www_authenticate_uri = http://ct:5000 #keystone地址
auth_url = http://ct:5000
memcached_servers = ct:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = cinder #指定通过cinder账号到keystone做认证(用户名、密码)
password = CINDER_PASS
[nova]
[oslo_concurrency]
lock_path = /var/lib/cinder/tmp #配置锁路径
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[oslo_reports]
[oslo_versionedobjects]
[privsep]
[profiler]
[sample_castellan_source]
[sample_remote_file_source]
[service_user]
[ssl]
[vault]
- 同步cinder数据库(填充块存储数据库)
su -s /bin/sh -c "cinder-manage db sync" cinder
- 修改 Nova 配置文件,并重启服务
openstack-config --set /etc/nova/nova.conf cinder os_region_name RegionOne
systemctl restart openstack-nova-api.service
- 配置Cinder服务
systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service
systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service
- 配置控制节点验证
[root@ct ~]# cinder service-list
+------------------+------+------+---------+-------+----------------------------+---------+-----------------+---------------+
| Binary | Host | Zone | Status | State | Updated_at | Cluster | Disabled Reason | Backend State |
+------------------+------+------+---------+-------+----------------------------+---------+-----------------+---------------+
| cinder-scheduler | ct | nova | enabled | up | 2021-02-17T03:42:13.000000 | - | - | |
+------------------+------+------+---------+-------+----------------------------+---------+-----------------+---------------+
4. 在计算节点c2配置Cinder(存储节点)
- 安装并开启lvm服务
yum -y install openstack-cinder targetcli python-keystone
yum -y install lvm2 device-mapper-persistent-data
systemctl enable lvm2-lvmetad.service
systemctl start lvm2-lvmetad.service
- 创建lvm物理卷和卷组
新加一张sdc的物理卷,然后对c2节点重启
pvcreate /dev/sdc
vgcreate cinder-volumes /dev/sdc
- 修改lvm配置文件(指定使用sdc磁盘)
vim /etc/lvm/lvm.conf
filter = [ "a/sdc/","r/.*/" ] #141行,取消注释,修改filter规则
#a表示允许,r表示拒绝
#只允许lvm服务访问sdc中的数据,不允许lvm服务访问其他磁盘,这也间接实现了openstack创建的虚拟机只能访问sdb中的数据,不能访问其他磁盘
#设置只允许实例访问sdc逻辑卷中的数据;如果不配置的话,本机的其他服务也有可能会访问sdc逻辑卷中的数据
- 重启lvm服务
systemctl restart lvm2-lvmetad.service
- 配置cinder模块
cp /etc/cinder/cinder.conf{
,.bak}
grep -Ev '#|^$' /etc/cinder/cinder.conf.bak>/etc/cinder/cinder.conf
openstack-config --set /etc/cinder/cinder.conf database connection mysql+pymysql://cinder:CINDER_DBPASS@ct/cinder
openstack-config --set /etc/cinder/cinder.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@ct
openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip 192.168.100.13
openstack-config --set /etc/cinder/cinder.conf DEFAULT enabled_backends lvm
openstack-config --set /etc/cinder/cinder.conf DEFAULT glance_api_servers http://ct:9292
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken www_authenticate_uri http://ct:5000
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://ct:5000
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken memcached_servers ct:11211
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_type password
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name service
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder
openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password CINDER_PASS
openstack-config --set /etc/cinder/cinder.conf lvm volume_driver cinder.volume.drivers.lvm.LVMVolumeDriver
openstack-config --set /etc/cinder/cinder.conf lvm volume_group cinder-volumes
openstack-config --set /etc/cinder/cinder.conf lvm target_protocol iscsi
openstack-config --set /etc/cinder/cinder.conf lvm target_helper lioadm
openstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp
- 修改如下
[DEFAULT]
transport_url = rabbit://openstack:RABBIT_PASS@ct
auth_strategy = keystone
my_ip = 192.168.20.30
enabled_backends = lvm
glance_api_servers = http://ct:9292
[backend]
[backend_defaults]
[barbican]
[brcd_fabric_example]
[cisco_fabric_example]
[coordination]
[cors]
[database]
connection = mysql+pymysql://cinder:CINDER_DBPASS@ct/cinder
[fc-zone-manager]
[healthcheck]
[key_manager]
[keystone_authtoken]
www_authenticate_uri = http://ct:5000
auth_url = http://ct:5000
memcached_servers = ct:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = cinder
password = CINDER_PASS
[nova]
[oslo_concurrency] #配置锁路径
lock_path = /var/lib/cinder/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[oslo_reports]
[oslo_versionedobjects]
[privsep]
[profiler]
[sample_castellan_source]
[sample_remote_file_source]
[service_user]
[ssl]
[vault]
[lvm] #为LVM后端配置LVM驱动程序
volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver #指定LVM驱动程序;即通过指定的驱动创建LVM
volume_group = cinder-volumes #指定卷组(vg)
target_protocol = iscsi #pv使用的是iscsi协议,可以提供块存储服务
target_helper = lioadm #iscsi管理工具
#volume_backend_name=Openstack-lvm #选择:当后端有多个不同类型的存储时,可以在openstack中调用指定的存储;
给当前存储指定个名称,用于后期区分多个不同的存储
- 开启cinder卷服务
[root@c2 ~]# systemctl enable openstack-cinder-volume.service target.service
[root@c2 ~]# systemctl start openstack-cinder-volume.service target.service
5. 查看卷列表(ct节点)
[root@ct ~]# openstack volume service list
+------------------+--------+------+---------+-------+----------------------------+
| Binary | Host | Zone | Status | State | Updated At |
+------------------+--------+------+---------+-------+----------------------------+
| cinder-scheduler | ct | nova | enabled | up | 2021-02-17T04:08:33.000000 |
| cinder-volume | c2@lvm | nova | enabled | up | 2021-02-17T04:08:34.000000 |
+------------------+--------+------+---------+-------+----------------------------+
6.总结
Cinder配置思路:
- 创建管理、对接的用户、密码、服务和endpoint
修改配置文件:
- 主要内容为 向keystone对接认证授权、组件之间通讯模块、配置所在的域等
- 配置计算节点中虚拟机所用的卷