OpenStack---T version-nova component deployment process
nova component deployment location
【Control Node ct】
nova-api (nova main service)
nova-scheduler (nova scheduling service)
nova-conductor (nova database service, providing database access)
nova-novncproxy (nova's vnc service, provides the console of the instance)
[Compute nodes c1, c2]
nova-compute (nova computing service)
Compute node Nova service configuration
- Create the nova database and perform authorization operations
[root@ct ~]# mysql -uroot -p
MariaDB [(none)]> CREATE DATABASE nova_api;
MariaDB [(none)]> CREATE DATABASE nova;
MariaDB [(none)]> CREATE DATABASE nova_cell0;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';
MariaDB [(none)]> flush privileges;
MariaDB [(none)]> exit
- Manage Nova users and services
Create nova user
[root@ct ~]# openstack user create --domain default --password NOVA_PASS nova
#把nova用户添加到service项目,拥有admin权限
[root@ct ~]# openstack role add --project service --user nova admin
![[External link image transfer failed. The source site may have an anti-hotlinking mechanism. It is recommended to save the image and upload it directly (img-nM94H4mt-1614061733754) (C:\Users\Zhu Junjie\AppData\Roaming\Typora\typora-user-images\ image-20210220205649462.png)]](https://img-blog.csdnimg.cn/20210223143016549.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3dlaXhpbl81MDM0NTA1NA==,size_16,color_FFFFFF,t_70)
Create nova service
[root@ct ~]# openstack service create --name nova --description "OpenStack Compute" compute
给Nova服务关联endpoint(端点)
[root@ct ~]# openstack endpoint create --region RegionOne compute public http://ct:8774/v2.1
[root@ct ~]# openstack endpoint create --region RegionOne compute internal http://ct:8774/v2.1
[root@ct ~]# openstack endpoint create --region RegionOne compute admin http://ct:8774/v2.1
Install nova components (nova-api, nova-conductor, nova-novncproxy, nova-scheduler)
[root@ct ~]# yum -y install openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler
- Modify the nova configuration file (nova.conf)
[root@ct ~]# cp -a /etc/nova/nova.conf{,.bak}
[root@ct ~]# grep -Ev '^$|#' /etc/nova/nova.conf.bak > /etc/nova/nova.conf
#修改nova.conf
[root@ct ~]# openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
[root@ct ~]# openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 192.168.100.11 ####修改为 ct的IP(内部IP)
[root@ct ~]# openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron true
[root@ct ~]# openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
[root@ct ~]# openstack-config --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@ct
[root@ct ~]# openstack-config --set /etc/nova/nova.conf api_database connection mysql+pymysql://nova:NOVA_DBPASS@ct/nova_api
[root@ct ~]# openstack-config --set /etc/nova/nova.conf database connection mysql+pymysql://nova:NOVA_DBPASS@ct/nova
[root@ct ~]# openstack-config --set /etc/nova/nova.conf placement_database connection mysql+pymysql://placement:PLACEMENT_DBPASS@ct/placement
[root@ct ~]# openstack-config --set /etc/nova/nova.conf api auth_strategy keystone
[root@ct ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://ct:5000/v3
[root@ct ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers ct:11211
[root@ct ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password
[root@ct ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name Default
[root@ct ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name Default
[root@ct ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name service
[root@ct ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
[root@ct ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken password NOVA_PASS
[root@ct ~]# openstack-config --set /etc/nova/nova.conf vnc enabled true
[root@ct ~]# openstack-config --set /etc/nova/nova.conf vnc server_listen ' $my_ip'
[root@ct ~]# openstack-config --set /etc/nova/nova.conf vnc server_proxyclient_address ' $my_ip'
[root@ct ~]# openstack-config --set /etc/nova/nova.conf glance api_servers http://ct:9292
[root@ct ~]# openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
[root@ct ~]# openstack-config --set /etc/nova/nova.conf placement region_name RegionOne
[root@ct ~]# openstack-config --set /etc/nova/nova.conf placement project_domain_name Default
[root@ct ~]# openstack-config --set /etc/nova/nova.conf placement project_name service
[root@ct ~]# openstack-config --set /etc/nova/nova.conf placement auth_type password
[root@ct ~]# openstack-config --set /etc/nova/nova.conf placement user_domain_name Default
[root@ct ~]# openstack-config --set /etc/nova/nova.conf placement auth_url http://ct:5000/v3
[root@ct ~]# openstack-config --set /etc/nova/nova.conf placement username placement
[root@ct ~]# openstack-config --set /etc/nova/nova.conf placement password PLACEMENT_PASS
#查看nova.conf
[root@ct ~]# cat /etc/nova/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata #指定支持的api类型
my_ip = 192.168.100.11 #定义本地IP
use_neutron = true #通过neutron获取IP地址
firewall_driver = nova.virt.firewall.NoopFirewallDriver
transport_url = rabbit://openstack:RABBIT_PASS@ct #指定连接的rabbitmq
[api]
auth_strategy = keystone #指定使用keystone认证
[api_database]
connection = mysql+pymysql://nova:NOVA_DBPASS@ct/nova_api
[barbican]
[cache]
[cinder]
[compute]
[conductor]
[console]
[consoleauth]
[cors]
[database]
connection = mysql+pymysql://nova:NOVA_DBPASS@ct/nova
[devices]
[ephemeral_storage_encryption]
[filter_scheduler]
[glance]
api_servers = http://ct:9292
[guestfs]
[healthcheck]
[hyperv]
[ironic]
[key_manager]
[keystone]
[keystone_authtoken] #配置keystone的认证信息
auth_url = http://ct:5000/v3 #到此url去认证
memcached_servers = ct:11211 #memcache数据库地址:端口
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = NOVA_PASS
[libvirt]
[metrics]
[mks]
[neutron]
[notifications]
[osapi_v21]
[oslo_concurrency] #指定锁路径
lock_path = /var/lib/nova/tmp #锁的作用是创建虚拟机时,在执行某个操作的时候,需要等此步骤执行完后才能执行下一个步骤,不能并行执行,保证操作是一步一步的执行
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[pci]
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://ct:5000/v3
username = placement
password = PLACEMENT_PASS
[powervm]
[privsep]
[profiler]
[quota]
[rdp]
[remote_debug]
[scheduler]
[serial_console]
[service_user]
[spice]
[upgrade_levels]
[vault]
[vendordata_dynamic_auth]
[vmware]
[vnc] #此处如果配置不正确,则连接不上虚拟机的控制台
enabled = true
server_listen = $my_ip #指定vnc的监听地址
server_proxyclient_address = $my_ip #server的客户端地址为本机地址;此地址是管理网的地址
[workarounds]
[wsgi]
[xenserver]
[xvp]
[zvm]
[placement_database]
connection = mysql+pymysql://placement:PLACEMENT_DBPASS@ct/placement
- Initialize the database
Initialize the nova_api database
[root@ct ~]# su -s /bin/sh -c "nova-manage api_db sync" nova
- Register the cell0 database; the nova service internally divides resources into different cells, and divides computing nodes into different cells; openstack internally logically groups computing nodes based on cells
[root@ct ~]# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
#创建cell1单元格;
[root@ct ~]# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
#初始化nova数据库;可以通过 /var/log/nova/nova-manage.log 日志判断是否初始化成功
[root@ct ~]# su -s /bin/sh -c "nova-manage db sync" nova
#可使用以下命令验证cell0和cell1是否注册成功
su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova #验证cell0和cell1组件是否注册成功
![[External link image transfer failed. The source site may have an anti-hotlinking mechanism. It is recommended to save the image and upload it directly (img-V8w3iVVl-1614061733756) (C:\Users\Zhu Junjie\AppData\Roaming\Typora\typora-user-images\ image-20210220210627858.png)]](https://img-blog.csdnimg.cn/20210223143054273.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3dlaXhpbl81MDM0NTA1NA==,size_16,color_FFFFFF,t_70)
- Start Nova service
[root@ct ~]# systemctl enable openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
[root@ct ~]# systemctl start openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
- Check the nova service port
[root@ct ~]# netstat -tnlup|egrep '8774|8775'
[root@ct ~]# curl http://ct:8774
![[External link image transfer failed. The source site may have an anti-hotlinking mechanism. It is recommended to save the image and upload it directly (img-y5DarkmJ-1614061733757)(C:\Users\Zhu Junjie\AppData\Roaming\Typora\typora-user-images\ image-20210220210757051.png)]](https://img-blog.csdnimg.cn/20210223143103922.png)
##Compute node configuration Nova service-c1 node
- Install nova-compute components
[root@c1 ~]# yum -y install openstack-nova-compute
- Modify the configuration file
#编辑计算节点节点Nova配置文件(c1和c2、只有IP不同)
[root@c2 ~]# cp -a /etc/nova/nova.conf{,.bak}
[root@c2 ~]# grep -Ev '^$|#' /etc/nova/nova.conf.bak > /etc/nova/nova.conf
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@ct
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 192.168.100.40 #修改为对应节点的内部IP
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron true
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf api auth_strategy keystone
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://ct:5000/v3
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken memcached_servers ct:11211
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_type password
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_name Default
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_name Default
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name service
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf keystone_authtoken password NOVA_PASS
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf vnc enabled true
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf vnc server_listen 0.0.0.0
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf vnc server_proxyclient_address ' $my_ip'
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf vnc novncproxy_base_url http://192.168.100.40:6080/vnc_auto.html
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf glance api_servers http://ct:9292
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf placement region_name RegionOne
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf placement project_domain_name Default
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf placement project_name service
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf placement auth_type password
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf placement user_domain_name Default
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf placement auth_url http://ct:5000/v3
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf placement username placement
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf placement password PLACEMENT_PASS
[root@c2 ~]# openstack-config --set /etc/nova/nova.conf libvirt virt_type qemu
#配置文件内容如下:
[root@c1 nova]# cat /etc/nava/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:RABBIT_PASS@ct
my_ip = 192.168.100.12
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api]
auth_strategy = keystone
[api_database]
[barbican]
[cache]
[cinder]
[compute]
[conductor]
[console]
[consoleauth]
[cors]
[database]
[devices]
[ephemeral_storage_encryption]
[filter_scheduler]
[glance]
api_servers = http://ct:9292
[guestfs]
[healthcheck]
[hyperv]
[ironic]
[key_manager]
[keystone]
[keystone_authtoken]
auth_url = http://ct:5000/v3
memcached_servers = ct:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = NOVA_PASS
[libvirt]
virt_type = qemu
[metrics]
[mks]
[neutron]
[notifications]
[osapi_v21]
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[pci]
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://ct:5000/v3
username = placement
password = PLACEMENT_PASS
[powervm]
[privsep]
[profiler]
[quota]
[rdp]
[remote_debug]
[scheduler]
[serial_console]
[service_user]
[spice]
[upgrade_levels]
[vault]
[vendordata_dynamic_auth]
[vmware]
[vnc]
enabled = true
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://192.168.100.11:6080/vnc_auto.html #比较特殊的地方,需要手动添加IP地址,否则之后搭建成功后,无法通过UI控制台访问到内部虚拟机
[workarounds]
[wsgi]
[xenserver]
[xvp]
[zvm]
- Controller node operation
Check whether the compute node is registered to the controller, through the message queue; it needs to be executed on the controller node
[root@ct ~]# openstack compute service list --service nova-compute
![[External link image transfer failed. The source site may have an anti-hotlinking mechanism. It is recommended to save the image and upload it directly (img-K3dQYWnf-1614061733759) (C:\Users\Zhu Junjie\AppData\Roaming\Typora\typora-user-images\ image-20210222190237040.png)]](https://img-blog.csdnimg.cn/20210223143125656.png)
- Scan which computing nodes are currently available in openstack, and after discovery, the computing nodes will be created in the cell, and then virtual machines can be created in the cell; it is equivalent to grouping the computing nodes inside openstack and assigning the computing nodes to different cells
[root@ct ~]# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
![[External link image transfer failed. The source site may have an anti-hotlinking mechanism. It is recommended to save the image and upload it directly (img-C8VMJmNN-1614061733760) (C:\Users\朱俊杰\AppData\Roaming\Typora\typora-user-images\ image-20210222190432711.png)]](https://img-blog.csdnimg.cn/20210223143134434.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3dlaXhpbl81MDM0NTA1NA==,size_16,color_FFFFFF,t_70)
- By default, every time you add a computing node, you need to perform a scan on the control end, which will be very troublesome, so you can modify the main configuration file of the control end nova
[root@ct ~]# vim /etc/nova/nova.conf
[scheduler]
discover_hosts_in_cells_interval = 300 #每300秒扫描一次
[root@ct ~]# systemctl restart openstack-nova-api.service
- Verify compute node service
#检查 nova 的各个服务是否都是正常,以及 compute 服务是否注册成功
[root@ct ~]# openstack compute service list
![[External link image transfer failed. The source site may have an anti-hotlinking mechanism. It is recommended to save the image and upload it directly (img-nE6qjfbq-1614061733760) (C:\Users\Zhu Junjie\AppData\Roaming\Typora\typora-user-images\ image-20210222190654116.png)]](https://img-blog.csdnimg.cn/20210223143145486.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3dlaXhpbl81MDM0NTA1NA==,size_16,color_FFFFFF,t_70)
#查看各个组件的 api 是否正常
[root@ct ~]# openstack catalog list
![[External link image transfer failed. The source site may have an anti-hotlinking mechanism. It is recommended to save the image and upload it directly (img-wBby8CHu-1614061733761)(C:\Users\Zhu Junjie\AppData\Roaming\Typora\typora-user-images\ image-20210222190728340.png)]](https://img-blog.csdnimg.cn/20210223143154286.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3dlaXhpbl81MDM0NTA1NA==,size_16,color_FFFFFF,t_70)
#查看是否能够拿到镜像
[root@ct ~]# openstack image list
![[External link image transfer failed. The source site may have an anti-hotlinking mechanism. It is recommended to save the image and upload it directly (img-aFSjqGq9-1614061733762) (C:\Users\朱俊杰\AppData\Roaming\Typora\typora-user-images\ image-20210222190753202.png)]](https://img-blog.csdnimg.cn/20210223143202536.png)
#查看cell的api和placement的api是否正常,只要其中一个有误,后期无法创建虚拟机
[root@ct ~]# nova-status upgrade check
![[External link image transfer failed. The source site may have an anti-hotlinking mechanism. It is recommended to save the image and upload it directly (img-kzlBva5q-1614061733762) (C:\Users\Zhu Junjie\AppData\Roaming\Typora\typora-user-images\ image-20210222190812162.png)]](https://img-blog.csdnimg.cn/20210223143210159.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3dlaXhpbl81MDM0NTA1NA==,size_16,color_FFFFFF,t_70)
##summary
- Nova is divided into control nodes and computing nodes
[External link image transfer...(img-nE6qjfbq-1614061733760)]
#查看各个组件的 api 是否正常
[root@ct ~]# openstack catalog list
[External link image is being transferred...(img-wBby8CHu-1614061733761)]
#查看是否能够拿到镜像
[root@ct ~]# openstack image list
[External link image transfer...(img-aFSjqGq9-1614061733762)]
#查看cell的api和placement的api是否正常,只要其中一个有误,后期无法创建虚拟机
[root@ct ~]# nova-status upgrade check
[External link image is being transferred...(img-kzlBva5q-1614061733762)]
##summary
-
Nova is divided into control nodes and computing nodes
-
The core function of the Nova component is to schedule resources. The part that needs to be reflected in the configuration file: pointing to the location of the authentication node (URL, ENDPOINT), calling services, registering, providing support, etc., all configuration parameters in the configuration file are basically around this range ( Set the instance lifecycle management)