openstack-nova服务安装

发布时间:2023年12月22日

计算服务概览

使用OpenStack计算服务来托管和管理云计算系统。OpenStack计算服务是基础设施即服务(IaaS)系统的主要部分,模块主要由Python实现。

OpenStack计算组件请求OpenStack Identity服务进行认证;请求OpenStack Image服务提供磁盘镜像;为OpenStack dashboard提供用户与管理员接口。磁盘镜像访问限制在项目与用户上;配额以每个项目进行设定(例如,每个项目下可以创建多少实例)。OpenStack组件可以在标准硬件上水平大规模扩展,并且下载磁盘镜像启动虚拟机实例。

OpenStack计算服务由下列组件所构成:

nova-api 服务
接收和响应来自最终用户的计算API请求。此服务支持OpenStack计算服务API,Amazon EC2 API,以及特殊的管理API用于赋予用户做一些管理的操作。它会强制实施一些规则,发起多数的编排活动,例如运行一个实例。

nova-api-metadata 服务
接受来自虚拟机发送的元数据请求。nova-api-metadata服务一般在安装nova-network服务的多主机模式下使用。更详细的信息,请参考OpenStack管理员手册中的链接Metadata service <http://docs.openstack.org/admin-guide/compute-networking-nova.html#metadata-service>__ in the OpenStack Administrator Guide。

nova-compute服务
一个持续工作的守护进程,通过Hypervior的API来创建和销毁虚拟机实例。例如:

XenServer/XCP 的 XenAPI

KVM 或 QEMU 的 libvirt

VMware 的 VMwareAPI

过程是蛮复杂的。最为基本的,守护进程同意了来自队列的动作请求,转换为一系列的系统命令如启动一个KVM实例,然后,到数据库中更新它的状态。

nova-scheduler服务
拿到一个来自队列请求虚拟机实例,然后决定那台计算服务器主机来运行它。

nova-conductor模块
媒介作用于nova-compute服务与数据库之间。它排除了由nova-compute服务对云数据库的直接访问。nova-conductor模块可以水平扩展。但是,不要将它部署在运行nova-compute服务的主机节点上。参考Configuration Reference Guide http://docs.openstack.org/mitaka/config-reference/compute/conductor.html`__。

nova-cert模块
服务器守护进程向Nova Cert服务提供X509证书。用来为euca-bundle-image生成证书。仅仅是在EC2 API的请求中使用

nova-network worker 守护进程
nova-compute服务类似,从队列中接受网络任务,并且操作网络。执行任务例如创建桥接的接口或者改变IPtables的规则。

nova-consoleauth 守护进程
授权控制台代理所提供的用户令牌。详情可查看nova-novncproxy和 nova-xvpvncproxy。该服务必须为控制台代理运行才可奏效。在集群配置中你可以运行二者中任一代理服务而非仅运行一个nova-consoleauth服务。更多关于nova-consoleauth的信息,请查看About nova-consoleauth <http://docs.openstack.org/admin-guide/compute-remote-console-access.html#about-nova-consoleauth>__。

nova-novncproxy 守护进程
提供一个代理,用于访问正在运行的实例,通过VNC协议,支持基于浏览器的novnc客户端。

nova-spicehtml5proxy 守护进程
提供一个代理,用于访问正在运行的实例,通过 SPICE 协议,支持基于浏览器的 HTML5 客户端。

nova-xvpvncproxy 守护进程
提供一个代理,用于访问正在运行的实例,通过VNC协议,支持OpenStack特定的Java客户端。

nova-cert 守护进程
X509 证书。

nova客户端
用于用户作为租户管理员或最终用户来提交命令。

队列
一个在守护进程间传递消息的中央集线器。常见实现有RabbitMQ <http://www.rabbitmq.com/>__ , 以及如Zero MQ <http://www.zeromq.org/>__等AMQP消息队列。

SQL数据库
存储构建时和运行时的状态,为云基础设施,包括有:

可用实例类型

使用中的实例

可用网络

项目

理论上,OpenStack计算可以支持任何和SQL-Alchemy所支持的后端数据库,通常使用SQLite3来做测试可开发工作,MySQL和PostgreSQL 作生产环境。

安装并配置控制节点

这个部分将描述如何在控制节点上安装和配置 Compute 服务,即 nova。

先决条件

在安装和配置 Compute 服务前,你必须创建数据库服务的凭据以及 API endpoints。

为了创建数据库,必须完成这些步骤:

用数据库连接客户端以 root 用户连接到数据库服务器:

$ mysql -u root -p

创建 nova_api 和 nova 数据库:

 CREATE DATABASE nova_api;
 CREATE DATABASE nova;
 CREATE DATABASE nova_cell0;

结果

MariaDB [(none)]> CREATE DATABASE nova_api;
Query OK, 1 row affected (0.008 sec)

MariaDB [(none)]> CREATE DATABASE nova;
Query OK, 1 row affected (0.016 sec)

MariaDB [(none)]> CREATE DATABASE nova_cell0;
Query OK, 1 row affected (0.001 sec)


MariaDB [(none)]> show databases;
+--------------------+
| Database           |
+--------------------+
| glance             |
| information_schema |
| keystone           |
| mysql              |
| nova               |
| nova_api           |
| nova_cell0         |
| performance_schema |
| placement          |
+--------------------+
9 rows in set (0.001 sec)


对数据库进行正确的授权:

MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' \
  IDENTIFIED BY 'NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' \
  IDENTIFIED BY 'NOVA_DBPASS';

MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' \
  IDENTIFIED BY 'NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' \
  IDENTIFIED BY 'NOVA_DBPASS';

MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' \
  IDENTIFIED BY 'NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' \
  IDENTIFIED BY 'NOVA_DBPASS';
  

用合适的密码代替 NOVA_DBPASS。

退出数据库客户端。

获得 admin 凭证来获取只有管理员能执行的命令的访问权限:

$ . admin-openrc

要创建计算服务证书,完成这些步骤:

创建 nova 用户:

$ openstack user create --domain default --password-prompt nova

User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | default                          |
| enabled             | True                             |
| id                  | 8a7dbf5279404537b1c7b86c033620fe |
| name                | nova                             |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+

结果

[root@controller ~]# openstack user create --domain default --password-prompt nova
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | default                          |
| enabled             | True                             |
| id                  | 0343f8c414b042efa206c056cbf765d2 |
| name                | nova                             |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+
[root@controller ~]#

查看用户

[root@controller ~]# openstack user list
+----------------------------------+-----------+
| ID                               | Name      |
+----------------------------------+-----------+
| a6a881a6089843b9999b2a0a7397c5d7 | admin     |
| 62623ccda6ce4e4c82b10cd51521aad8 | myuser    |
| a24c9f7cffd740afbd1a4388fecadc34 | glance    |
| 1a96e4b649cb474da9506226a56ca7d6 | placement |
| 0343f8c414b042efa206c056cbf765d2 | nova      |
+----------------------------------+-----------+

给 nova 用户添加 admin 角色:

$ openstack role add --project service --user nova admin

查看role,user,project三者关系

[root@controller ~]# openstack role assignment list
+----------------------------------+----------------------------------+-------+----------------------------------+--------+--------+-----------+
| Role                             | User                             | Group | Project                          | Domain | System | Inherited |
+----------------------------------+----------------------------------+-------+----------------------------------+--------+--------+-----------+
| db335b47ae26492e9da33881087e80c6 | 0343f8c414b042efa206c056cbf765d2 |       | cfd7929faa4d456ba0633f4934ed0106 |        |        | False     |
| db335b47ae26492e9da33881087e80c6 | 1a96e4b649cb474da9506226a56ca7d6 |       | cfd7929faa4d456ba0633f4934ed0106 |        |        | False     |
| dea0722037a346b9a5dc790e39b0d017 | 62623ccda6ce4e4c82b10cd51521aad8 |       | d33724f9baf9444e9622d102d9541826 |        |        | False     |
| db335b47ae26492e9da33881087e80c6 | a24c9f7cffd740afbd1a4388fecadc34 |       | cfd7929faa4d456ba0633f4934ed0106 |        |        | False     |
| db335b47ae26492e9da33881087e80c6 | a6a881a6089843b9999b2a0a7397c5d7 |       | faf1dd393fae450b8afc29ebc9d9b6d1 |        |        | False     |
| db335b47ae26492e9da33881087e80c6 | a6a881a6089843b9999b2a0a7397c5d7 |       |                                  |        | all    | False     |
+----------------------------------+----------------------------------+-------+----------------------------------+--------+--------+-----------+

创建 nova 服务实体:

$ openstack service create --name nova \
  --description "OpenStack Compute" compute

+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Compute                |
| enabled     | True                             |
| id          | 060d59eac51b4594815603d75a00aba2 |
| name        | nova                             |
| type        | compute                          |
+-------------+----------------------------------+

结果

[root@controller ~]# openstack service create --name nova \
>   --description "OpenStack Compute" compute
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Compute                |
| enabled     | True                             |
| id          | 8a4f8727095c481bb366eda08743dba6 |
| name        | nova                             |
| type        | compute                          |
+-------------+----------------------------------+

查询服务

[root@controller ~]# openstack service list
+----------------------------------+-----------+-----------+
| ID                               | Name      | Type      |
+----------------------------------+-----------+-----------+
| 125478add9754a8182936f04f2175c0e | keystone  | identity  |
| 824b05bbfbca4fe7abc376ad9b0b5ec4 | glance    | image     |
| 8a4f8727095c481bb366eda08743dba6 | nova      | compute   |
| e380dba4387a41e09d63f359248798f1 | placement | placement |
+----------------------------------+-----------+-----------+

创建 Compute 服务 API 端点 :

$ openstack endpoint create --region RegionOne \
  compute public http://controller:8774/v2.1

+--------------+-------------------------------------------+
| Field        | Value                                     |
+--------------+-------------------------------------------+
| enabled      | True                                      |
| id           | 3c1caa473bfe4390a11e7177894bcc7b          |
| interface    | public                                    |
| region       | RegionOne                                 |
| region_id    | RegionOne                                 |
| service_id   | 060d59eac51b4594815603d75a00aba2          |
| service_name | nova                                      |
| service_type | compute                                   |
| url          | http://controller:8774/v2.1               |
+--------------+-------------------------------------------+

$ openstack endpoint create --region RegionOne \
  compute internal http://controller:8774/v2.1

+--------------+-------------------------------------------+
| Field        | Value                                     |
+--------------+-------------------------------------------+
| enabled      | True                                      |
| id           | e3c918de680746a586eac1f2d9bc10ab          |
| interface    | internal                                  |
| region       | RegionOne                                 |
| region_id    | RegionOne                                 |
| service_id   | 060d59eac51b4594815603d75a00aba2          |
| service_name | nova                                      |
| service_type | compute                                   |
| url          | http://controller:8774/v2.1               |
+--------------+-------------------------------------------+

$ openstack endpoint create --region RegionOne \
  compute admin http://controller:8774/v2.1

+--------------+-------------------------------------------+
| Field        | Value                                     |
+--------------+-------------------------------------------+
| enabled      | True                                      |
| id           | 38f7af91666a47cfb97b4dc790b94424          |
| interface    | admin                                     |
| region       | RegionOne                                 |
| region_id    | RegionOne                                 |
| service_id   | 060d59eac51b4594815603d75a00aba2          |
| service_name | nova                                      |
| service_type | compute                                   |
| url          | http://controller:8774/v2.1               |
+--------------+-------------------------------------------+

结果

[root@controller ~]# openstack endpoint create --region RegionOne \
>   compute public http://controller:8774/v2.1
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 207cd10858a24d48ad86beae5c2af00c |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 8a4f8727095c481bb366eda08743dba6 |
| service_name | nova                             |
| service_type | compute                          |
| url          | http://controller:8774/v2.1      |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne \
>   compute internal http://controller:8774/v2.1
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 8910be1558804aa38b9f88a71c8e7b68 |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 8a4f8727095c481bb366eda08743dba6 |
| service_name | nova                             |
| service_type | compute                          |
| url          | http://controller:8774/v2.1      |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne \
>   compute admin http://controller:8774/v2.1
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | eeb6de38ebff4584978df1c8108407ab |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 8a4f8727095c481bb366eda08743dba6 |
| service_name | nova                             |
| service_type | compute                          |
| url          | http://controller:8774/v2.1      |
+--------------+----------------------------------+

查询服务端口

[root@controller ~]# openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------+
| ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                         |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------+
| 207cd10858a24d48ad86beae5c2af00c | RegionOne | nova         | compute      | True    | public    | http://controller:8774/v2.1 |
| 270167f7978b458da1110a0e2db815ff | RegionOne | keystone     | identity     | True    | admin     | http://controller:5000/v3/  |
| 463b426aad584e9ea6d011cd0a6c527e | RegionOne | keystone     | identity     | True    | internal  | http://controller:5000/v3/  |
| 6051331a74b74ecd92fd9cf05bb61979 | RegionOne | glance       | image        | True    | internal  | http://controller:9292      |
| 66025531e4e747bf8c7aecab421da838 | RegionOne | placement    | placement    | True    | public    | http://controller:8778      |
| 8910be1558804aa38b9f88a71c8e7b68 | RegionOne | nova         | compute      | True    | internal  | http://controller:8774/v2.1 |
| 90b589816dd14b77814928f67e42a601 | RegionOne | glance       | image        | True    | public    | http://controller:9292      |
| 99c92cfc2b27431a95167b4113f4a5b4 | RegionOne | keystone     | identity     | True    | public    | http://controller:5000/v3/  |
| d2f34737a14a4b55ad948f68b2fd5272 | RegionOne | glance       | image        | True    | admin     | http://controller:9292      |
| e4ab36ff450d40c6bc997f8e04093413 | RegionOne | placement    | placement    | True    | internal  | http://controller:8778      |
| ed03940afbb444f48d9a8041ce7b971d | RegionOne | placement    | placement    | True    | admin     | http://controller:8778      |
| eeb6de38ebff4584978df1c8108407ab | RegionOne | nova         | compute      | True    | admin     | http://controller:8774/v2.1 |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------+

安装并配置组件

安装软件包:

Install the packages:

# yum install openstack-nova-api openstack-nova-conductor \
  openstack-nova-novncproxy openstack-nova-scheduler

编辑/etc/nova/nova.conf文件并完成下面的操作:

[DEFAULT]部分,只启用计算和元数据API:

[DEFAULT]
# ...
enabled_apis = osapi_compute,metadata

In the [api_database] and [database] sections, configure database access:

[api_database]
# ...
connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api

[database]
# ...
connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova

Replace NOVA_DBPASS with the password you chose for the Compute databases.

In the [DEFAULT] section, configure RabbitMQ message queue access:

[DEFAULT]
# ...
transport_url = rabbit://openstack:RABBIT_PASS@controller:5672/

Replace RABBIT_PASS with the password you chose for the openstack account in RabbitMQ.

In the [api] and [keystone_authtoken] sections, configure Identity service access:

[api]
# ...
auth_strategy = keystone

[keystone_authtoken]
# ...
www_authenticate_uri = http://controller:5000/
auth_url = http://controller:5000/
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = NOVA_PASS

Replace NOVA_PASS with the password you chose for the nova user in the Identity service.
In the [DEFAULT] section, configure the my_ip option to use the management interface IP address of the controller node:

[DEFAULT]
# ...
my_ip = 10.0.0.11

In the [DEFAULT] section, enable support for the Networking service:

[DEFAULT]
# ...
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver

Configure the [neutron] section of /etc/nova/nova.conf. Refer to the Networking service install guide for more details.

In the [vnc] section, configure the VNC proxy to use the management interface IP address of the controller node:

[vnc]
enabled = true
# ...
server_listen = $my_ip
server_proxyclient_address = $my_ip

In the [glance] section, configure the location of the Image service API:

[glance]
# ...
api_servers = http://controller:9292

In the [oslo_concurrency] section, configure the lock path:

[oslo_concurrency]
# ...
lock_path = /var/lib/nova/tmp

In the [placement] section, configure access to the Placement service:

[placement]
# ...
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = PLACEMENT_PASS

Replace PLACEMENT_PASS with the password you choose for the placement service user created when installing Placement. Comment out or remove any other options in the [placement] section.

完整配置文件

[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:12345678@controller:5672/
my_ip = 192.168.2.11
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver

[api]
auth_strategy = keystone

[api_database]
connection = mysql+pymysql://nova:12345678@controller/nova_api

[barbican]
[cache]
[cinder]
[compute]
[conductor]
[console]
[consoleauth]
[cors]
[database]
connection = mysql+pymysql://nova:12345678@controller/nova

[devices]
[ephemeral_storage_encryption]
[filter_scheduler]
[glance]
api_servers = http://controller:9292

[guestfs]
[healthcheck]
[hyperv]
[ironic]
[key_manager]
[keystone]
[keystone_authtoken]
www_authenticate_uri = http://controller:5000/
auth_url = http://controller:5000/
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = 12345678

[libvirt]
[metrics]
[mks]
[neutron]
[notifications]
[osapi_v21]
[oslo_concurrency]
lock_path = /var/lib/nova/tmp

[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[pci]
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = 12345678

[powervm]
[privsep]
[profiler]
[quota]
[rdp]
[remote_debug]
[scheduler]
[serial_console]
[service_user]
[spice]
[upgrade_levels]
[vault]
[vendordata_dynamic_auth]
[vmware]
[vnc]
enabled = true
# ...
server_listen = $my_ip
server_proxyclient_address = $my_ip

[workarounds]
[wsgi]
[xenserver]
[xvp]
[zvm]

Populate the nova-api database:

# su -s /bin/sh -c "nova-manage api_db sync" nova

Register the cell0 database:

# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova

Create the cell1 cell:

# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova

Populate the nova database:

# su -s /bin/sh -c "nova-manage db sync" nova

错误信息

[root@controller nova]# su -s /bin/sh -c "nova-manage db sync" nova
/usr/lib/python2.7/site-packages/pymysql/cursors.py:170: Warning: (1831, u'Duplicate index `block_device_mapping_instance_uuid_virtual_name_device_name_idx`. This is deprecated and will be disallowed in a future release')
  result = self._query(query)
/usr/lib/python2.7/site-packages/pymysql/cursors.py:170: Warning: (1831, u'Duplicate index `uniq_instances0uuid`. This is deprecated and will be disallowed in a future release')
  result = self._query(query)

Verify nova cell0 and cell1 are registered correctly:

# su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova
+-------+--------------------------------------+----------------------------------------------------+--------------------------------------------------------------+----------+
|  Name |                 UUID                 |                   Transport URL                    |                     Database Connection                      | Disabled |
+-------+--------------------------------------+----------------------------------------------------+--------------------------------------------------------------+----------+
| cell0 | 00000000-0000-0000-0000-000000000000 |                       none:/                       | mysql+pymysql://nova:****@controller/nova_cell0?charset=utf8 |  False   |
| cell1 | f690f4fd-2bc5-4f15-8145-db561a7b9d3d | rabbit://openstack:****@controller:5672/nova_cell1 | mysql+pymysql://nova:****@controller/nova_cell1?charset=utf8 |  False   |
+-------+--------------------------------------+----------------------------------------------------+--------------------------------------------------------------+----------+

结果

[root@controller nova]# su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova
+-------+--------------------------------------+------------------------------------------+-------------------------------------------------+----------+
|  名称 |                 UUID                 |              Transport URL               |                    数据库连接                   | Disabled |
+-------+--------------------------------------+------------------------------------------+-------------------------------------------------+----------+
| cell0 | 00000000-0000-0000-0000-000000000000 |                  none:/                  | mysql+pymysql://nova:****@controller/nova_cell0 |  False   |
| cell1 | b80c904f-d3ba-4a79-8fba-187a4c8da7d9 | rabbit://openstack:****@controller:5672/ |    mysql+pymysql://nova:****@controller/nova    |  False   |
+-------+--------------------------------------+------------------------------------------+-------------------------------------------------+----------+

Finalize installation

# systemctl enable \
    openstack-nova-api.service \
    openstack-nova-scheduler.service \
    openstack-nova-conductor.service \
    openstack-nova-novncproxy.service
# systemctl start \
    openstack-nova-api.service \
    openstack-nova-scheduler.service \
    openstack-nova-conductor.service \
    openstack-nova-novncproxy.service

Install and configure a compute node for Red Hat Enterprise Linux and CentOS

在计算节点操作

This section describes how to install and configure the Compute service on a compute node. The service supports several hypervisors to deploy instances or virtual machines (VMs). For simplicity, this configuration uses the Quick EMUlator (QEMU) hypervisor with the kernel-based VM (KVM) extension on compute nodes that support hardware acceleration for virtual machines. On legacy hardware, this configuration uses the generic QEMU hypervisor. You can follow these instructions with minor modifications to horizontally scale your environment with additional compute nodes.

Install and configure components

Install the packages:

# yum install openstack-nova-compute

Edit the /etc/nova/nova.conf file and complete the following actions:

In the [DEFAULT] section, enable only the compute and metadata APIs:

[DEFAULT]
# ...
enabled_apis = osapi_compute,metadata

In the [DEFAULT] section, configure RabbitMQ message queue access:

[DEFAULT]
# ...
transport_url = rabbit://openstack:RABBIT_PASS@controller

Replace RABBIT_PASS with the password you chose for the openstack account in RabbitMQ.

In the [api] and [keystone_authtoken] sections, configure Identity service access:

[api]
# ...
auth_strategy = keystone

[keystone_authtoken]
# ...
www_authenticate_uri = http://controller:5000/
auth_url = http://controller:5000/
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = NOVA_PASS

Replace NOVA_PASS with the password you chose for the nova user in the Identity service.
In the [DEFAULT] section, configure the my_ip option:

[DEFAULT]
# ...
my_ip = MANAGEMENT_INTERFACE_IP_ADDRESS

Replace MANAGEMENT_INTERFACE_IP_ADDRESS with the IP address of the management network interface on your compute node, typically 10.0.0.31 for the first node in the example architecture.

In the [DEFAULT] section, enable support for the Networking service:

[DEFAULT]
# ...
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver

Configure the [neutron] section of /etc/nova/nova.conf. Refer to the Networking service install guide for more details.

In the [vnc] section, enable and configure remote console access:

[vnc]
# ...
enabled = true
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://controller:6080/vnc_auto.html

The server component listens on all IP addresses and the proxy component only listens on the management interface IP address of the compute node. The base URL indicates the location where you can use a web browser to access remote consoles of instances on this compute node.
In the [glance] section, configure the location of the Image service API:

[glance]
# ...
api_servers = http://controller:9292

In the [oslo_concurrency] section, configure the lock path:

[oslo_concurrency]
# ...
lock_path = /var/lib/nova/tmp

In the [placement] section, configure the Placement API:

[placement]
# ...
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = PLACEMENT_PASS

Replace PLACEMENT_PASS with the password you choose for the placement user in the Identity service. Comment out any other options in the [placement] section.

完整配置文件

[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:12345678@controller
my_ip = 192.168.2.31
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver

[api]
auth_strategy = keystone

[api_database]
[barbican]
[cache]
[cinder]
[compute]
[conductor]
[console]
[consoleauth]
[cors]
[database]
[devices]
[ephemeral_storage_encryption]
[filter_scheduler]
[glance]
api_servers = http://controller:9292

[guestfs]
[healthcheck]
[hyperv]
[ironic]
[key_manager]
[keystone]
[keystone_authtoken]
www_authenticate_uri = http://controller:5000/
auth_url = http://controller:5000/
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = 12345678

[libvirt]
[metrics]
[mks]
[neutron]
[notifications]
[osapi_v21]
[oslo_concurrency]
lock_path = /var/lib/nova/tmp

[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[pci]
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = 12345678

[powervm]
[privsep]
[profiler]
[quota]
[rdp]
[remote_debug]
[scheduler]
[serial_console]
[service_user]
[spice]
[upgrade_levels]
[vault]
[vendordata_dynamic_auth]
[vmware]
[vnc]
enabled = true
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://controller:6080/vnc_auto.html

[workarounds]
[wsgi]
[xenserver]
[xvp]
[zvm]

Finalize installation?

Determine whether your compute node supports hardware acceleration for virtual machines:

$ egrep -c '(vmx|svm)' /proc/cpuinfo

返回4
Start the Compute service including its dependencies and configure them to start automatically when the system boots:

# systemctl enable libvirtd.service openstack-nova-compute.service
# systemctl start libvirtd.service openstack-nova-compute.service

Add the compute node to the cell database

在控制节点操作
Source the admin credentials to enable admin-only CLI commands, then confirm there are compute hosts in the database:

$ . admin-openrc

$ openstack compute service list --service nova-compute
+----+-------+--------------+------+-------+---------+----------------------------+
| ID | Host  | Binary       | Zone | State | Status  | Updated At                 |
+----+-------+--------------+------+-------+---------+----------------------------+
| 1  | node1 | nova-compute | nova | up    | enabled | 2017-04-14T15:30:44.000000 |
+----+-------+--------------+------+-------+---------+----------------------------+

结果

[root@controller ~]# . admin-openrc
[root@controller ~]# openstack compute service list --service nova-compute
+----+--------------+-----------+------+---------+-------+----------------------------+
| ID | Binary       | Host      | Zone | Status  | State | Updated At                 |
+----+--------------+-----------+------+---------+-------+----------------------------+
|  6 | nova-compute | computer1 | nova | enabled | up    | 2022-04-02T12:47:29.000000 |
+----+--------------+-----------+------+---------+-------+----------------------------+

Discover compute hosts:

# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova

Found 2 cell mappings.
Skipping cell0 since it does not contain hosts.
Getting compute nodes from cell 'cell1': ad5a5985-a719-4567-98d8-8d148aaae4bc
Found 1 computes in cell: ad5a5985-a719-4567-98d8-8d148aaae4bc
Checking host mapping for compute host 'compute': fe58ddc1-1d65-4f87-9456-bc040dc106b3
Creating host mapping for compute host 'compute': fe58ddc1-1d65-4f87-9456-bc040dc106b3

结果

[root@controller ~]# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
Found 2 cell mappings.
Skipping cell0 since it does not contain hosts.
Getting computes from cell 'cell1': b80c904f-d3ba-4a79-8fba-187a4c8da7d9
Checking host mapping for compute host 'computer1': f340d3b8-0c45-4ba3-ba47-2f5ac8cb1ce3
Creating host mapping for compute host 'computer1': f340d3b8-0c45-4ba3-ba47-2f5ac8cb1ce3
Found 1 unmapped computes in cell: b80c904f-d3ba-4a79-8fba-187a4c8da7d9

When you add new compute nodes, you must run nova-manage cell_v2 discover_hosts on the controller node to register those new compute nodes. Alternatively, you can set an appropriate interval in /etc/nova/nova.conf:

[scheduler]
discover_hosts_in_cells_interval = 300

Verify operation

在控制节点操作
Source the admin credentials to gain access to admin-only CLI commands:

$ . admin-openrc

List service components to verify successful launch and registration of each process:

$ openstack compute service list

+----+--------------------+------------+----------+---------+-------+----------------------------+
| Id | Binary             | Host       | Zone     | Status  | State | Updated At                 |
+----+--------------------+------------+----------+---------+-------+----------------------------+
|  1 | nova-scheduler     | controller | internal | enabled | up    | 2016-02-09T23:11:15.000000 |
|  2 | nova-conductor     | controller | internal | enabled | up    | 2016-02-09T23:11:16.000000 |
|  3 | nova-compute       | compute1   | nova     | enabled | up    | 2016-02-09T23:11:20.000000 |
+----+--------------------+------------+----------+---------+-------+----------------------------+

结果

[root@controller ~]# openstack compute service list
+----+----------------+------------+----------+---------+-------+----------------------------+
| ID | Binary         | Host       | Zone     | Status  | State | Updated At                 |
+----+----------------+------------+----------+---------+-------+----------------------------+
|  1 | nova-scheduler | controller | internal | enabled | up    | 2022-04-02T12:55:37.000000 |
|  4 | nova-conductor | controller | internal | enabled | up    | 2022-04-02T12:55:38.000000 |
|  6 | nova-compute   | computer1  | nova     | enabled | up    | 2022-04-02T12:55:39.000000 |
+----+----------------+------------+----------+---------+-------+----------------------------+

This output should indicate two service components enabled on the controller node and one service component enabled on the compute node.
List API endpoints in the Identity service to verify connectivity with the Identity service:

Note

Below endpoints list may differ depending on the installation of OpenStack components.

$ openstack catalog list

+-----------+-----------+-----------------------------------------+
| Name      | Type      | Endpoints                               |
+-----------+-----------+-----------------------------------------+
| keystone  | identity  | RegionOne                               |
|           |           |   public: http://controller:5000/v3/    |
|           |           | RegionOne                               |
|           |           |   internal: http://controller:5000/v3/  |
|           |           | RegionOne                               |
|           |           |   admin: http://controller:5000/v3/     |
|           |           |                                         |
| glance    | image     | RegionOne                               |
|           |           |   admin: http://controller:9292         |
|           |           | RegionOne                               |
|           |           |   public: http://controller:9292        |
|           |           | RegionOne                               |
|           |           |   internal: http://controller:9292      |
|           |           |                                         |
| nova      | compute   | RegionOne                               |
|           |           |   admin: http://controller:8774/v2.1    |
|           |           | RegionOne                               |
|           |           |   internal: http://controller:8774/v2.1 |
|           |           | RegionOne                               |
|           |           |   public: http://controller:8774/v2.1   |
|           |           |                                         |
| placement | placement | RegionOne                               |
|           |           |   public: http://controller:8778        |
|           |           | RegionOne                               |
|           |           |   admin: http://controller:8778         |
|           |           | RegionOne                               |
|           |           |   internal: http://controller:8778      |
|           |           |                                         |
+-----------+-----------+-----------------------------------------+

结果


[root@controller ~]#  openstack catalog list
+-----------+-----------+-----------------------------------------+
| Name      | Type      | Endpoints                               |
+-----------+-----------+-----------------------------------------+
| keystone  | identity  | RegionOne                               |
|           |           |   admin: http://controller:5000/v3/     |
|           |           | RegionOne                               |
|           |           |   internal: http://controller:5000/v3/  |
|           |           | RegionOne                               |
|           |           |   public: http://controller:5000/v3/    |
|           |           |                                         |
| glance    | image     | RegionOne                               |
|           |           |   internal: http://controller:9292      |
|           |           | RegionOne                               |
|           |           |   public: http://controller:9292        |
|           |           | RegionOne                               |
|           |           |   admin: http://controller:9292         |
|           |           |                                         |
| nova      | compute   | RegionOne                               |
|           |           |   public: http://controller:8774/v2.1   |
|           |           | RegionOne                               |
|           |           |   internal: http://controller:8774/v2.1 |
|           |           | RegionOne                               |
|           |           |   admin: http://controller:8774/v2.1    |
|           |           |                                         |
| placement | placement | RegionOne                               |
|           |           |   public: http://controller:8778        |
|           |           | RegionOne                               |
|           |           |   internal: http://controller:8778      |
|           |           | RegionOne                               |
|           |           |   admin: http://controller:8778         |
|           |           |                                         |
+-----------+-----------+-----------------------------------------+

List images in the Image service to verify connectivity with the Image service:

$ openstack image list

+--------------------------------------+-------------+-------------+
| ID                                   | Name        | Status      |
+--------------------------------------+-------------+-------------+
| 9a76d9f9-9620-4f2e-8c69-6c5691fae163 | cirros      | active      |
+--------------------------------------+-------------+-------------+

结果

[root@controller ~]#  openstack image list
+--------------------------------------+--------+--------+
| ID                                   | Name   | Status |
+--------------------------------------+--------+--------+
| 59789cdd-76e9-48f4-a441-991bf9cf1396 | cirros | active |
+--------------------------------------+--------+--------+

Check the cells and placement API are working successfully and that other necessary prerequisites are in place:

# nova-status upgrade check

+--------------------------------------------------------------------+
| Upgrade Check Results                                              |
+--------------------------------------------------------------------+
| Check: Cells v2                                                    |
| Result: Success                                                    |
| Details: None                                                      |
+--------------------------------------------------------------------+
| Check: Placement API                                               |
| Result: Success                                                    |
| Details: None                                                      |
+--------------------------------------------------------------------+
| Check: Ironic Flavor Migration                                     |
| Result: Success                                                    |
| Details: None                                                      |
+--------------------------------------------------------------------+
| Check: Cinder API                                                  |
| Result: Success                                                    |
| Details: None                                                      |
+--------------------------------------------------------------------+

结果


[root@controller ~]# nova-status upgrade check
+--------------------------------+
| Upgrade Check Results          |
+--------------------------------+
| Check: Cells v2                |
| Result: Success                |
| Details: None                  |
+--------------------------------+
| Check: Placement API           |
| Result: Success                |
| Details: None                  |
+--------------------------------+
| Check: Ironic Flavor Migration |
| Result: Success                |
| Details: None                  |
+--------------------------------+
| Check: Cinder API              |
| Result: Success                |
| Details: None                  |
+--------------------------------+

文章来源:https://blog.csdn.net/gsl371/article/details/123916224
本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。