|
|
|
创建cinder并设置权限 [root@controller ceph]# ceph auth get-or-create client.cinder mon 'allow r' osd 'allow class-read object_prefix rbd_children,allow rwx pool=volumes,allow rwx pool=vms'设置密钥 [root@controller ceph]# ceph auth get-or-create client.cinder | tee /etc/ceph/ceph.client.cinder.keyring
2 c2 Z& n; V/ f5 o0 w
0 L4 A9 O4 ]7 w0 Y" M4 l# ]#传送密钥到computer7 Y5 {9 B l" i
# D: H4 {) j' W6 l, g[root@controller ~]# ceph auth get-key client.cinder > client.cinder.key
. W o7 }* s S) \; S: S& }
1 @4 t( X8 V5 }[root@controller ~]# scp client.cinder.key computer:/root/5 e1 ~1 m- D: ^6 b
( L6 L( W# H. ~& U( D" G9 g }#修改权限
& j2 ?" n: R; c8 _7 ~
; N) {7 u6 N% Q! U- p. D( J3 ][root@controller ceph]# chown cinder.cinder /etc/ceph/ceph.client.cinder.keyring* I1 l2 P. L/ E( v
设置密钥 #computer生成uuid
0 J d ]' F9 P3 y$ ^1 `8 C# J0 G( c' _- s; D ~1 W
[root@computer ~]#uuidgen1 O" `0 x- t q; A9 E' x) C3 ?$ E. J
" J* |7 O) b0 v% y, s" _% l1fad1f90-63fb-4c15-bfc3-366c6559c1fe #创建密钥文件1 D8 F. I7 n, O" [5 v+ [& s
! t6 s: v7 |; v[root@computer ~]# vi secret.xml
! R. z& C( }, \, v4 C$ {4 y% a 1fad1f90-63fb-4c15-bfc3-366c6559c1fe client.cinder secret
. A6 O P* H, y7 O3 D) b2 T; X# c- y* \1 d, h
$ ]* s7 g1 ]; q# G
#定义密钥
: o6 V1 K) E( M' Evirsh secret-define --file secret.xml
- V6 B( i* i' i5 P# r$ J$ D) Z7 z; ]0 y# z0 e& K/ X4 |2 v! L1 b
1 ~: `( ]/ ` m4 i; U
#设置密钥2 T6 Z; z1 O4 G$ S& X" p
# C! X' P& S2 @8 L
9 r. ^1 L- O8 @$ V( pvirsh secret-set-value --secret 1fad1f90-63fb-4c15-bfc3-366c6559c1fe --base64 $(cat client.cinder.key) && rm -rf client.cinder.key secret.xml, Q! u a7 n3 c- w* m# \ F
# x! w C8 O& F* i
4 L3 u) R. l' {设置对接cinder模块$ M6 G0 m; [9 P/ h: O/ F" C
修改配置文件 [root@controller ~]# vi /etc/cinder/cinder.conf, O- P$ v+ [/ l- Z* Z6 y
' Y2 a# s( f* U' ~6 R[default]% H: p$ C" u; f
/ V) M, y/ U4 i& K7 Z
rpc_backend = rabbit3 n5 `/ k/ w! n
2 I' B K1 E, V6 W
auth_strategy = keystone7 _7 G: j5 B" G. J9 [) V
! r$ V, a6 N$ y
my_ip = 192.168.8.65
" w0 @1 t0 y* C! K
9 X( B2 }9 A+ @ g8 n6 Penabled_backends = ceph-1# E5 h. }0 j* M+ l! X- f% l9 m
6 c5 V6 o' d+ ?" q" p
[ceph-1]8 i8 ^2 R, d0 V, L3 R; [- g
/ m+ N7 D! F7 |* q# ~5 o6 J# a9 b
default_volume_type= ceph-18 Q6 v# ~) X0 u+ l4 M9 T
" v s1 ` D& o2 Mglance_api_version = 2
% H6 X/ o$ K9 x d# F) O5 Q5 n, [" C: `- n3 k, X0 A
volume_driver = cinder.volume.drivers.rbd.RBDDriver$ W/ P( b2 S# q3 q' r9 W& y" d- x2 z
1 b4 n0 D5 T2 t
volume_backend_name = ceph-1
% T/ {$ m# z8 n' A' h! E7 E9 t1 ?
q' w3 K' t8 u8 Y% |0 |1 xrbd_pool = volumes
- k1 x9 K9 M5 r2 t
% E( Z! I! Q3 \3 Nrbd_ceph_conf = /etc/ceph/ceph.conf
" Y e" n [) ~$ E3 O) O# [
2 N( p' H8 w$ `6 y m4 N6 ^rbd_flatten_volume_from_snapshot = false
d i5 \" ~; a! }9 x% N( Y6 x; t; a
rbd_max_clone_depth = 56 k- Z5 m* M7 h% L
0 B7 d, j, H+ crbd_store_chunk_size = 4
: X/ W) ?7 E& X! ~/ M N$ E7 w( ]" x9 s7 P
rados_connect_timeout = -1
0 G$ ^: Q* @8 g; d3 a( I" t6 ~6 G
* x, Z$ S7 i" Z' Grbd_user = cinder& F: ?7 V( E' M* G
$ }4 n. [. a; G/ C
#对应computer创建的uuid
% l# F) W; y4 ]7 ?" H7 U4 _2 O& u6 G) k
rbd_secret_uuid = 1fad1f90-63fb-4c15-bfc3-366c6559c1fe . ^9 r9 _ J7 n1 r" i( k! C2 b
同步数据库 #若已经有数据库,对数据库进行删除并重新创建和同步
; c' C& S9 [3 h' ^7 {# k' Z: `7 _2 ~4 m( a k
[root@controller ~]# su -s /bin/sh -c "cinder-manage db sync" cinder
2 n& m* I% v7 r8 U重启服务 [root@controller ~]# systemctl restart openstack-cinder-api.service openstack-cinder-scheduler.service openstack-cinder-volume.service设置ceph的类型和存储类型 [root@controller ~]# source admin-openrc
( c9 \% L. q% T! x1 Q$ d3 [3 ?5 G$ O1 B1 o& U$ `' G, t! B, |; q
[root@controller ~]# cinder type-create ceph-1. g& H: j" r5 y: g
# |- |/ x! `" ?) k0 E5 v; N[root@controller ~]# cinder type-key ceph set volume_backend_name=ceph-1; |9 O3 l$ R) ^: p6 y
( M y/ i0 X, Y* i' I! H( q
对接nova-compute模块
" g8 S0 G$ V4 B/ M7 t, [5 C9 Pcomputer结点修改配置文件 [root@computer ~]# vi /etc.nova/nova.conf% B h- q" d0 {& o( t8 S
% ?1 j: z5 R7 ^
[libvirt]! k$ _2 ~9 B7 n% Y% ~
" F2 O/ u# N" \: ivirt_type = qemu/ T0 [, R+ @+ j- d0 R: r* ?7 }( Z
% I$ Q# o4 d& D! r$ k- y7 h! Y
inject_password = true& |1 g. _" E' z2 L/ N& ]. ?, Q
) Y% q- m, D% k' M- e! kinject_partition = -13 l. c F6 C" r* T
1 }2 O6 |. S9 Z4 M1 v# ?images_type = rbd8 N2 A8 O2 m. T& P# Z
* F$ R. y* j/ v
images_rbd_pool = vms
4 m) h, C$ W( [0 u5 O
# x/ _, w" U# B6 X+ |2 m) C2 ?images_rbd_ceph_conf = /etc/ceph/ceph.conf$ A6 H( \) K, P/ h) @4 b
& {& w% u, ^: K1 I/ w# g* }, R2 y7 Rrbd_user = cinder$ [1 S/ |# F$ r6 A# D
; J/ u5 j3 k. W' m4 Rrbd_secret_uuid = 1fad1f90-63fb-4c15-bfc3-366c6559c1fe0 r i6 k1 A" d% }2 `
y4 O. s F) H% |4 U- @8 V
disk_cachemodes = "network=writeback"- [! d' ?* T' P* \8 U
' |% n% ]: }/ g* l# M
live_migration_flag = "VIR_MIGRATE_UNDEFINE_SOURCE,VIR_MIGRATE_PEER2PEER,VIR_MIGRATE_LIVE,VIR_MIGRATE_PERSIST_DEST,VIR_MIGRATE_TUNNELLED"
* k5 S1 t, y9 m5 R! G2 ^1 Q, b8 S9 {* B/ E( @
hw_disk_discard = unmap 6 U# v, n% _6 D; O9 x. ^ N, I% z+ j4 r
& z+ c: r- b& H* t[root@computer ~]# vi /etc/ceph/ceph.conf
' Z% l' u; \- q0 |$ R' E8 k2 b4 x) v, P1 S/ ?, U+ c
[client]6 S; U/ R; S9 C( J9 e
% M6 g+ B @# C' X5 }
rbd cache=true
+ U' f3 I4 ?8 `/ g: ]
A% H( Y9 b) }* W7 q0 H3 nrbd cache writethrough until flush=true
& Z9 Q& n4 _1 r0 L3 ~
! X/ s9 V2 F/ a7 c* z, m7 I F! Oadmin socket = /var/run/ceph/guests/$cluster-$type.$id.$pid.$cctid.asok% f" L' p6 Z; c- i7 o& p- G$ K
1 G9 C, t" A( Q! U+ S x
log file = /var/log/qemu/qemu-guest-$pid.log
/ O# Q/ q) G! c
+ t& u3 k4 y3 ^ T6 srbd concurrent management ops = 20
. u7 |# B; _& a- Q9 `' [* I创建日志目录 [root@computer ~]# mkdir -p /var/run/ceph/guests/ /var/log/qemu/2 O; V3 X z I+ u( n
+ j' e3 k8 ]0 b; N6 A: W# y: k9 E[root@computer ~]# chown 777 -R /var/run/ceph/guests/ /var/log/qemu/
+ {$ T/ K) x7 G; ]& |controller下发密钥 [root@controller ~]# cd /etc/ceph
" U" G. I. b! m; u0 G' A
8 [) U. w x$ i+ s! P: L[root@controller ~]# scp ceph.client.cinder.keyring root@compute01:/etc/ceph% D3 w$ S* a' z4 v7 C" V
重启服务 [root@computer ~]# systemctl stop libvirtd openstack-nova-compute
+ B7 i. @. x$ k" u( h/ B3 ~1 c* K! N+ Y
[root@computer ~]# systemctl start libvirtd openstack-nova-compute
$ @' E3 q; K% N+ m
. u$ ]: y, \5 p( B3 ]
C( |1 J: k" @/ H7 v# R |
|
发表于 2021-7-19 11:06:38