|
|
楼主 |
发表于 2018-12-23 22:58:43
|
显示全部楼层
[1] Add users and others for Gnocchi in Keystone.
9 b6 E- E8 G$ n. E) k7 x$ n; _7 ~ O# add gnocchi user (set in service project)& l) Q% i8 w# k* s; p* f# K8 i
[root@dlp ~(keystone)]# openstack user create --domain default --project service --password servicepassword gnocchi
7 B( i3 I7 \1 w% U+---------------------+----------------------------------+
0 P0 b$ Z7 n4 R5 L8 C: g1 q| Field | Value |4 _1 K9 p4 L2 L- I, Y+ g$ N
+---------------------+----------------------------------+/ m' Z H" b# w/ ^
| default_project_id | b1da1070c8af427886d0202f8bbe414f |, ]. ] I6 f: |5 _6 f% e" R! u
| domain_id | default |# S& C. f m% N* {5 Z
| enabled | True | T7 V# H; v" ?
| id | c88a3abbad194ec9a18c101a91a60576 |$ A4 P' K& o6 @
| name | gnocchi |
& L" S& t% P7 z4 J| options | {} |. C2 h- C4 ~& e2 h# i
| password_expires_at | None |
% k/ X" s& ]$ [) B& U0 O+---------------------+----------------------------------+& X! @, i# Z' c+ U5 v
! T- A4 G& v, U. u7 k+ [
# add gnocchi user in admin role
& X9 B+ w2 ]1 r! v1 @% `( x0 g[root@dlp ~(keystone)]# openstack role add --project service --user gnocchi admin9 n9 w" f8 U. y8 {
# add service entry for gnocchi0 ]* n) U- g; D4 m
[root@dlp ~(keystone)]# openstack service create --name gnocchi --description "Metric Service" metric
! ~! q7 Q+ d+ Y; u" f+-------------+----------------------------------+
A M# O+ E. g( X| Field | Value |" p, l3 Q$ G1 Y; Z
+-------------+----------------------------------+
- N. j) Q! Q3 V& T# A5 t' L8 U) J| description | Metric Service |
. m6 k6 n7 i% a0 L4 k C0 C( p| enabled | True |
$ J" }+ \! Y& G! G| id | c1e4e9055d38453490e6b7e283a4c547 |
U+ u1 b$ U$ U6 t- S1 D: y| name | gnocchi |
, J1 A( g( T8 V% v| type | metric |0 J/ b: O; H" v& K; X$ _( Z+ C0 g
+-------------+----------------------------------+
6 e& X7 ]% \8 l: f2 b; Z5 @8 H$ w
# define keystone host
! V- n7 M* b" x n v[root@dlp ~(keystone)]# export controller=10.0.0.30& L/ K4 p4 i' [# A
# add endpoint for gnocchi (public)! N* `( j v5 B
[root@dlp ~(keystone)]# openstack endpoint create --region RegionOne metric public http://$controller:8041
! T# p) A: z; D2 j/ o+--------------+----------------------------------+; A/ P# y" [6 {9 o$ F; n
| Field | Value |- F" p( q5 L! Y! X6 ^2 e7 w
+--------------+----------------------------------+
. `- f" @3 ]) L/ b4 @| enabled | True |* @$ w$ n- I& @0 I! g
| id | 1b3aa18b5d474af7915f366414fe71da |7 X5 s+ r3 X/ J* ]2 ^( s- e
| interface | public |* w/ j2 c+ d; Y# \, q J1 ?
| region | RegionOne |0 {. m* j$ S0 a# F4 w
| region_id | RegionOne |" C& v) ?, a$ _
| service_id | c1e4e9055d38453490e6b7e283a4c547 | {0 k$ @( t0 z1 d" ^
| service_name | gnocchi |1 L" h/ C8 E% e
| service_type | metric |
# L) z4 J1 O5 f| url | http://10.0.0.30:8041 |
9 K. {) p7 O) t+ ? q+--------------+----------------------------------+* N& f/ S& L; U# L9 ~
4 W8 G6 ^" D7 T5 @# add endpoint for gnocchi (internal)
- O" B' i1 a1 P0 v/ c7 Q[root@dlp ~(keystone)]# openstack endpoint create --region RegionOne metric internal http://$controller:8041
2 o9 A8 K0 W6 I7 a6 m; |% |+--------------+----------------------------------+% T7 [2 E' f; e- \( K0 X7 t" f
| Field | Value |5 A7 O* J) r) Y, ~9 i
+--------------+----------------------------------+! s& t3 T6 W5 h4 |$ q1 H
| enabled | True |
7 i% h; D: q: p/ P$ F. a| id | 88fcc0e358124e46bc196e9bf2d5d73a |( [7 Z& T5 f7 f* X5 b0 G5 R, K
| interface | internal |" ]2 [$ q3 k% z, w% M
| region | RegionOne |) b( ?, e% h4 e( s W: q
| region_id | RegionOne |; T9 @! G4 t- ~
| service_id | c1e4e9055d38453490e6b7e283a4c547 |
5 K. {4 v6 q" f| service_name | gnocchi |' h) E; s. n1 T
| service_type | metric |( c$ r" M; q2 d- G/ V; Z
| url | http://10.0.0.30:8041 |
5 w+ ~' A; t8 Y+--------------+----------------------------------+
O( d4 I, S, J" f; R, L c6 v# T2 @, [7 O3 f2 p2 V
# add endpoint for gnocchi (admin)
8 |* B( \! ~( i* ?8 _8 g[root@dlp ~(keystone)]# openstack endpoint create --region RegionOne metric admin http://$controller:8041 8 k% a0 x6 V J* N, S
+--------------+----------------------------------+
) U7 N! T( L- j6 E' @2 [2 J| Field | Value |
) v0 u, I8 q' \( @ b9 g+--------------+----------------------------------+! N/ U# E1 p* `5 a; e, P
| enabled | True |
$ ]: ]5 G! r" t" A8 P% [0 q3 Z* S| id | f7d7e9d8dd3c464a8a579b7defd2e575 |
' J4 K1 R4 U" u| interface | admin |
! h4 C) M' @! ]6 i7 f| region | RegionOne |
) O- B6 p6 D1 X6 j3 s U5 O| region_id | RegionOne |' Q; x( h( b( [: n
| service_id | c1e4e9055d38453490e6b7e283a4c547 |
1 B ]3 q, j; O& L, Z| service_name | gnocchi |
8 b9 |7 ?( h; \| service_type | metric |
$ c" Q# K: E* {6 a* j. q| url | http://10.0.0.30:8041 |( f/ w8 [! L1 A& G# d* W
+--------------+----------------------------------+: z/ f e* N- K( l
[2] Add a User and Database on MariaDB for Gnocchi.
}+ B0 E( d2 k8 N, w- ^4 R[root@dlp ~(keystone)]# mysql -u root -p ' Z, b' x' p7 F2 `/ G+ C
Enter password:
- x6 Q5 }' u' G; j: XWelcome to the MariaDB monitor. Commands end with ; or \g.
5 k. P. c+ H$ Z% l% T8 wYour MariaDB connection id is 715 h: P5 k+ X. }2 z7 H9 X1 ]
Server version: 10.1.20-MariaDB MariaDB Server0 C% m# Y \6 S% Z. p! i3 {7 s5 `( k1 l
7 S' C, T7 A5 T2 J5 w( O
Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.
$ U' ^# b* x. n) u) U# o& S+ J& |) x. l+ N+ ], ~9 }
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
/ B* \ Z7 d" {) L8 [7 J& n% H: T
/ S7 g8 Z: }+ Q7 q5 f8 }MariaDB [(none)]> create database gnocchi;
" H: G& S5 r3 R/ g' a5 XQuery OK, 1 row affected (0.00 sec) v" Z& ]; O9 h8 b: Z6 d, I2 J
MariaDB [(none)]> grant all privileges on gnocchi.* to gnocchi@'localhost' identified by 'password';
% _% X5 I/ ]* z' Q' ^3 k/ aQuery OK, 0 rows affected (0.00 sec)* {# A( v/ O E! I7 w
MariaDB [(none)]> grant all privileges on gnocchi.* to gnocchi@'%' identified by 'password'; 4 H" d5 C. T- e5 u0 H7 Z. U
Query OK, 0 rows affected (0.00 sec)
' f3 s3 ~% x: }$ T! l6 ~- |MariaDB [(none)]> flush privileges;
& [! @* ~# y6 H8 t! d# d& GQuery OK, 0 rows affected (0.00 sec)
- G, o# m3 ]4 mMariaDB [(none)]> exit
' t. J+ ~2 o4 P( I" v U3 cBye
9 j4 T. ]1 _ b" [) [4 z% F[3] Install Gnocchi./ P( G' u' I" ]% I" G' R
# install from Queens, EPEL
* ^1 _9 L; b) T2 x# U" G; D[root@dlp ~(keystone)]# yum --enablerepo=centos-openstack-queens,epel -y install openstack-gnocchi-api openstack-gnocchi-metricd python2-gnocchiclient
) i9 Z v: l0 l5 \4 F1 N[4] Configure Gnocchi.
4 O% g3 f2 v. A* v }" k% {' Z[root@dlp ~(keystone)]# mv /etc/gnocchi/gnocchi.conf /etc/gnocchi/gnocchi.conf.org ' m, f. n) z7 d' c7 x& z' v' Z/ F
[root@dlp ~(keystone)]# vi /etc/gnocchi/gnocchi.conf* ~! v0 z, f- i0 l+ l/ L5 L
# create new
' A7 N5 _# E# K. U[DEFAULT]$ C- u: u' Y3 q( S( j6 S4 u% R4 m
log_dir = /var/log/gnocchi
$ D4 b+ E8 ~/ y0 ]5 k% S( ?9 i
- Y( @( k W. k[api]
e- H \! ?! ~auth_mode = keystone" u; ?; n2 L a, Z$ i, k, }
& Q3 H8 I R) U7 P, V( I
[database]
9 _5 p7 i0 `# @( t( Wbackend = sqlalchemy
0 Z' {. m- i/ F; E' {1 p/ S
# @' @; ]0 ~. S, f( W( n# MariaDB connection info
' P8 C: X, Z. y* C4 ~1 ^3 ][indexer]
: u9 ^' ]- z; w' n8 _2 |) g8 i3 iurl = mysql+pymysql://gnocchi:password@10.0.0.30/gnocchi
: O/ e8 e0 l0 r4 i6 r t k$ ~4 b, d; z, n9 o- [% h) Z c
[storage]( |) c/ A7 w$ u8 _2 N9 ?. _8 d
driver = file4 o9 L- v0 g# G* d4 L. n$ }
file_basepath = /var/lib/gnocchi
' W- z- _ `; M E" I2 n" `6 E4 I0 \, i
# Keystone auth info
( ~: b6 J. S5 q3 v0 V# _$ M[keystone_authtoken]
' Z; r! o1 G: j$ Zwww_authenticate_uri = http://10.0.0.30:50006 G. U/ B% l. Q, |' o# a/ q
auth_url = http://10.0.0.30:5000
. }: T6 \2 j7 N/ umemcached_servers = 10.0.0.30:112116 u, Q& C9 f! L6 {
auth_type = password- O/ A ?' R. a3 Y- ?" I: q
project_domain_name = default8 w* p. B8 O, R
user_domain_name = default
) a4 b0 k6 E$ h9 [project_name = service# j# p7 a5 R' i' ^, O: K2 z' d
username = gnocchi" G. [' R4 q6 |& h" I1 _) F
password = servicepassword
4 S* D4 C0 E0 ?+ Y5 V2 Lservice_token_roles_required = true
" G: c; C$ m% @2 u" c$ a2 ]. V' j
. N; h+ T; z4 m/ Q: F3 X$ p* B[root@dlp ~(keystone)]# vi /etc/httpd/conf.d/10-gnocchi_wsgi.conf
; N6 o, i6 L) i& C- I+ \5 q# create new7 W) g$ l8 o8 Y# u
Listen 8041- N' \+ h9 C5 v
<VirtualHost *:8041>0 S+ V: t+ E$ D! [$ p
DocumentRoot /var/www/cgi-bin/gnocchi0 w( B, p" F+ J( b& C& h F& K2 T
" H4 f4 i- t4 K$ b
<Directory /var/www/cgi-bin/gnocchi>
: T. T! Q4 N+ O2 r$ H) }+ o AllowOverride None
6 ]* ~# Q( o) f& v Require all granted* X. ]8 _7 U- _* v1 W: z+ s
</Directory>8 I- F1 B- N1 c5 e- T- s- @
3 a% \0 N$ s2 j c+ A( ` CustomLog /var/log/httpd/gnocchi_wsgi_access.log combined
! ~# i3 Y0 e6 u) V# W1 g4 [ ErrorLog /var/log/httpd/gnocchi_wsgi_error.log
% Q1 v1 v3 ]1 s5 s) U5 } SetEnvIf X-Forwarded-Proto https HTTPS=1
7 v! t& a* d+ d7 F* ?/ M9 |0 x WSGIApplicationGroup %{GLOBAL}5 h% R, z6 _5 \
WSGIDaemonProcess gnocchi display-name=gnocchi_wsgi user=gnocchi group=gnocchi processes=6 threads=6$ X/ n0 d6 I8 g5 h# A
WSGIProcessGroup gnocchi4 M! ]7 d( {' M0 W3 \ k: e
WSGIScriptAlias / /var/www/cgi-bin/gnocchi/app
1 d+ X' v2 U) R+ m7 [</VirtualHost>2 ~! T d1 r: V! s
% Q9 g& z2 {+ K
[root@dlp ~(keystone)]# chmod 640 /etc/gnocchi/gnocchi.conf , T: N5 ^3 U+ ^4 M: J
[root@dlp ~(keystone)]# chgrp gnocchi /etc/gnocchi/gnocchi.conf
: ]8 E$ o4 v. Y3 y+ t( U* F[root@dlp ~(keystone)]# mkdir /var/www/cgi-bin/gnocchi 7 l* _* Y4 j$ y% S" q9 q `
[root@dlp ~(keystone)]# cp /usr/lib/python2.7/site-packages/gnocchi/rest/gnocchi-api /var/www/cgi-bin/gnocchi/app 9 F% s: y. K$ p9 A
[root@dlp ~(keystone)]# chown -R gnocchi. /var/www/cgi-bin/gnocchi & b4 ^/ o5 }; m# i$ s9 F
[root@dlp ~(keystone)]# su -s /bin/bash gnocchi -c "gnocchi-upgrade" + ^' F) [* l+ I8 ^0 @0 ^
[root@dlp ~(keystone)]# systemctl start openstack-gnocchi-metricd
' K6 Q/ E+ Y+ q: @$ k[root@dlp ~(keystone)]# systemctl enable openstack-gnocchi-metricd
* Q9 f# {4 m" x2 H: c1 \[root@dlp ~(keystone)]# systemctl restart httpd
G! }/ [3 _" ?/ X# ~# show status
1 {# R2 _: C) k7 @& _6 e3 E J; Qroot@dlp ~(keystone)# export OS_AUTH_TYPE=password
6 h. y, s6 ]% proot@dlp ~(keystone)# gnocchi resource list) A8 b$ }. T2 l# L5 @" X0 u* v: |
# no problem if no error is shown- r" J& r) ~" t; f6 G
[5] If SELinux is enabled, change policy.
4 @( z1 c" f! h2 }2 w5 ?+ h. S- E[root@dlp ~(keystone)]# semanage port -a -t http_port_t -p tcp 8041 0 {- A/ ~) n$ g+ L" _- R1 [
[6] If Firewalld is running, allow service port.
; g6 {- c3 d Z; [/ @4 x[root@dlp ~(keystone)]# firewall-cmd --add-port=8041/tcp --permanent
9 o9 e6 e! W& o- q4 ^" h" r: H( b/ Bsuccess
- y4 i8 ^( o& E[root@dlp ~(keystone)]# firewall-cmd --reload 9 d) q2 o& A, N1 f( M2 W
success |
|
发表于 2018-12-23 22:56:33