|
|
具体操作
- b% v, b; D4 ?" c1 d
, V; p4 q( d0 ?: d. R6 y8 W创建存储池
6 @4 u8 T; z0 ]# B, j针对Openstack的3个不同服务,需要把存储资源池隔离开,也就是每个服务一个Pool:* F8 s3 }2 |! j( M; n
+ D0 Y [$ `/ |5 d+ _3 }3 s
// 创建volumes池,对应Cinder服务
H5 \) t' ~9 G( r2 oceph osd pool create volumes 1289 @2 X0 R+ L/ x7 p
2 } o& j! c# X5 f// 创建images池,对应Glance服务
* b: z+ Y- u8 j! i5 X$ Iceph osd pool create images 128 a) S) x) P+ z8 H2 p6 P) L+ y
2 T& h+ c7 M2 r" F' ?. B- Q$ O1 E8 A
// 创建vms池,对应Nova服务 S, ]* [+ b x q! `
ceph osd pool create vms 128
3 w& h0 q2 ~, y/ D1 Y* K, Y
4 a8 E( ^( F- g- p$ H// 创建backups池,对应Cinder-backup服务。但这个backup在同一Ceph集群中,意义不大,既然是做备份的话,就应该跨集群或者跨机房、跨区域来达到备份容灾的目的。" {" N% r3 c i3 v( n9 A; S
ceph osd pool create backups 128
4 Q1 M+ ]5 v* t2 D( G8 k# q+ g9 y* f, l. |/ K
' z x# m7 t* x5 i7 Q安装Ceph相关包3 j, B7 p b) [9 J" F
在glance-api的主机上安装python-rbd包; @% z' g9 e h7 a% ]3 i
- G2 u( f, P) L, l* P
yum install python-rbd) B4 w& z8 E7 Z4 x+ W) c9 L
# B3 V: C* u& F
: \) b1 w* }' w9 L+ w" j' D6 I3 b在nova-compute、cinder-volume、cinder-backup节点上安装ceph-common包* _6 _0 J1 v8 H& o5 l1 {7 d! `
, u( G% w3 h# k g- ^( X0 G
yum install ceph-common
$ Y( ]! t3 ]+ q% k7 j- c2 m/ f6 V安装完ceph包之后,需要将ceph集群的ceph.conf copy到所有client端。
# i6 n6 ^& W- C% v$ U. R" U5 B, y' A4 X$ L
如果在Ceph的配置中打开了auth认证,就需要做如下的操作;如果Ceph中的auth都是设置的none,也就是关闭的话,可以不做如下操作。9 H. O8 ^6 ^) I5 d
7 J+ A7 d! D" F ^9 ^6 ]9 S
, O( d* {/ o0 Z5 ]' l5 Q% f& Q+ i0 R
在ceph中创建了cinder、glance等用户,并做了权限控制# w2 }7 k7 }& L% S2 v. }6 K
* Y8 x: L7 \5 P5 k; _3 wceph auth get-or-create client.cinder mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=volumes, allow rwx pool=vms, allow rx pool=images'3 I4 j! t* K6 a: r4 E9 A: r6 e4 Q& B
ceph auth get-or-create client.glance mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=images'" u6 M3 T) h; T
ceph auth get-or-create client.cinder-backup mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=backups'
$ D; |# I6 F1 i0 w$ Y$ Y* I7 h$ v6 V! S! `6 A' ?) i
( U! r$ j! _0 V7 p( Q将上面生成的keyring文件,保存在相应的节点上,并修改为相应的权限0 M$ r7 r+ C# H8 L3 }6 T) u
% o" ^+ }- s. E, G// 注意替换所有的server为相应的主机名
- I" V! @1 q/ i+ z# \! l$ pceph auth get-or-create client.glance | ssh {glance-api-server} sudo tee /etc/ceph/ceph.client.glance.keyring/ H4 J, e" \* o6 A( r2 m/ }7 A6 m4 L
ssh {glance-api-server} sudo chown glance:glance /etc/ceph/ceph.client.glance.keyring
E( @ ~5 L" \9 X1 Vceph auth get-or-create client.cinder | ssh {cinder-volume-server} sudo tee /etc/ceph/ceph.client.cinder.keyring
) \ L) s7 q7 m" X3 z6 xssh {cinder-volume-server} sudo chown cinder:cinder /etc/ceph/ceph.client.cinder.keyring" K6 }( S/ C6 C3 A$ M! W
ceph auth get-or-create client.cinder-backup | ssh {cinder-backup-server} sudo tee /etc/ceph/ceph.client.cinder-backup.keyring
' Z8 Y9 J3 r c( ^; Hssh {cinder-backup-server} sudo chown cinder:cinder /etc/ceph/ceph.client.cinder-backup.keyring
_+ R" y: j; `% q% N% m) [: m$ c/ K9 p. B0 n6 E* \% ?- ~# l
3 t3 g9 O! G7 E- y
在nova-compute节点上保存和cinder-volume相同的keyring& y: H" S f2 J4 c" c
# `7 t. f& h5 J$ N5 B
ceph auth get-or-create client.cinder | ssh {nova-compute-server} sudo tee /etc/ceph/ceph.client.cinder.keyring
5 I/ W2 B6 ^7 V/ k0 s1 W0 _
! j9 v0 k& U2 Q. m. E, H- u G L% L0 T: \/ o/ D
在libvirt上添加secret key ^9 W) }, h n( R: Z
" C0 p% v5 {" _// 获取cinder keyring,并保存到一个临时文件中% P: L6 E& H9 t
ceph auth get-key client.cinder | ssh {nova-compute-node} tee client.cinder.key
], G$ U) i& W
6 D1 M9 Y. s$ G2 l" O// 生成一个UUID5 m* v1 c: K. R, t$ [
uuidgen
' l ] c0 h( l) ~% S% z457eb676-33da-42ec-9a8c-9293d545c337
, W3 l2 Q3 F. n1 b v. L- {& }+ x) {, A( L: v
// 修改secret.xml文件,注意替换下面的uuid
/ [, Y( u! T* e0 C0 A+ {$ m. jcat > secret.xml <<EOF& c* ?5 ^ M; @! S9 K9 M6 a
<secret ephemeral='no' private='no'>2 J k6 b+ g& M# [% h
<uuid>457eb676-33da-42ec-9a8c-9293d545c337</uuid>
3 j9 s& l1 r2 T' N9 n k <usage type='ceph'>8 {6 U3 ?& J O
<name>client.cinder secret</name>
, k6 B7 {: j5 H7 G2 I: J </usage>
0 X! u" Z6 F0 L+ z7 g3 T/ k, n</secret>, K: R, R1 B5 M6 W6 k+ Q
EOF
! O" i* H' i, p! Y
! T9 W5 A1 m' B; j# L; p( Ksudo virsh secret-define --file secret.xml) U+ q2 Q2 p1 }" l! M. [1 q! O6 e/ c/ Y
Secret 457eb676-33da-42ec-9a8c-9293d545c337 created% d9 p. S, l' }
( t5 ?' x, u$ r8 j// 设置libvirt的secret key,并删除之前的key临时文件
2 S- D# T8 T+ lsudo virsh secret-set-value --secret 457eb676-33da-42ec-9a8c-9293d545c337 --base64 $(cat client.cinder.key) && rm client.cinder.key secret.xml
# Y4 V$ {$ r- o2 f
7 @" r/ {. i: F8 w. Z; s# a d) Y8 ^6 R5 o. |! c ]( ]
在三大模块中增加ceph相关配置9 ?6 M6 L& g7 {2 }$ c
Glance配置7 \5 e& W K+ D9 {* M7 I* o8 \) }
8 ~8 e1 u, ^; v1 {6 _ P
// 在/etc/glance/glance-api.conf中添加如下:
* X& k/ B5 K7 f1 ^2 {% J" y2 y/ E% d. I" x
// 在DEFAULT域中增加:
: O4 `# `+ h& k) {9 a$ O9 Y[DEFAULT], A, P5 { s) W- Z
default_store = rbd0 [" a1 h1 \0 `5 x7 @
, U0 i8 E2 l i- @2 G// 在glance_store域中增加如下,如果没有glance_store域,直接创建:
( w% \1 g6 W$ D8 ~2 ~( G- w7 o[glance_store]) p3 P5 }) q) u5 ~4 N
stores = rbd) J0 L0 M% k& Q9 i' `
rbd_store_pool = images6 a' X, I) a% Z& k$ r5 M
rbd_store_user = glance; W. M. | y! j, `& w+ W
rbd_store_ceph_conf = /etc/ceph/ceph.conf' l" Z J+ c. @6 ]0 C
rbd_store_chunk_size = 81 o5 n. x, Y1 Y$ j, `, ?; ^
- B( ~) j, x9 P n2 {5 d, z
1 h) G: B6 |0 r- Q zCinder配置
5 q L( B" n; d2 s% M1 a
+ p+ \' h$ e/ l// 在/etc/cinder/cinder.conf中添加如下:4 k; u& @: J7 o" v9 A" T8 w. v: \" w
$ a( P( A* ]# O5 ~, l// 在DEFAULT域中增加:
5 o5 d1 W& f d/ q[DEFAULT]% g8 Q3 @* Y6 n; `+ j
enabled_backends = ceph
( f7 |+ M/ J$ y% ?) b! ?/ {" ~
+ ^: c9 `, L4 V8 r1 U// 在ceph域中增加如下,如果没有ceph域,直接创建:( O/ A! y+ ^" n; u
[ceph]
! K1 x& K5 ~- M$ _" Pvolume_driver = cinder.volume.drivers.rbd.RBDDriver$ { `7 O& f j$ b2 P5 C
rbd_pool = volumes# C" \4 u( A9 I, F! g8 D0 ^
rbd_ceph_conf = /etc/ceph/ceph.conf$ X+ Y9 o& R1 A! ^+ s H
rbd_flatten_volume_from_snapshot = false
) Q# k5 Z) p) ?: X: Y8 |# Srbd_max_clone_depth = 5
3 t) Q; G4 R- E, C# qrbd_store_chunk_size = 4; ~0 l4 U$ L9 \, D- z% k1 `
rados_connect_timeout = -1# Z8 L$ w* @& _% i [' x
glance_api_version = 2' L" ^' U/ u0 \: d% s) w/ h( W
3 ~, E& O- h5 w# m; o// 如果使用了ceph auth,还需增加:
, t# T+ J4 B5 W$ f$ grbd_user = cinder
: i& \8 I5 \& Z; _8 u9 Brbd_secret_uuid = 457eb676-33da-42ec-9a8c-9293d545c3377 J# h. I6 U: b9 b
* c9 W( w+ u: I& i
5 X W. P; |0 r! I0 yCinder-backup配置
/ E# G8 L5 W$ D) k4 N4 W& [( _2 s+ C" g- e% b) t: Y$ ?# U4 x8 ]
// 在/etc/ceph/ceph.conf中添加如下:4 S, S. \& N: F/ R0 c
backup_driver = cinder.backup.drivers.ceph
4 }7 H6 A) X/ _' H% J# B0 M& G: Qbackup_ceph_conf = /etc/ceph/ceph.conf
9 s; J( k7 _$ Z% }. xbackup_ceph_user = cinder-backup9 X7 e$ b* Z' [5 w9 Z3 H4 u/ c% {
backup_ceph_chunk_size = 134217728
! h/ U1 }; \6 o6 H% a y; Abackup_ceph_pool = backups* s9 S# G! \. Y5 D/ {, m: H
backup_ceph_stripe_unit = 07 s4 L& X/ y8 o5 s
backup_ceph_stripe_count = 0) j! N e" Z' a% b* v
restore_discard_excess_bytes = true( d- J0 r- p. q) K: V9 e
! S4 W2 [& w3 a* N% B& A) i- k
$ I+ ^# Z) H3 B- f' M* i
计算机点Nova配置
% W1 t, i' s# ~6 l( p- c0 `4 ]" m1 y! U/ J$ c; R
// 在/etc/nova/nova.conf中添加如下:
& T, A4 _3 I# y0 l) }9 ~[libvirt]/ R$ t G' D$ B w1 L
images_type = rbd: p( y) z' ?) {8 a; O1 l
images_rbd_pool = vms! |# P! G: n M& E/ D8 N" f
images_rbd_ceph_conf = /etc/ceph/ceph.conf
9 V( I+ ~0 e6 Y6 i" Z8 L3 V( V4 M. ?rbd_user = cinder
/ S) C2 `; J/ s- Irbd_secret_uuid = 457eb676-33da-42ec-9a8c-9293d545c337
# [# o* X: V: k5 mdisk_cachemodes="network=writeback"/ }, a9 r) o k! `7 r( |
|
|
发表于 2018-10-12 17:12:21