ceph 对接openstack mitaka

admin

创建存储池

  ~. Y! ?1 `0 ?# f# ceph osd pool create images 64
# ceph osd pool create compute 64
% ?7 L$ @8 S' }2 f# ceph osd pool create volumes 64
# ceph osd pool create backups 64
Create Ceph User ceph

+ F# s5 J; ~% ^8 t0 u, L# ceph auth get-or-create client.ceph mon 'allow r' osd 'allow class-read object_prefix rbd_children, \
allow rwx pool=images, allow rwx pool=compute, allow rwx pool=volumes, allow rwx pool=backups'
  y: t- b; d( Q[client.ceph]
        key = AQDIistY4xELCxAAPkelu47q/fxM3R8B732jlw==
3 R0 G# T4 `) ~% b$ w: o
copy user.keyring to glance-api node and cinder-volume node

  S( |" u" I9 A/ r6 R. `5 {ceph-monitor # ceph auth get-or-create client.ceph >> ceph.client.ceph.keyring
# scp ceph.client.ceph.keyring ceph.conf controller:/etc/ceph/
* h: ?, n$ w/ R8 n: ~5 q. e! B: M# scp ceph.client.ceph.keyring ceph.conf cinder-volume:/etc/ceph/
, m7 Z% ?5 Q& \2 I. N6 Q1 k
对接glance-api
install rbd


# yum install ceph-common python-rbd
5 k4 z& `5 ~: L5 W设置key权限


9 b6 M* @. d- i% s5 l/ b% x! _( Q# chown glance:glance /etc/ceph/ceph.client.ceph.keyring
edit /etc/glance/glance-api.conf
+ v( H7 O; u0 s# z

[DEFAULT]
...
" D, h9 y$ x, B; X# }. edefault_store = rbd
...
) A3 c# p9 B+ [  t2 a( M, K[glance_store]
0 ]  I$ w, h* B2 lstores = rbd
rbd_store_pool = images
rbd_store_user = ceph
, g+ R" ^+ w  L  Q, d2 G6 ~rbd_store_ceph_conf = /etc/ceph/ceph.conf
  ]  T  r! s$ M3 |rbd_store_chunk_size = 8
restart glance service
7 J) Q! Q! ]# \! ]- V
" X* V) z) G' n  V% x$ f  }
0 U3 i( w3 c) L+ G# stemctl restart openstack-glance-api.service   openstack-glance-registry.service


  ?4 {1 k+ C1 I: W/ M- E对接cinder-volume
* @3 \0 t8 L) w; Einstall ceph-common

# yum install ceph-common   python-rbd
设置key权限
# o: F) w, s3 q4 G' U1 \
4 N4 e" S- P- j
$ V: @; w% s1 g" s3 a7 j: D# S# chown cinder:cinder /etc/ceph/ceph.client.ceph.keyring
0 \$ e% f3 O9 x& M" xedit /etc/cinder/cinder.conf
! V# c* r- A& e, K
# s9 }& h4 F/ n0 ?" ?/ H[DEFAULT]
& Q9 ^' S. ~5 e* s
enabled_backends = ceph

# c4 H9 E6 a/ f6 [[ceph]

volume_driver = cinder.volume.drivers.rbd.RBDDriver
' q  j  c$ ^( {# dvolume_backend_name = ceph
rbd_pool = volumes
rbd_ceph_conf = /etc/ceph/ceph.conf
rbd_flatten_volume_from_snapshot = false
rbd_max_clone_depth = 5
rbd_store_chunk_size = 4
rados_connect_timeout = -1
2 K5 V4 h: E7 P$ L. j* Oglance_api_version = 2
4 N: B; E* C% Z/ b! Frbd_user = ceph
/ K% }; G, A" F+ X, O/ ^rbd_secret_uuid = 791c2ef6-bc56-43b0-b2c7-0cd863621040
# j4 j. I( T, K6 f% v. _restart cinder-volume service

# systemctl restart  openstack-cinder-volume.service

/ V# C, h, ^7 o" H

对接compute
0 z$ _! `# D" f" J+ d) |install
- O2 g& O# A6 N  U
# yum install ceph-common python-rbd
edit nova config
. f9 ]4 j* Y( ]7 C2 a; H1 R
" q6 k# P4 S) L( W: r[cinder]
os_region_name = RegionOne
9 Q6 W7 U2 Y) X' {. Y7 `; L
[libvirt]
* R( C5 ?8 [  V- y0 ^( gimages_type = rbd
* i; k: Q  G$ D! U- y0 T# `: ~images_rbd_pool = compute
* `  T) d# ?# }) K" C5 Yimages_rbd_ceph_conf = /etc/ceph/ceph.conf
disk_cachemodes="network=writeback"
8 l7 B+ Y( j3 H1 H  m; D: x: E8 zrbd_user = ceph
rbd_secret_uuid = 791c2ef6-bc56-43b0-b2c7-0cd863621040

4 R, a! D8 ^0 q! D+ Q7 {+ dinject_password = false
inject_key = false
. M8 C% b/ y$ f( B  A- Iinject_partition = -2

1 [8 N2 k/ X" e  j7 q! }% Hlive_migration_flag="VIR_MIGRATE_UNDEFINE_SOURCE,VIR_MIGRATE_PEER2PEER,VIR_MIGRATE_LIVE,VIR_MIGRATE_PERSIST_DEST,VIR_MIGRATE_TUNNELLED"
7 N  m0 p. Z) J* J/ N. r( uhw_disk_discard = unmap
! V3 [6 i- e4 }" D  U
, J# m0 w) x0 T' I4 z
7 Z0 i0 ~! q$ {( \

copy ceph config

5 a2 J7 F5 g/ y# scp ceph-node:/etc/ceph/ceph.conf /etc/ceph/ceph.client.ceph.keyring  /etc/ceph
' |* X8 H# g7 _. ]4 c# chown nova:nova /etc/ceph/ceph.conf  /etc/ceph/ceph.client.ceph.keyring
& X( X( Y5 `+ j- t# y2 J8 Jcopy ceph user keyring


[ceph-monitor]# ceph auth get-key client.ceph >> client.ceph.key
[ceph-monitor]# scp client.ceph.key compute:/etc/nova

) C# \5 y# q: l& f$ F, q& s6 o

# Z# X8 K, f' [+ f" |& M8 G% k设置libvird

& S4 O5 W8 L8 e- |" v# uuidgen
791c2ef6-bc56-43b0-b2c7-0cd863621040

# cat > secret.xml <<EOF
( |* o+ \/ G1 G- _<secret ephemeral='no' private='no'>
  <uuid>791c2ef6-bc56-43b0-b2c7-0cd863621040</uuid>
6 ]" a& U' ?( N( b  <usage type='ceph'>
    <name>client.cinder secret</name>
  </usage>
: q3 G0 a$ R& H9 Q7 _</secret>
EOF
& S% \( s5 D8 s: d  F' k/ z
# virsh secret-define --file secret.xml
% t. S, |  P# t  i( v& ^Secret 791c2ef6-bc56-43b0-b2c7-0cd863621040 created
. E' v' u9 z% c" P% |7 y
, |5 ]0 m4 M) F, O! m# virsh secret-set-value --secret 791c2ef6-bc56-43b0-b2c7-0cd863621040 --base64 $(cat client.ceph.key)                                    
Secret value set
restart nova-compute

systemctl restart openstack-nova-compute.service
$ Q" {& a5 V9 S. u$ p3 ]% m

admin

创建存储池
3 J; V3 b! z6 a* }& u1 @3 U
# ceph osd pool create images 64
* J5 L- c& ~- e0 P+ i# ceph osd pool create compute 64
5 Z# w. b' A& a9 n; K# ceph osd pool create volumes 64
, I& q; p0 ]) U! O% A9 o) F# ceph osd pool create backups 64
Create Ceph User ceph
$ B4 Z' ^% H7 t
4 q5 W4 W: k2 @+ y) K# ceph auth get-or-create client.ceph mon 'allow r' osd 'allow class-read object_prefix rbd_children, \
+ C! }3 d- Z0 ], }* h( f# Aallow rwx pool=images, allow rwx pool=compute, allow rwx pool=volumes, allow rwx pool=backups'
[client.ceph]
        key = AQDIistY4xELCxAAPkelu47q/fxM3R8B732jlw==

copy user.keyring to glance-api node and cinder-volume node

ceph-monitor # ceph auth get-or-create client.ceph >> ceph.client.ceph.keyring
# scp ceph.client.ceph.keyring ceph.conf controller:/etc/ceph/
# scp ceph.client.ceph.keyring ceph.conf cinder-volume:/etc/ceph/
: X, _9 M$ |: s; _1 b! G+ W7 |
对接glance-api
0 \' e& f2 m5 X) v& e: a; C6 finstall rbd
  c$ z. m3 ?) `" C' ^

# yum install ceph-common python-rbd
' S% {5 G, ^* \. @' z6 v$ W设置key权限


2 a+ {* g& x; E+ Q0 D4 U# chown glance:glance /etc/ceph/ceph.client.ceph.keyring
! p/ P5 n9 k' \+ R: uedit /etc/glance/glance-api.conf

9 {. q+ @# e: W! V
: A7 n2 V2 g8 ^1 m7 [/ l[DEFAULT]
) \- ~1 D! D' m$ i. F...
default_store = rbd
9 D) d  b4 _! [1 ~...
[glance_store]
1 A2 [8 Z; u9 j' D" \+ mstores = rbd
rbd_store_pool = images
rbd_store_user = ceph
rbd_store_ceph_conf = /etc/ceph/ceph.conf
. U6 W4 V) i  srbd_store_chunk_size = 8
restart glance service
) J$ F% P9 k) Y! |

3 j- e2 X/ d1 w# stemctl restart openstack-glance-api.service   openstack-glance-registry.service
对接cinder-volume
install ceph-common
+ |1 G' g6 c4 H, s* Q
# yum install ceph-common   python-rbd
设置key权限


# chown cinder:cinder /etc/ceph/ceph.client.ceph.keyring
5 w" o  j' {( p$ a1 medit /etc/cinder/cinder.conf
& Q* v8 Y; I- \4 z8 x
0 D4 Y- b! I! }9 w/ ]" Z[DEFAULT]
6 x; @+ @) D, G$ `* Z% V( m
enabled_backends = ceph

4 q  e3 A& F4 F, G* W; n! ^9 m[ceph]

5 h8 S: K: ]+ y4 w$ O" c! g; jvolume_driver = cinder.volume.drivers.rbd.RBDDriver
# z& V) K0 [- kvolume_backend_name = ceph
rbd_pool = volumes
rbd_ceph_conf = /etc/ceph/ceph.conf
5 r+ ?4 i% a0 h1 ~. P1 e  }* Crbd_flatten_volume_from_snapshot = false
rbd_max_clone_depth = 5
: G* a& |" ]0 J9 lrbd_store_chunk_size = 4
; V0 |5 z0 S9 h6 d+ Grados_connect_timeout = -1
glance_api_version = 2
6 p' h3 g: h% C1 yrbd_user = ceph
9 z2 u1 X7 `9 ]. |. arbd_secret_uuid = 791c2ef6-bc56-43b0-b2c7-0cd863621040
restart cinder-volume service

3 J6 \$ c$ A& j8 B# systemctl restart  openstack-cinder-volume.service
4 y4 n7 j0 M2 N! o对接compute
4 ]) O! ?3 V  @9 ~0 E8 c, X! [install

: W- \: }) C1 [; ?9 z4 z# yum install ceph-common python-rbd
) R/ G% t" e: T0 Redit nova config

[cinder]
os_region_name = RegionOne
$ w6 P' Y: K: D  j' i1 P
& I3 \6 ~" h) H% c[libvirt]
5 _9 F% q/ \( \9 W/ E' {# R: ?; l9 n6 O" Ximages_type = rbd
images_rbd_pool = compute
3 z- {9 o$ d, c% y' ^: Yimages_rbd_ceph_conf = /etc/ceph/ceph.conf
" [) ?; q3 ^8 Tdisk_cachemodes="network=writeback"
rbd_user = ceph
rbd_secret_uuid = 791c2ef6-bc56-43b0-b2c7-0cd863621040
4 B# `) S0 }" B0 Q/ [3 Q
inject_password = false
inject_key = false
/ S1 f' l! Y$ p( Linject_partition = -2

# ]  i8 Q: ?: \) j4 Zlive_migration_flag="VIR_MIGRATE_UNDEFINE_SOURCE,VIR_MIGRATE_PEER2PEER,VIR_MIGRATE_LIVE,VIR_MIGRATE_PERSIST_DEST,VIR_MIGRATE_TUNNELLED"
hw_disk_discard = unmap
& A( Z7 p3 Q3 T& }6 m: n' M& ]copy ceph config
9 u2 R9 _0 @2 f3 j! N7 {" j' R* A
# scp ceph-node:/etc/ceph/ceph.conf /etc/ceph/ceph.client.ceph.keyring  /etc/ceph
: m9 W$ Z. x2 d0 a2 H" S  d7 c# chown nova:nova /etc/ceph/ceph.conf  /etc/ceph/ceph.client.ceph.keyring
; @3 |0 c4 W4 Z) _# b0 l4 {5 x  Ycopy ceph user keyring


[ceph-monitor]# ceph auth get-key client.ceph >> client.ceph.key
[ceph-monitor]# scp client.ceph.key compute:/etc/nova
4 O2 N6 i# H  J- |设置libvird

# uuidgen
791c2ef6-bc56-43b0-b2c7-0cd863621040

# cat > secret.xml <<EOF
<secret ephemeral='no' private='no'>
0 ]1 ^) i% J2 L4 ]$ }+ [  <uuid>791c2ef6-bc56-43b0-b2c7-0cd863621040</uuid>
- |% ~* z9 Z  p1 l  <usage type='ceph'>
) m& S  i3 g% \    <name>client.cinder secret</name>
& q9 E1 ^4 s9 C) X  </usage>
</secret>
EOF

7 b0 b, e0 J$ ]' _9 i3 F2 S# virsh secret-define --file secret.xml
4 {/ K  l, o% i9 G" CSecret 791c2ef6-bc56-43b0-b2c7-0cd863621040 created

: z# f) S; E$ o$ _: p/ f6 w1 v# virsh secret-set-value --secret 791c2ef6-bc56-43b0-b2c7-0cd863621040 --base64 $(cat client.ceph.key)                                    
2 u7 l6 |6 g+ h1 ~& a( jSecret value set
# O6 z! l  [' I4 n0 U# rrestart nova-compute

7 q* G% ]) A" Y- c% ~/ [9 ~systemctl restart openstack-nova-compute.service