|
|
楼主 |
发表于 2018-12-23 22:58:43
|
显示全部楼层
[1] Add users and others for Gnocchi in Keystone.
9 H/ @% j3 g! Y0 ~- z/ N9 a# add gnocchi user (set in service project)
. o6 T' |0 i- w* w" Q# [[root@dlp ~(keystone)]# openstack user create --domain default --project service --password servicepassword gnocchi 7 R! U( r0 w" v$ \+ i
+---------------------+----------------------------------+. q) H1 Q! K1 {# P9 K" m
| Field | Value |
( {! c& x) }" {. M+---------------------+----------------------------------+
$ O9 Q3 f7 d7 |- b5 _; v0 z| default_project_id | b1da1070c8af427886d0202f8bbe414f |. d2 r( Z9 i. o( J0 l q
| domain_id | default |, T) [* x2 r* o% ^
| enabled | True |9 e* s& c6 r8 m- l: m
| id | c88a3abbad194ec9a18c101a91a60576 |" Z+ d4 h, Y5 j! U: S' v9 I3 F( x
| name | gnocchi |! B- V# T6 O8 ]& C, R
| options | {} |
9 f+ K( C6 H* N# g| password_expires_at | None |
* j& _8 ]- a7 j! b- E# ~7 R+---------------------+----------------------------------+! G' Q2 D* s+ w
9 I# z; O8 E( I7 o7 R. P# add gnocchi user in admin role" ~- n: N! D5 g& U
[root@dlp ~(keystone)]# openstack role add --project service --user gnocchi admin1 L- f V% i3 Z. b% C6 ^: J
# add service entry for gnocchi
: y- _, S. M. m* n* |[root@dlp ~(keystone)]# openstack service create --name gnocchi --description "Metric Service" metric 0 S& w4 {: p5 D# L) G8 @9 j4 G- L
+-------------+----------------------------------+
& y1 b9 i7 D Y' A) P) B, m| Field | Value |
8 z; Y: V7 V' ]- U+-------------+----------------------------------+
. G* I; F6 g: C1 A| description | Metric Service |3 Z8 c. p! Y- s# d, i% ~2 Y7 c6 ^
| enabled | True |
" I: @# }- G9 Y/ x+ p: L| id | c1e4e9055d38453490e6b7e283a4c547 |
) |; u6 i4 G r" Z+ p) U| name | gnocchi |5 s% F, Z( j, J* G7 k( y5 K1 A
| type | metric |7 H: G y! ?3 o; f
+-------------+----------------------------------+
# j( `2 M: Q; J7 u7 g- i! ?8 ]
' O9 [6 C4 Q- s9 I: s: ^7 B# define keystone host
4 W0 O6 h- U: o0 J[root@dlp ~(keystone)]# export controller=10.0.0.30
. X H' b/ r) Y% }# add endpoint for gnocchi (public)
$ h) v- ]3 `8 i% K$ R2 y[root@dlp ~(keystone)]# openstack endpoint create --region RegionOne metric public http://$controller:8041 2 X% Z8 D; U; t, X' p
+--------------+----------------------------------+* q) o. ^+ b& ~+ n
| Field | Value |) T0 I* `/ V3 j
+--------------+----------------------------------+
1 J e- N& \* j b3 E% U| enabled | True |
$ a u8 ?9 T9 Y| id | 1b3aa18b5d474af7915f366414fe71da |; S! L2 S8 B( L0 W# m: t- {
| interface | public |' |* z! c2 o- J# E( R7 U
| region | RegionOne |
& p3 g7 o" k# K: W8 O; B4 g, `# ~8 z| region_id | RegionOne |
1 D4 ~& r1 I- Z1 V| service_id | c1e4e9055d38453490e6b7e283a4c547 |
( E( b, `( ^) [1 b8 B0 x/ @! O| service_name | gnocchi |
0 G0 a+ ]$ e$ ?0 x4 B| service_type | metric |
/ ~2 A' Z4 u' J+ Y8 X| url | http://10.0.0.30:8041 |6 ]' I" _. B4 v
+--------------+----------------------------------+
6 w$ k1 l% ]4 w8 v5 t* D: C8 y1 a: S0 {: ?' v
# add endpoint for gnocchi (internal)$ [8 H# X# N+ k3 o
[root@dlp ~(keystone)]# openstack endpoint create --region RegionOne metric internal http://$controller:8041
# k) y) x. [" q q# T$ v+--------------+----------------------------------+
7 \# E* B! U- y# e; Z! ?| Field | Value |" `. R, y8 g I- y9 k* m: [
+--------------+----------------------------------+
$ |7 t# |- x) h ~: y7 e; w: T+ u c| enabled | True |
: X+ u& f4 x7 M) K$ h, b| id | 88fcc0e358124e46bc196e9bf2d5d73a |
( K7 l6 z% r; J* f, @/ R% a| interface | internal |7 _( l/ o; G1 B* j2 H1 {; i
| region | RegionOne |
- I4 {0 T |. W" z/ B. Q| region_id | RegionOne |
1 M e- K# C+ D! u$ L5 f| service_id | c1e4e9055d38453490e6b7e283a4c547 |- b% X! G: Z+ o* a ]$ b
| service_name | gnocchi |
. a3 `* }3 I" C1 ]% || service_type | metric |
0 E1 F s1 ?' x8 y% h| url | http://10.0.0.30:8041 |
. k0 X' i! ]$ h$ D3 w+--------------+----------------------------------+( n9 Z+ N6 f9 P' I1 N: J" c; J
) Y. f D6 e" k v, f+ N
# add endpoint for gnocchi (admin)# ]( Z5 A6 b5 ^) ?' T" q! w
[root@dlp ~(keystone)]# openstack endpoint create --region RegionOne metric admin http://$controller:8041
9 z5 t7 V& i% L" [# l7 ]+--------------+----------------------------------+
" v* o3 b, I/ {. ^7 P! G& u| Field | Value |
/ P6 N2 q7 }% A* Z3 A+--------------+----------------------------------+. L" W7 O" V! ~1 x
| enabled | True |
7 M9 z4 n, ?+ X& `9 B| id | f7d7e9d8dd3c464a8a579b7defd2e575 |
/ o9 y* J' f; b P8 J| interface | admin |
/ {! N- F- ~3 C, S( j| region | RegionOne |
- }8 q* Q# Z% R/ O8 p- q2 ]$ w| region_id | RegionOne |% e. ]/ [" M, n s+ a
| service_id | c1e4e9055d38453490e6b7e283a4c547 |
) ]. _ k* R# _' X; q& w, v| service_name | gnocchi |2 p3 H! U- n' P/ H6 F0 c; {
| service_type | metric | D" G; y q0 k: ^3 H) U$ R8 V
| url | http://10.0.0.30:8041 |) M3 x* S9 q' A8 X+ s$ `
+--------------+----------------------------------+
( \3 i, Z; @9 A* G' p- K. G; }[2] Add a User and Database on MariaDB for Gnocchi.
; D1 U: L' L' y: x$ |; K[root@dlp ~(keystone)]# mysql -u root -p : E8 ^* X/ L( A3 M% N- m O! |
Enter password:
( j/ t6 K7 r) s" W% g" Y, X0 V5 vWelcome to the MariaDB monitor. Commands end with ; or \g.
1 S b; h9 `6 c1 T$ k7 ]: N& V- xYour MariaDB connection id is 71- {% X, Q% K0 p# ^2 c2 a( {
Server version: 10.1.20-MariaDB MariaDB Server
3 q: S: p( t0 t0 z0 M# S
" X, c! G3 ?# O. tCopyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.2 E+ v) X' b4 W8 C" w
3 B$ u, k! w5 A2 f
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.- @$ `% C. V k
# b! ^4 ^0 k' m7 w( v& s& v; P) U
MariaDB [(none)]> create database gnocchi;
0 c3 `( }7 ~% [. h' A$ Q1 ^7 cQuery OK, 1 row affected (0.00 sec)% g8 l# m& n2 ?6 z
MariaDB [(none)]> grant all privileges on gnocchi.* to gnocchi@'localhost' identified by 'password'; R; Q3 b e1 R9 Q
Query OK, 0 rows affected (0.00 sec)& |% z- o. v d) R2 d
MariaDB [(none)]> grant all privileges on gnocchi.* to gnocchi@'%' identified by 'password'; % k7 J# G; j) a9 `5 `) `3 O
Query OK, 0 rows affected (0.00 sec)
% u8 f8 g O2 f! U9 ?MariaDB [(none)]> flush privileges;
( W) p/ B- A. z o$ aQuery OK, 0 rows affected (0.00 sec)1 c+ o$ q. i" s& K. s
MariaDB [(none)]> exit 5 T- f3 h1 Y- s/ i/ Z2 s/ h
Bye' x1 Q- J/ A0 s$ l3 z
[3] Install Gnocchi. C4 a/ p! N( f# b
# install from Queens, EPEL
! ~$ `" y! V( m5 J0 B. p6 B[root@dlp ~(keystone)]# yum --enablerepo=centos-openstack-queens,epel -y install openstack-gnocchi-api openstack-gnocchi-metricd python2-gnocchiclient
- P D3 p% {$ K[4] Configure Gnocchi.
; ~# R# }3 _) [0 d[root@dlp ~(keystone)]# mv /etc/gnocchi/gnocchi.conf /etc/gnocchi/gnocchi.conf.org
9 ~; h; @7 S. @% A8 [[root@dlp ~(keystone)]# vi /etc/gnocchi/gnocchi.conf
" M6 o* S/ j6 m' r; H2 |/ y$ ]# create new
h# k$ Y& V* e+ {[DEFAULT]
" |1 d B t- {# Ylog_dir = /var/log/gnocchi
5 K' z" ?$ v% m: I! Z( j% n
( z1 K& o" F; u6 D1 h[api], L! {) S I( t7 M
auth_mode = keystone
$ ?/ v1 h$ g' [
7 g1 f( R& S6 T, }3 q[database]1 Q* t+ f7 R4 T& N" U
backend = sqlalchemy
?2 _+ t7 ]( ~1 _, `# G7 w
+ J# r& k/ d% ~, k5 r1 E8 T# MariaDB connection info7 e* G. x1 F$ O& P4 D
[indexer]
J6 X. a; |9 E- eurl = mysql+pymysql://gnocchi:password@10.0.0.30/gnocchi
0 C) x2 n. t* `) l8 G, g! X6 i( ~3 A+ N
[storage]
5 m7 F2 v. {% v! Y Zdriver = file
4 ?; E% e: O4 h( F' {: `6 Nfile_basepath = /var/lib/gnocchi/ a( C& f' ?* g5 ~' c
( A7 I2 }1 V& t
# Keystone auth info% k! m: I! O, Z- ~+ v) s; e) M
[keystone_authtoken]
$ b% ~3 U9 z0 }7 U- gwww_authenticate_uri = http://10.0.0.30:50007 L$ \7 l' f7 M( j/ M% ~, L
auth_url = http://10.0.0.30:5000. F8 k7 b$ z7 K- G6 `, t, j
memcached_servers = 10.0.0.30:11211
. V# P! X* [9 O: j+ vauth_type = password! Y1 V7 X& F7 q) f- ~1 F
project_domain_name = default
8 O. f- O7 `/ t3 f/ Wuser_domain_name = default
* n( H* ~& B. }project_name = service
. @! r( I( T0 Ausername = gnocchi# h' z" s4 e& S1 D
password = servicepassword& ]" f5 G. P ]/ g; {
service_token_roles_required = true
/ }7 |$ p9 U( F& ~3 J+ `, V$ B, m# A) F- D0 g
[root@dlp ~(keystone)]# vi /etc/httpd/conf.d/10-gnocchi_wsgi.conf0 l F% C# b9 M; O( g% F
# create new* u) f0 x& O- H# E5 _
Listen 8041
; C2 V& ?. n/ H* T<VirtualHost *:8041>5 N$ X J ?& Z
DocumentRoot /var/www/cgi-bin/gnocchi9 X, h: c6 t3 }' d+ l9 y
8 Q4 l3 l; }9 ~( U
<Directory /var/www/cgi-bin/gnocchi>6 x, a" F, D0 x! W1 U
AllowOverride None9 b# ?3 M2 Z5 Q5 t, _) U7 \
Require all granted: c" U' p3 Y! G v6 D3 n6 t
</Directory>7 h2 I1 R( k/ n
5 o, ~5 E5 j. M, a/ I8 {1 y& L2 g$ K
CustomLog /var/log/httpd/gnocchi_wsgi_access.log combined8 E3 E+ O( Z1 v Q! w1 c4 l# x6 \
ErrorLog /var/log/httpd/gnocchi_wsgi_error.log4 Q* m; P6 ]7 ]: X: |# g4 l: G
SetEnvIf X-Forwarded-Proto https HTTPS=1
5 m, n/ h/ O9 L9 a9 d% |: Q WSGIApplicationGroup %{GLOBAL}& H K9 u; i: q5 l& p1 B2 m
WSGIDaemonProcess gnocchi display-name=gnocchi_wsgi user=gnocchi group=gnocchi processes=6 threads=6
! T+ J! e5 R7 r; I WSGIProcessGroup gnocchi# b8 A1 ~+ H* w+ v" M/ K, p# @' `
WSGIScriptAlias / /var/www/cgi-bin/gnocchi/app' M k' `2 f- M( N- d* o& n$ c
</VirtualHost>
% H2 H0 I# x- L) O
3 w" o/ ^. G7 r[root@dlp ~(keystone)]# chmod 640 /etc/gnocchi/gnocchi.conf ; y0 m# P+ V/ i- l3 w3 l3 _- N% C6 F
[root@dlp ~(keystone)]# chgrp gnocchi /etc/gnocchi/gnocchi.conf 8 ]& ^% G0 j' n4 z
[root@dlp ~(keystone)]# mkdir /var/www/cgi-bin/gnocchi ' h. t1 _% s( I; y+ v' V
[root@dlp ~(keystone)]# cp /usr/lib/python2.7/site-packages/gnocchi/rest/gnocchi-api /var/www/cgi-bin/gnocchi/app ) F& u5 ^$ u7 e1 m0 L& e+ W' t
[root@dlp ~(keystone)]# chown -R gnocchi. /var/www/cgi-bin/gnocchi ( w& Q! j; p7 M! R, G4 Q; t3 e9 x0 Q
[root@dlp ~(keystone)]# su -s /bin/bash gnocchi -c "gnocchi-upgrade"
; i" D H2 G7 {9 @8 a3 G[root@dlp ~(keystone)]# systemctl start openstack-gnocchi-metricd
1 x9 l2 x5 `1 Q' L[root@dlp ~(keystone)]# systemctl enable openstack-gnocchi-metricd - g% L$ F* c* |" P# h4 ~
[root@dlp ~(keystone)]# systemctl restart httpd
$ f6 D+ {# G9 V; G# show status" p6 r0 S$ [. a( d5 X( r' u
root@dlp ~(keystone)# export OS_AUTH_TYPE=password
# c X* D5 K& z7 b) }1 Troot@dlp ~(keystone)# gnocchi resource list
" |' ^# W8 v% V# no problem if no error is shown2 k. F# h, Y0 F6 y: _2 g9 K. Q
[5] If SELinux is enabled, change policy.
( @. i6 [7 V \# K5 j2 D2 z/ Y( ^[root@dlp ~(keystone)]# semanage port -a -t http_port_t -p tcp 8041
* c# q2 @9 Y0 K* k- ]! V8 i; e[6] If Firewalld is running, allow service port.
0 }% _: d4 `2 H3 D, Y1 i, P[root@dlp ~(keystone)]# firewall-cmd --add-port=8041/tcp --permanent ) U+ @$ G0 G% b) Y- Y
success
* V4 L8 s, W% `[root@dlp ~(keystone)]# firewall-cmd --reload ) _, L! U2 b* t3 r
success |
|
发表于 2018-12-23 22:56:33