ceph 对接openstack mitaka

admin

创建存储池

# ceph osd pool create images 64
1 I$ x3 n9 m$ X$ _5 ^# ceph osd pool create compute 64
. e: @( B3 [; R/ y$ Q7 X$ R1 d" f# ceph osd pool create volumes 64
: a, v/ ~/ Y5 O" m! _: D( B# ceph osd pool create backups 64
Create Ceph User ceph
# G6 m8 f% u/ H# _4 {" i* b
# ceph auth get-or-create client.ceph mon 'allow r' osd 'allow class-read object_prefix rbd_children, \
allow rwx pool=images, allow rwx pool=compute, allow rwx pool=volumes, allow rwx pool=backups'
[client.ceph]
        key = AQDIistY4xELCxAAPkelu47q/fxM3R8B732jlw==
5 q' ~6 t" a" X: T
+ H7 ^, V1 ~  M; fcopy user.keyring to glance-api node and cinder-volume node
1 e; F7 F! ?/ k% d
9 W0 k1 P' Y7 y  Kceph-monitor # ceph auth get-or-create client.ceph >> ceph.client.ceph.keyring
# scp ceph.client.ceph.keyring ceph.conf controller:/etc/ceph/
- X0 q/ K! P, @# m7 [# H# scp ceph.client.ceph.keyring ceph.conf cinder-volume:/etc/ceph/
1 F) ?" C" x2 u" L6 x
2 P: S- E" k2 V9 v+ W. O对接glance-api
3 C: e8 `: E2 i+ W" g5 Pinstall rbd


# yum install ceph-common python-rbd
! P; i- D' L2 Z设置key权限
: S) K2 i& D/ ~( c

  h7 X$ n) Q( b6 s3 T, P# chown glance:glance /etc/ceph/ceph.client.ceph.keyring
8 A- |& R, x. e2 v7 ?( L$ vedit /etc/glance/glance-api.conf
) O# \* v/ b7 }9 \7 C

[DEFAULT]
" [9 p' [* t! ?7 e...
default_store = rbd
...
3 M1 S5 u( Z! z! |" A8 X8 F# E[glance_store]
& L: q! ~( E4 i+ }stores = rbd
' \+ L. Q5 r, J4 yrbd_store_pool = images
! o" ~* I+ F/ l" S8 grbd_store_user = ceph
% H" h7 H5 ?9 D# }rbd_store_ceph_conf = /etc/ceph/ceph.conf
* x# \' x, y& H# x9 Brbd_store_chunk_size = 8
' B! m2 \, i$ P4 s+ _- }: ?& frestart glance service
' p& G0 Q' u. k, Y0 r1 v

# stemctl restart openstack-glance-api.service   openstack-glance-registry.service


对接cinder-volume
install ceph-common

# yum install ceph-common   python-rbd
% q& f+ k3 s( o: t" _3 O设置key权限
7 D, f! r: F, J
3 y0 R- H) Q0 b9 r2 _
4 K; u# C! ~# J! o1 b7 T! n2 |# chown cinder:cinder /etc/ceph/ceph.client.ceph.keyring
edit /etc/cinder/cinder.conf

[DEFAULT]
7 {7 M2 G/ ?6 o3 ~( T2 h
enabled_backends = ceph
  P8 J4 {3 O( m5 f: }5 K, t
4 ~8 W+ z4 N! ]" b8 n' i! d0 |# `[ceph]
; L" }* ?9 Z" o: _5 w$ ^4 |, D
volume_driver = cinder.volume.drivers.rbd.RBDDriver
volume_backend_name = ceph
rbd_pool = volumes
rbd_ceph_conf = /etc/ceph/ceph.conf
9 ~/ A* J: @# _2 \& Erbd_flatten_volume_from_snapshot = false
' O& j, U5 w( e% T$ t0 Prbd_max_clone_depth = 5
rbd_store_chunk_size = 4
3 p( r/ l& c/ U9 T% crados_connect_timeout = -1
glance_api_version = 2
9 J; K2 l0 }9 k" s( \1 Jrbd_user = ceph
  P3 X5 s4 \. M6 w1 Jrbd_secret_uuid = 791c2ef6-bc56-43b0-b2c7-0cd863621040
' ~) o! U) W/ F; X: J: Rrestart cinder-volume service
- K5 m9 `9 m) b- H
# systemctl restart  openstack-cinder-volume.service



8 o4 L! Y, a  b3 [, [对接compute
install

7 n7 X- ^( T2 ^. ~% p8 i# yum install ceph-common python-rbd
edit nova config

[cinder]
os_region_name = RegionOne

[libvirt]
: z& R! A+ ^3 s3 Z8 E  g8 A/ oimages_type = rbd
images_rbd_pool = compute
$ t1 a8 R, R( F% v" fimages_rbd_ceph_conf = /etc/ceph/ceph.conf
disk_cachemodes="network=writeback"
rbd_user = ceph
. Q1 m+ V  \2 J. n# Wrbd_secret_uuid = 791c2ef6-bc56-43b0-b2c7-0cd863621040
  g$ Q8 \. b9 K7 M3 C2 `
0 d  I, A4 w, y8 Winject_password = false
: g; @, a5 Z3 ]; {3 Y# s, sinject_key = false
$ ?& h( l- D: d; g0 \9 G. ginject_partition = -2

live_migration_flag="VIR_MIGRATE_UNDEFINE_SOURCE,VIR_MIGRATE_PEER2PEER,VIR_MIGRATE_LIVE,VIR_MIGRATE_PERSIST_DEST,VIR_MIGRATE_TUNNELLED"
: J/ ?$ D" {7 m) I/ z. ohw_disk_discard = unmap


3 I8 M5 t" Q+ t# K) [" ?2 I1 G2 h

copy ceph config
* q8 l" x# g- r3 o9 x# [
. _1 F0 M5 R" h4 W6 n  d7 c# scp ceph-node:/etc/ceph/ceph.conf /etc/ceph/ceph.client.ceph.keyring  /etc/ceph
7 u. K8 a0 F4 [. _! b1 R# chown nova:nova /etc/ceph/ceph.conf  /etc/ceph/ceph.client.ceph.keyring
) q4 T3 i& M, k5 ncopy ceph user keyring

/ z7 W+ Y6 |) {$ q2 s2 J  n
- Z; q$ {. ^" L3 y5 `[ceph-monitor]# ceph auth get-key client.ceph >> client.ceph.key
3 c, l$ I9 T; \' l( Y" U8 h$ ^[ceph-monitor]# scp client.ceph.key compute:/etc/nova
1 v4 m% E; X/ ^) A! ~) K* w
. Z( y9 {) V  B! [) e3 |

# v8 U; v  o0 ^: F4 j! u8 e2 A$ @设置libvird

& K/ ?! J1 D' W+ z$ a- Y# uuidgen
791c2ef6-bc56-43b0-b2c7-0cd863621040

( p! u0 `# u" w6 A* [ # cat > secret.xml <<EOF
: a* @* o5 @# S<secret ephemeral='no' private='no'>
2 ?$ w" Z; O' [1 r  e0 d  <uuid>791c2ef6-bc56-43b0-b2c7-0cd863621040</uuid>
9 C, x5 x+ @/ U. E0 D7 x  <usage type='ceph'>
' _% t9 ?& a" r  H) U# c    <name>client.cinder secret</name>
  </usage>
</secret>
EOF

- E! Y0 e: c* {7 h0 L$ S/ j# virsh secret-define --file secret.xml
- Q  R& y; h# _: a6 G! gSecret 791c2ef6-bc56-43b0-b2c7-0cd863621040 created

# virsh secret-set-value --secret 791c2ef6-bc56-43b0-b2c7-0cd863621040 --base64 $(cat client.ceph.key)                                    
2 n2 O+ J) W. bSecret value set
restart nova-compute
- q% S% c: ^+ Q! m+ F6 a. d
systemctl restart openstack-nova-compute.service

admin

创建存储池

# ceph osd pool create images 64
* l/ W  @9 ~6 c+ x+ s& }# ceph osd pool create compute 64
# ceph osd pool create volumes 64
2 A( |, Y: L1 l8 A  D# ceph osd pool create backups 64
- @; ~6 b% X1 ?; p" y: t; o7 L, a- jCreate Ceph User ceph

3 s% U# D" b1 }& j0 ]. f+ Q# ceph auth get-or-create client.ceph mon 'allow r' osd 'allow class-read object_prefix rbd_children, \
allow rwx pool=images, allow rwx pool=compute, allow rwx pool=volumes, allow rwx pool=backups'
[client.ceph]
+ b* g7 I2 S6 h        key = AQDIistY4xELCxAAPkelu47q/fxM3R8B732jlw==

, o; W  l$ T2 w3 B4 G) x: x5 z6 gcopy user.keyring to glance-api node and cinder-volume node

ceph-monitor # ceph auth get-or-create client.ceph >> ceph.client.ceph.keyring
* ]" D6 _: s  C" p9 g! ?8 V# scp ceph.client.ceph.keyring ceph.conf controller:/etc/ceph/
# scp ceph.client.ceph.keyring ceph.conf cinder-volume:/etc/ceph/

对接glance-api
install rbd
, N. r& R8 U0 c- t, j- E+ f
" s; p5 {- X+ `; U
. w; B" `- F! e! R# yum install ceph-common python-rbd
, |0 O5 D. t6 O8 ?% s( _设置key权限

3 V4 x/ @# j2 Q" e4 j
# chown glance:glance /etc/ceph/ceph.client.ceph.keyring
+ p, |: ?& j$ y. S9 `edit /etc/glance/glance-api.conf

7 q8 {$ D4 a9 _! i: k' G
[DEFAULT]
0 P! o; f5 Y/ @...
default_store = rbd
3 w$ k5 s1 D+ }...
' w) @* M4 I7 ~7 D1 I[glance_store]
6 k  A' O; q8 mstores = rbd
8 [7 @" W% N7 [: I( |7 wrbd_store_pool = images
# K" V7 P' t9 s0 x& K/ prbd_store_user = ceph
rbd_store_ceph_conf = /etc/ceph/ceph.conf
rbd_store_chunk_size = 8
restart glance service
$ g; R% C% Z. |" Q3 k. Y

, g2 B# C/ \6 m# v- F9 K# stemctl restart openstack-glance-api.service   openstack-glance-registry.service
% ?. D. q8 ?+ }  n对接cinder-volume
install ceph-common
' d$ e# v2 ?( e, m; x
# yum install ceph-common   python-rbd
设置key权限

: r8 b# {; ^) v$ Y5 A6 D4 V7 T3 X
3 q" U4 f" g7 |* _; ?# chown cinder:cinder /etc/ceph/ceph.client.ceph.keyring
edit /etc/cinder/cinder.conf

[DEFAULT]

) W7 n3 s" S5 z! S6 Eenabled_backends = ceph
! H9 R) G) Z! R8 d% }
/ Q- ?/ A. h$ g[ceph]

' g' `1 V( C' ?; Lvolume_driver = cinder.volume.drivers.rbd.RBDDriver
volume_backend_name = ceph
8 ^8 C, H; \' d# O. R) xrbd_pool = volumes
rbd_ceph_conf = /etc/ceph/ceph.conf
rbd_flatten_volume_from_snapshot = false
rbd_max_clone_depth = 5
rbd_store_chunk_size = 4
. b2 F% |; m7 Z: q, F4 T3 Zrados_connect_timeout = -1
, ?$ H! w" u8 Aglance_api_version = 2
7 b: K3 |8 {, i- Krbd_user = ceph
rbd_secret_uuid = 791c2ef6-bc56-43b0-b2c7-0cd863621040
( r2 A1 B7 {' T. L$ W9 wrestart cinder-volume service
( }, B+ h' H( o0 c, I& ]8 D
" Y# p$ D/ P5 M5 c+ g# systemctl restart  openstack-cinder-volume.service
对接compute
" Q* G4 {0 ~! ]9 H1 b8 oinstall

- T: h% L. {+ y, r( R- y# yum install ceph-common python-rbd
0 g3 ^3 m9 {8 x* n! b! @) Cedit nova config

  S4 F  R& B" L# t$ L6 o. ?[cinder]
os_region_name = RegionOne

: `) l& Z9 Y' }; P1 W[libvirt]
images_type = rbd
" K6 b1 S0 T* @5 F7 D9 {; s: @images_rbd_pool = compute
2 C( s, L/ {; k0 \images_rbd_ceph_conf = /etc/ceph/ceph.conf
disk_cachemodes="network=writeback"
( w3 f% q: e/ @3 U5 E1 }7 yrbd_user = ceph
. ?$ P1 V- }% Mrbd_secret_uuid = 791c2ef6-bc56-43b0-b2c7-0cd863621040
8 n4 G- H' U) e5 [% k
inject_password = false
& B' @" ~& X6 V3 Q( @% Kinject_key = false
" N6 F2 |& T: x+ o. `3 {inject_partition = -2

live_migration_flag="VIR_MIGRATE_UNDEFINE_SOURCE,VIR_MIGRATE_PEER2PEER,VIR_MIGRATE_LIVE,VIR_MIGRATE_PERSIST_DEST,VIR_MIGRATE_TUNNELLED"
hw_disk_discard = unmap
copy ceph config

4 R( t% h1 z9 Q# ^& Q# scp ceph-node:/etc/ceph/ceph.conf /etc/ceph/ceph.client.ceph.keyring  /etc/ceph
# chown nova:nova /etc/ceph/ceph.conf  /etc/ceph/ceph.client.ceph.keyring
copy ceph user keyring

9 g( P1 }+ f" y' w; H9 j$ C0 Y
) F9 u6 g1 @0 u: K. k2 p4 E5 k[ceph-monitor]# ceph auth get-key client.ceph >> client.ceph.key
# d4 v7 T! X7 i* t2 }- H; v5 ~[ceph-monitor]# scp client.ceph.key compute:/etc/nova
; g7 P# f" o1 k  |设置libvird

# uuidgen
791c2ef6-bc56-43b0-b2c7-0cd863621040

4 a, C& a* I/ N # cat > secret.xml <<EOF
; C3 ~) x3 H  R* W<secret ephemeral='no' private='no'>
  <uuid>791c2ef6-bc56-43b0-b2c7-0cd863621040</uuid>
8 l9 e0 l1 }$ p# n4 n$ {  <usage type='ceph'>
    <name>client.cinder secret</name>
- n) A7 `# m2 _  </usage>
</secret>
EOF

# virsh secret-define --file secret.xml
Secret 791c2ef6-bc56-43b0-b2c7-0cd863621040 created
( d" ~2 ]9 g9 z9 M8 y: L
5 d( M" E. Q6 s) Y( J+ u0 j# virsh secret-set-value --secret 791c2ef6-bc56-43b0-b2c7-0cd863621040 --base64 $(cat client.ceph.key)                                    
Secret value set
2 {: }8 n2 v0 V  ]restart nova-compute

systemctl restart openstack-nova-compute.service