最新Ceph 版与openstack Pike对接

admin

一、在所有服务器上操作

6 |) z- }" F0 u6 j. x

#使用阿里源

yum install wget -y

! U: W5 f1 V3 T! ~- R

rm -f /etc/yum.repos.d/*

wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

) n5 q: L4 ~3 W, V  J

sed -i '/aliyuncs.com/d' /etc/yum.repos.d/*.repo #删除阿里内网地址

#创建ceph源

echo '#阿里ceph源

/ S0 D& J8 q% }3 y* Q1 j$ @8 \

[ceph]

name=ceph

4 w4 ]- H9 [$ z- Q8 ~/ ]2 c$ }

baseurl=http://mirrors.aliyun.com/ceph/rpm-luminous/el7/x86_64/

/ S& M  v9 b- o

gpgcheck=0

0 ^3 ~3 Y7 }8 P+ b6 {

[ceph-noarch]

0 L( w1 f( j( l; b, ]

name=cephnoarch

! K+ G0 H# s' O8 p3 w7 R4 N

baseurl=http://mirrors.aliyun.com/ceph/rpm-luminous/el7/noarch/

gpgcheck=0

; y0 k$ C1 ~/ X9 h

[ceph-source]

name=ceph-source

baseurl=http://mirrors.aliyun.com/ceph/rpm-luminous/el7/SRPMS/

. ^; O/ W: f9 X0 k" o

gpgcheck=0

; d, W6 Y) _6 y7 b

#'>/etc/yum.repos.d/ceph.repo

4 b% x5 o7 h6 {; O

yum clean all && yum makecache #生成缓存

& e7 d; a7 k+ P8 h& e6 `

#关闭selinux、防火墙

systemctl stop firewalld.service

) M0 O# i8 ]1 l5 C) G8 [

systemctl disable firewalld.service

0 U9 t, l  n3 W

firewall-cmd --state

sed -i '/^SELINUX=.*/c SELINUX=disabled' /etc/selinux/config

sed -i 's/^SELINUXTYPE=.*/SELINUXTYPE=disabled/g' /etc/selinux/config

' \5 |3 z8 ~7 \

grep --color=auto '^SELINUX' /etc/selinux/config

setenforce 0

$ G) A! r$ ]4 O0 k

二、只在node1上操作

三台服务器分别为node1 node2 node3   其中我们在node1上面安装ceph官方的自动化部署工具，也就是说我们只需要操作node1即可完成部署

#添加服务器主机名

% n9 Y/ ]5 ?: T9 h+ _

echo '

  U' }; R5 ^4 j  {( J- N  C0 t4 I$ T& i

10.0.0.11    node1

" m3 D3 Z9 M5 W+ A/ B! j5 ]

10.0.0.22    node2

8 ^3 `4 O+ `/ P

10.0.0.33    node3

$ u6 \( @) X# h3 m( u

10.0.0.44    node4

/ |* a2 t, @) a  C0 A9 a8 a

10.0.0.55    node5

- s! v0 X$ E5 w: q) }/ R4 T

10.0.0.66    node6

: m" O5 o! J3 T& @5 T; {/ E8 p

'>>/etc/hosts

#创建秘钥

* l/ A9 k4 r- n% t1 T

ssh-keygen

/ k0 O* |% h) Y' }  z: M

ssh-copy node2

ssh-copy node3

#将node1的hosts文件发送到其他服务器上面

  Z9 K$ M' u; v( ]/ v) l

scp /etc/hosts node2:/etc

scp /etc/hosts node3:/etc

5 H* _; B# \7 G% P( u
7 r2 c9 f) P: v( z8 o4 @4 L+ k! h

三、开始在node1上安装ceph

#安装ceph-deploy配置工具

7 _, R& Y# a2 F8 ?2 n

yum install -y ceph-deploy

yum install python-setuptools

7 e* d3 d( w# Z* N% P
- Z- m- _" e$ u

#创建配置目录

& U  _  j! J' ]6 X3 ~, c! k

mkdir /etc/ceph

cd /etc/ceph/

# h- U3 }0 i! C0 K1 \
5 W+ p+ U# M: ^8 D

#初始化Mon配置

ceph-deploy new node1

) D$ {) h) X. d6 k! V7 X8 i7 O

# #修改冗余份数为2，日志大小2G

+ R# d( R7 m) v3 W

# #配置网络,单网卡忽略

$ {+ b9 e  v" E# o5 |! l8 _; n' X

echo '

$ ]( f+ o6 c3 ]6 U: T. I

public network = 10.0.0.0/24

cluster network = 10.0.0.0/24

/ r& T/ r7 ^+ [0 Q/ K! c2 D
3 e5 L) ?, n  A

mon_clock_drift_allowed = 2   

osd_journal_size = 4086

/ K" b7 ~) v3 x9 P  |' |

osd_pool_default_pg_num = 128

# w3 _' f% o$ Q

osd_pool_default_pgp_num = 128

osd pool default size = 2

osd pool default min size = 1

rbd_default_features = 1

; b# B1 D) V' C* e8 A, X

client_quota = true

'>>./ceph.conf

' c9 t5 ?5 F, X/ o1 L

#安装Ceph

3 H! w- D& f0 G* u" m, ?/ C7 V

ceph-deploy install node1 node2 node3

5 p7 H4 x; G0 M; m) A

#yum install -y ceph ceph-radosgw #实际上是安装这2个rpm

#初始化monitor和key

- W: F) |5 ?. b

cd /etc/ceph/

8 {/ K5 Q* C: C  x; j: D

ceph-deploy --overwrite-conf mon create-initial

" s4 j4 ?/ J2 x3 w" ~+ w) l) V3 D; V

#创建osd

: ^$ Y' `# |% n" ?6 A

ceph-deploy osd create --data /dev/sdb node1

ceph-deploy osd create --data /dev/sdc node1

ceph-deploy osd create --data /dev/sdd node1

5 j+ Y! A4 s- O) C' \0 G

ceph-deploy osd create --data /dev/sdb node2

1 n8 o. W! r$ p3 I) t

ceph-deploy osd create --data /dev/sdc node2

ceph-deploy osd create --data /dev/sdd node2

ceph-deploy osd create --data /dev/sdb node3

ceph-deploy osd create --data /dev/sdc node3

& _+ Z1 {9 m1 S- s% f, R! Z

ceph-deploy osd create --data /dev/sdd node3

#拷贝配置及密钥

ceph-deploy admin node1 node2 node3

: ?9 [, T6 z3 ]

chmod 644 /etc/ceph/ceph.client.admin.keyring

! m& b) ^& t' J( y9 U+ [3 y" w

#创建mon

ceph-deploy --overwrite-conf mon create node1

4 m& e0 [' b" _) }( y- F; b% _

ceph-deploy --overwrite-conf admin node1

#添加mgr

#ceph 12开始，monitor必须添加mgr

/ M% T" m- z; h' c6 S0 z2 c

ceph-deploy mgr create node1:mon_mgr

#启用dashboard (在node1节点)

ceph mgr module enable dashboard

6 ?5 i, ]1 F7 j) `& A- p# M
' ~* s& `1 h% l8 ?/ ?. r

web访问http://10.0.0.11:7000   即可看到ceph的运行情况

#查看相关命令

ceph health

# i; s) J: K) y# i( M

ceph -s

, Q% Y: k- v3 z$ B4 \0 S. R- K4 r) H

ceph osd tree

+ l8 k2 n' U- ?. [4 K
4 u+ j: X7 N& m$ g- \' n+ R9 z7 B1 N

ceph df

- q5 w; ~4 [: H0 |

ceph mon stat

" P& ^( x9 x% y% z4 D7 `

ceph osd stat

4 m/ _& i% I# g: }8 |( L

ceph pg stat

ceph osd lspools

$ s6 `) T" c7 \$ g3 B* U8 m! s; U

ceph auth list

Ceph L版与openstack Pike对接

环境opestack Pike的controller、computer、cinder三个节点已经安装完毕，并且能够正常的使用

8 [5 C9 P8 B; N- Y+ I
' U0 \' |1 i' y* W& Z4 p7 Q6 B! H6 J

node4为controller

node5为computer和cinder

- p6 N7 w7 f: T+ T& \0 G' e

一、环境准备，所有openstack主机都要操作

% h. n( }3 q9 r

#所有openstack节点都添加主机名

#添加服务器主机名

echo '

2 A* f, J* Z% L9 U3 E0 U$ j  \

10.0.0.11    node1

10.0.0.22    node2

9 F! N0 M. o3 L% O% F

10.0.0.33    node3

10.0.0.44    node4

2 E2 P$ ?2 ^5 J; {( {" e  T; @

10.0.0.55    node5

10.0.0.66    node6

'>>/etc/hosts

8 m1 P3 F. ]1 f0 r) R5 r
3 i9 z7 z; ]+ k" X) T2 q

#创建ceph源

, Q, y8 K" k! b8 l! u

echo '#阿里ceph源

* G3 C; M- e9 n2 x/ H- e

[ceph]

: Z- n" s6 a" P8 H. D4 A! g

name=ceph

" w# A3 i0 h* X3 s; d6 `

baseurl=http://mirrors.aliyun.com/ceph/rpm-luminous/el7/x86_64/

2 I# g" u% G& x5 x1 n/ H) t

gpgcheck=0

: F0 V% E/ i8 |* u4 V* I

[ceph-noarch]

8 P$ Z; d- `) w% X5 v1 M/ U% z

name=cephnoarch

baseurl=http://mirrors.aliyun.com/ceph/rpm-luminous/el7/noarch/

gpgcheck=0

& o( y8 ]9 O  |2 P( m

[ceph-source]

name=ceph-source

1 x2 ?5 f: J% u! {2 y

baseurl=http://mirrors.aliyun.com/ceph/rpm-luminous/el7/SRPMS/

' D) k: M& r( p. }* V& H

gpgcheck=0

#'>/etc/yum.repos.d/ceph.repo

yum clean all && yum makecache #生成缓存

#关闭selinux、防火墙

" E$ K/ Y9 Y: G) K

systemctl stop firewalld.service

0 ~7 x7 }. v2 |" r; \0 L/ Y# Y

systemctl disable firewalld.service

firewall-cmd --state

sed -i '/^SELINUX=.*/c SELINUX=disabled' /etc/selinux/config

sed -i 's/^SELINUXTYPE=.*/SELINUXTYPE=disabled/g' /etc/selinux/config

grep --color=auto '^SELINUX' /etc/selinux/config

& g+ o8 Q7 k$ `

setenforce 0

. _$ t+ b3 g/ a' |) S0 N3 r5 k

#将glance组件的节点安装ceph客户端

( ~* E# q- b; W% F# m+ \8 f

yum install python-rbd

#将nova和cinder组件的节点安装ceph客户端

/ |; v8 M+ @% ]. `- w8 C

yum install ceph-common

: @( C; l  e+ C4 a  p" W0 n* ^
, y2 k$ H; r8 B

#创建POOL

2 w' v* u" C. n; v1 G

ceph osd pool create volumes 128

ceph osd pool create images 128

2 V8 K& |3 |: X1 R

ceph osd pool create vms 128

* W- T( @# ~+ m4 U3 M  R* v7 B

#初始化POOL

, G+ }% z0 V% t

rbd pool init volumes

rbd pool init images

rbd pool init vms

#将ceph的配置文件导入到各个openstack节点上

+ s  @2 P3 y) ?; j5 o+ B: W

ssh node4 tee /etc/ceph/ceph.conf </etc/ceph/ceph.conf

ssh node5 tee /etc/ceph/ceph.conf </etc/ceph/ceph.conf

+ ]2 o1 e( ^5 [7 k! S- g
1 ~( ]0 F' o) j! O

#创建ceph用户和密钥

2 J3 l) k; s5 v  @" r

ceph auth get-or-create client.glance mon 'profile rbd' osd 'profile rbd pool=images'

( g5 F; F1 w8 d$ T) |' U, E$ _6 Q8 }

ceph auth get-or-create client.cinder mon 'profile rbd' osd 'profile rbd pool=volumes, profile rbd pool=vms, profile rbd-read-only pool=images'

0 D+ f) D2 V/ E  i# _

ceph auth get-or-create client.cinder-backup mon 'profile rbd' osd 'profile rbd pool=backups'

) D/ i8 j0 S$ b  F! `
# x6 u0 X; @( j6 t; D

#查询用户，写入文件

ceph auth get-or-create client.glance | ssh node4  tee /etc/ceph/ceph.client.glance.keyring

0 [; G- H! k% }+ R

ssh node4 chown glance:glance /etc/ceph/ceph.client.glance.keyring

ceph auth get-or-create client.cinder | ssh node5  tee /etc/ceph/ceph.client.cinder.keyring

5 i1 o( x' i) M

ssh node5  chown cinder:cinder /etc/ceph/ceph.client.cinder.keyring

ceph auth get-or-create client.cinder-backup | ssh node5  tee /etc/ceph/ceph.client.cinder-backup.keyring

ssh node5  chown cinder:cinder /etc/ceph/ceph.client.cinder-backup.keyring

  B! f, N! R5 T

ceph auth get-key client.cinder | ssh node5 tee client.cinder.key

6 z7 I6 g2 \1 H9 H  _

ceph与glance对接

#更改glance默认存储为ceph

#修改/etc/glance/glance-api.conf文件，添加一下内容

[DEFAULT]

default_store = rbd

0 r( b0 V9 c7 c6 L) ^1 X& t

show_image_direct_url = True

1 U9 \- n* y$ B7 W

[glance_store]

#stores = file,http

0 I" r  ^  O- K, r

#default_store = file

#filesystem_store_datadir = /var/lib/glance/images/

, e. U' ]9 u: \

stores = rbd

default_store = rbd

rbd_store_pool = images

rbd_store_user = glance

! i2 B. O2 V6 t/ t- G

rbd_store_ceph_conf = /etc/ceph/ceph.conf

rbd_store_chunk_size = 8

#重启服务

) H& w6 R# m2 e4 `

systemctl restart openstack-glance-api openstack-glance-registry

9 R6 ]/ Z$ x& ?, k

注意：在glance节点你需要查看/etc/ceph目录下是否有glance秘钥

4 k, X# C, O5 w! i+ i

ceph与nova对接，在computer节点上操作

, O7 x3 c8 q  f5 W7 m

#密钥加进libvirt

( u4 x4 F" B" Z( n. q5 E3 Y+ |

uuidgen

9 N4 `0 g6 D# A7 ^2 {  e7 \

cat > secret.xml <<EOF

$ \% L8 Z. B, P8 a4 h/ n0 n

<secret ephemeral='no' private='no'>

& }5 L3 I( `& V9 C& b( F2 }* H

  <uuid>ff2e1190-30f5-4849-9c1c-886b1e1ee181</uuid>

  <usage type='ceph'>

    <name>client.cinder secret</name>

. A# o& w$ g' u4 N

  </usage>

</secret>

: |+ f9 h2 N) S" w

EOF

2 k) }6 q; P/ ]7 y% P; C

virsh secret-define --file secret.xml

virsh secret-set-value --secret ff2e1190-30f5-4849-9c1c-886b1e1ee181 --base64 $(cat client.cinder.key) && rm client.cinder.key secret.xml

/ p) M: X# N8 Y2 W( ]4 `

virsh secret-list

3 o, Z6 n9 h/ i

UUID                                  用量

" [5 A8 m, S! f2 b: {, Q

--------------------------------------------------------------------------------

2 s0 Y2 F2 l/ c( }: _4 `

ff2e1190-30f5-4849-9c1c-886b1e1ee181  ceph client.cinder secret

8 N* X- Z  ~* g% Z: k' c% P1 T

在computer节点的ceph配置文件里添加一下内容

2 a" w! X/ O; {$ c* v, g

ls -l /etc/ceph/

% l4 ]/ K' q' q' v! f$ j

#ceph

echo '

1 R3 ?5 f; l& O. }$ V3 U  G9 o

[client]

rbd cache = true

: T/ C" Q+ [$ W0 D

rbd cache writethrough until flush = true

4 Z0 L9 x$ P# ]1 {, J: `6 y; Z! }

admin socket = /var/run/ceph/guests/$cluster-$type.$id.$pid.$cctid.asok

: E$ a$ q9 {3 E0 l- P* Q

log file = /var/log/qemu/qemu-guest-$pid.log

7 x) U# v: O% D8 \) M# E

rbd concurrent management ops = 20

[client.cinder]

keyring = /etc/ceph/ceph.client.cinder.keyring

'>>/etc/ceph/ceph.conf

  h$ _9 u1 b: a' G, i7 _1 v
$ D+ O; s- l) r

mkdir -p /var/run/ceph/guests/ /var/log/qemu/

5 f4 l1 v" K5 c$ d- S+ c

chown qemu:libvirt /var/run/ceph/guests /var/log/qemu/

  K3 E0 G- m  ]# ^* o

#使用ceph存储，在/etc/nova/nova.conf添加以下内容

. b* Y+ S7 E9 ]/ W

[libvirt]

7 Q: O6 u( R, ^5 T

virt_type = qemu

  ?# F1 z% o) a0 {. j

images_type = rbd

9 ^. `5 `2 U2 Q( t

images_rbd_pool = vms

images_rbd_ceph_conf = /etc/ceph/ceph.conf

rbd_user = cinder

8 M: M9 w# q2 _% y" O) a

rbd_secret_uuid = 'ff2e1190-30f5-4849-9c1c-886b1e1ee181'

disk_cachemodes="network=writeback"

' \4 D, z- N5 [: V8 k- S! h

live_migration_flag="VIR_MIGRATE_UNDEFINE_SOURCE,VIR_MIGRATE_PEER2PEER,VIR_MIGRATE_LIVE,VIR_MIGRATE_PERSIST_DEST,VIR_MIGRATE_TUNNELLED"

& N& \9 H2 ]4 Y; E# \& }

libvirt_inject_password = false

3 A2 v* b3 ^4 c" J5 E; \

libvirt_inject_key = false

7 \3 M  R5 \. j! `$ {

libvirt_inject_partition = -2

) F' L5 t, c2 }9 k! ^8 _. J
. {/ _! {5 F3 O

#重启服务

systemctl restart libvirtd.service openstack-nova-compute.service

2 o0 h/ }" H/ k/ {* J7 f5 y

ceph与cinder对接

4 s" q  h' |- a( e' W1 o8 |

#修改/etc/cinder/cinder.conf配置文件，注意：将之前的lvm的配置都删掉

[DEFAULT]

. I2 i! N' F6 x+ Q6 f; V

#enabled_backends = lvm

' I! L$ S- e) a( b/ K, t# E- ~

enabled_backends = ceph

/ U; C' T4 }4 U, i8 X. \: \
7 F4 D9 {; w% k: _

[ceph]

9 Z) D8 j- l$ S3 X* g

volume_driver = cinder.volume.drivers.rbd.RBDDriver

rbd_pool = volumes

rbd_ceph_conf = /etc/ceph/ceph.conf

% n2 D) U2 A& y9 h+ R4 h4 Q

rbd_flatten_volume_from_snapshot = false

rbd_max_clone_depth = 5

rbd_store_chunk_size = 4

rados_connect_timeout = -1

- D/ {1 s7 r- t, [, u* q: j8 l1 r* K

glance_api_version = 2

rbd_user = cinder

rbd_secret_uuid = ff2e1190-30f5-4849-9c1c-886b1e1ee181

4 h- |% Y/ d) a* c6 p( f0 ?' [
+ V. u  V& M+ l' G

#重启服务   

systemctl restart openstack-cinder-volume.service

7 T& `; k6 k; n

0 _7 I' L' ]% C! ~; M
# v8 T- }+ \' }( ~

admin

1、创建一个POOL
Ceph的块设备默认使用“rdb” pool，但建议为Cinder和Glance创建专用的pool。
ceph osd pool create volumes 128
; p  i: p- q3 Iceph osd pool create images 128
ceph osd pool create backups 128
2 t- f: q% ?8 d# E$ y/ Sceph osd pool create vms 128

$ ?  |; }0 V3 ?7 G2、配置OPENSTACK CEPH CLIENTS
环境的准备，需要事先在ceph管理节点到openstack各服务节点间建立起免密钥登录的关系，且需有使用sudo的权限。

2 J7 K3 h. {0 m" ?; B安装ceph客户端软件包：
* m+ S3 ^& [7 c在glance-api节点：sudo yum install python-rbd
7 [7 D7 @2 I- O( g- G* y8 K在nova-compute, cinder-backup and on the cinder-volume节点：sudo yum install  ceph （both the Python bindings and the client command line tools）

1 u) \5 H6 ?& p9 x! i在OpenStack中运行glance-api, cinder-volume, nova-compute ，cinder-backup服务的主机节点，都属于Ceph的客户端。需要配置ceph.conf.
使用以下命令把ceph.conf复制到每个ceph客户端节点：
ssh {your-openstack-server} sudo tee /etc/ceph/ceph.conf </etc/ceph/ceph.conf
% W* M9 t5 d. I3 ~+ J
3、设置Ceph Client Authentication
: Z/ T' V! n8 n& }$ W* m如果启用了cephx认证，那么就需要为Nova/Cinder创建一个新用户：
, {3 _1 o& U2 I" o/ D$ceph auth get-or-create client.cinder mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=volumes, allow rwx pool=vms, allow rx pool=images'
$ ceph auth get-or-create client.glance mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=images'
$ ceph auth get-or-create client.cinder-backup mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=backups'

将密钥（client.cinder, client.glance, and client.cinder-backup）分发至对应的主机节点，并调整属主权限：
- M; ^7 i0 s" U+ o% I" zceph auth get-or-create client.glance | ssh {your-glance-api-server} sudo tee /etc/ceph/ceph.client.glance.keyring
' U' V3 h* K7 s2 I, `7 z6 tssh {your-glance-api-server} sudo chown glance:glance /etc/ceph/ceph.client.glance.keyring
ceph auth get-or-create client.cinder | ssh {your-volume-server} sudo tee /etc/ceph/ceph.client.cinder.keyring
ssh {your-cinder-volume-server} sudo chown cinder:cinder /etc/ceph/ceph.client.cinder.keyring
ceph auth get-or-create client.cinder-backup | ssh {your-cinder-backup-server} sudo tee /etc/ceph/ceph.client.cinder-backup.keyring
: d' j2 @+ W  R7 ^' v1 n5 Qssh {your-cinder-backup-server} sudo chown cinder:cinder /etc/ceph/ceph.client.cinder-backup.keyring

+ a& y* Y! Z4 m7 v运行nova-compute的节点需要使用cinder密钥：
$ A6 _7 N: `5 i* U  Aceph auth get-or-create client.cinder | ssh {your-nova-compute-server} sudo tee /etc/ceph/ceph.client.cinder.keyring

libvirt同样也要使用client.cinder密钥：
. g- n6 e& d6 OLibvirt进程在从Cinder挂载一个块设备时，需要使用该密钥访问Ceph存储集群。
9 C7 p7 X7 e# F: b# \先要在运行nova-compute的节点上创建一个密钥的临时拷贝：
ceph auth get-key client.cinder | ssh {your-compute-node} tee client.cinder.key

然后登录到compute节点上，将密钥增加到libvirt配置文件中并删除上面的临时文件：
$ uuidgen
22003ebb-0f32-400e-9584-fa90b6efd874
  O- F7 F! Q, E+ ^2 n
7 j8 Y; y! c/ |# w4 u! {cat > secret.xml <<EOF
<secret ephemeral='no' private='no'>
<uuid>22003ebb-0f32-400e-9584-fa90b6efd874</uuid>
<usage type='ceph'>
<name>client.cinder secret</name>
' q) ?3 o# u, t; d4 T" a, z: G" U</usage>
</secret>
EOF
# virsh secret-define --file secret.xml
#Secret 22003ebb-0f32-400e-9584-fa90b6efd874 created
# virsh secret-set-value --secret 22003ebb-0f32-400e-9584-fa90b6efd874 --base64 $(cat client.cinder.key) && rm client.cinder.key secret.xml
Secret value set
8 q( e: {" x* e1 J) R4 @
为了便于管理，建议在有多个计算节点时，在上在的操作中使用相同的UUID。
- U& f, `/ m& E
, k  @8 Z  z. [( I! t0 R- S
4、设置Glance集成Ceph
) s) G- w) a% y/ ^0 dJUNO，编辑/etc/glance/glance-api.conf：
, ?* L- V7 l, i& F[DEFAULT]
...
default_store = rbd
...
[glance_store]
stores = rbd
/ e$ D: W. _) M+ b. t4 Erbd_store_pool = images
rbd_store_user = glance
7 Z* Y' d) H1 `& ^* Wrbd_store_ceph_conf = /etc/ceph/ceph.conf
rbd_store_chunk_size = 8

/ E% h) [- f7 {) n' g* |启用copy-on-write功能：
在[DEFAULT]中增加以下参数，
. x; T  M! y9 C- K  c/ K8 r8 Nshow_image_direct_url = True
! K% p* Y$ _3 W8 Q7 y6 {& d
怎样关闭Glance的镜像缓存：
修改以下参数如以下所示，
; H7 d* r! T% j6 S[paste_deploy]flavor = keystone

其它建议设置的Glance参数：
- hw_scsi_model=virtio-scsi: add the virtio-scsi controller and get better performance and support for discard operation
& ?  K  l4 V2 V/ n8 C/ f* c9 o- hw_disk_bus=scsi: connect every cinder block devices to that controller
- hw_qemu_guest_agent=yes: enable the QEMU guest agent
1 a/ f: x+ S$ n2 s/ \: X( \" a- os_require_quiesce=yes: send fs-freeze/thaw calls through the QEMU guest agent

OpenStack官网配置参考：
6 e, Y: Q8 y' j6 V% `) zhttp://docs.openstack.org/libert ... -image-service.html

* }6 D, c6 k2 d7 Q5、设置Cinder集成Ceph
6 D  U+ f+ ]  U" O编辑/etc/cinder/cinder.conf：
; {+ M4 b+ I7 B! f- ?[DEFAULT]
...
enabled_backends = ceph
...
: s. Q3 O3 {; J/ w[ceph]
volume_driver = cinder.volume.drivers.rbd.RBDDriver
. s. x" [+ `* h0 yrbd_pool = volumes
. l, ^& P0 J6 |rbd_ceph_conf = /etc/ceph/ceph.conf
rbd_flatten_volume_from_snapshot = false
, R: a' T' m8 D4 _rbd_max_clone_depth = 5
rbd_store_chunk_size = 4
" F# `3 M1 ^! C3 Mrados_connect_timeout = -1
: Z& F& f$ c4 ]4 a7 i+ f% s! w3 Uglance_api_version = 2

在启用了cephx认证时，还需要配置认证信息：
[ceph]
...
& U7 T! l0 x" x3 e, {* v0 I$ Z7 Prbd_user = cinder
" {8 f3 r" v. s4 g, q+ lrbd_secret_uuid = 22003ebb-0f32-400e-9584-fa90b6efd874
5 `/ z; r1 n8 Q$ _) E9 q
  G: }: j) F6 Z# |+ F* K0 M注：如果你需要配置多个cinder back ends，一定要在 [DEFAULT] 部分设置glance_api_version = 2 。
6 D% z! p2 s& H' j- |# y7 \
! v$ L( s0 L' O下表来自OpenStack官网Liberty的配置文档：
http://docs.openstack.org/libert ... ent/ceph-rados.html
Description of Ceph storage configuration options
: ^. ]5 @& Y# D* \4 LConfiguration option = Default value        Description
4 g9 h/ d9 g  _  v- y[DEFAULT]
+ h+ K- O$ K+ R. D2 y  Drados_connect_timeout = -1        (IntOpt) Timeout value (in seconds) used when connecting to ceph cluster. If value < 0, no timeout is set and default librados value is used.
rados_connection_interval = 5        (IntOpt) Interval value (in seconds) between connection retries to ceph cluster.
rados_connection_retries = 3        (IntOpt) Number of retries if connection to ceph cluster failed.
- k0 e5 ]  O& {/ L7 w$ e4 Jrbd_ceph_conf =        (StrOpt) Path to the ceph configuration file
rbd_cluster_name = ceph        (StrOpt) The name of ceph cluster
rbd_flatten_volume_from_snapshot = False        (BoolOpt) Flatten volumes created from snapshots to remove dependency from volume to snapshot
% D" D6 n  I1 E8 K$ B2 L# Brbd_max_clone_depth = 5        (IntOpt) Maximum number of nested volume clones that are taken before a flatten occurs. Set to 0 to disable cloning.
rbd_pool = rbd        (StrOpt) The RADOS pool where rbd volumes are stored
5 i: J4 p( w6 J$ Z. t2 arbd_secret_uuid = None        (StrOpt) The libvirt uuid of the secret for the rbd_user volumes
. {, o0 l+ V5 q4 O+ r+ Jrbd_store_chunk_size = 4        (IntOpt) Volumes will be chunked into objects of this size (in megabytes).
rbd_user = None        (StrOpt) The RADOS client name for accessing rbd volumes - only set when using cephx authentication
volume_tmp_dir = None        (StrOpt) Directory where temporary image files are stored when the volume driver does not write them directly to the volume. Warning: this option is now deprecated, please use image_conversion_dir instead.
8 F  _9 p" M7 z
( S) ]+ `/ p0 @, \1 B4 E

; \. R* ~' U8 |) B3 b9 X+ _7 u  E6、设置Cinder Backup集成Ceph
OpenStack Cinder Backup需要一个专门的进程。在你的Cinder Backup节点上，编辑/etc/cinder/cinder.conf：
& M* x& n9 R) I! l. f7 nbackup_driver = cinder.backup.drivers.ceph
$ G6 ~0 L! y( ?' O" d6 w/ jbackup_ceph_conf = /etc/ceph/ceph.conf
backup_ceph_user = cinder-backup
backup_ceph_chunk_size = 134217728
backup_ceph_pool = backups
' i# f5 k  r1 |/ S, K. R( J8 z3 ubackup_ceph_stripe_unit = 0
backup_ceph_stripe_count = 0
( |, |6 R# T# T7 ?* d4 o% arestore_discard_excess_bytes = true
1 ^$ u2 V9 p7 f0 _# |& t. f
以下是来自OpenStack官网对Cinder Backup集成Ceph的配置说明：
% n# o% f7 b$ b. w& v1 s  zTo enable the Ceph backup driver, include the following option in the cinder.conf file:

backup_driver = cinder.backup.drivers.ceph
( F' ^: h- C4 bThe following configuration options are available for the Ceph backup driver.
' d; }! i1 M! P$ p. R5 s
Table 2.52. Description of Ceph backup driver configuration options
* ^1 d( |3 t) @: N, oConfiguration option = Default value        Description
) T3 m6 h1 [/ U; V! d) |; n# I[DEFAULT]
backup_ceph_chunk_size = 134217728        (IntOpt) The chunk size, in bytes, that a backup is broken into before transfer to the Ceph object store.
! h- ~9 \! F( C5 B6 f, Gbackup_ceph_conf = /etc/ceph/ceph.conf        (StrOpt) Ceph configuration file to use.
- j# I# n8 s+ D( s! [6 A# s% w0 Ybackup_ceph_pool = backups        (StrOpt) The Ceph pool where volume backups are stored.
4 M1 s& e- D0 Q% r* {4 d( @; g% k  nbackup_ceph_stripe_count = 0        (IntOpt) RBD stripe count to use when creating a backup image.
backup_ceph_stripe_unit = 0        (IntOpt) RBD stripe unit to use when creating a backup image.
2 x0 q/ p: M' t% j$ K' A8 X  jbackup_ceph_user = cinder        (StrOpt) The Ceph user to connect with. Default here is to use the same user as for Cinder volumes. If not using cephx this should be set to None.
restore_discard_excess_bytes = True        (BoolOpt) If True, always discard excess bytes when restoring volumes i.e. pad with zeroes.
" B0 g0 y  X" `* v2 HThis example shows the default options for the Ceph backup driver.
+ N% K, x! p' K- X
backup_ceph_conf=/etc/ceph/ceph.conf
backup_ceph_user = cinder
backup_ceph_chunk_size = 134217728
& J2 Z: A3 Z* T8 Vbackup_ceph_pool = backups
backup_ceph_stripe_unit = 0
$ j/ j9 j$ n8 E, dbackup_ceph_stripe_count = 0
/ N1 F& e1 s% E# j5 m* Y- b: S0 P
7、设置NOVA集成Ceph
0 p% ^5 T. [' Q- a! l5 D为了直接基于Ceph存储启动虚机，还需要为Nova配置一个临时的存储后端。同时，建议使用RBD缓存，启用admin socket。
admin socket可以通过以下方法访问：
     ceph daemon /var/run/ceph/ceph-client.cinder.19195.32310016.asok help

, Y) W4 f0 \+ U0 Z4 \+ g( S$ X在你的每个compute节点上，编辑Ceph配置文件：
[client]
rbd cache = true
& F9 Z  T' k% T5 ]7 jrbd cache writethrough until flush = true
4 B( q; V' P  l* B! e8 |/ I; ?& aadmin socket = /var/run/ceph/guests/$cluster-$type.$id.$pid.$cctid.asok
: Y& \+ |- s; Vlog file = /var/log/qemu/qemu-guest-$pid.log
rbd concurrent management ops = 20
& b. l4 e" h1 j
调整权限：
mkdir -p /var/run/ceph/guests/ /var/log/qemu/
8 S/ j; ^; k  q$ |3 I5 h( fchown qemu:libvirt /var/run/ceph/guests /var/log/qemu/

3 F" c+ o0 p+ e注：以上的qemu用户和libvirt组是基于RedHat相关系统的。
: c4 x, i' d. I$ ^9 v; j, @/ y
" b# z  a3 }' A: w+ g, m( }* [以配置好后，如果虚机已经在运行，则可以重启使上面的配置生效。

JUNO
3 b& R% c3 K% K, K在每个compute节点上编辑/etc/nova/nova.conf文件：
[libvirt]
images_type = rbd
8 P- G; ?2 E3 Mimages_rbd_pool = vms
images_rbd_ceph_conf = /etc/ceph/ceph.conf
rbd_user = cinder
rbd_secret_uuid = 22003ebb-0f32-400e-9584-fa90b6efd874
disk_cachemodes="network=writeback"

$ a- }+ O& A, P& k0 V: c建议关闭nova的密钥注入功能，而是使用基于metadata服务、cloud-init实现类似功能：
: E: u2 C8 o- R1 s5 a: |4 n在每个计算节点上，编辑/etc/nova/nova.conf：
: b4 v+ }; P$ t* S8 V7 Winject_password = false
inject_key = false
inject_partition = -2

% F+ p# P" S8 m: z启动热迁移支持：
4 H" ]; F) r* l在[libvirt]部分增加：
, f% [/ K6 h" W1 @! A" Alive_migration_flag="VIR_MIGRATE_UNDEFINE_SOURCE,VIR_MIGRATE_PEER2PEER,VIR_MIGRATE_LIVE,VIR_MIGRATE_PERSIST_DEST,VIR_MIGRATE_TUNNELLED"

8、重启OpenStack服务
4 S5 `" b& m; y4 ?& x& P6 Jsudo service openstack-glance-api restart
sudo service openstack-nova-compute restart
sudo service openstack-cinder-volume restart
sudo service openstack-cinder-backup restart