|
|
楼主 |
发表于 2018-12-23 22:58:43
|
显示全部楼层
[1] Add users and others for Gnocchi in Keystone.
0 R; D, `9 B, n& H" T) N# add gnocchi user (set in service project)
/ y/ C! B* l( ?* s[root@dlp ~(keystone)]# openstack user create --domain default --project service --password servicepassword gnocchi 1 p9 t' `- G0 ~. n+ h; h2 ?. s
+---------------------+----------------------------------+
: k2 U7 P, m: t9 q* ^. g/ n| Field | Value |
* N9 u# g0 W, D# B% g) W; a$ n+---------------------+----------------------------------+0 I7 s3 ?* C" _
| default_project_id | b1da1070c8af427886d0202f8bbe414f |+ x/ P( K1 `7 J9 f- x6 S
| domain_id | default |5 |, u# k4 x3 x4 p, O' N C& Y
| enabled | True |
4 s X# q0 y% X% O' J| id | c88a3abbad194ec9a18c101a91a60576 |
3 }; c/ r; R; f4 w5 m2 I% w+ V" T+ J| name | gnocchi |, O) ]& d3 C. X7 d! S( ]- F- z% v
| options | {} |* s; c% Y3 r$ |* s0 {
| password_expires_at | None |
- l% b/ ]0 E1 c6 r0 k4 n9 e2 {+---------------------+----------------------------------+
. `( g2 z+ @0 u4 b# C( b) Y( v8 R% z- y K6 I
# add gnocchi user in admin role
! M! y5 ]5 t1 R5 c' p y1 z! E% ~[root@dlp ~(keystone)]# openstack role add --project service --user gnocchi admin
) n' I; m; C1 C* R* s4 v0 z) j# add service entry for gnocchi% H& L H. c" c2 i
[root@dlp ~(keystone)]# openstack service create --name gnocchi --description "Metric Service" metric
* N" \! P0 n" U3 F- ~* p+-------------+----------------------------------+1 j2 j( C1 D6 f9 d
| Field | Value |
0 `( U- L9 q7 H, u+-------------+----------------------------------+
$ x( R; T" {7 u0 P/ M' ]. ^" j| description | Metric Service |
& [" ], e( f. z7 f| enabled | True |) `$ V" h( F7 \8 R. _& `7 [
| id | c1e4e9055d38453490e6b7e283a4c547 |
8 }+ t2 I+ g( T9 \% ~| name | gnocchi |
7 k2 K% B$ a- @! T| type | metric |
+ _- s T3 V& M/ S+-------------+----------------------------------+0 M) r! W4 [" C: M% r! c
\ `1 |9 Z1 o
# define keystone host
9 |3 W* B' s& x[root@dlp ~(keystone)]# export controller=10.0.0.30! n0 [# b: u4 D n2 C2 h
# add endpoint for gnocchi (public)
8 k& p& V3 b0 z" y; j: e) ][root@dlp ~(keystone)]# openstack endpoint create --region RegionOne metric public http://$controller:8041 7 Q3 k! h2 ?: {4 R2 {4 _3 V
+--------------+----------------------------------+
! M3 S5 N7 `! J3 G4 r0 D% m| Field | Value |9 |0 w% ]5 m7 \# t) f ?$ J( \
+--------------+----------------------------------+
4 a' @9 H8 |% v5 @0 b7 D$ q| enabled | True |
: b3 y" d# J% _5 u) K, A| id | 1b3aa18b5d474af7915f366414fe71da |+ ]. l$ t9 @/ E+ g" \4 q
| interface | public |. \' \0 l9 e0 c
| region | RegionOne |
5 F, w7 P8 ?6 z9 h1 J d| region_id | RegionOne |! v2 Q3 W- U! u1 g
| service_id | c1e4e9055d38453490e6b7e283a4c547 |- I. i! p; p1 A \7 W. @; n3 `
| service_name | gnocchi |3 s9 M) A, b# S# w3 g
| service_type | metric |
6 [8 H- N5 S* N/ o| url | http://10.0.0.30:8041 |
?' x- d9 a0 n# {+--------------+----------------------------------+8 W8 T1 F+ ]4 Y' a( E4 \
0 ]9 q7 q" C L5 b6 I* c
# add endpoint for gnocchi (internal)
7 d1 ^' w, N& h+ Z6 {[root@dlp ~(keystone)]# openstack endpoint create --region RegionOne metric internal http://$controller:8041 ! b0 i( _& h5 Y6 K9 d
+--------------+----------------------------------+% G) R9 n5 i9 `* R
| Field | Value |3 v1 i$ f) k! K7 o, V, g
+--------------+----------------------------------+
( H) _& H( c5 N$ M8 I. p: |& L# z, f4 x1 H| enabled | True |" l4 ~! n9 x( e) ^+ l: A
| id | 88fcc0e358124e46bc196e9bf2d5d73a |
. } r9 V2 O, B& t5 C6 k| interface | internal |
' n$ v8 o @3 l6 U1 x6 b2 G| region | RegionOne |
3 a: u4 W% f, w( ~1 b$ [/ V| region_id | RegionOne |% o* ~0 V5 `. B8 z( |- ~/ u
| service_id | c1e4e9055d38453490e6b7e283a4c547 |
/ [1 V) M0 z8 a| service_name | gnocchi |
+ [1 T! n2 p4 g( |$ N# r6 _| service_type | metric |
4 B, D' I+ o) h0 c, r2 v| url | http://10.0.0.30:8041 |5 v- q: s5 J1 m7 G. O
+--------------+----------------------------------+
8 Q+ }+ U2 T( B* Y! v- O
8 W& t, M- e8 l# V# add endpoint for gnocchi (admin)1 V) n' |& [- D. F, v( m3 D
[root@dlp ~(keystone)]# openstack endpoint create --region RegionOne metric admin http://$controller:8041
& {+ M" e% a; I* H: T$ [- \+--------------+----------------------------------+- P1 l7 D6 a' O- J ?6 L
| Field | Value |
! Z/ L; u7 Z. k3 K5 k2 j+--------------+----------------------------------+
' G+ e9 j; V$ B3 s5 M, B" e4 g% \; R| enabled | True |
& ^/ u! I5 `2 R4 g! J| id | f7d7e9d8dd3c464a8a579b7defd2e575 |
8 z. ~) u: \1 S" G| interface | admin |7 R9 ]7 _9 z) K. o
| region | RegionOne |
/ D1 n6 e0 w% `! z' e% E7 b3 g| region_id | RegionOne |
& `: p3 h2 {3 H) z! d| service_id | c1e4e9055d38453490e6b7e283a4c547 |
A, x$ r5 I4 u) i| service_name | gnocchi |
' K7 I7 `; S3 E| service_type | metric |* K4 t. s" v/ P d- d
| url | http://10.0.0.30:8041 |% O) y+ g" N/ {2 g S
+--------------+----------------------------------+
$ S/ C2 e+ W- q- G& e* `( {[2] Add a User and Database on MariaDB for Gnocchi.
& I5 w5 q4 `. f0 i% g[root@dlp ~(keystone)]# mysql -u root -p + ~7 v l f; o) b4 O
Enter password:, N2 e- D3 E% `2 Y. q) I/ r
Welcome to the MariaDB monitor. Commands end with ; or \g.
4 t3 t; K2 `7 ~( }6 ]Your MariaDB connection id is 71, _0 z; ?7 @: E2 y$ R8 W
Server version: 10.1.20-MariaDB MariaDB Server' } g' |3 m: D! @3 @4 a
0 B8 D/ G' I2 O# e
Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.
3 V% O5 w+ M: X' s9 u& r
$ w; J& d1 a% c9 TType 'help;' or '\h' for help. Type '\c' to clear the current input statement.
* l) v- }5 ^2 u, e5 M3 _* k/ [# g, q5 x' S/ k
MariaDB [(none)]> create database gnocchi; ) s! [( D0 w0 y" b4 X1 o
Query OK, 1 row affected (0.00 sec)( b& d1 r' l( ]5 ~* t/ }
MariaDB [(none)]> grant all privileges on gnocchi.* to gnocchi@'localhost' identified by 'password';
: @: p" i! }& C( RQuery OK, 0 rows affected (0.00 sec)
0 l" o$ q8 M$ M4 c6 L: M' UMariaDB [(none)]> grant all privileges on gnocchi.* to gnocchi@'%' identified by 'password';
. U! {* Z- o! O$ p2 V1 J* H- iQuery OK, 0 rows affected (0.00 sec)
* i5 z0 j) c( G7 Z4 W1 SMariaDB [(none)]> flush privileges; + T, X, x& d' N6 A3 E
Query OK, 0 rows affected (0.00 sec)
9 [) e3 e, X4 j5 u |3 Y% AMariaDB [(none)]> exit # y* k- q4 k6 S& |+ C/ E$ A
Bye
8 c9 y( P/ l) [9 d) T( v[3] Install Gnocchi.* z2 R0 v( N+ n" U' \. G
# install from Queens, EPEL
& o% L" J. ?& j2 ~2 b[root@dlp ~(keystone)]# yum --enablerepo=centos-openstack-queens,epel -y install openstack-gnocchi-api openstack-gnocchi-metricd python2-gnocchiclient
1 @# e6 R# Z' } e; L5 b) B& U[4] Configure Gnocchi.
( W0 P6 p' b& [[root@dlp ~(keystone)]# mv /etc/gnocchi/gnocchi.conf /etc/gnocchi/gnocchi.conf.org
0 _6 l- m7 F. E: j$ p5 ][root@dlp ~(keystone)]# vi /etc/gnocchi/gnocchi.conf) w0 `* `/ n; I, D( P* m7 F
# create new6 f* ^$ O( a$ w; h* Z2 J; X* v
[DEFAULT]8 A" f8 ?) }* x. `' f
log_dir = /var/log/gnocchi8 l: F' O E8 S) j0 Q* L% H# T1 |
8 Y! P. R, N! X! z0 e$ Q[api]
5 j8 N3 _7 z$ k- ^! Y0 xauth_mode = keystone* }: k! J0 x& k9 o
3 B! z& d& K7 |7 W* E/ I$ h
[database]
2 O1 K) n+ B) \* X, G" ubackend = sqlalchemy
: m9 K. T' C& b# w
; z. q- |3 {7 |- \. G# MariaDB connection info2 t9 W6 z+ r8 W" W4 q$ k
[indexer]% v* m- ?1 H+ l
url = mysql+pymysql://gnocchi:password@10.0.0.30/gnocchi
' T* J- P" y! F; h- Q2 x& t5 f8 l- ~5 W$ \1 l& V
[storage]
! f k" r, v$ B1 x! T. E v5 b# edriver = file0 b6 q1 Z# a' |
file_basepath = /var/lib/gnocchi
) `0 }" a. u, x% v# G- }0 N8 g _; ^" Y3 u
# Keystone auth info. t' ]& Z0 _0 _ P
[keystone_authtoken]
+ e, \1 A# d3 }4 ]www_authenticate_uri = http://10.0.0.30:5000/ I6 x2 Q4 S5 f2 j2 J7 e/ u& |# _
auth_url = http://10.0.0.30:5000) W. v7 P0 `5 k1 H1 S8 w+ R- V) v V
memcached_servers = 10.0.0.30:112110 g9 O+ E- h- }3 _$ Z8 k6 I
auth_type = password3 ~/ `0 Z! h, i k1 p
project_domain_name = default' R4 V2 {4 k5 M1 S1 r5 F) d
user_domain_name = default
8 h) D0 }. q) P( P0 I' x- gproject_name = service
8 r6 {9 h2 K2 i# x3 X( H- Uusername = gnocchi
& i0 R+ w# _, A$ P( o# ^- }password = servicepassword" K: \. {3 J8 c5 p, \, K" E2 j
service_token_roles_required = true8 g) _- B G. Y& K+ e% L4 M3 a
$ S9 O) g% W1 {[root@dlp ~(keystone)]# vi /etc/httpd/conf.d/10-gnocchi_wsgi.conf+ S9 U0 c; H1 x" p
# create new
6 r7 j$ r: t) W4 n$ @Listen 8041
0 W& t1 S* a# |6 |<VirtualHost *:8041>( ~1 ]$ z3 N5 t7 W$ O
DocumentRoot /var/www/cgi-bin/gnocchi
# w3 {. I8 X- G: ]: W7 h0 C) z7 R* }1 C3 o6 W6 n* a+ s
<Directory /var/www/cgi-bin/gnocchi># }; `5 o# r0 i5 O" s7 _
AllowOverride None
! j, }4 k2 H5 B" l" v Require all granted
; U/ f0 s5 k, c+ ]9 z+ x; O$ r </Directory>
$ @, M% E9 x. g$ f) K- N" \. ?
7 J. l! }- g" t9 j& o* ~8 N z CustomLog /var/log/httpd/gnocchi_wsgi_access.log combined/ K: i' [$ C W( U* ^' _, Z
ErrorLog /var/log/httpd/gnocchi_wsgi_error.log# c9 B+ C! s9 E3 }& @, p
SetEnvIf X-Forwarded-Proto https HTTPS=1
' R. o( E- ]: }; g, x/ O WSGIApplicationGroup %{GLOBAL}
% ]! Z* C8 V1 o5 x+ b4 ^ WSGIDaemonProcess gnocchi display-name=gnocchi_wsgi user=gnocchi group=gnocchi processes=6 threads=6! k! b, H- N* ]9 \' D0 \- Q& p
WSGIProcessGroup gnocchi
E- x9 p- o5 c' O K6 j WSGIScriptAlias / /var/www/cgi-bin/gnocchi/app7 K6 H( j) a8 J
</VirtualHost>
" m- l0 O1 ]1 \5 j/ l/ N K; b
[root@dlp ~(keystone)]# chmod 640 /etc/gnocchi/gnocchi.conf
4 ~. U6 Z; e1 m K1 \7 G[root@dlp ~(keystone)]# chgrp gnocchi /etc/gnocchi/gnocchi.conf
7 D6 n/ U5 Y- j o, f- Q5 u[root@dlp ~(keystone)]# mkdir /var/www/cgi-bin/gnocchi # h' n P* ]/ `. V6 n! I4 b: V8 h% w; j; G
[root@dlp ~(keystone)]# cp /usr/lib/python2.7/site-packages/gnocchi/rest/gnocchi-api /var/www/cgi-bin/gnocchi/app n( R& m% @( j8 A# l: Z
[root@dlp ~(keystone)]# chown -R gnocchi. /var/www/cgi-bin/gnocchi % E4 X' T- H/ j: T# T m
[root@dlp ~(keystone)]# su -s /bin/bash gnocchi -c "gnocchi-upgrade" ) e# h# X2 N- ?0 i- H( }7 x& s, q
[root@dlp ~(keystone)]# systemctl start openstack-gnocchi-metricd
* V4 [0 D/ d: X3 o+ r2 k[root@dlp ~(keystone)]# systemctl enable openstack-gnocchi-metricd 2 U, U0 l2 R: a4 o$ ?9 p
[root@dlp ~(keystone)]# systemctl restart httpd
& Z9 j) R, p8 M* d. @- z# show status
( I6 s* d" ?* G4 Nroot@dlp ~(keystone)# export OS_AUTH_TYPE=password
4 |4 h/ w* E9 n& X7 z) ~. proot@dlp ~(keystone)# gnocchi resource list/ e) ?4 X0 G% ^: I3 v, i
# no problem if no error is shown7 z8 f' K3 k3 N* a
[5] If SELinux is enabled, change policy.
5 S3 Z5 ]; X! a. q& C& m; l5 _ Z[root@dlp ~(keystone)]# semanage port -a -t http_port_t -p tcp 8041 ; N" }! }" t, T) P9 j( W* [. z6 E$ I
[6] If Firewalld is running, allow service port.. n, o; x B5 m3 h( v
[root@dlp ~(keystone)]# firewall-cmd --add-port=8041/tcp --permanent
. B9 ?: l4 `: F! [; Q8 msuccess
) [$ j6 D7 c8 J[root@dlp ~(keystone)]# firewall-cmd --reload
/ J% L; ~7 i9 O! ?( ?* k7 A7 Ysuccess |
|
发表于 2018-12-23 22:56:33