|
|
具体操作
+ Z% A; F" }. O' C" A
3 {1 K. N. ?8 g: [' q3 t) H! _创建存储池# _9 M. O: V2 O5 ?
针对Openstack的3个不同服务,需要把存储资源池隔离开,也就是每个服务一个Pool:' C9 n! I7 Q7 z v3 d
) x1 _4 h# |2 h' F7 v. O) h
// 创建volumes池,对应Cinder服务
( }+ Y1 ~) v9 O7 Z( o7 Nceph osd pool create volumes 128; D9 R j$ i% ^4 ^) J; j, p
1 o6 ?' A, ?- y$ o# _1 d# Y9 T- }
// 创建images池,对应Glance服务
! p0 @, g' k8 [* N6 ^ceph osd pool create images 128
# V# J4 R0 O4 q; S+ i! }9 }$ X7 S
// 创建vms池,对应Nova服务
0 `/ N' t) m4 bceph osd pool create vms 128
* R" W- c6 [4 Y# I" q
; W! O4 z' `7 _% @// 创建backups池,对应Cinder-backup服务。但这个backup在同一Ceph集群中,意义不大,既然是做备份的话,就应该跨集群或者跨机房、跨区域来达到备份容灾的目的。
( G' v, x/ P" ~- l; Cceph osd pool create backups 128
* K& Q. t6 j; w9 c0 S% D- V! F2 o3 `4 `
+ L6 F9 p' ], _4 q8 L* x/ }
安装Ceph相关包6 j1 M# x! }1 h. Y
在glance-api的主机上安装python-rbd包
9 r2 p1 s* {: ]; ]* Q- L
; J. I! N; e4 {9 n7 Xyum install python-rbd2 J c6 S8 a, P; ]: \* `# z# w
+ G4 b; `: z. m/ l5 {1 q2 u/ O b
" g. `" f4 n6 W; s" N* f在nova-compute、cinder-volume、cinder-backup节点上安装ceph-common包
4 A0 {, x$ ~0 \0 @8 F7 ^3 D9 e9 M1 M, S" @2 t
yum install ceph-common
+ m+ n! `6 E. c4 B- V安装完ceph包之后,需要将ceph集群的ceph.conf copy到所有client端。
( R8 k6 g4 G+ ^- ?# s: _5 G1 D" y
' ^) d% x, _! y3 Z: y如果在Ceph的配置中打开了auth认证,就需要做如下的操作;如果Ceph中的auth都是设置的none,也就是关闭的话,可以不做如下操作。
# \! l E" c$ U0 `3 }. A, z
" `3 D% J7 [& G0 y! j+ t* I
( J& n- j v3 Z5 X2 B) G, n4 N
! @6 h3 f* b2 L! e+ o在ceph中创建了cinder、glance等用户,并做了权限控制, i& x( V' a4 J9 f' Y
1 ?( ~% V- M4 W i+ A ?ceph auth get-or-create client.cinder mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=volumes, allow rwx pool=vms, allow rx pool=images'
3 s4 _ S5 \8 y* ]6 m7 H+ |ceph auth get-or-create client.glance mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=images'
- F) m0 @( h4 q2 U+ S6 bceph auth get-or-create client.cinder-backup mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=backups'' c$ N+ K8 b8 e8 ~3 l W& _& l/ A
; V" O" K1 j/ K7 \
% \* f- Z6 X$ e6 C0 ^. d( q/ R& A将上面生成的keyring文件,保存在相应的节点上,并修改为相应的权限
4 z3 E" y: m: p8 m/ {& h% i
/ b! m1 o) g. Y/ ?' T3 N% \% v7 c// 注意替换所有的server为相应的主机名3 \1 r2 Y, l. @! w x. k. ^0 V
ceph auth get-or-create client.glance | ssh {glance-api-server} sudo tee /etc/ceph/ceph.client.glance.keyring
5 D. Q3 |8 S! _- vssh {glance-api-server} sudo chown glance:glance /etc/ceph/ceph.client.glance.keyring. w1 x& I0 W7 D* @
ceph auth get-or-create client.cinder | ssh {cinder-volume-server} sudo tee /etc/ceph/ceph.client.cinder.keyring& j2 M+ L( F! V
ssh {cinder-volume-server} sudo chown cinder:cinder /etc/ceph/ceph.client.cinder.keyring' [8 B1 K$ h3 Y& P; L7 }
ceph auth get-or-create client.cinder-backup | ssh {cinder-backup-server} sudo tee /etc/ceph/ceph.client.cinder-backup.keyring. _& s( E3 Z; F8 k7 M3 }/ r6 N
ssh {cinder-backup-server} sudo chown cinder:cinder /etc/ceph/ceph.client.cinder-backup.keyring$ P9 @0 Z1 n6 O/ z q- G
) a; P) d" z n4 C9 _0 z, c
x e' q+ r1 T0 U) O
在nova-compute节点上保存和cinder-volume相同的keyring
) F- {! y' k% U0 c' i/ D0 w* Q$ t+ @. u
ceph auth get-or-create client.cinder | ssh {nova-compute-server} sudo tee /etc/ceph/ceph.client.cinder.keyring
7 e) @/ ?7 G6 b/ ]+ |. k- Q0 g. _6 w1 R3 m# a$ V
4 A# A- v6 _( c# E在libvirt上添加secret key
9 U* W6 G+ K" s% p- r8 f0 u9 Q& K5 ]/ x2 ~8 [
// 获取cinder keyring,并保存到一个临时文件中
# e6 Y+ z- w Wceph auth get-key client.cinder | ssh {nova-compute-node} tee client.cinder.key
( T6 U' \( c6 }' G. I% g9 l( K0 a: m" Y! [- q0 ~
// 生成一个UUID
6 B. t+ H+ Q( M# ~5 @; z) Juuidgen
1 | V3 E, o" N& J* \457eb676-33da-42ec-9a8c-9293d545c337' i4 X) O- b" b& ~/ F3 q3 C
$ g6 K4 U( _9 f* v7 v/ [2 N1 W- j! n// 修改secret.xml文件,注意替换下面的uuid
( ]; m* L: B4 P6 c J+ Fcat > secret.xml <<EOF# h2 t- m2 Y, |, @& }; x* ~: c/ w/ M
<secret ephemeral='no' private='no'># x0 o4 g; W3 [9 e
<uuid>457eb676-33da-42ec-9a8c-9293d545c337</uuid> Z7 |6 n9 n' N
<usage type='ceph'>
2 n0 x/ i8 J6 I- r2 M/ K; ~ <name>client.cinder secret</name>4 J% @+ U% B( q$ D2 b
</usage>8 X# N x/ _9 S9 }/ a
</secret>
6 N: Q& u3 ?0 t' S% S1 AEOF
$ S1 ~" `' M8 c7 c7 @. X6 s% k% w- ?- v6 n
sudo virsh secret-define --file secret.xml& ^# g! B5 p: S; q7 x$ v
Secret 457eb676-33da-42ec-9a8c-9293d545c337 created
: p7 t. d0 J, P# r- T. d+ ^. z. v. a, L A
// 设置libvirt的secret key,并删除之前的key临时文件* C, t/ Z( k% m1 v2 I0 I
sudo virsh secret-set-value --secret 457eb676-33da-42ec-9a8c-9293d545c337 --base64 $(cat client.cinder.key) && rm client.cinder.key secret.xml
2 k8 l* k2 R" z3 F+ q+ G
2 V+ Q" @1 b4 N# x" ^, s1 d
. S: c0 L, n+ P/ k! H1 E在三大模块中增加ceph相关配置6 E/ b7 h/ C6 T. i# O
Glance配置
: e3 d+ D3 T9 N u# E; b8 A
% `& Q$ a3 ~% w4 ?$ d// 在/etc/glance/glance-api.conf中添加如下:7 H+ \: x6 B6 x* }' y/ o+ y$ J
! @" u1 p |5 j# R( w* x, s3 A: N% ]// 在DEFAULT域中增加:
' k1 m1 `: F8 B& z! ]; l! s& r[DEFAULT]
, A* _4 h! C2 z: }# E$ idefault_store = rbd6 y8 l) u( ^) M6 a1 l- P+ R
5 J+ c8 A% P( P
// 在glance_store域中增加如下,如果没有glance_store域,直接创建:
3 D8 |( L5 d. F[glance_store]
) U6 `' A" A% M. istores = rbd
, T7 N. M. l; grbd_store_pool = images5 M% H9 j/ f: h6 C
rbd_store_user = glance. r( U& d9 k5 l0 E
rbd_store_ceph_conf = /etc/ceph/ceph.conf
% d1 \, p, u( \- krbd_store_chunk_size = 8
# S% J0 W, Z1 G0 e1 U% i3 B: D( `# ]8 `
4 L) j: v2 b! z$ R; nCinder配置, [8 P/ v t" e% o; H Q7 p
3 G# B7 i, R, C% q
// 在/etc/cinder/cinder.conf中添加如下:
3 n1 v s; n' }- x- e2 Y. J$ W$ l/ B: p9 E& }0 V, C) b0 q9 V! z
// 在DEFAULT域中增加:
3 _# o; W( r$ U' w[DEFAULT]
$ t3 O8 J9 b8 |enabled_backends = ceph- v8 X9 m+ O c) a, T% L0 l0 \
" y% t* \: @1 O5 t
// 在ceph域中增加如下,如果没有ceph域,直接创建:
6 q! A6 u; Y6 C# J W' l; J$ u+ I: T[ceph]
; I) Y9 W3 q% dvolume_driver = cinder.volume.drivers.rbd.RBDDriver8 ]# h: J4 j3 H# A4 r. D
rbd_pool = volumes+ z5 f. d4 P0 q- ~
rbd_ceph_conf = /etc/ceph/ceph.conf
) \' @8 D; W) B$ l9 y8 j% W% crbd_flatten_volume_from_snapshot = false
4 X5 K% U: v$ h: O' u, Prbd_max_clone_depth = 5/ K5 J5 Y/ |9 f) [, @3 q9 q/ k
rbd_store_chunk_size = 4# i4 m, _9 a: M, O2 C X. @
rados_connect_timeout = -16 s+ O& `$ i1 _/ f& o* ~0 \
glance_api_version = 2* w: ? j( y3 F! U1 R0 ^
1 u" I. n- E( d% z8 ~// 如果使用了ceph auth,还需增加:, G8 d7 e7 }6 P4 U- b
rbd_user = cinder8 n' Q% D# e& c5 k$ g8 W
rbd_secret_uuid = 457eb676-33da-42ec-9a8c-9293d545c337
/ @* |9 {0 c }' p3 @. R; j! A8 [) u% Y3 u0 \' }% K
* m3 f1 |9 y, R: |Cinder-backup配置3 O) \: _+ x9 o
4 c- f3 j, C7 B% M% P// 在/etc/ceph/ceph.conf中添加如下:$ N9 P& a& ` m, J
backup_driver = cinder.backup.drivers.ceph
) M4 y# T. Q# T+ z y; K4 ~backup_ceph_conf = /etc/ceph/ceph.conf
# N* a j4 `% n! E8 rbackup_ceph_user = cinder-backup& M9 |3 S9 U! P _; N& f0 \! u
backup_ceph_chunk_size = 134217728/ l' V/ w) l4 `) }
backup_ceph_pool = backups! G- m8 C" C& @! h" B* e
backup_ceph_stripe_unit = 0
8 a: I! x+ \% ^ f. U( Jbackup_ceph_stripe_count = 0
+ t9 {8 t: X- \5 x& M U% [) prestore_discard_excess_bytes = true
9 G6 b/ T7 K2 H0 b5 X" x5 z, ^0 g. f, j/ x5 S/ s
. L5 B$ p- n* B+ b计算机点Nova配置
; r3 R4 `* x! h7 |. _2 a# \1 [; W$ S& l: [
// 在/etc/nova/nova.conf中添加如下:
1 @2 }' [" ~& r[libvirt]3 Q9 d* |# B# l9 y
images_type = rbd7 Y( P9 J% o& M2 C/ N* J' G
images_rbd_pool = vms- Z2 O* t: o0 V! Q1 u8 z, g
images_rbd_ceph_conf = /etc/ceph/ceph.conf
# B& j% V0 b: G$ k, erbd_user = cinder* D6 r |5 b: A$ i
rbd_secret_uuid = 457eb676-33da-42ec-9a8c-9293d545c3373 J( ^8 B/ k1 W9 z2 S6 k- ~ y! n
disk_cachemodes="network=writeback"" n5 D6 n; r X& j
|
|
发表于 2018-10-12 17:12:21