共計 9795 個字符，預計需要花費 25 分鐘才能閱讀完成。

這篇文章主要介紹了 oVirt 虛擬化平臺如何對接 cinder-ceph，具有一定借鑒價值，感興趣的朋友可以參考下，希望大家閱讀完這篇文章之后大有收獲，下面讓丸趣 TV 小編帶著大家一起了解一下。

說明：

1. cinder 配置按照 openstack 官方文檔配置。

2. 將 cinder-api cinder-scheduler cinder-volumes 服務部署在一臺節點。

3. oVirt 調用 cinder 是要注意 keystone 版本以及細節。
###############################openstack 基本環境 ############################
1. 安裝 openstack 包
1.1 啟用 OpenStack 庫
# yum install centos-release-openstack-mitaka

1.2 升級包
# yum upgrade

1.3 安裝 OpenStack 客戶端
# yum install python-openstackclient
# yum install openstack-selinux

2. 安裝 mariadb
2.1 安裝軟件包
# yum install mariadb mariadb-server python2-PyMySQL

2.2 修改配置
vim /etc/my.cnf.d/openstack.cnf
[mysqld]
bind-address = 192.168.0.230 

default-storage-engine = innodb
innodb_file_per_table
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
# systemctl enable mariadb.service
# systemctl start mariadb.service

2.3 設置 root 密碼
# mysql_secure_installation

3. 消息隊列
3.1 安裝包
# yum install rabbitmq-server

3.2 啟動消息隊列服務并將其配置為隨系統啟動
# systemctl enable rabbitmq-server.service
# systemctl start rabbitmq-server.service

3.3 添加 openstack 用戶
# rabbitmqctl add_user openstack pass1234
# rabbitmqctl set_permissions openstack .* .* .*

4. 安裝 memcached
4.1 安裝包
# yum install memcached python-memcached
(可能需要其他依賴 libevent)
4.2 設置開機啟動
# systemctl enable memcached.service
# systemctl start memcached.service

#################### 以上部分為 openstack 基本環境要求 #######################

####################openstack 認證服務環境 ################################
1. 安裝與配置
1.1 創建 keystone 數據庫
# mysql -u root -p 
# CREATE DATABASE keystone;
1.2 數據庫授權
# GRANT ALL PRIVILEGES ON keystone.* TO keystone @ localhost \
  IDENTIFIED BY KEYSTONE_DBPASS
  GRANT ALL PRIVILEGES ON keystone.* TO keystone @ % \
  IDENTIFIED BY KEYSTONE_DBPASS
1.3 生成一個隨機值在初始的配置中作為管理員的令牌
# openssl rand -hex 10
1cc14ab18f01e6e33a2a

1.4 安裝 keystone 相關包
# yum install openstack-keystone httpd mod_wsgi

1.5 修改 keystone 配置
vim  /etc/keystone/keystone.conf
[DEFAULT]
admin_token = 1cc14ab18f01e6e33a2a
[database]
connection = mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone
[token]
provider = fernet

1.6 初始化身份認證服務的數據庫
# su -s /bin/sh -c keystone-manage db_sync keystone

1.7 初始化 Fernet keys
# keystone-manage fernet_setup –keystone-user keystone –keystone-group keystone

1.8 配置 Apache HTTP 服務器

# vim /etc/httpd/conf/httpd.conf
ServerName controller

1.9 創建 wsgi-keystone.conf
# vim /etc/httpd/conf.d/wsgi-keystone.conf

Listen 5000
Listen 35357

VirtualHost *:5000
    WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
    WSGIProcessGroup keystone-public
    WSGIScriptAlias / /usr/bin/keystone-wsgi-public
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
    ErrorLogFormat %{cu}t %M
    ErrorLog /var/log/httpd/keystone-error.log
    CustomLog /var/log/httpd/keystone-access.log combined

    Directory /usr/bin
        Require all granted
    /Directory
/VirtualHost

VirtualHost *:35357
    WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
    WSGIProcessGroup keystone-admin
    WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
    ErrorLogFormat %{cu}t %M
    ErrorLog /var/log/httpd/keystone-error.log
    CustomLog /var/log/httpd/keystone-access.log combined

    Directory /usr/bin
        Require all granted
    /Directory
/VirtualHost

1.10 關閉 selinux
# setenforce 0
1.11 配置 hosts
# vim /etc/hosts
192.168.0.230 controller

1.11 啟動 apache 服務
#  systemctl enable httpd.service
#  systemctl start httpd.service

2   創建服務實體和 API 端點
2.1 配置環境變量
# export OS_TOKEN=1cc14ab18f01e6e33a2a
# export OS_URL=http://controller:35357/v3
# export OS_IDENTITY_API_VERSION=3

2.2 創建服務實體和 API 端點
2.2.1 創建服務實體和身份認證服務：
# openstack service create \
  –name keystone –description OpenStack Identity identity

2.2.2 創建認證服務的 API 端點
# openstack endpoint create –region RegionOne \
  identity public http://controller:5000/v3
 
# openstack endpoint create –region RegionOne \
  identity internal http://controller:5000/v3
 
# openstack endpoint create –region RegionOne \
  identity admin http://controller:35357/v3

3 創建域、項目、用戶和角色
3.1 創建域 “default“：
# openstack domain create –description Default Domain default

3.2 創建管理的項目、用戶和角色

# openstack project create –domain default \
  –description Admin Project admin

# openstack user create –domain default \
  –password-prompt admin
 
# openstack role create admin

# openstack role add –project admin –user admin admin

4. 驗證操作

4.1 因為安全性的原因，關閉臨時認證令牌機制：
編輯 /etc/keystone/keystone-paste.ini 文件，從 “[pipeline:public_api]“，[pipeline:admin_api]“ 和 “[pipeline:api_v3]“ 部分刪除 “admin_token_auth。

重置 “OS_TOKEN“ 和 “OS_URL“ 環境變量：
# unset OS_TOKEN OS_URL

作為 admin 用戶，請求認證令牌：
# openstack –os-auth-url http://controller:35357/v3 \
  –os-project-domain-name default –os-user-domain-name default \
  –os-project-name admin –os-username admin token issue
 
5 創建 OpenStack 客戶端環境腳本
# vim admin-openrc

export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=ADMIN_PASS
export OS_AUTH_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

驗證:
# . admin-openrc
# openstack token issue

################################openstack 塊存儲服務配置 #####################
1  openstack 塊存儲服務配置
1.1 創建 cinder 數據庫
# mysql -u root -p
  CREATE DATABASE cinder;

1.2 數據庫授權
# GRANT ALL PRIVILEGES ON cinder.* TO cinder @ localhost \
  IDENTIFIED BY CINDER_DBPASS
  GRANT ALL PRIVILEGES ON cinder.* TO cinder @ % \
  IDENTIFIED BY CINDER_DBPASS

1.3 獲得 admin 憑證來獲取只有管理員能執行的命令的訪問權限
# . admin-openrc

要創建服務證書，完成這些步驟
1.4 創建 cinder 用戶
# openstack user create –domain default –password-prompt cinder
# openstack role add –project admin –user cinder admin

1.5 創建 cinder 和 cinderv2 服務實體：
# openstack service create –name cinder \
  –description OpenStack Block Storage volume
#  openstack service create –name cinderv2 \
  –description OpenStack Block Storage volumev2
 
1.6 創建塊存儲 api 入口
#  openstack endpoint create –region RegionOne \
  volume public http://controller:8776/v1/%\(tenant_id\)s
 
# openstack endpoint create –region RegionOne \
  volume internal http://controller:8776/v1/%\(tenant_id\)s
 
# openstack endpoint create –region RegionOne \
  volume admin http://controller:8776/v1/%\(tenant_id\)s

#  openstack endpoint create –region RegionOne \
  volumev2 public http://controller:8776/v2/%\(tenant_id\)s  

# openstack endpoint create –region RegionOne \
  volumev2 internal http://controller:8776/v2/%\(tenant_id\)s 

# openstack endpoint create –region RegionOne \
  volumev2 admin http://controller:8776/v2/%\(tenant_id\)s

1.7 cinder 安裝并配置組件  
1.7.1 安裝包
# yum install openstack-cinder

1.7.2 設置 cinder.conf
# vim /etc/cinder/cinder.conf
[database]
connection = mysql+pymysql://cinder:CINDER_DBPASS@controller/cinder

[DEFAULT]
rpc_backend = rabbit
auth_strategy = keystone
my_ip = 10.0.0.11

[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = RABBIT_PASS

[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = admin
username = cinder
password = CINDER_PASS

[oslo_concurrency]

lock_path = /var/lib/cinder/tmp

說明：將 CINDER_PASS 替換為你在認證服務中為 cinder 用戶選擇的密碼。
在 [DEFAULT 部分，配置 “my_ip“ 來使用控制節點的管理接口的 IP 地址。

1.7.3 初始化塊設備服務的數據庫
# su -s /bin/sh -c cinder-manage db sync cinder

1.7.4 啟動 cinder 服務
# systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service
# systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service

1.7.8 配置 hosts
# vim /etc/hosts
192.168.0.230 controller

#################### 配置 ceph 存儲后端 #################################
1.1 創建 pools
# ceph osd pool create volumes 128
# ceph osd pool create images 128
# ceph osd pool create backups 128
# ceph osd pool create vms 128

1.2 安裝 ceph 包
# yum install ceph-common

~~~~~ 如果此節點沒有 ceph 配置，需拷貝 ceph.conf~~~~~~~~~~
1.3 創建 cephx 用戶
# ceph auth get-or-create client.cinder mon allow r osd allow class-read object_prefix rbd_children, allow rwx pool=volumes, allow rwx pool=vms, allow rwx pool=images

1.4 創建本地配置
# ceph auth get-or-create client.cinder | sudo tee /etc/ceph/ceph.client.cinder.keyring
# ceph auth get-key client.cinder | tee client.cinder.key

1.5 創建 secret-key(計算節點 ovirt 需要)
# uuidgen
457eb676-33da-42ec-9a8c-9293d545c337

# cat secret.xml EOF
secret ephemeral= no private= no
  uuid 457eb676-33da-42ec-9a8c-9293d545c337 /uuid
  usage type= ceph
    name client.cinder secret /name
  /usage
/secret
EOF
# sudo virsh secret-define –file secret.xml
Secret 457eb676-33da-42ec-9a8c-9293d545c337 created

#sudo virsh secret-set-value –secret 457eb676-33da-42ec-9a8c-9293d545c337 –base64 $(cat client.cinder.key) rm client.cinder.key secret.xml

1.6 修改 cinder.conf
# vi /etc/cinder/cinder.conf 
[DEFAULT]
enabled_backends = ceph

[ceph]
volume_driver = cinder.volume.drivers.rbd.RBDDriver
volume_backend_name = ceph
rbd_pool = volumes
rbd_ceph_conf = /etc/ceph/ceph.conf
rbd_flatten_volume_from_snapshot = false
rbd_max_clone_depth = 5
rbd_store_chunk_size = 4
rados_connect_timeout = -1
glance_api_version = 2
rbd_user = cinder
rbd_secret_uuid = 457eb676-33da-42ec-9a8c-9293d545c337

# 1.7 啟動 cinder-volume 服務
# systemctl enable openstack-cinder-volume.service target.service
# systemctl start openstack-cinder-volume.service target.service

######################################### 對接 Ovirt 虛擬平臺 ##################
1.1 ovirt-engin 認證方式是 keystone v2
# openstack domain list
+———————————-+———+———+—————-+
| ID                               | Name    | Enabled | Description    |
+———————————-+———+———+—————-+
| 0899c04522f94791afd9f3a73bc45bcd | default | True    | Default Domain |
+———————————-+———+———+—————-+

# vim  /etc/keystone/keystone.conf
[identity] 
default_domain_id  = 0899c04522f94791afd9f3a73bc45bcd

# su -s /bin/sh -c keystone-manage –config-file /etc/keystone/keystone.conf db_sync keystone

# systemctl restart httpd

1.2 cinder 創建新的存儲類型

# cinder type-create ceph

# cinder type-key ceph set volume_backend_name=ceph

1.3 cinder 默認卷個數修改
cinder quota-defaults default
cinder quota-usage default
cinder quota-update –volumes 100 –snapshots 100 –gigabytes 5000 default
cinder quota-class-update –volumes 100 –snapshots 100 –gigabytes 5000 default
#############################################################################
curl -i http://controller:35357/v2.0/tokens -X POST -H Content-Type: application/json -H Accept: application/json -H User-Agent: python-cinderclient -d {auth : { tenantName : admin , passwordCredentials : { username : admin , password : pass1234}}}
 

感謝你能夠認真閱讀完這篇文章，希望丸趣 TV 小編分享的“oVirt 虛擬化平臺如何對接 cinder-ceph”這篇文章對大家有幫助，同時也希望大家多多支持丸趣 TV，關注丸趣 TV 行業資訊頻道，更多相關知識等著你來學習!