openstack搭建之nova服务的安装(七)

nova服务控制节点和计算节点都需要安装，下面分两个操作步骤

一、控制节点安装nova服务

数据库配置

mysql -uroot -p000000
create database nova_api;
create database nova;
create database nova_cell0;
grant all privileges on nova_api.* to 'nova'@'localhost' identified by '000000';
grant all privileges on nova_api.* to 'nova'@'%' identified by '000000';
grant all privileges on nova.* to 'nova'@'%' identified by '000000';
grant all privileges on nova.* to 'nova'@'localhost' identified by '000000';
grant all privileges on nova_cell0.* to 'nova'@'localhost' identified by '000000';
grant all privileges on nova_cell0.* to 'nova'@'%' identified by '000000';
exit

创建服务凭证

. admin-openrc 
openstack user create --domain default --password-prompt nova
openstack role add --project service --user nova admin

创建API端点

openstack service create --name nova --description "Openstack Compute" compute
openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1/%\(tenant_id\)s
openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1/%\(tenant_id\)s
openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1/%\(tenant_id\)s

安装nova服务

yum install openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler

修改nova配置文件

mv /etc/nova/nova.conf /etc/nova/nova.conf_bak
cat>/etc/nova/nova.conf<<EOF
[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url=rabbit://openstack:000000@controller:5672
auth_strategy = keystone
my_ip=192.168.100.103
use_neutron=True
firewall_driver=nova.virt.firewall.NoopFirewallDriver
[api]
[api_database]
connection = mysql+pymysql://nova:000000@controller/nova_api
[barbican]
[cache]
[cinder]
os_region_name = RegionOne
[compute]
[conductor]
[console]
[consoleauth]
[cors]
[database]
connection = mysql+pymysql://nova:000000@controller/nova
[devices]
[ephemeral_storage_encryption]
[filter_scheduler]
[glance]
api_servers=http://controller:9292
[guestfs]
[healthcheck]
[hyperv]
[ironic]
[key_manager]
[keystone]
[keystone_authtoken]
www_authenticate_uri=http://controller:5000/
auth_url=http://controller:5000/
memcached_servers=controller:11211
auth_type=password
project_domain_name=Default
user_domain_name=Default
project_name=service
username=nova
password=000000
[libvirt]
[metrics]
[mks]
[neutron]
auth_url=http://controller:5000
auth_type=password
project_domain_name=default
user_domain_name=default
region_name=RegionOne
project_name=service
username=neutron
password=000000
service_metadata_proxy=true
metadata_proxy_shared_secret=000000
[notifications]
[osapi_v21]
[oslo_concurrency]
lock_path=/var/lib/nova/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[pci]
[placement]
region_name=RegionOne
project_domain_name=Default
project_name=service
auth_type=password
user_domain_name=Default
auth_url=http://controller:5000/v3
username=placement
password=000000
[powervm]
[privsep]
[profiler]
[quota]
[rdp]
[remote_debug]
[scheduler]
[serial_console]
[service_user]
[spice]
[upgrade_levels]
[vault]
[vendordata_dynamic_auth]
[vmware]
[vnc]
vncserver_listen=$my_ip
vncserver_proxyclient_address=$my_ip
[workarounds]
[wsgi]
[xenserver]
[xvp]
[zvm]
EOF

同步数据库

su -s /bin/sh -c "nova-manage api_db sync" nova
su -s /bin/sh -c "nova-manage db sync" nova
su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell --verbose" nova

c20877e8-2a1e-4a3a-824e-e432f90851df

验证nova cell0和cell是否正确注册

su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova

启动nova服务并设置开机启动

systemctl enable openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service 
systemctl start openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service 

查看nova服务是否都成功启动

systemctl status openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service

二、计算节点安装nova服务

安装nova相关服务

yum install python2-qpid-proton -y
yum install -y openstack-nova-compute openstack-utils

启动libvirtd服务并设置开机启动

systemctl enable libvirtd
systemctl start libvirtd

配置nova配置文件

mv /etc/nova/nova.conf /etc/nova/nova.conf_bak
cat>/etc/nova/nova.conf<<EOF
[DEFAULT]
enabled_apis=osapi_compute,metadata
transport_url=rabbit://openstack:000000@controller
my_ip=192.168.100.104
use_neutron=True
block_device_allocate_retries=600
block_device_allocate_retries_interval=6
firewall_driver=nova.virt.firewall.NoopFirewallDriver
[api]
auth_strategy=keystone
[api_database]
[barbican]
[cache]
[cinder]
[compute]
[conductor]
[console]
[consoleauth]
[cors]
[database]
[devices]
[ephemeral_storage_encryption]
[filter_scheduler]
[glance]
api_servers=http://controller:9292
[guestfs]
[healthcheck]
[hyperv]
[ironic]
[key_manager]
[keystone]
[keystone_authtoken]
www_authenticate_uri=http://controller:5000/
auth_url=http://controller:5000/
memcached_servers=controller:11211
auth_type=password
project_domain_name=Default
user_domain_name=Default
project_name=service
username=nova
password=000000
[libvirt]
[metrics]
[mks]
[neutron]
auth_url=http://controller:5000
auth_type=password
project_domain_name=default
user_domain_name=default
region_name=RegionOne
project_name=service
username=neutron
password=000000
[notifications]
[osapi_v21]
[oslo_concurrency]
lock_path=/var/lib/nova/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[pci]
[placement]
region_name=RegionOne
project_domain_name=Default
project_name=service
auth_type=password
user_domain_name=Default
auth_url=http://controller:5000/v3
username=placement
password=000000
[powervm]
[privsep]
[profiler]
[quota]
[rdp]
[remote_debug]
[scheduler]
[serial_console]
[service_user]
[spice]
[upgrade_levels]
[vault]
[vendordata_dynamic_auth]
[vmware]
[vnc]
enabled=True
vncserver_listen=0.0.0.0
vncserver_proxyclient_address=$my_ip
novncproxy_base_url=http://192.168.100.103:6080/vnc_auto.html
[workarounds]
[wsgi]
[xenserver]
[xvp]
[zvm]
EOF

block_device_allocate_retries=600
block_device_allocate_retries_interval=6

上面两个参数如果不配置的话会发现使用卷超过40G的时候就没法创建虚拟机了。

重启libvirtd和compute服务

systemctl restart libvirtd openstack-nova-compute
systemctl enable libvirtd openstack-nova-compute

nova用户认证（计算和管理）虚拟机迁移要使用

usermod -s /bin/bash nova
su nova
mkdir -p /var/lib/nova/.ssh
cd /var/lib/nova
cat>.ssh/config<<EOF
Host *
StrictHostKeyChecking no
UserKnownHostsFile=/dev/null
EOF
cd .ssh
ssh-keygen -f id_rsa -b 1024 -P ""
cp id_rsa.pub authorized_keys

最后将所有节点的authorized_keys整理成一个，放到每个节点的/var/lib/nova/.ssh下面

以下操作只在控制节点操作

将计算节点添加到单元数据库中

. admin-openrc 
openstack compute service list --service nova-compute
su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova

检查单元格cell和placement API是否正常运行，以及其他条件是否到位。

cp /etc/httpd/conf.d/00-placement-api.conf /etc/httpd/conf.d/00-placement-api.conf_bak
cat>/etc/httpd/conf.d/00-placement-api.conf<<EOF
Listen 8778
<VirtualHost *:8778>
  WSGIProcessGroup placement-api
  WSGIApplicationGroup %{GLOBAL}
  WSGIPassAuthorization On
  WSGIDaemonProcess placement-api processes=3 threads=1 user=placement group=placement
  WSGIScriptAlias / /usr/bin/placement-api
  <IfVersion >= 2.4>
    ErrorLogFormat "%M"
  </IfVersion>
  ErrorLog /var/log/placement/placement-api.log
  #SSLEngine On
  #SSLCertificateFile ...
  #SSLCertificateKeyFile ...
  <Directory /usr/bin>
  <IfVersion >= 2.4>
      Require all granted
  </IfVersion>
  <IfVersion < 2.4>
      Order allow,deny
      Allow from all
  </IfVersion>
  </Directory>
</VirtualHost>
Alias /placement-api /usr/bin/placement-api
<Location /placement-api>
  SetHandler wsgi-script
  Options +ExecCGI
  WSGIProcessGroup placement-api
  WSGIApplicationGroup %{GLOBAL}
  WSGIPassAuthorization On
</Location>
EOF

重启httpd服务

systemctl restart httpd
nova-status upgrade check

重新查看服务是否正常

openstack compute service list

这个服务出现报错信息

最后发现nova_cell0数据库是空的，于是又重新同步了下数据库

 su -s /bin/sh -c "nova-manage db sync" nova

发现有数据之后重新启动了所有nova服务，最终恢复正常。