OpenStack+Ceph+热迁移+++四、创建存储池

四、创建存储池

1.创建Cinder，Glance，Nova的存储池（node1节点）

ceph osd pool create volumes 128

ceph osd pool create images 128

ceph osd pool create vms 128

[root@node1 ~]# ceph osd pool create volumes 128
pool 'volumes' created
[root@node1 ~]# ceph osd pool create images 128
pool 'images' created
[root@node1 ~]# ceph osd pool create vms 128
pool 'vms' created
[root@node1 ~]# 

2.将ceph.conf的文件传给controller，compute1，compute2，cinder节点

也就是运行着glance-api 、 cinder-volume 、 nova-compute 和 cinder的节点

ssh controller tee /etc/ceph/ceph.conf </etc/ceph/ceph.conf

ssh cinder tee /etc/ceph/ceph.conf </etc/ceph/ceph.conf

ssh compute1 tee /etc/ceph/ceph.conf </etc/ceph/ceph.conf

ssh compute2 tee /etc/ceph/ceph.conf </etc/ceph/ceph.conf

[root@node1 ~]# ssh controller tee /etc/ceph/ceph.conf </etc/ceph/ceph.conf
root@controller's password: 
[global]
fsid = 46ac86e8-1efe-403c-b735-587f9d76a905
mon_initial_members = node1
mon_host = 10.0.0.41
auth_cluster_required = cephx
auth_service_required = cephx
auth_client_required = cephx

[root@node1 ~]# ssh cinder tee /etc/ceph/ceph.conf </etc/ceph/ceph.conf
root@cinder's password: 
[global]
fsid = 46ac86e8-1efe-403c-b735-587f9d76a905
mon_initial_members = node1
mon_host = 10.0.0.41
auth_cluster_required = cephx
auth_service_required = cephx
auth_client_required = cephx

[root@node1 ~]# ssh compute1 tee /etc/ceph/ceph.conf </etc/ceph/ceph.conf
root@compute1's password: 
[global]
fsid = 46ac86e8-1efe-403c-b735-587f9d76a905
mon_initial_members = node1
mon_host = 10.0.0.41
auth_cluster_required = cephx
auth_service_required = cephx
auth_client_required = cephx

[root@node1 ~]# ssh compute2 tee /etc/ceph/ceph.conf </etc/ceph/ceph.conf
root@compute2's password: 
[global]
fsid = 46ac86e8-1efe-403c-b735-587f9d76a905
mon_initial_members = node1
mon_host = 10.0.0.41
auth_cluster_required = cephx
auth_service_required = cephx
auth_client_required = cephx

3.安装ceph客户端

在controller（glance-api）节点上安装librbd的Python 绑定

yum install python-rbd

yum install python-rbd

在compute1（nova-compute）、compute2（nova-compute）、cinder（cinder-volume）节点上安装 Python 绑定和客户端命令行工具

yum install ceph

yum install ceph

4.配置ceph客户端认证

启用cephx认证，为Nova/Cinder和Glance创建新用户

ceph auth get-or-create client.cinder mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=volumes, allow rwx pool=vms, allow rx pool=images'

ceph auth get-or-create client.glance mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=images'

[root@node1 ~]# ceph auth get-or-create client.cinder mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=volumes, allow rwx pool=vms, allow rx pool=images'
[client.cinder]
	key = AQCVXx1aUZErNRAAeVUTAhLU4r4xaiqDbHqVhw==
[root@node1 ~]# ceph auth get-or-create client.glance mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=images'
[client.glance]
	key = AQCzXx1a7g5BKxAAHECANQ7E6rxTR9S2xzN5bQ==

5.把 client.cinder（cinder） 、 client.glance(controller) 的密钥环复制到适当的节点，并更改所有权：

client.glance（controller）

ceph auth get-or-create client.glance | ssh controller tee /etc/ceph/ceph.client.glance.keyring

ssh controller chown glance:glance /etc/ceph/ceph.client.glance.keyring

[root@node1 ~]# ceph auth get-or-create client.glance | ssh controller tee /etc/ceph/ceph.client.glance.keyring
root@controller's password: 
[client.glance]
	key = AQCzXx1a7g5BKxAAHECANQ7E6rxTR9S2xzN5bQ==
[root@node1 ~]# ssh controller chown glance:glance /etc/ceph/ceph.client.glance.keyring
root@controller's password: 

clientcinder(cinder)

ceph auth get-or-create client.cinder | ssh cinder tee /etc/ceph/ceph.client.cinder.keyring

ssh cinder chown cinder:cinder /etc/ceph/ceph.client.cinder.keyring

[root@node1 ~]# ceph auth get-or-create client.cinder | ssh cinder tee /etc/ceph/ceph.client.cinder.keyring
root@cinder's password: 
[client.cinder]
	key = AQCVXx1aUZErNRAAeVUTAhLU4r4xaiqDbHqVhw==
[root@node1 ~]# ssh cinder chown cinder:cinder /etc/ceph/ceph.client.cinder.keyring
root@cinder's password: 

6.配置compute1与compute2的密匙环文件

运行nova-compute 的节点，其进程需要密钥环文件：

compute1

ceph auth get-or-create client.cinder | ssh compute1 tee /etc/ceph/ceph.client.cinder.keyring

ceph auth get-key client.cinder | ssh compute1 tee client.cinder.key

[root@node1 ceph]# ceph auth get-or-create client.cinder | ssh compute1 tee /etc/ceph/ceph.client.cinder.keyring
root@compute1's password: 
[client.cinder]
	key = AQCVXx1aUZErNRAAeVUTAhLU4r4xaiqDbHqVhw==
[root@node1 ceph]# ceph auth get-key client.cinder | ssh compute1 tee client.cinder.key
root@compute1's password: 
AQCVXx1aUZErNRAAeVUTAhLU4r4xaiqDbHqVhw==

compute2

ceph auth get-or-create client.cinder | ssh compute2 tee /etc/ceph/ceph.client.cinder.keyring

ceph auth get-key client.cinder | ssh compute2 tee client.cinder.key

[root@node1 ceph]# ceph auth get-or-create client.cinder | ssh compute2 tee /etc/ceph/ceph.client.cinder.keyring
root@compute2's password: 
[client.cinder]
	key = AQCVXx1aUZErNRAAeVUTAhLU4r4xaiqDbHqVhw==
[root@node1 ceph]# ceph auth get-key client.cinder | ssh compute2 tee client.cinder.key
root@compute2's password: 
AQCVXx1aUZErNRAAeVUTAhLU4r4xaiqDbHqVhw==

任选计算节点1或者2生成一个uuid

[root@compute1 ~]# uuidgen
9d9cbdda-532a-4441-b11d-eb540dec9df9

所有计算节点执行执行下面命令

下面那一长串直接复制进去就能执行改为自己的uuid

cat > secret.xml <<EOF
<secret ephemeral='no' private='no'>
  <uuid>9d9cbdda-532a-4441-b11d-eb540dec9df9</uuid>
  <usage type='ceph'>
        <name>client.cinder secret</name>
  </usage>
</secret>
EOF

在计算节点上把密钥加进libvirt、然后删除临时副本

virsh secret-define --file secret.xml

[root@compute1 ~]# virsh secret-define --file secret.xml
Secret 9d9cbdda-532a-4441-b11d-eb540dec9df9 created

virsh secret-set-value --secret 9d9cbdda-532a-4441-b11d-eb540dec9df9 --base64 $(cat client.cinder.key) && rm client.cinder.key secret.xml
Secret value set

[root@compute1 ~]# virsh secret-set-value --secret 9d9cbdda-532a-4441-b11d-eb540dec9df9 --base64 $(cat client.cinder.key) && rm client.cinder.key secret.xml
Secret value set

rm: remove regular file ‘client.cinder.key’? y
rm: remove regular file ‘secret.xml’? y