Openstack Liberty 发行纪要(有空再把keystone提炼一下)

最新推荐文章于 2021-10-05 15:44:21 发布
最新推荐文章于 2021-10-05 15:44:21 发布
阅读量1.5k 收藏
点赞数
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/zouyee/article/details/49229989
版权

Openstack Liberty 发行纪要

英文先看看吧 ,反正都能看懂,代码没太多改变,最主要的还是逐步放弃v2转入v3,keystone CLI转到openstack CLI的过程,keystone亮点略少,下面是官方的发行纪要:

OpenStack Identity (Keystone)

Key New Features

  • Experimental: Domain specific configuration options can be stored in SQL instead of configuration files, using the new REST APIs.
  • Experimental: Keystone now supports tokenless authorization with X.509 SSL client certificate.
  • Configuring per-Identity Provider WebSSO is now supported.
  • openstack_user_domain and openstack_project_domain attributes were added to SAML assertion in order to map user and project domains, respectively.
  • The credentials list call can now have its results filtered by credential type.
  • Support was improved for out-of-tree drivers by defining stable Driver Interfaces.
  • Several features were hardened, including Fernet tokens, Federation, domain specific configurations from database and role assignments.
  • Certain variables in keystone.conf now have options, which determine if the user's setting is valid.

Upgrade Notes

  • The EC2 token middleware, deprecated in Juno, is no longer available in keystone. It has been moved to the keystonemiddleware package.
  • The compute_port configuration option, deprecated in Juno, is no longer available.
  • The XML middleware stub has been removed, so references to it must be removed from the keystone-paste.ini configuration file.
  • stats_monitoring and stats_reporting paste filters have been removed, so references to it must be removed from the keystone-paste.ini configuration file.
  • The external authentication plugins ExternalDefault, ExternalDomain, LegacyDefaultDomain, and LegacyDomain, deprecated in Icehouse, are no longer available.
  • keystone.conf now references entrypoint names for drivers. For example, the drivers are now specified as "sql", "ldap", "uuid", rather than the full module path. See the sample configuration file for other examples.
  • We now expose entrypoints for the keystone-manage command instead of a file.
  • Schema downgrades via keystone-manage db_sync are no longer supported. Only upgrades are supported.
  • Features that were "extensions" in previous releases (OAuth delegation, Federated Identity support, Endpoint Policy, etc) are now enabled by default.
  • A new secure_proxy_ssl_header configuration option is available when running keystone behind a proxy.
  • Several configuration options have been deprecated, renamed, or moved to new sections in the keystone.conf file.
  • Domain name information can now be used in policy rules with the attribute domain_name.

Deprecated Features

  • Running Keystone in Eventlet remains deprecated and will be removed in the Mitaka release.
  • Using LDAP as the resource backend, i.e for projects and domains, is now deprecated and will be removed in the Mitaka release.
  • Using the full path to the driver class is deprecated in favor of using the entrypoint. In the Mitaka release, the entrypoint must be used.
  • In the [resource] and [role] sections of the keystone.conf file, not specifying the driver and using the assignment driver is deprecated. In the Mitaka release, the resource and role drivers will default to the SQL driver.
  • In keystone-paste.ini, using paste.filter_factory is deprecated in favor of the "use" directive, specifying an entrypoint.
  • Not specifying a domain during a create user, group or project call, which relied on falling back to the default domain, is now deprecated and will be removed in the N release.
  • Certain deprecated methods from the assignment manager were removed in favor of the same methods in the [resource] and [role] manager.

OpenStack Block Storage (Cinder)

Key New Features

  • A generic image caching solution, so popular VM images can be cached and copied-on-write to a new volume. Read docs for more info
  • Non-disruptive backups Read docs for more info.
  • Ability to clone consistency groups of volumes Read docs for more info.
  • List capabilities of a volume backend (fetch extra-specs).
  • Nested quotas.
  • Default LVM backends to be thin provisioned if available.
  • Corrected cinder service-list to show as Down when a driver fails to initialize.
  • Improved volume migration management:
    • Able to see if previous migration attempt was successful
    • Admins able to monitor migrations via cinder list
    • New volume status of 'maintenance' to prevent operations being attempted while migration is occurring
    • Improve backend volume name/id consistency after migration completes

Upgrade Notes

  • A change in parameters to RPC APIs and work on object conversion prevent running Liberty c-vol or c-api services with Kilo or earlier versions of either service.

Deprecated Features

  • Removed Simple and Chance Schedulers.
  • Removed deprecated HDS HUS iSCSI driver.
  • Removed Coraid driver.
  • Remove Solaris iSCSI driver.
  • Removed --force option for allowing upload of image to attached volume.
  • Marked the v1 API as deprecated.

OpenStack Orchestration (Heat)

新功能

Convergence

Convergence is a new orchestration engine maturing in the heat tree. In Liberty, the benefits of using the convergence engine are:

  • Greater parallelization of resource actions (for better scaling of large templates)
  • The ability to do a stack-update while there is already an update in-progress
  • Better handling of heat-engine failures (still WIP)

The convergence engine can be enabled by setting /etc/heat/heat/conf [DEFAULT] convergence_engine=true, then restarting heat-engine. Once this has been done, any subsequent created stack will use the convergence engine, while operations on existing stacks will continue to use the traditional engine.

Convergence has not been production tested and thus should be considered beta quality - use with caution. For the Liberty release, we recommend enabling convergence for the purposes of evaluation and scale testing. We will be considering making convergence the default engine in the Mitaka cycle. Convergence specific bugs are tracked in launchpad with the convergence-bugs tag.

Conditional resource exposure

Only resources actually installed in the cloud services are made available to users. Operators can further control resources available to users with standard policy rules in policy.json on per-resource type basis.

heat_template_version: 2015-10-15

2015-10-15 indicates that the YAML document is a HOT template and it may contain features added and/or removed up until the Liberty release.

  • Removes the Fn::Select function (path based get_attr/get_param references should be used instead).
  • If no <attribute name> is specified for calls to get_attr, a dict of all attributes is returned, e.g. { get_attr: [<resource name>]}.
  • Adds new str_split intrinsic function
  • Adds support for passing multiple lists to the existing list_join function.
  • Adds support for parsing map/list data to str_replace and list_join (they will be json serialized automatically)
REST API/heatclient additions
  • Stacks can now be assigned with a set of tags, and stack-list can filter and sort through those tags
  • "heat stack-preview ..." will return a preview of changes for a proposed stack-update
  • "heat template-validate --show-nested ..." will also validate all template resources and return nested data useful for building user interfaces
  • "heat resource-type-template --template-type hot ..." generates a template in HOT format
  • "heat resource-type-list" only shows types available to the user, and can filter results by name, version and support_status
  • "heat template-version-list" lists available template versions
  • "heat template-function-list ..." lists available functions for a template version
Enhancements to existing resources
New resources

The following new resources are now distributed with the Heat release:

[1] These existed Kilo as contrib resources as they were for non-integrated projects. These resources are now distributed with Heat as Big Tent projects.

[2] These existed Kilo as contrib resources as they require a user with an admin role. They are now distributed with Heat. Operators now have ability to hide them from under-privileged users by modifyig policy.json (for reference, OS::Nova::Flavor is hidden from non-admin users in default policy file supplied).

[3] These existed in Kilo as contrib resources as they used an approach not endorsed by the Heat project. They are now distributed with heat and documented as UNSUPPORTED.

[4] These resources are for projects which are not yet OpenStack Big Tent projects, so are documented as UNSUPPORTED

With the new OS::Keystone::* resources it is now be possible for cloud operators to use heat templates to manage Keystone service catalog entries and users.

Deprecated Resource Properties

Many resource properties have previously been documented as DEPRECATED. 15 of these properties are now flagged as HIDDEN, which means they will no longer be documented, but existing stacks and templates will continue to work after a heat upgrade. The [ http://docs.openstack.org/developer/heat/template_guide/openstack.html Resource Type Reference] should be consulted to determine available resource properties and attributes.

Upgrade notes

Configuration Changes

Notable changes to the /etc/heat/heat.conf [DEFAULT] section:

  • hidden_stack_tags has been added, and stacks containing these tag names will be hidden from stack-list results (defaults to data-processing-cluster, which hides sahara-created stacks)
  • instance_user was deprecated, and is now removed entirely. Nova servers created with OS::Nova::Server resource will now boot configured with the default user set up with the cloud image. AWS::EC2::Instance still creates "ec2-user"
  • max_resources_per_stack can now be set to -1 to disable enforcement
  • enable_cloud_watch_lite is now false by default as this REST API is deprecated
  • default_software_config_transport has gained the option ZAQAR_MESSAGE
  • default_deployment_signal_transport has gained the option ZAQAR_SIGNAL
  • auth_encryption_key is now documented as requiring exactly 32 characters
  • list_notifier_drivers was deprecated and is now removed
  • policy options have moved to the [oslo_policy] section
  • use_syslog_rfc_format is deprecated and now defaults to true

Notable changes to other sections of heat.conf:

  • [clients_keystone] auth_uri has been added to specify the unversioned keystone url
  • [heat_api] workers now defaults to 4 (was previously 0, which created a worker per host CPU)

The policy file /etc/heat/policy.json can now be configured with per-resource-type access policies, for example:

   "resource_types:OS::Nova::Flavor": "rule:context_is_admin"
Upgrading from Kilo to Liberty

Progress has been made on supporting live sql migrations, however it is still recommended to bring down the heat service for the duration of the upgrade. Downward SQL schema migrations are no longer supported. A rollback to Kilo will require restoring a snapshot of the pre-upgrade database.

OpenStack Data Processing (Sahara)

新功能

  • New plugins and versions:
    • Ambari plugin with supports HDP 2.2 / 2.3
    • Apache Hadoop 2.7.1 was added, Apache Hadoop 2.6.0 was deprecated
    • CDH 5.4.0 was added with HA support for NameNode and ResourceManager
    • MapR 5.0.0 was added
    • Spark 1.3.1 was added, Spark 1.0.0 was deprecated
    • HDP 1.3.2 and Apache Hadoop 1.2.1 was removed
  • Added support for using Swift with Spark EDP jobs
  • Added support for Spark EDP jobs in CDH and Ambari plugins
  • Added support for public and protected resources
  • Started integration with OpenStack client
  • Added support for editing all Sahara resources
  • Added automatic Hadoop configuration for clusters
  • Direct engine is deprecated and will be removed in Mitaka release
  • Added OpenStack manila NFS shares as a storage backend option for job binaries and data sources
  • Added support for definition and use of configuration interfaces for EDP job templates

Deprecated Features

  • Direct provisioning engine
  • Apache Hadoop 2.6.0
  • Spark 1.0.0
  • All Hadoop 1.X removed

OpenStack Search (Searchlight)

This is the first release for Searchlight. Searchlight is intended to dramatically improving the search capabilities and performance of various OpenStack cloud services by offloading user search queries. It provides Keystone RBAC based searches across OpenStack services by indexing their data into ElasticSearch and providing a security layer on top of incoming search queries. ElasticSearch is a search server based on Lucene. It provides a distributed, scalable, near real-time, faceted, multitenant-capable, and full-text search engine with a RESTful web interface.

Key New Features

New Resource Types Indexed

Upgrade Notes

N/A

Deprecated Features

N/A

OpenStack DNS (Designate)

Key New Features

  • Experimental: Hook Point API
  • Horizon Plugin moved out of tree
  • Purging deleted domains
  • Ceilometer "exists" periodic event per domain
  • ASync actions
    • Import
    • Export
  • Active /passive failover for designate-pool-manager periodic tasks
  • OpenStack client integration
Addtional DNS Server Backends
  • InfoBlox
  • Designate

Upgrade Notes

  • New service designate-zone-manager
    • It is recommended to use a supported tooz backend.
    • ZooKeeper is recommended, or anything supported by tooz.
    • If a tooz backend is not used, all zone-managers will assume ownership of all zones, and there will be 'n' "exists" messages per hour, where 'n' is the number of zone-manager processes.
  • designate-pool-manager can do active/passive failover for periodic tasks.
    • It is recommended to use a supported tooz backend.
    • If a tooz backend is not used, all pool-managers will assume ownership of the pool, and multiple periodic tasks will run. This can result in unforeseen consequences.

Deprecated Features

  • V1 API
    • An initial notice of intent, as there are operations that still require the Designate CLI interface which talks to V1, and Horizon panels that only talk to V1.

OpenStack Messaging Service (Zaqar)

Key New Features

  • Pre-signed URL - A new REST API endpoint to support pre-signed URL, which provides enough control over the resource being shared, without compromising security.
  • Email Notification - A new task driver for notification service, which can take a Zaqar subscriber's email address. When there is a new message posted to the queue, the subscriber will receive the message by email.
  • Policy Support - Support fine-grained permission control with the policy.json file like most of the other OpenStack components.
  • Persistent Transport - Added support for websocket as a persistent transport alternative for Zaqar. Now users will be able to establish long-lived connections between their applications and Zaqar to interchange large amounts of data without the connection setup adding overhead.

OpenStack Dashboard (Horizon)

Key New Features

  • Plugin improvements – Horizon auto discovers JavaScript files for inclusion, and now has mechanisms for pluggable SCSS and Django template overrides.

Upgrade Notes

OpenStack Trove (DBaaS)

Key New Features

  • Redis
    • Configuration Groups for Redis
    • Cluster support
  • MongoDB
    • Backup and restore for a single instance
    • User and database management
    • Configuration Groups
  • Percona XtraDB Cluster Server
    • Cluster support
  • Allow deployer to associate instance flavors with specific datastores
  • Horizon support for database clusters
  • Management API for datastore and versions
  • Ability to deploy Trove instances in a single admin tenant, so that the nova instances are hidden from the user

OpenStack Bare metal (Ironic)

Ironic has switched to an intermediate release model and released version 4.0 during Liberty, followed by two minor updates. Version 4.2 forms the basis for the OpenStack Integrated Liberty release and will receive stable updates.

Please see full release notes here: http://docs.openstack.org/developer/ironic/releasenotes/index.html

New Features

  • Added "ENROLL" hardware state, which is the default state for newly created nodes.
  • Added "abort" verb, which allows a user to interrupt certain operations while they are in progress.
  • Improved query and filtering support in the REST API.
  • Added support for CORS middleware.
Hardware Drivers
  • Added a new BootInterface for hardware drivers, which splits functionality out of the DeployInterface.
  • iLO virtual media drivers can work without Swift.
  • Added Cisco IMC driver.
  • Added OCS Driver.
  • Added UCS Driver.
  • Added Wake-On-Lan Power Driver.
  • ipmitool driver supports IPMI v1.5.
  • Added support to SNMP driver for “APC MasterSwitchPlus” series PDU’s.
  • pxe_ilo driver now supports UEFI Secure Boot (previous releases of theiLO driver only supported this for agent_ilo and iscsi_ilo).
  • Added Virtual Media support to iRMC Driver.
  • Added BIOS configuration to DRAC Driver.
  • PXE drivers now support GRUB2.

Deprecated Features

  • The "vendor_passthru" and "driver_vendor_passthru" methods of the DriverInterface have been removed. These were deprecated in Kilo and replaced with the @passthru decorator.
  • The migration tools to import data from a Nova "baremetal" deployment have been removed.
  • Deprecated the "parallel" option to periodic task decorator.
  • Removed deprecated ‘admin_api’ policy rule.
  • Support for the original "bash" deploy ramdisk is deprecated and will be removed in two cycles. The ironic-python-agent project should be used for all deploy drivers.

Upgrade Notes

  • Newly created nodes default to the new ENROLL state. Previously, nodes defaulted to AVAILABLE, which could lead to hardware being exposed prematurely to Nova.
  • The addition of API version headers in Kilo means that any client wishing to interact with the Liberty API must pass the appropriate version string in each HTTP request. Current API version is 1.14.

OpenStack Key Manager (Barbican)

New Features

  • Added the ability for project administrators to create certificate authorities per project. Also, project administrators are able to define and manage a set of preferred certificate authorities (CAs) per project. This allows projects to achieve project specific security domains.
  • Barbican now has per project quota support for limiting number of Barbican resources that can be created under a project. By default the quota is set to unlimited and can be overridden in Barbican configuration.
  • Support for a rotating master key which is used for wrapping project level keys. In this lightweight approach, only the project level key (KEK) is re-wrapped with new master key (MKEK). This is currently applicable only for the PKCS11 plug-in. (http://specs.openstack.org/openstack/barbican-specs/specs/liberty/add-crypto-mkek-rotation-support-lightweight.html)
  • Updated Barbican's root resource to return version information matching Keystone, Nova and Manila format. This is used by keystoneclient's versioned endpoint discovery feature.
  • Removed administrator endpoint as all operations are available on a regular endpoint. No separate endpoint is needed as access restrictions are enforced via Oslo policy.
  • Added configuration for enabling sqlalchemy pool for the management of SQL connections.
  • Added ability to list secrets which are accessible via ACL using GET /v1/secrets?acl-only=true request.
  • Improved functional test coverage around Barbican APIs related to ACL operations, RBAC policy and secrets.
  • Fixed issues around creation of SnakeOil CA plug-in instance.
  • Barbican client CLI can now take a Keystone token for authentication. Earlier only username and password based authentication was supported.
  • Barbican client now has ability to create and list certificate orders.

Upgrade Notes

OpenStack Image Service (Glance)

Updated project guide that includes some details on operating, installing, configuring, developing to and using the service: http://docs.openstack.org/developer/glance/

Key New Features

Upgrade Notes

  • python-glanceclient now defaults to using Glance API v2 and if v2 is unavailable, it will fallback to v1.
  • Dependencies for backend stores are now optionally installed corresponding to each store specified.
  • Some stores like swift, s3, vmware now have python 3 support.
  • Some new as well as updated default metadata definitions ship with the source code.
  • More python 3 support added to Glance API, and now continuous support is extended by the means of tests to ensure compatibility.
  • utf-8 is now the default charset for the backend MySQL DB.
  • Migration scripts have been updated to perform a sanity check for the table charset.
  • 'ram_disk' and 'kernel' properties can now be null in the schema and 'id' is now read only attribute for v2 API.
  • A configuration option client_socket_timeout has been added to take advantage of the recent eventlet socket timeout behaviour.
  • A configuration option scrub_pool_size has been added to set the number of parallel threads that a scrubber should run and defaults to 1.
  • An important bug that allowed to change the image status using the Glance v1 API has now been fixed.

Deprecated Features

  • The experimental Catalog Index Service has been removed and now is a separate project called Searchlight.
  • The configuration options scrubber_datadir, cleanup_scrubber and cleanup_scrubber_time have been removed following the removal of the file backed queuing for scrubber.

OpenStack Shared File System (Manila)

New Features

  • Enabled support for availability zones.
  • Added administrator API components to share instances.
  • Added pool weigher which allows Manila scheduler to place new shares on pools with existing share servers.
  • Support for share migration from one hostpool to another hostpool (experimental).
  • Added shared extend capability in the generic driver.
  • Support for adding consistency groups, which allow snapshots for multiple filesystem shares to created at the same point in time (experimental).
  • Support for consistency groups in the NetApp cDOT driver and generic driver.
  • Support for oversubscription in thin provisioning.
  • New Windows SMB driver:
    • Support for handling Windows service instances and exporting SMB shares.
  • Added new osapi_share_workers configuration option to improve the total throughput of the Manila API service.
  • Added share hooks feature, which allows actions to be performed before and after share drive methods calls, call additional periodic hook for each 'N' tick, and update the results of a driver's action.
  • Improvements to the NetApp cDOT driver:
    • Added variables netapp:dedup, and netapp:compression when creating the flexvol that backs up a new manila share.
    • Added manage/unmanage support and shrink_share support.
    • Support for extended_share API component.
    • Support for netapp-lib PyPI project to communicate with storage arrays.
  • Improvements to the HP 3PAR driver:
    • Added reporting of dedupe, thin provisioning and hp3par_flash_cache capabilities. This allows share types and the CapabilitiesFilter to place shares on hosts with the requested capabilities.
    • Added share server support.
  • Improvements to the Huawei Manila driver:
    • Added support for storage pools, extend_share, manage_existing, shrink_share, read-only share, smartcache and smartpartition.
    • Added reporting of dedupe, thin provisioning and compression capabilities.
  • Added access-level support to the VNX Manila driver.
  • Added support for the Manila HDS HNAS driver.
  • Added GlusterFS native driver.
    • GlusterFS drivers can now specify the list of compatible share layouts.
  • Added microversion support (v2 API).

Deprecated Features

  • The share_reset_status API component is deprecated and replaced by share_instance_reset_status.

 

查看原文:http://www.zoues.com/index.php/2015/10/18/liberty/

公众号: DCOS
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
ceilometer中可能遇见的问题
xiaoxiaochen12的博客
07-15 1326
这里我记录一下在配置ceilometer中可能遇见的问题(当然都是我遇见过的问题) oslo_config.cfg: Option “coordination_url” from group “storage” is deprecated. Use option “coordination_url” from group “DEFAULT”. 这个问题一般是配置问题(如果看不懂翻译一下就明白了)...
Openstack组件实现原理—Keystone认证功能
02-24
Keystone实现始终围绕着Keystone所实现的功能来展开,所以在理解其实现之前,建议大家尝试通过安装Keystone这一个过程来感受KeystoneOpenstack架构中所充当的角色。下面给出了Keystone-M的安装过程。Keystone安装...
eslint 报错自动修复命令
Yama的博客
10-05 1513
标题eslint 报错自动修改命令 npm run lint
ESlint报错如何解决
前端知识库
05-28 3665
如何解决ESlint报错 蓝色波浪线:警告,不用管 黄色波浪线:没有加分号,自动格式化 红色波浪线:要解决 解决方法(核心:还是看提示) 1.鸵鸟做法(不推荐) 关闭WebStrom提示 1.将圆拖到none就是不检查,中间就是弱检查 关闭命令行检查 在文件最上方添加/*eslint-disable*/ 这样在提交代码的时候ESlint就不会管 2.改代码(根据提示) 提示:require不是一个import语句 解决:不是import就改为import导入即可 3.改配置(根据提示)
PhpStorm/WebStorm……等JetBrains系代码编辑器解决ESLint代码检查不通过
U.R.M.L
07-02 1578
检查确认是否开启了ESLint的代码格式检查 比如vue项目,在使用vue init webpack project_name创建项目的时候就会询问是否开启ESLintUse ESLint to lint your code? (Y/n)如果当初您的选择是Y那么之后在每次运行npm run dev时ESLint都会根据当初您的设定进行代码检查,如果不通过就会报错,有些朋友为了图方便可能直接就取消了代码检查,个人感觉不太合适,因为这样不便于写出规整的代码,那么问题来了,已经开启了,而且想让代码规整,但又不知道
Android 根证书管理与证书验证
热门推荐
tq08g2z的专栏
03-22 1万+
PKI 体系依赖证书执行极为关键的身份验证,以此确认服务端的可信任性。证书验证在 SSL/TLS 握手过程中完成,验证过程通常包含三个步骤: 验证证书的合法性:这一步主要是验证证书是由合法有效的 CA 签发的。在客户端预先保存一个可靠的 CA 的根证书库,比如 FiexFox、Chrome、Android、Microsoft 等都有维护自己的根证书库,并据此验证服务端证书链的合法性。PKI 体...
OpenStack——认证服务Keystone
01-27
KeystoneOpenStackIdentityService)是OpenStack框架中,负责身份验证、服务规则和服务令牌的功能, 它实现了OpenStack的IdentityAPI。Keystone类似一个服务总线,或者说是整个Openstack框架的注册表, 其他服务...
OpenStack安装部署Liberty Neutron
01-11
最近在两台物理机环境中部署了OpenStackLiberty版本,各个模块都遇到或多或少的问题,但尤以Neutron的问题最让人头疼。尽管OpenStack一直致力于简化Neutron的部署,但对于非网络技术人员来说依然存在着很大的挑战...
Heat 显示嵌套template
gsllovefly的博客
04-26 1230
Heat 显示嵌套template
OpenStack-Heat使用命令
lanceyang1992的专栏
07-30 8664
命令用法 usage: heat [--version] [-d] [-v] [-k] [--os-cacert ] [--cert-file CERT_FILE] [--key-file KEY_FILE] [--ca-file CA_FILE] [--api-timeout API_TIMEOUT] [--os-username
Discover more details on the way it will help fast paced persons ghd ireland
cmbf32058的博客
01-12 107
Discover more details on the way it will help fast paced personsghd ireland such as you beneath.Sustain wit...
Gnocchi: 2 、Gnocchi架构及其基础
qingyuanluofeng的专栏
04-03 4196
声明:以下内容是对Gnocchi官网:https://docs.openstack.org/developer/gnocchi/architecture.html 内容的大致翻译 Gnocchi 1系统架构 Gnocchi包含了集中服务:一个HTTP REST API(参见:https://docs.openstack.org/developer/gnocchi/rest.html)...
java certificate_记录解决java.security.cert.CertificateException 问题过程
weixin_42512723的博客
02-23 3799
团队在开发过程中,突然发现有一个业务失常,该业务对接了另一个团队开发的IM SDK,报错异常如下为:java.security.cert.CertificateException:Domain specific configurations require that hostname aware checkServerTrusted(X509Certificate[], String, Strin...
openstack 云主机异常
qq_17523643的博客
02-27 1345
]# openstack-status == Nova services == openstack-nova-api: active openstack-nova-compute: inactive (disabled on boot) openstack-nova-network: inac...
OpenStack(Mitaka版本)上通过Sahara部署Hadoop&Spark集群
Enweitech Software Works
08-15 5015
OpenStack(Mitaka)上通过Sahara部署Hadoop&Spark集群 1. 准备工作 1.1 创建用于部署集群的项目和用户1.2 准备Cloudera Plugin镜像1.3 创建集群网络和云主机类型模板 2. 通过Sahara部署CDH5.5集群 2.1 注册镜像到Sahara2.2 创建节点组模板2.3 创建集群模板2.4. 创建集群 3. Elasti
keystone WSGI流程
weixin_33882452的博客
08-03 536
作为OpenStack两种基本的通信方式(RESTful API与消息总线)之中的一个。理解RESTful API的设计思路和运行过程,有助于我们对OpenStack有更好的理解。RESTful仅仅是设计风格而不是标准,Web服务中通常使用基于HTTP的符合RESTful风格的API。而WSGI(Web ServerGateway Interface)则是python语言中所定义的Webs...
通过heat创建stack的代码流程分析heat stack-create
weixin_30349597的博客
02-18 329
Heat-api发送RPC请求 Heat/api/openstack/v1/stacks.py @util.policy_enforce ...
OpenStack认证管理
最新发布
03-20
Keystone作为OpenStack的核心服务,自"Essex"版本开始引入,它确保了在访问OpenStack的各种服务时的安全性和可控性。 1. Keystone的作用 Keystone的主要任务是验证用户身份、管理服务目录以及实施访问控制。它为...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值