上一篇:构建基于openEuler2209的OpenStack云平台(六)
7 安装和配置块存储服务(Cinder service)
OpenStack块存储服务(Cinder)为可选服务,它为虚拟机添加持久存储。Cinder提供了管理卷的基础架构,并与OpenStack Compute交互,为实例提供卷。该服务还支持卷快照和卷类型的管理。
7.1 安装和配置控制节点
本小节操作在控制节点上完成。
7.1.1 先决条件
1、创建数据库并授权访问
[root@xgk-ctl ~]# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 194
Server version: 10.5.16-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> CREATE DATABASE cinder;
Query OK, 1 row affected (0.000 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY 'CINDER_DBPASS';
Query OK, 0 rows affected (0.002 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY 'CINDER_DBPASS';
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]> exit;
Bye
2、获得admin凭证
[root@xgk-ctl ~]# source /etc/keystone/admin-openrc
3、创建服务凭据
(1)创建cinder用户
[root@xgk-ctl ~]# openstack user create --domain default --password-prompt cinder
User Password: #此处设置cinder用户的密码,比如CINDER_PASS
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | ee8d037ea147430d8a642b3aff3fb7c6 |
| name | cinder |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
(2)为cinder用户添加管理员角色
[root@xgk-ctl ~]# openstack role add --project service --user cinder admin
(3)依次创建两个名为cinderv2和cinderv3的服务实体
- 创建名为cinderv2的服务实体
[root@xgk-ctl ~]# openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Block Storage |
| enabled | True |
| id | c4137f71fb9345da938f0956dfdad757 |
| name | cinderv2 |
| type | volumev2 |
+-------------+----------------------------------+
- 创建名为cinderv3的服务实体
[root@xgk-ctl ~]# openstack service create --name cinderv3 --description "OpenStack Block Storage" volumev3
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Block Storage |
| enabled | True |
| id | 8a45faf96d794164a56f108f0cf349bc |
| name | cinderv3 |
| type | volumev3 |
+-------------+----------------------------------+
4、创建块存储服务API端点
(1)为cinderv2创建public端点
[root@xgk-ctl ~]# openstack endpoint create --region RegionOne volumev2 public http://xgk-ctl:8776/v2/%\(project_id\)s
+--------------+---------------------------------------+
| Field | Value |
+--------------+---------------------------------------+
| enabled | True |
| id | 698d7118a4cb4a47a928bebfd7d73391 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | c4137f71fb9345da938f0956dfdad757 |
| service_name | cinderv2 |
| service_type | volumev2 |
| url | http://xgk-ctl:8776/v2/%(project_id)s |
+--------------+---------------------------------------+
(2)为cinderv2创建internal端点
[root@xgk-ctl ~]# openstack endpoint create --region RegionOne volumev2 internal http://xgk-ctl:8776/v2/%\(project_id\)s
+--------------+---------------------------------------+
| Field | Value |
+--------------+---------------------------------------+
| enabled | True |
| id | b5254f2e8c82456b96bbef2e83754d07 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | c4137f71fb9345da938f0956dfdad757 |
| service_name | cinderv2 |
| service_type | volumev2 |
| url | http://xgk-ctl:8776/v2/%(project_id)s |
+--------------+---------------------------------------+
(3)为cinderv2创建admin端点
[root@xgk-ctl ~]# openstack endpoint create --region RegionOne volumev2 admin http://xgk-ctl:8776/v2/%\(project_id\)s
+--------------+---------------------------------------+
| Field | Value |
+--------------+---------------------------------------+
| enabled | True |
| id | 55700f7e3ea04b8ea42bb6b069aa3fbb |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | c4137f71fb9345da938f0956dfdad757 |
| service_name | cinderv2 |
| service_type | volumev2 |
| url | http://xgk-ctl:8776/v2/%(project_id)s |
+--------------+---------------------------------------+
(4)为cinderv3创建public端点
[root@xgk-ctl ~]# openstack endpoint create --region RegionOne volumev3 public http://xgk-ctl:8776/v3/%\(project_id\)s
+--------------+---------------------------------------+
| Field | Value |
+--------------+---------------------------------------+
| enabled | True |
| id | b78cb7ee471b42bbbd326a9e7f0b1658 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 8a45faf96d794164a56f108f0cf349bc |
| service_name | cinderv3 |
| service_type | volumev3 |
| url | http://xgk-ctl:8776/v3/%(project_id)s |
+--------------+---------------------------------------+
(5)为cinderv3创建internal端点
[root@xgk-ctl ~]# openstack endpoint create --region RegionOne volumev3 internal http://xgk-ctl:8776/v3/%\(project_id\)s
+--------------+---------------------------------------+
| Field | Value |
+--------------+---------------------------------------+
| enabled | True |
| id | 5c5b66987b4740208f5fdb2670fff1a9 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 8a45faf96d794164a56f108f0cf349bc |
| service_name | cinderv3 |
| service_type | volumev3 |
| url | http://xgk-ctl:8776/v3/%(project_id)s |
+--------------+---------------------------------------+
(6)为cinderv3创建admin端点
[root@xgk-ctl ~]# openstack endpoint create --region RegionOne volumev3 admin http://xgk-ctl:8776/v3/%\(project_id\)s
+--------------+---------------------------------------+
| Field | Value |
+--------------+---------------------------------------+
| enabled | True |
| id | 3b56a2067ed44cdf9af065952e9d2e5e |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 8a45faf96d794164a56f108f0cf349bc |
| service_name | cinderv3 |
| service_type | volumev3 |
| url | http://xgk-ctl:8776/v3/%(project_id)s |
+--------------+---------------------------------------+
7.1.2 安装和配置组件
1、安装软件包
[root@xgk-ctl ~]# dnf -y install openstack-cinder
2、编辑/etc/cinder/cinder.conf配置文件
[root@xgk-ctl ~]# cp -a /etc/cinder/cinder.conf{,.bak}
[root@xgk-ctl ~]# grep -Ev '^$|#' /etc/cinder/cinder.conf.bak > /etc/cinder/cinder.conf
[root@xgk-ctl ~]# vim /etc/cinder/cinder.conf
[DEFAULT]
transport_url = rabbit://openstack:RABBIT_PASS@xgk-ctl //配置RabbitMQ消息队列访问
auth_strategy = keystone //配置Identity服务访问
my_ip = 192.168.18.200 //控制主机的管理网络接口IP地址
[barbican]
[barbican_service_user]
[cors]
#配置数据库访问
[database]
connection = mysql+pymysql://cinder:CINDER_DBPASS@xgk-ctl/cinder
[healthcheck]
[key_manager]
#配置Identity服务访问
[keystone_authtoken]
www_authenticate_uri = http://xgk-ctl:5000
auth_url = http://xgk-ctl:5000
memcached_servers = xgk-ctl:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = cinder
password = CINDER_PASS
#配置锁定路径
[oslo_concurrency]
lock_path = /var/lib/cinder/tmp
……此处省略文件原有的其它内容……
3、同步数据库
[root@xgk-ctl ~]# su -s /bin/sh -c "cinder-manage db sync" cinder
4、配置计算使用块存储
[root@xgk-ctl ~]# vim /etc/nova/nova.conf
……此处省略文件原有的其它内容……
[cinder]
os_region_name = RegionOne
……此处省略文件原有的其它内容……
5、完成安装
(1)重新启动计算API服务
[root@xgk-ctl ~]# systemctl restart openstack-nova-api.service
(2)启动块存储服务,并将其配置开机自启动
[root@xgk-ctl ~]# systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service
[root@xgk-ctl ~]# systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service
7.2 安装和配置块存储节点
本小节内容在块存储节点上操作完成。
7.2.1 先决条件
1、创建LVM物理卷
通过lsblk命令可以看当前主机的磁盘,可以将多个磁盘创建成LVM物理卷,但不建议包含OS的卷。
[root@xgk-blkn1 ~]# pvcreate /dev/vdb
Physical volume "/dev/vdb" successfully created.
2、创建LVM卷组cinder-volumes
[root@xgk-blkn1 ~]# vgcreate cinder-volumes /dev/vdb
Volume group "cinder-volumes" successfully created
块存储服务将在此cinder-volumes卷组中创建逻辑卷。
3、编辑/etc/lvm/lvm.conf文件
只有实例才能访问块存储卷。但是,底层操作系统管理与卷关联的设备。默认情况下,LVM卷扫描工具扫描/dev/目录中包含卷的块存储设备。如果项目在其卷上使用LVM,扫描工具会检测这些卷并尝试缓存它们,这可能会导致底层操作系统和项目卷出现各种问题。因此必须重新配置LVM以仅扫描包含cinder-volumes卷组的设备。
在devices节,添加一个过滤器,该过滤器只接受/dev/vdb设备,并拒绝所有其他设备,其中的a表示accept,r表示reject。
[root@xgk-blkn1 ~]# cp -a /etc/lvm/lvm.conf{,.bak}
[root@xgk-blkn1 ~]# grep -Ev '^$|#' /etc/lvm/lvm.conf.bak > /etc/lvm/lvm.conf
[root@xgk-blkn1 ~]# vim /etc/lvm/lvm.conf
……此处省略文件原有内容……
devices {
……此处省略文件原有内容……
filter = [ "a/vdb/", "r/.*/"]
……此处省略文件原有后续内容……
可以使用【vgs -vvvv】命令测试过滤器。
7.2.2 安装和配置组件
1、安装软件包
[root@xgk-blkn1 ~]# dnf -y install lvm2 device-mapper-persistent-data scsi-target-utils rpcbind nfs-utils openstack-cinder-volume openstack-cinder-backup
2、准备NFS
[root@xgk-blkn1 ~]# mkdir -p /root/cinder/backup
[root@xgk-blkn1 ~]# cat << EOF >> /etc/exports
/root/cinder/backup 192.168.0.0/24(rw,sync,no_root_squash,no_all_squash)
EOF
注:上面的192.168.0.0/24为提供商网络地址。
3、编辑/etc/cinder/cinder.conf 配置文件
[root@xgk-blkn1 ~]# cp -a /etc/cinder/cinder.conf{,.bak}
[root@xgk-blkn1 ~]# grep -Ev '^$|#' /etc/cinder/cinder.conf.bak > /etc/cinder/cinder.conf
[root@xgk-blkn1 ~]# vim /etc/cinder/cinder.conf
[DEFAULT]
transport_url = rabbit://openstack:RABBIT_PASS@xgk-ctl //配置RabbitMQ消息队列访问
auth_strategy = keystone //配置Identity服务访问
my_ip = 192.168.18.202 //块存储节点的管理网络接口IP地址
enabled_backends = lvm //启用LVM后端,后端名称可以随意,这里采用lvm用为其名称
glance_api_servers = http://xgk-ctl:9292 //配置镜像服务API的位置
[barbican]
[barbican_service_user]
[cors]
[database]
connection = mysql+pymysql://cinder:CINDER_DBPASS@xgk-ctl/cinder //配置数据库访问
[healthcheck]
[key_manager]
#配置Identity服务访问
[keystone_authtoken]
www_authenticate_uri = http://xgk-ctl:5000
auth_url = http://xgk-ctl:5000
memcached_servers = xgk-ctl:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = cinder
password = CINDER_PASS
#新增lvm节,并配置以下内容
[lvm]
volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver //后端LVM卷组驱动
volume_group = cinder-volumes //后端LVM卷组名称
target_protocol = iscsi //后端目标协议
target_helper = tgtadm //iSCSI服务
[oslo_concurrency]
lock_path = /var/lib/cinder/tmp //配置锁定路径
[oslo_messaging_amqp]
……此处省略文件后续原有内容……
4、使用以下数据创建/etc/tgt/conf.d/cinder.conf文件
如果使用tgtadm装载Cinder卷,请按如下方式修改/etc/tgt/tgtd.conf文件,以确保tgtd能够发现Cinder卷的iscsi目标。
[root@xgk-blkn1 ~]# vim /etc/tgt/conf.d/cinder.conf
include /var/lib/cinder/volumes/*
5、完成安装
启动块存储卷服务,并将其配置为开机自启动
[root@xgk-blkn1 ~]# systemctl enable rpcbind.service nfs-server.service tgtd.service iscsid.service openstack-cinder-volume.service
[root@xgk-blkn1 ~]# systemctl start rpcbind.service nfs-server.service tgtd.service iscsid.service openstack-cinder-volume.service
7.3 安装和配置备份服务
本小节内容在块存储节点上操作完成。
1、安装和配置组件
[root@xgk-blkn1 ~]# dnf -y install openstack-cinder-backup
2、编辑etc/cinder/cinder.conf,添加如下两行内容。
[root@xgk-blkn1 ~]# vim /etc/cinder/cinder.conf
[DEFAULT]
……此处省略文件原有内容……
backup_driver=cinder.backup.drivers.nfs.NFSBackupDriver //备份驱动
backup_share=192.168.18.202:/root/cinder/backup //共享目录所在位置
#backup_driver = cinder.backup.drivers.swift.SwiftBackupDriver
#backup_swift_url = SWIFT_URL //Object Storage service的URL,后面安装swift服务后补充
……此处省略文件原有内容……
上面的SWIFT_URL,在安装完成swift服务后,可在控制节点上通过命令【openstack catalog show object-store】获得。
3、完成安装
启动块存储备份服务,并将其配置为开机自启动
[root@xgk-blkn1 ~]# systemctl enable openstack-cinder-backup.service
[root@xgk-blkn1 ~]# systemctl start openstack-cinder-backup.service
7.4 验证操作
本小节内容在控制节点上操作完成。
1、获得admin凭证
[root@xgk-ctl ~]# source /etc/keystone/admin-openrc
2、列出卷服务组件
[root@xgk-ctl ~]# openstack volume service list
+------------------+-----------------+------+---------+-------+----------------------------+
| Binary | Host | Zone | Status | State | Updated At |
+------------------+-----------------+------+---------+-------+----------------------------+
| cinder-backup | xgk-blkn1 | nova | enabled | up | 2022-12-19T08:07:22.000000 |
| cinder-scheduler | xgk-ctl | nova | enabled | up | 2022-12-19T08:07:22.000000 |
| cinder-volume | xgk-blkn1@lvm | nova | enabled | up | 2022-12-19T08:07:19.000000 |
+------------------+-----------------+------+---------+-------+----------------------------+