controller节点配置
创建数据库和授权用户
创建数据库
[root@controller ~]# mysql -uroot -p000000 MariaDB [(none)]> CREATE DATABASE cinder; MariaDB [(none)]> GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY '000000'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY '000000'; MariaDB [(none)]> flush privileges; MariaDB [(none)]> exit
创建用户服务和API的endpoint
创建用户服务
[root@controller ~]# openstack user create --domain default --password 000000 cinder [root@controller ~]# openstack role add --project service --user cinder admin [root@controller ~]# openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2 [root@controller ~]# openstack service create --name cinderv3 --description "OpenStack Block Storage" volumev3 #cinder有v2和v3两个并存版本的API
给v2和v3版本的api创建endpoint
三种API端点代表三种服务:admin、internal、public
[root@controller ~]# openstack endpoint create --region RegionOne volumev2 public http://controller:8776/v2/%\(project_id\)s [root@controller ~]# openstack endpoint create --region RegionOne volumev2 internal http://controller:8776/v2/%\(project_id\)s [root@controller ~]# openstack endpoint create --region RegionOne volumev2 admin http://controller:8776/v2/%\(project_id\)s [root@controller ~]# openstack endpoint create --region RegionOne volumev3 public http://controller:8776/v2/%\(project_id\)s [root@controller ~]# openstack endpoint create --region RegionOne volumev3 internal http://controller:8776/v2/%\(project_id\)s [root@controller ~]# openstack endpoint create --region RegionOne volumev3 admin http://controller:8776/v2/%\(project_id\)s
安装cinder 服务
[root@controller ~]# yum -y install openstack-cinder
编辑配置文件
编辑cinder.conf
[root@controller ~]# cp /etc/cinder/cinder.conf{,.bak} [root@controller ~]# grep -Ev '#|^$' /etc/cinder/cinder.conf.bak>/etc/cinder/cinder.conf [root@controller ~]# vi /etc/cinder/cinder.conf [DEFAULT] transport_url = rabbit://openstack:000000@controller #配置rabbitmq连接 auth_strategy = keystone #认证方式 my_ip = 192.168.1.100 #内网IP [backend] [backend_defaults] [barbican] [brcd_fabric_example] [cisco_fabric_example] [coordination] [cors] [database] #对接数据库 connection = mysql+pymysql://cinder:000000@controller/cinder [fc-zone-manager] [healthcheck] [key_manager] [keystone_authtoken] #配置keystone认证信息 www_authenticate_uri = http://controller:5000 #keystone地址 auth_url = http://controller:5000 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = cinder #指定通过cinder账号到keystone做认证(用户名、密码) password = 000000 [nova] [oslo_concurrency] lock_path = /var/lib/cinder/tmp #配置锁路径 [oslo_messaging_amqp] [oslo_messaging_kafka] [oslo_messaging_notifications] [oslo_messaging_rabbit] [oslo_middleware] [oslo_policy] [oslo_reports] [oslo_versionedobjects] [privsep] [profiler] [sample_castellan_source] [sample_remote_file_source] [service_user] [ssl] [vault]
同步数据库
[root@controller ~]# su -s /bin/sh -c "cinder-manage db sync" cinder
修改nova配置文件并重启服务
[root@controller ~]# vi /etc/nova/nova.conf 在[cinder]中填入数据 [cinder] os_region_name = RegionOne :wq [root@controller ~]# systemctl restart openstack-nova-api.service
开启服务
[root@controller ~]# systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service [root@controller ~]# systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service
控制节点认证
[root@controller ~]# cinder service-list
compute节点配置
安装openstack–cinder软件服务
[root@compute ~]# yum -y install openstack-cinder targetcli python-keystone [root@compute ~]# yum -y install lvm2 device-mapper-persistent-data [root@compute ~]# systemctl enable lvm2-lvmetad.service [root@compute ~]# systemctl start lvm2-lvmetad.service
创建lvm物理卷和卷组
(新建一块硬盘,并重启)
[root@compute ~]# pvcreate /dev/sdb Physical volume "/dev/sdb" successfully created. [root@compute ~]# vgcreate cinder-volumes /dev/sdb Volume group "cinder-volumes" successfully created
修改lvm配置文件
注意如果输入错误,可能会导致进入系统失败
[root@compute ~]# vi /etc/lvm/lvm.conf :141行 取消注释并修改成 filter = [ "a/sdb/","r/.*/" ] # a表示允许,r表示拒绝 # 只允许lvm服务访问sdc中的数据,不允许lvm服务访问其他磁盘,这也间接实现了openstack创建的虚拟机只能访问sdb中的数据,不能访问其他磁盘 # 设置只允许实例访问sdc逻辑卷中的数据;如果不配置的话,本机的其他服务也有可能会访问sdc逻辑卷中的数据
重启lvm服务
[root@compute ~]# systemctl restart lvm2-lvmetad.service
编辑配置文件
编辑cinder.conf
[root@compute ~]# cp /etc/cinder/cinder.conf{,.bak} [root@compute ~]# grep -Ev '#|^$' /etc/cinder/cinder.conf.bak>/etc/cinder/cinder.conf [root@compute ~]# vi /etc/cinder/cinder.conf [DEFAULT] transport_url = rabbit://openstack:000000@controller auth_strategy = keystone my_ip = 192.168.1.200 enabled_backends = lvm glance_api_servers = http://controller:9292 [backend] [backend_defaults] [barbican] [brcd_fabric_example] [cisco_fabric_example] [coordination] [cors] [database] connection = mysql+pymysql://cinder:000000@controller/cinder [fc-zone-manager] [healthcheck] [key_manager] [keystone_authtoken] www_authenticate_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = cinder password = 000000 [nova] [oslo_concurrency] [oslo_messaging_amqp] [oslo_messaging_kafka] [oslo_messaging_notifications] [oslo_messaging_rabbit] [oslo_middleware] [oslo_policy] [oslo_reports] [oslo_versionedobjects] [privsep] [profiler] [sample_castellan_source] [sample_remote_file_source] [service_user] [ssl] [vault] [lvm] #为LVM后端配置LVM驱动程序 volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver #指定LVM驱动程序;即通过指定的驱动创建LVM volume_group = cinder-volumes #指定卷组(vg) target_protocol = iscsi #pv使用的是iscsi协议,可以提供块存储服务 target_helper = lioadm #iscsi管理工具
开启服务
[root@compute ~]# systemctl enable openstack-cinder-volume.service target.service [root@compute ~]# systemctl start openstack-cinder-volume.service target.service
整体服务验证
controller节点操作
[root@controller ~]# openstack volume service list