Nova

Nova API

データベース作成

code:sql

CREATE DATABASE nova_api;

CREATE DATABASE nova;

CREATE DATABASE nova_cell0;

権限周り

code:sql

GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';

GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';

GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';

GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';

GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';

GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';

Compute サービス用認証情報

ユーザの追加

code:shell

# openstack user create --domain default --password-prompt nova

管理者ロールに追加

code:shell

$ openstack role add --project service --user nova admin

nova サービスエンティティの作成

code:shell

# openstack service create --name nova --description "OpenStack Compute" compute

Compute API サービスのエンドポイント作成

code:shell

パッケージのインストール

code:shell

# yum install openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler

code:shell

# diff -u /etc/nova/nova.conf.org /etc/nova/nova.conf

--- /etc/nova/nova.conf.org 2020-07-20 20:23:02.000000000 +0900

+++ /etc/nova/nova.conf 2020-07-31 23:40:55.917251372 +0900

@@ -491,7 +491,7 @@

# This option has a sample default set, which means that

# its actual default value may vary from the one documented

# below.

-#my_ip=<host_ipv4>

+my_ip=192.168.11.19

#

# The IP address which is used to connect to the block storage network. For more

@@ -602,7 +602,7 @@

# List of APIs to be enabled by default (list value)

-#enabled_apis=osapi_compute,metadata

+enabled_apis=osapi_compute,metadata

#

# List of APIs with enabled SSL. For more information, refer to the

@@ -826,7 +826,7 @@

# The network address and optional user credentials for connecting to the

# messaging backend, in URL format. The expected format is. For more

# information, refer to the documentation. (string value)

-#transport_url=rabbit://

+transport_url=rabbit://openstack:nova@controller:5672/

# The default exchange under which topics are scoped. May be overridden by an

# exchange name specified in the transport_url option (string value)

@@ -890,7 +890,7 @@

# testing purposes only and should not be used in deployments. This option and

-#auth_strategy=keystone

+auth_strategy=keystone

#

# When True, the 'X-Forwarded-For' header is treated as the canonical remote

@@ -1089,7 +1089,7 @@

# The SQLAlchemy connection string to use to connect to the database. Do not set

-#connection=mysql://nova:nova@localhost/nova

+connection=mysql+pymysql://nova:nova@controller/nova_api

# Optional URL parameters to append onto the connection URL at connect time;

# specify as param1=value1&param2=value2& (string value)

@@ -1636,7 +1636,7 @@

# Deprecated group;name - DEFAULT;sql_connection

-#connection=<None>

+connection=mysql+pymysql://nova:nova@controller/nova

# The SQLAlchemy connection string to use to connect to the slave database

# (string value)

@@ -1950,7 +1950,7 @@

# options was added in the 17.0.0 Queens release. The api_servers option was

# retained temporarily to allow consumers time to cut over to a real load

# balancing solution.

-#api_servers=<None>

#

# Enable glance operation retries. For more information, refer to the

@@ -2026,7 +2026,7 @@

# The default region_name for endpoint URL discovery (string value)

-#region_name=<None>

+region_name=RegionOne

# Always use this endpoint URL for requests for this client. NOTE: The

# unversioned endpoint should be specified here; to request a particular API

@@ -2571,7 +2571,8 @@

# endpoint the service user utilizes for validating tokens, because normal end

# users may not be able to reach that endpoint (string value)

-#www_authenticate_uri=<None>

# DEPRECATED: Complete "public" Identity API endpoint. This endpoint should not

# be an "admin" endpoint, as it should be accessible by all end users.

@@ -2632,7 +2633,7 @@

# Optionally specify a list of memcached server(s) to use for caching. If left

# undefined, tokens will instead be cached in-process (list value)

-#memcached_servers=<None>

+memcached_servers=controller:11211

# In order to prevent excessive effort spent validating tokens, the middleware

# caches previously-seen tokens for a configurable duration (in seconds). Set to

@@ -2712,7 +2713,12 @@

# Authentication type to load (string value)

-#auth_type=<None>

+auth_type = password

+project_domain_name = Default

+user_domain_name = Default

+project_name = service

+username = nova

+password = nova

# Config Section from which to load plugin specific options (string value)

@@ -3580,7 +3586,7 @@

# only be writable by the user running the processes that need locking. Defaults

# to environment variable OSLO_LOCK_PATH. If external locks are used, a lock

# path must be set (string value)

-#lock_path=/var/lib/nova/tmp

+lock_path=/var/lib/nova/tmp

@@ -4140,13 +4146,13 @@

# Project name to scope to (string value)

-#project_name=<None>

+project_name=service

# Domain ID containing project (string value)

# Domain name containing project (string value)

-#project_domain_name=<None>

+project_domain_name=Default

# Trust ID (string value)

@@ -4219,6 +4225,11 @@

# used (floating point value)

+auth_type = password

+user_domain_name = Default

+username = placement

+password = placement

#

@@ -5180,7 +5191,7 @@

# Enable VNC related features. For more information, refer to the documentation.

# (boolean value)

# Deprecated group;name - DEFAULT;vnc_enabled

-#enabled=true

+enabled=true

# DEPRECATED:

# Keymap for VNC. For more information, refer to the documentation. (string

@@ -5203,14 +5214,14 @@

# (host address value)

# Deprecated group;name - DEFAULT;vncserver_listen

-#server_listen=127.0.0.1

+server_listen=$my_ip

#

# Private, internal IP address or hostname of VNC console proxy. For more

# information, refer to the documentation. (host address value)

# Deprecated group;name - DEFAULT;vncserver_proxyclient_address

-#server_proxyclient_address=127.0.0.1

+server_proxyclient_address=$my_ip

#

# Public address of noVNC VNC console proxy. For more information, refer to the

code:shell

# su -s /bin/sh -c "nova-manage api_db sync" nova

code:shell

# su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova

作成

code:shell

# su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova

code:shell

# su -s /bin/sh -c "nova-manage db sync" nova

nova cell0とcell1が正しく登録されていることを確認

code:shell

# su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova

code:shell

systemctl enable \

openstack-nova-api.service \

openstack-nova-scheduler.service \

openstack-nova-conductor.service \

openstack-nova-novncproxy.service

code:shell

systemctl start \

openstack-nova-api.service \

openstack-nova-scheduler.service \

openstack-nova-conductor.service \

openstack-nova-novncproxy.service

Nova Compute

パッケージのインストール

code:shell

# yum install openstack-nova-compute

novncproxy_base_url=http://controller:6080/vnc_auto.html

コンピュートノードが仮想マシンのハードウェアアクセラレーションをサポートしているか

code:shell

# egrep -c '(vmx|svm)' /proc/cpuinfo

8

起動設定

code:shell

# systemctl enable libvirtd.service openstack-nova-compute.service

# systemctl start libvirtd.service openstack-nova-compute.service

cell データベースにホスト情報の登録

code:shell

# su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova

動作確認

サービスコンポーネントのリストアップ

code:shell

# openstack compute service list

+----+----------------+------+----------+---------+-------+----------------------------+

| ID | Binary | Host | Zone | Status | State | Updated At |

+----+----------------+------+----------+---------+-------+----------------------------+

| 1 | nova-conductor | reno | internal | enabled | up | 2020-07-31T15:18:31.000000 |

| 3 | nova-scheduler | reno | internal | enabled | up | 2020-07-31T15:18:33.000000 |

| 7 | nova-compute | reno | nova | enabled | up | 2020-07-31T15:18:36.000000 |

+----+----------------+------+----------+---------+-------+----------------------------+

コントローラーノードで有効になっている 2 つのサービスと、コンピュートノードで有効になっている 1 つのサービスコンポーネント

Identity サービスの API エンドポイントをリストアップして、Identity サービスとの接続性を検証

code:shell

# openstack catalog list

+-----------+-----------+-----------------------------------------+

| Name | Type | Endpoints |

+-----------+-----------+-----------------------------------------+

| glance | image | RegionOne |

| | | RegionOne |

| | | RegionOne |

| | | |

| nova | compute | RegionOne |

| | | RegionOne |

| | | RegionOne |

| | | |

| keystone | identity | RegionOne |

| | | RegionOne |

| | | RegionOne |

| | | |

| placement | placement | RegionOne |

| | | RegionOne |

| | | RegionOne |

| | | |

+-----------+-----------+-----------------------------------------+

Image との接続性の確認

code:shell

# openstack image list

+--------------------------------------+--------+--------+

| ID | Name | Status |

+--------------------------------------+--------+--------+

| 1451dfe4-5719-48e6-afb8-7dc0f4bc7a1e | cirros | active |

+--------------------------------------+--------+--------+

cell と Placement AP Iが正常に動作し、その他の必要な前提条件が整っていることを確認

code:shell

# nova-status upgrade check

+------------------------------------+

| Upgrade Check Results |

+------------------------------------+

| Check: Cells v2 |

| Result: Success |

| Details: None |

+------------------------------------+

| Check: Placement API |

| Result: Success |

| Details: None |

+------------------------------------+

| Check: Ironic Flavor Migration |

| Result: Success |

| Details: None |

+------------------------------------+

| Check: Cinder API |

| Result: Success |

| Details: None |

+------------------------------------+

| Check: Policy Scope-based Defaults |

| Result: Success |

| Details: None |

+------------------------------------+