春风十里不如你 —— Taozi - xiandian https://xiongan.host/index.php/tag/xiandian/ 【openstack】swift https://xiongan.host/index.php/archives/187/ 2022-12-08T18:00:00+08:00 主机名ip角色ftp192.168.123.10ftp源controller192.168.123.23控制、计算对象存储服务(swift)服务优势数据访问灵活性高数据持久性极高的可拓展性无单点故障安装脚本首先安装iaas-xiandian[root@localhost ~]# yum install -y iaas-xiandian编辑环境变量内容直接参考openrc.sh开始部署环境第一个脚本开始执行前期准备[root@localhost ~]# iaas-pre-host.sh执行完成后提示需要重启reboot安装数据库[root@controller ~]# iaas-install-mysql.sh[root@controller ~]# yum install -y MySQL-python安装keystone服务[root@controller ~]# iaas-install-keystone.sh镜像服务[root@controller ~]# iaas-install-glance.shnova服务[root@controller ~]# iaas-install-nova-controller.sh[root@controller ~]# iaas-install-nova-compute.shneutron网络服务[root@controller ~]# iaas-install-neutron-controller.sh[root@controller ~]# iaas-install-neutron-compute.sh安装dashboard面板[root@controller ~]# iaas-install-dashboard.sh执行完成后就可以通过http://ip/dashboard登录cinder脚本[root@controller ~]# iaas-install-cinder-controller.sh[root@controller ~]# iaas-install-cinder-compute.sh对象存储服务(swift)[root@controller ~]# iaas-install-swift-controller.sh[root@controller ~]# iaas-install-swift-compute.shswift命令的使用#创建一个名称为“xiandian”的容器,并查看容器的状态。 [root@controller ~]# swift post xiandian [root@controller ~]# swift stat xiandian Account: AUTH_142a7836b3524a30bc4752de47af5054 Container: xiandian Objects: 0 Bytes: 0 Read ACL: Write ACL: Sync To: Sync Key: Accept-Ranges: bytes X-Storage-Policy: Policy-0 Last-Modified: Thu, 08 Dec 2022 12:29:05 GMT X-Timestamp: 1670502544.24404 X-Trans-Id: tx2d54cb32daf64bc38fd5b-006391d89a Content-Type: application/json; charset=utf-8 X-Openstack-Request-Id: tx2d54cb32daf64bc38fd5b-006391d89a #向刚才创建的容器“xiandian”中上传目录,并查看是否上传成功。(将本地的test目录内容递归上传到“xiandian”容器内,上传时我们首先需要上传一个空白的“test”目录) [root@controller ~]# mkdir test [root@controller ~]# swift upload xiandian test/ test/ [root@controller ~]# swift list xiandian test/ #查看“xiandian”容器里面的内容 [root@controller ~]# swift list xiandian test/ #将test.txt、saas.png、iaas.png文件上传到“xiandian”容器内“test”目录内。 [root@controller ~]# touch test.txt [root@controller ~]# touch saas.png [root@controller ~]# touch iaas.png [root@controller ~]# swift upload xiandian/test test.txt test/test.txt [root@controller ~]# swift upload xiandian/test saas.png test/saas.png [root@controller ~]# swift upload xiandian/test iaas.png test/iaas.png [root@controller ~]# swift list xiandian test/ test/iaas.png test/saas.png test/test.txt #文件上传成功后,切到/opt目录下,对容器xiandian中test目录下的文件进行下载。(数据在swift集群内保存,随时供用户下载使用,现在下载test.txt、saas.png、iaas.png这三个文件) [root@controller opt]# pwd /opt [root@controller opt]# ls [root@controller opt]# swift download xiandian test/iaas.png test/iaas.png [auth 0.592s, headers 0.780s, total 0.781s, 0.000 MB/s] [root@controller opt]# swift download xiandian test/saas.png test/saas.png [auth 0.579s, headers 0.765s, total 0.766s, 0.000 MB/s] [root@controller opt]# swift download xiandian test/test.txt test/test.txt [auth 0.579s, headers 0.763s, total 0.764s, 0.000 MB/s] [root@controller opt]# ls test [root@controller opt]# cd test/ [root@controller test]# ls iaas.png saas.png test.txt#可以查看具体容器的运行状态,以查看“xiandian”容器为例 [root@controller test]# swift stat xiandian Account: AUTH_142a7836b3524a30bc4752de47af5054 Container: xiandian Objects: 4 Bytes: 0 Read ACL: Write ACL: Sync To: Sync Key: Accept-Ranges: bytes X-Storage-Policy: Policy-0 Last-Modified: Thu, 08 Dec 2022 12:34:03 GMT X-Timestamp: 1670502544.24404 X-Trans-Id: txc401261c809a411e81475-006391db6e Content-Type: application/json; charset=utf-8 X-Openstack-Request-Id: txc401261c809a411e81475-006391db6e #对容器中的对象里面存储的文件iaas.png的状态进行查看 [root@controller test]# swift stat xiandian test/iaas.png Account: AUTH_142a7836b3524a30bc4752de47af5054 Container: xiandian Object: test/iaas.png Content Type: image/png Content Length: 0 Last Modified: Thu, 08 Dec 2022 12:34:04 GMT ETag: d41d8cd98f00b204e9800998ecf8427e Meta Mtime: 1670502806.556745 Accept-Ranges: bytes X-Timestamp: 1670502843.47441 X-Trans-Id: txe0d8fcb20e914d97b8783-006391dc0e X-Openstack-Request-Id: txe0d8fcb20e914d97b8783-006391dc0安装Heat编排服务加载环境变量[root@controller ~]# source /etc/xiandian/openrc.sh [root@controller ~]# source /etc/keystone/admin-openrc.sh创建数据库并给数据库赋予权限[root@controller ~]# mysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS heat ;" [root@controller ~]# mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'localhost' IDENTIFIED BY '$HEAT_DBPASS' ;" [root@controller ~]# mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'%' IDENTIFIED BY '$HEAT_DBPASS' ;"安装软件[root@controller ~]# yum install openstack-heat-api openstack-heat-api-cfn openstack-heat-engine openstack-heat-ui -y创建用户[root@controller ~]# openstack user create --domain $DOMAIN_NAME --password $HEAT_PASS heat +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | domain_id | ebbf2d331d784720a5988750edebc557 | | enabled | True | | id | 3951d66f2a20483a80e652524db82efd | | name | heat | | options | {} | | password_expires_at | None | +---------------------+----------------------------------+给用户heat添加管理员的角色[root@controller ~]# openstack role add --project service --user heat admin创建服务[root@controller ~]# openstack service create --name heat --description "Orchestration" orchestration +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Orchestration | | enabled | True | | id | 4a777b7b25cf403ea01a6ac4ae75d19e | | name | heat | | type | orchestration | +-------------+----------------------------------+ [root@controller ~]# openstack service create --name heat-cfn --description "Orchestration" cloudformation +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Orchestration | | enabled | True | | id | 55a2ce2c3288478f926998a4b04e3334 | | name | heat-cfn | | type | cloudformation | +-------------+----------------------------------+创建三个端点服务公有的:[root@controller ~]# openstack endpoint create --region RegionOne orchestration public http://$HOST_NAME:8004/v1/%\(tenant_id\)s +--------------+-----------------------------------------+ | Field | Value | +--------------+-----------------------------------------+ | enabled | True | | id | 75198220661e4e21b44ea62d419a38bd | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | 4a777b7b25cf403ea01a6ac4ae75d19e | | service_name | heat | | service_type | orchestration | | url | http://controller:8004/v1/%(tenant_id)s | +--------------+-----------------------------------------+内部的:[root@controller ~]# openstack endpoint create --region RegionOne orchestration internal http://$HOST_NAME:8004/v1/%\(tenant_id\)s +--------------+-----------------------------------------+ | Field | Value | +--------------+-----------------------------------------+ | enabled | True | | id | 643402dbfa1f44f4a79719f08e93c02b | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | 4a777b7b25cf403ea01a6ac4ae75d19e | | service_name | heat | | service_type | orchestration | | url | http://controller:8004/v1/%(tenant_id)s | +--------------+-----------------------------------------+管理员的:[root@controller ~]# openstack endpoint create --region RegionOne orchestration admin http://$HOST_NAME:8004/v1/%\(tenant_id\)s +--------------+-----------------------------------------+ | Field | Value | +--------------+-----------------------------------------+ | enabled | True | | id | 69d1a73e069f441699109b6264dd35e7 | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | 4a777b7b25cf403ea01a6ac4ae75d19e | | service_name | heat | | service_type | orchestration | | url | http://controller:8004/v1/%(tenant_id)s | +--------------+-----------------------------------------+在创建三个端点服务:#公共的 [root@controller ~]# openstack endpoint create --region RegionOne cloudformation public http://$HOST_NAME:8000/v1 #内部的 [root@controller ~]# openstack endpoint create --region RegionOne cloudformation internal http://$HOST_NAME:8000/v1 #管理员的 [root@controller ~]# openstack endpoint create --region RegionOne cloudformation admin http://$HOST_NAME:8000/v1查看创建的端点服务[root@controller ~]# openstack endpoint list | grep heat | 015d14b2afea4fe9904b324f723b2e5b | RegionOne | heat-cfn | cloudformation | True | public | http://controller:8000/v1 | | 04c4c528f112418f89bd91413fb4d83a | RegionOne | heat-cfn | cloudformation | True | internal | http://controller:8000/v1 | | 0a4f989acc66491e98f59b7a9b4b5fea | RegionOne | heat-cfn | cloudformation | True | admin | http://controller:8000/v1 | | 643402dbfa1f44f4a79719f08e93c02b | RegionOne | heat | orchestration | True | internal | http://controller:8004/v1/%(tenant_id)s | | 69d1a73e069f441699109b6264dd35e7 | RegionOne | heat | orchestration | True | admin | http://controller:8004/v1/%(tenant_id)s | | 75198220661e4e21b44ea62d419a38bd | RegionOne | heat | orchestration | True | public | http://controller:8004/v1/%(tenant_id)s |创建域[root@controller ~]# openstack domain create --description "Stack projects and users" heat +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Stack projects and users | | enabled | True | | id | 57296eb6f502403283ad4644cbe0daf4 | | name | heat | | tags | [] | +-------------+----------------------------------+创建用户heat_domain_admin[root@controller ~]# openstack user create --domain heat --password $HEAT_PASS heat_domain_admin +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | domain_id | 57296eb6f502403283ad4644cbe0daf4 | | enabled | True | | id | 6529832b72574f0e8f2963d96ab51f5c | | name | heat_domain_admin | | options | {} | | password_expires_at | None | +---------------------+----------------------------------+给用户heat_domain_admin添加管理员的角色[root@controller ~]# openstack role add --domain heat --user-domain heat --user heat_domain_admin admin创建角色[root@controller ~]# openstack role create heat_stack_owner +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | None | | id | a486348484364690806879b8ef429b7c | | name | heat_stack_owner | +-----------+----------------------------------+给用户demo添加heat_stack_owner的角色[root@controller ~]# openstack role add --project demo --user demo heat_stack_owner创建角色heat_stack_user[root@controller ~]# openstack role create heat_stack_user +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | None | | id | 1036f59dc79644548fbb8a9ae3faa30e | | name | heat_stack_user | +-----------+----------------------------------+对配置文件/etc/heat/heat.conf进行修改[root@controller ~]# crudini --set /etc/heat/heat.conf database connection mysql+pymysql://heat:$HEAT_DBPASS@$HOST_NAME/heat [root@controller ~]# crudini --set /etc/heat/heat.conf DEFAULT transport_url rabbit://$RABBIT_USER:$RABBIT_PASS@$HOST_NAME [root@controller ~]# [root@controller ~]# crudini --set /etc/heat/heat.conf keystone_authtoken auth_uri http://$HOST_NAME:5000 [root@controller ~]# crudini --set /etc/heat/heat.conf keystone_authtoken auth_url http://$HOST_NAME:35357 [root@controller ~]# crudini --set /etc/heat/heat.conf keystone_authtoken memcached_servers $HOST_NAME:11211 [root@controller ~]# crudini --set /etc/heat/heat.conf keystone_authtoken auth_type password [root@controller ~]# crudini --set /etc/heat/heat.conf keystone_authtoken project_domain_name $DOMAIN_NAME [root@controller ~]# crudini --set /etc/heat/heat.conf keystone_authtoken user_domain_name $DOMAIN_NAME [root@controller ~]# crudini --set /etc/heat/heat.conf keystone_authtoken project_name service [root@controller ~]# crudini --set /etc/heat/heat.conf keystone_authtoken username heat [root@controller ~]# crudini --set /etc/heat/heat.conf keystone_authtoken password $HEAT_PASS [root@controller ~]# [root@controller ~]# crudini --set /etc/heat/heat.conf trustee auth_plugin password [root@controller ~]# crudini --set /etc/heat/heat.conf trustee auth_url http://$HOST_NAME:35357 [root@controller ~]# crudini --set /etc/heat/heat.conf trustee username heat [root@controller ~]# crudini --set /etc/heat/heat.conf trustee password $HEAT_PASS [root@controller ~]# crudini --set /etc/heat/heat.conf trustee user_domain_name $DOMAIN_NAME [root@controller ~]# crudini --set /etc/heat/heat.conf clients_keystone auth_uri http://$HOST_NAME:35357 [root@controller ~]# [root@controller ~]# crudini --set /etc/heat/heat.conf DEFAULT heat_metadata_server_url http://$HOST_NAME:8000 [root@controller ~]# crudini --set /etc/heat/heat.conf DEFAULT heat_waitcondition_server_url http://$HOST_NAME:8000/v1/waitcondition [root@controller ~]# [root@controller ~]# crudini --set /etc/heat/heat.conf DEFAULT stack_domain_admin heat_domain_admin [root@controller ~]# crudini --set /etc/heat/heat.conf DEFAULT stack_domain_admin_password $HEAT_PASS [root@controller ~]# crudini --set /etc/heat/heat.conf DEFAULT stack_user_domain_name heat对数据库进行同步[root@controller ~]# su -s /bin/sh -c "heat-manage db_sync" heat将服务设置为开机自启并重新启动服务#开机自启 systemctl enable openstack-heat-api.service openstack-heat-api-cfn.service openstack-heat-engine.service #重新启动服务 systemctl restart openstack-heat-api.service openstack-heat-api-cfn.service openstack-heat-engine.service systemctl restart httpd memcached查看面板