0% found this document useful (0 votes)
49 views11 pages

OpenStack Pike Volet 7

The document details the steps to install and configure OpenStack Block Storage (Cinder) on the control node. This includes adding a Cinder user and endpoints to Keystone, as well as adding a Cinder database user and database on MariaDB.

Uploaded by

IRIE
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
49 views11 pages

OpenStack Pike Volet 7

The document details the steps to install and configure OpenStack Block Storage (Cinder) on the control node. This includes adding a Cinder user and endpoints to Keystone, as well as adding a Cinder database user and database on MariaDB.

Uploaded by

IRIE
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 11

OpenStack Pike

2017/09/03

Travaux de synthèse : Taylor VOLI

Volet 7
2

OpenStack Pike : Configure Cinder (Control Node)


2017/09/06

Install and Configure OpenStack Block Storage (Cinder).


This example is based on the emvironment like follows.
------------+---------------------------+--------------------------
-+------------
| |
|
eth0|10.0.0.30 eth0|10.0.0.50
eth0|10.0.0.51
+-----------+-----------+ +-----------+-----------+ +----------
-+-----------+
| [ Control Node ] | | [ Storage Node ] | | [
Compute Node ] |
| | | | |
|
| MariaDB RabbitMQ | | Open vSwitch | |
Libvirt |
| Memcached httpd | | L2 Agent | | Nova
Compute |
| Keystone Glance | | L3 Agent | | Open
vSwitch |
| Nova API | | Metadata Agent | | L2
Agent |
| Neutron Server | | Cinder-Volume | |
|
| Metadata Agent | | | |
|
| Cinder API | | | |
|
+-----------------------+ +-----------------------+ +----------
-------------+

[1] Add a User or Endpoint for Cinder to Keystone on Control Node.


# add cinder user (set in service project)

[root@dlp ~(keystone)]#
openstack user create --domain default --project service --password servicepassword cinder

+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| default_project_id | c9ab6e9feb4d444c8f637fcfe7a67305 |
| domain_id | default |
| enabled | True |
| id | 13227a1f01a74b9dabca292e90ddff72 |
| name | cinder |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+

2
3

# add cinder user in admin role

[root@dlp ~(keystone)]#
openstack role add --project service --user cinder admin
# add service entry for cinder

[root@dlp ~(keystone)]#
openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2

+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Block Storage |
| enabled | True |
| id | c9bdb04fc83b4ef5bba9d20d0a244305 |
| name | cinderv2 |
| type | volumev2 |
+-------------+----------------------------------+

[root@dlp ~(keystone)]#
openstack service create --name cinderv3 --description "OpenStack Block Storage" volumev3

+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Block Storage |
| enabled | True |
| id | a47d8dae08a34f5895ad9ae9167dd34f |
| name | cinderv3 |
| type | volumev3 |
+-------------+----------------------------------+

# define cinder API host

[root@dlp ~(keystone)]#
export controller=10.0.0.30
# add endpoint for cinder (v2 public)

[root@dlp ~(keystone)]#
openstack endpoint create --region RegionOne volumev2 public
http://$controller:8776/v2/%\(tenant_id\)s

+--------------+----------------------------------------+
| Field | Value |
+--------------+----------------------------------------+
| enabled | True |
| id | ea4329823ed343c4954842825e5298df |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |

3
4

| service_id | c9bdb04fc83b4ef5bba9d20d0a244305 |
| service_name | cinderv2 |
| service_type | volumev2 |
| url | http://10.0.0.30:8776/v2/%(tenant_id)s |
+--------------+----------------------------------------+

# add endpoint for cinder (v2 internal)

[root@dlp ~(keystone)]#
openstack endpoint create --region RegionOne volumev2 internal
http://$controller:8776/v2/%\(tenant_id\)s

+--------------+----------------------------------------+
| Field | Value |
+--------------+----------------------------------------+
| enabled | True |
| id | 7427a12891ee4b978fd9eeeba242187c |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | c9bdb04fc83b4ef5bba9d20d0a244305 |
| service_name | cinderv2 |
| service_type | volumev2 |
| url | http://10.0.0.30:8776/v2/%(tenant_id)s |
+--------------+----------------------------------------+

# add endpoint for cinder (v2 admin)

[root@dlp ~(keystone)]#
openstack endpoint create --region RegionOne volumev2 admin
http://$controller:8776/v2/%\(tenant_id\)s

+--------------+----------------------------------------+
| Field | Value |
+--------------+----------------------------------------+
| enabled | True |
| id | ea986e27b21b4d859e6445e534855739 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | c9bdb04fc83b4ef5bba9d20d0a244305 |
| service_name | cinderv2 |
| service_type | volumev2 |
| url | http://10.0.0.30:8776/v2/%(tenant_id)s |
+--------------+----------------------------------------+

# add endpoint for cinder (v3 public)

[root@dlp ~(keystone)]#
openstack endpoint create --region RegionOne volumev3 public
http://$controller:8776/v3/%\(tenant_id\)s

4
5

+--------------+----------------------------------------+
| Field | Value |
+--------------+----------------------------------------+
| enabled | True |
| id | f793db29f57a498c80d5949dc9ffd2a3 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | a47d8dae08a34f5895ad9ae9167dd34f |
| service_name | cinderv3 |
| service_type | volumev3 |
| url | http://10.0.0.30:8776/v3/%(tenant_id)s |
+--------------+----------------------------------------+

# add endpoint for cinder (v3 internal)

[root@dlp ~(keystone)]#
openstack endpoint create --region RegionOne volumev3 internal
http://$controller:8776/v3/%\(tenant_id\)s

+--------------+----------------------------------------+
| Field | Value |
+--------------+----------------------------------------+
| enabled | True |
| id | 6470b642208442a0b2542d47b8f7b760 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | a47d8dae08a34f5895ad9ae9167dd34f |
| service_name | cinderv3 |
| service_type | volumev3 |
| url | http://10.0.0.30:8776/v3/%(tenant_id)s |
+--------------+----------------------------------------+

# add endpoint for cinder (v3 admin)

[root@dlp ~(keystone)]#
openstack endpoint create --region RegionOne volumev3 admin
http://$controller:8776/v3/%\(tenant_id\)s

+--------------+----------------------------------------+
| Field | Value |
+--------------+----------------------------------------+
| enabled | True |
| id | 63d0f95bc9884a97885ac4012b101e2f |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | a47d8dae08a34f5895ad9ae9167dd34f |
| service_name | cinderv3 |
| service_type | volumev3 |

5
6

| url | http://10.0.0.30:8776/v3/%(tenant_id)s |
+--------------+----------------------------------------+
[2] Add a User and Database on MariaDB for Cinder.
[root@dlp ~(keystone)]#
mysql -u root -p

Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 48
Server version: 10.1.20-MariaDB MariaDB Server

Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]>
create database cinder;

Query OK, 1 row affected (0.00 sec)


MariaDB [(none)]>
grant all privileges on cinder.* to cinder@'localhost' identified by 'password';

Query OK, 0 rows affected (0.00 sec)


MariaDB [(none)]>
grant all privileges on cinder.* to cinder@'%' identified by 'password';

Query OK, 0 rows affected (0.00 sec)


MariaDB [(none)]>
flush privileges;

Query OK, 0 rows affected (0.00 sec)


MariaDB [(none)]>
exit

Bye
[3] Install Cinder Service.
# install from Pike, EPEL

[root@dlp ~(keystone)]#
yum --enablerepo=centos-openstack-pike,epel -y install openstack-cinder
[4] Configure Cinder.
[root@dlp ~(keystone)]#
mv /etc/cinder/cinder.conf /etc/cinder/cinder.conf.org

[root@dlp ~(keystone)]#
vi /etc/cinder/cinder.conf

6
7

# create new

[DEFAULT]
# define own IP address
my_ip = 10.0.0.30
log_dir = /var/log/cinder
state_path = /var/lib/cinder
auth_strategy = keystone
# RabbitMQ connection info
transport_url = rabbit://openstack:[email protected]

# MariaDB connection info


[database]
connection = mysql+pymysql://cinder:[email protected]/cinder

# Keystone auth info


[keystone_authtoken]
auth_uri = http://10.0.0.30:5000
auth_url = http://10.0.0.30:35357
memcached_servers = 10.0.0.30:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = cinder
password = servicepassword

[oslo_concurrency]
lock_path = $state_path/tmp

[root@dlp ~(keystone)]#
chmod 640 /etc/cinder/cinder.conf

[root@dlp ~(keystone)]#
chgrp cinder /etc/cinder/cinder.conf

[root@dlp ~(keystone)]#
su -s /bin/bash cinder -c "cinder-manage db sync"

[root@dlp ~(keystone)]#
systemctl start openstack-cinder-api openstack-cinder-scheduler

[root@dlp ~(keystone)]#
systemctl enable openstack-cinder-api openstack-cinder-scheduler

# show status

root@dlp ~(keystone)#
openstack volume service list

7
8

+------------------+---------------+------+---------+-------+-----------------------
-----+
| Binary | Host | Zone | Status | State | Updated At
|
+------------------+---------------+------+---------+-------+-----------------------
-----+
| cinder-scheduler | dlp.srv.world | nova | enabled | up | 2017-09-
07T05:01:54.000000 |
+------------------+---------------+------+---------+-------+-----------------------
-----+
[5] If SELinux enabled, change policy like follows.
[root@dlp ~(keystone)]#
vi cinder-server_pol.te
# create new

module cinder-server_pol 1.0;

require {
type cinder_volume_exec_t;
type neutron_t;
type cinder_api_exec_t;
type cinder_scheduler_exec_t;
type cinder_backup_exec_t;
class file getattr;
}

#============= neutron_t ==============


allow neutron_t cinder_api_exec_t:file getattr;
allow neutron_t cinder_backup_exec_t:file getattr;
allow neutron_t cinder_scheduler_exec_t:file getattr;
allow neutron_t cinder_volume_exec_t:file getattr;

[root@dlp ~(keystone)]#
checkmodule -m -M -o cinder-server_pol.mod cinder-server_pol.te

checkmodule: loading policy configuration from cinder-server_pol.te


checkmodule: policy configuration loaded
checkmodule: writing binary representation (version 17) to cinder-server_pol.mod
[root@dlp ~(keystone)]#
semodule_package --outfile cinder-server_pol.pp --module cinder-server_pol.mod

[root@dlp ~(keystone)]#
semodule -i cinder-server_pol.pp

[6] If Firewalld is running, allow service ports.


[root@dlp ~(keystone)]#
firewall-cmd --add-port=8776/tcp --permanent

8
9

success
[root@dlp ~(keystone)]#
firewall-cmd --reload

success

9
10

OpenStack Pike : Configure Cinder (Storage Node)


2017/09/06

Install OpenStack Block Storage (Cinder).


This example is based on the emvironment like follows.
------------+---------------------------+--------------------------
-+------------
| |
|
eth0|10.0.0.30 eth0|10.0.0.50
eth0|10.0.0.51
+-----------+-----------+ +-----------+-----------+ +----------
-+-----------+
| [ Control Node ] | | [ Storage Node ] | | [
Compute Node ] |
| | | | |
|
| MariaDB RabbitMQ | | Open vSwitch | |
Libvirt |
| Memcached httpd | | L2 Agent | | Nova
Compute |
| Keystone Glance | | L3 Agent | | Open
vSwitch |
| Nova API | | Metadata Agent | | L2
Agent |
| Neutron Server | | Cinder-Volume | |
|
| Metadata Agent | | | |
|
| Cinder API | | | |
|
+-----------------------+ +-----------------------+ +----------
-------------+

[1] Install Cinder Volume.


# install from Pike, EPEL

[root@storage ~]#
yum --enablerepo=centos-openstack-pike,epel -y install openstack-cinder python2-crypto
targetcli
[2] Configure Cinder Volume.
[root@storage ~]#
mv /etc/cinder/cinder.conf /etc/cinder/cinder.conf.org

[root@storage ~]#
vi /etc/cinder/cinder.conf
# create new

10
11

[DEFAULT]
# define own IP address
my_ip = 10.0.0.50
log_dir = /var/log/cinder
state_path = /var/lib/cinder
auth_strategy = keystone
# RabbitMQ connection info
transport_url = rabbit://openstack:[email protected]
# Glance connection info
glance_api_servers = http://10.0.0.30:9292

# MariaDB connection info


[database]
connection = mysql+pymysql://cinder:[email protected]/cinder

# Keystone auth info


[keystone_authtoken]
auth_uri = http://10.0.0.30:5000
auth_url = http://10.0.0.30:35357
memcached_servers = 10.0.0.30:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = cinder
password = servicepassword

[oslo_concurrency]
lock_path = $state_path/tmp

[root@storage ~]#
chmod 640 /etc/cinder/cinder.conf

[root@storage ~]#
chgrp cinder /etc/cinder/cinder.conf

[root@storage ~]#
systemctl start openstack-cinder-volume

[root@storage ~]#
systemctl enable openstack-cinder-volume

11

You might also like