Mudanças entre as edições de "OpenStack com Open vSwitch e SDN"
Linha 414: | Linha 414: | ||
cd /etc/init/; for i in $( ls cinder-* | cut -d. -f1 ); do sudo service $i restart; done | cd /etc/init/; for i in $( ls cinder-* | cut -d. -f1 ); do sudo service $i restart; done | ||
cd /etc/init/; for i in $( ls keystone* | cut -d. -f1 ); do sudo service $i restart; done | cd /etc/init/; for i in $( ls keystone* | cut -d. -f1 ); do sudo service $i restart; done | ||
+ | </syntaxhighlight> | ||
+ | === Testanto a migração === | ||
+ | ==== Keystone ==== | ||
+ | === Migrando Quantum para Neutron === | ||
+ | <code> | ||
+ | Upgrades from Grizzly | ||
+ | |||
+ | Starting the neutron-server after upgrading code, but prior to migration will result in some database models being created without the proper migrations occurring. The following upgrade setups should be taken to ensure a properly upgraded database. | ||
+ | |||
+ | Ensure that the database is stamped for Grizzly prior to stopping service.quantum-db-manage --config-file /path/to/quantum.conf --config-file /path/to/plugin/conf.ini stamp grizzly | ||
+ | Stop quantum-server and deploy the Neutron code Do not start the neutron-server at this time. | ||
+ | Run Havana Migration neutron-db-manage --config-file /path/to/quantum.conf --config-file /path/to/plugin/conf.ini upgrade havana | ||
+ | Start neutron-server | ||
</syntaxhighlight> | </syntaxhighlight> |
Edição das 15h49min de 24 de outubro de 2013
Projeto em andamento com o aluno Rafael Turnes da Silveira.
Instalação
Controlador da nuvem (penny)
Configuração básica
Atualizando o sistema
apt-get update; apt-get upgrade; apt-get dist-upgrade</syntaxhighlight>
Configurando interfaces de rede - /etc/network/interfaces
auto lo
iface lo inet loopback
- OpenStack - Rede de gerenciamento
auto p5p1
iface p5p1 inet static
address 192.168.88.251
netmask 255.255.255.0
- OpenStack - Rede de configuração
auto p5p1:0
iface p5p1:0 inet static
address 192.168.89.251
netmask 255.255.255.0
- OpenStack - IFSC
auto em1
iface em1 inet manual
up ifconfig $IFACE 0.0.0.0 up
up ip link set $IFACE promisc on
up ethtool -s em1 wol g
down ip link set $IFACE promisc off
down ifconfig $IFACE down
auto br-ex
iface br-ex inet static
address 172.18.3.251
netmask 255.255.192.0
gateway 172.18.0.254
dns-nameservers 8.8.8.8 8.8.4.4
</syntaxhighlight>
Instalando e configurando NTP server
sudo apt-get install -y ntp
sed -i 's/server ntp.ubuntu.com/server ntp.ubuntu.com\nserver 127.127.1.0\nfudge 127.127.1.0 stratum 10/g' /etc/ntp.conf
service ntp restart
</syntaxhighlight>
Instalando e configurando MySQL
Instalando pacotes.
Durante a instalação será pedido para inserir uma senha de root.
sudo apt-get install -y python-mysqldb mysql-server</syntaxhighlight>
Mudando bind-address e aplicando a nova configuração
sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf
service mysql restart
</syntaxhighlight>
Criando banco de dados
mysql -u root -p <<EOF
CREATE DATABASE nova;
GRANT ALL PRIVILEGES ON nova.* TO 'novaUser'@'localhost' IDENTIFIED BY 'senha';
CREATE DATABASE cinder;
GRANT ALL PRIVILEGES ON cinder.* TO 'cinderUser'@'localhost' IDENTIFIED BY 'senha';
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glanceUser'@'localhost' IDENTIFIED BY 'senha';
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystoneUser'@'localhost' IDENTIFIED BY 'senha';
CREATE DATABASE quantum;
GRANT ALL PRIVILEGES ON quantum.* TO 'quantumUser'@'localhost' IDENTIFIED BY 'senha';
FLUSH PRIVILEGES;
EOF
</syntaxhighlight>
Instalando servidor de fila de mensagem
sudo apt-get install rabbitmq-server
rabbitmqctl change_password guest NovaSenha
</syntaxhighlight>
OpenStack Identity Service (codenome Keystone)
Instalando Keystone
sudo apt-get install -y keystone python-keystone python-keystoneclient
sudo rm /var/lib/keystone/keystone.db
</syntaxhighlight>
Configurando Keystone
edit keystone files
Aplicando a nova configuração
service keystone restart
keystone-manage db_sync
</syntaxhighlight>
Criando tenants, usuários, roles, serviços e endpoints
- !/bin/bash
- Modify these variables as needed
ADMIN_PASSWORD=${ADMIN_PASSWORD:-senhaAdministrador}
SERVICE_PASSWORD=${SERVICE_PASSWORD:-senhaServiço}
export OS_SERVICE_TOKEN="C8gqDVqW99pAY7yXewUy"
export OS_SERVICE_ENDPOINT="http://localhost:35357/v2.0"
SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-nomeDoServiço}
MYSQL_USER=keystone
MYSQL_DATABASE=keystone
MYSQL_HOST=localhost
MYSQL_PASSWORD=password
KEYSTONE_REGION=IFSC-SJ-01
KEYSTONE_HOST_EXT=172.18.3.251
KEYSTONE_HOST_INT=192.168.88.251
- Shortcut function to get a newly generated ID
function get_field() {
while read data; do
if [ "$1" -lt 0 ]; then
field="(\$(NF$1))"
else
field="\$$(($1 + 1))"
fi
echo "$data" | awk -F'[ \t]*\\|[ \t]*' "{print $field}"
done
}
- Tenants
ADMIN_TENANT=$(keystone tenant-create --name=admin | grep " id " | get_field 2)
SERVICE_TENANT=$(keystone tenant-create --name=$SERVICE_TENANT_NAME | grep " id " | get_field 2)
- Users
ADMIN_USER=$(keystone user-create --name=admin --pass="$ADMIN_PASSWORD" --email=rafael@turnes.com.br | grep " id " | get_field 2)
NOVA_USER=$(keystone user-create --name=nova --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=rafael@turnes.com.br | grep " id " | get_field 2)
GLANCE_USER=$(keystone user-create --name=glance --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=rafael@turnes.com.br | grep " id " | get_field 2)
QUANTUM_USER=$(keystone user-create --name=quantum --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=rafael@turnes.com.br | grep " id " | get_field 2)
CINDER_USER=$(keystone user-create --name=cinder --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=rafael@turnes.com.br | grep " id " | get_field 2)
- Roles
ADMIN_ROLE=$(keystone role-create --name=admin | grep " id " | get_field 2)
MEMBER_ROLE=$(keystone role-create --name=Member | grep " id " | get_field 2)
- Add Roles to Users in Tenants
keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id $ADMIN_TENANT
keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $NOVA_USER --role-id $ADMIN_ROLE
keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $GLANCE_USER --role-id $ADMIN_ROLE
keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $QUANTUM_USER --role-id $ADMIN_ROLE
keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $CINDER_USER --role-id $ADMIN_ROLE
- Create services
COMPUTE_SERVICE=$(keystone service-create --name nova --type compute --description 'OpenStack Compute Service' | grep " id " | get_field 2)
VOLUME_SERVICE=$(keystone service-create --name cinder --type volume --description 'OpenStack Volume Service' | grep " id " | get_field 2)
IMAGE_SERVICE=$(keystone service-create --name glance --type image --description 'OpenStack Image Service' | grep " id " | get_field 2)
IDENTITY_SERVICE=$(keystone service-create --name keystone --type identity --description 'OpenStack Identity' | grep " id " | get_field 2)
EC2_SERVICE=$(keystone service-create --name ec2 --type ec2 --description 'OpenStack EC2 service' | grep " id " | get_field 2)
NETWORK_SERVICE=$(keystone service-create --name quantum --type network --description 'OpenStack Networking service' | grep " id " | get_field 2)
- Create endpoints
keystone endpoint-create --region $KEYSTONE_REGION --service-id $COMPUTE_SERVICE --publicurl 'http://'"$KEYSTONE_HOST_EXT"':8774/v2/$(tenant_id)s' --adminurl 'http://'"$KEYSTONE_HOST_INT"':8774/v2/$(tenant_id)s' --internalurl 'http://'"$KEYSTONE_HOST_INT"':8774/v2/$(tenant_id)s'
keystone endpoint-create --region $KEYSTONE_REGION --service-id $VOLUME_SERVICE --publicurl 'http://'"$KEYSTONE_HOST_EXT"':8776/v1/$(tenant_id)s' --adminurl 'http://'"$KEYSTONE_HOST_INT"':8776/v1/$(tenant_id)s' --internalurl 'http://'"$KEYSTONE_HOST_INT"':8776/v1/$(tenant_id)s'
keystone endpoint-create --region $KEYSTONE_REGION --service-id $IMAGE_SERVICE --publicurl 'http://'"$KEYSTONE_HOST_EXT"':9292' --adminurl 'http://'"$KEYSTONE_HOST_INT"':9292' --internalurl 'http://'"$KEYSTONE_HOST_INT"':9292'
keystone endpoint-create --region $KEYSTONE_REGION --service-id $IDENTITY_SERVICE --publicurl 'http://'"$KEYSTONE_HOST_EXT"':5000/v2.0' --adminurl 'http://'"$KEYSTONE_HOST_INT"':35357/v2.0' --internalurl 'http://'"$KEYSTONE_HOST_INT"':5000/v2.0'
keystone endpoint-create --region $KEYSTONE_REGION --service-id $EC2_SERVICE --publicurl 'http://'"$KEYSTONE_HOST_EXT"':8773/services/Cloud' --adminurl 'http://'"$KEYSTONE_HOST_INT"':8773/services/Admin' --internalurl 'http://'"$KEYSTONE_HOST_INT"':8773/services/Cloud'
keystone endpoint-create --region $KEYSTONE_REGION --service-id $NETWORK_SERVICE --publicurl 'http://'"$KEYSTONE_HOST_EXT"':9696/' --adminurl 'http://'"$KEYSTONE_HOST_INT"':9696/' --internalurl 'http://'"$KEYSTONE_HOST_INT"':9696/'
</syntaxhighlight>
Testando Keystone
Criando um arquivo de credênciais
vim os.cred </syntaxhighlight>
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=senhaAdministrador
export OS_AUTH_URL="http://192.168.88.251:5000/v2.0/"
export OS_REGION_NAME=IFSC-SJ-01
</syntaxhighlight>
Listando usuários
root@penny:~# keystone user-list
+----------------------------------+---------+---------+--------------------------+
| id | name | enabled | email |
+----------------------------------+---------+---------+--------------------------+
| 0bcadb16258d4552839b9c776c89ff64 | admin | True | rafael@turnes.com.br |
| 23fd34f439484b73a6eea9913ac580ad | cinder | True | rafael@turnes.com.br |
| 54ac7e04ab2540ed9ef428ed11b8fbcd | ederson | True | boidacarapreta@gmail.com |
| 27d928bfefb84c0baefc0b13bcdd362a | glance | True | rafael@turnes.com.br |
| 773499148c564119b5e7e64d0c71bb3d | marcos | True | mmoecke@gmail.com |
| 61d08e2259e6403ba23918d87dea404b | nova | True | rafael@turnes.com.br |
| 853266dae4f2409dbc035b1b6cd928c8 | quantum | True | rafael@turnes.com.br |
| 45a33dbb899d4c199e961302796cb1a6 | rafael | True | rafael@turnes.com.br |
+----------------------------------+---------+---------+--------------------------+
</syntaxhighlight>
Listando serviços
root@penny:~# keystone service-list
+----------------------------------+----------+----------+------------------------------+
| id | name | type | description |
+----------------------------------+----------+----------+------------------------------+
| c3350aeba89d47f88a1d6761cd74256b | cinder | volume | OpenStack Volume Service |
| f451c35c697a45b5b5e6a5bbe280d434 | ec2 | ec2 | OpenStack EC2 service |
| 4d467a606ff44050a9d8a687e1311831 | glance | image | OpenStack Image Service |
| ce703fa0839e4ad68b3bf1f7b48558c3 | keystone | identity | OpenStack Identity |
| 9a662cef4e8b4e5eb46e8678fd4ff8c8 | nova | compute | OpenStack Compute Service |
| 82a32e1fab37445c9388dc9b5634088a | quantum | network | OpenStack Networking service |
+----------------------------------+----------+----------+------------------------------+
</syntaxhighlight>
Listando roles
root@penny:~# keystone role-list
+----------------------------------+----------+
| id | name |
+----------------------------------+----------+
| 746be8d87850406f8eb39aa4b5e55fa3 | Member |
| 9fe2ff9ee4384b1894a90878d3e92bab | _member_ |
| acaf9716ce20467a9b82578bf4baf534 | admin |
+----------------------------------+----------+
</syntaxhighlight>
Listando tenants
root@penny:~# keystone tenant-list
+----------------------------------+---------+---------+
| id | name | enabled |
+----------------------------------+---------+---------+
| f6dc2f9266f14b848b6e577b7024854a | IFSC | True |
| 4aaa0eb1b84d4405af0384a59053ac45 | admin | True |
| 68082d94500045c19e9bd40dd0b1cc7f | service | True |
+----------------------------------+---------+---------+
</syntaxhighlight>
OpenStack Imagine Service (codenome Glance)
Instalando Glance
apt-get -y install glance
</syntaxhighlight>
Configurando Glance
rm /var/lib/glance/glance.sqlite
service glance-api restart && service glance-registry restart
glance-manage db_sync
</syntaxhighlight>
Testando Glance
Enviando uma imagem
mkdir /tmp/images
cd /tmp/images/
wget "http://uec-images.ubuntu.com/raring/current/raring-server-cloudimg-amd64-disk1.img"
glance image-create --is-public true --disk-format qcow2 --container-format bare --name "Ubuntu Server 13.04" < raring-server-cloudimg-amd64-disk1.img
</syntaxhighlight>
Listando imagens
root@penny:~# glance image-list
+--------------------------------------+---------------------+-------------+------------------+-----------+--------+
| ID | Name | Disk Format | Container Format | Size | Status |
+--------------------------------------+---------------------+-------------+------------------+-----------+--------+
| 5b9b1a48-fdd0-4c72-8ab5-0ac073072b39 | Ubuntu Server 13.04 | qcow2 | bare | 236519424 | active |
+--------------------------------------+---------------------+-------------+------------------+-----------+--------+
</syntaxhighlight>
OpenStack Block Storage service (codenome Cinder)
Instalando Cinder
apt-get install -y cinder-api cinder-scheduler cinder-volume iscsitarget open-iscsi iscsitarget-dkms python-cinderclient linux-headers-`uname -r`
</syntaxhighlight>
Configurando Cinder
Pré-configuração
sed -i 's/false/true/g' /etc/default/iscsitarget
service iscsitarget start
service open-iscsi start
pvcreate /dev/sda5
vgcreate cinder-volumes /dev/sda5
</syntaxhighlight>
Editando arquivos de configuração
cinder.conf
[DEFAULT]
rootwrap_config = /etc/cinder/rootwrap.conf
api_paste_confg = /etc/cinder/api-paste.ini
iscsi_helper = ietadm
volume_name_template = volume-%s
volume_group = cinder-volumes
verbose = True
auth_strategy = keystone
state_path = /var/lib/cinder
lock_path = /var/lock/cinder
volumes_dir = /var/lib/cinder/volumes
sql_connection = mysql://cinder:servicePassword@localhost/cinder
- Configuration options if sending notifications via rabbitmq (these are
- the defaults)
rabbit_host = localhost
rabbit_port = 5672
rabbit_use_ssl = false
rabbit_userid = guest
rabbit_password = senhaRabbitMQ
- rabbit_virtual_host = /nova
</syntaxhighlight>
Aplicando a nova configuração
service cinder-api restart ; service cinder-scheduler restart; service cinder-volume restart
cinder-manage db sync
</syntaxhighlight>
Testando Cinder
Criando volume
root@penny:~# cinder create --display-description "Primeiro Volume" 1
+---------------------+--------------------------------------+
| Property | Value |
+---------------------+--------------------------------------+
| attachments | [] |
| availability_zone | nova |
| bootable | false |
| created_at | 2013-10-21T20:41:58.711368 |
| display_description | Primeiro Volume |
| display_name | None |
| id | be57581f-70eb-4f9a-8884-57ae14d6bc60 |
| metadata | {} |
| size | 1 |
| snapshot_id | None |
| source_volid | None |
| status | creating |
| volume_type | None |
+---------------------+--------------------------------------+
</syntaxhighlight>
Listando volume
root@penny:~# cinder list
</syntaxhighlight>
Deletando volume
root@penny:~# cinder delete 2da4b600-33f0-4576-b0ff-e3a3e8f95161
</syntaxhighlight>
Atualizando da versão Grizzly para Havana
Parando serviços
Nó de computação 1 (howard)
cd /etc/init.d/; for i in $( ls nova-* ); do sudo service $i stop; done
cd /etc/init.d/; for i in $( ls quantum-* ); do sudo service $i stop; done
</syntaxhighlight>
Controlador da nuvem (penny)
cd /etc/init.d/; for i in $( ls nova-* ); do sudo service $i stop; done
cd /etc/init.d/; for i in $( ls quantum-* ); do sudo service $i stop; done
cd /etc/init.d/; for i in $( ls cinder-* ); do sudo service $i stop; done
cd /etc/init.d/; for i in $( ls keystone-* ); do sudo service $i stop; done
</syntaxhighlight>
Backup
Banco de dados
mkdir -p /root/backup/database
mysqldump -u root -p --all-databases > /root/backup/database/alldatabases.sql
mysqldump -u root -p keystone > /root/backup/database/keystone.sql
mysqldump -u root -p quantum > /root/backup/database/quantum.sql
mysqldump -u root -p cinder > /root/backup/database/cinder.sql
mysqldump -u root -p nova > /root/backup/database/nova.sql
mysqldump -u root -p glance > /root/backup/database/glance.sql
</syntaxhighlight>
Arquivos de configuração
Keystone
cp -a /etc/keystone /root/backup/
</syntaxhighlight>
Glance
cp -a /etc/glance /root/backup/
</syntaxhighlight>
Cinder
cp -a /etc/cinder /root/backup/
</syntaxhighlight>
Nova
cp -a /etc/nova /root/backup/
</syntaxhighlight>
Quantum
cp -a /etc/quantum /root/backup/
</syntaxhighlight>
Atualizando Ubuntu
Controlador da nuvem (penny)
sudo apt-get update && sudo apt-get dist-upgrade
sudo apt-get install update-manager-core
sudo do-release-upgrade -d
</syntaxhighlight>
Agora basta seguir as instruções da tela
Nó de computação 1 (howard)
sudo apt-get update && sudo apt-get dist-upgrade
sudo apt-get install update-manager-core
sudo do-release-upgrade -d
</syntaxhighlight>
Agora basta seguir as instruções da tela
Atualizando Banco de dados
No controlador da nuvem (Penny)
nova-manage db sync
cinder-manage db sync
glance-manage upgrade
keystone-manage db_sync
</syntaxhighlight>
Iniciando os serviços
Nó de computação 1 (howard)
cd /etc/init.d/; for i in $( ls nova-* ); do sudo service $i restart; done
cd /etc/init.d/; for i in $( ls quantum-* ); do sudo service $i restart; done
</syntaxhighlight>
Controlador da nuvem (penny)
cd /etc/init/; for i in $( ls nova-* | cut -d. -f1 ); do sudo service $i restart; done
cd /etc/init/; for i in $( ls quantum-* | cut -d. -f1 ); do sudo service $i restart; done
cd /etc/init/; for i in $( ls cinder-* | cut -d. -f1 ); do sudo service $i restart; done
cd /etc/init/; for i in $( ls keystone* | cut -d. -f1 ); do sudo service $i restart; done
</syntaxhighlight>
Testanto a migração
Keystone
Migrando Quantum para Neutron
Upgrades from Grizzly
Starting the neutron-server after upgrading code, but prior to migration will result in some database models being created without the proper migrations occurring. The following upgrade setups should be taken to ensure a properly upgraded database.
Ensure that the database is stamped for Grizzly prior to stopping service.quantum-db-manage --config-file /path/to/quantum.conf --config-file /path/to/plugin/conf.ini stamp grizzly
Stop quantum-server and deploy the Neutron code Do not start the neutron-server at this time.
Run Havana Migration neutron-db-manage --config-file /path/to/quantum.conf --config-file /path/to/plugin/conf.ini upgrade havana
Start neutron-server
</syntaxhighlight>