openstack安装（liberty）--安装编排服务Orchestration service-白红宇

openstack安装（liberty）--安装编排服务Orchestration service

阅读量：6587 次

发布时间：2019-06-24

本文共 23669 字，大约阅读时间需要 78 分钟。

使用heat orchestration template (HOT)创建和管理云资源，将openstack的核心组件集成到一个单一模板系统。

此模板允许创建大部分OPENSTACK资源类型，比如实例、浮动IP、卷、安全组和用户。

同时提供高级功能，比如实例高可用、实例自动缩放和嵌套堆栈（nested stacks）等。

10.1编排服务Orchestration主要组件

heat command-line client：命令行接口，能使用HEAT-API和云架构APIs交互。终端开发者能直接使用Orchestration REST API

heat-api component：一个OPENSTACK原生REST API能够处理发送给HEAT-ENGINE的API请求（RPC)。

heat-api-cfn component：一个AWS查询API并兼容AWS云架构，能够处理发送给HEAT-ENGINE的API请求（RPC)。

heat-engine：为API用户提供启动模板和事件回溯。

10.2准备

10.2.1创建数据库并授权

[root@comtroller1 ~]# [root@comtroller1 ~]# mysql -uroot -pEnter password: MariaDB [(none)]> CREATE DATABASE heat;Query OK, 1 row affected (0.00 sec)MariaDB [(none)]> GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'localhost' IDENTIFIED BY 'heat';Query OK, 0 rows affected (0.00 sec)MariaDB [(none)]> GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'%' IDENTIFIED BY 'heat';Query OK, 0 rows affected (0.00 sec)

10.2.2创建租户并加入角色和项目

[root@comtroller1 ~]# . admin-openrc.sh [root@comtroller1 ~]# openstack user create --domain default --password-prompt heatUser Password:Repeat User Password:+-----------+----------------------------------+| Field     | Value                            |+-----------+----------------------------------+| domain_id | default                          || enabled   | True                             || id        | f973c69a97da44cdb3c7244db6d41807 || name      | heat                             |+-----------+----------------------------------+[root@comtroller1 ~]# openstack role add --project service --user heat admin

10.2.3创建heat和heat-cfn服务实体

[root@comtroller1 ~]# openstack service create --name heat --description "Orchestration" orchestration+-------------+----------------------------------+| Field       | Value                            |+-------------+----------------------------------+| description | Orchestration                    || enabled     | True                             || id          | cde09b9c3ac04e97bfd50e158fafc795 || name        | heat                             || type        | orchestration                    |+-------------+----------------------------------+[root@comtroller1 ~]# openstack service create --name heat-cfn --description "Orchestration"  cloudformation+-------------+----------------------------------+| Field       | Value                            |+-------------+----------------------------------+| description | Orchestration                    || enabled     | True                             || id          | 3fff82ec95a64803b6550b8dc06abdf4 || name        | heat-cfn                         || type        | cloudformation                   |+-------------+----------------------------------+

10.2.4创建API访问端点

[root@comtroller1 ~]# openstack endpoint create --region RegionOne orchestration public http://controller1:8004/v1/%\(tenant_id\)s| Field        | Value                                    |+--------------+------------------------------------------+| enabled      | True                                     || id           | 3e475bdbde404d399ebf781123673780         || interface    | public                                   || region       | RegionOne                                || region_id    | RegionOne                                || service_id   | cde09b9c3ac04e97bfd50e158fafc795         || service_name | heat                                     || service_type | orchestration                            || url          | http://controller1:8004/v1/%(tenant_id)s |+--------------+------------------------------------------+[root@comtroller1 ~]# openstack endpoint create --region RegionOne orchestration internal http://controller1:8004/v1/%\(tenant_id\)s+--------------+------------------------------------------+| Field        | Value                                    |+--------------+------------------------------------------+| enabled      | True                                     || id           | 0c47cb6c9b7d4be19fe432f55d068e82         || interface    | internal                                 || region       | RegionOne                                || region_id    | RegionOne                                || service_id   | cde09b9c3ac04e97bfd50e158fafc795         || service_name | heat                                     || service_type | orchestration                            || url          | http://controller1:8004/v1/%(tenant_id)s |+--------------+------------------------------------------+[root@comtroller1 ~]# openstack endpoint create --region RegionOne orchestration admin http://controller1:8004/v1/%\(tenant_id\)s| Field        | Value                                    |+--------------+------------------------------------------+| enabled      | True                                     || id           | 20d89c20c152442f8f01c6cc9aab5290         || interface    | admin                                    || region       | RegionOne                                || region_id    | RegionOne                                || service_id   | cde09b9c3ac04e97bfd50e158fafc795         || service_name | heat                                     || service_type | orchestration                            || url          | http://controller1:8004/v1/%(tenant_id)s |+--------------+------------------------------------------+[root@comtroller1 ~]# openstack endpoint create --region RegionOne cloudformation public http://controller1:8000/v1 +--------------+----------------------------------+| Field        | Value                            |+--------------+----------------------------------+| enabled      | True                             || id           | e7108965424447ea99eb085167794555 || interface    | public                           || region       | RegionOne                        || region_id    | RegionOne                        || service_id   | 3fff82ec95a64803b6550b8dc06abdf4 || service_name | heat-cfn                         || service_type | cloudformation                   || url          | http://controller1:8000/v1       |+--------------+----------------------------------+[root@comtroller1 ~]# openstack endpoint create --region RegionOne cloudformation internal http://controller1:8000/v1 +--------------+----------------------------------+| Field        | Value                            |+--------------+----------------------------------+| enabled      | True                             || id           | 71a2f23959ee482891af78810a3957fb || interface    | internal                         || region       | RegionOne                        || region_id    | RegionOne                        || service_id   | 3fff82ec95a64803b6550b8dc06abdf4 || service_name | heat-cfn                         || service_type | cloudformation                   || url          | http://controller1:8000/v1       |+--------------+----------------------------------+[root@comtroller1 ~]# openstack endpoint create --region RegionOne cloudformation admin http://controller1:8000/v1+--------------+----------------------------------+| Field        | Value                            |+--------------+----------------------------------+| enabled      | True                             || id           | 6458b4fe00dc41edbee73cacdb0f6e06 || interface    | admin                            || region       | RegionOne                        || region_id    | RegionOne                        || service_id   | 3fff82ec95a64803b6550b8dc06abdf4 || service_name | heat-cfn                         || service_type | cloudformation                   || url          | http://controller1:8000/v1       |+--------------+----------------------------------+

10.2.5添加附加信息到Identity service

[root@comtroller1 ~]# openstack domain create --description "Stack projects and users" heat  ###为stack创建HEAR域用以包含项目和用户+-------------+----------------------------------+| Field       | Value                            |+-------------+----------------------------------+| description | Stack projects and users         || enabled     | True                             || id          | 4aa7f8d30d624290a789fd6b250facef || name        | heat                             |+-------------+----------------------------------+[root@comtroller1 ~]# openstack user create --domain heat --password-prompt heat_domain_admin  ###创建heat_domain_admin用户用以管理heat域中项目和用户User Password:Repeat User Password:+-----------+----------------------------------+| Field     | Value                            |+-----------+----------------------------------+| domain_id | 4aa7f8d30d624290a789fd6b250facef || enabled   | True                             || id        | f340cd8430654d2f8e98945595fac6de || name      | heat_domain_admin                |+-----------+----------------------------------+[root@comtroller1 ~]# openstack role add --domain heat --user heat_domain_admin admin  ###将heat_domain_admin添加到admin角色用以授予管理权限，此命令无输出[root@comtroller1 ~]# openstack role create heat_stack_owner  ###创建heat_stack_owner角色+-------+----------------------------------+| Field | Value                            |+-------+----------------------------------+| id    | cfc29d0f63c84786a18cb9d5db70516f || name  | heat_stack_owner                 |+-------+----------------------------------+[root@comtroller1 ~]# openstack role add --project demo --user demo heat_stack_owner  ###将角色heat_stack_owner添加到demo项目并启用demo用户管理stack，必须将heat_stack_owner角色添加到每个STACK管理用户，此命令无输出。[root@comtroller1 ~]# openstack role create heat_stack_user  ###创建heat_stack_user角色，默认Orchestration在stack部署时自动分配heat_stack_user给用户，此角色默认限制API操作。为防止冲突，不要将此角色授予具备heat_stack_owner角色的用户。+-------+----------------------------------+| Field | Value                            |+-------+----------------------------------+| id    | 65940a347b7d4404b3923fffd2dd7965 || name  | heat_stack_user                  |+-------+----------------------------------+

10.3安装配置组件

10.3.1安装组件

[root@comtroller1 ~]# yum install openstack-heat-api openstack-heat-api-cfn openstack-heat-engine python-heatclient -y10.3.2修改配置文件[root@comtroller1 ~]# vi /etc/heat/heat.conf[database]connection = mysql://heat:heat@controller1/heat[DEFAULT]rpc_backend = rabbit[oslo_messaging_rabbit]rabbit_host = controller1rabbit_userid = openstackrabbit_password = openstack[keystone_authtoken]  ##默认没有需要添加auth_uri = http://controller1:5000/v3                           ###官方文档中配置为 http://controller1:5000 但会引起错误。auth_url = http://controller1:35357auth_plugin = passwordproject_domain_id = defaultuser_domain_id = defaultproject_name = serviceusername = heatpassword = heat[trustee]   ##默认没有需要添加auth_plugin = passwordauth_url = http://controller1:35357username = heatpassword = heatuser_domain_id = default[clients_keystone]auth_uri = http://controller1:5000[ec2authtoken]auth_uri = auth_uri = http://controller1:5000/v3[DEFAULT]heat_metadata_server_url = http://controller1:8000heat_waitcondition_server_url = http://controller1:8000/v1/waitcondition[DEFAULT]stack_domain_admin = heat_domain_adminstack_domain_admin_password = openstackstack_user_domain_name = heat[DEFAULT]verbose = True

10.2.3初始化数据库

[root@comtroller1 ~]# su -s /bin/sh -c "heat-manage db_sync" heat2016-08-05 11:49:49.953 9049 INFO migrate.versioning.api [-] 27 -> 28... 2016-08-05 11:49:50.153 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:50.153 9049 INFO migrate.versioning.api [-] 28 -> 29... 2016-08-05 11:49:50.189 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:50.189 9049 INFO migrate.versioning.api [-] 29 -> 30... 2016-08-05 11:49:50.221 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:50.221 9049 INFO migrate.versioning.api [-] 30 -> 31... 2016-08-05 11:49:50.422 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:50.422 9049 INFO migrate.versioning.api [-] 31 -> 32... 2016-08-05 11:49:50.538 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:50.538 9049 INFO migrate.versioning.api [-] 32 -> 33... 2016-08-05 11:49:50.790 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:50.790 9049 INFO migrate.versioning.api [-] 33 -> 34... 2016-08-05 11:49:50.815 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:50.815 9049 INFO migrate.versioning.api [-] 34 -> 35... 2016-08-05 11:49:51.035 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:51.035 9049 INFO migrate.versioning.api [-] 35 -> 36... 2016-08-05 11:49:51.069 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:51.069 9049 INFO migrate.versioning.api [-] 36 -> 37... 2016-08-05 11:49:51.111 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:51.111 9049 INFO migrate.versioning.api [-] 37 -> 38... 2016-08-05 11:49:51.189 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:51.189 9049 INFO migrate.versioning.api [-] 38 -> 39... 2016-08-05 11:49:51.252 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:51.252 9049 INFO migrate.versioning.api [-] 39 -> 40... 2016-08-05 11:49:51.290 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:51.290 9049 INFO migrate.versioning.api [-] 40 -> 41... 2016-08-05 11:49:51.300 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:51.300 9049 INFO migrate.versioning.api [-] 41 -> 42... 2016-08-05 11:49:51.369 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:51.369 9049 INFO migrate.versioning.api [-] 42 -> 43... 2016-08-05 11:49:51.382 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:51.382 9049 INFO migrate.versioning.api [-] 43 -> 44... 2016-08-05 11:49:51.454 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:51.454 9049 INFO migrate.versioning.api [-] 44 -> 45... 2016-08-05 11:49:51.492 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:51.493 9049 INFO migrate.versioning.api [-] 45 -> 46... 2016-08-05 11:49:51.527 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:51.527 9049 INFO migrate.versioning.api [-] 46 -> 47... 2016-08-05 11:49:51.572 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:51.572 9049 INFO migrate.versioning.api [-] 47 -> 48... 2016-08-05 11:49:51.604 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:51.604 9049 INFO migrate.versioning.api [-] 48 -> 49... 2016-08-05 11:49:51.628 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:51.628 9049 INFO migrate.versioning.api [-] 49 -> 50... 2016-08-05 11:49:51.673 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:51.673 9049 INFO migrate.versioning.api [-] 50 -> 51... 2016-08-05 11:49:51.691 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:51.691 9049 INFO migrate.versioning.api [-] 51 -> 52... 2016-08-05 11:49:51.732 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:51.732 9049 INFO migrate.versioning.api [-] 52 -> 53... 2016-08-05 11:49:51.817 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:51.817 9049 INFO migrate.versioning.api [-] 53 -> 54... 2016-08-05 11:49:51.903 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:51.903 9049 INFO migrate.versioning.api [-] 54 -> 55... 2016-08-05 11:49:52.052 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:52.052 9049 INFO migrate.versioning.api [-] 55 -> 56... 2016-08-05 11:49:52.167 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:52.167 9049 INFO migrate.versioning.api [-] 56 -> 57... 2016-08-05 11:49:52.508 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:52.508 9049 INFO migrate.versioning.api [-] 57 -> 58... 2016-08-05 11:49:52.567 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:52.567 9049 INFO migrate.versioning.api [-] 58 -> 59... 2016-08-05 11:49:52.606 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:52.606 9049 INFO migrate.versioning.api [-] 59 -> 60... 2016-08-05 11:49:52.877 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:52.877 9049 INFO migrate.versioning.api [-] 60 -> 61... 2016-08-05 11:49:53.027 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:53.027 9049 INFO migrate.versioning.api [-] 61 -> 62... 2016-08-05 11:49:53.100 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:53.101 9049 INFO migrate.versioning.api [-] 62 -> 63... 2016-08-05 11:49:53.145 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:53.146 9049 INFO migrate.versioning.api [-] 63 -> 64... 2016-08-05 11:49:53.193 9049 INFO migrate.versioning.api [-] done2016-08-05 11:49:53.193 9049 INFO migrate.versioning.api [-] 64 -> 65... 2016-08-05 11:49:53.263 9049 INFO migrate.versioning.api [-] done

10.2.4启动服务并设置自启动

[root@comtroller1 ~]# systemctl enable openstack-heat-api.service  openstack-heat-api-cfn.service openstack-heat-engine.service[root@comtroller1 ~]# systemctl start openstack-heat-api.service  openstack-heat-api-cfn.service openstack-heat-engine.service10.3验证[root@comtroller1 ~]# . admin-openrc.sh [root@comtroller1 ~]# heat service-list  ###应当输出4条heat-engine+-------------+-------------+--------------------------------------+-------------+--------+----------------------------+--------+| hostname    | binary      | engine_id                            | host        | topic  | updated_at                 | status |+-------------+-------------+--------------------------------------+-------------+--------+----------------------------+--------+| comtroller1 | heat-engine | 090bd064-0264-4f2f-9de4-b8b89439d266 | comtroller1 | engine | 2016-08-05T03:58:16.000000 | up     || comtroller1 | heat-engine | 46e6ce11-db92-4387-be4c-81a993171ef9 | comtroller1 | engine | 2016-08-05T03:58:16.000000 | up     || comtroller1 | heat-engine | 472170eb-c9fa-4ab7-a5d5-5f52005485ba | comtroller1 | engine | 2016-08-05T03:58:16.000000 | up     || comtroller1 | heat-engine | ed1e85f1-a636-41d4-9a3e-7a2a4813714e | comtroller1 | engine | 2016-08-05T03:58:16.000000 | up     |+-------------+-------------+--------------------------------------+-------------+--------+----------------------------+--------+

10.4使用模板服务

10.4.1创建一个模板

[root@comtroller1 ~]# vi demo-template.ymlheat_template_version: 2015-10-15description: Launch a basic instance using the ``m1.tiny`` flavor and one network.parameters:  ImageID:    type: string    description: Image to use for the instance.  NetID:    type: string    description: Network ID to use for the instance.resources:  server:    type: OS::Nova::Server    properties:      p_w_picpath: { get_param: ImageID }      flavor: m1.tiny      networks:      - network: { get_param: NetID }outputs:  instance_name:    description: Name of the instance.    value: { get_attr: [ server, name ] }  instance_ip:    description: IP address of the instance.    value: { get_attr: [ server, first_address ] }

10.4.2创建一个STACK

[root@comtroller1 ~]# . demo-openrc.sh [root@comtroller1 ~]# neutron net-list+--------------------------------------+---------+-----------------------------------------------------+| id                                   | name    | subnets                                             |+--------------------------------------+---------+-----------------------------------------------------+| 93be9f32-e1f2-4748-9198-cc4b1807006f | public  | d0d06707-5b6f-4ed9-bd8e-bd7c47cc17c8 192.168.1.0/24 || 498d8e70-0e7d-48c8-b4f8-6d400cbf47ea | private | 6eb05faa-2490-4ea1-ab14-bea169ae959f 172.16.1.0/24  |+--------------------------------------+---------+-----------------------------------------------------+[root@comtroller1 ~]# neutron net-list | awk '/ public / { print $2 }'93be9f32-e1f2-4748-9198-cc4b1807006f[root@comtroller1 ~]# export NET_ID=$(neutron net-list | awk '/ public / { print $2 }')[root@comtroller1 ~]# echo $NET_ID93be9f32-e1f2-4748-9198-cc4b1807006f[root@comtroller1 ~]# heat stack-list+--------------------------------------+------------+--------------------+---------------------+--------------+| id                                   | stack_name | stack_status       | creation_time       | updated_time |+--------------------------------------+------------+--------------------+---------------------+--------------+| 4173d1fe-b574-4002-b708-637b23df88ff | stack      | CREATE_IN_PROGRESS | 2016-08-05T05:57:55 | None         |+--------------------------------------+------------+--------------------+---------------------+--------------+[root@comtroller1 ~]# heat stack-delete 4173d1fe-b574-4002-b708-637b23df88ff+--------------------------------------+------------+--------------------+---------------------+--------------+| id                                   | stack_name | stack_status       | creation_time       | updated_time |+--------------------------------------+------------+--------------------+---------------------+--------------+| 4173d1fe-b574-4002-b708-637b23df88ff | stack      | CREATE_IN_PROGRESS | 2016-08-05T05:57:55 | None         |+--------------------------------------+------------+--------------------+---------------------+--------------+[root@comtroller1 ~]# heat stack-list+----+------------+--------------+---------------+--------------+| id | stack_name | stack_status | creation_time | updated_time |+----+------------+--------------+---------------+--------------++----+------------+--------------+---------------+--------------+

[root@comtroller1 ~]# heat stack-create -f demo-template.yml -P "ImageID=cirros;NetID=$NET_ID" stack  ###解决方法参考HEAT.CONF文档中注释部分，即将[keystone_authtoken]中auth_uri = http://controller1:5000/v3增加V3版本说明。ERROR: Remote error: NotFound The resource could not be found. (HTTP 404)[root@comtroller1 ~]# heat stack-create -f demo-template.yml -P "ImageID=cirros;NetID=$NET_ID" stack+--------------------------------------+------------+--------------------+---------------------+--------------+| id                                   | stack_name | stack_status       | creation_time       | updated_time |+--------------------------------------+------------+--------------------+---------------------+--------------+| b50f220f-a0ea-42cb-93db-a08361fb25ce | stack      | CREATE_IN_PROGRESS | 2016-08-05T08:25:25 | None         |+--------------------------------------+------------+--------------------+---------------------+--------------+[root@comtroller1 ~]# heat stack-list+--------------------------------------+------------+-----------------+---------------------+--------------+| id                                   | stack_name | stack_status    | creation_time       | updated_time |+--------------------------------------+------------+-----------------+---------------------+--------------+| b50f220f-a0ea-42cb-93db-a08361fb25ce | stack      | CREATE_COMPLETE | 2016-08-05T08:25:25 | None         |+--------------------------------------+------------+-----------------+---------------------+--------------+[root@comtroller1 ~]# heat output-show --all stack[  {    "output_value": "stack-server-4bq2x7thmhpx",     "description": "Name of the instance.",     "output_key": "instance_name"  },   {    "output_value": "192.168.1.243",     "description": "IP address of the instance.",     "output_key": "instance_ip"  }][root@comtroller1 ~]# nova list+--------------------------------------+---------------------------+---------+------------+-------------+-----------------------------------+| ID                                   | Name                      | Status  | Task State | Power State | Networks                          |+--------------------------------------+---------------------------+---------+------------+-------------+-----------------------------------+| 4aa43e3a-c963-4a53-b500-78fa6a6872c5 | private-instance          | SHUTOFF | -          | Shutdown    | private=172.16.1.3, 192.168.1.242 || 913a49d8-14c5-4770-89a9-404f86ffb0e7 | stack-server-4bq2x7thmhpx | ACTIVE  | -          | Running     | public=192.168.1.243              |+--------------------------------------+---------------------------+---------+------------+-------------+-----------------------------------+

转载于:https://blog.51cto.com/eshin/1836007

你可能感兴趣的文章

Linux与云计算——第二阶段Linux服务器架设第七章：网站WEB服务器架设—日志分析平台...

查看>>