Installasi dan konfigurasi¶
Bagian ini menjelaskan cara menginstal dan mengkonfigurasi layanan Orchestration, code-named heat, pada ‘controller node’.
Prasyarat (Prerequisite)¶
Sebelum Anda menginstal dan mengkonfigurasi Orchestration, Anda harus membuat database, kredensial layanan, dan endpoints API. Orchestration juga memerlukan informasi tambahan dalam pelayanan Identity.
Untuk membuat database, lakukan langkah-langkah berikut:
Gunakan klien akses database untuk berhubung ke server database sebagai root user:
$ mysql -u root -pBuat database heat:
CREATE DATABASE heat;Beri akses yang tepat untuk database heat:
GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'localhost' \ IDENTIFIED BY 'HEAT_DBPASS'; GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'%' \ IDENTIFIED BY 'HEAT_DBPASS';
Ganti HEAT_DBPASS dengan password yang sesuai.
Keluarlah dari client untuk mengakses database.
Dapatkan sumber mandat admin untuk mendapatkan akses ke command CLI ‘admin-only’:
$ . admin-openrcUntuk membuat kredensial layanan, selesaikanlah langkah-langkah ini:
Buat user heat:
$ openstack user create --domain default --password-prompt heat User Password: Repeat User Password: +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | e0353a670a9e496da891347c589539e9 | | enabled | True | | id | ca2e175b851943349be29a328cc5e360 | | name | heat | +-----------+----------------------------------+
Tambah peran admin ke user heat:
$ openstack role add --project service --user heat adminCatatan
Command ini tidak memberikan output.
Buat entitas layanan heat dan heat-cfn:
$ openstack service create --name heat \ --description "Orchestration" orchestration +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Orchestration | | enabled | True | | id | 727841c6f5df4773baa4e8a5ae7d72eb | | name | heat | | type | orchestration | +-------------+----------------------------------+ $ openstack service create --name heat-cfn \ --description "Orchestration" cloudformation +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Orchestration | | enabled | True | | id | c42cede91a4e47c3b10c8aedc8d890c6 | | name | heat-cfn | | type | cloudformation | +-------------+----------------------------------+
Buat endpoint API layanan Orchestration:
$ openstack endpoint create --region RegionOne \ orchestration public http://controller:8004/v1/%\(tenant_id\)s +--------------+-----------------------------------------+ | Field | Value | +--------------+-----------------------------------------+ | enabled | True | | id | 3f4dab34624e4be7b000265f25049609 | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | 727841c6f5df4773baa4e8a5ae7d72eb | | service_name | heat | | service_type | orchestration | | url | http://controller:8004/v1/%(tenant_id)s | +--------------+-----------------------------------------+ $ openstack endpoint create --region RegionOne \ orchestration internal http://controller:8004/v1/%\(tenant_id\)s +--------------+-----------------------------------------+ | Field | Value | +--------------+-----------------------------------------+ | enabled | True | | id | 9489f78e958e45cc85570fec7e836d98 | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | 727841c6f5df4773baa4e8a5ae7d72eb | | service_name | heat | | service_type | orchestration | | url | http://controller:8004/v1/%(tenant_id)s | +--------------+-----------------------------------------+ $ openstack endpoint create --region RegionOne \ orchestration admin http://controller:8004/v1/%\(tenant_id\)s +--------------+-----------------------------------------+ | Field | Value | +--------------+-----------------------------------------+ | enabled | True | | id | 76091559514b40c6b7b38dde790efe99 | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | 727841c6f5df4773baa4e8a5ae7d72eb | | service_name | heat | | service_type | orchestration | | url | http://controller:8004/v1/%(tenant_id)s | +--------------+-----------------------------------------+
$ openstack endpoint create --region RegionOne \ cloudformation public http://controller:8000/v1 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | b3ea082e019c4024842bf0a80555052c | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | c42cede91a4e47c3b10c8aedc8d890c6 | | service_name | heat-cfn | | service_type | cloudformation | | url | http://controller:8000/v1 | +--------------+----------------------------------+ $ openstack endpoint create --region RegionOne \ cloudformation internal http://controller:8000/v1 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 169df4368cdc435b8b115a9cb084044e | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | c42cede91a4e47c3b10c8aedc8d890c6 | | service_name | heat-cfn | | service_type | cloudformation | | url | http://controller:8000/v1 | +--------------+----------------------------------+ $ openstack endpoint create --region RegionOne \ cloudformation admin http://controller:8000/v1 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 3d3edcd61eb343c1bbd629aa041ff88b | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | c42cede91a4e47c3b10c8aedc8d890c6 | | service_name | heat-cfn | | service_type | cloudformation | | url | http://controller:8000/v1 | +--------------+----------------------------------+
Orkestrasi memerlukan informasi tambahan dalam layanan Identity untuk mengelola stacks. Untuk menambahkan informasi ini, selesaikan langkah berikut:
Buat domain heat yang berisi proyek dan user untuk stack:
$ openstack domain create --description "Stack projects and users" heat +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Stack projects and users | | enabled | True | | id | 0f4d1bd326f2454dacc72157ba328a47 | | name | heat | +-------------+----------------------------------+
Buat user heat_domain_admin untuk mengelola proyek dan user dalam domain heat:
$ openstack user create --domain heat --password-prompt heat_domain_admin User Password: Repeat User Password: +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | 0f4d1bd326f2454dacc72157ba328a47 | | enabled | True | | id | b7bd1abfbcf64478b47a0f13cd4d970a | | name | heat_domain_admin | +-----------+----------------------------------+
Tambah peran admin ke user heat_domain_admin dalam domain heat mengaktifkan hak manajemen stack administratif oleh user heat_domain_admin:
$ openstack role add --domain heat --user-domain heat --user heat_domain_admin adminCatatan
Command ini tidak memberikan output.
Buat peran heat_stack_owner:
$ openstack role create heat_stack_owner +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | None | | id | 15e34f0c4fed4e68b3246275883c8630 | | name | heat_stack_owner | +-----------+----------------------------------+
Tambah peran heat_stack_owner ke proyek demo dan user untuk mengaktifkan manajemen stack oleh user demo:
$ openstack role add --project demo --user demo heat_stack_ownerCatatan
Command ini tidak memberikan output.
Catatan
Anda harus menambahkan peran heat_stack_owner untuk setiap user yang mengelola stack.
Buat peran heat_stack_user:
$ openstack role create heat_stack_user +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | None | | id | 88849d41a55d4d1d91e4f11bffd8fc5c | | name | heat_stack_user | +-----------+----------------------------------+
Catatan
Layanan Orchestration secara otomatis memberikan peran heat_stack_user untuk user yang menciptakan selama pengerahan stack. Secara default, peran ini membatasi operasi :term: API <Application Programming Interface (API)>. Untuk menghindari konflik, jangan menambahkan peran ini untuk user dengan peran heat_stack_owner.
Instal dan konfigurasi komponen¶
Catatan
File konfigurasi default bervariasi menurut distribusi. Anda mungkin perlu menambahkan bagian dan opsi ini daripada memodifikasi bagian dan opsi yang ada. Juga, elipsis (`` ... ``) dalam cuplikan konfigurasi menunjukkan opsi konfigurasi default potensial dimana Anda harus mempertahankan.
Instal paket:
# yum install openstack-heat-api openstack-heat-api-cfn \ openstack-heat-engine
Edit file /etc/heat/heat.conf dan selesaikan tindakan berikut:
Dalam bagian ``[Database] ``, konfigurlah akses database:
[database] ... connection = mysql+pymysql://heat:HEAT_DBPASS@controller/heat
Ganti HEAT_DBPASS dengan password yang Anda pilih untuk database Orchestration.
Dalam bagian ``[DEFAULT] `` dan `` [oslo_messaging_rabbit] ``, konfigurlah akses antrian pesan (message queue) “RabbitMQ”:
[DEFAULT] ... rpc_backend = rabbit [oslo_messaging_rabbit] ... rabbit_host = controller rabbit_userid = openstack rabbit_password = RABBIT_PASS
Ganti `` RABBIT_PASS`` dengan password yang Anda pilih akun openstack di RabbitMQ.
Dalam bagian [keystone_authtoken], [trustee], [clients_keystone], and [ec2authtoken], lakukan konfigurasi akses layanan Identity:
[keystone_authtoken] ... auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = heat password = HEAT_PASS [trustee] ... auth_plugin = password auth_url = http://controller:35357 username = heat password = HEAT_PASS user_domain_name = default [clients_keystone] ... auth_uri = http://controller:35357 [ec2authtoken] ... auth_uri = http://controller:5000/v2.0
Ganti HEAT_PASS dengan password yang Anda pilih untuk usr heat dalam pelayanan Identity.
Dalam bagian ``[DEFAULT] ``, lakukan konfigurasi metadata dan menunggu URL kondisi:
[DEFAULT] ... heat_metadata_server_url = http://controller:8000 heat_waitcondition_server_url = http://controller:8000/v1/waitcondition
Dalam bagian ``[DEFAULT] ``, lakukan konfigurasi domain stack dan kredensial administratif:
[DEFAULT] ... stack_domain_admin = heat_domain_admin stack_domain_admin_password = HEAT_DOMAIN_PASS stack_user_domain_name = heat
Ganti HEAT_DOMAIN_PASS dengan password yang Anda pilih untuk user heat_domain_admin dalam pelayanan Identity.
Lakukan pengisian database Orchestration:
# su -s /bin/sh -c "heat-manage db_sync" heat
Catatan
Mengabaikan semua pesan bantahan dalam output ini.
Finalisasi instalasi¶
Mulai layanan Orchestration dan konfigurasi mereka untuk mulai saat booting:
# systemctl enable openstack-heat-api.service \ openstack-heat-api-cfn.service openstack-heat-engine.service # systemctl start openstack-heat-api.service \ openstack-heat-api-cfn.service openstack-heat-engine.service
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.