安装并配置控制节点¶
这个部分描述如何在控制节点上安装和配置文件共享服务,即manila。这个服务需要至少一个额外的共享节点用来管理文件存储驱动。
先决条件¶
安装和配置文件共享服务之前,你必须创建创建一个数据库、服务凭证和API端点。
完成下面的步骤以创建数据库:
用数据库连接客户端以 root 用户连接到数据库服务器:
$ mysql -u root -p创建``manila``数据库:
CREATE DATABASE manila;对``manila``数据库授予恰当的访问权限:
GRANT ALL PRIVILEGES ON manila.* TO 'manila'@'localhost' \ IDENTIFIED BY 'MANILA_DBPASS'; GRANT ALL PRIVILEGES ON manila.* TO 'manila'@'%' \ IDENTIFIED BY 'MANILA_DBPASS';
退出数据库客户端。
获得 admin 凭证来获取只有管理员能执行的命令的访问权限:
$ . admin-openrc要创建服务证书,完成这些步骤:
创建``manila``用户:
$ openstack user create --domain default --password-prompt manila User Password: Repeat User Password: +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | e0353a670a9e496da891347c589539e9 | | enabled | True | | id | 83a3990fc2144100ba0e2e23886d8acc | | name | manila | +-----------+----------------------------------+
给 manila 用户添加 admin 角色:
$ openstack role add --project service --user manila admin注解
这个命令执行后没有输出。
创建``manila`` 和 manilav2 服务实体:
$ openstack service create --name manila \ --description "OpenStack Shared File Systems" share +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | OpenStack Shared File Systems | | enabled | True | | id | 82378b5a16b340aa9cc790cdd46a03ba | | name | manila | | type | share | +-------------+----------------------------------+
$ openstack service create --name manilav2 \ --description "OpenStack Shared File Systems" sharev2 +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | OpenStack Shared File Systems | | enabled | True | | id | 30d92a97a81a4e5d8fd97a32bafd7b88 | | name | manilav2 | | type | sharev2 | +-------------+----------------------------------+
注解
文件分享服务需要2个服务实体。
创建文件分享服务的API endpoint:
$ openstack endpoint create --region RegionOne \ share public http://controller:8786/v1/%\(tenant_id\)s +--------------+-----------------------------------------+ | Field | Value | +--------------+-----------------------------------------+ | enabled | True | | id | 0bd2bbf8d28b433aaea56a254c69f69d | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | 82378b5a16b340aa9cc790cdd46a03ba | | service_name | manila | | service_type | share | | url | http://controller:8786/v1/%(tenant_id)s | +--------------+-----------------------------------------+ $ openstack endpoint create --region RegionOne \ share internal http://controller:8786/v1/%\(tenant_id\)s +--------------+-----------------------------------------+ | Field | Value | +--------------+-----------------------------------------+ | enabled | True | | id | a2859b5732cc48b5b083dd36dafb6fd9 | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | 82378b5a16b340aa9cc790cdd46a03ba | | service_name | manila | | service_type | share | | url | http://controller:8786/v1/%(tenant_id)s | +--------------+-----------------------------------------+ $ openstack endpoint create --region RegionOne \ share admin http://controller:8786/v1/%\(tenant_id\)s +--------------+-----------------------------------------+ | Field | Value | +--------------+-----------------------------------------+ | enabled | True | | id | f7f46df93a374cc49c0121bef41da03c | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | 82378b5a16b340aa9cc790cdd46a03ba | | service_name | manila | | service_type | share | | url | http://controller:8786/v1/%(tenant_id)s | +--------------+-----------------------------------------+
$ openstack endpoint create --region RegionOne \ sharev2 public http://controller:8786/v2/%\(tenant_id\)s +--------------+-----------------------------------------+ | Field | Value | +--------------+-----------------------------------------+ | enabled | True | | id | d63cc0d358da4ea680178657291eddc1 | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | 30d92a97a81a4e5d8fd97a32bafd7b88 | | service_name | manilav2 | | service_type | sharev2 | | url | http://controller:8786/v2/%(tenant_id)s | +--------------+-----------------------------------------+ $ openstack endpoint create --region RegionOne \ sharev2 internal http://controller:8786/v2/%\(tenant_id\)s +--------------+-----------------------------------------+ | Field | Value | +--------------+-----------------------------------------+ | enabled | True | | id | afc86e5f50804008add349dba605da54 | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | 30d92a97a81a4e5d8fd97a32bafd7b88 | | service_name | manilav2 | | service_type | sharev2 | | url | http://controller:8786/v2/%(tenant_id)s | +--------------+-----------------------------------------+ $ openstack endpoint create --region RegionOne \ sharev2 admin http://controller:8786/v2/%\(tenant_id\)s +--------------+-----------------------------------------+ | Field | Value | +--------------+-----------------------------------------+ | enabled | True | | id | e814a0cec40546e98cf0c25a82498483 | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | 30d92a97a81a4e5d8fd97a32bafd7b88 | | service_name | manilav2 | | service_type | sharev2 | | url | http://controller:8786/v2/%(tenant_id)s | +--------------+-----------------------------------------+
注解
文件分享服务的每个服务实体都需要创建endpoint。
安全并配置组件¶
安装软件包:
# zypper install openstack-manila-api \ openstack-manila-scheduler python-manilaclient
编辑``/etc/manila/manila.conf``文件并完成下列操作:
在 [database] 部分,配置数据库访问:
[database] ... connection = mysql+pymysql://manila:MANILA_DBPASS@controller/manila
使用你为manila数据库设置的密码来替换``MANILA_DBPASS``
在 “[DEFAULT]” 和 “[oslo_messaging_rabbit]”部分,配置 “RabbitMQ” 消息队列访问:
[DEFAULT] ... rpc_backend = rabbit [oslo_messaging_rabbit] ... rabbit_host = controller rabbit_userid = openstack rabbit_password = RABBIT_PASS
用你在 “RabbitMQ” 中为 “openstack” 选择的密码替换 “RABBIT_PASS”。
在``[DEFAULT]``选项卡部分,设置成如下值:
[DEFAULT] ... default_share_type = default_share_type rootwrap_config = /etc/manila/rootwrap.conf
在 “[DEFAULT]” 和 “[keystone_authtoken]” 部分,配置认证服务访问:
[DEFAULT] ... auth_strategy = keystone [keystone_authtoken] ... memcached_servers = controller:11211 auth_uri = http://controller:5000 auth_url = http://controller:35357 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = manila password = MANILA_PASS
使用你在身份认证服务中选择的 manila 用户密码来替换 MANILA_PASS 。
在 [DEFAULT 部分,配置``my_ip`` 来使用控制节点的管理接口的IP 地址。
[DEFAULT] ... my_ip = 10.0.0.11
在 [oslo_concurrency] 部分,配置锁路径:
[oslo_concurrency] ... lock_path = /var/lib/manila/tmp
完成安装¶
启动文件分享服务并设置为随系统启动:
# systemctl enable openstack-manila-api.service openstack-manila-scheduler.service # systemctl start openstack-manila-api.service openstack-manila-scheduler.service
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.