From c5331edcb7e21b8f5645f0825afa662ee10e6ad3 Mon Sep 17 00:00:00 2001 From: "Simental Magana, Marcos" Date: Tue, 10 Nov 2015 16:30:52 -0600 Subject: [PATCH] Update openstack block storage (Cinder) documentation for Liberty --- source/openstack_block_storage.rst | 595 +++++++++++++++++------------ 1 file changed, 344 insertions(+), 251 deletions(-) diff --git a/source/openstack_block_storage.rst b/source/openstack_block_storage.rst index d29dadea..a5a60009 100644 --- a/source/openstack_block_storage.rst +++ b/source/openstack_block_storage.rst @@ -1,169 +1,222 @@ OpenStack* Block Storage -############################################################ +######################## -Clear Linux* OS for Intel® Architecture can be used with the -OpenStack Block Storage service (cinder) to add persistent storage -options to a virtual machine. Block Storage provides an infrastructure -for managing volumes and interacting with OpenStack Compute (nova) to -provide volumes for specific instances. These volumes can be easily -managed (types and snapshots) under Block Storage. Here's how to get -OpenStack Block Storage working with Clear Linux OS for Intel -Architecture: +The OpenStack Block Storage service (cinder) adds persistent storage to +a virtual machine. Block Storage provides an infrastructure for managing +volumes, and interacts with OpenStack Compute to provide volumes for +instances. The service also enables management of volume snapshots, and +volume types. -Installing and configuring the controller node ----------------------------------------------------- +Install and configure controller node +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -The first step is to install and configure the Block Storage service, -code-named cinder, on the controller node. This service requires at -least one additional storage node that provides volumes to instances. +This section describes how to install and configure the Block +Storage service, code-named cinder, on the controller node. This +service requires at least one additional storage node that provides +volumes to instances. Prerequisites: -~~~~~~~~~~~~~~~~~~ +-------------- -Before installing and configuring the Block Storage service, create a -database, service credentials, and an API endpoint. To create the -database, complete these steps: +Before you install and configure the Block Storage service, you -**Create a database:** +#. To create the database, complete these steps: -#. Use the database access client to connect to the database server as - the root user:: + * Use the database access client to connect to the database + server as the ``root`` user:: - $ mysql -u root -p + $ mysql -u root -p -#. Create the cinder database:: - - CREATE DATABASE cinder; + * Create the ``cinder`` database:: -#. Grant proper access to the cinder database. Replace ``CINDER_DBPASS`` - with a suitable password:: + CREATE DATABASE cinder; - GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' \ - IDENTIFIED BY 'CINDER_DBPASS'; - GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' \ - IDENTIFIED BY 'CINDER_DBPASS'; + * Grant proper access to the ``cinder`` database:: -#. Exit the database access client. + GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' \ + IDENTIFIED BY 'CINDER_DBPASS'; + GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' \ + IDENTIFIED BY 'CINDER_DBPASS'; -**Create service credentials:** + Replace ``CINDER_DBPASS`` with a suitable password. -#. Now source the admin credentials to gain access to admin-only CLI - commands:: + * Exit the database access client. - $ source admin-openrc.sh +#. Source the ``admin`` credentials to gain access to admin-only + CLI commands:: + + $ source admin-openrc.sh #. To create the service credentials, complete these steps: - * Create a cinder user:: - - $ openstack user create --password-prompt cinder - User Password: - Repeat User Password: - +----------+----------------------------------+ - | Field | Value | - +----------+----------------------------------+ - | email | None | - | enabled | True | - | id | 881ab2de4f7941e79504a759a83308be | - | name | cinder | - | username | cinder | - +----------+----------------------------------+ + * Create a ``cinder`` user:: - * Add the admin role to the cinder user:: - - $ openstack role add --project service --user cinder admin - +-------+----------------------------------+ - | Field | Value | - +-------+----------------------------------+ - | id | cd2cb9a39e874ea69e5d4b896eb16128 | - | name | admin | - +-------+----------------------------------+ + $ openstack user create --domain default --password-prompt cinder + User Password: + Repeat User Password: + +-----------+----------------------------------+ + | Field | Value | + +-----------+----------------------------------+ + | domain_id | default | + | enabled | True | + | id | bb279f8ffc444637af38811a5e1f0562 | + | name | cinder | + +-----------+----------------------------------+ - * Now create the cinder service entities:: - - $ openstack service create --name cinder \ - --description "OpenStack Block Storage" volume - | Field | Value | - +-------------+----------------------------------+ - | description | OpenStack Block Storage | - | enabled | True | - | id | 1e494c3e22a24baaafcaf777d4d467eb | - | name | cinder | - | type | volume | - +-------------+----------------------------------+ - $ openstack service create --name cinderv2 - --description "OpenStack Block Storage" volumev2 - +-------------+----------------------------------+ - | Field | Value | - +-------------+----------------------------------+ - | description | OpenStack Block Storage | - | enabled | True | - | id | 16e038e449c94b40868277f1d801edb5 | - | name | cinderv2 | - | type | volumev2 | - +-------------+----------------------------------+ + * Add the ``admin`` role to the ``cinder`` user:: -**Create service endpoints:** + $ openstack role add --project service --user cinder admin -The last prerequisite is to create the Block Storage service API endpoints:: + * Create the ``cinder`` and ``cinderv2`` service entities:: - $ openstack endpoint create \ - --publicurl http://controller:8776/v2/%\(tenant_id\)s \ - --internalurl http://controller:8776/v2/%\(tenant_id\)s \ - --adminurl http://controller:8776/v2/%\(tenant_id\)s \ - --region RegionOne \ - volume - +--------------+-----------------------------------------+ - |Field | Value + - |--------------+-----------------------------------------+ - | adminurl | http://controller:8776/v2/%(tenant_id)s | - | id | d1b7291a2d794e26963b322c7f2a55a4 | - | internalurl | http://controller:8776/v2/%(tenant_id)s | - | publicurl | http://controller:8776/v2/%(tenant_id)s | - | region | RegionOne | - | service_id | 1e494c3e22a24baaafcaf777d4d467eb | - | service_name | cinder | - | service_type | volume | - +--------------+-----------------------------------------+ - $ openstack endpoint create \ - --publicurl http://controller:8776/v2/%\(tenant_id\)s \ - --internalurl http://controller:8776/v2/%\(tenant_id\)s \ - --adminurl http://controller:8776/v2/%\(tenant_id\)s \ - --region RegionOne \ - volumev2 - +--------------+-----------------------------------------+ - | Field | Value | - +--------------+-----------------------------------------+ - | adminurl | http://controller:8776/v2/%(tenant_id)s | - | id | 097b4a6fc8ba44b4b10d4822d2d9e076 | - | internalurl | http://controller:8776/v2/%(tenant_id)s | - | publicurl | http://controller:8776/v2/%(tenant_id)s | - | region | RegionOne | - | service_id | 16e038e449c94b40868277f1d801edb5 | - | service_name | cinderv2 | - | service_type | volumev2 | - +--------------+-----------------------------------------+ + $ openstack service create --name cinder \ + --description "OpenStack Block Storage" volume + +-------------+----------------------------------+ + | Field | Value | + +-------------+----------------------------------+ + | description | OpenStack Block Storage | + | enabled | True | + | id | ab3bbbef780845a1a283490d281e7fda | + | name | cinder | + | type | volume | + +-------------+----------------------------------+ -Installing and configuring Block Storage controller components -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + $ openstack service create --name cinderv2 \ + --description "OpenStack Block Storage" volumev2 + +-------------+----------------------------------+ + | Field | Value | + +-------------+----------------------------------+ + | description | OpenStack Block Storage | + | enabled | True | + | id | eb9fd245bdbc414695952e93f29fe3ac | + | name | cinderv2 | + | type | volumev2 | + +-------------+----------------------------------+ -Once your prerequisites are finished, you can install and configure -Block Storage controller components: + .. note:: + + The Block Storage services requires two service entities. + +#. Create the Block Storage service API endpoints:: + + $ openstack endpoint create --region RegionOne \ + volume public http://controller:8776/v1/%\(tenant_id\)s + +--------------+-----------------------------------------+ + | Field | Value | + +--------------+-----------------------------------------+ + | enabled | True | + | id | 03fa2c90153546c295bf30ca86b1344b | + | interface | public | + | region | RegionOne | + | region_id | RegionOne | + | service_id | ab3bbbef780845a1a283490d281e7fda | + | service_name | cinder | + | service_type | volume | + | url | http://controller:8776/v1/%(tenant_id)s | + +--------------+-----------------------------------------+ + + $ openstack endpoint create --region RegionOne \ + volume internal http://controller:8776/v1/%\(tenant_id\)s + +--------------+-----------------------------------------+ + | Field | Value | + +--------------+-----------------------------------------+ + | enabled | True | + | id | 94f684395d1b41068c70e4ecb11364b2 | + | interface | internal | + | region | RegionOne | + | region_id | RegionOne | + | service_id | ab3bbbef780845a1a283490d281e7fda | + | service_name | cinder | + | service_type | volume | + | url | http://controller:8776/v1/%(tenant_id)s | + +--------------+-----------------------------------------+ + + $ openstack endpoint create --region RegionOne \ + volume admin http://controller:8776/v1/%\(tenant_id\)s + +--------------+-----------------------------------------+ + | Field | Value | + +--------------+-----------------------------------------+ + | enabled | True | + | id | 4511c28a0f9840c78bacb25f10f62c98 | + | interface | admin | + | region | RegionOne | + | region_id | RegionOne | + | service_id | ab3bbbef780845a1a283490d281e7fda | + | service_name | cinder | + | service_type | volume | + | url | http://controller:8776/v1/%(tenant_id)s | + +--------------+-----------------------------------------+ + + $ openstack endpoint create --region RegionOne \ + volumev2 public http://controller:8776/v2/%\(tenant_id\)s + +--------------+-----------------------------------------+ + | Field | Value | + +--------------+-----------------------------------------+ + | enabled | True | + | id | 513e73819e14460fb904163f41ef3759 | + | interface | public | + | region | RegionOne | + | region_id | RegionOne | + | service_id | eb9fd245bdbc414695952e93f29fe3ac | + | service_name | cinderv2 | + | service_type | volumev2 | + | url | http://controller:8776/v2/%(tenant_id)s | + +--------------+-----------------------------------------+ + + $ openstack endpoint create --region RegionOne \ + volumev2 internal http://controller:8776/v2/%\(tenant_id\)s + +--------------+-----------------------------------------+ + | Field | Value | + +--------------+-----------------------------------------+ + | enabled | True | + | id | 6436a8a23d014cfdb69c586eff146a32 | + | interface | internal | + | region | RegionOne | + | region_id | RegionOne | + | service_id | eb9fd245bdbc414695952e93f29fe3ac | + | service_name | cinderv2 | + | service_type | volumev2 | + | url | http://controller:8776/v2/%(tenant_id)s | + +--------------+-----------------------------------------+ + + $ openstack endpoint create --region RegionOne \ + volumev2 admin http://controller:8776/v2/%\(tenant_id\)s + +--------------+-----------------------------------------+ + | Field | Value | + +--------------+-----------------------------------------+ + | enabled | True | + | id | e652cf84dd334f359ae9b045a2c91d96 | + | interface | admin | + | region | RegionOne | + | region_id | RegionOne | + | service_id | eb9fd245bdbc414695952e93f29fe3ac | + | service_name | cinderv2 | + | service_type | volumev2 | + | url | http://controller:8776/v2/%(tenant_id)s | + +--------------+-----------------------------------------+ + + .. note:: + + The Block Storage services requires endpoints for each service + entity. + +Install and configure components +-------------------------------- #. Install OpenStack Block Storage Controller bundle:: - - # clr_bundle_add openstack-block-storage-controller + + # clr_bundle_add openstack-block-storage-controller #. Custom configurations will be located at ``/etc/cinder``. * Create ``/etc/cinder`` directory:: - - mkdir /etc/cinder + + mkdir /etc/cinder * Create empty cinder configuration file in ``/etc/cinder/cinder.conf``:: - touch /etc/cinder/cinder.conf + touch /etc/cinder/cinder.conf #. Edit the ``/etc/cinder/cinder.conf`` file and complete the following actions: @@ -172,104 +225,119 @@ Block Storage controller components: ``CINDER_DBPASS`` with the password you chose for the database:: - [database] - ... - connection=mysql://cinder:CINDER_DBPASS@controller/cinder + [database] + ... + connection=mysql://cinder:CINDER_DBPASS@controller/cinder * In the ``[DEFAULT]`` and ``[oslo_messaging_rabbit]`` section, configure RabbitMQ message queue access. Replace ``RABBIT_PASS`` with the password you chose for the account in RabbitMQ:: - [DEFAULT] - ... - rpc_backend = rabbit - ... - [oslo_messaging_rabbit] - rabbit_host = controller - rabbit_userid = openstack - rabbit_password = RABBIT_PASS + [DEFAULT] + ... + rpc_backend = rabbit + + [oslo_messaging_rabbit] + ... + rabbit_host = controller + rabbit_userid = openstack + rabbit_password = RABBIT_PASS * In the ``[DEFAULT]`` and ``[keystone_authtoken]`` sections, - configure Identity service access. Replace ``CINDER_PASS`` with the - password you chose for the cinder user in the Identity - service:: + configure Identity service access: - [DEFAULT] - ... - auth_strategy = keystone - ... - [keystone_authtoken] - auth_uri = http://controller:5000/v2.0 - admin_tenant_name = service - admin_user = cinder - admin_password = CINDER_PASS + .. code-block:: ini + + [DEFAULT] + ... + auth_strategy = keystone + + [keystone_authtoken] + ... + auth_uri = http://controller:5000 + auth_url = http://controller:35357 + auth_plugin = password + project_domain_id = default + user_domain_id = default + project_name = service + username = cinder + password = CINDER_PASS + + Replace ``CINDER_PASS`` with the password you chose for + the ``cinder`` user in the Identity service. * In the ``[DEFAULT]`` section, configure the ``my_ip`` option to - use the management interface IP address of the controller node:: + use the management interface IP address of the controller node: - [DEFAULT] ... my_ip = 10.0.0.11 + .. code-block:: ini -#. Let ``systemd`` set the correct permissions for files in ``/etc/cinder``:: - - # systemctl restart update-triggers.target + [DEFAULT] + ... + my_ip = 10.0.0.11 #. Populate the Block Storage database:: - - # su -s /bin/sh -c "cinder-manage db sync" cinder -Finalizing installation -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + # su -s /bin/sh -c "cinder-manage db sync" cinder -To finalize installation, enable and start the Block Storage services:: +Configure Compute to use Block Storage +-------------------------------------- - # systemctl enable cinder-api cinder-scheduler - # systemctl start cinder-api cinder-scheduler +* Edit the ``/etc/nova/nova.conf`` file and add the following + to it:: -Installing and configuring a storage node ----------------------------------------------- + [cinder] + os_region_name = RegionOne -This section describes how to install and configure storage nodes for -the Block Storage service. For simplicity, this configuration references -one storage node with an empty local block storage device ``/dev/sdb`` -(for physical device) or ``/dev/vda`` (for virtual machine) that -contains a suitable partition table with one partition ``/dev/sdb1`` -occupying the entire device. The service provisions logical volumes on -this device using the LVM driver and provides them to instances via -iSCSI transport. You can follow these instructions with minor -modifications to horizontally scale your environment with additional -storage nodes. +Finalize installation +--------------------- -Install Block Storage volume components -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +#. Restart the Compute API service:: -Install the packages:: + # systemctl restart uwsgi@nova-api.service - # clr_bundle_add openstack-block-storage +#. Start the Block Storage services and configure them to start when + the system boots:: -**Prerequisites:** + # systemctl enable cinder-api cinder-scheduler + # systemctl start cinder-api cinder-scheduler -You must configure the storage node before installing and configuring -the volume service on it. Similar to the controller node, the storage -node contains one network interface on the management network. The -storage node also needs an empty block storage device of suitable size -for your environment. +Install and configure a storage node +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This section describes how to install and configure storage nodes +for the Block Storage service. For simplicity, this configuration +references one storage node with an empty local block storage device. +The instructions use ``/dev/sdb``, but you can substitute a different +value for your particular node. + +The service provisions logical volumes on this device using the +LVM driver and provides them to instances via iSCSI transport. +You can follow these instructions with minor modifications to +horizontally scale your environment with additional storage nodes. + +Prerequisites +------------- + +#. Install the openstack block storage bundle:: + + # clr_bundle_add openstack-block-storage #. Create the LVM physical volume: ``/dev/sdb1`` If your system uses a different device name, adjust these steps accordingly:: - # pvcreate /dev/sdb1 - Physical volume "/dev/sdb1" successfully created + # pvcreate /dev/sdb1 + Physical volume "/dev/sdb1" successfully created #. Create the LVM volume group ``cinder-volumes``:: - - # vgcreate cinder-volumes /dev/sdb1 - Volume group "cinder-volumes" successfully created + + # vgcreate cinder-volumes /dev/sdb1 + Volume group "cinder-volumes" successfully created The Block Storage service creates logical volumes in this volume group. - Only instances can access Block Storage volumes. However, the +#. Only instances can access Block Storage volumes. However, the underlying operating system manages the devices associated with the volumes. By default, the LVM volume scanning tool scans the ``/dev`` directory for block storage devices that contain volumes. If projects @@ -277,19 +345,18 @@ for your environment. attempts to cache them which can cause a variety of problems with both the underlying operating system and project volumes. You must reconfigure LVM to scan only the devices that contain the - ``cinder-volume`` volume group. - -#. Edit the ``/etc/lvm/lvm.conf`` file + ``cinder-volume`` volume group. Edit the ``/etc/lvm/lvm.conf`` file and complete the following action: * In the ``devices`` section, add a filter that accepts the ``/dev/sdb`` device and rejects all other devices:: - devices { - filter = [ "a/sdb/", "r/.*/"] - } + devices { + filter = [ "a/sdb/", "r/.*/"] + } -**Configure Block Storage volume components:** +Install and configure components +-------------------------------- #. Edit the ``/etc/cinder/cinder.conf`` file and complete the following actions: @@ -298,93 +365,119 @@ for your environment. ``CINDER_DBPASS`` with the password you chose for the Block Storage database:: - [database] - ... + [database] + ... connection = mysql://cinder:CINDER_DBPASS@controller/cinder * In the ``[DEFAULT]`` and ``[oslo_messaging_rabbit]`` sections, - configure *RabbitMQ* message queue access. Replace ``RABBIT_PASS`` + configure ``RabbitMQ`` message queue access. Replace ``RABBIT_PASS`` with the password you chose for the openstack account in - *RabbitMQ*:: + ``RabbitMQ``:: - [DEFAULT] - ... - rpc_backend = rabbit - [oslo_messaging_rabbit] - ... - rabbit_host = controller - rabbit_userid = openstack - rabbit_password = RABBIT_PASS + [DEFAULT] + ... + rpc_backend = rabbit + + [oslo_messaging_rabbit] + ... + rabbit_host = controller + rabbit_userid = openstack + rabbit_password = RABBIT_PASS * In the ``[DEFAULT]`` and ``[keystone_authtoken]`` sections, configure Identity service access. Replace ``CINDER_PASS`` with the password you chose for the cinder user in the Identity service:: - [DEFAULT] - ... - auth_strategy = keystone - [keystone_authtoken] - ... - auth_uri = http://controller:5000 - identity_uri = http://controller:35357 - admin_tenant_name = service - admin_user = cinder - admin_password = CINDER_PASS + [DEFAULT] + ... + auth_strategy = keystone + + [keystone_authtoken] + ... + auth_uri = http://controller:5000 + auth_url = http://controller:35357 + auth_plugin = password + project_domain_id = default + user_domain_id = default + project_name = service + username = cinder + password = CINDER_PASS * In the ``[DEFAULT]`` section, configure the ``my_ip`` option. - Replace *MANAGEMENT_INTERFACE_IP_ADDRESS* with the IP address + Replace ``MANAGEMENT_INTERFACE_IP_ADDRESS`` with the IP address of the management network interface on your storage node, typically 10.0.0.41 for the first node in the example architecture:: - [DEFAULT] - ... - my_ip = MANAGEMENT_INTERFACE_IP_ADDRESS + [DEFAULT] + ... + my_ip = MANAGEMENT_INTERFACE_IP_ADDRESS * In the ``[lvm]`` section, configure the LVM back end with the LVM driver, ``cinder-volumes`` volume group, iSCSI protocol, and appropriate iSCSI service:: - [lvm] - ... - volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver - volume_group = cinder-volumes - iscsi_protocol = iscsi - iscsi_helper = tgtadm + [lvm] + ... + volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver + volume_group = cinder-volumes + iscsi_protocol = iscsi + iscsi_helper = tgtadm * In the ``[DEFAULT]`` section, enable the LVM back end:: - - [DEFAULT] - ... - enabled_backends = lvm + + [DEFAULT] + ... + enabled_backends = lvm * In the ``[DEFAULT]`` section, configure the location of the Image service:: - [DEFAULT] - ... - glance_host = controller + [DEFAULT] + ... + glance_host = controller #. Let systemd set the correct permissions for files in ``/etc/cinder``:: - - # systemctl restart update-triggers.target -Finalizing installation -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + # systemctl restart update-triggers.target -Restart the Block Storage volume service including its dependencies:: +Finalize installation +--------------------- - # systemctl enable iscsid tgtd cinder-volume - # systemctl start iscsid tgtd cinder-volume +#. Start the Block Storage volume service including its dependencies + and configure them to start when the system boots:: + + # systemctl enable iscsid tgtd cinder-volume + # systemctl start iscsid tgtd cinder-volume Configuring a compute node to use Block Storage -~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +----------------------------------------------- -Perform the following steps to enable a compute node to work with block -storage:: +#. Perform the following steps to enable a compute node to work with + block storage:: - # systemctl enable iscsid - # systemctl start iscsi-gen-initiatorname - # systemctl start iscsid + # systemctl enable iscsid + # systemctl start iscsi-gen-initiatorname iscsid +Verify operation +~~~~~~~~~~~~~~~~ +Verify operation of the Block Storage service. +.. note:: + + Perform these commands on the controller node. + +#. Source the ``admin`` credentials to gain access to + admin-only CLI commands:: + + $ source admin-openrc.sh + +#. List service components to verify successful launch of each process:: + + $ cinder service-list + +------------------+------------+------+---------+-------+----------------------------+-----------------+ + | Binary | Host | Zone | Status | State | Updated_at | Disabled Reason | + +------------------+------------+------+---------+-------+----------------------------+-----------------+ + | cinder-scheduler | controller | nova | enabled | up | 2014-10-18T01:30:54.000000 | None | + | cinder-volume | block1@lvm | nova | enabled | up | 2014-10-18T01:30:57.000000 | None | + +------------------+------------+------+---------+-------+----------------------------+-----------------+