clearlinux/clear-linux-documentation
2
0
Fork 0
mirror of https://github.com/clearlinux/clear-linux-documentation.git synced 2026-05-14 02:43:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
61baab70169672bb50b2eb12eb54ec44765ce9fa
clear-linux-documentation/source/openstack_compute.rst

528 lines
21 KiB
ReStructuredText
Raw Blame History

.. _openstack_compute:
Compute
##################
Use OpenStack Compute to host and manage cloud computing systems.
OpenStack Compute interacts with OpenStack Identity for authentication,
OpenStack Image Service for disk and server images, and OpenStack
Dashboard for the user and administrative interface. Image access is
limited by projects, and by users; quotas are limited per project (the
number of instances, for example). OpenStack Compute can scale
horizontally on standard hardware and download images to launch
instances.
Install and configure controller node
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This section describes how to install and configure the
Compute service, code-named nova, on the controller node.
Prerequisites
-------------
Before you install and configure the Compute service, you must
create a database, service credentials, and API endpoints.
#. To create the database, complete these steps:
* Use the database access client to connect to the database server
as the root user::
$ mysql -u root -p
* Create the ``nova`` database::
CREATE DATABASE nova;
* Grant proper access to the nova database. Replace ``NOVA_DBPASS``
with a suitable password::
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' \
IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' \
IDENTIFIED BY 'NOVA_DBPASS';
* Exit the database access client.
#. Source the admin credentials to gain access to admin-only CLI
commands::
$ source admin-openrc.sh
#. To create the service credentials, complete these steps:
* Create the ``nova`` user::
$ openstack user create --domain default --password-prompt nova
User Password:
Repeat User Password:
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 8c46e4760902464b889293a74a0c90a8 |
| name | nova |
+-----------+----------------------------------+
* Add the ``admin`` role to the ``nova`` user::
$ openstack role add --project service --user nova admin
* Create the ``nova`` service entity::
$ openstack service create --name nova \
--description "OpenStack Compute" compute
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Compute |
| enabled | True |
| id | 060d59eac51b4594815603d75a00aba2 |
| name | nova |
| type | compute |
+-------------+----------------------------------+
#. Create the Compute service API endpoints::
$ openstack endpoint create --region RegionOne \
compute public http://controller:8774/v2/%\(tenant_id\)s
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | 3c1caa473bfe4390a11e7177894bcc7b |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | e702f6f497ed42e6a8ae3ba2e5871c78 |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2/%(tenant_id)s |
+--------------+-----------------------------------------+
$ openstack endpoint create --region RegionOne \
compute internal http://controller:8774/v2/%\(tenant_id\)s
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | e3c918de680746a586eac1f2d9bc10ab |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | e702f6f497ed42e6a8ae3ba2e5871c78 |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2/%(tenant_id)s |
+--------------+-----------------------------------------+
$ openstack endpoint create --region RegionOne \
compute admin http://controller:8774/v2/%\(tenant_id\)s
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | 38f7af91666a47cfb97b4dc790b94424 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | e702f6f497ed42e6a8ae3ba2e5871c78 |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2/%(tenant_id)s |
+--------------+-----------------------------------------+
Installing and configuring the Compute controller components
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
To install and configure the Compute controller components:
#. Install OpenStack Compute Controller bundle::
# swupd bundle-add openstack-compute-controller
# swupd verify --fix
#. Custom configurations will be located at ``/etc/nova``.
* Create ``/etc/nova directory``::
# mkdir /etc/nova
* Create empty nova configuration file ``/etc/nova/nova.conf``::
# touch /etc/nova/nova.conf
#. Edit the ``/etc/nova/nova.conf`` file and complete the following
actions:
* In the ``[database]`` section, configure database access. Replace
``NOVA_DBPASS`` with the password you chose for the Compute database::
[database]
...
connection=mysql://nova:NOVA_DBPASS@controller/nova
* In the ``[DEFAULT]`` and ``[oslo_messaging_rabbit]`` sections,
configure ``RabbitMQ`` message queue access. Replace ``RABBIT_PASS``
with the password you chose for the guest account in RabbitMQ::
[DEFAULT]
...
rpc_backend = rabbit
[oslo_messaging_rabbit]
...
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = RABBIT_PASS
* In the ``[DEFAULT]`` and ``[keystone_authtoken]`` sections,
configure Identity service access. Replace ``NOVA_PASS`` with the
password you chose for the nova user in the Identity service::
[DEFAULT]
...
auth_strategy = keystone
[keystone_authtoken]
...
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = nova
password = NOVA_PASS
* In the ``[DEFAULT]`` section, configure the ``my_ip`` option to
use the management interface IP address of the controller node::
[DEFAULT]
...
my_ip = 10.0.0.11
* In the ``[DEFAULT]`` section, enable support for the Networking service::
[DEFAULT]
...
network_api_class = nova.network.neutronv2.api.API
security_group_api = neutron
linuxnet_interface_driver = nova.network.linux_net.NeutronLinuxBridgeInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver
* In the ``[vnc]`` section, configure the VNC proxy to use the
management interface IP address of the controller node::
[vnc]
...
vncserver_listen = 10.0.0.11
vncserver_proxyclient_address = 10.0.0.11
* In the ``[glance]`` section, configure the location of the
Image Service::
[glance]
...
host = controller
#. Ensure files have proper ownership by running the following command::
# systemctl restart update-triggers.target
#. Populate the Compute database::
su -s /bin/sh -c "nova-manage db sync" nova
Finalizing Compute installation
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Complete the following steps to finalize Compute installation:
#. Create the ``/etc/nginx`` directory if doesn't exists and setup nova-api
and nova-metadata to start with the Nginx http server::
# mkdir -p /etc/nginx
# ln -s /usr/share/nginx/conf.d/nova-api.template /etc/nginx/nova-api.conf
#. Restart the Nginx server to reload new configurations::
# systemctl restart nginx
#. Start the Compute Service services and configure them to start
when the system boots::
# systemctl enable uwsgi@nova-api.socket \
uwsgi@nova-metadata.socket nova-cert.service \
nova-consoleauth.service nova-scheduler.service \
nova-conductor.service nova-novncproxy.service
# systemctl start uwsgi@nova-api.socket \
uwsgi@nova-metadata.socket nova-cert.service \
nova-consoleauth.service nova-scheduler.service \
nova-conductor.service nova-novncproxy.service
Install and configure a compute note
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This section describes how to install and configure the Compute service
on a compute node. This configuration uses the QEMU hypervisor with the
KVM extension on compute nodes that support hardware acceleration for
virtual machines.
Install and configure components
--------------------------------
#. Install OpenStack Compute bundle::
# clr_bundle_add openstack-compute
#. Custom configurations will be located at ``/etc/nova``.
* Create ``/etc/nova`` directory::
# mkdir /etc/nova
* Create empty nova configuration file ``/etc/nova/nova.conf``::
# touch /etc/nova/nova.conf
#. Edit the ``/etc/nova/nova.conf`` file and complete the following
actions:
* In the ``[DEFAULT]`` and ``[oslo_messaging_rabbit]`` sections,
configure RabbitMQ message broker access. Replace ``RABBIT_PASS``
with the password you chose for the ``openstack`` account in ``RabbitMQ``::
[DEFAULT]
...
rpc_backend = rabbit
[oslo_messaging_rabbit]
...
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = RABBIT_PASS
* In the ``[DEFAULT]`` and ``[keystone_authtoken]`` sections,
configure Identity service access. Replace ``NOVA_PASS`` with the
password you chose for the nova user in the Identity service::
[DEFAULT]
...
auth_strategy = keystone
[keystone_authtoken]
...
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = nova
password = NOVA_PASS
* In the ``[DEFAULT]`` section, configure the ``my_ip`` option.
Replace ``MANAGEMENT_INTERFACE_IP_ADDRESS`` with the IP address of
the management network interface on your compute node, typically
``10.0.0.31`` for the first node in the example architecture::
[DEFAULT]
...
my_ip = MANAGEMENT_INTERFACE_IP_ADDRESS
* In the ``[DEFAULT]`` section, enable support for the Networking service::
[DEFAULT]
...
network_api_class = nova.network.neutronv2.api.API
security_group_api = neutron
linuxnet_interface_driver = nova.network.linux_net.NeutronLinuxBridgeInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver
* In the ``[vnc]`` section, enable and configure remote console access::
[vnc]
...
enabled = True
vncserver_listen = 0.0.0.0
vncserver_proxyclient_address = MANAGEMENT_INTERFACE_IP_ADDRESS
novncproxy_base_url = http://controller:6080/vnc_auto.html
The server component listens on all IP addresses and the proxy
component only listens on the management interface IP address of
the compute node. The base URL indicates the location where you
can use a web browser to access remote consoles of instances on
this compute node.
* In the ``[glance]`` section, configure the location of the
Image Service::
[glance]
...
host = controller
Finalize compute node installation
----------------------------------
#. Determine whether your compute node supports hardware acceleration
for virtual machines::
$ egrep -c '(vmx|svm)' /proc/cpuinfo
If this command returns a value of ``one or greater``, your compute
node supports hardware acceleration which typically requires no
additional configuration.
If this command returns a value of ``zero`` , your compute node does
not support hardware acceleration and you must configure ``libvirt``
to use QEMU instead of KVM.
* Edit the ``[libvirt]`` section in the ``/etc/nova/nova.conf`` file
as follows::
[libvirt]
...
virt_type = qemu
#. Ensure files have proper ownership by running the following command::
# systemctl restart update-triggers.target
#. Start the Compute service including its dependencies and configure
them to start automatically when the system boots::
# systemctl enable libvirtd.service \
nova-compute.service
# systemctl start libvirtd.service \
nova-compute.service
Verify operation
~~~~~~~~~~~~~~~~
Verify operation of the Compute service.
*Note:* Perform these commands on the controller node.
#. Source the ``admin`` credentials to gain access to
admin-only CLI commands::
$ source admin-openrc.sh
#. List service components to verify successful launch and
registration of each process::
$ nova service-list
+----+------------------+------------+----------+---------+-------+--------------+-----------------+
| Id | Binary | Host | Zone | Status | State | Updated_at | Disabled Reason |
+----+------------------+------------+----------+---------+-------+--------------+-----------------+
| 1 | nova-conductor | controller | internal | enabled | up | 2014-09-16.. | - |
| 2 | nova-consoleauth | controller | internal | enabled | up | 2014-09-16.. | - |
| 3 | nova-scheduler | controller | internal | enabled | up | 2014-09-16.. | - |
| 4 | nova-cert | controller | internal | enabled | up | 2014-09-16.. | - |
| 5 | nova-compute | compute1 | nova | enabled | up | 2014-09-16.. | - |
+----+------------------+------------+----------+---------+-------+--------------+-----------------+
#. List API endpoints in the Identity service to verify connectivity
with the Identity service::
$ nova endpoints
+-----------+------------------------------------------------------------+
| nova | Value |
+-----------+------------------------------------------------------------+
| id | 1fb997666b79463fb68db4ccfe4e6a71 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| url | http://controller:8774/v2/ae7a98326b9c455588edd2656d723b9d |
+-----------+------------------------------------------------------------+
+-----------+------------------------------------------------------------+
| nova | Value |
+-----------+------------------------------------------------------------+
| id | bac365db1ff34f08a31d4ae98b056924 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| url | http://controller:8774/v2/ae7a98326b9c455588edd2656d723b9d |
+-----------+------------------------------------------------------------+
+-----------+------------------------------------------------------------+
| nova | Value |
+-----------+------------------------------------------------------------+
| id | e37186d38b8e4b81a54de34e73b43f34 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| url | http://controller:8774/v2/ae7a98326b9c455588edd2656d723b9d |
+-----------+------------------------------------------------------------+
+-----------+----------------------------------+
| glance | Value |
+-----------+----------------------------------+
| id | 41ad39f6c6444b7d8fd8318c18ae0043 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| url | http://controller:9292 |
+-----------+----------------------------------+
+-----------+----------------------------------+
| glance | Value |
+-----------+----------------------------------+
| id | 50ecc4ce62724e319f4fae3861e50f7d |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| url | http://controller:9292 |
+-----------+----------------------------------+
+-----------+----------------------------------+
| glance | Value |
+-----------+----------------------------------+
| id | 7d3df077a20b4461a372269f603b7516 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| url | http://controller:9292 |
+-----------+----------------------------------+
+-----------+----------------------------------+
| keystone | Value |
+-----------+----------------------------------+
| id | 88150c2fdc9d406c9b25113701248192 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| url | http://controller:5000/v2.0 |
+-----------+----------------------------------+
+-----------+----------------------------------+
| keystone | Value |
+-----------+----------------------------------+
| id | cecab58c0f024d95b36a4ffa3e8d81e1 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| url | http://controller:5000/v2.0 |
+-----------+----------------------------------+
+-----------+----------------------------------+
| keystone | Value |
+-----------+----------------------------------+
| id | fc90391ae7cd4216aca070042654e424 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| url | http://controller:35357/v2.0 |
+-----------+----------------------------------+
*Note:* Ignore any warnings in this output.
#. List images in the Image service catalog to verify connectivity
with the Image service::
$ nova image-list
+--------------------------------------+--------+--------+--------+
| ID | Name | Status | Server |
+--------------------------------------+--------+--------+--------+
| 38047887-61a7-41ea-9b49-27987d5e8bb9 | cirros | ACTIVE | |
+--------------------------------------+--------+--------+--------+
Next topic: :ref:`openstack_block_storage`.
Reference in New Issue View Git Blame Copy Permalink