20141028
Foreman
- Foreman is a deployment management tool. It provides web user interface for managing the installation and configuration of remote systems.
清空昨天建立的虛擬機器
在實體主機
# lab-reset-vm
This will destroy the virtual machine and reset it to the last saved state.
Is this ok [y/N]: y
Waiting for things to settle...
Done.
Lab: 安裝 foreman ( 另外一種安裝 openstack 的方式 )
在實體機器上面
#yum install -y openstack-foreman-installer
取得環境設定變數的檔案
# wget http://instructor.example.com/pub/materials/foreman-params.env
# vi foreman-params.env
將IP設定為虛擬機器的IP(要部署到哪一台)
# OpenStack networking configs.
###############################
# Change X+100 to your value.
# E.g., if your value of X is 7, change X+100 to 107;
# If your value of X is 17, change X+100 to 117.
###############################
export PRIVATE_CONTROLLER_IP=192.168.0.105
export PRIVATE_INTERFACE=eth0
export PRIVATE_NETMASK=192.168.0.0/24
export PUBLIC_CONTROLLER_IP=192.168.0.105
export PUBLIC_INTERFACE=eth0
export PUBLIC_NETMASK=192.168.0.0/24
export FOREMAN_GATEWAY=false
export FOREMAN_PROVISIONING=false
讓變數生效
# source foreman-params.env
驗證變數是否生效
# echo $FOREMAN_GATEWAY
false
# cd /usr/share/openstack-foreman-installer/bin/
執行安裝 script
# sh foreman_server.sh
#################### RED HAT OPENSTACK #####################
Thank you for using the Red Hat OpenStack Foreman Installer!
############################################################
Press [Enter] to continue
Foreman is installed and almost ready for setting up your OpenStack
You'll find Foreman at https://desktop5.example.com
The user name is 'admin' and default password is 'changeme'.
Please change the password at https://desktop5.example.com/users/1-admin/edit
登入 foreman 的web 界面
帳號是 admin 密碼是 changeme
會看到以下的畫面
Lab 規劃
虛擬機器安裝 open
先在虛擬機器
# scp root@desktop5:/tmp/foreman_client.sh /root
The authenticity of host 'desktop5 (192.168.0.5)' can't be established.
RSA key fingerprint is d2:e8:38:24:cd:02:74:bc:ea:70:7b:e3:26:87:9c:eb.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'desktop5,192.168.0.5' (RSA) to the list of known hosts.
root@desktop5's password:
foreman_client.sh 100% 577 0.6KB/s 00:00
執行 foreman用戶端 script
#sh /root/foreman_client.sh
在 foreman 界面
點選 More --> Configuration --> Host Group
點選 Controller( Neutron )
點選 Parameters 分頁
點選 admin_password 的 override
將 密碼改為 redhat 然後點選 Submit
在 foreman 界面
點選 More --> Configuration --> Host Group
點選 Compute( Neutron )
點選 Parameters 分頁
點選 admin_password 的 override
點選 private_interface 的 override
點選 public_interface 的 override
將 密碼改為 redhat
將 interface 改為 br100 然後點選 Submit
點選畫面上方的 Host 進入 Host 頁面
點選 Server5 的 Edit 按鈕
將 Host Group 設定為 Controller ( Neutron )
點選 Submit
這個時候會發現Host Group 已經指定上去
接下來點選 desktop5( 實體主機 ) 的 Edit 按鈕
Host Group 指定為 Compute ( Neutron )
點選 Submit
接下來就會看到兩個 Host Group 都指定上去
接下來分別在虛擬機器以及實體機器執行 puppet 程式安裝該角色要執行的套件
[root@server5 ~]# puppet agent -tv
[root@desktop5 bin]# puppet agent -tv
這邊覺得比較奇怪的是 https:// 沒有啟動
連接 openstack的網頁界面
使用 admin 密碼 redhat 登入
觀察一下 HyperVisor
Lab: Chapter Test
測試是否能夠自我建立 openStack
workbook p31
移除掉所有的VM
在實體主機
(這個練習就是重新安裝一次 openstack-packstack, 參考自己之前的筆記就好)
==== 中午休息 ====
重新安裝 實體電腦
重新開機, 選擇 PXE開機, 選取分配的 Desktop 5
** Chapter 3 Implementing the qpid message broker
Lab: Installing and securing the Qpid message broker
workbook p 38
在虛擬機器
[root@server5 ~]# yum update -y
安裝相關套件
[root@server5 ~]# yum install qpid-cpp-server qpid-cpp-server-ssl cyrus-sasl-md5
========================================================================================================
Package Arch Version Repository Size
========================================================================================================
Installing:
cyrus-sasl-md5 x86_64 2.1.23-13.el6_3.1 base 47 k
qpid-cpp-server x86_64 0.14-22.el6_3 base 1.0 M
qpid-cpp-server-ssl x86_64 0.14-22.el6_3 base 60 k
Installing for dependencies:
boost-filesystem x86_64 1.41.0-18.el6 base 45 k
boost-program-options x86_64 1.41.0-18.el6 base 106 k
boost-system x86_64 1.41.0-18.el6 base 24 k
qpid-cpp-client x86_64 0.14-22.el6_3 base 1.0 M
qpid-cpp-client-ssl x86_64 0.14-22.el6_3 base 111 k
Transaction Summary
========================================================================================================
Install 8 Package(s)
Total download size: 2.4 M
Installed size: 8.8 M
Is this ok [y/N]: y
建立 sasl 帳號
[root@server5 ~]# saslpasswd2 -f /var/lib/qpidd/qpidd.sasldb -u QPID qpidauth
Password:
Again (for verification):
驗證帳號以及使用者
[root@server5 ~]# sasldblistusers2 -f /var/lib/qpidd/qpidd.sasldb
qpidauth@QPID: userPassword
設定 qpidauth.acl
[root@server5 ~]# echo 'acl allow qpidauth@QPID all all' > /etc/qpid/qpidauth.acl
驗證
[root@server5 ~]# cat /etc/qpid/qpidauth.acl
acl allow qpidauth@QPID all all
設定系統 /etc/sysconfig 內的相關設定
[root@server5 ~]# echo "QPIDD_OPTIONS='--acl-file /etc/qpid/qpidauth.acl'" >> /etc/sysconfig/qpidd
驗證
[root@server5 ~]# cat /etc/sysconfig/qpidd
QPIDD_OPTIONS='--acl-file /etc/qpid/qpidauth.acl'
設定權限以及擁有人
[root@server5 ~]# chown qpidd /etc/qpid/qpidauth.acl
[root@server5 ~]# chmod 600 /etc/qpid/qpidauth.acl
[root@server5 ~]# ls -hl /etc/qpid/qpidauth.acl
-rw-------. 1 qpidd root 32 Oct 28 13:46 /etc/qpid/qpidauth.acl
[root@server5 ~]# vi /etc/qpidd.conf
移除 ANONYMOUS
cluster-mechanism=DIGEST-MD5
驗證是否移除
[root@server5 ~]# grep MD5 /etc/qpidd.conf
#cluster-mechanism=DIGEST-MD5 ANONYMOUS
cluster-mechanism=DIGEST-MD5
[root@server5 ~]# mkdir /etc/pki/tls/qpid
[root@server5 ~]# chmod 700 /etc/pki/tls/qpid/
[root@server5 ~]# chown qpidd /etc/pki/tls/qpid/
[root@server5 ~]# echo redhat > /etc/qpid/qpid.pass
# cat /etc/qpid/qpid.pass
redhat
[root@server5 ~]# chmod 600 /etc/qpid/qpid.pass
[root@server5 ~]# chown qpidd /etc/qpid/qpid.pass
[root@server5 ~]# ls -hl /etc/qpid/qpid.pass
-rw-------. 1 qpidd root 7 Oct 28 14:02 /etc/qpid/qpid.pass
[root@server5 ~]# echo $HOSTNAME
server5.example.com
[root@server5 ~]# certutil -N -d /etc/pki/tls/qpid/ -f /etc/qpid/qpid.pass
[root@server5 ~]# certutil -S -d /etc/pki/tls/qpid/ -n $HOSTNAME -s "CN=$HOSTNAME" -t "CT,," -x -f /etc/qpid/qpid.pass -z /usr/bin/certutil
[root@server5 ~]# chown -R qpidd /etc/pki/tls/qpid/
[root@server5 ~]# vi /etc/qpidd.conf
加入下列設定
ssl-cert-db=/etc/pki/tls/qpid/
ssl-cert-name=server5.example.com
ssl-cert-password-file=/etc/qpid/qpid.pass
require-encryption=yes
[root@server5 ~]# service qpidd start
Starting Qpid AMQP daemon: [ OK ]
[root@server5 ~]# tail /var/log/messages
Oct 28 13:31:39 server5 yum[1524]: Installed: cyrus-sasl-md5-2.1.23-13.el6_3.1.x86_64
Oct 28 13:32:59 server5 saslpasswd2: error deleting entry from sasldb: DB_NOTFOUND: No matching key/data pair found
Oct 28 13:32:59 server5 saslpasswd2: error deleting entry from sasldb: DB_NOTFOUND: No matching key/data pair found
Oct 28 13:32:59 server5 saslpasswd2: error deleting entry from sasldb: DB_NOTFOUND: No matching key/data pair found
Oct 28 13:38:50 server5 ntpd[1322]: 0.0.0.0 c612 02 freq_set kernel 7.521 PPM
Oct 28 13:38:50 server5 ntpd[1322]: 0.0.0.0 c615 05 clock_sync
Oct 28 14:10:50 server5 qpidd[1614]: 2014-10-28 14:10:50 notice Listening on TCP/TCP6 port 5672
Oct 28 14:10:50 server5 qpidd[1614]: 2014-10-28 14:10:50 notice Listening for SSL connections on TCP port 5671
Oct 28 14:10:50 server5 qpidd[1614]: 2014-10-28 14:10:50 notice Read ACL file "/etc/qpid/qpidauth.acl"
Oct 28 14:10:50 server5 qpidd[1614]: 2014-10-28 14:10:50 notice Broker running
[root@server5 ~]# chkconfig qpidd on
[root@server5 ~]# chkconfig qpidd --list
qpidd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
---- class break ----
為了確保後面可以還原
將VM 關機
[root@server5 ~]# poweroff
於實體主機
[student@desktop5 ~]$ cd /var/lib/libvirt/images/
[student@desktop5 images]$ ls -hl
total 632M
-rw-r--r--. 1 qemu qemu 372M Aug 29 06:44 etbase.img
-rw-r--r--. 1 root root 60M Oct 28 14:23 etbase.ovl
-rw-r--r--. 1 qemu qemu 101M Oct 28 13:19 vdb.img
-rw-r--r--. 1 root root 193K Oct 28 13:19 vdb.ovl
-rw-r--r--. 1 qemu qemu 101M Oct 28 13:19 vdc.img
-rw-r--r--. 1 root root 193K Oct 28 13:19 vdc.ovl
[root@desktop5 images]# mkdir Unit3
[root@desktop5 images]# cp -a etbase.ovl Unit3/
[root@desktop5 images]#virsh start server5
* Chapter 4 Implementing the keystone identity service
Lab: Deploying the Keystone identity service
workbook p47
安裝相關套件
[root@server5 ~]# yum install openstack-keystone openstack-selinux openstack-utils
Dependencies Resolved
===================================================================================================
Package Arch Version Repository Size
===================================================================================================
Installing:
openstack-keystone noarch 2013.2.1-1.el6ost OpenStack 33 k
openstack-selinux noarch 0.1.3-2.el6ost OpenStack 47 k
openstack-utils noarch 2013.2-2.el6ost OpenStack 18 k
Installing for dependencies:
進行初始化
[root@server5 ~]# openstack-db --init --service keystone
mysql-server is not installed. Would you like to install it now? (y/n): y
Dependencies Resolved
===================================================================================================
Package Arch Version Repository Size
===================================================================================================
Installing:
mysql-server x86_64 5.1.71-1.el6 base 8.6 M
Installing for dependencies:
mysql x86_64 5.1.71-1.el6 base 893 k
perl-DBD-MySQL x86_64 4.013-3.el6 base 134 k
perl-DBI x86_64 1.609-4.el6 base 707 k
Transaction Summary
===================================================================================================
Install 4 Package(s)
Total download size: 10 M
Installed size: 29 M
Is this ok [y/N]: y
Dependency Installed:
mysql.x86_64 0:5.1.71-1.el6 perl-DBD-MySQL.x86_64 0:4.013-3.el6 perl-DBI.x86_64 0:1.609-4.el6
Complete!
mysqld is not running. Would you like to start it now? (y/n): y
Starting mysqld: [ OK ]
Since this is a fresh installation of MySQL, please set a password for the 'root' mysql user.
Enter new password for 'root' mysql user:
Enter new password again:
Verified connectivity to MySQL.
[root@server5 ~]# keystone-manage pki_setup --keystone-user keystone --keystone-group keystone
設定相關變數
[root@server5 ~]# export SERVICE_TOKEN=$(openssl rand -hex 10)
[root@server5 ~]# export SERVICE_ENDPOINT=http://server5.example.com:35357/v2.0
[root@server5 ~]# echo $SERVICE_TOKEN
54fd166a9bc6116ade80
[root@server5 ~]# echo $SERVICE_TOKEN > /root/ks_admin_token
設定 admin_token
[root@server5 ~]# openstack-config --set /etc/keystone/keystone.conf DEFAULT admin_token $SERVICE_TOKEN
[root@server5 ~]# grep admin_token /etc/keystone/keystone.conf
admin_token = 54fd166a9bc6116ade80
# admin_token = ADMIN
啟動服務並設定開機啟動
[root@server5 ~]# service openstack-keystone start
Starting keystone: [ OK ]
[root@server5 ~]# chkconfig openstack-keystone on
[root@server5 ~]# chkconfig openstack-keystone --list
openstack-keystone 0:off 1:off 2:on 3:on 4:on 5:on 6:off
觀察是否有在執行
[root@server5 ~]# ps -ef | grep keystone-all
keystone 1882 1 1 15:00 ? 00:00:00 /usr/bin/python /usr/bin/keystone-all --config-file /usr/share/keystone/keystone-dist.conf --config-file /etc/keystone/keystone.conf
root 1924 1467 0 15:01 pts/0 00:00:00 grep keystone-all
觀察是否有錯誤
[root@server5 ~]# grep ERROR /var/log/keystone/keystone.log
憑證存放位置
[root@server5 ~]#ls /etc/keystone/ssl/certs
[root@server5 ~]# keystone service-list
[root@server5 ~]# keystone service-create --name=keystone --type=identity --description="Keystone Identity Service"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Keystone Identity Service |
| id | b226b761075c4173a18a414b52aac0a8 |
| name | keystone |
| type | identity |
+-------------+----------------------------------+
[root@server5 ~]# keystone service-list
+----------------------------------+----------+----------+---------------------------+
| id | name | type | description |
+----------------------------------+----------+----------+---------------------------+
| b226b761075c4173a18a414b52aac0a8 | keystone | identity | Keystone Identity Service |
+----------------------------------+----------+----------+---------------------------+
[root@server5 ~]# keystone endpoint-list
[root@server5 ~]# keystone endpoint-create --service-id b226b761075c4173a18a414b52aac0a8 --publicurl 'http://server5.example.com:5000/v2.0' --adminurl 'http://server5.example.com:35357/v2.0' --internalurl 'http://server5.example.com:5000/v2.0'
+-------------+---------------------------------------+
| Property | Value |
+-------------+---------------------------------------+
| adminurl | http://server5.example.com:35357/v2.0 |
| id | f648baba020e4210a692d6b739db27a8 |
| internalurl | http://server5.example.com:5000/v2.0 |
| publicurl | http://server5.example.com:5000/v2.0 |
| region | regionOne |
| service_id | b226b761075c4173a18a414b52aac0a8 |
+-------------+---------------------------------------+
透過 keystone 指令建立使用者
workbook p53
[root@server5 ~]# keystone user-list
[root@server5 ~]# keystone user-create --name admin --pass redhat
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | |
| enabled | True |
| id | 864fef71904746feaad1c75e0ba3a911 |
| name | admin |
+----------+----------------------------------+
[root@server5 ~]# keystone user-list
+----------------------------------+-------+---------+-------+
| id | name | enabled | email |
+----------------------------------+-------+---------+-------+
| 864fef71904746feaad1c75e0ba3a911 | admin | True | |
+----------------------------------+-------+---------+-------+
[root@server5 ~]# keystone role-list
+----------------------------------+----------+
| id | name |
+----------------------------------+----------+
| 9fe2ff9ee4384b1894a90878d3e92bab | _member_ |
+----------------------------------+----------+
[root@server5 ~]# keystone role-create --name admin
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| id | db5b551d50dc4d97a7bd89cc65edf149 |
| name | admin |
+----------+----------------------------------+
[root@server5 ~]# keystone role-list
+----------------------------------+----------+
| id | name |
+----------------------------------+----------+
| 9fe2ff9ee4384b1894a90878d3e92bab | _member_ |
| db5b551d50dc4d97a7bd89cc65edf149 | admin |
+----------------------------------+----------+
[root@server5 ~]# keystone tenant-create --name admin
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | |
| enabled | True |
| id | 0fa2ca1bd34c4a4b88ce36272038574d |
| name | admin |
+-------------+----------------------------------+
[root@server5 ~]# keystone user-role-add --user admin --role admin --tenant admin
[root@server5 ~(keystone_admin)]$ keystone user-role-list
+----------------------------------+-------+----------------------------------+----------------------------------+
| id | name | user_id | tenant_id |
+----------------------------------+-------+----------------------------------+----------------------------------+
| db5b551d50dc4d97a7bd89cc65edf149 | admin | 864fef71904746feaad1c75e0ba3a911 | 0fa2ca1bd34c4a4b88ce36272038574d |
+----------------------------------+-------+----------------------------------+----------------------------------+
指定方式
[root@server5 ~(keystone_admin)]$ keystone user-role-list --user admin --tenant admin
+----------------------------------+-------+----------------------------------+----------------------------------+
| id | name | user_id | tenant_id |
+----------------------------------+-------+----------------------------------+----------------------------------+
| db5b551d50dc4d97a7bd89cc65edf149 | admin | 864fef71904746feaad1c75e0ba3a911 | 0fa2ca1bd34c4a4b88ce36272038574d |
+----------------------------------+-------+----------------------------------+----------------------------------+
[root@server5 ~]# vi /root/keystonerc_admin
加入以下
export OS_USERNAME=admin
export OS_TENANT_NAME=admin
export OS_PASSWORD=redhat
export OS_AUTH_URL=http://server5.example.com:35357/v2.0/
export PS1='[\u@\h \W(keystone_admin)]\\$ '
[root@server5 ~]# unset SERVICE_TOKEN
[root@server5 ~]# unset SERVICE_ENDPOINT
使用 keystonerc_admin
[root@server5 ~]# source /root/keystonerc_admin
測試是否成功
[root@server5 ~(keystone_admin)]$ keystone user-list
+----------------------------------+-------+---------+-------+
| id | name | enabled | email |
+----------------------------------+-------+---------+-------+
| 864fef71904746feaad1c75e0ba3a911 | admin | True | |
+----------------------------------+-------+---------+-------+
Lab: Chapter Test
Answer in p218
---- Class break ----
將VM 關機, 執行備份再開機
[root@desktop5 ~]# cd /var/lib/libvirt/images/
[root@desktop5 images]# ls -hl
total 1.1G
-rw-r--r--. 1 qemu qemu 372M Aug 29 06:44 etbase.img
-rw-r--r--. 1 root root 487M Oct 28 15:58 etbase.ovl
drwxr-xr-x. 2 root root 4.0K Oct 28 14:33 Unit3
drwxr-xr-x. 2 root root 4.0K Oct 28 15:59 Unit4
-rw-r--r--. 1 qemu qemu 101M Oct 28 13:19 vdb.img
-rw-r--r--. 1 root root 193K Oct 28 13:19 vdb.ovl
-rw-r--r--. 1 qemu qemu 101M Oct 28 13:19 vdc.img
-rw-r--r--. 1 root root 193K Oct 28 13:19 vdc.ovl
[root@desktop5 images]# cp -a etbase.ovl Unit4/
* Chapter 5 Implementing the swift object storage service
Lab: Installing the Swift object storage service
workbook p62
安裝相關套件
[root@server5 ~]# yum install -y openstack-swift-proxy openstack-swift-object openstack-swift-container openstack-swift-account memcached
取得權限
[root@server5 ~]# source /root/keystonerc_admin
[root@server5 ~(keystone_admin)]$ keystone user-create --name swift --pass redhat
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | |
| enabled | True |
| id | 11468bea059d4955b976c4c1753a1fdc |
| name | swift |
+----------+----------------------------------+
[root@server5 ~(keystone_admin)]$ keystone role-list | grep admin
| db5b551d50dc4d97a7bd89cc65edf149 | admin |
[root@server5 ~(keystone_admin)]$ keystone tenant-list | grep services
[root@server5 ~(keystone_admin)]$ keystone tenant-create --name services
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | |
| enabled | True |
| id | 047e809fc22e4ff687cfecbe15e728a0 |
| name | services |
+-------------+----------------------------------+
[root@server5 ~(keystone_admin)]$ keystone user-role-add --role admin --tenant services --user swift
[root@server5 ~(keystone_admin)]$ keystone service-list
+----------------------------------+----------+----------+---------------------------+
| id | name | type | description |
+----------------------------------+----------+----------+---------------------------+
| b226b761075c4173a18a414b52aac0a8 | keystone | identity | Keystone Identity Service |
+----------------------------------+----------+----------+---------------------------+
[root@server5 ~(keystone_admin)]$ keystone service-create --name swift --type object-store --description "Swift Storage Service"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Swift Storage Service |
| id | 2482a3676fd34420ad759d8faf024d6e |
| name | swift |
| type | object-store |
+-------------+----------------------------------+
[root@server5 ~(keystone_admin)]$ keystone service-list
+----------------------------------+----------+--------------+---------------------------+
| id | name | type | description |
+----------------------------------+----------+--------------+---------------------------+
| b226b761075c4173a18a414b52aac0a8 | keystone | identity | Keystone Identity Service |
| 2482a3676fd34420ad759d8faf024d6e | swift | object-store | Swift Storage Service |
+----------------------------------+----------+--------------+---------------------------+
[root@server5 ~(keystone_admin)]$ keystone endpoint-list
+----------------------------------+-----------+--------------------------------------+--------------------------------------+---------------------------------------+----------------------------------+
| id | region | publicurl | internalurl | adminurl | service_id |
+----------------------------------+-----------+--------------------------------------+--------------------------------------+---------------------------------------+----------------------------------+
| f648baba020e4210a692d6b739db27a8 | regionOne | http://server5.example.com:5000/v2.0 | http://server5.example.com:5000/v2.0 | http://server5.example.com:35357/v2.0 | b226b761075c4173a18a414b52aac0a8 |
+----------------------------------+-----------+--------------------------------------+--------------------------------------+---------------------------------------+----------------------------------+
[root@server5 ~(keystone_admin)]$ keystone endpoint-create --service-id 2482a3676fd34420ad759d8faf024d6e --publicurl "http://server5.example.com:8080/v1/AUTH_%(tenant_id)s" --adminurl "http://server5.example.com:8080/v1/AUTH_%(tenant_id)s" --internalurl "http://server5.example.com:8080/v1/AUTH_%(tenant_id)s"
+-------------+-------------------------------------------------------+
| Property | Value |
+-------------+-------------------------------------------------------+
| adminurl | http://server5.example.com:8080/v1/AUTH_%(tenant_id)s |
| id | 3f2d386301a840fea6551f22e7da33fb |
| internalurl | http://server5.example.com:8080/v1/AUTH_%(tenant_id)s |
| publicurl | http://server5.example.com:8080/v1/AUTH_%(tenant_id)s |
| region | regionOne |
| service_id | 2482a3676fd34420ad759d8faf024d6e |
+-------------+-------------------------------------------------------+
Lab: Deploying a Swift storage node
workbook p65
[root@server5 ~(keystone_admin)]$ lab-create-single-partition /dev/vdb
/dev/vdb: block special
Are you sure you want to continue?
This will destroy the partition table and all data on /dev/vdb. (y/N) y
[root@server5 ~(keystone_admin)]$ lab-create-single-partition /dev/vdc
/dev/vdc: block special
Are you sure you want to continue?
This will destroy the partition table and all data on /dev/vdc. (y/N) y
[root@server5 ~(keystone_admin)]$ cat /proc/partitions
major minor #blocks name
252 0 67108864 vda
252 1 262144 vda1
252 2 31457280 vda2
252 3 5242880 vda3
252 4 1 vda4
252 5 2097152 vda5
252 16 102400 vdb
252 17 98304 vdb1
252 32 102400 vdc
252 33 98304 vdc1
253 0 4194304 dm-0
253 1 27230208 dm-1
[root@server5 ~(keystone_admin)]$ mkfs.ext4 /dev/vdb1
[root@server5 ~(keystone_admin)]$ mkfs.ext4 /dev/vdc1
[root@server5 ~(keystone_admin)]$ mkdir -p /srv/node/z{1,2}d1
[root@server5 ~(keystone_admin)]$ cp /etc/fstab /etc/fstab.orig
[root@server5 ~(keystone_admin)]$ echo "/dev/vdb1 /srv/node/z1d1 ext4 acl,user_xattr 0 0" >> /etc/fstab
[root@server5 ~(keystone_admin)]$ echo "/dev/vdc1 /srv/node/z2d1 ext4 acl,user_xattr 0 0" >> /etc/fstab
[root@server5 ~(keystone_admin)]$ tail /etc/fstab
/dev/mapper/vol0-root / ext4 defaults 1 1
UUID=55cec0b3-5bf6-426a-aff6-a273339e26bc /boot ext4 defaults 1 2
/dev/mapper/vol0-var /var ext4 defaults 1 2
UUID=e39b1643-74b9-4dd3-99ec-4c7ba7eb4620 swap swap defaults 0 0
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
/dev/vdb1 /srv/node/z1d1 ext4 acl,user_xattr 0 0
/dev/vdc1 /srv/node/z2d1 ext4 acl,user_xattr 0 0
[root@server5 ~(keystone_admin)]$ mount
/dev/mapper/vol0-root on / type ext4 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
tmpfs on /dev/shm type tmpfs (rw,rootcontext="system_u:object_r:tmpfs_t:s0")
/dev/vda1 on /boot type ext4 (rw)
/dev/mapper/vol0-var on /var type ext4 (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
[root@server5 ~(keystone_admin)]$ mount -a
[root@server5 ~(keystone_admin)]$ mount
/dev/mapper/vol0-root on / type ext4 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
tmpfs on /dev/shm type tmpfs (rw,rootcontext="system_u:object_r:tmpfs_t:s0")
/dev/vda1 on /boot type ext4 (rw)
/dev/mapper/vol0-var on /var type ext4 (rw)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
/dev/vdb1 on /srv/node/z1d1 type ext4 (rw,acl,user_xattr)
/dev/vdc1 on /srv/node/z2d1 type ext4 (rw,acl,user_xattr)
[root@server5 ~(keystone_admin)]$ chown -R swift:swift /srv/node
[root@server5 ~(keystone_admin)]$ restorecon -R /srv/
[root@server5 ~(keystone_admin)]$ cp /etc/swift/swift.conf /etc/swift/swift.conf.orig
[root@server5 ~(keystone_admin)]$ cp /etc/swift/account-server.conf /etc/swift/account-server.conf.orig
[root@server5 ~(keystone_admin)]$ cp /etc/swift/container-server.conf /etc/swift/container-server.conf.orig
[root@server5 ~(keystone_admin)]$ cp /etc/swift/object-server.conf /etc/swift/object-server.conf.orig
[root@server5 ~(keystone_admin)]$ cat /etc/swift/swift.conf
[swift-hash]
swift_hash_path_suffix = %SWIFT_HASH_PATH_SUFFIX%
[root@server5 ~(keystone_admin)]$ openstack-config --set /etc/swift/swift.conf swift-hash swift_hash_path_prefix $(openssl rand -hex 10)
[root@server5 ~(keystone_admin)]$ openstack-config --set /etc/swift/swift.conf swift-hash swift_hash_path_suffix $(openssl rand -hex 10)
[root@server5 ~(keystone_admin)]$ cat /etc/swift/swift.conf
[swift-hash]
swift_hash_path_suffix = 310cb0a39469892dc478
swift_hash_path_prefix = 48ae012f23d204e0c2fb
[root@server5 ~(keystone_admin)]$ openstack-config --set /etc/swift/account-server.conf DEFAULT bind_ip 192.168.0.105
[root@server5 ~(keystone_admin)]$ openstack-config --set /etc/swift/container-server.conf DEFAULT bind_ip 192.168.0.105
[root@server5 ~(keystone_admin)]$ openstack-config --set /etc/swift/object-server.conf DEFAULT bind_ip 192.168.0.105
驗證
[root@server5 ~(keystone_admin)]$ grep bind_ip /etc/swift/*.conf
/etc/swift/account-server.conf:bind_ip = 192.168.0.105
/etc/swift/container-server.conf:bind_ip = 192.168.0.105
/etc/swift/object-server.conf:bind_ip = 192.168.0.105
啟動相關服務並驗證
[root@server5 ~(keystone_admin)]$ service openstack-swift-account start
Starting openstack-swift-account: [ OK ]
[root@server5 ~(keystone_admin)]$ service openstack-swift-container start
Starting openstack-swift-container: [ OK ]
[root@server5 ~(keystone_admin)]$ service openstack-swift-object start
Starting openstack-swift-object: [ OK ]
[root@server5 ~(keystone_admin)]$ tail /var/log/messages
Oct 28 16:57:01 server5 kernel: vdc: vdc1
Oct 28 17:02:50 server5 kernel: EXT4-fs (vdb1): mounted filesystem with ordered data mode. Opts:
Oct 28 17:02:50 server5 kernel: EXT4-fs (vdc1): mounted filesystem with ordered data mode. Opts:
Oct 28 17:13:04 server5 account-server Started child 2075
Oct 28 17:13:04 server5 account-server Started child 2076
Oct 28 17:13:14 server5 container-server Started child 2092
Oct 28 17:13:14 server5 container-server Started child 2093
Oct 28 17:13:21 server5 object-server Started child 2109
Oct 28 17:13:21 server5 object-server Started child 2110
Oct 28 17:13:21 server5 object-server Started child 2111
設定開機啟動服務
[root@server5 ~(keystone_admin)]$ chkconfig openstack-swift-account on
[root@server5 ~(keystone_admin)]$ chkconfig openstack-swift-account --list
openstack-swift-account 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@server5 ~(keystone_admin)]$ chkconfig openstack-swift-container on
[root@server5 ~(keystone_admin)]$ chkconfig openstack-swift-container --list
openstack-swift-container 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@server5 ~(keystone_admin)]$ chkconfig openstack-swift-object on
[root@server5 ~(keystone_admin)]$ chkconfig openstack-swift-object --list
openstack-swift-object 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Notes:
沒有留言:
張貼留言