十二、Openstack編排服務(heat)
簡單介紹:
heat主要有四個元件:heat-api、heat-engine、heat-api-cfn
heat-api:一個OpenStack本地 REST API ,發送API請求到heat-engine,通過遠端過程調用(RPC)
heat-api-cfn:AWS 隊列API,和AWS CloudFormation相容,發送API請求到heat-engine,通過遠端過程調用
heat-engine:啟動模闆和提供給API消費者回饋事件
控制節點上
1.進入SQL建立heat資料庫并授予權限
mysql -uroot -p
CREATE DATABASE heat;
GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'localhost' IDENTIFIED BY '123456';
GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'%' IDENTIFIED BY '123456';
2.建立heat使用者
需要管理者權限
. admin-openrc
openstack user create --domain default --password-prompt heat
[[email protected] ~]# . admin-openrc
[[email protected] ~]# openstack user create --domain default --password-prompt heat
User Password:
Repeat User Password:
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | b24b3093654b4ba4be706fe675a03b2d |
| enabled | True |
| id | 7237d6802d0142d498f70b26587cfd8a |
| name | heat |
+-----------+----------------------------------+
3.添加 admin 角色到 heat 使用者上
openstack role add --project service --user heat admin
此操作無傳回
4.建立heat 和 heat-cfn 服務實體
heat
openstack service create --name heat --description "Orchestration" orchestration
[[email protected] ~]# openstack service create --name heat --description "Orchestration" orchestration
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Orchestration |
| enabled | True |
| id | ecbbbee759b6422c89c2b6eb6962133f |
| name | heat |
| type | orchestration |
+-------------+----------------------------------+
heat-cfn
openstack service create --name heat-cfn --description "Orchestration" cloudformation
[[email protected] ~]# openstack service create --name heat-cfn --description "Orchestration" cloudformation
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Orchestration |
| enabled | True |
| id | 06b223ae69444ad6abc5a6c1c6a72993 |
| name | heat-cfn |
| type | cloudformation |
+-------------+----------------------------------+
5.建立 Orchestration 服務的 API 端點(括号前面有“ \ ”)
openstack endpoint create --region RegionOne orchestration public http://controller:8004/v1/%\ (tenant_id\ )s
openstack endpoint create --region RegionOne orchestration internal http://controller:8004/v1/%\ (tenant_id\ )s
openstack endpoint create --region RegionOne orchestration admin http://controller:8004/v1/%\ (tenant_id\ )s
[[email protected] ~]# openstack endpoint create --region RegionOne orchestration public http://controller:8004/v1/%(tenant_id)s
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | 009c1a976c3d4e33a75449b0473f9ccf |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | ecbbbee759b6422c89c2b6eb6962133f |
| service_name | heat |
| service_type | orchestration |
| url | http://controller:8004/v1/%(tenant_id)s |
+--------------+-----------------------------------------+
[[email protected] ~]# openstack endpoint create --region RegionOne orchestration internal http://controller:8004/v1/%(tenant_id)s
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | a9faac32b5d04ca1a9af012a7ed862dc |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | ecbbbee759b6422c89c2b6eb6962133f |
| service_name | heat |
| service_type | orchestration |
| url | http://controller:8004/v1/%(tenant_id)s |
+--------------+-----------------------------------------+
[[email protected] ~]# openstack endpoint create --region RegionOne orchestration admin http://controller:8004/v1/%(tenant_id)s
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | 1851bbf86fb440f99341109c46a0160e |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | ecbbbee759b6422c89c2b6eb6962133f |
| service_name | heat |
| service_type | orchestration |
| url | http://controller:8004/v1/%(tenant_id)s |
+--------------+-----------------------------------------+
6.建立Cloudformation服務的 API 端點
openstack endpoint create --region RegionOne cloudformation public http://controller:8000/v1
openstack endpoint create --region RegionOne cloudformation internal http://controller:8000/v1
openstack endpoint create --region RegionOne cloudformation admin http://controller:8000/v1
[[email protected] ~]# openstack endpoint create --region RegionOne cloudformation public http://controller:8000/v1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 4ab91aa026f048d09355b965363d4375 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 06b223ae69444ad6abc5a6c1c6a72993 |
| service_name | heat-cfn |
| service_type | cloudformation |
| url | http://controller:8000/v1 |
+--------------+----------------------------------+
[[email protected] ~]# openstack endpoint create --region RegionOne cloudformation internal http://controller:8000/v1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 3642ae85f2754873b26d3a95ca0715df |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 06b223ae69444ad6abc5a6c1c6a72993 |
| service_name | heat-cfn |
| service_type | cloudformation |
| url | http://controller:8000/v1 |
+--------------+----------------------------------+
[[email protected] ~]# openstack endpoint create --region RegionOne cloudformation admin http://controller:8000/v1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 70c68c28b41840c297904d9bbf3e4f50 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 06b223ae69444ad6abc5a6c1c6a72993 |
| service_name | heat-cfn |
| service_type | cloudformation |
| url | http://controller:8000/v1 |
+--------------+----------------------------------+
7.為棧建立 heat 包含項目和使用者的域
openstack domain create --description "Stack projects and users" heat
[[email protected] ~]# openstack domain create --description "Stack projects and users" heat
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Stack projects and users |
| enabled | True |
| id | 5a006439aef044bb83b8fd73ff6940e6 |
| name | heat |
+-------------+----------------------------------+
8.在 heat 域中建立管理項目和使用者的heat_domain_admin使用者
openstack user create --domain heat --password-prompt heat_domain_admin
[[email protected] ~]# openstack user create --domain heat --password-prompt heat_domain_admin
User Password:
Repeat User Password:
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | 5a006439aef044bb83b8fd73ff6940e6 |
| enabled | True |
| id | 9bd2c8e158424e0aac407a65cb8088b0 |
| name | heat_domain_admin |
+-----------+----------------------------------+
9.添加admin角色到 heat 域 中的heat_domain_admin使用者,啟用heat_domain_admin使用者管理棧的管理權限
openstack role add --domain heat --user-domain heat --user heat_domain_admin admin
此操作無傳回
10.建立 heat_stack_owner 角色
openstack role create heat_stack_owner
[[email protected] ~]# openstack role create heat_stack_owner
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | None |
| id | f17937c920924d23bae8d108275ed3ee |
| name | heat_stack_owner |
+-----------+----------------------------------+
11.添加heat_stack_owner 角色到demo項目和使用者,啟用demo 使用者管理棧
openstack role add --project demo --user demo heat_stack_owner
此操作無傳回
12.建立 heat_stack_user 角色
openstack role create heat_stack_user
[[email protected] ~]# openstack role create heat_stack_user
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | None |
| id | b78f46c2d9ca4969b98346c92eb0bd23 |
| name | heat_stack_user |
+-----------+----------------------------------+
安裝配置:
1.安裝軟體包
yum install openstack-heat-api openstack-heat-api-cfn openstack-heat-engine
yum install openstack-heat-api openstack-heat-api-cfn openstack-heat-engine
2.修改配置檔案/etc/heat/heat.conf
vi /etc/heat/heat.conf
[DEFAULT]
rpc_backend = rabbit#啟用消息隊列
heat_metadata_server_url = http://controller:8000#配置中繼資料
heat_waitcondition_server_url = http://controller:8000/v1/waitcondition#配置URLserver
#配置棧域與管理憑據
stack_domain_admin = heat_domain_admin#具有足夠管理使用者和項目功能的使用者
stack_domain_admin_password = 123456#(heat_domain_admin使用者選擇密碼)
stack_user_domain_name = heat#包含heat的域
配置資料庫通路
[database]
connection = mysql+pymysql://heat:[email protected]/heat
配置消息隊列
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = 123456
配置認證服務通路(都是heat的密碼)
[keystone_authtoken]#沒有這個自己添加在配置檔案最下面
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = heat
password = 123456
[trustee]
auth_plugin = password#要加載的插件的名稱
auth_url = http://controller:35357#認證的URL
username = heat#使用者名
password = 123456#密碼
user_domain_name = default#域
[clients_keystone]
auth_uri = http://controller:35357#沒有版本的URL
[ec2authtoken]
auth_uri = http://controller:5000/v2.0#認證的端點的URI
3.同步Orchestration資料庫
su -s /bin/sh -c "heat-manage db_sync" heat
[[email protected] ~]# vi /etc/heat/heat.conf
[[email protected] ~]# su -s /bin/sh -c "heat-manage db_sync" heat
2017-11-16 11:08:46.484 17785 INFO migrate.versioning.api [-] 27 -> 28...
2017-11-16 11:08:47.516 17785 INFO migrate.versioning.api [-] done
2017-11-16 11:08:47.516 17785 INFO migrate.versioning.api [-] 28 -> 29...
2017-11-16 11:08:47.724 17785 INFO migrate.versioning.api [-] done
2017-11-16 11:08:47.724 17785 INFO migrate.versioning.api [-] 29 -> 30...
2017-11-16 11:08:47.810 17785 INFO migrate.versioning.api [-] done
2017-11-16 11:08:47.811 17785 INFO migrate.versioning.api [-] 30 -> 31...
2017-11-16 11:08:47.907 17785 INFO migrate.versioning.api [-] done
...
...
...
2017-11-16 11:09:13.848 17785 INFO migrate.versioning.api [-] 68 -> 69...
2017-11-16 11:09:13.858 17785 INFO migrate.versioning.api [-] done
2017-11-16 11:09:13.858 17785 INFO migrate.versioning.api [-] 69 -> 70...
2017-11-16 11:09:13.870 17785 INFO migrate.versioning.api [-] done
2017-11-16 11:09:13.870 17785 INFO migrate.versioning.api [-] 70 -> 71...
2017-11-16 11:09:14.183 17785 INFO migrate.versioning.api [-] done
完成安裝:
啟動 Orchestration 服務并将其設定為随系統啟動
systemctl enable openstack-heat-api.service openstack-heat-api-cfn.service openstack-heat-engine.service
systemctl start openstack-heat-api.service openstack-heat-api-cfn.service openstack-heat-engine.service
[[email protected] ~]# systemctl enable openstack-heat-api.service openstack-heat-api-cfn.service openstack-heat-engine.service
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-heat-api.service to /usr/lib/systemd/system/openstack-heat-api.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-heat-api-cfn.service to /usr/lib/systemd/system/openstack-heat-api-cfn.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/openstack-heat-engine.service to /usr/lib/systemd/system/openstack-heat-engine.service.
[[email protected] ~]# systemctl start openstack-heat-api.service openstack-heat-api-cfn.service openstack-heat-engine.service
驗證:
使用管理者權限
. admin-openrc
列出服務元件,以驗證是否成功啟動并注冊了每個程序
openstack orchestration service list
[[email protected] ~]# . admin-openrc
[[email protected] ~]# openstack orchestration service list
+------------+-------------+---------------------+------------+--------+---------------------+--------+
| hostname | binary | engine_id | host | topic | updated_at | status |
+------------+-------------+---------------------+------------+--------+---------------------+--------+
| controller | heat-engine | e1066999-feed-4b43 | controller | engine | 2017-11-16T16:25:34 | up |
| | | -a44a-60a8483c1b0a | | | .000000 | |
| controller | heat-engine | b9b6cf22-8321-4a9b- | controller | engine | 2017-11-16T16:25:34 | up |
| | | b9a6-892c1da4a2b8 | | | .000000 | |
| controller | heat-engine | b9aeb965-d292-486c- | controller | engine | 2017-11-16T16:25:20 | up |
| | | 977a-4bf185fb3882 | | | .000000 | |
| controller | heat-engine | 1fbf6581-ef7c-43ab- | controller | engine | 2017-11-16T16:25:20 | up |
| | | 80e4-a112e15345a4 | | | .000000 | |
+------------+-------------+---------------------+------------+--------+---------------------+--------+
![hualinux1.20 基礎:sendEmail安裝及郵件發送[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)