安装和配置控制节点
本节介绍如何在控制节点上安装和配置容器服务。
先决条件
在安装和配置Zun之前,必须创建数据库、服务凭据和API端点。
要创建数据库,请完成以下步骤:
使用数据库访问客户端以根用户身份连接到数据库服务器:
1
2
3
4
5
6
7
8
9
| Create the zun database:
MariaDB [(none)] CREATE DATABASE zun;
Grant proper access to the zun database:
MariaDB [(none)]> GRANT ALL PRIVILEGES ON zun.* TO 'zun'@'localhost' \
IDENTIFIED BY '123456';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON zun.* TO 'zun'@'%' \
IDENTIFIED BY '123456';
|
退出数据库访问客户端。
获取管理员凭据以访问仅限管理员的CLI命令:
$ . admin-openrc
要创建服务凭据,请完成以下步骤:
创建zun用户:
1
2
3
4
5
6
7
8
9
10
11
| $ openstack user create --domain default --password-prompt zun
User Password:
Repeat User Password:
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | e0353a670a9e496da891347c589539e9 |
| enabled | True |
| id | ca2e175b851943349be29a328cc5e360 |
| name | zun |
+-----------+----------------------------------+
|
将管理员角色添加到zun用户:
1
| $ openstack role add --project service --user zun admin
|
此命令不提供任何输出。
创建zun服务实体:
1
2
3
4
5
6
7
8
9
10
11
| $ openstack service create --name zun \
--description "Container Service" container
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Container Service |
| enabled | True |
| id | 727841c6f5df4773baa4e8a5ae7d72eb |
| name | zun |
| type | container |
+-------------+----------------------------------+
|
创建容器服务API终结点:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
| $ openstack endpoint create --region RegionOne \
container public http://controller:9517/v1
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | 3f4dab34624e4be7b000265f25049609 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 727841c6f5df4773baa4e8a5ae7d72eb |
| service_name | zun |
| service_type | container |
| url | http://controller:9517/v1 |
+--------------+-----------------------------------------+
$ openstack endpoint create --region RegionOne \
container internal http://controller:9517/v1
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | 9489f78e958e45cc85570fec7e836d98 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 727841c6f5df4773baa4e8a5ae7d72eb |
| service_name | zun |
| service_type | container |
| url | http://controller:9517/v1 |
+--------------+-----------------------------------------+
$ openstack endpoint create --region RegionOne \
container admin http://controller:9517/v1
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | 76091559514b40c6b7b38dde790efe99 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 727841c6f5df4773baa4e8a5ae7d72eb |
| service_name | zun |
| service_type | container |
| url | http://controller:9517/v1 |
+--------------+-----------------------------------------+
|
安装和配置组件»
1.创建zun用户和必要的目录:
创建用户:
1
2
3
4
5
6
7
|
--create-home \
--system \
--shell /bin/false \
-g zun \
zun
|
创建目录:
1
2
| # mkdir -p /etc/zun
# chown zun:zun /etc/zun
|
2.克隆并安装zun:
1
2
3
4
5
6
7
| # apt-get install python-pip
# cd /var/lib/zun
# git clone -b stable/queens https://git.openstack.org/openstack/zun.git
# chown -R zun:zun zun
# cd zun
# pip install -r requirements.txt
# python setup.py install
|
3.生成示例配置文件:
1
2
3
4
| # su -s /bin/sh -c "oslo-config-generator \
--config-file etc/zun/zun-config-generator.conf" zun
# su -s /bin/sh -c "cp etc/zun/zun.conf.sample \
/etc/zun/zun.conf" zun
|
4.复制 api-paste.ini:
1
| # su -s /bin/sh -c "cp etc/zun/api-paste.ini /etc/zun" zun
|
5.编辑 /etc/zun/zun.conf:
在[DEFAULT]部分中,配置RabbitMQ消息队列访问:
1
2
3
| [DEFAULT]
...
transport_url = rabbit:
|
在[api]部分,配置Zun api服务器将要监听的IP地址:
1
2
3
4
| [api]
...
host_ip = 10.0.0.11
port = 9517
|
替换10.0.0.11为控制器节点的管理接口IP地址
在[database]部分,配置数据库访问:
1
2
3
| [database]
...
connection = mysql+pymysql:
|
在[keystone_auth]部分中,配置标识服务访问:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
| [keystone_auth]
memcached_servers = controller:11211
www_authenticate_uri = http://controller:5000
project_domain_name = default
project_name = service
user_domain_name = default
password = 123456
username = zun
auth_url = http://controller:5000
auth_type = password
auth_version = v3
auth_protocol = http
service_token_roles_required = True
endpoint_type = internalURL
|
在[oslo_concurrency]部分,配置锁路径:
1
2
3
| [oslo_concurrency]
...
lock_path = /var/lib/zun/tmp
|
在[oslo_messaging_notifications]部分,配置驱动:
1
2
3
| [oslo_messaging_notifications]
...
driver = messaging
|
在[websocket_proxy]部分,配置websocket代理要监听的IP地址:
1
2
3
4
| [websocket_proxy]
...
wsproxy_host = 10.0.0.11
wsproxy_port = 6784
|
替换10.0.0.11为控制器节点的管理接口IP地址
注意:
确保 /etc/zun/zun.conf 具有正确的权限。您可以使用以下命令再次设置权限:
1
| # chown zun:zun /etc/zun/zun.conf
|
6.填充Zun数据库:
1
| # su -s /bin/sh -c "zun-db-manage upgrade" zun
|
完成安装»
1.创建一个upstart配置,命名为 /etc/systemd/system/zun-api.service:
1
2
3
4
5
6
7
8
9
| [Unit]
Description = OpenStack Container Service API
[Service]
ExecStart = /usr/local/bin/zun-api
User = zun
[Install]
WantedBy = multi-user.target
|
2.创建一个upstart配置,命名为 /etc/systemd/system/zun-wsproxy.service:
1
2
3
4
5
6
7
8
9
| [Unit]
Description = OpenStack Container Service Websocket Proxy
[Service]
ExecStart = /usr/local/bin/zun-wsproxy
User = zun
[Install]
WantedBy = multi-user.target
|
3.启用并启动zun api和zun wsproxy:
1
2
3
4
| # systemctl enable zun-api
# systemctl enable zun-wsproxy
# systemctl start zun-api
# systemctl start zun-wsproxy
|
4.验证zun api和zun wsproxy服务是否正在运行:
1
2
| # systemctl status zun-api
# systemctl status zun-wsproxy
|