openstack之kilo安装 Orchestration服务

发表于   |   分类于   |  

Orchestration module concepts

Orchestration模块提供了一个基于模板的orchestration,用于描述云的应用,通过运行的OpenStack API调用生成运行的云应用。软件和OpenStack其他核心组件集成为一个单一文件的模板系统。模板允许用户创建大多数的OpenStack资源类型,诸如实例,floating IP,卷,安全组,用户等,它也提供高级功能,诸如实例高可用,实例自动扩展,以及嵌套的OpenStack,这给OpenStack的核心项目带来了大量的用户基础。

服务鼓励部署者去直接集成Orchestration模块,或者通过自定义插件实现。

Orchestration模块通常包含下面的组件:

  • heat command-line client
    一个命令行工具,和heat-api通信,以运行AWS CloudFormation API,最终开发者可以直接使用Orchestration REST API。

  • heat-api component
    一个OpenStack本地 REST API ,发送API请求到heat-engine,通过远程过程调用(RPC)。

  • heat-api-cfn component
    AWS 队列API,和AWS CloudFormation兼容,发送API请求到heatengine,通过远程过程调用。

  • heat-engine
    启动模板和提供给API消费者回馈事件。

参考:Chapter 10. Add the Orchestration module

Install and configure Orchestration

heat安装在控制节点。

创建数据库:

#
mysql -u root -p

CREATE DATABASE heat;

GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'localhost' \
  IDENTIFIED BY 'HEAT_DBPASS';
GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'%' \
  IDENTIFIED BY 'HEAT_DBPASS';
exit

导入 admin身份凭证以执行管理员用户专有的命令:

#
source admin-openrc.sh

创建 heat user:

#
openstack user create heat --password heat

添加 admin role to the heat user:

#
openstack role add --project service --user heat admin

创建 heat_stack_owner role:

#
openstack role create heat_stack_owner

添加 heat_stack_owner role to the demo tenant and user:

#
openstack role add --project demo --user demo heat_stack_owner

[Note]
You must add the heat_stack_owner role to users that manage stacks.

创建 heat_stack_user role:

#
openstack role create heat_stack_user

[Note]
The Orchestration service automatically assigns the heat_stack_user role to users that it creates during stack deployment. By default, this role restricts API operations. To avoid conflicts, do not add this role to users with the heat_stack_owner role.

创建 heat and heat-cfn service entities:

#
openstack service create --name heat \
  --description "Orchestration" orchestration
#
openstack service create --name heat-cfn \
  --description "Orchestration"  cloudformation

创建 Orchestration service API endpoints:

#
openstack endpoint create \
  --publicurl http://controller:8004/v1/%\(tenant_id\)s \
  --internalurl http://controller:8004/v1/%\(tenant_id\)s \
  --adminurl http://controller:8004/v1/%\(tenant_id\)s \
  --region RegionOne \
  orchestration
#
openstack endpoint create \
  --publicurl http://controller:8000/v1 \
  --internalurl http://controller:8000/v1 \
  --adminurl http://controller:8000/v1 \
  --region RegionOne \
  cloudformation

安装软件包:

#
yum install -y openstack-heat-api openstack-heat-api-cfn openstack-heat-engine \
  python-heatclient

复制 /usr/share/heat/heat-dist.conf 文件到 /etc/heat/heat.conf.

#
cp /usr/share/heat/heat-dist.conf /etc/heat/heat.conf
chown -R heat:heat /etc/heat/heat.conf

编辑 /etc/heat/heat.conf 文件:

echo "[DEFAULT]
deferred_auth_method = trusts
trusts_delegated_roles = heat_stack_owner
heat_metadata_server_url = http://controller:8000
heat_waitcondition_server_url = http://controller:8000/v1/waitcondition
heat_watch_server_url = http://controller:8003
heat_stack_user_role = heat_stack_user
#stack_user_domain_id = bd07e0b9203640798b22a8845bb4a465
stack_domain_admin = heat_domain_admin
stack_domain_admin_password = HEAT_DOMAIN_PASS
rpc_backend = rabbit
stack_user_domain_name = heat_user_domain
verbose = True

[database]
connection = mysql://heat:HEAT_DBPASS@controller/heat

[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_port = 5672
rabbit_userid = openstack
rabbit_password = RABBIT_PASS

[ec2authtoken]
auth_uri = http://controller:5000/v2.0

[heat_api]
bind_host = 0.0.0.0
bind_port = 8004

[heat_api_cfn]
bind_host = 0.0.0.0
bind_port = 8000

[keystone_authtoken]
auth_uri = http://controller:5000/v2.0
identity_uri = http://controller:35357
admin_user = heat
admin_password = heat
admin_tenant_name = service">/etc/heat/heat.conf
#
heat-keystone-setup-domain \
  --stack-user-domain-name heat_user_domain \
  --stack-domain-admin heat_domain_admin \
  --stack-domain-admin-password HEAT_DOMAIN_PASS

完成后将id添加到heat配置文件中。

同步 Orchestration database:

#
su -s /bin/sh -c "heat-manage db_sync" heat

启动 Orchestration 服务并将其设置为随系统启动:

#
systemctl enable openstack-heat-api.service openstack-heat-api-cfn.service \
  openstack-heat-engine.service
systemctl start openstack-heat-api.service openstack-heat-api-cfn.service \
  openstack-heat-engine.service

Verify operation

下面是如何验证 Orchestration 模块 (heat) 的操作。

Source the demo tenant credentials:

#
source demo-openrc.sh

The Orchestration module uses templates to describe stacks. To learn about the template language, see the Template Guide in the Heat developer documentation.

Create a test template in the test-stack.yml file with the following content:

echo "heat_template_version: 2014-10-16
description: A simple server.

parameters:
  ImageID:
    type: string
    description: Image use to boot a server
  NetID:
    type: string
    description: Network ID for the server

resources:
  server:
    type: OS::Nova::Server
    properties:
      image: { get_param: ImageID }
      flavor: m1.tiny
      networks:
      - network: { get_param: NetID }

outputs:
  private_ip:
    description: IP address of the server in the private network
    value: { get_attr: [ server, first_address ] }">test-stack.yml

使用heat stack-create命令行以模板创建一个栈:

#
NET_ID=$(nova net-list | awk '/ demo-net / { print $2 }')
#
heat stack-create -f test-stack.yml \
  -P "ImageID=cirros-0.3.4-x86_64;NetID=$NET_ID" testStack

使用heat stack-list命令行来验证栈的创建是否成功:

#
heat stack-list

删除:

#
heat stack-delete testStack