OpenStack Juno : Heat 設定#12015/01/27 |
OpenStack Orchestration Service(Heat)をインストールします。
ここでは以下のような構築済みの環境に Heat を追加インストールして設定します。
例として、Network Node に Orchestration サービス一式をインストールして設定します。 | +------------------+ | +------------------------+ | [ Control Node ] | | | [ Network Node ] | | Keystone |10.0.0.30 | 10.0.0.50| DHCP,L3,L2 Agent | | Glance |------------+------------| Metadata Agent | | Nova API |eth0 | eth0| Heat API,API-CFN | | Neutron Server | | | Heat Engine | +------------------+ | +------------------------+ eth0|10.0.0.51 +--------------------+ | [ Compute Node ] | | Nova Compute | | L2 Agent | +--------------------+ |
Heat の設定前に必要なユーザーやデータベースを Control Node に登録しておきます。
|
|
[1] | 必要なものをインストールしておきます。 |
[root@dlp ~(keystone)]# yum --enablerepo=openstack-juno,epel -y install python-openstackclient
|
[2] | Control ノードの Keystone に Heat 用のユーザー等々を登録しておきます。 |
# Heat ユーザー作成 (service テナント所属) [root@dlp ~(keystone)]# keystone user-create --tenant service --name heat --pass servicepassword --enabled true +----------+----------------------------------+ | Property | Value | +----------+----------------------------------+ | email | | | enabled | True | | id | bd8a752a43b640f4a1aef2fc7c793bca | | name | heat | | tenantId | 9e657ab1d2344de5aa9d86006732c7f0 | | username | heat | +----------+----------------------------------+[root@dlp ~(keystone)]# keystone user-create --tenant service --name heat-cfn --pass servicepassword --enabled true +----------+----------------------------------+ | Property | Value | +----------+----------------------------------+ | email | | | enabled | True | | id | f0d097806f3f4551902e9837ad6ba19a | | name | heat-cfn | | tenantId | 9e657ab1d2344de5aa9d86006732c7f0 | | username | heat-cfn | +----------+----------------------------------+ # Heat ユーザーを adminロール に加える [root@dlp ~(keystone)]# keystone user-role-add --user heat --tenant service --role admin [root@dlp ~(keystone)]# keystone user-role-add --user heat-cfn --tenant service --role admin
# Heat用ロール作成 [root@dlp ~(keystone)]# keystone role-create --name heat_stack_owner +----------+----------------------------------+ | Property | Value | +----------+----------------------------------+ | id | 864d549696d8483ba5abb4d39502c6e1 | | name | heat_stack_owner | +----------+----------------------------------+[root@dlp ~(keystone)]# keystone role-create --name heat_stack_user +----------+----------------------------------+ | Property | Value | +----------+----------------------------------+ | id | 1e1a4d5629bf44ef92da25e2d2dd1fef | | name | heat_stack_user | +----------+----------------------------------+ # admin ユーザーを heat_stack_owner ロール に加える [root@dlp ~(keystone)]# keystone user-role-add --user admin --tenant admin --role heat_stack_owner
# Heat 用サービスエントリ作成 [root@dlp ~(keystone)]# keystone service-create --name=heat --type=orchestration --description="Orchestration Service" +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | Orchestration Service | | enabled | True | | id | 4ce6b6d9352848328b90ca678ce9a95f | | name | heat | | type | orchestration | +-------------+----------------------------------+[root@dlp ~(keystone)]# keystone service-create --name=heat-cfn --type=cloudformation --description="Cloudformation Service" +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | Cloudformation Service | | enabled | True | | id | e5c757c5bf5f43129cc2c451f93af5d9 | | name | heat-cfn | | type | cloudformation | +-------------+----------------------------------+ # Heat API サーバーの IPアドレスを定義 [root@dlp ~(keystone)]# HEAT_API=10.0.0.50
# Heat 用エンドポイント作成 [root@dlp ~(keystone)]# keystone endpoint-create --region RegionOne \ --service heat \ --publicurl "http://$HEAT_API:8004/v1/\$(tenant_id)s" \ --internalurl "http://$HEAT_API:8004/v1/\$(tenant_id)s" \ --adminurl "http://$HEAT_API:8004/v1/\$(tenant_id)s" +-------------+----------------------------------------+ | Property | Value | +-------------+----------------------------------------+ | adminurl | http://10.0.0.50:8004/v1/$(tenant_id)s | | id | d3963a9e81a04f0ea3b767cffbbd52b1 | | internalurl | http://10.0.0.50:8004/v1/$(tenant_id)s | | publicurl | http://10.0.0.50:8004/v1/$(tenant_id)s | | region | RegionOne | | service_id | 9362f63bbd0e4bcfad1e54966673eb88 | +-------------+----------------------------------------+[root@dlp ~(keystone)]# keystone endpoint-create --region RegionOne \ --service heat-cfn \ --publicurl "http://$HEAT_API:8000/v1" \ --internalurl "http://$HEAT_API:8000/v1" \ --adminurl "http://$HEAT_API:8000/v1" +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | adminurl | http://10.0.0.50:8000/v1 | | id | 9388e384f6454d43979c0be779293ca6 | | internalurl | http://10.0.0.50:8000/v1 | | publicurl | http://10.0.0.50:8000/v1 | | region | RegionOne | | service_id | 213530d8591f491ea12055f4494bbd3e | +-------------+----------------------------------+ # Heat ドメイン作成 [root@dlp ~(keystone)]# KEYSTONE_IP=10.0.0.30 [root@dlp ~(keystone)]# ADMIN_TOKEN=`grep '^admin_token' /etc/keystone/keystone.conf | cut -d'=' -f2` [root@dlp ~(keystone)]# openstack --os-token $ADMIN_TOKEN \ --os-url=http://$KEYSTONE_IP:5000/v3 \ --os-identity-api-version=3 \ domain create heat \ --description "Owns users and projects created by heat" +-------------+-----------------------------------------+ | Field | Value | +-------------+-----------------------------------------+ | description | Owns users and projects created by heat | | enabled | True | | id | f1fd51925eed483a88bff3053d16b1b7 | | name | heat | +-------------+-----------------------------------------+ # Heat ドメイン管理ユーザー作成 [root@dlp ~(keystone)]# HEAT_DOMAIN=`openstack --os-token $ADMIN_TOKEN --os-url=http://$KEYSTONE_IP:5000/v3 --os-identity-api-version=3 domain list | grep heat | awk '{print $2}'` [root@dlp ~(keystone)]# openstack --os-token $ADMIN_TOKEN \ --os-url=http://$KEYSTONE_IP:5000/v3 \ --os-identity-api-version=3 \ user create heat_domain_admin \ --password domainpassword \ --domain $HEAT_DOMAIN \ --description "Manages users and projects created by heat" +-------------+--------------------------------------------+ | Field | Value | +-------------+--------------------------------------------+ | description | Manages users and projects created by heat | | domain_id | f1fd51925eed483a88bff3053d16b1b7 | | enabled | True | | id | 707fab244c154254853a7ecfe373a8f9 | | name | heat_domain_admin | +-------------+--------------------------------------------+ # Heat ドメイン管理ユーザーを admin ロールに加える [root@dlp ~(keystone)]# HEAT_DOMAIN_ADMIN=`openstack --os-token $ADMIN_TOKEN --os-url=http://$KEYSTONE_IP:5000/v3 --os-identity-api-version=3 user list | grep heat_domain_admin | awk '{print $2}'` [root@dlp ~(keystone)]# openstack --os-token $ADMIN_TOKEN \ --os-url=http://$KEYSTONE_IP:5000/v3 \ --os-identity-api-version=3 \ role add --user $HEAT_DOMAIN_ADMIN \ --domain $HEAT_DOMAIN admin |
[3] | Heat 用のユーザーとデータベースを MariaDB に登録しておきます。 |
[root@dlp ~(keystone)]# mysql -u root -p Enter password: Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 16 Server version: 5.5.40-MariaDB-wsrep MariaDB Server, wsrep_25.11.r4026 Copyright (c) 2000, 2014, Oracle, Monty Program Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]>
create database heat; Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]>
grant all privileges on heat.* to heat@'localhost' identified by 'password'; Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]>
grant all privileges on heat.* to heat@'%' identified by 'password'; Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]>
MariaDB [(none)]> flush privileges; Query OK, 0 rows affected (0.00 sec) exit Bye |
Sponsored Link |
|