OpenStack Ussuri : Manila 利用方法 (専用インスタンス)2020/06/10 |
|
OpenStack Shared File System(Manila)による共有の設定です。
当例では以下のような環境を例に Manila をインストールして設定しています。
例として、専用のインスタンスを利用した NFS 共有を設定します。
------------+---------------------------+---------------------------+------------
| | |
eth0|10.0.0.30 eth0|10.0.0.50 eth0|10.0.0.51
+-----------+-----------+ +-----------+-----------+ +-----------+-----------+
| [ Control Node ] | | [ Storage Node ] | | [ Compute Node ] |
| | | | | |
| MariaDB RabbitMQ | | Open vSwitch | | Libvirt |
| Memcached httpd | | L2 Agent | | Nova Compute |
| Keystone Glance | | L3 Agent | | Open vSwitch |
| Nova API Cinder API| | Metadata Agent | | L2 Agent |
| Neutron Server | | Cinder Volume | | |
| Metadata Agent | | Manila Share | | |
| Manila API | | | | |
+-----------------------+ +-----------------------+ +-----------------------+
|
| [1] |
バックエンドに Cinder ストレージを利用するため、事前に設定しておきます。(Cinder のバックエンドは何でも OK)
|
| [2] | Storage ノードの設定です。 |
|
[root@storage ~]#
vi /etc/manila/manila.conf # [DEFAULT] セクション内の任意の場所へ追記
enabled_share_backends = generic
# 最終行へ追記
[neutron]
url = http://10.0.0.30:9696
auth_url = http://10.0.0.30:5000
memcached_servers = 10.0.0.30:11211
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = servicepassword
[nova]
auth_url = http://10.0.0.30:5000
memcached_servers = 10.0.0.30:11211
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = servicepassword
[cinder]
auth_url = http://10.0.0.30:5000
memcached_servers = 10.0.0.30:11211
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = cinder
password = servicepassword
[generic]
share_backend_name = backend01
share_driver = manila.share.drivers.generic.GenericShareDriver
interface_driver = manila.network.linux.interface.OVSInterfaceDriver
driver_handles_share_servers = True
service_instance_flavor_id = 0
service_instance_security_group = manila-service
service_image_name = manila-service-image
service_instance_user = manila
service_instance_password = manila
service_network_cidr = 10.254.0.0/16
service_network_division_mask = 24
systemctl enable --now openstack-manila-share
|
| [3] | Manila のサービスイメージをダウンロードして、Glance に登録しておきます。また Manilaサービス用のセキィリティグループも作成しておきます。作業場所はどこでも良いですが当例では Control ノード上で行います。 |
[root@dlp ~(keystone)]# curl -O https://tarballs.opendev.org/openstack/manila-image-elements/images/manila-service-image-master.qcow2 [root@dlp ~(keystone)]# openstack image create "manila-service-image" --file manila-service-image-master.qcow2 --disk-format qcow2 --container-format bare --public +------------------+-------------------------------------------------------------------------------+ | Field | Value | +------------------+-------------------------------------------------------------------------------+ | checksum | 86ff39a9ffe1fbf0d35557d81ea01d51 | | container_format | bare | | created_at | 2020-06-10T02:50:28Z | | disk_format | qcow2 | | file | /v2/images/e81d1fd1-8edf-4a03-af60-665c2dd55d77/file | | id | e81d1fd1-8edf-4a03-af60-665c2dd55d77 | | min_disk | 0 | | min_ram | 0 | | name | manila-service-image | | owner | 9cffeca6beec4a39ab6b076ec2bdd0c9 | | properties | os_hash_algo='sha512', os_hash_value='a7f284913fd4f4447f8108603b1d634d5f7a... | | protected | False | | schema | /v2/schemas/image | | size | 468320256 | | status | active | | tags | | | updated_at | 2020-06-10T02:50:31Z | | visibility | public | +------------------+-------------------------------------------------------------------------------+[root@dlp ~(keystone)]# openstack security group create manila-service +-----------------+---------------------------------------------------------------------------------+ | Field | Value | +-----------------+---------------------------------------------------------------------------------+ | created_at | 2020-06-10T02:51:23Z | | description | manila-service | | id | cbe23a22-480d-4df2-ba04-a605c96af5ef | | location | cloud='', project.domain_id=, project.domain_name='default', project.id='9cf... | | name | manila-service | | project_id | 9cffeca6beec4a39ab6b076ec2bdd0c9 | | revision_number | 1 | | rules | created_at='2020-06-10T02:51:23Z', direction='egress', ethertype='IPv4', id=... | | | created_at='2020-06-10T02:51:23Z', direction='egress', ethertype='IPv6', id=... | | stateful | True | | tags | [] | | updated_at | 2020-06-10T02:51:23Z | +-----------------+---------------------------------------------------------------------------------+ # 作成したセキィリティグループに必要なポートを許可 [root@dlp ~(keystone)]# openstack security group rule create --protocol icmp --ingress manila-service [root@dlp ~(keystone)]# openstack security group rule create --protocol tcp --dst-port 22:22 manila-service [root@dlp ~(keystone)]# openstack security group rule create --protocol tcp --dst-port 2049:2049 manila-service |
| [4] | デフォルトの共有タイプを作成します。 |
|
[root@dlp ~(keystone)]# manila type-create default_share_type True +----------------------+--------------------------------------+ | Property | Value | +----------------------+--------------------------------------+ | ID | 2982accb-4956-4f9c-9123-ed4f14ef079d | | Name | default_share_type | | Visibility | public | | is_default | YES | | required_extra_specs | driver_handles_share_servers : True | | optional_extra_specs | | | Description | None | +----------------------+--------------------------------------+[root@dlp ~(keystone)]# manila type-list +--------------------------------------+--------------------+------------+------------+-------------------------------------+----------------------+-------------+ | ID | Name | visibility | is_default | required_extra_specs | optional_extra_specs | Description | +--------------------------------------+--------------------+------------+------------+-------------------------------------+----------------------+-------------+ | 2982accb-4956-4f9c-9123-ed4f14ef079d | default_share_type | public | YES | driver_handles_share_servers : True | | None | +--------------------------------------+--------------------+------------+------------+-------------------------------------+----------------------+-------------+ |
| [5] | 以降は共有を作成して自身が所有するインスタンスで利用したい任意のユーザーで作業します。まずは共有ネットワークを作成しておきます。 |
|
[cent@dlp ~(keystone)]$ openstack network list +--------------------------------------+---------+--------------------------------------+ | ID | Name | Subnets | +--------------------------------------+---------+--------------------------------------+ | 5ad4fafb-24c6-4994-bfdb-7230dfcc8d8e | int_net | f0e80ef7-9b55-4ddd-a3e5-4bd98b5f93c2 | | 7b251931-9a2f-456f-8041-ef27027bb58d | ext_net | a7ee24b5-eb02-410d-a326-68a956aa2adb | +--------------------------------------+---------+--------------------------------------+[cent@dlp ~(keystone)]$ openstack subnet list +--------------------------------------+---------+--------------------------------------+------------------+ | ID | Name | Network | Subnet | +--------------------------------------+---------+--------------------------------------+------------------+ | f0e80ef7-9b55-4ddd-a3e5-4bd98b5f93c2 | subnet1 | 5ad4fafb-24c6-4994-bfdb-7230dfcc8d8e | 192.168.100.0/24 | +--------------------------------------+---------+--------------------------------------+------------------+
[cent@dlp ~(keystone)]$
[cent@dlp ~(keystone)]$ INT_NET=$(openstack network list | grep 'int_net' | awk '{print $2}') [cent@dlp ~(keystone)]$ INT_SUBNET=$(openstack subnet list | grep 'subnet1' | awk '{print $2}')
manila share-network-create --neutron-net-id $INT_NET --neutron-subnet-id $INT_SUBNET --name manila_share
+-----------------------+--------------------------------------------------------------------------+
| Property | Value |
+-----------------------+--------------------------------------------------------------------------+
| id | 3a9ebbf0-ec94-413d-96d8-28f44cb3edad |
| name | manila_share |
| project_id | d9c8c215499949cfb249b28bdaba848a |
| created_at | 2020-06-10T02:55:31.000000 |
| updated_at | None |
| description | None |
| share_network_subnets | [{'id': '67d5258f-3fe6-4a4f-a2e9-754eb237b7d3', 'availability_zone': ... |
+-----------------------+--------------------------------------------------------------------------+
[cent@dlp ~(keystone)]$ manila share-network-list +--------------------------------------+--------------+ | id | name | +--------------------------------------+--------------+ | 3a9ebbf0-ec94-413d-96d8-28f44cb3edad | manila_share | +--------------------------------------+--------------+ |
| [6] | NFS 共有を作成します。 |
|
[cent@dlp ~(keystone)]$ manila create NFS 10 --name share01 --share-network manila_share
+---------------------------------------+--------------------------------------+
| Property | Value |
+---------------------------------------+--------------------------------------+
| id | 5f1b1d37-b2b2-46da-822b-9492b7b95e4f |
| size | 10 |
| availability_zone | None |
| created_at | 2020-06-10T02:56:44.000000 |
| status | creating |
| name | share01 |
| description | None |
| project_id | d9c8c215499949cfb249b28bdaba848a |
| snapshot_id | None |
| share_network_id | 3a9ebbf0-ec94-413d-96d8-28f44cb3edad |
| share_proto | NFS |
| metadata | {} |
| share_type | 2982accb-4956-4f9c-9123-ed4f14ef079d |
| is_public | False |
| snapshot_support | False |
| task_state | None |
| share_type_name | default_share_type |
| access_rules_status | active |
| replication_type | None |
| has_replicas | False |
| user_id | 0e4117de456a4bbaa5aac2cc6507be91 |
| create_share_from_snapshot_support | False |
| revert_to_snapshot_support | False |
| share_group_id | None |
| source_share_group_snapshot_member_id | None |
| mount_snapshot_support | False |
| progress | None |
+---------------------------------------+--------------------------------------+
# Status が [available] になれば作成完了 [cent@dlp ~(keystone)]$ manila list +--------------------------------------+---------+------+-------------+-----------+-----------+--------------------+------+-------------------+ | ID | Name | Size | Share Proto | Status | Is Public | Share Type Name | Host | Availability Zone | +--------------------------------------+---------+------+-------------+-----------+-----------+--------------------+------+-------------------+ | 5f1b1d37-b2b2-46da-822b-9492b7b95e4f | share01 | 10 | NFS | available | False | default_share_type | | nova | +--------------------------------------+---------+------+-------------+-----------+-----------+--------------------+------+-------------------+ |
| [7] | ここまでの設定で Storage ノード上に [10.254.0.0] 内から任意のネットワークが設定されます。 |
|
[root@storage ~]# ip addr
.....
.....
15: tapa80193ff-8f: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether fa:16:3e:ea:c7:15 brd ff:ff:ff:ff:ff:ff
inet 10.254.0.129/24 brd 10.254.0.255 scope global tapa80193ff-8f
valid_lft forever preferred_lft forever
inet6 fe80::f816:3eff:feea:c715/64 scope link
valid_lft forever preferred_lft forever
.....
.....
|
| [8] | 以上で、共有を作成したユーザーが所有するインスタンスから Manila の共有サービスを利用することができます。 |
|
[cent@dlp ~(keystone)]$ openstack server list +--------------------------------------+----------+---------+------------------------------------+---------+----------+ | ID | Name | Status | Networks | Image | Flavor | +--------------------------------------+----------+---------+------------------------------------+---------+----------+ | 2929c442-26c4-41cb-b95f-98c3adceb3ef | CentOS_8 | SHUTOFF | int_net=192.168.100.24, 10.0.0.247 | CentOS8 | m1.small | +--------------------------------------+----------+---------+------------------------------------+---------+----------+ # アクセス許可の設定 (IP にはインスタンスの IPアドレス または インスタンスが属するサブネットを指定) [cent@dlp ~(keystone)]$ manila access-allow share01 ip 10.0.0.0/24 --access-level rw
+--------------+--------------------------------------+
| Property | Value |
+--------------+--------------------------------------+
| id | 76f89468-a7ee-4d0e-a48b-2ce346a043d0 |
| share_id | 5f1b1d37-b2b2-46da-822b-9492b7b95e4f |
| access_level | rw |
| access_to | 10.0.0.0/24 |
| access_type | ip |
| state | queued_to_apply |
| access_key | None |
| created_at | 2020-06-10T02:59:35.000000 |
| updated_at | None |
| metadata | {} |
+--------------+--------------------------------------+
# State が active であれば問題なし [cent@dlp ~(keystone)]$ manila access-list share01 +--------------------------------------+-------------+------------------+--------------+--------+------------+----------------------------+------------+ | id | access_type | access_to | access_level | state | access_key | created_at | updated_at | +--------------------------------------+-------------+------------------+--------------+--------+------------+----------------------------+------------+ | 76f89468-a7ee-4d0e-a48b-2ce346a043d0 | ip | 10.0.0.0/24 | rw | active | None | 2020-06-10T02:59:35.000000 | None | | df12e504-b7eb-4f51-b7d3-680d18bac5ac | ip | 192.168.100.0/24 | rw | active | None | 2020-06-10T02:59:59.000000 | None | +--------------------------------------+-------------+------------------+--------------+--------+------------+----------------------------+------------+
[cent@dlp ~(keystone)]$
openstack server start CentOS_8 # アクセス Path 確認 [cent@dlp ~(keystone)]$ manila show share01 | grep path | cut -d'|' -f3 path = 10.254.0.32:/shares/share-99359084-2dca-45cc-bd79-9bdf7e51d307
[cent@dlp ~(keystone)]$
ssh centos@10.0.0.247 Last login: Tue Jun 9 22:30:12 2020 from 10.0.0.30 # Manila 共有ストレージをマウント [centos@centos-8 ~]$ sudo mount -t nfs \ 10.254.0.32:/shares/share-99359084-2dca-45cc-bd79-9bdf7e51d307 /mnt [centos@centos-8 ~]$ df -hT Filesystem Type Size Used Avail Use% Mounted on devtmpfs devtmpfs 901M 0 901M 0% /dev tmpfs tmpfs 915M 0 915M 0% /dev/shm tmpfs tmpfs 915M 17M 899M 2% /run tmpfs tmpfs 915M 0 915M 0% /sys/fs/cgroup /dev/vda4 xfs 7.4G 1.3G 6.1G 18% / /dev/vda2 ext4 976M 120M 790M 14% /boot tmpfs tmpfs 183M 0 183M 0% /run/user/1000 10.254.0.32:/shares/share-99359084-2dca-45cc-bd79-9bdf7e51d307 nfs4 9.8G 37M 9.3G 1% /mnt |
| Sponsored Link |