Debian 11 Bullseye
Sponsored Link

OpenStack Victoria : Heat 利用方法2021/09/01

 
OpenStack Orchestration Service(Heat)の利用方法です。
当例では以下のような環境を例に Orchestration サービスを設定しています。
------------+---------------------------+---------------------------+------------
            |                           |                           |
        eth0|10.0.0.30              eth0|10.0.0.50              eth0|10.0.0.51
+-----------+-----------+   +-----------+-----------+   +-----------+-----------+
|    [ Control Node ]   |   |    [ Network Node ]   |   |    [ Compute Node ]   |
|                       |   |                       |   |                       |
|  MariaDB    RabbitMQ  |   |        L2 Agent       |   |        Libvirt        |
|  Memcached  httpd     |   |        L3 Agent       |   |     Nova Compute      |
|  Keystone   Glance    |   |     Metadata Agent    |   |        L2 Agent       |
|  Nova API             |   |     Cinder Volume     |   |                       |
|  Neutron Server       |   |       Heat API        |   |                       |
|  Metadata Agent       |   |      Heat Engine      |   |                       |
|  Cinder API           |   |                       |   |                       |
+-----------------------+   +-----------------------+   +-----------------------+

[1] 構築した Heat サービスとテンプレートを利用してインスタンスをデプロイします。 作業は、どこでもよいですが、当例ではコントロールノード上で行います。
root@dlp ~(keystone)#
apt -y install python3-heatclient
# テスト用テンプレート作成

root@dlp ~(keystone)#
vi sample-stack.yml
heat_template_version: 2018-08-31

description: Heat Sample Template

parameters:
  ImageID:
    type: string
    description: Image used to boot a server
  NetID:
    type: string
    description: Network ID for the server

resources:
  server1:
    type: OS::Nova::Server
    properties:
      name: "Heat_Deployed_Server"
      image: { get_param: ImageID }
      flavor: "m1.small"
      networks:
      - network: { get_param: NetID }

outputs:
  server1_private_ip:
    description: IP address of the server in the private network
    value: { get_attr: [ server1, first_address ] }

root@dlp ~(keystone)#
openstack image list

+--------------------------------------+----------+--------+
| ID                                   | Name     | Status |
+--------------------------------------+----------+--------+
| 773971b3-b4be-4b07-aa06-fe8ca76b395d | Debian11 | active |
+--------------------------------------+----------+--------+

root@dlp ~(keystone)#
openstack network list

+--------------------------------------+---------+--------------------------------------+
| ID                                   | Name    | Subnets                              |
+--------------------------------------+---------+--------------------------------------+
| 70d34670-7e68-4605-816b-244634a0a323 | public  | 103cd703-3fc3-429a-a68b-52643757c619 |
| f30adecb-7c0b-4829-a5bd-d0836b3bffe2 | private | b2892d90-0b42-4785-b666-15688d9aaa5d |
+--------------------------------------+---------+--------------------------------------+

root@dlp ~(keystone)#
Int_Net_ID=$(openstack network list | grep private | awk '{ print $2 }')
# サンプルテンプレートからインスタンス作成

root@dlp ~(keystone)#
openstack stack create -t sample-stack.yml --parameter "ImageID=Debian11;NetID=$Int_Net_ID" Sample-Stack

+---------------------+--------------------------------------+
| Field               | Value                                |
+---------------------+--------------------------------------+
| id                  | e7dcf189-1d05-4dae-b6a3-4f1904acf34a |
| stack_name          | Sample-Stack                         |
| description         | Heat Sample Template                 |
| creation_time       | 2021-09-01T07:02:19Z                 |
| updated_time        | None                                 |
| stack_status        | CREATE_IN_PROGRESS                   |
| stack_status_reason | Stack CREATE started                 |
+---------------------+--------------------------------------+

# しばらく待つとステータスがコンプリートになる

root@dlp ~(keystone)#
openstack stack list

+--------------------------------------+--------------+----------------------------------+-----------------+----------------------+--------------+
| ID                                   | Stack Name   | Project                          | Stack Status    | Creation Time        | Updated Time |
+--------------------------------------+--------------+----------------------------------+-----------------+----------------------+--------------+
| e7dcf189-1d05-4dae-b6a3-4f1904acf34a | Sample-Stack | 14c0b23f6f574380b9687f326debf0fe | CREATE_COMPLETE | 2021-09-01T07:02:19Z | None         |
+--------------------------------------+--------------+----------------------------------+-----------------+----------------------+--------------+

# テンプレートで指定したインスタンスが起動している

root@dlp ~(keystone)#
openstack server list

+--------------------------------------+----------------------+--------+-------------------------+----------+----------+
| ID                                   | Name                 | Status | Networks                | Image    | Flavor   |
+--------------------------------------+----------------------+--------+-------------------------+----------+----------+
| 20ea9326-21e6-4b41-9ac3-d8a4a27fc49f | Heat_Deployed_Server | ACTIVE | private=192.168.100.190 | Debian11 | m1.small |
+--------------------------------------+----------------------+--------+-------------------------+----------+----------+

# 作成したインスタンスを削除する

root@dlp ~(keystone)#
openstack stack delete --yes Sample-Stack

root@dlp ~(keystone)#
openstack stack list


[2]
テンプレートの記述方法のガイドは公式サイトに記載されているので参考にしてください。
⇒ https://docs.openstack.org/heat/latest/template_guide/index.html
[3] 一般ユーザーでも Heat を利用したい場合は、設定変更が必要です。
root@dlp ~(keystone)#
openstack role list

+----------------------------------+------------------+
| ID                               | Name             |
+----------------------------------+------------------+
| 4af6360cc5e9401facb11c6be1dc195d | heat_stack_user  |
| 7ed27a42efa24dd1a27779ae69616932 | CloudUser        |
| 87834083807a4b2ca66e0fad9cb580d6 | heat_stack_owner |
| 9362e495e39146f1b7e2c65fae07ce0b | member           |
| 976f11c0ba9e43d2ac03f4eec8a685d9 | reader           |
| c42a706b07e3483ba5e4908323d969cb | admin            |
+----------------------------------+------------------+

root@dlp ~(keystone)#
openstack project list

+----------------------------------+-----------+
| ID                               | Name      |
+----------------------------------+-----------+
| 14c0b23f6f574380b9687f326debf0fe | admin     |
| 1718217eee4b4f2ea143d65122864fe0 | service   |
| cba75a02a921457db62b660f3d0b57c4 | hiroshima |
+----------------------------------+-----------+

root@dlp ~(keystone)#
openstack user list

+----------------------------------+-------------------+
| ID                               | Name              |
+----------------------------------+-------------------+
| 54aecf16eff14eb788485d1586313818 | admin             |
| 103e8869feb649ab9f9fe7f864bdf651 | glance            |
| f87e87b4c7b7483186d6f3288fed268a | nova              |
| bfc86277128749928fca04fc14b3ea3a | placement         |
| c05a94c3ae6c472781d2646768369ce3 | neutron           |
| 62a91aa559f64acab11861ed7cd51ecc | serverworld       |
| 6c4b57a3252547259839003f6ab0d6a4 | cinder            |
| f04581c155934b7d9bda9689bd5ef779 | heat              |
| 512e86bea4bd493eaa3cca9b0c040a9e | heat_domain_admin |
+----------------------------------+-------------------+

# 例として [hiroshima] プロジェクトの [serverworld] ユーザーを [heat_stack_owner] ロールに追加

root@dlp ~(keystone)#
openstack role add --project hiroshima --user serverworld heat_stack_owner
root@dlp ~(keystone)#
vi /etc/neutron/policy.json
# 以下の内容で新規作成

# 管理者のみに許可されている権限を設定なしで上書きする

{
  "create_port:fixed_ips:subnet_id": "",
  "create_port:allowed_address_pairs": "",
  "create_port:allowed_address_pairs:ip_address": "",
}

root@dlp ~(keystone)#
systemctl restart neutron-api neutron-rpc-server

# 以上で一般ユーザーでも以下のようにスタックが作成できる

debian@dlp ~(keystone)$
openstack stack list

+--------------------------------------+--------------+-----------------+----------------------+--------------+
| ID                                   | Stack Name   | Stack Status    | Creation Time        | Updated Time |
+--------------------------------------+--------------+-----------------+----------------------+--------------+
| f53620dd-1624-4ffc-9f95-adb57deaff51 | Sample-Stack | CREATE_COMPLETE | 2021-09-01T07:08:33Z | None         |
+--------------------------------------+--------------+-----------------+----------------------+--------------+
関連コンテンツ