Debian 12 bookworm
Sponsored Link

OpenStack Zed : CloudKitty 設定2023/06/30

 
OpenStack Rating Service (CloudKitty) をインストールします。
当例では以下のような環境を例に Network ノードに CloudKitty をインストールします。
------------+--------------------------+--------------------------+------------
            |                          |                          |
        eth0|10.0.0.30             eth0|10.0.0.50             eth0|10.0.0.51
+-----------+-----------+  +-----------+-----------+  +-----------+-----------+
|   [ dlp.srv.world ]   |  | [ network.srv.world ] |  |  [ node01.srv.world ] |
|     (Control Node)    |  |     (Network Node)    |  |     (Compute Node)    |
|                       |  |                       |  |                       |
|  MariaDB    RabbitMQ  |  |  Neutron L2/L3 Agent  |  |        Libvirt        |
|  Memcached  Nginx     |  |   Neutron Metadata    |  |      Nova Compute     |
|  Keystone   httpd     |  |     Open vSwitch      |  |    Neutron L2 Agent   |
|  Glance     Nova API  |  |     iSCSI Target      |  |      Open vSwitch     |
|  Neutron Server       |  |     Cinder Volume     |  |   Ceilometer Compute  |
|  Neutron Metadata     |  |     httpd  Gnocchi    |  |                       |
|  Cinder API           |  |   Ceilometer Central  |  |                       |
|                       |  |     CloudKitty API    |  |                       |
+-----------------------+  +-----------------------+  +-----------------------+

[1] Control ノードの Keystone に CloudKitty 用のユーザー等々を登録しておきます。
# [service] プロジェクト所属で [cloudkitty] ユーザーを作成

root@dlp ~(keystone)#
openstack user create --domain default --project service --password servicepassword cloudkitty

+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| default_project_id  | d8b09d86ed7743039f92b2e542ea26c1 |
| domain_id           | default                          |
| enabled             | True                             |
| id                  | f685d4d881244dceb755b3ff59f3c181 |
| name                | cloudkitty                       |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+

# [cloudkitty] ユーザーを [admin] ロール に加える

root@dlp ~(keystone)#
openstack role add --project service --user cloudkitty admin
# [rating] ロール 作成

root@dlp ~(keystone)#
openstack role create rating
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | None                             |
| domain_id   | None                             |
| id          | 6ba6e3f252c44becbd5b6875401752df |
| name        | rating                           |
| options     | {}                               |
+-------------+----------------------------------+

# [cloudkitty] 用サービスエントリ作成

root@dlp ~(keystone)#
openstack service create --name cloudkitty --description "OpenStack Rating Service" rating

+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Rating Service         |
| enabled     | True                             |
| id          | abc91fbd9e8d43178e3ddf30e4adde64 |
| name        | cloudkitty                       |
| type        | rating                           |
+-------------+----------------------------------+

# CloudKitty API ホストを定義

root@dlp ~(keystone)#
export cloudkitty_api=network.srv.world
# [cloudkitty] 用エンドポイント作成 (public)

root@dlp ~(keystone)#
openstack endpoint create --region RegionOne rating public https://$cloudkitty_api:8889

+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | b3ea5d1105c34d4c95feb5f54ca21a51 |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | abc91fbd9e8d43178e3ddf30e4adde64 |
| service_name | cloudkitty                       |
| service_type | rating                           |
| url          | https://network.srv.world:8889   |
+--------------+----------------------------------+

# [cloudkitty] 用エンドポイント作成 (internal)

root@dlp ~(keystone)#
openstack endpoint create --region RegionOne rating internal https://$cloudkitty_api:8889

+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 492d3575786b44f490c50a88f1ceac57 |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | abc91fbd9e8d43178e3ddf30e4adde64 |
| service_name | cloudkitty                       |
| service_type | rating                           |
| url          | https://network.srv.world:8889   |
+--------------+----------------------------------+

# [cloudkitty] 用エンドポイント作成 (admin)

root@dlp ~(keystone)#
openstack endpoint create --region RegionOne rating admin https://$cloudkitty_api:8889

+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | a587bf7192124391bc2ac1c893226d83 |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | abc91fbd9e8d43178e3ddf30e4adde64 |
| service_name | cloudkitty                       |
| service_type | rating                           |
| url          | https://network.srv.world:8889   |
+--------------+----------------------------------+
[2] CloudKitty 用のユーザーとデータベースを MariaDB に作成しておきます。
root@dlp ~(keystone)#
mysql

Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 45911
Server version: 10.11.3-MariaDB-1 Debian 12

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> create database cloudkitty; 
Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> grant all privileges on cloudkitty.* to cloudkitty@'localhost' identified by 'password'; 
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> grant all privileges on cloudkitty.* to cloudkitty@'%' identified by 'password'; 
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> flush privileges; 
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> exit 
Bye
[3] Network ノードで CloudKitty サービスをインストールします。インストール中の問いには全て [No] で OK です。
root@network:~#
apt -y install cloudkitty-api cloudkitty-processor python3-cloudkittyclient
[4] ネットワークノード用の SSL/TLS 証明書を取得 または 自己署名の証明書を作成して、CloudKitty サービスを設定します。
root@network:~#
mkdir -p /etc/cloudkitty/ssl/{public,private}

root@network:~#
cp /etc/letsencrypt/live/network.srv.world/fullchain.pem /etc/cloudkitty/ssl/public/fullchain.crt

root@network:~#
cp /etc/letsencrypt/live/network.srv.world/privkey.pem /etc/cloudkitty/ssl/private/

root@network:~#
chown -R cloudkitty:cloudkitty /etc/cloudkitty/ssl
root@network:~#
mv /etc/cloudkitty/cloudkitty.conf /etc/cloudkitty/cloudkitty.conf.org

root@network:~#
vi /etc/cloudkitty/cloudkitty.conf
# 新規作成

[DEFAULT]
log_dir = /var/log/cloudkitty
transport_url = rabbit://openstack:password@dlp.srv.world
auth_strategy = keystone

[collect]
collector = gnocchi
# レートを更新する間隔を設定
# 設定した period ごとに設定したレートが加算される
# デフォルトは 3600 (sec)
# * 以下は動作確認用に短く設定
period = 600
metrics_conf = /etc/cloudkitty/metrics.yml

[collector_gnocchi]
auth_section = keystone_authtoken
region_name = RegionOne

# MariaDB 接続情報
[database]
connection = mysql+pymysql://cloudkitty:password@dlp.srv.world/cloudkitty

[fetcher]
backend = gnocchi

[fetcher_gnocchi]
auth_section = keystone_authtoken
region_name = RegionOne

[fetcher_keystone]
keystone_version = 3
auth_section = keystone_authtoken
region_name = RegionOne

# Keystone 認証情報
[keystone_authtoken]
www_authenticate_uri = https://dlp.srv.world:5000/v3
auth_url = https://dlp.srv.world:5000/v3
memcached_servers = dlp.srv.world:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = cloudkitty
password = servicepassword
region_name = RegionOne
service_token_roles_required = true
# Apache2 Keystone で自己署名の証明書を使用の場合は [true]
insecure = false

[oslo_messaging_notifications]
driver = messagingv2
transport_url = rabbit://openstack:password@dlp.srv.world

[storage]
backend = sqlalchemy
version = 1

# MariaDB 接続情報
[orchestrator]
coordination_url = mysql://cloudkitty:password@dlp.srv.world/cloudkitty

root@network:~#
mv /etc/cloudkitty/metrics.yml /etc/cloudkitty/metrics.yml.org

root@network:~#
vi /etc/cloudkitty/metrics.yml
# 新規作成

metrics:
  cpu:
    unit: instance
    alt_name: instance
    groupby:
      - id
      - user_id
      - project_id
    metadata:
      - flavor_name
      - flavor_id
      - vcpus
    mutate: NUMBOOL
    extra_args:
      aggregation_method: mean
      resource_type: instance
      force_granularity: 300

  volume.size:
    unit: GiB
    groupby:
      - id
      - user_id
      - project_id
    metadata:
      - volume_type
    extra_args:
      aggregation_method: mean
      resource_type: volume
      force_granularity: 300

root@network:~#
chmod 640 /etc/cloudkitty/{cloudkitty.conf,metrics.yml}

root@network:~#
chgrp cloudkitty /etc/cloudkitty/{cloudkitty.conf,metrics.yml}

root@network:~#
su -s /bin/bash cloudkitty -c "cloudkitty-dbsync upgrade"

root@network:~#
su -s /bin/bash cloudkitty -c "cloudkitty-storage-init"

root@network:~#
systemctl restart cloudkitty-api cloudkitty-processor

root@network:~#
systemctl enable cloudkitty-api cloudkitty-processor

[5] Control ノードで動作確認します。
root@dlp ~(keystone)#
apt -y install python3-cloudkittyclient

root@dlp ~(keystone)#
openstack rating summary get

+----------------------------------+---------------+------+---------------------+---------------------+
| Tenant ID                        | Resource Type | Rate | Begin Time          | End Time            |
+----------------------------------+---------------+------+---------------------+---------------------+
| 757625ae78404e38a8cfdd7c6d262860 | ALL           | 0    | 2023-06-01T00:00:00 | 2023-07-01T00:00:00 |
+----------------------------------+---------------+------+---------------------+---------------------+
関連コンテンツ