First, Nova and Ceph combine
1. Create storage pool pools in Ceph
[[Email protected]_10_1_2_230 ~]# ceph OSD Pool Create VMs #创建一个pools, named vms,128 PG
Pool ' VMS ' created
[Email protected]_10_1_2_230 ~]# ceph OSD Lspools #查看pools创建的情况
0 rbd,1 images,2 VMs,
[Email protected]_10_1_2_230 ~]# ceph OSD Pool Stats
Pool RBD ID 0
Nothing was going on
Pool Images ID 1
Nothing was going on
Pool VMS ID 2
Nothing was going on
2. Nova-compute node installation and configuration client
[Email protected]_10_1_2_232 ~]# yum install PYTHON-RBD ceph-y #安装客户端包
[Email protected]_10_1_2_230 ~]# scp/etc/ceph/ceph.conf [email protected]:/etc/ceph/ceph.conf #拷贝ceph配置文件
3. Configure CEPH authentication to allow Nova users access to the VMS pool, images pool
[[Email protected]_10_1_2_230 ~]# ceph auth get-or-create Client.nova mon ' Allow R ' OSD ' Allow Class-read Object_prefix RB D_children, allow rwx Pool=vms, allow rwx pool=images '
[Client.nova]
Key = aqblxqpwb8hschaa6hgubt5jnrfgd116uy+nmg==
#查看ceph的认证信息
[Email protected]_10_1_2_230 ~]# ceph Auth List
Installed auth Entries:
osd.0
key:aqdsx6lwygehdxaagwcyp9jdvh2zaa8jlgwj1q==
Caps: [Mon] Allow profiles OSD
Caps: [OSD] Allow *
Osd.1
key:aqd1x6lwqcyberaajiko1lvpj8fvvefdvnqzsa==
Caps: [Mon] Allow profiles OSD
Caps: [OSD] Allow *
Client.admin
key:aqcexqlwql6ogbaa2v5lsyeb5vglyq/k2huy3a==
Caps: [MDS] Allow
Caps: [Mon] Allow *
Caps: [OSD] Allow *
Client.bootstrap-mds
key:aqcexqlwumnrmraazep/ulhquaixmcny5d5ppw==
Caps: [Mon] Allow profile Bootstrap-mds
Client.bootstrap-osd
key:aqcexqlwqffpjbaafpcx4stlnztbesyfkys9lq==
Caps: [Mon] Allow profile bootstrap-osd
Client.bootstrap-rgw
key:aqar7alwok0sghaaftoo0pfszuvzczmvjox1wg==
Caps: [Mon] Allow profile BOOTSTRAP-RGW
Client.glance
key:aqal76lwhmyshxaantfxv3jq70gcebozi5abcq==
Caps: [Mon] Allow R
Caps: [OSD] Allow Class-read object_prefix rbd_children, allow rwx pool=images
Client.nova
key:aqblxqpwb8hschaa6hgubt5jnrfgd116uy+nmg==
Caps: [Mon] Allow R
Caps: [OSD] Allow Class-read object_prefix rbd_children, allow rwx Pool=vms, allow rwx pool=images #添加了nova用户的认证信息
4. Copy the Ceph-certified key to the COMPUTE node
A. View Client.nova key
[Email protected]_10_1_2_230 ~]# ceph Auth get-or-create Client.nova
[Client.nova]
Key = aqblxqpwb8hschaa6hgubt5jnrfgd116uy+nmg==
B. Copy the key to the remote
[Email protected]_10_1_2_230 ~]# SCP ceph.client.nova.kering [email protected]:/etc/ceph/
Ceph.client.nova.kering
C. Generate Nova Temporary key
[[Email protected]_10_1_2_230 ~]# ceph Auth Get-key Client.nova | SSH [email protected] tee Client.nova.key
5. Compute node Libvirt using Ceph key
A, generate the UUID number
[Email protected]_10_1_2_232 ~]# Uuidgen
0d154ad2-ec21-4200-952f-7551503da8a1
B. Generate encrypted files
Vim Secret.xml
<secret ephemeral= ' no ' private= ' no ' >
<uuid>0d154ad2-ec21-4200-952f-7551503da8a1</uuid>
<usage type= ' Ceph ' >
<name>client.cinder secret</name>
</usage>
</secret>
C. Load encrypted files
[Email protected]_10_1_2_232 ~]# virsh secret-define--file secret.xml
Secret 0D154AD2-EC21-4200-952F-7551503DA8A1 Created
D, configure Libvirt encryption, use Client.nova.key
[Email protected]_10_1_2_232 ~]# virsh secret-set-value--secret 0d154ad2-ec21-4200-952f-7551503da8a1--base64 $ (CAT/ Root/client.nova.key)
Secret Value Set
E. View the key defined by Libvirt
[Email protected]_10_1_2_232 ~]# Virsh secret-list
UUID Usage
-----------------------------------------------------------
0D154AD2-EC21-4200-952F-7551503DA8A1 Unused
This article is from the "Let Me Men Grow Together" blog, please be sure to keep this source http://wujingfeng.blog.51cto.com/5725921/1871020
Nova and Ceph binding