OpenStack Ussuri : Manila
OpenStack Ussuri : Manila
----------------------- ----------------------- -----------------------
| [ Controller Node ] | | [ Compute Node ] | | [ Network Node ] |
| | | Libvirt | | Open vSwitch |
| MariaDB RabbitMQ | | Nova compute | | L2 Agent |
| Memcached Keystone | | Open vSwitch | | L3 Agent |
| httpd Cinder API | | L2 Agent | | metadata agent |
| Nova-API Compute | | Cinder-LVM | | Swift-proxy |
| L2 agent L3 agent | | NFS | | Heat API |
| metadata agent | | Manila Share | | API-CFN |
| Neutron Server | ----------------------- | Heat Engine |
| Gnocchi Trove API | | Designate Services |
| Barbican API | -----------------------
| Rally Manila API |
-----------------------OpenStack Ussuri : Manila
- Manila는 OpenStack에서 맡는 서비스입니다.
- Manila의 대한 보다 자세한 설명은 Manila를 참조해주세요.
Manila service 및 User 생성
$ controller ~(keystone)> openstack user create --domain default --project service --password qwer1234 manila
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| default_project_id | b470c69e28db47cdbfc81e06cc67f627 |
| domain_id | default |
| enabled | True |
| id | 4ea7c62d89194d9883e6773a977133b6 |
| name | manila |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
$ controller ~(keystone)> openstack role add --project service --user manila admin
$ controller ~(keystone)> openstack service create --name manila --description "OpenStack Shared Filesystem" share
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Shared Filesystem |
| enabled | True |
| id | 1129696ac3f5449293b638e0daec3bde |
| name | manila |
| type | share |
+-------------+----------------------------------+
$ controller ~(keystone)> openstack service create --name manilav2 --description "OpenStack Shared Filesystem V2" sharev2
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Shared Filesystem V2 |
| enabled | True |
| id | 1d94787a2d34489dbe880faa5e165e5e |
| name | manilav2 |
| type | sharev2 |
+-------------+----------------------------------+
$ controller ~(keystone)> openstack endpoint create --region RegionOne share public http://controller:8786/v1/%\(tenant_id\)s
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | d3d6590a342047eab8abca304701d90d |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 1129696ac3f5449293b638e0daec3bde |
| service_name | manila |
| service_type | share |
| url | http://controller:8786/v1/%(tenant_id)s |
+--------------+-----------------------------------------+
$ controller ~(keystone)> openstack endpoint create --region RegionOne share internal http://controller:8786/v1/%\(tenant_id\)s
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | 0a6516d199d346febe62800b87a10eb9 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 1129696ac3f5449293b638e0daec3bde |
| service_name | manila |
| service_type | share |
| url | http://controller:8786/v1/%(tenant_id)s |
+--------------+-----------------------------------------+
$ controller ~(keystone)> openstack endpoint create --region RegionOne share admin http://controller:8786/v1/%\(tenant_id\)s
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | 6153d88f7eab40caa669c3130f03226a |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 1129696ac3f5449293b638e0daec3bde |
| service_name | manila |
| service_type | share |
| url | http://controller:8786/v1/%(tenant_id)s |
+--------------+-----------------------------------------+
$ controller ~(keystone)> openstack endpoint create --region RegionOne sharev2 public http://controller:8786/v2/%\(tenant_id\)s
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | 22e9d4e2b62a4203ae182041c9c10049 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 1d94787a2d34489dbe880faa5e165e5e |
| service_name | manilav2 |
| service_type | sharev2 |
| url | http://controller:8786/v2/%(tenant_id)s |
+--------------+-----------------------------------------+
$ controller ~(keystone)> openstack endpoint create --region RegionOne sharev2 internal http://controller:8786/v2/%\(tenant_id\)s
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | eb4e0b33fae7432d87078a0ba2c2e8de |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 1d94787a2d34489dbe880faa5e165e5e |
| service_name | manilav2 |
| service_type | sharev2 |
| url | http://controller:8786/v2/%(tenant_id)s |
+--------------+-----------------------------------------+
$ controller ~(keystone)> openstack endpoint create --region RegionOne sharev2 admin http://controller:8786/v2/%\(tenant_id\)s
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | 212c9ddfbc554dfb83f80e3a252db235 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 1d94787a2d34489dbe880faa5e165e5e |
| service_name | manilav2 |
| service_type | sharev2 |
| url | http://controller:8786/v2/%(tenant_id)s |
+--------------+-----------------------------------------+Manila 유저의 DB를 생성합니다.
$ controller> mysql -u root -p
$ MariaDB> create database manila;
$ MariaDB> grant all privileges on manila.* to manila@'localhost' identified by 'qwer1234';
$ MariaDB> grant all privileges on manila.* to manila@'%' identified by 'qwer1234';
$ MariaDB> flush privileges;
$ MariaDB> exit;
controller node manila api 설치
$ controller> dnf --enablerepo=centos-openstack-ussuri,powertools,epel -y install openstack-manila python3-manilaclient
# manila 및 관련 모듈을 설치합니다.
$ controller> vi /etc/manila/manila.conf
[DEFAULT]
my_ip = controller
api_paste_config = /etc/manila/api-paste.ini
rootwrap_config = /etc/manila/rootwrap.conf
state_path = /var/lib/manila
auth_strategy = keystone
default_share_type = default_share_type
share_name_template = share-%s
transport_url = rabbit://openstack:qwer1234@controller
[database]
connection = mysql+pymysql://manila:qwer1234@controller/manila
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = manila
password = qwer1234
[oslo_concurrency]
lock_path = $state_path/tmp
$ controller> su -s /bin/bash manila -c "manila-manage db sync"
$ controller> systemctl enable --now openstack-manila-api openstack-manila-scheduler
$ controller> firewall-cmd --add-port=8786/tcp --permanent
$ controller> firewall-cmd --reload
# 방화벽을 설정합니다.
$ controller ~(keystone)> manila service-list
+----+------------------+------------+------+---------+-------+----------------------------+
| Id | Binary | Host | Zone | Status | State | Updated_at |
+----+------------------+------------+------+---------+-------+----------------------------+
| 1 | manila-scheduler | controller | nova | enabled | up | 2020-08-21T01:27:53.000000 |
+----+------------------+------------+------+---------+-------+----------------------------+
# 확인
compute node manila share 설차
$ compute> dnf --enablerepo=centos-openstack-ussuri,powertools,epel -y install openstack-manila-share python3-manilaclient mariadb-devel python3-devel gcc make
$ compute> pip3 install mysqlclient
$ compute> vi /etc/manila/manila.conf
[DEFAULT]
my_ip = compute
api_paste_config = /etc/manila/api-paste.ini
rootwrap_config = /etc/manila/rootwrap.conf
state_path = /var/lib/manila
auth_strategy = keystone
default_share_type = default_share_type
share_name_template = share-%s
transport_url = rabbit://openstack:qwer1234@controller
[database]
connection = mysql+pymysql://manila:qwer1234@controller/manila
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = manila
password = qwer1234
[oslo_concurrency]
lock_path = $state_path/tmp
$ compute> mkdir /var/lib/manila
$ compute> chown manila. /var/lib/manila
$ compute> firewall-cmd --add-service=nfs --permanent
$ compute> firewall-cmd --reload
# 새로운 Disk install
$ compute> dnf -y install nfs-utils nfs4-acl-tools
$ compute> fdisk /dev/sdc
...
...
$ compute> pvcreate /dev/sdc1
$ compute> vgcreate manila-volumes /dev/sdc1
$ compute> vi /etc/manila/manila.conf
[DEFAULT]
enabled_share_backends = lvm
[lvm]
share_backend_name = LVM
share_driver = manila.share.drivers.lvm.LVMShareDriver
driver_handles_share_servers = False
lvm_share_volume_group = manila-volumes
lvm_share_export_ips = compute
$ compute> systemctl enable --now openstack-manila-share nfs-server
확인
$ controller ~(keystone)> manila type-create default_share_type False
+----------------------+--------------------------------------+
| Property | Value |
+----------------------+--------------------------------------+
| ID | 9f6323f6-7443-4a83-ba70-7c10f78366c9 |
| Name | default_share_type |
| Visibility | public |
| is_default | YES |
| required_extra_specs | driver_handles_share_servers : False |
| optional_extra_specs | |
| Description | None |
+----------------------+--------------------------------------+
$ controller ~(keystone)> manila type-list
+--------------------------------------+--------------------+------------+------------+--------------------------------------+----------------------+-------------+
| ID | Name | visibility | is_default | required_extra_specs | optional_extra_specs | Description |
+--------------------------------------+--------------------+------------+------------+--------------------------------------+----------------------+-------------+
| 9f6323f6-7443-4a83-ba70-7c10f78366c9 | default_share_type | public | YES | driver_handles_share_servers : False | | None |
+--------------------------------------+--------------------+------------+------------+--------------------------------------+----------------------+-------------+
$ controller ~(keystone)> manila create NFS 10 --name share01
+---------------------------------------+--------------------------------------+
| Property | Value |
+---------------------------------------+--------------------------------------+
| id | 72ab96c5-80f5-401a-b414-ab76a240acf1 |
| size | 10 |
| availability_zone | None |
| created_at | 2020-08-21T01:52:16.000000 |
| status | creating |
| name | share01 |
| description | None |
| project_id | edd7025c02574d3aa2d3ab6e56208320 |
| snapshot_id | None |
| share_network_id | None |
| share_proto | NFS |
| metadata | {} |
| share_type | 9f6323f6-7443-4a83-ba70-7c10f78366c9 |
| is_public | False |
| snapshot_support | False |
| task_state | None |
| share_type_name | default_share_type |
| access_rules_status | active |
| replication_type | None |
| has_replicas | False |
| user_id | 4ebf85318da84b5cb1257152f9fc35ba |
| create_share_from_snapshot_support | False |
| revert_to_snapshot_support | False |
| share_group_id | None |
| source_share_group_snapshot_member_id | None |
| mount_snapshot_support | False |
| progress | None |
| share_server_id | None |
| host | |
+---------------------------------------+--------------------------------------+
$ controller ~(keystone)> manila list
$ controller ~(keystone)> manila access-allow share01 ip 1.1.1.0/24 --access-level rw
$ controller ~(keystone)> manila access-list share01
$ controller ~(keystone)> openstack server start CentOS_8
$ controller ~(keystone)> manila show share01 | grep path | cut -d'|' -f3
$ controller ~(keystone)> ssh centos@10.0.0.247
$ controller ~(keystone)> sudo mount -t nfs \
10.0.0.50:/var/lib/manila/mnt/share-3544d5a3-7157-4c10-aaa3-edd4b6fd2512 /mnt
$ controller ~(keystone)> df -hT
$ controller ~(keystone)>
마지막 수정일자