OpenStack 高可用性解决方案手动安装指南(二)
4.1.4时间同步:
安装NTP:
apt-get install -y ntp
修改/etc/ntp.conf文件添加NTP服务器。注:OpenStack要求时钟同步。我们的例子使用一个名为ntp.corp.com的
伪(FAKE)服务器作为NTP服务器。确保修改ntp.corp.com成你真正的NTP服务器。最后,确保NTP的域名解析正确。
vi /etc/ntp.conf
server ntp.corp.com
重启NTP服务器使更改生效
service ntp restart
验证你是在拉(pull)时间:
ntpq -p
remote refid st t when poll reach delay offset jitter
==============================================================================
*ntp.corp. .GPS. 1 u 185 512 377 76.035 0.053 0.033
cheezum.mattnor 129.7.1.66 2 u 8d 1024 0 47.731 -0.555 0.000
ntp2.rescomp.be .STEP. 16 u - 1024 0 0.000 0.000 0.000
216.45.57.38 204.123.2.5 2 u 54h 1024 0 12.607 0.808 0.000
lithium.constan 128.4.1.1 2 u 8d 1024 0 69.861 0.206 0.000
europium.canoni 193.79.237.14 2 u 54h 1024 0 144.040 -1.455 0.000
4.2负载均衡节点的安装
确保你已经完成了所有节点的通用安装部分,然后再继续安装步骤。在节点slb01和slb02上执行如下安装步骤:
4.2.1 Keepalived和HAproxy
编辑 /etc/sysctl.conf使得Keepalived关联到一个虚拟IP地址,该虚拟IP地址不直接绑定到该节点的一个接口
上:
net.ipv4.ip_nonlocal_bind=1
从/etc/sysctl.conf中装入sysctl的配置:
sysctl -p
安装Keepalived包 和 HAProxy 包:
apt-get install -y keepalived haproxy
创建 /var/lib/haproxy目录:
mkdir /var/lib/haproxy
确保目录/var/lib/haproxy的所有者是root,如果需要就更改文件的所有权:
chown root:root /var/lib/haproxy/
为节点slb01配置/etc/keepalived/keepalived.conf文件如下。用你实际的域名修改[YOUR_DOMAIN_NAME]。文件
keepalived.conf,包含以下几部分:
global_defs:全局参数影响整个过程的整个行为,如果需要的话,可以有几个”全局“段,但是它们的参数
将会被合并。
vrrp_script:keepalived支持VRRP脚本框架进行基本功能的扩展。名为haproxy的vrrp_script将会检查haproxy
服务的状态,两秒一次,如果状态是正在运行,每次就添加2个点的优先权。如果haproxy服务的状态是
没有运行,备份的haproxy节点将会替代当前节点成为主要节点并开始为virtual_ipaddress通信的工作。
vrrp_instance:是用来为虚拟网关地址明确地配置参数的地方。slb01配置为主网关192.168.220.40(控制器
集群),备份网关192.168.220.60(swift代理集群)。相应地,slb02配置为主网关192.1680.200.60,备份网
关192.168.220.40。
global_defs {
notification_email {
root@[YOUR_DOMAIN_NAME]
}
notification_email_from keepalived@[YOUR_DOMAIN_NAME]
smtp_server localhost
smtp_connect_timeout 30
router_id slb01
}
vrrp_script haproxy {
script "killall -0 haproxy"
interval 2
weight 2
}
vrrp_instance 50 {
virtual_router_id 50
# Advert interval
advert_int 1
# for electing MASTER, highest priority wins.
priority 101
state MASTER
interface eth0
virtual_ipaddress {
192.168.220.40 dev eth0
}
track_script {
haproxy
}
}
vrrp_instance 51 {
virtual_router_id 51
# Advert interval
advert_int 1
# for electing MASTER, highest priority wins.
priority 100
state BACKUP
interface eth0
virtual_ipaddress {
192.168.220.60 dev eth0
}
track_script {
haproxy
}
}
按如下内容为节点slb02配置/etc/keepalived/keepalived.conf文件。用你实际的域名修改[YOUR_DOMAIN_NAME]。
global_defs {
notification_email {
root@[YOUR_DOMAIN_NAME]
}
notification_email_from keepalived@[YOUR_DOMAIN_NAME]
smtp_server localhost
smtp_connect_timeout 30
router_id slb02
}
vrrp_script haproxy {
script "killall -0 haproxy"
interval 2
weight 2
}
vrrp_instance 50 {
virtual_router_id 50
# Advert interval
advert_int 1
# for electing MASTER, highest priority wins.
priority 100
state BACKUP
interface eth0
virtual_ipaddress {
192.168.220.40 dev eth0
}
track_script {
haproxy
}
}
vrrp_instance 51 {
virtual_router_id 51
# Advert interval
advert_int 1
# for electing MASTER, highest priority wins.
priority 101
state MASTER
interface eth0
virtual_ipaddress {
192.168.220.60 dev eth0
}
track_script {
haproxy
}
}
为slb01节点按如下内容配置/etc/haproxy/haproxy.cfg文件。HAProxy 的配置过程中涉及到的参数有3个主要
来源:
1.从命令行里输入的参数,这种参数总是优先的。
2.“global”段的参数,这种参数是整个过程范围内起作用的。
3.代理段的参数,这种参数可以从"defaults", "listen", "frontend" 和"backend"中采取。
以下是文件haproxy.cfg的一些补充介绍:
global:为负载均衡通信设置全过程范围内起作用的参数。全局参数可以被修改,通过修改服务器详细配置文
件haproxy.cfg中的listen部分。
defaults:“defaults”段在其声明后为其他的所有段设置默认参数,到下一个“defaults”段时,这些默认参数会
被重置,这个名字是可选的,它的使用是为了更好的可读性。
listen:一个“listen”段定义了一个完整的代理,其前端(即监听VIP)和后端(即服务器的真实IP )结合在一段。
目前,主要支持的代理模式有两种: 一种是“TCP” ,也称之为layer4;一种是 “http” ,也称之为layer7。
在layer4模式下, HAProxy简单地转发双方之间的双向通信。在layer7模式下,HAProxy对协议进行分析,并可
以通过允许,阻断,交换,添加,修改,删除请求或基于可配置标准的响应中的任意内容等方式来进行交
互。
global
chroot /var/lib/haproxy
daemon
group haproxy
log 192.168.220.81 local0
maxconn 4000
pidfile /var/run/haproxy.pid
user haproxy
defaults
log global
maxconn 8000
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout check 10s
listen dashboard_cluster
bind 192.168.220.40:80
balance source
option tcpka
option httpchk
option tcplog
server control01 192.168.220.41:80 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:80 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:80 check inter 2000 rise 2 fall 5
listen galera_cluster
bind 192.168.220.40:3306
balance source
mode tcp
option httpchk
server control01 192.168.220.41:3306 check port 9200 inter 2000 rise 2 fall 5
server control02 192.168.220.42:3306 check port 9200 inter 2000 rise 2 fall 5
server control03 192.168.220.43:3306 check port 9200 inter 2000 rise 2 fall 5
listen glance_api_cluster
bind 192.168.220.40:9292
balance source
option tcpka
option httpchk
option tcplog
server control01 192.168.220.41:9292 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:9292 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:9292 check inter 2000 rise 2 fall 5
listen glance_registry_cluster
bind 192.168.220.40:9191
balance source
option tcpka
option tcplog
server control01 192.168.220.41:9191 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:9191 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:9191 check inter 2000 rise 2 fall 5
listen keystone_admin_cluster
bind 192.168.220.40:35357
balance source
option tcpka
option httpchk
option tcplog
server control01 192.168.220.41:35357 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:35357 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:35357 check inter 2000 rise 2 fall 5
listen keystone_public_internal_cluster
bind 192.168.220.40:5000
balance source
option tcpka
option httpchk
option tcplog
server control01 192.168.220.41:5000 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:5000 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:5000 check inter 2000 rise 2 fall 5
listen memcached_cluster
bind 192.168.220.40:11211
balance source
option tcpka
option tcplog
server control01 192.168.220.41:11211 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:11211 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:11211 check inter 2000 rise 2 fall 5
listen nova_compute_api1_cluster
bind 192.168.220.40:8773
balance source
option tcpka
option tcplog
server control01 192.168.220.41:8773 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:8773 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:8773 check inter 2000 rise 2 fall 5
listen nova_compute_api2_cluster
bind 192.168.220.40:8774
balance source
option tcpka
option httpchk
option tcplog
server control01 192.168.220.41:8774 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:8774 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:8774 check inter 2000 rise 2 fall 5
listen nova_compute_api3_cluster
bind 192.168.220.40:8775
balance source
option tcpka
option tcplog
server control01 192.168.220.41:8775 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:8775 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:8775 check inter 2000 rise 2 fall 5
listen nova_volume_cluster
bind 192.168.220.40:8776
balance source
option tcpka
option httpchk
option tcplog
server control01 192.168.220.41:8776 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:8776 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:8776 check inter 2000 rise 2 fall 5
listen novnc_cluster
bind 192.168.220.40:6080
balance source
option tcpka
option tcplog
server control01 192.168.220.41:6080 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:6080 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:6080 check inter 2000 rise 2 fall 5
listen quantum_api_cluster
bind 192.168.220.40:9696
balance source
option tcpka
option httpchk
option tcplog
server control01 192.168.220.41:9696 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:9696 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:9696 check inter 2000 rise 2 fall 5
listen swift_proxy_cluster
bind 192.168.220.60:8080
balance source
option tcplog
option tcpka
server swiftproxy01 192.168.220.61:8080 check inter 2000 rise 2 fall 5
server swiftproxy02 192.168.220.62:8080 check inter 2000 rise 2 fall 5
按如下内容为节点slb02配置/etc/haproxy/haproxy.cfg文件。
global
chroot /var/lib/haproxy
daemon
group haproxy
log 192.168.220.82 local0
maxconn 4000
pidfile /var/run/haproxy.pid
user haproxy
defaults
log global
maxconn 8000
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout check 10s
listen dashboard_cluster
bind 192.168.220.40:80
balance source
option tcpka
option httpchk
option tcplog
server control01 192.168.220.41:80 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:80 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:80 check inter 2000 rise 2 fall 5
listen galera_cluster
bind 192.168.220.40:3306
balance source
option httpchk
server control01 192.168.220.41:3306 check port 9200 inter 2000 rise 2 fall 5
server control02 192.168.220.42:3306 check port 9200 inter 2000 rise 2 fall 5
server control03 192.168.220.43:3306 check port 9200 inter 2000 rise 2 fall 5
listen glance_api_cluster
bind 192.168.220.40:9292
balance source
option tcpka
option httpchk
option tcplog
server control01 192.168.220.41:9292 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:9292 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:9292 check inter 2000 rise 2 fall 5
listen glance_registry_cluster
bind 192.168.220.40:9191
balance source
option tcpka
option tcplog
server control01 192.168.220.41:9191 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:9191 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:9191 check inter 2000 rise 2 fall 5
listen keystone_admin_cluster
bind 192.168.220.40:35357
balance source
option tcpka
option httpchk
option tcplog
server control01 192.168.220.41:35357 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:35357 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:35357 check inter 2000 rise 2 fall 5
listen keystone_public_internal_cluster
bind 192.168.220.40:5000
balance source
option tcpka
option httpchk
option tcplog
server control01 192.168.220.41:5000 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:5000 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:5000 check inter 2000 rise 2 fall 5
listen memcached_cluster
bind 192.168.220.40:11211
balance source
option tcpka
option tcplog
server control01 192.168.220.41:11211 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:11211 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:11211 check inter 2000 rise 2 fall 5
listen nova_compute_api1_cluster
bind 192.168.220.40:8773
balance source
option tcpka
option tcplog
server control01 192.168.220.41:8773 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:8773 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:8773 check inter 2000 rise 2 fall 5
listen nova_compute_api2_cluster
bind 192.168.220.40:8774
balance source
option tcpka
option httpchk
option tcplog
server control01 192.168.220.41:8774 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:8774 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:8774 check inter 2000 rise 2 fall 5
listen nova_compute_api3_cluster
bind 192.168.220.40:8775
balance source
option tcpka
option tcplog
server control01 192.168.220.41:8775 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:8775 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:8775 check inter 2000 rise 2 fall 5
listen nova_volume_cluster
bind 192.168.220.40:8776
balance source
option tcpka
option httpchk
option tcplog
server control01 192.168.220.41:8776 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:8776 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:8776 check inter 2000 rise 2 fall 5
listen novnc_cluster
bind 192.168.220.40:6080
balance source
option tcpka
option tcplog
server control01 192.168.220.41:6080 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:6080 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:6080 check inter 2000 rise 2 fall 5
listen quantum_api_cluster
bind 192.168.220.40:9696
balance source
option tcpka
option httpchk
option tcplog
server control01 192.168.220.41:9696 check inter 2000 rise 2 fall 5
server control02 192.168.220.42:9696 check inter 2000 rise 2 fall 5
server control03 192.168.220.43:9696 check inter 2000 rise 2 fall 5
listen swift_proxy_cluster
bind 192.168.220.60:8080
balance source
option tcplog
option tcpka
server swiftproxy01 192.168.220.61:8080 check inter 2000 rise 2 fall 5
server swiftproxy02 192.168.220.62:8080 check inter 2000 rise 2 fall 5
在/etc/default/haproxy文件中设置“ENABLED”为“1”:
ENABLED=1
重启Keepalived和HAProxy服务:
/etc/init.d/keepalived restart
/etc/init.d/haproxy restart
4.3所有Swift节点的通用安装步骤
确保安装之前已经完成了所有节点的通用安装步骤。安装Swift和其他基本软件包:
apt-get install -y swift openssh-server rsync memcached python-netifaces python-xattr python-memcache
创建Swift配置目录
mkdir -p /etc/swift
创建Swift配置文件。注意:在所有Swift节点中这个文件应该完全一样。
vi /etc/swift/swift.conf
[swift-hash]
swift_hash_path_suffix = Gdr8ny7YyWqy2
更改Swift目录的所有权:
chown -R swift:swift /etc/swift/
(个人水平有限,错误在所难免,转载请注明出处:http://blog.csdn.net/bangbanglovetting)