在安装和配置Orchestration之前,必须创建数据库,服务凭据和API端点。业务流程还需要身份服务中的其他信息。
-
要创建数据库,请完成以下步骤:
-
使用数据库访问客户端以
root用户身份连接到数据库服务器:$ mysql -u root -p -
创建
heat数据库:CREATE DATABASE heat; -
授予对
heat数据库的适当访问权限:GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'localhost' \ IDENTIFIED BY 'HEAT_DBPASS'; GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'%' \ IDENTIFIED BY 'HEAT_DBPASS';替换
HEAT_DBPASS为合适的密码。 -
退出数据库访问客户端。
-
-
来源
admin凭据来访问仅管理员CLI命令:$ . admin-openrc -
要创建服务凭据,请完成以下步骤:
-
创建
heat用户:$ openstack user create --domain default --password-prompt heat User Password: Repeat User Password: +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | e0353a670a9e496da891347c589539e9 | | enabled | True | | id | ca2e175b851943349be29a328cc5e360 | | name | heat | +-----------+----------------------------------+ -
将
admin角色添加到heat用户:$ openstack role add --project service --user heat admin注意
此命令不提供输出。
-
创建
heat和heat-cfn服务实体:$ openstack service create --name heat \ --description "Orchestration" orchestration +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Orchestration | | enabled | True | | id | 727841c6f5df4773baa4e8a5ae7d72eb | | name | heat | | type | orchestration | +-------------+----------------------------------+ $ openstack service create --name heat-cfn \ --description "Orchestration" cloudformation +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Orchestration | | enabled | True | | id | c42cede91a4e47c3b10c8aedc8d890c6 | | name | heat-cfn | | type | cloudformation | +-------------+----------------------------------+
-
-
创建Orchestration服务API端点:
$ openstack endpoint create --region RegionOne \ orchestration public http://controller:8004/v1/%\(tenant_id\)s +--------------+-----------------------------------------+ | Field | Value | +--------------+-----------------------------------------+ | enabled | True | | id | 3f4dab34624e4be7b000265f25049609 | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | 727841c6f5df4773baa4e8a5ae7d72eb | | service_name | heat | | service_type | orchestration | | url | http://controller:8004/v1/%(tenant_id)s | +--------------+-----------------------------------------+ $ openstack endpoint create --region RegionOne \ orchestration internal http://controller:8004/v1/%\(tenant_id\)s +--------------+-----------------------------------------+ | Field | Value | +--------------+-----------------------------------------+ | enabled | True | | id | 9489f78e958e45cc85570fec7e836d98 | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | 727841c6f5df4773baa4e8a5ae7d72eb | | service_name | heat | | service_type | orchestration | | url | http://controller:8004/v1/%(tenant_id)s | +--------------+-----------------------------------------+ $ openstack endpoint create --region RegionOne \ orchestration admin http://controller:8004/v1/%\(tenant_id\)s +--------------+-----------------------------------------+ | Field | Value | +--------------+-----------------------------------------+ | enabled | True | | id | 76091559514b40c6b7b38dde790efe99 | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | 727841c6f5df4773baa4e8a5ae7d72eb | | service_name | heat | | service_type | orchestration | | url | http://controller:8004/v1/%(tenant_id)s | +--------------+-----------------------------------------+$ openstack endpoint create --region RegionOne \ cloudformation public http://controller:8000/v1 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | b3ea082e019c4024842bf0a80555052c | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | c42cede91a4e47c3b10c8aedc8d890c6 | | service_name | heat-cfn | | service_type | cloudformation | | url | http://controller:8000/v1 | +--------------+----------------------------------+ $ openstack endpoint create --region RegionOne \ cloudformation internal http://controller:8000/v1 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 169df4368cdc435b8b115a9cb084044e | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | c42cede91a4e47c3b10c8aedc8d890c6 | | service_name | heat-cfn | | service_type | cloudformation | | url | http://controller:8000/v1 | +--------------+----------------------------------+ $ openstack endpoint create --region RegionOne \ cloudformation admin http://controller:8000/v1 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 3d3edcd61eb343c1bbd629aa041ff88b | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | c42cede91a4e47c3b10c8aedc8d890c6 | | service_name | heat-cfn | | service_type | cloudformation | | url | http://controller:8000/v1 | +--------------+----------------------------------+ -
Orchestration需要Identity Service中的其他信息来管理堆栈。要添加此信息,请完成以下步骤:
-
创建
heat包含堆栈项目和用户的域:$ openstack domain create --description "Stack projects and users" heat +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Stack projects and users | | enabled | True | | id | 0f4d1bd326f2454dacc72157ba328a47 | | name | heat | +-------------+----------------------------------+ -
创建
heat_domain_admin用户以管理heat域中的项目和用户:$ openstack user create --domain heat --password-prompt heat_domain_admin User Password: Repeat User Password: +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | 0f4d1bd326f2454dacc72157ba328a47 | | enabled | True | | id | b7bd1abfbcf64478b47a0f13cd4d970a | | name | heat_domain_admin | +-----------+----------------------------------+ -
将
admin角色添加到域中的heat_domain_admin用户heat以启用用户的 管理堆栈管理权限heat_domain_admin:$ openstack role add --domain heat --user-domain heat --user heat_domain_admin admin注意
此命令不提供输出。
-
创建
heat_stack_owner角色:$ openstack role create heat_stack_owner +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | None | | id | 15e34f0c4fed4e68b3246275883c8630 | | name | heat_stack_owner | +-----------+----------------------------------+ -
将
heat_stack_owner角色添加到admin项目和用户以启用用户的堆栈管理admin`:$ openstack role add --project admin --user admin heat_stack_owner注意
此命令不提供输出。
注意
您必须将
heat_stack_owner角色添加到管理堆栈的每个用户。 -
创建
heat_stack_user角色:$ openstack role create heat_stack_user +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | None | | id | 88849d41a55d4d1d91e4f11bffd8fc5c | | name | heat_stack_user | +-----------+----------------------------------+注意
Orchestration服务自动将
heat_stack_user角色分配给 在堆栈部署期间创建的用户。默认情况下,此角色限制API <应用程序编程接口(API)>操作。为避免冲突,请勿将此角色添加到具有该heat_stack_owner角色的用户。
-
-
安装包:
# yum install openstack-heat-api openstack-heat-api-cfn \
openstack-heat-engine
- 编辑
/etc/heat/heat.conf文件并完成以下操作:
-
在该
[database]部分中,配置数据库访问:[database] ... connection = mysql+pymysql://heat:HEAT_DBPASS@controller/heat替换
HEAT_DBPASS为您为Orchestration数据库选择的密码。 -
在该
[DEFAULT]部分中,配置RabbitMQ消息队列访问:[DEFAULT] ... transport_url = rabbit://openstack:RABBIT_PASS@controller替换
RABBIT_PASS为您为openstack帐户选择的密码RabbitMQ。 -
在
[keystone_authtoken],[trustee]和[clients_keystone]部分,配置标识服务的访问:[keystone_authtoken] ... auth_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = heat password = HEAT_PASS [trustee] ... auth_type = password auth_url = http://controller:5000 username = heat password = HEAT_PASS user_domain_name = default [clients_keystone] ... auth_uri = http://controller:5000替换
HEAT_PASS为您heat在Identity服务中为用户选择的密码 。 -
在该
[DEFAULT]部分中,配置元数据和等待条件URL:[DEFAULT] ... heat_metadata_server_url = http://controller:8000 heat_waitcondition_server_url = http://controller:8000/v1/waitcondition -
在该
[DEFAULT]部分中,配置堆栈域和管理凭据:[DEFAULT] ... stack_domain_admin = heat_domain_admin stack_domain_admin_password = HEAT_DOMAIN_PASS stack_user_domain_name = heat替换
HEAT_DOMAIN_PASS为您heat_domain_admin在Identity服务中为用户选择的密码 。
- 填充Orchestration数据库:
# su -s /bin/sh -c "heat-manage db_sync" heat
注意
忽略此输出中的任何弃用消息。
- 启动Orchestration服务并将其配置为在系统引导时启动:
# systemctl enable openstack-heat-api.service \
openstack-heat-api-cfn.service openstack-heat-engine.service
# systemctl start openstack-heat-api.service \
openstack-heat-api-cfn.service openstack-heat-engine.service
- 验证Orchestration服务的操作。
注意
在控制器节点上执行这些命令。
1). 来源admin租户凭证:
$ . admin-openrc
2). 列出服务组件以验证每个进程的成功启动和注册:
$ openstack orchestration service list
+------------+-------------+--------------------------------------+------------+--------+----------------------------+--------+
| hostname | binary | engine_id | host | topic | updated_at | status |
+------------+-------------+--------------------------------------+------------+--------+----------------------------+--------+
| controller | heat-engine | 3e85d1ab-a543-41aa-aa97-378c381fb958 | controller | engine | 2015-10-13T14:16:06.000000 | up |
| controller | heat-engine | 45dbdcf6-5660-4d5f-973a-c4fc819da678 | controller | engine | 2015-10-13T14:16:06.000000 | up |
| controller | heat-engine | 51162b63-ecb8-4c6c-98c6-993af899c4f7 | controller | engine | 2015-10-13T14:16:06.000000 | up |
| controller | heat-engine | 8d7edc6d-77a6-460d-bd2a-984d76954646 | controller | engine | 2015-10-13T14:16:06.000000 | up |
+------------+-------------+--------------------------------------+------------+--------+----------------------------+--------+
注意
此输出应指示heat-engine控制器节点上的四个组件(默认为4或主机上的CPU数量,以较大者为准)。