Installation VM compute

Les noeuds de calculs correspondent aux hyperviseurs. Ils sont pilotés par la brique Nova, et possèdent en général un agent neutron pour la configuration des réseaux dédiés aux VMs.

Pour installer les paquets :

yum install openstack-nova-compute

Fichier de configuration /etc/nova/nova.conf :

[DEFAULT]
auth_strategy=keystone
my_ip=192.168.2.69
use_neutron=true
enabled_apis=osapi_compute,metadata
firewall_driver = nova.virt.firewall.NoopFirewallDriver
rpc_backend=rabbit
[api_database]
[barbican]
[cache]
[cells]
[cinder]
[cloudpipe]
[conductor]
[cors]
[cors.subdomain]
[crypto]
[database]
[ephemeral_storage_encryption]
[glance]
api_servers = http://glance.internal:9292
[guestfs]
[hyperv]
[image_file_url]
[ironic]
[key_manager]
[keystone_authtoken]
auth_uri = http://controller.internal:5000
auth_url = http://controller.internal:35357
memcached_servers = controller.internal:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = nova
[libvirt]
[matchmaker_redis]
[metrics]
[mks]
[neutron]
[osapi_v21]
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[oslo_messaging_amqp]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
rabbit_host = bdd
rabbit_userid = openstack
rabbit_password = RABBIT_PASS
[oslo_messaging_zmq]
[oslo_middleware]
[oslo_policy]
[placement]
[placement_database]
[rdp]
[remote_debug]
[serial_console]
[spice]
[ssl]
[trusted_computing]
[upgrade_levels]
[vmware]
[vnc]
enabled = True
vncserver_listen = 0.0.0.0
vncserver_proxyclient_address = $my_ip
novncproxy_base_url = http://controller.public:6080/vnc_auto.html
[workarounds]
[wsgi]
[xenserver]
[xvp]

Activer et demarrer les services Nova de l'hyperviseur :

systemctl enable libvirtd openstack-nova-compute
systemctl start libvirtd openstack-nova-compute

Installer les paquets des agents nécessaires :

yum install openstack-neutron-openvswitch ipset

Configuration de l'agent openvswitch dans /etc/neutron/plugins/ml2/openvswitch_agent.ini :

[DEFAULT]
[agent]
tunnel_types = gre,vxlan
l2_population = True
[ovs]
local_ip = 192.168.200.4
bridge_mappings = vlan:br-vlan
[securitygroup]
firewall_driver = iptables_hybrid

Configuration de la partie Neutron dans /etc/neutron/neutron.conf :

[DEFAULT]
auth_strategy = keystone
rpc_backend = rabbit
[agent]
[cors]
[cors.subdomain]
[database]
[keystone_authtoken]
auth_uri = http://controller.internal:5000
auth_url = http://controller.internal:35357
memcached_servers = controller.internal:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = neutron
[matchmaker_redis]
[nova]
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
[oslo_messaging_amqp]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
rabbit_host = bdd
rabbit_userid = openstack
rabbit_password = RABBIT_PASS
[oslo_messaging_zmq]
[oslo_policy]
[qos]
[quotas]
[ssl]

Activer et démarrer les services suivants :

systemctl enable neutron-openvswitch-agent openvswitch
systemctl start neutron-openvswitch-agent openvswitch

Pour permettre les migrations à chaud, il faut ajouter l'option –listen via le fichier /etc/sysconfig/libvirtd. Il faut de plus autoriser le tcp, sans le TLS (à voir pour plus tard), ainsi que d'accepter les connexions sans authentification en TCP. Cela se fait dans /etc/libvirt/libvirtd.conf (auth_tcp = none).

Installation VM compute

Installation de la partie Nova

Configuration de Nova

Configuration de la partie Neutron

Configuration de la libvirt

Linuxed