Dev/Openstack

[Monasca-pike] Centos 7 setup (only keystone use ver)

ainory 2018. 3. 23. 12:45


  • 사전 작업
    • monasca 계정생성
    • mariadb yum repo setting (db가 설치될 server에만 적용)
      • vi /etc/yum.repos.d/MariaDB.repo
[mariadb]
name = MariaDB
gpgcheck=1

    • influxdb yum repo setting (db가 설치될 server에만 적용)
      • vi /etc/yum.repo.d/influxdb.repo
[influxdb]
name = InfluxDB Repository - RHEL \$releasever
enabled = 1
gpgcheck = 1

    • iptable, firewalld 중지 (필요한 port만 열어주고 사용해도 무방함)
systemctl stop iptables
systemctl stop firewalld
systemctl disable iptables
systemctl disable firewalld

    • openstack pike repo 등록 (keystone이 설치될 server에만 적용)

    • pip install & upgrade
yum install -y epel-release
yum install -y python-pip
pip install --upgrade pip
pip install --upgrade setuptools

    • selinux 해제
setenforce 0



  • installation
    • mairadb
# mariadb install
yum install -y MariaDB-server MariaDB-client
systemctl enable mysql
systemctl start mysql

# mysql 접근 계정 설정
mysql -uroot 

grant all privileges on *.* to 'root'@'%' identified by 'root123';
grant all privileges on *.* to 'root'@'localhost' identified by 'root123’;
flush privileges;

    • influxdb
yum install -y influxdb
systemctl enable influxdb.service
systemctl start influxdb.service

    • kafka(최신 stable),zookeeper(최신 stable)
      • 구성에 따라 맞춰서 설치함
      • path
        • $HOME/application/kafka
        • $HOME/application/zookeeper
    • storm
      • 구성에 따라 맞춰서 설치함
      • path
        • $HOME/application/storm
    • keystone
      • keystone db 계정 생성
mysql -uroot

CREATE DATABASE keystone;

GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
  IDENTIFIED BY 'keystone123';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
  IDENTIFIED BY 'keystone123';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'monasca-api' \
  IDENTIFIED BY 'keystone123';
flush privileges;

      • 관리 토큰을 생성하여 나온 값을 따로 저장해 놓음
openssl rand -hex 10

      • package 설치
yum install -y openstack-keystone httpd mod_wsgi

      • keystone.conf 수정
vi /etc/keystone/keystone.conf

[DEFAULT]
admin_token = fe06b146d34985fe8ce4     # token 값을 넣어줌
[database]
#database 정보 입력
connection = mysql+pymysql://keystone:keystone123@monasca-api/keystone
[token]
provider = fernet      # Fernet 토큰 제공자 구성

      • keystone database insert
/bin/sh -c "keystone-manage db_sync" keystone

      • fernet key 초기화
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone

      • httpd.conf 수정
vi /etc/httpd/conf/httpd.conf

ServerName monasca-api     # hostName으로 변경

      • wsgi-keystone.conf 파일 생성
vi /etc/httpd/conf.d/wsgi-keystone.conf

Listen 5000
Listen 35357

<VirtualHost *:5000>
    WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
    WSGIProcessGroup keystone-public
    WSGIScriptAlias / /usr/bin/keystone-wsgi-public
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
    ErrorLogFormat "%{cu}t %M"
    ErrorLog /var/log/httpd/keystone-error.log
    CustomLog /var/log/httpd/keystone-access.log combined

    <Directory /usr/bin>
        Require all granted
    </Directory>
</VirtualHost>

<VirtualHost *:35357>
    WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
    WSGIProcessGroup keystone-admin
    WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
    ErrorLogFormat "%{cu}t %M"
    ErrorLog /var/log/httpd/keystone-error.log
    CustomLog /var/log/httpd/keystone-access.log combined

    <Directory /usr/bin>
        Require all granted
    </Directory>
</VirtualHost>

      • service 등록 및 기동
systemctl enable httpd.service
systemctl start httpd.service

      • 환경 변수 export
# TOKEN에는 초기에 할당받은 token 값을 넣어줌
export OS_TOKEN=0e0bea7cd497322a1b8b
export OS_ADMIN_TOKEN=0e0bea7cd497322a1b8b
export OS_IDENTITY_API_VERSION=3

    • openstack 설정
      • openstack client 설치
yum install -y python2-openstackclient.noarch

      • openstack domain create
[root@monasca-api ~]# openstack domain create default
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description |                                  |
| enabled     | True                             |
| id          | 8a44c086f17349018206f2d4faea97e8 |
| name        | default                          |
+-------------+----------------------------------+

      • openstack project create
[root@monasca-api ~]# openstack project create --domain default --description "Admin Project" admin
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Admin Project                    |
| domain_id   | 8a44c086f17349018206f2d4faea97e8 |
| enabled     | True                             |
| id          | df901de863de4ee08e0636a6b7a47c05 |
| is_domain   | False                            |
| name        | admin                            |
| parent_id   | 8a44c086f17349018206f2d4faea97e8 |
+-------------+----------------------------------+

      • openstack user create
[root@monasca-api ~]# openstack user create --domain default --password monasca123 monasca
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | 8a44c086f17349018206f2d4faea97e8 |
| enabled             | True                             |
| id                  | 099bca29b4e9444e8bc5e0c9112043c2 |
| name                | monasca                          |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+

      • openstack role create
[root@monasca-api ~]# openstack role create --domain default admin
+-----------+----------------------------------+
| Field     | Value                            |
+-----------+----------------------------------+
| domain_id | 8a44c086f17349018206f2d4faea97e8 |
| id        | a3bf25c1152d4a9bb24b9f5e1da9134f |
| name      | admin                            |
+-----------+----------------------------------+

      • openstack role add
openstack role add --project admin --user monasca admin

      • openstack service create
[root@monasca-api ~]# openstack service create --name monasca --description "Monasca monitoring service" monitoring
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | Monasca monitoring service       |
| enabled     | True                             |
| id          | 66ebde74b8cc4c3bb55416f91223893d |
| name        | monasca                          |
| type        | monitoring                       |
+-------------+----------------------------------+

      • openstack endpoint create
[root@monasca-api ~]# openstack endpoint create --region RegionOne monasca public http://monasca-api:8082/v2.0
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 1568f70fe5c345ffa3b2cde0b2179cc6 |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 66ebde74b8cc4c3bb55416f91223893d |
| service_name | monasca                          |
| service_type | monitoring                       |
| url          | http://monasca-api:8082/v2.0     |
+--------------+----------------------------------+
[root@monasca-api ~]# openstack endpoint create --region RegionOne monasca internal http://monasca-api:8082/v2.0
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | a550de93a7874593a397625c073d23cd |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 66ebde74b8cc4c3bb55416f91223893d |
| service_name | monasca                          |
| service_type | monitoring                       |
| url          | http://monasca-api:8082/v2.0     |
+--------------+----------------------------------+
[root@monasca-api ~]# openstack endpoint create --region RegionOne monasca admin http://monasca-api:8082/v2.0
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 1e7ad0b6e42e4ca497dcc8673e2275ab |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 66ebde74b8cc4c3bb55416f91223893d |
| service_name | monasca                          |
| service_type | monitoring                       |
| url          | http://monasca-api:8082/v2.0     |
+--------------+----------------------------------+



mysql -uroot -proot123 < mon_mysql.sql

      • monsaca db 접근 권한 추가
mysql -uroot -proot123

grant all privileges on *.* to 'monasca'@'monasca-api' identified by 'monasca123';
flush privileges;

      • kafka topic 생성
cd $KAFKA_HOME
bin/kafka-topics.sh --create --zookeeper monasca-api:2181/kafka --replication-factor 1 --partitions 64 --topic metrics
bin/kafka-topics.sh --create --zookeeper monasca-api:2181/kafka --replication-factor 1 --partitions 12 --topic events
bin/kafka-topics.sh --create --zookeeper monasca-api:2181/kafka --replication-factor 1 --partitions 12 --topic raw-events
bin/kafka-topics.sh --create --zookeeper monasca-api:2181/kafka --replication-factor 1 --partitions 12 --topic transformed-events
bin/kafka-topics.sh --create --zookeeper monasca-api:2181/kafka --replication-factor 1 --partitions 12 --topic stream-definitions
bin/kafka-topics.sh --create --zookeeper monasca-api:2181/kafka --replication-factor 1 --partitions 12 --topic transform-definitions
bin/kafka-topics.sh --create --zookeeper monasca-api:2181/kafka --replication-factor 1 --partitions 12 --topic alarm-state-transitions
bin/kafka-topics.sh --create --zookeeper monasca-api:2181/kafka --replication-factor 1 --partitions 12 --topic alarm-notifications
bin/kafka-topics.sh --create --zookeeper monasca-api:2181/kafka --replication-factor 1 --partitions 12 --topic stream-notifications
bin/kafka-topics.sh --create --zookeeper monasca-api:2181/kafka --replication-factor 1 --partitions 3 --topic retry-notifications

      • influxdb db, user, retention policy create
influx
CREATE DATABASE mon
CREATE USER monasca WITH PASSWORD 'monasca123'
CREATE RETENTION POLICY persister_all ON mon DURATION 90d REPLICATION 1 DEFAULT
exit

      • maven 설치
        • download 및 설정
cd $HOME/application
tar xvzf apache-maven-3.5.2-bin.tar.gz
ln -s apache-maven-3.5.2 maven

        • .bash_profile 내용추가
vi ~/.bash_profile

M2_HOME=$HOME/application/maven
PATH=$PATH:$HOME/.local/bin:$HOME/bin:$M2_HOME/bin
export PATH

        • .bash_profile 적용
source ~/.bash_profile

      • monasca-common 설치
        • path
          • $HOME/application/monasca
cd $HOME/application/monasca
cd monasca-common
mvn clean install

      • monasca-api 설치
        • path
          • $HOME/application/monasca
cd $HOME/application/monasca
cd monasca-api

        • run_maven.sh 수정
vi run_maven.sh

# ( cd common; ./build_common.sh ${MVN} ${COMMON_VERSION} ${BRANCH} ) 부분을 아래와 같이 바꿈
( cd common; ./build_common.sh ${MVN} ${COMMON_VERSION} stable/pike )

( cd java; ${MVN} -DgitRevision=`git rev-list HEAD --max-count 1 --abbrev=0 --abbrev-commit` $* )  부분을 아래와 같이 바꿈
( cd java; ${MVN} -Dmaven.test.skip=true -DgitRevision=`git rev-list HEAD --max-count 1 --abbrev=0 --abbrev-commit` $* )

        • common/build_common.sh 수정
vi run_maven.sh

${MVN} install   부분을 아래와 같이 바꿈
${MVN} install -Dmaven.test.skip=true

        • compile & package
./run_maven.sh 1.2.1-SNAPSHOT clean package

        • package extract
cd target
tar xvzf monasca-api-1.2.1-SNAPSHOT-tar.tar.gz
cp monasca-api-1.2.1-SNAPSHOT/monasca-api.jar .

        • api-config.yml 수정 (파일 참조 하여 수정)
        • monasca-api 기동
nohup java -jar /home/monasca/application/monasca/monasca-api/target/monasca-api.jar server /home/monasca/application/monasca/monasca-api/etc/api-config.yml &


      • monasca-persister 설치
        • java 버전으로 설치하려하였으나 influxdb접근 버그가 있어서 python버전으로 설치함
        • install
sudo pip install --upgrade pbr
sudo pip install influxdb
sudo pip install git+https://git.openstack.org/openstack/monasca-persister@1.6.0#egg=monasca-persister

vi /etc/monasca/persister.conf

        • monasca-persister 기동
monasca-persister --config-file /etc/monasca/persister.conf 


      • monasca-agent 설치
        • install
sudo pip install —upgrade pip
sudo pip install monasca-agent

        • monsaca-setup
monasca-setup \
  --username "monasca" \
  --password "monasca123" \
  --project_name "admin" \
  --project_id "df901de863de4ee08e0636a6b7a47c05" \
  --user_domain_id "8a44c086f17349018206f2d4faea97e8" \
  --user_domain_name "8a44c086f17349018206f2d4faea97e8" \
  --project_domain_id "8a44c086f17349018206f2d4faea97e8" \
  --project_domain_name "default" \
  --region_name "regionOne" \
  --service_type "monitoring" \
  --keystone_url http://100.168.10.2:35357/v3 \
  --monasca_url http://100.168.10.2:8020/v2.0 \
  --check_frequency '15'  \
  --log_level 'DEBUG'  \
  --insecure true \
  --system_only

        • agent 수집 설정 파일 수정
vi /etc/monasca/agent/conf.d/cpu.yaml

init_config: null
instances:
- built_by: System
  name: cpu_stats
  send_rollup_stats: True # vcpu measurement Option 추가
vi /etc/monasca/agent/conf.d/disk.yaml

init_config: null
instances:
- built_by: System
  device_blacklist_re: .*freezer_backup_snap.*
  ignore_filesystem_types: iso9660,tmpfs
  name: disk_stats
  send_rollup_stats: True # vcpu measurement Option 추가

        • agent 기동
systemctl start monasca-agent.service










'Dev/Openstack'의 다른글

  • 현재글[Monasca-pike] Centos 7 setup (only keystone use ver)

관련글

티스토리툴바