This recipe represents Configuring Keystone and Glance with Pacemaker and Corosync - OpenStack two nodes running both GLANCE and Keystone, controlled by Pacemaker with Corosync in active/passive mode, which allows for a failure of a single node. In a production environment, it is recommended that a cluster consists of at least three nodes to ensure resiliency and consistency in the case of a single node failure.
We must first create two servers configured appropriately for use with OpenStack. As these two servers will just be running Keystone and Glance, only a single network interface and address on the network that our OpenStack services communicate on will be required. This interface can be bonded for added resilience.
To increase the resilience of OpenStack services, carry out the following steps:
|If you would like to Enrich your career with an OpenStack certified professional, then visit Mindmajix - A Global online training platform: “Openstack Course Training” Course. This course will help you to achieve excellence in this domain.|
# Assigned IP export OS_USERNAME=admin export OS_PASSWORD=openstack export OS_TENANT_NAME=cookbook export OS_AUTH_URL=https://172.16.0.111:5000/v2.0/ keystone user-list # FloatingIP (Keepalived and HA Proxy) export OS_AUTH_URL=https://172.16.0.253:5000/v2.0/ keystone user-list
sudo apt-get update sudo apt-get install keystone python-mysqldb
sudo stop keystone sudo start keystone
# Second Node export OS_AUTH_URL=https://172.16.0.112:5000/v2.0/ keystone user-list
In order to have Glance able to run across multiple nodes, it must be configured with a shared storage backend (such as Swift) and be backed by a database backend (such as MySQL). On the first host, install and configure Glance, as described in STARTING OpenStack IMAGE SERVICE.
sudo apt-get install glance python-swift
sudo start glance-api sudo start glance-registry
# First node glance -I admin -K openstack -T cookbook -N https://172.16.0.111:5000/v2.0 index # Second node glance -I admin -K openstack -T cookbook -N https://172.16.0.112:5000/v2.0 index # FloatingIP glance -I admin -K openstack -T cookbook -N https://172.16.0.253:5000/v2.0 index
|Related Article: OpenStack Interview Questions|
/etc/init/keystone.override, /etc/init/glance-api.override and /etc/init/glance-registry.override with just the keyword, manual, in:
wget https://raw.github.com/madkiss/keystone/ha/tools/ocf/keystone wget https://raw.github.com/madkiss/glance/ha/tools/ocf/glance-api wget https://raw.github.com/madkiss/glance/ha/tools/ocf/glance-registry sudo mkdir -p /usr/lib/ocf/resource.d/openstack sudo cp keystone glance-api glance-registry /usr/lib/ocf/resource.d/openstack sudo chmod 755 /usr/lib/ocf/resource.d/openstack/*
sudo crm ra list ocf openstack
|Related Article: Learn OpenStack Tutorial|
sudo crm cib new conf-keystone sudo crm configure property stonith-enabled=false sudo crm configure property no-quorum-policy=ignore sudo crm configure primitive p_keystone ocf:openstack:keystone params config="/etc/keystone/keystone.conf" os_auth_url="https://localhost:5000/v2.0/" os_password="openstack" os_tenant_name="cookbook" os_username="admin" user="keystone" client_binary="/usr/bin/keystone" op monitor interval="5s" timeout="5s" sudo crm cib use live sudo crm cib commit conf-keystone
sudo crm cib new conf-glance-api sudo crm configure property stonith-enabled=false sudo crm configure property no-quorum-policy=ignore sudo crm configure primitive p_glance_api ocf:openstack:glance-api params config="/etc/glance/glance-api.conf" os_auth_url="https://localhost:5000/v2.0/" os_password="openstack" os_tenant_name="cookbook" os_username="admin" user="glance" client_binary="/usr/bin/glance" op monitor interval="5s" timeout="5s" sudo crm cib use live sudo crm cib commit conf-glance-api sudo crm cib new conf-glance-registry sudo crm configure property stonith-enabled=false sudo crm configure property no-quorum-policy=ignore sudo crm configure primitive p_glance_registry ocf:openstack:glance-registry params config="/etc/glance/glance-registry.conf" os_auth_url="https://localhost:5000/v2.0/" os_password="openstack" os_tenant_name="cookbook" os_username="admin" user="glance" op monitor interval="5s" timeout="5s" sudo crm cib use live sudo crm cib commit conf-glance-registry
sudo crm_mon -1
This brings back something similar to the following:
Last updated: Sat Aug 24 22:55:25 2013 Last change: Tue Aug 24 21:06:10 2013 via crmd on controller1 Stack: openais Current DC: controller1 - partition with quorum Version: 1.1.6-9971ebba4494012a93c03b40a2c58ec0eb60f50c 2 Nodes configured, 2 expected votes 4 Resources configured. ============ Online: [ controller1 controller2 ] FloatingIP (ocf::heartbeat:IPaddr2): Started controller1 p_keystone (ocf::openstack:keystone):Started controller1 p_glance_api (ocf::openstack:glance_api):Started controller1 p_glance_registry (ocf::openstack:glance_registry):Started controller1
Here are methods of what to do if you receive an error similar to the following error:
Failed actions: p_keystone_monitor_0 (node=ubuntu2, call=3, rc=5, status=complete): not installed
Issue the following to clear the status and then view the status again:
sudo crm_resource -P sudo crm_mon -1
Configuration of Pacemaker is predominantly done with the CRM tool. This allows us to script the configuration, but if invoked on its own, allows us to invoke an interactive shell that we can use to edit, add, and remove services as well as query the status of the cluster.
This is a very powerful tool to control an equally powerful cluster manager. With both nodes running Keystone and Glance, and with Pacemaker and Corosync running and accessible on the floating IP provided by Corosync, we configure Pacemaker to control the running of the Keystone and Glance services by using an OCF agent written specifically for this purpose.
The OCF agent uses a number of parameters that will be familiar to us—whereby they require the same username, password, tenant, and endpoint URL that we would use in a client to access that service.
A timeout of 5 seconds was set up for both the agent and when the floating IP address moves to another host.
After this configuration, we have a Keystone and Glance active/passive configuration as shown in the diagram below:
Stay updated with our newsletter, packed with Tutorials, Interview Questions, How-to's, Tips & Tricks, Latest Trends & Updates, and more ➤ Straight to your inbox!
|OpenStack Training||May 23 to Jun 07|
|OpenStack Training||May 28 to Jun 12|
|OpenStack Training||May 30 to Jun 14|
|OpenStack Training||Jun 04 to Jun 19|
Ravindra Savaram is a Content Lead at Mindmajix.com. His passion lies in writing articles on the most popular IT platforms including Machine learning, DevOps, Data Science, Artificial Intelligence, RPA, Deep Learning, and so on. You can stay up to date on all these technologies by following him on LinkedIn and Twitter.
Copyright © 2013 - 2022 MindMajix Technologies