6.1 KiB
External Ceph
Sometimes it is necessary to connect OpenStack services to an existing Ceph cluster instead of deploying it with Kolla. This can be achieved with only a few configuration steps in Kolla.
Requirements
- An existing installation of Ceph
- Existing Ceph storage pools
- Existing credentials in Ceph for OpenStack services to connect to Ceph (Glance, Cinder, Nova, Gnocchi, Manila)
Refer to http://docs.ceph.com/docs/master/rbd/rbd-openstack/ for details on creating the pool and keyrings with appropriate permissions for each service.
Enabling External Ceph
Using external Ceph with Kolla means not to deploy Ceph via Kolla.
Therefore, disable Ceph deployment in
/etc/kolla/globals.yml
enable_ceph: "no"
There are flags indicating individual services to use ceph or not
which default to the value of enable_ceph
. Those flags now
need to be activated in order to activate external Ceph integration.
This can be done individually per service in
/etc/kolla/globals.yml
:
glance_backend_ceph: "yes"
cinder_backend_ceph: "yes"
nova_backend_ceph: "yes"
gnocchi_backend_storage: "ceph"
enable_manila_backend_cephfs_native: "yes"
The combination of enable_ceph: "no"
and
<service>_backend_ceph: "yes"
triggers the activation
of external ceph mechanism in Kolla.
Edit the Inventory File
When using external Ceph, there may be no nodes defined in the
storage group. This will cause Cinder and related services relying on
this group to fail. In this case, operator should add some nodes to the
storage group, all the nodes where cinder-volume
and
cinder-backup
will run:
[storage]
compute01
Configuring External Ceph
Glance
Configuring Glance for Ceph includes the following steps:
Configure Ceph authentication details in
/etc/kolla/globals.yml
:ceph_glance_keyring
(default:ceph.client.glance.keyring
)ceph_glance_user
(default:glance
)ceph_glance_pool_name
(default:images
)
Copy Ceph configuration file to
/etc/kolla/config/glance/ceph.conf
[global] fsid = 1d89fec3-325a-4963-a950-c4afedd37fe3 mon_initial_members = ceph-0 mon_host = 192.168.0.56 auth_cluster_required = cephx auth_service_required = cephx auth_client_required = cephx
Copy Ceph keyring to
/etc/kolla/config/glance/<ceph_glance_keyring>
Cinder
Configuring Cinder for Ceph includes following steps:
Configure Ceph authentication details in
/etc/kolla/globals.yml
:ceph_cinder_keyring
(default:ceph.client.cinder.keyring
)ceph_cinder_user
(default:cinder
)ceph_cinder_pool_name
(default:volumes
)ceph_cinder_backup_keyring
(default:ceph.client.cinder-backup.keyring
)ceph_cinder_backup_user
(default:cinder-backup
)ceph_cinder_backup_pool_name
(default:backups
)
Copy Ceph configuration file to
/etc/kolla/config/cinder/ceph.conf
Separate configuration options can be configured for cinder-volume and cinder-backup by adding ceph.conf files to
/etc/kolla/config/cinder/cinder-volume
and/etc/kolla/config/cinder/cinder-backup
respectively. They will be merged with/etc/kolla/config/cinder/ceph.conf
.Copy Ceph keyring files to:
/etc/kolla/config/cinder/cinder-volume/<ceph_cinder_keyring>
/etc/kolla/config/cinder/cinder-backup/<ceph_cinder_keyring>
/etc/kolla/config/cinder/cinder-backup/<ceph_cinder_backup_keyring>
Note
cinder-backup
requires two keyrings for accessing
volumes and backup pool.
Nova
Configuring Nova for Ceph includes following steps:
Configure Ceph authentication details in
/etc/kolla/globals.yml
:ceph_cinder_keyring
(default:ceph.client.cinder.keyring
)ceph_nova_keyring
(by default it's the same as ceph_cinder_keyring)ceph_nova_user
(default:nova
)ceph_nova_pool_name
(default:vms
)
Copy Ceph configuration file to
/etc/kolla/config/nova/ceph.conf
Copy Ceph keyring file(s) to:
/etc/kolla/config/nova/<ceph_cinder_keyring>
/etc/kolla/config/nova/<ceph_nova_keyring>
(if your Ceph deployment created one)
Warning
If you are using ceph-ansible or another deployment tool that doesn't create separate key for Nova just copy the Cinder key and configure
ceph_nova_user
to the same value asceph_cinder_user
.
Gnocchi
Configuring Gnocchi for Ceph includes following steps:
- Configure Ceph authentication details in
/etc/kolla/globals.yml
:ceph_gnocchi_keyring
(default:ceph.client.gnocchi.keyring
)ceph_gnocchi_user
(default:gnocchi
)ceph_gnocchi_pool_name
(default:gnocchi
)
- Copy Ceph configuration file to
/etc/kolla/config/gnocchi/ceph.conf
- Copy Ceph keyring to
/etc/kolla/config/gnocchi/<ceph_gnocchi_keyring>
Manila
Configuring Manila for Ceph includes following steps:
Configure CephFS backend by setting
enable_manila_backend_cephfs_native
totrue
Configure Ceph authentication details in
/etc/kolla/globals.yml
:ceph_manila_keyring
(default:ceph.client.manila.keyring
)ceph_manila_user
(default:manila
)
Note
Required Ceph identity caps for manila user are documented in
CephFS Native driver <admin/cephfs_driver.html#authorizing-the-driver-to-communicate-with-ceph>
.Copy Ceph configuration file to
/etc/kolla/config/manila/ceph.conf
Copy Ceph keyring to
/etc/kolla/config/manila/<ceph_manila_keyring>
Setup Manila in the usual way
For more details on the rest of the Manila setup, such as creating
the share type default_share_type
, please see Manila in Kolla <manila-guide>
.
For more details on the CephFS Native driver, please see CephFS Native driver <admin/cephfs_driver.html>
.