Documentation
Rate This Document
Findability
Accuracy
Completeness
Readability
SubmitClose

Configuring the Ceph Environment

Integrate Ceph block storage on OpenStack as the backend storage of Glance and Cinder services. Before integrating Ceph block storage on OpenStack, you need to configure the Ceph environment.

  1. Create a storage pool on the Ceph storage node.
    ceph osd pool create volumes 32 
ceph osd pool create images 32 
ceph osd pool create backups 32 
ceph osd pool create vms 32

    The values following volumes, images, backups, and vms indicate the number of placement groups (PGs). Set them based on your requirements.

  2. View the new storage pool.
    ceph osd pool ls

    The storage pool has been successfully created:

  3. On the Ceph storage node, create keyrings for the cinder, glance, and cinder-backup users so that they can access the Ceph storage pool.
    ceph auth get-or-create client.cinder mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=volumes, allow rwx pool=vms, allow rx pool=images' 
ceph auth get-or-create client.glance mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=images' 
ceph auth get-or-create client.cinder-backup mon 'profile rbd' osd 'profile rbd pool=backups' 
ceph auth get-or-create client.glance | ssh controller tee /etc/ceph/ceph.client.glance.keyring 
ssh controller chown glance:glance /etc/ceph/ceph.client.glance.keyring 
ceph auth get-or-create client.cinder | ssh compute01 tee /etc/ceph/ceph.client.cinder.keyring 
ceph auth get-or-create client.cinder | ssh compute02 tee /etc/ceph/ceph.client.cinder.keyring 
ssh compute01 chown cinder:cinder /etc/ceph/ceph.client.cinder.keyring 
ssh compute02 chown cinder:cinder /etc/ceph/ceph.client.cinder.keyring 
ceph auth get-or-create client.cinder-backup | ssh compute01 tee /etc/ceph/ceph.client.cinder-backup.keyring 
ceph auth get-or-create client.cinder-backup | ssh compute02 tee /etc/ceph/ceph.client.cinder-backup.keyring 
ssh compute01 chown cinder:cinder /etc/ceph/ceph.client.cinder-backup.keyring 
ssh compute02 chown cinder:cinder /etc/ceph/ceph.client.cinder-backup.keyring 
ceph auth get-key client.cinder | ssh compute01 tee client.cinder.key 
ceph auth get-key client.cinder | ssh compute02 tee client.cinder.key

    In the preceding commands, controller, compute01, and compute02 are the host names of the nodes where the Cinder, Glance, and Cinder-backup services are deployed. Set them based on your requirements.

  4. On the OpenStack compute node, add a key to libvirt.
    1. Generate a UUID.
      uuidgen

      Save the UUID generated in the preceding command. You can generate the UUID only on one node and use it on other nodes.

    2. Generate a configuration file in each OpenStack compute node.
      cat > secret.xml <<EOF 
<secret ephemeral='no' private='no'> 
<uuid>UUID</uuid> 
<usage type='ceph'> 
<name>client.cinder secret</name> 
</usage> 
</secret> 
EOF

      Replace UUID in the command with the actual value. The value of UUID in the commands must be the same as that generated in 4.a. Use the same UUID for all compute nodes.

    3. Add a key to libvirt on all OpenStack compute nodes.
      virsh secret-define --file secret.xml 
virsh secret-set-value --secret UUID --base64 $(cat /etc/ceph/ceph.client.cinder.keyring | grep key | awk -F ' ' '{ print $3 }')

      See the expected result. Ignore the error message displayed when adding the key because it does not affect functions.

      Replace UUID in the command with the actual value. The value of UUID in the commands must be the same as that generated in 4.a.