搜索[伪集群]结果-低调大师优秀个人博客

Openstack HA集群5-Keystone HA

# yum install -y openstack-keystone httpd mod_wsgi # mysql -u root -p -e "CREATE DATABASE keystone " MariaDB [(none)]> CREATE DATABASE keystone; Query OK, 1 row affected (0.03 sec) MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \ IDENTIFIED BY 'zoomtech'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \ -> IDENTIFIED BY 'zoomtech'; Query OK, 0 rows affected (0.01 sec) MariaDB [(none)]> exit Bye [root@controller1 ~]# mysql -uroot -p -e "CREATE DATABASE keystone" [root@controller1 ~]# mysql -uroot -p -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'zoomtech'" [root@controller1 ~]# mysql -uroot -p -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'zoomtech'" [root@controller1 ~]# openssl rand -hex 10 d68d8a32a75bdbfdb004 配置/etc/keystone/keystone.conf文件 [DEFAULT] verbose = true admin_token= 745faaa51f7c62f8a2a7 public_bind_host =192.168.17.132 admin_bind_host =192.168.17.132 bind_host =controller1 [database] connection= mysql+pymysql://keystone:zoomtech@demo.open-stack.cn/keystone [token] provider= keystone.token.providers.uuid.Provider dirver = keystone.token.persistence.backends.memcach.Token caching = true token = keystone.auth.plugins.token.Token [revoke] driver = keystone.contrib.revoke.backends.sql.Revoke [identity] driver = sql #driver = keystone.identity.backends.sql.identity [catalog] driver = sql #driver = keystone.catalog.backends.sql.Catalog [memcache] servers = controller1:11211,controller2:11211,controller3:11211 [root@controller1 ~]# openstack-config --set /etc/keystone/keystone.conf DEFAULT admin_tokend68d8a32a75bdbfdb004 [root@controller1 ~]# openstack-config --set /etc/keystone/keystone.conf database connection mysql+pymysql://keystone:zoomtech@demo.open-stack.cn/keystone [root@controller1 ~]# openstack-config --set /etc/keystone/keystone.conf token provider fernet [root@controller1 ~]# openstack-config --set /etc/keystone/keystone.conf memcache servers controller1:11211,controller2:11211,controller3:11211 [root@controller1 ~]# scp /etc/keystone/keystone.conf controller2:/etc/keystone/ keystone.conf 100% 72KB 71.9KB/s 00:00 [root@controller1 ~]# scp /etc/keystone/keystone.conf controller3:/etc/keystone/ [root@controller2 ~]# vim /etc/keystone/keystone.conf admin_token = 745faaa51f7c62f8a2a7 public_bind_host = 192.168.17.151 bind_host = controller2 admin_bind_host = 192.168.17.151 [root@controller3 ~]# vim /etc/keystone/keystone.conf [default] public_bind_host = 192.168.17.138 bind_host = controller3 admin_bind_host = 192.168.17.138 确认权限 [root@controller1 ~]# ll /etc/keystone/keystone.conf -rw-r----- 1 root keystone 73642 Feb 21 15:42 /etc/keystone/keystone.conf [root@controller1 ~]# chown root:keystone /etc/keystone/keystone.conf [root@controller1 ~]# chmod 640 /etc/keystone/keystone.conf 同步Keystone数据库 [root@controller1 ~]# su -s /bin/sh -c "keystone-manage db_sync" keystone 初始化Fernet keys [root@controller1 ~]# keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone 配置Apache Http服务 1、三个节点配置/etc/httpd/conf/httpd.conf [root@controller1 ~] # vim /etc/httpd/conf/httpd.conf ServerName controller1 Listen 8080 [root@controller2 ~]# vim /etc/httpd/conf/httpd.conf ServerName controller2 Listen 8080 [root@controller3 ~]# vim /etc/httpd/conf/httpd.conf ServerName controller3 Listen 8080 2、[root@controller1 ~]# vim /etc/httpd/conf.d/wsgi-keystone.conf <VirtualHost *:5000> WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP} WSGIProcessGroup keystone-public WSGIScriptAlias / /usr/bin/keystone-wsgi-public WSGIApplicationGroup %{GLOBAL} WSGIPassAuthorization On ErrorLogFormat "%{cu}t %M" ErrorLog /var/log/httpd/keystone-error.log CustomLog /var/log/httpd/keystone-access.log combined <Directory /usr/bin> Require all granted </Directory> </VirtualHost> <VirtualHost *:35357> WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP} WSGIProcessGroup keystone-admin WSGIScriptAlias / /usr/bin/keystone-wsgi-admin WSGIApplicationGroup %{GLOBAL} WSGIPassAuthorization On ErrorLogFormat "%{cu}t %M" ErrorLog /var/log/httpd/keystone-error.log CustomLog /var/log/httpd/keystone-access.log combined <Directory /usr/bin> Require all granted </Directory> </VirtualHost> 将wsgi-keystone.conf复制到 controller2和controller3 3、启动apache # systemctl enable httpd.service # systemctl start httpd.service [root@controller1 ~]# export OS_TOKEN=d68d8a32a75bdbfdb004 [root@controller1 ~]#export OS_URL=http://demo.open-stack.cn:35357/v3 [root@controller1 ~]# export OS_IDENTITY_API_VERSION=3 创建服务实体和身份认证服务： [root@controller1 ~]# openstack service create --name keystone --description "OpenStack Identity" identity +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | OpenStack Identity | | enabled | True | | id | 5fe30200d9464aa384b5ddc1864b0244 | | name | keystone | | type | identity | +-------------+----------------------------------+ error: Unable to establish connection to http://demo.open-stack.cn:35357/v3/services 创建认证服务的 API 端点： [root@controller1 ~]# openstack endpoint create --region RegionOne \ identity public http://demo.open-stack.cn:5000/v3 +--------------+-----------------------------------+ | Field | Value | +--------------+-----------------------------------+ | enabled | True | | id | 527cfe77e4d64668ae4c5a92f5841607 | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | 5fe30200d9464aa384b5ddc1864b0244 | | service_name | keystone | | service_type | identity | | url | http://demo.open-stack.cn:5000/v3 | +--------------+-----------------------------------+ [root@controller1 ~]# openstack endpoint create --region RegionOne identity internal http://demo.open-stack.cn:5000/v3 +--------------+-----------------------------------+ | Field | Value | +--------------+-----------------------------------+ | enabled | True | | id | 9ecf73dab7c9481b9bb6976be271e93c | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | 5fe30200d9464aa384b5ddc1864b0244 | | service_name | keystone | | service_type | identity | | url | http://demo.open-stack.cn:5000/v3 | +--------------+-----------------------------------+ [root@controller1 ~]# openstack endpoint create --region RegionOne identity admin http://demo.open-stack.cn:35357/v3 +--------------+------------------------------------+ | Field | Value | +--------------+------------------------------------+ | enabled | True | | id | 4606f3b199a14167a9ebe76a0bda45f3 | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | 5fe30200d9464aa384b5ddc1864b0244 | | service_name | keystone | | service_type | identity | | url | http://demo.open-stack.cn:35357/v3 | +--------------+------------------------------------+ [root@controller1 ~]# openstack domain create --description "Default Domain" default +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Default Domain | | enabled | True | | id | 6fb0271bda4d459ab05a752b7708dee3 | | name | default | +-------------+----------------------------------+ [root@controller1 ~]# openstack project create --domain default \ --description "Admin Project" admin +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Admin Project | | domain_id | 6fb0271bda4d459ab05a752b7708dee3 | | enabled | True | | id | b81fade4255149c29aa53b87312f60de | | is_domain | False | | name | admin | | parent_id | 6fb0271bda4d459ab05a752b7708dee3 | +-------------+----------------------------------+ [root@controller1 ~]# openstack user create --domain default \ --password-prompt admin User Password: Repeat User Password: +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | 6fb0271bda4d459ab05a752b7708dee3 | | enabled | True | | id | e88caafd2c874b6ab4bc23d8b5fbf422 | | name | admin | +-----------+----------------------------------+ [root@controller1 ~]# openstack role create admin +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | None | | id | cb618462ef4a4479a7c0b611d3ead7ed | | name | admin | +-----------+----------------------------------+ [root@controller1 ~]# openstack role add --project admin --user admin admin 创建Service [root@controller1 ~]# openstack project create --domain default \ --description "Service Project" service +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Service Project | | domain_id | 6fb0271bda4d459ab05a752b7708dee3 | | enabled | True | | id | b581d85c3bd642d88909f36a1ebb6387 | | is_domain | False | | name | service | | parent_id | 6fb0271bda4d459ab05a752b7708dee3 | +-------------+----------------------------------+ 创建``demo`` 项目： [root@controller1 ~]# openstack project create --domain default \ --description "Demo Project" demo +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Demo Project | | domain_id | 6fb0271bda4d459ab05a752b7708dee3 | | enabled | True | | id | da951d38bfd24ecc9d7384d3b8760dd6 | | is_domain | False | | name | demo | | parent_id | 6fb0271bda4d459ab05a752b7708dee3 | +-------------+----------------------------------+ [root@controller1 ~]# openstack user create --domain default \ --password-prompt demo User Password: Repeat User Password: +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | 6fb0271bda4d459ab05a752b7708dee3 | | enabled | True | | id | f113613d853342dba7b9636b571208bf | | name | demo | +-----------+----------------------------------+ 创建user角色： [root@controller1 ~]# openstack role create user +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | None | | id | 1c0bcc0e6ffe46d7b0366ead1d55908f | | name | user | +-----------+----------------------------------+ [root@controller1 ~]# openstack role add --project demo --user demo user 编辑/etc/keystone/keystone-paste.ini文件，从``[pipeline:public_api]``，[pipeline:admin_api]``和``[pipeline:api_v3]``部分删除``admin_token_auth [root@controller1 ~]# vim /etc/keystone/keystone-paste.ini [root@controller1 ~]# [root@controller1 ~]# unset OS_TOKEN OS_URL [root@controller1 ~]# openstack --os-auth-url http://demo.open-stack.cn:35357/v3 --os-project-domain-name default --os-user-domain-name default --os-project-name admin --os-username admin token issue Password: +------------+----------------------------------+ | Field | Value | +------------+----------------------------------+ | expires | 2017-02-22T06:28:10.845869Z | | id | cff141923edc40d69ead04bcde8f01c4 | | project_id | b81fade4255149c29aa53b87312f60de | | user_id | e88caafd2c874b6ab4bc23d8b5fbf422 | +------------+----------------------------------+ [root@controller1 ~]# vim admin-openrc.sh export OS_PROJECT_DOMAIN_NAME=default export OS_USER_DOMAIN_NAME=default export OS_PROJECT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD=zoomtech export OS_AUTH_URL=http://demo.open-stack.cn:35357/v3 export OS_IDENTITY_API_VERSION=3 export OS_IMAGE_API_VERSION=2 [root@controller1 ~]# source admin-openrc.sh [root@controller1 ~]# openstack token issue +------------+----------------------------------+ | Field | Value | +------------+----------------------------------+ | expires | 2017-02-22T06:30:45.484675Z | | id | de745b965ce2466a904f18ce0a187279 | | project_id | b81fade4255149c29aa53b87312f60de | | user_id | e88caafd2c874b6ab4bc23d8b5fbf422 | +------------+----------------------------------+ [root@controller1 ~]# openstack service list +----------------------------------+----------+----------+ | ID | Name | Type | +----------------------------------+----------+----------+ | 5fe30200d9464aa384b5ddc1864b0244 | keystone | identity | +----------------------------------+----------+----------+ 在 Controller2上验证Keystone [root@controller2 ~]# source admin-openrc.sh [root@controller2 ~]# openstack token issue +------------+----------------------------------+ | Field | Value | +------------+----------------------------------+ | expires | 2017-02-22T06:31:51.487910Z | | id | e2ffc4461c604107ac9ba7386d493a09 | | project_id | b81fade4255149c29aa53b87312f60de | | user_id | e88caafd2c874b6ab4bc23d8b5fbf422 | +------------+----------------------------------+ [root@controller2 ~]# openstack service list +----------------------------------+----------+----------+ | ID | Name | Type | +----------------------------------+----------+----------+ | 5fe30200d9464aa384b5ddc1864b0244 | keystone | identity | +----------------------------------+----------+----------+ 在 Controller2上验证Keystone [root@controller3 ~]# source admin-openrc.sh [root@controller3 ~]# openstack token issue +------------+----------------------------------+ | Field | Value | +------------+----------------------------------+ | expires | 2017-02-22T06:32:19.618061Z | | id | 3db2b1cec73d48b496ac8845e0842bea | | project_id | b81fade4255149c29aa53b87312f60de | | user_id | e88caafd2c874b6ab4bc23d8b5fbf422 | +------------+----------------------------------+ [root@controller3 ~]# openstack service list +----------------------------------+----------+----------+ | ID | Name | Type | +----------------------------------+----------+----------+ | 5fe30200d9464aa384b5ddc1864b0244 | keystone | identity | +----------------------------------+----------+----------+ 本文转自 OpenStack2015 博客，原文链接： http://blog.51cto.com/andyliu/1917399如需转载请自行联系原作者

2017-11-15

CentOS7下搭建Kubernetes集群

NTP配置文件在/etc/ntp.conf，可以对NTP服务器进行设置，NTP服务器可访问http://www.pool.ntp.org/zh/查看，pool.ntp.org是一个高可用时间服务器虚拟集群项目

2017-11-15

OpenStack如何实现高可用集群介绍

因此它的集群比较复杂，也有多种选择方式。

2017-11-15

在OpenStack集群中安装Ganglia监控

gmond在每台主机上完成实际意义上的指标数据收集工作，并通过侦听/通告协议和集群内其他节点共享数据。使用gmond，你可以很容易收集很多系统指标数据，如CPU、内存、磁盘、网络和活跃进程的数据等。

2017-11-15

CentOS 集群 ssh 免密码登录配置

更新 Hosts 文件更新集群节点 /etc/hosts 文件，确保所有机器能够通过 hostname 互相访问 2. ssh 初始化配置 [plain]view plain copy #ssh-keygen-trsa-f

2017-11-14

CentOS 集群 NTP 时钟同步配置教程

安装 NTP 软件（集群所有机器） [plain]view plain copy #yum-yinstallntp 2.

2017-11-14

HA高可用集群（双机热备）

我们在提供服务的时候，服务器很有可能会因为种种原因宕机，这就大大降低了用户体验，那么如何能够保证在服务器宕机的情况下依然不影响用户体验呢，这里最常用的方式HA集群，又称为双击热备，它其实也就是基于非常简单的主从架构

2017-11-13

Mysql MHA高可用集群架构

MHA Manager可以单独部署在一台独立的机器上管理多个master-slave集群，也可以部署在一台slave节点上。

2017-11-12

Memcached 集群架构方面的问题

转自：http://kb.cnblogs.com/page/69074/ 集群架构方面的问题 memcached是怎么工作的？

2017-11-12

LVS负载均衡集群架构介绍

这是一个必较重要的问题实际生产环境中某单台服务器已不能负载日常用访问压力时，就需要使用负载均衡，把用户的请求数据分担到（尽可能平均分配）后端所有功能同等的集群的节点上,同样也是为了解决单台服务器故障问题

2017-11-12

基于kubernetes构建Docker集群管理详解

docker 192.168.1.22 kubernetes docker 192.168.1.23 kubernetes docker 在这张系统架构图中，我们把服务分为运行在工作节点上的服务和组成集群级别控制板的服务

2017-11-12

HADOOP之3节点集群

3.节点包括了namenode的高可用，jobtracker的高可用，zookeeper高可用集群（后期更新） 4、3个节点的配置完全相同，只要在master配置完成后SCP到其他2节点上即可链接：

2017-11-12

hadoop+hbase集群错误解决

hadoop启动时会检查数据的完整性，当数据完整性小于设置的值时，会一直处于安全模式。可通过修改hdfs_site.xml中的以下参数来修改该配置该参数默认为0.999f <property> <name>dfs.safemode.threshold.pct</name> <value>0.600f</value> </property> 本文转自 jxzhfei 51CTO博客，原文链接:http://blog.51cto.com/jxzhfei/1619746

2017-11-12

Postgres-XL 集群详细创建步骤

最近公司业务需求，需要使用Postgres-XL 集群，关于这部分知识，网络资料不多。经过一段时间的查询，和各种弯路之后，终于完成安装。将详细步骤完整记录，以备查阅。也希望能帮到需要的人。

2017-11-09

实战mariadb-galera集群架构

galera.cnf配置文件请参考集群成员主机192.168.10.26（node26）的配置文件。

2017-11-09

服务发现之美：Consul集群搭建

以下是consul ui的页面展示： consul ui界面 Consul集群的搭建集群架构示意图： consul cluster架构集群角色上图是一个简单的consul cluster的架构，Consul

2017-11-08

常用集群架构实战练习篇

三、实战keepalived高可用集群解决方案专题三： keepalived是vrrp协议的实现，原生设计目的是为了高可用ipvs服务，keepalived能够配置文件中的定义生成ipvs规则，并能够对各

2017-11-07

lvs+keepalived部署高可用集群

本环境基于centos7部署，基本架构图： client ip:192.168.1.101 lvs1 ip:192.168.1.173 lvs2 ip:192.168.1.110 web1:192.168.1.114 web2:192.168.1.119 VIP: 192.168.1.10 部署流程： lvs1: # yum install ipvsadm # ipvsadm#查看是否输出安装成功 # yum install keepalived # vim /etc/keepalived/keepalived.conf global_defs { notification_email { xxx@qq.com } notification_email_from xxx@qq.com smtp_server smtp.qq.com smtp_connect_timeout 30 router_id LVS1 } vrrp_instance VI_1 { state MASTER interface ens33 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.1.10 } } virtual_server 192.168.1.10 80 { delay_loop 6 lb_algo rr lb_kind DR nat_mask 255.255.255.0 persistence_timeout 50 protocol TCP real_server 192.168.1.114 80 { weight 1 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 192.168.1.119 80 { weight 1 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } # vim /etc/sysctl.conf#开启路由转发 net.ipv4.ip_forward= 1 # sysctl -p # service keepalived start lvs2配置跟lvs大致相同 # vim /etc/keepalived/keepalived.conf state BACKUP #service keepalived start 后端web服务器使用nginx即可浏览器请求http://192.168.1.10 #ipvsadm -l#查看调度信息本文转自小白的希望 51CTO博客，原文链接：http://blog.51cto.com/haoyonghui/1933496，如需转载请自行联系原作者

2017-11-07

hadoop集群默认配置和常用配置

http://www.cnblogs.com/ggjucheng/archive/2012/04/17/2454590.html 本文转自 yntmdr 51CTO博客，原文链接：http://blog.51cto.com/yntmdr/1632868，如需转载请自行联系原作者

2017-11-07

删除恢复Hadoop集群中的DataNode

有时候因为做临时调整可能需要删除hadoop集群中的DataNode，具体方法如下：首先在/etc/hadoop/conf/dfs.exclude 中添加要删除节点的机器名在控制台页面中看见显示了一个

2017-11-03

精选列表

Openstack HA集群5-Keystone HA

CentOS7下搭建Kubernetes集群

OpenStack如何实现高可用集群介绍

在OpenStack集群中安装Ganglia监控

CentOS 集群 ssh 免密码登录配置

CentOS 集群 NTP 时钟同步配置教程

HA高可用集群（双机热备）

Mysql MHA高可用集群架构

Memcached 集群架构方面的问题

LVS负载均衡集群架构介绍

基于kubernetes构建Docker集群管理详解

HADOOP之3节点集群

hadoop+hbase集群错误解决

Postgres-XL 集群详细创建步骤

实战mariadb-galera集群架构

服务发现之美：Consul集群搭建

常用集群架构实战练习篇

lvs+keepalived部署高可用集群

hadoop集群默认配置和常用配置

删除恢复Hadoop集群中的DataNode

资源下载

优质分享App

Nacos

Spring

Rocky Linux

欢迎您来访！