提示:启动libvirtd之前 , 需要先确定对应主机是否启用了kvm模块 , 其次对应主机的cpu是否开启了虚拟化;或者看上面的启动日志里是否有错误 , 没有错误说明libvirtd正常工作;
3、在ceph集群上授权相关用户账号
[root@ceph-admin ~]# ceph auth get-or-create client.libvirt mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=ceph-rbdpool'[client.libvirt]key = AQBIXTxjpeYoAhAAw/ZMROyxd3E0b8i3xlOkgw==[root@ceph-admin ~]# ceph auth get client.libvirtexported keyring for client.libvirt[client.libvirt]key = AQBIXTxjpeYoAhAAw/ZMROyxd3E0b8i3xlOkgw==caps mon = "allow r"caps osd = "allow class-read object_prefix rbd_children, allow rwx pool=ceph-rbdpool"[root@ceph-admin ~]#4、将client.libvirt用户信息导入为libvirtd上的一个secret
4.1、先创建一个xml文件
[root@ceph-admin ~]# cat client.libvirt-secret.xml<secret ephemeral='no' private='no'><usage type='ceph'><name>client.libvirt secret</name></usage></secret>[root@ceph-admin ~]#4.2、用virsh命令创建此secret , 命令会返回创建的secret的UUID
[root@ceph-admin ~]# virsh secret-define --file client.libvirt-secret.xmlSecret 92897e61-5935-43ad-abd6-9f97a5652f05 created[root@ceph-admin ~]#提示:上述步骤是生成一个libvirt在ceph之上用于认证时存储密钥的secret;里面只包含了类型为ceph和secret的说明;
5、将ceph的client.libvirt的密钥导入到刚创建的secret
[root@ceph-admin ~]# virsh secret-set-value --secret 92897e61-5935-43ad-abd6-9f97a5652f05 --base64 $(ceph auth get-key client.libvirt)Secret value set[root@ceph-admin ~]# virsh secret-get-value --secret 92897e61-5935-43ad-abd6-9f97a5652f05AQBIXTxjpeYoAhAAw/ZMROyxd3E0b8i3xlOkgw==[root@ceph-admin ~]# ceph auth print-key client.libvirtAQBIXTxjpeYoAhAAw/ZMROyxd3E0b8i3xlOkgw==[root@ceph-admin ~]#提示:上述步骤是将ceph授权的用户密钥和secret做绑定 , 并生成一个在libvirt中用于在ceph之上认证的screct , 即libvirt拿着这个screct到ceph集群上做认证;这里面就包含cpeh授权的账号密码信息;
6、准备image
[root@ceph-admin ~]# lsCentOS-7-x86_64-Minimal-1708.isoclient.abc.keyringclient.libvirt-secret.xmlceph-deploy-ceph.logclient.admin.cluster.keyringclient.test.keyringcentos7.xmlclient.admin.keyringclient.usera.keyring[root@ceph-admin ~]# rbd ls ceph-rbdpoolimage1testvol01[root@ceph-admin ~]# rbd import ./CentOS-7-x86_64-Minimal-1708.iso ceph-rbdpool/centos7Importing image: 100% complete...done.[root@ceph-admin ~]# rbd ls ceph-rbdpool -lNAMESIZE PARENTFMT PROT LOCKcentos7792 MiB2image15 GiB2test5 GiB ceph-rbdpool/vol01@vol01-snap32vol015 GiB2vol01@vol01-snap35 GiB2 yes[root@ceph-admin ~]#提示:我这里是为了方便测试 , 直接将centos7导入的ceph-rbdpool存储池里;
7、创建VM
[root@ceph-admin ~]# cat centos7.xml<domain type='kvm'><name>centos7</name><memory>131072</memory><currentMemory unit='KiB'>65536</currentMemory><vcpu>1</vcpu><os><type arch='x86_64'>hvm</type></os><clock sync="localtime"/><devices><emulator>/usr/libexec/qemu-kvm</emulator><disk type='network' device='disk'><source protocol='rbd' name='ceph-rbdpool/centos7'><host name='192.168.0.71' port='6789'/></source><auth username='libvirt'><secret type='ceph' uuid='92897e61-5935-43ad-abd6-9f97a5652f05'/></auth><target dev='vda' bus='virtio'/></disk><interface type='network'><mac address='52:54:00:25:c2:45'/><source network='default'/><model type='virtio'/></interface><serial type='pty'><target type='isa-serial' port='0'><model name='isa-serial'/></target></serial><console type='pty'><target type='virtio' port='0'/></console><graphics type='vnc' port='-1' autoport='yes'><listen type='address' address='0.0.0.0'/></graphics></devices></domain>[root@ceph-admin ~]#
经验总结扩展阅读
- 荣耀magic3支持鸿蒙系统吗_荣耀magic3能升级鸿蒙吗
- 微信点餐系统怎么做
- docker搭建yapi接口文档系统、Idea中上传接口、在线调用
- 戴尔电脑如何重装系统
- 大葱过冬的存储方法
- 人体中枢神经系统用来产生能量的营养素是
- 分布式存储系统之Ceph集群CephX认证和授权
- 肾结石有遗传因素吗
- 分布式存储系统之Ceph集群存储池操作
- 阴阳师剧情收录系统有什么功能