背景

這段時間總是被各種申請虛擬機的流程整得昏頭黑暗，有時候來一批虛擬機申請，總還是要頻繁的去重復一些操作，例如創建虛擬機、數據卷、然后再掛載卷等等。

時間久了總覺得時間被浪費在無意義的事情上不說，數量多了還容易出錯。其實很早之前我就在關注HEAT項目，一直沒有去研究。項目剛上線的時候，考慮到時間和學習成本就沒上HEAT，現在想想自己眼光還是比較局限。

最近聽說業內的一個傳聞，居然有公司為招聘HEAT工程師，推薦費居然高達2W多。這件事讓我感覺挺后悔，還是應該找機會學下。畢竟現在系統已經相對比較穩定，管理成本逐漸變成首要的解決問題。

Heat 是OpenStack項目下的一個模板編排服務。其中包含heat-api和heat-engine兩個重要的服務。簡單來說heat-api服務接受用戶提交的編排模板，驗證通過后通過AMQP異步給heat-engine處理。而heat-engine就具體與OpenStack的各個服務交互。

由于heat正好處于對openstack資源的抽象層，所以現在一些新的項目例如Magnum就能更方便的接入進來。

heat在OS中的位置

操作

簡單介紹下環境，由于我是在開發環境的AllInOne里創建的，所以相對來說簡單點，后面會根據情況推到線上使用。

創建數據庫

> CREATE DATABASE heat;

> GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'localhost'  IDENTIFIED BY 'magine';
> GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'%'   IDENTIFIED BY 'magine';

安裝包

$ yum install openstack-heat-api openstack-heat-api-cfn openstack-heat-engine
$ yum install python-barbicanclient python-magnumclient python-manilaclient python-mistralclient python-senlinclient python-zaqarclient

Keystoner認證與服務

$ openstack user create --password-prompt heat    #這里設置heat的密碼為magine
$ openstack role add --project services --user heat admin
$ openstack role create heat_stack_owner
$ openstack role create heat_stack_user
$ openstack service create --name heat  --description "Orchestration" orchestration
$ openstack service create --name heat-cfn  --description "Orchestration" cloudformation
$ openstack endpoint create  --publicurl http://192.168.68.58:8004/v1/%\(tenant_id\)s  --internalurl http://192.168.68.58:8004/v1/%\(tenant_id\)s  --adminurl http://192.168.68.58:8004/v1/%\(tenant_id\)s  --region RegionOne  orchestration
$ openstack endpoint create  --publicurl http://192.168.68.58:8000/v1  --internalurl http://192.168.68.58:8000/v1  --adminurl http://192.168.68.58:8000/v1  --region RegionOne  cloudformation

Heat配置文件

[DEFAULT]
heat_metadata_server_url = http://192.168.68.58:8000
heat_waitcondition_server_url =  http://192.168.68.58:8000/v1/waitcondition
stack_user_domain_name = heat_user_domain
stack_domain_admin = heat_domain_admin
stack_domain_admin_password = magine
rpc_backend = rabbit
[database]
connection = mysql://heat:magine@192.168.68.58/heat
[keystone_authtoken]
auth_uri = http://192.168.68.58:5000/v2.0
identity_uri = http://192.168.68.58:35357
admin_tenant_name = services
admin_user = heat
admin_password = magine
[ec2authtoken]
auth_uri = http://192.168.68.58:5000/v2.0
[oslo_messaging_rabbit]
rabbit_host = 192.168.68.58
rabbit_port = 5672
rabbit_userid = guest
rabbit_password = guest
[trustee]
auth_type = password
auth_url = http://192.168.68.58:35357
username = heat
password = magine

注冊服務

heat-keystone-setup-domain \
--stack-user-domain-name heat_user_domain \
--stack-domain-admin heat_domain_admin \
--stack-domain-admin-password magine

初始化數據庫

$ su -s /bin/sh -c "heat-manage db_sync" heat

啟動服務

$ systemctl enable openstack-heat-api.service  openstack-heat-api-cfn.service openstack-heat-engine.service
$ systemctl start openstack-heat-api.service openstack-heat-api-cfn.service openstack-heat-engine.service

驗證

$ openstack orchestration service list

+--------------------------+-------------+--------------------------------------+--------------------------+--------+----------------------------+--------+
| hostname                 | binary      | engine_id                            | host                     | topic  | updated_at                 | status |
+--------------------------+-------------+--------------------------------------+--------------------------+--------+----------------------------+--------+
| l-192168068058-mitaka.st | heat-engine | 163d6004-18e1-4689-a028-8dd33427bd93 | l-192168068058-mitaka.st | engine | 2017-04-20T09:20:08.000000 | up     |
| l-192168068058-mitaka.st | heat-engine | d50b4666-2853-4697-857d-a68e631a7029 | l-192168068058-mitaka.st | engine | 2017-04-20T09:19:54.000000 | up     |
| l-192168068058-mitaka.st | heat-engine | d29f741e-c571-49bf-894e-185635a07424 | l-192168068058-mitaka.st | engine | 2017-04-20T09:20:08.000000 | up     |
| l-192168068058-mitaka.st | heat-engine | 5007fcb8-fca4-4075-bd21-c3249747ca0b | l-192168068058-mitaka.st | engine | 2017-04-20T09:20:08.000000 | up     |
| l-192168068058-mitaka.st | heat-engine | 0c484b96-70e5-491a-b19e-e9f27d598c40 | l-192168068058-mitaka.st | engine | 2017-04-20T09:19:54.000000 | up     |
| l-192168068058-mitaka.st | heat-engine | e9575f3f-89de-449b-a975-16d8ac166275 | l-192168068058-mitaka.st | engine | 2017-04-20T09:19:54.000000 | up     |
| l-192168068058-mitaka.st | heat-engine | 327c3e1c-6bcb-490f-bc46-18693bb404ac | l-192168068058-mitaka.st | engine | 2017-04-20T09:20:08.000000 | up     |
| l-192168068058-mitaka.st | heat-engine | 4a574d30-44dd-4a12-933a-3fd219f0420f | l-192168068058-mitaka.st | engine | 2017-04-20T09:19:54.000000 | up     |
+--------------------------+-------------+--------------------------------------+--------------------------------+--------+----------------------+--------+

測試

這里簡單測試下，用例就用官網提供的編排文件。

demo.yaml

heat_template_version: 2015-10-15
description: Launch a basic instance with Debian image using the
             ``m1.mediumtiny`` flavor``  one network.

parameters:
  NetID:
    type: string
    description: Network ID to use for the instance.

resources:
  server:
    type: OS::Nova::Server
    properties:
      image: Debian-Wheezy-7.11
      flavor: m1.medium
      networks:
      - network: { get_param: NetID }

outputs:
  instance_name:
    description: Name of the instance.
    value: { get_attr: [ server, name ] }
  instance_ip:
    description: IP address of the instance.
    value: { get_attr: [ server, first_address ] }

stack

$ openstack network list
+--------------------------------------+-----------+--------------------------------------+
| ID                                   | Name      | Subnets                              |
+--------------------------------------+-----------+--------------------------------------+
| 163df3b0-13f2-4f2e-8401-e82088e8dc07 | privite01 | 06284618-c1be-497a-80a6-40d143eaacac |
+--------------------------------------+-----------+--------------------------------------+

$ export NET_ID=$(openstack network list | awk '/ privite01 / { print $2 }')

#創建stack
$ openstack stack create -t demo.yaml --parameter "NetID=$NET_ID" stack
+---------------------+-------------------------------------------------------------------------------------+
| Field               | Value                                                                               |
+---------------------+-------------------------------------------------------------------------------------+
| id                  | 5c12fb4d-5a2e-47e9-939a-997fdfec90af                                                |
| stack_name          | stack                                                                               |
| description         | Launch a basic instance with De image using the ``m1.medium`` flavor``one network.  |
| creation_time       | 2017-04-20T08:12:34                                                                 |
| updated_time        | None                                                                                |
| stack_status        | CREATE_IN_PROGRESS                                                                  |
| stack_status_reason | Stack CREATE started                                                                |
+---------------------+-------------------------------------------------------------------------------------+

#查看創建的虛擬機
$ openstack server list
+--------------------------------------+---------------------------+--------+--------------------------+
| ID                                   | Name                      | Status | Networks                 |
+--------------------------------------+---------------------------+--------+--------------------------+
| 44bbb2b4-9df9-4cef-b3f0-bd032d718ee5 | stack-server-dmasib6fne2x | ACTIVE | privite01=192.168.17.252 |
+--------------------------------------+---------------------------+--------+--------------------------+

#刪除stack
$ openstack stack delete --yes stack