这篇文章给大家介绍nova创建虚拟机的过程是怎样的,内容非常详细,感兴趣的小伙伴们可以参考借鉴,希望对大家能有所帮助。
1. 初衷
时常被问及“nova创建虚拟机的过程”,虽然大致是知道里面的过程的,但在某些场合之下,说“大致”知道往往决定了一场对话的无疾而终。要把这详细的内容给完整地说出来,有逻辑地说出来,还是需要细细斟酌一番的,那种“大致”的说辞就显得苍白了。毕竟作为从业者,详细地,深入地了解内部的整个过程应该是必须的基本功,这算是初衷吧。
2. 由一条命令引起的风波
nova --debug boot ubuntu_test --flavor 2 \ --image cde1d850-65bb-48f6-8ee9-b990c7ccf158 \ --num-instance 1 \ --nic net-id=cfa25cef-96c3-46f1-8522-d9518eb5a451
这是一条创建虚拟机(实例)的命令,在命令中指定了新实例的名称:ubuntu_test,云主机类型:2,镜像:cde1d850-65bb-48f6-8ee9-b990c7ccf158,数量:1台,指定网络:cfa25cef-96c3-46f1-8522-d9518eb5a451。
这里要说明一下镜像和网络:
命令中的镜像网络通过这两个命令查询而来。
正如所看到的,命令中加了--debug参数,这可以让我们清楚看到在执行这个命令的过程中做了哪些具体操作。
下图就是我们执行创建实例后的过程
这里信息有点多啊,因此只好截了部分的图。详细信息整理后放在下面。并逐一分析。
3. debug输出的主要的请求
这里主要说明下面最重要的四条
3.1. 向keystone取得token
REQ: curl \ -i 'http://ubuntu80:35357/v2.0/tokens' -X POST -H "Accept: application/json" \ -H "Content-Type: application/json" -H "User-Agent: python-novaclient" \ -d '{"auth": {"tenantName": "admin", "passwordCredentials": {"username": "admin", "password": "{SHA1}5705cc2e5fda0ab7529d5093c5e389fffe45d615"}}}'
3.2. 通过nova-api验证镜像
REQ: curl -i 'http://ubuntu80:8774/v2/0e962df9db3f4469b3d9bfbc5ffdaf7e/images/cde1d850-65bb-48f6-8ee9-b990c7ccf158' \ -X GET \ -H "Accept: application/json" \ -H "User-Agent: python-novaclient" \ -H "X-Auth-Project-Id: admin" \ -H "X-Auth-Token: {SHA1}e87219521f61238b143fbb323b962930380ce022"
3.3. 通过nova-api验证云主机类型
REQ: curl -i 'http://ubuntu80:8774/v2/0e962df9db3f4469b3d9bfbc5ffdaf7e/flavors/2' \ -X GET -H "Accept: application/json" -H "User-Agent: python-novaclient" \ -H "X-Auth-Project-Id: admin" \ -H "X-Auth-Token: {SHA1}e87219521f61238b143fbb323b962930380ce022"
3.4. 创建实例
REQ: curl -i 'http://ubuntu80:8774/v2/0e962df9db3f4469b3d9bfbc5ffdaf7e/servers' \ -X POST -H "Accept: application/json" \ -H "Content-Type: application/json" \ -H "User-Agent: python-novaclient" \ -H "X-Auth-Project-Id: admin" \ -H "X-Auth-Token: {SHA1}e87219521f61238b143fbb323b962930380ce022" \ -d '{"server": {"name": "ubuntu_test", "imageRef": "cde1d850-65bb-48f6-8ee9-b990c7ccf158", "flavorRef": "2", "max_count": 1, "min_count": 1, "networks": [{"uuid": "cfa25cef-96c3-46f1-8522-d9518eb5a451"}]}}'
4. 从如何取得token说起
我们都知道35357是keystone的端口,问我为啥知道是keystone,好吧,我是通过端口查到的。
恩,是的,就是keystone,我们回到我们的主题,这里向keystone发送请求的时候,组织了这样的一个数据
{ "auth": { "tenantName": "admin", "passwordCredentials": { "username": "admin", "password": "{SHA1}5705cc2e5fda0ab7529d5093c5e389fffe45d615" } } }
把这个数据发给keystone,目的是为了获取一个token,就是一个钥匙,有了它,我们后面的操作就可以凭借这个钥匙畅通无阻了。那keystone是怎么处理的呢。
找到keystone的源码
看到token了吧,嗯嗯,就在那里面
nano token/controllers.py
找到Auth类的authenticate方法
是不是跟上面给keystone的参数类似。这个方法一切顺利的话,在最后它会返回一个token(钥匙)。
keystone回复的是什么呢。
REQ: curl \ -i 'http://ubuntu80:35357/v2.0/tokens' \ -X POST -H "Accept: application/json" \ -H "Content-Type: application/json" \ -H "User-Agent: python-novaclient" \ -d '{"auth": {"tenantName": "admin", "passwordCredentials": {"username": "admin", "password": "{SHA1}5705cc2e5fda0ab7529d5093c5e389fffe45d615"}}}' INFO (connectionpool:259) Starting new HTTP connection (1): ubuntu80 DEBUG (connectionpool:390) Setting read timeout to 600.0 DEBUG (connectionpool:430) "POST /v2.0/tokens HTTP/1.1" 200 1744 RESP: [200] {'date': 'Mon, 18 Jan 2016 01:58:37 GMT', 'vary': 'X-Auth-Token', 'content-length': '1744', 'content-type': 'application/json', 'x-distribution': 'Ubuntu'} RESP BODY: {"access": {"token": {"issued_at": "2016-01-18T01:58:37.093849", "expires": "2016-01-18T02:58:37Z", "id": "{SHA1}e87219521f61238b143fbb323b962930380ce022", "tenant": {"enabled": true, "description": "Admin Tenant", "name": "admin", "id": "0e962df9db3f4469b3d9bfbc5ffdaf7e"}, "audit_ids": ["RugmwI0_R3ysmpJ3zF8k4Q"]}, "serviceCatalog": [{"endpoints_links": [], "endpoints": [{"adminURL": "http://ubuntu80:9292", "region": "regionOne", "publicURL": "http://ubuntu80:9292", "internalURL": "http://ubuntu80:9292", "id": "4794a2d722ab4f6bbda00d779c1410d1"}], "type": "image", "name": "glance"}, {"endpoints_links": [], "endpoints": [{"adminURL": "http://ubuntu80:8774/v2/0e962df9db3f4469b3d9bfbc5ffdaf7e", "region": "regionOne", "publicURL": "http://ubuntu80:8774/v2/0e962df9db3f4469b3d9bfbc5ffdaf7e", "internalURL": "http://ubuntu80:8774/v2/0e962df9db3f4469b3d9bfbc5ffdaf7e", "id": "a8ccc19100934fc1ae7c899dc5e17bdd"}], "type": "compute", "name": "nova"}, {"endpoints_links": [], "endpoints": [{"adminURL": "http://ubuntu80:9696", "region": "regionOne", "publicURL": "http://ubuntu80:9696", "internalURL": "http://ubuntu80:9696", "id": "656371fd3163415c95ff2fc0facbe5e1"}], "type": "network", "name": "neutron"}, {"endpoints_links": [], "endpoints": [{"adminURL": "http://ubuntu80:35357/v2.0", "region": "regionOne", "publicURL": "http://ubuntu80:5000/v2.0", "internalURL": "http://ubuntu80:5000/v2.0", "id": "4f1d53f12dc6485cb5816c83f68b7053"}], "type": "identity", "name": "keystone"}], "user": {"username": "admin", "roles_links": [], "id": "96a7c834b3f8485c87d79df7b6480c92", "roles": [{"name": "_member_"}, {"name": "admin"}], "name": "admin"}, "metadata": {"is_admin": 0, "roles": ["9fe2ff9ee4384b1894a90878d3e92bab", "fc2574382dd74936b1bc85cc2110c3c2"]}}}
太乱了,整理一下,把回复的json抽出来
{ "access": { "token": { "issued_at": "2016-01-18T01:58:37.093849", "expires": "2016-01-18T02:58:37Z", "id": "{SHA1}e87219521f61238b143fbb323b962930380ce022", "tenant": { "enabled": true, "description": "Admin Tenant", "name": "admin", "id": "0e962df9db3f4469b3d9bfbc5ffdaf7e" }, "audit_ids": [ "RugmwI0_R3ysmpJ3zF8k4Q" ] }, "serviceCatalog": [ { "endpoints_links": [ ], "endpoints": [ { "adminURL": "http://ubuntu80:9292", "region": "regionOne", "publicURL": "http://ubuntu80:9292", "internalURL": "http://ubuntu80:9292", "id": "4794a2d722ab4f6bbda00d779c1410d1" } ], "type": "image", "name": "glance" }, { "endpoints_links": [ ], "endpoints": [ { "adminURL": "http://ubuntu80:8774/v2/0e962df9db3f4469b3d9bfbc5ffdaf7e", "region": "regionOne", "publicURL": "http://ubuntu80:8774/v2/0e962df9db3f4469b3d9bfbc5ffdaf7e", "internalURL": "http://ubuntu80:8774/v2/0e962df9db3f4469b3d9bfbc5ffdaf7e", "id": "a8ccc19100934fc1ae7c899dc5e17bdd" } ], "type": "compute", "name": "nova" }, { "endpoints_links": [ ], "endpoints": [ { "adminURL": "http://ubuntu80:9696", "region": "regionOne", "publicURL": "http://ubuntu80:9696", "internalURL": "http://ubuntu80:9696", "id": "656371fd3163415c95ff2fc0facbe5e1" } ], "type": "network", "name": "neutron" }, { "endpoints_links": [ ], "endpoints": [ { "adminURL": "http://ubuntu80:35357/v2.0", "region": "regionOne", "publicURL": "http://ubuntu80:5000/v2.0", "internalURL": "http://ubuntu80:5000/v2.0", "id": "4f1d53f12dc6485cb5816c83f68b7053" } ], "type": "identity", "name": "keystone" } ], "user": { "username": "admin", "roles_links": [ ], "id": "96a7c834b3f8485c87d79df7b6480c92", "roles": [ { "name": "_member_" }, { "name": "admin" } ], "name": "admin" }, "metadata": { "is_admin": 0, "roles": [ "9fe2ff9ee4384b1894a90878d3e92bab", "fc2574382dd74936b1bc85cc2110c3c2" ] } } }
看到了token中的id({SHA1}e87219521f61238b143fbb323b962930380ce022)。后面的操作都是要带上它。
5. 验证镜像和云主机类型
在第3节中可以看到这两条验证的请求,分别是验证镜像和云主机类型
3.2. 通过nova-api验证镜像
REQ: curl \ -i 'http://ubuntu80:8774/v2/0e962df9db3f4469b3d9bfbc5ffdaf7e/images/cde1d850-65bb-48f6-8ee9-b990c7ccf158' \ -X GET -H "Accept: application/json" \ -H "User-Agent: python-novaclient" \ -H "X-Auth-Project-Id: admin" \ -H "X-Auth-Token: {SHA1}e87219521f61238b143fbb323b962930380ce022"
3.3. 通过nova-api验证云主机类型
REQ: curl \ -i 'http://ubuntu80:8774/v2/0e962df9db3f4469b3d9bfbc5ffdaf7e/flavors/2' \ -X GET \ -H "Accept: application/json" \ -H "User-Agent: python-novaclient" \ -H "X-Auth-Project-Id: admin" \ -H "X-Auth-Token: {SHA1}e87219521f61238b143fbb323b962930380ce022"
这两条请求,是类似的,它们的代码位于nova.api.openstack.compute中的images.py和flavors.py中的Controller。
关于nova创建虚拟机的过程是怎样的就分享到这里了,希望以上内容可以对大家有一定的帮助,可以学到更多知识。如果觉得文章不错,可以把它分享出去让更多的人看到。
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。