其他分享
首页 > 其他分享> > Ironic 裸金属(Bare Metal)管理

Ironic 裸金属(Bare Metal)管理

作者:互联网

目录

文章目录

Ironic – Bare Metal Provisioning

Ironic is an OpenStack project which provisions bare metal (as opposed to virtual) machines. It may be used independently or as part of an OpenStack Cloud, and integrates with the OpenStack Identity (keystone), Compute (nova), Network (neutron), Image (glance), and Object (swift) services.
The Bare Metal service manages hardware through both common (eg. PXE and IPMI) and vendor-specific remote management protocols. It provides the cloud operator with a unified interface to a heterogeneous fleet of servers while also providing the Compute service with an interface that allows physical servers to be managed as though they were virtual machines.
官方文档:https://docs.openstack.org/ironic/latest/

Ironic 为 OpenStack 提供裸机(没有安装操作系统的物理服务器)管理服务。Ironic 允许用户像虚拟机一样管理裸金属基础设施,并提供理想的基础设施来托管高性能的云应用程序和架构,包括当下流行的 Kubernetes 等容器编排框架。Ironic 从根本上解决了大规模基础设施的管理问题。特别是,它提供了一种已经过生产验证的裸机硬件全生命周期管理方式。Ironic 为管理裸机实例的云架构师和管理员提供了诸多便利。Ironic 支持整个服务器基础设施生命周期的自动化部署,包括:更新和停止运行。当用做 OpenStack Nova 的驱动程序时,它为终端用户提供了多租户网络的裸金属云基础设施。凭借标准 API、广泛的驱动程序支持和轻量级的空间占用,Ironic 非常适合作为各种裸金属基础设施场景的管理引擎,正如新开发的 Kubernetes 裸机操作所演示的那样,这些功能使 Ironic 适用于从小型边缘部署到大型数据中心的各种用例。

Ironic 与 Nova、Cinder、Neutron 等基础组件协同合作,令部署裸机就像是部署虚拟机一样简单,在 OpenStack 中部署裸机意味着用户可以直接操作硬件设施、部署应用负载(镜像)到真正的物理机器,而不仅只能运行在 Hypervisor 之上。Ironic 主要依赖 PXE 和 IPMI 技术来实现裸机批量部署和系统控制,因此大部分泛式物理服务器型号都可以通过 Ironic 进行系统安装和电源状态管理。对于个别物理服务器型号,可以借助于 Ironic 的可插拔驱动架构快速开发出对应的驱动程序。

在这里插入图片描述

Others

应用场景

简单来说,Ironic 主要解决了两个问题:

  1. 裸金属资源自服务:为用户提供自助式的裸机设备服务
  2. OpenStack 自动化部署:自动发现裸机设备、自动安装操作系统、自动配置基础设施服务

部署方式

架构设计

在这里插入图片描述
在这里插入图片描述

服务进程

内部构件

外围部件

:网络管理可分为带外管理(out-of-band)和带内管理(in-band)两种管理模式。

底层实现支撑

PXE & iPXE

PXE(Preboot Execute Environment,预启动执行环境),采用 C/S 架构,支持终端通过网络从远端服务器下载映像,并由此支持通过网络启动操作系统。在启动过程中,终端要求服务器分配 IP 地址,再用 TFTP(Trivial File Transfer Protocol)或 MTFTP(Multicast Trivial File Transfer Protocol)协议下载一个启动软件包到本机内存中执行,由这个启动软件包完成终端的基本软件设置,从而引导预先安装在服务器中的终端操作系统。iPXE 是 PXE 的扩展版,支持更多的协议,兼容性更好,不挑网卡。支持 HTTP 协议,可以通过 HTTP、ISCSI SAN、FC SAN 等方式启动。iPXE 的官方网站:http://ipxe.org/

PXE 网络装机步骤举例

  1. 终端首先要获取 IP 地址进行网络连接,要求网络中含有 DHCP 服务器。
  2. 终端要获取系统引导文件。
  3. PXE 服务器向 TFTP 服务器告知终端的 IP。
  4. TFTP 服务器将系统引导所需要的文件发送到终端。比如:pxelinux.0(本质是 Grub)、vmlinuz(内核文件),initrd(内存驱动盘)等文件。
  5. 在终端先通过引导 Grub,再加载其余 2 个文件来实现终端的系统引导。
  6. 安装操作系统时可以通过 DNS 服务器反向解析为终端设置 Hostname,如果没有设置,则默认为 localhost.localdomain。
  7. 可以启用 Kickstart 无人值守服务批量部署服务器。

相关协议

IPMI

IPMI(Intelligent Platform Management Interface,智能平台管理接口)是一项应用于服务器带外管理系统设计的标准,通过特有的硬件设备而不是操作系统网络连接来对服务器进行电源的手段。IPMI 能够横跨不同的操作系统、固件和硬件平台,可以智能的监视、控制和上报服务器的运作状况(e.g. 远程开启、关闭电源)以及健康特征(e.g. 温度、电压、风扇工作状态、电源状态等)。IPMI 良好的自治特性克服了以往基于操作系统的管理方式所受的限制,实现了在操作系统不响应或未加载的情况下仍然可以对其进行开关机、信息提取等操作。

IPMI 的核心是 BMC(Baseboard Management Controller ,底板管理控制器),BMC 通常是一个安装在服务器主板上的独立板卡,其不依赖于服务器的处理器、BIOS 或操作系统来工作,可谓非常地独立,是一个单独在系统内运行的无代理管理子系统。BMC 与主板上的不同传感器通信来监视系统是否有严重事件,并在某些参数超出其预置阈值时发出警报和日志事件。所有的 IPMI 功能都是向 BMC 发送命令(IPMI 规范中规定的指令)来完成的,BMC 接收并在系统事件日志中记录事件消息,维护描述系统中传感器情况的传感器数据记录。

当需要对系统文本控制台进行远程访问时,IPMI 的 SOL(Serial Over LAN,LAN 上串口)功能非常关键。SOL 通过将 IPMI 会话重定向到本地串行接口,允许远程访问 Windows 的紧急事件管理控制台(EMS)特殊管理控制台(SAC)或访问 Linux 的串行控制台。BMC 通过在 LAN 上重定向串行端口的信息来做到这点,从而提供了一种与服务器厂商无关的远程查看 OS BootLoader 或紧急管理控制台来诊断和维修故障的标准方式,IPMI 甚至允许在操作系统引导阶段配置各种组件。

BMC 具有以下功能

  1. 通过系统的串行端口进行访问
  2. 故障日志记录和 SNMP 警报发送
  3. 访问系统事件日志和传感器状况
  4. 远程开、关机
  5. 独立于系统电源或工作状态的支持
  6. 用于系统设置、基于文本公用程序和操作系统控制台的文本控制台重定向

ipmitool 操作示例

ipmitool -I lan -H <server_ip> -U root -P passwd chassis bootdev pxe
ipmitool -I lan -H <server_ip> -U root -P passwd chassis bootdev disk
ipmitool -I lan -H <server_ip> -U root -P passwd chassis bootdev cdrom
# 硬关机,直接切断电源
ipmitool -I lan -H <server_ip> -U root -P passwd chassis power off 
# 软关机,即如同轻按一下开机扭
ipmitool -I lan -H <server_ip> -U root -P passwd chassis power soft
# 硬开机
ipmitool -I lan -H <server_ip>-U root -P passwd chassis power on
# 硬重启
ipmitool -I lan -H <server_ip> -U root -P passwd chassis power reset
# power off, wait 1s, power on
ipmitool -I lan -H <server_ip> -U root -P passwd chassis power cycle
# 获取当前电源状态
ipmitool -I lan -H <server_ip> -U root -P passwd chassis power status

使用 Devstack 快速体验 Ironic

官方文档:https://docs.openstack.org/ironic/stein/contributor/dev-quickstart.html#deploying-ironic-with-devstack

下载 Devstack:

git clone https://git.openstack.org/openstack-dev/devstack.git -b stable/stein
sudo ./devstack/tools/create-stack-user.sh
sudo su - stack

配置 local.conf

[[local|localrc]]
HOST_IP=192.168.1.100

# Use TryStack(99cloud) git mirror
GIT_BASE=http://git.trystack.cn
#GIT_BASE=https://git.openstack.org

# Reclone each time
RECLONE=no

# Enable Logging
DEST=/opt/stack
LOGFILE=$DEST/logs/stack.sh.log
VERBOSE=True
LOG_COLOR=True
SCREEN_LOGDIR=$DEST/logs
LOGDAYS=1

# Define images to be automatically downloaded during the DevStack built process.
DOWNLOAD_DEFAULT_IMAGES=False
IMAGE_URLS="http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img"

# use TryStack git mirror
GIT_BASE=http://git.trystack.cn
NOVNC_REPO=http://git.trystack.cn/kanaka/noVNC.git
SPICE_REPO=http://git.trystack.cn/git/spice/sice-html5.git

# Apache Frontend
ENABLE_HTTPD_MOD_WSGI_SERVICES=False

# IP Version
IP_VERSION=4

# Credentials
ADMIN_PASSWORD=password
DATABASE_PASSWORD=password
RABBIT_PASSWORD=password
SERVICE_PASSWORD=password
SERVICE_TOKEN=password
SWIFT_HASH=password
SWIFT_TEMPURL_KEY=password

# Enable Ironic plugin
enable_plugin ironic https://git.openstack.org/openstack/ironic stable/stein

# Disable nova novnc service, ironic does not support it anyway.
disable_service n-novnc

# Enable Swift for the direct deploy interface.
enable_service s-proxy
enable_service s-object
enable_service s-container
enable_service s-account

# Cinder
VOLUME_GROUP_NAME="stack-volumes"
VOLUME_NAME_PREFIX="volume-"
VOLUME_BACKING_FILE_SIZE=100G

# Neutron
ENABLED_SERVICES+=,q-svc,q-agt,q-dhcp,q-l3,q-meta
# By default, DevStack creates a 10.0.0.0/24 network for instances.
# If this overlaps with the hosts network, you may adjust with the
# following.
NETWORK_GATEWAY=10.1.0.1
FIXED_RANGE=10.1.0.0/24
FIXED_NETWORK_SIZE=256

# Swift temp URL's are required for the direct deploy interface
SWIFT_ENABLE_TEMPURLS=True

# Create 3 virtual machines to pose as Ironic's baremetal nodes.
IRONIC_VM_COUNT=3
IRONIC_BAREMETAL_BASIC_OPS=True
DEFAULT_INSTANCE_TYPE=baremetal

# Enable additional hardware types, if needed.
#IRONIC_ENABLED_HARDWARE_TYPES=ipmi,fake-hardware
# Don't forget that many hardware types require enabling of additional
# interfaces, most often power and management:
#IRONIC_ENABLED_MANAGEMENT_INTERFACES=ipmitool,fake
#IRONIC_ENABLED_POWER_INTERFACES=ipmitool,fake
# The 'ipmi' hardware type's default deploy interface is 'iscsi'.
# This would change the default to 'direct':
#IRONIC_DEFAULT_DEPLOY_INTERFACE=direct

# Change this to alter the default driver for nodes created by devstack.
# This driver should be in the enabled list above.
IRONIC_DEPLOY_DRIVER=ipmi

# The parameters below represent the minimum possible values to create
# functional nodes.
IRONIC_VM_SPECS_RAM=1280
IRONIC_VM_SPECS_DISK=10

# Size of the ephemeral partition in GB. Use 0 for no ephemeral partition.
IRONIC_VM_EPHEMERAL_DISK=0

# To build your own IPA ramdisk from source, set this to True
IRONIC_BUILD_DEPLOY_RAMDISK=False

VIRT_DRIVER=ironic

# Log all output to files
LOGFILE=/opt/stack/devstack.log
LOGDIR=/opt/stack/logs
IRONIC_VM_LOG_DIR=/opt/stack/ironic-bm-logs

服务状态检查:

[root@localhost ~]# openstack compute service list
+----+------------------+-----------------------+----------+---------+-------+----------------------------+
| ID | Binary           | Host                  | Zone     | Status  | State | Updated At                 |
+----+------------------+-----------------------+----------+---------+-------+----------------------------+
|  3 | nova-scheduler   | localhost.localdomain | internal | enabled | up    | 2019-05-03T18:56:18.000000 |
|  6 | nova-consoleauth | localhost.localdomain | internal | enabled | up    | 2019-05-03T18:56:22.000000 |
|  7 | nova-conductor   | localhost.localdomain | internal | enabled | up    | 2019-05-03T18:56:14.000000 |
|  1 | nova-conductor   | localhost.localdomain | internal | enabled | up    | 2019-05-03T18:56:15.000000 |
|  3 | nova-compute     | localhost.localdomain | nova     | enabled | up    | 2019-05-03T18:56:18.000000 |
+----+------------------+-----------------------+----------+---------+-------+----------------------------+

[root@localhost ~]# openstack network agent list
+--------------------------------------+--------------------+-----------------------+-------------------+-------+-------+---------------------------+
| ID                                   | Agent Type         | Host                  | Availability Zone | Alive | State | Binary                    |
+--------------------------------------+--------------------+-----------------------+-------------------+-------+-------+---------------------------+
| 52f23bda-a645-4459-bcac-686d98d23345 | Open vSwitch agent | localhost.localdomain | None              | :-)   | UP    | neutron-openvswitch-agent |
| 7113312f-b0b7-4ce8-ab15-428768b30855 | L3 agent           | localhost.localdomain | nova              | :-)   | UP    | neutron-l3-agent          |
| a45fb074-3b24-4b9e-8c8a-43117f6195f2 | Metadata agent     | localhost.localdomain | None              | :-)   | UP    | neutron-metadata-agent    |
| f207648b-03f3-4161-872e-5210f29099c6 | DHCP agent         | localhost.localdomain | nova              | :-)   | UP    | neutron-dhcp-agent        |
+--------------------------------------+--------------------+-----------------------+-------------------+-------+-------+---------------------------+

[root@localhost ~]# openstack volume service list
+------------------+-----------------------------------+------+---------+-------+----------------------------+
| Binary           | Host                              | Zone | Status  | State | Updated At                 |
+------------------+-----------------------------------+------+---------+-------+----------------------------+
| cinder-scheduler | localhost.localdomain             | nova | enabled | up    | 2019-05-03T18:56:54.000000 |
| cinder-volume    | localhost.localdomain@lvmdriver-1 | nova | enabled | up    | 2019-05-03T18:56:53.000000 |
+------------------+-----------------------------------+------+---------+-------+----------------------------+

[root@localhost ~]# openstack baremetal node list
+--------------------------------------+--------+---------------+-------------+--------------------+-------------+
| UUID                                 | Name   | Instance UUID | Power State | Provisioning State | Maintenance |
+--------------------------------------+--------+---------------+-------------+--------------------+-------------+
| adda54fb-1038-4634-8d82-53922e875a1f | node-0 | None          | power off   | available          | False       |
| 6952e923-11ae-4506-b010-fd7a3c4278f5 | node-1 | None          | power off   | available          | False       |
| f3b8fe69-a840-42dd-9cbf-217be8a95431 | node-2 | None          | power off   | available          | False       |
+--------------------------------------+--------+---------------+-------------+--------------------+-------------+

[root@localhost ~]# openstack server create --flavor baremetal --image cirros-0.4.0-x86_64-disk --key-name default --nic net-id=5c86f931-64da-4c69-a0f1-e2da6d9dd082 VM1
+-------------------------------------+-----------------------------------------------------------------+
| Field                               | Value                                                           |
+-------------------------------------+-----------------------------------------------------------------+
| OS-DCF:diskConfig                   | MANUAL                                                          |
| OS-EXT-AZ:availability_zone         |                                                                 |
| OS-EXT-SRV-ATTR:host                | None                                                            |
| OS-EXT-SRV-ATTR:hypervisor_hostname | None                                                            |
| OS-EXT-SRV-ATTR:instance_name       |                                                                 |
| OS-EXT-STS:power_state              | NOSTATE                                                         |
| OS-EXT-STS:task_state               | scheduling                                                      |
| OS-EXT-STS:vm_state                 | building                                                        |
| OS-SRV-USG:launched_at              | None                                                            |
| OS-SRV-USG:terminated_at            | None                                                            |
| accessIPv4                          |                                                                 |
| accessIPv6                          |                                                                 |
| addresses                           |                                                                 |
| adminPass                           | k3TgBf5Xjsqv                                                    |
| config_drive                        |                                                                 |
| created                             | 2019-05-03T20:26:28Z                                            |
| flavor                              | baremetal (8f6fd22b-9bec-4b4d-b427-7c333e47d2c2)                |
| hostId                              |                                                                 |
| id                                  | 70e9f2b1-a292-4e95-90d4-55864bb0a71d                            |
| image                               | cirros-0.4.0-x86_64-disk (4ff12aca-b762-436c-b98c-579ad2a21649) |
| key_name                            | default                                                         |
| name                                | VM1                                                             |
| progress                            | 0                                                               |
| project_id                          | cbf936fc5e9d4cfcaa1dbc06cd9d2e3e                                |
| properties                          |                                                                 |
| security_groups                     | name='default'                                                  |
| status                              | BUILD                                                           |
| updated                             | 2019-05-03T20:26:28Z                                            |
| user_id                             | 405fad83a4b3470faf7d6c616fe9f7f4                                |
| volumes_attached                    |                                                                 |
+-------------------------------------+-----------------------------------------------------------------+

[root@localhost ~]# openstack baremetal node list
+--------------------------------------+--------+--------------------------------------+-------------+--------------------+-------------+
| UUID                                 | Name   | Instance UUID                        | Power State | Provisioning State | Maintenance |
+--------------------------------------+--------+--------------------------------------+-------------+--------------------+-------------+
| adda54fb-1038-4634-8d82-53922e875a1f | node-0 | None                                 | power off   | available          | False       |
| 6952e923-11ae-4506-b010-fd7a3c4278f5 | node-1 | None                                 | power off   | available          | False       |
| f3b8fe69-a840-42dd-9cbf-217be8a95431 | node-2 | 70e9f2b1-a292-4e95-90d4-55864bb0a71d | power off   | deploying          | False       |
+--------------------------------------+--------+--------------------------------------+-------------+--------------------+-------------+

[root@localhost ~]# openstack server list --long
+--------------------------------------+------+--------+------------+-------------+-------------------+--------------------------+--------------------------------------+-------------+--------------------------------------+-------------------+-----------------------+------------+
| ID                                   | Name | Status | Task State | Power State | Networks          | Image Name               | Image ID                             | Flavor Name | Flavor ID                            | Availability Zone | Host                  | Properties |
+--------------------------------------+------+--------+------------+-------------+-------------------+--------------------------+--------------------------------------+-------------+--------------------------------------+-------------------+-----------------------+------------+
| 70e9f2b1-a292-4e95-90d4-55864bb0a71d | VM1  | ACTIVE | None       | Running     | private=10.0.0.40 | cirros-0.4.0-x86_64-disk | 4ff12aca-b762-436c-b98c-579ad2a21649 | baremetal   | 8f6fd22b-9bec-4b4d-b427-7c333e47d2c2 | nova              | localhost.localdomain |            |
+--------------------------------------+------+--------+------------+-------------+-------------------+--------------------------+--------------------------------------+-------------+--------------------------------------+-------------------+-----------------------+------------+

[root@localhost ~]# openstack baremetal node list
+--------------------------------------+--------+--------------------------------------+-------------+--------------------+-------------+
| UUID                                 | Name   | Instance UUID                        | Power State | Provisioning State | Maintenance |
+--------------------------------------+--------+--------------------------------------+-------------+--------------------+-------------+
| adda54fb-1038-4634-8d82-53922e875a1f | node-0 | None                                 | power off   | available          | False       |
| 6952e923-11ae-4506-b010-fd7a3c4278f5 | node-1 | None                                 | power off   | available          | False       |
| f3b8fe69-a840-42dd-9cbf-217be8a95431 | node-2 | 70e9f2b1-a292-4e95-90d4-55864bb0a71d | power on    | deploying          | False       |
+--------------------------------------+--------+--------------------------------------+-------------+--------------------+-------------+

[root@localhost ~]# ssh cirros@10.0.0.40
$

此时 Ironic 作为 OpenStack Nova 驱动存在:

# nova.conf

[DEFAULT]
...
ompute_driver = ironic.IronicDriver

上层资源模型

在这里插入图片描述
• node:裸金属的基础信息。包括 CPU、存储等信息,还包括 Ironic 管理该裸金属所使用的 Driver 类型信息。
• chassis:裸金属模板信息,用于 node 的管理分类。
• port:裸金属网口的基础信息,包括 MAC 地址、LLDP 等信息。
• portgroup:裸金属上联交换机对裸金属网口的端口组配置信息。
• conductor:记录 ironic-conductor 的状态及其支持 Driver 类型的信息。
• volume connector/target:记录裸金属的块设备挂载信息。

参考文章

https://mp.weixin.qq.com/s/mqIGc39nyVVWvzpwAJ9zHA
https://mp.weixin.qq.com/s/eRrvZ7WG3YdkknQ0H2VP4A
https://mp.weixin.qq.com/s/i_wxVyBDPXdJyD_gwVcPGw

标签:power,Metal,ironic,Bare,Ironic,服务器,root,localhost
来源: https://blog.csdn.net/Jmilk/article/details/89709880