背景

这段时间总是被各种申请虚拟机的流程整得昏头黑暗，有时候来一批虚拟机申请，总还是要频繁的去重复一些操作，例如创建虚拟机、数据卷、然后再挂载卷等等。

时间久了总觉得时间被浪费在无意义的事情上不说，数量多了还容易出错。其实很早之前我就在关注HEAT项目，一直没有去研究。项目刚上线的时候，考虑到时间和学习成本就没上HEAT，现在想想自己眼光还是比较局限。

最近听说业内的一个传闻，居然有公司为招聘HEAT工程师，推荐费居然高达2W多。这件事让我感觉挺后悔，还是应该找机会学下。毕竟现在系统已经相对比较稳定，管理成本逐渐变成首要的解决问题。

Heat 是OpenStack项目下的一个模板编排服务。其中包含heat-api和heat-engine两个重要的服务。简单来说heat-api服务接受用户提交的编排模板，验证通过后通过AMQP异步给heat-engine处理。而heat-engine就具体与OpenStack的各个服务交互。

由于heat正好处于对openstack资源的抽象层，所以现在一些新的项目例如Magnum就能更方便的接入进来。

heat在OS中的位置

操作

简单介绍下环境，由于我是在开发环境的AllInOne里创建的，所以相对来说简单点，后面会根据情况推到线上使用。

创建数据库

> CREATE DATABASE heat;

> GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'localhost'  IDENTIFIED BY 'magine';
> GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'%'   IDENTIFIED BY 'magine';

安装包

$ yum install openstack-heat-api openstack-heat-api-cfn openstack-heat-engine
$ yum install python-barbicanclient python-magnumclient python-manilaclient python-mistralclient python-senlinclient python-zaqarclient

Keystoner认证与服务

$ openstack user create --password-prompt heat    #这里设置heat的密码为magine
$ openstack role add --project services --user heat admin
$ openstack role create heat_stack_owner
$ openstack role create heat_stack_user
$ openstack service create --name heat  --description "Orchestration" orchestration
$ openstack service create --name heat-cfn  --description "Orchestration" cloudformation
$ openstack endpoint create  --publicurl http://192.168.68.58:8004/v1/%\(tenant_id\)s  --internalurl http://192.168.68.58:8004/v1/%\(tenant_id\)s  --adminurl http://192.168.68.58:8004/v1/%\(tenant_id\)s  --region RegionOne  orchestration
$ openstack endpoint create  --publicurl http://192.168.68.58:8000/v1  --internalurl http://192.168.68.58:8000/v1  --adminurl http://192.168.68.58:8000/v1  --region RegionOne  cloudformation

Heat配置文件

[DEFAULT]
heat_metadata_server_url = http://192.168.68.58:8000
heat_waitcondition_server_url =  http://192.168.68.58:8000/v1/waitcondition
stack_user_domain_name = heat_user_domain
stack_domain_admin = heat_domain_admin
stack_domain_admin_password = magine
rpc_backend = rabbit
[database]
connection = mysql://heat:magine@192.168.68.58/heat
[keystone_authtoken]
auth_uri = http://192.168.68.58:5000/v2.0
identity_uri = http://192.168.68.58:35357
admin_tenant_name = services
admin_user = heat
admin_password = magine
[ec2authtoken]
auth_uri = http://192.168.68.58:5000/v2.0
[oslo_messaging_rabbit]
rabbit_host = 192.168.68.58
rabbit_port = 5672
rabbit_userid = guest
rabbit_password = guest
[trustee]
auth_type = password
auth_url = http://192.168.68.58:35357
username = heat
password = magine

注册服务

heat-keystone-setup-domain \
--stack-user-domain-name heat_user_domain \
--stack-domain-admin heat_domain_admin \
--stack-domain-admin-password magine

初始化数据库

$ su -s /bin/sh -c "heat-manage db_sync" heat

启动服务

$ systemctl enable openstack-heat-api.service  openstack-heat-api-cfn.service openstack-heat-engine.service
$ systemctl start openstack-heat-api.service openstack-heat-api-cfn.service openstack-heat-engine.service

验证

$ openstack orchestration service list

+--------------------------+-------------+--------------------------------------+--------------------------+--------+----------------------------+--------+
| hostname                 | binary      | engine_id                            | host                     | topic  | updated_at                 | status |
+--------------------------+-------------+--------------------------------------+--------------------------+--------+----------------------------+--------+
| l-192168068058-mitaka.st | heat-engine | 163d6004-18e1-4689-a028-8dd33427bd93 | l-192168068058-mitaka.st | engine | 2017-04-20T09:20:08.000000 | up     |
| l-192168068058-mitaka.st | heat-engine | d50b4666-2853-4697-857d-a68e631a7029 | l-192168068058-mitaka.st | engine | 2017-04-20T09:19:54.000000 | up     |
| l-192168068058-mitaka.st | heat-engine | d29f741e-c571-49bf-894e-185635a07424 | l-192168068058-mitaka.st | engine | 2017-04-20T09:20:08.000000 | up     |
| l-192168068058-mitaka.st | heat-engine | 5007fcb8-fca4-4075-bd21-c3249747ca0b | l-192168068058-mitaka.st | engine | 2017-04-20T09:20:08.000000 | up     |
| l-192168068058-mitaka.st | heat-engine | 0c484b96-70e5-491a-b19e-e9f27d598c40 | l-192168068058-mitaka.st | engine | 2017-04-20T09:19:54.000000 | up     |
| l-192168068058-mitaka.st | heat-engine | e9575f3f-89de-449b-a975-16d8ac166275 | l-192168068058-mitaka.st | engine | 2017-04-20T09:19:54.000000 | up     |
| l-192168068058-mitaka.st | heat-engine | 327c3e1c-6bcb-490f-bc46-18693bb404ac | l-192168068058-mitaka.st | engine | 2017-04-20T09:20:08.000000 | up     |
| l-192168068058-mitaka.st | heat-engine | 4a574d30-44dd-4a12-933a-3fd219f0420f | l-192168068058-mitaka.st | engine | 2017-04-20T09:19:54.000000 | up     |
+--------------------------+-------------+--------------------------------------+--------------------------------+--------+----------------------+--------+

测试

这里简单测试下，用例就用官网提供的编排文件。

demo.yaml

heat_template_version: 2015-10-15
description: Launch a basic instance with Debian image using the
             ``m1.mediumtiny`` flavor``  one network.

parameters:
  NetID:
    type: string
    description: Network ID to use for the instance.

resources:
  server:
    type: OS::Nova::Server
    properties:
      image: Debian-Wheezy-7.11
      flavor: m1.medium
      networks:
      - network: { get_param: NetID }

outputs:
  instance_name:
    description: Name of the instance.
    value: { get_attr: [ server, name ] }
  instance_ip:
    description: IP address of the instance.
    value: { get_attr: [ server, first_address ] }

stack

$ openstack network list
+--------------------------------------+-----------+--------------------------------------+
| ID                                   | Name      | Subnets                              |
+--------------------------------------+-----------+--------------------------------------+
| 163df3b0-13f2-4f2e-8401-e82088e8dc07 | privite01 | 06284618-c1be-497a-80a6-40d143eaacac |
+--------------------------------------+-----------+--------------------------------------+

$ export NET_ID=$(openstack network list | awk '/ privite01 / { print $2 }')

#创建stack
$ openstack stack create -t demo.yaml --parameter "NetID=$NET_ID" stack
+---------------------+-------------------------------------------------------------------------------------+
| Field               | Value                                                                               |
+---------------------+-------------------------------------------------------------------------------------+
| id                  | 5c12fb4d-5a2e-47e9-939a-997fdfec90af                                                |
| stack_name          | stack                                                                               |
| description         | Launch a basic instance with De image using the ``m1.medium`` flavor``one network.  |
| creation_time       | 2017-04-20T08:12:34                                                                 |
| updated_time        | None                                                                                |
| stack_status        | CREATE_IN_PROGRESS                                                                  |
| stack_status_reason | Stack CREATE started                                                                |
+---------------------+-------------------------------------------------------------------------------------+

#查看创建的虚拟机
$ openstack server list
+--------------------------------------+---------------------------+--------+--------------------------+
| ID                                   | Name                      | Status | Networks                 |
+--------------------------------------+---------------------------+--------+--------------------------+
| 44bbb2b4-9df9-4cef-b3f0-bd032d718ee5 | stack-server-dmasib6fne2x | ACTIVE | privite01=192.168.17.252 |
+--------------------------------------+---------------------------+--------+--------------------------+

#删除stack
$ openstack stack delete --yes stack