12 February 2015 / Cinder

NFS backend for Openstack Glance/Cinder/Instance-store

In this post, let’s go through how to configure NFS as unified storage backend for Openstack Glance, Cinder and shared instance-store, also we look at how it works under the hood.

Setup: 1 controller and 2 compute nodes. Controller acts as a NFS server as well.
OS+Openstack: RHEL7 + Juno

Controller: 192.168.255.1 HPDL36
Compute: 192.168.255.2 HPDL37
Compute: 192.168.255.3 HPDL38

Setup NFS server on controller server

Create 3 folders as shared source for instance-store, glance and cinder, grant enough access right:

mkdir /nfsshare; chmod 777 /nfsshare  
mkdir /nfsshare_glance; chmod 777 /nfsshare_glance  
mkdir /nfsshare_cinder; chmod 777 /nfsshare_cinder

Create /etc/exports

/nfsshare   *(rw,no_root_squash)  
/nfsshare_cinder *(rw,no_root_squash)  
/nfsshare_glance *(rw,no_root_squash)

Start NFS server

systemctl start rpcbind  
systemctl start nfs  
systemctl start nfslock

Setup NFS clients

Glance

Mount NFS share on controller node for glance:

mount HPDL36:/nfsshare_glance /var/lib/glance/images

Nova instance-store

Mount NFS share on 2 compute nodes for shared instance-store

mount HPDL36:/nfsshare /var/lib/nova/instances

Cinder

Cinder-volume service will handle the mounting, we don’t need to do manual mounting here.

Setup Openstack

Since Glance and Nova uses those NFS mounted folder just as local filesystem, default Openstack configuration will work. Only Cinder needs special configs for NFS backend:

Create NFS shares entries into a file `/etc/cinder/nfsshare`

HPDL36:/nfsshare_cinder

Change owership and access right of the file:

chown root:cinder /etc/cinder/nfsshare  
chmod 0640 /etc/cinder/nfsshare

Configure `/etc/cinder.conf`

nfs_shares_config=/etc/cinder/nfsshare  
volume_driver=cinder.volume.drivers.nfs.NfsDriver

Restart cinder services

systemctl restart openstack-cinder-api  
systemctl restart openstack-cinder-scheduler  
systemctl restart openstack-cinder-volume

Check mounted Cinder NFS share

[[email protected] ~(keystone_admin)]# mount | grep cinder  
 HPDL36:/nfsshare_cinder on /var/lib/cinder/mnt/2bc8688d1bab3cab3b9a974b3f99cb82 type nfs4 (rw,relatime,vers=4.1,rsize=1048576,wsize=1048576,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=192.168.255.1,local_lock=none,addr=192.168.255.1)

Testing

Create Glance image

[[email protected] ~(keystone_admin)]# glance image-create –name cirros –disk-format qcow2 –container-format bare –is-public true –file cirros-0.3.1-x86_64-disk.qcow2

We can see the image is created and stored on /var/lib/glance/images

[[email protected] ~(keystone_admin)]# glance image-list  
 +————————————–+——–+————-+——————+———-+——–+  
 | ID                                   | Name   | Disk Format | Container Format | Size     | Status |  
 +————————————–+——–+————-+——————+———-+——–+  
 | d3fd5cb6-1a88-4da8-a0af-d83f7728e76b | cirros | qcow2       | bare             | 13147648 | active |  
 +————————————–+——–+————-+——————+———-+——–+

[[email protected] ~(keystone_admin)]# ls -lah /var/lib/glance/images/  
 total 13M  
 drwxrwxrwx 2 root   root    49 Feb 11 23:29 .  
 drwxr-xr-x 3 glance nobody  19 Feb 11 13:38 ..  
 -rw-r—– 1 glance glance 13M Feb 11 23:29 d3fd5cb6-1a88-4da8-a0af-d83f7728e76b

Launch a VM:

[[email protected] ~(keystone_admin)]# nova boot –flavor m1.tiny –image cirros –nic net-id=8a7032de-e041-4e5b-a282-51534b38b15f testvm

[[email protected] ~(keystone_admin)]# nova list –fields name,status,power_state,host,networks  
 +————————————–+——–+——–+————-+——–+———————+  
 | ID | Name | Status | Power State | Host | Networks |  
 +————————————–+——–+——–+————-+——–+———————+  
 | f17ecb86-04de-44c9-9466-47ff6577b7d8 | testvm | ACTIVE | Running | HPDL37 | network=192.168.0.7 |  
 +————————————–+——–+——–+————-+——–+———————+

From the compute node HPDL37, we could see the VM related files are created under /var/lib/nova/instances

[[email protected] ~]# virsh list  
 setlocale: No such file or directory  
 Id Name State  
 —————————————————-  
 7 instance-0000005d running

[[email protected] ~]# ls -lah /var/lib/nova/instances/  
 total 4.0K  
 drwxrwxrwx 5 root root 129 Feb 11 23:47 .  
 drwxr-xr-x 9 nova nova 93 Feb 11 15:35 ..  
 drwxr-xr-x 2 nova nova 100 Feb 11 23:47 _base  
 -rw-r–r– 1 nova nova 57 Feb 11 23:43 compute_nodes  
 drwxr-xr-x 2 nova nova 69 Feb 11 23:47 f17ecb86-04de-44c9-9466-47ff6577b7d8  
 -rw-r–r– 1 nfsnobody nfsnobody 0 Feb 11 13:22 glance-touch  
 drwxr-xr-x 2 nova nova 143 Feb 11 23:47 locks  
 -rw-r–r– 1 nfsnobody nfsnobody 0 Feb 11 13:42 nova-touch

Live-Migration

Since we have shared instance-store, let’s try a live-migration:

[[email protected] ~(keystone_admin)]# nova live-migration testvm  
 [[email protected] ~(keystone_admin)]# nova list –fields name,status,power_state,host,networks  
 +————————————–+——–+——–+————-+——–+———————+  
 | ID | Name | Status | Power State | Host | Networks |  
 +————————————–+——–+——–+————-+——–+———————+  
 | f17ecb86-04de-44c9-9466-47ff6577b7d8 | testvm | ACTIVE | Running | HPDL38 | network=192.168.0.7 |  
 +————————————–+——–+——–+————-+——–+———————+

It works, now the VM is live-migrated to HPDL38 compute node.

We could do a measurement when the VM has no load, how fast the migration can be. From controller, I ping the VM every 1ms for 10000 times, which last 10000ms (10s), during the ping, I do the live-migration, then we check the result, how many packet lost we get:

[[email protected] ~(keystone_admin)]# ip netns exec qrouter-02ca3bdc-999a-4d3a-8485-c7ffd4600ebc ping 192.168.0.7 -i 0.001 -c 10000 -W 0.001  
 …  
 …  
 — 192.168.0.7 ping statistics —  
 10000 packets transmitted, 9942 received, 0% packet loss, time 10526ms  
 rtt min/avg/max/mdev = 0.113/0.167/1.649/0.040 ms

We lost actually 58 packets, which means basically live-migration takes only 58ms!

Create a Cinder volume

[[email protected] ~(keystone_admin)]# cinder create –display-name 5gb 5  
 [[email protected] ~(keystone_admin)]# cinder list  
 +————————————–+———–+————–+——+————-+———-+————-+  
 | ID | Status | Display Name | Size | Volume Type | Bootable | Attached to |  
 +————————————–+———–+————–+——+————-+———-+————-+  
 | 6e408336-43a8-453a-a5e5-928c12cdd3a1 | available | 5gb | 5 | None | false | |  
 +————————————–+———–+————–+——+————-+———-+————-+  
 [[email protected] ~(keystone_admin)]# ls -lah /var/lib/cinder/mnt/2bc8688d1bab3cab3b9a974b3f99cb82/  
 total 0  
 drwxrwxrwx 2 root root 56 Feb 12 00:16 .  
 drwxr-xr-x 4 cinder cinder 84 Feb 11 16:16 ..  
 -rw-rw-rw- 1 root root 5.0G Feb 12 00:16 volume-6e408336-43a8-453a-a5e5-928c12cdd3a1

We could see the 5GB volume is stored on the mounted Cinder NFS share.

Attach volume to an instance

[[email protected] ~(keystone_admin)]# nova volume-attach testvm 6e408336-43a8-453a-a5e5-928c12cdd3a1  
 +———-+————————————–+  
 | Property | Value |  
 +———-+————————————–+  
 | device | /dev/vdb |  
 | id | 6e408336-43a8-453a-a5e5-928c12cdd3a1 |  
 | serverId | f17ecb86-04de-44c9-9466-47ff6577b7d8 |  
 | volumeId | 6e408336-43a8-453a-a5e5-928c12cdd3a1 |  
 +———-+————————————–+

Let’s check on compute node:

[[email protected] ~]# virsh list  
 setlocale: No such file or directory  
 Id Name State  
 —————————————————-  
 7 instance-0000005d running

[[email protected] ~]# virsh domblklist 7  
 setlocale: No such file or directory  
 Target Source  
 ————————————————  
 vda /var/lib/nova/instances/f17ecb86-04de-44c9-9466-47ff6577b7d8/disk  
 vdb /var/lib/nova/mnt/2bc8688d1bab3cab3b9a974b3f99cb82/volume-6e408336-43a8-453a-a5e5-928c12cdd3a1

We see the VM get the volume attached as vdb, and the source is /var/lib/nova/mnt/2bc8688d1bab3cab3b9a974b3f99cb82/volume-6e408336-43a8-453a-a5e5-928c12cdd3a1, which is actually the volume file on the Cinder NFS share.

[[email protected] ~]# mount |grep cinder  
 HPDL36:/nfsshare_cinder on /var/lib/nova/mnt/2bc8688d1bab3cab3b9a974b3f99cb82 type nfs4 (rw,relatime,vers=4.0,rsize=1048576,wsize=1048576,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=192.168.255.3,local_lock=none,addr=192.168.255.1)

[[email protected] ~]# ls -lah /var/lib/nova/mnt/2bc8688d1bab3cab3b9a974b3f99cb82  
 total 0  
 -rw-rw-rw- 1 qemu qemu 5.0G Feb 12 00:16 volume-6e408336-43a8-453a-a5e5-928c12cdd3a1

So from compute node, it also mount the Cinder NFS share to /var/lib/nova/mnt/2bc8688d1bab3cab3b9a974b3f99cb82 , then directly expose the volume file to KVM.

Now we know how it works, compute node directly mount Cinder NFS share, access the volume file, not like LVM Cinder backend, Cinder-volume service exposes volume via iSCSI target.

Live-migration with a volume attached

Will live-migration working for a VM with a volume attached?

[[email protected] ~(keystone_admin)]# nova live-migration testvm  
 [[email protected] ~(keystone_admin)]# nova list –fields name,status,power_state,host,networks  
 +————————————–+——–+——–+————-+——–+———————+  
 | ID | Name | Status | Power State | Host | Networks |  
 +————————————–+——–+——–+————-+——–+———————+  
 | f17ecb86-04de-44c9-9466-47ff6577b7d8 | testvm | ACTIVE | Running | HPDL37 | network=192.168.0.7 |  
 +————————————–+——–+——–+————-+——–+———————+

The answer is YES!

Let’s check the compute node HPDL37.

[[email protected] ~]# virsh list  
 setlocale: No such file or directory  
 Id Name State  
 —————————————————-  
 11 instance-0000005d running

[[email protected] ~]# virsh domblklist 11  
 setlocale: No such file or directory  
 Target Source  
 ————————————————  
 vda /var/lib/nova/instances/f17ecb86-04de-44c9-9466-47ff6577b7d8/disk  
 vdb /var/lib/nova/mnt/2bc8688d1bab3cab3b9a974b3f99cb82/volume-6e408336-43a8-453a-a5e5-928c12cdd3a1

[[email protected] ~]# mount | grep cinder  
 HPDL36:/nfsshare_cinder on /var/lib/nova/mnt/2bc8688d1bab3cab3b9a974b3f99cb82 type nfs4 (rw,relatime,vers=4.0,rsize=1048576,wsize=1048576,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=192.168.255.2,local_lock=none,addr=192.168.255.1)

[[email protected] ~]# ls -lah /var/lib/nova/mnt/2bc8688d1bab3cab3b9a974b3f99cb82  
 total 0  
 -rw-rw-rw- 1 qemu qemu 5.0G Feb 12 00:16 volume-6e408336-43a8-453a-a5e5-928c12cdd3a1

Advanced Cinder feature testing

Create volume from Glance image

[[email protected] ~(keystone_admin)]# cinder create –image-id d3fd5cb6-1a88-4da8-a0af-d83f7728e76b –display-name vol-from-image 1  
 [[email protected] ~(keystone_admin)]# cinder list  
 +————————————–+———–+—————-+——+————-+———-+————————————–+  
 | ID | Status | Display Name | Size | Volume Type | Bootable | Attached to |  
 +————————————–+———–+—————-+——+————-+———-+————————————–+  
 | 209840f0-0559-4de5-ab64-bd4a8249ffd4 | available | 1gb | 1 | None | false | |  
 | 6e408336-43a8-453a-a5e5-928c12cdd3a1 | in-use | 5gb | 5 | None | false | f17ecb86-04de-44c9-9466-47ff6577b7d8 |  
 | 6fda4ea7-8f97-4c62-8df0-f04a36860d30 | available | vol-from-image | 1 | None | true | |  
 +————————————–+———–+—————-+——+————-+———-+————————————–+  
 [[email protected] ~(keystone_admin)]# ls -lh /var/lib/cinder/mnt/2bc8688d1bab3cab3b9a974b3f99cb82/  
 total 18M  
 -rw-rw-rw- 1 root root 1.0G Feb 12 00:43 volume-209840f0-0559-4de5-ab64-bd4a8249ffd4  
 -rw-rw-rw- 1 qemu qemu 5.0G Feb 12 00:16 volume-6e408336-43a8-453a-a5e5-928c12cdd3a1  
 -rw-rw-rw- 1 root root 1.0G Feb 12 00:45 volume-6fda4ea7-8f97-4c62-8df0-f04a36860d30

Create Glance image from volume

[[email protected] ~(keystone_admin)]# cinder upload-to-image 209840f0-0559-4de5-ab64-bd4a8249ffd4 image-from-vol  
 [[email protected] ~(keystone_admin)]# glance image-list  
 +————————————–+—————-+————-+——————+————+——–+  
 | ID | Name | Disk Format | Container Format | Size | Status |  
 +————————————–+—————-+————-+——————+————+——–+  
 | d3fd5cb6-1a88-4da8-a0af-d83f7728e76b | cirros | qcow2 | bare | 13147648 | active |  
 | 85d4ddb0-6159-40f6-b7ce-653eabea7142 | image-from-vol | raw | bare | 1073741824 | active |  
 +————————————–+—————-+————-+——————+————+——–+  
 [[email protected] ~(keystone_admin)]# ls -lh /var/lib/glance/images/  
 total 1.1G  
 -rw-r—– 1 glance glance 1.0G Feb 12 01:05 85d4ddb0-6159-40f6-b7ce-653eabea7142  
 -rw-r—– 1 glance glance 13M Feb 11 23:29 d3fd5cb6-1a88-4da8-a0af-d83f7728e76b

Boot an instance from a bootable volume

[[email protected] ~(keystone_admin)]# nova boot –flavor m1.small –block-device-mapping vda=6fda4ea7-8f97-4c62-8df0-f04a36860d30:::0 vm-boot-from-vol

[[email protected] ~(keystone_admin)]# nova list –fields name,status,power_state,host,networks  
 +————————————–+——————+——–+————-+——–+———————+  
 | ID | Name | Status | Power State | Host | Networks |  
 +————————————–+——————+——–+————-+——–+———————+  
 | f17ecb86-04de-44c9-9466-47ff6577b7d8 | testvm | ACTIVE | Running | HPDL37 | network=192.168.0.7 |  
 | 01c20971-7876-474c-8a38-93d39b78cc98 | vm-boot-from-vol | ACTIVE | Running | HPDL38 | network=192.168.0.8 |  
 +————————————–+——————+——–+————-+——–+———————+

[[email protected] ~]# virsh list  
 setlocale: No such file or directory  
 Id Name State  
 —————————————————-  
 8 instance-0000005e running

[[email protected] ~]# virsh domblklist 8  
 setlocale: No such file or directory  
 Target Source  
 ————————————————  
 vda /var/lib/nova/mnt/2bc8688d1bab3cab3b9a974b3f99cb82/volume-6fda4ea7-8f97-4c62-8df0-f04a36860d30

Boot an instance from image (by creating new volume)

[[email protected] ~(keystone_admin)]# nova boot –flavor m1.tiny –block-device source=image,id=d3fd5cb6-1a88-4da8-a0af-d83f7728e76b,dest=volume,size=6,shutdown=preserve,bootindex=0 vm-boot-from-image-create-new-vol

[[email protected] ~(keystone_admin)]# nova list –fields name,status,power_state,host,networks  
 +————————————–+———————————–+——–+————-+——–+———————+  
 | ID | Name | Status | Power State | Host | Networks |  
 +————————————–+———————————–+——–+————-+——–+———————+  
 | f17ecb86-04de-44c9-9466-47ff6577b7d8 | testvm | ACTIVE | Running | HPDL37 | network=192.168.0.7 |  
 | 6cacf835-2adb-4730-ac11-cceacf1d0915 | vm-boot-from-image-create-new-vol | ACTIVE | Running | HPDL38 | network=192.168.0.9 |  
 | 01c20971-7876-474c-8a38-93d39b78cc98 | vm-boot-from-vol | ACTIVE | Running | HPDL37 | network=192.168.0.8 |  
 +————————————–+———————————–+——–+————-+——–+———————+

[[email protected]HPDL36 ~(keystone_admin)]# cinder list  
 +————————————–+———–+—————-+——+————-+———-+————————————–+  
 | ID | Status | Display Name | Size | Volume Type | Bootable | Attached to |  
 +————————————–+———–+—————-+——+————-+———-+————————————–+  
 | 209840f0-0559-4de5-ab64-bd4a8249ffd4 | available | 1gb | 1 | None | false | |  
 | 6e408336-43a8-453a-a5e5-928c12cdd3a1 | in-use | 5gb | 5 | None | false | f17ecb86-04de-44c9-9466-47ff6577b7d8 |  
 | 6fda4ea7-8f97-4c62-8df0-f04a36860d30 | in-use | vol-from-image | 1 | None | true | 01c20971-7876-474c-8a38-93d39b78cc98 |  
 | 7d8a4fc5-5f75-4273-a2ac-3e36521be37c | in-use | | 6 | None | true | 6cacf835-2adb-4730-ac11-cceacf1d0915 |  
 +————————————–+———–+—————-+——+————-+———-+————————————–+

[[email protected] ~]# virsh list  
 setlocale: No such file or directory  
 Id Name State  
 —————————————————-  
 9 instance-0000005f running

[[email protected] ~]# virsh domblklist 9  
 setlocale: No such file or directory  
 Target Source  
 ————————————————  
 vda /var/lib/nova/mnt/2bc8688d1bab3cab3b9a974b3f99cb82/volume-7d8a4fc5-5f75-4273-a2ac-3e36521be37c

Volume snapshot related features

Not supported at the moment, coming from Kilo: https://blueprints.launchpad.net/cinder/+spec/nfs-snapshots

Volume clone

Not supported at the moment

NFS backend for Openstack Glance/Cinder/Instance-store

Setup NFS server on controller server

Create 3 folders as shared source for instance-store, glance and cinder, grant enough access right:

Create /etc/exports

Start NFS server

Setup NFS clients

Glance

Nova instance-store

Cinder

Setup Openstack

Create NFS shares entries into a file `/etc/cinder/nfsshare`

Change owership and access right of the file:

Configure `/etc/cinder.conf`

Restart cinder services

Check mounted Cinder NFS share

Testing

Create Glance image

Launch a VM:

Live-Migration

Create a Cinder volume

Attach volume to an instance

Live-migration with a volume attached

Advanced Cinder feature testing

Create volume from Glance image

Create Glance image from volume

Boot an instance from a bootable volume

Boot an instance from image (by creating new volume)

Volume snapshot related features

Volume clone

How L3 and DHCP agents HA work in Red Hat OSP7

Building redundant and distributed L3 network in Juno

Setup NFS server on controller server

Create 3 folders as shared source for instance-store, glance and cinder, grant enough access right:

Create /etc/exports

Start NFS server

Setup NFS clients

Glance

Nova instance-store

Cinder

Setup Openstack

Create NFS shares entries into a file /etc/cinder/nfsshare

Change owership and access right of the file:

Configure /etc/cinder.conf

Restart cinder services

Check mounted Cinder NFS share

Testing

Create Glance image

Launch a VM:

Live-Migration

Create a Cinder volume

Attach volume to an instance

Live-migration with a volume attached

Advanced Cinder feature testing

Create volume from Glance image

Create Glance image from volume

Boot an instance from a bootable volume

Boot an instance from image (by creating new volume)

Volume snapshot related features

Volume clone

Create NFS shares entries into a file `/etc/cinder/nfsshare`

Configure `/etc/cinder.conf`