openstack_配额管理

来源：互联网发布：知乎知名药娘编辑：程序博客网时间：2024/06/02 02:41

openstack_配额管理

官方文档版本日期2015.4，openstack软件版本日期2013.3

1、配额管理

1.1 Set Default Image Quotas

To enable this feature, edit the /etc/glance/glance-api.conf file, and under the [DEFAULT] section, add:
user_storage_quota = <bytes>

For example, to restrict a project's image storage to 5 GB, do this:
user_storage_quota = 5368709120

All projects in your cloud will be able to store only 5 GB of images and snapshots.

1.2 Set Compute Service Quotas

As an administrative user, you can update the Compute Service quotas for an existing tenant, as well as update the quota defaults for a new tenant.

1.2.1 Compute quotas

fixed-ips: Number of fixed IP addresses allowed per tenant. This number must be equal to or greater than the number of allowed instances.
floating-ips: Number of floating IP addresses allowed per tenant.
injected-file-content-bytes: Number of content bytes allowed per injected file.
injected-file-path-bytes: Number of bytes allowed per injected file path.
injected-files: Number of injected files allowed per tenant.
instances: Number of instances allowed per tenant.
key-pairs: Number of key pairs allowed per user.
metadata-items: Number of metadata items allowed per instance.
ram: Megabytes of instance RAM allowed per tenant.
security-group-rules: Number of rules per security group.
security-groups: Number of security groups per tenant.
cores: Number of instance cores allowed per tenant.

1.2.2 查看与更新默认的计算配额

List all default quotas for all tenants, as follows:
$ nova quota-defaults

Update a default value for a new tenant, as follows:
$ nova quota-class-update default key value
For example:
$ nova quota-class-update default instances 15

1.2.3 查看与更新租户的计算配额

Place the tenant ID in a useable variable, as follows:
$ tenant=$(keystone tenant-list | awk '/tenantName/ {print $2}')
List the currently set quota values for a tenant, as follows:
$ nova quota-show --tenant $tenant

Obtain the tenant ID, as follows:
$ tenant=$(keystone tenant-list | awk '/tenantName/ {print $2}')
Update a particular quota value, as follows:
# nova quota-update --quotaName quotaValue tenantID

1.3 Set Object Storage Quotas

To view account quotas placed on a project:
$ swift stat
Account: AUTH_b36ed2d326034beba0a9dd1fb19b70f9
Containers: 0
Objects: 0
Bytes: 0
Meta Quota-Bytes: 214748364800
X-Timestamp: 1351050521.29419
Content-Type: text/plain; charset=utf-8
Accept-Ranges: bytes

To apply or update account quotas on a project:
$ swift post -m quota-bytes:
<bytes>
For example, to place a 5 GB quota on an account:
$ swift post -m quota-bytes:
5368709120
To verify the quota, run the swift stat command again:
$ swift stat
Account: AUTH_b36ed2d326034beba0a9dd1fb19b70f9
Containers: 0
Objects: 0
Bytes: 0
Meta Quota-Bytes: 5368709120
X-Timestamp: 1351541410.38328
Content-Type: text/plain; charset=utf-8
Accept-Ranges: bytes

1.4 Set Block Storage Quotas

Block Storage quotas:
gigabytes: Number of volume gigabytes allowed per tenant
snapshots: Number of Block Storage snapshots allowed per tenant.
volumes: Number of Block Storage volumes allowed per tenant

1.4.1 查看并修改默认的块存储配额

List all default quotas for all tenants, as follows:
$ cinder quota-defaults
For example:
$ cinder quota-defaults
+-----------+-------+
| Property | Value |
+-----------+-------+
| gigabytes | 1000 |
| snapshots |   10 |
| volumes |   10 |
+-----------+-------+

To update a default value for a new tenant, update the property in
the /etc/cinder/cinder.conf file.

1.4.2 查看并修改某租户的块存储配额

View quotas for the tenant, as follows:
# cinder quota-show tenantName
For example:
# cinder quota-show tenant01
+-----------+-------+
| Property | Value |
+-----------+-------+
| gigabytes | 1000 |
| snapshots |   10 |
| volumes   |   10 |
+-----------+-------+

Place the tenant ID in a useable variable, as follows:
$ tenant=$(keystone tenant-list | awk '/tenantName/ {print $2}')
Update a particular quota value, as follows:
# cinder quota-update --quotaName NewValue tenantID

2、测试

2.1 修改计算资源配额

2.1.1 修改默认配额

查看默认配额

root@os-controller:/etc/nova# nova quota-defaults
+-----------------------------+-------+
| Quota                       | Limit |
+-----------------------------+-------+
| instances                   | 5     |
| cores                       | 2     |
| ram                         | 51200 |
| floating_ips                | 10    |
| fixed_ips                   | -1    |
| metadata_items              | 128   |
| injected_files              | 5     |
| injected_file_content_bytes | 10240 |
| injected_file_path_bytes    | 255   |
| key_pairs                   | 2     |
| security_groups             | 10    |
| security_group_rules        | 20    |
+-----------------------------+-------+

修改instance配额为2，ram为4096

root@os-controller:~# nova quota-class-update default --instances 2

root@os-controller:~# nova quota-class-update default --ram 4096

root@os-controller:~# nova quota-defaults
+-----------------------------+-------+
| Quota                       | Limit |
+-----------------------------+-------+
| instances                   | 2     |
| cores                       | 2     |
| ram                         | 4096 |
| floating_ips                | 10    |
| fixed_ips                   | -1    |
| metadata_items              | 128   |
| injected_files              | 5     |
| injected_file_content_bytes | 10240 |
| injected_file_path_bytes    | 255   |
| key_pairs                   | 2     |
| security_groups             | 10    |
| security_group_rules        | 20    |
+-----------------------------+-------+

此时来看看数据库中的相关表

可以看出quotas表存放租户的配额信息，quota_class表存放的是默认的配额信息，quota_usage表存放租户已使用配额的信息。

再次修改一个默认设置injected_files:

root@os-controller:~# nova quota-class-update default --injected_files 2

然后看看表的变化：

quota_classes表中多了一个默认值，而其他表没有任何变化。

另外，在修改某些计算配额默认配置时，会报错：

error: unrecognized arguments: --fixed_ips
error: unrecognized arguments: --injected_file_path_bytes

error: unrecognized arguments: --key_pairs

error: unrecognized arguments: --security_groups

error: unrecognized arguments: --security_group_rules

此时可以查看帮助nova help quota-update，可以看到如下信息：

usage: nova quota-update [--user <user-id>] [--instances <instances>]
[--cores <cores>] [--ram <ram>] [--volumes <volumes>]
[--gigabytes <gigabytes>]
[--floating-ips <floating-ips>]
[--fixed-ips <fixed-ips>]
[--metadata-items <metadata-items>]
[--injected-files <injected-files>]
[--injected-file-content-bytes <injected-file-content-bytes>]
[--injected-file-path-bytes <injected-file-path-bytes>]
[--key-pairs <key-pairs>]
[--security-groups <security-groups>]
[--security-group-rules <security-group-rules>]
[--force]
<tenant-id>

配额名称写法出现了问题。

2.1.2 修改租户配额

查看：

root@os-controller:~# keystone tenant-list
+----------------------------------+-------------+---------+
|                id                |     name    | enabled |
+----------------------------------+-------------+---------+
| 2407967c145040a2bd564a2f206de30b |    admin    |   True |
| 89b3d6c56da74e58b4048ac01446db7b |   service   |   True |
| faca59c23e1b415784fd9a0574dca463 | testproject |   True |
+----------------------------------+-------------+---------+
root@os-controller:~# tenant=$(keystone tenant-list | awk '/testproject/ {print $2}')
root@os-controller:~# nova quota-show --tenant $tenant
+-----------------------------+-------+
| Quota                       | Limit |
+-----------------------------+-------+
| instances                   | 2     |
| cores                       | 1     |
| ram                         | 512   |
| floating_ips                | 10    |
| fixed_ips                   | -1    |
| metadata_items              | 128   |
| injected_files              | 5     |
| injected_file_content_bytes | 10240 |
| injected_file_path_bytes    | 255   |
| key_pairs                   | 2     |
| security_groups             | 10    |
| security_group_rules        | 20    |
+-----------------------------+-------+

验证修改：

root@os-controller:~# nova quota-update --cores 2 $tenant

root@os-controller:~# nova quota-show --tenant $tenant|grep cores
| cores | 2 |

2.2 修改块存储配额

2.2.1 修改默认块存储配额

查看：

root@os-controller:~# cinder quota-defaults anyinput
+-----------+-------+
| Property | Value |
+-----------+-------+
| gigabytes | 1000 |
| snapshots | 10 |
| volumes | 10 |
+-----------+-------+

在cinder数据库中，同样存在quotas，quota_classes，quota_usages三张表。

Empty set (0.00 sec)

修改默认配置：

root@os-controller:~# cinder quota-class-update default --volumes 11

root@os-controller:~# cinder quota-defaults anyinput|grep volumes

| volumes | 11 |

查看表：

2.2.2 修改租户的块存储配额

root@os-controller:~# tenant=$(keystone tenant-list | awk '/testproject/ {print $2}')

root@os-controller:~# cinder quota-show $tenant
+-----------+-------+
| Property | Value |
+-----------+-------+
| gigabytes | 1000 |
| snapshots | 10 |
| volumes | 15 |
+-----------+-------+

root@os-controller:~# cinder quota-update --volumes 11 $tenant

root@os-controller:~# cinder quota-show $tenant|grep volu
| volumes | 11 |

2.3 创建新的租户并查看其配额

root@os-controller:~# cinder quota-show dadd49392dfb4d7fab0a46e199b78a1f
+-----------+-------+
| Property | Value |
+-----------+-------+
| gigabytes | 1000 |
| snapshots | 10 |
| volumes | 11 |
+-----------+-------+

root@os-controller:~# nova quota-show --tenant dadd49392dfb4d7fab0a46e199b78a1f
+-----------------------------+-------+
| Quota                       | Limit |
+-----------------------------+-------+
| instances                   | 2     |
| cores                       | 2     |
| ram                         | 4096 |
| floating_ips                | 10    |
| fixed_ips                   | -1    |
| metadata_items              | 128   |
| injected_files              | 2     |
| injected_file_content_bytes | 10240 |
| injected_file_path_bytes    | 255   |
| key_pairs                   | 2     |
| security_groups             | 10    |
| security_group_rules        | 20    |
+-----------------------------+-------+

新的租户使用了默认配额。

0 0