Python中使用urllib2时绑定不同的网卡

因为要没试load balance,找了台多网卡的机器,跑python测试程序,虽然跑了几个client,但发现数据始终是从同一网卡发送出去,导致load balance server始终把数据转发到同一个节点上
如果让python程序收发数据时绑定在指定的网卡上呢?
查了google,SO
终于找到解答方法
只需在urllib2等调用前加以下一段,即可

import socket
true_socket = socket.socket
def bound_socket(*a, **k):
sock = true_socket(*a, **k)
sock.bind(("10.4.10.194", 0))
return sock
socket.socket = bound_socket

 

在centos7上搭建openstack: 3,在Controller Node上安装identity Service

关于 identity service的组成有几个概念需要理解(user, credentials, authentication, token, tenant, service, endpoint, role),如果以后想通过http API来交互openstack的话,这些知识是必需的。

OpenStack Identity concepts – OpenStack Installation Guide for Red Hat Enterprise Linux 7, CentOS 7, and Fedora 20 – juno

User
Digital representation of a person, system, or service who uses OpenStack cloud services. The Identity service validates that incoming requests are made by the user who claims to be making the call. Users have a login and may be assigned tokens to access resources. Users can be directly assigned to a particular tenant and behave as if they are contained in that tenant.

Credentials
Data that confirms the user’s identity. For example: user name and password, user name and API key, or an authentication token provided by the Identity Service.

Authentication
The process of confirming the identity of a user. OpenStack Identity confirms an incoming request by validating a set of credentials supplied by the user.

These credentials are initially a user name and password, or a user name and API key. When user credentials are validated, OpenStack Identity issues an authentication token which the user provides in subsequent requests.

Token
An alpha-numeric string of text used to access OpenStack APIs and resources. A token may be revoked at any time and is valid for a finite duration.

While OpenStack Identity supports token-based authentication in this release, the intention is to support additional protocols in the future. Its main purpose is to be an integration service, and not aspire to be a full-fledged identity store and management solution.

Tenant
A container used to group or isolate resources. Tenants also group or isolate identity objects. Depending on the service operator, a tenant may map to a customer, account, organization, or project.

Service
An OpenStack service, such as Compute (nova), Object Storage (swift), or Image Service (glance). It provides one or more endpoints in which users can access resources and perform operations.

Endpoint
A network-accessible address where you access a service, usually a URL address. If you are using an extension for templates, an endpoint template can be created, which represents the templates of all the consumable services that are available across the regions.

Role
A personality with a defined set of user rights and privileges to perform a specific set of operations.

In the Identity service, a token that is issued to a user includes the list of roles. Services that are being called by that user determine how they interpret the set of roles a user has and to which operations or resources each role grants access.

具体参见:http://docs.openstack.org/juno/install-guide/install/yum/content/keystone-concepts.html

1,创建数据库

mysql -u root -p

进入数据库命令行

创建keystone的database并分配用户及权限:

CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'keystone123';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'keystone123';

2,安装keystone工具包

yum install openstack-keystone python-keystoneclient

3,编辑/etc/keystone/keystone.conf

[DEFAULT]
admin_token = ADMIN_TOKEN      #此处为一个随机字符串建议用 openssl rand -hex 10 生成

[database]
connection = mysql://keystone:keystone123@10.4.10.213/keystone

[token]
provider = keystone.token.providers.uuid.Provider
driver = keystone.token.persistence.backends.sql.Token

4,创建证书密钥以及设置目录权限

keystone-manage pki_setup --keystone-user keystone --keystone-group keystone
chown -R keystone:keystone /var/log/keystone
chown -R keystone:keystone /etc/keystone/ssl
chmod -R o-rwx /etc/keystone/ssl
su -s /bin/sh -c "keystone-manage db_sync" keystone

5,注册service并启动

systemctl enable openstack-keystone.service
systemctl start openstack-keystone.service

6,创建定时任务,用以管理token过期,这边将token的过期时间设为1小时

(crontab -l -u keystone 2>&1 | grep -q token_flush) || echo '@hourly /usr/bin/keystone-manage token_flush >/var/log/keystone/keystone-tokenflush.log 2>&1' >> /var/spool/cron/keystone

到此安装结束,下一章节就是配置了

 

在centos7上搭建openstack: 2,初始化Controller Node

由于只有4个server,且主要用于swift对象存储功能,所以打算server1作为 controller node+network node+compute node, server2,3,4作为对等的object storage node.

1, 准备数据库

  • 安装包,这边openstack已经推荐使用无闭源风险的mariadb而不是mysql,当然你也可以用mysql,其配置和使用方式是一样的
yum install mariadb mariadb-server MySQL-python
  • 编辑/etc/my.cnf
[mysqld]

bind-address = 10.4.10.231
default-storage-engine = innodb
innodb_file_per_table
collation-server = utf8_general_ci
init-connect = 'SET NAMES utf8'
character-set-server = utf8
  • 注册service并启动
systemctl enable mariadb.service
systemctl start mariadb.service
  • 设置root密码
mysql_secure_installation

**注意**,在我们的例子中所有密码都以用户名+123的规则来设置以免忘记

 

 

2,安装消息服务器

openstack官方支持rabbitMQ Qpid和zeroMQ, 我们这边当然使用最流行的rabbitMQ

  • 安装包
yum install rabbitmq-server
  • 注册service并启动
systemctl enable rabbitmq-server.service
systemctl start rabbitmq-server.service
  • 设置rabbitMQ密码
rabbitmqctl change_password guest rabbit123

 

在centos7上搭建openstack: 1,准备环境

今天公司给了个任务,在4台刀片机上搭建一套完整的openstack。这个过程相信是漫长而复杂的,遇到的问题一定也不是一点两点。因此记录下来供以后参考。

1,网络拓扑:

network

 

每台server之间有内部网络在openstack中我们称为internal network以及外部与office机器相联的网络,称为external network.

这边的external network与openstack中的external network是有所区别的,因为我们的openstack只是用于公司内部测试,并不对外开放。

而其实中真正作为external network接入点的是server上的10.4.10.231网卡,其实server之所以配置10.4.10.x网段是为了方便连接

2,OS

每台机器安装centos7 minimal版本,并按图配好网络

3,安装工具包

需安装yum-plugin-priorities epel  rdo (openstack库) 和 openstack-selinuix

yum install yum-plugin-priorities

yum install http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm

yum install http://rdo.fedorapeople.org/openstack-juno/rdo-release-juno.rpm

yum install openstack-selinux

执行yum upgrade 升级系统

这些工具包需要在每台server上都安装,之后的搭建过程中都会用到

 

如此环境就准备完毕了