配额用于对每个 tenants 进行限制, 如浮动 IP, 内存, CPU, 磁盘, 密钥, 安全规则, 云硬盘等
资源管理帮助
[root@station140 ~(keystone_admin)]# nova help | grep quota
quota-class-show List the quotas for a quota class.
quota-class-update Update the quotas for a quota class.
quota-defaults List the default quotas for a tenant.
quota-delete Delete quota for a tenant/user so their quota will
quota-show List the quotas for a tenant/user.
quota-update Update the quotas for a tenant/user.
可管理资源
fixed-ips 每个 project 可用固定 IP 地址, 必须大于等于实例可用的 IP 地址数量 floating-ips 每个 project 可用的浮动 IP 地址 injected-file-content-bytes 添加的文件最大可包含多少 bytes injected-file-path-bytes 指定的文件目录下最大可包含的文件 bytes injected-files 每个 project 可以包含的文件数量 instances 每个 project 可包含的最多的 instances 数量 key-pairs 每个用户可用的 key-pairs 的数量 metadata-items 每个实例可拥有的 metadata-items 数量 ram 允许每个 project 中的 instances 可用的 ram (MB) 数量 security-group-rules 可用的安全组规则 security-groups 每个 project 的安全组 cores 每个 project 可用的虚拟 CPU 个数
显示
[root@station140 ~(keystone_admin)]# nova quota-defaults +-----------------------------+-------+ | Quota | Limit | +-----------------------------+-------+ | instances | 10 | | cores | 20 | | ram | 51200 | | floating_ips | 10 | | fixed_ips | -1 | | metadata_items | 128 | | injected_files | 5 | | injected_file_content_bytes | 10240 | | injected_file_path_bytes | 255 | | key_pairs | 100 | | security_groups | 10 | | security_group_rules | 20 | +-----------------------------+-------+
更新方法
[root@station140 ~(keystone_admin)]# nova quota-class-update --instances 20 default [root@station140 ~(keystone_admin)]# nova quota-defaults +-----------------------------+-------+ | Quota | Limit | +-----------------------------+-------+ | instances | 20 |
建议直接通过 horizon 对每个租户进行配额限制, 方便简单, 准确
通过数据库方法对 quota 进行查询会更加准确
表一, 用于查询 内核, 实例, 内存, 安全组资源
mysql> select a.name, b.resource, b.hard_limit from keystone.project a, nova.quotas b where a.enabled=1 and b.deleted=0 and a.id=b.project_id and a.name='admin'; +-------+-----------------------------+------------+ | name | resource | hard_limit | +-------+-----------------------------+------------+ | admin | cores | 500 | | admin | injected_files | 50 | | admin | injected_file_content_bytes | 10240 | | admin | instances | 200 | | admin | metadata_items | 128 | | admin | ram | 1024000 | | admin | security_groups | 10 | | admin | security_group_rules | 20 | +-------+-----------------------------+------------+ 8 rows in set (0.00 sec)
表二, 用于查询云盘大小, 云盘快照, 云盘数量配额
mysql> select a.name, b.resource, b.hard_limit from keystone.project a, cinder.quotas b where a.enabled=1 and b.deleted=0 and a.id=b.project_id and a.name='admin'; +-------+-----------+------------+ | name | resource | hard_limit | +-------+-----------+------------+ | admin | gigabytes | 10000 | | admin | snapshots | 10 | | admin | volumes | 100 | +-------+-----------+------------+ 3 rows in set (0.00 sec)
表三, 用于查询对路由, 网络安全策略, 浮动IP, IP 地址的配额限制
mysql> select a.name, b.resource, b.limit from keystone.project a, neutron.quotas b where a.enabled=1 and a.id=b.tenant_id and a.name='QA'; +------+---------------------+-------+ | name | resource | limit | +------+---------------------+-------+ | QA | router | 1000 | | QA | security_group_rule | 10000 | | QA | subnet | 1000 | | QA | network | 1000 | | QA | security_group | 1000 | | QA | floatingip | 5000 | | QA | port | 8172 | +------+---------------------+-------+ 7 rows in set (0.00 sec)
