配额用于对每个 tenants 进行限制, 如浮动 IP, 内存, CPU, 磁盘, 密钥, 安全规则, 云硬盘等
资源管理帮助
[root@station140 ~(keystone_admin)]# nova help | grep quota
quota-class-show List the quotas for a quota class.
quota-class-update Update the quotas for a quota class.
quota-defaults List the default quotas for a tenant.
quota-delete Delete quota for a tenant/user so their quota will
quota-show List the quotas for a tenant/user.
quota-update Update the quotas for a tenant/user.
可管理资源
fixed-ips 每个 project 可用固定 IP 地址, 必须大于等于实例可用的 IP 地址数量
floating-ips 每个 project 可用的浮动 IP 地址
injected-file-content-bytes 添加的文件最大可包含多少 bytes
injected-file-path-bytes 指定的文件目录下最大可包含的文件 bytes
injected-files 每个 project 可以包含的文件数量
instances 每个 project 可包含的最多的 instances 数量
key-pairs 每个用户可用的 key-pairs 的数量
metadata-items 每个实例可拥有的 metadata-items 数量
ram 允许每个 project 中的 instances 可用的 ram (MB) 数量
security-group-rules 可用的安全组规则
security-groups 每个 project 的安全组
cores 每个 project 可用的虚拟 CPU 个数
显示
[root@station140 ~(keystone_admin)]# nova quota-defaults
+-----------------------------+-------+
| Quota | Limit |
+-----------------------------+-------+
| instances | 10 |
| cores | 20 |
| ram | 51200 |
| floating_ips | 10 |
| fixed_ips | -1 |
| metadata_items | 128 |
| injected_files | 5 |
| injected_file_content_bytes | 10240 |
| injected_file_path_bytes | 255 |
| key_pairs | 100 |
| security_groups | 10 |
| security_group_rules | 20 |
+-----------------------------+-------+
[root@station140 ~(keystone_admin)]# nova quota-class-update --instances 20 default
[root@station140 ~(keystone_admin)]# nova quota-defaults
+-----------------------------+-------+
| Quota | Limit |
+-----------------------------+-------+
| instances | 20 |
建议直接通过 horizon 对每个租户进行配额限制, 方便简单, 准确
通过数据库方法对 quota 进行查询会更加准确
表一, 用于查询 内核, 实例, 内存, 安全组资源
mysql> select a.name, b.resource, b.hard_limit from keystone.project a, nova.quotas b where a.enabled=1 and b.deleted=0 and a.id=b.project_id and a.name='admin';
+-------+-----------------------------+------------+
| name | resource | hard_limit |
+-------+-----------------------------+------------+
| admin | cores | 500 |
| admin | injected_files | 50 |
| admin | injected_file_content_bytes | 10240 |
| admin | instances | 200 |
| admin | metadata_items | 128 |
| admin | ram | 1024000 |
| admin | security_groups | 10 |
| admin | security_group_rules | 20 |
+-------+-----------------------------+------------+
8 rows in set (0.00 sec)
表二, 用于查询云盘大小, 云盘快照, 云盘数量配额
mysql> select a.name, b.resource, b.hard_limit from keystone.project a, cinder.quotas b where a.enabled=1 and b.deleted=0 and a.id=b.project_id and a.name='admin';
+-------+-----------+------------+
| name | resource | hard_limit |
+-------+-----------+------------+
| admin | gigabytes | 10000 |
| admin | snapshots | 10 |
| admin | volumes | 100 |
+-------+-----------+------------+
3 rows in set (0.00 sec)
表三, 用于查询对路由, 网络安全策略, 浮动IP, IP 地址的配额限制
mysql> select a.name, b.resource, b.limit from keystone.project a, neutron.quotas b where a.enabled=1 and a.id=b.tenant_id and a.name='QA';
+------+---------------------+-------+
| name | resource | limit |
+------+---------------------+-------+
| QA | router | 1000 |
| QA | security_group_rule | 10000 |
| QA | subnet | 1000 |
| QA | network | 1000 |
| QA | security_group | 1000 |
| QA | floatingip | 5000 |
| QA | port | 8172 |
+------+---------------------+-------+
7 rows in set (0.00 sec)