charm-cinder/README.md
Trent Lloyd 388e96c444 Add identity-credentials relation support
Implement support for the identity-credentials relation as an
alternative way to get keystone credentials when we are not registering
a service endpoint via the identity-service relation.

This solves an issue where the image volume cache does not work when the
cinder volume service is deployed as a second cinder application
('cinder-volume') having enabled-services=volume set.

Previously the following items were missing from cinder.conf:
cinder_internal_tenant_project_id
cinder_internal_tenant_user_id

Resulting in the image cache not functioning with the following warnings:
Unable to get internal tenant context: Missing required config
parameters.
Unable to get Cinder internal context, will not use image-volume cache.

As there are now two possible interfaces to keystone ('identity-service'
and 'identity-credentials') any existing bundles that don't specify the
interface 'identity-service' when relating to keystone will fail to
deploy and will need to be updated.

Closes-Bug: #1978452
Change-Id: Ieef500c9c55eb3968b3e2e231a8ff6e2a5ec148d
(cherry picked from commit ba8d8fc3e1)
2023-01-25 11:25:22 +08:00

191 lines
7.5 KiB
Markdown

# Overview
The cinder charm deploys [Cinder][upstream-cinder], the Block Storage (volume)
service for OpenStack. The charm works alongside other Juju-deployed OpenStack
services.
# Usage
## Configuration
To display all configuration option information run `juju config
<application>`. If the application is not deployed then see the charm's
[Configure tab][cinder-configure] in the Charmhub. Finally, the [Juju
documentation][juju-docs-config-apps] provides general guidance on configuring
applications.
## Deployment
The cinder application requires the following applications to be present:
keystone, nova-cloud-controller, nova-compute, rabbitmq-server, and a cloud
database.
The database application is determined by the series. Prior to focal
[percona-cluster][percona-cluster-charm] is used, otherwise it is
[mysql-innodb-cluster][mysql-innodb-cluster-charm]. In the example deployment
below mysql-innodb-cluster has been chosen.
Deploy Cinder itself (here, to a container on machine '1'), add relations to
the core cloud applications, and then connect it to the cloud database:
juju deploy --to lxd:1 --config cinder.yaml cinder
juju add-relation cinder:identity-service keystone:identity-service
juju add-relation cinder:cinder-volume-service nova-cloud-controller:cinder-volume-service
juju add-relation cinder:amqp rabbitmq-server:amqp
juju deploy mysql-router cinder-mysql-router
juju add-relation cinder-mysql-router:db-router mysql-innodb-cluster:db-router
juju add-relation cinder-mysql-router:shared-db cinder:shared-db
Multiple backend storage solutions are described next.
### Ceph-backed storage
Cinder can be backed by Ceph, which is the recommended storage method for
production Cinder deployments. This functionality is provided by the
[cinder-ceph][cinder-ceph-charm] subordinate charm.
### LVM-backed storage
Cinder can be backed by storage local to the cinder unit, where local block
devices are used as LVM physical volumes, and volumes are offered via iSCSI.
This functionality is provided by the [cinder-lvm][cinder-lvm-charm]
subordinate charm.
> **Note**: Built-in support for LVM in the cinder charm is deprecated.
### NetApp-backed storage
Cinder can be backed by a NetApp appliance local to the cinder unit, where
volumes are offered via iSCSI or NFS. This functionality is provided by the
[cinder-netapp][cinder-netapp-charm] subordinate charm.
### Pure Storage-backed storage
Cinder can be backed by a Pure Storage appliance reachable by its API endpoint.
This functionality is provided by the
[cinder-purestorage][cinder-purestorage-charm] subordinate charm.
## Separate Volume Service
For certain operations when an instance is not involved, the cinder application
will connect directly to the storage for operations such as cloning a volume
from a glance image. You can deploy a second cinder application for the volume
service only where the primary cinder application cannot connect to this
storage. This may be required for iSCSI connections because LXD containers
cannot create iSCSI connections or where you need a physical Fibre Channel
connection. This is not required for Ceph deployments which use userspace RBD
tools.
1. Deploy cinder with enabled-services=api,scheduler
2. Deploy a second application of cinder named 'cinder-volume' with
enabled-services=volume
3. Relate the storage subordinate (e.g. cinder-purestorage) to the
cinder-volume application only (not to the 'cinder' application)
4. Keystone should be related to cinder:identity-__service__ but
cinder-volume:identity-__credentials__
The primary cinder application gets keystone credentials when registering a
service endpoint via the identity-service relation. The cinder-volume
application does not register a service, so we need to relate
identity-credentials instead. The image volume cache will not work without
this relation.
5. Both cinder and cinder-volume should otherwise have the same relations
## High availability
This charm supports high availability via HAcluster.
When more than one unit is deployed with the [hacluster][hacluster-charm]
application the charm will bring up an HA active/active cluster.
## Network spaces
This charm supports the use of Juju [network spaces][juju-docs-spaces] (Juju
`v.2.0`). This feature optionally allows specific types of the application's
network traffic to be bound to subnets that the underlying hardware is
connected to.
> **Note**: Spaces must be configured in the backing cloud prior to deployment.
API endpoints can be bound to distinct network spaces supporting the network
separation of public, internal, and admin endpoints.
Access to the underlying MySQL instance can also be bound to a specific space
using the shared-db relation.
For example, providing that spaces 'public-space', 'internal-space', and
'admin-space' exist, the deploy command above could look like this:
juju deploy --config cinder.yaml cinder \
--bind "public=public-space internal=internal-space admin=admin-space shared-db=internal-space"
Alternatively, configuration can be provided as part of a bundle:
```yaml
cinder:
charm: cs:cinder
num_units: 1
bindings:
public: public-space
internal: internal-space
admin: admin-space
shared-db: internal-space
```
> **Note**: Existing cinder units configured with the `os-admin-network`,
`os-internal-network`, or `os-public-network` options will continue to honour
them. Furthermore, these options override any space bindings, if set.
## Actions
This charm supports actions.
[Actions][juju-docs-actions] allow specific operations to be performed on a
per-unit basis. To display actions and their descriptions run `juju actions
--schema <application>`. If the application is not deployed then see the
charm's [Actions tab][cinder-actions] in the Charmhub.
## Policy overrides
This charm supports the policy overrides feature.
Policy overrides allow an operator to override the default policy of an
OpenStack service. See [Policy overrides][cg-policy-overrides] for more
information on this feature.
# Documentation
The OpenStack Charms project maintains two documentation guides:
* [OpenStack Charm Guide][cg]: the primary source of information for
OpenStack charms
* [OpenStack Charms Deployment Guide][cdg]: a step-by-step guide for
deploying OpenStack with charms
# Bugs
Please report bugs on [Launchpad][cinder-filebug].
<!-- LINKS -->
[cg]: https://docs.openstack.org/charm-guide
[cdg]: https://docs.openstack.org/project-deploy-guide/charm-deployment-guide
[cg-policy-overrides]: https://docs.openstack.org/charm-guide/latest/admin/policy-overrides.html
[juju-docs-spaces]: https://juju.is/docs/olm/network-spaces
[juju-docs-actions]: https://juju.is/docs/olm/working-with-actions
[cinder-actions]: https://charmhub.io/cinder/actions
[juju-docs-config-apps]: https://juju.is/docs/olm/configure-an-application
[cinder-configure]: https://charmhub.io/cinder/configure
[cinder-filebug]: https://bugs.launchpad.net/charm-cinder/+filebug
[lp-bug-1862392]: https://bugs.launchpad.net/charm-cinder/+bug/1862392
[hacluster-charm]: https://charmhub.io/hacluster
[cinder-lvm-charm]: https://charmhub.io/cinder-lvm
[cinder-netapp-charm]: https://charmhub.io/cinder-netapp
[cinder-purestorage-charm]: https://charmhub.io/cinder-purestorage
[percona-cluster-charm]: https://charmhub.io/percona-cluster
[mysql-innodb-cluster-charm]: https://charmhub.io/mysql-innodb-cluster
[upstream-cinder]: https://docs.openstack.org/cinder/latest/
[juju-docs-config-apps]: https://juju.is/docs/configuring-applications
[wiki-uca]: https://wiki.ubuntu.com/OpenStack/CloudArchive