Merge "Update Documentation"
This commit is contained in:
commit
63e7f63af9
@ -7,22 +7,22 @@ How To Contribute
|
||||
Basics
|
||||
======
|
||||
|
||||
* Our source code is hosted on `OpenStack GitHub`_, but pull requests submitted
|
||||
#. Our source code is hosted on `OpenStack GitHub`_, but pull requests submitted
|
||||
through GitHub will be ignored. Bugs should be filed on launchpad_,
|
||||
not GitHub.
|
||||
|
||||
* Please follow OpenStack `Gerrit Workflow`_ to to contribute to Kolla.
|
||||
#. Please follow OpenStack `Gerrit Workflow`_ to to contribute to Kolla.
|
||||
|
||||
* Note the branch you're proposing changes to. ``master`` is the current focus
|
||||
#. Note the branch you're proposing changes to. ``master`` is the current focus
|
||||
of development. Kolla project has a strict policy of only allowing backports
|
||||
in ``stable/branch``, unless when not applicable. A bug in a ``stable/branch``
|
||||
will first have to be fixed in ``master``.
|
||||
|
||||
* Please file a launchpad_ blueprint for any significant code change and a bug
|
||||
#. Please file a launchpad_ blueprint for any significant code change and a bug
|
||||
for any significant bug fix or add a TrivialFix tag for simple changes.
|
||||
See how to reference a bug or a blueprint in the commit message here_
|
||||
|
||||
* TrivialFix tags or bugs are not required for documentation changes.
|
||||
#. TrivialFix tags or bugs are not required for documentation changes.
|
||||
|
||||
.. _OpenStack GitHub: https://github.com/openstack/kolla
|
||||
.. _Gerrit Workflow: http://docs.openstack.org/infra/manual/developers.html#development-workflow
|
||||
@ -32,6 +32,7 @@ Basics
|
||||
Development Environment
|
||||
========================
|
||||
|
||||
* Please follow our `quickstart`_ to deploy your environment and test your changes
|
||||
#. Please follow our `quickstart`_ to deploy your environment and test your
|
||||
changes.
|
||||
|
||||
.. _quickstart: http://docs.openstack.org/developer/kolla/quickstart.html
|
||||
|
@ -6,7 +6,7 @@ Ceph in Kolla
|
||||
|
||||
The out-of-the-box Ceph deployment requires 3 hosts with at least one block
|
||||
device on each host that can be dedicated for sole use by Ceph. However, with
|
||||
tweaks to the Ceph cluster you can deploy a "healthy" cluster with a single
|
||||
tweaks to the Ceph cluster you can deploy a **healthy** cluster with a single
|
||||
host and a single block device.
|
||||
|
||||
Requirements
|
||||
@ -21,8 +21,8 @@ Preparation and Deployment
|
||||
To prepare a disk for use as a
|
||||
`Ceph OSD <http://docs.ceph.com/docs/master/man/8/ceph-osd/>`_ you must add a
|
||||
special partition label to the disk. This partition label is how Kolla detects
|
||||
the disks to format and bootstrap. Any disk with a matching partition label will
|
||||
be reformatted so use caution.
|
||||
the disks to format and bootstrap. Any disk with a matching partition label
|
||||
will be reformatted so use caution.
|
||||
|
||||
To prepare an OSD as a storage drive, execute the following operations:
|
||||
|
||||
@ -32,7 +32,8 @@ To prepare an OSD as a storage drive, execute the following operations:
|
||||
# where $DISK is /dev/sdb or something similar
|
||||
parted $DISK -s -- mklabel gpt mkpart KOLLA_CEPH_OSD_BOOTSTRAP 1 -1
|
||||
|
||||
The following shows an example of using parted to configure /dev/sdb for usage with Kolla.
|
||||
The following shows an example of using parted to configure ``/dev/sdb`` for
|
||||
usage with Kolla.
|
||||
|
||||
::
|
||||
|
||||
@ -56,24 +57,25 @@ hosts that have the block devices you have prepped as shown above.
|
||||
compute1
|
||||
|
||||
|
||||
Enable Ceph in /etc/kolla/globals.yml:
|
||||
Enable Ceph in ``/etc/kolla/globals.yml``:
|
||||
|
||||
::
|
||||
|
||||
enable_ceph: "yes"
|
||||
|
||||
|
||||
RadosGW is optional, enable it in /etc/kolla/globals.yml:
|
||||
RadosGW is optional, enable it in ``/etc/kolla/globals.yml``:
|
||||
|
||||
::
|
||||
|
||||
enable_ceph_rgw: "yes"
|
||||
|
||||
RGW requires a healthy cluster in order to be successfully deployed.
|
||||
On initial start up, RGW will create several pools.
|
||||
The first pool should be in an operational state to proceed with the second one, and so on.
|
||||
So, in the case of an all-in-one deployment, it is necessary to change the default number of copies
|
||||
for the pools before deployment. Modify the file /etc/kolla/config/ceph.conf and add the contents::
|
||||
RGW requires a healthy cluster in order to be successfully deployed. On initial
|
||||
start up, RGW will create several pools. The first pool should be in an
|
||||
operational state to proceed with the second one, and so on. So, in the case of
|
||||
an **all-in-one** deployment, it is necessary to change the default number of
|
||||
copies for the pools before deployment. Modify the file ``/etc/kolla/config/ceph.conf``
|
||||
and add the contents::
|
||||
|
||||
[global]
|
||||
osd pool default size = 1
|
||||
@ -89,9 +91,8 @@ Finally deploy the Ceph-enabled OpenStack:
|
||||
Using a Cache Tier
|
||||
==================
|
||||
|
||||
An optional
|
||||
`cache tier <http://docs.ceph.com/docs/hammer/rados/operations/cache-tiering/>`_
|
||||
can be deployed by formatting at least one cache device and enabling cache
|
||||
An optional `cache tier <http://docs.ceph.com/docs/hammer/rados/operations/cache-tiering/>`_
|
||||
can be deployed by formatting at least one cache device and enabling cache.
|
||||
tiering in the globals.yml configuration file.
|
||||
|
||||
To prepare an OSD as a cache device, execute the following operations:
|
||||
@ -102,7 +103,7 @@ To prepare an OSD as a cache device, execute the following operations:
|
||||
# where $DISK is /dev/sdb or something similar
|
||||
parted $DISK -s -- mklabel gpt mkpart KOLLA_CEPH_OSD_CACHE_BOOTSTRAP 1 -1
|
||||
|
||||
Enable the Ceph cache tier in /etc/kolla/globals.yml:
|
||||
Enable the Ceph cache tier in ``/etc/kolla/globals.yml``:
|
||||
|
||||
::
|
||||
|
||||
@ -123,13 +124,13 @@ Setting up an Erasure Coded Pool
|
||||
`Erasure code <http://docs.ceph.com/docs/hammer/rados/operations/erasure-code/>`_
|
||||
is the new big thing from Ceph. Kolla has the ability to setup your Ceph pools
|
||||
as erasure coded pools. Due to technical limitations with Ceph, using erasure
|
||||
coded pools as OpenStack uses them requires a cache tier. Additionally, you must
|
||||
make the choice to use an erasure coded pool or a replicated pool (the default)
|
||||
when you initially deploy. You cannot change this without completely removing
|
||||
the pool and recreating it.
|
||||
coded pools as OpenStack uses them requires a cache tier. Additionally, you
|
||||
must make the choice to use an erasure coded pool or a replicated pool
|
||||
(the default) when you initially deploy. You cannot change this without
|
||||
completely removing the pool and recreating it.
|
||||
|
||||
To enable erasure coded pools add the following options to your
|
||||
/etc/kolla/globals.yml configuration file:
|
||||
To enable erasure coded pools add the following options to your ``/etc/kolla/globals.yml``
|
||||
configuration file:
|
||||
|
||||
::
|
||||
|
||||
@ -157,9 +158,10 @@ indicates a healthy cluster:
|
||||
68676 kB used, 20390 MB / 20457 MB avail
|
||||
64 active+clean
|
||||
|
||||
If Ceph is run in an all-in-one deployment or with less than three storage nodes, further
|
||||
configuration is required. It is necessary to change the default number of copies for the pool.
|
||||
The following example demonstrates how to change the number of copies for the pool to 1:
|
||||
If Ceph is run in an **all-in-one** deployment or with less than three storage
|
||||
nodes, further configuration is required. It is necessary to change the default
|
||||
number of copies for the pool. The following example demonstrates how to change
|
||||
the number of copies for the pool to 1:
|
||||
|
||||
::
|
||||
|
||||
@ -178,7 +180,7 @@ If using a cache tier, these changes must be made as well:
|
||||
|
||||
for p in images vms volumes backups; do docker exec ceph_mon ceph osd pool set ${p}-cache size 2; done
|
||||
|
||||
The default pool Ceph creates is named 'rbd'. It is safe to remove this pool:
|
||||
The default pool Ceph creates is named **rbd**. It is safe to remove this pool:
|
||||
|
||||
::
|
||||
|
||||
|
@ -15,9 +15,8 @@ The ``kolla-build`` command is responsible for building docker images.
|
||||
Generating kolla-build.conf
|
||||
===========================
|
||||
|
||||
Install tox and generate the build configuration. The build
|
||||
configuration is designed to hold advanced customizations when building
|
||||
containers.
|
||||
Install tox and generate the build configuration. The build configuration is
|
||||
designed to hold advanced customizations when building containers.
|
||||
|
||||
Create kolla-build.conf using the following steps.
|
||||
::
|
||||
@ -25,9 +24,10 @@ Create kolla-build.conf using the following steps.
|
||||
pip install tox
|
||||
tox -e genconfig
|
||||
|
||||
The location of the generated configuration file is ``etc/kolla/kolla-build.conf``,
|
||||
You can also copy it to ``/etc/kolla``. The default location is one of
|
||||
``/etc/kolla/kolla-build.conf`` or ``etc/kolla/kolla-build.conf``.
|
||||
The location of the generated configuration file is
|
||||
``etc/kolla/kolla-build.conf``, You can also copy it to ``/etc/kolla``. The
|
||||
default location is one of ``/etc/kolla/kolla-build.conf`` or
|
||||
``etc/kolla/kolla-build.conf``.
|
||||
|
||||
Guide
|
||||
=====
|
||||
@ -59,7 +59,7 @@ command line::
|
||||
kolla-build keystone
|
||||
|
||||
In this case, the build script builds all images which name contains the
|
||||
'keystone' string along with their dependencies.
|
||||
*keystone* string along with their dependencies.
|
||||
|
||||
Multiple names may be specified on the command line::
|
||||
|
||||
@ -88,12 +88,11 @@ command::
|
||||
Build OpenStack from Source
|
||||
===========================
|
||||
|
||||
When building images, there are two methods of the OpenStack install.
|
||||
One is ``binary``. Another is ``source``.
|
||||
The ``binary`` means that OpenStack will be installed from apt/yum.
|
||||
And the ``source`` means that OpenStack will be installed from source code.
|
||||
The default method of the OpenStack install is ``binary``.
|
||||
It can be changed to ``source`` using the ``-t`` option::
|
||||
When building images, there are two methods of the OpenStack install. One is
|
||||
``binary``. Another is ``source``. The ``binary`` means that OpenStack will be
|
||||
installed from apt/yum. And the ``source`` means that OpenStack will be
|
||||
installed from source code. The default method of the OpenStack install is
|
||||
``binary``. It can be changed to ``source`` using the ``-t`` option::
|
||||
|
||||
kolla-build -t source
|
||||
|
||||
@ -143,7 +142,7 @@ The build method allows the operator to build containers from custom repos.
|
||||
The repos are accepted as a list of comma separated values and can be in
|
||||
the form of .repo, .rpm, or a url. See examples below.
|
||||
|
||||
Update rpm_setup_config in /etc/kolla/kolla-build.conf::
|
||||
Update rpm_setup_config in ``/etc/kolla/kolla-build.conf``::
|
||||
|
||||
rpm_setup_config = http://trunk.rdoproject.org/centos7/currrent/delorean.repo,http://trunk.rdoproject.org/centos7/delorean-deps.repo
|
||||
|
||||
@ -206,13 +205,12 @@ Known issues
|
||||
Docker Local Registry
|
||||
=====================
|
||||
|
||||
It is recommended to set up local registry for Kolla developers
|
||||
or deploying multinode. The reason using a local registry is
|
||||
deployment performance will operate at local network speeds,
|
||||
typically gigabit networking. Beyond performance considerations,
|
||||
the Operator would have full control over images that are deployed.
|
||||
If there is no local registry, nodes pull images from Docker Hub
|
||||
when images are not found in local caches.
|
||||
It is recommended to set up local registry for Kolla developers or deploying
|
||||
*multinode*. The reason using a local registry is deployment performance will
|
||||
operate at local network speeds, typically gigabit networking. Beyond
|
||||
performance considerations, the Operator would have full control over images
|
||||
that are deployed. If there is no local registry, nodes pull images from Docker
|
||||
Hub when images are not found in local caches.
|
||||
|
||||
Setting up Docker Local Registry
|
||||
--------------------------------
|
||||
@ -225,18 +223,17 @@ Running Docker registry is easy. Just use the following command::
|
||||
Note: ``<local_data_path>`` points to the folder where Docker registry
|
||||
will store Docker images on the local host.
|
||||
|
||||
The default port of Docker registry is 5000.
|
||||
But the 5000 port is also the port of keystone-api.
|
||||
To avoid conflict, use 4000 port as Docker registry port.
|
||||
The default port of Docker registry is 5000. But the 5000 port is also the port
|
||||
of keystone-api. To avoid conflict, use 4000 port as Docker registry port.
|
||||
|
||||
Now the Docker registry service is running.
|
||||
|
||||
Docker Insecure Registry Config
|
||||
-------------------------------
|
||||
|
||||
For docker to pull images, it is necessary to
|
||||
modify the Docker configuration. The guide assumes that
|
||||
the IP of the machine running Docker registry is 172.22.2.81.
|
||||
For docker to pull images, it is necessary to modify the Docker configuration.
|
||||
The guide assumes that the IP of the machine running Docker registry is
|
||||
172.22.2.81.
|
||||
|
||||
In Ubuntu, add ``--insecure-registry 172.22.2.81:4000``
|
||||
to ``DOCKER_OPTS`` in ``/etc/default/docker``.
|
||||
@ -255,9 +252,8 @@ Kolla-ansible with Local Registry
|
||||
|
||||
To make kolla-ansible pull images from local registry, set
|
||||
``"docker_registry"`` to ``"172.22.2.81:4000"`` in
|
||||
``"/etc/kolla/globals.yml"``. Make sure Docker is allowed to pull
|
||||
images from insecure registry. See
|
||||
`Docker Insecure Registry Config`_.
|
||||
``"/etc/kolla/globals.yml"``. Make sure Docker is allowed to pull images from
|
||||
insecure registry. See `Docker Insecure Registry Config`_.
|
||||
|
||||
|
||||
Building behind a proxy
|
||||
|
@ -24,13 +24,13 @@ pattern. To view, analyse and search logs, at least one index pattern has to
|
||||
be created. To match indices stored in ElasticSearch, we suggest to use
|
||||
following configuration:
|
||||
|
||||
- Index contains time-based events - check
|
||||
- Use event times to create index names [DEPRECATED] - not checked
|
||||
- Index name or pattern - log-*
|
||||
- Do not expand index pattern when searching (Not recommended) - not checked
|
||||
- Time-field name - Timestamp
|
||||
#. Index contains time-based events - check
|
||||
#. Use event times to create index names [DEPRECATED] - not checked
|
||||
#. Index name or pattern - log-*
|
||||
#. Do not expand index pattern when searching (Not recommended) - not checked
|
||||
#. Time-field name - Timestamp
|
||||
|
||||
After setting parameters, one can create an index with 'Create' button.
|
||||
After setting parameters, one can create an index with *Create* button.
|
||||
Note: This step is necessary until the default Kibana dashboard is implemented
|
||||
in Kolla.
|
||||
|
||||
@ -51,10 +51,10 @@ Visualize data - Visualize tab
|
||||
==============================
|
||||
|
||||
In the visualization tab a wide range of charts is available. If any
|
||||
visualization has not been saved yet, after choosing this tab 'Create a new
|
||||
visualization' panel is opened. If a visualization has already been saved,
|
||||
visualization has not been saved yet, after choosing this tab *Create a new
|
||||
visualization* panel is opened. If a visualization has already been saved,
|
||||
after choosing this tab, lately modified visualization is opened. In this
|
||||
case, one can create a new visualization by choosing 'add visualization'
|
||||
case, one can create a new visualization by choosing *add visualization*
|
||||
option in the menu on the right. In order to create new visualization, one
|
||||
of the available options has to be chosen (pie chart, area chart). Each
|
||||
visualization can be created from a saved or a new search. After choosing
|
||||
@ -63,8 +63,8 @@ generated and previewed. In the menu on the left, metrics for a chart can
|
||||
be chosen. The chart can be generated by pressing a green arrow on the top
|
||||
of the left-side menu.
|
||||
|
||||
NOTE: After creating a visualization, it can be saved by choosing 'save
|
||||
visualization' option in the menu on the right. If it is not saved, it will
|
||||
NOTE: After creating a visualization, it can be saved by choosing *save
|
||||
visualization* option in the menu on the right. If it is not saved, it will
|
||||
be lost after leaving a page or creating another visualization.
|
||||
|
||||
Organize visualizations and searches - Dashboard tab
|
||||
@ -72,17 +72,17 @@ Organize visualizations and searches - Dashboard tab
|
||||
|
||||
In the Dashboard tab all of saved visualizations and searches can be
|
||||
organized in one Dashboard. To add visualization or search, one can choose
|
||||
'add visualization' option in the menu on the right and then choose an item
|
||||
*add visualization* option in the menu on the right and then choose an item
|
||||
from all saved ones. The order and size of elements can be changed directly
|
||||
in this place by moving them or resizing. The color of charts can also be
|
||||
changed by checking a colorful dots on the legend near each visualization.
|
||||
|
||||
NOTE: After creating a dashboard, it can be saved by choosing 'save dashboard'
|
||||
NOTE: After creating a dashboard, it can be saved by choosing *save dashboard*
|
||||
option in the menu on the right. If it is not saved, it will be lost after
|
||||
leaving a page or creating another dashboard.
|
||||
|
||||
If a Dashboard has already been saved, it can be opened by choosing 'open
|
||||
dashboard' option in the menu on the right.
|
||||
If a Dashboard has already been saved, it can be opened by choosing *open
|
||||
dashboard* option in the menu on the right.
|
||||
|
||||
Exporting and importing created items - Settings tab
|
||||
=====================================================
|
||||
@ -90,6 +90,6 @@ Exporting and importing created items - Settings tab
|
||||
Once visualizations, searches or dashboards are created, they can be exported
|
||||
to a json format by choosing Settings tab and then Objects tab. Each of the
|
||||
item can be exported separately by selecting it in the menu. All of the items
|
||||
can also be exported at once by choosing 'export everything' option.
|
||||
can also be exported at once by choosing *export everything* option.
|
||||
In the same tab (Settings - Objects) one can also import saved items by
|
||||
choosing 'import' option.
|
||||
choosing *import* option.
|
||||
|
@ -7,7 +7,7 @@ Liberty 1.0.0 Deployment Warning
|
||||
Warning Overview
|
||||
================
|
||||
Please use Liberty 1.1.0 tag or later when using Kolla. No data loss
|
||||
occurs with this version. stable/liberty is also fully functional and
|
||||
occurs with this version. ``stable/liberty`` is also fully functional and
|
||||
suffers no data loss.
|
||||
|
||||
Data loss with 1.0.0
|
||||
@ -15,25 +15,25 @@ Data loss with 1.0.0
|
||||
The Kolla community discovered in the of middle Mitaka development that it
|
||||
was possible for data loss to occur if the data container is rebuilt. In
|
||||
this scenario, Docker pulls a new container, and the new container doesn't
|
||||
contain the data from the old container. Kolla stable/liberty and Kolla
|
||||
1.0.0 are not to be used at this time, as they result in *critical data loss
|
||||
problems*.
|
||||
contain the data from the old container. Kolla ``stable/liberty`` and Kolla
|
||||
1.0.0 are not to be used at this time, as they result in **critical data loss
|
||||
problems**.
|
||||
|
||||
Resolution
|
||||
==========
|
||||
To rectify this problem, the OpenStack release and infrastructure teams
|
||||
in coordination with the Kolla team executed the following actions:
|
||||
|
||||
* Deleted the stable/liberty branch (where 1.0.0 was tagged from)
|
||||
* Created a tag liberty-early-demise at the end of the broken stable/liberty
|
||||
* Deleted the ``stable/liberty`` branch (where 1.0.0 was tagged from)
|
||||
* Created a tag liberty-early-demise at the end of the broken ``stable/liberty``
|
||||
branch development.
|
||||
* Created a new stable/liberty branch based upon stable/mitaka.
|
||||
* Corrected stable/liberty to deploy Liberty.
|
||||
* Released Kolla 1.1.0 from the newly created stable/liberty branch.
|
||||
* Created a new ``stable/liberty`` branch based upon ``stable/mitaka``.
|
||||
* Corrected ``stable/liberty`` to deploy Liberty.
|
||||
* Released Kolla 1.1.0 from the newly created ``stable/liberty`` branch.
|
||||
|
||||
End Result
|
||||
==========
|
||||
A fully functional Liberty OpenStack deployment based upon the two years of
|
||||
testing that went into the development that went into stable/mitaka.
|
||||
testing that went into the development that went into ``stable/mitaka``.
|
||||
|
||||
The docker-engine 1.10.0 or later is required.
|
||||
|
@ -34,7 +34,7 @@ services are properly working.
|
||||
Preparation and Deployment
|
||||
==========================
|
||||
|
||||
Cinder and Ceph are required, enable it in /etc/kolla/globals.yml:
|
||||
Cinder and Ceph are required, enable it in ``/etc/kolla/globals.yml``:
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
@ -47,13 +47,14 @@ Enable Manila in /etc/kolla/globals.yml:
|
||||
|
||||
enable_manila: "yes"
|
||||
|
||||
By default Manila uses instance flavor id 100 for its file systems. For
|
||||
Manila to work, either create a new nova flavor with id 100 (using "nova
|
||||
flavor-create") or change service_instance_flavor_id to use one of the
|
||||
default nova flavor ids.
|
||||
Ex: service_instance_flavor_id = 2 to use nova default flavor m1.small.
|
||||
By default Manila uses instance flavor id 100 for its file systems. For Manila
|
||||
to work, either create a new nova flavor with id 100 (use *nova flavor-create*)
|
||||
or change *service_instance_flavor_id* to use one of the default nova flavor
|
||||
ids.
|
||||
Ex: *service_instance_flavor_id = 2* to use nova default flavor ``m1.small``.
|
||||
|
||||
Create or modify the file /etc/kolla/config/manila.conf and add the contents:
|
||||
Create or modify the file ``/etc/kolla/config/manila-share.conf`` and add the
|
||||
contents:
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
@ -79,11 +80,11 @@ to verify successful launch of each process:
|
||||
Launch an Instance
|
||||
==================
|
||||
|
||||
Before being able to create a share, the manila with the generic driver and
|
||||
the DHSS mode enabled requires the definition of at least an image,
|
||||
a network and a share-network for being used to create a share server.
|
||||
For that back end configuration, the share server is an instance where
|
||||
NFS/CIFS shares are served.
|
||||
Before being able to create a share, the manila with the generic driver and the
|
||||
DHSS mode enabled requires the definition of at least an image, a network and a
|
||||
share-network for being used to create a share server. For that back end
|
||||
configuration, the share server is an instance where NFS/CIFS shares are
|
||||
served.
|
||||
|
||||
Determine the configuration of the share server
|
||||
===============================================
|
||||
@ -166,8 +167,8 @@ Create a shared network
|
||||
| description | None |
|
||||
+-------------------+--------------------------------------+
|
||||
|
||||
Create a flavor (Required if you not defined manila_instance_flavor_id in
|
||||
/etc/kolla/config/manila.conf file)
|
||||
Create a flavor (**Required** if you not defined *manila_instance_flavor_id* in
|
||||
``/etc/kolla/config/manila-share.conf`` file)
|
||||
|
||||
.. code-block:: console
|
||||
|
||||
|
@ -7,31 +7,29 @@ Multinode Deployment of Kolla
|
||||
Deploy a registry (required for multinode)
|
||||
==========================================
|
||||
|
||||
A Docker registry is a locally hosted registry that replaces the need
|
||||
to pull from the Docker Hub to get images. Kolla can function with
|
||||
or without a local registry, however for a multinode deployment a registry
|
||||
is required.
|
||||
A Docker registry is a locally hosted registry that replaces the need to pull
|
||||
from the Docker Hub to get images. Kolla can function with or without a local
|
||||
registry, however for a multinode deployment a registry is required.
|
||||
|
||||
The Docker registry prior to version 2.3 has extremely bad performance
|
||||
because all container data is pushed for every image rather than taking
|
||||
advantage of Docker layering to optimize push operations. For more
|
||||
information reference
|
||||
The Docker registry prior to version 2.3 has extremely bad performance because
|
||||
all container data is pushed for every image rather than taking advantage of
|
||||
Docker layering to optimize push operations. For more information reference
|
||||
`pokey registry <https://github.com/docker/docker/issues/14018>`__.
|
||||
|
||||
|
||||
The Kolla community recommends using registry 2.3 or later. To deploy
|
||||
registry 2.3 do the following:
|
||||
The Kolla community recommends using registry 2.3 or later. To deploy registry
|
||||
2.3 do the following:
|
||||
|
||||
::
|
||||
|
||||
docker run -d -p 4000:5000 --restart=always --name registry registry:2
|
||||
|
||||
Note: Kolla looks for the Docker registry to use port 4000. (Docker default
|
||||
is port 5000)
|
||||
Note: Kolla looks for the Docker registry to use port 4000. (Docker default is
|
||||
port 5000)
|
||||
|
||||
After starting the registry, it is necessary to instruct Docker that it will
|
||||
be communicating with an insecure registry. To enable insecure registry
|
||||
communication on CentOS, modify the "/etc/sysconfig/docker" file to contain
|
||||
communication on CentOS, modify the ``/etc/sysconfig/docker`` file to contain
|
||||
the following where 192.168.1.100 is the IP address of the machine where the
|
||||
registry is currently running:
|
||||
|
||||
@ -40,18 +38,17 @@ registry is currently running:
|
||||
# CentOS
|
||||
other_args="--insecure-registry 192.168.1.100:4000"
|
||||
|
||||
For Ubuntu, edit /etc/default/docker and add:
|
||||
For Ubuntu, edit ``/etc/default/docker`` and add:
|
||||
|
||||
::
|
||||
|
||||
# Ubuntu
|
||||
DOCKER_OPTS="--insecure-registry 192.168.1.100:4000"
|
||||
|
||||
Docker Inc's packaged version of docker-engine for CentOS is defective and
|
||||
does not read the other_args configuration options from
|
||||
"/etc/sysconfig/docker". To rectify this problem, ensure the
|
||||
following lines appear in the drop-in unit file at
|
||||
"/etc/systemd/system/docker.service.d/kolla.conf":
|
||||
Docker Inc's packaged version of docker-engine for CentOS is defective and does
|
||||
not read the other_args configuration options from ``/etc/sysconfig/docker``.
|
||||
To rectify this problem, ensure the following lines appear in the drop-in unit
|
||||
file at ``/etc/systemd/system/docker.service.d/kolla.conf``:
|
||||
|
||||
::
|
||||
|
||||
@ -79,8 +76,8 @@ Edit the Inventory File
|
||||
|
||||
The ansible inventory file contains all the information needed to determine
|
||||
what services will land on which hosts. Edit the inventory file in the kolla
|
||||
directory ansible/inventory/multinode or if kolla was installed with pip, it
|
||||
can be found in /usr/share/kolla.
|
||||
directory ``ansible/inventory/multinode`` or if kolla was installed with pip,
|
||||
it can be found in ``/usr/share/kolla``.
|
||||
|
||||
Add the ip addresses or hostnames to a group and the services associated with
|
||||
that group will land on that host:
|
||||
@ -95,9 +92,9 @@ that group will land on that host:
|
||||
192.168.122.24
|
||||
|
||||
|
||||
For more advanced roles, the operator can edit which services will be associated
|
||||
in with each group. Keep in mind that some services have to be grouped together
|
||||
and changing these around can break your deployment:
|
||||
For more advanced roles, the operator can edit which services will be
|
||||
associated in with each group. Keep in mind that some services have to be
|
||||
grouped together and changing these around can break your deployment:
|
||||
|
||||
::
|
||||
|
||||
|
@ -4,9 +4,9 @@
|
||||
Nova Fake Driver
|
||||
================
|
||||
|
||||
One common question from OpenStack operators is that "how does the control plane
|
||||
(e.g., database, messaging queue, nova-scheduler ) scales?". To answer this
|
||||
question, operators setup Rally to drive workload to the OpenStack cloud.
|
||||
One common question from OpenStack operators is that "how does the control
|
||||
plane (e.g., database, messaging queue, nova-scheduler ) scales?". To answer
|
||||
this question, operators setup Rally to drive workload to the OpenStack cloud.
|
||||
However, without a large number of nova-compute nodes, it becomes difficult to
|
||||
exercise the control performance.
|
||||
|
||||
@ -20,11 +20,11 @@ Use nova-fake driver
|
||||
|
||||
Nova fake driver can not work with all-in-one deployment. This is because the
|
||||
fake neutron-openvswitch-agent for the fake nova-compute container conflicts
|
||||
with neutron-openvswitch-agent on the compute nodes. Therefore, in the inventory
|
||||
the network node must be different than the compute node.
|
||||
with neutron-openvswitch-agent on the compute nodes. Therefore, in the
|
||||
inventory the network node must be different than the compute node.
|
||||
|
||||
By default, Kolla uses libvirt driver on the compute node. To use nova-fake
|
||||
driver, edit the following parameters in ansible/group_vars or in the
|
||||
driver, edit the following parameters in ``ansible/group_vars`` or in the
|
||||
command line options.
|
||||
|
||||
::
|
||||
@ -33,5 +33,5 @@ command line options.
|
||||
num_nova_fake_per_node: 5
|
||||
|
||||
Each compute nodes will run 5 nova-compute containers and 5
|
||||
neutron-plugin-agent containers. When booting instance, there will be no
|
||||
real instances created. But "nova list" shows the fake instances.
|
||||
neutron-plugin-agent containers. When booting instance, there will be no real
|
||||
instances created. But *nova list* shows the fake instances.
|
||||
|
@ -24,16 +24,16 @@ Tips and Tricks
|
||||
===============
|
||||
Kolla ships with several utilities intended to facilitate ease of operation.
|
||||
|
||||
``tools/cleanup-containers`` can be used to remove deployed containers from
|
||||
the system. This can be useful when you want to do a new clean deployment. It
|
||||
will preserve the registry and the locally built images in the registry,
|
||||
but will remove all running Kolla containers from the local Docker daemon.
|
||||
It also removes the named volumes.
|
||||
``tools/cleanup-containers`` can be used to remove deployed containers from the
|
||||
system. This can be useful when you want to do a new clean deployment. It will
|
||||
preserve the registry and the locally built images in the registry, but will
|
||||
remove all running Kolla containers from the local Docker daemon. It also
|
||||
removes the named volumes.
|
||||
|
||||
``tools/cleanup-host`` can be used to remove remnants of network changes
|
||||
triggered on the Docker host when the neutron-agents containers are launched.
|
||||
This can be useful when you want to do a new clean deployment, particularly
|
||||
one changing the network topology.
|
||||
This can be useful when you want to do a new clean deployment, particularly one
|
||||
changing the network topology.
|
||||
|
||||
``tools/cleanup-images`` can be used to remove all Docker images built by
|
||||
Kolla from the local Docker cache.
|
||||
``tools/cleanup-images`` can be used to remove all Docker images built by Kolla
|
||||
from the local Docker cache.
|
||||
|
@ -26,14 +26,14 @@ There are other deployment environments referenced below in `Additional Environm
|
||||
Install Dependencies
|
||||
====================
|
||||
|
||||
Kolla is tested on CentOS, Oracle Linux, RHEL and Ubuntu as both container
|
||||
OS platforms and bare metal deployment targets.
|
||||
Kolla is tested on CentOS, Oracle Linux, RHEL and Ubuntu as both container OS
|
||||
platforms and bare metal deployment targets.
|
||||
|
||||
Fedora: Kolla will not run on Fedora 22 and later as a bare metal deployment
|
||||
target. These distributions compress kernel modules with the .xz compressed
|
||||
format. The guestfs system in the CentOS family of containers cannot read
|
||||
these images because a dependent package supermin in CentOS needs to be
|
||||
updated to add .xz compressed format support.
|
||||
these images because a dependent package supermin in CentOS needs to be updated
|
||||
to add .xz compressed format support.
|
||||
|
||||
Ubuntu: For Ubuntu based systems where Docker is used it is recommended to use
|
||||
the latest available LTS kernel. The latest LTS kernel available is the wily
|
||||
@ -89,10 +89,10 @@ command:
|
||||
|
||||
docker --version
|
||||
|
||||
When running with systemd, setup docker-engine with the appropriate
|
||||
information in the Docker daemon to launch with. This means setting up the
|
||||
following information in the ``docker.service`` file. If you do not set the
|
||||
MountFlags option correctly then ``kolla-ansible`` will fail to deploy the
|
||||
When running with systemd, setup docker-engine with the appropriate information
|
||||
in the Docker daemon to launch with. This means setting up the following
|
||||
information in the ``docker.service`` file. If you do not set the MountFlags
|
||||
option correctly then ``kolla-ansible`` will fail to deploy the
|
||||
``neutron-dhcp-agent`` container and throws APIError/HTTPError. After adding
|
||||
the drop-in unit file as follows, reload and restart the docker service:
|
||||
|
||||
@ -138,15 +138,15 @@ Or using ``pip`` to install a latest version:
|
||||
pip install -U docker-py
|
||||
|
||||
|
||||
OpenStack, RabbitMQ, and Ceph require all hosts to have matching times to ensure
|
||||
proper message delivery. In the case of Ceph, it will complain if the hosts
|
||||
differ by more than 0.05 seconds. Some OpenStack services have timers as low as
|
||||
2 seconds by default. For these reasons it is highly recommended to setup an NTP
|
||||
service of some kind. While ``ntpd`` will achieve more accurate time for the
|
||||
deployment if the NTP servers are running in the local deployment environment,
|
||||
`chrony <http://chrony.tuxfamily.org>`_ is more accurate when syncing the time
|
||||
across a WAN connection. When running Ceph it is recommended to setup ``ntpd`` to
|
||||
sync time locally due to the tight time constraints.
|
||||
OpenStack, RabbitMQ, and Ceph require all hosts to have matching times to
|
||||
ensure proper message delivery. In the case of Ceph, it will complain if the
|
||||
hosts differ by more than 0.05 seconds. Some OpenStack services have timers as
|
||||
low as 2 seconds by default. For these reasons it is highly recommended to
|
||||
setup an NTP service of some kind. While ``ntpd`` will achieve more accurate
|
||||
time for the deployment if the NTP servers are running in the local deployment
|
||||
environment, `chrony <http://chrony.tuxfamily.org>`_ is more accurate when
|
||||
syncing the time across a WAN connection. When running Ceph it is recommended
|
||||
to setup ``ntpd`` to sync time locally due to the tight time constraints.
|
||||
|
||||
To install, start, and enable ntp on CentOS execute the following:
|
||||
|
||||
@ -163,9 +163,9 @@ To install and start on Debian based systems execute the following:
|
||||
|
||||
apt-get install ntp
|
||||
|
||||
Libvirt is started by default on many operating systems. Please disable ``libvirt``
|
||||
on any machines that will be deployment targets. Only one copy of libvirt may
|
||||
be running at a time.
|
||||
Libvirt is started by default on many operating systems. Please disable
|
||||
``libvirt`` on any machines that will be deployment targets. Only one copy of
|
||||
libvirt may be running at a time.
|
||||
|
||||
::
|
||||
|
||||
@ -182,24 +182,24 @@ On Ubuntu, apparmor will sometimes prevent libvirt from working.
|
||||
::
|
||||
/usr/sbin/libvirtd: error while loading shared libraries: libvirt-admin.so.0: cannot open shared object file: Permission denied
|
||||
|
||||
If you are seeing the libvirt container fail with the error above, disable
|
||||
the libvirt profile.
|
||||
If you are seeing the libvirt container fail with the error above, disable the
|
||||
libvirt profile.
|
||||
|
||||
::
|
||||
|
||||
sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.libvirtd
|
||||
|
||||
|
||||
Kolla deploys OpenStack using
|
||||
`Ansible <http://www.ansible.com>`__. Install Ansible from distribution
|
||||
packaging if the distro packaging has recommended version available.
|
||||
Kolla deploys OpenStack using `Ansible <http://www.ansible.com>`__. Install
|
||||
Ansible from distribution packaging if the distro packaging has recommended
|
||||
version available.
|
||||
|
||||
Some implemented distro versions of Ansible are too old to use distro
|
||||
packaging. Currently, CentOS and RHEL package Ansible 1.9.4 which is
|
||||
suitable for use with Kolla. As Ansible 2.0 is also available, version 1.9
|
||||
must be specified. Note that you will need to enable access
|
||||
to the EPEL repository to install via yum -- to do so, take a look at
|
||||
Fedora's EPEL `docs <https://fedoraproject.org/wiki/EPEL>`__ and
|
||||
packaging. Currently, CentOS and RHEL package Ansible 1.9.4 which is suitable
|
||||
for use with Kolla. As Ansible 2.0 is also available, version 1.9 must be
|
||||
specified. Note that you will need to enable access to the EPEL repository to
|
||||
install via yum -- to do so, take a look at Fedora's EPEL
|
||||
`docs <https://fedoraproject.org/wiki/EPEL>`__ and
|
||||
`FAQ <https://fedoraproject.org/wiki/EPEL/FAQ>`__.
|
||||
|
||||
On CentOS or RHEL systems, this can be done using:
|
||||
@ -208,16 +208,16 @@ On CentOS or RHEL systems, this can be done using:
|
||||
|
||||
yum -y install ansible1.9
|
||||
|
||||
Many DEB based systems do not meet Kolla's Ansible version requirements.
|
||||
It is recommended to use pip to install Ansible 1.9.4.
|
||||
Finally Ansible 1.9.4 may be installed using:
|
||||
Many DEB based systems do not meet Kolla's Ansible version requirements. It is
|
||||
recommended to use pip to install Ansible 1.9.4. Finally Ansible 1.9.4 may be
|
||||
installed using:
|
||||
|
||||
::
|
||||
|
||||
pip install -U ansible==1.9.4
|
||||
|
||||
If DEB based systems include a version of Ansible that meets Kolla's
|
||||
version requirements it can be installed by:
|
||||
If DEB based systems include a version of Ansible that meets Kolla's version
|
||||
requirements it can be installed by:
|
||||
|
||||
::
|
||||
|
||||
@ -277,31 +277,31 @@ To install the clients use:
|
||||
Local Registry
|
||||
==============
|
||||
|
||||
A local registry is not required for an all-in-one installation. Check out the
|
||||
:doc:`multinode` for more information on using a local registry. Otherwise, the
|
||||
`Docker Hub Image Registry`_ contains all images from each of Kolla's major releases.
|
||||
The latest release tag is 2.0.0 for Mitaka.
|
||||
A local registry is not required for an ``all-in-one`` installation. Check out
|
||||
the :doc:`multinode` for more information on using a local registry. Otherwise,
|
||||
the `Docker Hub Image Registry`_ contains all images from each of Kolla's major
|
||||
releases. The latest release tag is 2.0.0 for Mitaka.
|
||||
|
||||
Additional Environments
|
||||
=======================
|
||||
|
||||
Two virtualized development environment options are available for Kolla.
|
||||
These options permit the development of Kolla without disrupting the host
|
||||
operating system.
|
||||
Two virtualized development environment options are available for Kolla. These
|
||||
options permit the development of Kolla without disrupting the host operating
|
||||
system.
|
||||
|
||||
If developing Kolla on an OpenStack cloud environment that supports Heat,
|
||||
follow the :doc:`heat-dev-env`.
|
||||
|
||||
If developing Kolla on a system that provides VirtualBox or Libvirt in
|
||||
addition to Vagrant, use the Vagrant virtual environment documented in
|
||||
If developing Kolla on a system that provides VirtualBox or Libvirt in addition
|
||||
to Vagrant, use the Vagrant virtual environment documented in
|
||||
:doc:`vagrant-dev-env`.
|
||||
|
||||
Currently the Heat development environment is entirely non-functional.
|
||||
The Kolla core reviewers have debated removing it from the repository
|
||||
but have resisted to provide an opportunity for contributors to make Heat
|
||||
usable for Kolla development. THe Kolla core reviewers believe Heat
|
||||
would offer a great way to develop Kolla in addition to Vagrant,
|
||||
bare metal, or a manually setup virtual machine.
|
||||
Currently the Heat development environment is entirely non-functional. The
|
||||
Kolla core reviewers have debated removing it from the repository but have
|
||||
resisted to provide an opportunity for contributors to make Heat usable for
|
||||
Kolla development. The Kolla core reviewers believe Heat would offer a great
|
||||
way to develop Kolla in addition to Vagrant, bare metal, or a manually setup
|
||||
virtual machine.
|
||||
|
||||
For more information refer to
|
||||
`_bug 1562334 <https://bugs.launchpad.net/kolla/+bug/1562334>`__.
|
||||
@ -340,8 +340,8 @@ Note ``--base`` and ``--type`` can be added to the above ``kolla-build``
|
||||
command if different distributions or types are desired.
|
||||
|
||||
It is also possible to build individual containers. As an example, if the
|
||||
glance containers failed to build, all glance related containers can be
|
||||
rebuilt as follows:
|
||||
glance containers failed to build, all glance related containers can be rebuilt
|
||||
as follows:
|
||||
|
||||
::
|
||||
|
||||
@ -361,13 +361,13 @@ instruction in :doc:`image-building`.
|
||||
Deploying Kolla
|
||||
===============
|
||||
|
||||
The Kolla community provides two example methods of Kolla
|
||||
deploy: *all-in-one* and *multinode*. The "all-in-one" deploy is similar
|
||||
to `devstack <http://docs.openstack.org/developer/devstack/>`__ deploy which
|
||||
installs all OpenStack services on a single host. In the "multinode" deploy,
|
||||
The Kolla community provides two example methods of Kolla deploy: *all-in-one*
|
||||
and *multinode*. The *all-in-one* deploy is similar to
|
||||
`devstack <http://docs.openstack.org/developer/devstack/>`__ deploy which
|
||||
installs all OpenStack services on a single host. In the *multinode* deploy,
|
||||
OpenStack services can be run on specific hosts. This documentation only
|
||||
describes deploying *all-in-one* method as most simple one. To setup multinode
|
||||
see the :doc:`multinode`.
|
||||
describes deploying *all-in-one* method as most simple one. To setup
|
||||
*multinode* see the :doc:`multinode`.
|
||||
|
||||
Each method is represented as an Ansible inventory file. More information on
|
||||
the Ansible inventory file can be found in the Ansible `inventory introduction
|
||||
@ -385,7 +385,7 @@ deployment. Optionally, the passwords may be populate in the file by hand.
|
||||
|
||||
kolla-genpwd
|
||||
|
||||
Start by editing /etc/kolla/globals.yml. Check and edit, if needed, these
|
||||
Start by editing ``/etc/kolla/globals.yml``. Check and edit, if needed, these
|
||||
parameters: ``kolla_base_distro``, ``kolla_install_type``. These parameters
|
||||
should match what you used in the ``kolla-build`` command line. The default for
|
||||
``kolla_base_distro`` is ``centos`` and for ``kolla_install_type`` is ``binary``.
|
||||
@ -399,23 +399,22 @@ sure ``globals.yml`` has the following entries:
|
||||
|
||||
|
||||
Please specify an unused IP address in the network to act as a VIP for
|
||||
``kolla_internal_vip_address``. The VIP will be used with keepalived and
|
||||
added to the ``api_interface`` as specified in the ``globals.yml`` ::
|
||||
``kolla_internal_vip_address``. The VIP will be used with keepalived and added
|
||||
to the ``api_interface`` as specified in the ``globals.yml`` ::
|
||||
|
||||
kolla_internal_vip_address: "10.10.10.254"
|
||||
|
||||
The ``network_interface`` variable is the interface to which Kolla binds API
|
||||
services. For example, when starting up Mariadb it will bind to the
|
||||
IP on the interface list in the ``network_interface`` variable. ::
|
||||
services. For example, when starting up Mariadb it will bind to the IP on the
|
||||
interface list in the ``network_interface`` variable. ::
|
||||
|
||||
network_interface: "eth0"
|
||||
|
||||
The ``neutron_external_interface`` variable is the interface that will
|
||||
be used for the external bridge in Neutron. Without this bridge the deployment
|
||||
instance traffic will be unable to access the rest of the Internet. In
|
||||
the case of a single interface on a machine, a veth pair may be used where
|
||||
one end of the veth pair is listed here and the other end is in a bridge on
|
||||
the system. ::
|
||||
The ``neutron_external_interface`` variable is the interface that will be used
|
||||
for the external bridge in Neutron. Without this bridge the deployment instance
|
||||
traffic will be unable to access the rest of the Internet. In the case of a
|
||||
single interface on a machine, a veth pair may be used where one end of the
|
||||
veth pair is listed here and the other end is in a bridge on the system. ::
|
||||
|
||||
neutron_external_interface: "eth1"
|
||||
|
||||
@ -514,22 +513,21 @@ environment with a glance image and neutron networks:
|
||||
Failures
|
||||
========
|
||||
|
||||
Nearly always when Kolla fails, it is caused by a CTRL-C during the
|
||||
deployment process or a problem in the ``globals.yml`` configuration.
|
||||
Nearly always when Kolla fails, it is caused by a CTRL-C during the deployment
|
||||
process or a problem in the ``globals.yml`` configuration.
|
||||
|
||||
To correct the problem where Operators have a misconfigured
|
||||
environment, the Kolla developers have added a precheck feature which
|
||||
ensures the deployment targets are in a state where Kolla may deploy
|
||||
to them. To run the prechecks, execute:
|
||||
To correct the problem where Operators have a misconfigured environment, the
|
||||
Kolla developers have added a precheck feature which ensures the deployment
|
||||
targets are in a state where Kolla may deploy to them. To run the prechecks,
|
||||
execute:
|
||||
|
||||
::
|
||||
|
||||
kolla-ansible prechecks
|
||||
|
||||
If a failure during deployment occurs it nearly always occurs during
|
||||
evaluation of the software. Once the Operator learns the few
|
||||
configuration options required, it is highly unlikely they will experience
|
||||
a failure in deployment.
|
||||
If a failure during deployment occurs it nearly always occurs during evaluation
|
||||
of the software. Once the Operator learns the few configuration options
|
||||
required, it is highly unlikely they will experience a failure in deployment.
|
||||
|
||||
Deployment may be run as many times as desired, but if a failure in a
|
||||
bootstrap task occurs, a further deploy action will not correct the problem.
|
||||
@ -545,14 +543,14 @@ On each node where OpenStack is deployed run:
|
||||
tools/cleanup-containers
|
||||
tools/cleanup-host
|
||||
|
||||
The Operator will have to copy via scp or some other means the cleanup
|
||||
scripts to the various nodes where the failed containers are located.
|
||||
The Operator will have to copy via scp or some other means the cleanup scripts
|
||||
to the various nodes where the failed containers are located.
|
||||
|
||||
Any time the tags of a release change, it is possible that the container
|
||||
implementation from older versions won't match the Ansible playbooks in
|
||||
a new version. If running multinode from a registry, each node's Docker
|
||||
image cache must be refreshed with the latest images before a new deployment
|
||||
can occur. To refresh the docker cache from the local Docker registry:
|
||||
implementation from older versions won't match the Ansible playbooks in a new
|
||||
version. If running multinode from a registry, each node's Docker image cache
|
||||
must be refreshed with the latest images before a new deployment can occur. To
|
||||
refresh the docker cache from the local Docker registry:
|
||||
|
||||
::
|
||||
|
||||
@ -578,7 +576,7 @@ The logs can be examined by executing:
|
||||
docker exec -it heka bash
|
||||
|
||||
The logs from all services in all containers may be read from
|
||||
/var/log/kolla/SERVICE_NAME
|
||||
``/var/log/kolla/SERVICE_NAME``
|
||||
|
||||
If the stdout logs are needed, please run:
|
||||
|
||||
|
@ -6,9 +6,9 @@ Kolla Security
|
||||
|
||||
Non Root containers
|
||||
===================
|
||||
The OpenStack services, with a few exceptions, run as non root inside of Kolla's
|
||||
containers. Kolla uses the Docker provided USER flag to set the appropriate
|
||||
user for each serivce.
|
||||
The OpenStack services, with a few exceptions, run as non root inside of
|
||||
Kolla's containers. Kolla uses the Docker provided USER flag to set the
|
||||
appropriate user for each serivce.
|
||||
|
||||
SELinux
|
||||
=======
|
||||
@ -31,14 +31,15 @@ address volumes directly by name removing the need for so called **data
|
||||
containers** all together.
|
||||
|
||||
Another solution to the persistent data issue is to use a host bind mount which
|
||||
involves making, for sake of example, host directory ``var/lib/mysql`` available
|
||||
inside the container at ``var/lib/mysql``. This absolutely solves the problem of
|
||||
persistent data, but it introduces another security issue, permissions. With
|
||||
this host bind mount solution the data in ``var/lib/mysql`` will be owned by the
|
||||
mysql user in the container. Unfortunately, that mysql user in the container
|
||||
could have any UID/GID and thats who will own the data outside the container
|
||||
introducing a potential security risk. Additionally, this method dirties the
|
||||
host and requires host permissions to the directories to bind mount.
|
||||
involves making, for sake of example, host directory ``var/lib/mysql``
|
||||
available inside the container at ``var/lib/mysql``. This absolutely solves the
|
||||
problem of persistent data, but it introduces another security issue,
|
||||
permissions. With this host bind mount solution the data in ``var/lib/mysql``
|
||||
will be owned by the mysql user in the container. Unfortunately, that mysql
|
||||
user in the container could have any UID/GID and thats who will own the data
|
||||
outside the container introducing a potential security risk. Additionally, this
|
||||
method dirties the host and requires host permissions to the directories to
|
||||
bind mount.
|
||||
|
||||
The solution Kolla chose is named volumes.
|
||||
|
||||
|
@ -6,11 +6,12 @@ Swift in Kolla
|
||||
|
||||
Overview
|
||||
========
|
||||
Kolla can deploy a full working Swift setup in either a AIO or multi node setup.
|
||||
Kolla can deploy a full working Swift setup in either a **all-in-one** or
|
||||
**multinode** setup.
|
||||
|
||||
Prerequisites
|
||||
=============
|
||||
Before running Swift we need to generate "rings", which are binary compressed
|
||||
Before running Swift we need to generate **rings**, which are binary compressed
|
||||
files that at a high level let the various Swift services know where data is in
|
||||
the cluster. We hope to automate this process in a future release.
|
||||
|
||||
@ -21,7 +22,7 @@ Swift also expects block devices to be available for storage. To prepare a disk
|
||||
for use as Swift storage device, a special partition name and filesystem label
|
||||
need to be added. So that Kolla can detect those disks and mount for services.
|
||||
|
||||
Follow the example below to add 3 disks for an AIO demo setup.
|
||||
Follow the example below to add 3 disks for an **all-in-one** demo setup.
|
||||
|
||||
::
|
||||
|
||||
@ -50,13 +51,13 @@ For evaluation, loopback devices can be used in lieu of real disks:
|
||||
Disks without a partition table
|
||||
===============================
|
||||
|
||||
Kolla also supports unpartitioned disk (filesystem on /dev/sdc instead of
|
||||
/dev/sdc1) detection purely based on filesystem label. This is generally not a
|
||||
recommended practice but can be helpful for Kolla to take over Swift deployment
|
||||
already using disk like this.
|
||||
Kolla also supports unpartitioned disk (filesystem on ``/dev/sdc`` instead of
|
||||
``/dev/sdc1``) detection purely based on filesystem label. This is generally
|
||||
not a recommended practice but can be helpful for Kolla to take over Swift
|
||||
deployment already using disk like this.
|
||||
|
||||
Given hard disks with labels swd1, swd2, swd3, use the following settings in
|
||||
ansible/roles/swift/defaults/main.yml
|
||||
``ansible/roles/swift/defaults/main.yml``.
|
||||
|
||||
::
|
||||
|
||||
@ -66,9 +67,9 @@ ansible/roles/swift/defaults/main.yml
|
||||
Rings
|
||||
=====
|
||||
|
||||
Run following commands locally to generate Rings for AIO demo setup. The
|
||||
commands work with "disks with partition table" example listed above. Please
|
||||
modify accordingly if your setup is different.
|
||||
Run following commands locally to generate Rings for **all-in-one** demo setup.
|
||||
The commands work with **disks with partition table** example listed above.
|
||||
Please modify accordingly if your setup is different.
|
||||
|
||||
::
|
||||
|
||||
@ -122,22 +123,23 @@ modify accordingly if your setup is different.
|
||||
/etc/kolla/config/swift/${ring}.builder rebalance;
|
||||
done
|
||||
|
||||
Similar commands can be used for multinode, you will just need to run the 'add' step for each IP
|
||||
in the cluster.
|
||||
Similar commands can be used for **multinode**, you will just need to run the
|
||||
**add** step for each IP in the cluster.
|
||||
|
||||
For more info, see
|
||||
http://docs.openstack.org/kilo/install-guide/install/apt/content/swift-initial-rings.html
|
||||
|
||||
Deploying
|
||||
=========
|
||||
Enable Swift in /etc/kolla/globals.yml:
|
||||
Enable Swift in ``/etc/kolla/globals.yml``:
|
||||
|
||||
::
|
||||
|
||||
enable_swift : "yes"
|
||||
|
||||
Once the rings are in place, deploying Swift is the same as any other Kolla Ansible service. Below
|
||||
is the minimal command to bring up Swift AIO, and it's dependencies:
|
||||
Once the rings are in place, deploying Swift is the same as any other Kolla
|
||||
Ansible service. Below is the minimal command to bring up Swift **all-in-one**,
|
||||
and it's dependencies:
|
||||
|
||||
::
|
||||
|
||||
|
@ -4,8 +4,8 @@
|
||||
Development Environment with Vagrant
|
||||
====================================
|
||||
|
||||
This guide describes how to use `Vagrant <http://vagrantup.com>`__ to
|
||||
assist in developing for Kolla.
|
||||
This guide describes how to use `Vagrant <http://vagrantup.com>`__ to assist in
|
||||
developing for Kolla.
|
||||
|
||||
Vagrant is a tool to assist in scripted creation of virtual machines. Vagrant
|
||||
takes care of setting up CentOS-based VMs for Kolla development, each with
|
||||
@ -14,26 +14,26 @@ proper hardware like memory amount and number of network interfaces.
|
||||
Getting Started
|
||||
===============
|
||||
|
||||
The Vagrant script implements All-in-One (AIO) or multi-node deployments. AIO
|
||||
is the default.
|
||||
The Vagrant script implements **all-in-one** or **multi-node** deployments.
|
||||
**all-in-one** is the default.
|
||||
|
||||
In the case of multi-node deployment, the Vagrant setup builds a cluster with
|
||||
the following nodes by default:
|
||||
In the case of **multi-node** deployment, the Vagrant setup builds a cluster
|
||||
with the following nodes by default:
|
||||
|
||||
- 3 control nodes
|
||||
- 1 compute node
|
||||
- 1 storage node (Note: ceph requires at least 3 storage nodes)
|
||||
- 1 network node
|
||||
- 1 operator node
|
||||
* 3 control nodes
|
||||
* 1 compute node
|
||||
* 1 storage node (Note: ceph requires at least 3 storage nodes)
|
||||
* 1 network node
|
||||
* 1 operator node
|
||||
|
||||
The cluster node count can be changed by editing the Vagrantfile.
|
||||
|
||||
Kolla runs from the operator node to deploy OpenStack.
|
||||
|
||||
All nodes are connected with each other on the secondary NIC. The
|
||||
primary NIC is behind a NAT interface for connecting with the Internet.
|
||||
The third NIC is connected without IP configuration to a public bridge
|
||||
interface. This may be used for Neutron/Nova to connect to instances.
|
||||
All nodes are connected with each other on the secondary NIC. The primary NIC
|
||||
is behind a NAT interface for connecting with the Internet. The third NIC is
|
||||
connected without IP configuration to a public bridge interface. This may be
|
||||
used for Neutron/Nova to connect to instances.
|
||||
|
||||
Start by downloading and installing the Vagrant package for the distro of
|
||||
choice. Various downloads can be found at the `Vagrant downloads
|
||||
@ -45,12 +45,12 @@ On Fedora 22 it is as easy as::
|
||||
|
||||
On Ubuntu 14.04 it is as easy as::
|
||||
|
||||
sudo apt-get -y install vagrant ruby-dev ruby-libvirt python-libvirt libvirt-dev nfs-kernel-server
|
||||
sudo apt-get install vagrant ruby-dev ruby-libvirt python-libvirt libvirt-dev nfs-kernel-server
|
||||
|
||||
**Note:** Many distros ship outdated versions of Vagrant by default. When in
|
||||
doubt, always install the latest from the downloads page above.
|
||||
|
||||
Next install the hostmanager plugin so all hosts are recorded in /etc/hosts
|
||||
Next install the hostmanager plugin so all hosts are recorded in ``/etc/hosts``
|
||||
(inside each vm)::
|
||||
|
||||
vagrant plugin install vagrant-hostmanager
|
||||
@ -85,7 +85,7 @@ Find a location in the system's home directory and checkout the Kolla repo::
|
||||
|
||||
git clone https://github.com/openstack/kolla.git
|
||||
|
||||
Developers can now tweak the Vagrantfile or bring up the default AIO
|
||||
Developers can now tweak the Vagrantfile or bring up the default **all-in-one**
|
||||
CentOS 7-based environment::
|
||||
|
||||
cd kolla/dev/vagrant && vagrant up
|
||||
@ -97,7 +97,7 @@ Vagrant Up
|
||||
==========
|
||||
|
||||
Once Vagrant has completed deploying all nodes, the next step is to launch
|
||||
Kolla. First, connect with the *operator* node::
|
||||
Kolla. First, connect with the **operator** node::
|
||||
|
||||
vagrant ssh operator
|
||||
|
||||
@ -106,7 +106,7 @@ nodes are configured so they can use this insecure repo to pull from, and use
|
||||
it as a mirror. Ansible may use this registry to pull images from.
|
||||
|
||||
All nodes have a local folder shared between the group and the hypervisor, and
|
||||
a folder shared between *all* nodes and the hypervisor. This mapping is lost
|
||||
a folder shared between **all** nodes and the hypervisor. This mapping is lost
|
||||
after reboots, so make sure to use the command ``vagrant reload <node>`` when
|
||||
reboots are required. Having this shared folder provides a method to supply
|
||||
a different docker binary to the cluster. The shared folder is also used to
|
||||
@ -116,18 +116,18 @@ like ``vagrant destroy``.
|
||||
Building images
|
||||
---------------
|
||||
|
||||
Once logged on the *operator* VM call the ``kolla-build`` utility::
|
||||
Once logged on the **operator** VM call the ``kolla-build`` utility::
|
||||
|
||||
kolla-build
|
||||
|
||||
``kolla-build`` accept arguments as documented in :doc:`image-building`. It
|
||||
builds Docker images and pushes them to the local registry if the *push*
|
||||
builds Docker images and pushes them to the local registry if the **push**
|
||||
option is enabled (in Vagrant this is the default behaviour).
|
||||
|
||||
Deploying OpenStack with Kolla
|
||||
------------------------------
|
||||
|
||||
Deploy AIO with::
|
||||
Deploy **all-in-one** with::
|
||||
|
||||
sudo kolla-ansible deploy
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user