[install] Refactor configuration in IG

* move common prerequisities and configure in the common directory
* remove lock_path from common configuration, only rdo packages need
  it -- debian, obs and ubuntu packages configure it by default
* use trust_domain_name and trust_domain_admin_name instead of id
* update finalize message in obs and rdo IGs
* fix bullet-list in filanize services
* add x509keypair configuration option

Partially-Implements: blueprint projectspecificinstallguides
Partially-Implements: blueprint magnum-installation-guide
Change-Id: I67376938f1a118c2b1f1f7326c14158178ab71ea

install-guide/source/common/configure_2_edit_magnum_conf.rst

@@ -1,4 +1,4 @@
-2. Edit the ``/etc/magnum/magnum.conf``:
+2. Edit the ``/etc/magnum/magnum.conf`` file:
 
    * In the ``[api]`` section, configure the host:
 
@@ -8,7 +8,7 @@
         ...
         host = controller
 
-   * In the ``[certificates]`` section, select ``barbican`` (or ``local`` if
+   * In the ``[certificates]`` section, select ``barbican`` (or ``x509keypair`` if
      you don't have barbican installed):
 
      * Use barbican to store certificates:
@@ -21,18 +21,15 @@
 
      .. important::
 
-       Barbican is recommended for production environments, local store should
-       be used for evaluation purposes.
+        Barbican is recommended for production environments.
 
-     * To use local store for certificates, you have to specify the directory
-       to use:
+     * To store x509 certificates in magnum's database:
 
        .. code-block:: ini
 
           [certificates]
           ...
-          cert_manager_type = local
-          storage_path = /var/lib/magnum/certificates/
+          cert_manager_type = x509keypair
 
    * In the ``[cinder_client]`` section, configure the region name:
 
@@ -53,7 +50,7 @@
      Replace ``MAGNUM_DBPASS`` with the password you chose for
      the magnum database.
 
-   * In the ``[keystone_authtoken]`` and ``trust`` sections, configure
+   * In the ``[keystone_authtoken]`` and ``[trust]`` sections, configure
      Identity service access:
 
      .. code-block:: ini
@@ -73,24 +70,14 @@
 
         [trust]
         ...
-        trustee_domain_id = 66e0469de9c04eda9bc368e001676d20
-        trustee_domain_admin_id = 529b81cf35094beb9784c6d06c090c2b
+        trustee_domain_name = magnum
+        trustee_domain_admin_name = magnum_domain_admin
         trustee_domain_admin_password = DOMAIN_ADMIN_PASS
 
-     ``trustee_domain_id`` is the id of the ``magnum`` domain and
-     ``trustee_domain_admin_id`` is the id of the ``magnum_domain_admin`` user.
      Replace MAGNUM_PASS with the password you chose for the magnum user in the
      Identity service and DOMAIN_ADMIN_PASS with the password you chose for the
      ``magnum_domain_admin`` user.
 
-   * In the ``[oslo_concurrency]`` section, configure the ``lock_path``:
-
-     .. code-block:: ini
-
-        [oslo_concurrency]
-        ...
-        lock_path = /var/lib/magnum/tmp
-
    * In the ``[oslo_messaging_notifications]`` section, configure the
      ``driver``:
 
@@ -114,25 +101,4 @@
      Replace RABBIT_PASS with the password you chose for the openstack account
      in RabbitMQ.
 
-   .. note::
 
-      Make sure that ``/etc/magnum/magnum.conf`` still have the correct
-      permissions. You can set the permissions again with:
-
-      # chown magnum:magnum /etc/magnum/magnum.conf
-
-3. Populate Magnum database:
-
-   .. code-block:: console
-
-      # su -s /bin/sh -c "magnum-db-manage upgrade" magnum
-
-4. Update heat policy to allow magnum list stacks. Edit your heat policy file,
-   usually ``/etc/heat/policy.json``:
-
-   .. code-block:: ini
-
-      ...
-      stacks:global_index: "role:admin",
-
-   Now restart heat.

install-guide/source/common/configure_3_populate_database.rst

@@ -0,0 +1,5 @@
+3. Populate Magnum database:
+
+   .. code-block:: console
+
+      # su -s /bin/sh -c "magnum-db-manage upgrade" magnum

install-guide/source/common/configure_4_update_heat_policy.rst

@@ -0,0 +1,9 @@
+4. Update heat policy to allow magnum list stacks. Edit your heat policy file,
+   usually ``/etc/heat/policy.json``:
+
+   .. code-block:: ini
+
+      ...
+      stacks:global_index: "role:admin",
+
+   Now restart heat.

install-guide/source/conf.py

@@ -92,7 +92,7 @@ html_context = {"gitsha": gitsha, "bug_tag": bug_tag,
 
 # List of patterns, relative to source directory, that match files and
 # directories to ignore when looking for source files.
-exclude_patterns = ["common_prerequisites.rst", "common_configure.rst"]
+exclude_patterns = ["common/*.rst"]
 
 # The reST default role (used for this markup: `text`) to use for all
 # documents.

install-guide/source/install-obs.rst

@@ -7,7 +7,7 @@ This section describes how to install and configure the Container
 Infrastructure Management service for openSUSE Leap 42.1 and SUSE Linux
 Enterprise Server 12 SP1.
 
-.. include:: common_prerequisites.rst
+.. include:: common/prerequisites.rst
 
 Install and configure components
 --------------------------------
@@ -18,17 +18,21 @@ Install and configure components
 
       # zypper install openstack-magnum-api openstack-magnum-conductor
 
-.. include:: common_configure.rst
+.. include:: common/configure_2_edit_magnum_conf.rst
+
+.. include:: common/configure_3_populate_database.rst
+
+.. include:: common/configure_4_update_heat_policy.rst
 
 Finalize installation
 ---------------------
 
-#. Start Magnum services and configure them to start when
-   the system boots:
+* Start the Container Infrastructure Management services and configure
+  them to start when the system boots:
 
-   .. code-block:: console
+  .. code-block:: console
 
-      # systemctl enable openstack-magnum-api.service \
-        openstack-magnum-conductor.service
-      # systemctl start openstack-magnum-api.service \
-        openstack-magnum-conductor.service
+     # systemctl enable openstack-magnum-api.service \
+       openstack-magnum-conductor.service
+     # systemctl start openstack-magnum-api.service \
+       openstack-magnum-conductor.service

install-guide/source/install-rdo.rst

@@ -6,7 +6,7 @@ Install and configure for Red Hat Enterprise Linux and CentOS
 This section describes how to install and configure the Container
 Infrastructure Management service for Red Hat Enterprise Linux 7 and CentOS 7.
 
-.. include:: common_prerequisites.rst
+.. include:: common/prerequisites.rst
 
 Install and configure components
 --------------------------------
@@ -17,17 +17,31 @@ Install and configure components
 
       # yum install openstack-magnum-api openstack-magnum-conductor
 
-.. include:: common_configure.rst
+.. include:: common/configure_2_edit_magnum_conf.rst
+
+* Additionally, edit the ``/etc/magnum/magnum.conf`` file:
+
+  * In the ``[oslo_concurrency]`` section, configure the ``lock_path``:
+
+    .. code-block:: ini
+
+       [oslo_concurrency]
+       ...
+       lock_path = /var/lib/magnum/tmp
+
+.. include:: common/configure_3_populate_database.rst
+
+.. include:: common/configure_4_update_heat_policy.rst
 
 Finalize installation
 ---------------------
 
-#. Start Magnum services and configure them to start when
-   the system boots:
+* Start the Container Infrastructure Management services and configure
+  them to start when the system boots:
 
-   .. code-block:: console
+  .. code-block:: console
 
-      # systemctl enable openstack-magnum-api.service \
-        openstack-magnum-conductor.service
-      # systemctl start openstack-magnum-api.service \
-        openstack-magnum-conductor.service
+     # systemctl enable openstack-magnum-api.service \
+       openstack-magnum-conductor.service
+     # systemctl start openstack-magnum-api.service \
+       openstack-magnum-conductor.service