[install] Refactor configuration in IG

* move common prerequisities and configure in the common directory
* remove lock_path from common configuration, only rdo packages need
  it -- debian, obs and ubuntu packages configure it by default
* use trust_domain_name and trust_domain_admin_name instead of id
* update finalize message in obs and rdo IGs
* fix bullet-list in filanize services
* add x509keypair configuration option

Partially-Implements: blueprint projectspecificinstallguides
Partially-Implements: blueprint magnum-installation-guide
Change-Id: I67376938f1a118c2b1f1f7326c14158178ab71ea
This commit is contained in:
Spyros Trigazis 2016-07-19 14:10:17 +02:00
parent ca7977c848
commit f64551489e
7 changed files with 59 additions and 61 deletions

View File

@ -1,4 +1,4 @@
2. Edit the ``/etc/magnum/magnum.conf``:
2. Edit the ``/etc/magnum/magnum.conf`` file:
* In the ``[api]`` section, configure the host:
@ -8,7 +8,7 @@
...
host = controller
* In the ``[certificates]`` section, select ``barbican`` (or ``local`` if
* In the ``[certificates]`` section, select ``barbican`` (or ``x509keypair`` if
you don't have barbican installed):
* Use barbican to store certificates:
@ -21,18 +21,15 @@
.. important::
Barbican is recommended for production environments, local store should
be used for evaluation purposes.
Barbican is recommended for production environments.
* To use local store for certificates, you have to specify the directory
to use:
* To store x509 certificates in magnum's database:
.. code-block:: ini
[certificates]
...
cert_manager_type = local
storage_path = /var/lib/magnum/certificates/
cert_manager_type = x509keypair
* In the ``[cinder_client]`` section, configure the region name:
@ -53,7 +50,7 @@
Replace ``MAGNUM_DBPASS`` with the password you chose for
the magnum database.
* In the ``[keystone_authtoken]`` and ``trust`` sections, configure
* In the ``[keystone_authtoken]`` and ``[trust]`` sections, configure
Identity service access:
.. code-block:: ini
@ -73,24 +70,14 @@
[trust]
...
trustee_domain_id = 66e0469de9c04eda9bc368e001676d20
trustee_domain_admin_id = 529b81cf35094beb9784c6d06c090c2b
trustee_domain_name = magnum
trustee_domain_admin_name = magnum_domain_admin
trustee_domain_admin_password = DOMAIN_ADMIN_PASS
``trustee_domain_id`` is the id of the ``magnum`` domain and
``trustee_domain_admin_id`` is the id of the ``magnum_domain_admin`` user.
Replace MAGNUM_PASS with the password you chose for the magnum user in the
Identity service and DOMAIN_ADMIN_PASS with the password you chose for the
``magnum_domain_admin`` user.
* In the ``[oslo_concurrency]`` section, configure the ``lock_path``:
.. code-block:: ini
[oslo_concurrency]
...
lock_path = /var/lib/magnum/tmp
* In the ``[oslo_messaging_notifications]`` section, configure the
``driver``:
@ -114,25 +101,4 @@
Replace RABBIT_PASS with the password you chose for the openstack account
in RabbitMQ.
.. note::
Make sure that ``/etc/magnum/magnum.conf`` still have the correct
permissions. You can set the permissions again with:
# chown magnum:magnum /etc/magnum/magnum.conf
3. Populate Magnum database:
.. code-block:: console
# su -s /bin/sh -c "magnum-db-manage upgrade" magnum
4. Update heat policy to allow magnum list stacks. Edit your heat policy file,
usually ``/etc/heat/policy.json``:
.. code-block:: ini
...
stacks:global_index: "role:admin",
Now restart heat.

View File

@ -0,0 +1,5 @@
3. Populate Magnum database:
.. code-block:: console
# su -s /bin/sh -c "magnum-db-manage upgrade" magnum

View File

@ -0,0 +1,9 @@
4. Update heat policy to allow magnum list stacks. Edit your heat policy file,
usually ``/etc/heat/policy.json``:
.. code-block:: ini
...
stacks:global_index: "role:admin",
Now restart heat.

View File

@ -92,7 +92,7 @@ html_context = {"gitsha": gitsha, "bug_tag": bug_tag,
# List of patterns, relative to source directory, that match files and
# directories to ignore when looking for source files.
exclude_patterns = ["common_prerequisites.rst", "common_configure.rst"]
exclude_patterns = ["common/*.rst"]
# The reST default role (used for this markup: `text`) to use for all
# documents.

View File

@ -7,7 +7,7 @@ This section describes how to install and configure the Container
Infrastructure Management service for openSUSE Leap 42.1 and SUSE Linux
Enterprise Server 12 SP1.
.. include:: common_prerequisites.rst
.. include:: common/prerequisites.rst
Install and configure components
--------------------------------
@ -18,13 +18,17 @@ Install and configure components
# zypper install openstack-magnum-api openstack-magnum-conductor
.. include:: common_configure.rst
.. include:: common/configure_2_edit_magnum_conf.rst
.. include:: common/configure_3_populate_database.rst
.. include:: common/configure_4_update_heat_policy.rst
Finalize installation
---------------------
#. Start Magnum services and configure them to start when
the system boots:
* Start the Container Infrastructure Management services and configure
them to start when the system boots:
.. code-block:: console

View File

@ -6,7 +6,7 @@ Install and configure for Red Hat Enterprise Linux and CentOS
This section describes how to install and configure the Container
Infrastructure Management service for Red Hat Enterprise Linux 7 and CentOS 7.
.. include:: common_prerequisites.rst
.. include:: common/prerequisites.rst
Install and configure components
--------------------------------
@ -17,13 +17,27 @@ Install and configure components
# yum install openstack-magnum-api openstack-magnum-conductor
.. include:: common_configure.rst
.. include:: common/configure_2_edit_magnum_conf.rst
* Additionally, edit the ``/etc/magnum/magnum.conf`` file:
* In the ``[oslo_concurrency]`` section, configure the ``lock_path``:
.. code-block:: ini
[oslo_concurrency]
...
lock_path = /var/lib/magnum/tmp
.. include:: common/configure_3_populate_database.rst
.. include:: common/configure_4_update_heat_policy.rst
Finalize installation
---------------------
#. Start Magnum services and configure them to start when
the system boots:
* Start the Container Infrastructure Management services and configure
them to start when the system boots:
.. code-block:: console