openstack/magnum
Code Issues Proposed changes
4.1.4
magnum/install-guide/source/common/prerequisites.rst
Spyros Trigazis e160a9fa8c [install] Fix endpoint creation 
Register endpoints using the controller IP and not the controller
alias. Having the endpoints set with the alias doesn't allow compute
instances created by magnum to access magnum's API.

Change-Id: I475ede00123765823cefc47d2e0c75776a2cbc06
2016-12-12 11:54:52 +01:00

192 lines
7.6 KiB
ReStructuredText
Raw Permalink Blame History

Prerequisites
-------------
Before you install and configure the Container Infrastructure Management
service, you must create a database, service credentials, and API endpoints.
#. To create the database, complete these steps:
* Use the database access client to connect to the database
server as the ``root`` user:
.. code-block:: console
$ mysql -u root -p
* Create the ``magnum`` database:
.. code-block:: console
CREATE DATABASE magnum;
* Grant proper access to the ``magnum`` database:
.. code-block:: console
GRANT ALL PRIVILEGES ON magnum.* TO 'magnum'@'controller' \
IDENTIFIED BY 'MAGNUM_DBPASS';
GRANT ALL PRIVILEGES ON magnum.* TO 'magnum'@'%' \
IDENTIFIED BY 'MAGNUM_DBPASS';
Replace ``MAGNUM_DBPASS`` with a suitable password.
* Exit the database access client.
#. Source the ``admin`` credentials to gain access to
admin-only CLI commands:
.. code-block:: console
$ . admin-openrc
#. To create the service credentials, complete these steps:
* Create the ``magnum`` user:
.. code-block:: console
$ openstack user create --domain default \
--password-prompt magnum
User Password:
Repeat User Password:
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | a8ebafc275c54d389dfc1bff8b4fe286 |
| name | magnum |
+-----------+----------------------------------+
* Add the ``admin`` role to the ``magnum`` user:
.. code-block:: console
$ openstack role add --project service --user magnum admin
.. note::
This command provides no output.
* Create the ``magnum`` service entity:
.. code-block:: console
$ openstack service create --name magnum \
--description "OpenStack Container Infrastructure Management Service" \
container-infra
+-------------+-------------------------------------------------------+
| Field | Value |
+-------------+-------------------------------------------------------+
| description | OpenStack Container Infrastructure Management Service |
| enabled | True |
| id | 194faf83e8fd4e028e5ff75d3d8d0df2 |
| name | magnum |
| type | container-infra |
+-------------+-------------------------------------------------------+
#. Create the Container Infrastructure Management service API endpoints:
.. code-block:: console
$ openstack endpoint create --region RegionOne \
container-infra public http://CONTROLLER_IP:9511/v1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | cb137e6366ad495bb521cfe92d8b8858 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 0f7f62a1f1a247d2a4cb237642814d0e |
| service_name | magnum |
| service_type | container-infra |
| url | http://CONTROLLER_IP:9511/v1 |
+--------------+----------------------------------+
$ openstack endpoint create --region RegionOne \
container-infra internal http://CONTROLLER_IP:9511/v1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 17cbc3b6f51449a0a818118d6d62868d |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 0f7f62a1f1a247d2a4cb237642814d0e |
| service_name | magnum |
| service_type | container-infra |
| url | http://CONTROLLER_IP:9511/v1 |
+--------------+----------------------------------+
$ openstack endpoint create --region RegionOne \
container-infra admin http://CONTROLLER_IP:9511/v1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 30f8888e6b6646d7b5cd14354c95a684 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 0f7f62a1f1a247d2a4cb237642814d0e |
| service_name | magnum |
| service_type | container-infra |
| url | http://CONTROLLER_IP:9511/v1 |
+--------------+----------------------------------+
Replace ``CONTROLLER_IP`` with the IP magnum listens to. Alternatively,
you can use a hostname which is reachable by the Compute instances.
#. Magnum requires additional information in the Identity service to
manage COE clusters. To add this information, complete these steps:
* Create the ``magnum`` domain that contains projects and users:
.. code-block:: console
$ openstack domain create --description "Owns users and projects \
created by magnum" magnum
+-------------+-------------------------------------------+
| Field | Value |
+-------------+-------------------------------------------+
| description | Owns users and projects created by magnum |
| enabled | True |
| id | 66e0469de9c04eda9bc368e001676d20 |
| name | magnum |
+-------------+-------------------------------------------+
* Create the ``magnum_domain_admin`` user to manage projects and users
in the ``magnum`` domain:
.. code-block:: console
$ openstack user create --domain magnum --password-prompt \
magnum_domain_admin
User Password:
Repeat User Password:
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | 66e0469de9c04eda9bc368e001676d20 |
| enabled | True |
| id | 529b81cf35094beb9784c6d06c090c2b |
| name | magnum_domain_admin |
+-----------+----------------------------------+
* Add the ``admin`` role to the ``magnum_domain_admin`` user in the
``magnum`` domain to enable administrative management privileges
by the ``magnum_domain_admin`` user:
.. code-block:: console
$ openstack role add --domain magnum --user-domain magnum --user \
magnum_domain_admin admin
.. note::
This command provides no output.
View Git Blame Copy Permalink