[docs] Merge install guide configure content into a single page
Omitted configure-initial.rst and configure-creds.rst Combined the content of both files to a single configure.rst file. Change-Id: Ie9247adb87fb421b5010bb0a57bb356dee395de9 Closes-Bug: 1622660
This commit is contained in:
Nish Patwa
Alexandra Settle
parent
ecd9c097c1
commit
968d89335e
@ -1,36 +0,0 @@
|
||||
===============================
|
||||
Configuring service credentials
|
||||
===============================
|
||||
|
||||
Configure credentials for each service in the
|
||||
``/etc/openstack_deploy/*_secrets.yml`` files. Consider using `Ansible
|
||||
Vault <http://docs.ansible.com/playbooks_vault.html>`_ to increase
|
||||
security by encrypting any files containing credentials.
|
||||
|
||||
Adjust permissions on these files to restrict access by non-privileged
|
||||
users.
|
||||
|
||||
.. note::
|
||||
|
||||
The following options configure passwords for the web interfaces.
|
||||
|
||||
* ``keystone_auth_admin_password`` configures the ``admin`` tenant
|
||||
password for both the OpenStack API and dashboard access.
|
||||
|
||||
.. note::
|
||||
|
||||
We recommend using the ``pw-token-gen.py`` script to generate random
|
||||
values for the variables in each file that contains service credentials:
|
||||
|
||||
.. code-block:: shell-session
|
||||
|
||||
# cd /opt/openstack-ansible/scripts
|
||||
# python pw-token-gen.py --file /etc/openstack_deploy/user_secrets.yml
|
||||
|
||||
To regenerate existing passwords, add the ``--regen`` flag.
|
||||
|
||||
.. warning::
|
||||
|
||||
The playbooks do not currently manage changing passwords in an existing
|
||||
environment. Changing passwords and re-running the playbooks will fail
|
||||
and may break your OpenStack environment.
|
||||
@ -1,39 +0,0 @@
|
||||
=================================
|
||||
Initial environment configuration
|
||||
=================================
|
||||
|
||||
OpenStack-Ansible depends on various files that are used to build an inventory
|
||||
for Ansible. Start by getting those files into the correct places:
|
||||
|
||||
#. Copy the contents of the
|
||||
``/opt/openstack-ansible/etc/openstack_deploy`` directory to the
|
||||
``/etc/openstack_deploy`` directory.
|
||||
|
||||
.. note::
|
||||
|
||||
As of Newton, the ``env.d`` directory has been moved from this source
|
||||
directory to ``playbooks/inventory/``.
|
||||
|
||||
#. Change to the ``/etc/openstack_deploy`` directory.
|
||||
|
||||
#. Copy the ``openstack_user_config.yml.example`` file to
|
||||
``/etc/openstack_deploy/openstack_user_config.yml``.
|
||||
|
||||
You can review the ``openstack_user_config.yml`` file and make changes
|
||||
to the deployment of your OpenStack environment.
|
||||
|
||||
.. note::
|
||||
|
||||
The file is heavily commented with details about the various options.
|
||||
|
||||
Configuration in ``openstack_user_config.yml`` defines which hosts
|
||||
will run the containers and services deployed by OpenStack-Ansible. For
|
||||
example, hosts listed in the ``shared-infra_hosts`` run containers for many of
|
||||
the shared services that your OpenStack environment requires. Some of these
|
||||
services include databases, memcached, and RabbitMQ. There are several other
|
||||
host types that contain other types of containers and all of these are listed
|
||||
in ``openstack_user_config.yml``.
|
||||
|
||||
For details about how the inventory is generated from the environment
|
||||
configuration, see :ref:`developer-inventory`.
|
||||
|
||||
@ -7,9 +7,7 @@ Configure deployment
|
||||
.. toctree::
|
||||
:maxdepth: 2
|
||||
|
||||
configure-initial.rst
|
||||
configure-user-config-examples.rst
|
||||
configure-creds.rst
|
||||
|
||||
.. figure:: figures/installation-workflow-configure-deployment.png
|
||||
:width: 100%
|
||||
@ -26,3 +24,74 @@ tasks include:
|
||||
Networking (neutron).
|
||||
* Passwords for all services.
|
||||
|
||||
Initial environment configuration
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
OpenStack-Ansible depends on various files that are used to build an inventory
|
||||
for Ansible. Start by getting those files into the correct places:
|
||||
|
||||
#. Copy the contents of the
|
||||
``/opt/openstack-ansible/etc/openstack_deploy`` directory to the
|
||||
``/etc/openstack_deploy`` directory.
|
||||
|
||||
.. note::
|
||||
|
||||
As of Newton, the ``env.d`` directory has been moved from this source
|
||||
directory to ``playbooks/inventory/``.
|
||||
|
||||
#. Change to the ``/etc/openstack_deploy`` directory.
|
||||
|
||||
#. Copy the ``openstack_user_config.yml.example`` file to
|
||||
``/etc/openstack_deploy/openstack_user_config.yml``.
|
||||
|
||||
You can review the ``openstack_user_config.yml`` file and make changes
|
||||
to the deployment of your OpenStack environment.
|
||||
|
||||
.. note::
|
||||
|
||||
The file is heavily commented with details about the various options.
|
||||
|
||||
Configuration in ``openstack_user_config.yml`` defines which hosts
|
||||
will run the containers and services deployed by OpenStack-Ansible. For
|
||||
example, hosts listed in the ``shared-infra_hosts`` run containers for many of
|
||||
the shared services that your OpenStack environment requires. Some of these
|
||||
services include databases, memcached, and RabbitMQ. There are several other
|
||||
host types that contain other types of containers and all of these are listed
|
||||
in ``openstack_user_config.yml``.
|
||||
|
||||
For details about how the inventory is generated from the environment
|
||||
configuration, see :ref:`developer-inventory`.
|
||||
|
||||
Configuring service credentials
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
Configure credentials for each service in the
|
||||
``/etc/openstack_deploy/*_secrets.yml`` files. Consider using `Ansible
|
||||
Vault <http://docs.ansible.com/playbooks_vault.html>`_ to increase
|
||||
security by encrypting any files containing credentials.
|
||||
|
||||
Adjust permissions on these files to restrict access by non-privileged
|
||||
users.
|
||||
|
||||
.. note::
|
||||
|
||||
The following options configure passwords for the web interfaces.
|
||||
|
||||
* ``keystone_auth_admin_password`` configures the ``admin`` tenant
|
||||
password for both the OpenStack API and dashboard access.
|
||||
|
||||
.. note::
|
||||
|
||||
We recommend using the ``pw-token-gen.py`` script to generate random
|
||||
values for the variables in each file that contains service credentials:
|
||||
|
||||
.. code-block:: shell-session
|
||||
|
||||
# cd /opt/openstack-ansible/scripts
|
||||
# python pw-token-gen.py --file /etc/openstack_deploy/user_secrets.yml
|
||||
|
||||
To regenerate existing passwords, add the ``--regen`` flag.
|
||||
|
||||
.. warning::
|
||||
|
||||
The playbooks do not currently manage changing passwords in an existing
|
||||
environment. Changing passwords and re-running the playbooks will fail
|
||||
and may break your OpenStack environment.
|
||||
|
||||
Loading…
Reference in New Issue
Block a user