Merge "Add 'Shared File Systems' to Cloud Admin Guide"
This commit is contained in:
commit
496ea31e9a
@ -24,6 +24,7 @@ Contents
|
|||||||
compute.rst
|
compute.rst
|
||||||
objectstorage.rst
|
objectstorage.rst
|
||||||
blockstorage.rst
|
blockstorage.rst
|
||||||
|
shared_file_systems.rst
|
||||||
networking.rst
|
networking.rst
|
||||||
telemetry.rst
|
telemetry.rst
|
||||||
database.rst
|
database.rst
|
||||||
|
29
doc/admin-guide-cloud/source/shared_file_systems.rst
Normal file
29
doc/admin-guide-cloud/source/shared_file_systems.rst
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
.. _shared_file_systems:
|
||||||
|
|
||||||
|
===================
|
||||||
|
Shared File Systems
|
||||||
|
===================
|
||||||
|
|
||||||
|
Shared File Systems service provides a set of services for management of
|
||||||
|
shared file systems in a multi-tenant cloud environment, similar to how
|
||||||
|
OpenStack provides for block-based storage management through the OpenStack
|
||||||
|
Block Storage service project. With the Shared File Systems service, you can
|
||||||
|
create a remote file system, mount the file system on your instances, and then
|
||||||
|
read and write data from your instances to and from your file system.
|
||||||
|
|
||||||
|
The Shared File Systems service serves same purpose as the Amazon Elastic File
|
||||||
|
System (EFS) does.
|
||||||
|
|
||||||
|
.. toctree::
|
||||||
|
:maxdepth: 1
|
||||||
|
|
||||||
|
shared_file_systems_intro.rst
|
||||||
|
shared_file_systems_key_concepts.rst
|
||||||
|
shared_file_systems_share_management.rst
|
||||||
|
shared_file_systems_share_types.rst
|
||||||
|
shared_file_systems_snapshots.rst
|
||||||
|
shared_file_systems_security_services.rst
|
||||||
|
shared_file_systems_cgroups.rst
|
||||||
|
shared_file_systems_multi_backend.rst
|
||||||
|
shared_file_systems_networking.rst
|
||||||
|
shared_file_systems_troubleshoot.rst
|
313
doc/admin-guide-cloud/source/shared_file_systems_cgroups.rst
Normal file
313
doc/admin-guide-cloud/source/shared_file_systems_cgroups.rst
Normal file
@ -0,0 +1,313 @@
|
|||||||
|
.. _shared_file_systems_cgroups:
|
||||||
|
|
||||||
|
==================
|
||||||
|
Consistency groups
|
||||||
|
==================
|
||||||
|
|
||||||
|
Consistency groups enable you to create snapshots at the exact same point in
|
||||||
|
time from multiple file system shares. For example, a database might place its
|
||||||
|
tables, logs, and configuration on separate shares. To restore this database
|
||||||
|
from a previous point in time, it makes sense to restore the logs, tables, and
|
||||||
|
configuration together from the exact same point in time.
|
||||||
|
|
||||||
|
Shared File system allows you to create a snapshot of the consistency group and
|
||||||
|
restore all shares that were associated with the consistency group by creating
|
||||||
|
a consistency group from a snapshot.
|
||||||
|
|
||||||
|
.. note::
|
||||||
|
The **consistency groups and snapshots** are realized as an
|
||||||
|
**experimental** Shared File Systems API. Contributors can change or remove
|
||||||
|
the experimental part of the Shared File Systems API without maintaining
|
||||||
|
backward compatibility. The experimental API has
|
||||||
|
``"X-OpenStack-Manila-API-Experimental: true"`` header in their HTTP
|
||||||
|
requests.
|
||||||
|
|
||||||
|
Consistency groups
|
||||||
|
------------------
|
||||||
|
|
||||||
|
.. note::
|
||||||
|
Before using consistency groups, make sure the Shared File System driver that
|
||||||
|
you are running has consistency group support. You can check it in the manila
|
||||||
|
scheduler reports. The ``consistency_group_support`` can have such values:
|
||||||
|
|
||||||
|
* ``pool`` or ``host``. Consistency groups are supported. Specifies the
|
||||||
|
level of consistency groups support.
|
||||||
|
|
||||||
|
* ``false``. Consistency groups are not supported.
|
||||||
|
|
||||||
|
Create a new consistency group, specify a share network and one or more share
|
||||||
|
types. In the example a consistency group ``cgroup1`` was created with
|
||||||
|
specifying two comma-separated share types:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila cg-create --name cgroup1 --description "My first CG." --share-types my_type1,default --share-network my_share_net
|
||||||
|
+----------------------+--------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+----------------------+--------------------------------------+
|
||||||
|
| status | creating |
|
||||||
|
| description | My first CG. |
|
||||||
|
| source_cgsnapshot_id | None |
|
||||||
|
| created_at | 2015-09-29T15:01:12.102472 |
|
||||||
|
| share_network_id | 5c3cbabb-f4da-465f-bc7f-fadbe047b85a |
|
||||||
|
| share_server_id | None |
|
||||||
|
| host | None |
|
||||||
|
| project_id | 20787a7ba11946adad976463b57d8a2f |
|
||||||
|
| share_types | a4218aa5-f16a-42b3-945d-113496d40558 |
|
||||||
|
| | c0086582-30a6-4060-b096-a42ec9d66b86 |
|
||||||
|
| id | 6fdd91bc-7a48-48b4-8e40-0f4f98d0ecd6 |
|
||||||
|
| name | cgroup1 |
|
||||||
|
+----------------------+--------------------------------------+
|
||||||
|
|
||||||
|
Check that consistency group is in available status:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila cg-show cgroup1
|
||||||
|
+----------------------+--------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+----------------------+--------------------------------------+
|
||||||
|
| status | available |
|
||||||
|
| description | My first CG. |
|
||||||
|
| source_cgsnapshot_id | None |
|
||||||
|
| created_at | 2015-09-29T15:05:40.000000 |
|
||||||
|
| share_network_id | 5c3cbabb-f4da-465f-bc7f-fadbe047b85a |
|
||||||
|
| share_server_id | None |
|
||||||
|
| host | manila@generic1#GENERIC1 |
|
||||||
|
| project_id | 20787a7ba11946adad976463b57d8a2f |
|
||||||
|
| share_types | c0086582-30a6-4060-b096-a42ec9d66b86 |
|
||||||
|
| | a4218aa5-f16a-42b3-945d-113496d40558 |
|
||||||
|
| id | 6fdd91bc-7a48-48b4-8e40-0f4f98d0ecd6 |
|
||||||
|
| name | cgroup1 |
|
||||||
|
+----------------------+--------------------------------------+
|
||||||
|
|
||||||
|
To add a share to the consistency group you need to create a share with a
|
||||||
|
``--consistency-group`` option where you specify the ID of the consistency
|
||||||
|
group in ``available`` status:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila create nfs 1 --name "Share2" --description "My second share" --share-type default --share-network my_share_net --consistency-group cgroup1
|
||||||
|
+-----------------------------+--------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+-----------------------------+--------------------------------------+
|
||||||
|
| status | None |
|
||||||
|
| share_type_name | default |
|
||||||
|
| description | My second share |
|
||||||
|
| availability_zone | None |
|
||||||
|
| share_network_id | None |
|
||||||
|
| export_locations | [] |
|
||||||
|
| share_server_id | None |
|
||||||
|
| host | None |
|
||||||
|
| snapshot_id | None |
|
||||||
|
| is_public | False |
|
||||||
|
| task_state | None |
|
||||||
|
| snapshot_support | True |
|
||||||
|
| id | 7bcd888b-681b-4836-ac9c-c3add4e62537 |
|
||||||
|
| size | 1 |
|
||||||
|
| name | Share2 |
|
||||||
|
| share_type | c0086582-30a6-4060-b096-a42ec9d66b86 |
|
||||||
|
| created_at | 2015-09-29T15:09:24.156387 |
|
||||||
|
| export_location | None |
|
||||||
|
| share_proto | NFS |
|
||||||
|
| consistency_group_id | 6fdd91bc-7a48-48b4-8e40-0f4f98d0ecd6 |
|
||||||
|
| source_cgsnapshot_member_id | None |
|
||||||
|
| project_id | 20787a7ba11946adad976463b57d8a2f |
|
||||||
|
| metadata | {} |
|
||||||
|
+-----------------------------+--------------------------------------+
|
||||||
|
|
||||||
|
Admin can rename the consistency group or change its description using
|
||||||
|
**manila cg-update** command, or delete it by **manila cg-delete**.
|
||||||
|
|
||||||
|
As an administrator, you can also reset the state of a consistency group and
|
||||||
|
force-delete a specified consistency group in any state. Use the
|
||||||
|
:file:`policy.json` file to grant permissions for these actions to other roles.
|
||||||
|
|
||||||
|
Use **manila cg-reset-state [--state <state>] <consistency_group>** to update
|
||||||
|
the state of a consistency group explicitly. A valid value of a status are
|
||||||
|
``available``, ``error``, ``creating``, ``deleting``, ``error_deleting``.
|
||||||
|
If no state is provided, available will be used.
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila cg-reset-state cgroup1 --state error
|
||||||
|
|
||||||
|
Use **manila cg-delete <consistency_group> [<consistency_group> ...]** to
|
||||||
|
soft-delete one or more consistency group.
|
||||||
|
|
||||||
|
.. note::
|
||||||
|
The consistency group can be deleted only if it has no dependent
|
||||||
|
:ref:`shared_file_systems_cgsnapshots`.
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila cg-delete cgroup1
|
||||||
|
|
||||||
|
Use **manila cg-delete --force <consistency_group> [<consistency_group> ...]**
|
||||||
|
to force-delete a specified consistency group in any state.
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila cg-delete --force cgroup1
|
||||||
|
|
||||||
|
.. _shared_file_systems_cgsnapshots:
|
||||||
|
|
||||||
|
Consistency group snapshots
|
||||||
|
---------------------------
|
||||||
|
|
||||||
|
You can create snapshots of consistency groups. To create a snapshot, you
|
||||||
|
specify the ID or name of the consistency group that you want to snapshot.
|
||||||
|
After you create a consistency group snapshot, you can create a consistency
|
||||||
|
group from it.
|
||||||
|
|
||||||
|
Create a snapshot of consistency group ``cgroup1``:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila cg-snapshot-create cgroup1 --name CG_snapshot1 --description "A snapshot of the first CG."
|
||||||
|
+----------------------+--------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+----------------------+--------------------------------------+
|
||||||
|
| status | creating |
|
||||||
|
| name | CG_snapshot1 |
|
||||||
|
| created_at | 2015-09-29T15:26:16.839704 |
|
||||||
|
| consistency_group_id | 6fdd91bc-7a48-48b4-8e40-0f4f98d0ecd6 |
|
||||||
|
| project_id | 20787a7ba11946adad976463b57d8a2f |
|
||||||
|
| id | 876ad24c-1efd-4607-a2b1-6a2c90034fa5 |
|
||||||
|
| description | A snapshot of the first CG. |
|
||||||
|
+----------------------+--------------------------------------+
|
||||||
|
|
||||||
|
Check the status of created consistency group snapshot:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila cg-snapshot-show CG_snapshot1
|
||||||
|
+----------------------+--------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+----------------------+--------------------------------------+
|
||||||
|
| status | available |
|
||||||
|
| name | CG_snapshot1 |
|
||||||
|
| created_at | 2015-09-29T15:26:22.000000 |
|
||||||
|
| consistency_group_id | 6fdd91bc-7a48-48b4-8e40-0f4f98d0ecd6 |
|
||||||
|
| project_id | 20787a7ba11946adad976463b57d8a2f |
|
||||||
|
| id | 876ad24c-1efd-4607-a2b1-6a2c90034fa5 |
|
||||||
|
| description | A snapshot of the first CG. |
|
||||||
|
+----------------------+--------------------------------------+
|
||||||
|
|
||||||
|
Admin can rename the consistency group snapshot or change its description using
|
||||||
|
**cg-snapshot-update** command, or delete it by **cg-snapshot-delete**.
|
||||||
|
|
||||||
|
A consistency group snapshot can have **members**. The consistency group
|
||||||
|
snapshot members are the shares that belong to some consistency group. To add a
|
||||||
|
member, include the ``--consistency-group`` optional parameter in the create
|
||||||
|
share command. This ID must match the ID of the consistency group from which
|
||||||
|
the consistency group snapshot was created. Then, while restoring data,
|
||||||
|
for example, and operating with consistency group snapshots you can quickly
|
||||||
|
find which shares belong to a specified consistency group.
|
||||||
|
|
||||||
|
You created the share ``Share2`` in ``cgroup1`` consistency group. Since
|
||||||
|
you made a snapshot of it, you can see that the only member of the consistency
|
||||||
|
group snapshot is ``Share2`` share:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila cg-snapshot-members CG_snapshot1
|
||||||
|
+--------------+------+----------------------------+----------------+--------------+--------------+
|
||||||
|
| Id | Size | Created_at | Share_protocol | Share_id | Share_type_id|
|
||||||
|
+--------------+------+----------------------------+----------------+--------------+--------------+
|
||||||
|
| 5c62af2b-... | 1 | 2015-09-29T15:26:22.000000 | NFS | 7bcd888b-... | c0086582-... |
|
||||||
|
+--------------+------+----------------------------+----------------+--------------+--------------+
|
||||||
|
|
||||||
|
After you create a consistency group snapshot, you can create a consistency
|
||||||
|
group from it:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila cg-create --source-cgsnapshot-id 876ad24c-1efd-4607-a2b1-6a2c90034fa5 --name cgroup2 --description "A consistency group from a CG snapshot."
|
||||||
|
+----------------------+-----------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+----------------------+-----------------------------------------+
|
||||||
|
| status | creating |
|
||||||
|
| description | A consistency group from a CG snapshot. |
|
||||||
|
| source_cgsnapshot_id | 876ad24c-1efd-4607-a2b1-6a2c90034fa5 |
|
||||||
|
| created_at | 2015-09-29T15:47:47.937991 |
|
||||||
|
| share_network_id | None |
|
||||||
|
| share_server_id | None |
|
||||||
|
| host | manila@generic1#GENERIC1 |
|
||||||
|
| project_id | 20787a7ba11946adad976463b57d8a2f |
|
||||||
|
| share_types | c0086582-30a6-4060-b096-a42ec9d66b86 |
|
||||||
|
| | a4218aa5-f16a-42b3-945d-113496d40558 |
|
||||||
|
| id | ffee08d9-c86c-45e5-861e-175c731daca2 |
|
||||||
|
| name | cgroup2 |
|
||||||
|
+----------------------+-----------------------------------------+
|
||||||
|
|
||||||
|
Check the list of consistency group. There are two groups now:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila cg-list
|
||||||
|
+-------------------+---------+-----------------------------------------+-----------+
|
||||||
|
| id | name | description | status |
|
||||||
|
+-------------------+---------+-----------------------------------------+-----------+
|
||||||
|
| 6fdd91bc-7a48-... | cgroup1 | My first CG. | available |
|
||||||
|
| ffee08d9-c86c-... | cgroup2 | A consistency group from a CG snapshot. | available |
|
||||||
|
+-------------------+---------+-----------------------------------------+-----------+
|
||||||
|
|
||||||
|
Check a list of the shares. New share with
|
||||||
|
``ba52454e-2ea3-47fa-a683-3176a01295e6`` ID was created when you created a
|
||||||
|
consistency group ``cgroup2`` from a snapshot with a member.
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila list
|
||||||
|
+------+-------+-----+------------+----------+----------+-----------+--------------------------+
|
||||||
|
| ID | Name | Size| Share Proto| Status | Is Public| Share Type| Host |
|
||||||
|
+------+-------+-----+------------+----------+----------+-----------+--------------------------+
|
||||||
|
| 7bc..| Share2| 1 | NFS | available| False | c008658...| manila@generic1#GENERIC1 |
|
||||||
|
| ba5..| None | 1 | NFS | available| False | c008658...| manila@generic1#GENERIC1 |
|
||||||
|
+------+-------+-----+------------+----------+----------+-----------+--------------------------+
|
||||||
|
|
||||||
|
Print detailed information about new share:
|
||||||
|
|
||||||
|
.. note::
|
||||||
|
Pay attention on the ``source_cgsnapshot_member_id`` and
|
||||||
|
``consistency_group_id`` fields in a new share. It has
|
||||||
|
``source_cgsnapshot_member_id`` that is equal to the ID of the consistency
|
||||||
|
group snapshot and ``consistency_group_id`` that is equal to the ID of
|
||||||
|
``cgroup2`` that was created from a snapshot.
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila show ba52454e-2ea3-47fa-a683-3176a01295e6
|
||||||
|
+-----------------------------+---------------------------------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+-----------------------------+---------------------------------------------------------------+
|
||||||
|
| status | available |
|
||||||
|
| share_type_name | default |
|
||||||
|
| description | None |
|
||||||
|
| availability_zone | None |
|
||||||
|
| share_network_id | None |
|
||||||
|
| export_locations | 10.254.0.5:/shares/share-5acadf4d-f81a-4515-b5ce-3ab641ab4d1e |
|
||||||
|
| share_server_id | None |
|
||||||
|
| host | manila@generic1#GENERIC1 |
|
||||||
|
| snapshot_id | None |
|
||||||
|
| is_public | False |
|
||||||
|
| task_state | None |
|
||||||
|
| snapshot_support | True |
|
||||||
|
| id | ba52454e-2ea3-47fa-a683-3176a01295e6 |
|
||||||
|
| size | 1 |
|
||||||
|
| name | None |
|
||||||
|
| share_type | c0086582-30a6-4060-b096-a42ec9d66b86 |
|
||||||
|
| created_at | 2015-09-29T15:47:48.000000 |
|
||||||
|
| share_proto | NFS |
|
||||||
|
| consistency_group_id | ffee08d9-c86c-45e5-861e-175c731daca2 |
|
||||||
|
| source_cgsnapshot_member_id | 5c62af2b-0870-4d00-b3fa-174831eb15ca |
|
||||||
|
| project_id | 20787a7ba11946adad976463b57d8a2f |
|
||||||
|
| metadata | {} |
|
||||||
|
+-----------------------------+---------------------------------------------------------------+
|
||||||
|
|
||||||
|
As an administrator, you can also reset the state of a consistency group
|
||||||
|
snapshot with **cg-snapshot-reset-state** and force-delete a specified
|
||||||
|
consistency group snapshot in any state using **cg-snapshot-delete** with
|
||||||
|
``--force`` key. Use the :file:`policy.json` file to grant permissions for
|
||||||
|
these actions to other roles.
|
510
doc/admin-guide-cloud/source/shared_file_systems_crud_share.rst
Normal file
510
doc/admin-guide-cloud/source/shared_file_systems_crud_share.rst
Normal file
@ -0,0 +1,510 @@
|
|||||||
|
.. _shared_file_systems_crud_share:
|
||||||
|
|
||||||
|
======================
|
||||||
|
Share basic operations
|
||||||
|
======================
|
||||||
|
|
||||||
|
Create share
|
||||||
|
------------
|
||||||
|
|
||||||
|
General concepts **to create file share**, you need to:
|
||||||
|
|
||||||
|
#. To create a share, use :command:`manila create` command and
|
||||||
|
specify the required arguments: the size of the share and the Shared File
|
||||||
|
Systems protocol (``NFS``, ``CIFS``, ``GlusterFS``, or ``HDFS`` are
|
||||||
|
supported).
|
||||||
|
|
||||||
|
#. You can also optionally specify the share network and the share type.
|
||||||
|
|
||||||
|
#. Use the :command:`manila create` command to create a share. This command
|
||||||
|
does the following things:
|
||||||
|
|
||||||
|
* If there is no available share servers, the Shared File Systems service
|
||||||
|
service will launch new instance from service image, attach it to service
|
||||||
|
network and register it as a new share server.
|
||||||
|
|
||||||
|
* Creates new volume of required size and attaches it to the service
|
||||||
|
instance.
|
||||||
|
|
||||||
|
* The NFS service on service instance is configured to use attached volume
|
||||||
|
and expose NFS share.
|
||||||
|
|
||||||
|
#. After share becomes available, use the :command:`manila show` command
|
||||||
|
to get the share endpoint.
|
||||||
|
|
||||||
|
In the example to create a share, the default share type and the
|
||||||
|
existing already share network are used.
|
||||||
|
|
||||||
|
.. note::
|
||||||
|
There is no default share type just after you starting manila as the
|
||||||
|
administrator. See :ref:`shared_file_systems_share_types` to
|
||||||
|
create the default share type. To create a share network, use
|
||||||
|
:ref:`shared_file_systems_share_networks`.
|
||||||
|
|
||||||
|
Check share types that exist, run:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila type-list
|
||||||
|
+------+--------+-----------+-----------+----------------------------------+----------------------+
|
||||||
|
| ID | Name | Visibility| is_default| required_extra_specs | optional_extra_specs |
|
||||||
|
+------+--------+-----------+-----------+----------------------------------+----------------------+
|
||||||
|
| c0...| default| public | YES | driver_handles_share_servers:True| snapshot_support:True|
|
||||||
|
+------+--------+-----------+-----------+----------------------------------+----------------------+
|
||||||
|
|
||||||
|
Check share networks that exist, run:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila share-network-list
|
||||||
|
+--------------------------------------+--------------+
|
||||||
|
| id | name |
|
||||||
|
+--------------------------------------+--------------+
|
||||||
|
| 5c3cbabb-f4da-465f-bc7f-fadbe047b85a | my_share_net |
|
||||||
|
+--------------------------------------+--------------+
|
||||||
|
|
||||||
|
Create a public share with ``my_share_net`` network, ``default``
|
||||||
|
share type, NFS shared file system protocol, and size 1 GB:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila create nfs 1 --name "Share1" --description "My first share" --share-type default --share-network my_share_net --metadata aim=testing --public
|
||||||
|
+-----------------------------+--------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+-----------------------------+--------------------------------------+
|
||||||
|
| status | None |
|
||||||
|
| share_type_name | default |
|
||||||
|
| description | My first share |
|
||||||
|
| availability_zone | None |
|
||||||
|
| share_network_id | None |
|
||||||
|
| export_locations | [] |
|
||||||
|
| share_server_id | None |
|
||||||
|
| host | None |
|
||||||
|
| snapshot_id | None |
|
||||||
|
| is_public | True |
|
||||||
|
| task_state | None |
|
||||||
|
| snapshot_support | True |
|
||||||
|
| id | aca648eb-8c03-4394-a5cc-755066b7eb66 |
|
||||||
|
| size | 1 |
|
||||||
|
| name | Share1 |
|
||||||
|
| share_type | c0086582-30a6-4060-b096-a42ec9d66b86 |
|
||||||
|
| created_at | 2015-09-24T12:19:06.925951 |
|
||||||
|
| export_location | None |
|
||||||
|
| share_proto | NFS |
|
||||||
|
| consistency_group_id | None |
|
||||||
|
| source_cgsnapshot_member_id | None |
|
||||||
|
| project_id | 20787a7ba11946adad976463b57d8a2f |
|
||||||
|
| metadata | {u'aim': u'testing'} |
|
||||||
|
+-----------------------------+--------------------------------------+
|
||||||
|
|
||||||
|
The share also can be created from a share snapshot. For details, see
|
||||||
|
:ref:`shared_file_systems_snapshots`.
|
||||||
|
|
||||||
|
See the share in a share list:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila list
|
||||||
|
+----+-------+-----+------------+-----------+-------------------------------+----------------------+
|
||||||
|
| ID | Name | Size| Share Proto| Share Type| Export location | Host |
|
||||||
|
+----+-------+-----+------------+-----------+-------------------------------+----------------------+
|
||||||
|
| a..| Share1| 1 | NFS | c0086... | 10.254.0.3:/shares/share-2d5..| manila@generic1#GEN..|
|
||||||
|
+----+-------+-----+------------+-----------+-------------------------------+----------------------+
|
||||||
|
|
||||||
|
Check the share status and see the share export location. After ``creating``
|
||||||
|
status share should have status ``available``:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila show Share1
|
||||||
|
+-----------------------------+-------------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+-----------------------------+-------------------------------------------+
|
||||||
|
| status | available |
|
||||||
|
| share_type_name | default |
|
||||||
|
| description | My first share |
|
||||||
|
| availability_zone | nova |
|
||||||
|
| share_network_id | 5c3cbabb-f4da-465f-bc7f-fadbe047b85a |
|
||||||
|
| export_locations | 10.254.0.3:/shares/share-2d5e2c0a-1f84... |
|
||||||
|
| share_server_id | 41b7829d-7f6b-4c96-aea5-d106c2959961 |
|
||||||
|
| host | manila@generic1#GENERIC1 |
|
||||||
|
| snapshot_id | None |
|
||||||
|
| is_public | True |
|
||||||
|
| task_state | None |
|
||||||
|
| snapshot_support | True |
|
||||||
|
| id | aca648eb-8c03-4394-a5cc-755066b7eb66 |
|
||||||
|
| size | 1 |
|
||||||
|
| name | Share1 |
|
||||||
|
| share_type | c0086582-30a6-4060-b096-a42ec9d66b86 |
|
||||||
|
| created_at | 2015-09-24T12:19:06.000000 |
|
||||||
|
| share_proto | NFS |
|
||||||
|
| consistency_group_id | None |
|
||||||
|
| source_cgsnapshot_member_id | None |
|
||||||
|
| project_id | 20787a7ba11946adad976463b57d8a2f |
|
||||||
|
| metadata | {u'aim': u'testing'} |
|
||||||
|
+-----------------------------+-------------------------------------------+
|
||||||
|
|
||||||
|
``is_public`` defines the level of visibility for the share: whether other
|
||||||
|
tenants can or cannot see the share. By default, the share is private.
|
||||||
|
|
||||||
|
Update share
|
||||||
|
------------
|
||||||
|
|
||||||
|
Update the name, or description, or level of visibility for all tenants for
|
||||||
|
the share if you need:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila update Share1 --description "My first share. Updated" --is-public False
|
||||||
|
|
||||||
|
$ manila show Share1
|
||||||
|
+-----------------------------+--------------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+-----------------------------+--------------------------------------------+
|
||||||
|
| status | available |
|
||||||
|
| share_type_name | default |
|
||||||
|
| description | My first share. Updated |
|
||||||
|
| availability_zone | nova |
|
||||||
|
| share_network_id | 5c3cbabb-f4da-465f-bc7f-fadbe047b85a |
|
||||||
|
| export_locations | 10.254.0.3:/shares/share-2d5e2c0a-1f84-... |
|
||||||
|
| share_server_id | 41b7829d-7f6b-4c96-aea5-d106c2959961 |
|
||||||
|
| host | manila@generic1#GENERIC1 |
|
||||||
|
| snapshot_id | None |
|
||||||
|
| is_public | False |
|
||||||
|
| task_state | None |
|
||||||
|
| snapshot_support | True |
|
||||||
|
| id | aca648eb-8c03-4394-a5cc-755066b7eb66 |
|
||||||
|
| size | 1 |
|
||||||
|
| name | Share1 |
|
||||||
|
| share_type | c0086582-30a6-4060-b096-a42ec9d66b86 |
|
||||||
|
| created_at | 2015-09-24T12:19:06.000000 |
|
||||||
|
| share_proto | NFS |
|
||||||
|
| consistency_group_id | None |
|
||||||
|
| source_cgsnapshot_member_id | None |
|
||||||
|
| project_id | 20787a7ba11946adad976463b57d8a2f |
|
||||||
|
| metadata | {u'aim': u'testing'} |
|
||||||
|
+-----------------------------+--------------------------------------------+
|
||||||
|
|
||||||
|
A share can have one of these status values:
|
||||||
|
|
||||||
|
+-----------------------------------+-----------------------------------------+
|
||||||
|
| Status | Description |
|
||||||
|
+===================================+=========================================+
|
||||||
|
| creating | The share is being created. |
|
||||||
|
+-----------------------------------+-----------------------------------------+
|
||||||
|
| deleting | The share is being deleted. |
|
||||||
|
+-----------------------------------+-----------------------------------------+
|
||||||
|
| error | An error occurred during share creation.|
|
||||||
|
+-----------------------------------+-----------------------------------------+
|
||||||
|
| error_deleting | An error occurred during share deletion.|
|
||||||
|
+-----------------------------------+-----------------------------------------+
|
||||||
|
| available | The share is ready to use. |
|
||||||
|
+-----------------------------------+-----------------------------------------+
|
||||||
|
| manage_starting | Share manage started. |
|
||||||
|
+-----------------------------------+-----------------------------------------+
|
||||||
|
| manage_error | Share manage failed. |
|
||||||
|
+-----------------------------------+-----------------------------------------+
|
||||||
|
| unmanage_starting | Share unmanage started. |
|
||||||
|
+-----------------------------------+-----------------------------------------+
|
||||||
|
| unmanage_error | Share cannot be unmanaged. |
|
||||||
|
+-----------------------------------+-----------------------------------------+
|
||||||
|
| unmanaged | Share was unmanaged. |
|
||||||
|
+-----------------------------------+-----------------------------------------+
|
||||||
|
| extending | The extend, or increase, share size |
|
||||||
|
| | request was issued successfully. |
|
||||||
|
+-----------------------------------+-----------------------------------------+
|
||||||
|
| extending_error | Extend share failed. |
|
||||||
|
+-----------------------------------+-----------------------------------------+
|
||||||
|
| shrinking | Share is being shrunk. |
|
||||||
|
+-----------------------------------+-----------------------------------------+
|
||||||
|
| shrinking_error | Failed to update quota on share |
|
||||||
|
| | shrinking. |
|
||||||
|
+-----------------------------------+-----------------------------------------+
|
||||||
|
| shrinking_possible_data_loss_error| Shrink share failed due to possible data|
|
||||||
|
| | loss. |
|
||||||
|
+-----------------------------------+-----------------------------------------+
|
||||||
|
|
||||||
|
.. _share_metadata:
|
||||||
|
|
||||||
|
Share metadata
|
||||||
|
--------------
|
||||||
|
|
||||||
|
If you want to set the metadata key-value pairs on the share, run:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila metadata Share1 set project=my_abc deadline=01/20/16
|
||||||
|
|
||||||
|
Get all metadata key-value pairs of the share:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila metadata-show Share1
|
||||||
|
+----------+----------+
|
||||||
|
| Property | Value |
|
||||||
|
+----------+----------+
|
||||||
|
| aim | testing |
|
||||||
|
| project | my_abc |
|
||||||
|
| deadline | 01/20/16 |
|
||||||
|
+----------+----------+
|
||||||
|
|
||||||
|
You can update the metadata:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila metadata-update-all Share1 deadline=01/30/16
|
||||||
|
+----------+----------+
|
||||||
|
| Property | Value |
|
||||||
|
+----------+----------+
|
||||||
|
| deadline | 01/30/16 |
|
||||||
|
+----------+----------+
|
||||||
|
|
||||||
|
You also can unset the metadata using
|
||||||
|
**manila metadata <share_name> unset <metadata_key(s)>**.
|
||||||
|
|
||||||
|
Reset share state
|
||||||
|
-----------------
|
||||||
|
|
||||||
|
As administrator, you can reset the state of a share.
|
||||||
|
|
||||||
|
Use **manila reset-state [--state <state>] <share>** command to reset share
|
||||||
|
state, where ``state`` indicates which state to assign the share. Options
|
||||||
|
include ``available``, ``error``, ``creating``, ``deleting``,
|
||||||
|
``error_deleting`` states.
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila reset-state Share2 --state deleting
|
||||||
|
|
||||||
|
$ manila show Share2
|
||||||
|
+-----------------------------+-------------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+-----------------------------+-------------------------------------------+
|
||||||
|
| status | deleting |
|
||||||
|
| share_type_name | default |
|
||||||
|
| description | Share from a snapshot. |
|
||||||
|
| availability_zone | nova |
|
||||||
|
| share_network_id | 5c3cbabb-f4da-465f-bc7f-fadbe047b85a |
|
||||||
|
| export_locations | [] |
|
||||||
|
| share_server_id | 41b7829d-7f6b-4c96-aea5-d106c2959961 |
|
||||||
|
| host | manila@generic1#GENERIC1 |
|
||||||
|
| snapshot_id | 962e8126-35c3-47bb-8c00-f0ee37f42ddd |
|
||||||
|
| is_public | False |
|
||||||
|
| task_state | None |
|
||||||
|
| snapshot_support | True |
|
||||||
|
| id | b6b0617c-ea51-4450-848e-e7cff69238c7 |
|
||||||
|
| size | 1 |
|
||||||
|
| name | Share2 |
|
||||||
|
| share_type | c0086582-30a6-4060-b096-a42ec9d66b86 |
|
||||||
|
| created_at | 2015-09-25T06:25:50.000000 |
|
||||||
|
| export_location | 10.254.0.3:/shares/share-1dc2a471-3d47-...|
|
||||||
|
| share_proto | NFS |
|
||||||
|
| consistency_group_id | None |
|
||||||
|
| source_cgsnapshot_member_id | None |
|
||||||
|
| project_id | 20787a7ba11946adad976463b57d8a2f |
|
||||||
|
| metadata | {u'source': u'snapshot'} |
|
||||||
|
+-----------------------------+-------------------------------------------+
|
||||||
|
|
||||||
|
Delete and force-delete share
|
||||||
|
-----------------------------
|
||||||
|
|
||||||
|
You also can force-delete a share.
|
||||||
|
The shares cannot be deleted in transitional states. The transitional
|
||||||
|
states are ``creating``, ``deleting``, ``managing``, ``unmanaging``,
|
||||||
|
``extending``, and ``shrinking`` statuses for the shares. Force-deletion
|
||||||
|
deletes an object in any state. Use the :file:`/etc/manila/policy.json` file to
|
||||||
|
grant permissions for this action to other roles.
|
||||||
|
|
||||||
|
Use **manila delete <share_name_or_ID>** command to delete a specified share:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila delete Share2
|
||||||
|
|
||||||
|
Pay attention that if you specified the consistency group while creating a
|
||||||
|
share (see :ref:`shared_file_systems_cgroups`), you
|
||||||
|
should provide the ``--consistency-group`` parameter to delete the share:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila delete ba52454e-2ea3-47fa-a683-3176a01295e6 --consistency-group ffee08d9-c86c-45e5-861e-175c731daca2
|
||||||
|
|
||||||
|
|
||||||
|
If you try to delete the share in one of the transitional
|
||||||
|
state using soft-deletion you'll get an error:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila delete b6b0617c-ea51-4450-848e-e7cff69238c7
|
||||||
|
Delete for share b6b0617c-ea51-4450-848e-e7cff69238c7 failed: Invalid share: Share status must be one of ('available', 'error', 'inactive'). (HTTP 403) (Request-ID: req-9a77b9a0-17d2-4d97-8a7a-b7e23c27f1fe)
|
||||||
|
ERROR: Unable to delete any of the specified shares.
|
||||||
|
|
||||||
|
A share cannot be deleted in a transitional status, that it why an error from
|
||||||
|
``python-manilaclient`` appeared.
|
||||||
|
|
||||||
|
Print the list of all shares for all tenants:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila list --all-tenants
|
||||||
|
+------+-------+-----+------------+-------+-----------+-----------------------------+-------------+
|
||||||
|
| ID | Name | Size| Share Proto| Status| Share Type| Export location | Host |
|
||||||
|
+------+-------+-----+------------+-------+-----------+-----------------------------+-------------+
|
||||||
|
| aca..| Share1| 1 | NFS | avai..| c008658...| 10.254.0.3:/shares/share-...| manila@gen..|
|
||||||
|
| b6b..| Share2| 1 | NFS | dele..| c008658...| 10.254.0.3:/shares/share-...| manila@gen..|
|
||||||
|
+------+-------+-----+------------+-------+-----------+-----------------------------+-------------+
|
||||||
|
|
||||||
|
Force-delete Share2 and check that it is absent in the list of shares,
|
||||||
|
run:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila force-delete b6b0617c-ea51-4450-848e-e7cff69238c7
|
||||||
|
|
||||||
|
$ manila list
|
||||||
|
+------+-------+-----+------------+-------+-----------+-----------------------------+-------------+
|
||||||
|
| ID | Name | Size| Share Proto| Status| Share Type| Export location | Host |
|
||||||
|
+------+-------+-----+------------+-------+-----------+-----------------------------+-------------+
|
||||||
|
| aca..| Share1| 1 | NFS | avai..| c008658...| 10.254.0.3:/shares/share-...| manila@gen..|
|
||||||
|
+------+-------+-----+------------+-------+-----------+-----------------------------+-------------+
|
||||||
|
|
||||||
|
Manage access to share
|
||||||
|
----------------------
|
||||||
|
|
||||||
|
The Shared File Systems Storage Service allows to grant or deny access to
|
||||||
|
a specified share, and list the permissions for a specified share.
|
||||||
|
|
||||||
|
To grant or deny access to a share, specify one of these supported share
|
||||||
|
access levels:
|
||||||
|
|
||||||
|
- **rw**. Read and write (RW) access. This is the default value.
|
||||||
|
|
||||||
|
- **ro**. Read-only (RO) access.
|
||||||
|
|
||||||
|
You must also specify one of these supported authentication methods:
|
||||||
|
|
||||||
|
- **ip**. Authenticates an instance through its IP address. A valid
|
||||||
|
format is ``XX.XX.XX.XX`` or ``XX.XX.XX.XX/XX``. For example ``0.0.0.0/0``.
|
||||||
|
|
||||||
|
- **cert**. Authenticates an instance through a TLS certificate. Specify the
|
||||||
|
TLS identity as the IDENTKEY. A valid value is any string up to 64 characters
|
||||||
|
long in the common name (CN) of the certificate. The meaning of a string
|
||||||
|
depends on its interpretation.
|
||||||
|
|
||||||
|
- **user**. Authenticates by a specified user or group name. A valid value is
|
||||||
|
an alphanumeric string that can contain some special characters and is from
|
||||||
|
4 to 32 characters long.
|
||||||
|
|
||||||
|
Try to mount NFS share with export path
|
||||||
|
``10.254.0.5:/shares/share-5789ddcf-35c9-4b64-a28a-7f6a4a574b6a`` on the
|
||||||
|
node with IP address ``10.254.0.4``:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ sudo mount -v -t nfs 10.254.0.5:/shares/share-5789ddcf-35c9-4b64-a28a-7f6a4a574b6a /mnt/
|
||||||
|
mount.nfs: timeout set for Tue Oct 6 10:37:23 2015
|
||||||
|
mount.nfs: trying text-based options 'vers=4,addr=10.254.0.5,clientaddr=10.254.0.4'
|
||||||
|
mount.nfs: mount(2): Permission denied
|
||||||
|
mount.nfs: access denied by server while mounting 10.254.0.5:/shares/share-5789ddcf-35c9-4b64-a28a-7f6a4a574b6a
|
||||||
|
|
||||||
|
An error message "Permission denied" appeared, so you are not allowed to mount
|
||||||
|
a share without an access rule. Allow access to the share with ``ip`` access
|
||||||
|
type and ``10.254.0.4`` IP address:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila access-allow Share2 ip 10.254.0.4 --access-level rw
|
||||||
|
+--------------+--------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+--------------+--------------------------------------+
|
||||||
|
| share_id | 7bcd888b-681b-4836-ac9c-c3add4e62537 |
|
||||||
|
| access_type | ip |
|
||||||
|
| access_to | 10.254.0.4 |
|
||||||
|
| access_level | rw |
|
||||||
|
| state | new |
|
||||||
|
| id | de715226-da00-4cfc-b1ab-c11f3393745e |
|
||||||
|
+--------------+--------------------------------------+
|
||||||
|
|
||||||
|
Try to mount a share again. This time it is mounted successfully:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ sudo mount -v -t nfs 10.254.0.5:/shares/share-5789ddcf-35c9-4b64-a28a-7f6a4a574b6a /mnt/
|
||||||
|
|
||||||
|
Since it is allowed node on 10.254.0.4 read and write access, try to create
|
||||||
|
a file on a mounted share:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ cd /mnt
|
||||||
|
$ ls
|
||||||
|
lost+found
|
||||||
|
$ touch my_file.txt
|
||||||
|
|
||||||
|
Connect via SSH to the 10.254.0.5 node and check new file `my_file.txt`
|
||||||
|
in the ``/shares/share-5789ddcf-35c9-4b64-a28a-7f6a4a574b6a`` directory:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ ssh manila@10.254.0.5
|
||||||
|
$ cd /shares
|
||||||
|
$ ls
|
||||||
|
share-5789ddcf-35c9-4b64-a28a-7f6a4a574b6a
|
||||||
|
$ cd share-5789ddcf-35c9-4b64-a28a-7f6a4a574b6a
|
||||||
|
$ ls
|
||||||
|
lost+found my_file.txt
|
||||||
|
|
||||||
|
You have successfully created a file from instance that was given access by
|
||||||
|
its IP address.
|
||||||
|
|
||||||
|
Allow access to the share with ``user`` access type:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila access-allow Share2 user demo --access-level rw
|
||||||
|
+--------------+--------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+--------------+--------------------------------------+
|
||||||
|
| share_id | 7bcd888b-681b-4836-ac9c-c3add4e62537 |
|
||||||
|
| access_type | user |
|
||||||
|
| access_to | demo |
|
||||||
|
| access_level | rw |
|
||||||
|
| state | new |
|
||||||
|
| id | 4f391c6b-fb4f-47f5-8b4b-88c5ec9d568a |
|
||||||
|
+--------------+--------------------------------------+
|
||||||
|
|
||||||
|
.. note::
|
||||||
|
Different share features are supported by different share drivers.
|
||||||
|
For the example hereinabove was used the Generic (Cinder as back-end)
|
||||||
|
driver that doesn't support ``user`` and ``cert`` authentications methods.
|
||||||
|
For details of supporting of features by different drivers, see `Manila
|
||||||
|
share features support mapping
|
||||||
|
<http://docs.openstack.org/developer/manila/devref/share_back_ends_feature
|
||||||
|
_support_mapping.html>`_.
|
||||||
|
|
||||||
|
To verify that the access rules (ACL) were configured correctly for a share,
|
||||||
|
you list permissions for a share:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila access-list Share2
|
||||||
|
+--------------------------------------+-------------+------------+--------------+--------+
|
||||||
|
| id | access type | access to | access level | state |
|
||||||
|
+--------------------------------------+-------------+------------+--------------+--------+
|
||||||
|
| 4f391c6b-fb4f-47f5-8b4b-88c5ec9d568a | user | demo | rw | error |
|
||||||
|
| de715226-da00-4cfc-b1ab-c11f3393745e | ip | 10.254.0.4 | rw | active |
|
||||||
|
+--------------------------------------+-------------+------------+--------------+--------+
|
||||||
|
|
||||||
|
Deny access to the share and check that deleted access rule is absent in the
|
||||||
|
access rule list:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila access-deny Share2 de715226-da00-4cfc-b1ab-c11f3393745e
|
||||||
|
|
||||||
|
$ manila access-list Share2
|
||||||
|
+--------------------------------------+-------------+-----------+--------------+-------+
|
||||||
|
| id | access type | access to | access level | state |
|
||||||
|
+--------------------------------------+-------------+-----------+--------------+-------+
|
||||||
|
| 4f391c6b-fb4f-47f5-8b4b-88c5ec9d568a | user | demo | rw | error |
|
||||||
|
+--------------------------------------+-------------+-----------+--------------+-------+
|
24
doc/admin-guide-cloud/source/shared_file_systems_intro.rst
Normal file
24
doc/admin-guide-cloud/source/shared_file_systems_intro.rst
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
.. _shared_file_systems_intro:
|
||||||
|
|
||||||
|
============
|
||||||
|
Introduction
|
||||||
|
============
|
||||||
|
|
||||||
|
The OpenStack File Share service allows you to offer file-share services to
|
||||||
|
users of an OpenStack installation. The Shared File Systems service can be
|
||||||
|
configured to run in a single-node configuration or across multiple nodes. The
|
||||||
|
Shared File Systems service can be configured to provision shares from one or
|
||||||
|
more back ends, so it is required to declare at least one back end. To
|
||||||
|
administer the Shared File Systems service, it is helpful to understand a
|
||||||
|
number of concepts like share networks, shares, multi-tenancy and back ends
|
||||||
|
that can be configured with the Shared File Systems service. The Shared File
|
||||||
|
Systems service consists of three types of services, which are similar to
|
||||||
|
those of the Block Storage service:
|
||||||
|
|
||||||
|
- ``manila-api``
|
||||||
|
- ``manila-scheduler``
|
||||||
|
- ``manila-share``
|
||||||
|
|
||||||
|
Installation of first two - ``manila-api`` and ``manila-scheduler`` is common
|
||||||
|
for almost all deployments. But configuration of ``manila-share`` is
|
||||||
|
backend-specific and can differ from deployment to deployment.
|
@ -0,0 +1,91 @@
|
|||||||
|
.. _shared_file_systems_key_concepts:
|
||||||
|
|
||||||
|
============
|
||||||
|
Key concepts
|
||||||
|
============
|
||||||
|
|
||||||
|
Share
|
||||||
|
~~~~~
|
||||||
|
|
||||||
|
In the Shared File Systems service ``share`` is the fundamental resource unit
|
||||||
|
allocated by the Shared File System service. It represents an allocation of a
|
||||||
|
persistent, readable, and writable filesystem that can be accessed by
|
||||||
|
OpenStack compute instances, or clients outside of OpenStack (depending on
|
||||||
|
deployment configuration).
|
||||||
|
|
||||||
|
.. note::
|
||||||
|
A ``share`` is an abstract storage object that may or may not directly
|
||||||
|
map to a "share" concept from the underlying storage provider.
|
||||||
|
|
||||||
|
|
||||||
|
Snapshot
|
||||||
|
~~~~~~~~
|
||||||
|
|
||||||
|
A ``snapshot`` is a point-in-time, read-only copy of a ``share``.
|
||||||
|
``Snapshots`` can be created from an existing ``share`` that is operational
|
||||||
|
regardless of whether a client has mounted the file system. A ``snapshot``
|
||||||
|
can serve as the content source for a new ``share`` when the ``share``
|
||||||
|
is created with the create from snapshot option specified.
|
||||||
|
|
||||||
|
Storage Pools
|
||||||
|
~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
With the Kilo release of OpenStack, the Shared File Systems service has
|
||||||
|
introduced the concept of ``storage pools``. The storage may present one or
|
||||||
|
more logical storage resource pools from which the Shared File Systems service
|
||||||
|
will select as a storage location when provisioning ``shares``.
|
||||||
|
|
||||||
|
Share Type
|
||||||
|
~~~~~~~~~~
|
||||||
|
|
||||||
|
``Share type`` is an abstract collection of criteria used to characterize
|
||||||
|
``shares``. They are most commonly used to create a hierarchy of functional
|
||||||
|
capabilities that represent a tiered level of storage services; for example, a
|
||||||
|
cloud administrator might define a premium ``share type`` that indicates a
|
||||||
|
greater level of performance than a basic ``share type``, which would
|
||||||
|
represent a best-effort level of performance.
|
||||||
|
|
||||||
|
|
||||||
|
Share Access Rules
|
||||||
|
~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
``Share access rules`` define which users can access a particular ``share``.
|
||||||
|
For example, access rules can be declared for NFS shares by listing the valid
|
||||||
|
IP networks (using CIDR notation) which should have access to the ``share``.
|
||||||
|
|
||||||
|
Security Services
|
||||||
|
~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
``Security services`` are the concept in the Shared File Systems service that
|
||||||
|
allow Finer-grained client access rules to be declared for authentication or
|
||||||
|
authorization to access ``share`` content. External services including LDAP,
|
||||||
|
Active Directory, Kerberos can be declared as resources that should be
|
||||||
|
consulted when making an access decision to a particular ``share``. ``Shares``
|
||||||
|
can be associated to multiple security services but only one service per one
|
||||||
|
type.
|
||||||
|
|
||||||
|
Share Networks
|
||||||
|
~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
A ``share network`` is an object that defines a relationship between a
|
||||||
|
tenant's network/subnet (as defined in an OpenStack network service (Neutron
|
||||||
|
or Nova-network)) and the ``shares`` created by the same tenant; that is, a
|
||||||
|
tenant may find it desirable to provision ``shares`` such that only instances
|
||||||
|
connected to a particular OpenStack-defined network have access to the
|
||||||
|
``share``. Also, ``security services`` can be attached to ``share networks``,
|
||||||
|
because most of auth protocols require some interaction with network services.
|
||||||
|
|
||||||
|
Share Servers
|
||||||
|
~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
A ``share server`` is a logical entity that hosts the shares that are
|
||||||
|
created on a specific ``share network``. A ``share server`` may be a
|
||||||
|
configuration object within the storage controller, or it may represent
|
||||||
|
logical resources provisioned within an OpenStack deployment that are used to
|
||||||
|
support the data path used to access ``shares``.
|
||||||
|
|
||||||
|
``Share servers`` interact with network services to determine the appropriate
|
||||||
|
IP addresses on which to export ``shares`` according to the related ``share
|
||||||
|
network``. The Shared File Systems service has a pluggable network model that
|
||||||
|
allows ``share servers`` to work with different implementations of Network
|
||||||
|
service.
|
@ -0,0 +1,139 @@
|
|||||||
|
.. _shared_file_systems_manage_and_unmanage_share:
|
||||||
|
|
||||||
|
=========================
|
||||||
|
Manage and unmanage share
|
||||||
|
=========================
|
||||||
|
|
||||||
|
To ``manage`` a share means that an administrator rather than a share driver
|
||||||
|
manages the storage life cycle. This approach is appropriate when an
|
||||||
|
administrator already has the custom non-manila share with its size, Shared
|
||||||
|
File System protocol, export path and so on, and administrator wants to
|
||||||
|
register it in the Shared File System Storage service.
|
||||||
|
|
||||||
|
To ``unmanage`` a share means to unregister a specified share from the Shared
|
||||||
|
File System Storage service. An administrator can manage the custom share back.
|
||||||
|
|
||||||
|
Since with the generic driver, shares are hosted on Compute VMs, in the
|
||||||
|
examples the compute VM is used to create a new host and to create a share
|
||||||
|
hosted on it.
|
||||||
|
|
||||||
|
.. _unmanage_share:
|
||||||
|
|
||||||
|
Unmanage share
|
||||||
|
--------------
|
||||||
|
You can ``unmanage`` share, to take manual control on share life cycle. The
|
||||||
|
``unmanage`` operation is not supported for shares that were created on top of
|
||||||
|
share servers (created with share networks), so share service should have
|
||||||
|
option ``driver_handles_share_servers = False`` in its configuration.
|
||||||
|
You can unmanage a share that has no dependent snapshots.
|
||||||
|
|
||||||
|
To unmanage managed share, run :command:``manila unmanage <share>`` command.
|
||||||
|
Then try to print the information about it. The expected behaviour is that
|
||||||
|
File System Storage service won't find the share:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila unmanage Share3
|
||||||
|
$ manila show Share3
|
||||||
|
ERROR: No share with a name or ID of 'Share3' exists.
|
||||||
|
|
||||||
|
.. _manage_share:
|
||||||
|
|
||||||
|
Manage share
|
||||||
|
------------
|
||||||
|
To register the non-managed share in File System Storage service you need to
|
||||||
|
run :command:``manila manage`` command which has such arguments:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
manila manage [--name <name>] [--description <description>]
|
||||||
|
[--share_type <share-type>]
|
||||||
|
[--driver_options [<key=value> [<key=value> ...]]]
|
||||||
|
<service_host> <protocol> <export_path>
|
||||||
|
|
||||||
|
The positional arguments are:
|
||||||
|
|
||||||
|
- service_host. The manage-share service host in this format:
|
||||||
|
``host@backend#POOL`` which consists of the host name for the back end,
|
||||||
|
the name of the back end and the pool name for the back end.
|
||||||
|
|
||||||
|
- protocol. The Shared File Systems protocol of the share to manage. A valid
|
||||||
|
value is NFS, CIFS, GlusterFS, or HDFS.
|
||||||
|
|
||||||
|
- export_path. The share export path in the format appropriate for the
|
||||||
|
protocol:
|
||||||
|
|
||||||
|
- NFS protocol. 10.0.0.1:/foo_path.
|
||||||
|
|
||||||
|
- CIFS protocol. \\\\10.0.0.1\\foo_name_of_cifs_share.
|
||||||
|
|
||||||
|
|
||||||
|
The ``driver_options`` is an optional set of one or more key and value pairs,
|
||||||
|
that describe driver options. Note that the share type must have
|
||||||
|
``driver_handles_share_servers = False`` option, so special share type named
|
||||||
|
``for_managing`` was used in example.
|
||||||
|
|
||||||
|
To manage share, run:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila manage manila@cannes#CANNES nfs 10.254.0.7:/shares/share-d1a66eed-a724-4cbb-a886-2f97926bd3b3 --name Share --description "We manage share." --share_type for_managing
|
||||||
|
+-----------------------------+---------------------------------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+-----------------------------+---------------------------------------------------------------+
|
||||||
|
| status | manage_starting |
|
||||||
|
| share_type_name | for_managing |
|
||||||
|
| description | We manage share. |
|
||||||
|
| availability_zone | None |
|
||||||
|
| share_network_id | None |
|
||||||
|
| export_locations | [] |
|
||||||
|
| share_server_id | None |
|
||||||
|
| host | manila@cannes#CANNES |
|
||||||
|
| snapshot_id | None |
|
||||||
|
| is_public | False |
|
||||||
|
| task_state | None |
|
||||||
|
| snapshot_support | True |
|
||||||
|
| id | 5c1f644a-6521-4699-b480-b03d17e2d21d |
|
||||||
|
| size | None |
|
||||||
|
| name | Share3 |
|
||||||
|
| share_type | 1eafb65f-1987-44a9-9a98-20af91c95662 |
|
||||||
|
| created_at | 2015-10-01T10:35:52.000000 |
|
||||||
|
| export_location | 10.254.0.7:/shares/share-d1a66eed-a724-4cbb-a886-2f97926bd3b3 |
|
||||||
|
| share_proto | NFS |
|
||||||
|
| consistency_group_id | None |
|
||||||
|
| source_cgsnapshot_member_id | None |
|
||||||
|
| project_id | 20787a7ba11946adad976463b57d8a2f |
|
||||||
|
| metadata | {} |
|
||||||
|
+-----------------------------+---------------------------------------------------------------+
|
||||||
|
|
||||||
|
Check that he share is available:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila show Share
|
||||||
|
+-----------------------------+---------------------------------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+-----------------------------+---------------------------------------------------------------+
|
||||||
|
| status | available |
|
||||||
|
| share_type_name | for_managing |
|
||||||
|
| description | We manage share. |
|
||||||
|
| availability_zone | nova |
|
||||||
|
| share_network_id | None |
|
||||||
|
| export_locations | 10.254.0.7:/shares/share-d1a66eed-a724-4cbb-a886-2f97926bd3b3 |
|
||||||
|
| share_server_id | None |
|
||||||
|
| host | manila@cannes#CANNES |
|
||||||
|
| snapshot_id | None |
|
||||||
|
| is_public | False |
|
||||||
|
| task_state | None |
|
||||||
|
| snapshot_support | True |
|
||||||
|
| id | 5c1f644a-6521-4699-b480-b03d17e2d21d |
|
||||||
|
| size | 1 |
|
||||||
|
| name | Share3 |
|
||||||
|
| share_type | 1eafb65f-1987-44a9-9a98-20af91c95662 |
|
||||||
|
| created_at | 2015-10-01T10:35:52.000000 |
|
||||||
|
| share_proto | NFS |
|
||||||
|
| consistency_group_id | None |
|
||||||
|
| source_cgsnapshot_member_id | None |
|
||||||
|
| project_id | 20787a7ba11946adad976463b57d8a2f |
|
||||||
|
| metadata | {} |
|
||||||
|
+-----------------------------+---------------------------------------------------------------+
|
@ -0,0 +1,64 @@
|
|||||||
|
.. _shared_file_systems_multi_backend:
|
||||||
|
|
||||||
|
.. highlight: ini
|
||||||
|
:linenothreshold: 5
|
||||||
|
|
||||||
|
===========================
|
||||||
|
Multi-storage configuration
|
||||||
|
===========================
|
||||||
|
|
||||||
|
Shared File Systems service can provide access to multiple file storage back
|
||||||
|
ends. In general, workflow with multiple back ends look very similar to Block
|
||||||
|
Storage service one, see :ref:`Configure multiple-storage back ends in
|
||||||
|
Openstack Block Storage service <multi_backend>`.
|
||||||
|
|
||||||
|
Using `manila.conf` you can spawn multiple share services. To do it, you must
|
||||||
|
set the `enabled_share_backends` flag in the `manila.conf` file. This flag
|
||||||
|
defines the names (separated by a comma) of the configuration stanzas for the
|
||||||
|
different back ends: one name is associated to one configuration group for a
|
||||||
|
back end.
|
||||||
|
|
||||||
|
The following example runs three configured share services:
|
||||||
|
|
||||||
|
|
||||||
|
.. code-block:: ini
|
||||||
|
:linenos:
|
||||||
|
|
||||||
|
[DEFAULT]
|
||||||
|
enabled_share_backends=backendEMC1,backendEMC2,backendGeneric1,backendGeneric2,backendNetApp
|
||||||
|
|
||||||
|
[backendGeneric1]
|
||||||
|
share_driver=manila.share.drivers.generic.GenericShareDriver
|
||||||
|
share_backend_name=one_name_for_two_backends
|
||||||
|
service_instance_user=ubuntu_user
|
||||||
|
service_instance_password=ubuntu_user_password
|
||||||
|
service_image_name=ubuntu_image_name
|
||||||
|
path_to_private_key=/home/foouser/.ssh/id_rsa
|
||||||
|
path_to_public_key=/home/foouser/.ssh/id_rsa.pub
|
||||||
|
|
||||||
|
[backendEMC2]
|
||||||
|
share_driver=manila.share.drivers.emc.driver.EMCShareDriver
|
||||||
|
share_backend_name=backendEMC2
|
||||||
|
emc_share_backend=vnx
|
||||||
|
emc_nas_server=1.1.1.1
|
||||||
|
emc_nas_password=password
|
||||||
|
emc_nas_login=user
|
||||||
|
emc_nas_server_container=server_3
|
||||||
|
emc_nas_pool_name="Pool 2"
|
||||||
|
|
||||||
|
[backendNetApp]
|
||||||
|
share_driver = manila.share.drivers.netapp.common.NetAppDriver
|
||||||
|
driver_handles_share_servers = True
|
||||||
|
share_backend_name=backendNetApp
|
||||||
|
netapp_login=user
|
||||||
|
netapp_password=password
|
||||||
|
netapp_server_hostname=1.1.1.1
|
||||||
|
netapp_root_volume_aggregate=aggr01
|
||||||
|
|
||||||
|
To spawn separate groups of share services you can use separate configuration
|
||||||
|
files. If it is necessary to control each back end in separate way, you should
|
||||||
|
provide a single configuration file per each back end.
|
||||||
|
|
||||||
|
.. toctree::
|
||||||
|
shared_file_systems_scheduling.rst
|
||||||
|
shared_file_systems_services_manage.rst
|
@ -0,0 +1,79 @@
|
|||||||
|
.. _shared_file_systems_network_plugins:
|
||||||
|
|
||||||
|
================
|
||||||
|
Network plug-ins
|
||||||
|
================
|
||||||
|
|
||||||
|
The Shared File Systems service architecture defines an abstraction layer for
|
||||||
|
network resource provisioning and allowing administrators to choose from a
|
||||||
|
different options for how network resources are assigned to their tenants’
|
||||||
|
networked storage. There are a set of network plugins that provide a variety
|
||||||
|
of integration approaches with the network services that are available with
|
||||||
|
OpenStack.
|
||||||
|
|
||||||
|
The Shared File Systems service may need a network resource provisioning if
|
||||||
|
share service with specified driver works in mode, when share driver manage
|
||||||
|
life cycle of share servers on its own. This behavior defines by flag
|
||||||
|
``driver_handles_share_servers`` in share service configuration. When
|
||||||
|
``driver_handles_share_servers`` is set to ``True``, a share driver will be
|
||||||
|
called to create share servers for shares using information provided within a
|
||||||
|
share network. This information will be provided to one of the enabled network
|
||||||
|
plugins that will handle reservation, creation and deletion of network
|
||||||
|
resources including IP addresses and network interfaces.
|
||||||
|
|
||||||
|
What network plugins are available?
|
||||||
|
-----------------------------------
|
||||||
|
|
||||||
|
There are three different network plugins and five python classes in Manila:
|
||||||
|
|
||||||
|
1. Network plugin for using the OpenStack networking project `Neutron`. It
|
||||||
|
allows one to use any network segmentation that Neutron supports. It is up
|
||||||
|
to each share driver to support at least one network segmentation type.
|
||||||
|
|
||||||
|
a) ``manila.network.neutron.neutron_network_plugin.NeutronNetworkPlugin``.
|
||||||
|
This is the default network plugin. It requires that ``neutron_net_id``
|
||||||
|
and ``neutron_subnet_id`` are provided when defining the share network
|
||||||
|
that will be used for the creation of share servers. The user may
|
||||||
|
define any number of share networks corresponding to the various
|
||||||
|
physical network segments in a tenant environment.
|
||||||
|
|
||||||
|
b) ``manila.network.neutron.neutron_network_plugin.NeutronSingleNetworkPlug
|
||||||
|
in``. This is a simplification of the previous case. It accepts values
|
||||||
|
for ``neutron_net_id`` and ``neutron_subnet_id`` from the Manila
|
||||||
|
configuration file and uses one network for all shares.
|
||||||
|
|
||||||
|
When only a single network is needed, the NeutronSingleNetworkPlugin (1.b)
|
||||||
|
is a simple solution. Otherwise NeutronNetworkPlugin (1.a) should be chosen.
|
||||||
|
|
||||||
|
2. Network plugin for working with OpenStack networking from `Nova`. It
|
||||||
|
supports either flat networks or VLAN-segmented networks.
|
||||||
|
|
||||||
|
a) ``manila.network.nova_network_plugin.NovaNetworkPlugin``. This plugin
|
||||||
|
serves the networking needs when ``Nova networking`` is configured in
|
||||||
|
the cloud instead of Neutron. It requires a single parameter,
|
||||||
|
``nova_net_id``.
|
||||||
|
|
||||||
|
b) ``manila.network.nova_network_plugin.NovaSingleNetworkPlugin``. This one
|
||||||
|
works in the same way as the previous one with one difference. It takes
|
||||||
|
nova_net_id from the Shared File Systems service configuration file and
|
||||||
|
creates share servers using only one network.
|
||||||
|
|
||||||
|
When only a single network is needed, the NovaSingleNetworkPlugin (2.b) is a
|
||||||
|
simple solution. Otherwise NovaNetworkPlugin (1.a) should be chosen.
|
||||||
|
|
||||||
|
3. Network plugin for specifying networks independently from OpenStack
|
||||||
|
networking services.
|
||||||
|
|
||||||
|
a) ``manila.network.standalone_network_plugin.StandaloneNetworkPlugin``.
|
||||||
|
This plug-in uses a pre-existing network that is available to the
|
||||||
|
manila-share host. This network may be handled either by OpenStack or be
|
||||||
|
created independently by any other means. The plugin supports any type of
|
||||||
|
network - flat and segmented. As above, it is completely up to the driver
|
||||||
|
to support the network type for which the network plugin is configured.
|
||||||
|
|
||||||
|
.. note::
|
||||||
|
|
||||||
|
These network plugins were introduced in the OpenStack Kilo release. In
|
||||||
|
the OpenStack Juno version, only NeutronNetworkPlugin is available.
|
||||||
|
|
||||||
|
More information about network plugins can be found in `Manila developer documentation <http://docs.openstack.org/developer/manila/adminref/network_plugins.html>`_
|
@ -0,0 +1,17 @@
|
|||||||
|
.. _shared_file_systems_networking:
|
||||||
|
|
||||||
|
==========
|
||||||
|
Networking
|
||||||
|
==========
|
||||||
|
|
||||||
|
Instead of OpenStack Block Storage service, Shared File Systems service
|
||||||
|
requires interaction with Networking service. The first of all, it because
|
||||||
|
share services should have a possibility to manage share servers on its own.
|
||||||
|
Also, lots of shared file systems provides have own access control systems and
|
||||||
|
requires network connectivity with some external auth providers, like LDAP,
|
||||||
|
Kerberos, or Microsoft Active Directory. So, management share services base
|
||||||
|
on such back end needs some interacting with Networking service.
|
||||||
|
|
||||||
|
.. toctree::
|
||||||
|
shared_file_systems_share_networks.rst
|
||||||
|
shared_file_systems_network_plugins.rst
|
140
doc/admin-guide-cloud/source/shared_file_systems_quotas.rst
Normal file
140
doc/admin-guide-cloud/source/shared_file_systems_quotas.rst
Normal file
@ -0,0 +1,140 @@
|
|||||||
|
.. _shared_file_systems_quotas:
|
||||||
|
|
||||||
|
=================
|
||||||
|
Quotas and limits
|
||||||
|
=================
|
||||||
|
|
||||||
|
Limits
|
||||||
|
------
|
||||||
|
|
||||||
|
Limits are the resource limitations that are allowed for each tenant (project).
|
||||||
|
An administrator can configure limits in the :file:`/etc/manila/manila.conf`
|
||||||
|
file.
|
||||||
|
|
||||||
|
Users can query their rate and absolute limits.
|
||||||
|
The absolute limits contain information about:
|
||||||
|
|
||||||
|
- Total maximum share memory, in GBs.
|
||||||
|
|
||||||
|
- Total maximum snapshot memory, in GBs.
|
||||||
|
|
||||||
|
- Number of share-networks.
|
||||||
|
|
||||||
|
- Number of share-snapshots.
|
||||||
|
|
||||||
|
- Number of shares.
|
||||||
|
|
||||||
|
- Shares and total used memory, in GBs.
|
||||||
|
|
||||||
|
To see the absolute limits, run:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila absolute-limits
|
||||||
|
+----------------------------+-------+
|
||||||
|
| Name | Value |
|
||||||
|
+----------------------------+-------+
|
||||||
|
| maxTotalShareGigabytes | 1000 |
|
||||||
|
| maxTotalShareNetworks | 10 |
|
||||||
|
| maxTotalShareSnapshots | 50 |
|
||||||
|
| maxTotalShares | 50 |
|
||||||
|
| maxTotalSnapshotGigabytes | 1000 |
|
||||||
|
| totalShareGigabytesUsed | 1 |
|
||||||
|
| totalShareNetworksUsed | 2 |
|
||||||
|
| totalShareSnapshotsUsed | 1 |
|
||||||
|
| totalSharesUsed | 1 |
|
||||||
|
| totalSnapshotGigabytesUsed | 1 |
|
||||||
|
+----------------------------+-------+
|
||||||
|
|
||||||
|
Rate limits control the frequency at which users can issue specific API
|
||||||
|
requests. Administrators use rate limiting to configure limits on the type and
|
||||||
|
number of API calls that can be made in a specific time interval. For example,
|
||||||
|
a rate limit can control the number of GET requests that can be processed
|
||||||
|
during a one-minute period.
|
||||||
|
|
||||||
|
To see the rate limits, run:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila rate-limits
|
||||||
|
|
||||||
|
Quotas
|
||||||
|
------
|
||||||
|
|
||||||
|
Quota sets provide quotas management support.
|
||||||
|
|
||||||
|
To list the quotas for a tenant or user, use **manila quota-show** command.
|
||||||
|
If you specify the optional ``--user`` parameter, you get the quotas for this
|
||||||
|
user in the specified tenant. If you omit this parameter, you get the quotas
|
||||||
|
for the specified project.
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila quota-show --tenant demo --user demo
|
||||||
|
+--------------------+-------+
|
||||||
|
| Property | Value |
|
||||||
|
+--------------------+-------+
|
||||||
|
| gigabytes | 1000 |
|
||||||
|
| snapshot_gigabytes | 1000 |
|
||||||
|
| snapshots | 50 |
|
||||||
|
| shares | 50 |
|
||||||
|
| share_networks | 10 |
|
||||||
|
+--------------------+-------+
|
||||||
|
|
||||||
|
There are default quotas for a project that are set from
|
||||||
|
:file:`/etc/manila/manila.conf` file. To list default quotas for a project, use
|
||||||
|
**manila quota-defaults** command:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila quota-defaults --tenant demo
|
||||||
|
+--------------------+-------+
|
||||||
|
| Property | Value |
|
||||||
|
+--------------------+-------+
|
||||||
|
| gigabytes | 1000 |
|
||||||
|
| snapshot_gigabytes | 1000 |
|
||||||
|
| snapshots | 50 |
|
||||||
|
| shares | 50 |
|
||||||
|
| share_networks | 10 |
|
||||||
|
+--------------------+-------+
|
||||||
|
|
||||||
|
Administrator can update the quotas for a specified tenant or for a specified
|
||||||
|
user by providing both ``--tenant`` and ``--user`` optional arguments.
|
||||||
|
It is possible to update ``snapshots``, ``gigabytes``, ``snapshot-gigabytes``,
|
||||||
|
and ``share-networks`` quotas.
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila quota-update demo --user demo --shares 49 --snapshots 49
|
||||||
|
|
||||||
|
As administrator, you can also permit or deny the force-update of a quota that
|
||||||
|
is already used and the requested value exceeds the configured quota. To
|
||||||
|
force-update a quota, use ``force`` optional key.
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila quota-update demo --shares 51 --snapshots 51 --force
|
||||||
|
|
||||||
|
To revert quotas to default for a project or for a user, delete quotas:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila quota-delete --tenant demo --user demo
|
||||||
|
|
||||||
|
It is possible to set quotas for a quota class and then check that the quotas
|
||||||
|
were updated:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila quota-class-update my_custom_class --shares 49 --snapshot_gigabytes 999
|
||||||
|
|
||||||
|
$ manila quota-class-show my_custom_class
|
||||||
|
+--------------------+-------+
|
||||||
|
| Property | Value |
|
||||||
|
+--------------------+-------+
|
||||||
|
| gigabytes | 1000 |
|
||||||
|
| snapshot_gigabytes | 999 |
|
||||||
|
| snapshots | 50 |
|
||||||
|
| shares | 49 |
|
||||||
|
| share_networks | 10 |
|
||||||
|
+--------------------+-------+
|
@ -0,0 +1,32 @@
|
|||||||
|
.. _shared_file_systems_scheduling:
|
||||||
|
|
||||||
|
==========
|
||||||
|
Scheduling
|
||||||
|
==========
|
||||||
|
|
||||||
|
Shared File Systems service provides unified access for variety of different
|
||||||
|
types of shared file systems. To achieve this, Shared File Systems service
|
||||||
|
use scheduler. Scheduler collects information from active share services and
|
||||||
|
take decisions, what share service will be used to create new share. To manage
|
||||||
|
this process Shared File Systems service provides Share types API.
|
||||||
|
|
||||||
|
Share type is a list from key-value pairs called extra-specs. Some of them,
|
||||||
|
called required and un-scoped extra-specs, scheduler uses for lookup the
|
||||||
|
share service suitable for new share with specified share type. For more
|
||||||
|
information about extra-specs and their type see `Capabilities and Extra-Specs
|
||||||
|
<http://docs.openstack.org/developer/manila/devref/capabilities_and_extra_spec
|
||||||
|
s.html>`_ section in developer documentation.
|
||||||
|
|
||||||
|
In general scheduler workflow looks like:
|
||||||
|
|
||||||
|
1) Share services report information about number of existed pools, their
|
||||||
|
capacities and capabilities.
|
||||||
|
|
||||||
|
2) When request on share creation comes in, scheduler picks a service and pool
|
||||||
|
that fits the need best to serve the request, using share type filters and
|
||||||
|
back end capabilities. If back end capabilities passes thought all filters
|
||||||
|
request to the selected back end where the target pool resides;
|
||||||
|
|
||||||
|
3) Share driver gets the message and lets the target pool serve the request
|
||||||
|
as scheduler instructed. Share type extra-specs (scoped and un-scoped)
|
||||||
|
are available for the driver implementation to use as-needed.
|
@ -0,0 +1,181 @@
|
|||||||
|
.. _shared_file_systems_security_services:
|
||||||
|
|
||||||
|
=================
|
||||||
|
Security services
|
||||||
|
=================
|
||||||
|
|
||||||
|
A security service stores configuration information for clients for
|
||||||
|
authentication and authorization (AuthN/AuthZ). For example, a share server
|
||||||
|
will be the client for an existing service such as LDAP, Kerberos, or
|
||||||
|
Microsoft Active Directory.
|
||||||
|
|
||||||
|
You can associate a share with from one to three security service types:
|
||||||
|
|
||||||
|
- ``ldap``. LDAP.
|
||||||
|
|
||||||
|
- ``kerberos``. Kerberos.
|
||||||
|
|
||||||
|
- ``active_directory``. Microsoft Active Directory.
|
||||||
|
|
||||||
|
You can configure a security service with these options:
|
||||||
|
|
||||||
|
- A DNS IP address.
|
||||||
|
|
||||||
|
- An IP address or host name.
|
||||||
|
|
||||||
|
- A domain.
|
||||||
|
|
||||||
|
- A user or group name.
|
||||||
|
|
||||||
|
- The password for the user, if you specify a user name.
|
||||||
|
|
||||||
|
The security service can be added to the
|
||||||
|
:ref:`share network <shared_file_systems_share_networks>`.
|
||||||
|
|
||||||
|
To create a security service, specify the security service type and optionally
|
||||||
|
name, description of a security service, DNS IP address used inside tenant's
|
||||||
|
network, security service IP address or hostname, domain, security service user
|
||||||
|
or group used by tenant, a password of user.
|
||||||
|
|
||||||
|
Create a ``ldap`` security service:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila security-service-create ldap --dns-ip 8.8.8.8 --server 10.254.0.3 --name my_ldap_security_service
|
||||||
|
+-------------+--------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+-------------+--------------------------------------+
|
||||||
|
| status | new |
|
||||||
|
| domain | None |
|
||||||
|
| password | None |
|
||||||
|
| name | my_ldap_security_service |
|
||||||
|
| dns_ip | 8.8.8.8 |
|
||||||
|
| created_at | 2015-09-25T10:19:06.019527 |
|
||||||
|
| updated_at | None |
|
||||||
|
| server | 10.254.0.3 |
|
||||||
|
| user | None |
|
||||||
|
| project_id | 20787a7ba11946adad976463b57d8a2f |
|
||||||
|
| type | ldap |
|
||||||
|
| id | 413479b2-0d20-4c58-a9d3-b129fa592d8e |
|
||||||
|
| description | None |
|
||||||
|
+-------------+--------------------------------------+
|
||||||
|
|
||||||
|
To create ``kerberos`` security service, run:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila security-service-create kerberos --server 10.254.0.3 --user demo --password secret --name my_kerberos_security_service --description "Kerberos security service"
|
||||||
|
+-------------+--------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+-------------+--------------------------------------+
|
||||||
|
| status | new |
|
||||||
|
| domain | None |
|
||||||
|
| password | secret |
|
||||||
|
| name | my_kerberos_security_service |
|
||||||
|
| dns_ip | None |
|
||||||
|
| created_at | 2015-09-25T10:26:03.211849 |
|
||||||
|
| updated_at | None |
|
||||||
|
| server | 10.254.0.3 |
|
||||||
|
| user | demo |
|
||||||
|
| project_id | 20787a7ba11946adad976463b57d8a2f |
|
||||||
|
| type | kerberos |
|
||||||
|
| id | 7f46a447-2534-453d-924d-bd7c8e63bbec |
|
||||||
|
| description | Kerberos security service |
|
||||||
|
+-------------+--------------------------------------+
|
||||||
|
|
||||||
|
To see the list of created security service use
|
||||||
|
**manila security-service-list**:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila security-service-list
|
||||||
|
+--------------------------------------+------------------------------+--------+----------+
|
||||||
|
| id | name | status | type |
|
||||||
|
+--------------------------------------+------------------------------+--------+----------+
|
||||||
|
| 413479b2-0d20-4c58-a9d3-b129fa592d8e | my_ldap_security_service | new | ldap |
|
||||||
|
| 7f46a447-2534-453d-924d-bd7c8e63bbec | my_kerberos_security_service | new | kerberos |
|
||||||
|
+--------------------------------------+------------------------------+--------+----------+
|
||||||
|
|
||||||
|
You can add a security service to the existing
|
||||||
|
:ref:`share network <shared_file_systems_share_networks>` that is not used yet
|
||||||
|
(is not associated with a share).
|
||||||
|
|
||||||
|
Add a security service to the share network with
|
||||||
|
**share-network-security-service-add** specifying share network, security
|
||||||
|
service and print the information about the security service. You can see
|
||||||
|
new attribute ``share_networks`` with associated share network ID.
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila share-network-security-service-add share_net2 my_ldap_security_service
|
||||||
|
|
||||||
|
$ manila security-service-show my_ldap_security_service
|
||||||
|
+----------------+-------------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+----------------+-------------------------------------------+
|
||||||
|
| status | new |
|
||||||
|
| domain | None |
|
||||||
|
| password | None |
|
||||||
|
| name | my_ldap_security_service |
|
||||||
|
| dns_ip | 8.8.8.8 |
|
||||||
|
| created_at | 2015-09-25T10:19:06.000000 |
|
||||||
|
| updated_at | None |
|
||||||
|
| server | 10.254.0.3 |
|
||||||
|
| share_networks | [u'6d36c41f-d310-4aff-a0c2-ffd870e91cab'] |
|
||||||
|
| user | None |
|
||||||
|
| project_id | 20787a7ba11946adad976463b57d8a2f |
|
||||||
|
| type | ldap |
|
||||||
|
| id | 413479b2-0d20-4c58-a9d3-b129fa592d8e |
|
||||||
|
| description | None |
|
||||||
|
+----------------+-------------------------------------------+
|
||||||
|
|
||||||
|
It is possible to see the list of security services associated with
|
||||||
|
given share network. List security services for ``share_net2`` share network:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila share-network-security-service-list share_net2
|
||||||
|
+--------------------------------------+--------------------------+--------+------+
|
||||||
|
| id | name | status | type |
|
||||||
|
+--------------------------------------+--------------------------+--------+------+
|
||||||
|
| 413479b2-0d20-4c58-a9d3-b129fa592d8e | my_ldap_security_service | new | ldap |
|
||||||
|
+--------------------------------------+--------------------------+--------+------+
|
||||||
|
|
||||||
|
You also can dissociate a security service from the share network
|
||||||
|
and see that a security service now has empty list of share networks:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila share-network-security-service-remove share_net2 my_ldap_security_service
|
||||||
|
|
||||||
|
$ manila security-service-show my_ldap_security_service
|
||||||
|
+----------------+--------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+----------------+--------------------------------------+
|
||||||
|
| status | new |
|
||||||
|
| domain | None |
|
||||||
|
| password | None |
|
||||||
|
| name | my_ldap_security_service |
|
||||||
|
| dns_ip | 8.8.8.8 |
|
||||||
|
| created_at | 2015-09-25T10:19:06.000000 |
|
||||||
|
| updated_at | None |
|
||||||
|
| server | 10.254.0.3 |
|
||||||
|
| share_networks | [] |
|
||||||
|
| user | None |
|
||||||
|
| project_id | 20787a7ba11946adad976463b57d8a2f |
|
||||||
|
| type | ldap |
|
||||||
|
| id | 413479b2-0d20-4c58-a9d3-b129fa592d8e |
|
||||||
|
| description | None |
|
||||||
|
+----------------+--------------------------------------+
|
||||||
|
|
||||||
|
Shared File Systems Storage allows you to update a security service fields
|
||||||
|
using **manila security-service-update** command with optional arguments
|
||||||
|
such as ``--dns-ip``, ``--server``, ``--domain``, ``--user``, ``--password``,
|
||||||
|
``--name``, or ``--description``.
|
||||||
|
|
||||||
|
To remove a security service, that is not assosiated with any share networks,
|
||||||
|
run:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila security-service-delete my_ldap_security_service
|
@ -0,0 +1,15 @@
|
|||||||
|
.. _shared_file_systems_services_manage.rst:
|
||||||
|
|
||||||
|
======================
|
||||||
|
Manage shares services
|
||||||
|
======================
|
||||||
|
|
||||||
|
The Shared File Systems service provides API allows to Cloud Administrator
|
||||||
|
manage running share services (`Share services API
|
||||||
|
<http://developer.openstack.org/api-ref-share-v2.html#share-services>`_).
|
||||||
|
It hasn't exposed in CLI client yet. Using raw API calls, it is possible
|
||||||
|
to get list of running services all kinds. To select only share services,
|
||||||
|
you can pick items only have field ``binary`` equals to ``manila-share``.
|
||||||
|
Aslo, you can enable and disable share services. Disabling means that share
|
||||||
|
service excludes from scheduler cycle and new shares will not be placed on
|
||||||
|
disabled back end, but shares from this service stay available.
|
@ -0,0 +1,39 @@
|
|||||||
|
.. _shared_file_systems_share_management:
|
||||||
|
|
||||||
|
================
|
||||||
|
Share management
|
||||||
|
================
|
||||||
|
|
||||||
|
The default configuration of the Shared File Systems service uses the OpenStack
|
||||||
|
Block Storage based back end. In that case, the Shared File Systems service
|
||||||
|
cares about everything (VMs, networking, keypairs, security groups) by itself.
|
||||||
|
It is not production solution, but can help you to understand how the Shared
|
||||||
|
File Systems service works.
|
||||||
|
|
||||||
|
A share is a remote, mountable file system. You can mount a share to and access
|
||||||
|
a share from several hosts by several users at a time.
|
||||||
|
|
||||||
|
You can create a share and associate it with a network, list shares, and show
|
||||||
|
information for, update, and delete a specified share.
|
||||||
|
You can also create snapshots of shares. To create a snapshot, you specify the
|
||||||
|
ID of the share that you want to snapshot.
|
||||||
|
|
||||||
|
The shares are based on of the supported Shared File Systems protocols:
|
||||||
|
|
||||||
|
* *NFS*. Network File System (NFS).
|
||||||
|
* *CIFS*. Common Internet File System (CIFS).
|
||||||
|
* *GLUSTERFS*. Gluster file system (GlusterFS).
|
||||||
|
* *HDFS*. Hadoop Distributed File System (HDFS).
|
||||||
|
|
||||||
|
.. note::
|
||||||
|
|
||||||
|
The Shared File Systems service provides set of drivers that enable you to
|
||||||
|
use various network file storage devices, instead of the base
|
||||||
|
implementation. That is the real purpose of the Shared File Systems service
|
||||||
|
service in production.
|
||||||
|
|
||||||
|
.. toctree::
|
||||||
|
shared_file_systems_crud_share.rst
|
||||||
|
shared_file_systems_manage_and_unmanage_share.rst
|
||||||
|
shared_file_systems_share_resize.rst
|
||||||
|
shared_file_systems_quotas.rst
|
@ -0,0 +1,139 @@
|
|||||||
|
.. _shared_file_systems_share_networks:
|
||||||
|
|
||||||
|
==============
|
||||||
|
Share networks
|
||||||
|
==============
|
||||||
|
|
||||||
|
Share network is an entity that encapsulates interaction with Networking
|
||||||
|
service. If selected driver runs in mode requiring such kind of interaction,
|
||||||
|
you need to specify share network when share creates.
|
||||||
|
|
||||||
|
How to create share network
|
||||||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
List networks in a tenant, run:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ neutron net-list
|
||||||
|
+--------------+---------+---------------------------------------+
|
||||||
|
| id | name | subnets |
|
||||||
|
+--------------+---------+---------------------------------------+
|
||||||
|
| bee7411d-... | public | 884a6564-0f11-... 2001:db8::/64 |
|
||||||
|
| | | e6da81fa-5d5f-... 172.24.4.0/24 |
|
||||||
|
| 5ed5a854-... | private | 74dcfb5a-b4d7-... 10.0.0.0/24 |
|
||||||
|
| | | cc297be2-5213-... fd7d:177d:a48b::/64 |
|
||||||
|
+--------------+---------+---------------------------------------+
|
||||||
|
|
||||||
|
A share network stores network information that share servers can use where
|
||||||
|
shares are hosted. You can associate a share with a single share network.
|
||||||
|
When you create or update a share, you can optionally specify the ID of a share
|
||||||
|
network through which instances can access the share.
|
||||||
|
|
||||||
|
When you create a share network, you can specify only one type of network:
|
||||||
|
|
||||||
|
- OpenStack Networking (neutron). Specify a network ID and subnet ID.
|
||||||
|
In this case ``manila.network.nova_network_plugin.NeutronNetworkPlugin``
|
||||||
|
will be used.
|
||||||
|
|
||||||
|
- Legacy networking (nova-network). Specify a network ID.
|
||||||
|
In this case ``manila.network.nova_network_plugin.NoveNetworkPlugin``
|
||||||
|
will be used.
|
||||||
|
|
||||||
|
For more information about supported plug-ins for share networks, see
|
||||||
|
:ref:`shared_file_systems_network_plugins`.
|
||||||
|
|
||||||
|
A share network has these attributes:
|
||||||
|
|
||||||
|
- The IP block in Classless Inter-Domain Routing (CIDR) notation from which to
|
||||||
|
allocate the network.
|
||||||
|
|
||||||
|
- The IP version of the network.
|
||||||
|
|
||||||
|
- The network type, which is `vlan`, `vxlan`, `gre`, `flat`, or `local`.
|
||||||
|
|
||||||
|
If the network uses segmentation, a segmentation identifier. For example, VLAN,
|
||||||
|
VXLAN, and GRE networks use segmentation.
|
||||||
|
|
||||||
|
To create a share network with private network and subnetwork, run:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila share-network-create --neutron-net-id 5ed5a854-21dc-4ed3-870a-117b7064eb21 --neutron-subnet-id 74dcfb5a-b4d7-4855-86f5-a669729428dc --name my_share_net --description "My first share network"
|
||||||
|
+-------------------+--------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+-------------------+--------------------------------------+
|
||||||
|
| name | my_share_net |
|
||||||
|
| segmentation_id | None |
|
||||||
|
| created_at | 2015-09-24T12:06:32.602174 |
|
||||||
|
| neutron_subnet_id | 74dcfb5a-b4d7-4855-86f5-a669729428dc |
|
||||||
|
| updated_at | None |
|
||||||
|
| network_type | None |
|
||||||
|
| neutron_net_id | 5ed5a854-21dc-4ed3-870a-117b7064eb21 |
|
||||||
|
| ip_version | None |
|
||||||
|
| nova_net_id | None |
|
||||||
|
| cidr | None |
|
||||||
|
| project_id | 20787a7ba11946adad976463b57d8a2f |
|
||||||
|
| id | 5c3cbabb-f4da-465f-bc7f-fadbe047b85a |
|
||||||
|
| description | My first share network |
|
||||||
|
+-------------------+--------------------------------------+
|
||||||
|
|
||||||
|
The ``segmentation_id``, ``cidr``, ``ip_version``, and ``network_type``
|
||||||
|
share network attributes are automatically set to the values determined by the
|
||||||
|
network provider.
|
||||||
|
|
||||||
|
Check network list, run:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila share-network-list
|
||||||
|
+--------------------------------------+--------------+
|
||||||
|
| id | name |
|
||||||
|
+--------------------------------------+--------------+
|
||||||
|
| 5c3cbabb-f4da-465f-bc7f-fadbe047b85a | my_share_net |
|
||||||
|
+--------------------------------------+--------------+
|
||||||
|
|
||||||
|
If you configured the Generic driver with ``driver_handles_share_servers =
|
||||||
|
True`` (with the share servers) and had already some operations in the Shared
|
||||||
|
File Systems service, you can see ``manila_service_network`` in the neutron
|
||||||
|
list of networks. This network was created by Generic driver for inner usage.
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ neutron net-list
|
||||||
|
+--------------+------------------------+------------------------------------+
|
||||||
|
| id | name | subnets |
|
||||||
|
+--------------+------------------------+------------------------------------+
|
||||||
|
| 3b5a629a-e...| manila_service_network | 4f366100-50... 10.254.0.0/28 |
|
||||||
|
| bee7411d-d...| public | 884a6564-01... 2001:db8::/64 |
|
||||||
|
| | | e6da81fa-55... 172.24.4.0/24 |
|
||||||
|
| 5ed5a854-2...| private | 74dcfb5a-bd... 10.0.0.0/24 |
|
||||||
|
| | | cc297be2-51... fd7d:177d:a48b::/64 |
|
||||||
|
+--------------+------------------------+------------------------------------+
|
||||||
|
|
||||||
|
You also can see detailed information about the share network including
|
||||||
|
``network_type``, ``segmentation_id`` fields:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ neutron net-show manila_service_network
|
||||||
|
+---------------------------+--------------------------------------+
|
||||||
|
| Field | Value |
|
||||||
|
+---------------------------+--------------------------------------+
|
||||||
|
| admin_state_up | True |
|
||||||
|
| id | 3b5a629a-e7a1-46a3-afb2-ab666fb884bc |
|
||||||
|
| mtu | 0 |
|
||||||
|
| name | manila_service_network |
|
||||||
|
| port_security_enabled | True |
|
||||||
|
| provider:network_type | vxlan |
|
||||||
|
| provider:physical_network | |
|
||||||
|
| provider:segmentation_id | 1068 |
|
||||||
|
| router:external | False |
|
||||||
|
| shared | False |
|
||||||
|
| status | ACTIVE |
|
||||||
|
| subnets | 4f366100-5108-4fa2-b5b1-989a121c1403 |
|
||||||
|
| tenant_id | 24c6491074e942309a908c674606f598 |
|
||||||
|
+---------------------------+--------------------------------------+
|
||||||
|
|
||||||
|
You also can add and remove the security services to the share network. For
|
||||||
|
details, see :ref:`shared_file_systems_security_services`.
|
@ -0,0 +1,86 @@
|
|||||||
|
.. _shared_file_systems_share_resize:
|
||||||
|
|
||||||
|
============
|
||||||
|
Resize share
|
||||||
|
============
|
||||||
|
|
||||||
|
To change file share size, use :command:`manila extend` and
|
||||||
|
:command:`manila shrink`. For most drivers it is safe operation. In case of
|
||||||
|
using generic driver it is better to create share snapshot for backup.
|
||||||
|
|
||||||
|
You can extend and shrink the share with **manila extend** and
|
||||||
|
**manila shrink** commands correspondingly and specifying the share and new
|
||||||
|
size that doesn't exceed the quota. For details, see
|
||||||
|
:ref:`Quotas and Limits <shared_file_systems_quotas>`. You also cannot shrink
|
||||||
|
size to 0 or to a greater value than the current share size.
|
||||||
|
|
||||||
|
While extending the share gets ``extending`` status that means that the
|
||||||
|
increase share size request was issued successfully.
|
||||||
|
|
||||||
|
To extend the share and check the result, run:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila extend Share1 2
|
||||||
|
$ manila show Share1
|
||||||
|
+-----------------------------+-------------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+-----------------------------+-------------------------------------------+
|
||||||
|
| status | available |
|
||||||
|
| share_type_name | default |
|
||||||
|
| description | My first share. Updated |
|
||||||
|
| availability_zone | nova |
|
||||||
|
| share_network_id | 5c3cbabb-f4da-465f-bc7f-fadbe047b85a |
|
||||||
|
| export_locations | 10.254.0.3:/shares/share-2d5e2c0a-1f84-...|
|
||||||
|
| share_server_id | 41b7829d-7f6b-4c96-aea5-d106c2959961 |
|
||||||
|
| host | manila@generic1#GENERIC1 |
|
||||||
|
| snapshot_id | None |
|
||||||
|
| is_public | False |
|
||||||
|
| task_state | None |
|
||||||
|
| snapshot_support | True |
|
||||||
|
| id | aca648eb-8c03-4394-a5cc-755066b7eb66 |
|
||||||
|
| size | 2 |
|
||||||
|
| name | Share1 |
|
||||||
|
| share_type | c0086582-30a6-4060-b096-a42ec9d66b86 |
|
||||||
|
| created_at | 2015-09-24T12:19:06.000000 |
|
||||||
|
| share_proto | NFS |
|
||||||
|
| consistency_group_id | None |
|
||||||
|
| source_cgsnapshot_member_id | None |
|
||||||
|
| project_id | 20787a7ba11946adad976463b57d8a2f |
|
||||||
|
| metadata | {u'deadline': u'01/30/16'} |
|
||||||
|
+-----------------------------+-------------------------------------------+
|
||||||
|
|
||||||
|
While shrinking the share gets ``shrinking`` status that means that the
|
||||||
|
decrease share size request was issued successfully. To shrink the share and
|
||||||
|
check the result, run:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila shrink Share1 1
|
||||||
|
$ manila show Share1
|
||||||
|
+-----------------------------+-------------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+-----------------------------+-------------------------------------------+
|
||||||
|
| status | available |
|
||||||
|
| share_type_name | default |
|
||||||
|
| description | My first share. Updated |
|
||||||
|
| availability_zone | nova |
|
||||||
|
| share_network_id | 5c3cbabb-f4da-465f-bc7f-fadbe047b85a |
|
||||||
|
| export_locations | 10.254.0.3:/shares/share-2d5e2c0a-1f84-...|
|
||||||
|
| share_server_id | 41b7829d-7f6b-4c96-aea5-d106c2959961 |
|
||||||
|
| host | manila@generic1#GENERIC1 |
|
||||||
|
| snapshot_id | None |
|
||||||
|
| is_public | False |
|
||||||
|
| task_state | None |
|
||||||
|
| snapshot_support | True |
|
||||||
|
| id | aca648eb-8c03-4394-a5cc-755066b7eb66 |
|
||||||
|
| size | 1 |
|
||||||
|
| name | Share1 |
|
||||||
|
| share_type | c0086582-30a6-4060-b096-a42ec9d66b86 |
|
||||||
|
| created_at | 2015-09-24T12:19:06.000000 |
|
||||||
|
| share_proto | NFS |
|
||||||
|
| consistency_group_id | None |
|
||||||
|
| source_cgsnapshot_member_id | None |
|
||||||
|
| project_id | 20787a7ba11946adad976463b57d8a2f |
|
||||||
|
| metadata | {u'deadline': u'01/30/16'} |
|
||||||
|
+-----------------------------+-------------------------------------------+
|
174
doc/admin-guide-cloud/source/shared_file_systems_share_types.rst
Normal file
174
doc/admin-guide-cloud/source/shared_file_systems_share_types.rst
Normal file
@ -0,0 +1,174 @@
|
|||||||
|
.. _shared_file_systems_share_types:
|
||||||
|
|
||||||
|
===========
|
||||||
|
Share types
|
||||||
|
===========
|
||||||
|
|
||||||
|
A share type enables you to filter or choose back ends before you create a
|
||||||
|
share. A share type behaves in the same way as a Block Storage volume type
|
||||||
|
behaves.
|
||||||
|
|
||||||
|
In the manila configuration file :file:`/etc/manila/manila.conf` administrator
|
||||||
|
can set the share type used by default for the share creation and then create
|
||||||
|
a default share type.
|
||||||
|
|
||||||
|
To create a share type, use **manila type-create** command as:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
manila type-create [--snapshot_support <snapshot_support>]
|
||||||
|
[--is_public <is_public>]
|
||||||
|
<name> <spec_driver_handles_share_servers>
|
||||||
|
|
||||||
|
where the ``name`` is the share type name, ``--is_public`` defines the level of
|
||||||
|
the visibility for the share type, ``snapshot_support`` and
|
||||||
|
``spec_driver_handles_share_servers`` are the extra specifications used to
|
||||||
|
filter back ends.
|
||||||
|
Administrators can create share types with these extra specifications that are
|
||||||
|
used for the back ends filtering:
|
||||||
|
|
||||||
|
- ``driver_handles_share_servers``. Required. Defines the driver mode for share
|
||||||
|
server life cycle management. Valid values are ``true``/``1`` and
|
||||||
|
``false``/``0``.
|
||||||
|
Set to True when the share driver can manage, or handle, the share server
|
||||||
|
life cycle.
|
||||||
|
Set to False when an administrator rather than a share driver manages the
|
||||||
|
bare metal storage with some net interface instead of the presence of the
|
||||||
|
share servers.
|
||||||
|
|
||||||
|
- ``snapshot_support``. Filters back ends by whether they do or do not support
|
||||||
|
share snapshots. Default is ``True``.
|
||||||
|
Set to True to find back ends that support share snapshots.
|
||||||
|
Set to False to find back ends that do not support share snapshots.
|
||||||
|
|
||||||
|
.. note::
|
||||||
|
|
||||||
|
The extra specifications set in the share types are operated in the
|
||||||
|
:ref:`shared_file_systems_scheduling`.
|
||||||
|
|
||||||
|
Administrators can also set additional extra specifications for a share type
|
||||||
|
for the following purposes:
|
||||||
|
|
||||||
|
- *Filter back ends*. Unqualified extra specifications that are written in
|
||||||
|
this format: ``extra_spec=value``. For example, **netapp_raid_type=raid4**.
|
||||||
|
|
||||||
|
- *Set data for the driver*. Qualified extra specifications that are written
|
||||||
|
always with the prefix with a colon, except for the special ``capabilities``
|
||||||
|
prefix, in this format: ``vendor:extra_spec=value``. For example,
|
||||||
|
**netapp:thin_provisioned=true**.
|
||||||
|
|
||||||
|
The scheduler uses the special capabilities prefix for filtering. The scheduler
|
||||||
|
can only create a share on a back end that reports capabilities that match the
|
||||||
|
un-scoped extra-spec keys for the share type. For details, see `Capabilities
|
||||||
|
and Extra-Specs <http://docs.openstack.org/developer/manila/devref/
|
||||||
|
capabilities_and_extra_specs.html>`_.
|
||||||
|
|
||||||
|
Each driver implementation determines which extra specification keys it uses.
|
||||||
|
For details, see the documentation for the driver.
|
||||||
|
|
||||||
|
An administrator can use the :file:`policy.json` file to grant permissions for
|
||||||
|
share type creation with extra specifications to other roles.
|
||||||
|
|
||||||
|
You set a share type to private or public and
|
||||||
|
:ref:`manage the access<share_type_access>` to the private share types. By
|
||||||
|
default a share type is created as publicly accessible. Set ``--is_public`` to
|
||||||
|
``False`` to make the share type private.
|
||||||
|
|
||||||
|
Share type operations
|
||||||
|
---------------------
|
||||||
|
|
||||||
|
To create a new share type you need to specify name of new share type and
|
||||||
|
required extra spec ``driver_handles_share_servers``. Also, the new share type
|
||||||
|
can be public.
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila type-create netapp1 False --is_public True
|
||||||
|
|
||||||
|
$ manila type-list
|
||||||
|
+-----+--------+-----------+-----------+-----------------------------------+-----------------------+
|
||||||
|
| ID | Name | Visibility| is_default| required_extra_specs | optional_extra_specs |
|
||||||
|
+-----+--------+-----------+-----------+-----------------------------------+-----------------------+
|
||||||
|
| c0..| netapp1| public | No | driver_handles_share_servers:False| snapshot_support:True |
|
||||||
|
+-----+--------+-----------+-----------+-----------------------------------+-----------------------+
|
||||||
|
|
||||||
|
You can set or unset extra specifications for a share type
|
||||||
|
using **manila type-key <share_type> set <key=value>** command. Since it is up
|
||||||
|
to each driver what extra specification keys it uses, see the documentation
|
||||||
|
for a specified driver.
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila type-key netapp1 set thin_provisioned=True
|
||||||
|
|
||||||
|
It is also possible for administrator to see a list of current share types and
|
||||||
|
extra specifications:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila extra-specs-list
|
||||||
|
+-------------+---------+-------------------------------------+
|
||||||
|
| ID | Name | all_extra_specs |
|
||||||
|
+-------------+---------+-------------------------------------+
|
||||||
|
| c0086582-...| netapp1 | snapshot_support : True |
|
||||||
|
| | | thin_provisioned : True |
|
||||||
|
| | | driver_handles_share_servers : True |
|
||||||
|
+-------------+---------+-------------------------------------+
|
||||||
|
|
||||||
|
Use **manila type-key <share_type> unset <key>** to unset an extra
|
||||||
|
specification.
|
||||||
|
|
||||||
|
The public or private share type can be deleted by means of
|
||||||
|
**manila type-delete <share_type>** command.
|
||||||
|
|
||||||
|
.. _share_type_access:
|
||||||
|
|
||||||
|
Share type access
|
||||||
|
-----------------
|
||||||
|
|
||||||
|
You can manage the access to the private for the different projects: add
|
||||||
|
access, remove access, and get information about access for a specified
|
||||||
|
private share type.
|
||||||
|
|
||||||
|
Create a private type:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila type-create my_type1 True --is_public False
|
||||||
|
+-----+---------+-----------+-----------+----------------------------------+----------------------+
|
||||||
|
| ID | Name | Visibility| is_default| required_extra_specs | optional_extra_specs |
|
||||||
|
+-----+---------+-----------+-----------+----------------------------------+----------------------+
|
||||||
|
| a4..| my_type1| private | - | driver_handles_share_servers:True| snapshot_support:True|
|
||||||
|
+-----+---------+-----------+-----------+----------------------------------+----------------------+
|
||||||
|
|
||||||
|
.. note::
|
||||||
|
If you run **manila type-list** you see only public types. To see the
|
||||||
|
private types also, run **manila type-list** with ``-all`` optional
|
||||||
|
argument.
|
||||||
|
|
||||||
|
Grant access to created private type for a demo and alt_demo projects
|
||||||
|
by providing their IDs:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila type-access-add my_type1 d8f9af6915404114ae4f30668a4f5ba7
|
||||||
|
$ manila type-access-add my_type1 e4970f57f1824faab2701db61ee7efdf
|
||||||
|
|
||||||
|
Get information about access for a private share type ``my_type1``:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila type-access-list my_type1
|
||||||
|
+----------------------------------+
|
||||||
|
| Project_ID |
|
||||||
|
+----------------------------------+
|
||||||
|
| d8f9af6915404114ae4f30668a4f5ba7 |
|
||||||
|
| e4970f57f1824faab2701db61ee7efdf |
|
||||||
|
+----------------------------------+
|
||||||
|
|
||||||
|
After you granted the access to the share type users that belong to project
|
||||||
|
with granted access can see the type in the list and create shares with
|
||||||
|
allowed private share type.
|
||||||
|
|
||||||
|
To deny access for a specified project, use
|
||||||
|
**manila type-access-remove <share_type> <project_id>** command.
|
136
doc/admin-guide-cloud/source/shared_file_systems_snapshots.rst
Normal file
136
doc/admin-guide-cloud/source/shared_file_systems_snapshots.rst
Normal file
@ -0,0 +1,136 @@
|
|||||||
|
.. _shared_file_systems_snapshots:
|
||||||
|
|
||||||
|
===============
|
||||||
|
Share snapshots
|
||||||
|
===============
|
||||||
|
|
||||||
|
The Shared File Systems service provides mechanism of snapshots to help users
|
||||||
|
to restore theirs own data. Use :command:`manila snapshot-create` for it.
|
||||||
|
|
||||||
|
To export a snapshot, you can create shares from it, then mount new share to
|
||||||
|
instance and then directly copy files from attached share into archive.
|
||||||
|
|
||||||
|
To import snapshot, create a new share with appropriate size, attach it to
|
||||||
|
instance and then copy file from archive to attached file system.
|
||||||
|
|
||||||
|
.. note::
|
||||||
|
You cannot delete share cannot while it has saved dependent snapshots.
|
||||||
|
|
||||||
|
Create a snapshot from the share:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila snapshot-create Share1 --name Snapshot1 --description "Snapshot of Share1"
|
||||||
|
+-------------+--------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+-------------+--------------------------------------+
|
||||||
|
| status | creating |
|
||||||
|
| share_id | aca648eb-8c03-4394-a5cc-755066b7eb66 |
|
||||||
|
| name | Snapshot1 |
|
||||||
|
| created_at | 2015-09-25T05:27:38.862040 |
|
||||||
|
| share_proto | NFS |
|
||||||
|
| id | 962e8126-35c3-47bb-8c00-f0ee37f42ddd |
|
||||||
|
| size | 1 |
|
||||||
|
| share_size | 1 |
|
||||||
|
| description | Snapshot of Share1 |
|
||||||
|
+-------------+--------------------------------------+
|
||||||
|
|
||||||
|
Update name or description of a snapshot if it is needed:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila snapshot-rename Snapshot1 Snapshot_1 --description "Snapshot of Share1. Updated."
|
||||||
|
|
||||||
|
Check that status of a snapshot is ``available``:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila snapshot-show Snapshot1
|
||||||
|
+-------------+--------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+-------------+--------------------------------------+
|
||||||
|
| status | available |
|
||||||
|
| share_id | aca648eb-8c03-4394-a5cc-755066b7eb66 |
|
||||||
|
| name | Snapshot1 |
|
||||||
|
| created_at | 2015-09-25T05:27:38.000000 |
|
||||||
|
| share_proto | NFS |
|
||||||
|
| id | 962e8126-35c3-47bb-8c00-f0ee37f42ddd |
|
||||||
|
| size | 1 |
|
||||||
|
| share_size | 1 |
|
||||||
|
| description | Snapshot of Share1 |
|
||||||
|
+-------------+--------------------------------------+
|
||||||
|
|
||||||
|
To restore your data from snapshot, use :command:`manila create` with key
|
||||||
|
``--snapshot-id``. This creates a new share from exiting snapshot.
|
||||||
|
Create a share from a snapshot and check whether it is available:
|
||||||
|
|
||||||
|
.. code:: console
|
||||||
|
|
||||||
|
$ manila create nfs 1 --name Share2 --metadata source=snapshot --description "Share from a snapshot." --snapshot-id 962e8126-35c3-47bb-8c00-f0ee37f42ddd
|
||||||
|
+-----------------------------+--------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+-----------------------------+--------------------------------------+
|
||||||
|
| status | None |
|
||||||
|
| share_type_name | default |
|
||||||
|
| description | Share from a snapshot. |
|
||||||
|
| availability_zone | None |
|
||||||
|
| share_network_id | None |
|
||||||
|
| export_locations | [] |
|
||||||
|
| share_server_id | None |
|
||||||
|
| host | None |
|
||||||
|
| snapshot_id | 962e8126-35c3-47bb-8c00-f0ee37f42ddd |
|
||||||
|
| is_public | False |
|
||||||
|
| task_state | None |
|
||||||
|
| snapshot_support | True |
|
||||||
|
| id | b6b0617c-ea51-4450-848e-e7cff69238c7 |
|
||||||
|
| size | 1 |
|
||||||
|
| name | Share2 |
|
||||||
|
| share_type | c0086582-30a6-4060-b096-a42ec9d66b86 |
|
||||||
|
| created_at | 2015-09-25T06:25:50.240417 |
|
||||||
|
| export_location | None |
|
||||||
|
| share_proto | NFS |
|
||||||
|
| consistency_group_id | None |
|
||||||
|
| source_cgsnapshot_member_id | None |
|
||||||
|
| project_id | 20787a7ba11946adad976463b57d8a2f |
|
||||||
|
| metadata | {u'source': u'snapshot'} |
|
||||||
|
+-----------------------------+--------------------------------------+
|
||||||
|
|
||||||
|
$ manila show Share2
|
||||||
|
+-----------------------------+-------------------------------------------+
|
||||||
|
| Property | Value |
|
||||||
|
+-----------------------------+-------------------------------------------+
|
||||||
|
| status | available |
|
||||||
|
| share_type_name | default |
|
||||||
|
| description | Share from a snapshot. |
|
||||||
|
| availability_zone | nova |
|
||||||
|
| share_network_id | 5c3cbabb-f4da-465f-bc7f-fadbe047b85a |
|
||||||
|
| export_locations | 10.254.0.3:/shares/share-1dc2a471-3d47-...|
|
||||||
|
| share_server_id | 41b7829d-7f6b-4c96-aea5-d106c2959961 |
|
||||||
|
| host | manila@generic1#GENERIC1 |
|
||||||
|
| snapshot_id | 962e8126-35c3-47bb-8c00-f0ee37f42ddd |
|
||||||
|
| is_public | False |
|
||||||
|
| task_state | None |
|
||||||
|
| snapshot_support | True |
|
||||||
|
| id | b6b0617c-ea51-4450-848e-e7cff69238c7 |
|
||||||
|
| size | 1 |
|
||||||
|
| name | Share2 |
|
||||||
|
| share_type | c0086582-30a6-4060-b096-a42ec9d66b86 |
|
||||||
|
| created_at | 2015-09-25T06:25:50.000000 |
|
||||||
|
| share_proto | NFS |
|
||||||
|
| consistency_group_id | None |
|
||||||
|
| source_cgsnapshot_member_id | None |
|
||||||
|
| project_id | 20787a7ba11946adad976463b57d8a2f |
|
||||||
|
| metadata | {u'source': u'snapshot'} |
|
||||||
|
+-----------------------------+-------------------------------------------+
|
||||||
|
|
||||||
|
You can soft-delete a snapshot using **manila snapshot-delete
|
||||||
|
<snapshot_name_or_ID>**. If a snapshot is in busy state and during deleting
|
||||||
|
got the ``error_deleting`` status, administrator can force-delete it or
|
||||||
|
explicitly reset the state.
|
||||||
|
Use **snapshot-reset-state [--state <state>] <snapshot>** to update the state
|
||||||
|
of a snapshot explicitly. A valid value of a status are ``available``,
|
||||||
|
``error``, ``creating``, ``deleting``, ``error_deleting``. If no state is
|
||||||
|
provided, available will be used.
|
||||||
|
|
||||||
|
Use **manila snapshot-force-delete <snapshot>** to force-delete a specified
|
||||||
|
share snapshot in any state.
|
@ -0,0 +1,63 @@
|
|||||||
|
.. _shared_file_systems_troubleshoot:
|
||||||
|
|
||||||
|
========================================
|
||||||
|
Troubleshoot Shared File Systems service
|
||||||
|
========================================
|
||||||
|
|
||||||
|
Failures in share service during share creation
|
||||||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
If new shares go into ``error`` state during creation, follow next steps:
|
||||||
|
|
||||||
|
1. Make sure, that share services are running into debug mode. If it is not
|
||||||
|
true, you will not get any tips from logs how to fix your issue.
|
||||||
|
|
||||||
|
2. Find what a share service holds specified share. Do to that, run command
|
||||||
|
:command:`manila show <share_id_or_name>` and find share host in the
|
||||||
|
output. Host uniquely identifies share service holds broken share.
|
||||||
|
|
||||||
|
3. Look thought logs of this share service. Usually, it can be found at
|
||||||
|
``/etc/var/log/manila-share.log``. This log should contain kind of
|
||||||
|
traceback with extra information to help you find origin of issues.
|
||||||
|
|
||||||
|
No valid host was found
|
||||||
|
~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
You should manage share types very carefully. If share type contains invalid
|
||||||
|
extra spec scheduler will never find valid host for share of this type.
|
||||||
|
To diagnose this issue, make sure that scheduler service is running in
|
||||||
|
debug mode, try to create a new share and look for message ``Failed to
|
||||||
|
schedule create_share: No valid host was found.`` in
|
||||||
|
``/etc/var/log/manila-scheduler.log``.
|
||||||
|
|
||||||
|
To solve this issue look carefully through list of extra specs in share type
|
||||||
|
and list of share service reported capabilities and make sure that extra specs
|
||||||
|
are pointed in the right way.
|
||||||
|
|
||||||
|
|
||||||
|
Created share is unreachable
|
||||||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
By default new share doesn't have any active access rules. So, to provide
|
||||||
|
access to new created share, you need to create appropriate access rule with
|
||||||
|
right value that defines access.
|
||||||
|
|
||||||
|
Service become unavailable after upgrade
|
||||||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
After upgrading Shared File Systems service from version v1 to version v2.x,
|
||||||
|
please be attentive to update service endpoint in OpenStack Identity Service.
|
||||||
|
Use :command:`keystone service-list` to get service type related to Shared
|
||||||
|
File Systems service and then :command:`keystone service-list --service
|
||||||
|
<share-service-type>`. You will get endpoints expected from running
|
||||||
|
Shared File Systems service. Make sure that these endpoints are update.
|
||||||
|
If it is not true, you need delete outdated endpoints and create a new one.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
Failures during management of internal resources
|
||||||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
Some drivers in Shared File Systems service can create service entities, like
|
||||||
|
servers and networks. If it is necessary to reach it you can login in
|
||||||
|
tenant ``service`` and get manual control over it.
|
Loading…
x
Reference in New Issue
Block a user