openstack-manuals/doc/install-guide/section_cinder-controller.xml
Tom Fifield e9bde9eefd Change cinder install to use keystone_authtoken
We should no longer edit api-paste.ini, instead we should follow
the same keystone_authtoken section edits.

Change-Id: Ic8d21108c5f91179b33a4275985f04d5444eee29
2014-04-04 10:25:40 +08:00

180 lines
11 KiB
XML

<section xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xml:id="cinder-controller">
<title>Configure a Block Storage service controller</title>
<note>
<para>This scenario configures OpenStack Block Storage
services on the <glossterm baseform="controller node">Controller node</glossterm>
and assumes that a
second node provides storage through the <systemitem
class="service">cinder-volume</systemitem> service.</para>
<para>For
instructions on how to configure the second node, see <xref
linkend="cinder-node"/>.</para>
</note>
<para>You can configure OpenStack to use various storage systems.
This example uses LVM.</para>
<procedure>
<step>
<para>Install the appropriate packages for the Block Storage
service:</para>
<screen os="ubuntu;debian"><prompt>#</prompt> <userinput>apt-get install cinder-api cinder-scheduler</userinput></screen>
<screen os="centos;rhel;fedora"><prompt>#</prompt> <userinput>yum install openstack-cinder</userinput></screen>
<screen os="opensuse;sles"><prompt>#</prompt> <userinput>zypper install openstack-cinder-api openstack-cinder-scheduler</userinput></screen>
</step>
<step os="debian">
<para>Respond to the prompts for database
management, <literal>[keystone_authtoken]</literal> settings, RabbitMQ credentials and API endpoint registration.</para>
</step>
<step os="ubuntu;rhel;centos;fedora;opensuse;sles">
<para>Configure Block Storage to use your database.</para>
<para>In the
<filename>/etc/cinder/cinder.conf</filename> file, add this key in the <literal>[database]</literal> section and replace <replaceable>CINDER_DBPASS</replaceable> with the password
for the Block Storage database that you will create in a later step:</para>
<screen os="rhel;centos;fedora;opensuse;sles"><prompt>#</prompt> <userinput>openstack-config --set /etc/cinder/cinder.conf \
database connection mysql://cinder:<replaceable>CINDER_DBPASS</replaceable>@<replaceable>controller</replaceable>/cinder</userinput></screen>
<programlisting os="ubuntu" language="ini">[database]
...
connection = mysql://cinder:<replaceable>CINDER_DBPASS</replaceable>@<replaceable>controller</replaceable>/cinder</programlisting>
<note os="ubuntu"><para>In some distributions, the <filename>/etc/cinder/cinder.conf</filename>
file does not include the
<literal>[database]</literal> section header. You must add this
section header to the end of the file before you proceed.</para>
</note></step>
<step os="rhel;centos;fedora;opensuse;sles">
<para>To create the Block Storage service database and tables
and a <literal>cinder</literal> database user, run the
<command>openstack-db</command> command.</para>
<screen><prompt>#</prompt> <userinput>openstack-db --init --service cinder --password <replaceable>CINDER_DBPASS</replaceable></userinput></screen>
</step>
<step os="ubuntu">
<para>Use the password that you set to log in as root to create
a <literal>cinder</literal> database:</para>
<screen><prompt>#</prompt> <userinput>mysql -u root -p</userinput></screen>
<screen><prompt>mysql></prompt> <userinput>CREATE DATABASE cinder;</userinput></screen>
<screen><prompt>mysql></prompt> <userinput>GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY '<replaceable>CINDER_DBPASS</replaceable>';</userinput></screen>
<screen><prompt>mysql></prompt> <userinput>GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY '<replaceable>CINDER_DBPASS</replaceable>';</userinput></screen>
</step>
<step os="ubuntu">
<para>Create the database tables for the Block Storage
service:</para>
<screen><prompt>#</prompt> <userinput>cinder-manage db sync</userinput></screen>
</step>
<step os="rhel;centos;fedora;opensuse;sles;ubuntu">
<para>Create a <literal>cinder</literal> user.</para>
<para>The Block Storage service uses this user to authenticate
with the Identity service.</para>
<para>Use the <literal>service</literal> tenant and give the
user the <literal>admin</literal> role:</para>
<screen><prompt>#</prompt> <userinput>keystone user-create --name=cinder --pass=<replaceable>CINDER_PASS</replaceable> --email=<replaceable>cinder@example.com</replaceable></userinput>
<prompt>#</prompt> <userinput>keystone user-role-add --user=cinder --tenant=service --role=admin</userinput></screen>
</step>
<step>
<para os="fedora;rhel;centos;opensuse;sles">Edit the
<filename>/etc/cinder/cinder.conf</filename> configuration file:</para>
<screen os="fedora;rhel;centos;opensuse;sles"><prompt>#</prompt>
<userinput>openstack-config --set /etc/cinder/cinder.conf DEFAULT \
auth_strategy keystone</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/cinder/cinder.conf keystone_authtoken \
auth_uri http://<replaceable>controller</replaceable>:5000</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/cinder/cinder.confkeystone_authtoken \
auth_host <replaceable>controller</replaceable></userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/cinder/cinder.conf keystone_authtoken \
auth_protocol http</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/cinder/cinder.conf keystone_authtoken \
auth_port 35357</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/cinder/cinder.conf keystone_authtoken \
admin_user cinder</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/cinder/cinder.conf keystone_authtoken \
admin_tenant_name service</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/cinder/cinder.conf keystone_authtoken \
admin_password <replaceable>CINDER_PASS</replaceable></userinput></screen>
<para os="ubuntu;debian">Edit the
<filename>/etc/cinder/cinder.conf</filename> configuration
file and add this section for keystone credentials:</para>
<programlisting os="ubuntu;debian" language="ini">...
[keystone_authtoken]
auth_uri = http://<replaceable>controller</replaceable>:5000
auth_host = <replaceable>controller</replaceable>
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = cinder
admin_password = <replaceable>CINDER_PASS</replaceable></programlisting>
</step>
<step os="ubuntu">
<para>Configure Block Storage to use the RabbitMQ message
broker.</para>
<para>In the <literal>[DEFAULT]</literal> section in
the <filename>/etc/cinder/cinder.conf</filename> file, set
these configuration keys and replace
<replaceable>RABBIT_PASS</replaceable> with the password you
chose for RabbitMQ:</para>
<programlisting language="ini">[DEFAULT]
...
rpc_backend = cinder.openstack.common.rpc.impl_kombu
rabbit_host = <replaceable>controller</replaceable>
rabbit_port = 5672
rabbit_userid = guest
rabbit_password = <replaceable>RABBIT_PASS</replaceable></programlisting>
</step>
<step os="rhel;centos;fedora">
<para>Configure Block Storage to use the Qpid message
broker:</para>
<screen><prompt>#</prompt> <userinput>openstack-config --set /etc/cinder/cinder.conf \
DEFAULT rpc_backend cinder.openstack.common.rpc.impl_qpid</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/cinder/cinder.conf \
DEFAULT qpid_hostname controller</userinput></screen>
</step>
<step os="sles;opensuse">
<para>Configure Block Storage to use the RabbitMQ message
broker.</para>
<para>Replace <replaceable>RABBIT_PASS</replaceable> with the
password you chose for RabbitMQ:</para>
<screen><prompt>#</prompt> <userinput>openstack-config --set /etc/cinder/cinder.conf \
DEFAULT rpc_backend cinder.openstack.common.rpc.impl_kombu</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/cinder/cinder.conf \
DEFAULT rabbit_host controller</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/cinder/cinder.conf \
DEFAULT rabbit_port 5672</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/cinder/cinder.conf \
DEFAULT rabbit_password <replaceable>RABBIT_PASS</replaceable></userinput></screen>
</step>
<step os="rhel;centos;fedora;opensuse;sles;ubuntu">
<para>Register the Block Storage service with the Identity
service so that other OpenStack services can locate it:</para>
<screen><prompt>$</prompt> <userinput>keystone service-create --name=cinder --type=volume --description="OpenStack Block Storage"</userinput></screen>
<screen><prompt>$</prompt> <userinput>keystone endpoint-create \
--service-id=$(keystone service-list | awk '/ volume / {print $2}') \
--publicurl=http://<replaceable>controller</replaceable>:8776/v1/%\(tenant_id\)s \
--internalurl=http://<replaceable>controller</replaceable>:8776/v1/%\(tenant_id\)s \
--adminurl=http://<replaceable>controller</replaceable>:8776/v1/%\(tenant_id\)s</userinput></screen>
</step>
<step os="rhel;centos;fedora;opensuse;sles;ubuntu">
<para>Register a service and endpoint for version 2 of the Block
Storage service API:</para>
<screen><prompt>$</prompt> <userinput>keystone service-create --name=cinderv2 --type=volumev2 --description="OpenStack Block Storage v2"</userinput></screen>
<screen><prompt>$</prompt> <userinput>keystone endpoint-create \
--service-id=$(keystone service-list | awk '/ volumev2 / {print $2}') \
--publicurl=http://<replaceable>controller</replaceable>:8776/v2/%\(tenant_id\)s \
--internalurl=http://<replaceable>controller</replaceable>:8776/v2/%\(tenant_id\)s \
--adminurl=http://<replaceable>controller</replaceable>:8776/v2/%\(tenant_id\)s</userinput></screen>
</step>
<step os="ubuntu">
<para>Restart the Block Storage services with the new
settings:</para>
<screen><prompt>#</prompt> <userinput>service cinder-scheduler restart</userinput>
<prompt>#</prompt> <userinput>service cinder-api restart</userinput></screen>
</step>
<step os="rhel;fedora;centos;opensuse;sles">
<para>Start and configure the Block Storage services to start when
the system boots:</para>
<screen os="rhel;fedora;centos;opensuse;sles"><prompt>#</prompt> <userinput>service openstack-cinder-api start</userinput>
<prompt>#</prompt> <userinput>service openstack-cinder-scheduler start</userinput>
<prompt>#</prompt> <userinput>chkconfig openstack-cinder-api on</userinput>
<prompt>#</prompt> <userinput>chkconfig openstack-cinder-scheduler on</userinput></screen>
</step>
</procedure>
</section>