x/kingbird
Code Issues Proposed changes
fad12485f7
kingbird/doc/source/installation.rst
Goutham Pratapa 8e0acbdcc5 Fix to show version information from root API. 
When the user hits http://serv_api:8118 instead of version information
kingbird returns 401 authentication.Introduced a new section
pecan configurations and pecan hooks to fix this error.
Added test-cases, made trivial changes for tempest tests and refactored
some code.

Closes-Bug: #1673383
Change-Id: Ic87b078a73bd0505b309f099cffdfb7ee31ba8e3
2017-03-23 12:23:33 +05:30

286 lines
9.3 KiB
ReStructuredText
Raw Blame History

===========================
Kingbird Installation Guide
===========================
Preparing the installation
--------------------------
Kingbird is centralized synchronization service for multi-region OpenStack
deployments. In OPNFV Colorado release, Kingbird provides centralized quota
management feature. At least two OpenStack regions with shared KeyStone should
be installed first.
Kingbird includes kingbird-api and kingbird-engine, kingbird-api and
kingbird-engine which talk to each other through message bus, and both
services access the database. Kingbird-api receives the RESTful
API request for quota management and forward the request to kingbird-engine
to do quota synchronization etc task.
Therefore install Kingbird on the controller nodes of one of the OpenStack
region, these two services could be deployed in same node or different node.
Both kingbird-api and kingbird-engine can run in multiple nodes with
multi-workers mode. It's up to you how many nodes you want to deploy
kingbird-api and kingbird-engine and they can work in same node or
different nodes.
HW requirements
---------------
No special hardware requirements
Installation instruction
------------------------
In colorado release, Kingbird is recommended to be installed in a python
virtual environment. So install and activate virtualenv first.
.. code-block:: bash
sudo pip install virtualenv
virtualenv venv
source venv/bin/activate
Get the latest code of Kingbird from git repository:
.. code-block:: bash
git clone https://github.com/openstack/kingbird.git
cd kingbird/
pip install -e .
or get the stable release from PyPI repository:
.. code-block:: bash
pip install kingbird
In case of the database package are not installed, you may need to install:
.. code-block:: bash
pip install mysql
pip install pymysql
In the Kingbird root folder, where you can find the source code of Kingbird,
generate the configuration sample file for Kingbird:
.. code-block:: bash
oslo-config-generator --config-file=./tools/config-generator.conf
prepare the folder used for cache, log and configuration for Kingbird:
.. code-block:: bash
sudo rm -rf /var/cache/kingbird
sudo mkdir -p /var/cache/kingbird
sudo chown `whoami` /var/cache/kingbird
sudo rm -rf /var/log/kingbird
sudo mkdir -p /var/log/kingbird
sudo chown `whoami` /var/log/kingbird
sudo rm -rf /etc/kingbird
sudo mkdir -p /etc/kingbird
sudo chown `whoami` /etc/kingbird
Copy the sample configuration to the configuration folder /etc/kingbird:
.. code-block:: bash
cp etc/kingbird/kingbird.conf.sample /etc/kingbird/kingbird.conf
Before editing the configuration file, prepare the database info for Kingbird.
.. code-block:: bash
mysql -uroot -e "CREATE DATABASE $kb_db CHARACTER SET utf8;"
mysql -uroot -e "GRANT ALL PRIVILEGES ON $kb_db.* TO '$kb_db_user'@'%' IDENTIFIED BY '$kb_db_pwd';"
For example, the following command will create database "kingbird", and grant the
privilege for the db user "kingbird" with password "password":
.. code-block:: bash
mysql -uroot -e "CREATE DATABASE kingbird CHARACTER SET utf8;"
mysql -uroot -e "GRANT ALL PRIVILEGES ON kingbird.* TO 'kingbird'@'%' IDENTIFIED BY 'password';"
Create the service user in OpenStack:
.. code-block:: bash
source openrc admin admin
openstack user create --project=service --password=$kb_svc_pwd $kb_svc_user
openstack role add --user=$kb_svc_user --project=service admin
For example, the following command will create service user "kingbird",
and grant the user "kingbird" with password "password" the role of admin
in service project:
.. code-block:: bash
source openrc admin admin
openstack user create --project=service --password=password kingbird
openstack role add --user=kingbird --project=service admin
Then edit the configuration file for Kingbird:
.. code-block:: bash
vim /etc/kingbird/kingbird.conf
By default, the bind_host of kingbird-api is local_host(127.0.0.1), and the
port for the service is 8118, you can leave it as the default if no port
conflict happened.
Please replace the address of Kingbird service "127.0.0.1" which is mentioned
below to the address you get from OpenStack Kingbird endpoint.
To make the Kingbird work normally, you have to edit these configuration
items. The [cache] section is used by kingbird engine to access the quota
information of Nova, Cinder, Neutron in each region, replace the
auth_uri to the keystone service in your environment,
especially if the keystone service is not located in the same node, and
also for the account to access the Nova, Cinder, Neutron in each region,
in the following configuration, user "admin" with password "password" of
the tenant "admin" is configured to access other Nova, Cinder, Neutron in
each region:
.. code-block:: bash
[cache]
auth_uri = http://127.0.0.1:5000/v3
admin_tenant = admin
admin_password = password
admin_username = admin
Configure the database section with the service user "kingbird" and its
password, to access database "kingbird". For detailed database section
configuration, please refer to http://docs.openstack.org/developer/oslo.db/opts.html,
and change the following configuration accordingly based on your
environment.
.. code-block:: bash
[database]
connection = mysql+pymysql://$kb_db_user:$kb_db_pwd@127.0.0.1/$kb_db?charset=utf8
For example, if the database is "kingbird", and the db user "kingbird" with
password "password", then the configuration is as following:
.. code-block:: bash
[database]
connection = mysql+pymysql://kingbird:password@127.0.0.1/kingbird?charset=utf8
The [keystone_authtoken] section is used by keystonemiddleware for token
validation during the API request to the kingbird-api, please refer to
http://docs.openstack.org/developer/keystonemiddleware/middlewarearchitecture.html
on how to configure the keystone_authtoken section for the keystonemiddleware
in detail, and change the following configuration accordingly based on your
environment:
*please specify the region_name where you want the token will be validated if the
KeyStone is deployed in multiple regions*
.. code-block:: bash
[keystone_authtoken]
signing_dir = /var/cache/kingbird
cafile = /opt/stack/data/ca-bundle.pem
auth_uri = http://127.0.0.1:5000/v3
project_domain_name = Default
project_name = service
user_domain_name = Default
password = $kb_svc_pwd
username = $kb_svc_user
auth_url = http://127.0.0.1:35357/v3
auth_type = password
region_name = RegionOne
For example, if the service user is "kingbird, and the password for the user
is "password", then the configuration will look like this:
.. code-block:: bash
[keystone_authtoken]
signing_dir = /var/cache/kingbird
cafile = /opt/stack/data/ca-bundle.pem
auth_uri = http://127.0.0.1:5000/v3
project_domain_name = Default
project_name = service
user_domain_name = Default
password = password
username = kingbird
auth_url = http://127.0.0.1:35357/v3
auth_type = password
region_name = RegionOne
And also configure the message bus connection, you can refer to the message
bus configuration in Nova, Cinder, Neutron configuration file.
.. code-block:: bash
[DEFAULT]
transport_url = rabbit://stackrabbit:password@127.0.0.1:5672/
After these basic configuration items configured, now the database schema of
"kingbird" should be created:
.. code-block:: bash
python kingbird/cmd/manage.py --config-file=/etc/kingbird/kingbird.conf db_sync
And create the service and endpoint for Kingbird, please change the endpoint url
according to your cloud planning:
.. code-block:: bash
openstack service create --name=kingbird synchronization
openstack endpoint create --region=RegionOne kingbird public http://127.0.0.1:8118/v1.0
openstack endpoint create --region=RegionOne kingbird admin http://127.0.0.1:8118/v1.0
openstack endpoint create --region=RegionOne kingbird internal http://127.0.0.1:8118/v1.0
Now it's ready to run kingbird-api and kingbird-engine:
.. code-block:: bash
nohup python kingbird/cmd/api.py --config-file=/etc/kingbird/kingbird.conf &
nohup python kingbird/cmd/engine.py --config-file=/etc/kingbird/kingbird.conf &
Run the following command to check whether kingbird-api and kingbird-engine
are running:
.. code-block:: bash
ps aux|grep python
Post-installation activities
----------------------------
Run the following commands to check whether kingbird-api is serving.
.. code-block:: bash
curl http://127.0.0.1:8118/
If the response looks like following: {"versions": [{"status": "CURRENT",
"updated": "2016-03-07", "id": "v1.0", "links": [{"href":
"http://127.0.0.1:8118/v1.0/", "rel": "self"}]}]},
then that means the kingbird-api is working normally.
Run the following commands to check whether kingbird-engine is serving, please
replace $token to the token you get from "openstack token issue", and the
$admin_project_id to the admin project id in your environment:
.. code-block:: bash
curl -H "Content-Type: application/json" -H "X-Auth-Token: $token" \
-H "X_ROLE: admin" -X PUT \
http://127.0.0.1:8118/v1.0/$admin_project_id/os-quota-sets/$admin_project_id/sync
If the response looks like following: "triggered quota sync for
0320065092b14f388af54c5bd18ab5da", then that means the kingbird-engine
is working normally.
View Git Blame Copy Permalink