devstack/doc/source/configuration.rst
Brian Haley 180f5eb652 Add IPv6 support to devstack infrastructure
By default, most Openstack services are bound to 0.0.0.0
and service endpoints are registered as IPv4 addresses.
With this change we introduce two new variables to control
this behavior:

SERVICE_IP_VERSION - can either be "4" or "6".

When set to "4" (default if not set) devstack will operate
as today - most services will open listen sockets on 0.0.0.0
and service endpoints will be registered using HOST_IP as the
address.

When set to "6" devstack services will open listen sockets on ::
and service endpoints will be registered using HOST_IPV6 as the
address.

There is no support for "4+6", more work is required for that.

HOST_IPV6 - if SERVICE_IP_VERSION=6 this must be an IPv6
address configured on the system.

Some existing services, like the Openvswitch agent, will continue
to use IPv4 addresses for things like tunnel endpoints.  This is
a current restriction in the code and can be updated at a later
time.  This change is just a first step to supporting IPv6-only
control and data planes in devstack.

This change is also partly based on two previous patches,
https://review.openstack.org/#/c/140519/ and
https://review.openstack.org/#/c/176898/

Change-Id: I5c0b775490ce54ab104fd5e89b20fb700212ae74
Co-Authored-By: Sean Collins <sean@coreitpro.com>
Co-Authored-By: Baodong Li <baoli@cisco.com>
Co-Authored-By: Sridhar Gaddam <sridhar.gaddam@enovance.com>
Co-Authored-By: Adam Kacmarsky <adam.kacmarsky@hp.com>
Co-Authored-By: Jeremy Alvis <jeremy.alvis@hp.com>
2015-07-02 15:16:34 -06:00

474 lines
15 KiB
ReStructuredText

=============
Configuration
=============
DevStack has always tried to be mostly-functional with a minimal amount
of configuration. The number of options has ballooned as projects add
features, new projects added and more combinations need to be tested.
Historically DevStack obtained all local configuration and
customizations from a ``localrc`` file. The number of configuration
variables that are simply passed-through to the individual project
configuration files is also increasing. The old mechanism for this
(``EXTRAS_OPTS`` and friends) required specific code for each file and
did not scale well.
In Oct 2013 a new configuration method was introduced (in `review
46768 <https://review.openstack.org/#/c/46768/>`__) to hopefully
simplify this process and meet the following goals:
- contain all non-default local configuration in a single file
- be backward-compatible with ``localrc`` to smooth the transition
process
- allow settings in arbitrary configuration files to be changed
local.conf
==========
The new configuration file is ``local.conf`` and resides in the root
DevStack directory like the old ``localrc`` file. It is a modified INI
format file that introduces a meta-section header to carry additional
information regarding the configuration files to be changed.
The new header is similar to a normal INI section header but with double
brackets (``[[ ... ]]``) and two internal fields separated by a pipe
(``|``):
::
[[ <phase> | <config-file-name> ]]
where ``<phase>`` is one of a set of phase names defined by ``stack.sh``
and ``<config-file-name>`` is the configuration filename. The filename
is eval'ed in the ``stack.sh`` context so all environment variables are
available and may be used. Using the project config file variables in
the header is strongly suggested (see the ``NOVA_CONF`` example below).
If the path of the config file does not exist it is skipped.
The defined phases are:
- **local** - extracts ``localrc`` from ``local.conf`` before
``stackrc`` is sourced
- **pre-install** - runs after the system packages are installed but
before any of the source repositories are installed
- **install** - runs immediately after the repo installations are
complete
- **post-config** - runs after the layer 2 services are configured and
before they are started
- **extra** - runs after services are started and before any files in
``extra.d`` are executed
The file is processed strictly in sequence; meta-sections may be
specified more than once but if any settings are duplicated the last to
appear in the file will be used.
::
[[post-config|$NOVA_CONF]]
[DEFAULT]
use_syslog = True
[osapi_v3]
enabled = False
A specific meta-section ``local|localrc`` is used to provide a default
``localrc`` file (actually ``.localrc.auto``). This allows all custom
settings for DevStack to be contained in a single file. If ``localrc``
exists it will be used instead to preserve backward-compatibility. More
details on the :doc:`contents of local.conf <local.conf>` are available.
::
[[local|localrc]]
FIXED_RANGE=10.254.1.0/24
ADMIN_PASSWORD=speciale
LOGFILE=$DEST/logs/stack.sh.log
Note that ``Q_PLUGIN_CONF_FILE`` is unique in that it is assumed to
*NOT* start with a ``/`` (slash) character. A slash will need to be
added:
::
[[post-config|/$Q_PLUGIN_CONF_FILE]]
Also note that the ``localrc`` section is sourced as a shell script
fragment and MUST conform to the shell requirements, specifically no
whitespace around ``=`` (equals).
.. _minimal-configuration:
Minimal Configuration
=====================
While ``stack.sh`` is happy to run without a ``localrc`` section in
``local.conf``, devlife is better when there are a few minimal variables
set. This is an example of a minimal configuration that touches the
values that most often need to be set.
- no logging
- pre-set the passwords to prevent interactive prompts
- move network ranges away from the local network (``FIXED_RANGE`` and
``FLOATING_RANGE``, commented out below)
- set the host IP if detection is unreliable (``HOST_IP``, commented
out below)
::
[[local|localrc]]
ADMIN_PASSWORD=secrete
DATABASE_PASSWORD=$ADMIN_PASSWORD
RABBIT_PASSWORD=$ADMIN_PASSWORD
SERVICE_PASSWORD=$ADMIN_PASSWORD
SERVICE_TOKEN=a682f596-76f3-11e3-b3b2-e716f9080d50
#FIXED_RANGE=172.31.1.0/24
#FLOATING_RANGE=192.168.20.0/25
#HOST_IP=10.3.4.5
If the ``*_PASSWORD`` variables are not set here you will be prompted to
enter values for them by ``stack.sh``.
The network ranges must not overlap with any networks in use on the
host. Overlap is not uncommon as RFC-1918 'private' ranges are commonly
used for both the local networking and Nova's fixed and floating ranges.
``HOST_IP`` is normally detected on the first run of ``stack.sh`` but
often is indeterminate on later runs due to the IP being moved from an
Ethernet interface to a bridge on the host. Setting it here also makes it
available for ``openrc`` to set ``OS_AUTH_URL``. ``HOST_IP`` is not set
by default.
``HOST_IPV6`` is normally detected on the first run of ``stack.sh`` but
will not be set if there is no IPv6 address on the default Ethernet interface.
Setting it here also makes it available for ``openrc`` to set ``OS_AUTH_URL``.
``HOST_IPV6`` is not set by default.
Common Configuration Variables
==============================
Installation Directory
----------------------
| *Default: ``DEST=/opt/stack``*
| The DevStack install directory is set by the ``DEST`` variable.
| By setting it early in the ``localrc`` section you can reference it
in later variables. It can be useful to set it even though it is not
changed from the default value.
|
::
DEST=/opt/stack
Libraries from Git
------------------
| *Default: ``LIBS_FROM_GIT=""``*
| By default devstack installs OpenStack server components from
git, however it installs client libraries from released versions
on pypi. This is appropriate if you are working on server
development, but if you want to see how an unreleased version of
the client affects the system you can have devstack install it
from upstream, or from local git trees.
| Multiple libraries can be specified as a comma separated list.
|
::
LIBS_FROM_GIT=python-keystoneclient,oslo.config
Virtual Environments
--------------------
| *Default: ``USE_VENV=False``*
| Enable the use of Python virtual environments by setting ``USE_VENV``
to ``True``. This will enable the creation of venvs for each project
that is defined in the ``PROJECT_VENV`` array.
| *Default: ``PROJECT_VENV['<project>']='<project-dir>.venv'*
| Each entry in the ``PROJECT_VENV`` array contains the directory name
of a venv to be used for the project. The array index is the project
name. Multiple projects can use the same venv if desired.
::
PROJECT_VENV["glance"]=${GLANCE_DIR}.venv
| *Default: ``ADDITIONAL_VENV_PACKAGES=""``*
| A comma-separated list of additional packages to be installed into each
venv. Often projects will not have certain packages listed in its
``requirements.txt`` file because they are 'optional' requirements,
i.e. only needed for certain configurations. By default, the enabled
databases will have their Python bindings added when they are enabled.
Enable Logging
--------------
| *Defaults: ``LOGFILE="" LOGDAYS=7 LOG_COLOR=True``*
| By default ``stack.sh`` output is only written to the console
where it runs. It can be sent to a file in addition to the console
by setting ``LOGFILE`` to the fully-qualified name of the
destination log file. A timestamp will be appended to the given
filename for each run of ``stack.sh``.
|
::
LOGFILE=$DEST/logs/stack.sh.log
Old log files are cleaned automatically if ``LOGDAYS`` is set to the
number of days of old log files to keep.
::
LOGDAYS=1
The some of the project logs (Nova, Cinder, etc) will be colorized
by default (if ``SYSLOG`` is not set below); this can be turned off
by setting ``LOG_COLOR`` False.
::
LOG_COLOR=False
Logging the Service Output
--------------------------
| *Default: ``LOGDIR=""``*
| DevStack will log the stdout output of the services it starts.
When using ``screen`` this logs the output in the screen windows
to a file. Without ``screen`` this simply redirects stdout of
the service process to a file in ``LOGDIR``.
|
::
LOGDIR=$DEST/logs
*Note the use of ``DEST`` to locate the main install directory; this
is why we suggest setting it in ``local.conf``.*
Enabling Syslog
---------------
| *Default: ``SYSLOG=False SYSLOG_HOST=$HOST_IP SYSLOG_PORT=516``*
| Logging all services to a single syslog can be convenient. Enable
syslogging by setting ``SYSLOG`` to ``True``. If the destination log
host is not localhost ``SYSLOG_HOST`` and ``SYSLOG_PORT`` can be
used to direct the message stream to the log host.
|
::
SYSLOG=True
SYSLOG_HOST=$HOST_IP
SYSLOG_PORT=516
A clean install every time
--------------------------
| *Default: ``RECLONE=""``*
| By default ``stack.sh`` only clones the project repos if they do
not exist in ``$DEST``. ``stack.sh`` will freshen each repo on each
run if ``RECLONE`` is set to ``yes``. This avoids having to manually
remove repos in order to get the current branch from ``$GIT_BASE``.
|
::
RECLONE=yes
Upgrade packages installed by pip
---------------------------------
| *Default: ``PIP_UPGRADE=""``*
| By default ``stack.sh`` only installs Python packages if no version
is currently installed or the current version does not match a specified
requirement. If ``PIP_UPGRADE`` is set to ``True`` then existing required
Python packages will be upgraded to the most recent version that
matches requirements.
|
::
PIP_UPGRADE=True
Swift
-----
| Default: SWIFT_HASH=""
| SWIFT_REPLICAS=1
| SWIFT_DATA_DIR=$DEST/data/swift
| Swift is now used as the back-end for the S3-like object store.
When enabled Nova's objectstore (n-obj in ENABLED_SERVICES) is
automatically disabled. Enable Swift by adding it services to
ENABLED_SERVICES: enable_service s-proxy s-object s-container
s-account
Setting Swift's hash value is required and you will be prompted for
it if Swift is enabled so just set it to something already:
::
SWIFT_HASH=66a3d6b56c1f479c8b4e70ab5c2000f5
For development purposes the default number of replicas is set to
``1`` to reduce the overhead required. To better simulate a
production deployment set this to ``3`` or more.
::
SWIFT_REPLICAS=3
The data for Swift is stored in the source tree by default (in
``$DEST/swift/data``) and can be moved by setting
``SWIFT_DATA_DIR``. The specified directory will be created if it
does not exist.
::
SWIFT_DATA_DIR=$DEST/data/swift
*Note: Previously just enabling ``swift`` was sufficient to start
the Swift services. That does not provide proper service
granularity, particularly in multi-host configurations, and is
considered deprecated. Some service combination tests now check for
specific Swift services and the old blanket acceptance will longer
work correctly.*
Service Catalog Backend
-----------------------
| *Default: ``KEYSTONE_CATALOG_BACKEND=sql``*
| DevStack uses Keystone's ``sql`` service catalog backend. An
alternate ``template`` backend is also available. However, it does
not support the ``service-*`` and ``endpoint-*`` commands of the
``keystone`` CLI. To do so requires the ``sql`` backend be enabled:
|
::
KEYSTONE_CATALOG_BACKEND=template
DevStack's default configuration in ``sql`` mode is set in
``files/keystone_data.sh``
Cinder
------
| Default:
| VOLUME_GROUP="stack-volumes" VOLUME_NAME_PREFIX="volume-" VOLUME_BACKING_FILE_SIZE=10250M
| The logical volume group used to hold the Cinder-managed volumes
is set by ``VOLUME_GROUP``, the logical volume name prefix is set
with ``VOLUME_NAME_PREFIX`` and the size of the volume backing file
is set with ``VOLUME_BACKING_FILE_SIZE``.
|
::
VOLUME_GROUP="stack-volumes"
VOLUME_NAME_PREFIX="volume-"
VOLUME_BACKING_FILE_SIZE=10250M
Multi-host DevStack
-------------------
| *Default: ``MULTI_HOST=False``*
| Running DevStack with multiple hosts requires a custom
``local.conf`` section for each host. The master is the same as a
single host installation with ``MULTI_HOST=True``. The slaves have
fewer services enabled and a couple of host variables pointing to
the master.
| **Master**
::
MULTI_HOST=True
**Slave**
::
MYSQL_HOST=w.x.y.z
RABBIT_HOST=w.x.y.z
GLANCE_HOSTPORT=w.x.y.z:9292
ENABLED_SERVICES=n-vol,n-cpu,n-net,n-api
IP Version
----------
| Default: ``IP_VERSION=4+6``
| This setting can be used to configure DevStack to create either an IPv4,
IPv6, or dual stack tenant data network by setting ``IP_VERSION`` to
either ``IP_VERSION=4``, ``IP_VERSION=6``, or ``IP_VERSION=4+6``
respectively. This functionality requires that the Neutron networking
service is enabled by setting the following options:
|
::
disable_service n-net
enable_service q-svc q-agt q-dhcp q-l3
| The following optional variables can be used to alter the default IPv6
behavior:
|
::
IPV6_RA_MODE=slaac
IPV6_ADDRESS_MODE=slaac
FIXED_RANGE_V6=fd$IPV6_GLOBAL_ID::/64
IPV6_PRIVATE_NETWORK_GATEWAY=fd$IPV6_GLOBAL_ID::1
| *Note: ``FIXED_RANGE_V6`` and ``IPV6_PRIVATE_NETWORK_GATEWAY``
can be configured with any valid IPv6 prefix. The default values make
use of an auto-generated ``IPV6_GLOBAL_ID`` to comply with RFC 4193.*
|
| Default: ``SERVICE_IP_VERSION=4``
| This setting can be used to configure DevStack to enable services to
operate over either IPv4 or IPv6, by setting ``SERVICE_IP_VERSION`` to
either ``SERVICE_IP_VERSION=4`` or ``SERVICE_IP_VERSION=6`` respectively.
When set to ``4`` devstack services will open listen sockets on 0.0.0.0
and service endpoints will be registered using ``HOST_IP`` as the address.
When set to ``6`` devstack services will open listen sockets on :: and
service endpoints will be registered using ``HOST_IPV6`` as the address.
The default value for this setting is ``4``. Dual-mode support, for
example ``4+6`` is not currently supported.
| The following optional variable can be used to alter the default IPv6
address used:
|
::
HOST_IPV6=${some_local_ipv6_address}
Examples
========
- Eliminate a Cinder pass-through (``CINDER_PERIODIC_INTERVAL``):
::
[[post-config|$CINDER_CONF]]
[DEFAULT]
periodic_interval = 60
- Sample ``local.conf`` with screen logging enabled:
::
[[local|localrc]]
FIXED_RANGE=10.254.1.0/24
NETWORK_GATEWAY=10.254.1.1
LOGDAYS=1
LOGDIR=$DEST/logs
LOGFILE=$LOGDIR/stack.sh.log
ADMIN_PASSWORD=quiet
DATABASE_PASSWORD=$ADMIN_PASSWORD
RABBIT_PASSWORD=$ADMIN_PASSWORD
SERVICE_PASSWORD=$ADMIN_PASSWORD
SERVICE_TOKEN=a682f596-76f3-11e3-b3b2-e716f9080d50