diff --git a/doc/source/reference/skydive-guide.rst b/doc/source/reference/skydive-guide.rst index 4e4f201f75..1940bea627 100644 --- a/doc/source/reference/skydive-guide.rst +++ b/doc/source/reference/skydive-guide.rst @@ -5,7 +5,7 @@ Skydive in Kolla ================ Overview -======== +~~~~~~~~ Skydive is an open source real-time network topology and protocols analyzer. It aims to provide a comprehensive way of understanding what is happening in the network infrastructure. @@ -16,12 +16,14 @@ All the information is stored in an Elasticsearch database. Configuration on Kolla deployment --------------------------------- -Enable Skydive in ``/etc/kolla/globals.yml`` +Enable Skydive in ``/etc/kolla/globals.yml`` file: -.. code-block:: console +.. code-block:: yaml - enable_skydive: "yes" - enable_elasticsearch: "yes" + enable_skydive: "yes" + enable_elasticsearch: "yes" + +.. end Verify operation ---------------- diff --git a/doc/source/reference/swift-guide.rst b/doc/source/reference/swift-guide.rst index 5d5a92d27d..c340713a7f 100644 --- a/doc/source/reference/swift-guide.rst +++ b/doc/source/reference/swift-guide.rst @@ -5,12 +5,13 @@ Swift in Kolla ============== Overview -======== +~~~~~~~~ + Kolla can deploy a full working Swift setup in either a **all-in-one** or **multinode** setup. Disks with a partition table (recommended) -========================================== +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Swift requires block devices to be available for storage. To prepare a disk for use as a Swift storage device, a special partition name and filesystem @@ -19,32 +20,39 @@ label need to be added. The following should be done on each storage node, the example is shown for three disks: -:: +.. warning:: - # - index=0 - for d in sdc sdd sde; do - parted /dev/${d} -s -- mklabel gpt mkpart KOLLA_SWIFT_DATA 1 -1 - sudo mkfs.xfs -f -L d${index} /dev/${d}1 - (( index++ )) - done + ALL DATA ON DISK will be LOST! + +.. code-block:: console + + index=0 + for d in sdc sdd sde; do + parted /dev/${d} -s -- mklabel gpt mkpart KOLLA_SWIFT_DATA 1 -1 + sudo mkfs.xfs -f -L d${index} /dev/${d}1 + (( index++ )) + done + +.. end For evaluation, loopback devices can be used in lieu of real disks: -:: +.. code-block:: console - index=0 - for d in sdc sdd sde; do - free_device=$(losetup -f) - fallocate -l 1G /tmp/$d - losetup $free_device /tmp/$d - parted $free_device -s -- mklabel gpt mkpart KOLLA_SWIFT_DATA 1 -1 - sudo mkfs.xfs -f -L d${index} ${free_device}p1 - (( index++ )) - done + index=0 + for d in sdc sdd sde; do + free_device=$(losetup -f) + fallocate -l 1G /tmp/$d + losetup $free_device /tmp/$d + parted $free_device -s -- mklabel gpt mkpart KOLLA_SWIFT_DATA 1 -1 + sudo mkfs.xfs -f -L d${index} ${free_device}p1 + (( index++ )) + done + +.. end Disks without a partition table -=============================== +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Kolla also supports unpartitioned disk (filesystem on ``/dev/sdc`` instead of ``/dev/sdc1``) detection purely based on filesystem label. This is generally @@ -54,150 +62,193 @@ deployment already using disk like this. Given hard disks with labels swd1, swd2, swd3, use the following settings in ``ansible/roles/swift/defaults/main.yml``. -:: +.. code-block:: yaml - swift_devices_match_mode: "prefix" - swift_devices_name: "swd" + swift_devices_match_mode: "prefix" + swift_devices_name: "swd" + +.. end Rings -===== +~~~~~ Before running Swift we need to generate **rings**, which are binary compressed files that at a high level let the various Swift services know where data is in the cluster. We hope to automate this process in a future release. The following example commands should be run from the ``operator`` node to -generate rings for a demo setup. The commands work with **disks with partition -table** example listed above. Please modify accordingly if your setup is +generate rings for a demo setup. The commands work with **disks with partition +table** example listed above. Please modify accordingly if your setup is different. -:: +Prepare for Rings generating +---------------------------- - STORAGE_NODES=(192.168.0.2 192.168.0.3 192.168.0.4) - KOLLA_SWIFT_BASE_IMAGE="kolla/oraclelinux-source-swift-base:4.0.0" +To perpare for Swift Rings generating, run the following commands to initialize +the environment variable and create ``/etc/kolla/config/swift`` directory: - mkdir -p /etc/kolla/config/swift +.. code-block:: console - # Object ring - docker run \ - --rm \ - -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ - $KOLLA_SWIFT_BASE_IMAGE \ - swift-ring-builder \ - /etc/kolla/config/swift/object.builder create 10 3 1 + STORAGE_NODES=(192.168.0.2 192.168.0.3 192.168.0.4) + KOLLA_SWIFT_BASE_IMAGE="kolla/oraclelinux-source-swift-base:4.0.0" + mkdir -p /etc/kolla/config/swift - for node in ${STORAGE_NODES[@]}; do - for i in {0..2}; do - docker run \ - --rm \ - -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ - $KOLLA_SWIFT_BASE_IMAGE \ - swift-ring-builder \ - /etc/kolla/config/swift/object.builder add r1z1-${node}:6000/d${i} 1; - done - done +.. end - # Account ring - docker run \ - --rm \ - -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ - $KOLLA_SWIFT_BASE_IMAGE \ - swift-ring-builder \ - /etc/kolla/config/swift/account.builder create 10 3 1 +Generate Object Ring +-------------------- - for node in ${STORAGE_NODES[@]}; do - for i in {0..2}; do - docker run \ - --rm \ - -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ - $KOLLA_SWIFT_BASE_IMAGE \ - swift-ring-builder \ - /etc/kolla/config/swift/account.builder add r1z1-${node}:6001/d${i} 1; - done - done +To generate Swift object ring, run the following commands: - # Container ring - docker run \ - --rm \ - -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ - $KOLLA_SWIFT_BASE_IMAGE \ - swift-ring-builder \ - /etc/kolla/config/swift/container.builder create 10 3 1 +.. code-block:: console - for node in ${STORAGE_NODES[@]}; do - for i in {0..2}; do - docker run \ - --rm \ - -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ - $KOLLA_SWIFT_BASE_IMAGE \ - swift-ring-builder \ - /etc/kolla/config/swift/container.builder add r1z1-${node}:6002/d${i} 1; - done - done + docker run \ + --rm \ + -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ + $KOLLA_SWIFT_BASE_IMAGE \ + swift-ring-builder \ + /etc/kolla/config/swift/object.builder create 10 3 1 - for ring in object account container; do - docker run \ - --rm \ - -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ - $KOLLA_SWIFT_BASE_IMAGE \ - swift-ring-builder \ - /etc/kolla/config/swift/${ring}.builder rebalance; - done + for node in ${STORAGE_NODES[@]}; do + for i in {0..2}; do + docker run \ + --rm \ + -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ + $KOLLA_SWIFT_BASE_IMAGE \ + swift-ring-builder \ + /etc/kolla/config/swift/object.builder add r1z1-${node}:6000/d${i} 1; + done + done -For more info, see +.. end + +Generate Account Ring +--------------------- + +To generate Swift account ring, run the following commands: + +.. code-block:: console + + docker run \ + --rm \ + -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ + $KOLLA_SWIFT_BASE_IMAGE \ + swift-ring-builder \ + /etc/kolla/config/swift/account.builder create 10 3 1 + + for node in ${STORAGE_NODES[@]}; do + for i in {0..2}; do + docker run \ + --rm \ + -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ + $KOLLA_SWIFT_BASE_IMAGE \ + swift-ring-builder \ + /etc/kolla/config/swift/account.builder add r1z1-${node}:6001/d${i} 1; + done + done + +.. end + +Generate Container Ring +----------------------- + +To generate Swift container ring, run the following commands: + +.. code-block:: console + + docker run \ + --rm \ + -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ + $KOLLA_SWIFT_BASE_IMAGE \ + swift-ring-builder \ + /etc/kolla/config/swift/container.builder create 10 3 1 + + for node in ${STORAGE_NODES[@]}; do + for i in {0..2}; do + docker run \ + --rm \ + -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ + $KOLLA_SWIFT_BASE_IMAGE \ + swift-ring-builder \ + /etc/kolla/config/swift/container.builder add r1z1-${node}:6002/d${i} 1; + done + done + + for ring in object account container; do + docker run \ + --rm \ + -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ + $KOLLA_SWIFT_BASE_IMAGE \ + swift-ring-builder \ + /etc/kolla/config/swift/${ring}.builder rebalance; + done + +.. end + +For more information, see https://docs.openstack.org/project-install-guide/object-storage/ocata/initial-rings.html Deploying -========= +~~~~~~~~~ + Enable Swift in ``/etc/kolla/globals.yml``: -:: +.. code-block:: yaml - enable_swift : "yes" + enable_swift : "yes" + +.. end Once the rings are in place, deploying Swift is the same as any other Kolla Ansible service: -:: +.. code-block:: console - kolla-ansible deploy -i + # kolla-ansible deploy -i + +.. end + +Verification +~~~~~~~~~~~~ -Validation -========== A very basic smoke test: -:: +.. code-block:: console - $ openstack container create mycontainer - +---------------------------------------+--------------+------------------------------------+ - | account | container | x-trans-id | - +---------------------------------------+--------------+------------------------------------+ - | AUTH_7b938156dba44de7891f311c751f91d8 | mycontainer | txb7f05fa81f244117ac1b7-005a0e7803 | - +---------------------------------------+--------------+------------------------------------+ + $ openstack container create mycontainer - $ openstack object create mycontainer README.rst - +---------------+--------------+----------------------------------+ - | object | container | etag | - +---------------+--------------+----------------------------------+ - | README.rst | mycontainer | 2634ecee0b9a52ba403a503cc7d8e988 | - +---------------+--------------+----------------------------------+ + +---------------------------------------+--------------+------------------------------------+ + | account | container | x-trans-id | + +---------------------------------------+--------------+------------------------------------+ + | AUTH_7b938156dba44de7891f311c751f91d8 | mycontainer | txb7f05fa81f244117ac1b7-005a0e7803 | + +---------------------------------------+--------------+------------------------------------+ - $ openstack container show mycontainer - +--------------+---------------------------------------+ - | Field | Value | - +--------------+---------------------------------------+ - | account | AUTH_7b938156dba44de7891f311c751f91d8 | - | bytes_used | 6684 | - | container | mycontainer | - | object_count | 1 | - +--------------+---------------------------------------+ + $ openstack object create mycontainer README.rst - $ openstack object store account show - +------------+---------------------------------------+ - | Field | Value | - +------------+---------------------------------------+ - | Account | AUTH_7b938156dba44de7891f311c751f91d8 | - | Bytes | 6684 | - | Containers | 1 | - | Objects | 1 | - +------------+---------------------------------------+ + +---------------+--------------+----------------------------------+ + | object | container | etag | + +---------------+--------------+----------------------------------+ + | README.rst | mycontainer | 2634ecee0b9a52ba403a503cc7d8e988 | + +---------------+--------------+----------------------------------+ + + $ openstack container show mycontainer + + +--------------+---------------------------------------+ + | Field | Value | + +--------------+---------------------------------------+ + | account | AUTH_7b938156dba44de7891f311c751f91d8 | + | bytes_used | 6684 | + | container | mycontainer | + | object_count | 1 | + +--------------+---------------------------------------+ + + $ openstack object store account show + + +------------+---------------------------------------+ + | Field | Value | + +------------+---------------------------------------+ + | Account | AUTH_7b938156dba44de7891f311c751f91d8 | + | Bytes | 6684 | + | Containers | 1 | + | Objects | 1 | + +------------+---------------------------------------+ \ No newline at end of file diff --git a/doc/source/reference/tacker-guide.rst b/doc/source/reference/tacker-guide.rst index 72b341d4af..15d2a7e903 100644 --- a/doc/source/reference/tacker-guide.rst +++ b/doc/source/reference/tacker-guide.rst @@ -1,14 +1,16 @@ +=============== Tacker in Kolla =============== -"Tacker is an OpenStack service for NFV Orchestration with -a general purpose VNF Manager to deploy and operate -Virtual Network Functions (VNFs) and Network Services -on an NFV Platform. -It is based on ETSI MANO Architectural Framework." [1]. +"Tacker is an OpenStack service for NFV Orchestration with a general purpose +VNF Manager to deploy and operate Virtual Network Functions (VNFs) and +Network Services on an NFV Platform. It is based on ETSI MANO Architectural +Framework." +For more details about Tacker, see `OpenStack Tacker Documentation +`__. Overview --------- +~~~~~~~~ As of the Pike release, tacker requires the following services to be enabled to operate correctly. @@ -26,7 +28,7 @@ Optionally tacker supports the following services and features. * Opendaylight Compatibility -------------- +~~~~~~~~~~~~~ Tacker is supported by the following distros and install_types. @@ -39,7 +41,7 @@ Tacker is supported by the following distros and install_types. * Only source images. Preparation and Deployment --------------------------- +~~~~~~~~~~~~~~~~~~~~~~~~~~ By default tacker and required services are disabled in the ``group_vars/all.yml`` file. @@ -48,53 +50,63 @@ In order to enable them, you need to edit the file .. note:: - Heat is enabled by default, ensure it is not disabled. + Heat is enabled by default, ensure it is not disabled. -:: +.. code-block:: yaml - enable_tacker: "yes" - enable_barbican: "yes" - enable_mistral: "yes" - enable_redis: "yes" + enable_tacker: "yes" + enable_barbican: "yes" + enable_mistral: "yes" + enable_redis: "yes" + +.. end .. warning:: - Barbican is required in multinode deployments to share VIM fernet_keys. - If not enabled, only one tacker-server host will have the keys on it - and any request made to a different tacker-server will fail with a - similar error as ``No such file or directory /etc/tacker/vim/fernet_keys`` + Barbican is required in multinode deployments to share VIM fernet_keys. + If not enabled, only one tacker-server host will have the keys on it + and any request made to a different tacker-server will fail with a + similar error as ``No such file or directory /etc/tacker/vim/fernet_keys`` Deploy tacker and related services. -:: +.. code-block:: console - $ kolla-ansible deploy + $ kolla-ansible deploy -Verify ------- +.. end + +Verification +~~~~~~~~~~~~ Generate the credentials file. -:: +.. code-block:: console - $ kolla-ansible post-deploy + $ kolla-ansible post-deploy + +.. end Source credentials file. -:: +.. code-block:: console - $ . /etc/kolla/admin-openrc.sh + $ . /etc/kolla/admin-openrc.sh + +.. end Create base neutron networks and glance images. -:: +.. code-block:: console - $ sh tools/init-runonce + $ sh tools/init-runonce + +.. end .. note:: - ``init-runonce`` file is located in ``$PYTHON_PATH/kolla-ansible`` - folder in kolla-ansible installation from pip. + ``init-runonce`` file is located in ``$PYTHON_PATH/kolla-ansible`` + folder in kolla-ansible installation from pip. In kolla-ansible git repository a `tacker demo `_ is present in ``kolla-ansible/contrib/demos/tacker/`` that will @@ -104,18 +116,22 @@ Install python-tackerclient. .. note:: - Barbican, heat and mistral python clients are in tacker's - requirements and will be installed as dependency. + Barbican, heat and mistral python clients are in tacker's + requirements and will be installed as dependency. -:: +.. code-block:: console - $ pip install python-tackerclient + $ pip install python-tackerclient + +.. end Execute ``deploy-tacker-demo`` script to initialize the VNF creation. -:: +.. code-block:: console - $ sh deploy-tacker-demo + $ sh deploy-tacker-demo + +.. end Tacker demo script will create sample VNF Descriptor (VNFD) file, then register a default VIM, create a tacker VNFD and finally @@ -127,42 +143,51 @@ running in nova and with its corresponding heat stack CREATION_COMPLETE. Verify tacker VNF status is ACTIVE. -:: +.. code-block:: console - $ tacker vnf-list - +--------------------------------------+------------------+-----------------------+--------+--------------------------------------+--------------------------------------+ - | id | name | mgmt_url | status | vim_id | vnfd_id | - +--------------------------------------+------------------+-----------------------+--------+--------------------------------------+--------------------------------------+ - | c52fcf99-101d-427b-8a2d-c9ef54af8b1d | kolla-sample-vnf | {"VDU1": "10.0.0.10"} | ACTIVE | eb3aa497-192c-4557-a9d7-1dff6874a8e6 | 27e8ea98-f1ff-4a40-a45c-e829e53b3c41 | - +--------------------------------------+------------------+-----------------------+--------+--------------------------------------+--------------------------------------+ + $ tacker vnf-list + + +--------------------------------------+------------------+-----------------------+--------+--------------------------------------+--------------------------------------+ + | id | name | mgmt_url | status | vim_id | vnfd_id | + +--------------------------------------+------------------+-----------------------+--------+--------------------------------------+--------------------------------------+ + | c52fcf99-101d-427b-8a2d-c9ef54af8b1d | kolla-sample-vnf | {"VDU1": "10.0.0.10"} | ACTIVE | eb3aa497-192c-4557-a9d7-1dff6874a8e6 | 27e8ea98-f1ff-4a40-a45c-e829e53b3c41 | + +--------------------------------------+------------------+-----------------------+--------+--------------------------------------+--------------------------------------+ + +.. end Verify nova instance status is ACTIVE. -:: +.. code-block:: console - $ openstack server list - +--------------------------------------+-------------------------------------------------------+--------+--------------------+--------+-----------------------------------------------------------------------------------------------------------------------+ - | ID | Name | Status | Networks | Image | Flavor | - +--------------------------------------+-------------------------------------------------------+--------+--------------------+--------+-----------------------------------------------------------------------------------------------------------------------+ - | d2d59eeb-8526-4826-8f1b-c50b571395e2 | ta-cf99-101d-427b-8a2d-c9ef54af8b1d-VDU1-fchiv6saay7p | ACTIVE | demo-net=10.0.0.10 | cirros | tacker.vnfm.infra_drivers.openstack.openstack_OpenStack-c52fcf99-101d-427b-8a2d-c9ef54af8b1d-VDU1_flavor-yl4bzskwxdkn | - +--------------------------------------+-------------------------------------------------------+--------+--------------------+--------+-----------------------------------------------------------------------------------------------------------------------+ + $ openstack server list + + +--------------------------------------+-------------------------------------------------------+--------+--------------------+--------+-----------------------------------------------------------------------------------------------------------------------+ + | ID | Name | Status | Networks | Image | Flavor | + +--------------------------------------+-------------------------------------------------------+--------+--------------------+--------+-----------------------------------------------------------------------------------------------------------------------+ + | d2d59eeb-8526-4826-8f1b-c50b571395e2 | ta-cf99-101d-427b-8a2d-c9ef54af8b1d-VDU1-fchiv6saay7p | ACTIVE | demo-net=10.0.0.10 | cirros | tacker.vnfm.infra_drivers.openstack.openstack_OpenStack-c52fcf99-101d-427b-8a2d-c9ef54af8b1d-VDU1_flavor-yl4bzskwxdkn | + +--------------------------------------+-------------------------------------------------------+--------+--------------------+--------+-----------------------------------------------------------------------------------------------------------------------+ + +.. end Verify Heat stack status is CREATE_COMPLETE. -:: +.. code-block:: console - $ openstack stack list - +--------------------------------------+----------------------------------------------------------------------------------------------+----------------------------------+-----------------+----------------------+--------------+ - | ID | Stack Name | Project | Stack Status | Creation Time | Updated Time | - +--------------------------------------+----------------------------------------------------------------------------------------------+----------------------------------+-----------------+----------------------+--------------+ - | 289a6686-70f6-4db7-aa10-ed169fe547a6 | tacker.vnfm.infra_drivers.openstack.openstack_OpenStack-c52fcf99-101d-427b-8a2d-c9ef54af8b1d | 1243948e59054aab83dbf2803e109b3f | CREATE_COMPLETE | 2017-08-23T09:49:50Z | None | - +--------------------------------------+----------------------------------------------------------------------------------------------+----------------------------------+-----------------+----------------------+--------------+ + $ openstack stack list + + +--------------------------------------+----------------------------------------------------------------------------------------------+----------------------------------+-----------------+----------------------+--------------+ + | ID | Stack Name | Project | Stack Status | Creation Time | Updated Time | + +--------------------------------------+----------------------------------------------------------------------------------------------+----------------------------------+-----------------+----------------------+--------------+ + | 289a6686-70f6-4db7-aa10-ed169fe547a6 | tacker.vnfm.infra_drivers.openstack.openstack_OpenStack-c52fcf99-101d-427b-8a2d-c9ef54af8b1d | 1243948e59054aab83dbf2803e109b3f | CREATE_COMPLETE | 2017-08-23T09:49:50Z | None | + +--------------------------------------+----------------------------------------------------------------------------------------------+----------------------------------+-----------------+----------------------+--------------+ + +.. end After the correct functionality of tacker is verified, tacker demo can be cleaned up executing ``cleanup-tacker`` script. -:: +.. code-block:: console - $ sh cleanup-tacker + $ sh cleanup-tacker -[1] https://docs.openstack.org/tacker/latest/ +.. end \ No newline at end of file diff --git a/doc/source/reference/vmware-guide.rst b/doc/source/reference/vmware-guide.rst index 5559b95799..d77d8b52af 100644 --- a/doc/source/reference/vmware-guide.rst +++ b/doc/source/reference/vmware-guide.rst @@ -1,11 +1,12 @@ .. _vmware-guide: -==================== +=============== VMware in Kolla -==================== +=============== Overview -======== +~~~~~~~~ + Kolla can deploy the Nova and Neutron Service(s) for VMware vSphere. Depending on the network architecture (NsxV or DVS) you choose, Kolla deploys the following OpenStack services for VMware vSphere: @@ -42,11 +43,11 @@ bridge and works through VLAN. .. note:: - VMware NSX-DVS plugin does not support tenant networks, so all VMs should - attach to Provider VLAN/Flat networks. + VMware NSX-DVS plugin does not support tenant networks, so all VMs should + attach to Provider VLAN/Flat networks. VMware NSX-V -============ +~~~~~~~~~~~~ Preparation ----------- @@ -57,51 +58,57 @@ For more information, please see `VMware NSX-V documentation - - - VNC - - inbound - tcp - dst - - 5900 - 5999 - - - - outbound - tcp - dst - - 0 - 65535 - - - true - false - - + + + + VNC + + inbound + tcp + dst + + 5900 + 5999 + + + + outbound + tcp + dst + + 0 + 65535 + + + true + false + + + +.. end Then refresh the firewall config by: .. code-block:: console - esxcli network firewall refresh + # esxcli network firewall refresh + +.. end Verify that the firewall config is applied: .. code-block:: console - esxcli network firewall ruleset list + # esxcli network firewall ruleset list + +.. end Deployment ---------- @@ -109,97 +116,111 @@ Deployment Enable VMware nova-compute plugin and NSX-V neutron-server plugin in ``/etc/kolla/globals.yml``: -.. code-block:: console +.. code-block:: yaml - nova_compute_virt_type: "vmware" - neutron_plugin_agent: "vmware_nsxv" + nova_compute_virt_type: "vmware" + neutron_plugin_agent: "vmware_nsxv" + +.. end .. note:: - VMware NSX-V also supports Neutron FWaaS, LBaaS and VPNaaS services, you can enable - them by setting these options in globals.yml: + VMware NSX-V also supports Neutron FWaaS, LBaaS and VPNaaS services, you can enable + them by setting these options in ``globals.yml``: - * enable_neutron_vpnaas: "yes" - * enable_neutron_lbaas: "yes" - * enable_neutron_fwaas: "yes" + * enable_neutron_vpnaas: "yes" + * enable_neutron_lbaas: "yes" + * enable_neutron_fwaas: "yes" If you want to set VMware datastore as cinder backend, enable it in ``/etc/kolla/globals.yml``: -.. code-block:: console +.. code-block:: yaml - enable_cinder: "yes" - cinder_backend_vmwarevc_vmdk: "yes" - vmware_datastore_name: "TestDatastore" + enable_cinder: "yes" + cinder_backend_vmwarevc_vmdk: "yes" + vmware_datastore_name: "TestDatastore" + +.. end If you want to set VMware datastore as glance backend, enable it in ``/etc/kolla/globals.yml``: -.. code-block:: console +.. code-block:: yaml - glance_backend_vmware: "yes" - vmware_vcenter_name: "TestDatacenter" - vmware_datastore_name: "TestDatastore" + glance_backend_vmware: "yes" + vmware_vcenter_name: "TestDatacenter" + vmware_datastore_name: "TestDatastore" + +.. end VMware options are required in ``/etc/kolla/globals.yml``, these options should be configured correctly according to your NSX-V environment. -Options for nova-compute and ceilometer: +Options for ``nova-compute`` and ``ceilometer``: -.. code-block:: console +.. code-block:: yaml - vmware_vcenter_host_ip: "127.0.0.1" - vmware_vcenter_host_username: "admin" - vmware_vcenter_cluster_name: "cluster-1" - vmware_vcenter_insecure: "True" - vmware_vcenter_datastore_regex: ".*" + vmware_vcenter_host_ip: "127.0.0.1" + vmware_vcenter_host_username: "admin" + vmware_vcenter_cluster_name: "cluster-1" + vmware_vcenter_insecure: "True" + vmware_vcenter_datastore_regex: ".*" + +.. end .. note:: - The VMware vCenter password has to be set in ``/etc/kolla/passwords.yml``. + The VMware vCenter password has to be set in ``/etc/kolla/passwords.yml``. - .. code-block:: console + .. code-block:: yaml - vmware_vcenter_host_password: "admin" + vmware_vcenter_host_password: "admin" + + .. end Options for Neutron NSX-V support: -.. code-block:: console +.. code-block:: yaml - vmware_nsxv_user: "nsx_manager_user" - vmware_nsxv_manager_uri: "https://127.0.0.1" - vmware_nsxv_cluster_moid: "TestCluster" - vmware_nsxv_datacenter_moid: "TestDataCeter" - vmware_nsxv_resource_pool_id: "TestRSGroup" - vmware_nsxv_datastore_id: "TestDataStore" - vmware_nsxv_external_network: "TestDVSPort-Ext" - vmware_nsxv_vdn_scope_id: "TestVDNScope" - vmware_nsxv_dvs_id: "TestDVS" - vmware_nsxv_backup_edge_pool: "service:compact:1:2" - vmware_nsxv_spoofguard_enabled: "false" - vmware_nsxv_metadata_initializer: "false" - vmware_nsxv_edge_ha: "false" + vmware_nsxv_user: "nsx_manager_user" + vmware_nsxv_manager_uri: "https://127.0.0.1" + vmware_nsxv_cluster_moid: "TestCluster" + vmware_nsxv_datacenter_moid: "TestDataCeter" + vmware_nsxv_resource_pool_id: "TestRSGroup" + vmware_nsxv_datastore_id: "TestDataStore" + vmware_nsxv_external_network: "TestDVSPort-Ext" + vmware_nsxv_vdn_scope_id: "TestVDNScope" + vmware_nsxv_dvs_id: "TestDVS" + vmware_nsxv_backup_edge_pool: "service:compact:1:2" + vmware_nsxv_spoofguard_enabled: "false" + vmware_nsxv_metadata_initializer: "false" + vmware_nsxv_edge_ha: "false" + +.. yaml .. note:: - If you want to set secure connections to VMware, set ``vmware_vcenter_insecure`` - to false. - Secure connections to vCenter requires a CA file, copy the vCenter CA file to - ``/etc/kolla/config/vmware_ca``. + If you want to set secure connections to VMware, set ``vmware_vcenter_insecure`` + to false. + Secure connections to vCenter requires a CA file, copy the vCenter CA file to + ``/etc/kolla/config/vmware_ca``. .. note:: - The VMware NSX-V password has to be set in ``/etc/kolla/passwords.yml``. + The VMware NSX-V password has to be set in ``/etc/kolla/passwords.yml``. - .. code-block:: console + .. code-block:: yaml - vmware_nsxv_password: "nsx_manager_password" + vmware_nsxv_password: "nsx_manager_password" -Then you should start kolla-ansible deployment normally as KVM/QEMU deployment. + .. end + +Then you should start :command:`kolla-ansible` deployment normally as KVM/QEMU deployment. VMware NSX-DVS -============== +~~~~~~~~~~~~~~ Preparation ----------- @@ -216,28 +237,34 @@ Deployment Enable VMware nova-compute plugin and NSX-V neutron-server plugin in ``/etc/kolla/globals.yml``: -.. code-block:: console +.. code-block:: yaml - nova_compute_virt_type: "vmware" - neutron_plugin_agent: "vmware_dvs" + nova_compute_virt_type: "vmware" + neutron_plugin_agent: "vmware_dvs" + +.. end If you want to set VMware datastore as Cinder backend, enable it in ``/etc/kolla/globals.yml``: -.. code-block:: console +.. code-block:: yaml - enable_cinder: "yes" - cinder_backend_vmwarevc_vmdk: "yes" - vmware_datastore_name: "TestDatastore" + enable_cinder: "yes" + cinder_backend_vmwarevc_vmdk: "yes" + vmware_datastore_name: "TestDatastore" + +.. end If you want to set VMware datastore as Glance backend, enable it in ``/etc/kolla/globals.yml``: -.. code-block:: console +.. code-block:: yaml - glance_backend_vmware: "yes" - vmware_vcenter_name: "TestDatacenter" - vmware_datastore_name: "TestDatastore" + glance_backend_vmware: "yes" + vmware_vcenter_name: "TestDatacenter" + vmware_datastore_name: "TestDatastore" + +.. end VMware options are required in ``/etc/kolla/globals.yml``, these options should be configured correctly according to the vSphere environment you installed @@ -246,23 +273,27 @@ the following options. Options for Neutron NSX-DVS support: -.. code-block:: console +.. code-block:: yaml - vmware_dvs_host_ip: "192.168.1.1" - vmware_dvs_host_port: "443" - vmware_dvs_host_username: "admin" - vmware_dvs_dvs_name: "VDS-1" - vmware_dvs_dhcp_override_mac: "" + vmware_dvs_host_ip: "192.168.1.1" + vmware_dvs_host_port: "443" + vmware_dvs_host_username: "admin" + vmware_dvs_dvs_name: "VDS-1" + vmware_dvs_dhcp_override_mac: "" + +.. end .. note:: - The VMware NSX-DVS password has to be set in ``/etc/kolla/passwords.yml``. + The VMware NSX-DVS password has to be set in ``/etc/kolla/passwords.yml``. - .. code-block:: console + .. code-block:: yaml - vmware_dvs_host_password: "password" + vmware_dvs_host_password: "password" -Then you should start kolla-ansible deployment normally as KVM/QEMU deployment. + .. end + +Then you should start :command:`kolla-ansible` deployment normally as KVM/QEMU deployment. For more information on OpenStack vSphere, see `VMware vSphere diff --git a/doc/source/reference/zun-guide.rst b/doc/source/reference/zun-guide.rst index 501a326306..a72aa3b218 100644 --- a/doc/source/reference/zun-guide.rst +++ b/doc/source/reference/zun-guide.rst @@ -1,9 +1,12 @@ +============ Zun in Kolla ============ "Zun is an OpenStack Container service. It aims to provide an OpenStack API for provisioning and managing containerized -workload on OpenStack." [1]. +workload on OpenStack." +For more details about Zun, see `OpenStack Zun Documentation +`__. Preparation and Deployment -------------------------- @@ -14,101 +17,124 @@ configure kuryr refer to :doc:`kuryr-guide`. To allow Zun Compute connect to the Docker Daemon, add the following in the ``docker.service`` file on each zun-compute node. -:: +.. code-block:: none - ExecStart= -H tcp://:2375 -H unix:///var/run/docker.sock --cluster-store=etcd://:2379 --cluster-advertise=:2375 + ExecStart= -H tcp://:2375 -H unix:///var/run/docker.sock --cluster-store=etcd://:2379 --cluster-advertise=:2375 + +.. end .. note:: - ``DOCKER_SERVICE_IP`` is zun-compute host IP address. ``2375`` is port that - allows Docker daemon to be accessed remotely. + ``DOCKER_SERVICE_IP`` is zun-compute host IP address. ``2375`` is port that + allows Docker daemon to be accessed remotely. By default zun is disabled in the ``group_vars/all.yml``. In order to enable it, you need to edit the file globals.yml and set the following variables: -:: +.. code-block:: yaml - enable_zun: "yes" - enable_kuryr: "yes" - enable_etcd: "yes" + enable_zun: "yes" + enable_kuryr: "yes" + enable_etcd: "yes" + +.. end Deploy the OpenStack cloud and zun. -:: +.. code-block:: console - $ kolla-ansible deploy + $ kolla-ansible deploy -Verify ------- +.. end -Generate the credentials file. +Verification +------------ -:: +#. Generate the credentials file: - $ kolla-ansible post-deploy + .. code-block:: console -Source credentials file. + $ kolla-ansible post-deploy -:: + .. end - $ . /etc/kolla/admin-openrc.sh +#. Source credentials file: -Download and create a glance container image. + .. code-block:: console -:: + $ . /etc/kolla/admin-openrc.sh - $ docker pull cirros - $ docker save cirros | openstack image create cirros --public \ - --container-format docker --disk-format raw + .. end -Create zun container. +#. Download and create a glance container image: -:: + .. code-block:: console - $ zun create --name test --net network=demo-net cirros ping -c4 8.8.8.8 + $ docker pull cirros + $ docker save cirros | openstack image create cirros --public \ + --container-format docker --disk-format raw -.. note:: + .. end - Kuryr does not support networks with DHCP enabled, disable DHCP in the - subnet used for zun containers. +#. Create zun container: - :: + .. code-block:: console - openstack subnet set --no-dhcp + $ zun create --name test --net network=demo-net cirros ping -c4 8.8.8.8 -Verify container is created. + .. end -:: + .. note:: - $ zun list - +--------------------------------------+------+---------------+---------+------------+------------+-------+ - | uuid | name | image | status | task_state | addresses | ports | - +--------------------------------------+------+---------------+---------+------------+------------+-------+ - | 3719a73e-5f86-47e1-bc5f-f4074fc749f2 | test | cirros | Created | None | 172.17.0.3 | [] | - +--------------------------------------+------+---------------+---------+------------+------------+-------+ + Kuryr does not support networks with DHCP enabled, disable DHCP in the + subnet used for zun containers. -Start container. + .. code-block:: console -:: + $ openstack subnet set --no-dhcp - $ zun start test - Request to start container test has been accepted. + .. end -Verify container. +#. Verify container is created: -:: + .. code-block:: console - $ zun logs test - PING 8.8.8.8 (8.8.8.8): 56 data bytes - 64 bytes from 8.8.8.8: seq=0 ttl=45 time=96.396 ms - 64 bytes from 8.8.8.8: seq=1 ttl=45 time=96.504 ms - 64 bytes from 8.8.8.8: seq=2 ttl=45 time=96.721 ms - 64 bytes from 8.8.8.8: seq=3 ttl=45 time=95.884 ms + $ zun list - --- 8.8.8.8 ping statistics --- - 4 packets transmitted, 4 packets received, 0% packet loss - round-trip min/avg/max = 95.884/96.376/96.721 ms + +--------------------------------------+------+---------------+---------+------------+------------+-------+ + | uuid | name | image | status | task_state | addresses | ports | + +--------------------------------------+------+---------------+---------+------------+------------+-------+ + | 3719a73e-5f86-47e1-bc5f-f4074fc749f2 | test | cirros | Created | None | 172.17.0.3 | [] | + +--------------------------------------+------+---------------+---------+------------+------------+-------+ + + .. end + +#. Start container: + + .. code-block:: console + + $ zun start test + Request to start container test has been accepted. + + .. end + +#. Verify container: + + .. code-block:: console + + $ zun logs test + PING 8.8.8.8 (8.8.8.8): 56 data bytes + 64 bytes from 8.8.8.8: seq=0 ttl=45 time=96.396 ms + 64 bytes from 8.8.8.8: seq=1 ttl=45 time=96.504 ms + 64 bytes from 8.8.8.8: seq=2 ttl=45 time=96.721 ms + 64 bytes from 8.8.8.8: seq=3 ttl=45 time=95.884 ms + + --- 8.8.8.8 ping statistics --- + 4 packets transmitted, 4 packets received, 0% packet loss + round-trip min/avg/max = 95.884/96.376/96.721 ms + + .. end For more information about how zun works, see `zun, OpenStack Container service `__.