.. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. Quick start =========== This document describes how to install manila from the OpenStack `Mitaka` release. Note that the process differs from previous releases and is likely to change again in subsequent releases. Manila consists of the following main services, which are similar to those of the OpenStack cinder project: - manila-api - manila-data - manila-scheduler - manila-share Installations of `manila-api` and `manila-scheduler` are common for almost all deployments. But configuration of `manila-share` is backend-specific and can differ from deployment to deployment. This document will cover only a single use case, configuring the "Generic" driver that uses the cinder project as its backend. Note that the `manila-share` service can run in two modes, with and without handling of `share servers`. In most cases share servers are virtual machines that export file shares via various network file systems. The example in this document describes a backend that manages share servers using network resources provided by neutron. .. note:: Manila supports any network architecture. When a driver is managing its own share servers, it can use any of several network plug-ins that provide network resources. Manila includes plug-ins for neutron and nova-network, as well as a `StandaloneNetworkPlugin` for simple networks. When a driver is not managing share servers, it has no need for network plug-ins. Prerequisites ------------- - MySQL database - RabbitMQ message bus - OpenStack keystone - Git For Generic driver: - OpenStack cinder - OpenStack glance - OpenStack neutron - OpenStack nova Steps to perform ================ - Installation of manila binaries - Installation of manila client - Registration in keystone - Preparation of external files (configs, etc...) - Basic configuration of manila - Database setup - Running manila services - Creation of pilot share Installation of manila binaries ------------------------------- Manila binaries may be installed using various distribution packages or from source code. In our case we will use the latter, installation by cloning a git repository. Clone repo:: $ git clone -b stable/mitaka https://github.com/openstack/manila Then run the installation script:: $ sudo python setup.py install It will install the manila binaries and their dependencies. These are the expected binaries: - manila-all - manila-api - manila-data - manila-manage - manila-scheduler - manila-share Installation of manila client ----------------------------- To send requests to manila we need to install the manila client. Install it using PIP: .. code-block:: console $ sudo pip install python-manilaclient>=1.8.1 .. note:: The starting version of the manila client for Mitaka release is 1.8.1 The above will install the manila binary that will be used for issuing manila requests. Registration in keystone ------------------------ Like all other OpenStack projects, manila should be registered with keystone. Here are the registration steps, similar to those of cinder: 1) Create manila service user: .. code-block:: console $ openstack user create --name manila --password %PASSWORD% 2) Add the admin role to the manila user: .. code-block:: console $ openstack role add --user manila --project service admin .. note:: Tenant/project may differ, but it should be the same as for all other service users such as ‘cinder’, ‘nova’, etc. 3) Create the manila service entities: .. code-block:: console $ openstack service create \ --name manila \ --description "OpenStack Shared Filesystems"\ share $ openstack service create \ --name manilav2 \ --description "OpenStack Shared Filesystems"\ sharev2 Result:: +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | OpenStack Shared Filesystems | | enabled | True | | id | 4c13e9ff7ec04f4e95a26f72ecdf9919 | | name | manila | | type | share | +-------------+----------------------------------+ +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | OpenStack Shared Filesystems V2 | | enabled | True | | id | 2840d1e7b033437f8776a7bd5045b28d | | name | manilav2 | | type | sharev2 | +-------------+----------------------------------+ 4) Create the Share Filesystems service API endpoints: .. code-block:: console $ openstack endpoint create \ --region RegionOne \ --publicurl http://%controller%:8786/v1/%\(tenant_id\)s \ --internalurl http://%controller%:8786/v1/%\(tenant_id\)s \ --adminurl http://%controller%:8786/v1/%\(tenant_id\)s \ share $ openstack endpoint create \ --region RegionOne \ --publicurl http://%controller%:8786/v2/%\(tenant_id\)s \ --internalurl http://%controller%:8786/v2/%\(tenant_id\)s \ --adminurl http://%controller%:8786/v2/%\(tenant_id\)s \ sharev2 Result should be similar to:: +----------------------------------+-----------+--------------+----------------+----------------------------------------------------+ | ID | Region | Service Name | Service Type | PublicURL | +----------------------------------+-----------+--------------+----------------+----------------------------------------------------+ | 3933b186baec48b9bc647877ee685d0f | RegionOne | Manila | share | http://%controller%:8786/v1/%\(tenant_id\)s | | de06e6d76b534fac854dba8d740a1741 | RegionOne | Manilav2 | sharev2 | http://%controller%:8786/v2/%\(tenant_id\)s | +----------------------------------+-----------+--------------+----------------+----------------------------------------------------+ .. note:: Port ‘8786’ is the default port for manila. It may be changed to any other port, but this change should also be made in the manila configuration file using opt ‘osapi_share_listen_port’ which defaults to ‘8786’. Preparation of external files ----------------------------- Copy files from %git_dir%/etc/manila to dir ‘/etc/manila’:: policy.json api-paste.ini rootwrap.conf rootwrap.d/share.filters Then generate a config sample file using tox: .. code-block:: console $ tox -e genconfig This will create a file with the latest config options and their descriptions:: ‘%git_dir%/etc/manila/manila.conf.sample’ Copy this file to the same directory as the above files, removing the suffix ‘.sample’ from its name: .. code-block:: console $ cp %git_dir%/etc/manila/manila.conf.sample /etc/manila/manila.conf .. note:: Manila configuration file may be used from different places. `/etc/manila/manila.conf` is one of expected paths by default. Basic configuration of manila ----------------------------- In our case we will set up one backend with generic driver (using cinder as its backend) configured to manage its own share servers. Below is an example of the configuration file, `/etc/manila/manila.conf`, outlining some core sections. .. code-block:: ini [keystone_authtoken] signing_dir = /var/cache/manila admin_password = %password_we_used_with_user_creation_operation% admin_user = manila admin_tenant_name = %service_project_name_we_used_with_user_creation_operation% auth_protocol = http auth_port = 35357 auth_host = %address_of_machine_with_keystone_endpoint% [DATABASE] # Set up MySQL connection. In following ‘foo’ is username, # ‘bar’ is password and ‘quuz’ is host name or address: connection = mysql+pymysql://foo:bar@quuz/manila?charset=utf8 [oslo_concurrency] # Following opt defines directory to be used for lock files creation. # Should be owned by user that runs manila-share processes. # Defaults to env var ‘OSLO_LOCK_PATH’. It is used by manila-share services # and is required to be set up. Make sure this dir is created and owned # by user that run manila-share services. lock_path = /etc/manila/custom_manila_lock_path [DEFAULT] # Set pretty logging output. Not required, but may be useful. logging_exception_prefix = %(color)s%(asctime)s.%(msecs)d TRACE %(name)s ^[[01;35m%(instance)s^[[00m logging_debug_format_suffix = ^[[00;33mfrom (pid=%(process)d) %(funcName)s %(pathname)s:%(lineno)d^[[00m logging_default_format_string = %(asctime)s.%(msecs)d %(color)s%(levelname)s %(name)s [^[[00;36m-%(color)s] ^[[01;35m%(instance)s%(color)s%(message)s^[[00m logging_context_format_string = %(asctime)s.%(msecs)d %(color)s%(levelname)s %(name)s [^[[01;36m%(request_id)s ^[[00;36m%(user_id)s %(project_id)s%(color)s] ^[[01;35m%(instance)s%(color)s%(message)s^[[00m # Set auth strategy for usage of keystone auth_strategy = keystone # Set message bus creds rabbit_userid = %rabbit_username% rabbit_password = %rabbit_user_password% rabbit_hosts = %address_of_machine_with_rabbit% rpc_backend = rabbit # Following opt is used for definition of share backends that should be enabled. # Values are conf groupnames that contain per manila-share service opts. enabled_share_backends = london # Enable protocols ‘NFS’ and ‘CIFS’ as those are the only supported # by Generic driver that we are configuring in this set up. # All available values are (‘NFS’, ‘CIFS’, ‘GlusterFS’, ‘HDFS’, 'CEPHFS') enabled_share_protocols = NFS,CIFS # Manila requires ‘share-type’ for share creation. # So, set here name of some share-type that will be used by default. default_share_type = default_share_type state_path = /opt/stack/data/manila osapi_share_extension = manila.api.contrib.standard_extensions rootwrap_config = /etc/manila/rootwrap.conf api_paste_config = /etc/manila/api-paste.ini share_name_template = share-%s # Set scheduler driver with usage of filters. Recommended. scheduler_driver = manila.scheduler.drivers.filter.FilterScheduler # Set following opt to ‘True’ to get more info in logging. debug = True [nova] # Only needed by generic or windows drivers, the only drivers # as of Mitaka that require it. username = nova password = %password% project_domain_id = default project_name = service user_domain_id = default auth_url = http://127.0.0.1:5000 auth_type = password [neutron] # Only needed when the networking drivers use nova and "generic" driver, # as used in this example. username = neutron password = %password% project_domain_id = default project_name = service user_domain_id = default auth_url = http://127.0.0.1:5000 auth_type = password [cinder] # Only needed by generic or windows drivers, the only drivers # as of Mitaka that require it. username = cinder password = %password% project_domain_id = default project_name = service user_domain_id = default auth_url = http://127.0.0.1:5000 auth_type = password [london] # This is custom opt group that is used for storing opts of share-service. # This one is used only when enabled using opt `enabled_share_backends` # from DEFAULT group. # Set usage of Generic driver which uses cinder as backend. share_driver = manila.share.drivers.generic.GenericShareDriver # Generic driver supports both driver modes - with and without handling # of share servers. So, we need to define explicitly which one we are # enabling using this driver. driver_handles_share_servers = True # Generic driver uses a glance image for building service VMs in nova. # The following options specify the image to use. # We use the latest build of [1]. # [1] https://github.com/openstack/manila-image-elements service_instance_password = manila service_instance_user = manila service_image_name = manila-service-image # These will be used for keypair creation and inserted into service VMs. path_to_private_key = /home/stack/.ssh/id_rsa path_to_public_key = /home/stack/.ssh/id_rsa.pub # Custom name for share backend. share_backend_name = LONDON .. note:: The Generic driver does not use network plugins, so none is part of the above configuration. Other drivers that manage their own share servers may require one of manila's network plug-ins. Database setup -------------- Manila supports different SQL dialects in theory, but it is only tested with MySQL, so this step assumes that MySQL has been installed. Create the database for manila: .. code-block:: console $ mysql -u%DATABASE_USER% -p%DATABASE_PASSWORD% -h%MYSQL_HOST% -e "DROP DATABASE IF EXISTS manila;" $ mysql -u%DATABASE_USER% -p%DATABASE_PASSWORD% -h%MYSQL_HOST% -e "CREATE DATABASE manila CHARACTER SET utf8;" Then create manila's tables and apply all migrations: .. code-block:: console $ manila-manage db sync Here is the list of tables for the Mitaka release of manila:: +--------------------------------------------+ | Tables_in_manila | +--------------------------------------------+ | alembic_version | | availability_zones | | cgsnapshot_members | | cgsnapshots | | consistency_group_share_type_mappings | | consistency_groups | | drivers_private_data | | network_allocations | | project_user_quotas | | quota_classes | | quota_usages | | quotas | | reservations | | security_services | | services | | share_access_map | | share_instance_access_map | | share_instance_export_locations | | share_instance_export_locations_metadata | | share_instances | | share_metadata | | share_network_security_service_association | | share_networks | | share_server_backend_details | | share_servers | | share_snapshot_instances | | share_snapshots | | share_type_extra_specs | | share_type_projects | | share_types | | shares | +--------------------------------------------+ Running manila services ----------------------- Run manila-api first: .. code-block:: console $ manila-api \ --config-file /etc/manila/manila.conf & \ echo $! >/opt/stack/status/stack/m-api.pid; \ fg || echo "m-api failed to start" | \ tee "/opt/stack/status/stack/m-api.failure" Create a default share type before running `manila-share` service: .. code-block:: console $ manila type-create default_share_type True Where `default_share_type` is custom name of `share-type` and `True` is value for required extra-spec `driver_handles_share_servers`. These are required params for creation of `share-type`. Result:: +----------------------+-------------------------------------+ | Property | Value | +----------------------+-------------------------------------+ | required_extra_specs | driver_handles_share_servers : True | | Name | default_share_type | | Visibility | public | | is_default | - | | ID | %some_id% | | optional_extra_specs | snapshot_support : True | +----------------------+-------------------------------------+ Service `manila-api` may be restarted to get updated information about `default share type`. So, get list of share types after restart of service `manila-api`: .. code-block:: console $ manila type-list Result:: +-----------+--------------------+------------+------------+-------------------------------------+-------------------------+ | ID | Name | visibility | is_default | required_extra_specs | optional_extra_specs | +-----------+--------------------+------------+------------+-------------------------------------+-------------------------+ | %some_id% | default_share_type | public | YES | driver_handles_share_servers : True | snapshot_support : True | +-----------+--------------------+------------+------------+-------------------------------------+-------------------------+ Add any additional extra specs to `share-type` if needed using following command: .. code-block:: console $ manila type-key default_share_type set key=value This may be viewed as follows: .. code-block:: console $ manila extra-specs-list Run manila-scheduler: .. code-block:: console $ manila-scheduler \ --config-file /etc/manila/manila.conf & \ echo $! >/opt/stack/status/stack/m-sch.pid; \ fg || echo "m-sch failed to start" | \ tee "/opt/stack/status/stack/m-sch.failure" Run manila-share: .. code-block:: console $ manila-share \ --config-file /etc/manila/manila.conf & \ echo $! >/opt/stack/status/stack/m-shr.pid; \ fg || echo "m-shr failed to start" | \ tee "/opt/stack/status/stack/m-shr.failure" Run manila-data: .. code-block:: console $ manila-data \ --config-file /etc/manila/manila.conf & \ echo $! >opt/stack/status/stack/m-dat.pid; \ fg || echo "m-dat failed to start" | \ tee "/opt/stack/status/stack/m-dat.failure" Creation of pilot share ----------------------- In this step we assume that the following services are running: - keystone - nova (used by Generic driver, not strict dependency of manila) - neutron (default network backend for Generic driver, used when driver handles share servers) - cinder (used by Generic driver) To operate a driver that handles share servers, we must create a `share network`, which is a set of network information that will be used during share server creation. In our example, to use neutron, we will do the following: .. code-block:: console $ neutron net-list Here we note the ID of a neutron network and one of its subnets. .. note:: Some configurations of the Generic driver may require this network be attached to a public router. It is so by default. So, if you use the default configuration of Generic driver, make sure the network is attached to a public router. Then define a share network using the neutron network and subnet IDs: .. code-block:: console $ manila share-network-create \ --name test_share_network \ --neutron-net-id %id_of_neutron_network% \ --neutron-subnet-id %id_of_network_subnet% Now we can create a share using the following command: .. code-block:: console $ manila create NFS 1 --name testshare --share-network test_share_network The above command will instruct manila to schedule a share for creation. Once created, configure user access to the new share before attempting to mount it via the network: .. code-block:: console $ manila access-allow testshare ip 0.0.0.0/0 --access-level rw We added read-write access to all IP addresses. Now, you can try mounting this NFS share onto any host. To determine the path required to mount the share onto a host, run: .. code-block:: console # manila share-export-location-list testshare +--------------------------------------+--------------------------------------------------------+-----------+ | ID | Path | Preferred | +--------------------------------------+--------------------------------------------------------+-----------+ | 6921e862-88bc-49a5-a2df-efeed9acd583 | 10.0.0.3:/share-e1c2d35e-fe67-4028-ad7a-45f668732b1d | False | | b6bd76ce-12a2-42a9-a30a-8a43b503867d | 10.254.0.3:/share-e1c2d35e-fe67-4028-ad7a-45f668732b1d | False | +--------------------------------------+--------------------------------------------------------+-----------+