65ccdc2f5c
Closes-Bug: #1625261 Change-Id: If1cb20211e928150e23dc43567ce0271a03adcd9
613 lines
22 KiB
ReStructuredText
613 lines
22 KiB
ReStructuredText
..
|
||
Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||
not use this file except in compliance with the License. You may obtain
|
||
a copy of the License at
|
||
|
||
http://www.apache.org/licenses/LICENSE-2.0
|
||
|
||
Unless required by applicable law or agreed to in writing, software
|
||
distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||
License for the specific language governing permissions and limitations
|
||
under the License.
|
||
|
||
Quick start
|
||
===========
|
||
This document describes how to install manila from the OpenStack `Mitaka`
|
||
release. Note that the process differs from previous releases and is likely to
|
||
change again in subsequent releases.
|
||
|
||
Manila consists of the following main services, which are similar to those of
|
||
the OpenStack cinder project:
|
||
|
||
- manila-api
|
||
- manila-data
|
||
- manila-scheduler
|
||
- manila-share
|
||
|
||
Installations of `manila-api` and `manila-scheduler` are common
|
||
for almost all deployments. But configuration of `manila-share` is
|
||
backend-specific and can differ from deployment to deployment. This
|
||
document will cover only a single use case, configuring the "Generic" driver
|
||
that uses the cinder project as its backend.
|
||
|
||
Note that the `manila-share` service can run in two modes, with and without
|
||
handling of `share servers`. In most cases share servers are virtual machines
|
||
that export file shares via various network file systems. The example in this
|
||
document describes a backend that manages share servers using network resources
|
||
provided by neutron.
|
||
|
||
.. note::
|
||
Manila supports any network architecture. When a driver is managing its own
|
||
share servers, it can use any of several network plug-ins that provide
|
||
network resources. Manila includes plug-ins for neutron and nova-network,
|
||
as well as a `StandaloneNetworkPlugin` for simple networks. When a driver
|
||
is not managing share servers, it has no need for network plug-ins.
|
||
|
||
Prerequisites
|
||
-------------
|
||
- MySQL database
|
||
- RabbitMQ message bus
|
||
- OpenStack keystone
|
||
- Git
|
||
|
||
For Generic driver:
|
||
|
||
- OpenStack cinder
|
||
- OpenStack glance
|
||
- OpenStack neutron
|
||
- OpenStack nova
|
||
|
||
Steps to perform
|
||
================
|
||
- Installation of manila binaries
|
||
- Installation of manila client
|
||
- Registration in keystone
|
||
- Preparation of external files (configs, etc...)
|
||
- Basic configuration of manila
|
||
- Database setup
|
||
- Running manila services
|
||
- Creation of pilot share
|
||
|
||
Installation of manila binaries
|
||
-------------------------------
|
||
Manila binaries may be installed using various distribution packages or from
|
||
source code. In our case we will use the latter, installation by cloning a git
|
||
repository.
|
||
|
||
Clone repo::
|
||
|
||
$ git clone -b stable/mitaka https://github.com/openstack/manila
|
||
|
||
Then run the installation script::
|
||
|
||
$ sudo python setup.py install
|
||
|
||
It will install the manila binaries and their dependencies.
|
||
These are the expected binaries:
|
||
|
||
- manila-all
|
||
- manila-api
|
||
- manila-data
|
||
- manila-manage
|
||
- manila-scheduler
|
||
- manila-share
|
||
|
||
Installation of manila client
|
||
-----------------------------
|
||
|
||
To send requests to manila we need to install the manila client.
|
||
|
||
Install it using PIP:
|
||
|
||
.. code-block:: console
|
||
|
||
$ sudo pip install python-manilaclient>=1.8.1
|
||
|
||
.. note::
|
||
The starting version of the manila client for Mitaka release is 1.8.1
|
||
|
||
The above will install the manila binary that will be used for issuing
|
||
manila requests.
|
||
|
||
Registration in keystone
|
||
------------------------
|
||
|
||
Like all other OpenStack projects, manila should be registered with keystone.
|
||
Here are the registration steps, similar to those of cinder:
|
||
|
||
1) Create manila service user:
|
||
|
||
.. code-block:: console
|
||
|
||
$ openstack user create --password %PASSWORD% manila
|
||
|
||
2) Add the admin role to the manila user:
|
||
|
||
.. code-block:: console
|
||
|
||
$ openstack role add --user manila --project service admin
|
||
|
||
.. note::
|
||
Tenant/project may differ, but it should be the same as for all other
|
||
service users such as ‘cinder’, ‘nova’, etc.
|
||
|
||
3) Create the manila service entities:
|
||
|
||
.. code-block:: console
|
||
|
||
$ openstack service create \
|
||
--name manila \
|
||
--description "OpenStack Shared Filesystems"\
|
||
share
|
||
|
||
$ openstack service create \
|
||
--name manilav2 \
|
||
--description "OpenStack Shared Filesystems V2"\
|
||
sharev2
|
||
|
||
|
||
Result::
|
||
|
||
+-------------+----------------------------------+
|
||
| Property | Value |
|
||
+-------------+----------------------------------+
|
||
| description | OpenStack Shared Filesystems |
|
||
| enabled | True |
|
||
| id | 4c13e9ff7ec04f4e95a26f72ecdf9919 |
|
||
| name | manila |
|
||
| type | share |
|
||
+-------------+----------------------------------+
|
||
|
||
+-------------+----------------------------------+
|
||
| Property | Value |
|
||
+-------------+----------------------------------+
|
||
| description | OpenStack Shared Filesystems V2 |
|
||
| enabled | True |
|
||
| id | 2840d1e7b033437f8776a7bd5045b28d |
|
||
| name | manilav2 |
|
||
| type | sharev2 |
|
||
+-------------+----------------------------------+
|
||
|
||
|
||
4) Create the Share Filesystems service API endpoints:
|
||
|
||
.. code-block:: console
|
||
|
||
$ openstack endpoint create \
|
||
--region RegionOne \
|
||
--publicurl http://%controller%:8786/v1/%\(tenant_id\)s \
|
||
--internalurl http://%controller%:8786/v1/%\(tenant_id\)s \
|
||
--adminurl http://%controller%:8786/v1/%\(tenant_id\)s \
|
||
share
|
||
|
||
|
||
Result should be similar to::
|
||
|
||
+--------------+--------------------------------------------------------------+
|
||
| Field | Value |
|
||
+--------------+--------------------------------------------------------------+
|
||
| adminurl | http://%controller%:8786/v1/%(tenant_id)s |
|
||
| id | 118230f5aa514809a9866ae411636b43 |
|
||
| internalurl | http://%controller%:8786/v1/%(tenant_id)s |
|
||
| publicurl | http://%controller%:8786/v1/%(tenant_id)s |
|
||
| region | RegionOne |
|
||
| service_id | 4c13e9ff7ec04f4e95a26f72ecdf9919 |
|
||
| service_name | manila |
|
||
| service_type | share |
|
||
+--------------+--------------------------------------------------------------+
|
||
|
||
$ openstack endpoint create \
|
||
--region RegionOne \
|
||
--publicurl http://%controller%:8786/v2/%\(tenant_id\)s \
|
||
--internalurl http://%controller%:8786/v2/%\(tenant_id\)s \
|
||
--adminurl http://%controller%:8786/v2/%\(tenant_id\)s \
|
||
sharev2
|
||
|
||
|
||
Result should be similar to::
|
||
|
||
+--------------+--------------------------------------------------------------+
|
||
| Field | Value |
|
||
+--------------+--------------------------------------------------------------+
|
||
| adminurl | http://%controller%:8786/v2/%(tenant_id)s |
|
||
| id | 228230f5aa514809a9866ae411636b8d |
|
||
| internalurl | http://%controller%:8786/v2/%(tenant_id)s |
|
||
| publicurl | http://%controller%:8786/v2/%(tenant_id)s |
|
||
| region | RegionOne |
|
||
| service_id | 2840d1e7b033437f8776a7bd5045b28d |
|
||
| service_name | manilav2 |
|
||
| service_type | sharev2 |
|
||
+--------------+--------------------------------------------------------------+
|
||
|
||
.. note::
|
||
Port ‘8786’ is the default port for manila. It may be changed to any
|
||
other port, but this change should also be made in the manila configuration
|
||
file using opt ‘osapi_share_listen_port’ which defaults to ‘8786’.
|
||
|
||
Preparation of external files
|
||
-----------------------------
|
||
Copy files from %git_dir%/etc/manila
|
||
to dir ‘/etc/manila’::
|
||
|
||
policy.json
|
||
api-paste.ini
|
||
rootwrap.conf
|
||
rootwrap.d/share.filters
|
||
|
||
|
||
Then generate a config sample file using tox:
|
||
|
||
.. code-block:: console
|
||
|
||
$ tox -e genconfig
|
||
|
||
This will create a file with the latest config options and their descriptions::
|
||
|
||
‘%git_dir%/etc/manila/manila.conf.sample’
|
||
|
||
Copy this file to the same directory as the above files, removing the suffix
|
||
‘.sample’ from its name:
|
||
|
||
.. code-block:: console
|
||
|
||
$ cp %git_dir%/etc/manila/manila.conf.sample /etc/manila/manila.conf
|
||
|
||
.. note::
|
||
Manila configuration file may be used from different places.
|
||
`/etc/manila/manila.conf` is one of expected paths by default.
|
||
|
||
Basic configuration of manila
|
||
-----------------------------
|
||
In our case we will set up one backend with generic driver (using cinder
|
||
as its backend) configured to manage its own share servers.
|
||
Below is an example of the configuration file, `/etc/manila/manila.conf`,
|
||
outlining some core sections.
|
||
|
||
.. code-block:: ini
|
||
|
||
[keystone_authtoken]
|
||
signing_dir = /var/cache/manila
|
||
admin_password = %password_we_used_with_user_creation_operation%
|
||
admin_user = manila
|
||
admin_tenant_name = %service_project_name_we_used_with_user_creation_operation%
|
||
auth_protocol = http
|
||
auth_port = 35357
|
||
auth_host = %address_of_machine_with_keystone_endpoint%
|
||
|
||
[DATABASE]
|
||
# Set up MySQL connection. In following ‘foo’ is username,
|
||
# ‘bar’ is password and ‘quuz’ is host name or address:
|
||
connection = mysql+pymysql://foo:bar@quuz/manila?charset=utf8
|
||
|
||
[oslo_concurrency]
|
||
# Following opt defines directory to be used for lock files creation.
|
||
# Should be owned by user that runs manila-share processes.
|
||
# Defaults to env var ‘OSLO_LOCK_PATH’. It is used by manila-share services
|
||
# and is required to be set up. Make sure this dir is created and owned
|
||
# by user that run manila-share services.
|
||
lock_path = /etc/manila/custom_manila_lock_path
|
||
|
||
[DEFAULT]
|
||
# Set pretty logging output. Not required, but may be useful.
|
||
logging_exception_prefix = %(color)s%(asctime)s.%(msecs)d TRACE %(name)s ^[[01;35m%(instance)s^[[00m
|
||
logging_debug_format_suffix = ^[[00;33mfrom (pid=%(process)d) %(funcName)s %(pathname)s:%(lineno)d^[[00m
|
||
logging_default_format_string = %(asctime)s.%(msecs)d %(color)s%(levelname)s %(name)s [^[[00;36m-%(color)s] ^[[01;35m%(instance)s%(color)s%(message)s^[[00m
|
||
logging_context_format_string = %(asctime)s.%(msecs)d %(color)s%(levelname)s %(name)s [^[[01;36m%(request_id)s ^[[00;36m%(user_id)s %(project_id)s%(color)s] ^[[01;35m%(instance)s%(color)s%(message)s^[[00m
|
||
|
||
# Set auth strategy for usage of keystone
|
||
auth_strategy = keystone
|
||
|
||
# Set message bus creds
|
||
rabbit_userid = %rabbit_username%
|
||
rabbit_password = %rabbit_user_password%
|
||
rabbit_hosts = %address_of_machine_with_rabbit%
|
||
rpc_backend = rabbit
|
||
|
||
# Following opt is used for definition of share backends that should be enabled.
|
||
# Values are conf groupnames that contain per manila-share service opts.
|
||
enabled_share_backends = london
|
||
|
||
# Enable protocols ‘NFS’ and ‘CIFS’ as those are the only supported
|
||
# by Generic driver that we are configuring in this set up.
|
||
# All available values are (‘NFS’, ‘CIFS’, ‘GlusterFS’, ‘HDFS’, 'CEPHFS')
|
||
enabled_share_protocols = NFS,CIFS
|
||
|
||
# Manila requires ‘share-type’ for share creation.
|
||
# So, set here name of some share-type that will be used by default.
|
||
default_share_type = default_share_type
|
||
|
||
state_path = /opt/stack/data/manila
|
||
osapi_share_extension = manila.api.contrib.standard_extensions
|
||
rootwrap_config = /etc/manila/rootwrap.conf
|
||
api_paste_config = /etc/manila/api-paste.ini
|
||
share_name_template = share-%s
|
||
|
||
# Set scheduler driver with usage of filters. Recommended.
|
||
scheduler_driver = manila.scheduler.drivers.filter.FilterScheduler
|
||
|
||
# Set following opt to ‘True’ to get more info in logging.
|
||
debug = True
|
||
|
||
[nova]
|
||
# Only needed by generic or windows drivers, the only drivers
|
||
# as of Mitaka that require it.
|
||
username = nova
|
||
password = %password%
|
||
project_domain_id = default
|
||
project_name = service
|
||
user_domain_id = default
|
||
auth_url = http://127.0.0.1:5000
|
||
auth_type = password
|
||
|
||
[neutron]
|
||
# Only needed when the networking drivers use nova and "generic" driver,
|
||
# as used in this example.
|
||
username = neutron
|
||
password = %password%
|
||
project_domain_id = default
|
||
project_name = service
|
||
user_domain_id = default
|
||
auth_url = http://127.0.0.1:5000
|
||
auth_type = password
|
||
|
||
[cinder]
|
||
# Only needed by generic or windows drivers, the only drivers
|
||
# as of Mitaka that require it.
|
||
username = cinder
|
||
password = %password%
|
||
project_domain_id = default
|
||
project_name = service
|
||
user_domain_id = default
|
||
auth_url = http://127.0.0.1:5000
|
||
auth_type = password
|
||
|
||
[london]
|
||
# This is custom opt group that is used for storing opts of share-service.
|
||
# This one is used only when enabled using opt `enabled_share_backends`
|
||
# from DEFAULT group.
|
||
|
||
# Set usage of Generic driver which uses cinder as backend.
|
||
share_driver = manila.share.drivers.generic.GenericShareDriver
|
||
|
||
# Generic driver supports both driver modes - with and without handling
|
||
# of share servers. So, we need to define explicitly which one we are
|
||
# enabling using this driver.
|
||
driver_handles_share_servers = True
|
||
|
||
# Generic driver uses a glance image for building service VMs in nova.
|
||
# The following options specify the image to use.
|
||
# We use the latest build of [1].
|
||
# [1] https://github.com/openstack/manila-image-elements
|
||
service_instance_password = manila
|
||
service_instance_user = manila
|
||
service_image_name = manila-service-image
|
||
|
||
# These will be used for keypair creation and inserted into service VMs.
|
||
path_to_private_key = /home/stack/.ssh/id_rsa
|
||
path_to_public_key = /home/stack/.ssh/id_rsa.pub
|
||
|
||
# Custom name for share backend.
|
||
share_backend_name = LONDON
|
||
|
||
.. note::
|
||
The Generic driver does not use network plugins, so none is part of the
|
||
above configuration. Other drivers that manage their own share servers may
|
||
require one of manila's network plug-ins.
|
||
|
||
Database setup
|
||
--------------
|
||
Manila supports different SQL dialects in theory, but it is only tested with
|
||
MySQL, so this step assumes that MySQL has been installed.
|
||
|
||
Create the database for manila:
|
||
|
||
.. code-block:: console
|
||
|
||
$ mysql -u%DATABASE_USER% -p%DATABASE_PASSWORD% -h%MYSQL_HOST% -e "DROP DATABASE IF EXISTS manila;"
|
||
$ mysql -u%DATABASE_USER% -p%DATABASE_PASSWORD% -h%MYSQL_HOST% -e "CREATE DATABASE manila CHARACTER SET utf8;"
|
||
|
||
Then create manila's tables and apply all migrations:
|
||
|
||
.. code-block:: console
|
||
|
||
$ manila-manage db sync
|
||
|
||
Here is the list of tables for the Mitaka release of manila::
|
||
|
||
+--------------------------------------------+
|
||
| Tables_in_manila |
|
||
+--------------------------------------------+
|
||
| alembic_version |
|
||
| availability_zones |
|
||
| cgsnapshot_members |
|
||
| cgsnapshots |
|
||
| consistency_group_share_type_mappings |
|
||
| consistency_groups |
|
||
| drivers_private_data |
|
||
| network_allocations |
|
||
| project_user_quotas |
|
||
| quota_classes |
|
||
| quota_usages |
|
||
| quotas |
|
||
| reservations |
|
||
| security_services |
|
||
| services |
|
||
| share_access_map |
|
||
| share_instance_access_map |
|
||
| share_instance_export_locations |
|
||
| share_instance_export_locations_metadata |
|
||
| share_instances |
|
||
| share_metadata |
|
||
| share_network_security_service_association |
|
||
| share_networks |
|
||
| share_server_backend_details |
|
||
| share_servers |
|
||
| share_snapshot_instances |
|
||
| share_snapshots |
|
||
| share_type_extra_specs |
|
||
| share_type_projects |
|
||
| share_types |
|
||
| shares |
|
||
+--------------------------------------------+
|
||
|
||
Running manila services
|
||
-----------------------
|
||
|
||
Run manila-api first:
|
||
|
||
.. code-block:: console
|
||
|
||
$ manila-api \
|
||
--config-file /etc/manila/manila.conf & \
|
||
echo $! >/opt/stack/status/stack/m-api.pid; \
|
||
fg || echo "m-api failed to start" | \
|
||
tee "/opt/stack/status/stack/m-api.failure"
|
||
|
||
Create a default share type before running `manila-share` service:
|
||
|
||
.. code-block:: console
|
||
|
||
$ manila type-create default_share_type True
|
||
|
||
Where `default_share_type` is custom name of `share-type` and `True` is value
|
||
for required extra-spec `driver_handles_share_servers`. These are required
|
||
params for creation of `share-type`.
|
||
|
||
Result::
|
||
|
||
+----------------------+-------------------------------------+
|
||
| Property | Value |
|
||
+----------------------+-------------------------------------+
|
||
| required_extra_specs | driver_handles_share_servers : True |
|
||
| Name | default_share_type |
|
||
| Visibility | public |
|
||
| is_default | - |
|
||
| ID | %some_id% |
|
||
| optional_extra_specs | snapshot_support : True |
|
||
+----------------------+-------------------------------------+
|
||
|
||
Service `manila-api` may be restarted to get updated information about
|
||
`default share type`. So, get list of share types after restart of
|
||
service `manila-api`:
|
||
|
||
.. code-block:: console
|
||
|
||
$ manila type-list
|
||
|
||
Result::
|
||
|
||
+-----------+--------------------+------------+------------+-------------------------------------+-------------------------+
|
||
| ID | Name | visibility | is_default | required_extra_specs | optional_extra_specs |
|
||
+-----------+--------------------+------------+------------+-------------------------------------+-------------------------+
|
||
| %some_id% | default_share_type | public | YES | driver_handles_share_servers : True | snapshot_support : True |
|
||
+-----------+--------------------+------------+------------+-------------------------------------+-------------------------+
|
||
|
||
|
||
Add any additional extra specs to `share-type` if needed using following command:
|
||
|
||
.. code-block:: console
|
||
|
||
$ manila type-key default_share_type set key=value
|
||
|
||
This may be viewed as follows:
|
||
|
||
.. code-block:: console
|
||
|
||
$ manila extra-specs-list
|
||
|
||
Run manila-scheduler:
|
||
|
||
.. code-block:: console
|
||
|
||
$ manila-scheduler \
|
||
--config-file /etc/manila/manila.conf & \
|
||
echo $! >/opt/stack/status/stack/m-sch.pid; \
|
||
fg || echo "m-sch failed to start" | \
|
||
tee "/opt/stack/status/stack/m-sch.failure"
|
||
|
||
Run manila-share:
|
||
|
||
.. code-block:: console
|
||
|
||
$ manila-share \
|
||
--config-file /etc/manila/manila.conf & \
|
||
echo $! >/opt/stack/status/stack/m-shr.pid; \
|
||
fg || echo "m-shr failed to start" | \
|
||
tee "/opt/stack/status/stack/m-shr.failure"
|
||
|
||
Run manila-data:
|
||
|
||
.. code-block:: console
|
||
|
||
$ manila-data \
|
||
--config-file /etc/manila/manila.conf & \
|
||
echo $! >opt/stack/status/stack/m-dat.pid; \
|
||
fg || echo "m-dat failed to start" | \
|
||
tee "/opt/stack/status/stack/m-dat.failure"
|
||
|
||
|
||
Creation of pilot share
|
||
-----------------------
|
||
|
||
In this step we assume that the following services are running:
|
||
|
||
- keystone
|
||
- nova (used by Generic driver, not strict dependency of manila)
|
||
- neutron (default network backend for Generic driver, used when driver handles share servers)
|
||
- cinder (used by Generic driver)
|
||
|
||
To operate a driver that handles share servers, we must create
|
||
a `share network`, which is a set of network information that will be used
|
||
during share server creation.
|
||
In our example, to use neutron, we will do the following:
|
||
|
||
.. code-block:: console
|
||
|
||
$ neutron net-list
|
||
|
||
Here we note the ID of a neutron network and one of its subnets.
|
||
|
||
.. note::
|
||
Some configurations of the Generic driver may require this network be
|
||
attached to a public router. It is so by default. So, if you use the
|
||
default configuration of Generic driver, make sure the network is attached
|
||
to a public router.
|
||
|
||
Then define a share network using the neutron network and subnet IDs:
|
||
|
||
.. code-block:: console
|
||
|
||
$ manila share-network-create \
|
||
--name test_share_network \
|
||
--neutron-net-id %id_of_neutron_network% \
|
||
--neutron-subnet-id %id_of_network_subnet%
|
||
|
||
Now we can create a share using the following command:
|
||
|
||
.. code-block:: console
|
||
|
||
$ manila create NFS 1 --name testshare --share-network test_share_network
|
||
|
||
The above command will instruct manila to schedule a share for creation. Once
|
||
created, configure user access to the new share before attempting to mount it
|
||
via the network:
|
||
|
||
.. code-block:: console
|
||
|
||
$ manila access-allow testshare ip 0.0.0.0/0 --access-level rw
|
||
|
||
We added read-write access to all IP addresses. Now, you can try mounting this
|
||
NFS share onto any host. To determine the path required to mount the share onto
|
||
a host, run:
|
||
|
||
.. code-block:: console
|
||
|
||
# manila share-export-location-list testshare
|
||
+--------------------------------------+--------------------------------------------------------+-----------+
|
||
| ID | Path | Preferred |
|
||
+--------------------------------------+--------------------------------------------------------+-----------+
|
||
| 6921e862-88bc-49a5-a2df-efeed9acd583 | 10.0.0.3:/share-e1c2d35e-fe67-4028-ad7a-45f668732b1d | False |
|
||
| b6bd76ce-12a2-42a9-a30a-8a43b503867d | 10.254.0.3:/share-e1c2d35e-fe67-4028-ad7a-45f668732b1d | False |
|
||
+--------------------------------------+--------------------------------------------------------+-----------+
|