openstack/openstack-manuals
Code Issues Proposed changes

Merge "Remove debconf from nova controller install"

Browse Source
This commit is contained in:
Jenkins 2016-07-21 11:21:56 +00:00 committed by Gerrit Code Review
commit b4be98abad
1 changed files with 217 additions and 228 deletions

445
doc/install-guide/source/nova-controller-install.rst

@ -4,150 +4,148 @@ Install and configure controller node
This section describes how to install and configure the
Compute service, code-named nova, on the controller node.
.. only:: obs or rdo or ubuntu
Prerequisites
-------------
Prerequisites
-------------
Before you install and configure the Compute service, you must
create databases, service credentials, and API endpoints.
Before you install and configure the Compute service, you must
create databases, service credentials, and API endpoints.
#. To create the databases, complete these steps:
#. To create the databases, complete these steps:
* Use the database access client to connect to
the database server as the ``root`` user:
* Use the database access client to connect to
the database server as the ``root`` user:
.. code-block:: console
.. code-block:: console
$ mysql -u root -p
$ mysql -u root -p
* Create the ``nova_api`` and ``nova`` databases:
* Create the ``nova_api`` and ``nova`` databases:
.. code-block:: console
.. code-block:: console
CREATE DATABASE nova_api;
CREATE DATABASE nova;
CREATE DATABASE nova_api;
CREATE DATABASE nova;
* Grant proper access to the databases:
* Grant proper access to the databases:
.. code-block:: console
.. code-block:: console
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' \
IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' \
IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' \
IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' \
IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' \
IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' \
IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' \
IDENTIFIED BY 'NOVA_DBPASS';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' \
IDENTIFIED BY 'NOVA_DBPASS';
Replace ``NOVA_DBPASS`` with a suitable password.
Replace ``NOVA_DBPASS`` with a suitable password.
* Exit the database access client.
* Exit the database access client.
#. Source the ``admin`` credentials to gain access to
admin-only CLI commands:
#. Source the ``admin`` credentials to gain access to
admin-only CLI commands:
.. code-block:: console
.. code-block:: console
$ . admin-openrc
$ . admin-openrc
#. To create the service credentials, complete these steps:
#. To create the service credentials, complete these steps:
* Create the ``nova`` user:
* Create the ``nova`` user:
.. code-block:: console
.. code-block:: console
$ openstack user create --domain default \
--password-prompt nova
User Password:
Repeat User Password:
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | e0353a670a9e496da891347c589539e9 |
| enabled | True |
| id | 8c46e4760902464b889293a74a0c90a8 |
| name | nova |
+-----------+----------------------------------+
$ openstack user create --domain default \
--password-prompt nova
User Password:
Repeat User Password:
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | e0353a670a9e496da891347c589539e9 |
| enabled | True |
| id | 8c46e4760902464b889293a74a0c90a8 |
| name | nova |
+-----------+----------------------------------+
* Add the ``admin`` role to the ``nova`` user:
* Add the ``admin`` role to the ``nova`` user:
.. code-block:: console
.. code-block:: console
$ openstack role add --project service --user nova admin
$ openstack role add --project service --user nova admin
.. note::
.. note::
This command provides no output.
This command provides no output.
* Create the ``nova`` service entity:
* Create the ``nova`` service entity:
.. code-block:: console
.. code-block:: console
$ openstack service create --name nova \
--description "OpenStack Compute" compute
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Compute |
| enabled | True |
| id | 060d59eac51b4594815603d75a00aba2 |
| name | nova |
| type | compute |
+-------------+----------------------------------+
$ openstack service create --name nova \
--description "OpenStack Compute" compute
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Compute |
| enabled | True |
| id | 060d59eac51b4594815603d75a00aba2 |
| name | nova |
| type | compute |
+-------------+----------------------------------+
#. Create the Compute service API endpoints:
#. Create the Compute service API endpoints:
.. code-block:: console
.. code-block:: console
$ openstack endpoint create --region RegionOne \
compute public http://controller:8774/v2.1/%\(tenant_id\)s
+--------------+-------------------------------------------+
| Field | Value |
+--------------+-------------------------------------------+
| enabled | True |
| id | 3c1caa473bfe4390a11e7177894bcc7b |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | e702f6f497ed42e6a8ae3ba2e5871c78 |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1/%(tenant_id)s |
+--------------+-------------------------------------------+
$ openstack endpoint create --region RegionOne \
compute public http://controller:8774/v2.1/%\(tenant_id\)s
+--------------+-------------------------------------------+
| Field | Value |
+--------------+-------------------------------------------+
| enabled | True |
| id | 3c1caa473bfe4390a11e7177894bcc7b |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | e702f6f497ed42e6a8ae3ba2e5871c78 |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1/%(tenant_id)s |
+--------------+-------------------------------------------+
$ openstack endpoint create --region RegionOne \
compute internal http://controller:8774/v2.1/%\(tenant_id\)s
+--------------+-------------------------------------------+
| Field | Value |
+--------------+-------------------------------------------+
| enabled | True |
| id | e3c918de680746a586eac1f2d9bc10ab |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | e702f6f497ed42e6a8ae3ba2e5871c78 |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1/%(tenant_id)s |
+--------------+-------------------------------------------+
$ openstack endpoint create --region RegionOne \
compute internal http://controller:8774/v2.1/%\(tenant_id\)s
+--------------+-------------------------------------------+
| Field | Value |
+--------------+-------------------------------------------+
| enabled | True |
| id | e3c918de680746a586eac1f2d9bc10ab |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | e702f6f497ed42e6a8ae3ba2e5871c78 |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1/%(tenant_id)s |
+--------------+-------------------------------------------+
$ openstack endpoint create --region RegionOne \
compute admin http://controller:8774/v2.1/%\(tenant_id\)s
+--------------+-------------------------------------------+
| Field | Value |
+--------------+-------------------------------------------+
| enabled | True |
| id | 38f7af91666a47cfb97b4dc790b94424 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | e702f6f497ed42e6a8ae3ba2e5871c78 |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1/%(tenant_id)s |
+--------------+-------------------------------------------+
$ openstack endpoint create --region RegionOne \
compute admin http://controller:8774/v2.1/%\(tenant_id\)s
+--------------+-------------------------------------------+
| Field | Value |
+--------------+-------------------------------------------+
| enabled | True |
| id | 38f7af91666a47cfb97b4dc790b94424 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | e702f6f497ed42e6a8ae3ba2e5871c78 |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1/%(tenant_id)s |
+--------------+-------------------------------------------+
Install and configure components
--------------------------------
@ -190,14 +188,7 @@ Install and configure components
.. code-block:: console
# apt-get install nova-api nova-conductor nova-consoleauth \
nova-consoleproxy nova-scheduler python-novaclient
Respond to prompts for debconf.
.. :doc:`database management <debconf/debconf-dbconfig-common>`,
:doc:`Identity service credentials <debconf/debconf-keystone-authtoken>`,
:doc:`service endpoint registration <debconf/debconf-api-endpoints>`,
and :doc:`message broker credentials <debconf/debconf-rabbitmq>`.
nova-consoleproxy nova-scheduler
.. note::
@ -225,79 +216,77 @@ Install and configure components
...
enabled_apis = osapi_compute,metadata
.. only:: obs or rdo or ubuntu
* In the ``[api_database]`` and ``[database]`` sections, configure
database access:
* In the ``[api_database]`` and ``[database]`` sections, configure
database access:
.. code-block:: ini
.. code-block:: ini
[api_database]
...
connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api
[api_database]
...
connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api
[database]
...
connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova
[database]
...
connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova
Replace ``NOVA_DBPASS`` with the password you chose for
the Compute databases.
Replace ``NOVA_DBPASS`` with the password you chose for
the Compute databases.
* In the ``[DEFAULT]`` and ``[oslo_messaging_rabbit]`` sections,
configure ``RabbitMQ`` message queue access:
* In the ``[DEFAULT]`` and ``[oslo_messaging_rabbit]`` sections,
configure ``RabbitMQ`` message queue access:
.. code-block:: ini
.. code-block:: ini
[DEFAULT]
...
rpc_backend = rabbit
[DEFAULT]
...
rpc_backend = rabbit
[oslo_messaging_rabbit]
...
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = RABBIT_PASS
[oslo_messaging_rabbit]
...
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = RABBIT_PASS
Replace ``RABBIT_PASS`` with the password you chose for the
``openstack`` account in ``RabbitMQ``.
Replace ``RABBIT_PASS`` with the password you chose for the
``openstack`` account in ``RabbitMQ``.
* In the ``[DEFAULT]`` and ``[keystone_authtoken]`` sections,
configure Identity service access:
* In the ``[DEFAULT]`` and ``[keystone_authtoken]`` sections,
configure Identity service access:
.. code-block:: ini
.. code-block:: ini
[DEFAULT]
...
auth_strategy = keystone
[DEFAULT]
...
auth_strategy = keystone
[keystone_authtoken]
...
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = NOVA_PASS
[keystone_authtoken]
...
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = NOVA_PASS
Replace ``NOVA_PASS`` with the password you chose for the
``nova`` user in the Identity service.
Replace ``NOVA_PASS`` with the password you chose for the
``nova`` user in the Identity service.
.. note::
.. note::
Comment out or remove any other options in the
``[keystone_authtoken]`` section.
Comment out or remove any other options in the
``[keystone_authtoken]`` section.
* In the ``[DEFAULT]`` section, configure the ``my_ip`` option to
use the management interface IP address of the controller node:
* In the ``[DEFAULT]`` section, configure the ``my_ip`` option to
use the management interface IP address of the controller node:
.. code-block:: ini
.. code-block:: ini
[DEFAULT]
...
my_ip = 10.0.0.11
[DEFAULT]
...
my_ip = 10.0.0.11
.. only:: debian
@ -313,81 +302,81 @@ Install and configure components
...
my_ip = 10.0.0.11
* In the ``[DEFAULT]`` section, enable support for the Networking service:
* In the ``[DEFAULT]`` section, enable support for the Networking service:
.. code-block:: ini
[DEFAULT]
...
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
.. note::
By default, Compute uses an internal firewall driver. Since the
Networking service includes a firewall driver, you must disable the
Compute firewall driver by using the
``nova.virt.firewall.NoopFirewallDriver`` firewall driver.
* In the ``[vnc]`` section, configure the VNC proxy to use the management
interface IP address of the controller node:
.. code-block:: ini
[vnc]
...
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ip
* In the ``[glance]`` section, configure the location of the
Image service API:
.. code-block:: ini
[glance]
...
api_servers = http://controller:9292
.. only:: obs
* In the ``[oslo_concurrency]`` section, configure the lock path:
.. code-block:: ini
[DEFAULT]
[oslo_concurrency]
...
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
lock_path = /var/run/nova
.. note::
.. only:: rdo
By default, Compute uses an internal firewall driver. Since the
Networking service includes a firewall driver, you must disable the
Compute firewall driver by using the
``nova.virt.firewall.NoopFirewallDriver`` firewall driver.
* In the ``[vnc]`` section, configure the VNC proxy to use the management
interface IP address of the controller node:
* In the ``[oslo_concurrency]`` section, configure the lock path:
.. code-block:: ini
[vnc]
[oslo_concurrency]
...
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ip
lock_path = /var/lib/nova/tmp
* In the ``[glance]`` section, configure the location of the
Image service API:
.. only:: ubuntu
* In the ``[oslo_concurrency]`` section, configure the lock path:
.. code-block:: ini
[glance]
[oslo_concurrency]
...
api_servers = http://controller:9292
lock_path = /var/lib/nova/tmp
.. only:: obs
.. only:: ubuntu
* In the ``[oslo_concurrency]`` section, configure the lock path:
.. todo:
.. code-block:: ini
https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1506667
[oslo_concurrency]
...
lock_path = /var/run/nova
* Due to a packaging bug, remove the ``logdir`` option from the
``[DEFAULT]`` section.
.. only:: rdo
* In the ``[oslo_concurrency]`` section, configure the lock path:
.. code-block:: ini
[oslo_concurrency]
...
lock_path = /var/lib/nova/tmp
.. only:: ubuntu
* In the ``[oslo_concurrency]`` section, configure the lock path:
.. code-block:: ini
[oslo_concurrency]
...
lock_path = /var/lib/nova/tmp
.. only:: ubuntu
.. todo:
https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1506667
* Due to a packaging bug, remove the ``logdir`` option from the
``[DEFAULT]`` section.
.. only:: rdo or ubuntu
.. only:: rdo or ubuntu or debian
3. Populate the Compute databases: