6ab205bcb1
Update keystone authentication for services. Replace
'auth_plugin' with 'auth_type' and configure use of
the memcached service on the controller for caching
tokens.
TBD: Does inter-service authentication (nova-neutron)
and trusts (heat) also require use of memcached?
Requires further testing, but this patch reduces
deprecation messages.
Implements: bp installguide-mitaka
Change-Id: I58fc11b7f81729ca0d3a23d56816ee654559866f
11 KiB
Alarming service
This section describes how to install and configure the Telemetry Alarming service, code-named aodh.
Prerequisites
Before you install and configure the Alarming service, you must
create a database, service credentials, and API endpoints. Similar to
other Telemetry module services, this guide configures a NoSQL database.
For more information, see environment-nosql-database.
obs or ubuntu
Create the
aodhdatabase:# mongo --host controller --eval ' db = db.getSiblingDB("aodh"); db.addUser({user: "aodh", pwd: "AODH_DBPASS", roles: [ "readWrite", "dbAdmin" ]})' MongoDB shell version: 2.4.x connecting to: controller:27017/test { "user" : "aodh", "pwd" : "72f25aeee7ad4be52437d7cd3fc60f6f", "roles" : [ "readWrite", "dbAdmin" ], "_id" : ObjectId("5489c22270d7fad1ba631dc3") }Replace
AODH_DBPASSwith a suitable password.
rdo
Create the
aodhdatabase:# mongo --host controller --eval ' db = db.getSiblingDB("aodh"); db.createUser({user: "aodh", pwd: "AODH_DBPASS", roles: [ "readWrite", "dbAdmin" ]})' MongoDB shell version: 2.6.x connecting to: controller:27017/test Successfully added user: { "user" : "aodh", "roles" : [ "readWrite", "dbAdmin" ] }Replace
AODH_DBPASSwith a suitable password.
Source the
admincredentials to gain access to admin-only CLI commands:$ source admin-openrc.shTo create the service credentials, complete these steps:
Create the
aodhuser:$ openstack user create --password-prompt aodh User Password: Repeat User Password: +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | default | | enabled | True | | id | b7657c9ea07a4556aef5d34cf70713a3 | | name | aodh | +-----------+----------------------------------+Add the
adminrole to theaodhuser:$ openstack role add --project service --user aodh adminNote
This command provides no output.
Create the
aodhservice entity:$ openstack service create --name aodh \ --description "Telemetry" alarming +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Telemetry | | enabled | True | | id | 3405453b14da441ebb258edfeba96d83 | | name | aodh | | type | alarming | +-------------+----------------------------------+
Create the Alarming service API endpoints:
$ openstack endpoint create --region RegionOne \ alarming public http://controller:8042 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 340be3625e9b4239a6415d034e98aace | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | 8c2c7f1b9b5049ea9e63757b5533e6d2 | | service_name | aodh | | service_type | alarming | | url | http://controller:8042 | +--------------+----------------------------------+ $ openstack endpoint create --region RegionOne \ alarming internal http://controller:8042 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 340be3625e9b4239a6415d034e98aace | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | 8c2c7f1b9b5049ea9e63757b5533e6d2 | | service_name | aodh | | service_type | alarming | | url | http://controller:8042 | +--------------+----------------------------------+ $ openstack endpoint create --region RegionOne \ alarming admin http://controller:8042 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 340be3625e9b4239a6415d034e98aace | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | 8c2c7f1b9b5049ea9e63757b5533e6d2 | | service_name | aodh | | service_type | alarming | | url | http://controller:8042 | +--------------+----------------------------------+
Install and configure components
Note
Default configuration files vary by distribution. You might need to add these sections and options rather than modifying existing sections and options. Also, an ellipsis (...) in the configuration snippets indicates potential default configuration options that you should retain.
obs
Install the packages:
# zypper install openstack-aodh-api \ openstack-aodh-evaluator openstack-aodh-notifier \ openstack-aodh-listener openstack-aodh-expirer \ python-aodhclient
rdo
Install the packages:
# yum install openstack-aodh-api \ openstack-aodh-evaluator openstack-aodh-notifier \ openstack-aodh-listener openstack-aodh-expirer \ python-ceilometerclient
ubuntu
Install the packages:
# apt-get install aodh-api aodh-evaluator aodh-notifier \ aodh-listener aodh-expirer python-ceilometerclient
- Edit the
/etc/aodh/aodh.conffile and complete the following actions:In the
[database]section, configure database access:[database] ... connection = mongodb://aodh:AODH_DBPASS@controller:27017/aodhReplace
AODH_DBPASSwith the password you chose for the Telemetry Alarming module database. You must escape special characters such as ':', '/', '+', and '@' in the connection string in accordance with RFC2396.In the
[DEFAULT]and[oslo_messaging_rabbit]sections, configureRabbitMQmessage queue access:[DEFAULT] ... rpc_backend = rabbit [oslo_messaging_rabbit] ... rabbit_host = controller rabbit_userid = openstack rabbit_password = RABBIT_PASSReplace
RABBIT_PASSwith the password you chose for theopenstackaccount inRabbitMQ.In the
[DEFAULT]and[keystone_authtoken]sections, configure Identity service access:[DEFAULT] ... auth_strategy = keystone [keystone_authtoken] ... auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_id = default user_domain_id = default project_name = service username = aodh password = AODH_PASSReplace
AODH_PASSwith the password you chose for theaodhuser in the Identity service.In the
[service_credentials]section, configure service credentials:[service_credentials] ... os_auth_url = http://controller:5000/v2.0 os_username = aodh os_tenant_name = service os_password = AODH_PASS os_endpoint_type = internalURL os_region_name = RegionOneReplace
AODH_PASSwith the password you chose for theaodhuser in the Identity service.(Optional) To assist with troubleshooting, enable verbose logging in the
[DEFAULT]section:[DEFAULT] ... verbose = True
Workaround for https://bugs.launchpad.net/ubuntu/+source/aodh/+bug/1513599.
ubuntu
Edit the
/etc/aodh/api_paste.inifile and modify the[filter:authtoken]section as follows:[filter:authtoken] ... oslo_config_project = aodh
Finalize installation
obs
Start the Telemetry Alarming services and configure them to start when the system boots:
# systemctl enable openstack-aodh-api.service \ openstack-aodh-evaluator.service \ openstack-aodh-notifier.service \ openstack-aodh-listener.service # systemctl start openstack-aodh-api.service \ openstack-aodh-evaluator.service \ openstack-aodh-notifier.service \ openstack-aodh-listener.service
rdo
Start the Alarming services and configure them to start when the system boots:
# systemctl enable openstack-aodh-api.service \ openstack-aodh-evaluator.service \ openstack-aodh-notifier.service \ openstack-aodh-listener.service # systemctl start openstack-aodh-api.service \ openstack-aodh-evaluator.service \ openstack-aodh-notifier.service \ openstack-aodh-listener.service
ubuntu
Restart the Alarming services:
# service aodh-api restart # service aodh-evaluator restart # service aodh-notifier restart # service aodh-listener restart