openstack-manuals/doc/install-guide/section_nova-controller.xml
Matt Kassawara 56ef4d3085 Clarified directives in Nova api-paste.ini
Clarified directives in Nova api-paste.ini for controller and compute
nodes based on a working configuration.  Also cleaned up some
formatting issues.

Change-Id: I60408caff40934de85502b845627ddb2ebe83a27
Closes-Bug: #1248001
2013-12-19 21:29:16 -07:00

261 lines
15 KiB
XML

<section xmlns="http://docbook.org/ns/docbook"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0"
xml:id="nova-controller">
<title>Install Compute controller services</title>
<para>Compute is a collection of services that enable you to launch
virtual machine instances. You can configure these services to run
on separate nodes or the same node. In this guide, most services
run on the controller node and the service that launches virtual
machines runs on a dedicated compute node. This section shows you
how to install and configure these services on the controller
node.</para>
<procedure>
<step>
<para os="fedora;rhel;centos">Install the
<package>openstack-nova</package> meta-package, which
installs various Compute packages that are used on the
controller node.</para>
<screen os="fedora;rhel;centos"><prompt>#</prompt> <userinput>yum install openstack-nova python-novaclient</userinput></screen>
<para os="ubuntu;debian;opensuse;sles">Install these Compute
packages, which provide the Compute services that run on the
controller node.</para>
<screen os="ubuntu"><prompt>#</prompt> <userinput>apt-get install nova-novncproxy novnc nova-api \
nova-ajax-console-proxy nova-cert nova-conductor \
nova-consoleauth nova-doc nova-scheduler \
python-novaclient</userinput></screen>
<screen os="debian"><prompt>#</prompt> <userinput>apt-get install nova-consoleproxy nova-api \
nova-cert nova-conductor nova-consoleauth \
nova-scheduler python-novaclient</userinput></screen>
<screen os="opensuse;sles"><prompt>#</prompt> <userinput>zypper install openstack-nova-api openstack-nova-scheduler \
openstack-nova-cert openstack-nova-conductor openstack-nova-console \
openstack-nova-consoleauth openstack-nova-doc \
openstack-nova-novncproxy python-novaclient</userinput></screen>
</step>
<step os="debian">
<para>Respond to the prompts for <link
linkend="debconf-dbconfig-common">database
management</link>, <link linkend="debconf-keystone_authtoken"
><literal>[keystone_authtoken]</literal> settings</link>,
<link linkend="debconf-rabbitqm">RabbitMQ
credentials</link>, and <link linkend="debconf-api-endpoints"
>API endpoint</link> registration. The <command>nova-manage
db sync</command> command runs automatically.</para>
</step>
<step>
<para>Compute stores information in a database. In this guide, we
use a MySQL database on the controller node. Configure Compute
with the database location and credentials. Replace
<replaceable>NOVA_DBPASS</replaceable> with the password for the
database that you will create in a later step.</para>
<screen os="fedora;rhel;centos;opensuse;sles"><prompt>#</prompt> <userinput>openstack-config --set /etc/nova/nova.conf \
database connection mysql://nova:<replaceable>NOVA_DBPASS</replaceable>@<replaceable>controller</replaceable>/nova</userinput></screen>
<para os="ubuntu;debian">Edit the <literal>[database]</literal> section
in the <filename>/etc/nova/nova.conf</filename> file to modify this
key:</para>
<programlisting os="ubuntu;debian" language="ini">
[database]
connection = mysql://nova:<replaceable>NOVA_DBPASS</replaceable>@controller/nova</programlisting>
</step>
<step os="fedora;rhel;centos">
<para>Set these configuration keys to configure Compute to use
the Qpid message broker:</para>
<screen><prompt>#</prompt> <userinput>openstack-config --set /etc/nova/nova.conf \
DEFAULT rpc_backend nova.openstack.common.rpc.impl_qpid</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/nova/nova.conf DEFAULT qpid_hostname <replaceable>controller</replaceable></userinput></screen>
</step>
<step os="ubuntu">
<para>Configure the Compute Service to use the RabbitMQ message broker by
setting these configuration keys in the <literal>[DEFAULT]</literal>
configuration group of the <filename>/etc/nova/nova.conf</filename>
file:</para>
<programlisting language="ini">rpc_backend = nova.rpc.impl_kombu
rabbit_host = controller
rabbit_password = <replaceable>RABBIT_PASS</replaceable></programlisting>
</step>
<step os="opensuse;sles">
<para>Set these configuration keys to configure Compute to use
the RabbitMQ message broker:</para>
<screen><prompt>#</prompt> <userinput>openstack-config --set /etc/nova/nova.conf \
DEFAULT rpc_backend nova.rpc.impl_kombu</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/nova/nova.conf DEFAULT rabbit_host controller</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/nova/nova.conf DEFAULT rabbit_password <replaceable>RABBIT_PASS</replaceable></userinput></screen>
</step>
<step os="fedora;rhel;centos;opensuse;sles">
<para>Run the <command>openstack-db</command> command to create
the Compute service database and tables and a
<literal>nova</literal> database user.</para>
<screen os="fedora;rhel;centos;opensuse;sles"><prompt>#</prompt> <userinput>openstack-db --init --service nova --password <replaceable>NOVA_DBPASS</replaceable></userinput></screen>
</step>
<step os="ubuntu">
<para>By default, the Ubuntu packages create an SQLite database.
Delete the <filename>nova.sqlite</filename> file created in
the <filename>/var/lib/nova/</filename> directory so that it
does not get used by mistake.</para>
</step>
<step os="ubuntu">
<para>Use the password you created previously to log in as root.
Create a <literal>nova</literal> database user:</para>
<screen><prompt>#</prompt> <userinput>mysql -u root -p</userinput>
<prompt>mysql></prompt> <userinput>CREATE DATABASE nova;</userinput>
<prompt>mysql></prompt> <userinput>GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' \
IDENTIFIED BY '<replaceable>NOVA_DBPASS</replaceable>';</userinput>
<prompt>mysql></prompt> <userinput>GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' \
IDENTIFIED BY '<replaceable>NOVA_DBPASS</replaceable>';</userinput></screen>
</step>
<step os="ubuntu">
<para>Create the Compute service tables:</para>
<screen><prompt>#</prompt> <userinput>nova-manage db sync</userinput></screen>
</step>
<step>
<para>Set the <option>my_ip</option>,
<option>vncserver_listen</option>, and
<option>vncserver_proxyclient_address</option>
configuration options to the internal IP address of the
controller node:</para>
<screen os="fedora;rhel;centos;opensuse;sles"><prompt>#</prompt> <userinput>openstack-config --set /etc/nova/nova.conf DEFAULT my_ip 192.168.0.10</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_listen 192.168.0.10</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_proxyclient_address 192.168.0.10</userinput></screen>
<para os="ubuntu">Edit the
<filename>/etc/nova/nova.conf</filename> file and add these
lines to the <literal>[DEFAULT]</literal> section:</para>
<para os="debian">In Debian, the <package>debconf</package>
package automatically sets up <literal>my_ip</literal>
parameter but you must edit the
<filename>/etc/nova/nova.conf</filename> file to configure
the <option>vncserver_listen</option> and
<option>vncserver_proxyclient_address</option> options,
which appear at the end of the file:</para>
<programlisting os="ubuntu;debian" language="ini">...
[DEFAULT]
...
my_ip=192.168.0.10
vncserver_listen=192.168.0.10
vncserver_proxyclient_address=192.168.0.10</programlisting>
</step>
<step os="rhel;centos;fedora;opensuse;sles;ubuntu">
<para>Create a <literal>nova</literal> user that Compute uses to
authenticate with the Identity Service. Use the
<literal>service</literal> tenant and give the user the
<literal>admin</literal> role:</para>
<screen><prompt>#</prompt> <userinput>keystone user-create --name=nova --pass=<replaceable>NOVA_PASS</replaceable> --email=<replaceable>nova@example.com</replaceable></userinput>
<prompt>#</prompt> <userinput>keystone user-role-add --user=nova --tenant=service --role=admin</userinput></screen>
</step>
<step>
<para>Configure Compute to use these credentials with the Identity
Service running on the controller. Replace
<replaceable>NOVA_PASS</replaceable> with your Compute password.</para>
<screen os="fedora;rhel;centos;opensuse;sles"><prompt>#</prompt> <userinput>openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_host <replaceable>controller</replaceable></userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_protocol http</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_port 35357</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_user nova</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_tenant_name service</userinput>
<prompt>#</prompt> <userinput>openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_password <replaceable>NOVA_PASS</replaceable></userinput></screen>
<para os="ubuntu;debian">Edit the <literal>[DEFAULT]</literal> section
in the <filename>/etc/nova/nova.conf</filename> file to add this
key:
</para>
<programlisting os="ubuntu;debian" language="ini">
[DEFAULT]
...
auth_strategy=keystone</programlisting>
<para os="ubuntu;debian">Add these keys to the
<literal>[keystone_authtoken]</literal> section:</para>
<programlisting os="ubuntu;debian" language="ini">
[keystone_authtoken]
...
auth_host = controller
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = nova
admin_password = <replaceable>NOVA_PASS</replaceable></programlisting>
</step>
<step os="rhel;centos;fedora;opensuse;sles;ubuntu">
<para>Add the credentials to the
<filename>/etc/nova/api-paste.ini</filename> file. Add these
options to the <literal>[filter:authtoken]</literal>
section:</para>
<note>
<title>Use of .ini files</title>
<para>You might sometimes have to edit <filename>.ini</filename> files
during initial setup. However,
do not edit these files for general configuration tasks.</para>
</note>
<programlisting language="ini">[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
auth_host = <replaceable>controller</replaceable>
auth_port = 35357
auth_protocol = http
auth_uri = http://<replaceable>controller</replaceable>:5000/v2.0
admin_tenant_name = service
admin_user = nova
admin_password = <replaceable>NOVA_PASS</replaceable></programlisting>
<note>
<para>Ensure that the
<option>api_paste_config=/etc/nova/api-paste.ini</option>
option is set in the
<filename>/etc/nova/nova.conf</filename> file.</para>
</note>
</step>
<step os="rhel;centos;fedora;opensuse;sles;ubuntu">
<para>You must register Compute with the Identity Service so
that other OpenStack services can locate it. Register the
service and specify the endpoint:</para>
<screen><prompt>#</prompt> <userinput>keystone service-create --name=nova --type=compute \
--description="Nova Compute service"</userinput></screen>
</step>
<step os="rhel;centos;fedora;opensuse;sles;ubuntu">
<para>Use the <literal>id</literal> property that is returned to
create the endpoint.</para>
<screen><prompt>#</prompt> <userinput>keystone endpoint-create \
--service-id=<replaceable>the_service_id_above</replaceable> \
--publicurl=http://<replaceable>controller</replaceable>:8774/v2/%\(tenant_id\)s \
--internalurl=http://<replaceable>controller</replaceable>:8774/v2/%\(tenant_id\)s \
--adminurl=http://<replaceable>controller</replaceable>:8774/v2/%\(tenant_id\)s</userinput></screen>
</step>
<step os="rhel;centos;fedora;opensuse;sles;ubuntu">
<para os="centos;fedora;rhel;opensuse;sles">Start Compute
services and configure them to start when the system
boots:</para>
<para os="ubuntu">Restart Compute services:</para>
<screen os="ubuntu"><prompt>#</prompt> <userinput>service nova-api restart</userinput>
<prompt>#</prompt> <userinput>service nova-cert restart</userinput>
<prompt>#</prompt> <userinput>service nova-consoleauth restart</userinput>
<prompt>#</prompt> <userinput>service nova-scheduler restart</userinput>
<prompt>#</prompt> <userinput>service nova-conductor restart</userinput>
<prompt>#</prompt> <userinput>service nova-novncproxy restart</userinput></screen>
<screen os="centos;rhel;fedora;opensuse;sles"><prompt>#</prompt> <userinput>service openstack-nova-api start</userinput>
<prompt>#</prompt> <userinput>service openstack-nova-cert start</userinput>
<prompt>#</prompt> <userinput>service openstack-nova-consoleauth start</userinput>
<prompt>#</prompt> <userinput>service openstack-nova-scheduler start</userinput>
<prompt>#</prompt> <userinput>service openstack-nova-conductor start</userinput>
<prompt>#</prompt> <userinput>service openstack-nova-novncproxy start</userinput>
<prompt>#</prompt> <userinput>chkconfig openstack-nova-api on</userinput>
<prompt>#</prompt> <userinput>chkconfig openstack-nova-cert on</userinput>
<prompt>#</prompt> <userinput>chkconfig openstack-nova-consoleauth on</userinput>
<prompt>#</prompt> <userinput>chkconfig openstack-nova-scheduler on</userinput>
<prompt>#</prompt> <userinput>chkconfig openstack-nova-conductor on</userinput>
<prompt>#</prompt> <userinput>chkconfig openstack-nova-novncproxy on</userinput></screen>
</step>
<step>
<para>To verify your configuration, list available
images:</para>
<screen><prompt>#</prompt> <userinput>nova image-list</userinput>
<computeroutput>+--------------------------------------+-----------------+--------+--------+
| ID | Name | Status | Server |
+--------------------------------------+-----------------+--------+--------+
| acafc7c0-40aa-4026-9673-b879898e1fc2 | CirrOS 0.3.1 | ACTIVE | |
+--------------------------------------+-----------------+--------+--------+</computeroutput></screen>
</step>
</procedure>
</section>