openstack/kolla-ansible
Code Issues Proposed changes

Merge "Upgrade the rst convention of the Reference Guide [4]"

Browse Source
This commit is contained in:
Zuul 2018-03-21 08:49:42 +00:00 committed by Gerrit Code Review
commit bd283f9347
5 changed files with 492 additions and 357 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
doc/source/reference/skydive-guide.rst
View File

@ -5,7 +5,7 @@ Skydive in Kolla
================ ================
Overview Overview
======== ~~~~~~~~
Skydive is an open source real-time network topology and protocols analyzer. Skydive is an open source real-time network topology and protocols analyzer.
It aims to provide a comprehensive way of understanding what is happening in It aims to provide a comprehensive way of understanding what is happening in
the network infrastructure. the network infrastructure.
@ -16,12 +16,14 @@ All the information is stored in an Elasticsearch database.
Configuration on Kolla deployment Configuration on Kolla deployment
--------------------------------- ---------------------------------
Enable Skydive in ``/etc/kolla/globals.yml`` Enable Skydive in ``/etc/kolla/globals.yml`` file:
.. code-block:: console .. code-block:: yaml
enable_skydive: "yes" enable_skydive: "yes"
enable_elasticsearch: "yes" enable_elasticsearch: "yes"
.. end
Verify operation Verify operation
---------------- ----------------

309
doc/source/reference/swift-guide.rst
View File

@ -5,12 +5,13 @@ Swift in Kolla
============== ==============
Overview Overview
======== ~~~~~~~~
Kolla can deploy a full working Swift setup in either a **all-in-one** or Kolla can deploy a full working Swift setup in either a **all-in-one** or
**multinode** setup. **multinode** setup.
Disks with a partition table (recommended) Disks with a partition table (recommended)
========================================== ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Swift requires block devices to be available for storage. To prepare a disk Swift requires block devices to be available for storage. To prepare a disk
for use as a Swift storage device, a special partition name and filesystem for use as a Swift storage device, a special partition name and filesystem
@ -19,32 +20,39 @@ label need to be added.
The following should be done on each storage node, the example is shown The following should be done on each storage node, the example is shown
for three disks: for three disks:
:: .. warning::
# <WARNING ALL DATA ON DISK will be LOST!> ALL DATA ON DISK will be LOST!
index=0
for d in sdc sdd sde; do .. code-block:: console
parted /dev/${d} -s -- mklabel gpt mkpart KOLLA_SWIFT_DATA 1 -1
sudo mkfs.xfs -f -L d${index} /dev/${d}1 index=0
(( index++ )) for d in sdc sdd sde; do
done parted /dev/${d} -s -- mklabel gpt mkpart KOLLA_SWIFT_DATA 1 -1
sudo mkfs.xfs -f -L d${index} /dev/${d}1
(( index++ ))
done
.. end
For evaluation, loopback devices can be used in lieu of real disks: For evaluation, loopback devices can be used in lieu of real disks:
:: .. code-block:: console
index=0 index=0
for d in sdc sdd sde; do for d in sdc sdd sde; do
free_device=$(losetup -f) free_device=$(losetup -f)
fallocate -l 1G /tmp/$d fallocate -l 1G /tmp/$d
losetup $free_device /tmp/$d losetup $free_device /tmp/$d
parted $free_device -s -- mklabel gpt mkpart KOLLA_SWIFT_DATA 1 -1 parted $free_device -s -- mklabel gpt mkpart KOLLA_SWIFT_DATA 1 -1
sudo mkfs.xfs -f -L d${index} ${free_device}p1 sudo mkfs.xfs -f -L d${index} ${free_device}p1
(( index++ )) (( index++ ))
done done
.. end
Disks without a partition table Disks without a partition table
=============================== ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Kolla also supports unpartitioned disk (filesystem on ``/dev/sdc`` instead of Kolla also supports unpartitioned disk (filesystem on ``/dev/sdc`` instead of
``/dev/sdc1``) detection purely based on filesystem label. This is generally ``/dev/sdc1``) detection purely based on filesystem label. This is generally
@ -54,150 +62,193 @@ deployment already using disk like this.
Given hard disks with labels swd1, swd2, swd3, use the following settings in Given hard disks with labels swd1, swd2, swd3, use the following settings in
``ansible/roles/swift/defaults/main.yml``. ``ansible/roles/swift/defaults/main.yml``.
:: .. code-block:: yaml
swift_devices_match_mode: "prefix" swift_devices_match_mode: "prefix"
swift_devices_name: "swd" swift_devices_name: "swd"
.. end
Rings Rings
===== ~~~~~
Before running Swift we need to generate **rings**, which are binary compressed Before running Swift we need to generate **rings**, which are binary compressed
files that at a high level let the various Swift services know where data is in files that at a high level let the various Swift services know where data is in
the cluster. We hope to automate this process in a future release. the cluster. We hope to automate this process in a future release.
The following example commands should be run from the ``operator`` node to The following example commands should be run from the ``operator`` node to
generate rings for a demo setup. The commands work with **disks with partition generate rings for a demo setup. The commands work with **disks with partition
table** example listed above. Please modify accordingly if your setup is table** example listed above. Please modify accordingly if your setup is
different. different.
:: Prepare for Rings generating
----------------------------
STORAGE_NODES=(192.168.0.2 192.168.0.3 192.168.0.4) To perpare for Swift Rings generating, run the following commands to initialize
KOLLA_SWIFT_BASE_IMAGE="kolla/oraclelinux-source-swift-base:4.0.0" the environment variable and create ``/etc/kolla/config/swift`` directory:
mkdir -p /etc/kolla/config/swift .. code-block:: console
# Object ring STORAGE_NODES=(192.168.0.2 192.168.0.3 192.168.0.4)
docker run \ KOLLA_SWIFT_BASE_IMAGE="kolla/oraclelinux-source-swift-base:4.0.0"
--rm \ mkdir -p /etc/kolla/config/swift
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
$KOLLA_SWIFT_BASE_IMAGE \
swift-ring-builder \
/etc/kolla/config/swift/object.builder create 10 3 1
for node in ${STORAGE_NODES[@]}; do .. end
for i in {0..2}; do
docker run \
--rm \
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
$KOLLA_SWIFT_BASE_IMAGE \
swift-ring-builder \
/etc/kolla/config/swift/object.builder add r1z1-${node}:6000/d${i} 1;
done
done
# Account ring Generate Object Ring
docker run \ --------------------
--rm \
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
$KOLLA_SWIFT_BASE_IMAGE \
swift-ring-builder \
/etc/kolla/config/swift/account.builder create 10 3 1
for node in ${STORAGE_NODES[@]}; do To generate Swift object ring, run the following commands:
for i in {0..2}; do
docker run \
--rm \
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
$KOLLA_SWIFT_BASE_IMAGE \
swift-ring-builder \
/etc/kolla/config/swift/account.builder add r1z1-${node}:6001/d${i} 1;
done
done
# Container ring .. code-block:: console
docker run \
--rm \
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
$KOLLA_SWIFT_BASE_IMAGE \
swift-ring-builder \
/etc/kolla/config/swift/container.builder create 10 3 1
for node in ${STORAGE_NODES[@]}; do docker run \
for i in {0..2}; do --rm \
docker run \ -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
--rm \ $KOLLA_SWIFT_BASE_IMAGE \
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ swift-ring-builder \
$KOLLA_SWIFT_BASE_IMAGE \ /etc/kolla/config/swift/object.builder create 10 3 1
swift-ring-builder \
/etc/kolla/config/swift/container.builder add r1z1-${node}:6002/d${i} 1;
done
done
for ring in object account container; do for node in ${STORAGE_NODES[@]}; do
docker run \ for i in {0..2}; do
--rm \ docker run \
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \ --rm \
$KOLLA_SWIFT_BASE_IMAGE \ -v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
swift-ring-builder \ $KOLLA_SWIFT_BASE_IMAGE \
/etc/kolla/config/swift/${ring}.builder rebalance; swift-ring-builder \
done /etc/kolla/config/swift/object.builder add r1z1-${node}:6000/d${i} 1;
done
done
For more info, see .. end
Generate Account Ring
---------------------
To generate Swift account ring, run the following commands:
.. code-block:: console
docker run \
--rm \
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
$KOLLA_SWIFT_BASE_IMAGE \
swift-ring-builder \
/etc/kolla/config/swift/account.builder create 10 3 1
for node in ${STORAGE_NODES[@]}; do
for i in {0..2}; do
docker run \
--rm \
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
$KOLLA_SWIFT_BASE_IMAGE \
swift-ring-builder \
/etc/kolla/config/swift/account.builder add r1z1-${node}:6001/d${i} 1;
done
done
.. end
Generate Container Ring
-----------------------
To generate Swift container ring, run the following commands:
.. code-block:: console
docker run \
--rm \
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
$KOLLA_SWIFT_BASE_IMAGE \
swift-ring-builder \
/etc/kolla/config/swift/container.builder create 10 3 1
for node in ${STORAGE_NODES[@]}; do
for i in {0..2}; do
docker run \
--rm \
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
$KOLLA_SWIFT_BASE_IMAGE \
swift-ring-builder \
/etc/kolla/config/swift/container.builder add r1z1-${node}:6002/d${i} 1;
done
done
for ring in object account container; do
docker run \
--rm \
-v /etc/kolla/config/swift/:/etc/kolla/config/swift/ \
$KOLLA_SWIFT_BASE_IMAGE \
swift-ring-builder \
/etc/kolla/config/swift/${ring}.builder rebalance;
done
.. end
For more information, see
https://docs.openstack.org/project-install-guide/object-storage/ocata/initial-rings.html https://docs.openstack.org/project-install-guide/object-storage/ocata/initial-rings.html
Deploying Deploying
========= ~~~~~~~~~
Enable Swift in ``/etc/kolla/globals.yml``: Enable Swift in ``/etc/kolla/globals.yml``:
:: .. code-block:: yaml
enable_swift : "yes" enable_swift : "yes"
.. end
Once the rings are in place, deploying Swift is the same as any other Kolla Once the rings are in place, deploying Swift is the same as any other Kolla
Ansible service: Ansible service:
:: .. code-block:: console
kolla-ansible deploy -i <path/to/inventory-file> # kolla-ansible deploy -i <path/to/inventory-file>
.. end
Verification
~~~~~~~~~~~~
Validation
==========
A very basic smoke test: A very basic smoke test:
:: .. code-block:: console
$ openstack container create mycontainer $ openstack container create mycontainer
+---------------------------------------+--------------+------------------------------------+
| account | container | x-trans-id |
+---------------------------------------+--------------+------------------------------------+
| AUTH_7b938156dba44de7891f311c751f91d8 | mycontainer | txb7f05fa81f244117ac1b7-005a0e7803 |
+---------------------------------------+--------------+------------------------------------+
$ openstack object create mycontainer README.rst +---------------------------------------+--------------+------------------------------------+
+---------------+--------------+----------------------------------+ | account | container | x-trans-id |
| object | container | etag | +---------------------------------------+--------------+------------------------------------+
+---------------+--------------+----------------------------------+ | AUTH_7b938156dba44de7891f311c751f91d8 | mycontainer | txb7f05fa81f244117ac1b7-005a0e7803 |
| README.rst | mycontainer | 2634ecee0b9a52ba403a503cc7d8e988 | +---------------------------------------+--------------+------------------------------------+
+---------------+--------------+----------------------------------+
$ openstack container show mycontainer $ openstack object create mycontainer README.rst
+--------------+---------------------------------------+
| Field | Value |
+--------------+---------------------------------------+
| account | AUTH_7b938156dba44de7891f311c751f91d8 |
| bytes_used | 6684 |
| container | mycontainer |
| object_count | 1 |
+--------------+---------------------------------------+
$ openstack object store account show +---------------+--------------+----------------------------------+
+------------+---------------------------------------+ | object | container | etag |
| Field | Value | +---------------+--------------+----------------------------------+
+------------+---------------------------------------+ | README.rst | mycontainer | 2634ecee0b9a52ba403a503cc7d8e988 |
| Account | AUTH_7b938156dba44de7891f311c751f91d8 | +---------------+--------------+----------------------------------+
| Bytes | 6684 |
| Containers | 1 | $ openstack container show mycontainer
| Objects | 1 |
+------------+---------------------------------------+ +--------------+---------------------------------------+
| Field | Value |
+--------------+---------------------------------------+
| account | AUTH_7b938156dba44de7891f311c751f91d8 |
| bytes_used | 6684 |
| container | mycontainer |
| object_count | 1 |
+--------------+---------------------------------------+
$ openstack object store account show
+------------+---------------------------------------+
| Field | Value |
+------------+---------------------------------------+
| Account | AUTH_7b938156dba44de7891f311c751f91d8 |
| Bytes | 6684 |
| Containers | 1 |
| Objects | 1 |
+------------+---------------------------------------+

145
doc/source/reference/tacker-guide.rst
View File

@ -1,14 +1,16 @@
===============
Tacker in Kolla Tacker in Kolla
=============== ===============
"Tacker is an OpenStack service for NFV Orchestration with "Tacker is an OpenStack service for NFV Orchestration with a general purpose
a general purpose VNF Manager to deploy and operate VNF Manager to deploy and operate Virtual Network Functions (VNFs) and
Virtual Network Functions (VNFs) and Network Services Network Services on an NFV Platform. It is based on ETSI MANO Architectural
on an NFV Platform. Framework."
It is based on ETSI MANO Architectural Framework." [1]. For more details about Tacker, see `OpenStack Tacker Documentation
<https://docs.openstack.org/tacker/latest/>`__.
Overview Overview
-------- ~~~~~~~~
As of the Pike release, tacker requires the following services As of the Pike release, tacker requires the following services
to be enabled to operate correctly. to be enabled to operate correctly.
@ -26,7 +28,7 @@ Optionally tacker supports the following services and features.
* Opendaylight * Opendaylight
Compatibility Compatibility
------------- ~~~~~~~~~~~~~
Tacker is supported by the following distros and install_types. Tacker is supported by the following distros and install_types.
@ -39,7 +41,7 @@ Tacker is supported by the following distros and install_types.
* Only source images. * Only source images.
Preparation and Deployment Preparation and Deployment
-------------------------- ~~~~~~~~~~~~~~~~~~~~~~~~~~
By default tacker and required services are disabled in By default tacker and required services are disabled in
the ``group_vars/all.yml`` file. the ``group_vars/all.yml`` file.
@ -48,53 +50,63 @@ In order to enable them, you need to edit the file
.. note:: .. note::
Heat is enabled by default, ensure it is not disabled. Heat is enabled by default, ensure it is not disabled.
:: .. code-block:: yaml
enable_tacker: "yes" enable_tacker: "yes"
enable_barbican: "yes" enable_barbican: "yes"
enable_mistral: "yes" enable_mistral: "yes"
enable_redis: "yes" enable_redis: "yes"
.. end
.. warning:: .. warning::
Barbican is required in multinode deployments to share VIM fernet_keys. Barbican is required in multinode deployments to share VIM fernet_keys.
If not enabled, only one tacker-server host will have the keys on it If not enabled, only one tacker-server host will have the keys on it
and any request made to a different tacker-server will fail with a and any request made to a different tacker-server will fail with a
similar error as ``No such file or directory /etc/tacker/vim/fernet_keys`` similar error as ``No such file or directory /etc/tacker/vim/fernet_keys``
Deploy tacker and related services. Deploy tacker and related services.
:: .. code-block:: console
$ kolla-ansible deploy $ kolla-ansible deploy
Verify .. end
------
Verification
~~~~~~~~~~~~
Generate the credentials file. Generate the credentials file.
:: .. code-block:: console
$ kolla-ansible post-deploy $ kolla-ansible post-deploy
.. end
Source credentials file. Source credentials file.
:: .. code-block:: console
$ . /etc/kolla/admin-openrc.sh $ . /etc/kolla/admin-openrc.sh
.. end
Create base neutron networks and glance images. Create base neutron networks and glance images.
:: .. code-block:: console
$ sh tools/init-runonce $ sh tools/init-runonce
.. end
.. note:: .. note::
``init-runonce`` file is located in ``$PYTHON_PATH/kolla-ansible`` ``init-runonce`` file is located in ``$PYTHON_PATH/kolla-ansible``
folder in kolla-ansible installation from pip. folder in kolla-ansible installation from pip.
In kolla-ansible git repository a `tacker demo <https://github.com/openstack/kolla-ansible/tree/master/contrib/demos/tacker>`_ In kolla-ansible git repository a `tacker demo <https://github.com/openstack/kolla-ansible/tree/master/contrib/demos/tacker>`_
is present in ``kolla-ansible/contrib/demos/tacker/`` that will is present in ``kolla-ansible/contrib/demos/tacker/`` that will
@ -104,18 +116,22 @@ Install python-tackerclient.
.. note:: .. note::
Barbican, heat and mistral python clients are in tacker's Barbican, heat and mistral python clients are in tacker's
requirements and will be installed as dependency. requirements and will be installed as dependency.
:: .. code-block:: console
$ pip install python-tackerclient $ pip install python-tackerclient
.. end
Execute ``deploy-tacker-demo`` script to initialize the VNF creation. Execute ``deploy-tacker-demo`` script to initialize the VNF creation.
:: .. code-block:: console
$ sh deploy-tacker-demo $ sh deploy-tacker-demo
.. end
Tacker demo script will create sample VNF Descriptor (VNFD) file, Tacker demo script will create sample VNF Descriptor (VNFD) file,
then register a default VIM, create a tacker VNFD and finally then register a default VIM, create a tacker VNFD and finally
@ -127,42 +143,51 @@ running in nova and with its corresponding heat stack CREATION_COMPLETE.
Verify tacker VNF status is ACTIVE. Verify tacker VNF status is ACTIVE.
:: .. code-block:: console
$ tacker vnf-list $ tacker vnf-list
+--------------------------------------+------------------+-----------------------+--------+--------------------------------------+--------------------------------------+
| id | name | mgmt_url | status | vim_id | vnfd_id | +--------------------------------------+------------------+-----------------------+--------+--------------------------------------+--------------------------------------+
+--------------------------------------+------------------+-----------------------+--------+--------------------------------------+--------------------------------------+ | id | name | mgmt_url | status | vim_id | vnfd_id |
| c52fcf99-101d-427b-8a2d-c9ef54af8b1d | kolla-sample-vnf | {"VDU1": "10.0.0.10"} | ACTIVE | eb3aa497-192c-4557-a9d7-1dff6874a8e6 | 27e8ea98-f1ff-4a40-a45c-e829e53b3c41 | +--------------------------------------+------------------+-----------------------+--------+--------------------------------------+--------------------------------------+
+--------------------------------------+------------------+-----------------------+--------+--------------------------------------+--------------------------------------+ | c52fcf99-101d-427b-8a2d-c9ef54af8b1d | kolla-sample-vnf | {"VDU1": "10.0.0.10"} | ACTIVE | eb3aa497-192c-4557-a9d7-1dff6874a8e6 | 27e8ea98-f1ff-4a40-a45c-e829e53b3c41 |
+--------------------------------------+------------------+-----------------------+--------+--------------------------------------+--------------------------------------+
.. end
Verify nova instance status is ACTIVE. Verify nova instance status is ACTIVE.
:: .. code-block:: console
$ openstack server list $ openstack server list
+--------------------------------------+-------------------------------------------------------+--------+--------------------+--------+-----------------------------------------------------------------------------------------------------------------------+
| ID | Name | Status | Networks | Image | Flavor | +--------------------------------------+-------------------------------------------------------+--------+--------------------+--------+-----------------------------------------------------------------------------------------------------------------------+
+--------------------------------------+-------------------------------------------------------+--------+--------------------+--------+-----------------------------------------------------------------------------------------------------------------------+ | ID | Name | Status | Networks | Image | Flavor |
| d2d59eeb-8526-4826-8f1b-c50b571395e2 | ta-cf99-101d-427b-8a2d-c9ef54af8b1d-VDU1-fchiv6saay7p | ACTIVE | demo-net=10.0.0.10 | cirros | tacker.vnfm.infra_drivers.openstack.openstack_OpenStack-c52fcf99-101d-427b-8a2d-c9ef54af8b1d-VDU1_flavor-yl4bzskwxdkn | +--------------------------------------+-------------------------------------------------------+--------+--------------------+--------+-----------------------------------------------------------------------------------------------------------------------+
+--------------------------------------+-------------------------------------------------------+--------+--------------------+--------+-----------------------------------------------------------------------------------------------------------------------+ | d2d59eeb-8526-4826-8f1b-c50b571395e2 | ta-cf99-101d-427b-8a2d-c9ef54af8b1d-VDU1-fchiv6saay7p | ACTIVE | demo-net=10.0.0.10 | cirros | tacker.vnfm.infra_drivers.openstack.openstack_OpenStack-c52fcf99-101d-427b-8a2d-c9ef54af8b1d-VDU1_flavor-yl4bzskwxdkn |
+--------------------------------------+-------------------------------------------------------+--------+--------------------+--------+-----------------------------------------------------------------------------------------------------------------------+
.. end
Verify Heat stack status is CREATE_COMPLETE. Verify Heat stack status is CREATE_COMPLETE.
:: .. code-block:: console
$ openstack stack list $ openstack stack list
+--------------------------------------+----------------------------------------------------------------------------------------------+----------------------------------+-----------------+----------------------+--------------+
| ID | Stack Name | Project | Stack Status | Creation Time | Updated Time | +--------------------------------------+----------------------------------------------------------------------------------------------+----------------------------------+-----------------+----------------------+--------------+
+--------------------------------------+----------------------------------------------------------------------------------------------+----------------------------------+-----------------+----------------------+--------------+ | ID | Stack Name | Project | Stack Status | Creation Time | Updated Time |
| 289a6686-70f6-4db7-aa10-ed169fe547a6 | tacker.vnfm.infra_drivers.openstack.openstack_OpenStack-c52fcf99-101d-427b-8a2d-c9ef54af8b1d | 1243948e59054aab83dbf2803e109b3f | CREATE_COMPLETE | 2017-08-23T09:49:50Z | None | +--------------------------------------+----------------------------------------------------------------------------------------------+----------------------------------+-----------------+----------------------+--------------+
+--------------------------------------+----------------------------------------------------------------------------------------------+----------------------------------+-----------------+----------------------+--------------+ | 289a6686-70f6-4db7-aa10-ed169fe547a6 | tacker.vnfm.infra_drivers.openstack.openstack_OpenStack-c52fcf99-101d-427b-8a2d-c9ef54af8b1d | 1243948e59054aab83dbf2803e109b3f | CREATE_COMPLETE | 2017-08-23T09:49:50Z | None |
+--------------------------------------+----------------------------------------------------------------------------------------------+----------------------------------+-----------------+----------------------+--------------+
.. end
After the correct functionality of tacker is verified, tacker demo After the correct functionality of tacker is verified, tacker demo
can be cleaned up executing ``cleanup-tacker`` script. can be cleaned up executing ``cleanup-tacker`` script.
:: .. code-block:: console
$ sh cleanup-tacker $ sh cleanup-tacker
[1] https://docs.openstack.org/tacker/latest/ .. end

247
doc/source/reference/vmware-guide.rst
View File

@ -1,11 +1,12 @@
.. _vmware-guide: .. _vmware-guide:
==================== ===============
VMware in Kolla VMware in Kolla
==================== ===============
Overview Overview
======== ~~~~~~~~
Kolla can deploy the Nova and Neutron Service(s) for VMware vSphere. Kolla can deploy the Nova and Neutron Service(s) for VMware vSphere.
Depending on the network architecture (NsxV or DVS) you choose, Kolla deploys Depending on the network architecture (NsxV or DVS) you choose, Kolla deploys
the following OpenStack services for VMware vSphere: the following OpenStack services for VMware vSphere:
@ -42,11 +43,11 @@ bridge and works through VLAN.
.. note:: .. note::
VMware NSX-DVS plugin does not support tenant networks, so all VMs should VMware NSX-DVS plugin does not support tenant networks, so all VMs should
attach to Provider VLAN/Flat networks. attach to Provider VLAN/Flat networks.
VMware NSX-V VMware NSX-V
============ ~~~~~~~~~~~~
Preparation Preparation
----------- -----------
@ -57,51 +58,57 @@ For more information, please see `VMware NSX-V documentation <https://docs.vmwar
.. note:: .. note::
In addition, it is important to modify the firewall rule of vSphere to make In addition, it is important to modify the firewall rule of vSphere to make
sure that VNC is accessible from outside VMware environment. sure that VNC is accessible from outside VMware environment.
On every VMware host, edit /etc/vmware/firewall/vnc.xml as below: On every VMware host, edit /etc/vmware/firewall/vnc.xml as below:
.. code-block:: console .. code-block:: none
<!-- FirewallRule for VNC Console --> <!-- FirewallRule for VNC Console -->
<ConfigRoot> <ConfigRoot>
<service> <service>
<id>VNC</id> <id>VNC</id>
<rule id = '0000'> <rule id = '0000'>
<direction>inbound</direction> <direction>inbound</direction>
<protocol>tcp</protocol> <protocol>tcp</protocol>
<porttype>dst</porttype> <porttype>dst</porttype>
<port> <port>
<begin>5900</begin> <begin>5900</begin>
<end>5999</end> <end>5999</end>
</port> </port>
</rule> </rule>
<rule id = '0001'> <rule id = '0001'>
<direction>outbound</direction> <direction>outbound</direction>
<protocol>tcp</protocol> <protocol>tcp</protocol>
<porttype>dst</porttype> <porttype>dst</porttype>
<port> <port>
<begin>0</begin> <begin>0</begin>
<end>65535</end> <end>65535</end>
</port> </port>
</rule> </rule>
<enabled>true</enabled> <enabled>true</enabled>
<required>false</required> <required>false</required>
</service> </service>
</ConfigRoot> </ConfigRoot>
.. end
Then refresh the firewall config by: Then refresh the firewall config by:
.. code-block:: console .. code-block:: console
esxcli network firewall refresh # esxcli network firewall refresh
.. end
Verify that the firewall config is applied: Verify that the firewall config is applied:
.. code-block:: console .. code-block:: console
esxcli network firewall ruleset list # esxcli network firewall ruleset list
.. end
Deployment Deployment
---------- ----------
@ -109,97 +116,111 @@ Deployment
Enable VMware nova-compute plugin and NSX-V neutron-server plugin in Enable VMware nova-compute plugin and NSX-V neutron-server plugin in
``/etc/kolla/globals.yml``: ``/etc/kolla/globals.yml``:
.. code-block:: console .. code-block:: yaml
nova_compute_virt_type: "vmware" nova_compute_virt_type: "vmware"
neutron_plugin_agent: "vmware_nsxv" neutron_plugin_agent: "vmware_nsxv"
.. end
.. note:: .. note::
VMware NSX-V also supports Neutron FWaaS, LBaaS and VPNaaS services, you can enable VMware NSX-V also supports Neutron FWaaS, LBaaS and VPNaaS services, you can enable
them by setting these options in globals.yml: them by setting these options in ``globals.yml``:
* enable_neutron_vpnaas: "yes" * enable_neutron_vpnaas: "yes"
* enable_neutron_lbaas: "yes" * enable_neutron_lbaas: "yes"
* enable_neutron_fwaas: "yes" * enable_neutron_fwaas: "yes"
If you want to set VMware datastore as cinder backend, enable it in If you want to set VMware datastore as cinder backend, enable it in
``/etc/kolla/globals.yml``: ``/etc/kolla/globals.yml``:
.. code-block:: console .. code-block:: yaml
enable_cinder: "yes" enable_cinder: "yes"
cinder_backend_vmwarevc_vmdk: "yes" cinder_backend_vmwarevc_vmdk: "yes"
vmware_datastore_name: "TestDatastore" vmware_datastore_name: "TestDatastore"
.. end
If you want to set VMware datastore as glance backend, enable it in If you want to set VMware datastore as glance backend, enable it in
``/etc/kolla/globals.yml``: ``/etc/kolla/globals.yml``:
.. code-block:: console .. code-block:: yaml
glance_backend_vmware: "yes" glance_backend_vmware: "yes"
vmware_vcenter_name: "TestDatacenter" vmware_vcenter_name: "TestDatacenter"
vmware_datastore_name: "TestDatastore" vmware_datastore_name: "TestDatastore"
.. end
VMware options are required in ``/etc/kolla/globals.yml``, these options should VMware options are required in ``/etc/kolla/globals.yml``, these options should
be configured correctly according to your NSX-V environment. be configured correctly according to your NSX-V environment.
Options for nova-compute and ceilometer: Options for ``nova-compute`` and ``ceilometer``:
.. code-block:: console .. code-block:: yaml
vmware_vcenter_host_ip: "127.0.0.1" vmware_vcenter_host_ip: "127.0.0.1"
vmware_vcenter_host_username: "admin" vmware_vcenter_host_username: "admin"
vmware_vcenter_cluster_name: "cluster-1" vmware_vcenter_cluster_name: "cluster-1"
vmware_vcenter_insecure: "True" vmware_vcenter_insecure: "True"
vmware_vcenter_datastore_regex: ".*" vmware_vcenter_datastore_regex: ".*"
.. end
.. note:: .. note::
The VMware vCenter password has to be set in ``/etc/kolla/passwords.yml``. The VMware vCenter password has to be set in ``/etc/kolla/passwords.yml``.
.. code-block:: console .. code-block:: yaml
vmware_vcenter_host_password: "admin" vmware_vcenter_host_password: "admin"
.. end
Options for Neutron NSX-V support: Options for Neutron NSX-V support:
.. code-block:: console .. code-block:: yaml
vmware_nsxv_user: "nsx_manager_user" vmware_nsxv_user: "nsx_manager_user"
vmware_nsxv_manager_uri: "https://127.0.0.1" vmware_nsxv_manager_uri: "https://127.0.0.1"
vmware_nsxv_cluster_moid: "TestCluster" vmware_nsxv_cluster_moid: "TestCluster"
vmware_nsxv_datacenter_moid: "TestDataCeter" vmware_nsxv_datacenter_moid: "TestDataCeter"
vmware_nsxv_resource_pool_id: "TestRSGroup" vmware_nsxv_resource_pool_id: "TestRSGroup"
vmware_nsxv_datastore_id: "TestDataStore" vmware_nsxv_datastore_id: "TestDataStore"
vmware_nsxv_external_network: "TestDVSPort-Ext" vmware_nsxv_external_network: "TestDVSPort-Ext"
vmware_nsxv_vdn_scope_id: "TestVDNScope" vmware_nsxv_vdn_scope_id: "TestVDNScope"
vmware_nsxv_dvs_id: "TestDVS" vmware_nsxv_dvs_id: "TestDVS"
vmware_nsxv_backup_edge_pool: "service:compact:1:2" vmware_nsxv_backup_edge_pool: "service:compact:1:2"
vmware_nsxv_spoofguard_enabled: "false" vmware_nsxv_spoofguard_enabled: "false"
vmware_nsxv_metadata_initializer: "false" vmware_nsxv_metadata_initializer: "false"
vmware_nsxv_edge_ha: "false" vmware_nsxv_edge_ha: "false"
.. yaml
.. note:: .. note::
If you want to set secure connections to VMware, set ``vmware_vcenter_insecure`` If you want to set secure connections to VMware, set ``vmware_vcenter_insecure``
to false. to false.
Secure connections to vCenter requires a CA file, copy the vCenter CA file to Secure connections to vCenter requires a CA file, copy the vCenter CA file to
``/etc/kolla/config/vmware_ca``. ``/etc/kolla/config/vmware_ca``.
.. note:: .. note::
The VMware NSX-V password has to be set in ``/etc/kolla/passwords.yml``. The VMware NSX-V password has to be set in ``/etc/kolla/passwords.yml``.
.. code-block:: console .. code-block:: yaml
vmware_nsxv_password: "nsx_manager_password" vmware_nsxv_password: "nsx_manager_password"
Then you should start kolla-ansible deployment normally as KVM/QEMU deployment. .. end
Then you should start :command:`kolla-ansible` deployment normally as KVM/QEMU deployment.
VMware NSX-DVS VMware NSX-DVS
============== ~~~~~~~~~~~~~~
Preparation Preparation
----------- -----------
@ -216,28 +237,34 @@ Deployment
Enable VMware nova-compute plugin and NSX-V neutron-server plugin in Enable VMware nova-compute plugin and NSX-V neutron-server plugin in
``/etc/kolla/globals.yml``: ``/etc/kolla/globals.yml``:
.. code-block:: console .. code-block:: yaml
nova_compute_virt_type: "vmware" nova_compute_virt_type: "vmware"
neutron_plugin_agent: "vmware_dvs" neutron_plugin_agent: "vmware_dvs"
.. end
If you want to set VMware datastore as Cinder backend, enable it in If you want to set VMware datastore as Cinder backend, enable it in
``/etc/kolla/globals.yml``: ``/etc/kolla/globals.yml``:
.. code-block:: console .. code-block:: yaml
enable_cinder: "yes" enable_cinder: "yes"
cinder_backend_vmwarevc_vmdk: "yes" cinder_backend_vmwarevc_vmdk: "yes"
vmware_datastore_name: "TestDatastore" vmware_datastore_name: "TestDatastore"
.. end
If you want to set VMware datastore as Glance backend, enable it in If you want to set VMware datastore as Glance backend, enable it in
``/etc/kolla/globals.yml``: ``/etc/kolla/globals.yml``:
.. code-block:: console .. code-block:: yaml
glance_backend_vmware: "yes" glance_backend_vmware: "yes"
vmware_vcenter_name: "TestDatacenter" vmware_vcenter_name: "TestDatacenter"
vmware_datastore_name: "TestDatastore" vmware_datastore_name: "TestDatastore"
.. end
VMware options are required in ``/etc/kolla/globals.yml``, these options should VMware options are required in ``/etc/kolla/globals.yml``, these options should
be configured correctly according to the vSphere environment you installed be configured correctly according to the vSphere environment you installed
@ -246,23 +273,27 @@ the following options.
Options for Neutron NSX-DVS support: Options for Neutron NSX-DVS support:
.. code-block:: console .. code-block:: yaml
vmware_dvs_host_ip: "192.168.1.1" vmware_dvs_host_ip: "192.168.1.1"
vmware_dvs_host_port: "443" vmware_dvs_host_port: "443"
vmware_dvs_host_username: "admin" vmware_dvs_host_username: "admin"
vmware_dvs_dvs_name: "VDS-1" vmware_dvs_dvs_name: "VDS-1"
vmware_dvs_dhcp_override_mac: "" vmware_dvs_dhcp_override_mac: ""
.. end
.. note:: .. note::
The VMware NSX-DVS password has to be set in ``/etc/kolla/passwords.yml``. The VMware NSX-DVS password has to be set in ``/etc/kolla/passwords.yml``.
.. code-block:: console .. code-block:: yaml
vmware_dvs_host_password: "password" vmware_dvs_host_password: "password"
Then you should start kolla-ansible deployment normally as KVM/QEMU deployment. .. end
Then you should start :command:`kolla-ansible` deployment normally as KVM/QEMU deployment.
For more information on OpenStack vSphere, see For more information on OpenStack vSphere, see
`VMware vSphere `VMware vSphere

136
doc/source/reference/zun-guide.rst
View File

@ -1,9 +1,12 @@
============
Zun in Kolla Zun in Kolla
============ ============
"Zun is an OpenStack Container service. It aims to provide an "Zun is an OpenStack Container service. It aims to provide an
OpenStack API for provisioning and managing containerized OpenStack API for provisioning and managing containerized
workload on OpenStack." [1]. workload on OpenStack."
For more details about Zun, see `OpenStack Zun Documentation
<https://docs.openstack.org/zun/latest/>`__.
Preparation and Deployment Preparation and Deployment
-------------------------- --------------------------
@ -14,101 +17,124 @@ configure kuryr refer to :doc:`kuryr-guide`.
To allow Zun Compute connect to the Docker Daemon, add the following in the To allow Zun Compute connect to the Docker Daemon, add the following in the
``docker.service`` file on each zun-compute node. ``docker.service`` file on each zun-compute node.
:: .. code-block:: none
ExecStart= -H tcp://<DOCKER_SERVICE_IP>:2375 -H unix:///var/run/docker.sock --cluster-store=etcd://<DOCKER_SERVICE_IP>:2379 --cluster-advertise=<DOCKER_SERVICE_IP>:2375 ExecStart= -H tcp://<DOCKER_SERVICE_IP>:2375 -H unix:///var/run/docker.sock --cluster-store=etcd://<DOCKER_SERVICE_IP>:2379 --cluster-advertise=<DOCKER_SERVICE_IP>:2375
.. end
.. note:: .. note::
``DOCKER_SERVICE_IP`` is zun-compute host IP address. ``2375`` is port that ``DOCKER_SERVICE_IP`` is zun-compute host IP address. ``2375`` is port that
allows Docker daemon to be accessed remotely. allows Docker daemon to be accessed remotely.
By default zun is disabled in the ``group_vars/all.yml``. By default zun is disabled in the ``group_vars/all.yml``.
In order to enable it, you need to edit the file globals.yml and set the In order to enable it, you need to edit the file globals.yml and set the
following variables: following variables:
:: .. code-block:: yaml
enable_zun: "yes" enable_zun: "yes"
enable_kuryr: "yes" enable_kuryr: "yes"
enable_etcd: "yes" enable_etcd: "yes"
.. end
Deploy the OpenStack cloud and zun. Deploy the OpenStack cloud and zun.
:: .. code-block:: console
$ kolla-ansible deploy $ kolla-ansible deploy
Verify .. end
------
Generate the credentials file. Verification
------------
:: #. Generate the credentials file:
$ kolla-ansible post-deploy .. code-block:: console
Source credentials file. $ kolla-ansible post-deploy
:: .. end
$ . /etc/kolla/admin-openrc.sh #. Source credentials file:
Download and create a glance container image. .. code-block:: console
:: $ . /etc/kolla/admin-openrc.sh
$ docker pull cirros .. end
$ docker save cirros | openstack image create cirros --public \
--container-format docker --disk-format raw
Create zun container. #. Download and create a glance container image:
:: .. code-block:: console
$ zun create --name test --net network=demo-net cirros ping -c4 8.8.8.8 $ docker pull cirros
$ docker save cirros | openstack image create cirros --public \
--container-format docker --disk-format raw
.. note:: .. end
Kuryr does not support networks with DHCP enabled, disable DHCP in the #. Create zun container:
subnet used for zun containers.
:: .. code-block:: console
openstack subnet set --no-dhcp <subnet> $ zun create --name test --net network=demo-net cirros ping -c4 8.8.8.8
Verify container is created. .. end
:: .. note::
$ zun list Kuryr does not support networks with DHCP enabled, disable DHCP in the
+--------------------------------------+------+---------------+---------+------------+------------+-------+ subnet used for zun containers.
| uuid | name | image | status | task_state | addresses | ports |
+--------------------------------------+------+---------------+---------+------------+------------+-------+
| 3719a73e-5f86-47e1-bc5f-f4074fc749f2 | test | cirros | Created | None | 172.17.0.3 | [] |
+--------------------------------------+------+---------------+---------+------------+------------+-------+
Start container. .. code-block:: console
:: $ openstack subnet set --no-dhcp <subnet>
$ zun start test .. end
Request to start container test has been accepted.
Verify container. #. Verify container is created:
:: .. code-block:: console
$ zun logs test $ zun list
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=45 time=96.396 ms
64 bytes from 8.8.8.8: seq=1 ttl=45 time=96.504 ms
64 bytes from 8.8.8.8: seq=2 ttl=45 time=96.721 ms
64 bytes from 8.8.8.8: seq=3 ttl=45 time=95.884 ms
--- 8.8.8.8 ping statistics --- +--------------------------------------+------+---------------+---------+------------+------------+-------+
4 packets transmitted, 4 packets received, 0% packet loss | uuid | name | image | status | task_state | addresses | ports |
round-trip min/avg/max = 95.884/96.376/96.721 ms +--------------------------------------+------+---------------+---------+------------+------------+-------+
| 3719a73e-5f86-47e1-bc5f-f4074fc749f2 | test | cirros | Created | None | 172.17.0.3 | [] |
+--------------------------------------+------+---------------+---------+------------+------------+-------+
.. end
#. Start container:
.. code-block:: console
$ zun start test
Request to start container test has been accepted.
.. end
#. Verify container:
.. code-block:: console
$ zun logs test
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=45 time=96.396 ms
64 bytes from 8.8.8.8: seq=1 ttl=45 time=96.504 ms
64 bytes from 8.8.8.8: seq=2 ttl=45 time=96.721 ms
64 bytes from 8.8.8.8: seq=3 ttl=45 time=95.884 ms
--- 8.8.8.8 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 95.884/96.376/96.721 ms
.. end
For more information about how zun works, see For more information about how zun works, see
`zun, OpenStack Container service <https://docs.openstack.org/zun/latest/>`__. `zun, OpenStack Container service <https://docs.openstack.org/zun/latest/>`__.