Merge "Update advanced configuration"

This commit is contained in:
Jenkins 2016-05-23 09:58:27 +00:00 committed by Gerrit Code Review
commit cff89a332a

View File

@ -25,16 +25,14 @@ The configuration parameters related to these options are:
For the combined option, set the two variables below, while allowing the For the combined option, set the two variables below, while allowing the
other two to accept their default values. In this configuration all REST other two to accept their default values. In this configuration all REST
API requests, internal and external, will flow over the same network. API requests, internal and external, will flow over the same network. ::
::
kolla_internal_vip_address: "10.10.10.254" kolla_internal_vip_address: "10.10.10.254"
network_interface: "eth0" network_interface: "eth0"
For the separate option, set these four variables. In this configuration For the separate option, set these four variables. In this configuration
the internal and external REST API requests can flow over separate the internal and external REST API requests can flow over separate
networks. networks. ::
::
kolla_internal_vip_address: "10.10.10.254" kolla_internal_vip_address: "10.10.10.254"
network_interface: "eth0" network_interface: "eth0"
@ -48,8 +46,10 @@ When addressing a server on the internet, it is more common to use
a name, like www.example.net, instead of an address like 10.10.10.254. a name, like www.example.net, instead of an address like 10.10.10.254.
If you prefer to use names to address the endpoints in your kolla If you prefer to use names to address the endpoints in your kolla
deployment use the variables: deployment use the variables:
- kolla_internal_fqdn - kolla_internal_fqdn
- kolla_external_fqdn - kolla_external_fqdn
:: ::
kolla_internal_fqdn: inside.mykolla.example.net kolla_internal_fqdn: inside.mykolla.example.net
@ -71,10 +71,12 @@ and responses.
be different to enable TLS on the external network. be different to enable TLS on the external network.
The configuration variables that control TLS networking are: The configuration variables that control TLS networking are:
- kolla_enable_tls_external - kolla_enable_tls_external
- kolla_external_fqdn_cert - kolla_external_fqdn_cert
The default for TLS is disabled; to enable TLS networking: The default for TLS is disabled; to enable TLS networking:
:: ::
kolla_enable_tls_external: "yes" kolla_enable_tls_external: "yes"
@ -95,12 +97,13 @@ These two files will be provided by your Certificate Authority. These
two files are the server certificate with private key and the CA certificate two files are the server certificate with private key and the CA certificate
with any intermediate certificates. The server certificate needs to be with any intermediate certificates. The server certificate needs to be
installed with the kolla deployment and is configured with the installed with the kolla deployment and is configured with the
kolla_external_fqdn_cert parameter. If the server certificate provided ``kolla_external_fqdn_cert`` parameter. If the server certificate provided
is not already trusted by the client, then the CA certificate file will is not already trusted by the client, then the CA certificate file will
need to be distributed to the client. need to be distributed to the client.
When using TLS to connect to a public endpoint, an OpenStack client will When using TLS to connect to a public endpoint, an OpenStack client will
have settings similar to this: have settings similar to this:
:: ::
export OS_PROJECT_DOMAIN_ID=default export OS_PROJECT_DOMAIN_ID=default
@ -123,14 +126,15 @@ trust CA, for example a development or internal test kolla deployment. In
these cases it can be useful to have a self-signed certificate to use. these cases it can be useful to have a self-signed certificate to use.
For convenience, the kolla-ansible command will generate the necessary For convenience, the kolla-ansible command will generate the necessary
certificate files based on the information in the globals.yml configuration certificate files based on the information in the ``globals.yml``
file. configuration file:
:: ::
kolla-ansible certificates kolla-ansible certificates
The files haproxy.pem and haproxy-ca.pem will be generated and stored The files haproxy.pem and haproxy-ca.pem will be generated and stored
in the /etc/kolla/certificates/ directory. in the ``/etc/kolla/certificates/`` directory.
Deployment Configuration Deployment Configuration
======================== ========================
@ -143,11 +147,11 @@ OpenStack Service Configuration in Kolla
.. NOTE:: As of now kolla only supports config overrides for ini based configs. .. NOTE:: As of now kolla only supports config overrides for ini based configs.
Kolla allows deployer to override configuration of services. Kolla will look Kolla allows deployer to override configuration of services. Kolla will look
for file in `/etc/kolla/config/<< sevice name >>/<< config file >>`. This can for file in ``/etc/kolla/config/<< sevice name >>/<< config file >>``. This can
be done per-project, per-service or per-service-on-specified-host. be done per-project, per-service or per-service-on-specified-host.
For example to override scheduler_max_attempts in nova scheduler, the operator For example to override scheduler_max_attempts in nova scheduler, the operator
need to create `/etc/kolla/config/nova/nova-scheduler.conf with content`: need to create ``/etc/kolla/config/nova/nova-scheduler.conf`` with content:
:: ::
@ -156,7 +160,7 @@ need to create `/etc/kolla/config/nova/nova-scheduler.conf with content`:
If the operator wants to configure compute node ram allocation ratio If the operator wants to configure compute node ram allocation ratio
on host myhost, the operator needs to create file on host myhost, the operator needs to create file
`/etc/kolla/config/nova/myhost/nova.conf` with content: ``/etc/kolla/config/nova/myhost/nova.conf`` with content:
:: ::
@ -164,7 +168,7 @@ on host myhost, the operator needs to create file
ram_allocation_ratio = 5.0 ram_allocation_ratio = 5.0
The operator can make these changes after services were already deployed by using The operator can make these changes after services were already deployed by using
following command. following command:
:: ::
kolla-ansible reconfigure kolla-ansible reconfigure