From da02f1b38b4c6a4c00c2b48335ead732d6846b70 Mon Sep 17 00:00:00 2001 From: blsaws Date: Fri, 29 Jan 2016 15:07:08 -0800 Subject: Baseline of the featureconfig.rst file JIRA: COPPER-7 Change-Id: I13820a26f09a5c5a002700ee22da5976f49f04e3 Signed-off-by: blsaws --- docs/configguide/featureconfig.rst | 396 +++++++++++++++++++++++++++++++++++-- 1 file changed, 381 insertions(+), 15 deletions(-) diff --git a/docs/configguide/featureconfig.rst b/docs/configguide/featureconfig.rst index 9189902..618cc7c 100644 --- a/docs/configguide/featureconfig.rst +++ b/docs/configguide/featureconfig.rst @@ -1,24 +1,390 @@ - configuration -======================= -Add a brief introduction to configure OPNFV with this specific feature including -dependancies on platform components, this description should be at a level that -will apply to any installer providing the pre-requisite components. +Copper configuration +==================== +This release focused on use of the OpenStack Congress service for managing +configuration policy. The Congress install procedure described here is largely +manual. This procedure, as well as the longer-term goal of automated installer +support, is a work in progress. The procedure is further specific to one OPNFV +installer (JOID, i.e. MAAS/JuJu) based environment. Support for other OPNFV +installer deployed environments is also a work in progress. Pre-configuration activities ---------------------------- -Describe specific pre-configuration activities. This should include ensuring the -right components are installed by the installation tools as required for your -feature to function. Refer to the previous installer configuration chapters, -installations guide and release notes +This procedure assumes OPNFV has been installed via the JOID installer. Hardware configuration ---------------------- -Describe the hardware configuration needed for this specific feature +There is no specific hardware configuration required for the Copper project. Feature configuration --------------------- -Describe the procedures to configure your feature on the platform in order -that it is ready to use according to the feature instructions in the platform -user guide. Where applicable you should add content in the postinstall.rst -to validate the feature is configured for use. -(checking components are installed correctly etc...) +Following are instructions for installing Congress on an Ubuntu 14.04 LXC +container in the OPNFV Controller node, as installed by the JOID installer. +This guide uses instructions from the `Congress intro guide on readthedocs `_. +Specific values below will need to be modified if you intend to repeat this +procedure in your JOID-based install environment. + +Install base VM for congress on controller node +............................................... + +.. code:: + + sudo juju ssh ubuntu@192.168.10.21 + +Clone the container +................... + +.. code:: + + sudo lxc-clone -o juju-trusty-lxc-template -n juju-trusty-congress + +Start the container +................... + +.. code:: + + sudo lxc-start -n juju-trusty-congress -d + +Get the container IP address +............................ + +.. code:: + + sudo lxc-info -n juju-trusty-congress + +If you need to start over +......................... + +.. code:: + + sudo lxc-destroy --name juju-trusty-congress + +Exit from controller (back to jumphost) and login to congress container +....................................................................... + +.. code:: + + sudo juju ssh ubuntu@192.168.10.117 + +Update package repos +.................... + +.. code:: + + sudo apt-get update + +Setup environment variables +........................... + +.. code:: + + export CONGRESS_HOST=192.168.10.106 + export KEYSTONE_HOST=192.168.10.119 + export CEILOMETER_HOST=192.168.10.116 + export CINDER_HOST=192.168.10.117 + export GLANCE_HOST=192.168.10.118 + export NEUTRON_HOST=192.168.10.125 + export NOVA_HOST=192.168.10.121 + +Install pip +........... + +.. code:: + + sudo apt-get install python-pip -y + +Install java +............ + +.. code:: + + sudo apt-get install default-jre -y + +Install other dependencies +.......................... + +.. code:: + + # when prompted, set and remember mysql root user password + sudo apt-get install git gcc python-dev libxml2 libxslt1-dev libzip-dev \ + mysql-server python-mysqldb -y + sudo pip install virtualenv + +Clone congress +.............. + +.. code:: + + git clone https://github.com/openstack/congress.git + cd congress + git checkout stable/liberty + +Create virtualenv +................. + +.. code:: + + virtualenv ~/congress + source bin/activate + +Setup Congress +.............. + +.. code:: + + sudo mkdir -p /etc/congress + sudo mkdir -p /etc/congress/snapshot + sudo mkdir /var/log/congress + sudo chown ubuntu /var/log/congress + sudo cp etc/api-paste.ini /etc/congress + sudo cp etc/policy.json /etc/congress + +Install requirements.txt and tox dependencies +............................................. + +The need for this stepo was detected by errors during "tox -egenconfig". + +.. code:: + + sudo apt-get install libffi-dev -y + sudo apt-get install openssl -y + sudo apt-get install libssl-dev -y + +Install dependencies in virtualenv +.................................. + +.. code:: + + pip install -r requirements.txt + python setup.py install + +Install tox +........... + +.. code:: + + pip install tox + +Generate congress.conf.sample +............................. + +.. code:: + + tox -egenconfig + +Edit congress.conf.sample as needed +................................... + +.. code:: + + sed -i -- 's/#verbose = true/verbose = true/g' etc/congress.conf.sample + sed -i -- 's/#log_file = /log_file = congress.log/g' \ + etc/congress.conf.sample + sed -i -- 's/#log_dir = /log_dir = \/var\/log\/congress/g' \ + etc/congress.conf.sample + sed -i -- 's/#bind_host = 0.0.0.0/bind_host = 192.168.10.117/g' \ + etc/congress.conf.sample + sed -i -- 's/#policy_path = /policy_path = \ + \/etc\/congress\/snapshot/g' etc/congress.conf.sample + sed -i -- 's/#auth_strategy = keystone/auth_strategy = noauth/g' \ + etc/congress.conf.sample + sed -i -- 's/#drivers =/drivers =\ + congress.datasources.neutronv2_driver.NeutronV2Driver,\ + congress.datasources.glancev2_driver.GlanceV2Driver,\ + congress.datasources.nova_driver.NovaDriver,\ + congress.datasources.keystone_driver.KeystoneDriver,\ + congress.datasources.ceilometer_driver.CeilometerDriver,\ + congress.datasources.cinder_driver.CinderDriver/g' etc/congress.conf.sample + sed -i -- 's/#auth_host = 127.0.0.1/auth_host = 192.168.10.108/g' \ + etc/congress.conf.sample + sed -i -- 's/#auth_port = 35357/auth_port = 35357/g' etc/congress.conf.sample + sed -i -- 's/#auth_protocol = https/auth_protocol = http/g' \ + etc/congress.conf.sample + sed -i -- 's/#admin_tenant_name = admin/admin_tenant_name = admin/g' \ + etc/congress.conf.sample + sed -i -- 's/#admin_user = /admin_user = congress/g' \ + etc/congress.conf.sample + sed -i -- 's/#admin_password = /admin_password = congress/g' \ + etc/congress.conf.sample + sed -i -- 's/#connection = /connection = mysql:\/\/ubuntu:\ + @localhost:3306\/congress/g' etc/congress.conf.sample + +Copy congress.conf.sample to /etc/congress +.......................................... + +.. code:: + + sudo cp etc/congress.conf.sample /etc/congress/congress.conf + +Create congress database +........................ + +.. code:: + + sudo mysql -u root -p + CREATE DATABASE congress; + GRANT ALL PRIVILEGES ON congress.* TO 'ubuntu'@'localhost' \ + IDENTIFIED BY ''; + GRANT ALL PRIVILEGES ON congress.* TO 'ubuntu'@'%' IDENTIFIED \ + BY ''; + exit + +Install congress-db-manage dependencies +....................................... + +The need for this step was detected by errors in subsequent steps. + +.. code:: + + sudo apt-get build-dep python-mysqldb -y + pip install MySQL-python + +Create database schema +...................... + +.. code:: + + congress-db-manage --config-file /etc/congress/congress.conf upgrade head + +Install dependencies of OpenStack, Congress, Keystone client operations +....................................................................... + +.. code:: + + pip install python-openstackclient + pip install python-congressclient + pip install python-keystoneclient + +Execute admin-openrc.sh as downloaded from Horizon +.................................................. + +.. code:: + + source ~/admin-openrc.sh + +Setup Congress user +................... + +TODO: needs update in `Congress intro in readthedocs < http://congress.readthedocs.org/en/latest/readme.html#installing-congress>`_. + +.. code:: + + pip install cliff --upgrade + export ADMIN_ROLE=$(openstack role list | \ + awk "/ Admin / { print \$2 }") + export SERVICE_TENANT=$(openstack project list | \ + awk "/ admin / { print \$2 }") + openstack user create --password congress --project admin \ + --email "congress@example.com" congress + export CONGRESS_USER=$(openstack user list | \ + awk "/ congress / { print \$2 }") + openstack role add $ADMIN_ROLE --user $CONGRESS_USER \ + --project $SERVICE_TENANT + +Create Congress service +....................... + +.. code:: + + openstack service create congress --type "policy" \ + --description "Congress Service" + export CONGRESS_SERVICE=$(openstack service list | \ + awk "/ congress / { print \$2 }") + +Create Congress endpoint +........................ + +.. code:: + + openstack endpoint create $CONGRESS_SERVICE \ + --region $OS_REGION_NAME \ + --publicurl http://$CONGRESS_HOST:1789/ \ + --adminurl http://$CONGRESS_HOST:1789/ \ + --internalurl http://$CONGRESS_HOST:1789/ + +Start the Congress service in the background +............................................ + +.. code:: + + bin/congress-server & + # disown the process (so it keeps running if you get disconnected) + disown -h %1 + +Create data sources +................... + +To remove datasources: openstack congress datasource delete + +It's probably good to do these commands in a new terminal tab, as the +congress server log from the last command will be flooding your original +terminal screen. + +.. code:: + + openstack congress datasource create nova "nova" \ + --config username=$OS_USERNAME \ + --config tenant_name=$OS_TENANT_NAME \ + --config password=$OS_PASSWORD \ + --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 + openstack congress datasource create neutronv2 "neutronv2" \ + --config username=$OS_USERNAME \ + --config tenant_name=$OS_TENANT_NAME \ + --config password=$OS_PASSWORD \ + --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 + openstack congress datasource create ceilometer "ceilometer" \ + --config username=$OS_USERNAME \ + --config tenant_name=$OS_TENANT_NAME \ + --config password=$OS_PASSWORD \ + --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 + openstack congress datasource create cinder "cinder" \ + --config username=$OS_USERNAME \ + --config tenant_name=$OS_TENANT_NAME \ + --config password=$OS_PASSWORD \ + --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 + openstack congress datasource create glancev2 "glancev2" \ + --config username=$OS_USERNAME \ + --config tenant_name=$OS_TENANT_NAME \ + --config password=$OS_PASSWORD \ + --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 + openstack congress datasource create keystone "keystone" \ + --config username=$OS_USERNAME \ + --config tenant_name=$OS_TENANT_NAME \ + --config password=$OS_PASSWORD \ + --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 + +Run Congress Tempest Tests +.......................... + +.. code:: + + tox -epy27 + +Restarting after server power loss etc +...................................... + +Currently this install procedure is manual. Automated install and restoral \ +after host recovery is TBD. For now, this procedure will get the Congress \ +service running again. + +.. code:: + + # On jumphost, SSH to Congress server + sudo juju ssh ubuntu@192.168.10.117 + # If that fails + # On jumphost, SSH to controller node + sudo juju ssh ubuntu@192.168.10.119 + # Start the Congress container + sudo lxc-start -n juju-trusty-congress -d + # Verify the Congress container status + sudo lxc-ls -f juju-trusty-congress + NAME STATE IPV4 IPV6 GROUPS AUTOSTART + ---------------------------------------------------------------------- + juju-trusty-congress RUNNING 192.168.10.117 - - NO + # exit back to the Jumphost, wait a minute, and go back to the \ + "SSH to Congress server" step above + # On the Congress server that you have logged into + source ~/admin-openrc.sh + cd congress + source bin/activate + bin/congress-server & + disown -h %1 -- cgit 1.2.3-korg