Copper configuration ==================== This release focused on use of the OpenStack Congress service for managing configuration policy. The Congress install procedure described here is largely manual. This procedure, as well as the longer-term goal of automated installer support, is a work in progress. The procedure is further specific to one OPNFV installer (JOID, i.e. MAAS/JuJu) based environment. Support for other OPNFV installer deployed environments is also a work in progress. Pre-configuration activities ---------------------------- This procedure assumes OPNFV has been installed via the JOID installer. Hardware configuration ---------------------- There is no specific hardware configuration required for the Copper project. Feature configuration --------------------- Following are instructions for installing Congress on an Ubuntu 14.04 LXC container in the OPNFV Controller node, as installed by the JOID installer. This guide uses instructions from the `Congress intro guide on readthedocs `_. Specific values below will need to be modified if you intend to repeat this procedure in your JOID-based install environment. Install base VM for congress on controller node ............................................... .. code:: sudo juju ssh ubuntu@192.168.10.21 Clone the container ................... .. code:: sudo lxc-clone -o juju-trusty-lxc-template -n juju-trusty-congress Start the container ................... .. code:: sudo lxc-start -n juju-trusty-congress -d Get the container IP address ............................ .. code:: sudo lxc-info -n juju-trusty-congress If you need to start over ......................... .. code:: sudo lxc-destroy --name juju-trusty-congress Exit from controller (back to jumphost) and login to congress container ....................................................................... .. code:: sudo juju ssh ubuntu@192.168.10.117 Update package repos .................... .. code:: sudo apt-get update Setup environment variables ........................... .. code:: export CONGRESS_HOST=192.168.10.106 export KEYSTONE_HOST=192.168.10.119 export CEILOMETER_HOST=192.168.10.116 export CINDER_HOST=192.168.10.117 export GLANCE_HOST=192.168.10.118 export NEUTRON_HOST=192.168.10.125 export NOVA_HOST=192.168.10.121 Install pip ........... .. code:: sudo apt-get install python-pip -y Install java ............ .. code:: sudo apt-get install default-jre -y Install other dependencies .......................... .. code:: # when prompted, set and remember mysql root user password sudo apt-get install git gcc python-dev libxml2 libxslt1-dev libzip-dev \ mysql-server python-mysqldb -y sudo pip install virtualenv Clone congress .............. .. code:: git clone https://github.com/openstack/congress.git cd congress git checkout stable/liberty Create virtualenv ................. .. code:: virtualenv ~/congress source bin/activate Setup Congress .............. .. code:: sudo mkdir -p /etc/congress sudo mkdir -p /etc/congress/snapshot sudo mkdir /var/log/congress sudo chown ubuntu /var/log/congress sudo cp etc/api-paste.ini /etc/congress sudo cp etc/policy.json /etc/congress Install requirements.txt and tox dependencies ............................................. The need for this stepo was detected by errors during "tox -egenconfig". .. code:: sudo apt-get install libffi-dev -y sudo apt-get install openssl -y sudo apt-get install libssl-dev -y Install dependencies in virtualenv .................................. .. code:: pip install -r requirements.txt python setup.py install Install tox ........... .. code:: pip install tox Generate congress.conf.sample ............................. .. code:: tox -egenconfig Edit congress.conf.sample as needed ................................... .. code:: sed -i -- 's/#verbose = true/verbose = true/g' etc/congress.conf.sample sed -i -- 's/#log_file = /log_file = congress.log/g' \ etc/congress.conf.sample sed -i -- 's/#log_dir = /log_dir = \/var\/log\/congress/g' \ etc/congress.conf.sample sed -i -- 's/#bind_host = 0.0.0.0/bind_host = 192.168.10.117/g' \ etc/congress.conf.sample sed -i -- 's/#policy_path = /policy_path = \ \/etc\/congress\/snapshot/g' etc/congress.conf.sample sed -i -- 's/#auth_strategy = keystone/auth_strategy = noauth/g' \ etc/congress.conf.sample sed -i -- 's/#drivers =/drivers =\ congress.datasources.neutronv2_driver.NeutronV2Driver,\ congress.datasources.glancev2_driver.GlanceV2Driver,\ congress.datasources.nova_driver.NovaDriver,\ congress.datasources.keystone_driver.KeystoneDriver,\ congress.datasources.ceilometer_driver.CeilometerDriver,\ congress.datasources.cinder_driver.CinderDriver/g' etc/congress.conf.sample sed -i -- 's/#auth_host = 127.0.0.1/auth_host = 192.168.10.108/g' \ etc/congress.conf.sample sed -i -- 's/#auth_port = 35357/auth_port = 35357/g' etc/congress.conf.sample sed -i -- 's/#auth_protocol = https/auth_protocol = http/g' \ etc/congress.conf.sample sed -i -- 's/#admin_tenant_name = admin/admin_tenant_name = admin/g' \ etc/congress.conf.sample sed -i -- 's/#admin_user = /admin_user = congress/g' \ etc/congress.conf.sample sed -i -- 's/#admin_password = /admin_password = congress/g' \ etc/congress.conf.sample sed -i -- 's/#connection = /connection = mysql:\/\/ubuntu:\ @localhost:3306\/congress/g' etc/congress.conf.sample Copy congress.conf.sample to /etc/congress .......................................... .. code:: sudo cp etc/congress.conf.sample /etc/congress/congress.conf Create congress database ........................ .. code:: sudo mysql -u root -p CREATE DATABASE congress; GRANT ALL PRIVILEGES ON congress.* TO 'ubuntu'@'localhost' \ IDENTIFIED BY ''; GRANT ALL PRIVILEGES ON congress.* TO 'ubuntu'@'%' IDENTIFIED \ BY ''; exit Install congress-db-manage dependencies ....................................... The need for this step was detected by errors in subsequent steps. .. code:: sudo apt-get build-dep python-mysqldb -y pip install MySQL-python Create database schema ...................... .. code:: congress-db-manage --config-file /etc/congress/congress.conf upgrade head Install dependencies of OpenStack, Congress, Keystone client operations ....................................................................... .. code:: pip install python-openstackclient pip install python-congressclient pip install python-keystoneclient Execute admin-openrc.sh as downloaded from Horizon .................................................. .. code:: source ~/admin-openrc.sh Setup Congress user ................... TODO: needs update in `Congress intro in readthedocs < http://congress.readthedocs.org/en/latest/readme.html#installing-congress>`_. .. code:: pip install cliff --upgrade export ADMIN_ROLE=$(openstack role list | \ awk "/ Admin / { print \$2 }") export SERVICE_TENANT=$(openstack project list | \ awk "/ admin / { print \$2 }") openstack user create --password congress --project admin \ --email "congress@example.com" congress export CONGRESS_USER=$(openstack user list | \ awk "/ congress / { print \$2 }") openstack role add $ADMIN_ROLE --user $CONGRESS_USER \ --project $SERVICE_TENANT Create Congress service ....................... .. code:: openstack service create congress --type "policy" \ --description "Congress Service" export CONGRESS_SERVICE=$(openstack service list | \ awk "/ congress / { print \$2 }") Create Congress endpoint ........................ .. code:: openstack endpoint create $CONGRESS_SERVICE \ --region $OS_REGION_NAME \ --publicurl http://$CONGRESS_HOST:1789/ \ --adminurl http://$CONGRESS_HOST:1789/ \ --internalurl http://$CONGRESS_HOST:1789/ Start the Congress service in the background ............................................ .. code:: bin/congress-server & # disown the process (so it keeps running if you get disconnected) disown -h %1 Create data sources ................... To remove datasources: openstack congress datasource delete It's probably good to do these commands in a new terminal tab, as the congress server log from the last command will be flooding your original terminal screen. .. code:: openstack congress datasource create nova "nova" \ --config username=$OS_USERNAME \ --config tenant_name=$OS_TENANT_NAME \ --config password=$OS_PASSWORD \ --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 openstack congress datasource create neutronv2 "neutronv2" \ --config username=$OS_USERNAME \ --config tenant_name=$OS_TENANT_NAME \ --config password=$OS_PASSWORD \ --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 openstack congress datasource create ceilometer "ceilometer" \ --config username=$OS_USERNAME \ --config tenant_name=$OS_TENANT_NAME \ --config password=$OS_PASSWORD \ --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 openstack congress datasource create cinder "cinder" \ --config username=$OS_USERNAME \ --config tenant_name=$OS_TENANT_NAME \ --config password=$OS_PASSWORD \ --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 openstack congress datasource create glancev2 "glancev2" \ --config username=$OS_USERNAME \ --config tenant_name=$OS_TENANT_NAME \ --config password=$OS_PASSWORD \ --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 openstack congress datasource create keystone "keystone" \ --config username=$OS_USERNAME \ --config tenant_name=$OS_TENANT_NAME \ --config password=$OS_PASSWORD \ --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 Run Congress Tempest Tests .......................... .. code:: tox -epy27 Restarting after server power loss etc ...................................... Currently this install procedure is manual. Automated install and restoral \ after host recovery is TBD. For now, this procedure will get the Congress \ service running again. .. code:: # On jumphost, SSH to Congress server sudo juju ssh ubuntu@192.168.10.117 # If that fails # On jumphost, SSH to controller node sudo juju ssh ubuntu@192.168.10.119 # Start the Congress container sudo lxc-start -n juju-trusty-congress -d # Verify the Congress container status sudo lxc-ls -f juju-trusty-congress NAME STATE IPV4 IPV6 GROUPS AUTOSTART ---------------------------------------------------------------------- juju-trusty-congress RUNNING 192.168.10.117 - - NO # exit back to the Jumphost, wait a minute, and go back to the \ "SSH to Congress server" step above # On the Congress server that you have logged into source ~/admin-openrc.sh cd congress source bin/activate bin/congress-server & disown -h %1