aboutsummaryrefslogtreecommitdiffstats
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/configurationguide/index.rst198
1 files changed, 0 insertions, 198 deletions
diff --git a/docs/configurationguide/index.rst b/docs/configurationguide/index.rst
deleted file mode 100644
index 4001a63e..00000000
--- a/docs/configurationguide/index.rst
+++ /dev/null
@@ -1,198 +0,0 @@
-.. This work is licensed under a Creative Commons Attribution 4.0 International License.
-.. http://creativecommons.org/licenses/by/4.0
-.. (c) ruan.he@orange.com & thomas.duval@orange.com
-
-******************************
-OPNFV MOON configuration guide
-******************************
-
-.. toctree::
- :numbered:
- :maxdepth: 2
-
-
-============
-Introduction
-============
-
-Moon must be configured through the standard Keystone configuration files and the standard KeystoneMiddleware configuration files:
-* /etc/keystone/keystone-paste.ini
-* /etc/keystone/keystone.conf
-* /etc/nova/api-paste.ini
-* /etc/swift/proxy-server.conf
-
-There is no other custom configuration file.
-
-=============
-Configuration
-=============
-
-Keystone
-========
-
-For Keystone, the following files must be configured, some modifications may be needed, specially passwords:
-
-/etc/keystone/keystone-paste.ini
-
-.. code-block:: bash
-
- sudo cp /etc/keystone/keystone-paste.ini /etc/keystone/keystone-paste.ini.bak
- sudo sed "3i[pipeline:moon_pipeline]\npipeline = sizelimit url_normalize request_id build_auth_context token_auth admin_token_auth json_body ec2_extension_v3 s3_extension moon_service\n\n[app:moon_service]\nuse = egg:keystone#moon_service\n" /etc/keystone/keystone-paste.ini > /tmp/keystone-paste.ini
- sudo cp /tmp/keystone-paste.ini /etc/keystone/keystone-paste.ini
- sudo sed "s/use = egg:Paste#urlmap/use = egg:Paste#urlmap\n\/moon = moon_pipeline/" /etc/keystone/keystone-paste.ini > /tmp/keystone-paste.ini
- sudo cp /tmp/keystone-paste.ini /etc/keystone/keystone-paste.ini
-
-/etc/keystone/keystone.conf
-
-.. code-block:: bash
-
- cat << EOF | sudo tee -a /etc/keystone/keystone.conf
- [moon]
-
- # Configuration backend driver
- configuration_driver = keystone.contrib.moon.backends.memory.ConfigurationConnector
-
- # Tenant backend driver
- tenant_driver = keystone.contrib.moon.backends.sql.TenantConnector
-
- # Authorisation backend driver
- authz_driver = keystone.contrib.moon.backends.flat.SuperExtensionConnector
-
- # IntraExtension backend driver
- intraextension_driver = keystone.contrib.moon.backends.sql.IntraExtensionConnector
-
- # InterExtension backend driver
- interextension_driver = keystone.contrib.moon.backends.sql.InterExtensionConnector
-
- # Logs backend driver
- log_driver = keystone.contrib.moon.backends.flat.LogConnector
-
- # Local directory where all policies are stored
- policy_directory = /etc/keystone/policies
-
- # Local directory where Root IntraExtension configuration is stored
- root_policy_directory = policy_root
-
- # URL of the Moon master
- master = 'http://localhost:35357/'
-
- # Login of the Moon master
- master_login = 'admin'
-
- # Password of the Moon master
- master_password = 'nomoresecrete'
- EOF
-
-
-The logging system must be configured :
-
-.. code-block:: bash
-
- sudo mkdir /var/log/moon/
- sudo chown keystone /var/log/moon/
-
- sudo addgroup moonlog
-
- sudo chgrp moonlog /var/log/moon/
-
- sudo touch /var/log/moon/keystonemiddleware.log
- sudo touch /var/log/moon/system.log
-
- sudo chgrp moonlog /var/log/moon/keystonemiddleware.log
- sudo chgrp moonlog /var/log/moon/system.log
- sudo chmod g+rw /var/log/moon
- sudo chmod g+rw /var/log/moon/keystonemiddleware.log
- sudo chmod g+rw /var/log/moon/system.log
-
- sudo adduser keystone moonlog
- sudo adduser swift moonlog
- sudo adduser nova moonlog
-
-The Keystone database must be updated:
-
-.. code-block:: bash
-
- sudo /usr/bin/keystone-manage db_sync
- sudo /usr/bin/keystone-manage db_sync --extension moon
-
-And, Apache must be restarted:
-
-.. code-block:: bash
-
- sudo systemctl restart apache.service
-
-Nova
-====
-
-In order to Nova to be able to communicate with Keystone-Moon, you must update the Nova KeystoneMiddleware configuration file.
-To achieve this, a new filter must be added in `/etc/nova/api-paste.ini` and this filter must be added to the composite data.
-The filter is:
-
-.. code-block:: bash
-
- [filter:moon]
- paste.filter_factory = keystonemiddleware.moon_agent:filter_factory
- authz_login=admin
- authz_password=password
- logfile=/var/log/moon/keystonemiddleware.log
-
-Here is some bash lines to insert this into the Nova configuration file:
-
-.. code-block:: bash
-
- sudo cp /etc/nova/api-paste.ini /etc/nova/api-paste.ini.bak2
- sudo sed "/^keystone = / s/keystonecontext/keystonecontext moon/" /etc/nova/api-paste.ini > /tmp/api-paste.ini
- sudo cp /tmp/api-paste.ini /etc/nova/api-paste.ini
-
- echo -e "\n[filter:moon]\npaste.filter_factory = keystonemiddleware.moon_agent:filter_factory\nauthz_login=admin\nauthz_password=password\nlogfile=/var/log/moon/keystonemiddleware.log\n" | sudo tee -a /etc/nova/api-paste.ini
-
-Nova can then be restarted:
-
-.. code-block:: bash
-
- for service in nova-compute nova-api nova-cert nova-conductor nova-consoleauth nova-scheduler ; do
- sudo service ${service} restart
- done
-
-Swift
-=====
-
-In order to Swift to be able to communicate with Keystone-Moon, you must update the Swift KeystoneMiddleware configuration file.
-To achieve this, a new filter must be added in `/etc/swift/proxy-server.conf` and this filter must be added to the composite data.
-The filter is (exactly the same as Nova):
-
-.. code-block:: bash
-
- [filter:moon]
- paste.filter_factory = keystonemiddleware.moon_agent:filter_factory
- authz_login=admin
- authz_password=password
- logfile=/var/log/moon/keystonemiddleware.log
-
-Here is some bash lines to insert this into the Nova configuration file:
-
-.. code-block:: bash
-
- sudo cp /etc/swift/proxy-server.conf /etc/swift/proxy-server.conf.bak2
- sudo sed "/^pipeline = / s/proxy-server/moon proxy-server/" /etc/swift/proxy-server.conf > /tmp/proxy-server.conf
- sudo cp /tmp/proxy-server.conf /etc/swift/proxy-server.conf
-
- echo -e "\n[filter:moon]\npaste.filter_factory = keystonemiddleware.moon_agent:filter_factory\nauthz_login=admin\nauthz_password=password\nlogfile=/var/log/moon/keystonemiddleware.log\n" | sudo tee -a /etc/swift/proxy-server.conf
-
-Swift can then be restarted:
-
-.. code-block:: bash
-
- for service in swift-account swift-account-replicator \
- swift-container-replicator swift-object swift-object-updater \
- swift-account-auditor swift-container swift-container-sync \
- swift-object-auditor swift-proxy swift-account-reaper swift-container-auditor \
- swift-container-updater swift-object-replicator ; do
- sudo service ${service} status
- done
-
-
-
-Revision: _sha1_
-
-Build date: |today| \ No newline at end of file