From 3a93b123acc72119c68287ba34d68e93a52c384d Mon Sep 17 00:00:00 2001 From: Petr Kovar Date: Fri, 3 Jun 2016 17:50:26 +0200 Subject: Add install-guide for heat This adds heat-specific contents of the OpenStack Installation Guide in the heat repo per [1]. A separate change will remove the heat contents from the OpenStack Installation Guide for Newton per [2]. The heat install-guide structure is based on Install Guide Cookiecutter [3]. Also adds tox.ini environment for install-guide and adds openstackdocs-theme to test-requirements.txt. [1] http://specs.openstack.org/openstack/docs-specs/specs/newton/project-specific-installguides.html [2] http://specs.openstack.org/openstack/docs-specs/specs/newton/installguide.html [3] https://review.openstack.org/#/c/314229/ Change-Id: I153b27dd17e5a22224bda473b19dbd76ca0cdc98 Partially-Implements: blueprint projectspecificinstallguides --- install-guide/source/conf.py | 299 ++++++++++++++++++++++ install-guide/source/get_started.rst | 37 +++ install-guide/source/index.rst | 18 ++ install-guide/source/install-debian.rst | 46 ++++ install-guide/source/install-obs.rst | 430 +++++++++++++++++++++++++++++++ install-guide/source/install-rdo.rst | 440 ++++++++++++++++++++++++++++++++ install-guide/source/install-ubuntu.rst | 436 +++++++++++++++++++++++++++++++ install-guide/source/install.rst | 20 ++ install-guide/source/next-steps.rst | 10 + install-guide/source/verify.rst | 36 +++ test-requirements.txt | 1 + tox.ini | 7 + 12 files changed, 1780 insertions(+) create mode 100644 install-guide/source/conf.py create mode 100644 install-guide/source/get_started.rst create mode 100644 install-guide/source/index.rst create mode 100644 install-guide/source/install-debian.rst create mode 100644 install-guide/source/install-obs.rst create mode 100644 install-guide/source/install-rdo.rst create mode 100644 install-guide/source/install-ubuntu.rst create mode 100644 install-guide/source/install.rst create mode 100644 install-guide/source/next-steps.rst create mode 100644 install-guide/source/verify.rst diff --git a/install-guide/source/conf.py b/install-guide/source/conf.py new file mode 100644 index 000000000..3db2f34c0 --- /dev/null +++ b/install-guide/source/conf.py @@ -0,0 +1,299 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# This file is execfile()d with the current directory set to its +# containing dir. +# +# Note that not all possible configuration values are present in this +# autogenerated file. +# +# All configuration values have a default; values that are commented out +# serve to show the default. + +import os +# import sys + + +import openstackdocstheme + +# If extensions (or modules to document with autodoc) are in another directory, +# add these directories to sys.path here. If the directory is relative to the +# documentation root, use os.path.abspath to make it absolute, like shown here. +# sys.path.insert(0, os.path.abspath('.')) + +# -- General configuration ------------------------------------------------ + +# If your documentation needs a minimal Sphinx version, state it here. +# needs_sphinx = '1.0' + +# Add any Sphinx extension module names here, as strings. They can be +# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom +# ones. +# TODO(ajaeger): enable PDF building, for example add 'rst2pdf.pdfbuilder' +# extensions = + +# Add any paths that contain templates here, relative to this directory. +# templates_path = ['_templates'] + +# The suffix of source filenames. +source_suffix = '.rst' + +# The encoding of source files. +# source_encoding = 'utf-8-sig' + +# The master toctree document. +master_doc = 'index' + +# General information about the project. +project = u'Installation Guide for Orchestration Service' +bug_tag = u'install-guide' +copyright = u'2016, OpenStack contributors' + +# The version info for the project you're documenting, acts as replacement for +# |version| and |release|, also used in various other places throughout the +# built documents. +# +# The short X.Y version. +version = '0.1' +# The full version, including alpha/beta/rc tags. +release = '0.1' + +# A few variables have to be set for the log-a-bug feature. +# giturl: The location of conf.py on Git. Must be set manually. +# gitsha: The SHA checksum of the bug description. Automatically extracted from git log. +# bug_tag: Tag for categorizing the bug. Must be set manually. +# These variables are passed to the logabug code via html_context. +giturl = u'http://git.openstack.org/cgit/openstack/heat/tree/install-guide/source' +git_cmd = "/usr/bin/git log | head -n1 | cut -f2 -d' '" +gitsha = os.popen(git_cmd).read().strip('\n') +html_context = {"gitsha": gitsha, "bug_tag": bug_tag, + "giturl": giturl} + +# The language for content autogenerated by Sphinx. Refer to documentation +# for a list of supported languages. +# language = None + +# There are two options for replacing |today|: either, you set today to some +# non-false value, then it is used: +# today = '' +# Else, today_fmt is used as the format for a strftime call. +# today_fmt = '%B %d, %Y' + +# List of patterns, relative to source directory, that match files and +# directories to ignore when looking for source files. +exclude_patterns = [] + +# The reST default role (used for this markup: `text`) to use for all +# documents. +# default_role = None + +# If true, '()' will be appended to :func: etc. cross-reference text. +# add_function_parentheses = True + +# If true, the current module name will be prepended to all description +# unit titles (such as .. function::). +# add_module_names = True + +# If true, sectionauthor and moduleauthor directives will be shown in the +# output. They are ignored by default. +# show_authors = False + +# The name of the Pygments (syntax highlighting) style to use. +pygments_style = 'sphinx' + +# A list of ignored prefixes for module index sorting. +# modindex_common_prefix = [] + +# If true, keep warnings as "system message" paragraphs in the built documents. +# keep_warnings = False + + +# -- Options for HTML output ---------------------------------------------- + +# The theme to use for HTML and HTML Help pages. See the documentation for +# a list of builtin themes. +html_theme = 'openstackdocs' + +# Theme options are theme-specific and customize the look and feel of a theme +# further. For a list of options available for each theme, see the +# documentation. +# html_theme_options = {} + +# Add any paths that contain custom themes here, relative to this directory. +html_theme_path = [openstackdocstheme.get_html_theme_path()] + +# The name for this set of Sphinx documents. If None, it defaults to +# " v documentation". +# html_title = None + +# A shorter title for the navigation bar. Default is the same as html_title. +# html_short_title = None + +# The name of an image file (relative to this directory) to place at the top +# of the sidebar. +# html_logo = None + +# The name of an image file (within the static path) to use as favicon of the +# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 +# pixels large. +# html_favicon = None + +# Add any paths that contain custom static files (such as style sheets) here, +# relative to this directory. They are copied after the builtin static files, +# so a file named "default.css" will overwrite the builtin "default.css". +# html_static_path = [] + +# Add any extra paths that contain custom files (such as robots.txt or +# .htaccess) here, relative to this directory. These files are copied +# directly to the root of the documentation. +# html_extra_path = [] + +# If not '', a 'Last updated on:' timestamp is inserted at every page bottom, +# using the given strftime format. +# So that we can enable "log-a-bug" links from each output HTML page, this +# variable must be set to a format that includes year, month, day, hours and +# minutes. +html_last_updated_fmt = '%Y-%m-%d %H:%M' + + +# If true, SmartyPants will be used to convert quotes and dashes to +# typographically correct entities. +# html_use_smartypants = True + +# Custom sidebar templates, maps document names to template names. +# html_sidebars = {} + +# Additional templates that should be rendered to pages, maps page names to +# template names. +# html_additional_pages = {} + +# If false, no module index is generated. +# html_domain_indices = True + +# If false, no index is generated. +html_use_index = False + +# If true, the index is split into individual pages for each letter. +# html_split_index = False + +# If true, links to the reST sources are added to the pages. +html_show_sourcelink = False + +# If true, "Created using Sphinx" is shown in the HTML footer. Default is True. +# html_show_sphinx = True + +# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True. +# html_show_copyright = True + +# If true, an OpenSearch description file will be output, and all pages will +# contain a tag referring to it. The value of this option must be the +# base URL from which the finished HTML is served. +# html_use_opensearch = '' + +# This is the file name suffix for HTML files (e.g. ".xhtml"). +# html_file_suffix = None + +# Output file base name for HTML help builder. +htmlhelp_basename = 'install-guide' + +# If true, publish source files +html_copy_source = False + +# -- Options for LaTeX output --------------------------------------------- + +latex_elements = { + # The paper size ('letterpaper' or 'a4paper'). + # 'papersize': 'letterpaper', + + # The font size ('10pt', '11pt' or '12pt'). + # 'pointsize': '10pt', + + # Additional stuff for the LaTeX preamble. + # 'preamble': '', +} + +# Grouping the document tree into LaTeX files. List of tuples +# (source start file, target name, title, +# author, documentclass [howto, manual, or own class]). +latex_documents = [ + ('index', 'InstallGuide.tex', u'Install Guide', + u'OpenStack contributors', 'manual'), +] + +# The name of an image file (relative to this directory) to place at the top of +# the title page. +# latex_logo = None + +# For "manual" documents, if this is true, then toplevel headings are parts, +# not chapters. +# latex_use_parts = False + +# If true, show page references after internal links. +# latex_show_pagerefs = False + +# If true, show URL addresses after external links. +# latex_show_urls = False + +# Documents to append as an appendix to all manuals. +# latex_appendices = [] + +# If false, no module index is generated. +# latex_domain_indices = True + + +# -- Options for manual page output --------------------------------------- + +# One entry per manual page. List of tuples +# (source start file, name, description, authors, manual section). +man_pages = [ + ('index', 'installguide', u'Install Guide', + [u'OpenStack contributors'], 1) +] + +# If true, show URL addresses after external links. +# man_show_urls = False + + +# -- Options for Texinfo output ------------------------------------------- + +# Grouping the document tree into Texinfo files. List of tuples +# (source start file, target name, title, author, +# dir menu entry, description, category) +texinfo_documents = [ + ('index', 'InstallGuide', u'Install Guide', + u'OpenStack contributors', 'InstallGuide', + 'This guide shows OpenStack end users how to install ' + 'an OpenStack cloud.', 'Miscellaneous'), +] + +# Documents to append as an appendix to all manuals. +# texinfo_appendices = [] + +# If false, no module index is generated. +# texinfo_domain_indices = True + +# How to display URL addresses: 'footnote', 'no', or 'inline'. +# texinfo_show_urls = 'footnote' + +# If true, do not generate a @detailmenu in the "Top" node's menu. +# texinfo_no_detailmenu = False + +# -- Options for Internationalization output ------------------------------ +locale_dirs = ['locale/'] + +# -- Options for PDF output -------------------------------------------------- + +pdf_documents = [ + ('index', u'InstallGuide', u'Install Guide', + u'OpenStack contributors') +] diff --git a/install-guide/source/get_started.rst b/install-guide/source/get_started.rst new file mode 100644 index 000000000..b8f63128a --- /dev/null +++ b/install-guide/source/get_started.rst @@ -0,0 +1,37 @@ +============================== +Orchestration service overview +============================== + +The Orchestration service provides a template-based orchestration for +describing a cloud application by running OpenStack API calls to +generate running cloud applications. The software integrates other core +components of OpenStack into a one-file template system. The templates +allow you to create most OpenStack resource types such as instances, +floating IPs, volumes, security groups, and users. It also provides +advanced functionality such as instance high availability, instance +auto-scaling, and nested stacks. This enables OpenStack core projects to +receive a larger user base. + +The service allows deployers to integrate with the Orchestration service +directly or through custom plug-ins. + +The Orchestration service consists of the following components: + +``heat`` command-line client + A CLI that communicates with the ``heat-api`` to run AWS CloudFormation APIs. + End developers can directly use the Orchestration REST API. + +``heat-api`` component + An OpenStack-native REST API that processes API requests by sending + them to the ``heat-engine`` over Remote Procedure Call (RPC). + +``heat-api-cfn`` component + An AWS Query API that is compatible with AWS CloudFormation. It + processes API requests by sending them to the ``heat-engine`` over RPC. + +``heat-api-cloudwatch`` component + A CloudWatch-like API service to the heat project. + +``heat-engine`` + Orchestrates the launching of templates and provides events back to + the API consumer. diff --git a/install-guide/source/index.rst b/install-guide/source/index.rst new file mode 100644 index 000000000..63cf4b783 --- /dev/null +++ b/install-guide/source/index.rst @@ -0,0 +1,18 @@ +===================== +Orchestration service +===================== + +.. toctree:: + + get_started.rst + install.rst + verify.rst + next-steps.rst + +The Orchestration service (heat) uses a +`Heat Orchestration Template (HOT) `_ +to create and manage cloud resources. + +This chapter assumes a working setup of OpenStack following the +`OpenStack Installation Tutorial `_. + diff --git a/install-guide/source/install-debian.rst b/install-guide/source/install-debian.rst new file mode 100644 index 000000000..055b7f841 --- /dev/null +++ b/install-guide/source/install-debian.rst @@ -0,0 +1,46 @@ +.. _install-debian: + +Install and configure for Debian +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This section describes how to install and configure the Orchestration service +for Debian. + +Install and configure components +-------------------------------- + + +#. Run the following commands to install the packages: + + .. code-block:: console + + # apt-get install heat-api heat-api-cfn heat-engine python-heat-client + +#. Respond to prompts for debconf. + + .. :doc:`database management `, + :doc:`Identity service credentials `, + :doc:`service endpoint registration `, + and :doc:`message broker credentials `. + +#. Edit the ``/etc/heat/heat.conf`` file and complete the following + actions: + + * In the ``[ec2authtoken]`` section, configure Identity service access: + + .. code-block:: none + + [ec2authtoken] + ... + auth_uri = http://controller:5000/v2.0 + +Finalize installation +--------------------- + +1. Restart the Orchestration services: + + .. code-block:: console + + # service heat-api restart + # service heat-api-cfn restart + # service heat-engine restart diff --git a/install-guide/source/install-obs.rst b/install-guide/source/install-obs.rst new file mode 100644 index 000000000..c43316ff1 --- /dev/null +++ b/install-guide/source/install-obs.rst @@ -0,0 +1,430 @@ +.. _install-obs: + +Install and configure for openSUSE and SUSE Linux Enterprise +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This section describes how to install and configure the Orchestration service +for openSUSE Leap 42.1 and SUSE Linux Enterprise Server 12 SP1. + +Prerequisites +------------- + +Before you install and configure Orchestration, you must create a +database, service credentials, and API endpoints. Orchestration also +requires additional information in the Identity service. + +#. To create the database, complete these steps: + + * Use the database access client to connect to the database + server as the ``root`` user: + + .. code-block:: console + + $ mysql -u root -p + + * Create the ``heat`` database: + + .. code-block:: console + + CREATE DATABASE heat; + + * Grant proper access to the ``heat`` database: + + .. code-block:: console + + GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'localhost' \ + IDENTIFIED BY 'HEAT_DBPASS'; + GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'%' \ + IDENTIFIED BY 'HEAT_DBPASS'; + + Replace ``HEAT_DBPASS`` with a suitable password. + + * Exit the database access client. + +#. Source the ``admin`` credentials to gain access to + admin-only CLI commands: + + .. code-block:: console + + $ . admin-openrc + +#. To create the service credentials, complete these steps: + + * Create the ``heat`` user: + + .. code-block:: console + + $ openstack user create --domain default --password-prompt heat + User Password: + Repeat User Password: + +-----------+----------------------------------+ + | Field | Value | + +-----------+----------------------------------+ + | domain_id | e0353a670a9e496da891347c589539e9 | + | enabled | True | + | id | ca2e175b851943349be29a328cc5e360 | + | name | heat | + +-----------+----------------------------------+ + + * Add the ``admin`` role to the ``heat`` user: + + .. code-block:: console + + $ openstack role add --project service --user heat admin + + .. note:: + + This command provides no output. + + * Create the ``heat`` and ``heat-cfn`` service entities: + + .. code-block:: console + + $ openstack service create --name heat \ + --description "Orchestration" orchestration + +-------------+----------------------------------+ + | Field | Value | + +-------------+----------------------------------+ + | description | Orchestration | + | enabled | True | + | id | 727841c6f5df4773baa4e8a5ae7d72eb | + | name | heat | + | type | orchestration | + +-------------+----------------------------------+ + + $ openstack service create --name heat-cfn \ + --description "Orchestration" cloudformation + +-------------+----------------------------------+ + | Field | Value | + +-------------+----------------------------------+ + | description | Orchestration | + | enabled | True | + | id | c42cede91a4e47c3b10c8aedc8d890c6 | + | name | heat-cfn | + | type | cloudformation | + +-------------+----------------------------------+ + +#. Create the Orchestration service API endpoints: + + .. code-block:: console + + $ openstack endpoint create --region RegionOne \ + orchestration public http://controller:8004/v1/%\(tenant_id\)s + +--------------+-----------------------------------------+ + | Field | Value | + +--------------+-----------------------------------------+ + | enabled | True | + | id | 3f4dab34624e4be7b000265f25049609 | + | interface | public | + | region | RegionOne | + | region_id | RegionOne | + | service_id | 727841c6f5df4773baa4e8a5ae7d72eb | + | service_name | heat | + | service_type | orchestration | + | url | http://controller:8004/v1/%(tenant_id)s | + +--------------+-----------------------------------------+ + + $ openstack endpoint create --region RegionOne \ + orchestration internal http://controller:8004/v1/%\(tenant_id\)s + +--------------+-----------------------------------------+ + | Field | Value | + +--------------+-----------------------------------------+ + | enabled | True | + | id | 9489f78e958e45cc85570fec7e836d98 | + | interface | internal | + | region | RegionOne | + | region_id | RegionOne | + | service_id | 727841c6f5df4773baa4e8a5ae7d72eb | + | service_name | heat | + | service_type | orchestration | + | url | http://controller:8004/v1/%(tenant_id)s | + +--------------+-----------------------------------------+ + + $ openstack endpoint create --region RegionOne \ + orchestration admin http://controller:8004/v1/%\(tenant_id\)s + +--------------+-----------------------------------------+ + | Field | Value | + +--------------+-----------------------------------------+ + | enabled | True | + | id | 76091559514b40c6b7b38dde790efe99 | + | interface | admin | + | region | RegionOne | + | region_id | RegionOne | + | service_id | 727841c6f5df4773baa4e8a5ae7d72eb | + | service_name | heat | + | service_type | orchestration | + | url | http://controller:8004/v1/%(tenant_id)s | + +--------------+-----------------------------------------+ + + .. code-block:: console + + $ openstack endpoint create --region RegionOne \ + cloudformation public http://controller:8000/v1 + +--------------+----------------------------------+ + | Field | Value | + +--------------+----------------------------------+ + | enabled | True | + | id | b3ea082e019c4024842bf0a80555052c | + | interface | public | + | region | RegionOne | + | region_id | RegionOne | + | service_id | c42cede91a4e47c3b10c8aedc8d890c6 | + | service_name | heat-cfn | + | service_type | cloudformation | + | url | http://controller:8000/v1 | + +--------------+----------------------------------+ + + $ openstack endpoint create --region RegionOne \ + cloudformation internal http://controller:8000/v1 + +--------------+----------------------------------+ + | Field | Value | + +--------------+----------------------------------+ + | enabled | True | + | id | 169df4368cdc435b8b115a9cb084044e | + | interface | internal | + | region | RegionOne | + | region_id | RegionOne | + | service_id | c42cede91a4e47c3b10c8aedc8d890c6 | + | service_name | heat-cfn | + | service_type | cloudformation | + | url | http://controller:8000/v1 | + +--------------+----------------------------------+ + + $ openstack endpoint create --region RegionOne \ + cloudformation admin http://controller:8000/v1 + +--------------+----------------------------------+ + | Field | Value | + +--------------+----------------------------------+ + | enabled | True | + | id | 3d3edcd61eb343c1bbd629aa041ff88b | + | interface | internal | + | region | RegionOne | + | region_id | RegionOne | + | service_id | c42cede91a4e47c3b10c8aedc8d890c6 | + | service_name | heat-cfn | + | service_type | cloudformation | + | url | http://controller:8000/v1 | + +--------------+----------------------------------+ + +#. Orchestration requires additional information in the Identity service to + manage stacks. To add this information, complete these steps: + + * Create the ``heat`` domain that contains projects and users + for stacks: + + .. code-block:: console + + $ openstack domain create --description "Stack projects and users" heat + +-------------+----------------------------------+ + | Field | Value | + +-------------+----------------------------------+ + | description | Stack projects and users | + | enabled | True | + | id | 0f4d1bd326f2454dacc72157ba328a47 | + | name | heat | + +-------------+----------------------------------+ + + * Create the ``heat_domain_admin`` user to manage projects and users + in the ``heat`` domain: + + .. code-block:: console + + $ openstack user create --domain heat --password-prompt heat_domain_admin + User Password: + Repeat User Password: + +-----------+----------------------------------+ + | Field | Value | + +-----------+----------------------------------+ + | domain_id | 0f4d1bd326f2454dacc72157ba328a47 | + | enabled | True | + | id | b7bd1abfbcf64478b47a0f13cd4d970a | + | name | heat_domain_admin | + +-----------+----------------------------------+ + + * Add the ``admin`` role to the ``heat_domain_admin`` user in the + ``heat`` domain to enable administrative stack management + privileges by the ``heat_domain_admin`` user: + + .. code-block:: console + + $ openstack role add --domain heat --user-domain heat --user heat_domain_admin admin + + .. note:: + + This command provides no output. + + * Create the ``heat_stack_owner`` role: + + .. code-block:: console + + $ openstack role create heat_stack_owner + +-----------+----------------------------------+ + | Field | Value | + +-----------+----------------------------------+ + | domain_id | None | + | id | 15e34f0c4fed4e68b3246275883c8630 | + | name | heat_stack_owner | + +-----------+----------------------------------+ + + * Add the ``heat_stack_owner`` role to the ``demo`` project and user to + enable stack management by the ``demo`` user: + + .. code-block:: console + + $ openstack role add --project demo --user demo heat_stack_owner + + .. note:: + + This command provides no output. + + .. note:: + + You must add the ``heat_stack_owner`` role to each user + that manages stacks. + + * Create the ``heat_stack_user`` role: + + .. code-block:: console + + $ openstack role create heat_stack_user + +-----------+----------------------------------+ + | Field | Value | + +-----------+----------------------------------+ + | domain_id | None | + | id | 88849d41a55d4d1d91e4f11bffd8fc5c | + | name | heat_stack_user | + +-----------+----------------------------------+ + + .. note:: + + The Orchestration service automatically assigns the + ``heat_stack_user`` role to users that it creates + during stack deployment. By default, this role restricts + API operations. + To avoid conflicts, do not add + this role to users with the ``heat_stack_owner`` role. + +Install and configure components +-------------------------------- + +.. note:: + + Default configuration files vary by distribution. You might need + to add these sections and options rather than modifying existing + sections and options. Also, an ellipsis (``...``) in the configuration + snippets indicates potential default configuration options that you + should retain. + +#. Install the packages: + + .. code-block:: console + + # zypper install openstack-heat-api openstack-heat-api-cfn \ + openstack-heat-engine + +2. Edit the ``/etc/heat/heat.conf`` file and complete the following + actions: + + * In the ``[database]`` section, configure database access: + + .. code-block:: none + + [database] + ... + connection = mysql+pymysql://heat:HEAT_DBPASS@controller/heat + + Replace ``HEAT_DBPASS`` with the password you chose for the + Orchestration database. + + * In the ``[DEFAULT]`` and ``[oslo_messaging_rabbit]`` sections, + configure ``RabbitMQ`` message queue access: + + .. code-block:: none + + [DEFAULT] + ... + rpc_backend = rabbit + + [oslo_messaging_rabbit] + ... + rabbit_host = controller + rabbit_userid = openstack + rabbit_password = RABBIT_PASS + + Replace ``RABBIT_PASS`` with the password you chose for the + ``openstack`` account in ``RabbitMQ``. + + * In the ``[keystone_authtoken]``, ``[trustee]``, + ``[clients_keystone]``, and ``[ec2authtoken]`` sections, + configure Identity service access: + + .. code-block:: none + + [keystone_authtoken] + ... + auth_uri = http://controller:5000 + auth_url = http://controller:35357 + memcached_servers = controller:11211 + auth_type = password + project_domain_name = default + user_domain_name = default + project_name = service + username = heat + password = HEAT_PASS + + [trustee] + ... + auth_plugin = password + auth_url = http://controller:35357 + username = heat + password = HEAT_PASS + user_domain_name = default + + [clients_keystone] + ... + auth_uri = http://controller:35357 + + [ec2authtoken] + ... + auth_uri = http://controller:5000 + + Replace ``HEAT_PASS`` with the password you chose for the + ``heat`` user in the Identity service. + + * In the ``[DEFAULT]`` section, configure the metadata and + wait condition URLs: + + .. code-block:: none + + [DEFAULT] + ... + heat_metadata_server_url = http://controller:8000 + heat_waitcondition_server_url = http://controller:8000/v1/waitcondition + + * In the ``[DEFAULT]`` section, configure the stack domain and + administrative credentials: + + .. code-block:: none + + [DEFAULT] + ... + stack_domain_admin = heat_domain_admin + stack_domain_admin_password = HEAT_DOMAIN_PASS + stack_user_domain_name = heat + + Replace ``HEAT_DOMAIN_PASS`` with the password you chose for the + ``heat_domain_admin`` user in the Identity service. + +Finalize installation +--------------------- + +* Start the Orchestration services and configure them to start + when the system boots: + + .. code-block:: console + + # systemctl enable openstack-heat-api.service \ + openstack-heat-api-cfn.service openstack-heat-engine.service + # systemctl start openstack-heat-api.service \ + openstack-heat-api-cfn.service openstack-heat-engine.service + diff --git a/install-guide/source/install-rdo.rst b/install-guide/source/install-rdo.rst new file mode 100644 index 000000000..5d003ea37 --- /dev/null +++ b/install-guide/source/install-rdo.rst @@ -0,0 +1,440 @@ +.. _install-rdo: + +Install and configure for Red Hat Enterprise Linux and CentOS +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This section describes how to install and configure the Orchestration service +for Red Hat Enterprise Linux 7 and CentOS 7. + +Prerequisites +------------- + +Before you install and configure Orchestration, you must create a +database, service credentials, and API endpoints. Orchestration also +requires additional information in the Identity service. + +#. To create the database, complete these steps: + + * Use the database access client to connect to the database + server as the ``root`` user: + + .. code-block:: console + + $ mysql -u root -p + + * Create the ``heat`` database: + + .. code-block:: console + + CREATE DATABASE heat; + + * Grant proper access to the ``heat`` database: + + .. code-block:: console + + GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'localhost' \ + IDENTIFIED BY 'HEAT_DBPASS'; + GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'%' \ + IDENTIFIED BY 'HEAT_DBPASS'; + + Replace ``HEAT_DBPASS`` with a suitable password. + + * Exit the database access client. + +#. Source the ``admin`` credentials to gain access to + admin-only CLI commands: + + .. code-block:: console + + $ . admin-openrc + +#. To create the service credentials, complete these steps: + + * Create the ``heat`` user: + + .. code-block:: console + + $ openstack user create --domain default --password-prompt heat + User Password: + Repeat User Password: + +-----------+----------------------------------+ + | Field | Value | + +-----------+----------------------------------+ + | domain_id | e0353a670a9e496da891347c589539e9 | + | enabled | True | + | id | ca2e175b851943349be29a328cc5e360 | + | name | heat | + +-----------+----------------------------------+ + + * Add the ``admin`` role to the ``heat`` user: + + .. code-block:: console + + $ openstack role add --project service --user heat admin + + .. note:: + + This command provides no output. + + * Create the ``heat`` and ``heat-cfn`` service entities: + + .. code-block:: console + + $ openstack service create --name heat \ + --description "Orchestration" orchestration + +-------------+----------------------------------+ + | Field | Value | + +-------------+----------------------------------+ + | description | Orchestration | + | enabled | True | + | id | 727841c6f5df4773baa4e8a5ae7d72eb | + | name | heat | + | type | orchestration | + +-------------+----------------------------------+ + + $ openstack service create --name heat-cfn \ + --description "Orchestration" cloudformation + +-------------+----------------------------------+ + | Field | Value | + +-------------+----------------------------------+ + | description | Orchestration | + | enabled | True | + | id | c42cede91a4e47c3b10c8aedc8d890c6 | + | name | heat-cfn | + | type | cloudformation | + +-------------+----------------------------------+ + +#. Create the Orchestration service API endpoints: + + .. code-block:: console + + $ openstack endpoint create --region RegionOne \ + orchestration public http://controller:8004/v1/%\(tenant_id\)s + +--------------+-----------------------------------------+ + | Field | Value | + +--------------+-----------------------------------------+ + | enabled | True | + | id | 3f4dab34624e4be7b000265f25049609 | + | interface | public | + | region | RegionOne | + | region_id | RegionOne | + | service_id | 727841c6f5df4773baa4e8a5ae7d72eb | + | service_name | heat | + | service_type | orchestration | + | url | http://controller:8004/v1/%(tenant_id)s | + +--------------+-----------------------------------------+ + + $ openstack endpoint create --region RegionOne \ + orchestration internal http://controller:8004/v1/%\(tenant_id\)s + +--------------+-----------------------------------------+ + | Field | Value | + +--------------+-----------------------------------------+ + | enabled | True | + | id | 9489f78e958e45cc85570fec7e836d98 | + | interface | internal | + | region | RegionOne | + | region_id | RegionOne | + | service_id | 727841c6f5df4773baa4e8a5ae7d72eb | + | service_name | heat | + | service_type | orchestration | + | url | http://controller:8004/v1/%(tenant_id)s | + +--------------+-----------------------------------------+ + + $ openstack endpoint create --region RegionOne \ + orchestration admin http://controller:8004/v1/%\(tenant_id\)s + +--------------+-----------------------------------------+ + | Field | Value | + +--------------+-----------------------------------------+ + | enabled | True | + | id | 76091559514b40c6b7b38dde790efe99 | + | interface | admin | + | region | RegionOne | + | region_id | RegionOne | + | service_id | 727841c6f5df4773baa4e8a5ae7d72eb | + | service_name | heat | + | service_type | orchestration | + | url | http://controller:8004/v1/%(tenant_id)s | + +--------------+-----------------------------------------+ + + .. code-block:: console + + $ openstack endpoint create --region RegionOne \ + cloudformation public http://controller:8000/v1 + +--------------+----------------------------------+ + | Field | Value | + +--------------+----------------------------------+ + | enabled | True | + | id | b3ea082e019c4024842bf0a80555052c | + | interface | public | + | region | RegionOne | + | region_id | RegionOne | + | service_id | c42cede91a4e47c3b10c8aedc8d890c6 | + | service_name | heat-cfn | + | service_type | cloudformation | + | url | http://controller:8000/v1 | + +--------------+----------------------------------+ + + $ openstack endpoint create --region RegionOne \ + cloudformation internal http://controller:8000/v1 + +--------------+----------------------------------+ + | Field | Value | + +--------------+----------------------------------+ + | enabled | True | + | id | 169df4368cdc435b8b115a9cb084044e | + | interface | internal | + | region | RegionOne | + | region_id | RegionOne | + | service_id | c42cede91a4e47c3b10c8aedc8d890c6 | + | service_name | heat-cfn | + | service_type | cloudformation | + | url | http://controller:8000/v1 | + +--------------+----------------------------------+ + + $ openstack endpoint create --region RegionOne \ + cloudformation admin http://controller:8000/v1 + +--------------+----------------------------------+ + | Field | Value | + +--------------+----------------------------------+ + | enabled | True | + | id | 3d3edcd61eb343c1bbd629aa041ff88b | + | interface | internal | + | region | RegionOne | + | region_id | RegionOne | + | service_id | c42cede91a4e47c3b10c8aedc8d890c6 | + | service_name | heat-cfn | + | service_type | cloudformation | + | url | http://controller:8000/v1 | + +--------------+----------------------------------+ + +#. Orchestration requires additional information in the Identity service to + manage stacks. To add this information, complete these steps: + + * Create the ``heat`` domain that contains projects and users + for stacks: + + .. code-block:: console + + $ openstack domain create --description "Stack projects and users" heat + +-------------+----------------------------------+ + | Field | Value | + +-------------+----------------------------------+ + | description | Stack projects and users | + | enabled | True | + | id | 0f4d1bd326f2454dacc72157ba328a47 | + | name | heat | + +-------------+----------------------------------+ + + * Create the ``heat_domain_admin`` user to manage projects and users + in the ``heat`` domain: + + .. code-block:: console + + $ openstack user create --domain heat --password-prompt heat_domain_admin + User Password: + Repeat User Password: + +-----------+----------------------------------+ + | Field | Value | + +-----------+----------------------------------+ + | domain_id | 0f4d1bd326f2454dacc72157ba328a47 | + | enabled | True | + | id | b7bd1abfbcf64478b47a0f13cd4d970a | + | name | heat_domain_admin | + +-----------+----------------------------------+ + + * Add the ``admin`` role to the ``heat_domain_admin`` user in the + ``heat`` domain to enable administrative stack management + privileges by the ``heat_domain_admin`` user: + + .. code-block:: console + + $ openstack role add --domain heat --user-domain heat --user heat_domain_admin admin + + .. note:: + + This command provides no output. + + * Create the ``heat_stack_owner`` role: + + .. code-block:: console + + $ openstack role create heat_stack_owner + +-----------+----------------------------------+ + | Field | Value | + +-----------+----------------------------------+ + | domain_id | None | + | id | 15e34f0c4fed4e68b3246275883c8630 | + | name | heat_stack_owner | + +-----------+----------------------------------+ + + * Add the ``heat_stack_owner`` role to the ``demo`` project and user to + enable stack management by the ``demo`` user: + + .. code-block:: console + + $ openstack role add --project demo --user demo heat_stack_owner + + .. note:: + + This command provides no output. + + .. note:: + + You must add the ``heat_stack_owner`` role to each user + that manages stacks. + + * Create the ``heat_stack_user`` role: + + .. code-block:: console + + $ openstack role create heat_stack_user + +-----------+----------------------------------+ + | Field | Value | + +-----------+----------------------------------+ + | domain_id | None | + | id | 88849d41a55d4d1d91e4f11bffd8fc5c | + | name | heat_stack_user | + +-----------+----------------------------------+ + + .. note:: + + The Orchestration service automatically assigns the + ``heat_stack_user`` role to users that it creates + during stack deployment. By default, this role restricts + API operations. + To avoid conflicts, do not add + this role to users with the ``heat_stack_owner`` role. + +Install and configure components +-------------------------------- + +.. note:: + + Default configuration files vary by distribution. You might need + to add these sections and options rather than modifying existing + sections and options. Also, an ellipsis (``...``) in the configuration + snippets indicates potential default configuration options that you + should retain. + +#. Install the packages: + + .. code-block:: console + + # yum install openstack-heat-api openstack-heat-api-cfn \ + openstack-heat-engine + +2. Edit the ``/etc/heat/heat.conf`` file and complete the following + actions: + + * In the ``[database]`` section, configure database access: + + .. code-block:: none + + [database] + ... + connection = mysql+pymysql://heat:HEAT_DBPASS@controller/heat + + Replace ``HEAT_DBPASS`` with the password you chose for the + Orchestration database. + + * In the ``[DEFAULT]`` and ``[oslo_messaging_rabbit]`` sections, + configure ``RabbitMQ`` message queue access: + + .. code-block:: none + + [DEFAULT] + ... + rpc_backend = rabbit + + [oslo_messaging_rabbit] + ... + rabbit_host = controller + rabbit_userid = openstack + rabbit_password = RABBIT_PASS + + Replace ``RABBIT_PASS`` with the password you chose for the + ``openstack`` account in ``RabbitMQ``. + + * In the ``[keystone_authtoken]``, ``[trustee]``, + ``[clients_keystone]``, and ``[ec2authtoken]`` sections, + configure Identity service access: + + .. code-block:: none + + [keystone_authtoken] + ... + auth_uri = http://controller:5000 + auth_url = http://controller:35357 + memcached_servers = controller:11211 + auth_type = password + project_domain_name = default + user_domain_name = default + project_name = service + username = heat + password = HEAT_PASS + + [trustee] + ... + auth_plugin = password + auth_url = http://controller:35357 + username = heat + password = HEAT_PASS + user_domain_name = default + + [clients_keystone] + ... + auth_uri = http://controller:35357 + + [ec2authtoken] + ... + auth_uri = http://controller:5000 + + Replace ``HEAT_PASS`` with the password you chose for the + ``heat`` user in the Identity service. + + * In the ``[DEFAULT]`` section, configure the metadata and + wait condition URLs: + + .. code-block:: none + + [DEFAULT] + ... + heat_metadata_server_url = http://controller:8000 + heat_waitcondition_server_url = http://controller:8000/v1/waitcondition + + * In the ``[DEFAULT]`` section, configure the stack domain and + administrative credentials: + + .. code-block:: none + + [DEFAULT] + ... + stack_domain_admin = heat_domain_admin + stack_domain_admin_password = HEAT_DOMAIN_PASS + stack_user_domain_name = heat + + Replace ``HEAT_DOMAIN_PASS`` with the password you chose for the + ``heat_domain_admin`` user in the Identity service. + +3. Populate the Orchestration database: + + .. code-block:: console + + # su -s /bin/sh -c "heat-manage db_sync" heat + + .. note:: + + Ignore any deprecation messages in this output. + +Finalize installation +--------------------- + +* Start the Orchestration services and configure them to start + when the system boots: + + .. code-block:: console + + # systemctl enable openstack-heat-api.service \ + openstack-heat-api-cfn.service openstack-heat-engine.service + # systemctl start openstack-heat-api.service \ + openstack-heat-api-cfn.service openstack-heat-engine.service + diff --git a/install-guide/source/install-ubuntu.rst b/install-guide/source/install-ubuntu.rst new file mode 100644 index 000000000..b049aeb1c --- /dev/null +++ b/install-guide/source/install-ubuntu.rst @@ -0,0 +1,436 @@ +.. _install-ubuntu: + +Install and configure for Ubuntu +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This section describes how to install and configure the Orchestration service +for Ubuntu 14.04 (LTS). + +Prerequisites +------------- + +Before you install and configure Orchestration, you must create a +database, service credentials, and API endpoints. Orchestration also +requires additional information in the Identity service. + +#. To create the database, complete these steps: + + * Use the database access client to connect to the database + server as the ``root`` user: + + .. code-block:: console + + $ mysql -u root -p + + * Create the ``heat`` database: + + .. code-block:: console + + CREATE DATABASE heat; + + * Grant proper access to the ``heat`` database: + + .. code-block:: console + + GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'localhost' \ + IDENTIFIED BY 'HEAT_DBPASS'; + GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'%' \ + IDENTIFIED BY 'HEAT_DBPASS'; + + Replace ``HEAT_DBPASS`` with a suitable password. + + * Exit the database access client. + +#. Source the ``admin`` credentials to gain access to + admin-only CLI commands: + + .. code-block:: console + + $ . admin-openrc + +#. To create the service credentials, complete these steps: + + * Create the ``heat`` user: + + .. code-block:: console + + $ openstack user create --domain default --password-prompt heat + User Password: + Repeat User Password: + +-----------+----------------------------------+ + | Field | Value | + +-----------+----------------------------------+ + | domain_id | e0353a670a9e496da891347c589539e9 | + | enabled | True | + | id | ca2e175b851943349be29a328cc5e360 | + | name | heat | + +-----------+----------------------------------+ + + * Add the ``admin`` role to the ``heat`` user: + + .. code-block:: console + + $ openstack role add --project service --user heat admin + + .. note:: + + This command provides no output. + + * Create the ``heat`` and ``heat-cfn`` service entities: + + .. code-block:: console + + $ openstack service create --name heat \ + --description "Orchestration" orchestration + +-------------+----------------------------------+ + | Field | Value | + +-------------+----------------------------------+ + | description | Orchestration | + | enabled | True | + | id | 727841c6f5df4773baa4e8a5ae7d72eb | + | name | heat | + | type | orchestration | + +-------------+----------------------------------+ + + $ openstack service create --name heat-cfn \ + --description "Orchestration" cloudformation + +-------------+----------------------------------+ + | Field | Value | + +-------------+----------------------------------+ + | description | Orchestration | + | enabled | True | + | id | c42cede91a4e47c3b10c8aedc8d890c6 | + | name | heat-cfn | + | type | cloudformation | + +-------------+----------------------------------+ + +#. Create the Orchestration service API endpoints: + + .. code-block:: console + + $ openstack endpoint create --region RegionOne \ + orchestration public http://controller:8004/v1/%\(tenant_id\)s + +--------------+-----------------------------------------+ + | Field | Value | + +--------------+-----------------------------------------+ + | enabled | True | + | id | 3f4dab34624e4be7b000265f25049609 | + | interface | public | + | region | RegionOne | + | region_id | RegionOne | + | service_id | 727841c6f5df4773baa4e8a5ae7d72eb | + | service_name | heat | + | service_type | orchestration | + | url | http://controller:8004/v1/%(tenant_id)s | + +--------------+-----------------------------------------+ + + $ openstack endpoint create --region RegionOne \ + orchestration internal http://controller:8004/v1/%\(tenant_id\)s + +--------------+-----------------------------------------+ + | Field | Value | + +--------------+-----------------------------------------+ + | enabled | True | + | id | 9489f78e958e45cc85570fec7e836d98 | + | interface | internal | + | region | RegionOne | + | region_id | RegionOne | + | service_id | 727841c6f5df4773baa4e8a5ae7d72eb | + | service_name | heat | + | service_type | orchestration | + | url | http://controller:8004/v1/%(tenant_id)s | + +--------------+-----------------------------------------+ + + $ openstack endpoint create --region RegionOne \ + orchestration admin http://controller:8004/v1/%\(tenant_id\)s + +--------------+-----------------------------------------+ + | Field | Value | + +--------------+-----------------------------------------+ + | enabled | True | + | id | 76091559514b40c6b7b38dde790efe99 | + | interface | admin | + | region | RegionOne | + | region_id | RegionOne | + | service_id | 727841c6f5df4773baa4e8a5ae7d72eb | + | service_name | heat | + | service_type | orchestration | + | url | http://controller:8004/v1/%(tenant_id)s | + +--------------+-----------------------------------------+ + + .. code-block:: console + + $ openstack endpoint create --region RegionOne \ + cloudformation public http://controller:8000/v1 + +--------------+----------------------------------+ + | Field | Value | + +--------------+----------------------------------+ + | enabled | True | + | id | b3ea082e019c4024842bf0a80555052c | + | interface | public | + | region | RegionOne | + | region_id | RegionOne | + | service_id | c42cede91a4e47c3b10c8aedc8d890c6 | + | service_name | heat-cfn | + | service_type | cloudformation | + | url | http://controller:8000/v1 | + +--------------+----------------------------------+ + + $ openstack endpoint create --region RegionOne \ + cloudformation internal http://controller:8000/v1 + +--------------+----------------------------------+ + | Field | Value | + +--------------+----------------------------------+ + | enabled | True | + | id | 169df4368cdc435b8b115a9cb084044e | + | interface | internal | + | region | RegionOne | + | region_id | RegionOne | + | service_id | c42cede91a4e47c3b10c8aedc8d890c6 | + | service_name | heat-cfn | + | service_type | cloudformation | + | url | http://controller:8000/v1 | + +--------------+----------------------------------+ + + $ openstack endpoint create --region RegionOne \ + cloudformation admin http://controller:8000/v1 + +--------------+----------------------------------+ + | Field | Value | + +--------------+----------------------------------+ + | enabled | True | + | id | 3d3edcd61eb343c1bbd629aa041ff88b | + | interface | internal | + | region | RegionOne | + | region_id | RegionOne | + | service_id | c42cede91a4e47c3b10c8aedc8d890c6 | + | service_name | heat-cfn | + | service_type | cloudformation | + | url | http://controller:8000/v1 | + +--------------+----------------------------------+ + +#. Orchestration requires additional information in the Identity service to + manage stacks. To add this information, complete these steps: + + * Create the ``heat`` domain that contains projects and users + for stacks: + + .. code-block:: console + + $ openstack domain create --description "Stack projects and users" heat + +-------------+----------------------------------+ + | Field | Value | + +-------------+----------------------------------+ + | description | Stack projects and users | + | enabled | True | + | id | 0f4d1bd326f2454dacc72157ba328a47 | + | name | heat | + +-------------+----------------------------------+ + + * Create the ``heat_domain_admin`` user to manage projects and users + in the ``heat`` domain: + + .. code-block:: console + + $ openstack user create --domain heat --password-prompt heat_domain_admin + User Password: + Repeat User Password: + +-----------+----------------------------------+ + | Field | Value | + +-----------+----------------------------------+ + | domain_id | 0f4d1bd326f2454dacc72157ba328a47 | + | enabled | True | + | id | b7bd1abfbcf64478b47a0f13cd4d970a | + | name | heat_domain_admin | + +-----------+----------------------------------+ + + * Add the ``admin`` role to the ``heat_domain_admin`` user in the + ``heat`` domain to enable administrative stack management + privileges by the ``heat_domain_admin`` user: + + .. code-block:: console + + $ openstack role add --domain heat --user-domain heat --user heat_domain_admin admin + + .. note:: + + This command provides no output. + + * Create the ``heat_stack_owner`` role: + + .. code-block:: console + + $ openstack role create heat_stack_owner + +-----------+----------------------------------+ + | Field | Value | + +-----------+----------------------------------+ + | domain_id | None | + | id | 15e34f0c4fed4e68b3246275883c8630 | + | name | heat_stack_owner | + +-----------+----------------------------------+ + + * Add the ``heat_stack_owner`` role to the ``demo`` project and user to + enable stack management by the ``demo`` user: + + .. code-block:: console + + $ openstack role add --project demo --user demo heat_stack_owner + + .. note:: + + This command provides no output. + + .. note:: + + You must add the ``heat_stack_owner`` role to each user + that manages stacks. + + * Create the ``heat_stack_user`` role: + + .. code-block:: console + + $ openstack role create heat_stack_user + +-----------+----------------------------------+ + | Field | Value | + +-----------+----------------------------------+ + | domain_id | None | + | id | 88849d41a55d4d1d91e4f11bffd8fc5c | + | name | heat_stack_user | + +-----------+----------------------------------+ + + .. note:: + + The Orchestration service automatically assigns the + ``heat_stack_user`` role to users that it creates + during stack deployment. By default, this role restricts + API operations. + To avoid conflicts, do not add + this role to users with the ``heat_stack_owner`` role. + +Install and configure components +-------------------------------- + +.. note:: + + Default configuration files vary by distribution. You might need + to add these sections and options rather than modifying existing + sections and options. Also, an ellipsis (``...``) in the configuration + snippets indicates potential default configuration options that you + should retain. + +#. Install the packages: + + .. code-block:: console + + # apt-get install heat-api heat-api-cfn heat-engine + +2. Edit the ``/etc/heat/heat.conf`` file and complete the following + actions: + + * In the ``[database]`` section, configure database access: + + .. code-block:: none + + [database] + ... + connection = mysql+pymysql://heat:HEAT_DBPASS@controller/heat + + Replace ``HEAT_DBPASS`` with the password you chose for the + Orchestration database. + + * In the ``[DEFAULT]`` and ``[oslo_messaging_rabbit]`` sections, + configure ``RabbitMQ`` message queue access: + + .. code-block:: none + + [DEFAULT] + ... + rpc_backend = rabbit + + [oslo_messaging_rabbit] + ... + rabbit_host = controller + rabbit_userid = openstack + rabbit_password = RABBIT_PASS + + Replace ``RABBIT_PASS`` with the password you chose for the + ``openstack`` account in ``RabbitMQ``. + + * In the ``[keystone_authtoken]``, ``[trustee]``, + ``[clients_keystone]``, and ``[ec2authtoken]`` sections, + configure Identity service access: + + .. code-block:: none + + [keystone_authtoken] + ... + auth_uri = http://controller:5000 + auth_url = http://controller:35357 + memcached_servers = controller:11211 + auth_type = password + project_domain_name = default + user_domain_name = default + project_name = service + username = heat + password = HEAT_PASS + + [trustee] + ... + auth_plugin = password + auth_url = http://controller:35357 + username = heat + password = HEAT_PASS + user_domain_name = default + + [clients_keystone] + ... + auth_uri = http://controller:35357 + + [ec2authtoken] + ... + auth_uri = http://controller:5000 + + Replace ``HEAT_PASS`` with the password you chose for the + ``heat`` user in the Identity service. + + * In the ``[DEFAULT]`` section, configure the metadata and + wait condition URLs: + + .. code-block:: none + + [DEFAULT] + ... + heat_metadata_server_url = http://controller:8000 + heat_waitcondition_server_url = http://controller:8000/v1/waitcondition + + * In the ``[DEFAULT]`` section, configure the stack domain and + administrative credentials: + + .. code-block:: none + + [DEFAULT] + ... + stack_domain_admin = heat_domain_admin + stack_domain_admin_password = HEAT_DOMAIN_PASS + stack_user_domain_name = heat + + Replace ``HEAT_DOMAIN_PASS`` with the password you chose for the + ``heat_domain_admin`` user in the Identity service. + +3. Populate the Orchestration database: + + .. code-block:: console + + # su -s /bin/sh -c "heat-manage db_sync" heat + + .. note:: + + Ignore any deprecation messages in this output. + +Finalize installation +--------------------- + +1. Restart the Orchestration services: + + .. code-block:: console + + # service heat-api restart + # service heat-api-cfn restart + # service heat-engine restart diff --git a/install-guide/source/install.rst b/install-guide/source/install.rst new file mode 100644 index 000000000..f76bdb629 --- /dev/null +++ b/install-guide/source/install.rst @@ -0,0 +1,20 @@ +.. _install: + +Install and configure +~~~~~~~~~~~~~~~~~~~~~ + +This section describes how to install and configure the +Orchestration service, code-named heat, on the controller node. + +This section assumes that you already have a working OpenStack +environment with at least the following components installed: +Compute, Image Service, Identity. + +Note that installation and configuration vary by distribution. + +.. toctree:: + + install-obs.rst + install-rdo.rst + install-ubuntu.rst + install-debian.rst diff --git a/install-guide/source/next-steps.rst b/install-guide/source/next-steps.rst new file mode 100644 index 000000000..3f23d14a2 --- /dev/null +++ b/install-guide/source/next-steps.rst @@ -0,0 +1,10 @@ +.. _next-steps: + +Next steps +~~~~~~~~~~ + +Your OpenStack environment now includes the heat service. + +To add more services, see the +`additional documentation on installing OpenStack `_ . + diff --git a/install-guide/source/verify.rst b/install-guide/source/verify.rst new file mode 100644 index 000000000..b617df93b --- /dev/null +++ b/install-guide/source/verify.rst @@ -0,0 +1,36 @@ +.. _verify: + +Verify operation +~~~~~~~~~~~~~~~~ + +Verify operation of the Orchestration service. + +.. note:: + + Perform these commands on the controller node. + +#. Source the ``admin`` tenant credentials: + + .. code-block:: console + + $ . admin-openrc + +#. List service components to verify successful launch and + registration of each process: + + .. code-block:: console + + $ openstack orchestration service list + +------------+-------------+--------------------------------------+------------+--------+----------------------------+--------+ + | hostname | binary | engine_id | host | topic | updated_at | status | + +------------+-------------+--------------------------------------+------------+--------+----------------------------+--------+ + | controller | heat-engine | 3e85d1ab-a543-41aa-aa97-378c381fb958 | controller | engine | 2015-10-13T14:16:06.000000 | up | + | controller | heat-engine | 45dbdcf6-5660-4d5f-973a-c4fc819da678 | controller | engine | 2015-10-13T14:16:06.000000 | up | + | controller | heat-engine | 51162b63-ecb8-4c6c-98c6-993af899c4f7 | controller | engine | 2015-10-13T14:16:06.000000 | up | + | controller | heat-engine | 8d7edc6d-77a6-460d-bd2a-984d76954646 | controller | engine | 2015-10-13T14:16:06.000000 | up | + +------------+-------------+--------------------------------------+------------+--------+----------------------------+--------+ + + .. note:: + + This output should indicate four ``heat-engine`` components + on the controller node. diff --git a/test-requirements.txt b/test-requirements.txt index 166ca96bc..4b56272b0 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -11,6 +11,7 @@ kombu>=3.0.25 # BSD mock>=2.0 # BSD mox3>=0.7.0 # Apache-2.0 PyMySQL>=0.6.2 # MIT License +openstackdocstheme>=1.0.3 # Apache-2.0 os-api-ref>=0.1.0 # Apache-2.0 oslosphinx!=3.4.0,>=2.5.0 # Apache-2.0 oslotest>=1.10.0 # Apache-2.0 diff --git a/tox.ini b/tox.ini index 4e01b56e3..ee1a75a89 100644 --- a/tox.ini +++ b/tox.ini @@ -95,3 +95,10 @@ commands = oslo_debug_helper {posargs} [testenv:releasenotes] commands = sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html + +[testenv:install-guide] +# NOTE(jaegerandi): this target does not use constraints because +# upstream infra does not yet support it. Once that's fixed, we can +# drop the install_command. +install_command = pip install -U --force-reinstall {opts} {packages} +commands = sphinx-build -a -E -W -d install-guide/build/doctrees -b html install-guide/source install-guide/build/html -- cgit v1.2.1