Install and configure controller node for Ubuntu
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This section describes how to install and configure the Container service for Ubuntu 16.04 (LTS).
Prerequisites
Before you install and configure Zun, you must create a database, service credentials, and API endpoints.
. To create the database, complete these steps:
-
Use the database access client to connect to the database server as the
rootuser:.. code-block:: console
# mysql -
Create the
zundatabase:.. code-block:: console
MariaDB [(none)] CREATE DATABASE zun; -
Grant proper access to the
zundatabase:.. code-block:: console
MariaDB [(none)]> GRANT ALL PRIVILEGES ON zun.* TO 'zun'@'localhost' \ IDENTIFIED BY 'ZUN_DBPASS'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON zun.* TO 'zun'@'%' \ IDENTIFIED BY 'ZUN_DBPASS';Replace
ZUN_DBPASSwith a suitable password. -
Exit the database access client.
. Source the admin credentials to gain access to
admin-only CLI commands:
.. code-block:: console
$ . admin-openrc
. To create the service credentials, complete these steps:
-
Create the
zunuser:.. code-block:: console
$ openstack user create --domain default --password-prompt zun User Password: Repeat User Password: +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | e0353a670a9e496da891347c589539e9 | | enabled | True | | id | ca2e175b851943349be29a328cc5e360 | | name | zun | +-----------+----------------------------------+ -
Add the
adminrole to thezunuser:.. code-block:: console
$ openstack role add --project service --user zun admin.. note::
This command provides no output. -
Create the
zunservice entities:.. code-block:: console
$ openstack service create --name zun \ --description "Container Service" container +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Container Service | | enabled | True | | id | 727841c6f5df4773baa4e8a5ae7d72eb | | name | zun | | type | container | +-------------+----------------------------------+
. Create the Container service API endpoints:
.. code-block:: console
$ openstack endpoint create --region RegionOne \
container public http://controller:9517/v1
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | 3f4dab34624e4be7b000265f25049609 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 727841c6f5df4773baa4e8a5ae7d72eb |
| service_name | zun |
| service_type | container |
| url | http://controller:9517/v1 |
+--------------+-----------------------------------------+
$ openstack endpoint create --region RegionOne \
container internal http://controller:9517/v1
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | 9489f78e958e45cc85570fec7e836d98 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 727841c6f5df4773baa4e8a5ae7d72eb |
| service_name | zun |
| service_type | container |
| url | http://controller:9517/v1 |
+--------------+-----------------------------------------+
$ openstack endpoint create --region RegionOne \
container admin http://controller:9517/v1
+--------------+-----------------------------------------+
| Field | Value |
+--------------+-----------------------------------------+
| enabled | True |
| id | 76091559514b40c6b7b38dde790efe99 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 727841c6f5df4773baa4e8a5ae7d72eb |
| service_name | zun |
| service_type | container |
| url | http://controller:9517/v1 |
+--------------+-----------------------------------------+
Install and configure components
. Create zun user and necessary directories:
-
Create user:
.. code-block:: console
# groupadd --system zun # useradd --home-dir "/var/lib/zun" \ --create-home \ --system \ --shell /bin/false \ -g zun \ zun -
Create directories:
.. code-block:: console
# mkdir -p /etc/zun # chown zun:zun /etc/zun
. Clone and install zun:
.. code-block:: console
# apt-get install python-pip
# cd /var/lib/zun
# git clone https://git.openstack.org/openstack/zun.git
# chown -R zun:zun zun
# cd zun
# pip install -r requirements.txt
# python setup.py install
. Generate a sample configuration file:
.. code-block:: console
# su -s /bin/sh -c "oslo-config-generator \
--config-file etc/zun/zun-config-generator.conf" zun
# su -s /bin/sh -c "cp etc/zun/zun.conf.sample \
/etc/zun/zun.conf" zun
. Copy api-paste.ini:
.. code-block:: console
# su -s /bin/sh -c "cp etc/zun/api-paste.ini /etc/zun" zun
. Edit the /etc/zun/zun.conf:
-
In the
[DEFAULT]section, configureRabbitMQmessage queue access:.. code-block:: ini
[DEFAULT] ... transport_url = rabbit://openstack:RABBIT_PASS@controllerReplace
RABBIT_PASSwith the password you chose for theopenstackaccount inRabbitMQ. -
In the
[api]section, configure the IP address that Zun API server is going to listen:.. code-block:: ini
[api] ... host_ip = 10.0.0.11 port = 9517Replace
10.0.0.11with the management interface IP address of the controller node if different. -
In the
[database]section, configure database access:.. code-block:: ini
[database] ... connection = mysql+pymysql://zun:ZUN_DBPASS@controller/zunReplace
ZUN_DBPASSwith the password you chose for the zun database. -
In the
[keystone_authtoken]section, configure Identity service access:.. code-block:: ini
[keystone_authtoken] ... memcached_servers = controller:11211 auth_uri = http://controller:5000 project_domain_name = default project_name = service user_domain_name = default password = ZUN_PASS username = zun auth_url = http://controller:35357 auth_type = passwordReplace ZUN_PASS with the password you chose for the zun user in the Identity service.
-
In the
[oslo_concurrency]section, configure thelock_path:.. code-block:: ini
[oslo_concurrency] ... lock_path = /var/lib/zun/tmp -
In the
[oslo_messaging_notifications]section, configure thedriver:.. code-block:: ini
[oslo_messaging_notifications] ... driver = messaging -
In the
[websocket_proxy]section, configure the IP address that the websocket proxy is going to listen to:.. code-block:: ini
[websocket_proxy] ... wsproxy_host = 10.0.0.11Replace
10.0.0.11with the management interface IP address of the controller node if different.
.. note::
Make sure that ``/etc/zun/zun.conf`` still have the correct
permissions. You can set the permissions again with:
# chown zun:zun /etc/zun/zun.conf
. Populate Zun database:
.. code-block:: console
# su -s /bin/sh -c "zun-db-manage upgrade" zun
Finalize installation
. Create an upstart config, it could be named as
/etc/systemd/system/zun-api.service:
.. code-block:: bash
[Unit]
Description = OpenStack Container Service API
[Service]
ExecStart = /usr/local/bin/zun-api
User = zun
[Install]
WantedBy = multi-user.target
. Create an upstart config, it could be named as
/etc/systemd/system/zun-wsproxy.service:
.. code-block:: bash
[Unit]
Description = OpenStack Container Service Websocket Proxy
[Service]
ExecStart = /usr/local/bin/zun-wsproxy
User = zun
[Install]
WantedBy = multi-user.target
. Enable and start zun-api and zun-wsproxy:
.. code-block:: console
# systemctl enable zun-api
# systemctl enable zun-wsproxy
.. code-block:: console
# systemctl start zun-api
# systemctl start zun-wsproxy
. Verify that zun-api and zun-wsproxy services are running:
.. code-block:: console
# systemctl status zun-api
# systemctl status zun-wsproxy