blob: 6f74af926e46e5e4112cb7cda7db4cfb1ec58ed6 [file] [log] [blame]
Filip Pytlounda2a0792015-10-06 16:28:31 +02001==============================
2Openstack Cinder Block Storage
3==============================
4
Jakub Pavlikb513f132016-05-20 11:11:19 +02005Cinder provides an infrastructure for managing volumes in OpenStack. It was
6originally a Nova component called nova-volume, but has become an independent
7project since the Folsom release.
Filip Pytlounda2a0792015-10-06 16:28:31 +02008
9Sample pillars
10==============
11
Jakub Pavlikb513f132016-05-20 11:11:19 +020012New structure divides cinder-api,cinder-scheduler to role controller and
13cinder-volume to role volume.
Filip Pytlounda2a0792015-10-06 16:28:31 +020014
15.. code-block:: yaml
16
17 cinder:
18 controller:
19 enabled: true
20 version: juno
Dmitry Stremkovskiy9f4ac8b2017-07-11 09:48:46 +030021 cinder_uid: 304
22 cinder_gid: 304
Dmitry Stremkovskiyef4c7d02017-07-30 16:51:52 +030023 nas_secure_file_permissions: false
24 nas_secure_file_operations: false
Dmitry Stremkovskiya5dd7992017-07-30 19:54:23 +030025 cinder_internal_tenant_user_id: f46924c112a14c80ab0a24a613d95eef
26 cinder_internal_tenant_project_id: b7455b8974bb4064ad247c8f375eae6c
Jakub Pavlikaf96c2a2016-01-08 15:49:54 +010027 default_volume_type: 7k2SaS
stelucz1f3a82f2017-09-19 18:38:13 +020028 enable_force_upload: true
Damian Szeluga0918f5a2017-04-19 12:26:56 +020029 availability_zone_fallback: True
Filip Pytlounda2a0792015-10-06 16:28:31 +020030 database:
31 engine: mysql
32 host: 127.0.0.1
33 port: 3306
34 name: cinder
35 user: cinder
36 password: pwd
37 identity:
38 engine: keystone
39 host: 127.0.0.1
40 port: 35357
41 tenant: service
42 user: cinder
43 password: pwd
44 message_queue:
45 engine: rabbitmq
46 host: 127.0.0.1
47 port: 5672
48 user: openstack
49 password: pwd
50 virtual_host: '/openstack'
Jakub Pavlikaf96c2a2016-01-08 15:49:54 +010051 backend:
52 7k2_SAS:
53 engine: storwize
Jakub Pavlikedd46102016-01-08 16:20:38 +010054 type_name: slow-disks
Jakub Pavlikaf96c2a2016-01-08 15:49:54 +010055 host: 192.168.0.1
56 port: 22
57 user: username
58 password: pass
59 connection: FC/iSCSI
60 multihost: true
61 multipath: true
62 pool: SAS7K2
Kirill Bespalov01614c02017-07-31 17:06:09 +030063 audit:
Petr Michaleca1c7ff12016-11-29 16:32:50 +010064 enabled: false
Simon Pasquier9089de42017-02-03 16:13:22 +010065 osapi_max_limit: 500
Oleg Iurchenko83ee09a2017-10-17 18:24:28 +030066 barbican:
67 enabled: true
Filip Pytlounda2a0792015-10-06 16:28:31 +020068
69 cinder:
70 volume:
71 enabled: true
72 version: juno
Dmitry Stremkovskiy9f4ac8b2017-07-11 09:48:46 +030073 cinder_uid: 304
74 cinder_gid: 304
Dmitry Stremkovskiyef4c7d02017-07-30 16:51:52 +030075 nas_secure_file_permissions: false
76 nas_secure_file_operations: false
Dmitry Stremkovskiya5dd7992017-07-30 19:54:23 +030077 cinder_internal_tenant_user_id: f46924c112a14c80ab0a24a613d95eef
78 cinder_internal_tenant_project_id: b7455b8974bb4064ad247c8f375eae6c
Jakub Pavlikaf96c2a2016-01-08 15:49:54 +010079 default_volume_type: 7k2SaS
stelucz1f3a82f2017-09-19 18:38:13 +020080 nable_force_upload: true
Filip Pytlounda2a0792015-10-06 16:28:31 +020081 database:
82 engine: mysql
83 host: 127.0.0.1
84 port: 3306
85 name: cinder
86 user: cinder
87 password: pwd
88 identity:
89 engine: keystone
90 host: 127.0.0.1
91 port: 35357
92 tenant: service
93 user: cinder
94 password: pwd
95 message_queue:
96 engine: rabbitmq
97 host: 127.0.0.1
98 port: 5672
99 user: openstack
100 password: pwd
101 virtual_host: '/openstack'
Jakub Pavlikaf96c2a2016-01-08 15:49:54 +0100102 backend:
103 7k2_SAS:
104 engine: storwize
Jakub Pavlikedd46102016-01-08 16:20:38 +0100105 type_name: 7k2 SAS disk
Jakub Pavlikaf96c2a2016-01-08 15:49:54 +0100106 host: 192.168.0.1
107 port: 22
108 user: username
109 password: pass
110 connection: FC/iSCSI
111 multihost: true
112 multipath: true
113 pool: SAS7K2
Petr Michaleca1c7ff12016-11-29 16:32:50 +0100114 audit:
115 enabled: false
Oleg Iurchenko83ee09a2017-10-17 18:24:28 +0300116 barbican:
117 enabled: true
Ondrej Smola74af21b2017-04-28 12:30:24 +0200118
119
Vasyl Saienkoa5de7512018-07-12 17:28:36 +0300120Volume vmware related options:
121
122.. code-block:: yaml
123
124 cinder:
125 volume:
126 backend:
127 vmware:
128 engine: vmware
129 host_username: vmware
130 host_password: vmware
131 cluster_names: vmware_cluster01,vmware_cluster02
132
133
Ondrej Smola74af21b2017-04-28 12:30:24 +0200134Enable CORS parameters
135
136.. code-block:: yaml
137
138 cinder:
139 controller:
140 cors:
141 allowed_origin: https:localhost.local,http:localhost.local
142 expose_headers: X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token
143 allow_methods: GET,PUT,POST,DELETE,PATCH
144 allow_headers: X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token
145 allow_credentials: True
146 max_age: 86400
Jiri Konecny2dce35f2016-04-19 16:29:52 +0200147
148Client-side RabbitMQ HA setup for controller
149
150.. code-block:: yaml
151
152 cinder:
153 controller:
154 ....
155 message_queue:
156 engine: rabbitmq
157 members:
158 - host: 10.0.16.1
159 - host: 10.0.16.2
160 - host: 10.0.16.3
161 user: openstack
162 password: pwd
163 virtual_host: '/openstack'
164 ....
165
166Client-side RabbitMQ HA setup for volume component
167
168.. code-block:: yaml
169
170 cinder:
171 volume:
172 ....
173 message_queue:
174 engine: rabbitmq
175 members:
176 - host: 10.0.16.1
177 - host: 10.0.16.2
178 - host: 10.0.16.3
179 user: openstack
180 password: pwd
181 virtual_host: '/openstack'
182 ....
Filip Pytlounda2a0792015-10-06 16:28:31 +0200183
Kirill Bespalov01614c02017-07-31 17:06:09 +0300184
Kirill Bespalov1550d6c2017-11-21 12:55:33 +0300185Configuring TLS communications
186------------------------------
Kirill Bespalov01614c02017-07-31 17:06:09 +0300187
Kirill Bespalov01614c02017-07-31 17:06:09 +0300188
Kirill Bespalov1550d6c2017-11-21 12:55:33 +0300189**Note:** by default system wide installed CA certs are used, so ``cacert_file`` param is optional, as well as ``cacert``.
190
191
192- **RabbitMQ TLS**
Kirill Bespalov01614c02017-07-31 17:06:09 +0300193
194.. code-block:: yaml
195
Kirill Bespalov1550d6c2017-11-21 12:55:33 +0300196 cinder:
197 controller, volume:
Kirill Bespalov01614c02017-07-31 17:06:09 +0300198 message_queue:
Kirill Bespalov1550d6c2017-11-21 12:55:33 +0300199 port: 5671
Kirill Bespalov01614c02017-07-31 17:06:09 +0300200 ssl:
201 enabled: True
Kirill Bespalov1550d6c2017-11-21 12:55:33 +0300202 (optional) cacert: cert body if the cacert_file does not exists
203 (optional) cacert_file: /etc/openstack/rabbitmq-ca.pem
204 (optional) version: TLSv1_2
Kirill Bespalov01614c02017-07-31 17:06:09 +0300205
206
Kirill Bespalov1550d6c2017-11-21 12:55:33 +0300207- **MySQL TLS**
Kirill Bespalov01614c02017-07-31 17:06:09 +0300208
209.. code-block:: yaml
210
Kirill Bespalov1550d6c2017-11-21 12:55:33 +0300211 cinder:
212 controller:
213 database:
Kirill Bespalov01614c02017-07-31 17:06:09 +0300214 ssl:
215 enabled: True
Kirill Bespalov1550d6c2017-11-21 12:55:33 +0300216 (optional) cacert: cert body if the cacert_file does not exists
217 (optional) cacert_file: /etc/openstack/mysql-ca.pem
Kirill Bespalov01614c02017-07-31 17:06:09 +0300218
Kirill Bespalov1550d6c2017-11-21 12:55:33 +0300219- **Openstack HTTPS API**
Kirill Bespalov01614c02017-07-31 17:06:09 +0300220
221.. code-block:: yaml
222
Kirill Bespalov1550d6c2017-11-21 12:55:33 +0300223 cinder:
224 controller, volume:
225 identity:
226 protocol: https
227 (optional) cacert_file: /etc/openstack/proxy.pem
228 glance:
229 protocol: https
230 (optional) cacert_file: /etc/openstack/proxy.pem
Kirill Bespalov01614c02017-07-31 17:06:09 +0300231
232
233
Filip Pytlounda2a0792015-10-06 16:28:31 +0200234Cinder setup with zeroing deleted volumes
235
Alexander Noskov62496fb2017-02-27 16:42:54 +0100236.. code-block:: yaml
237
Filip Pytlounda2a0792015-10-06 16:28:31 +0200238 cinder:
239 controller:
240 enabled: true
241 wipe_method: zero
242 ...
243
244Cinder setup with shreding deleted volumes
245
246.. code-block:: yaml
247
248 cinder:
249 controller:
250 enabled: true
251 wipe_method: shred
252 ...
253
Dmitry Ukov56c29072017-05-04 16:48:29 +0400254Configuration of policy.json file
255
256.. code-block:: yaml
257
258 cinder:
259 controller:
260 ....
261 policy:
262 'volume:delete': 'rule:admin_or_owner'
263 # Add key without value to remove line from policy.json
264 'volume:extend':
265
sgarbuz0901ebe2018-06-13 17:16:16 +0300266Default Cinder backend lvm_type setup
267
268.. code-block:: yaml
269
270 cinder:
271 volume:
272 enabled: true
273 backend:
274 # Type of LVM volumes to deploy; (default, thin, or auto). Auto defaults to thin if thin is supported.
275 lvm_type: auto
276
Filip Pytlounda2a0792015-10-06 16:28:31 +0200277
278Default Cinder setup with iSCSI target
279
280.. code-block:: yaml
281
282 cinder:
283 controller:
284 enabled: true
Jakub Pavlik3d437df2016-04-11 22:07:50 +0200285 version: mitaka
286 default_volume_type: lvmdriver-1
Filip Pytlounda2a0792015-10-06 16:28:31 +0200287 database:
288 engine: mysql
289 host: 127.0.0.1
290 port: 3306
291 name: cinder
292 user: cinder
293 password: pwd
294 identity:
295 engine: keystone
296 host: 127.0.0.1
297 port: 35357
298 tenant: service
299 user: cinder
300 password: pwd
301 message_queue:
302 engine: rabbitmq
303 host: 127.0.0.1
304 port: 5672
305 user: openstack
306 password: pwd
307 virtual_host: '/openstack'
Jakub Pavlikaf96c2a2016-01-08 15:49:54 +0100308 backend:
Jakub Pavlik3d437df2016-04-11 22:07:50 +0200309 lvmdriver-1:
310 engine: lvm
311 type_name: lvmdriver-1
312 volume_group: cinder-volume
Filip Pytlounda2a0792015-10-06 16:28:31 +0200313
Ales Komarekdf13bbd2016-01-05 21:33:36 +0100314Cinder setup for IBM Storwize
Filip Pytlounda2a0792015-10-06 16:28:31 +0200315
316.. code-block:: yaml
317
318 cinder:
Ales Komarekdf13bbd2016-01-05 21:33:36 +0100319 volume:
Filip Pytlounda2a0792015-10-06 16:28:31 +0200320 enabled: true
Ales Komarekdf13bbd2016-01-05 21:33:36 +0100321 backend:
322 7k2_SAS:
323 engine: storwize
Jakub Pavlikedd46102016-01-08 16:20:38 +0100324 type_name: 7k2 SAS disk
Ales Komarekdf13bbd2016-01-05 21:33:36 +0100325 host: 192.168.0.1
326 port: 22
327 user: username
328 password: pass
329 connection: FC/iSCSI
330 multihost: true
331 multipath: true
332 pool: SAS7K2
333 10k_SAS:
334 engine: storwize
Jakub Pavlikedd46102016-01-08 16:20:38 +0100335 type_name: 10k SAS disk
Ales Komarekdf13bbd2016-01-05 21:33:36 +0100336 host: 192.168.0.1
337 port: 22
338 user: username
339 password: pass
340 connection: FC/iSCSI
341 multihost: true
342 multipath: true
343 pool: SAS10K
344 15k_SAS:
345 engine: storwize
Jakub Pavlikedd46102016-01-08 16:20:38 +0100346 type_name: 15k SAS
Ales Komarekdf13bbd2016-01-05 21:33:36 +0100347 host: 192.168.0.1
348 port: 22
349 user: username
350 password: pass
351 connection: FC/iSCSI
352 multihost: true
353 multipath: true
354 pool: SAS15K
Filip Pytlounda2a0792015-10-06 16:28:31 +0200355
Jiri Broulik88548db2017-03-31 12:21:37 +0200356
357Cinder setup with NFS
358
359.. code-block:: yaml
360
361 cinder:
362 controller:
363 enabled: true
364 default_volume_type: nfs-driver
365 backend:
366 nfs-driver:
367 engine: nfs
368 type_name: nfs-driver
369 volume_group: cinder-volume
370 path: /var/lib/cinder/nfs
371 devices:
372 - 172.16.10.110:/var/nfs/cinder
373 options: rw,sync
374
375
Alexey Chekunovf916f0c2017-05-25 13:29:45 +0400376Cinder setup with NetApp
377
378.. code-block:: yaml
379
380 cinder:
381 controller:
382 backend:
383 netapp:
384 engine: netapp
385 type_name: netapp
386 user: openstack
387 vserver: vm1
388 server_hostname: 172.18.2.3
389 password: password
390 storage_protocol: nfs
391 transport_type: https
392 lun_space_reservation: enabled
393 use_multipath_for_image_xfer: True
Dmitry Stremkouskiffa53c02017-09-15 19:47:21 +0300394 nas_secure_file_operations: false
395 nas_secure_file_permissions: false
Alexey Chekunovf916f0c2017-05-25 13:29:45 +0400396 devices:
397 - 172.18.1.2:/vol_1
398 - 172.18.1.2:/vol_2
399 - 172.18.1.2:/vol_3
400 - 172.18.1.2:/vol_4
Jakub Pavlik94dc0c92017-06-14 14:53:23 +0200401 linux:
402 system:
403 package:
404 nfs-common:
405 version: latest
Alexey Chekunovf916f0c2017-05-25 13:29:45 +0400406
407
Filip Pytlounda2a0792015-10-06 16:28:31 +0200408Cinder setup with Hitachi VPS
409
410.. code-block:: yaml
411
412 cinder:
413 controller:
414 enabled: true
Jakub Pavlik5d7df0d2016-01-06 13:08:30 +0100415 backend:
416 hus100_backend:
marcodaa52fa2016-01-25 23:49:50 +0100417 type_name: HUS100
Jakub Pavlik5d7df0d2016-01-06 13:08:30 +0100418 backend: hus100_backend
419 engine: hitachi_vsp
420 connection: FC
Filip Pytlounda2a0792015-10-06 16:28:31 +0200421
Ondrej Smola16d66bd2017-01-15 13:56:03 +0100422Cinder setup with Hitachi VPS with defined ldev range
423
424.. code-block:: yaml
425
426 cinder:
427 controller:
428 enabled: true
429 backend:
430 hus100_backend:
431 type_name: HUS100
432 backend: hus100_backend
433 engine: hitachi_vsp
434 connection: FC
435 ldev_range: 0-1000
436
Filip Pytlounda2a0792015-10-06 16:28:31 +0200437Cinder setup with CEPH
438
439.. code-block:: yaml
440
441 cinder:
442 controller:
443 enabled: true
Jakub Pavlik5d7df0d2016-01-06 13:08:30 +0100444 backend:
445 ceph_backend:
Jakub Pavlikedd46102016-01-08 16:20:38 +0100446 type_name: standard-iops
Jakub Pavlik5d7df0d2016-01-06 13:08:30 +0100447 backend: ceph_backend
448 pool: volumes
449 engine: ceph
450 user: cinder
451 secret_uuid: da74ccb7-aa59-1721-a172-0006b1aa4e3e
452 client_cinder_key: AQDOavlU6BsSJhAAnpFR906mvdgdfRqLHwu0Uw==
Michel Nederlofb43a4872017-06-20 09:36:47 +0200453 report_discard_supported: True
Filip Pytlounda2a0792015-10-06 16:28:31 +0200454
455http://ceph.com/docs/master/rbd/rbd-openstack/
456
457
458Cinder setup with HP3par
459
460.. code-block:: yaml
461
462 cinder:
463 controller:
464 enabled: true
Jakub Pavlik5d7df0d2016-01-06 13:08:30 +0100465 backend:
466 hp3par_backend:
Jakub Pavlikedd46102016-01-08 16:20:38 +0100467 type_name: hp3par
Jakub Pavlik5d7df0d2016-01-06 13:08:30 +0100468 backend: hp3par_backend
469 user: hp3paruser
470 password: something
471 url: http://10.10.10.10/api/v1
472 cpg: OpenStackCPG
473 host: 10.10.10.10
474 login: hp3paradmin
475 sanpassword: something
476 debug: True
477 snapcpg: OpenStackSNAPCPG
Filip Pytlounda2a0792015-10-06 16:28:31 +0200478
479Cinder setup with Fujitsu Eternus
480
481.. code-block:: yaml
482
483 cinder:
484 volume:
485 enabled: true
Jakub Pavlik5d7df0d2016-01-06 13:08:30 +0100486 backend:
487 10kThinPro:
Jakub Pavlikedd46102016-01-08 16:20:38 +0100488 type_name: 10kThinPro
Jakub Pavlik5d7df0d2016-01-06 13:08:30 +0100489 engine: fujitsu
490 pool: 10kThinPro
491 host: 192.168.0.1
492 port: 5988
493 user: username
494 password: pass
495 connection: FC/iSCSI
marcodaa52fa2016-01-25 23:49:50 +0100496 name: 10kThinPro
Jakub Pavlik5d7df0d2016-01-06 13:08:30 +0100497 10k_SAS:
Jakub Pavlikedd46102016-01-08 16:20:38 +0100498 type_name: 10k_SAS
Jakub Pavlik5d7df0d2016-01-06 13:08:30 +0100499 pool: SAS10K
500 engine: fujitsu
501 host: 192.168.0.1
502 port: 5988
503 user: username
504 password: pass
505 connection: FC/iSCSI
marcodaa52fa2016-01-25 23:49:50 +0100506 name: 10k_SAS
Filip Pytlounda2a0792015-10-06 16:28:31 +0200507
Jakub Pavlik9703c602015-10-15 18:52:47 +0200508Cinder setup with IBM GPFS filesystem
509
510.. code-block:: yaml
511
512 cinder:
513 volume:
514 enabled: true
Jakub Pavlik5d7df0d2016-01-06 13:08:30 +0100515 backend:
516 GPFS-GOLD:
Jakub Pavlikedd46102016-01-08 16:20:38 +0100517 type_name: GPFS-GOLD
Jakub Pavlik5d7df0d2016-01-06 13:08:30 +0100518 engine: gpfs
519 mount_point: '/mnt/gpfs-openstack/cinder/gold'
marcodaa52fa2016-01-25 23:49:50 +0100520 GPFS-SILVER:
Jakub Pavlikedd46102016-01-08 16:20:38 +0100521 type_name: GPFS-SILVER
Jakub Pavlik5d7df0d2016-01-06 13:08:30 +0100522 engine: gpfs
523 mount_point: '/mnt/gpfs-openstack/cinder/silver'
Kirill Bespalov01614c02017-07-31 17:06:09 +0300524
Jakub Pavlik9f5988a2016-01-11 13:44:57 +0100525Cinder setup with HP LeftHand
526
527.. code-block:: yaml
528
529 cinder:
530 volume:
531 enabled: true
532 backend:
533 HP-LeftHand:
534 type_name: normal-storage
535 engine: hp_lefthand
536 api_url: 'https://10.10.10.10:8081/lhos'
537 username: user
538 password: password
539 clustername: cluster1
540 iscsi_chap_enabled: false
541
Jakub Pavlika63764f2016-01-11 14:41:06 +0100542Extra parameters for HP LeftHand
Jakub Pavlika63764f2016-01-11 14:41:06 +0100543
Jakub Pavlik5050dda2016-01-11 16:52:32 +0100544.. code-block:: yaml
545
Kirill Bespalov01614c02017-07-31 17:06:09 +0300546 cinder type-key normal-storage set hplh:data_pl=r-10-2 hplh:provisioning=full
Jakub Pavlik5050dda2016-01-11 16:52:32 +0100547
marcodaa52fa2016-01-25 23:49:50 +0100548Cinder setup with Solidfire
Jakub Pavlik5050dda2016-01-11 16:52:32 +0100549
550.. code-block:: yaml
551
552 cinder:
553 volume:
554 enabled: true
555 backend:
556 solidfire:
557 type_name: normal-storage
558 engine: solidfire
559 san_ip: 10.10.10.10
560 san_login: user
561 san_password: password
562 clustername: cluster1
563 sf_emulate_512: false
sergio9e6387e2018-02-19 21:13:14 +0200564 sf_api_port: 14443
565 host: ctl01
Aleksieiev, Oleksii224e8ae2018-07-13 09:43:43 -0700566 #for compatibility with old versions
567 sf_account_prefix: PREFIX
Filip Pytlounda2a0792015-10-06 16:28:31 +0200568
Alexander Noskov023a0032017-06-16 09:31:59 +0200569Cinder setup with Block Device driver
570
571.. code-block:: yaml
572
573 cinder:
574 volume:
575 enabled: true
576 backend:
577 bdd:
578 engine: bdd
579 enabled: true
580 type_name: bdd
581 devices:
582 - sdb
583 - sdc
584 - sdd
585
Ondrej Smolaed6abbf2017-04-25 11:55:44 +0200586Enable cinder-backup service for ceph
Petr Michaleca1c7ff12016-11-29 16:32:50 +0100587
Ondrej Smolaed6abbf2017-04-25 11:55:44 +0200588.. code-block:: yaml
Petr Michaleca1c7ff12016-11-29 16:32:50 +0100589
Ondrej Smolaed6abbf2017-04-25 11:55:44 +0200590 cinder:
591 controller:
592 enabled: true
593 version: mitaka
594 backup:
595 engine: ceph
596 ceph_conf: "/etc/ceph/ceph.conf"
597 ceph_pool: backup
598 ceph_stripe_count: 0
599 ceph_stripe_unit: 0
600 ceph_user: cinder
601 ceph_chunk_size: 134217728
602 restore_discard_excess_bytes: false
603 volume:
604 enabled: true
605 version: mitaka
606 backup:
607 engine: ceph
608 ceph_conf: "/etc/ceph/ceph.conf"
609 ceph_pool: backup
610 ceph_stripe_count: 0
611 ceph_stripe_unit: 0
612 ceph_user: cinder
613 ceph_chunk_size: 134217728
614 restore_discard_excess_bytes: false
Kirill Bespalov01614c02017-07-31 17:06:09 +0300615
Petr Michaleca1c7ff12016-11-29 16:32:50 +0100616Enable auditing filter, ie: CADF
617
618.. code-block:: yaml
619
620 cinder:
621 controller:
622 audit:
623 enabled: true
624 ....
625 filter_factory: 'keystonemiddleware.audit:filter_factory'
626 map_file: '/etc/pycadf/cinder_api_audit_map.conf'
627 ....
628 volume:
629 audit:
630 enabled: true
631 ....
632 filter_factory: 'keystonemiddleware.audit:filter_factory'
633 map_file: '/etc/pycadf/cinder_api_audit_map.conf'
634
Michel Nederlofb8603eb2017-02-09 10:04:38 +0100635
636Cinder setup with custom availability zones:
637
638.. code-block:: yaml
639
640 cinder:
641 controller:
642 default_availability_zone: my-default-zone
643 storage_availability_zone: my-custom-zone-name
644 cinder:
645 volume:
646 default_availability_zone: my-default-zone
647 storage_availability_zone: my-custom-zone-name
648
Andrii Ostapenkob7aa34d2017-04-20 14:22:44 +0300649
650Cinder setup with custom non-admin volume query filters:
651
652.. code-block:: yaml
653
654 cinder:
655 controller:
656 query_volume_filters:
657 - name
658 - status
659 - metadata
660 - availability_zone
661 - bootable
662
663
Alexander Noskov62496fb2017-02-27 16:42:54 +0100664public_endpoint and osapi_volume_base_url parameters:
665"public_endpoint" is used for configuring versions endpoint,
666"osapi_volume_base_URL" is used to present Cinder URL to users.
667They are useful when running Cinder under load balancer in SSL.
668
669.. code-block:: yaml
670
671 cinder:
672 controller:
673 public_endpoint_address: https://${_param:cluster_domain}:8776
674
Michel Nederlofb8603eb2017-02-09 10:04:38 +0100675The default availability zone is used when a volume has been created, without specifying a zone in the create request. (this zone must exist in your configuration obviously)
676The storage availability zone is the actual zone where the node belongs to. Make sure to specify this per node.
677Check the documentation of OpenStack for more information
678
Jiri Broulik47aa6b32017-07-10 18:39:15 +0200679
680Client role
681
682.. code-block:: yaml
683
684 cinder:
685 client:
686 enabled: true
687 identity:
688 host: 127.0.0.1
689 port: 35357
690 project: service
691 user: cinder
692 password: pwd
693 protocol: http
694 endpoint_type: internalURL
695 region_name: RegionOne
696 backend:
697 ceph:
698 type_name: standard-iops
699 engine: ceph
700 key:
701 conn_speed: fibre-10G
702
Oleg Iurchenko83ee09a2017-10-17 18:24:28 +0300703Enable Barbican integration
704
705.. code-block:: yaml
706
707 cinder:
708 controller:
709 barbican:
710 enabled: true
Jiri Broulik47aa6b32017-07-10 18:39:15 +0200711
Oleg Iurchenko6fe8e5d2018-02-20 14:26:04 +0200712
713Specify Keystone API version (v3 is default):
714
715.. code-block:: yaml
716
717 cinder:
718 controller:
719 identity:
720 api_version: v2.0
721
Dmitry Kalashnik3291f542017-12-05 18:43:47 +0400722Enhanced logging with logging.conf
723----------------------------------
724
725By default logging.conf is disabled.
726
727That is possible to enable per-binary logging.conf with new variables:
728 * openstack_log_appender - set it to true to enable log_config_append for all OpenStack services;
729 * openstack_fluentd_handler_enabled - set to true to enable FluentHandler for all Openstack services.
Oleksii Chupryn688ae092018-02-07 09:49:21 +0200730 * openstack_ossyslog_handler_enabled - set to true to enable OSSysLogHandler for all Openstack services.
Dmitry Kalashnik3291f542017-12-05 18:43:47 +0400731
Oleksii Chupryn688ae092018-02-07 09:49:21 +0200732Only WatchedFileHandler, OSSysLogHandler and FluentHandler are available.
Dmitry Kalashnik3291f542017-12-05 18:43:47 +0400733
734Also it is possible to configure this with pillar:
735
736.. code-block:: yaml
737
738 cinder:
739 controller:
740 logging:
741 log_appender: true
742 log_handlers:
743 watchedfile:
744 enabled: true
745 fluentd:
746 enabled: true
Oleksii Chupryn688ae092018-02-07 09:49:21 +0200747 ossyslog:
748 enabled: true
Dmitry Kalashnik3291f542017-12-05 18:43:47 +0400749
750 volume:
751 logging:
752 log_appender: true
753 log_handlers:
754 watchedfile:
755 enabled: true
756 fluentd:
757 enabled: true
Oleksii Chupryn688ae092018-02-07 09:49:21 +0200758 ossyslog:
759 enabled: true
Dmitry Kalashnik3291f542017-12-05 18:43:47 +0400760
Jakub Pavlikb513f132016-05-20 11:11:19 +0200761Documentation and Bugs
762============================
763
764To learn how to deploy OpenStack Salt, consult the documentation available
765online at:
766
Petr Michaleca1c7ff12016-11-29 16:32:50 +0100767https://wiki.openstack.org/wiki/OpenStackSalt
Jakub Pavlikb513f132016-05-20 11:11:19 +0200768
769In the unfortunate event that bugs are discovered, they should be reported to
770the appropriate bug tracker. If you obtained the software from a 3rd party
771operating system vendor, it is often wise to use their own bug tracker for
772reporting problems. In all other cases use the master OpenStack bug tracker,
773available at:
774
775 http://bugs.launchpad.net/openstack-salt
776
777Developers wishing to work on the OpenStack Salt project should always base
778their work on the latest formulas code, available from the master GIT
779repository at:
780
781 https://git.openstack.org/cgit/openstack/salt-formula-cinder
782
783Developers should also join the discussion on the IRC list, at:
784
785 https://wiki.openstack.org/wiki/Meetings/openstack-salt
Filip Pytlounb0f5c1f2017-02-02 13:02:03 +0100786
787Documentation and Bugs
788======================
789
790To learn how to install and update salt-formulas, consult the documentation
791available online at:
792
793 http://salt-formulas.readthedocs.io/
794
795In the unfortunate event that bugs are discovered, they should be reported to
796the appropriate issue tracker. Use Github issue tracker for specific salt
797formula:
798
799 https://github.com/salt-formulas/salt-formula-cinder/issues
800
801For feature requests, bug reports or blueprints affecting entire ecosystem,
802use Launchpad salt-formulas project:
803
804 https://launchpad.net/salt-formulas
805
806You can also join salt-formulas-users team and subscribe to mailing list:
807
808 https://launchpad.net/~salt-formulas-users
809
810Developers wishing to work on the salt-formulas projects should always base
811their work on master branch and submit pull request against specific formula.
812
813 https://github.com/salt-formulas/salt-formula-cinder
814
815Any questions or feedback is always welcome so feel free to join our IRC
816channel:
817
818 #salt-formulas @ irc.freenode.net