blob: bd71fd6b81c7c39f076e8abfe000f171d9f81b2c [file] [log] [blame]
==================================
Gnocchi Formula
==================================
Service Gnocchi description
Gnocchi is an open-source time series database. The problem that Gnocchi solves
is the storage and indexing of time series data and resources at a large scale.
This is useful in modern cloud platforms which are not only huge but also are
dynamic and potentially multi-tenant. Gnocchi takes all of that into account.
Sample Pillars
==============
.. note::
Before deploying gnocchi, Apache2 should be configured to serve wsgi vhost for Gnocchi API.
Example of Apache pillar with Gnocchi site:
.. code-block:: yaml
apache:
server:
enabled: true
default_mpm: event
mpm:
prefork:
enabled: true
servers:
start: 5
spare:
min: 2
max: 10
max_requests: 0
max_clients: 20
limit: 20
site:
gnocchi:
enabled: false
available: true
type: wsgi
name: gnocchi
host:
name: gnocchi.site.com
address: 127.0.0.1
port: 8041
log:
custom:
format: >-
%v:%p %{X-Forwarded-For}i %h %l %u %t \"%r\" %>s %D %O \"%{Referer}i\" \"%{User-Agent}i\"
wsgi:
daemon_process: gnocchi-api
processes: ${_param:gnocchi_api_workers}
threads: 10
user: gnocchi
group: gnocchi
display_name: '%{GROUP}'
script_alias: '/ /usr/bin/gnocchi-api'
application_group: '%{GLOBAL}'
authorization: 'On'
pkgs:
- apache2
modules:
- wsgi
Single Gnocchi service with file storage backend
gnocchi:
server:
enabled: true
version: 4.0
database:
engine: mysql
host: 127.0.0.1
name: gnocchi
password: workshop
user: gnocchi
storage:
aggregation_workers: 2
driver: file
file_basepath: /var/lib/gnocchi
coordination_backend:
url: redis://127.0.0.1:6379/
bind:
address: 127.0.0.1
port: 8041
api:
auth_mode: keystone
identity:
engine: keystone
region: RegionOne
protocol: http
host: 127.0.0.1
port: 35357
user: gnocchi
password: 127.0.0.1
cache:
engine: memcached
members:
- host: 127.0.0.1
port: 11211
Single Gnocchi service with redis storage backend
.. code-block:: yaml
gnocchi:
server:
enabled: true
version: 4.0
database:
engine: mysql
host: 127.0.0.1
name: gnocchi
password: workshop
user: gnocchi
storage:
aggregation_workers: 2
driver: redis
redis_url: redis://127.0.0.1:6379/
coordination_backend:
url: redis://127.0.0.1:6379/
bind:
address: 127.0.0.1
port: 8041
api:
auth_mode: keystone
identity:
engine: keystone
region: RegionOne
protocol: http
host: 127.0.0.1
port: 35357
user: gnocchi
password: 127.0.0.1
cache:
engine: memcached
members:
- host: 127.0.0.1
port: 11211
Single Gnocchi service with redis backend for incoming storage and file backend for aggregated storage
.. code-block:: yaml
gnocchi:
server:
enabled: true
version: 4.0
database:
engine: mysql
host: 127.0.0.1
name: gnocchi
password: workshop
user: gnocchi
storage:
aggregation_workers: 2
driver: file
file_basepath: /var/lib/gnocchi
incoming:
driver: redis
redis_url: redis://127.0.0.1:6379/
coordination_backend:
url: redis://127.0.0.1:6379/
bind:
address: 127.0.0.1
port: 8041
api:
auth_mode: keystone
identity:
engine: keystone
region: RegionOne
protocol: http
host: 127.0.0.1
port: 35357
user: gnocchi
password: 127.0.0.1
cache:
engine: memcached
members:
- host: 127.0.0.1
port: 11211
Single Gnocchi service with Gnocchi statsd on the same node:
.. code-block:: yaml
gnocchi:
common:
version: 4.0
database:
engine: mysql
host: 127.0.0.1
name: gnocchi
password: workshop
user: gnocchi
storage:
aggregation_workers: 2
driver: redis
redis_url: redis://127.0.0.1/test
coordination_backend:
url: redis://127.0.0.1/test
server:
enabled: true
bind:
address: 127.0.0.1
port: 8041
api:
auth_mode: keystone
workers: 5
identity:
engine: keystone
region: RegionOne
protocol: http
host: 127.0.0.1
port: 35357
user: gnocchi
password: workshop
tenant: service
cache:
engine: memcached
members:
- host: 127.0.0.1
port: 11211
metricd:
workers: 5
statsd:
resource_id: 07f26121-5777-48ba-8a0b-d70468133dd9
enabled: true
bind:
address: 127.0.0.1
port: 8125
Gnocchi archive policy definition example:
.. code-block:: yaml
gnocchi:
client:
enabled: True
resources:
v1:
enabled: true
cloud_name: admin_identity
archive_policies:
test_policy:
definition:
- granularity: '1h'
points: 10
timespan: '10h'
- granularity: '2h'
points: 10
timespan: '20h'
aggregation_methods:
- mean
- max
back_window: 2
rules:
test_policy_rule1:
metric_pattern: 'fo.*'
test_policy_rule2:
metric_pattern: 'foo2.*'
Configuration of policy.json file:
.. code-block:: yaml
gnocchi:
server:
...
policy:
'resource_owner': 'project_id:%(project_id)s'
'get status': 'role:admin'
# Add key without value to remove line from policy.json
'list resource type':
=======
Gnocchi logging configuration
----------------------------------
For enable fluend logging use
.. code-block:: yaml
gnocchi:
_support:
fluentd:
enabled: true
.. note:: Gnocchi doesnt support oslo.log options. So we cant use
log_appender and log_handlers options
For change log_level or other log options
.. code-block:: yaml
gnocchi:
common:
debug: true
use_syslog: true
use_journal: true
log_dir: /var/log/gnocchi
log_file: gnocchi.log
Enable x509 and ssl communication between Gnocchi and Galera cluster.
---------------------
By default communication between Gnocchi and Galera is unsecure.
gnocchi:
common:
database:
x509:
enabled: True
You able to set custom certificates in pillar:
gnocchi:
common:
database:
x509:
cacert: (certificate content)
cert: (certificate content)
key: (certificate content)
You can read more about it here:
https://docs.openstack.org/security-guide/databases/database-access-control.html
Gnocchi server with memcached caching and security strategy:
-----------------------------
.. code-block:: yaml
gnocchi:
server:
enabled: true
...
cache:
engine: memcached
members:
- host: 127.0.0.1
port: 11211
- host: 127.0.0.1
port: 11211
security:
enabled: true
strategy: ENCRYPT
secret_key: secret
Setup redis coordination_backend url:
---------------------------
.. code-block:: yaml
gnocchi:
common:
coordination_backend:
engine: redis
redis:
password: pswd
user: openstack
db: '0'
sentinel:
host: 127.0.0.1
master_name: master_1
fallback:
- host: 127.0.1.1
- host: 127.0.2.1
Setup redis storage url:
-----------------------
.. code-block:: yaml
gnocchi:
common:
storage:
driver: redis
redis:
password: pswd
user: openstack
db: '0'
sentinel:
host: 127.0.0.1
master_name: master_1
fallback:
- host: 127.0.1.1
- host: 127.0.2.1
Setup redis incoming storage url:
---------------------------
.. code-block:: yaml
gnocchi:
common:
storage:
incoming:
driver: redis
redis:
password: pswd
user: openstack
db: '0'
sentinel:
host: 127.0.0.1
master_name: master_1
fallback:
- host: 127.0.1.1
- host: 127.0.2.1
Change default options using configmap template settings
========================================================
.. code-block:: yaml
gnocchi:
common:
configmap:
DEFAULT:
debug: false
verbose: true
server:
configmap:
DEFAULT:
debug: false
verbose: true
api:
paste_config: api-paste.ini
max_limit: 1000
statsd:
configmap:
DEFAULT:
debug: false
verbose: true
statsd:
host: 0.0.0.0
port: 8125
Change files/directories permissions for gnocchi service:
=======================================
In order to change file permissions the following should be set:
'files' - block to set permissions for files.
- full path to file
- user ( default value is 'root' ) this parameter is optional.
- group ( default value is 'gnocchi' ) this parameter is optional
- mode ( default value is '0640' ) this parameter is optional
'directories' - block to set permissions for directories.
- full path to directory
- user ( default value is 'root' ) this parameter is optional
- group ( default value is 'gnocchi' ) this parameter is optional
- mode ( default value is '0750' ) this parameter is optional
.. code-block:: yaml
gnocchi:
files:
/etc/gnocchi/gnocchi.conf:
user: 'root'
group: 'gnocchi'
mode: '0750'
directories:
/etc/gnocchi:
user: 'root'
group: 'gnocchi'
mode: '0750'
More Information
================
* https://gnocchi.xyz/