blob: 5b601e45ecc540d9a19c13e2afd45ee66a833d50 [file] [log] [blame]
Filip Pytloun4a72d792015-10-06 16:28:32 +02001
Aleš Komárek72152852017-04-11 13:48:48 +02002============
3Nova Formula
4============
Filip Pytloun4a72d792015-10-06 16:28:32 +02005
Jakub Pavlikfcf34f82016-05-20 09:35:51 +02006OpenStack Nova provides a cloud computing fabric controller, supporting a wide
7variety of virtualization technologies, including KVM, Xen, LXC, VMware, and
8more. In addition to its native API, it includes compatibility with the
9commonly encountered Amazon EC2 and S3 APIs.
Filip Pytloun4a72d792015-10-06 16:28:32 +020010
Aleš Komárek72152852017-04-11 13:48:48 +020011Sample Pillars
Filip Pytloun4a72d792015-10-06 16:28:32 +020012==============
13
14Controller nodes
15----------------
16
17Nova services on the controller node
18
19.. code-block:: yaml
20
21 nova:
22 controller:
23 version: juno
24 enabled: true
25 security_group: true
Lachlan Evensonb72de502016-01-20 15:34:04 -080026 cpu_allocation_ratio: 8.0
27 ram_allocation_ratio: 1.0
Jiri Konecny9344a372016-03-21 19:25:48 +010028 disk_allocation_ratio: 1.0
Jiri Konecnyb5a80e42016-03-22 11:51:01 +010029 workers: 8
Jakub Pavlik617a8962016-09-04 18:50:06 +020030 report_interval: 60
Filip Pytloun4a72d792015-10-06 16:28:32 +020031 bind:
32 public_address: 10.0.0.122
33 public_name: openstack.domain.com
34 novncproxy_port: 6080
35 database:
36 engine: mysql
37 host: 127.0.0.1
38 port: 3306
39 name: nova
40 user: nova
41 password: pwd
42 identity:
43 engine: keystone
44 host: 127.0.0.1
45 port: 35357
46 user: nova
47 password: pwd
48 tenant: service
49 message_queue:
50 engine: rabbitmq
51 host: 127.0.0.1
52 port: 5672
53 user: openstack
54 password: pwd
55 virtual_host: '/openstack'
56 network:
57 engine: neutron
58 host: 127.0.0.1
59 port: 9696
Jakub Pavlik617a8962016-09-04 18:50:06 +020060 extension_sync_interval: 600
Filip Pytloun4a72d792015-10-06 16:28:32 +020061 identity:
62 engine: keystone
63 host: 127.0.0.1
64 port: 35357
65 user: neutron
66 password: pwd
67 tenant: service
68 metadata:
69 password: password
Petr Michalecaa23dc02016-11-29 16:30:25 +010070 audit:
71 enabled: false
Simon Pasquier8683b7a2017-02-03 16:00:16 +010072 osapi_max_limit: 500
Filip Pytloun4a72d792015-10-06 16:28:32 +020073
Jiri Konecnye31f2c52016-04-14 17:16:02 +020074
Filip Pytloun4a72d792015-10-06 16:28:32 +020075Nova services from custom package repository
76
77.. code-block:: yaml
78
79 nova:
80 controller:
81 version: juno
82 source:
83 engine: pkg
84 address: http://...
85 ....
86
Jiri Konecnye31f2c52016-04-14 17:16:02 +020087
88Client-side RabbitMQ HA setup
89
90.. code-block:: yaml
91
92 nova:
93 controller:
94 ....
95 message_queue:
96 engine: rabbitmq
97 members:
98 - host: 10.0.16.1
99 - host: 10.0.16.2
100 - host: 10.0.16.3
101 user: openstack
102 password: pwd
103 virtual_host: '/openstack'
104 ....
105
106
Petr Michalecaa23dc02016-11-29 16:30:25 +0100107Enable auditing filter, ie: CADF
108
109.. code-block:: yaml
110
111 nova:
112 controller:
Simon Pasquier6a3c8f72016-12-19 15:37:24 +0100113 audit:
Petr Michalecaa23dc02016-11-29 16:30:25 +0100114 enabled: true
115 ....
116 filter_factory: 'keystonemiddleware.audit:filter_factory'
117 map_file: '/etc/pycadf/nova_api_audit_map.conf'
118 ....
119
120
Ondrej Smola25b53cb2017-04-28 10:56:19 +0200121Enable CORS parameters
122
123.. code-block:: yaml
124
125 nova:
126 controller:
127 cors:
128 allowed_origin: https:localhost.local,http:localhost.local
129 expose_headers: X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token
130 allow_methods: GET,PUT,POST,DELETE,PATCH
131 allow_headers: X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token
132 allow_credentials: True
133 max_age: 86400
134
Dmitry Ukov3562a082017-05-04 00:00:48 +0400135Configuration of policy.json file
136
137.. code-block:: yaml
138
139 nova:
140 controller:
141 ....
142 policy:
143 context_is_admin: 'role:admin or role:administrator'
144 'compute:create': 'rule:admin_or_owner'
145 # Add key without value to remove line from policy.json
146 'compute:create:attach_network':
Ondrej Smola25b53cb2017-04-28 10:56:19 +0200147
Filip Pytloun4a72d792015-10-06 16:28:32 +0200148Compute nodes
149-------------
150
151Nova controller services on compute node
152
153.. code-block:: yaml
154
155 nova:
156 compute:
157 version: juno
158 enabled: true
159 virtualization: kvm
Jiri Broulik70d9e3f2017-02-15 18:37:13 +0100160 availability_zone: availability_zone_01
Damian Szelugae1922412017-04-18 16:36:46 +0200161 aggregates:
162 - hosts_with_fc
163 - hosts_with_ssd
Filip Pytloun4a72d792015-10-06 16:28:32 +0200164 security_group: true
Petr Michalecf03e4882017-04-10 10:26:18 +0200165 resume_guests_state_on_host_boot: False
Filip Pytloun4a72d792015-10-06 16:28:32 +0200166 bind:
167 vnc_address: 172.20.0.100
168 vnc_port: 6080
169 vnc_name: openstack.domain.com
170 vnc_protocol: http
171 database:
172 engine: mysql
173 host: 127.0.0.1
174 port: 3306
175 name: nova
176 user: nova
177 password: pwd
178 identity:
179 engine: keystone
180 host: 127.0.0.1
181 port: 35357
182 user: nova
183 password: pwd
184 tenant: service
185 message_queue:
186 engine: rabbitmq
187 host: 127.0.0.1
188 port: 5672
189 user: openstack
190 password: pwd
191 virtual_host: '/openstack'
192 image:
193 engine: glance
194 host: 127.0.0.1
195 port: 9292
196 network:
197 engine: neutron
198 host: 127.0.0.1
199 port: 9696
200 identity:
201 engine: keystone
202 host: 127.0.0.1
203 port: 35357
204 user: neutron
205 password: pwd
206 tenant: service
207 qemu:
208 max_files: 4096
209 max_processes: 4096
210
211Nova services on compute node with OpenContrail
212
213.. code-block:: yaml
214
215 nova:
216 compute:
217 enabled: true
218 ...
219 networking: contrail
220
Jiri Konecnye31f2c52016-04-14 17:16:02 +0200221
Filip Pytloun4a72d792015-10-06 16:28:32 +0200222Nova services on compute node with memcached caching
223
224.. code-block:: yaml
225
226 nova:
227 compute:
228 enabled: true
229 ...
230 cache:
231 engine: memcached
232 members:
233 - host: 127.0.0.1
234 port: 11211
235 - host: 127.0.0.1
236 port: 11211
237
Jiri Konecnye31f2c52016-04-14 17:16:02 +0200238
239Client-side RabbitMQ HA setup
240
241.. code-block:: yaml
242
243 nova:
244 controller:
245 ....
246 message_queue:
247 engine: rabbitmq
248 members:
249 - host: 10.0.16.1
250 - host: 10.0.16.2
251 - host: 10.0.16.3
252 user: openstack
253 password: pwd
254 virtual_host: '/openstack'
255 ....
256
maxstack39e6aca2016-05-04 13:50:13 +0000257
258Nova with ephemeral configured with Ceph
259
260.. code-block:: yaml
261
262 nova:
263 compute:
264 enabled: true
265 ...
266 ceph:
267 ephemeral: yes
268 rbd_pool: nova
269 rbd_user: nova
270 secret_uuid: 03006edd-d957-40a3-ac4c-26cd254b3731
271
272
Jiri Broulik0ce9fc92017-02-01 23:10:40 +0100273Client role
274-----------
275
Dmitry Stremkovskiy665c7282017-07-05 17:36:27 +0300276Nova configured with NFS
277
278.. code-block:: yaml
279
280 nova:
281 compute:
282 instances_path: /mnt/nova/instances
283
284 linux:
285 storage:
286 enabled: true
287 mount:
288 nfs_nova:
289 enabled: true
290 path: ${nova:compute:instances_path}
291 device: 172.31.35.145:/data
292 file_system: nfs
293 opts: rw,vers=3
294
Jiri Broulik0ce9fc92017-02-01 23:10:40 +0100295Nova flavors
296
297.. code-block:: yaml
298
299 nova:
300 client:
301 enabled: true
302 server:
303 identity:
304 flavor:
Jiri Broulik70d9e3f2017-02-15 18:37:13 +0100305 flavor1:
Jiri Broulik0ce9fc92017-02-01 23:10:40 +0100306 flavor_id: 10
307 ram: 4096
308 disk: 10
309 vcpus: 1
Jiri Broulik70d9e3f2017-02-15 18:37:13 +0100310 flavor2:
311 flavor_id: auto
312 ram: 4096
313 disk: 20
314 vcpus: 2
Jiri Broulik0ce9fc92017-02-01 23:10:40 +0100315 identity1:
316 flavor:
317 ...
318
Jiri Broulik70d9e3f2017-02-15 18:37:13 +0100319
320Availability zones
321
322.. code-block:: yaml
323
324 nova:
325 client:
326 enabled: true
327 server:
328 identity:
329 availability_zones:
330 - availability_zone_01
331 - availability_zone_02
332
Damian Szeluga5dca0f02017-04-13 17:27:15 +0200333
334
335Aggregates
336
337.. code-block:: yaml
338
339 nova:
340 client:
341 enabled: true
342 server:
343 identity:
344 aggregates:
345 - aggregate1
346 - aggregate2
347
Petr Jedinýd855ef22017-03-06 22:24:33 +0100348SR-IOV
Jakub Pavlik39a05942017-02-13 23:03:08 +0100349------
350
351Add PciPassthroughFilter into scheduler filters and NICs on specific compute nodes.
352
353.. code-block:: yaml
354
355 nova:
356 controller:
357 sriov: true
358 scheduler_default_filters: "DifferentHostFilter,RetryFilter,AvailabilityZoneFilter,RamFilter,CoreFilter,DiskFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,PciPassthroughFilter"
359
360 nova:
361 compute:
362 sriov:
363 nic_one:
364 devname: eth1
365 physical_network: physnet1
366
Jakub Pavlik26fb85c2017-02-16 22:29:22 +0100367CPU pinning & Hugepages
368-----------------------
369
370CPU pinning of virtual machine instances to dedicated physical CPU cores.
371Hugepages mount point for libvirt.
372
373.. code-block:: yaml
374
375 nova:
376 controller:
377 scheduler_default_filters: "DifferentHostFilter,RetryFilter,AvailabilityZoneFilter,RamFilter,CoreFilter,DiskFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,NUMATopologyFilter,AggregateInstanceExtraSpecsFilter"
378
379 nova:
380 compute:
381 vcpu_pin_set: 2,3,4,5
382 hugepages:
383 mount_points:
384 - path: /mnt/hugepages_1GB
385 - path: /mnt/hugepages_2MB
Jiri Broulik0ce9fc92017-02-01 23:10:40 +0100386
Michel Nederlof171c7ac2017-04-13 12:54:14 +0200387Custom Scheduler filters
388------------------------
389
390If you have a custom filter, that needs to be included in the scheduler, then you can include it like so:
391
392.. code-block:: yaml
393
394 nova:
395 controller:
396 scheduler_custom_filters:
397 - my_custom_driver.nova.scheduler.filters.my_custom_filter.MyCustomFilter
398
399 # Then add your custom filter on the end (make sure to include all other ones that you need as well)
400 scheduler_default_filters: "DifferentHostFilter,RetryFilter,AvailabilityZoneFilter,RamFilter,CoreFilter,DiskFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,PciPassthroughFilter,MyCustomFilter"
401
Michel Nederlofeb566f62017-04-21 15:37:47 +0200402Hardware Trip/Unmap Support
403---------------------------
404
405To enable TRIM support for ephemeral images (thru nova managed images), libvirt has this option.
406
407.. code-block:: yaml
408
409 nova:
410 compute:
411 libvirt:
412 hw_disk_discard: unmap
413
414In order to actually utilize this feature, the following metadata must be set on the image as well, so the SCSI unmap is supported.
415
416.. code-block:: bash
417
418 glance image-update --property hw_scsi_model=virtio-scsi <image>
419 glance image-update --property hw_disk_bus=scsi <image>
Filip Pytloun5bc9e9f2017-02-02 13:05:40 +0100420
Thom Gerdesec00afd2017-04-07 18:06:59 +0000421libvirt CPU mode
422----------------
423
424Allow setting the model of CPU that is exposed to a VM. This allows better
425support live migration between hypervisors with different hardware, among other
426things. Defaults to host-passthrough.
427
428.. code-block:: yaml
429
430 nova:
431 compute:
432 cpu_mode: host-model
433
Michel Nederloff7eefb22017-07-10 11:14:33 +0200434Nova compute workarounds
435------------------------
436
437Live snapshotting is disabled by default in nova. To enable this, it needs a manual switch.
438
439From manual:
440
441.. code-block:: yaml
442
443 # When using libvirt 1.2.2 live snapshots fail intermittently under load
444 # (likely related to concurrent libvirt/qemu operations). This config
445 # option provides a mechanism to disable live snapshot, in favor of cold
446 # snapshot, while this is resolved. Cold snapshot causes an instance
447 # outage while the guest is going through the snapshotting process.
448 #
449 # For more information, refer to the bug report:
450 #
451 # https://bugs.launchpad.net/nova/+bug/1334398
452
453Configurable pillar data:
454
455.. code-block:: yaml
456
457 nova:
458 compute:
Michel Nederlofe322ebb2017-07-10 12:29:21 +0200459 workaround:
Michel Nederloff7eefb22017-07-10 11:14:33 +0200460 disable_libvirt_livesnapshot: False
461
Michel Nederlofb51a5142017-06-27 08:31:35 +0200462Config drive options
463--------------------
464
465See example below on how to configure the options for the config drive.
466
467.. code-block:: yaml
468
469 nova:
470 compute:
471 config_drive:
472 forced: True # Default: True
473 cdrom: True # Default: False
474 format: iso9660 # Default: vfat
475 inject_password: False # Default: False
476
Thom Gerdesec00afd2017-04-07 18:06:59 +0000477
Filip Pytloun5bc9e9f2017-02-02 13:05:40 +0100478Documentation and Bugs
479======================
480
481To learn how to install and update salt-formulas, consult the documentation
482available online at:
483
484 http://salt-formulas.readthedocs.io/
485
486In the unfortunate event that bugs are discovered, they should be reported to
487the appropriate issue tracker. Use Github issue tracker for specific salt
488formula:
489
490 https://github.com/salt-formulas/salt-formula-nova/issues
491
492For feature requests, bug reports or blueprints affecting entire ecosystem,
493use Launchpad salt-formulas project:
494
495 https://launchpad.net/salt-formulas
496
497You can also join salt-formulas-users team and subscribe to mailing list:
498
499 https://launchpad.net/~salt-formulas-users
500
501Developers wishing to work on the salt-formulas projects should always base
502their work on master branch and submit pull request against specific formula.
503
504 https://github.com/salt-formulas/salt-formula-nova
505
506Any questions or feedback is always welcome so feel free to join our IRC
507channel:
508
509 #salt-formulas @ irc.freenode.net