blob: 1ae8d072e7d2a98f5018ebae7c6c1c8e8aa899bf [file] [log] [blame]
Filip Pytloun4a72d792015-10-06 16:28:32 +02001
Aleš Komárek72152852017-04-11 13:48:48 +02002============
3Nova Formula
4============
Filip Pytloun4a72d792015-10-06 16:28:32 +02005
Jakub Pavlikfcf34f82016-05-20 09:35:51 +02006OpenStack Nova provides a cloud computing fabric controller, supporting a wide
7variety of virtualization technologies, including KVM, Xen, LXC, VMware, and
8more. In addition to its native API, it includes compatibility with the
9commonly encountered Amazon EC2 and S3 APIs.
Filip Pytloun4a72d792015-10-06 16:28:32 +020010
Aleš Komárek72152852017-04-11 13:48:48 +020011Sample Pillars
Filip Pytloun4a72d792015-10-06 16:28:32 +020012==============
13
14Controller nodes
15----------------
16
17Nova services on the controller node
18
19.. code-block:: yaml
20
21 nova:
22 controller:
23 version: juno
24 enabled: true
25 security_group: true
Lachlan Evensonb72de502016-01-20 15:34:04 -080026 cpu_allocation_ratio: 8.0
27 ram_allocation_ratio: 1.0
Jiri Konecny9344a372016-03-21 19:25:48 +010028 disk_allocation_ratio: 1.0
Jiri Konecnyb5a80e42016-03-22 11:51:01 +010029 workers: 8
Jakub Pavlik617a8962016-09-04 18:50:06 +020030 report_interval: 60
Filip Pytloun4a72d792015-10-06 16:28:32 +020031 bind:
32 public_address: 10.0.0.122
33 public_name: openstack.domain.com
34 novncproxy_port: 6080
35 database:
36 engine: mysql
37 host: 127.0.0.1
38 port: 3306
39 name: nova
40 user: nova
41 password: pwd
42 identity:
43 engine: keystone
44 host: 127.0.0.1
45 port: 35357
46 user: nova
47 password: pwd
48 tenant: service
49 message_queue:
50 engine: rabbitmq
51 host: 127.0.0.1
52 port: 5672
53 user: openstack
54 password: pwd
55 virtual_host: '/openstack'
56 network:
57 engine: neutron
58 host: 127.0.0.1
59 port: 9696
Jakub Pavlik617a8962016-09-04 18:50:06 +020060 extension_sync_interval: 600
Filip Pytloun4a72d792015-10-06 16:28:32 +020061 identity:
62 engine: keystone
63 host: 127.0.0.1
64 port: 35357
65 user: neutron
66 password: pwd
67 tenant: service
68 metadata:
69 password: password
Petr Michalecaa23dc02016-11-29 16:30:25 +010070 audit:
71 enabled: false
Simon Pasquier8683b7a2017-02-03 16:00:16 +010072 osapi_max_limit: 500
Filip Pytloun4a72d792015-10-06 16:28:32 +020073
Jiri Konecnye31f2c52016-04-14 17:16:02 +020074
Filip Pytloun4a72d792015-10-06 16:28:32 +020075Nova services from custom package repository
76
77.. code-block:: yaml
78
79 nova:
80 controller:
81 version: juno
82 source:
83 engine: pkg
84 address: http://...
85 ....
86
Jiri Konecnye31f2c52016-04-14 17:16:02 +020087
88Client-side RabbitMQ HA setup
89
90.. code-block:: yaml
91
92 nova:
93 controller:
94 ....
95 message_queue:
96 engine: rabbitmq
97 members:
98 - host: 10.0.16.1
99 - host: 10.0.16.2
100 - host: 10.0.16.3
101 user: openstack
102 password: pwd
103 virtual_host: '/openstack'
104 ....
105
106
Petr Michalecaa23dc02016-11-29 16:30:25 +0100107Enable auditing filter, ie: CADF
108
109.. code-block:: yaml
110
111 nova:
112 controller:
Simon Pasquier6a3c8f72016-12-19 15:37:24 +0100113 audit:
Petr Michalecaa23dc02016-11-29 16:30:25 +0100114 enabled: true
115 ....
116 filter_factory: 'keystonemiddleware.audit:filter_factory'
117 map_file: '/etc/pycadf/nova_api_audit_map.conf'
118 ....
119
120
Ondrej Smola25b53cb2017-04-28 10:56:19 +0200121Enable CORS parameters
122
123.. code-block:: yaml
124
125 nova:
126 controller:
127 cors:
128 allowed_origin: https:localhost.local,http:localhost.local
129 expose_headers: X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token
130 allow_methods: GET,PUT,POST,DELETE,PATCH
131 allow_headers: X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token
132 allow_credentials: True
133 max_age: 86400
134
Dmitry Ukov3562a082017-05-04 00:00:48 +0400135Configuration of policy.json file
136
137.. code-block:: yaml
138
139 nova:
140 controller:
141 ....
142 policy:
143 context_is_admin: 'role:admin or role:administrator'
144 'compute:create': 'rule:admin_or_owner'
145 # Add key without value to remove line from policy.json
146 'compute:create:attach_network':
Ondrej Smola25b53cb2017-04-28 10:56:19 +0200147
Filip Pytloun4a72d792015-10-06 16:28:32 +0200148Compute nodes
149-------------
150
151Nova controller services on compute node
152
153.. code-block:: yaml
154
155 nova:
156 compute:
157 version: juno
158 enabled: true
159 virtualization: kvm
Jiri Broulik70d9e3f2017-02-15 18:37:13 +0100160 availability_zone: availability_zone_01
Damian Szelugae1922412017-04-18 16:36:46 +0200161 aggregates:
162 - hosts_with_fc
163 - hosts_with_ssd
Filip Pytloun4a72d792015-10-06 16:28:32 +0200164 security_group: true
Petr Michalecf03e4882017-04-10 10:26:18 +0200165 resume_guests_state_on_host_boot: False
Filip Pytloun4a72d792015-10-06 16:28:32 +0200166 bind:
167 vnc_address: 172.20.0.100
168 vnc_port: 6080
169 vnc_name: openstack.domain.com
170 vnc_protocol: http
171 database:
172 engine: mysql
173 host: 127.0.0.1
174 port: 3306
175 name: nova
176 user: nova
177 password: pwd
178 identity:
179 engine: keystone
180 host: 127.0.0.1
181 port: 35357
182 user: nova
183 password: pwd
184 tenant: service
185 message_queue:
186 engine: rabbitmq
187 host: 127.0.0.1
188 port: 5672
189 user: openstack
190 password: pwd
191 virtual_host: '/openstack'
192 image:
193 engine: glance
194 host: 127.0.0.1
195 port: 9292
196 network:
197 engine: neutron
198 host: 127.0.0.1
199 port: 9696
200 identity:
201 engine: keystone
202 host: 127.0.0.1
203 port: 35357
204 user: neutron
205 password: pwd
206 tenant: service
207 qemu:
208 max_files: 4096
209 max_processes: 4096
210
211Nova services on compute node with OpenContrail
212
213.. code-block:: yaml
214
215 nova:
216 compute:
217 enabled: true
218 ...
219 networking: contrail
220
Jiri Konecnye31f2c52016-04-14 17:16:02 +0200221
Filip Pytloun4a72d792015-10-06 16:28:32 +0200222Nova services on compute node with memcached caching
223
224.. code-block:: yaml
225
226 nova:
227 compute:
228 enabled: true
229 ...
230 cache:
231 engine: memcached
232 members:
233 - host: 127.0.0.1
234 port: 11211
235 - host: 127.0.0.1
236 port: 11211
237
Jiri Konecnye31f2c52016-04-14 17:16:02 +0200238
239Client-side RabbitMQ HA setup
240
241.. code-block:: yaml
242
243 nova:
244 controller:
245 ....
246 message_queue:
247 engine: rabbitmq
248 members:
249 - host: 10.0.16.1
250 - host: 10.0.16.2
251 - host: 10.0.16.3
252 user: openstack
253 password: pwd
254 virtual_host: '/openstack'
255 ....
256
maxstack39e6aca2016-05-04 13:50:13 +0000257
258Nova with ephemeral configured with Ceph
259
260.. code-block:: yaml
261
262 nova:
263 compute:
264 enabled: true
265 ...
266 ceph:
267 ephemeral: yes
268 rbd_pool: nova
269 rbd_user: nova
270 secret_uuid: 03006edd-d957-40a3-ac4c-26cd254b3731
271
272
Jiri Broulik0ce9fc92017-02-01 23:10:40 +0100273Client role
274-----------
275
276Nova flavors
277
278.. code-block:: yaml
279
280 nova:
281 client:
282 enabled: true
283 server:
284 identity:
285 flavor:
Jiri Broulik70d9e3f2017-02-15 18:37:13 +0100286 flavor1:
Jiri Broulik0ce9fc92017-02-01 23:10:40 +0100287 flavor_id: 10
288 ram: 4096
289 disk: 10
290 vcpus: 1
Jiri Broulik70d9e3f2017-02-15 18:37:13 +0100291 flavor2:
292 flavor_id: auto
293 ram: 4096
294 disk: 20
295 vcpus: 2
Jiri Broulik0ce9fc92017-02-01 23:10:40 +0100296 identity1:
297 flavor:
298 ...
299
Jiri Broulik70d9e3f2017-02-15 18:37:13 +0100300
301Availability zones
302
303.. code-block:: yaml
304
305 nova:
306 client:
307 enabled: true
308 server:
309 identity:
310 availability_zones:
311 - availability_zone_01
312 - availability_zone_02
313
Damian Szeluga5dca0f02017-04-13 17:27:15 +0200314
315
316Aggregates
317
318.. code-block:: yaml
319
320 nova:
321 client:
322 enabled: true
323 server:
324 identity:
325 aggregates:
326 - aggregate1
327 - aggregate2
328
Petr Jedinýd855ef22017-03-06 22:24:33 +0100329SR-IOV
Jakub Pavlik39a05942017-02-13 23:03:08 +0100330------
331
332Add PciPassthroughFilter into scheduler filters and NICs on specific compute nodes.
333
334.. code-block:: yaml
335
336 nova:
337 controller:
338 sriov: true
339 scheduler_default_filters: "DifferentHostFilter,RetryFilter,AvailabilityZoneFilter,RamFilter,CoreFilter,DiskFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,PciPassthroughFilter"
340
341 nova:
342 compute:
343 sriov:
344 nic_one:
345 devname: eth1
346 physical_network: physnet1
347
Jakub Pavlik26fb85c2017-02-16 22:29:22 +0100348CPU pinning & Hugepages
349-----------------------
350
351CPU pinning of virtual machine instances to dedicated physical CPU cores.
352Hugepages mount point for libvirt.
353
354.. code-block:: yaml
355
356 nova:
357 controller:
358 scheduler_default_filters: "DifferentHostFilter,RetryFilter,AvailabilityZoneFilter,RamFilter,CoreFilter,DiskFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,NUMATopologyFilter,AggregateInstanceExtraSpecsFilter"
359
360 nova:
361 compute:
362 vcpu_pin_set: 2,3,4,5
363 hugepages:
364 mount_points:
365 - path: /mnt/hugepages_1GB
366 - path: /mnt/hugepages_2MB
Jiri Broulik0ce9fc92017-02-01 23:10:40 +0100367
Michel Nederlof171c7ac2017-04-13 12:54:14 +0200368Custom Scheduler filters
369------------------------
370
371If you have a custom filter, that needs to be included in the scheduler, then you can include it like so:
372
373.. code-block:: yaml
374
375 nova:
376 controller:
377 scheduler_custom_filters:
378 - my_custom_driver.nova.scheduler.filters.my_custom_filter.MyCustomFilter
379
380 # Then add your custom filter on the end (make sure to include all other ones that you need as well)
381 scheduler_default_filters: "DifferentHostFilter,RetryFilter,AvailabilityZoneFilter,RamFilter,CoreFilter,DiskFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,PciPassthroughFilter,MyCustomFilter"
382
Michel Nederlofeb566f62017-04-21 15:37:47 +0200383Hardware Trip/Unmap Support
384---------------------------
385
386To enable TRIM support for ephemeral images (thru nova managed images), libvirt has this option.
387
388.. code-block:: yaml
389
390 nova:
391 compute:
392 libvirt:
393 hw_disk_discard: unmap
394
395In order to actually utilize this feature, the following metadata must be set on the image as well, so the SCSI unmap is supported.
396
397.. code-block:: bash
398
399 glance image-update --property hw_scsi_model=virtio-scsi <image>
400 glance image-update --property hw_disk_bus=scsi <image>
Filip Pytloun5bc9e9f2017-02-02 13:05:40 +0100401
Thom Gerdesec00afd2017-04-07 18:06:59 +0000402libvirt CPU mode
403----------------
404
405Allow setting the model of CPU that is exposed to a VM. This allows better
406support live migration between hypervisors with different hardware, among other
407things. Defaults to host-passthrough.
408
409.. code-block:: yaml
410
411 nova:
412 compute:
413 cpu_mode: host-model
414
Michel Nederloff7eefb22017-07-10 11:14:33 +0200415Nova compute workarounds
416------------------------
417
418Live snapshotting is disabled by default in nova. To enable this, it needs a manual switch.
419
420From manual:
421
422.. code-block:: yaml
423
424 # When using libvirt 1.2.2 live snapshots fail intermittently under load
425 # (likely related to concurrent libvirt/qemu operations). This config
426 # option provides a mechanism to disable live snapshot, in favor of cold
427 # snapshot, while this is resolved. Cold snapshot causes an instance
428 # outage while the guest is going through the snapshotting process.
429 #
430 # For more information, refer to the bug report:
431 #
432 # https://bugs.launchpad.net/nova/+bug/1334398
433
434Configurable pillar data:
435
436.. code-block:: yaml
437
438 nova:
439 compute:
Michel Nederlofe322ebb2017-07-10 12:29:21 +0200440 workaround:
Michel Nederloff7eefb22017-07-10 11:14:33 +0200441 disable_libvirt_livesnapshot: False
442
Thom Gerdesec00afd2017-04-07 18:06:59 +0000443
Filip Pytloun5bc9e9f2017-02-02 13:05:40 +0100444Documentation and Bugs
445======================
446
447To learn how to install and update salt-formulas, consult the documentation
448available online at:
449
450 http://salt-formulas.readthedocs.io/
451
452In the unfortunate event that bugs are discovered, they should be reported to
453the appropriate issue tracker. Use Github issue tracker for specific salt
454formula:
455
456 https://github.com/salt-formulas/salt-formula-nova/issues
457
458For feature requests, bug reports or blueprints affecting entire ecosystem,
459use Launchpad salt-formulas project:
460
461 https://launchpad.net/salt-formulas
462
463You can also join salt-formulas-users team and subscribe to mailing list:
464
465 https://launchpad.net/~salt-formulas-users
466
467Developers wishing to work on the salt-formulas projects should always base
468their work on master branch and submit pull request against specific formula.
469
470 https://github.com/salt-formulas/salt-formula-nova
471
472Any questions or feedback is always welcome so feel free to join our IRC
473channel:
474
475 #salt-formulas @ irc.freenode.net