root / docs / admin-guide.rst @ 2e1e6844
History | View | Annotate | Download (9.9 kB)
1 | bc055d09 | Constantinos Venetsanopoulos | .. _admin-guide: |
---|---|---|---|
2 | bc055d09 | Constantinos Venetsanopoulos | |
3 | bc055d09 | Constantinos Venetsanopoulos | Synnefo Administrator's Guide |
4 | bc055d09 | Constantinos Venetsanopoulos | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ |
5 | bc055d09 | Constantinos Venetsanopoulos | |
6 | bc055d09 | Constantinos Venetsanopoulos | This is the complete Synnefo Administrator's Guide. |
7 | bc055d09 | Constantinos Venetsanopoulos | |
8 | bc055d09 | Constantinos Venetsanopoulos | Common administrative tasks |
9 | bc055d09 | Constantinos Venetsanopoulos | =========================== |
10 | bc055d09 | Constantinos Venetsanopoulos | |
11 | bc055d09 | Constantinos Venetsanopoulos | If you installed Synnefo successfully and have a working deployment, here are |
12 | bc055d09 | Constantinos Venetsanopoulos | some common administrative tasks that you may find useful. |
13 | bc055d09 | Constantinos Venetsanopoulos | |
14 | f846d8df | Constantinos Venetsanopoulos | |
15 | f846d8df | Constantinos Venetsanopoulos | .. _user_activation: |
16 | f846d8df | Constantinos Venetsanopoulos | |
17 | f846d8df | Constantinos Venetsanopoulos | User activation |
18 | f846d8df | Constantinos Venetsanopoulos | --------------- |
19 | f846d8df | Constantinos Venetsanopoulos | |
20 | f846d8df | Constantinos Venetsanopoulos | When a new user signs up, he/she is not marked as active. You can see his/her |
21 | f846d8df | Constantinos Venetsanopoulos | state by running (on the machine that runs the Astakos app): |
22 | f846d8df | Constantinos Venetsanopoulos | |
23 | f846d8df | Constantinos Venetsanopoulos | .. code-block:: console |
24 | f846d8df | Constantinos Venetsanopoulos | |
25 | f846d8df | Constantinos Venetsanopoulos | $ snf-manage listusers |
26 | f846d8df | Constantinos Venetsanopoulos | |
27 | f846d8df | Constantinos Venetsanopoulos | There are two different ways to activate a new user. Both need access to a |
28 | f846d8df | Constantinos Venetsanopoulos | running mail server. Your mail server should be defined in the |
29 | 382ca20a | Constantinos Venetsanopoulos | ``/etc/synnefo/00-snf-common-admins.conf`` related constants. At least: |
30 | 382ca20a | Constantinos Venetsanopoulos | |
31 | 382ca20a | Constantinos Venetsanopoulos | .. code-block:: console |
32 | 382ca20a | Constantinos Venetsanopoulos | |
33 | 382ca20a | Constantinos Venetsanopoulos | EMAIL_HOST = "my_mail_server.example.com" |
34 | 382ca20a | Constantinos Venetsanopoulos | EMAIL_PORT = "25" |
35 | f846d8df | Constantinos Venetsanopoulos | |
36 | f846d8df | Constantinos Venetsanopoulos | Manual activation |
37 | f846d8df | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~ |
38 | f846d8df | Constantinos Venetsanopoulos | |
39 | f846d8df | Constantinos Venetsanopoulos | You can manually activate a new user that has already signed up, by sending |
40 | f846d8df | Constantinos Venetsanopoulos | him/her an activation email. The email will contain an approriate activation |
41 | f846d8df | Constantinos Venetsanopoulos | link, which will complete the activation process if followed. You can send the |
42 | f846d8df | Constantinos Venetsanopoulos | email by running: |
43 | f846d8df | Constantinos Venetsanopoulos | |
44 | f846d8df | Constantinos Venetsanopoulos | .. code-block:: console |
45 | f846d8df | Constantinos Venetsanopoulos | |
46 | f846d8df | Constantinos Venetsanopoulos | $ snf-manage sendactivation <user ID or email> |
47 | f846d8df | Constantinos Venetsanopoulos | |
48 | f846d8df | Constantinos Venetsanopoulos | Be sure to have already setup your mail server and defined it in your synnefo |
49 | f846d8df | Constantinos Venetsanopoulos | settings, before running the command. |
50 | f846d8df | Constantinos Venetsanopoulos | |
51 | f846d8df | Constantinos Venetsanopoulos | Automatic activation |
52 | f846d8df | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~~~ |
53 | f846d8df | Constantinos Venetsanopoulos | |
54 | f846d8df | Constantinos Venetsanopoulos | |
55 | bc055d09 | Constantinos Venetsanopoulos | The "kamaki" API client |
56 | bc055d09 | Constantinos Venetsanopoulos | ----------------------- |
57 | bc055d09 | Constantinos Venetsanopoulos | |
58 | bc055d09 | Constantinos Venetsanopoulos | To upload, register or modify an image you will need the **kamaki** tool. |
59 | bc055d09 | Constantinos Venetsanopoulos | Before proceeding make sure that it is configured properly. Verify that |
60 | bc055d09 | Constantinos Venetsanopoulos | *image_url*, *storage_url*, and *token* are set as needed: |
61 | bc055d09 | Constantinos Venetsanopoulos | |
62 | bc055d09 | Constantinos Venetsanopoulos | .. code-block:: console |
63 | bc055d09 | Constantinos Venetsanopoulos | |
64 | bc055d09 | Constantinos Venetsanopoulos | $ kamaki config list |
65 | bc055d09 | Constantinos Venetsanopoulos | |
66 | bc055d09 | Constantinos Venetsanopoulos | To chage a setting use ``kamaki config set``: |
67 | bc055d09 | Constantinos Venetsanopoulos | |
68 | bc055d09 | Constantinos Venetsanopoulos | .. code-block:: console |
69 | bc055d09 | Constantinos Venetsanopoulos | |
70 | bc055d09 | Constantinos Venetsanopoulos | $ kamaki config set image_url https://cyclades.example.com/plankton |
71 | bc055d09 | Constantinos Venetsanopoulos | $ kamaki config set storage_url https://pithos.example.com/v1 |
72 | bc055d09 | Constantinos Venetsanopoulos | $ kamaki config set token ... |
73 | bc055d09 | Constantinos Venetsanopoulos | |
74 | bc055d09 | Constantinos Venetsanopoulos | Upload Image |
75 | bc055d09 | Constantinos Venetsanopoulos | ------------ |
76 | bc055d09 | Constantinos Venetsanopoulos | |
77 | bc055d09 | Constantinos Venetsanopoulos | As a shortcut, you can configure a default account and container that will be |
78 | bc055d09 | Constantinos Venetsanopoulos | used by the ``kamaki store`` commands: |
79 | bc055d09 | Constantinos Venetsanopoulos | |
80 | bc055d09 | Constantinos Venetsanopoulos | .. code-block:: console |
81 | bc055d09 | Constantinos Venetsanopoulos | |
82 | bc055d09 | Constantinos Venetsanopoulos | $ kamaki config set storage_account images@example.com |
83 | bc055d09 | Constantinos Venetsanopoulos | $ kamaki config set storage_container images |
84 | bc055d09 | Constantinos Venetsanopoulos | |
85 | bc055d09 | Constantinos Venetsanopoulos | If the container does not exist, you will have to create it before uploading |
86 | bc055d09 | Constantinos Venetsanopoulos | any images: |
87 | bc055d09 | Constantinos Venetsanopoulos | |
88 | bc055d09 | Constantinos Venetsanopoulos | .. code-block:: console |
89 | bc055d09 | Constantinos Venetsanopoulos | |
90 | bc055d09 | Constantinos Venetsanopoulos | $ kamaki store create images |
91 | bc055d09 | Constantinos Venetsanopoulos | |
92 | bc055d09 | Constantinos Venetsanopoulos | You are now ready to upload an image. You can upload it with a Pithos+ client, |
93 | bc055d09 | Constantinos Venetsanopoulos | or use kamaki directly: |
94 | bc055d09 | Constantinos Venetsanopoulos | |
95 | bc055d09 | Constantinos Venetsanopoulos | .. code-block:: console |
96 | bc055d09 | Constantinos Venetsanopoulos | |
97 | bc055d09 | Constantinos Venetsanopoulos | $ kamaki store upload ubuntu.iso |
98 | bc055d09 | Constantinos Venetsanopoulos | |
99 | bc055d09 | Constantinos Venetsanopoulos | You can use any Pithos+ client to verify that the image was uploaded correctly. |
100 | bc055d09 | Constantinos Venetsanopoulos | The full Pithos URL for the previous example will be |
101 | bc055d09 | Constantinos Venetsanopoulos | ``pithos://images@example.com/images/ubuntu.iso``. |
102 | bc055d09 | Constantinos Venetsanopoulos | |
103 | bc055d09 | Constantinos Venetsanopoulos | |
104 | bc055d09 | Constantinos Venetsanopoulos | Register Image |
105 | bc055d09 | Constantinos Venetsanopoulos | -------------- |
106 | bc055d09 | Constantinos Venetsanopoulos | |
107 | bc055d09 | Constantinos Venetsanopoulos | To register an image you will need to use the full Pithos+ URL. To register as |
108 | bc055d09 | Constantinos Venetsanopoulos | a public image the one from the previous example use: |
109 | bc055d09 | Constantinos Venetsanopoulos | |
110 | bc055d09 | Constantinos Venetsanopoulos | .. code-block:: console |
111 | bc055d09 | Constantinos Venetsanopoulos | |
112 | bc055d09 | Constantinos Venetsanopoulos | $ kamaki glance register Ubuntu pithos://images@example.com/images/ubuntu.iso --public |
113 | bc055d09 | Constantinos Venetsanopoulos | |
114 | bc055d09 | Constantinos Venetsanopoulos | The ``--public`` flag is important, if missing the registered image will not |
115 | bc055d09 | Constantinos Venetsanopoulos | be listed by ``kamaki glance list``. |
116 | bc055d09 | Constantinos Venetsanopoulos | |
117 | bc055d09 | Constantinos Venetsanopoulos | Use ``kamaki glance register`` with no arguments to see a list of available |
118 | bc055d09 | Constantinos Venetsanopoulos | options. A more complete example would be the following: |
119 | bc055d09 | Constantinos Venetsanopoulos | |
120 | bc055d09 | Constantinos Venetsanopoulos | .. code-block:: console |
121 | bc055d09 | Constantinos Venetsanopoulos | |
122 | bc055d09 | Constantinos Venetsanopoulos | $ kamaki glance register Ubuntu pithos://images@example.com/images/ubuntu.iso \ |
123 | bc055d09 | Constantinos Venetsanopoulos | --public --disk-format diskdump --property kernel=3.1.2 |
124 | bc055d09 | Constantinos Venetsanopoulos | |
125 | bc055d09 | Constantinos Venetsanopoulos | To verify that the image was registered successfully use: |
126 | bc055d09 | Constantinos Venetsanopoulos | |
127 | bc055d09 | Constantinos Venetsanopoulos | .. code-block:: console |
128 | bc055d09 | Constantinos Venetsanopoulos | |
129 | bc055d09 | Constantinos Venetsanopoulos | $ kamaki glance list -l |
130 | bc055d09 | Constantinos Venetsanopoulos | |
131 | bc055d09 | Constantinos Venetsanopoulos | |
132 | bc055d09 | Constantinos Venetsanopoulos | Admin tool: snf-manage |
133 | bc055d09 | Constantinos Venetsanopoulos | ---------------------- |
134 | bc055d09 | Constantinos Venetsanopoulos | |
135 | bc055d09 | Constantinos Venetsanopoulos | ``snf-manage`` is a tool used to perform various administrative tasks. It needs |
136 | bc055d09 | Constantinos Venetsanopoulos | to be able to access the django database, so the following should be able to |
137 | bc055d09 | Constantinos Venetsanopoulos | import the Django settings. |
138 | bc055d09 | Constantinos Venetsanopoulos | |
139 | bc055d09 | Constantinos Venetsanopoulos | Additionally, administrative tasks can be performed via the admin web interface |
140 | e18edd26 | Constantinos Venetsanopoulos | located in /admin. Only users of type ADMIN can access the admin pages. To |
141 | e18edd26 | Constantinos Venetsanopoulos | change the type of a user to ADMIN, snf-admin can be used: |
142 | bc055d09 | Constantinos Venetsanopoulos | |
143 | bc055d09 | Constantinos Venetsanopoulos | .. code-block:: console |
144 | bc055d09 | Constantinos Venetsanopoulos | |
145 | 7a3439cf | Constantinos Venetsanopoulos | $ snf-manage user-modify 42 --type ADMIN |
146 | bc055d09 | Constantinos Venetsanopoulos | |
147 | e18edd26 | Constantinos Venetsanopoulos | |
148 | e18edd26 | Constantinos Venetsanopoulos | Adding Astakos "Terms of Use" |
149 | e18edd26 | Constantinos Venetsanopoulos | ----------------------------- |
150 | e18edd26 | Constantinos Venetsanopoulos | |
151 | e18edd26 | Constantinos Venetsanopoulos | Astakos supports versioned terms-of-use. First of all you need to create an |
152 | e18edd26 | Constantinos Venetsanopoulos | html file that will contain your terms. For example, create the file |
153 | e18edd26 | Constantinos Venetsanopoulos | ``/usr/share/synnefo/sample-terms.html``, which contains the following: |
154 | e18edd26 | Constantinos Venetsanopoulos | |
155 | e18edd26 | Constantinos Venetsanopoulos | .. code-block:: console |
156 | e18edd26 | Constantinos Venetsanopoulos | |
157 | e18edd26 | Constantinos Venetsanopoulos | <h1>~okeanos terms</h1> |
158 | e18edd26 | Constantinos Venetsanopoulos | |
159 | e18edd26 | Constantinos Venetsanopoulos | These are the example terms for ~okeanos |
160 | e18edd26 | Constantinos Venetsanopoulos | |
161 | e18edd26 | Constantinos Venetsanopoulos | Then, add those terms-of-use with the snf-manage command: |
162 | e18edd26 | Constantinos Venetsanopoulos | |
163 | e18edd26 | Constantinos Venetsanopoulos | .. code-block:: console |
164 | e18edd26 | Constantinos Venetsanopoulos | |
165 | 7a3439cf | Constantinos Venetsanopoulos | $ snf-manage term-add /usr/share/synnefo/sample-terms.html |
166 | e18edd26 | Constantinos Venetsanopoulos | |
167 | e18edd26 | Constantinos Venetsanopoulos | Your terms have been successfully added and you will see the corresponding link |
168 | e18edd26 | Constantinos Venetsanopoulos | appearing in the Astakos web pages' footer. |
169 | e18edd26 | Constantinos Venetsanopoulos | |
170 | e18edd26 | Constantinos Venetsanopoulos | |
171 | bc055d09 | Constantinos Venetsanopoulos | Reconciliation mechanism |
172 | bc055d09 | Constantinos Venetsanopoulos | ------------------------ |
173 | bc055d09 | Constantinos Venetsanopoulos | |
174 | bc055d09 | Constantinos Venetsanopoulos | On certain occasions, such as a Ganeti or RabbitMQ failure, the VM state in the |
175 | bc055d09 | Constantinos Venetsanopoulos | system's database may differ from that in the Ganeti installation. The |
176 | bc055d09 | Constantinos Venetsanopoulos | reconciliation process is designed to bring the system's database in sync with |
177 | bc055d09 | Constantinos Venetsanopoulos | what Ganeti knows about each VM, and is able to detect the following three |
178 | bc055d09 | Constantinos Venetsanopoulos | conditions: |
179 | bc055d09 | Constantinos Venetsanopoulos | |
180 | bc055d09 | Constantinos Venetsanopoulos | * Stale DB servers without corresponding Ganeti instances |
181 | bc055d09 | Constantinos Venetsanopoulos | * Orphan Ganeti instances, without corresponding DB entries |
182 | bc055d09 | Constantinos Venetsanopoulos | * Out-of-sync operstate for DB entries wrt to Ganeti instances |
183 | bc055d09 | Constantinos Venetsanopoulos | |
184 | bc055d09 | Constantinos Venetsanopoulos | The reconciliation mechanism runs as a management command, e.g., as follows: |
185 | bc055d09 | Constantinos Venetsanopoulos | [PYTHONPATH needs to contain the parent of the synnefo Django project |
186 | bc055d09 | Constantinos Venetsanopoulos | directory]: |
187 | bc055d09 | Constantinos Venetsanopoulos | |
188 | bc055d09 | Constantinos Venetsanopoulos | .. code-block:: console |
189 | bc055d09 | Constantinos Venetsanopoulos | |
190 | bc055d09 | Constantinos Venetsanopoulos | $ export PYTHONPATH=/srv:$PYTHONPATH |
191 | bc055d09 | Constantinos Venetsanopoulos | $ snf-manage reconcile --detect-all -v 2 |
192 | bc055d09 | Constantinos Venetsanopoulos | |
193 | bc055d09 | Constantinos Venetsanopoulos | Please see ``snf-manage reconcile --help`` for all the details. |
194 | bc055d09 | Constantinos Venetsanopoulos | |
195 | bc055d09 | Constantinos Venetsanopoulos | The administrator can also trigger reconciliation of operating state manually, |
196 | bc055d09 | Constantinos Venetsanopoulos | by issuing a Ganeti ``OP_INSTANCE_QUERY_DATA`` command on a Synnefo VM, using |
197 | bc055d09 | Constantinos Venetsanopoulos | gnt-instance info. |
198 | bc055d09 | Constantinos Venetsanopoulos | |
199 | bc055d09 | Constantinos Venetsanopoulos | Logging |
200 | bc055d09 | Constantinos Venetsanopoulos | ------- |
201 | bc055d09 | Constantinos Venetsanopoulos | |
202 | bc055d09 | Constantinos Venetsanopoulos | Logging in Synnefo is using Python's logging module. The module is configured |
203 | bc055d09 | Constantinos Venetsanopoulos | using dictionary configuration, whose format is described here: |
204 | bc055d09 | Constantinos Venetsanopoulos | |
205 | bc055d09 | Constantinos Venetsanopoulos | http://docs.python.org/release/2.7.1/library/logging.html#logging-config-dictschema |
206 | bc055d09 | Constantinos Venetsanopoulos | |
207 | bc055d09 | Constantinos Venetsanopoulos | Note that this is a feature of Python 2.7 that we have backported for use in |
208 | bc055d09 | Constantinos Venetsanopoulos | Python 2.6. |
209 | bc055d09 | Constantinos Venetsanopoulos | |
210 | bc055d09 | Constantinos Venetsanopoulos | The logging configuration dictionary is defined in settings.d/00-logging.conf |
211 | bc055d09 | Constantinos Venetsanopoulos | and is broken in 4 separate dictionaries: |
212 | bc055d09 | Constantinos Venetsanopoulos | |
213 | bc055d09 | Constantinos Venetsanopoulos | * LOGGING is the logging configuration used by the web app. By default all |
214 | bc055d09 | Constantinos Venetsanopoulos | loggers fall back to the main 'synnefo' logger. The subloggers can be |
215 | bc055d09 | Constantinos Venetsanopoulos | changed accordingly for finer logging control. e.g. To disable debug |
216 | bc055d09 | Constantinos Venetsanopoulos | messages from the API set the level of 'synnefo.api' to 'INFO'. |
217 | bc055d09 | Constantinos Venetsanopoulos | |
218 | bc055d09 | Constantinos Venetsanopoulos | * DISPATCHER_LOGGING is the logging configuration of the logic/dispatcher.py |
219 | bc055d09 | Constantinos Venetsanopoulos | command line tool. |
220 | bc055d09 | Constantinos Venetsanopoulos | |
221 | bc055d09 | Constantinos Venetsanopoulos | * SNFADMIN_LOGGING is the logging configuration of the snf-admin tool. |
222 | bc055d09 | Constantinos Venetsanopoulos | Consider using matching configuration for snf-admin and the synnefo.admin |
223 | bc055d09 | Constantinos Venetsanopoulos | logger of the web app. |
224 | bc055d09 | Constantinos Venetsanopoulos | |
225 | bc055d09 | Constantinos Venetsanopoulos | Please note the following: |
226 | bc055d09 | Constantinos Venetsanopoulos | |
227 | bc055d09 | Constantinos Venetsanopoulos | * As of Synnefo v0.7, by default the Django webapp logs to syslog, the |
228 | bc055d09 | Constantinos Venetsanopoulos | dispatcher logs to /var/log/synnefo/dispatcher.log and the console, |
229 | bc055d09 | Constantinos Venetsanopoulos | snf-admin logs to the console. |
230 | bc055d09 | Constantinos Venetsanopoulos | * Different handlers can be set to different logging levels: |
231 | bc055d09 | Constantinos Venetsanopoulos | for example, everything may appear to the console, but only INFO and higher |
232 | bc055d09 | Constantinos Venetsanopoulos | may actually be stored in a longer-term logfile |
233 | bc055d09 | Constantinos Venetsanopoulos | |
234 | bc055d09 | Constantinos Venetsanopoulos | |
235 | d189d11c | Constantinos Venetsanopoulos | .. _shibboleth-auth: |
236 | d189d11c | Constantinos Venetsanopoulos | |
237 | d189d11c | Constantinos Venetsanopoulos | Authentication using Shibboleth |
238 | d189d11c | Constantinos Venetsanopoulos | =============================== |
239 | d189d11c | Constantinos Venetsanopoulos | |
240 | d189d11c | Constantinos Venetsanopoulos | Astakos can delegate user authentication to a Shibboleth federation. |
241 | d189d11c | Constantinos Venetsanopoulos | |
242 | d189d11c | Constantinos Venetsanopoulos | To setup shibboleth, install package:: |
243 | d189d11c | Constantinos Venetsanopoulos | |
244 | d189d11c | Constantinos Venetsanopoulos | apt-get install libapache2-mod-shib2 |
245 | d189d11c | Constantinos Venetsanopoulos | |
246 | d189d11c | Constantinos Venetsanopoulos | Change appropriately the configuration files in ``/etc/shibboleth``. |
247 | d189d11c | Constantinos Venetsanopoulos | |
248 | d189d11c | Constantinos Venetsanopoulos | Add in ``/etc/apache2/sites-available/synnefo-ssl``:: |
249 | d189d11c | Constantinos Venetsanopoulos | |
250 | d189d11c | Constantinos Venetsanopoulos | ShibConfig /etc/shibboleth/shibboleth2.xml |
251 | d189d11c | Constantinos Venetsanopoulos | Alias /shibboleth-sp /usr/share/shibboleth |
252 | d189d11c | Constantinos Venetsanopoulos | |
253 | d189d11c | Constantinos Venetsanopoulos | <Location /im/login/shibboleth> |
254 | d189d11c | Constantinos Venetsanopoulos | AuthType shibboleth |
255 | d189d11c | Constantinos Venetsanopoulos | ShibRequireSession On |
256 | d189d11c | Constantinos Venetsanopoulos | ShibUseHeaders On |
257 | d189d11c | Constantinos Venetsanopoulos | require valid-user |
258 | d189d11c | Constantinos Venetsanopoulos | </Location> |
259 | d189d11c | Constantinos Venetsanopoulos | |
260 | d189d11c | Constantinos Venetsanopoulos | and before the line containing:: |
261 | d189d11c | Constantinos Venetsanopoulos | |
262 | d189d11c | Constantinos Venetsanopoulos | ProxyPass / http://localhost:8080/ retry=0 |
263 | d189d11c | Constantinos Venetsanopoulos | |
264 | d189d11c | Constantinos Venetsanopoulos | add:: |
265 | d189d11c | Constantinos Venetsanopoulos | |
266 | d189d11c | Constantinos Venetsanopoulos | ProxyPass /Shibboleth.sso ! |
267 | d189d11c | Constantinos Venetsanopoulos | |
268 | d189d11c | Constantinos Venetsanopoulos | Then, enable the shibboleth module:: |
269 | d189d11c | Constantinos Venetsanopoulos | |
270 | d189d11c | Constantinos Venetsanopoulos | a2enmod shib2 |
271 | d189d11c | Constantinos Venetsanopoulos | |
272 | d189d11c | Constantinos Venetsanopoulos | After passing through the apache module, the following tokens should be |
273 | d189d11c | Constantinos Venetsanopoulos | available at the destination:: |
274 | d189d11c | Constantinos Venetsanopoulos | |
275 | d189d11c | Constantinos Venetsanopoulos | eppn # eduPersonPrincipalName |
276 | d189d11c | Constantinos Venetsanopoulos | Shib-InetOrgPerson-givenName |
277 | d189d11c | Constantinos Venetsanopoulos | Shib-Person-surname |
278 | d189d11c | Constantinos Venetsanopoulos | Shib-Person-commonName |
279 | d189d11c | Constantinos Venetsanopoulos | Shib-InetOrgPerson-displayName |
280 | d189d11c | Constantinos Venetsanopoulos | Shib-EP-Affiliation |
281 | d189d11c | Constantinos Venetsanopoulos | Shib-Session-ID |
282 | d189d11c | Constantinos Venetsanopoulos | |
283 | d189d11c | Constantinos Venetsanopoulos | Finally, add 'shibboleth' in ``ASTAKOS_IM_MODULES`` list. The variable resides |
284 | d189d11c | Constantinos Venetsanopoulos | inside the file ``/etc/synnefo/20-snf-astakos-app-settings.conf`` |
285 | d189d11c | Constantinos Venetsanopoulos | |
286 | d189d11c | Constantinos Venetsanopoulos | |
287 | bc055d09 | Constantinos Venetsanopoulos | Scaling up to multiple nodes |
288 | bc055d09 | Constantinos Venetsanopoulos | ============================ |
289 | bc055d09 | Constantinos Venetsanopoulos | |
290 | bc055d09 | Constantinos Venetsanopoulos | Here we will describe how to deploy all services, interconnected with each |
291 | 2f6143c9 | Constantinos Venetsanopoulos | other, on multiple physical nodes. |
292 | 2f6143c9 | Constantinos Venetsanopoulos | |
293 | 2f6143c9 | Constantinos Venetsanopoulos | synnefo components |
294 | 2f6143c9 | Constantinos Venetsanopoulos | ------------------ |
295 | 2f6143c9 | Constantinos Venetsanopoulos | |
296 | 2f6143c9 | Constantinos Venetsanopoulos | You need to install the appropriate synnefo software components on each node, |
297 | 2f6143c9 | Constantinos Venetsanopoulos | depending on its type, see :ref:`Architecture <cyclades-architecture>`. |
298 | 2f6143c9 | Constantinos Venetsanopoulos | |
299 | 2f6143c9 | Constantinos Venetsanopoulos | Please see the page of each synnefo software component for specific |
300 | 2f6143c9 | Constantinos Venetsanopoulos | installation instructions, where applicable. |
301 | 2f6143c9 | Constantinos Venetsanopoulos | |
302 | 2f6143c9 | Constantinos Venetsanopoulos | Install the following synnefo components: |
303 | 2f6143c9 | Constantinos Venetsanopoulos | |
304 | 2f6143c9 | Constantinos Venetsanopoulos | Nodes of type :ref:`APISERVER <APISERVER_NODE>` |
305 | 2f6143c9 | Constantinos Venetsanopoulos | Components |
306 | 2f6143c9 | Constantinos Venetsanopoulos | :ref:`snf-common <snf-common>`, |
307 | 2f6143c9 | Constantinos Venetsanopoulos | :ref:`snf-webproject <snf-webproject>`, |
308 | 2f6143c9 | Constantinos Venetsanopoulos | :ref:`snf-cyclades-app <snf-cyclades-app>` |
309 | 2f6143c9 | Constantinos Venetsanopoulos | Nodes of type :ref:`GANETI-MASTER <GANETI_MASTER>` and :ref:`GANETI-NODE <GANETI_NODE>` |
310 | 2f6143c9 | Constantinos Venetsanopoulos | Components |
311 | 2f6143c9 | Constantinos Venetsanopoulos | :ref:`snf-common <snf-common>`, |
312 | 2f6143c9 | Constantinos Venetsanopoulos | :ref:`snf-cyclades-gtools <snf-cyclades-gtools>` |
313 | 2f6143c9 | Constantinos Venetsanopoulos | Nodes of type :ref:`LOGIC <LOGIC_NODE>` |
314 | 2f6143c9 | Constantinos Venetsanopoulos | Components |
315 | 2f6143c9 | Constantinos Venetsanopoulos | :ref:`snf-common <snf-common>`, |
316 | 2f6143c9 | Constantinos Venetsanopoulos | :ref:`snf-webproject <snf-webproject>`, |
317 | 2f6143c9 | Constantinos Venetsanopoulos | :ref:`snf-cyclades-app <snf-cyclades-app>`. |
318 | 2f6143c9 | Constantinos Venetsanopoulos | |
319 | 547c78f6 | Constantinos Venetsanopoulos | RabbitMQ |
320 | 547c78f6 | Constantinos Venetsanopoulos | -------- |
321 | 547c78f6 | Constantinos Venetsanopoulos | |
322 | 547c78f6 | Constantinos Venetsanopoulos | RabbitMQ is used as a generic message broker for Cyclades. It should be |
323 | 547c78f6 | Constantinos Venetsanopoulos | installed on two seperate :ref:`QUEUE <QUEUE_NODE>` nodes in a high |
324 | 547c78f6 | Constantinos Venetsanopoulos | availability configuration as described here: |
325 | 547c78f6 | Constantinos Venetsanopoulos | |
326 | 547c78f6 | Constantinos Venetsanopoulos | http://www.rabbitmq.com/pacemaker.html |
327 | 547c78f6 | Constantinos Venetsanopoulos | |
328 | 547c78f6 | Constantinos Venetsanopoulos | The values set for the user and password must be mirrored in the ``RABBIT_*`` |
329 | 547c78f6 | Constantinos Venetsanopoulos | variables in your settings, as managed by :ref:`snf-common <snf-common>`. |
330 | 547c78f6 | Constantinos Venetsanopoulos | |
331 | 547c78f6 | Constantinos Venetsanopoulos | .. todo:: Document an active-active configuration based on the latest version |
332 | 547c78f6 | Constantinos Venetsanopoulos | of RabbitMQ. |
333 | 547c78f6 | Constantinos Venetsanopoulos | |
334 | bc055d09 | Constantinos Venetsanopoulos | |
335 | bc055d09 | Constantinos Venetsanopoulos | Upgrade Notes |
336 | bc055d09 | Constantinos Venetsanopoulos | ============= |
337 | bc055d09 | Constantinos Venetsanopoulos | |
338 | bc055d09 | Constantinos Venetsanopoulos | Cyclades upgrade notes |
339 | bc055d09 | Constantinos Venetsanopoulos | ---------------------- |
340 | bc055d09 | Constantinos Venetsanopoulos | |
341 | bc055d09 | Constantinos Venetsanopoulos | .. toctree:: |
342 | bc055d09 | Constantinos Venetsanopoulos | :maxdepth: 2 |
343 | bc055d09 | Constantinos Venetsanopoulos | |
344 | bc055d09 | Constantinos Venetsanopoulos | cyclades-upgrade |
345 | bc055d09 | Constantinos Venetsanopoulos | |
346 | bc055d09 | Constantinos Venetsanopoulos | Changelog |
347 | bc055d09 | Constantinos Venetsanopoulos | ========= |