Synnefo

DEPLOYMENT notes   

=================

This document describes the services that comprise the Synnefo software

infrastructure and the dependencies among them. This document applies

to Synnefo v0.3.

- Node types

  Nodes in a Synnefo deployment belong in one of the following types:

    * DB:

      A node [or more than one nodes, if using an HA configuration],

      running a DB engine supported by the Django ORM layer. The DB

      is the single source of truth for the servicing of API requests by

      Synnefo.

      Services: PostgreSQL / MySQL

    * WEBSERVER:

      A node running the implementation of the OpenStack API, in Django.

      Any number of WEBSERVERs can be used, in a load-balancing configuration,

      without any special consideration. Access to a common DB ensures

      consistency. 

      Services: Web server, vncauthproxy

    * QUEUE:

      A node running the RabbitMQ software, which provides AMQP functionality.

      More than one QUEUE nodes may be deployed, in an HA configuration. Such

      deployments require shared storage, provided e.g., by DRBD.

      Services: RabbitMQ [rabbitmq-server]

    * LOGIC:

      A node running the business logic of Synnefo, in Django. It dequeues

      messages from QUEUE nodes, and provides the context in which business

      logic functions run. It uses Django ORM to connect to the common DB and

      update the state of the system, based on notifications received from the

      rest of the infrastructure, over AMQP.

      Services: the Synnefo logic dispatcher [/logic/dispatcher.py]

    * GANETI-MASTER and GANETI-NODE:

      A single GANETI-MASTER and a large number of GANETI-NODEs constitute the

      Ganeti backend for Synnefo, which undertakes all VM management functions.

      Any WEBSERVER can issue commands to the GANETI-MASTER, over RAPI, to effect

      changes in the state of the VMs. The GANETI-MASTER runs the Ganeti request

      queue.

      Services: only on GANETI-MASTER:

        the Synnefo Ganeti monitoring daemon [/ganeti/ganeti-eventd],

        and the Synnefo Ganeti hook [/ganeti/snf-ganeti-hook.py].

    As of v0.3, the Synnefo Django project needs to be installed on nodes

    of type WEBSERVER, LOGIC and on the GANETI-MASTER, with a properly configured

    settings.py. In later revisions, the specific parts of the Django project

    which need to run on each node type will be identified.

    The settings.py file for Django is derived by concatenating the

    settings.py.dist file contained in the Synnefo distribution with a file

    containing custom modifications. This is recommended to minimize the load

    of reconstructing settings.py from scratch, since each release currently

    brings heavy changes to settings.py.dist.

- Service dependencies

    This section describes each of the required service dependencies.

    * RabbitMQ

      RabbitMQ is used as a generic message broker for the system. It should

      be installed on two seperate machines (VMs should be enough for the

      moment) in a high availability configuration as described here:

        http://www.rabbitmq.com/pacemaker.html

      After installation, create a user and set its permissions

        rabbitmqctl add_user okeanos 0k3@n0s

        rabbitmqctl set_permissions -p / okeanos  "^.*" ".*" ".*"

      The values set for the user and password must be mirrored in the

      RABBIT_* variables in settings.py

    * /ganeti/ganeti-eventd: the Ganeti monitoring daemon

      The Ganeti monitoring daemon must run on GANETI-MASTER.

      Override all relevant settings in settings.py.dist, GANETI_* variables.

      Then start the server on the Ganeti master as root

      # cd synnefo && python ./ganeti/ganeti-eventd

      FIXME: The server must be started from the project root directory.

      TBD: how to handle master migration.

    * /logic/dispatcher.py: the dispatcher

      The dispatcher retrieves messages from the queue and calls the

      appropriate handler function as defined in the queue configuration in

      setttings.py. The default configuration should work directly without

      any modifications.

      The dispatcher must be run by hand:

      $ ./bin/python ./logic/dispatcher.py

      The dispatcher should run in at least 2 instances to ensure high

      (actually, increased) availability.

    * /ganeti/snf-ganeti-hook.py: Ganeti hook for synnefo

      The script ganeti/snf-ganeti-hook.py is the generic launcher for Synnefo

      hooks in Ganeti.  It resides in the ganeti/ directory of the Synnefo

      project root.

      The hook needs to be enabled for the post-start phase, by *symlinking*

      in  /etc/ganeti/hooks/instance-start-post.d on GANETI-MASTER:

      root@ganeti-master:/etc/ganeti/hooks/instance-start-post.d# ls -l

      lrwxrwxrwx 1 root root 45 May   3 13:45 00-snf-ganeti-hook -> /home/devel/synnefo/ganeti/snf-ganeti-hook.py*

      IMPORTANT: The link name may only contain "upper and lower case, digits,

      underscores and hyphens. In other words, the regexp ^[a-zA-Z0-9_-]+$."

      See http://docs.ganeti.org/ganeti/master/html/hooks.html?highlight=hooks#naming.

      The script uses the location of the link target to determine the Synnefo

      Project root, before passing control to the relevant Python code.

      FIXME: Perhaps require a SYNNEFO_PROJECT_ROOT environment variable?

    * vncauthproxy

      To support OOB console access to the VMs over VNC, the vncauthproxy

      daemon must be running on every node of type WEBSERVER.

      Download and install vncauthproxy from its own repository,

      at https://code.grnet.gr/git/vncauthproxy

      (known good commit [FIXME for v0.3]: 48b1400e).

      Edit default settings on top of vncauthproxy.py.

      Set CTRL_SOCKET in util/vapclient.py to point to its control socket.

      FIXME: The CTRL_SOCKET setting will be moved to settings.py as

      VNCAUTHPROXY_CTRL_SOCKET.

- OS Specific instructions

    * Debian Squeeze

      TBD.