Revision a14f152f docs/quick-install-admin-guide.rst
b/docs/quick-install-admin-guide.rst | ||
---|---|---|
566 | 566 |
Edit ``/etc/synnefo/10-snf-webproject-deploy.conf``. Uncomment and edit |
567 | 567 |
``SECRET_KEY``. This is a Django specific setting which is used to provide a |
568 | 568 |
seed in secret-key hashing algorithms. Set this to a random string of your |
569 |
choise and keep it private:
|
|
569 |
choice and keep it private:
|
|
570 | 570 |
|
571 | 571 |
.. code-block:: console |
572 | 572 |
|
... | ... | |
581 | 581 |
|
582 | 582 |
ASTAKOS_COOKIE_DOMAIN = '.example.com' |
583 | 583 |
|
584 |
ASTAKOS_BASE_URL = 'https://node1.example.com' |
|
584 |
ASTAKOS_BASE_URL = 'https://node1.example.com/astakos'
|
|
585 | 585 |
|
586 | 586 |
The ``ASTAKOS_COOKIE_DOMAIN`` should be the base url of our domain (for all |
587 | 587 |
services). ``ASTAKOS_BASE_URL`` is the astakos top-level URL. |
... | ... | |
611 | 611 |
|
612 | 612 |
CLOUDBAR_LOCATION = 'https://node1.example.com/static/im/cloudbar/' |
613 | 613 |
|
614 |
CLOUDBAR_SERVICES_URL = 'https://node1.example.com/ui/get_services' |
|
614 |
CLOUDBAR_SERVICES_URL = 'https://node1.example.com/astakos/ui/get_services'
|
|
615 | 615 |
|
616 |
CLOUDBAR_MENU_URL = 'https://node1.example.com/ui/get_menu' |
|
616 |
CLOUDBAR_MENU_URL = 'https://node1.example.com/astakos/ui/get_menu'
|
|
617 | 617 |
|
618 | 618 |
Those settings have to do with the black cloudbar endpoints and will be |
619 | 619 |
described in more detail later on in this guide. For now, just edit the domain |
... | ... | |
622 | 622 |
If you are an advanced user and want to use the Shibboleth Authentication |
623 | 623 |
method, read the relative :ref:`section <shibboleth-auth>`. |
624 | 624 |
|
625 |
.. note:: Because Cyclades and Astakos are running on the same machine |
|
626 |
in our example, we have to deactivate the CSRF verification. We can do so |
|
627 |
by adding to |
|
628 |
``/etc/synnefo/99-local.conf``: |
|
629 |
|
|
630 |
.. code-block:: console |
|
631 |
|
|
632 |
MIDDLEWARE_CLASSES.remove('django.middleware.csrf.CsrfViewMiddleware') |
|
633 |
TEMPLATE_CONTEXT_PROCESSORS.remove('django.core.context_processors.csrf') |
|
634 |
|
|
635 | 625 |
Enable Pooling |
636 | 626 |
-------------- |
637 | 627 |
|
... | ... | |
786 | 776 |
|
787 | 777 |
Open your favorite browser and go to: |
788 | 778 |
|
789 |
``http://node1.example.com/im``
|
|
779 |
``http://node1.example.com/astakos``
|
|
790 | 780 |
|
791 |
If this redirects you to ``https://node1.example.com/ui/`` and you can see |
|
781 |
If this redirects you to ``https://node1.example.com/astakos/ui/`` and you can see
|
|
792 | 782 |
the "welcome" door of Astakos, then you have successfully setup Astakos. |
793 | 783 |
|
794 | 784 |
Let's create our first user. At the homepage click the "CREATE ACCOUNT" button |
... | ... | |
804 | 794 |
root@node1:~ # snf-manage user-list |
805 | 795 |
|
806 | 796 |
This command should show you a list with only one user; the one we just created. |
807 |
This user should have an id with a value of ``1``. It should also have an
|
|
808 |
"active" status with the value of ``0`` (inactive). Now run:
|
|
797 |
This user should have an id with a value of ``1`` and flag "active" and
|
|
798 |
"verified" set to False. Now run:
|
|
809 | 799 |
|
810 | 800 |
.. code-block:: console |
811 | 801 |
|
812 |
root@node1:~ # snf-manage user-update --set-active 1
|
|
802 |
root@node1:~ # snf-manage user-modify 1 --verify --accept
|
|
813 | 803 |
|
814 |
This modifies the active value to ``1``, and actually activates the user.
|
|
804 |
This verifies the user email and activates the user.
|
|
815 | 805 |
When running in production, the activation is done automatically with different |
816 | 806 |
types of moderation, that Astakos supports. You can see the moderation methods |
817 | 807 |
(by invitation, whitelists, matching regexp, etc.) at the Astakos specific |
... | ... | |
819 | 809 |
him/her an activation email. See how to do this at the :ref:`User |
820 | 810 |
activation <user_activation>` section. |
821 | 811 |
|
822 |
Now let's go back to the homepage. Open ``http://node1.example.com/ui/`` with |
|
812 |
Now let's go back to the homepage. Open ``http://node1.example.com/astkos/ui/`` with
|
|
823 | 813 |
your browser again. Try to sign in using your new credentials. If the astakos |
824 | 814 |
menu appears and you can see your profile, then you have successfully setup |
825 | 815 |
Astakos. |
... | ... | |
871 | 861 |
|
872 | 862 |
.. code-block:: console |
873 | 863 |
|
874 |
ASTAKOS_BASE_URL = 'https://node1.example.com/' |
|
864 |
ASTAKOS_BASE_URL = 'https://node1.example.com/astakos'
|
|
875 | 865 |
|
866 |
PITHOS_BASE_URL = 'https://node2.example.com/pithos' |
|
876 | 867 |
PITHOS_BACKEND_DB_CONNECTION = 'postgresql://synnefo:example_passw0rd@node1.example.com:5432/snf_pithos' |
877 | 868 |
PITHOS_BACKEND_BLOCK_PATH = '/srv/pithos/data' |
878 | 869 |
|
879 |
|
|
880 | 870 |
PITHOS_SERVICE_TOKEN = 'pithos_service_token22w==' |
881 | 871 |
|
882 | 872 |
# Set to False if astakos & pithos are on the same host |
... | ... | |
897 | 887 |
The ``ASTAKOS_BASE_URL`` option informs the Pithos app where Astakos is. |
898 | 888 |
The Astakos service is used for user management (authentication, quotas, etc.) |
899 | 889 |
|
900 |
The ``PITHOS_SERVICE_TOKEN`` should be the Pithos token returned by running on |
|
901 |
the Astakos node (node1 in our case): |
|
890 |
The ``PITHOS_BASE_URL`` setting must point to the top-level Pithos URL. |
|
891 |
|
|
892 |
The ``PITHOS_SERVICE_TOKEN`` is the token used for authentication with astakos. |
|
893 |
It can be retrieved by running on the Astakos node (node1 in our case): |
|
902 | 894 |
|
903 | 895 |
.. code-block:: console |
904 | 896 |
|
905 |
# snf-manage service-list
|
|
897 |
# snf-manage component-list
|
|
906 | 898 |
|
907 | 899 |
The token has been generated automatically during the :ref:`Pithos service |
908 | 900 |
registration <services-reg>`. |
... | ... | |
931 | 923 |
.. code-block:: console |
932 | 924 |
|
933 | 925 |
CLOUDBAR_LOCATION = 'https://node1.example.com/static/im/cloudbar/' |
934 |
CLOUDBAR_SERVICES_URL = 'https://node1.example.com/ui/get_services' |
|
935 |
CLOUDBAR_MENU_URL = 'https://node1.example.com/ui/get_menu' |
|
926 |
CLOUDBAR_SERVICES_URL = 'https://node1.example.com/astakos/ui/get_services'
|
|
927 |
CLOUDBAR_MENU_URL = 'https://node1.example.com/astakos/ui/get_menu'
|
|
936 | 928 |
|
937 | 929 |
The ``CLOUDBAR_LOCATION`` tells the client where to find the astakos common |
938 | 930 |
cloudbar. |
... | ... | |
998 | 990 |
.. code-block:: console |
999 | 991 |
|
1000 | 992 |
root@node2:~ # pithos-migrate history |
1001 |
2a309a9a3438 -> 27381099d477 (head), alter public add column url |
|
993 |
|
|
994 |
27381099d477 -> 4c8ccdc58192 (head), add attributes domain index |
|
995 |
2a309a9a3438 -> 27381099d477, alter public add column url |
|
1002 | 996 |
165ba3fbfe53 -> 2a309a9a3438, fix statistics negative population |
1003 | 997 |
3dd56e750a3 -> 165ba3fbfe53, update account in paths |
1004 | 998 |
230f8ce9c90f -> 3dd56e750a3, Fix latest_version |
1005 | 999 |
8320b1c62d9 -> 230f8ce9c90f, alter nodes add column latest version |
1006 | 1000 |
None -> 8320b1c62d9, create index nodes.parent |
1007 | 1001 |
|
1008 |
Finally, we stamp it with the one found in the previous step:
|
|
1002 |
Finally, we stamp it with the head found in the previous step:
|
|
1009 | 1003 |
|
1010 | 1004 |
.. code-block:: console |
1011 | 1005 |
|
1012 |
root@node2:~ # pithos-migrate stamp 27381099d477
|
|
1006 |
root@node2:~ # pithos-migrate stamp 4c8ccdc58192
|
|
1013 | 1007 |
|
1014 | 1008 |
Servers Initialization |
1015 | 1009 |
---------------------- |
... | ... | |
1029 | 1023 |
|
1030 | 1024 |
Open your browser and go to the Astakos homepage: |
1031 | 1025 |
|
1032 |
``http://node1.example.com/im``
|
|
1026 |
``http://node1.example.com/astakos``
|
|
1033 | 1027 |
|
1034 | 1028 |
Login, and you will see your profile page. Now, click the "pithos" link on the |
1035 | 1029 |
top black cloudbar. If everything was setup correctly, this will redirect you |
... | ... | |
1713 | 1707 |
# Set to False if astakos & cyclades are on the same host |
1714 | 1708 |
CYCLADES_PROXY_USER_SERVICES = False |
1715 | 1709 |
|
1710 |
CYCLADES_SERVICE_TOKEN = 'cyclades_service_token22w==' |
|
1711 |
|
|
1716 | 1712 |
The ``ASTAKOS_BASE_URL`` denotes the Astakos endpoint for Cyclades, |
1717 | 1713 |
which is used for all user management, including authentication. |
1718 | 1714 |
Since our Astakos, Cyclades, and Pithos installations belong together, |
1719 | 1715 |
they should all have identical ``ASTAKOS_BASE_URL`` setting |
1720 | 1716 |
(see also, :ref:`previously <conf-pithos>`). |
1721 | 1717 |
|
1718 |
The ``CYCLADES_SERVICE_TOKEN`` is the token used for authentication with astakos. |
|
1719 |
It can be retrieved by running on the Astakos node (node1 in our case): |
|
1720 |
|
|
1721 |
.. code-block:: console |
|
1722 |
|
|
1723 |
# snf-manage component-list |
|
1724 |
|
|
1725 |
The token has been generated automatically during the :ref:`Cyclades service |
|
1726 |
registration <services-reg>`. |
|
1727 |
|
|
1722 | 1728 |
TODO: Document the Network Options here |
1723 | 1729 |
|
1724 | 1730 |
Edit ``/etc/synnefo/20-snf-cyclades-app-cloudbar.conf``: |
... | ... | |
1726 | 1732 |
.. code-block:: console |
1727 | 1733 |
|
1728 | 1734 |
CLOUDBAR_LOCATION = 'https://node1.example.com/static/im/cloudbar/' |
1729 |
CLOUDBAR_SERVICES_URL = 'https://node1.example.com/ui/get_services' |
|
1730 |
CLOUDBAR_MENU_URL = 'https://account.node1.example.com/ui/get_menu' |
|
1735 |
CLOUDBAR_SERVICES_URL = 'https://node1.example.com/astakos/ui/get_services'
|
|
1736 |
CLOUDBAR_MENU_URL = 'https://account.node1.example.com/astakos/ui/get_menu'
|
|
1731 | 1737 |
|
1732 | 1738 |
``CLOUDBAR_LOCATION`` tells the client where to find the Astakos common |
1733 | 1739 |
cloudbar. The ``CLOUDBAR_SERVICES_URL`` and ``CLOUDBAR_MENU_URL`` options are |
... | ... | |
1777 | 1783 |
.. code-block:: console |
1778 | 1784 |
|
1779 | 1785 |
VMAPI_CACHE_BACKEND = "memcached://127.0.0.1:11211/?timeout=3600" |
1780 |
VMAPI_BASE_URL = "https://node1.example.com" |
|
1781 | 1786 |
|
1782 | 1787 |
Edit ``/etc/default/vncauthproxy``: |
1783 | 1788 |
|
... | ... | |
2018 | 2023 |
browser and go to the Astakos home page. Login and then click 'cyclades' on the |
2019 | 2024 |
top cloud bar. This should redirect you to: |
2020 | 2025 |
|
2021 |
`http://node1.example.com/ui/` |
|
2026 |
`http://node1.example.com/cyclades/ui/`
|
|
2022 | 2027 |
|
2023 | 2028 |
and the Cyclades home page should appear. If not, please go back and find what |
2024 | 2029 |
went wrong. Do not proceed if you don't see the Cyclades home page. |
... | ... | |
2176 | 2181 |
If the registration completes successfully, then go to the Cyclades Web UI from |
2177 | 2182 |
your browser at: |
2178 | 2183 |
|
2179 |
`https://node1.example.com/ui/` |
|
2184 |
`https://node1.example.com/cyclades/ui/`
|
|
2180 | 2185 |
|
2181 | 2186 |
Click on the 'New Machine' button and the first step of the wizard will appear. |
2182 | 2187 |
Click on 'My Images' (right after 'System' Images) on the left pane of the |
Also available in: Unified diff