root / docs / admin-guide.rst @ aab200c6
History | View | Annotate | Download (72.3 kB)
1 | bc055d09 | Constantinos Venetsanopoulos | .. _admin-guide: |
---|---|---|---|
2 | bc055d09 | Constantinos Venetsanopoulos | |
3 | bc055d09 | Constantinos Venetsanopoulos | Synnefo Administrator's Guide |
4 | bc055d09 | Constantinos Venetsanopoulos | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ |
5 | bc055d09 | Constantinos Venetsanopoulos | |
6 | bc055d09 | Constantinos Venetsanopoulos | This is the complete Synnefo Administrator's Guide. |
7 | bc055d09 | Constantinos Venetsanopoulos | |
8 | bc055d09 | Constantinos Venetsanopoulos | |
9 | 14267d89 | Constantinos Venetsanopoulos | .. _syn+archip: |
10 | bc055d09 | Constantinos Venetsanopoulos | |
11 | eab73849 | Constantinos Venetsanopoulos | General Synnefo Architecture |
12 | eab73849 | Constantinos Venetsanopoulos | ============================ |
13 | eab73849 | Constantinos Venetsanopoulos | |
14 | 14267d89 | Constantinos Venetsanopoulos | The following figure shows a detailed view of the whole Synnefo architecture |
15 | 14267d89 | Constantinos Venetsanopoulos | and how it interacts with multiple Ganeti clusters. We hope that after reading |
16 | 14267d89 | Constantinos Venetsanopoulos | the Administrator's Guide you will be able to understand every component and |
17 | 14267d89 | Constantinos Venetsanopoulos | all the interactions between them. |
18 | eab73849 | Constantinos Venetsanopoulos | |
19 | 301294a9 | Constantinos Venetsanopoulos | .. image:: images/synnefo-arch2.png |
20 | 16539dad | Kostas Papadimitriou | :width: 100% |
21 | 301294a9 | Constantinos Venetsanopoulos | :target: _images/synnefo-arch2.png |
22 | eab73849 | Constantinos Venetsanopoulos | |
23 | 14267d89 | Constantinos Venetsanopoulos | Synnefo also supports RADOS as an alternative storage backend for |
24 | 14267d89 | Constantinos Venetsanopoulos | Files/Images/VM disks. You will find the :ref:`corresponding figure |
25 | 14267d89 | Constantinos Venetsanopoulos | <syn+archip+rados>` later in this guide. |
26 | eab73849 | Constantinos Venetsanopoulos | |
27 | a1c707c9 | Constantinos Venetsanopoulos | |
28 | eab73849 | Constantinos Venetsanopoulos | Identity Service (Astakos) |
29 | eab73849 | Constantinos Venetsanopoulos | ========================== |
30 | f846d8df | Constantinos Venetsanopoulos | |
31 | f846d8df | Constantinos Venetsanopoulos | |
32 | eab73849 | Constantinos Venetsanopoulos | Authentication methods |
33 | 3a0ce98e | Constantinos Venetsanopoulos | ---------------------- |
34 | eab73849 | Constantinos Venetsanopoulos | |
35 | 3a0ce98e | Constantinos Venetsanopoulos | Astakos supports multiple authentication methods: |
36 | eab73849 | Constantinos Venetsanopoulos | |
37 | 3a0ce98e | Constantinos Venetsanopoulos | * local username/password |
38 | 3a0ce98e | Constantinos Venetsanopoulos | * LDAP / Active Directory |
39 | 3a0ce98e | Constantinos Venetsanopoulos | * SAML 2.0 (Shibboleth) federated logins |
40 | 3a0ce98e | Constantinos Venetsanopoulos | |
41 | 3a0ce98e | Constantinos Venetsanopoulos | |
42 | 3a0ce98e | Constantinos Venetsanopoulos | |
43 | eab73849 | Constantinos Venetsanopoulos | |
44 | eab73849 | Constantinos Venetsanopoulos | .. _shibboleth-auth: |
45 | eab73849 | Constantinos Venetsanopoulos | |
46 | eab73849 | Constantinos Venetsanopoulos | Shibboleth Authentication |
47 | 3a0ce98e | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~~~~~~~~ |
48 | eab73849 | Constantinos Venetsanopoulos | |
49 | eab73849 | Constantinos Venetsanopoulos | Astakos can delegate user authentication to a Shibboleth federation. |
50 | eab73849 | Constantinos Venetsanopoulos | |
51 | eab73849 | Constantinos Venetsanopoulos | To setup shibboleth, install package:: |
52 | eab73849 | Constantinos Venetsanopoulos | |
53 | eab73849 | Constantinos Venetsanopoulos | apt-get install libapache2-mod-shib2 |
54 | eab73849 | Constantinos Venetsanopoulos | |
55 | eab73849 | Constantinos Venetsanopoulos | Change appropriately the configuration files in ``/etc/shibboleth``. |
56 | eab73849 | Constantinos Venetsanopoulos | |
57 | eab73849 | Constantinos Venetsanopoulos | Add in ``/etc/apache2/sites-available/synnefo-ssl``:: |
58 | eab73849 | Constantinos Venetsanopoulos | |
59 | eab73849 | Constantinos Venetsanopoulos | ShibConfig /etc/shibboleth/shibboleth2.xml |
60 | eab73849 | Constantinos Venetsanopoulos | Alias /shibboleth-sp /usr/share/shibboleth |
61 | eab73849 | Constantinos Venetsanopoulos | |
62 | fb814235 | Kostas Papadimitriou | <Location /ui/login/shibboleth> |
63 | eab73849 | Constantinos Venetsanopoulos | AuthType shibboleth |
64 | eab73849 | Constantinos Venetsanopoulos | ShibRequireSession On |
65 | eab73849 | Constantinos Venetsanopoulos | ShibUseHeaders On |
66 | eab73849 | Constantinos Venetsanopoulos | require valid-user |
67 | eab73849 | Constantinos Venetsanopoulos | </Location> |
68 | eab73849 | Constantinos Venetsanopoulos | |
69 | eab73849 | Constantinos Venetsanopoulos | and before the line containing:: |
70 | eab73849 | Constantinos Venetsanopoulos | |
71 | eab73849 | Constantinos Venetsanopoulos | ProxyPass / http://localhost:8080/ retry=0 |
72 | eab73849 | Constantinos Venetsanopoulos | |
73 | eab73849 | Constantinos Venetsanopoulos | add:: |
74 | eab73849 | Constantinos Venetsanopoulos | |
75 | eab73849 | Constantinos Venetsanopoulos | ProxyPass /Shibboleth.sso ! |
76 | f846d8df | Constantinos Venetsanopoulos | |
77 | eab73849 | Constantinos Venetsanopoulos | Then, enable the shibboleth module:: |
78 | eab73849 | Constantinos Venetsanopoulos | |
79 | eab73849 | Constantinos Venetsanopoulos | a2enmod shib2 |
80 | f846d8df | Constantinos Venetsanopoulos | |
81 | eab73849 | Constantinos Venetsanopoulos | After passing through the apache module, the following tokens should be |
82 | eab73849 | Constantinos Venetsanopoulos | available at the destination:: |
83 | eab73849 | Constantinos Venetsanopoulos | |
84 | eab73849 | Constantinos Venetsanopoulos | eppn # eduPersonPrincipalName |
85 | eab73849 | Constantinos Venetsanopoulos | Shib-InetOrgPerson-givenName |
86 | eab73849 | Constantinos Venetsanopoulos | Shib-Person-surname |
87 | eab73849 | Constantinos Venetsanopoulos | Shib-Person-commonName |
88 | eab73849 | Constantinos Venetsanopoulos | Shib-InetOrgPerson-displayName |
89 | eab73849 | Constantinos Venetsanopoulos | Shib-EP-Affiliation |
90 | eab73849 | Constantinos Venetsanopoulos | Shib-Session-ID |
91 | eab73849 | Constantinos Venetsanopoulos | |
92 | eab73849 | Constantinos Venetsanopoulos | Finally, add 'shibboleth' in ``ASTAKOS_IM_MODULES`` list. The variable resides |
93 | eab73849 | Constantinos Venetsanopoulos | inside the file ``/etc/synnefo/20-snf-astakos-app-settings.conf`` |
94 | eab73849 | Constantinos Venetsanopoulos | |
95 | e0975bbf | Sofia Papagiannaki | Twitter Authentication |
96 | 3a0ce98e | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~~~~~ |
97 | e0975bbf | Sofia Papagiannaki | |
98 | e0975bbf | Sofia Papagiannaki | To enable twitter authentication while signed in under a Twitter account, |
99 | e0975bbf | Sofia Papagiannaki | visit dev.twitter.com/apps. |
100 | e0975bbf | Sofia Papagiannaki | |
101 | e0975bbf | Sofia Papagiannaki | Click Create an application. |
102 | e0975bbf | Sofia Papagiannaki | |
103 | e0975bbf | Sofia Papagiannaki | Fill the necessary information and for callback URL give:: |
104 | e0975bbf | Sofia Papagiannaki | |
105 | e0975bbf | Sofia Papagiannaki | https://node1.example.com/ui/login/twitter/authenticated |
106 | e0975bbf | Sofia Papagiannaki | |
107 | e0975bbf | Sofia Papagiannaki | Finally, add 'twitter' in ``ASTAKOS_IM_MODULES`` list. The variable resides |
108 | e0975bbf | Sofia Papagiannaki | inside the file ``/etc/synnefo/20-snf-astakos-app-settings.conf`` |
109 | e0975bbf | Sofia Papagiannaki | |
110 | e0975bbf | Sofia Papagiannaki | Google Authentication |
111 | 3a0ce98e | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~~~~ |
112 | e0975bbf | Sofia Papagiannaki | |
113 | e0975bbf | Sofia Papagiannaki | To enable google authentication while signed in under a Google account, |
114 | e0975bbf | Sofia Papagiannaki | visit https://code.google.com/apis/console/. |
115 | e0975bbf | Sofia Papagiannaki | |
116 | e0975bbf | Sofia Papagiannaki | Under API Access select Create another client ID, select Web application, |
117 | e0975bbf | Sofia Papagiannaki | expand more options in Your site or hostname section and in Authorized |
118 | e0975bbf | Sofia Papagiannaki | Redirect URIs add: |
119 | e0975bbf | Sofia Papagiannaki | |
120 | e0975bbf | Sofia Papagiannaki | |
121 | e0975bbf | Sofia Papagiannaki | Fill the necessary information and for callback URL give:: |
122 | e0975bbf | Sofia Papagiannaki | |
123 | e0975bbf | Sofia Papagiannaki | https://node1.example.com/ui/login/google/authenticated |
124 | e0975bbf | Sofia Papagiannaki | |
125 | e0975bbf | Sofia Papagiannaki | Finally, add 'google' in ``ASTAKOS_IM_MODULES`` list. The variable resides |
126 | e0975bbf | Sofia Papagiannaki | inside the file ``/etc/synnefo/20-snf-astakos-app-settings.conf`` |
127 | e0975bbf | Sofia Papagiannaki | |
128 | eab73849 | Constantinos Venetsanopoulos | |
129 | eab73849 | Constantinos Venetsanopoulos | Working with Astakos |
130 | eab73849 | Constantinos Venetsanopoulos | -------------------- |
131 | eab73849 | Constantinos Venetsanopoulos | |
132 | 77186edf | Kostas Papadimitriou | User registration |
133 | 77186edf | Kostas Papadimitriou | ~~~~~~~~~~~~~~~~~ |
134 | f846d8df | Constantinos Venetsanopoulos | |
135 | 77186edf | Kostas Papadimitriou | When a new user signs up, he/she is not directly marked as active. You can see |
136 | 77186edf | Kostas Papadimitriou | his/her state by running (on the machine that runs the Astakos app): |
137 | f846d8df | Constantinos Venetsanopoulos | |
138 | f846d8df | Constantinos Venetsanopoulos | .. code-block:: console |
139 | f846d8df | Constantinos Venetsanopoulos | |
140 | 4404e02e | Ilias Tsitsimpis | $ snf-manage user-list |
141 | f846d8df | Constantinos Venetsanopoulos | |
142 | 77186edf | Kostas Papadimitriou | More detailed user status is provided in the `status` field of the `user-show` |
143 | 77186edf | Kostas Papadimitriou | command: |
144 | f846d8df | Constantinos Venetsanopoulos | |
145 | 77186edf | Kostas Papadimitriou | .. code-block:: console |
146 | f846d8df | Constantinos Venetsanopoulos | |
147 | 77186edf | Kostas Papadimitriou | $ snf-manage user-show <user-id> |
148 | f846d8df | Constantinos Venetsanopoulos | |
149 | 77186edf | Kostas Papadimitriou | id : 6 |
150 | 77186edf | Kostas Papadimitriou | uuid : 78661411-5eed-412f-a9ea-2de24f542c2e |
151 | 77186edf | Kostas Papadimitriou | status : Accepted/Active (accepted policy: manual) |
152 | 77186edf | Kostas Papadimitriou | email : user@synnefo.org |
153 | 77186edf | Kostas Papadimitriou | .... |
154 | f846d8df | Constantinos Venetsanopoulos | |
155 | 3a0ce98e | Constantinos Venetsanopoulos | Based on the `astakos-app` configuration, there are several ways for a user to |
156 | 3a0ce98e | Constantinos Venetsanopoulos | get verified and activated in order to be able to login. We discuss the user |
157 | 3a0ce98e | Constantinos Venetsanopoulos | verification and activation flow in the following section. |
158 | 77186edf | Kostas Papadimitriou | |
159 | 77186edf | Kostas Papadimitriou | User activation flow |
160 | eab73849 | Constantinos Venetsanopoulos | ```````````````````` |
161 | eab73849 | Constantinos Venetsanopoulos | |
162 | 77186edf | Kostas Papadimitriou | A user can register for an account using the astakos signup form. Once the form |
163 | 77186edf | Kostas Papadimitriou | is submited successfully a user entry is created in astakos database. That entry |
164 | 77186edf | Kostas Papadimitriou | is passed through the astakos activation backend which handles whether the user |
165 | 77186edf | Kostas Papadimitriou | should be automatically verified and activated. |
166 | 77186edf | Kostas Papadimitriou | |
167 | 77186edf | Kostas Papadimitriou | Email verification |
168 | 77186edf | Kostas Papadimitriou | `````````````````` |
169 | 77186edf | Kostas Papadimitriou | |
170 | 77186edf | Kostas Papadimitriou | The verification process takes place in order to ensure that the user owns the |
171 | 77186edf | Kostas Papadimitriou | email provided during the signup process. By default, after each successful |
172 | 77186edf | Kostas Papadimitriou | signup astakos notifies user with an verification url via email. |
173 | 77186edf | Kostas Papadimitriou | |
174 | 77186edf | Kostas Papadimitriou | At this stage: |
175 | 77186edf | Kostas Papadimitriou | |
176 | 77186edf | Kostas Papadimitriou | * subsequent registrations invalidate and delete the previous registrations |
177 | 77186edf | Kostas Papadimitriou | of the same email address. |
178 | 77186edf | Kostas Papadimitriou | |
179 | 77186edf | Kostas Papadimitriou | * in case user misses the initial notification, additional emails can be |
180 | 77186edf | Kostas Papadimitriou | send either via the url which is prompted to the user if he tries to |
181 | 77186edf | Kostas Papadimitriou | login, or by the administrator using the ``snf-manage user-activation-send |
182 | 77186edf | Kostas Papadimitriou | <userid>`` command. |
183 | 77186edf | Kostas Papadimitriou | |
184 | 77186edf | Kostas Papadimitriou | * administrator may also enforce a user to get verified using the |
185 | 77186edf | Kostas Papadimitriou | ``snf-manage user-modify --verify <userid>`` command. |
186 | 77186edf | Kostas Papadimitriou | |
187 | 77186edf | Kostas Papadimitriou | Account activation |
188 | 77186edf | Kostas Papadimitriou | `````````````````` |
189 | 77186edf | Kostas Papadimitriou | |
190 | 3a0ce98e | Constantinos Venetsanopoulos | Once the user gets verified, it is time for Astakos to decide whether or not to |
191 | 77186edf | Kostas Papadimitriou | proceed through user activation process. If ``ASTAKOS_MODERATION_ENABLED`` |
192 | 77186edf | Kostas Papadimitriou | setting is set to ``False`` (default value) user gets activated automatically. |
193 | 77186edf | Kostas Papadimitriou | |
194 | 3a0ce98e | Constantinos Venetsanopoulos | In case the moderation is enabled Astakos may still automatically activate the |
195 | 77186edf | Kostas Papadimitriou | user in the following cases: |
196 | 77186edf | Kostas Papadimitriou | |
197 | 77186edf | Kostas Papadimitriou | * User email matches any of the regular expressions defined in |
198 | 77186edf | Kostas Papadimitriou | ``ASTAKOS_RE_USER_EMAIL_PATTERNS`` (defaults to ``[]``) |
199 | 77186edf | Kostas Papadimitriou | * User used a signup method (e.g. ``shibboleth``) for which automatic |
200 | 77186edf | Kostas Papadimitriou | activation is enabled (see |
201 | 77186edf | Kostas Papadimitriou | :ref:`authentication methods policies <auth_methods_policies>`). |
202 | 77186edf | Kostas Papadimitriou | |
203 | 3a0ce98e | Constantinos Venetsanopoulos | If all of the above fail to trigger automatic activation, an email is sent to |
204 | 3a0ce98e | Constantinos Venetsanopoulos | the persons listed in ``HELPDESK``, ``MANAGERS`` and ``ADMINS`` settings, |
205 | 3a0ce98e | Constantinos Venetsanopoulos | notifing that there is a new user pending for moderation and that it's up to |
206 | 3a0ce98e | Constantinos Venetsanopoulos | the administrator to decide if the user should be activated. The UI also shows |
207 | 3a0ce98e | Constantinos Venetsanopoulos | a corresponding 'pending moderation' message to the user. The administrator can |
208 | 3a0ce98e | Constantinos Venetsanopoulos | activate a user using the ``snf-manage user-modify`` command: |
209 | 77186edf | Kostas Papadimitriou | |
210 | 77186edf | Kostas Papadimitriou | .. code-block:: console |
211 | 77186edf | Kostas Papadimitriou | |
212 | 77186edf | Kostas Papadimitriou | # command to activate a pending user |
213 | 77186edf | Kostas Papadimitriou | $ snf-manage user-modify --accept <userid> |
214 | 77186edf | Kostas Papadimitriou | |
215 | 77186edf | Kostas Papadimitriou | # command to reject a pending user |
216 | 77186edf | Kostas Papadimitriou | $ snf-manage user-modify --reject --reject-reason="spammer" <userid> |
217 | 77186edf | Kostas Papadimitriou | |
218 | 3a0ce98e | Constantinos Venetsanopoulos | Once the activation process finishes, a greeting message is sent to the user |
219 | 3a0ce98e | Constantinos Venetsanopoulos | email address and a notification for the activation to the persons listed in |
220 | 3a0ce98e | Constantinos Venetsanopoulos | ``HELPDESK``, ``MANAGERS`` and ``ADMINS`` settings. Once activated the user is |
221 | 3a0ce98e | Constantinos Venetsanopoulos | able to login and access the Synnefo services. |
222 | 77186edf | Kostas Papadimitriou | |
223 | 77186edf | Kostas Papadimitriou | Additional authentication methods |
224 | 77186edf | Kostas Papadimitriou | ````````````````````````````````` |
225 | 77186edf | Kostas Papadimitriou | |
226 | 77186edf | Kostas Papadimitriou | Astakos supports third party logins from external identity providers. This |
227 | 77186edf | Kostas Papadimitriou | can be usefull since it allows users to use their existing credentials to |
228 | 77186edf | Kostas Papadimitriou | login to astakos service. |
229 | 77186edf | Kostas Papadimitriou | |
230 | 77186edf | Kostas Papadimitriou | Currently astakos supports the following identity providers: |
231 | 77186edf | Kostas Papadimitriou | |
232 | 77186edf | Kostas Papadimitriou | * `Shibboleth <http://www.internet2.edu/shibboleth>`_ (module name |
233 | 77186edf | Kostas Papadimitriou | ``shibboleth``) |
234 | 77186edf | Kostas Papadimitriou | * `Google <https://developers.google.com/accounts/docs/OAuth2>`_ (module |
235 | 77186edf | Kostas Papadimitriou | name ``google``) |
236 | 77186edf | Kostas Papadimitriou | * `Twitter <https://dev.twitter.com/docs/auth>`_ (module name ``twitter``) |
237 | 77186edf | Kostas Papadimitriou | * `LinkedIn <http://developer.linkedin.com/documents/authentication>`_ |
238 | 77186edf | Kostas Papadimitriou | (module name ``linkedin``) |
239 | 77186edf | Kostas Papadimitriou | |
240 | 77186edf | Kostas Papadimitriou | To enable any of the above modules (by default only ``local`` accounts are |
241 | 77186edf | Kostas Papadimitriou | allowed), retrieve and set the required provider settings and append the |
242 | 77186edf | Kostas Papadimitriou | module name in ``ASTAKOS_IM_MODULES``. |
243 | 77186edf | Kostas Papadimitriou | |
244 | 77186edf | Kostas Papadimitriou | .. code-block:: python |
245 | 77186edf | Kostas Papadimitriou | |
246 | 77186edf | Kostas Papadimitriou | # settings from https://code.google.com/apis/console/ |
247 | 77186edf | Kostas Papadimitriou | ASTAKOS_GOOGLE_CLIENT_ID = '1111111111-epi60tvimgha63qqnjo40cljkojcann3.apps.googleusercontent.com' |
248 | 77186edf | Kostas Papadimitriou | ASTAKOS_GOOGLE_SECRET = 'tNDQqTDKlTf7_LaeUcWTWwZM' |
249 | 77186edf | Kostas Papadimitriou | |
250 | 77186edf | Kostas Papadimitriou | # let users signup and login using their google account |
251 | 77186edf | Kostas Papadimitriou | ASTAKOS_IM_MODULES = ['local', 'google'] |
252 | 77186edf | Kostas Papadimitriou | |
253 | 77186edf | Kostas Papadimitriou | |
254 | 77186edf | Kostas Papadimitriou | .. _auth_methods_policies: |
255 | 77186edf | Kostas Papadimitriou | |
256 | 77186edf | Kostas Papadimitriou | Authentication method policies |
257 | 77186edf | Kostas Papadimitriou | `````````````````````````````` |
258 | 77186edf | Kostas Papadimitriou | |
259 | 77186edf | Kostas Papadimitriou | Astakos allows you to override the default policies for each enabled provider |
260 | 77186edf | Kostas Papadimitriou | separately by adding the approriate settings in your ``.conf`` files in the |
261 | 77186edf | Kostas Papadimitriou | following format: |
262 | 77186edf | Kostas Papadimitriou | |
263 | 77186edf | Kostas Papadimitriou | **ASTAKOS_AUTH_PROVIDER_<module>_<policy>_POLICY** |
264 | 77186edf | Kostas Papadimitriou | |
265 | 77186edf | Kostas Papadimitriou | Available policies are: |
266 | 77186edf | Kostas Papadimitriou | |
267 | 77186edf | Kostas Papadimitriou | * **CREATE** Users can signup using that provider (default: ``True``) |
268 | 77186edf | Kostas Papadimitriou | * **REMOVE/ADD** Users can remove/add login method from their profile |
269 | 77186edf | Kostas Papadimitriou | (default: ``True``) |
270 | 77186edf | Kostas Papadimitriou | * **AUTOMODERATE** Automatically activate users that signup using that |
271 | 77186edf | Kostas Papadimitriou | provider (default: ``False``) |
272 | 77186edf | Kostas Papadimitriou | * **LOGIN** Whether or not users can use the provider to login (default: |
273 | 77186edf | Kostas Papadimitriou | ``True``). |
274 | 77186edf | Kostas Papadimitriou | |
275 | 77186edf | Kostas Papadimitriou | e.g. to enable automatic activation for your academic users, while keeping |
276 | 77186edf | Kostas Papadimitriou | locally signed up users under moderation you can apply the following settings. |
277 | 77186edf | Kostas Papadimitriou | |
278 | 77186edf | Kostas Papadimitriou | .. code-block:: python |
279 | 77186edf | Kostas Papadimitriou | |
280 | 77186edf | Kostas Papadimitriou | ASTAKOS_AUTH_PROVIDER_SHIBBOLETH_AUTOMODERATE_POLICY = True |
281 | 77186edf | Kostas Papadimitriou | ASTAKOS_AUTH_PROVIDER_SHIBBOLETH_REMOVE_POLICY = False |
282 | 77186edf | Kostas Papadimitriou | |
283 | 3a0ce98e | Constantinos Venetsanopoulos | User login |
284 | 3a0ce98e | Constantinos Venetsanopoulos | ~~~~~~~~~~ |
285 | 3a0ce98e | Constantinos Venetsanopoulos | |
286 | 3a0ce98e | Constantinos Venetsanopoulos | During the logging procedure, the user is authenticated by the respective |
287 | 3a0ce98e | Constantinos Venetsanopoulos | identity provider. |
288 | 3a0ce98e | Constantinos Venetsanopoulos | |
289 | 3a0ce98e | Constantinos Venetsanopoulos | If ``ASTAKOS_RECAPTCHA_ENABLED`` is set and the user fails several times |
290 | 3a0ce98e | Constantinos Venetsanopoulos | (``ASTAKOS_RATELIMIT_RETRIES_ALLOWED`` setting) to provide the correct |
291 | 3a0ce98e | Constantinos Venetsanopoulos | credentials for a local account, he/she is then prompted to solve a captcha |
292 | 3a0ce98e | Constantinos Venetsanopoulos | challenge. |
293 | 3a0ce98e | Constantinos Venetsanopoulos | |
294 | 3a0ce98e | Constantinos Venetsanopoulos | Upon success, the system renews the token (if it has expired), logins the user |
295 | 3a0ce98e | Constantinos Venetsanopoulos | and sets the cookie, before redirecting the user to the ``next`` parameter |
296 | 3a0ce98e | Constantinos Venetsanopoulos | value. |
297 | eab73849 | Constantinos Venetsanopoulos | |
298 | 2988ae31 | Georgios D. Tsoukalas | Setting quota limits |
299 | 2988ae31 | Georgios D. Tsoukalas | ~~~~~~~~~~~~~~~~~~~~ |
300 | 2988ae31 | Georgios D. Tsoukalas | |
301 | 075b91de | Giorgos Korfiatis | Set default quota |
302 | 075b91de | Giorgos Korfiatis | ````````````````` |
303 | 2988ae31 | Georgios D. Tsoukalas | |
304 | 2988ae31 | Georgios D. Tsoukalas | In 20-snf-astakos-app-settings.conf, |
305 | 2988ae31 | Georgios D. Tsoukalas | uncomment the default setting ``ASTAKOS_SERVICES`` |
306 | 2988ae31 | Georgios D. Tsoukalas | and customize the ``'uplimit'`` values. |
307 | 075b91de | Giorgos Korfiatis | These are the default base quota for all users. |
308 | 2988ae31 | Georgios D. Tsoukalas | |
309 | 2988ae31 | Georgios D. Tsoukalas | To apply your configuration run:: |
310 | 2988ae31 | Georgios D. Tsoukalas | |
311 | 2988ae31 | Georgios D. Tsoukalas | # snf-manage astakos-init --load-service-resources |
312 | 075b91de | Giorgos Korfiatis | # snf-manage quota --sync |
313 | 2988ae31 | Georgios D. Tsoukalas | |
314 | 075b91de | Giorgos Korfiatis | Set base quota for individual users |
315 | 075b91de | Giorgos Korfiatis | ``````````````````````````````````` |
316 | 2988ae31 | Georgios D. Tsoukalas | |
317 | 075b91de | Giorgos Korfiatis | For individual users that need different quota than the default |
318 | 2988ae31 | Georgios D. Tsoukalas | you can set it for each resource like this:: |
319 | 2988ae31 | Georgios D. Tsoukalas | |
320 | 075b91de | Giorgos Korfiatis | # use this to display quota / uuid |
321 | 075b91de | Giorgos Korfiatis | # snf-manage user-show 'uuid or email' --quota |
322 | 2988ae31 | Georgios D. Tsoukalas | |
323 | 075b91de | Giorgos Korfiatis | # snf-manage user-modify 'user-uuid' --set-base-quota 'cyclades.vm' 10 |
324 | 2988ae31 | Georgios D. Tsoukalas | |
325 | 2988ae31 | Georgios D. Tsoukalas | |
326 | 2988ae31 | Georgios D. Tsoukalas | Enable the Projects feature |
327 | 2988ae31 | Georgios D. Tsoukalas | ~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
328 | 2988ae31 | Georgios D. Tsoukalas | |
329 | 2988ae31 | Georgios D. Tsoukalas | If you want to enable the projects feature so that users may apply |
330 | 2988ae31 | Georgios D. Tsoukalas | on their own for resources by creating and joining projects, |
331 | 2988ae31 | Georgios D. Tsoukalas | in ``20-snf-astakos-app-settings.conf`` set:: |
332 | 2988ae31 | Georgios D. Tsoukalas | |
333 | 2988ae31 | Georgios D. Tsoukalas | # this will make the 'projects' page visible in the dashboard |
334 | 2988ae31 | Georgios D. Tsoukalas | ASTAKOS_PROJECTS_VISIBLE = True |
335 | 2988ae31 | Georgios D. Tsoukalas | |
336 | 9770ba6c | Giorgos Korfiatis | You can change the maximum allowed number of pending project applications |
337 | 9770ba6c | Giorgos Korfiatis | per user with:: |
338 | 827de879 | Giorgos Korfiatis | |
339 | 9770ba6c | Giorgos Korfiatis | # snf-manage resource-modify astakos.pending_app --limit <number> |
340 | 9770ba6c | Giorgos Korfiatis | |
341 | 9770ba6c | Giorgos Korfiatis | You can also set a user-specific limit with:: |
342 | 9770ba6c | Giorgos Korfiatis | |
343 | 075b91de | Giorgos Korfiatis | # snf-manage user-modify 'user-uuid' --set-base-quota 'astakos.pending_app' 5 |
344 | 827de879 | Giorgos Korfiatis | |
345 | 2988ae31 | Georgios D. Tsoukalas | When users apply for projects they are not automatically granted |
346 | 2988ae31 | Georgios D. Tsoukalas | the resources. They must first be approved by the administrator. |
347 | 2988ae31 | Georgios D. Tsoukalas | |
348 | 2988ae31 | Georgios D. Tsoukalas | To list pending project applications in astakos:: |
349 | 2988ae31 | Georgios D. Tsoukalas | |
350 | 2988ae31 | Georgios D. Tsoukalas | # snf-manage project-list --pending |
351 | 2988ae31 | Georgios D. Tsoukalas | |
352 | 2988ae31 | Georgios D. Tsoukalas | Note the last column, the application id. To approve it:: |
353 | 2988ae31 | Georgios D. Tsoukalas | |
354 | 2988ae31 | Georgios D. Tsoukalas | # <app id> from the last column of project-list |
355 | 2988ae31 | Georgios D. Tsoukalas | # snf-manage project-control --approve <app id> |
356 | 2988ae31 | Georgios D. Tsoukalas | |
357 | 2988ae31 | Georgios D. Tsoukalas | To deny an application:: |
358 | 2988ae31 | Georgios D. Tsoukalas | |
359 | 2988ae31 | Georgios D. Tsoukalas | # snf-manage project-control --deny <app id> |
360 | 2988ae31 | Georgios D. Tsoukalas | |
361 | 827de879 | Giorgos Korfiatis | Users designated as *project admins* can approve, deny, or modify |
362 | 827de879 | Giorgos Korfiatis | an application through the web interface. In |
363 | 827de879 | Giorgos Korfiatis | ``20-snf-astakos-app-settings.conf`` set:: |
364 | 827de879 | Giorgos Korfiatis | |
365 | 827de879 | Giorgos Korfiatis | # UUIDs of users that can approve or deny project applications from the web. |
366 | 827de879 | Giorgos Korfiatis | ASTAKOS_PROJECT_ADMINS = [<uuid>, ...] |
367 | 2988ae31 | Georgios D. Tsoukalas | |
368 | 2988ae31 | Georgios D. Tsoukalas | |
369 | eab73849 | Constantinos Venetsanopoulos | Astakos advanced operations |
370 | eab73849 | Constantinos Venetsanopoulos | --------------------------- |
371 | eab73849 | Constantinos Venetsanopoulos | |
372 | eab73849 | Constantinos Venetsanopoulos | Adding "Terms of Use" |
373 | eab73849 | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~~~~ |
374 | eab73849 | Constantinos Venetsanopoulos | |
375 | eab73849 | Constantinos Venetsanopoulos | Astakos supports versioned terms-of-use. First of all you need to create an |
376 | eab73849 | Constantinos Venetsanopoulos | html file that will contain your terms. For example, create the file |
377 | eab73849 | Constantinos Venetsanopoulos | ``/usr/share/synnefo/sample-terms.html``, which contains the following: |
378 | eab73849 | Constantinos Venetsanopoulos | |
379 | eab73849 | Constantinos Venetsanopoulos | .. code-block:: console |
380 | eab73849 | Constantinos Venetsanopoulos | |
381 | 3a0ce98e | Constantinos Venetsanopoulos | <h1>My cloud service terms</h1> |
382 | eab73849 | Constantinos Venetsanopoulos | |
383 | 3a0ce98e | Constantinos Venetsanopoulos | These are the example terms for my cloud service |
384 | eab73849 | Constantinos Venetsanopoulos | |
385 | eab73849 | Constantinos Venetsanopoulos | Then, add those terms-of-use with the snf-manage command: |
386 | eab73849 | Constantinos Venetsanopoulos | |
387 | eab73849 | Constantinos Venetsanopoulos | .. code-block:: console |
388 | eab73849 | Constantinos Venetsanopoulos | |
389 | eab73849 | Constantinos Venetsanopoulos | $ snf-manage term-add /usr/share/synnefo/sample-terms.html |
390 | eab73849 | Constantinos Venetsanopoulos | |
391 | eab73849 | Constantinos Venetsanopoulos | Your terms have been successfully added and you will see the corresponding link |
392 | eab73849 | Constantinos Venetsanopoulos | appearing in the Astakos web pages' footer. |
393 | eab73849 | Constantinos Venetsanopoulos | |
394 | 3a0ce98e | Constantinos Venetsanopoulos | During the account registration, if there are approval terms, the user is |
395 | 3a0ce98e | Constantinos Venetsanopoulos | presented with an "I agree with the Terms" checkbox that needs to get checked |
396 | 3a0ce98e | Constantinos Venetsanopoulos | in order to proceed. |
397 | 3a0ce98e | Constantinos Venetsanopoulos | |
398 | 3a0ce98e | Constantinos Venetsanopoulos | In case there are new approval terms that the user has not signed yet, the |
399 | 3a0ce98e | Constantinos Venetsanopoulos | ``signed_terms_required`` view decorator redirects to the ``approval_terms`` |
400 | 3a0ce98e | Constantinos Venetsanopoulos | view, so the user will be presented with the new terms the next time he/she |
401 | 3a0ce98e | Constantinos Venetsanopoulos | logins. |
402 | 3a0ce98e | Constantinos Venetsanopoulos | |
403 | a23251f4 | Constantinos Venetsanopoulos | Enabling reCAPTCHA |
404 | a23251f4 | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~ |
405 | a23251f4 | Constantinos Venetsanopoulos | |
406 | a23251f4 | Constantinos Venetsanopoulos | Astakos supports the `reCAPTCHA <http://www.google.com/recaptcha>`_ feature. |
407 | a23251f4 | Constantinos Venetsanopoulos | If enabled, it protects the Astakos forms from bots. To enable the feature, go |
408 | a23251f4 | Constantinos Venetsanopoulos | to https://www.google.com/recaptcha/admin/create and create your own reCAPTCHA |
409 | a23251f4 | Constantinos Venetsanopoulos | key pair. Then edit ``/etc/synnefo/20-snf-astakos-app-settings.conf`` and set |
410 | a23251f4 | Constantinos Venetsanopoulos | the corresponding variables to reflect your newly created key pair. Finally, set |
411 | a23251f4 | Constantinos Venetsanopoulos | the ``ASTAKOS_RECAPTCHA_ENABLED`` variable to ``True``: |
412 | a23251f4 | Constantinos Venetsanopoulos | |
413 | a23251f4 | Constantinos Venetsanopoulos | .. code-block:: console |
414 | a23251f4 | Constantinos Venetsanopoulos | |
415 | a23251f4 | Constantinos Venetsanopoulos | ASTAKOS_RECAPTCHA_PUBLIC_KEY = 'example_recaptcha_public_key!@#$%^&*(' |
416 | a23251f4 | Constantinos Venetsanopoulos | ASTAKOS_RECAPTCHA_PRIVATE_KEY = 'example_recaptcha_private_key!@#$%^&*(' |
417 | a23251f4 | Constantinos Venetsanopoulos | |
418 | a23251f4 | Constantinos Venetsanopoulos | ASTAKOS_RECAPTCHA_ENABLED = True |
419 | a23251f4 | Constantinos Venetsanopoulos | |
420 | a23251f4 | Constantinos Venetsanopoulos | Restart the service on the Astakos node(s) and you are ready: |
421 | a23251f4 | Constantinos Venetsanopoulos | |
422 | a23251f4 | Constantinos Venetsanopoulos | .. code-block:: console |
423 | a23251f4 | Constantinos Venetsanopoulos | |
424 | a23251f4 | Constantinos Venetsanopoulos | # /etc/init.d/gunicorn restart |
425 | a23251f4 | Constantinos Venetsanopoulos | |
426 | a23251f4 | Constantinos Venetsanopoulos | Checkout your new Sign up page. If you see the reCAPTCHA box, you have setup |
427 | a23251f4 | Constantinos Venetsanopoulos | everything correctly. |
428 | a23251f4 | Constantinos Venetsanopoulos | |
429 | eab73849 | Constantinos Venetsanopoulos | |
430 | 3a0ce98e | Constantinos Venetsanopoulos | Astakos internals |
431 | 3a0ce98e | Constantinos Venetsanopoulos | ----------------- |
432 | 3a0ce98e | Constantinos Venetsanopoulos | |
433 | 3a0ce98e | Constantinos Venetsanopoulos | X-Auth-Token |
434 | 3a0ce98e | Constantinos Venetsanopoulos | ~~~~~~~~~~~~ |
435 | 3a0ce98e | Constantinos Venetsanopoulos | |
436 | 3a0ce98e | Constantinos Venetsanopoulos | Alice requests a specific resource from a cloud service e.g.: Pithos. In the |
437 | 3a0ce98e | Constantinos Venetsanopoulos | request she supplies the `X-Auth-Token` to identify whether she is eligible to |
438 | 3a0ce98e | Constantinos Venetsanopoulos | perform the specific task. The service contacts Astakos through its |
439 | 3a0ce98e | Constantinos Venetsanopoulos | ``/account/v1.0/authenticate`` api call (see :ref:`authenticate-api-label`) |
440 | 3a0ce98e | Constantinos Venetsanopoulos | providing the specific ``X-Auth-Token``. Astakos checkes whether the token |
441 | 3a0ce98e | Constantinos Venetsanopoulos | belongs to an active user and it has not expired and returns a dictionary |
442 | 3a0ce98e | Constantinos Venetsanopoulos | containing user related information. Finally the service uses the ``uniq`` |
443 | 3a0ce98e | Constantinos Venetsanopoulos | field included in the dictionary as the account string to identify the user |
444 | 3a0ce98e | Constantinos Venetsanopoulos | accessible resources. |
445 | 3a0ce98e | Constantinos Venetsanopoulos | |
446 | 3a0ce98e | Constantinos Venetsanopoulos | .. _authentication-label: |
447 | 3a0ce98e | Constantinos Venetsanopoulos | |
448 | 3a0ce98e | Constantinos Venetsanopoulos | Django Auth methods and Backends |
449 | 3a0ce98e | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
450 | 3a0ce98e | Constantinos Venetsanopoulos | |
451 | 3a0ce98e | Constantinos Venetsanopoulos | Astakos incorporates Django user authentication system and extends its User model. |
452 | 3a0ce98e | Constantinos Venetsanopoulos | |
453 | 3a0ce98e | Constantinos Venetsanopoulos | Since username field of django User model has a limitation of 30 characters, |
454 | 3a0ce98e | Constantinos Venetsanopoulos | AstakosUser is **uniquely** identified by the ``email`` instead. Therefore, |
455 | 3a0ce98e | Constantinos Venetsanopoulos | ``astakos.im.authentication_backends.EmailBackend`` is served to authenticate a |
456 | 3a0ce98e | Constantinos Venetsanopoulos | user using email if the first argument is actually an email, otherwise tries |
457 | 3a0ce98e | Constantinos Venetsanopoulos | the username. |
458 | 3a0ce98e | Constantinos Venetsanopoulos | |
459 | 3a0ce98e | Constantinos Venetsanopoulos | A new AstakosUser instance is assigned with a uui as username and also with a |
460 | 3a0ce98e | Constantinos Venetsanopoulos | ``auth_token`` used by the cloud services to authenticate the user. |
461 | 3a0ce98e | Constantinos Venetsanopoulos | ``astakos.im.authentication_backends.TokenBackend`` is also specified in order |
462 | 3a0ce98e | Constantinos Venetsanopoulos | to authenticate the user using the email and the token fields. |
463 | 3a0ce98e | Constantinos Venetsanopoulos | |
464 | 3a0ce98e | Constantinos Venetsanopoulos | Logged on users can perform a number of actions: |
465 | 3a0ce98e | Constantinos Venetsanopoulos | |
466 | 3a0ce98e | Constantinos Venetsanopoulos | * access and edit their profile via: ``/im/profile``. |
467 | 3a0ce98e | Constantinos Venetsanopoulos | * change their password via: ``/im/password`` |
468 | 3a0ce98e | Constantinos Venetsanopoulos | * send feedback for grnet services via: ``/im/send_feedback`` |
469 | 3a0ce98e | Constantinos Venetsanopoulos | * logout (and delete cookie) via: ``/im/logout`` |
470 | 3a0ce98e | Constantinos Venetsanopoulos | |
471 | 3a0ce98e | Constantinos Venetsanopoulos | Internal Astakos requests are handled using cookie-based Django user sessions. |
472 | 3a0ce98e | Constantinos Venetsanopoulos | |
473 | 3a0ce98e | Constantinos Venetsanopoulos | External systems should forward to the ``/login`` URI. The server, |
474 | 3a0ce98e | Constantinos Venetsanopoulos | depending on its configuration will redirect to the appropriate login page. |
475 | 3a0ce98e | Constantinos Venetsanopoulos | When done with logging in, the service's login URI should redirect to the URI |
476 | 3a0ce98e | Constantinos Venetsanopoulos | provided with next, adding user and token parameters, which contain the email |
477 | 3a0ce98e | Constantinos Venetsanopoulos | and token fields respectively. |
478 | 3a0ce98e | Constantinos Venetsanopoulos | |
479 | 3a0ce98e | Constantinos Venetsanopoulos | The login URI accepts the following parameters: |
480 | 3a0ce98e | Constantinos Venetsanopoulos | |
481 | 3a0ce98e | Constantinos Venetsanopoulos | ====================== ========================= |
482 | 3a0ce98e | Constantinos Venetsanopoulos | Request Parameter Name Value |
483 | 3a0ce98e | Constantinos Venetsanopoulos | ====================== ========================= |
484 | 3a0ce98e | Constantinos Venetsanopoulos | next The URI to redirect to when the process is finished |
485 | 3a0ce98e | Constantinos Venetsanopoulos | renew Force token renewal (no value parameter) |
486 | 3a0ce98e | Constantinos Venetsanopoulos | force Force logout current user (no value parameter) |
487 | 3a0ce98e | Constantinos Venetsanopoulos | ====================== ========================= |
488 | 3a0ce98e | Constantinos Venetsanopoulos | |
489 | 3a0ce98e | Constantinos Venetsanopoulos | External systems inside the ``ASTAKOS_COOKIE_DOMAIN`` scope can acquire the |
490 | 3a0ce98e | Constantinos Venetsanopoulos | user information by the cookie identified by ``ASTAKOS_COOKIE_NAME`` setting |
491 | 3a0ce98e | Constantinos Venetsanopoulos | (set during the login procedure). |
492 | 3a0ce98e | Constantinos Venetsanopoulos | |
493 | 3a0ce98e | Constantinos Venetsanopoulos | Finally, backend systems having acquired a token can use the |
494 | 3a0ce98e | Constantinos Venetsanopoulos | :ref:`authenticate-api-label` API call from a private network or through HTTPS. |
495 | 3a0ce98e | Constantinos Venetsanopoulos | |
496 | 3a0ce98e | Constantinos Venetsanopoulos | |
497 | eab73849 | Constantinos Venetsanopoulos | |
498 | eab73849 | Constantinos Venetsanopoulos | Compute/Network/Image Service (Cyclades) |
499 | eab73849 | Constantinos Venetsanopoulos | ======================================== |
500 | eab73849 | Constantinos Venetsanopoulos | |
501 | eab73849 | Constantinos Venetsanopoulos | Working with Cyclades |
502 | eab73849 | Constantinos Venetsanopoulos | --------------------- |
503 | eab73849 | Constantinos Venetsanopoulos | |
504 | 0768a1df | Christos Stavrakakis | Managing Ganeti Backends |
505 | 90c74332 | Christos Stavrakakis | ~~~~~~~~~~~~~~~~~~~~~~~~ |
506 | 0768a1df | Christos Stavrakakis | |
507 | a1c707c9 | Constantinos Venetsanopoulos | Since v0.11, Synnefo is able to manage multiple Ganeti clusters (backends) |
508 | a1c707c9 | Constantinos Venetsanopoulos | making it capable to scale linearly to tens of thousands of VMs. Backends |
509 | a1c707c9 | Constantinos Venetsanopoulos | can be dynamically added or removed via `snf-manage` commands. |
510 | 0768a1df | Christos Stavrakakis | |
511 | a1c707c9 | Constantinos Venetsanopoulos | Each newly created VM is allocated to a Ganeti backend by the Cyclades backend |
512 | a1c707c9 | Constantinos Venetsanopoulos | allocator. The VM is "pinned" to this backend, and can not change through its |
513 | a1c707c9 | Constantinos Venetsanopoulos | lifetime. The backend allocator decides in which backend to spawn the VM based |
514 | a1c707c9 | Constantinos Venetsanopoulos | on the available resources of each backend, trying to balance the load between |
515 | a1c707c9 | Constantinos Venetsanopoulos | them. |
516 | 0768a1df | Christos Stavrakakis | |
517 | 0768a1df | Christos Stavrakakis | Handling of Networks, as far as backends are concerned, is based on whether the |
518 | a1c707c9 | Constantinos Venetsanopoulos | network is public or not. Public networks are created through the `snf-manage |
519 | a1c707c9 | Constantinos Venetsanopoulos | network-create` command, and are only created on one backend. Private networks |
520 | a1c707c9 | Constantinos Venetsanopoulos | are created on all backends, in order to ensure that VMs residing on different |
521 | a1c707c9 | Constantinos Venetsanopoulos | backends can be connected to the same private network. |
522 | 0768a1df | Christos Stavrakakis | |
523 | a1c707c9 | Constantinos Venetsanopoulos | Listing existing backends |
524 | a1c707c9 | Constantinos Venetsanopoulos | ````````````````````````` |
525 | a1c707c9 | Constantinos Venetsanopoulos | To list all the Ganeti backends known to Synnefo, we run: |
526 | 90c74332 | Christos Stavrakakis | |
527 | 0768a1df | Christos Stavrakakis | .. code-block:: console |
528 | 0768a1df | Christos Stavrakakis | |
529 | 0768a1df | Christos Stavrakakis | $ snf-manage backend-list |
530 | 0768a1df | Christos Stavrakakis | |
531 | 0768a1df | Christos Stavrakakis | Adding a new Ganeti backend |
532 | 90c74332 | Christos Stavrakakis | ``````````````````````````` |
533 | 0768a1df | Christos Stavrakakis | Backends are dynamically added under the control of Synnefo with `snf-manage |
534 | 0768a1df | Christos Stavrakakis | backend-add` command. In this section it is assumed that a Ganeti cluster, |
535 | a1c707c9 | Constantinos Venetsanopoulos | named ``cluster.example.com`` is already up and running and configured to be |
536 | a1c707c9 | Constantinos Venetsanopoulos | able to host Synnefo VMs. |
537 | 0768a1df | Christos Stavrakakis | |
538 | a1c707c9 | Constantinos Venetsanopoulos | To add this Ganeti cluster, we run: |
539 | 90c74332 | Christos Stavrakakis | |
540 | 0768a1df | Christos Stavrakakis | .. code-block:: console |
541 | 0768a1df | Christos Stavrakakis | |
542 | 0768a1df | Christos Stavrakakis | $ snf-manage backend-add --clustername=cluster.example.com --user="synnefo_user" --pass="synnefo_pass" |
543 | 0768a1df | Christos Stavrakakis | |
544 | 46ccbcb9 | Christos Stavrakakis | where ``clustername`` is the Cluster hostname of the Ganeti cluster, and |
545 | 46ccbcb9 | Christos Stavrakakis | ``user`` and ``pass`` are the credentials for the `Ganeti RAPI user |
546 | 46ccbcb9 | Christos Stavrakakis | <http://docs.ganeti.org/ganeti/2.2/html/rapi.html#users-and-passwords>`_. All |
547 | 46ccbcb9 | Christos Stavrakakis | backend attributes can be also changed dynamically using the `snf-manage |
548 | 46ccbcb9 | Christos Stavrakakis | backend-modify` command. |
549 | 0768a1df | Christos Stavrakakis | |
550 | a1c707c9 | Constantinos Venetsanopoulos | ``snf-manage backend-add`` will also create all existing private networks to |
551 | a1c707c9 | Constantinos Venetsanopoulos | the new backend. You can verify that the backend is added, by running |
552 | a1c707c9 | Constantinos Venetsanopoulos | `snf-manage backend-list`. |
553 | 0768a1df | Christos Stavrakakis | |
554 | a1c707c9 | Constantinos Venetsanopoulos | Note that no VMs will be spawned to this backend, since by default it is in a |
555 | a1c707c9 | Constantinos Venetsanopoulos | ``drained`` state after addition and also it has no public network assigned to |
556 | a1c707c9 | Constantinos Venetsanopoulos | it. |
557 | a1c707c9 | Constantinos Venetsanopoulos | |
558 | a1c707c9 | Constantinos Venetsanopoulos | So, first you need to create its public network, make sure everything works as |
559 | a1c707c9 | Constantinos Venetsanopoulos | expected and finally make it active by un-setting the ``drained`` flag. You can |
560 | a1c707c9 | Constantinos Venetsanopoulos | do this by running: |
561 | a1c707c9 | Constantinos Venetsanopoulos | |
562 | a1c707c9 | Constantinos Venetsanopoulos | .. code-block:: console |
563 | a1c707c9 | Constantinos Venetsanopoulos | |
564 | 46ccbcb9 | Christos Stavrakakis | $ snf-manage backend-modify --drained=False <backend_id> |
565 | 0768a1df | Christos Stavrakakis | |
566 | 0768a1df | Christos Stavrakakis | Removing an existing Ganeti backend |
567 | 90c74332 | Christos Stavrakakis | ``````````````````````````````````` |
568 | a1c707c9 | Constantinos Venetsanopoulos | In order to remove an existing backend from Synnefo, we run: |
569 | 90c74332 | Christos Stavrakakis | |
570 | 0768a1df | Christos Stavrakakis | .. code-block:: console |
571 | 0768a1df | Christos Stavrakakis | |
572 | a1c707c9 | Constantinos Venetsanopoulos | # snf-manage backend-remove <backend_id> |
573 | 0768a1df | Christos Stavrakakis | |
574 | a1c707c9 | Constantinos Venetsanopoulos | This command will fail if there are active VMs on the backend. Also, the |
575 | a1c707c9 | Constantinos Venetsanopoulos | backend is not cleaned before removal, so all the Synnefo private networks |
576 | a1c707c9 | Constantinos Venetsanopoulos | will be left on the Ganeti nodes. You need to remove them manually. |
577 | 0768a1df | Christos Stavrakakis | |
578 | a1c707c9 | Constantinos Venetsanopoulos | Allocation of VMs in Ganeti backends |
579 | a1c707c9 | Constantinos Venetsanopoulos | ```````````````````````````````````` |
580 | a1c707c9 | Constantinos Venetsanopoulos | As already mentioned, the Cyclades backend allocator is responsible for |
581 | a1c707c9 | Constantinos Venetsanopoulos | allocating new VMs to backends. This allocator does not choose the exact Ganeti |
582 | a1c707c9 | Constantinos Venetsanopoulos | node that will host the VM but just the Ganeti backend. The exact node is |
583 | a1c707c9 | Constantinos Venetsanopoulos | chosen by the Ganeti cluster's allocator (hail). |
584 | 0768a1df | Christos Stavrakakis | |
585 | 0768a1df | Christos Stavrakakis | The decision about which backend will host a VM is based on the available |
586 | 0768a1df | Christos Stavrakakis | resources. The allocator computes a score for each backend, that shows its load |
587 | 0768a1df | Christos Stavrakakis | factor, and the one with the minimum score is chosen. The admin can exclude |
588 | a1c707c9 | Constantinos Venetsanopoulos | backends from the allocation phase by marking them as ``drained`` by running: |
589 | 90c74332 | Christos Stavrakakis | |
590 | 0768a1df | Christos Stavrakakis | .. code-block:: console |
591 | 0768a1df | Christos Stavrakakis | |
592 | 46ccbcb9 | Christos Stavrakakis | $ snf-manage backend-modify --drained=True <backend_id> |
593 | 0768a1df | Christos Stavrakakis | |
594 | 0768a1df | Christos Stavrakakis | The backend resources are periodically updated, at a period defined by |
595 | a1c707c9 | Constantinos Venetsanopoulos | the ``BACKEND_REFRESH_MIN`` setting, or by running `snf-manage backend-update-status` |
596 | 0768a1df | Christos Stavrakakis | command. It is advised to have a cron job running this command at a smaller |
597 | a1c707c9 | Constantinos Venetsanopoulos | interval than ``BACKEND_REFRESH_MIN`` in order to remove the load of refreshing |
598 | 0768a1df | Christos Stavrakakis | the backends stats from the VM creation phase. |
599 | 0768a1df | Christos Stavrakakis | |
600 | a1c707c9 | Constantinos Venetsanopoulos | Finally, the admin can decide to have a user's VMs being allocated to a |
601 | a1c707c9 | Constantinos Venetsanopoulos | specific backend, with the ``BACKEND_PER_USER`` setting. This is a mapping |
602 | a1c707c9 | Constantinos Venetsanopoulos | between users and backends. If the user is found in ``BACKEND_PER_USER``, then |
603 | 46ccbcb9 | Christos Stavrakakis | Synnefo allocates all his/hers VMs to the specific backend in the variable, |
604 | 46ccbcb9 | Christos Stavrakakis | even if is marked as drained (useful for testing). |
605 | 0768a1df | Christos Stavrakakis | |
606 | 09d07554 | Christos Stavrakakis | Allocation based on disk-templates |
607 | 09d07554 | Christos Stavrakakis | ********************************** |
608 | 09d07554 | Christos Stavrakakis | |
609 | 09d07554 | Christos Stavrakakis | Besides the available resources of each Ganeti backend, the allocator takes |
610 | 09d07554 | Christos Stavrakakis | into consideration the disk template of the instance when trying to allocate it |
611 | 09d07554 | Christos Stavrakakis | to a Ganeti backend. Specifically, the allocator checks if the flavor of the |
612 | 09d07554 | Christos Stavrakakis | instance belongs to the available disk templates of each Ganeti backend. |
613 | 09d07554 | Christos Stavrakakis | |
614 | 09d07554 | Christos Stavrakakis | A Ganeti cluster has a list of enabled disk templates |
615 | 09d07554 | Christos Stavrakakis | (`--enabled-disk-templates`) and a list of allowed disk templates for new |
616 | 09d07554 | Christos Stavrakakis | instances (`--ipolicy-disk-templates`). See the `gnt-cluster` manpage for more |
617 | 09d07554 | Christos Stavrakakis | details about these options. |
618 | 09d07554 | Christos Stavrakakis | |
619 | 09d07554 | Christos Stavrakakis | When Synnefo allocates an instance, it checks whether the disk template of the |
620 | 09d07554 | Christos Stavrakakis | new instance belongs both in the enabled and ipolicy disk templates. You can |
621 | 09d07554 | Christos Stavrakakis | see the list of the available disk-templates by running `snf-manage |
622 | 09d07554 | Christos Stavrakakis | backend-list`. This list should be updated automatically after changing |
623 | 09d07554 | Christos Stavrakakis | these options in Ganeti and it can also be updated by running `snf-manage |
624 | 09d07554 | Christos Stavrakakis | backend-update-status`. |
625 | 09d07554 | Christos Stavrakakis | |
626 | 09d07554 | Christos Stavrakakis | So the administrator, can route instances on different backends based on their |
627 | 09d07554 | Christos Stavrakakis | flavor disk template, by modifying the enabled or ipolicy disk templates of |
628 | 09d07554 | Christos Stavrakakis | each backend. Also, the administrator can route instances between different |
629 | 09d07554 | Christos Stavrakakis | nodes of the same Ganeti backend, by modifying the same options at the |
630 | 09d07554 | Christos Stavrakakis | nodegroup level (see `gnt-group` manpage for mor details). |
631 | 09d07554 | Christos Stavrakakis | |
632 | 09d07554 | Christos Stavrakakis | |
633 | 9492387a | Christos Stavrakakis | Managing Virtual Machines |
634 | 9492387a | Christos Stavrakakis | ~~~~~~~~~~~~~~~~~~~~~~~~~ |
635 | 9492387a | Christos Stavrakakis | |
636 | a1c707c9 | Constantinos Venetsanopoulos | As mentioned, Cyclades uses Ganeti for management of VMs. The administrator can |
637 | a1c707c9 | Constantinos Venetsanopoulos | handle Cyclades VMs just like any other Ganeti instance, via `gnt-instance` |
638 | a1c707c9 | Constantinos Venetsanopoulos | commands. All Ganeti instances that belong to Synnefo, are separated from |
639 | a1c707c9 | Constantinos Venetsanopoulos | others, by a prefix in their names. This prefix is defined in |
640 | a1c707c9 | Constantinos Venetsanopoulos | ``BACKEND_PREFIX_ID`` setting in |
641 | a1c707c9 | Constantinos Venetsanopoulos | ``/etc/synnefo/20-snf-cyclades-app-backend.conf``. |
642 | 9492387a | Christos Stavrakakis | |
643 | a1c707c9 | Constantinos Venetsanopoulos | Apart from handling instances directly in the Ganeti level, a number of `snf-manage` |
644 | 9492387a | Christos Stavrakakis | commands are available: |
645 | 9492387a | Christos Stavrakakis | |
646 | a1c707c9 | Constantinos Venetsanopoulos | * ``snf-manage server-list``: List servers |
647 | a1c707c9 | Constantinos Venetsanopoulos | * ``snf-manage server-show``: Show information about a server in the Cyclades DB |
648 | a1c707c9 | Constantinos Venetsanopoulos | * ``snf-manage server-inspect``: Inspect the state of a server both in DB and Ganeti |
649 | a1c707c9 | Constantinos Venetsanopoulos | * ``snf-manage server-modify``: Modify the state of a server in the Cycldes DB |
650 | a1c707c9 | Constantinos Venetsanopoulos | * ``snf-manage server-create``: Create a new server |
651 | a1c707c9 | Constantinos Venetsanopoulos | * ``snf-manage server-import``: Import an existing Ganeti instance to Cyclades |
652 | 9492387a | Christos Stavrakakis | |
653 | 9492387a | Christos Stavrakakis | |
654 | 9492387a | Christos Stavrakakis | Managing Virtual Networks |
655 | 9492387a | Christos Stavrakakis | ~~~~~~~~~~~~~~~~~~~~~~~~~ |
656 | 9492387a | Christos Stavrakakis | |
657 | a1c707c9 | Constantinos Venetsanopoulos | Cyclades is able to create and manage Virtual Networks. Networking is |
658 | a1c707c9 | Constantinos Venetsanopoulos | desployment specific and must be customized based on the specific needs of the |
659 | a1c707c9 | Constantinos Venetsanopoulos | system administrator. For better understanding of networking please refer to |
660 | a1c707c9 | Constantinos Venetsanopoulos | the :ref:`Network <networks>` section. |
661 | a653c059 | Christos Stavrakakis | |
662 | a653c059 | Christos Stavrakakis | Exactly as Cyclades VMs can be handled like Ganeti instances, Cyclades Networks |
663 | a653c059 | Christos Stavrakakis | can also by handled as Ganeti networks, via `gnt-network commands`. All Ganeti |
664 | a1c707c9 | Constantinos Venetsanopoulos | networks that belong to Synnefo are named with the prefix |
665 | a653c059 | Christos Stavrakakis | `${BACKEND_PREFIX_ID}-net-`. |
666 | a653c059 | Christos Stavrakakis | |
667 | a1c707c9 | Constantinos Venetsanopoulos | There are also the following `snf-manage` commands for managing networks: |
668 | a653c059 | Christos Stavrakakis | |
669 | a1c707c9 | Constantinos Venetsanopoulos | * ``snf-manage network-list``: List networks |
670 | a1c707c9 | Constantinos Venetsanopoulos | * ``snf-manage network-show``: Show information about a network in the Cyclades DB |
671 | a1c707c9 | Constantinos Venetsanopoulos | * ``snf-manage network-inspect``: Inspect the state of the network in DB and Ganeti backends |
672 | a1c707c9 | Constantinos Venetsanopoulos | * ``snf-manage network-modify``: Modify the state of a network in the Cycldes DB |
673 | a1c707c9 | Constantinos Venetsanopoulos | * ``snf-manage network-create``: Create a new network |
674 | a1c707c9 | Constantinos Venetsanopoulos | * ``snf-manage network-remove``: Remove an existing network |
675 | a653c059 | Christos Stavrakakis | |
676 | 9c98c6fc | Christos Stavrakakis | Managing Network Resources |
677 | a1c707c9 | Constantinos Venetsanopoulos | `````````````````````````` |
678 | 9c98c6fc | Christos Stavrakakis | |
679 | a1c707c9 | Constantinos Venetsanopoulos | Proper operation of the Cyclades Network Service depends on the unique |
680 | a1c707c9 | Constantinos Venetsanopoulos | assignment of specific resources to each type of virtual network. Specifically, |
681 | a1c707c9 | Constantinos Venetsanopoulos | these resources are: |
682 | 9c98c6fc | Christos Stavrakakis | |
683 | a1c707c9 | Constantinos Venetsanopoulos | * IP addresses. Cyclades creates a Pool of IPs for each Network, and assigns a |
684 | a1c707c9 | Constantinos Venetsanopoulos | unique IP address to each VM, thus connecting it to this Network. You can see |
685 | a1c707c9 | Constantinos Venetsanopoulos | the IP pool of each network by running `snf-manage network-inspect |
686 | a1c707c9 | Constantinos Venetsanopoulos | <network_ID>`. IP pools are automatically created and managed by Cyclades, |
687 | a1c707c9 | Constantinos Venetsanopoulos | depending on the subnet of the Network. |
688 | 9492387a | Christos Stavrakakis | * Bridges corresponding to physical VLANs, which are required for networks of |
689 | a1c707c9 | Constantinos Venetsanopoulos | type `PRIVATE_PHYSICAL_VLAN`. |
690 | a1c707c9 | Constantinos Venetsanopoulos | * One Bridge corresponding to one physical VLAN which is required for networks of |
691 | a1c707c9 | Constantinos Venetsanopoulos | type `PRIVATE_MAC_PREFIX`. |
692 | 9c98c6fc | Christos Stavrakakis | |
693 | 4573511a | Christos Stavrakakis | IPv4 addresses |
694 | 4573511a | Christos Stavrakakis | ************** |
695 | 4573511a | Christos Stavrakakis | |
696 | 4573511a | Christos Stavrakakis | An allocation pool of IPv4 addresses is automatically created for every network |
697 | 4573511a | Christos Stavrakakis | that has the attribute `dhcp` set to True. The allocation pool contains the |
698 | 4573511a | Christos Stavrakakis | range of IP addresses that are included in the subnet. The gateway and the |
699 | 4573511a | Christos Stavrakakis | broadcast address of the network are excluded from the allocation pool. The |
700 | 4573511a | Christos Stavrakakis | admin can externally reserve IP addresses to exclude them from automatic |
701 | 4573511a | Christos Stavrakakis | allocation with the `--add-reserved-ips` option of `snf-manage network-modify` |
702 | 4573511a | Christos Stavrakakis | command. For example the following command will reserve two IP addresses |
703 | 4573511a | Christos Stavrakakis | from network with ID `42`: |
704 | 9c98c6fc | Christos Stavrakakis | |
705 | 4573511a | Christos Stavrakakis | .. code-block:: console |
706 | 4573511a | Christos Stavrakakis | |
707 | 4573511a | Christos Stavrakakis | snf-manage network-modify --add-reserved-ips=10.0.0.21,10.0.0.22 42 |
708 | 4573511a | Christos Stavrakakis | |
709 | 4573511a | Christos Stavrakakis | .. warning:: Externally reserving IP addresses is also available at the Ganeti. |
710 | 4573511a | Christos Stavrakakis | However, when using Cyclades with multiple Ganeti backends, the handling of |
711 | 4573511a | Christos Stavrakakis | IP pools must be performed from Cyclades! |
712 | 4573511a | Christos Stavrakakis | |
713 | 4573511a | Christos Stavrakakis | Bridges |
714 | 4573511a | Christos Stavrakakis | ******* |
715 | 4573511a | Christos Stavrakakis | |
716 | 4573511a | Christos Stavrakakis | As already mentioned Cyclades use a pool of Bridges that must correspond |
717 | 4573511a | Christos Stavrakakis | to Physical VLAN at the Ganeti level. A bridge from the pool is assigned to |
718 | 4573511a | Christos Stavrakakis | each network of flavor `PHYSICAL_VLAN`. Creation of this pool is done |
719 | 4573511a | Christos Stavrakakis | using `snf-manage pool-create` command. For example the following command |
720 | 4573511a | Christos Stavrakakis | will create a pool containing the brdiges from `prv1` to `prv21`. |
721 | 90c74332 | Christos Stavrakakis | |
722 | 9c98c6fc | Christos Stavrakakis | .. code-block:: console |
723 | 9c98c6fc | Christos Stavrakakis | |
724 | 9c98c6fc | Christos Stavrakakis | # snf-manage pool-create --type=bridge --base=prv --size=20 |
725 | 9c98c6fc | Christos Stavrakakis | |
726 | 9c98c6fc | Christos Stavrakakis | You can verify the creation of the pool, and check its contents by running: |
727 | 90c74332 | Christos Stavrakakis | |
728 | 9c98c6fc | Christos Stavrakakis | .. code-block:: console |
729 | 9c98c6fc | Christos Stavrakakis | |
730 | 9c98c6fc | Christos Stavrakakis | # snf-manage pool-list |
731 | 9c98c6fc | Christos Stavrakakis | # snf-manage pool-show --type=bridge 1 |
732 | 9c98c6fc | Christos Stavrakakis | |
733 | 4573511a | Christos Stavrakakis | Finally you can use the `pool-modify` management command in order to externally |
734 | 4573511a | Christos Stavrakakis | reserve the values from pool, extend or shrink the pool if possible. |
735 | 4573511a | Christos Stavrakakis | |
736 | 4573511a | Christos Stavrakakis | MAC Prefixes |
737 | 4573511a | Christos Stavrakakis | ************ |
738 | 4573511a | Christos Stavrakakis | |
739 | 4573511a | Christos Stavrakakis | Cyclades also use a pool of MAC prefixes to assign to networks of flavor |
740 | 4573511a | Christos Stavrakakis | `MAC_FILTERED`. Handling of this pool is done exactly as with pool of bridges, |
741 | 4573511a | Christos Stavrakakis | except that the type option must be set to mac-prefix: |
742 | 90c74332 | Christos Stavrakakis | |
743 | 9c98c6fc | Christos Stavrakakis | .. code-block:: console |
744 | 9c98c6fc | Christos Stavrakakis | |
745 | 9c98c6fc | Christos Stavrakakis | # snf-manage pool-create --type=mac-prefix --base=aa:00:0 --size=65536 |
746 | 9c98c6fc | Christos Stavrakakis | |
747 | 4573511a | Christos Stavrakakis | The above command will create a pool of MAC prefixes from ``aa:00:1`` to |
748 | 4573511a | Christos Stavrakakis | ``b9:ff:f``. The MAC prefix pool is responsible for providing only unicast and |
749 | 4573511a | Christos Stavrakakis | locally administered MAC addresses, so many of these prefixes will be |
750 | 4573511a | Christos Stavrakakis | externally reserved, to exclude from allocation. |
751 | 4573511a | Christos Stavrakakis | |
752 | 4573511a | Christos Stavrakakis | Pool reconciliation |
753 | 4573511a | Christos Stavrakakis | ******************* |
754 | 4573511a | Christos Stavrakakis | |
755 | 4573511a | Christos Stavrakakis | The management command `snf-manage reconcile-pools` can be used that all the |
756 | 4573511a | Christos Stavrakakis | above mentioned pools are consistent and that all values that come from the |
757 | 4573511a | Christos Stavrakakis | pool are not used more than once. |
758 | 0768a1df | Christos Stavrakakis | |
759 | 426d4ae3 | Constantinos Venetsanopoulos | |
760 | eab73849 | Constantinos Venetsanopoulos | Cyclades advanced operations |
761 | eab73849 | Constantinos Venetsanopoulos | ---------------------------- |
762 | eab73849 | Constantinos Venetsanopoulos | |
763 | eab73849 | Constantinos Venetsanopoulos | Reconciliation mechanism |
764 | eab73849 | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~~~~~~~ |
765 | a1c707c9 | Constantinos Venetsanopoulos | |
766 | 06e23415 | Christos Stavrakakis | On certain occasions, such as a Ganeti or RabbitMQ failure, the state of |
767 | 06e23415 | Christos Stavrakakis | Cyclades database may differ from the real state of VMs and networks in the |
768 | 06e23415 | Christos Stavrakakis | Ganeti backends. The reconciliation process is designed to synchronize |
769 | 06e23415 | Christos Stavrakakis | the state of the Cyclades DB with Ganeti. There are two management commands |
770 | 06e23415 | Christos Stavrakakis | for reconciling VMs and Networks |
771 | 06e23415 | Christos Stavrakakis | |
772 | a1c707c9 | Constantinos Venetsanopoulos | Reconciling Virtual Machines |
773 | a1c707c9 | Constantinos Venetsanopoulos | ```````````````````````````` |
774 | a1c707c9 | Constantinos Venetsanopoulos | |
775 | 06e23415 | Christos Stavrakakis | Reconciliation of VMs detects the following conditions: |
776 | a1c707c9 | Constantinos Venetsanopoulos | |
777 | eab73849 | Constantinos Venetsanopoulos | * Stale DB servers without corresponding Ganeti instances |
778 | eab73849 | Constantinos Venetsanopoulos | * Orphan Ganeti instances, without corresponding DB entries |
779 | 06e23415 | Christos Stavrakakis | * Out-of-sync state for DB entries wrt to Ganeti instances |
780 | eab73849 | Constantinos Venetsanopoulos | |
781 | 06e23415 | Christos Stavrakakis | To detect all inconsistencies you can just run: |
782 | 90c74332 | Christos Stavrakakis | |
783 | eab73849 | Constantinos Venetsanopoulos | .. code-block:: console |
784 | a1c707c9 | Constantinos Venetsanopoulos | |
785 | a1c707c9 | Constantinos Venetsanopoulos | $ snf-manage reconcile-servers |
786 | eab73849 | Constantinos Venetsanopoulos | |
787 | 06e23415 | Christos Stavrakakis | Adding the `--fix-all` option, will do the actual synchronization: |
788 | 90c74332 | Christos Stavrakakis | |
789 | 06e23415 | Christos Stavrakakis | .. code-block:: console |
790 | a1c707c9 | Constantinos Venetsanopoulos | |
791 | a1c707c9 | Constantinos Venetsanopoulos | $ snf-manage reconcile --fix-all |
792 | eab73849 | Constantinos Venetsanopoulos | |
793 | eab73849 | Constantinos Venetsanopoulos | Please see ``snf-manage reconcile --help`` for all the details. |
794 | eab73849 | Constantinos Venetsanopoulos | |
795 | 06e23415 | Christos Stavrakakis | Reconciling Networks |
796 | 90c74332 | Christos Stavrakakis | ```````````````````` |
797 | a1c707c9 | Constantinos Venetsanopoulos | |
798 | 06e23415 | Christos Stavrakakis | Reconciliation of Networks detects the following conditions: |
799 | a1c707c9 | Constantinos Venetsanopoulos | |
800 | 06e23415 | Christos Stavrakakis | * Stale DB networks without corresponding Ganeti networks |
801 | 06e23415 | Christos Stavrakakis | * Orphan Ganeti networks, without corresponding DB entries |
802 | 06e23415 | Christos Stavrakakis | * Private networks that are not created to all Ganeti backends |
803 | 06e23415 | Christos Stavrakakis | * Unsynchronized IP pools |
804 | 06e23415 | Christos Stavrakakis | |
805 | 06e23415 | Christos Stavrakakis | To detect all inconsistencies you can just run: |
806 | 90c74332 | Christos Stavrakakis | |
807 | 06e23415 | Christos Stavrakakis | .. code-block:: console |
808 | a1c707c9 | Constantinos Venetsanopoulos | |
809 | 06e23415 | Christos Stavrakakis | $ snf-manage reconcile-networks |
810 | 06e23415 | Christos Stavrakakis | |
811 | 06e23415 | Christos Stavrakakis | Adding the `--fix-all` option, will do the actual synchronization: |
812 | 90c74332 | Christos Stavrakakis | |
813 | 06e23415 | Christos Stavrakakis | .. code-block:: console |
814 | a1c707c9 | Constantinos Venetsanopoulos | |
815 | 06e23415 | Christos Stavrakakis | $ snf-manage reconcile-networks --fix-all |
816 | 06e23415 | Christos Stavrakakis | |
817 | 06e23415 | Christos Stavrakakis | Please see ``snf-manage reconcile-networks --help`` for all the details. |
818 | eab73849 | Constantinos Venetsanopoulos | |
819 | eab73849 | Constantinos Venetsanopoulos | |
820 | 426d4ae3 | Constantinos Venetsanopoulos | Cyclades internals |
821 | 426d4ae3 | Constantinos Venetsanopoulos | ------------------ |
822 | 426d4ae3 | Constantinos Venetsanopoulos | |
823 | 426d4ae3 | Constantinos Venetsanopoulos | Asynchronous communication with Ganeti backends |
824 | 426d4ae3 | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
825 | 426d4ae3 | Constantinos Venetsanopoulos | Synnefo uses Google Ganeti backends for VM cluster management. In order for |
826 | 426d4ae3 | Constantinos Venetsanopoulos | Cyclades to be able to handle thousands of user requests, Cyclades and Ganeti |
827 | 426d4ae3 | Constantinos Venetsanopoulos | communicate asynchronously. Briefly, requests are submitted to Ganeti through |
828 | 426d4ae3 | Constantinos Venetsanopoulos | Ganeti's RAPI/HTTP interface, and then asynchronous notifications about the |
829 | 426d4ae3 | Constantinos Venetsanopoulos | progress of Ganeti jobs are being created and pushed upwards to Cyclades. The |
830 | 426d4ae3 | Constantinos Venetsanopoulos | architecture and communication with a Ganeti backend is shown in the graph |
831 | 426d4ae3 | Constantinos Venetsanopoulos | below: |
832 | 426d4ae3 | Constantinos Venetsanopoulos | |
833 | 426d4ae3 | Constantinos Venetsanopoulos | .. image:: images/cyclades-ganeti-communication.png |
834 | 426d4ae3 | Constantinos Venetsanopoulos | :width: 50% |
835 | 426d4ae3 | Constantinos Venetsanopoulos | :target: _images/cyclades-ganeti-communication.png |
836 | 426d4ae3 | Constantinos Venetsanopoulos | |
837 | 426d4ae3 | Constantinos Venetsanopoulos | The Cyclades API server is responsible for handling user requests. Read-only |
838 | 426d4ae3 | Constantinos Venetsanopoulos | requests are directly served by looking up the Cyclades DB. If the request |
839 | 426d4ae3 | Constantinos Venetsanopoulos | needs an action in the Ganeti backend, Cyclades submit jobs to the Ganeti |
840 | 426d4ae3 | Constantinos Venetsanopoulos | master using the `Ganeti RAPI interface |
841 | 426d4ae3 | Constantinos Venetsanopoulos | <http://docs.ganeti.org/ganeti/2.2/html/rapi.html>`_. |
842 | 426d4ae3 | Constantinos Venetsanopoulos | |
843 | 426d4ae3 | Constantinos Venetsanopoulos | While Ganeti executes the job, `snf-ganeti-eventd`, `snf-ganeti-hook` and |
844 | 426d4ae3 | Constantinos Venetsanopoulos | `snf-progress-monitor` are monitoring the progress of the job and send |
845 | 426d4ae3 | Constantinos Venetsanopoulos | corresponding messages to the RabbitMQ servers. These components are part |
846 | 426d4ae3 | Constantinos Venetsanopoulos | of `snf-cyclades-gtools` and must be installed on all Ganeti nodes. Specially: |
847 | 426d4ae3 | Constantinos Venetsanopoulos | |
848 | 426d4ae3 | Constantinos Venetsanopoulos | * *snf-ganeti-eventd* sends messages about operations affecting the operating |
849 | 426d4ae3 | Constantinos Venetsanopoulos | state of instances and networks. Works by monitoring the Ganeti job queue. |
850 | 426d4ae3 | Constantinos Venetsanopoulos | * *snf-ganeti_hook* sends messages about the NICs of instances. It includes a |
851 | 426d4ae3 | Constantinos Venetsanopoulos | number of `Ganeti hooks <http://docs.ganeti.org/ganeti/2.2/html/hooks.html>`_ |
852 | 426d4ae3 | Constantinos Venetsanopoulos | for customisation of operations. |
853 | 426d4ae3 | Constantinos Venetsanopoulos | * *snf-progress_monitor* sends messages about the progress of the Image deployment |
854 | 426d4ae3 | Constantinos Venetsanopoulos | phase which is done by the Ganeti OS Definition `snf-image`. |
855 | 426d4ae3 | Constantinos Venetsanopoulos | |
856 | 426d4ae3 | Constantinos Venetsanopoulos | Finally, `snf-dispatcher` consumes messages from the RabbitMQ queues, processes |
857 | 426d4ae3 | Constantinos Venetsanopoulos | these messages and properly updates the state of the Cyclades DB. Subsequent |
858 | 426d4ae3 | Constantinos Venetsanopoulos | requests to the Cyclades API, will retrieve the updated state from the DB. |
859 | 426d4ae3 | Constantinos Venetsanopoulos | |
860 | 426d4ae3 | Constantinos Venetsanopoulos | |
861 | a1c707c9 | Constantinos Venetsanopoulos | |
862 | eab73849 | Constantinos Venetsanopoulos | Block Storage Service (Archipelago) |
863 | eab73849 | Constantinos Venetsanopoulos | =================================== |
864 | eab73849 | Constantinos Venetsanopoulos | |
865 | eab73849 | Constantinos Venetsanopoulos | Overview |
866 | eab73849 | Constantinos Venetsanopoulos | -------- |
867 | 5226b38f | Filippos Giannakos | Archipelago offers Copy-On-Write snapshotable volumes. Pithos images can be used |
868 | 5226b38f | Filippos Giannakos | to provision a volume with Copy-On-Write semantics (i.e. a clone). Snapshots |
869 | 5226b38f | Filippos Giannakos | offer a unique deduplicated image of a volume, that reflects the volume state |
870 | 5226b38f | Filippos Giannakos | during snapshot creation and are indistinguishable from a Pithos image. |
871 | 5226b38f | Filippos Giannakos | |
872 | 5226b38f | Filippos Giannakos | Archipelago is used by Cyclades and Ganeti for fast provisioning of VMs based on |
873 | 4bb29566 | Filippos Giannakos | CoW volumes. Moreover, it enables live migration of thinly-provisioned VMs with |
874 | 4bb29566 | Filippos Giannakos | no physically shared storage. |
875 | eab73849 | Constantinos Venetsanopoulos | |
876 | 301294a9 | Constantinos Venetsanopoulos | Archipelago Architecture |
877 | 301294a9 | Constantinos Venetsanopoulos | ------------------------ |
878 | 301294a9 | Constantinos Venetsanopoulos | |
879 | e3f3abdc | Filippos Giannakos | .. image:: images/archipelago-architecture.png |
880 | e3f3abdc | Filippos Giannakos | :width: 50% |
881 | e3f3abdc | Filippos Giannakos | :target: _images/archipelago-architecture.png |
882 | eab73849 | Constantinos Venetsanopoulos | |
883 | 301294a9 | Constantinos Venetsanopoulos | .. _syn+archip+rados: |
884 | 301294a9 | Constantinos Venetsanopoulos | |
885 | 301294a9 | Constantinos Venetsanopoulos | Overview of Synnefo + Archipelago + RADOS |
886 | 301294a9 | Constantinos Venetsanopoulos | ----------------------------------------- |
887 | 301294a9 | Constantinos Venetsanopoulos | |
888 | 301294a9 | Constantinos Venetsanopoulos | .. image:: images/synnefo-arch3.png |
889 | 301294a9 | Constantinos Venetsanopoulos | :width: 100% |
890 | 301294a9 | Constantinos Venetsanopoulos | :target: _images/synnefo-arch3.png |
891 | 301294a9 | Constantinos Venetsanopoulos | |
892 | eab73849 | Constantinos Venetsanopoulos | Prereqs |
893 | eab73849 | Constantinos Venetsanopoulos | ------- |
894 | 301294a9 | Constantinos Venetsanopoulos | |
895 | 902d661c | Filippos Giannakos | The administrator must initialize the storage backend where archipelago volume |
896 | 902d661c | Filippos Giannakos | blocks will reside. |
897 | 902d661c | Filippos Giannakos | |
898 | 902d661c | Filippos Giannakos | In case of a files backend, the administrator must create two directories. One |
899 | 902d661c | Filippos Giannakos | for the archipelago data blocks and one for the archipelago map blocks. These |
900 | 902d661c | Filippos Giannakos | should probably be over shared storage to enable sharing archipelago volumes |
901 | 902d661c | Filippos Giannakos | between multiple nodes. He or she, must also be able to supply a directory where |
902 | 902d661c | Filippos Giannakos | the pithos data and map blocks reside. |
903 | 902d661c | Filippos Giannakos | |
904 | 902d661c | Filippos Giannakos | In case of a RADOS backend, the administrator must create two rados pools, one |
905 | 902d661c | Filippos Giannakos | for data blocks, and one for the map blocks. These pools, must be the same pools |
906 | 902d661c | Filippos Giannakos | used in pithos, in order to enable volume creation based on pithos images. |
907 | 902d661c | Filippos Giannakos | |
908 | eab73849 | Constantinos Venetsanopoulos | Installation |
909 | eab73849 | Constantinos Venetsanopoulos | ------------ |
910 | 301294a9 | Constantinos Venetsanopoulos | |
911 | 902d661c | Filippos Giannakos | Archipelago consists of |
912 | 902d661c | Filippos Giannakos | |
913 | 902d661c | Filippos Giannakos | * ``libxseg0``: libxseg used to communicate over shared memory segments |
914 | 5226b38f | Filippos Giannakos | * ``python-xseg``: python bindings for libxseg |
915 | 902d661c | Filippos Giannakos | * ``archipelago-kernel-dkms``: contains archipelago kernel modules to provide |
916 | 902d661c | Filippos Giannakos | block devices to be used as vm disks |
917 | 5226b38f | Filippos Giannakos | * ``python-archipelago``: archipelago python module. Includes archipelago and |
918 | 5226b38f | Filippos Giannakos | vlmc functionality. |
919 | 902d661c | Filippos Giannakos | * ``archipelago``: user space tools and peers for the archipelago management and |
920 | 902d661c | Filippos Giannakos | volume composition |
921 | 902d661c | Filippos Giannakos | * ``archipelago-ganeti``: ganeti ext storage scripts, that enable ganeti to |
922 | 902d661c | Filippos Giannakos | provision VMs over archipelago |
923 | 902d661c | Filippos Giannakos | |
924 | 902d661c | Filippos Giannakos | Performing |
925 | 902d661c | Filippos Giannakos | |
926 | 902d661c | Filippos Giannakos | .. code-block:: console |
927 | 902d661c | Filippos Giannakos | |
928 | 902d661c | Filippos Giannakos | $ apt-get install archipelago-ganeti |
929 | 902d661c | Filippos Giannakos | |
930 | 902d661c | Filippos Giannakos | should fetch all the required packages and get you up 'n going with archipelago |
931 | 902d661c | Filippos Giannakos | |
932 | 902d661c | Filippos Giannakos | Bare in mind, that custom librados is required, which is provided in the apt |
933 | 5226b38f | Filippos Giannakos | repo of GRNet. |
934 | 902d661c | Filippos Giannakos | |
935 | 902d661c | Filippos Giannakos | |
936 | 5226b38f | Filippos Giannakos | For now, librados is a dependency of archipelago, even if you do not intend to |
937 | 5226b38f | Filippos Giannakos | use archipelago over RADOS. |
938 | eab73849 | Constantinos Venetsanopoulos | |
939 | eab73849 | Constantinos Venetsanopoulos | Configuration |
940 | eab73849 | Constantinos Venetsanopoulos | ------------- |
941 | 902d661c | Filippos Giannakos | Archipelago should work out of the box with a RADOS backend, but basic |
942 | 902d661c | Filippos Giannakos | configuration can be done in ``/etc/default/archipelago`` . |
943 | 902d661c | Filippos Giannakos | |
944 | 902d661c | Filippos Giannakos | If you wish to change the storage backend to files, set |
945 | 902d661c | Filippos Giannakos | |
946 | 902d661c | Filippos Giannakos | .. code-block:: console |
947 | 902d661c | Filippos Giannakos | |
948 | 902d661c | Filippos Giannakos | STORAGE="files" |
949 | 902d661c | Filippos Giannakos | |
950 | 902d661c | Filippos Giannakos | and provide the appropriate settings for files storage backend in the conf file. |
951 | 902d661c | Filippos Giannakos | |
952 | 902d661c | Filippos Giannakos | These are: |
953 | 902d661c | Filippos Giannakos | |
954 | 902d661c | Filippos Giannakos | * ``FILED_IMAGES``: directory for archipelago data blocks. |
955 | 902d661c | Filippos Giannakos | * ``FILED_MAPS``: directory for archipelago map blocks. |
956 | 902d661c | Filippos Giannakos | * ``PITHOS``: directory of pithos data blocks. |
957 | 902d661c | Filippos Giannakos | * ``PITHOSMAPS``: directory of pithos map blocks. |
958 | 902d661c | Filippos Giannakos | |
959 | 902d661c | Filippos Giannakos | The settings for RADOS storage backend are: |
960 | 902d661c | Filippos Giannakos | |
961 | 902d661c | Filippos Giannakos | * ``RADOS_POOL_MAPS``: The pool where archipelago and pithos map blocks reside. |
962 | 902d661c | Filippos Giannakos | * ``RADOS_POOL_BLOCKS``: The pool where archipelago and pithos data blocks |
963 | 5226b38f | Filippos Giannakos | reside. |
964 | 902d661c | Filippos Giannakos | |
965 | 902d661c | Filippos Giannakos | Examples can be found in the conf file. |
966 | 902d661c | Filippos Giannakos | |
967 | 902d661c | Filippos Giannakos | Be aware that archipelago infrastructure doesn't provide default values for this |
968 | 902d661c | Filippos Giannakos | settings. If they are not set in the conf file, archipelago will not be able to |
969 | 902d661c | Filippos Giannakos | function. |
970 | 902d661c | Filippos Giannakos | |
971 | 902d661c | Filippos Giannakos | Archipelago also provides ``VERBOSITY`` config options to control the output |
972 | 902d661c | Filippos Giannakos | generated by the userspace peers. |
973 | 902d661c | Filippos Giannakos | |
974 | 902d661c | Filippos Giannakos | The available options are: |
975 | 902d661c | Filippos Giannakos | |
976 | 902d661c | Filippos Giannakos | * ``VERBOSITY_BLOCKERB`` |
977 | 902d661c | Filippos Giannakos | * ``VERBOSITY_BLOCKERM`` |
978 | 902d661c | Filippos Giannakos | * ``VERBOSITY_MAPPER`` |
979 | 902d661c | Filippos Giannakos | * ``VERBOSITY_VLMC`` |
980 | 902d661c | Filippos Giannakos | |
981 | 902d661c | Filippos Giannakos | and the available values are: |
982 | 902d661c | Filippos Giannakos | |
983 | 902d661c | Filippos Giannakos | * 0 : Error only logging. |
984 | 902d661c | Filippos Giannakos | * 1 : Warning logging. |
985 | 902d661c | Filippos Giannakos | * 2 : Info logging. |
986 | 902d661c | Filippos Giannakos | * 3 : Debug logging. WARNING: This options produces tons of output, but the |
987 | 902d661c | Filippos Giannakos | logrotate daemon should take care of it. |
988 | eab73849 | Constantinos Venetsanopoulos | |
989 | eab73849 | Constantinos Venetsanopoulos | Working with Archipelago |
990 | eab73849 | Constantinos Venetsanopoulos | ------------------------ |
991 | eab73849 | Constantinos Venetsanopoulos | |
992 | 902d661c | Filippos Giannakos | ``archipelago`` provides basic functionality for archipelago. |
993 | 5226b38f | Filippos Giannakos | |
994 | 5226b38f | Filippos Giannakos | Usage: |
995 | 5226b38f | Filippos Giannakos | |
996 | 5226b38f | Filippos Giannakos | .. code-block:: console |
997 | 5226b38f | Filippos Giannakos | |
998 | 5226b38f | Filippos Giannakos | $ archipelago [-u] command |
999 | 5226b38f | Filippos Giannakos | |
1000 | 5226b38f | Filippos Giannakos | |
1001 | 902d661c | Filippos Giannakos | Currently it supports the following commands: |
1002 | 902d661c | Filippos Giannakos | |
1003 | 5226b38f | Filippos Giannakos | * ``start [peer]`` |
1004 | 5226b38f | Filippos Giannakos | Starts archipelago or the specified peer. |
1005 | 5226b38f | Filippos Giannakos | * ``stop [peer]`` |
1006 | 5226b38f | Filippos Giannakos | Stops archipelago or the specified peer. |
1007 | 5226b38f | Filippos Giannakos | * ``restart [peer]`` |
1008 | 5226b38f | Filippos Giannakos | Restarts archipelago or the specified peer. |
1009 | 902d661c | Filippos Giannakos | * ``status`` |
1010 | 5226b38f | Filippos Giannakos | Show the status of archipelago. |
1011 | 5226b38f | Filippos Giannakos | |
1012 | 5226b38f | Filippos Giannakos | Available peers: ``blockerm``, ``blockerb``, ``mapperd``, ``vlmcd``. |
1013 | 5226b38f | Filippos Giannakos | |
1014 | 902d661c | Filippos Giannakos | |
1015 | 902d661c | Filippos Giannakos | ``start``, ``stop``, ``restart`` can be combined with the ``-u / --user`` option |
1016 | 902d661c | Filippos Giannakos | to affect only the userspace peers supporting archipelago. |
1017 | 902d661c | Filippos Giannakos | |
1018 | 902d661c | Filippos Giannakos | |
1019 | 902d661c | Filippos Giannakos | |
1020 | eab73849 | Constantinos Venetsanopoulos | Archipelago advanced operations |
1021 | eab73849 | Constantinos Venetsanopoulos | ------------------------------- |
1022 | 902d661c | Filippos Giannakos | The ``vlmc`` tool provides a way to interact with archipelago volumes |
1023 | 902d661c | Filippos Giannakos | |
1024 | 902d661c | Filippos Giannakos | * ``vlmc map <volumename>``: maps the volume to a xsegbd device. |
1025 | 6c900328 | Filippos Giannakos | |
1026 | 5226b38f | Filippos Giannakos | * ``vlmc unmap </dev/xsegbd[1-..]>``: unmaps the specified device from the |
1027 | 902d661c | Filippos Giannakos | system. |
1028 | 6c900328 | Filippos Giannakos | |
1029 | 902d661c | Filippos Giannakos | * ``vlmc create <volumename> --snap <snapname> --size <size>``: creates a new |
1030 | 902d661c | Filippos Giannakos | volume named <volumename> from snapshot name <snapname> with size <size>. |
1031 | 301294a9 | Constantinos Venetsanopoulos | The ``--snap`` and ``--size`` are optional, but at least one of them is |
1032 | 301294a9 | Constantinos Venetsanopoulos | mandatory. e.g: |
1033 | 902d661c | Filippos Giannakos | |
1034 | 301294a9 | Constantinos Venetsanopoulos | ``vlmc create <volumename> --snap <snapname>`` creates a volume named |
1035 | 301294a9 | Constantinos Venetsanopoulos | volumename from snapshot snapname. The size of the volume is the same as |
1036 | 301294a9 | Constantinos Venetsanopoulos | the size of the snapshot. |
1037 | 902d661c | Filippos Giannakos | |
1038 | 301294a9 | Constantinos Venetsanopoulos | ``vlmc create <volumename> --size <size>`` creates an empty volume of size |
1039 | 301294a9 | Constantinos Venetsanopoulos | <size> named <volumename>. |
1040 | 6c900328 | Filippos Giannakos | |
1041 | 902d661c | Filippos Giannakos | * ``vlmc remove <volumename>``: removes the volume and all the related |
1042 | 902d661c | Filippos Giannakos | archipelago blocks from storage. |
1043 | 6c900328 | Filippos Giannakos | |
1044 | 902d661c | Filippos Giannakos | * ``vlmc list``: provides a list of archipelago volumes. Currently only works |
1045 | 902d661c | Filippos Giannakos | with RADOS storage backend. |
1046 | f846d8df | Constantinos Venetsanopoulos | |
1047 | 5226b38f | Filippos Giannakos | * ``vlmc info <volumename>``: shows volume information. Currently returns only |
1048 | 5226b38f | Filippos Giannakos | volume size. |
1049 | 5226b38f | Filippos Giannakos | |
1050 | 6c900328 | Filippos Giannakos | * ``vlmc open <volumename>``: opens an archipelago volume. That is, taking all |
1051 | 6c900328 | Filippos Giannakos | the necessary locks and also make the rest of the infrastructure aware of the |
1052 | 6c900328 | Filippos Giannakos | operation. |
1053 | 6c900328 | Filippos Giannakos | |
1054 | 6c900328 | Filippos Giannakos | This operation succeeds if the volume is alread opened. |
1055 | 6c900328 | Filippos Giannakos | |
1056 | 6c900328 | Filippos Giannakos | * ``vlmc close <volumename>``: closes an archipelago volume. That is, performing |
1057 | 6c900328 | Filippos Giannakos | all the necessary functions in the insfrastrure to successfully release the |
1058 | 6c900328 | Filippos Giannakos | volume. Also releases all the acquired locks. |
1059 | 6c900328 | Filippos Giannakos | |
1060 | 6c900328 | Filippos Giannakos | ``vlmc close`` should be performed after a ``vlmc open`` operation. |
1061 | 6c900328 | Filippos Giannakos | |
1062 | 6c900328 | Filippos Giannakos | * ``vlmc lock <volumename>``: locks a volume. This step allow the administrator |
1063 | 6c900328 | Filippos Giannakos | to lock an archipelago volume, independently from the rest of the |
1064 | 5226b38f | Filippos Giannakos | infrastrure. |
1065 | 6c900328 | Filippos Giannakos | |
1066 | 6c900328 | Filippos Giannakos | * ``vlmc unlock [-f] <volumename>``: unlocks a volume. This allow the |
1067 | 6c900328 | Filippos Giannakos | administrator to unlock a volume, independently from the rest of the |
1068 | 6c900328 | Filippos Giannakos | infrastructure. |
1069 | 6c900328 | Filippos Giannakos | The unlock option can be performed only by the blocker that acquired the lock |
1070 | 6c900328 | Filippos Giannakos | in the first place. To unlock a volume from another blocker, ``-f`` option |
1071 | 6c900328 | Filippos Giannakos | must be used to break the lock. |
1072 | 6c900328 | Filippos Giannakos | |
1073 | a1c707c9 | Constantinos Venetsanopoulos | |
1074 | e81ad3e5 | Constantinos Venetsanopoulos | Synnefo management commands ("snf-manage") |
1075 | e81ad3e5 | Constantinos Venetsanopoulos | ========================================== |
1076 | e81ad3e5 | Constantinos Venetsanopoulos | |
1077 | e81ad3e5 | Constantinos Venetsanopoulos | Each Synnefo service, Astakos, Pithos and Cyclades are controlled by the |
1078 | e81ad3e5 | Constantinos Venetsanopoulos | administrator using the "snf-manage" admin tool. This tool is an extension of |
1079 | e81ad3e5 | Constantinos Venetsanopoulos | the Django command-line management utility. It is run on the host that runs |
1080 | e81ad3e5 | Constantinos Venetsanopoulos | each service and provides different types of commands depending the services |
1081 | e81ad3e5 | Constantinos Venetsanopoulos | running on the host. If you are running more than one service on the same host |
1082 | e81ad3e5 | Constantinos Venetsanopoulos | "snf-manage" adds all the corresponding commands for each service dynamically, |
1083 | e81ad3e5 | Constantinos Venetsanopoulos | providing a unified admin environment. |
1084 | e81ad3e5 | Constantinos Venetsanopoulos | |
1085 | e81ad3e5 | Constantinos Venetsanopoulos | To run "snf-manage" you just type: |
1086 | e81ad3e5 | Constantinos Venetsanopoulos | |
1087 | e81ad3e5 | Constantinos Venetsanopoulos | .. code-block:: console |
1088 | e81ad3e5 | Constantinos Venetsanopoulos | |
1089 | e81ad3e5 | Constantinos Venetsanopoulos | # snf-manage <command> [arguments] |
1090 | e81ad3e5 | Constantinos Venetsanopoulos | |
1091 | e81ad3e5 | Constantinos Venetsanopoulos | on the corresponding host that runs the service. For example, if you have all |
1092 | e81ad3e5 | Constantinos Venetsanopoulos | services running on different physical hosts you would do: |
1093 | e81ad3e5 | Constantinos Venetsanopoulos | |
1094 | e81ad3e5 | Constantinos Venetsanopoulos | .. code-block:: console |
1095 | e81ad3e5 | Constantinos Venetsanopoulos | |
1096 | e81ad3e5 | Constantinos Venetsanopoulos | root@astakos-host # snf-manage <astakos-command> [argument] |
1097 | e81ad3e5 | Constantinos Venetsanopoulos | root@pithos-host # snf-manage <pithos-command> [argument] |
1098 | e81ad3e5 | Constantinos Venetsanopoulos | root@cyclades-host # snf-manage <cyclades-command> [argument] |
1099 | e81ad3e5 | Constantinos Venetsanopoulos | |
1100 | e81ad3e5 | Constantinos Venetsanopoulos | If you have all services running on the same host you would do: |
1101 | e81ad3e5 | Constantinos Venetsanopoulos | |
1102 | e81ad3e5 | Constantinos Venetsanopoulos | .. code-block:: console |
1103 | e81ad3e5 | Constantinos Venetsanopoulos | |
1104 | e81ad3e5 | Constantinos Venetsanopoulos | root@synnefo-host # snf-manage <{astakos,pithos,cyclades}-command> [argument] |
1105 | e81ad3e5 | Constantinos Venetsanopoulos | |
1106 | e81ad3e5 | Constantinos Venetsanopoulos | Note that you cannot execute a service's command on a host that is not running |
1107 | e81ad3e5 | Constantinos Venetsanopoulos | this service. For example, the following will return an error if Astakos and |
1108 | e81ad3e5 | Constantinos Venetsanopoulos | Cyclades are installed on different physical hosts: |
1109 | e81ad3e5 | Constantinos Venetsanopoulos | |
1110 | e81ad3e5 | Constantinos Venetsanopoulos | .. code-block:: console |
1111 | e81ad3e5 | Constantinos Venetsanopoulos | |
1112 | e81ad3e5 | Constantinos Venetsanopoulos | root@astakos-host # snf-manage <cyclades-command> [argument] |
1113 | e81ad3e5 | Constantinos Venetsanopoulos | Unknown command: 'cyclades-command' |
1114 | e81ad3e5 | Constantinos Venetsanopoulos | Type 'snf-manage help' for usage. |
1115 | e81ad3e5 | Constantinos Venetsanopoulos | |
1116 | e81ad3e5 | Constantinos Venetsanopoulos | This is the complete list of "snf-manage" commands for each service. |
1117 | e81ad3e5 | Constantinos Venetsanopoulos | |
1118 | e81ad3e5 | Constantinos Venetsanopoulos | Astakos snf-manage commands |
1119 | e81ad3e5 | Constantinos Venetsanopoulos | --------------------------- |
1120 | e81ad3e5 | Constantinos Venetsanopoulos | |
1121 | e81ad3e5 | Constantinos Venetsanopoulos | ============================ =========================== |
1122 | e81ad3e5 | Constantinos Venetsanopoulos | Name Description |
1123 | e81ad3e5 | Constantinos Venetsanopoulos | ============================ =========================== |
1124 | e81ad3e5 | Constantinos Venetsanopoulos | fix-superusers Transform superusers created by syncdb into AstakosUser instances |
1125 | 5e1ea6f7 | Giorgos Korfiatis | cleanup-full Cleanup sessions and session catalog |
1126 | a4451f59 | Giorgos Korfiatis | commission-list List pending commissions |
1127 | a4451f59 | Giorgos Korfiatis | commission-show Show details for a pending commission |
1128 | 252eef38 | Giorgos Korfiatis | component-add Register a component |
1129 | 252eef38 | Giorgos Korfiatis | component-list List components |
1130 | 252eef38 | Giorgos Korfiatis | component-modify Modify component attributes |
1131 | 6ef1e2eb | Giorgos Korfiatis | component-show Show component details |
1132 | e81ad3e5 | Constantinos Venetsanopoulos | project-control Manage projects and applications |
1133 | e81ad3e5 | Constantinos Venetsanopoulos | project-list List projects |
1134 | e81ad3e5 | Constantinos Venetsanopoulos | project-show Show project details |
1135 | e81ad3e5 | Constantinos Venetsanopoulos | quota List and check the integrity of user quota |
1136 | e81ad3e5 | Constantinos Venetsanopoulos | reconcile-resources-astakos Reconcile resource usage of Quotaholder with Astakos DB |
1137 | e81ad3e5 | Constantinos Venetsanopoulos | resource-export-astakos Export astakos resources in json format |
1138 | bd1f667b | Giorgos Korfiatis | resource-import Register resources |
1139 | e81ad3e5 | Constantinos Venetsanopoulos | resource-list List resources |
1140 | 5e1ea6f7 | Giorgos Korfiatis | resource-modify Modify a resource's default base quota and boolean flags |
1141 | bd1f667b | Giorgos Korfiatis | service-import Register services |
1142 | e81ad3e5 | Constantinos Venetsanopoulos | service-list List services |
1143 | 5e1ea6f7 | Giorgos Korfiatis | service-show Show service details |
1144 | e81ad3e5 | Constantinos Venetsanopoulos | term-add Add approval terms |
1145 | e81ad3e5 | Constantinos Venetsanopoulos | user-activation-send Send user activation |
1146 | e81ad3e5 | Constantinos Venetsanopoulos | user-add Add user |
1147 | 9577d199 | Kostas Papadimitriou | authpolicy-add Create a new authentication provider policy profile |
1148 | 9577d199 | Kostas Papadimitriou | authpolicy-list List existing authentication provider policy profiles |
1149 | 9577d199 | Kostas Papadimitriou | authpolicy-remove Remove an authentication provider policy |
1150 | 9577d199 | Kostas Papadimitriou | authpolicy-set Assign an existing authentication provider policy profile to a user or group |
1151 | 9577d199 | Kostas Papadimitriou | authpolicy-show Show authentication provider profile details |
1152 | 9577d199 | Kostas Papadimitriou | group-add Create a group with the given name |
1153 | 9577d199 | Kostas Papadimitriou | group-list List available groups |
1154 | e81ad3e5 | Constantinos Venetsanopoulos | user-list List users |
1155 | e81ad3e5 | Constantinos Venetsanopoulos | user-modify Modify user |
1156 | e81ad3e5 | Constantinos Venetsanopoulos | user-show Show user details |
1157 | e81ad3e5 | Constantinos Venetsanopoulos | ============================ =========================== |
1158 | e81ad3e5 | Constantinos Venetsanopoulos | |
1159 | e81ad3e5 | Constantinos Venetsanopoulos | Pithos snf-manage commands |
1160 | e81ad3e5 | Constantinos Venetsanopoulos | -------------------------- |
1161 | e81ad3e5 | Constantinos Venetsanopoulos | |
1162 | e81ad3e5 | Constantinos Venetsanopoulos | ============================ =========================== |
1163 | e81ad3e5 | Constantinos Venetsanopoulos | Name Description |
1164 | e81ad3e5 | Constantinos Venetsanopoulos | ============================ =========================== |
1165 | 3506f6a0 | Sofia Papagiannaki | reconcile-commissions-pithos Display unresolved commissions and trigger their recovery |
1166 | 3506f6a0 | Sofia Papagiannaki | resource-export-pithos Export pithos resources in json format |
1167 | 3506f6a0 | Sofia Papagiannaki | reconcile-resources-pithos Detect unsynchronized usage between Astakos and Pithos DB resources and synchronize them if specified so. |
1168 | e81ad3e5 | Constantinos Venetsanopoulos | ============================ =========================== |
1169 | e81ad3e5 | Constantinos Venetsanopoulos | |
1170 | e81ad3e5 | Constantinos Venetsanopoulos | Cyclades snf-manage commands |
1171 | e81ad3e5 | Constantinos Venetsanopoulos | ---------------------------- |
1172 | e81ad3e5 | Constantinos Venetsanopoulos | |
1173 | bf57a264 | Christos Stavrakakis | ============================== =========================== |
1174 | bf57a264 | Christos Stavrakakis | Name Description |
1175 | bf57a264 | Christos Stavrakakis | ============================== =========================== |
1176 | bf57a264 | Christos Stavrakakis | backend-add Add a new Ganeti backend |
1177 | bf57a264 | Christos Stavrakakis | backend-list List backends |
1178 | bf57a264 | Christos Stavrakakis | backend-modify Modify a backend |
1179 | bf57a264 | Christos Stavrakakis | backend-update-status Update backend statistics for instance allocation |
1180 | bf57a264 | Christos Stavrakakis | backend-remove Remove a Ganeti backend |
1181 | bf57a264 | Christos Stavrakakis | server-create Create a new server |
1182 | bf57a264 | Christos Stavrakakis | server-show Show server details |
1183 | bf57a264 | Christos Stavrakakis | server-list List servers |
1184 | bf57a264 | Christos Stavrakakis | server-modify Modify a server |
1185 | bf57a264 | Christos Stavrakakis | server-import Import an existing Ganeti VM into synnefo |
1186 | bf57a264 | Christos Stavrakakis | server-inspect Inspect a server in DB and Ganeti |
1187 | bf57a264 | Christos Stavrakakis | network-create Create a new network |
1188 | bf57a264 | Christos Stavrakakis | network-list List networks |
1189 | bf57a264 | Christos Stavrakakis | network-modify Modify a network |
1190 | bf57a264 | Christos Stavrakakis | network-inspect Inspect network state in DB and Ganeti |
1191 | bf57a264 | Christos Stavrakakis | network-remove Delete a network |
1192 | bf57a264 | Christos Stavrakakis | flavor-create Create a new flavor |
1193 | bf57a264 | Christos Stavrakakis | flavor-list List flavors |
1194 | bf57a264 | Christos Stavrakakis | flavor-modify Modify a flavor |
1195 | bf57a264 | Christos Stavrakakis | image-list List images |
1196 | bf57a264 | Christos Stavrakakis | image-show Show image details |
1197 | bf57a264 | Christos Stavrakakis | pool-create Create a bridge or mac-prefix pool |
1198 | bf57a264 | Christos Stavrakakis | pool-show Show pool details |
1199 | bf57a264 | Christos Stavrakakis | pool-list List pools |
1200 | bf57a264 | Christos Stavrakakis | pool-modify Modify a pool |
1201 | bf57a264 | Christos Stavrakakis | pool-remove Delete a pool |
1202 | bf57a264 | Christos Stavrakakis | queue-inspect Inspect the messages of a RabbitMQ queue |
1203 | bf57a264 | Christos Stavrakakis | queue-retry Resend messages from Dead Letter queues to original exchanges |
1204 | bf57a264 | Christos Stavrakakis | resource-export-cyclades Export Cyclades resources in JSON format. |
1205 | bf57a264 | Christos Stavrakakis | service-export-cyclades Export Cyclades services in JSON format. |
1206 | aab200c6 | Dionysis Grigoropoulos | subnet-create Create a subnet |
1207 | aab200c6 | Dionysis Grigoropoulos | subnet-inspect Inspect a subnet in DB |
1208 | aab200c6 | Dionysis Grigoropoulos | subnet-list List subnets |
1209 | aab200c6 | Dionysis Grigoropoulos | subnet-modify Modify a subnet |
1210 | bf57a264 | Christos Stavrakakis | reconcile-servers Reconcile servers of Synnefo DB with state of Ganeti backend |
1211 | bf57a264 | Christos Stavrakakis | reconcile-networks Reconcile networks of Synnefo DB with state of Ganeti backend |
1212 | bf57a264 | Christos Stavrakakis | reconcile-pools Check consistency of pool resources |
1213 | bf57a264 | Christos Stavrakakis | reconcile-commissions-cyclades Detect and resolve pending commissions to Quotaholder |
1214 | bf57a264 | Christos Stavrakakis | reconcile-resources-cyclades Reconcile resource usage of Astakos with Cyclades DB. |
1215 | bf57a264 | Christos Stavrakakis | ============================== =========================== |
1216 | e81ad3e5 | Constantinos Venetsanopoulos | |
1217 | 11716a83 | Giorgos Korfiatis | Astakos helper scripts |
1218 | 11716a83 | Giorgos Korfiatis | ====================== |
1219 | 11716a83 | Giorgos Korfiatis | |
1220 | 11716a83 | Giorgos Korfiatis | Astakos includes two scripts to facilitate the installation procedure. |
1221 | 11716a83 | Giorgos Korfiatis | Running: |
1222 | 11716a83 | Giorgos Korfiatis | |
1223 | 11716a83 | Giorgos Korfiatis | .. code-block:: console |
1224 | 11716a83 | Giorgos Korfiatis | |
1225 | b4109758 | Giorgos Korfiatis | snf-component-register [<component_name>] |
1226 | 11716a83 | Giorgos Korfiatis | |
1227 | 11716a83 | Giorgos Korfiatis | automates the registration of the standard Synnefo components (astakos, |
1228 | 11716a83 | Giorgos Korfiatis | cyclades, and pithos) in astakos database. It internally uses the script: |
1229 | 11716a83 | Giorgos Korfiatis | |
1230 | 11716a83 | Giorgos Korfiatis | .. code-block:: console |
1231 | 11716a83 | Giorgos Korfiatis | |
1232 | 11716a83 | Giorgos Korfiatis | snf-service-export <component_name> <base_url> |
1233 | 11716a83 | Giorgos Korfiatis | |
1234 | 11716a83 | Giorgos Korfiatis | which simulates the export of service and resource definitions of the |
1235 | 11716a83 | Giorgos Korfiatis | standard Synnefo components. |
1236 | 11716a83 | Giorgos Korfiatis | |
1237 | 3506f6a0 | Sofia Papagiannaki | Pithos managing accounts |
1238 | 3506f6a0 | Sofia Papagiannaki | ======================== |
1239 | 3506f6a0 | Sofia Papagiannaki | |
1240 | 3506f6a0 | Sofia Papagiannaki | Pithos provides a utility tool for managing accounts. |
1241 | 3506f6a0 | Sofia Papagiannaki | To run you just type: |
1242 | 3506f6a0 | Sofia Papagiannaki | |
1243 | 3506f6a0 | Sofia Papagiannaki | .. code-block:: console |
1244 | 3506f6a0 | Sofia Papagiannaki | |
1245 | 3506f6a0 | Sofia Papagiannaki | # pithos-manage-accounts <command> [arguments] |
1246 | 3506f6a0 | Sofia Papagiannaki | |
1247 | 3506f6a0 | Sofia Papagiannaki | This is the list of the available commands: |
1248 | 3506f6a0 | Sofia Papagiannaki | |
1249 | 3506f6a0 | Sofia Papagiannaki | ============================ =========================== |
1250 | 3506f6a0 | Sofia Papagiannaki | Name Description |
1251 | 3506f6a0 | Sofia Papagiannaki | ============================ =========================== |
1252 | 3506f6a0 | Sofia Papagiannaki | delete Remove an account from the Pithos DB |
1253 | 3506f6a0 | Sofia Papagiannaki | export-quota Export account quota in a file |
1254 | 3506f6a0 | Sofia Papagiannaki | list List existing/dublicate accounts |
1255 | 3506f6a0 | Sofia Papagiannaki | merge Move an account contents in another account |
1256 | 3506f6a0 | Sofia Papagiannaki | set-container-quota Set container quota for all or a specific account |
1257 | 3506f6a0 | Sofia Papagiannaki | ============================ =========================== |
1258 | 3506f6a0 | Sofia Papagiannaki | |
1259 | e81ad3e5 | Constantinos Venetsanopoulos | |
1260 | bc055d09 | Constantinos Venetsanopoulos | The "kamaki" API client |
1261 | eab73849 | Constantinos Venetsanopoulos | ======================= |
1262 | bc055d09 | Constantinos Venetsanopoulos | |
1263 | bc055d09 | Constantinos Venetsanopoulos | To upload, register or modify an image you will need the **kamaki** tool. |
1264 | bc055d09 | Constantinos Venetsanopoulos | Before proceeding make sure that it is configured properly. Verify that |
1265 | dd04efac | Stavros Sachtouris | *image.url*, *file.url*, *user.url* and *token* are set as needed: |
1266 | bc055d09 | Constantinos Venetsanopoulos | |
1267 | bc055d09 | Constantinos Venetsanopoulos | .. code-block:: console |
1268 | bc055d09 | Constantinos Venetsanopoulos | |
1269 | bc055d09 | Constantinos Venetsanopoulos | $ kamaki config list |
1270 | bc055d09 | Constantinos Venetsanopoulos | |
1271 | 73ebcd68 | Constantinos Venetsanopoulos | To change a setting use ``kamaki config set``: |
1272 | bc055d09 | Constantinos Venetsanopoulos | |
1273 | bc055d09 | Constantinos Venetsanopoulos | .. code-block:: console |
1274 | bc055d09 | Constantinos Venetsanopoulos | |
1275 | 73ebcd68 | Constantinos Venetsanopoulos | $ kamaki config set image.url https://cyclades.example.com/image |
1276 | dd04efac | Stavros Sachtouris | $ kamaki config set file.url https://pithos.example.com/v1 |
1277 | dd04efac | Stavros Sachtouris | $ kamaki config set user.url https://accounts.example.com |
1278 | bc055d09 | Constantinos Venetsanopoulos | $ kamaki config set token ... |
1279 | bc055d09 | Constantinos Venetsanopoulos | |
1280 | c0d88cf3 | Constantinos Venetsanopoulos | To test that everything works, try authenticating the current account with |
1281 | c0d88cf3 | Constantinos Venetsanopoulos | kamaki: |
1282 | dd04efac | Stavros Sachtouris | |
1283 | dd04efac | Stavros Sachtouris | .. code-block:: console |
1284 | dd04efac | Stavros Sachtouris | |
1285 | dd04efac | Stavros Sachtouris | $ kamaki user authenticate |
1286 | dd04efac | Stavros Sachtouris | |
1287 | c0d88cf3 | Constantinos Venetsanopoulos | This will output user information. |
1288 | dd04efac | Stavros Sachtouris | |
1289 | bc055d09 | Constantinos Venetsanopoulos | Upload Image |
1290 | bc055d09 | Constantinos Venetsanopoulos | ------------ |
1291 | bc055d09 | Constantinos Venetsanopoulos | |
1292 | c0d88cf3 | Constantinos Venetsanopoulos | By convention, images are stored in a container called ``images``. Check if the |
1293 | c0d88cf3 | Constantinos Venetsanopoulos | container exists, by listing all containers in your account: |
1294 | bc055d09 | Constantinos Venetsanopoulos | |
1295 | bc055d09 | Constantinos Venetsanopoulos | .. code-block:: console |
1296 | bc055d09 | Constantinos Venetsanopoulos | |
1297 | dd04efac | Stavros Sachtouris | $ kamaki file list |
1298 | bc055d09 | Constantinos Venetsanopoulos | |
1299 | dd04efac | Stavros Sachtouris | If the container ``images`` does not exist, create it: |
1300 | bc055d09 | Constantinos Venetsanopoulos | |
1301 | bc055d09 | Constantinos Venetsanopoulos | .. code-block:: console |
1302 | bc055d09 | Constantinos Venetsanopoulos | |
1303 | dd04efac | Stavros Sachtouris | $ kamaki file create images |
1304 | bc055d09 | Constantinos Venetsanopoulos | |
1305 | c0d88cf3 | Constantinos Venetsanopoulos | You are now ready to upload an image to container ``images``. You can upload it |
1306 | e5d8df8c | Constantinos Venetsanopoulos | with a Pithos client, or use kamaki directly: |
1307 | bc055d09 | Constantinos Venetsanopoulos | |
1308 | bc055d09 | Constantinos Venetsanopoulos | .. code-block:: console |
1309 | bc055d09 | Constantinos Venetsanopoulos | |
1310 | dd04efac | Stavros Sachtouris | $ kamaki file upload ubuntu.iso images |
1311 | bc055d09 | Constantinos Venetsanopoulos | |
1312 | e5d8df8c | Constantinos Venetsanopoulos | You can use any Pithos client to verify that the image was uploaded correctly, |
1313 | c0d88cf3 | Constantinos Venetsanopoulos | or you can list the contents of the container with kamaki: |
1314 | bc055d09 | Constantinos Venetsanopoulos | |
1315 | dd04efac | Stavros Sachtouris | .. code-block:: console |
1316 | dd04efac | Stavros Sachtouris | |
1317 | dd04efac | Stavros Sachtouris | $ kamaki file list images |
1318 | bc055d09 | Constantinos Venetsanopoulos | |
1319 | bc055d09 | Constantinos Venetsanopoulos | The full Pithos URL for the previous example will be |
1320 | c0d88cf3 | Constantinos Venetsanopoulos | ``pithos://u53r-un1qu3-1d/images/ubuntu.iso`` where ``u53r-un1qu3-1d`` is the |
1321 | c0d88cf3 | Constantinos Venetsanopoulos | unique user id (uuid). |
1322 | bc055d09 | Constantinos Venetsanopoulos | |
1323 | bc055d09 | Constantinos Venetsanopoulos | Register Image |
1324 | bc055d09 | Constantinos Venetsanopoulos | -------------- |
1325 | bc055d09 | Constantinos Venetsanopoulos | |
1326 | e5d8df8c | Constantinos Venetsanopoulos | To register an image you will need to use the full Pithos URL. To register as |
1327 | bc055d09 | Constantinos Venetsanopoulos | a public image the one from the previous example use: |
1328 | bc055d09 | Constantinos Venetsanopoulos | |
1329 | bc055d09 | Constantinos Venetsanopoulos | .. code-block:: console |
1330 | bc055d09 | Constantinos Venetsanopoulos | |
1331 | dd04efac | Stavros Sachtouris | $ kamaki image register Ubuntu pithos://u53r-un1qu3-1d/images/ubuntu.iso --public |
1332 | bc055d09 | Constantinos Venetsanopoulos | |
1333 | bc055d09 | Constantinos Venetsanopoulos | The ``--public`` flag is important, if missing the registered image will not |
1334 | dd04efac | Stavros Sachtouris | be listed by ``kamaki image list``. |
1335 | bc055d09 | Constantinos Venetsanopoulos | |
1336 | dd04efac | Stavros Sachtouris | Use ``kamaki image register`` with no arguments to see a list of available |
1337 | bc055d09 | Constantinos Venetsanopoulos | options. A more complete example would be the following: |
1338 | bc055d09 | Constantinos Venetsanopoulos | |
1339 | bc055d09 | Constantinos Venetsanopoulos | .. code-block:: console |
1340 | bc055d09 | Constantinos Venetsanopoulos | |
1341 | dd04efac | Stavros Sachtouris | $ kamaki image register Ubuntu pithos://u53r-un1qu3-1d/images/ubuntu.iso \ |
1342 | bc055d09 | Constantinos Venetsanopoulos | --public --disk-format diskdump --property kernel=3.1.2 |
1343 | bc055d09 | Constantinos Venetsanopoulos | |
1344 | bc055d09 | Constantinos Venetsanopoulos | To verify that the image was registered successfully use: |
1345 | bc055d09 | Constantinos Venetsanopoulos | |
1346 | bc055d09 | Constantinos Venetsanopoulos | .. code-block:: console |
1347 | bc055d09 | Constantinos Venetsanopoulos | |
1348 | dd04efac | Stavros Sachtouris | $ kamaki image list --name-like=ubuntu |
1349 | bc055d09 | Constantinos Venetsanopoulos | |
1350 | eab73849 | Constantinos Venetsanopoulos | |
1351 | eab73849 | Constantinos Venetsanopoulos | Miscellaneous |
1352 | eab73849 | Constantinos Venetsanopoulos | ============= |
1353 | eab73849 | Constantinos Venetsanopoulos | |
1354 | 08ad5b01 | Constantinos Venetsanopoulos | .. _branding: |
1355 | 9c2edbf1 | Olga Brani | |
1356 | 42e767d4 | Olga Brani | Branding |
1357 | 08ad5b01 | Constantinos Venetsanopoulos | -------- |
1358 | 9c2edbf1 | Olga Brani | |
1359 | 08ad5b01 | Constantinos Venetsanopoulos | Since Synnefo v0.14, you are able to adapt the Astakos, Pithos and Cyclades Web |
1360 | 08ad5b01 | Constantinos Venetsanopoulos | UI to your company’s visual identity. This is possible using the snf-branding |
1361 | 08ad5b01 | Constantinos Venetsanopoulos | component, which is automatically installed on the nodes running the API |
1362 | 08ad5b01 | Constantinos Venetsanopoulos | servers for Astakos, Pithos and Cyclades. |
1363 | 9c2edbf1 | Olga Brani | |
1364 | 9c2edbf1 | Olga Brani | Configuration |
1365 | 9c2edbf1 | Olga Brani | ~~~~~~~~~~~~~ |
1366 | 9c2edbf1 | Olga Brani | |
1367 | 77186edf | Kostas Papadimitriou | This can be done by modifing the settings provided by the snf-branding component |
1368 | 77186edf | Kostas Papadimitriou | to match your service identity. The settings for the snf-branding application |
1369 | 77186edf | Kostas Papadimitriou | can be found inside the configuration file ``/etc/synnefo/15-snf-branding.conf`` |
1370 | 77186edf | Kostas Papadimitriou | on the nodes that have Astakos, Pithos and Cyclades installed. |
1371 | 9c2edbf1 | Olga Brani | |
1372 | 08ad5b01 | Constantinos Venetsanopoulos | By default, the global service name is "Synnefo" and the company name is |
1373 | 08ad5b01 | Constantinos Venetsanopoulos | "GRNET". These names and their respective logos and URLs are used throughout |
1374 | 08ad5b01 | Constantinos Venetsanopoulos | the Astakos, Pithos and Cyclades UI. |
1375 | 9c2edbf1 | Olga Brani | |
1376 | 08ad5b01 | Constantinos Venetsanopoulos | **Names and URLs:** |
1377 | 9c2edbf1 | Olga Brani | |
1378 | 08ad5b01 | Constantinos Venetsanopoulos | The first group of branding customization refers to the service's and company's |
1379 | 08ad5b01 | Constantinos Venetsanopoulos | information. |
1380 | 9c2edbf1 | Olga Brani | |
1381 | 08ad5b01 | Constantinos Venetsanopoulos | You can overwrite the company and the service name and URL respectively by |
1382 | 08ad5b01 | Constantinos Venetsanopoulos | uncommenting and setting the following: |
1383 | 9c2edbf1 | Olga Brani | |
1384 | 77186edf | Kostas Papadimitriou | .. code-block:: python |
1385 | 77186edf | Kostas Papadimitriou | |
1386 | 77186edf | Kostas Papadimitriou | # setting used in Astakos Dashboard/Projects pages |
1387 | 77186edf | Kostas Papadimitriou | BRANDING_SERVICE_NAME = 'My cloud' |
1388 | 77186edf | Kostas Papadimitriou | BRANDING_SERVICE_URL = 'http://www.mycloud.synnefo.org/' |
1389 | 9c2edbf1 | Olga Brani | |
1390 | 77186edf | Kostas Papadimitriou | # settings used in Astakos, Pithos, Cyclades footer only if |
1391 | 77186edf | Kostas Papadimitriou | # BRANDING_SHOW_COPYRIGHT is set to True |
1392 | 77186edf | Kostas Papadimitriou | BRANDING_SHOW_COPYRIGHT = True |
1393 | 77186edf | Kostas Papadimitriou | BRANDING_COMPANY_NAME = 'Company LTD' |
1394 | 77186edf | Kostas Papadimitriou | BRANDING_COMPANY_URL = 'https://www.company-ltd.synnefo.org/' |
1395 | 9c2edbf1 | Olga Brani | |
1396 | 9c2edbf1 | Olga Brani | |
1397 | 97a096f1 | Olga Brani | **Copyright and footer options:** |
1398 | 9c2edbf1 | Olga Brani | |
1399 | 08ad5b01 | Constantinos Venetsanopoulos | By default, no Copyright message is shown in the UI footer. If you want to make |
1400 | 08ad5b01 | Constantinos Venetsanopoulos | it visible in the footer of Astakos, Pithos and Cyclades UI, you can uncomment |
1401 | 77186edf | Kostas Papadimitriou | and set to ``True`` the ``BRANDING_SHOW_COPYRIGHT`` setting: |
1402 | 9c2edbf1 | Olga Brani | |
1403 | 77186edf | Kostas Papadimitriou | .. code-block:: python |
1404 | 9c2edbf1 | Olga Brani | |
1405 | 9c2edbf1 | Olga Brani | #BRANDING_SHOW_COPYRIGHT = False |
1406 | 9c2edbf1 | Olga Brani | |
1407 | 77186edf | Kostas Papadimitriou | Copyright message defaults to 'Copyright (c) 2011-<current_year> |
1408 | 08ad5b01 | Constantinos Venetsanopoulos | <BRANDING_COMPANY_NAME>.' but you can overwrite it to a completely custom one by |
1409 | 08ad5b01 | Constantinos Venetsanopoulos | setting the following option: |
1410 | 9c2edbf1 | Olga Brani | |
1411 | 77186edf | Kostas Papadimitriou | .. code-block:: python |
1412 | 77186edf | Kostas Papadimitriou | |
1413 | 77186edf | Kostas Papadimitriou | BRANDING_COPYRIGHT_MESSAGE = 'Copyright (c) 2011-2013 GRNET' |
1414 | 9c2edbf1 | Olga Brani | |
1415 | 97a096f1 | Olga Brani | If you want to include a custom message in the footer, you can uncomment and |
1416 | 97a096f1 | Olga Brani | set the ``BRANDING_FOOTER_EXTRA_MESSAGE`` setting. You can use html markup. |
1417 | 97a096f1 | Olga Brani | Your custom message will appear above Copyright message at the Compute |
1418 | 97a096f1 | Olga Brani | templates and the Dashboard UI. |
1419 | 97a096f1 | Olga Brani | |
1420 | 97a096f1 | Olga Brani | .. code-block:: python |
1421 | 97a096f1 | Olga Brani | |
1422 | 97a096f1 | Olga Brani | #BRANDING_FOOTER_EXTRA_MESSAGE = '' |
1423 | 97a096f1 | Olga Brani | |
1424 | 9c2edbf1 | Olga Brani | |
1425 | 9c2edbf1 | Olga Brani | **Images:** |
1426 | 9c2edbf1 | Olga Brani | |
1427 | 08ad5b01 | Constantinos Venetsanopoulos | The Astakos, Pithos and Cyclades Web UI has some logos and images. |
1428 | 08ad5b01 | Constantinos Venetsanopoulos | |
1429 | 9c2edbf1 | Olga Brani | The branding-related images are presented in the following table: |
1430 | 9c2edbf1 | Olga Brani | |
1431 | 9c2edbf1 | Olga Brani | =============== ============================ ========= |
1432 | 9c2edbf1 | Olga Brani | Image Name/extension convention Usage |
1433 | 9c2edbf1 | Olga Brani | =============== ============================ ========= |
1434 | 9c2edbf1 | Olga Brani | Favicon favicon.ico Favicon for all services |
1435 | 9c2edbf1 | Olga Brani | Dashboard logo dashboard_logo.png Visible in all Astakos UI pages |
1436 | 9c2edbf1 | Olga Brani | Compute logo compute_logo.png Visible in all Cyclades UI pages |
1437 | 08ad5b01 | Constantinos Venetsanopoulos | Console logo console_logo.png Visible in the Cyclades Console Window |
1438 | 08ad5b01 | Constantinos Venetsanopoulos | Storage logo storage_logo.png Visible in all Pithos UI pages |
1439 | 9c2edbf1 | Olga Brani | =============== ============================ ========= |
1440 | 9c2edbf1 | Olga Brani | |
1441 | 08ad5b01 | Constantinos Venetsanopoulos | There are two methods available for replacing all, or individual, |
1442 | 263cb456 | Olga Brani | branding-related images: |
1443 | 9c2edbf1 | Olga Brani | |
1444 | 77186edf | Kostas Papadimitriou | 1. Create a new directory inside ``/usr/share/synnefo/static/`` (e.g. |
1445 | 77186edf | Kostas Papadimitriou | ``mybranding``) and place there some or all of your images. |
1446 | 9c2edbf1 | Olga Brani | |
1447 | 08ad5b01 | Constantinos Venetsanopoulos | If you want to replace all of your images, keep the name/extension |
1448 | 77186edf | Kostas Papadimitriou | conventions as indicated in the above table and change the |
1449 | 77186edf | Kostas Papadimitriou | ``BRANDING_IMAGE_MEDIA_URL`` setting accordingly: |
1450 | 9c2edbf1 | Olga Brani | |
1451 | 77186edf | Kostas Papadimitriou | .. code-block:: python |
1452 | 77186edf | Kostas Papadimitriou | |
1453 | 77186edf | Kostas Papadimitriou | # using relative path |
1454 | 77186edf | Kostas Papadimitriou | BRANDING_IMAGE_MEDIA_URL= '/static/mybranding/images/' |
1455 | 9c2edbf1 | Olga Brani | |
1456 | 77186edf | Kostas Papadimitriou | # or if you already host them in a separate domain (e.g. cdn) |
1457 | 77186edf | Kostas Papadimitriou | BRANDING_IMAGE_MEDIA_URL= 'https://cdn.synnefo.org/branding/images/' |
1458 | 9c2edbf1 | Olga Brani | |
1459 | 9c2edbf1 | Olga Brani | |
1460 | 08ad5b01 | Constantinos Venetsanopoulos | If you wish to replace individual images, **do not uncomment** |
1461 | 08ad5b01 | Constantinos Venetsanopoulos | ``BRANDING_IMAGE_MEDIA_URL``, but instead provide a relative path, pointing to |
1462 | 08ad5b01 | Constantinos Venetsanopoulos | the file inside your directory for each ``BRANDING_<image>_URL`` that you wish |
1463 | 08ad5b01 | Constantinos Venetsanopoulos | to replace. |
1464 | 9c2edbf1 | Olga Brani | |
1465 | 263cb456 | Olga Brani | 2. Upload some or all of your images to a server and replace each |
1466 | 08ad5b01 | Constantinos Venetsanopoulos | ``BRANDING_<image>_URL`` with the absolute url of the image (i.e. |
1467 | 77186edf | Kostas Papadimitriou | ``BRANDING_DASHBOARD_URL = 'https://www.synnefo.com/images/my_dashboard.jpg'``). |
1468 | 9c2edbf1 | Olga Brani | |
1469 | 77186edf | Kostas Papadimitriou | Note that the alternative text for each image tag inside html documents is |
1470 | 08ad5b01 | Constantinos Venetsanopoulos | alt=“BRANDING_SERVICE_NAME {Dashboard, Compute. Console, Storage}” respectively. |
1471 | 9c2edbf1 | Olga Brani | |
1472 | 42e767d4 | Olga Brani | .. note:: Retina optimized images: |
1473 | 9c2edbf1 | Olga Brani | |
1474 | 08ad5b01 | Constantinos Venetsanopoulos | Synnefo UI is optimized for Retina displays. As far as images are concerned, |
1475 | 08ad5b01 | Constantinos Venetsanopoulos | `retina.js <http://retinajs.com/>`_ is used. |
1476 | 9c2edbf1 | Olga Brani | |
1477 | 77186edf | Kostas Papadimitriou | Retina.js checks each image on a page to see if there is a high-resolution |
1478 | 08ad5b01 | Constantinos Venetsanopoulos | version of that image on your server. If a high-resolution variant exists, |
1479 | 08ad5b01 | Constantinos Venetsanopoulos | the script will swap in that image in-place. |
1480 | 9c2edbf1 | Olga Brani | |
1481 | 08ad5b01 | Constantinos Venetsanopoulos | The script assumes you use `Apple's prescribed high-resolution modifier (@2x) |
1482 | 08ad5b01 | Constantinos Venetsanopoulos | <http://developer.apple.com/library/ios/#documentation/2DDrawing/Conceptual/ |
1483 | 08ad5b01 | Constantinos Venetsanopoulos | DrawingPrintingiOS/SupportingHiResScreensInViews/SupportingHiResScreensInViews |
1484 | 08ad5b01 | Constantinos Venetsanopoulos | .html#//apple_ref/doc/uid/TP40010156-CH15-SW1>`_ to denote high-resolution |
1485 | 08ad5b01 | Constantinos Venetsanopoulos | image variants on your server. |
1486 | 9c2edbf1 | Olga Brani | |
1487 | 08ad5b01 | Constantinos Venetsanopoulos | For each of the images that you wish the script to replace, you must have a |
1488 | 08ad5b01 | Constantinos Venetsanopoulos | high-resolution variant in the same folder named correctly and it will be |
1489 | 08ad5b01 | Constantinos Venetsanopoulos | detected automatically. For example if your image is in <my_directory> and is |
1490 | 08ad5b01 | Constantinos Venetsanopoulos | named "my_image.jpg" the script will look in the same directory for an image |
1491 | 08ad5b01 | Constantinos Venetsanopoulos | named "my_image@2x.jpg". |
1492 | 9c2edbf1 | Olga Brani | |
1493 | 08ad5b01 | Constantinos Venetsanopoulos | In case that you don’t want to use a high-resolution image, the |
1494 | 08ad5b01 | Constantinos Venetsanopoulos | normal-resolution image will be visible. |
1495 | 9c2edbf1 | Olga Brani | |
1496 | 08ad5b01 | Constantinos Venetsanopoulos | More branding |
1497 | 08ad5b01 | Constantinos Venetsanopoulos | ~~~~~~~~~~~~~ |
1498 | 9c2edbf1 | Olga Brani | |
1499 | 08ad5b01 | Constantinos Venetsanopoulos | Although, it is not 100% branding-related, further verbal customization is |
1500 | 08ad5b01 | Constantinos Venetsanopoulos | feasible. |
1501 | 9c2edbf1 | Olga Brani | |
1502 | 9c2edbf1 | Olga Brani | **EMAILS** |
1503 | 9c2edbf1 | Olga Brani | |
1504 | 77186edf | Kostas Papadimitriou | The output of all email `*`.txt files will be already customized to contain your |
1505 | 77186edf | Kostas Papadimitriou | company and service names but you can further alter their content if you feel it |
1506 | 77186edf | Kostas Papadimitriou | best fits your needs as simple as creasynnefo template. |
1507 | 017b7d20 | Olga Brani | |
1508 | 77186edf | Kostas Papadimitriou | In order to overwrite one or more email-templates you need to place your |
1509 | 77186edf | Kostas Papadimitriou | modified <email-file>.txt files respecting the following structure: |
1510 | 017b7d20 | Olga Brani | |
1511 | 77186edf | Kostas Papadimitriou | **/etc/synnefo/templates/** |
1512 | 77186edf | Kostas Papadimitriou | **im/** |
1513 | 017b7d20 | Olga Brani | | activation_email.txt |
1514 | 017b7d20 | Olga Brani | | email.txt |
1515 | 017b7d20 | Olga Brani | | invitation.txt |
1516 | 017b7d20 | Olga Brani | | switch_accounts_email.txt |
1517 | 017b7d20 | Olga Brani | | welcome_email.txt |
1518 | 77186edf | Kostas Papadimitriou | **projects/** |
1519 | 017b7d20 | Olga Brani | | project_approval_notification.txt |
1520 | 017b7d20 | Olga Brani | | project_denial_notification.txt |
1521 | 017b7d20 | Olga Brani | | project_membership_change_notification.txt |
1522 | 017b7d20 | Olga Brani | | project_membership_enroll_notification.txt |
1523 | 017b7d20 | Olga Brani | | project_membership_leave_request_notification.txt |
1524 | 017b7d20 | Olga Brani | | project_membership_request_notification.txt |
1525 | 017b7d20 | Olga Brani | | project_suspension_notification.txt |
1526 | 017b7d20 | Olga Brani | | project_termination_notification.txt |
1527 | 77186edf | Kostas Papadimitriou | **registration/** |
1528 | 017b7d20 | Olga Brani | | email_change_email.txt |
1529 | 017b7d20 | Olga Brani | | password_email.txt |
1530 | 017b7d20 | Olga Brani | |
1531 | 017b7d20 | Olga Brani | Feel free to omit any of the above files you do not wish to overwrite. |
1532 | 017b7d20 | Olga Brani | |
1533 | 9c2edbf1 | Olga Brani | Below is a list of all emails sent by Synnefo to users along with a short |
1534 | 9c2edbf1 | Olga Brani | description and a link to their content: |
1535 | 9c2edbf1 | Olga Brani | |
1536 | 08ad5b01 | Constantinos Venetsanopoulos | * ``snf-astakos-app/astakos/im/templates/im/email.txt`` |
1537 | 08ad5b01 | Constantinos Venetsanopoulos | Base email template. Contains a contact email and a “thank you” message. |
1538 | 08ad5b01 | Constantinos Venetsanopoulos | (`Link <https://code.grnet.gr/projects/synnefo/repository/revisions/master/changes/snf-astakos-app/astakos/im/templates/im/email.txt>`_) |
1539 | 08ad5b01 | Constantinos Venetsanopoulos | * ``snf-astakos-app/astakos/im/templates/im/activation_email.txt`` Email sent to |
1540 | 08ad5b01 | Constantinos Venetsanopoulos | user that prompts him/her to click on a link provided to activate the account. |
1541 | 08ad5b01 | Constantinos Venetsanopoulos | Extends “email.txt” (`Link <https://code.grnet.gr/projects/synnefo/repository/revisions/master/changes/snf-astakos-app/astakos/im/templates/im/activation_email.txt>`_) |
1542 | 08ad5b01 | Constantinos Venetsanopoulos | * ``snf-astakos-app/astakos/im/templates/im/invitation.txt`` Email sent to an |
1543 | 08ad5b01 | Constantinos Venetsanopoulos | invited user. He/she has to click on a link provided to activate the account. |
1544 | 08ad5b01 | Constantinos Venetsanopoulos | Extends “email.txt” (`Link <https://code.grnet.gr/projects/synnefo/repository/revisions/master/changes/snf-astakos-app/astakos/im/templates/im/invitation.txt>`_) |
1545 | 08ad5b01 | Constantinos Venetsanopoulos | * ``snf-astakos-app/astakos/im/templates/im/switch_accounts_email.txt`` Email |
1546 | 08ad5b01 | Constantinos Venetsanopoulos | sent to user upon his/her request to associate this email address with a |
1547 | 08ad5b01 | Constantinos Venetsanopoulos | shibboleth account. He/she has to click on a link provided to activate the |
1548 | 08ad5b01 | Constantinos Venetsanopoulos | association. Extends “email.txt” (`Link <https://code.grnet.gr/projects/synnefo/repository/revisions/master/changes/snf-astakos-app/astakos/im/templates/im/switch_accounts_email.txt>`_) |
1549 | 08ad5b01 | Constantinos Venetsanopoulos | * ``snf-astakos-app/astakos/im/templates/im/welcome_email.txt`` Email sent to |
1550 | 08ad5b01 | Constantinos Venetsanopoulos | inform the user that his/ her account has been activated. Extends “email.txt” |
1551 | 08ad5b01 | Constantinos Venetsanopoulos | (`Link <https://code.grnet.gr/projects/synnefo/repository/revisions/master/changes/snf-astakos-app/astakos/im/templates/im/welcome_email.txt>`_) |
1552 | 08ad5b01 | Constantinos Venetsanopoulos | * ``snf-astakos-app/astakos/im/templates/registration/email_change_email.txt`` |
1553 | 08ad5b01 | Constantinos Venetsanopoulos | Email sent to user when he/she has requested new email address assignment. The |
1554 | 08ad5b01 | Constantinos Venetsanopoulos | user has to click on a link provided to validate this action. Extends |
1555 | 08ad5b01 | Constantinos Venetsanopoulos | “email.txt” (`Link <https://code.grnet.gr/projects/synnefo/repository/revisions/master/changes/snf-astakos-app/astakos/im/templates/registration/email_change_email.txt>`_) |
1556 | 08ad5b01 | Constantinos Venetsanopoulos | * ``snf-astakos-app/astakos/im/templates/registration/password_email.txt`` Email |
1557 | 08ad5b01 | Constantinos Venetsanopoulos | sent for resetting password purpose. The user has to click on a link provided |
1558 | 08ad5b01 | Constantinos Venetsanopoulos | to validate this action. Extends “email.txt” (`Link <https://code.grnet.gr/projects/synnefo/repository/revisions/master/changes/snf-astakos-app/astakos/im/templates/registration/password_email.txt>`_) |
1559 | 08ad5b01 | Constantinos Venetsanopoulos | * ``snf-astakos-app/astakos/im/templates/im/projects/project_approval_notification.txt`` |
1560 | 08ad5b01 | Constantinos Venetsanopoulos | Informs the project owner that his/her project has been approved. Extends |
1561 | 08ad5b01 | Constantinos Venetsanopoulos | “email.txt” (`Link <https://code.grnet.gr/projects/synnefo/repository/revisions/master/changes/snf-astakos-app/astakos/im/templates/im/projects/project_approval_notification.txt>`_) |
1562 | 08ad5b01 | Constantinos Venetsanopoulos | * ``snf-astakos-app/astakos/im/templates/im/projects/project_denial_notification.txt`` |
1563 | 08ad5b01 | Constantinos Venetsanopoulos | Informs the project owner that his/her project application has been denied |
1564 | 08ad5b01 | Constantinos Venetsanopoulos | explaining the reasons. Extends “email.txt” (`Link <https://code.grnet.gr/projects/synnefo/repository/revisions/master/changes/snf-astakos-app/astakos/im/templates/im/projects/project_denial_notification.txt>`_) |
1565 | 08ad5b01 | Constantinos Venetsanopoulos | * ``snf-astakos-app/astakos/im/templates/im/projects/project_membership_change_notification.txt`` |
1566 | 08ad5b01 | Constantinos Venetsanopoulos | An email is sent to a user containing information about his project membership |
1567 | 08ad5b01 | Constantinos Venetsanopoulos | (whether he has been accepted, rejected or removed). Extends “email.txt” (`Link |
1568 | 08ad5b01 | Constantinos Venetsanopoulos | <https://code.grnet.gr/projects/synnefo/repository/revisions/master/changes/snf-astakos-app/astakos/im/templates/im/projects/project_membership_change_notification.txt>`_) |
1569 | 08ad5b01 | Constantinos Venetsanopoulos | * ``snf-astakos-app/astakos/im/templates/im/projects/project_membership_enroll_notification.txt`` |
1570 | 08ad5b01 | Constantinos Venetsanopoulos | Informs a user that he/she has been enrolled to a project. Extends |
1571 | 08ad5b01 | Constantinos Venetsanopoulos | “email.txt” (`Link <https://code.grnet.gr/projects/synnefo/repository/revisions/master/changes/snf-astakos-app/astakos/im/templates/im/projects/project_membership_enroll_notification.txt>`_) |
1572 | 08ad5b01 | Constantinos Venetsanopoulos | * ``snf-astakos-app/astakos/im/templates/im/projects/project_membership_leave_request_notification.txt`` |
1573 | 08ad5b01 | Constantinos Venetsanopoulos | An email is sent to the project owner to make him aware of a user having |
1574 | 08ad5b01 | Constantinos Venetsanopoulos | requested to leave his project. Extends “email.txt” (`Link <https://code.grnet.gr/projects/synnefo/repository/revisions/master/changes/snf-astakos-app/astakos/im/templates/im/projects/project_membership_leave_request_notification.txt>`_) |
1575 | 08ad5b01 | Constantinos Venetsanopoulos | * ``snf-astakos-app/astakos/im/templates/im/projects/project_membership_request_notification.txt`` |
1576 | 08ad5b01 | Constantinos Venetsanopoulos | An email is sent to the project owner to make him/her aware of a user having |
1577 | 08ad5b01 | Constantinos Venetsanopoulos | requested to join his project. Extends “email.txt” (`Link <https://code.grnet.gr/projects/synnefo/repository/revisions/master/changes/snf-astakos-app/astakos/im/templates/im/projects/project_membership_request_notification.txt>`_) |
1578 | 08ad5b01 | Constantinos Venetsanopoulos | * ``snf-astakos-app/astakos/im/templates/im/projects/project_suspension_notification.txt`` |
1579 | 08ad5b01 | Constantinos Venetsanopoulos | An email is sent to the project owner to make him/her aware of his/her project |
1580 | 08ad5b01 | Constantinos Venetsanopoulos | having been suspended. Extends “email.txt” (`Link <https://code.grnet.gr/projects/synnefo/repository/revisions/master/changes/snf-astakos-app/astakos/im/templates/im/projects/project_suspension_notification.txt>`_) |
1581 | 08ad5b01 | Constantinos Venetsanopoulos | * ``snf-astakos-app/astakos/im/templates/im/projects/project_termination_notification.txt`` |
1582 | 08ad5b01 | Constantinos Venetsanopoulos | An email is sent to the project owner to make him/her aware of his/her project |
1583 | 08ad5b01 | Constantinos Venetsanopoulos | having been terminated. Extends “email.txt” (`Link <https://code.grnet.gr/projects/synnefo/repository/revisions/master/changes/snf-astakos-app/astakos/im/templates/im/projects/project_termination_notification.txt>`_) |
1584 | 9c2edbf1 | Olga Brani | |
1585 | 9c2edbf1 | Olga Brani | .. warning:: Django templates language: |
1586 | 9c2edbf1 | Olga Brani | |
1587 | 9c2edbf1 | Olga Brani | If you choose to overwrite these email templates, be mindful of the necessary |
1588 | 263cb456 | Olga Brani | information contained in django template variables that must not be omitted, |
1589 | 263cb456 | Olga Brani | such as the activation link for activating one’s account and many more. |
1590 | 263cb456 | Olga Brani | These variables are contained into {{}} inside the templates. |
1591 | 9c2edbf1 | Olga Brani | |
1592 | 9c2edbf1 | Olga Brani | |
1593 | 9b659162 | Christos Stavrakakis | .. RabbitMQ |
1594 | a1c707c9 | Constantinos Venetsanopoulos | |
1595 | 9b659162 | Christos Stavrakakis | RabbitMQ Broker |
1596 | 9b659162 | Christos Stavrakakis | --------------- |
1597 | 9b659162 | Christos Stavrakakis | |
1598 | 9b659162 | Christos Stavrakakis | Queue nodes run the RabbitMQ sofware, which provides AMQP functionality. To |
1599 | 9b659162 | Christos Stavrakakis | guarantee high-availability, more than one Queue nodes should be deployed, each |
1600 | 9b659162 | Christos Stavrakakis | of them belonging to the same `RabbitMQ cluster |
1601 | a1c707c9 | Constantinos Venetsanopoulos | <http://www.rabbitmq.com/clustering.html>`_. Synnefo uses the RabbitMQ |
1602 | a1c707c9 | Constantinos Venetsanopoulos | active/active `High Available Queues <http://www.rabbitmq.com/ha.html>`_ which |
1603 | a1c707c9 | Constantinos Venetsanopoulos | are mirrored between two nodes within a RabbitMQ cluster. |
1604 | a1c707c9 | Constantinos Venetsanopoulos | |
1605 | a1c707c9 | Constantinos Venetsanopoulos | The RabbitMQ nodes that form the cluster, are declared to Synnefo through the |
1606 | a1c707c9 | Constantinos Venetsanopoulos | `AMQP_HOSTS` setting. Each time a Synnefo component needs to connect to |
1607 | a1c707c9 | Constantinos Venetsanopoulos | RabbitMQ, one of these nodes is chosen in a random way. The client that Synnefo |
1608 | a1c707c9 | Constantinos Venetsanopoulos | uses to connect to RabbitMQ, handles connection failures transparently and |
1609 | a1c707c9 | Constantinos Venetsanopoulos | tries to reconnect to a different node. As long as one of these nodes are up |
1610 | a1c707c9 | Constantinos Venetsanopoulos | and running, functionality of Synnefo should not be downgraded by the RabbitMQ |
1611 | a1c707c9 | Constantinos Venetsanopoulos | node failures. |
1612 | 9b659162 | Christos Stavrakakis | |
1613 | 9b659162 | Christos Stavrakakis | All the queues that are being used are declared as durable, meaning that |
1614 | a1c707c9 | Constantinos Venetsanopoulos | messages are persistently stored to RabbitMQ, until they get successfully |
1615 | a1c707c9 | Constantinos Venetsanopoulos | processed by a client. |
1616 | 9b659162 | Christos Stavrakakis | |
1617 | 9b659162 | Christos Stavrakakis | Currently, RabbitMQ is used by the following components: |
1618 | 9b659162 | Christos Stavrakakis | |
1619 | a1c707c9 | Constantinos Venetsanopoulos | * `snf-ganeti-eventd`, `snf-ganeti-hook` and `snf-progress-monitor`: |
1620 | 9b659162 | Christos Stavrakakis | These components send messages concerning the status and progress of |
1621 | 9b659162 | Christos Stavrakakis | jobs in the Ganeti backend. |
1622 | a1c707c9 | Constantinos Venetsanopoulos | * `snf-dispatcher`: This daemon, consumes the messages that are sent from |
1623 | a1c707c9 | Constantinos Venetsanopoulos | the above components, and updates the Cyclades DB accordingly. |
1624 | 9b659162 | Christos Stavrakakis | |
1625 | e4404297 | Christos Stavrakakis | |
1626 | 9b659162 | Christos Stavrakakis | Installation |
1627 | 301294a9 | Constantinos Venetsanopoulos | ~~~~~~~~~~~~ |
1628 | 301294a9 | Constantinos Venetsanopoulos | |
1629 | a1c707c9 | Constantinos Venetsanopoulos | Please check the RabbitMQ documentation which covers extensively the |
1630 | a1c707c9 | Constantinos Venetsanopoulos | `installation of RabbitMQ server <http://www.rabbitmq.com/download.html>`_ and |
1631 | a1c707c9 | Constantinos Venetsanopoulos | the setup of a `RabbitMQ cluster <http://www.rabbitmq.com/clustering.html>`_. |
1632 | a1c707c9 | Constantinos Venetsanopoulos | Also, check out the `web management plugin |
1633 | a1c707c9 | Constantinos Venetsanopoulos | <http://www.rabbitmq.com/management.html>`_ that can be useful for managing and |
1634 | a1c707c9 | Constantinos Venetsanopoulos | monitoring RabbitMQ. |
1635 | 9b659162 | Christos Stavrakakis | |
1636 | 9b659162 | Christos Stavrakakis | For a basic installation of RabbitMQ on two nodes (node1 and node2) you can do |
1637 | a1c707c9 | Constantinos Venetsanopoulos | the following: |
1638 | 9b659162 | Christos Stavrakakis | |
1639 | a1c707c9 | Constantinos Venetsanopoulos | On both nodes, install rabbitmq-server and create a Synnefo user: |
1640 | 9b659162 | Christos Stavrakakis | |
1641 | 9b659162 | Christos Stavrakakis | .. code-block:: console |
1642 | 9b659162 | Christos Stavrakakis | |
1643 | 9b659162 | Christos Stavrakakis | $ apt-get install rabbitmq-server |
1644 | 9b659162 | Christos Stavrakakis | $ rabbitmqctl add_user synnefo "example_pass" |
1645 | 9b659162 | Christos Stavrakakis | $ rabbitmqctl set_permissions synnefo ".*" ".*" ".*" |
1646 | 9b659162 | Christos Stavrakakis | |
1647 | a1c707c9 | Constantinos Venetsanopoulos | Also guarantee that both nodes share the same cookie, by running: |
1648 | 9b659162 | Christos Stavrakakis | |
1649 | 9b659162 | Christos Stavrakakis | .. code-block:: console |
1650 | 9b659162 | Christos Stavrakakis | |
1651 | 9b659162 | Christos Stavrakakis | $ scp node1:/var/lib/rabbitmq/.erlang.cookie node2:/var/lib/rabbitmq/.erlang.cookie |
1652 | 9b659162 | Christos Stavrakakis | |
1653 | 9b659162 | Christos Stavrakakis | and restart the nodes: |
1654 | 9b659162 | Christos Stavrakakis | |
1655 | 9b659162 | Christos Stavrakakis | .. code-block:: console |
1656 | 9b659162 | Christos Stavrakakis | |
1657 | 9b659162 | Christos Stavrakakis | $ /etc/init.d/rabbitmq-server restart |
1658 | 9b659162 | Christos Stavrakakis | |
1659 | 9b659162 | Christos Stavrakakis | |
1660 | 9b659162 | Christos Stavrakakis | To setup the RabbitMQ cluster run: |
1661 | 9b659162 | Christos Stavrakakis | |
1662 | 9b659162 | Christos Stavrakakis | .. code-block:: console |
1663 | 9b659162 | Christos Stavrakakis | |
1664 | 9b659162 | Christos Stavrakakis | root@node2: rabbitmqctl stop_app |
1665 | 9b659162 | Christos Stavrakakis | root@node2: rabbitmqctl reset |
1666 | 9b659162 | Christos Stavrakakis | root@node2: rabbitmqctl cluster rabbit@node1 rabbit@node2 |
1667 | 9b659162 | Christos Stavrakakis | root@node2: rabbitmqctl start_app |
1668 | 9b659162 | Christos Stavrakakis | |
1669 | 9b659162 | Christos Stavrakakis | You can verify that the cluster is set up correctly by running: |
1670 | 9b659162 | Christos Stavrakakis | |
1671 | 9b659162 | Christos Stavrakakis | .. code-block:: console |
1672 | 9b659162 | Christos Stavrakakis | |
1673 | 9b659162 | Christos Stavrakakis | root@node2: rabbitmqctl cluster_status |
1674 | 9b659162 | Christos Stavrakakis | |
1675 | 9b659162 | Christos Stavrakakis | |
1676 | bc055d09 | Constantinos Venetsanopoulos | Logging |
1677 | bc055d09 | Constantinos Venetsanopoulos | ------- |
1678 | bc055d09 | Constantinos Venetsanopoulos | |
1679 | bc055d09 | Constantinos Venetsanopoulos | Logging in Synnefo is using Python's logging module. The module is configured |
1680 | bc055d09 | Constantinos Venetsanopoulos | using dictionary configuration, whose format is described here: |
1681 | bc055d09 | Constantinos Venetsanopoulos | |
1682 | bc055d09 | Constantinos Venetsanopoulos | http://docs.python.org/release/2.7.1/library/logging.html#logging-config-dictschema |
1683 | bc055d09 | Constantinos Venetsanopoulos | |
1684 | bc055d09 | Constantinos Venetsanopoulos | Note that this is a feature of Python 2.7 that we have backported for use in |
1685 | bc055d09 | Constantinos Venetsanopoulos | Python 2.6. |
1686 | bc055d09 | Constantinos Venetsanopoulos | |
1687 | 4be65f1f | Christos Stavrakakis | The logging configuration dictionary is defined in |
1688 | a1c707c9 | Constantinos Venetsanopoulos | ``/etc/synnefo/10-snf-webproject-logging.conf`` |
1689 | bc055d09 | Constantinos Venetsanopoulos | |
1690 | a1c707c9 | Constantinos Venetsanopoulos | The administrator can have finer logging control by modifying the |
1691 | a1c707c9 | Constantinos Venetsanopoulos | ``LOGGING_SETUP`` dictionary, and defining subloggers with different handlers |
1692 | a1c707c9 | Constantinos Venetsanopoulos | and log levels. e.g. To enable debug messages only for the API set the level |
1693 | a1c707c9 | Constantinos Venetsanopoulos | of 'synnefo.api' to ``DEBUG`` |
1694 | 4be65f1f | Christos Stavrakakis | |
1695 | a1c707c9 | Constantinos Venetsanopoulos | By default, the Django webapp and snf-manage logs to syslog, while |
1696 | a1c707c9 | Constantinos Venetsanopoulos | `snf-dispatcher` logs to `/var/log/synnefo/dispatcher.log`. |
1697 | bc055d09 | Constantinos Venetsanopoulos | |
1698 | d189d11c | Constantinos Venetsanopoulos | |
1699 | 21d3d487 | Constantinos Venetsanopoulos | .. _scale-up: |
1700 | 21d3d487 | Constantinos Venetsanopoulos | |
1701 | bc055d09 | Constantinos Venetsanopoulos | Scaling up to multiple nodes |
1702 | bc055d09 | Constantinos Venetsanopoulos | ============================ |
1703 | bc055d09 | Constantinos Venetsanopoulos | |
1704 | 301294a9 | Constantinos Venetsanopoulos | Here we will describe how should a large scale Synnefo deployment look like. Make |
1705 | 301294a9 | Constantinos Venetsanopoulos | sure you are familiar with Synnefo and Ganeti before proceeding with this section. |
1706 | 301294a9 | Constantinos Venetsanopoulos | This means you should at least have already set up successfully a working Synnefo |
1707 | ff6ba888 | Constantinos Venetsanopoulos | deployment as described in the :ref:`Admin's Installation Guide |
1708 | 301294a9 | Constantinos Venetsanopoulos | <quick-install-admin-guide>` and also read the Administrator's Guide until this |
1709 | 301294a9 | Constantinos Venetsanopoulos | section. |
1710 | 2f6143c9 | Constantinos Venetsanopoulos | |
1711 | 301294a9 | Constantinos Venetsanopoulos | Graph of a scale-out Synnefo deployment |
1712 | 301294a9 | Constantinos Venetsanopoulos | --------------------------------------- |
1713 | 2f6143c9 | Constantinos Venetsanopoulos | |
1714 | 301294a9 | Constantinos Venetsanopoulos | Each box in the following graph corresponds to a distinct physical node: |
1715 | 2f6143c9 | Constantinos Venetsanopoulos | |
1716 | 301294a9 | Constantinos Venetsanopoulos | .. image:: images/synnefo-arch2-roles.png |
1717 | 301294a9 | Constantinos Venetsanopoulos | :width: 100% |
1718 | 301294a9 | Constantinos Venetsanopoulos | :target: _images/synnefo-arch2-roles.png |
1719 | 301294a9 | Constantinos Venetsanopoulos | |
1720 | 301294a9 | Constantinos Venetsanopoulos | The above graph is actually the same with the one at the beginning of this |
1721 | 301294a9 | Constantinos Venetsanopoulos | :ref:`guide <admin-guide>`, with the only difference that here we show the |
1722 | 301294a9 | Constantinos Venetsanopoulos | Synnefo roles of each physical node. These roles are described in the |
1723 | 301294a9 | Constantinos Venetsanopoulos | following section. |
1724 | 301294a9 | Constantinos Venetsanopoulos | |
1725 | 21d3d487 | Constantinos Venetsanopoulos | .. _physical-node-roles: |
1726 | 21d3d487 | Constantinos Venetsanopoulos | |
1727 | 301294a9 | Constantinos Venetsanopoulos | Physical Node roles |
1728 | 301294a9 | Constantinos Venetsanopoulos | ------------------- |
1729 | 301294a9 | Constantinos Venetsanopoulos | |
1730 | 301294a9 | Constantinos Venetsanopoulos | As appears in the previous graph, a scale-out Synnefo deployment consists of |
1731 | 301294a9 | Constantinos Venetsanopoulos | multiple physical nodes that have the following roles: |
1732 | 301294a9 | Constantinos Venetsanopoulos | |
1733 | 301294a9 | Constantinos Venetsanopoulos | * **WEBSERVER**: A web server running in front of gunicorn (e.g.: Apache, nginx) |
1734 | 301294a9 | Constantinos Venetsanopoulos | * **ASTAKOS**: The Astakos application (gunicorn) |
1735 | 301294a9 | Constantinos Venetsanopoulos | * **ASTAKOS_DB**: The Astakos database (postgresql) |
1736 | 301294a9 | Constantinos Venetsanopoulos | * **PITHOS**: The Pithos application (gunicorn) |
1737 | 301294a9 | Constantinos Venetsanopoulos | * **PITHOS_DB**: The Pithos database (postgresql) |
1738 | 301294a9 | Constantinos Venetsanopoulos | * **CYCLADES**: The Cyclades application (gunicorn) |
1739 | 301294a9 | Constantinos Venetsanopoulos | * **CYCLADES_DB**: The Cyclades database (postgresql) |
1740 | 301294a9 | Constantinos Venetsanopoulos | * **MQ**: The message queue (RabbitMQ) |
1741 | 301294a9 | Constantinos Venetsanopoulos | * **GANETI_MASTER**: The Ganeti master of a Ganeti cluster |
1742 | 301294a9 | Constantinos Venetsanopoulos | * **GANETI_NODE** : A VM-capable Ganeti node of a Ganeti cluster |
1743 | 2f6143c9 | Constantinos Venetsanopoulos | |
1744 | 301294a9 | Constantinos Venetsanopoulos | You will probably also have: |
1745 | 2f6143c9 | Constantinos Venetsanopoulos | |
1746 | 301294a9 | Constantinos Venetsanopoulos | * **CMS**: The CMS used as a frotend portal for the Synnefo services |
1747 | 21d3d487 | Constantinos Venetsanopoulos | * **NS**: A nameserver serving all other Synnefo nodes and resolving Synnefo FQDNs |
1748 | 301294a9 | Constantinos Venetsanopoulos | * **CLIENT**: A machine that runs the Synnefo clients (e.g.: kamaki, Web UI), |
1749 | 301294a9 | Constantinos Venetsanopoulos | most of the times, the end user's local machine |
1750 | 301294a9 | Constantinos Venetsanopoulos | |
1751 | 301294a9 | Constantinos Venetsanopoulos | From this point we will also refer to the following groups of roles: |
1752 | 301294a9 | Constantinos Venetsanopoulos | |
1753 | 301294a9 | Constantinos Venetsanopoulos | * **SYNNEFO**: [ **ASTAKOS**, **ASTAKOS_DB**, **PITHOS**, **PITHOS_DB**, **CYCLADES**, **CYCLADES_DB**, **MQ**, **CMS**] |
1754 | 301294a9 | Constantinos Venetsanopoulos | * **G_BACKEND**: [**GANETI_MASTER**, **GANETI_NODE**] |
1755 | 301294a9 | Constantinos Venetsanopoulos | |
1756 | 301294a9 | Constantinos Venetsanopoulos | Of course, when deploying Synnefo you can combine multiple of the above roles on a |
1757 | 301294a9 | Constantinos Venetsanopoulos | single physical node, but if you are trying to scale out, the above separation |
1758 | 301294a9 | Constantinos Venetsanopoulos | gives you significant advantages. |
1759 | 301294a9 | Constantinos Venetsanopoulos | |
1760 | 301294a9 | Constantinos Venetsanopoulos | So, in the next section we will take a look on what components you will have to |
1761 | 301294a9 | Constantinos Venetsanopoulos | install on each physical node depending on its Synnefo role. We assume the graph's |
1762 | 301294a9 | Constantinos Venetsanopoulos | architecture. |
1763 | 301294a9 | Constantinos Venetsanopoulos | |
1764 | 301294a9 | Constantinos Venetsanopoulos | Components for each role |
1765 | 301294a9 | Constantinos Venetsanopoulos | ------------------------ |
1766 | 2f6143c9 | Constantinos Venetsanopoulos | |
1767 | 301294a9 | Constantinos Venetsanopoulos | When deploying Synnefo in large scale, you need to install different Synnefo |
1768 | 301294a9 | Constantinos Venetsanopoulos | or/and third party components on different physical nodes according to their |
1769 | 301294a9 | Constantinos Venetsanopoulos | Synnefo role, as stated in the previous section. |
1770 | 301294a9 | Constantinos Venetsanopoulos | |
1771 | 301294a9 | Constantinos Venetsanopoulos | Specifically: |
1772 | 301294a9 | Constantinos Venetsanopoulos | |
1773 | 301294a9 | Constantinos Venetsanopoulos | Role **WEBSERVER** |
1774 | 301294a9 | Constantinos Venetsanopoulos | * Synnefo components: `None` |
1775 | 301294a9 | Constantinos Venetsanopoulos | * 3rd party components: Apache |
1776 | 301294a9 | Constantinos Venetsanopoulos | Role **ASTAKOS** |
1777 | 301294a9 | Constantinos Venetsanopoulos | * Synnefo components: `snf-webproject`, `snf-astakos-app` |
1778 | 301294a9 | Constantinos Venetsanopoulos | * 3rd party components: Django, Gunicorn |
1779 | 301294a9 | Constantinos Venetsanopoulos | Role **ASTAKOS_DB** |
1780 | 301294a9 | Constantinos Venetsanopoulos | * Synnefo components: `None` |
1781 | 301294a9 | Constantinos Venetsanopoulos | * 3rd party components: PostgreSQL |
1782 | 301294a9 | Constantinos Venetsanopoulos | Role **PITHOS** |
1783 | 301294a9 | Constantinos Venetsanopoulos | * Synnefo components: `snf-webproject`, `snf-pithos-app`, `snf-pithos-webclient` |
1784 | 301294a9 | Constantinos Venetsanopoulos | * 3rd party components: Django, Gunicorn |
1785 | 301294a9 | Constantinos Venetsanopoulos | Role **PITHOS_DB** |
1786 | 301294a9 | Constantinos Venetsanopoulos | * Synnefo components: `None` |
1787 | 301294a9 | Constantinos Venetsanopoulos | * 3rd party components: PostgreSQL |
1788 | 301294a9 | Constantinos Venetsanopoulos | Role **CYCLADES** |
1789 | 301294a9 | Constantinos Venetsanopoulos | * Synnefo components: `snf-webproject`, `snf-cyclades-app`, `snf-vncauthproxy` |
1790 | 301294a9 | Constantinos Venetsanopoulos | * 3rd party components: Django Gunicorn |
1791 | 301294a9 | Constantinos Venetsanopoulos | Role **CYCLADES_DB** |
1792 | 301294a9 | Constantinos Venetsanopoulos | * Synnefo components: `None` |
1793 | 301294a9 | Constantinos Venetsanopoulos | * 3rd party components: PostgreSQL |
1794 | 301294a9 | Constantinos Venetsanopoulos | Role **MQ** |
1795 | 301294a9 | Constantinos Venetsanopoulos | * Synnefo components: `None` |
1796 | 301294a9 | Constantinos Venetsanopoulos | * 3rd party components: RabbitMQ |
1797 | 301294a9 | Constantinos Venetsanopoulos | Role **GANETI_MASTER** |
1798 | 301294a9 | Constantinos Venetsanopoulos | * Synnefo components: `snf-cyclades-gtools` |
1799 | 301294a9 | Constantinos Venetsanopoulos | * 3rd party components: Ganeti |
1800 | 301294a9 | Constantinos Venetsanopoulos | Role **GANETI_NODE** |
1801 | 301294a9 | Constantinos Venetsanopoulos | * Synnefo components: `snf-cyclades-gtools`, `snf-network`, `snf-image`, `nfdhcpd` |
1802 | 301294a9 | Constantinos Venetsanopoulos | * 3rd party components: Ganeti |
1803 | 301294a9 | Constantinos Venetsanopoulos | Role **CMS** |
1804 | 301294a9 | Constantinos Venetsanopoulos | * Synnefo components: `snf-webproject`, `snf-cloudcms` |
1805 | 301294a9 | Constantinos Venetsanopoulos | * 3rd party components: Django, Gunicorn |
1806 | 301294a9 | Constantinos Venetsanopoulos | Role **NS** |
1807 | 301294a9 | Constantinos Venetsanopoulos | * Synnefo components: `None` |
1808 | 301294a9 | Constantinos Venetsanopoulos | * 3rd party components: BIND |
1809 | 301294a9 | Constantinos Venetsanopoulos | Role **CLIENT** |
1810 | 301294a9 | Constantinos Venetsanopoulos | * Synnefo components: `kamaki`, `snf-image-creator` |
1811 | 301294a9 | Constantinos Venetsanopoulos | * 3rd party components: `None` |
1812 | 301294a9 | Constantinos Venetsanopoulos | |
1813 | 301294a9 | Constantinos Venetsanopoulos | Example scale out installation |
1814 | 301294a9 | Constantinos Venetsanopoulos | ------------------------------ |
1815 | 301294a9 | Constantinos Venetsanopoulos | |
1816 | 301294a9 | Constantinos Venetsanopoulos | In this section we describe an example of a medium scale installation which |
1817 | 301294a9 | Constantinos Venetsanopoulos | combines multiple roles on 10 different physical nodes. We also provide a |
1818 | 301294a9 | Constantinos Venetsanopoulos | :ref:`guide <i-synnefo>` to help with such an install. |
1819 | 301294a9 | Constantinos Venetsanopoulos | |
1820 | 301294a9 | Constantinos Venetsanopoulos | We assume that we have the following 10 physical nodes with the corresponding |
1821 | 301294a9 | Constantinos Venetsanopoulos | roles: |
1822 | 301294a9 | Constantinos Venetsanopoulos | |
1823 | 301294a9 | Constantinos Venetsanopoulos | Node1: |
1824 | 301294a9 | Constantinos Venetsanopoulos | **WEBSERVER**, **ASTAKOS** |
1825 | 301294a9 | Constantinos Venetsanopoulos | Guide sections: |
1826 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`apt <i-apt>` |
1827 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`gunicorn <i-gunicorn>` |
1828 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`apache <i-apache>` |
1829 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`snf-webproject <i-webproject>` |
1830 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`snf-astakos-app <i-astakos>` |
1831 | 301294a9 | Constantinos Venetsanopoulos | Node2: |
1832 | 301294a9 | Constantinos Venetsanopoulos | **WEBSERVER**, **PITHOS** |
1833 | 301294a9 | Constantinos Venetsanopoulos | Guide sections: |
1834 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`apt <i-apt>` |
1835 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`gunicorn <i-gunicorn>` |
1836 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`apache <i-apache>` |
1837 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`snf-webproject <i-webproject>` |
1838 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`snf-pithos-app <i-pithos>` |
1839 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`snf-pithos-webclient <i-pithos>` |
1840 | 301294a9 | Constantinos Venetsanopoulos | Node3: |
1841 | 301294a9 | Constantinos Venetsanopoulos | **WEBSERVER**, **CYCLADES** |
1842 | 301294a9 | Constantinos Venetsanopoulos | Guide sections: |
1843 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`apt <i-apt>` |
1844 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`gunicorn <i-gunicorn>` |
1845 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`apache <i-apache>` |
1846 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`snf-webproject <i-webproject>` |
1847 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`snf-cyclades-app <i-cyclades>` |
1848 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`snf-vncauthproxy <i-cyclades>` |
1849 | 301294a9 | Constantinos Venetsanopoulos | Node4: |
1850 | 301294a9 | Constantinos Venetsanopoulos | **WEBSERVER**, **CMS** |
1851 | 301294a9 | Constantinos Venetsanopoulos | Guide sections: |
1852 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`apt <i-apt>` |
1853 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`gunicorn <i-gunicorn>` |
1854 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`apache <i-apache>` |
1855 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`snf-webproject <i-webproject>` |
1856 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`snf-cloudcms <i-cms>` |
1857 | 301294a9 | Constantinos Venetsanopoulos | Node5: |
1858 | 301294a9 | Constantinos Venetsanopoulos | **ASTAKOS_DB**, **PITHOS_DB**, **CYCLADES_DB** |
1859 | 301294a9 | Constantinos Venetsanopoulos | Guide sections: |
1860 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`apt <i-apt>` |
1861 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`postgresql <i-db>` |
1862 | 301294a9 | Constantinos Venetsanopoulos | Node6: |
1863 | 301294a9 | Constantinos Venetsanopoulos | **MQ** |
1864 | 301294a9 | Constantinos Venetsanopoulos | Guide sections: |
1865 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`apt <i-apt>` |
1866 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`rabbitmq <i-mq>` |
1867 | 301294a9 | Constantinos Venetsanopoulos | Node7: |
1868 | 301294a9 | Constantinos Venetsanopoulos | **GANETI_MASTER**, **GANETI_NODE** |
1869 | 301294a9 | Constantinos Venetsanopoulos | Guide sections: |
1870 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`apt <i-apt>` |
1871 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`general <i-backends>` |
1872 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`ganeti <i-ganeti>` |
1873 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`snf-cyclades-gtools <i-gtools>` |
1874 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`snf-network <i-network>` |
1875 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`snf-image <i-image>` |
1876 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`nfdhcpd <i-network>` |
1877 | 301294a9 | Constantinos Venetsanopoulos | Node8: |
1878 | 301294a9 | Constantinos Venetsanopoulos | **GANETI_NODE** |
1879 | 301294a9 | Constantinos Venetsanopoulos | Guide sections: |
1880 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`apt <i-apt>` |
1881 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`general <i-backends>` |
1882 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`ganeti <i-ganeti>` |
1883 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`snf-cyclades-gtools <i-gtools>` |
1884 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`snf-network <i-network>` |
1885 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`snf-image <i-image>` |
1886 | 301294a9 | Constantinos Venetsanopoulos | * :ref:`nfdhcpd <i-network>` |
1887 | 301294a9 | Constantinos Venetsanopoulos | Node9: |
1888 | 301294a9 | Constantinos Venetsanopoulos | **GANETI_NODE** |
1889 | 301294a9 | Constantinos Venetsanopoulos | Guide sections: |
1890 | 301294a9 | Constantinos Venetsanopoulos | `Same as Node8` |
1891 | 301294a9 | Constantinos Venetsanopoulos | Node10: |
1892 | 301294a9 | Constantinos Venetsanopoulos | **GANETI_NODE** |
1893 | 301294a9 | Constantinos Venetsanopoulos | Guide sections: |
1894 | 301294a9 | Constantinos Venetsanopoulos | `Same as Node8` |
1895 | 301294a9 | Constantinos Venetsanopoulos | |
1896 | 301294a9 | Constantinos Venetsanopoulos | All sections: :ref:`Scale out Guide <i-synnefo>` |
1897 | 547c78f6 | Constantinos Venetsanopoulos | |
1898 | bc055d09 | Constantinos Venetsanopoulos | |
1899 | bbcd3dd1 | Constantinos Venetsanopoulos | Upgrade Notes |
1900 | bbcd3dd1 | Constantinos Venetsanopoulos | ============= |
1901 | bc055d09 | Constantinos Venetsanopoulos | |
1902 | 457fe4fc | Georgios D. Tsoukalas | .. toctree:: |
1903 | 457fe4fc | Georgios D. Tsoukalas | :maxdepth: 1 |
1904 | 457fe4fc | Georgios D. Tsoukalas | |
1905 | 1cd3daa1 | Constantinos Venetsanopoulos | v0.12 -> v0.13 <upgrade/upgrade-0.13> |
1906 | 09974606 | Georgios D. Tsoukalas | v0.13 -> v0.14 <upgrade/upgrade-0.14> |
1907 | 15151f83 | Christos Stavrakakis | v0.14 -> v0.14.2 <upgrade/upgrade-0.14.2> |
1908 | 0d14df99 | Christos Stavrakakis | v0.14.5 -> v0.14.6 <upgrade/upgrade-0.14.6> |
1909 | 774f683b | Giorgos Korfiatis | v0.14 -> v0.15 <upgrade/upgrade-0.15> |
1910 | 457fe4fc | Georgios D. Tsoukalas | |
1911 | bbcd3dd1 | Constantinos Venetsanopoulos | |
1912 | 3045e739 | Constantinos Venetsanopoulos | Changelog, NEWS |
1913 | bbcd3dd1 | Constantinos Venetsanopoulos | =============== |
1914 | bbcd3dd1 | Constantinos Venetsanopoulos | |
1915 | 15151f83 | Christos Stavrakakis | |
1916 | 0d14df99 | Christos Stavrakakis | * v0.14.7 :ref:`Changelog <Changelog-0.14.6>`, :ref:`NEWS <NEWS-0.14.7>` |
1917 | 7a59cb8f | Christos Stavrakakis | * v0.14.6 :ref:`Changelog <Changelog-0.14.6>`, :ref:`NEWS <NEWS-0.14.6>` |
1918 | d6a19bac | Christos Stavrakakis | * v0.14.5 :ref:`Changelog <Changelog-0.14.5>`, :ref:`NEWS <NEWS-0.14.5>` |
1919 | 38be3b6e | Christos Stavrakakis | * v0.14.4 :ref:`Changelog <Changelog-0.14.4>`, :ref:`NEWS <NEWS-0.14.4>` |
1920 | cda13b21 | Christos Stavrakakis | * v0.14.3 :ref:`Changelog <Changelog-0.14.3>`, :ref:`NEWS <NEWS-0.14.3>` |
1921 | 15151f83 | Christos Stavrakakis | * v0.14.2 :ref:`Changelog <Changelog-0.14.2>`, :ref:`NEWS <NEWS-0.14.2>` |
1922 | a0f672f1 | Stratos Psomadakis | * v0.14 :ref:`Changelog <Changelog-0.14>`, :ref:`NEWS <NEWS-0.14>` |
1923 | bbcd3dd1 | Constantinos Venetsanopoulos | * v0.13 :ref:`Changelog <Changelog-0.13>`, :ref:`NEWS <NEWS-0.13>` |