Created
October 23, 2016 05:45
-
-
Save gnuoy/bf7484d27a4043e25150126dafb3fd39 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# https://asciinema.org/a/0wqvhrpshmvz2vcg46bvvtbul | |
# /home/liam/asciinema/keystone-demo.json | |
######################## | |
# 0) Setup and Bootstrap | |
######################## | |
# If you haven't already done so add the AWS credentials to Juju | |
juju add-credential aws | |
Enter credential name: aws-tmp | |
Using auth-type "access-key". | |
Enter access-key: JDYTWBVZODFNSGZKFMYN | |
Enter secret-key: | |
Credentials added for cloud aws. | |
# Juju needs a controller which orchestrates the management of the applications | |
juju bootstrap aws/eu-west-1 | |
############################# | |
# 1) Create and Deploy bundle | |
############################# | |
# The applications could be deployed by issuind individual juju commands but | |
# writing a bundle allows multiple applications and config to be deployed with | |
# a single command in an easily repeatable way. | |
# The command below creates the bundle for keystone, percona and a blank | |
# unit which can be used as a client | |
cat <<EOF > keystone-bundle.yaml | |
series: xenial | |
services: | |
ubuntu: | |
charm: cs:xenial/ubuntu | |
num_units: 1 | |
mysql: | |
charm: cs:trusty/percona-cluster | |
num_units: 1 | |
options: | |
dataset-size: 50% | |
root-password: changeme | |
sst-password: changeme | |
keystone: | |
charm: cs:xenial/keystone | |
num_units: 1 | |
options: | |
admin-password: openstack | |
admin-token: ubuntutesting | |
relations: | |
- [ keystone, mysql ] | |
EOF | |
juju deploy keystone-bundle.yaml | |
# A summary status of the deployment can be seen with the status command. | |
# Take a note of the keystone IP address for use later. | |
juju status | |
# Or to see the logs from the units being deployed. | |
juju debug-log | |
# Expose the instance of keystone to add ingress rules for connecting to the | |
# API service | |
juju expose keystone | |
########################## | |
# 2) Setup Keystone client | |
########################## | |
# Once the deployment is complete connect to the unit which is going to act as | |
# the client and install keystoneclient, create a novarc for authenticating | |
# with keystone and query keystone. | |
juju ssh ubuntu/0 | |
sudo apt install --yes python3-keystoneclient | |
export KEYSTONE_IP=<INSERT KEYSTONE IP HERE> | |
cat <<EOF > ~/novarc | |
export OS_USERNAME=admin | |
export OS_PASSWORD=openstack | |
export OS_TENANT_NAME=admin | |
export OS_REGION_NAME=RegionOne | |
export OS_AUTH_URL=http://${KEYSTONE_IP}:5000/v2.0 | |
EOF | |
source ~/novarc | |
keystone catalog | |
##################### | |
# 3) Debugging a hook | |
##################### | |
# The charms expose config options that can be set at deployment time or, in | |
# most cases, set after deployment. Setting a config value causes the charms | |
# config-changed hook to fire. This hook fire event can be intercepted which | |
# is useful for debugging any issues. | |
# In one session run this command to create the debug hooks session: | |
juju debug-hooks keystone/0 | |
# Then, in another session change a config option | |
juju config keystone debug=True | |
# Go back to the session from which 'debug-hooks' was run and the title at the | |
# bottom of the screen should have switched to | |
# '16.04 0:bash- # 1:config-changed*' | |
# In a debug-hooks session the low level commands that the charm uses are | |
# available. | |
# To see the config the user has set along with defaults: | |
config-get | |
# To see what data the percona application has sent: | |
relation-ids shared-db | |
shared-db:2 | |
relation-list -r shared-db:2 | |
mysql/0 | |
relation-get -r shared-db:2 - mysql/0 | |
allowed_units: keystone/0 | |
db_host: 172.31.22.125 | |
password: LCfKfxjgH7WNThNSSHBRM8cFZBCh9GrF | |
private-address: 172.31.22.125 | |
# The hook has not fired yet so the 'debug' option in keystone should still be | |
# set to 'false' | |
grep debug /etc/keystone/keystone.conf | |
debug = False | |
# Now manually run the config-changed hook | |
./hooks/config-changed | |
# The keystone.conf will have been updated and the Apache mod_wsgi service | |
# reloaded | |
grep debug /etc/keystone/keystone.conf | |
debug = True | |
# Now exit the debug hooks session, you may have to type exit multiple times | |
# until you are back on your laptop as other hook events may have been queued. | |
################################ | |
# 4) Upgrading Openstack Version | |
################################ | |
# The deployment of keystone did not pull packages from the Cloud Archive so | |
# the Openstack release which is the default for Xenial was installed which is | |
# Mitaka. The version of keystone deployed is exposed through juju status | |
juju status keystone | |
... | |
App Version Status Scale Charm Store Rev OS Notes | |
keystone 9.2.0 active 1 keystone jujucharms 258 ubuntu exposed | |
... | |
# The Keystone charm exposes a openstack-origin option which can be pointed at | |
# a cloud archive PPA to trigger an upgrade. | |
juju config keystone openstack-origin | |
distro | |
juju config keystone openstack-origin='cloud:xenial-newton' | |
# The charm takes a few minutes to perform the upgrade. Then the status | |
# reflects the upgraded version of keystone: | |
juju status keystone | |
... | |
App Version Status Scale Charm Store Rev OS Notes | |
keystone 10.0.0 active 1 keystone jujucharms 258 ubuntu exposed | |
... | |
################ | |
# 5) Scaling Out | |
################ | |
# Currently there is only one keystone unit. To share the workload out more | |
# units can be added. | |
juju add-unit keystone -n2 | |
# Juju status will now confirm there are three keystone units | |
juju status keystone | |
# The keystone url used by the client points at a single keystone unit but the | |
# keystone api service is actually behind haproxy meaning the traffic is load | |
# balanced accross all three nodes | |
juju ssh keystone/0 | |
cat /etc/haproxy/haproxy.cfg | |
# This does not give HA as if the unit that the clients OS_AUTH_URL is pointing | |
# at failed then the client would have to update OS_AUTH_URL. The charms | |
# support assigning a VIP and use corosync and pacemaker to float the vip | |
# accross the units of the application. See the charm guide from more details. | |
############### | |
# 6) Tidying up | |
############### | |
# SKIP THIS SECTION IF GOING ON TO THE CHARM AUTHOR TUTORIAL | |
# To show the name of the model | |
juju switch | |
# To remove the model and the machines | |
juju destroy-model default | |
# To show name of controller | |
juju list-controllers | |
# Remove the controller | |
# juju destroy-controller aws-eu-west-1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment