Portal:Cloud VPS/Admin/Deployment confidence checklist
This page contains a deployment confidence checklist for Cloud VPS deployments.
Is meant to be a simple list of commands and things to check to validate that a given deployment is functioning in the most basics aspects, such as networking, instance lifecyle, projects lifecyle, etc.
General networking & neutron
- [ ] you can jump by SSH from your PC to all servers in the deployment (control, services, net, virts, etc.)
- [ ] neutron services are loaded and running, in networking nodes, control server and in virts nodes
| example |
|---|
user@cloudnet2001-dev:~ $ systemctl | grep neutron
neutron-dhcp-agent.service loaded active running OpenStack Neutron DHCP agent
neutron-l3-agent.service loaded active running OpenStack Neutron L3 agent
neutron-linuxbridge-agent.service loaded active running Openstack Neutron LinuxBridge Plugin Agent
neutron-metadata-agent.service loaded active running OpenStack Neutron Metadata Agent
user@cloudvirt2003-dev:~ $ systemctl | grep neutron
neutron-linuxbridge-agent.service loaded active running Openstack Neutron LinuxBridge Plugin Agent
root@cloudcontrol1003:~# systemctl | grep neutron
neutron-server.service loaded active running OpenStack Neutron Server
|
- [ ] all the neutron agents are alive
| example |
|---|
root@cloudcontrol1003:~# neutron agent-list
+--------------------------------------+--------------------+---------------+-------------------+-------+----------------+---------------------------+
| id | agent_type | host | availability_zone | alive | admin_state_up | binary |
+--------------------------------------+--------------------+---------------+-------------------+-------+----------------+---------------------------+
| 468aef2a-8eb6-4382-abba-bc284efd9fa5 | DHCP agent | cloudnet1004 | nova | :-) | True | neutron-dhcp-agent |
| 601bef99-b53c-4e6a-b384-65d1feebedff | Metadata agent | cloudnet1003 | | :-) | True | neutron-metadata-agent |
| 8af5d8a1-2e29-40e6-baf0-3cd79a7ac77b | L3 agent | cloudnet1003 | nova | :-) | True | neutron-l3-agent |
| 970df1d1-505d-47a4-8d35-1b13c0dfe098 | L3 agent | cloudnet1004 | nova | :-) | True | neutron-l3-agent |
| 9f8833de-11a4-4395-8da5-f57fe8326659 | Linux bridge agent | cloudnet1003 | | :-) | True | neutron-linuxbridge-agent |
| ad3461d7-b79e-4279-921d-5a476e296767 | Linux bridge agent | cloudnet1004 | | :-) | True | neutron-linuxbridge-agent |
| b2f9da63-2f16-4aa5-9400-ae708a733f91 | Linux bridge agent | cloudvirt1021 | | :-) | True | neutron-linuxbridge-agent |
| d475e07d-52b3-476e-9a4f-e63b21e1075e | Metadata agent | cloudnet1004 | | :-) | True | neutron-metadata-agent |
| e382a233-e6a0-422e-9d2e-5651082783fc | Linux bridge agent | cloudvirt1022 | | :-) | True | neutron-linuxbridge-agent |
| ff2a8228-3748-4588-927b-4b6563da9ca0 | DHCP agent | cloudnet1003 | nova | :-) | True | neutron-dhcp-agent |
+--------------------------------------+--------------------+---------------+-------------------+-------+----------------+---------------------------+
|
- [ ] there are nets registered in neutron
| example |
|---|
root@cloudcontrol1003:~# neutron net-list
+--------------------------------------+---------------------------+-------------------------------------------------------+
| id | name | subnets |
+--------------------------------------+---------------------------+-------------------------------------------------------+
| 3837e807-b76f-43fd-b0f9-705406ace90d | HA network tenant admin | 9ae3e017-3bb5-4a24-b26b-8d5727420bb3 169.254.192.0/18 |
| 5c9ee953-3a19-4e84-be0f-069b5da75123 | wan-transport-eqiad | e4fb2771-a361-4add-ac4e-280cc300c59f 10.64.22.0/24 |
| | | efbb8c8a-1397-4faf-a07f-e9bcc33899b5 185.15.56.0/25 |
| 7425e328-560c-4f00-8e99-706f3fb90bb4 | lan-flat-cloudinstances2b | a69bdfad-d7d2-4cfa-8231-3d6d3e0074c9 172.16.0.0/21 |
+--------------------------------------+---------------------------+-------------------------------------------------------+
|
- [ ] there are subnets registered in neutron
| example |
|---|
root@cloudcontrol1003:~# neutron subnet-list
+--------------------------------------+------------------------------------+------------------+------------------------------------------------------+
| id | name | cidr | allocation_pools |
+--------------------------------------+------------------------------------+------------------+------------------------------------------------------+
| e4fb2771-a361-4add-ac4e-280cc300c59f | cloud-instances-transport1-b-eqiad | 10.64.22.0/24 | {"start": "10.64.22.2", "end": "10.64.22.254"} |
| efbb8c8a-1397-4faf-a07f-e9bcc33899b5 | cloud-eqiad1-floating | 185.15.56.0/25 | {"start": "185.15.56.10", "end": "185.15.56.30"} |
| 9ae3e017-3bb5-4a24-b26b-8d5727420bb3 | HA subnet tenant admin | 169.254.192.0/18 | {"start": "169.254.192.1", "end": "169.254.255.254"} |
| a69bdfad-d7d2-4cfa-8231-3d6d3e0074c9 | cloud-instances2-b-eqiad | 172.16.0.0/21 | {"start": "172.16.0.10", "end": "172.16.7.254"} |
+--------------------------------------+------------------------------------+------------------+------------------------------------------------------+
|
- [ ] there are routers registered in neutron (at least the main one)
| example |
|---|
root@cloudcontrol1003:~# neutron router-list
+--------------------------------------+---------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+------+
| id | name | external_gateway_info | distributed | ha |
+--------------------------------------+---------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+------+
| d93771ba-2711-4f88-804a-8df6fd03978a | cloudinstances2b-gw | {"network_id": "5c9ee953-3a19-4e84-be0f-069b5da75123", "enable_snat": true, "external_fixed_ips": [{"subnet_id": "e4fb2771-a361-4add-ac4e-280cc300c59f", "ip_address": "10.64.22.4"}]} | False | True |
+--------------------------------------+---------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+------+
|
- [] there are 2 HA ports for the main router
| example |
|---|
root@cloudcontrol1003:~# neutron port-list | grep "HA port"
| 6a9c8eea-0baf-459a-9854-9d2063037591 | HA port tenant admin | fa:16:3e:e7:e2:73 | {"subnet_id": "9ae3e017-3bb5-4a24-b26b-8d5727420bb3", "ip_address": "169.254.192.1"} |
| 9f522543-edb1-453f-b0d5-bd9ffdfdefca | HA port tenant admin | fa:16:3e:32:d7:1a | {"subnet_id": "9ae3e017-3bb5-4a24-b26b-8d5727420bb3", "ip_address": "169.254.192.3"} |
|
- [] the main neutron router is in HA, living in one node
| example |
|---|
root@cloudcontrol1003:~# neutron l3-agent-list-hosting-router d93771ba-2711-4f88-804a-8df6fd03978a
+--------------------------------------+--------------+----------------+-------+----------+
| id | host | admin_state_up | alive | ha_state |
+--------------------------------------+--------------+----------------+-------+----------+
| 96c14889-d181-4d9e-aacb-cd9fae14948c | cloudnet1004 | True | :-) | active |
| 8af5d8a1-2e29-40e6-baf0-3cd79a7ac77b | cloudnet1003 | True | :-) | standby |
+--------------------------------------+--------------+----------------+-------+----------+
|
- [ ] there are ports registered in neutron
| example |
|---|
root@cloudcontrol1003:~# neutron port-list
+--------------------------------------+----------------------+-------------------+--------------------------------------------------------------------------------------+
| id | name | mac_address | fixed_ips |
+--------------------------------------+----------------------+-------------------+--------------------------------------------------------------------------------------+
| 52d27be1-d697-4148-98b9-bdb7d9a9fa1c | | fa:16:3e:5f:b2:e1 | {"subnet_id": "a69bdfad-d7d2-4cfa-8231-3d6d3e0074c9", "ip_address": "172.16.0.67"} |
| 6a8a4618-a4ea-453e-9258-69f02de81808 | | fa:16:3e:fb:44:36 | {"subnet_id": "a69bdfad-d7d2-4cfa-8231-3d6d3e0074c9", "ip_address": "172.16.0.22"} |
| 6a9c8eea-0baf-459a-9854-9d2063037591 | HA port tenant admin | fa:16:3e:e7:e2:73 | {"subnet_id": "9ae3e017-3bb5-4a24-b26b-8d5727420bb3", "ip_address": "169.254.192.1"} |
| 73e77aa1-57fa-4fc1-802b-fb14d49b4899 | | fa:16:3e:5a:39:7b | {"subnet_id": "efbb8c8a-1397-4faf-a07f-e9bcc33899b5", "ip_address": "185.15.56.11"} |
| 9f522543-edb1-453f-b0d5-bd9ffdfdefca | HA port tenant admin | fa:16:3e:32:d7:1a | {"subnet_id": "9ae3e017-3bb5-4a24-b26b-8d5727420bb3", "ip_address": "169.254.192.3"} |
| ca4cb8c7-bfb8-440b-8e41-74bb8e834717 | | fa:16:3e:93:02:b2 | {"subnet_id": "e4fb2771-a361-4add-ac4e-280cc300c59f", "ip_address": "10.64.22.4"} |
| d92f52a9-c16c-4315-9259-d022380c939e | | fa:16:3e:d5:a5:6d | {"subnet_id": "a69bdfad-d7d2-4cfa-8231-3d6d3e0074c9", "ip_address": "172.16.0.11"} |
| da9b7d61-553d-4413-8b1d-31322ca95fea | | fa:16:3e:bc:b5:db | {"subnet_id": "a69bdfad-d7d2-4cfa-8231-3d6d3e0074c9", "ip_address": "172.16.0.23"} |
| defc9d1d-4078-4ebc-9893-07a7299ce071 | | fa:16:3e:ae:f5:88 | {"subnet_id": "a69bdfad-d7d2-4cfa-8231-3d6d3e0074c9", "ip_address": "172.16.0.1"} |
| f0bc15ed-4fcf-4671-9d9a-26bf44433e5f | | fa:16:3e:20:fd:2a | {"subnet_id": "a69bdfad-d7d2-4cfa-8231-3d6d3e0074c9", "ip_address": "172.16.0.10"} |
+--------------------------------------+----------------------+-------------------+--------------------------------------------------------------------------------------+
|
- [ ] neutron namespaces are in place in the networking nodes
| example |
|---|
user@cloudnet2002-dev:~ $ ip netns list | grep ^q
qdhcp-60aa9467-253c-4fdf-9fa0-eba42dafc975
qrouter-5712e22e-134a-40d3-a75a-1c9b441717ad
qdhcp-05a5494a-184f-4d5c-9e98-77ae61c56daa
|
- [ ] linux bridges are in place in the networking nodes
| example |
|---|
user@cloudnet2002-dev:~ $ sudo brctl show
bridge name bridge id STP enabled interfaces
br-external 8000.782bcb48f962 no eth1.2120
tap666fcda7-04
br-internal 8000.0a6f8790e216 no eth1.2105
tap21e10025-d4
tapfcf1a098-9d
brqd967e056-ef 8000.7ae1dacde668 no tapdb1b15f9-ac
vxlan-1
|
- [ ] IP addressing and routing is in place in the qrouter netns in the networking nodes
| example |
|---|
user@cloudnet2002-dev:~ $ sudo ip netns exec qrouter-5712e22e-134a-40d3-a75a-1c9b441717ad ip r
default via 10.192.22.1 dev qg-666fcda7-04
10.192.22.0/24 dev qg-666fcda7-04 proto kernel scope link src 10.192.22.4
169.254.0.0/24 dev ha-db1b15f9-ac proto kernel scope link src 169.254.0.1
169.254.192.0/18 dev ha-db1b15f9-ac proto kernel scope link src 169.254.192.2
172.16.128.0/24 dev qr-21e10025-d4 proto kernel scope link src 172.16.128.1
172.16.129.0/24 dev qg-666fcda7-04 scope link
|
- [ ] iptables rules are in place in the qrouter netns in the networking nodes
| example |
|---|
aborrero@cloudnet2002-dev:~ $ sudo ip netns exec qrouter-5712e22e-134a-40d3-a75a-1c9b441717ad iptables-save | wc -l
101
|
- [ ] the routing_source_ip setting is correctly installed as iptables rule
| example |
|---|
user@cloudnet2003-dev:~ $ sudo grep routing_source_ip /etc/neutron/l3_agent.ini
routing_source_ip = 172.16.129.254
user@cloudnet2003-dev:~ $ sudo ip netns exec qrouter-5712e22e-134a-40d3-a75a-1c9b441717ad iptables-save -c | grep 172.16.129.254
[3587:272612] -A neutron-l3-agent-snat -o qg-1290224c-b1 -j SNAT --to-source 172.16.129.254
[0:0] -A neutron-l3-agent-snat -m mark ! --mark 0x2/0xffff -m conntrack --ctstate DNAT -j SNAT --to-source 172.16.129.254
|
- [ ] the dmz_cidr setting is correctly installed as iptables rules
| example |
|---|
user@cloudnet2003-dev:~ $ grep dmz_cidr /etc/neutron/l3_agent.ini
dmz_cidr = 172.16.128.0/24:10.0.0.0/8,172.16.128.0/24:208.80.155.0/22
user@cloudnet2003-dev:~ $ sudo ip netns exec qrouter-5712e22e-134a-40d3-a75a-1c9b441717ad iptables-save -c | grep 172.16.128.0 | grep 10.0.0.0
[3:180] -A neutron-l3-agent-POSTROUTING -s 172.16.128.0/24 -d 10.0.0.0/8 -j ACCEPT
user@cloudnet2003-dev:~ $ sudo ip netns exec qrouter-5712e22e-134a-40d3-a75a-1c9b441717ad iptables-save -c | grep 172.16.128.0 | grep 208.80.155.0
[3:180] -A neutron-l3-agent-POSTROUTING -s 172.16.128.0/24 -d 208.80.155.0/22 -j ACCEPT
|
- [ ] there is ping/ssh connectivity between the neutron qrouter netns and instances in a given network (no NAT involved)
- [ ] there is NAT connectivity from instances to outside (routing_source_ip)
- [ ] there is NAT connectivity from the outside to instances (floating_ip allocation)
Nova & APIs
- [ ] all nova services are running in the control nodes
| example |
|---|
user@labtestcontrol2003:~ $ systemctl | grep nova
nova-api.service loaded active running OpenStack Compute API
nova-conductor.service loaded active running OpenStack Compute Conductor
nova-scheduler.service loaded active running OpenStack Compute Scheduler
|
- [ ] nova services are registered in openstack, and reportedly running
| example |
|---|
root@cloudcontrol1003:~# openstack compute service list
+----+----------------+------------------+----------+---------+-------+----------------------------+
| Id | Binary | Host | Zone | Status | State | Updated At |
+----+----------------+------------------+----------+---------+-------+----------------------------+
| 12 | nova-compute | cloudvirt1021 | nova | enabled | up | 2018-07-20T12:31:42.000000 |
| 13 | nova-compute | cloudvirt1022 | nova | enabled | up | 2018-07-20T12:31:41.000000 |
| 14 | nova-conductor | cloudcontrol1004 | internal | enabled | down | None |
| 15 | nova-scheduler | cloudcontrol1003 | internal | enabled | up | 2018-07-20T12:31:41.000000 |
| 16 | nova-conductor | cloudcontrol1003 | internal | enabled | up | 2018-07-20T12:31:41.000000 |
+----+----------------+------------------+----------+---------+-------+----------------------------+
|
- [ ] API endpoints exist
| example |
|---|
root@labtestcontrol2003:~# openstack endpoint list
+----------------------------------+-------------+--------------+--------------+---------+-----------+----------------------------------------------+
| ID | Region | Service Name | Service Type | Enabled | Interface | URL |
+----------------------------------+-------------+--------------+--------------+---------+-----------+----------------------------------------------+
| 003ca1ecfc864bc0aadeaf11f9d98fe9 | codfw1dev-r | nova | compute | True | admin | http://208.80.153.75:8774/v2.1/%(tenant_id)s |
| 1442a8e399bb459a9926556964d89721 | codfw1dev-r | nova | compute | True | internal | http://208.80.153.75:8774/v2.1/%(tenant_id)s |
| 3aa66a2bf68b4d07bafe460ff82109f1 | codfw1dev-r | keystone | identity | True | public | http://208.80.153.75:5000/v3 |
| 4714a76745fb4c19b4ba789fffb16a4e | codfw1dev-r | neutron | network | True | public | http://208.80.153.75:9696 |
| 479cc0dd948e48bbb627bb16c130db10 | codfw1dev-r | keystone | identity | True | admin | http://208.80.153.75:35357/v3 |
| 727b73a1cac247499aa8b61184b046ae | codfw1dev-r | glance | image | True | admin | http://208.80.153.75:9292 |
| 92c452ca089b4e268aa9bccee0b140fe | codfw1dev-r | glance | image | True | internal | http://208.80.153.75:9292 |
| 9ee5d0c6d1fb4259a4f554b70c60a25b | codfw1dev-r | neutron | network | True | admin | http://208.80.153.75:9696 |
| a664a2ffc1e24361b52788401b0c548c | codfw1dev-r | nova | compute | True | public | http://208.80.153.75:8774/v2.1/%(tenant_id)s |
| c185bedb66f1419baa65fbe5f790eb03 | codfw1dev-r | neutron | network | True | internal | http://208.80.153.75:9696 |
| ce631259fade4e1c9cb70227f031e4a6 | codfw1dev-r | glance | image | True | public | http://208.80.153.75:9292 |
| d284fcee9d384a8592972ae8862dcdb5 | codfw1dev-r | keystone | identity | True | internal | http://208.80.153.75:5000/v3 |
+----------------------------------+-------------+--------------+--------------+---------+-----------+----------------------------------------------+
|
- [ ] hypervisors are in place
| example |
|---|
root@labtestcontrol2003:~# openstack hypervisor list
+----+------------------------------+
| ID | Hypervisor Hostname |
+----+------------------------------+
| 1 | labtestvirt2003.codfw.wmnet |
| 2 | labtestmetal2001.codfw.wmnet |
+----+------------------------------+
|
- [ ] hypervisors are running all the required nova services
| example |
|---|
aborrero@labtestmetal2001:~ $ systemctl | grep nova
var-lib-nova-instances.mount loaded active mounted /var/lib/nova/instances
nova-compute.service loaded active running OpenStack Compute
|
- [ ] instances can be created
| example |
|---|
root@labtestcontrol2003:~# openstack server create --flavor 2 --image 66e544e8-fe4f-41f7-9809-6723e53b5a99 --nic net-id=05a5494a-184f-4d5c-9e98-77ae61c56daa aborrero-test1
+--------------------------------------+-----------------------------------------------------+
| Field | Value |
+--------------------------------------+-----------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | |
| OS-EXT-SRV-ATTR:host | None |
| OS-EXT-SRV-ATTR:hypervisor_hostname | None |
| OS-EXT-SRV-ATTR:instance_name | i-00000038 |
| OS-EXT-STS:power_state | 0 |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | None |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | |
| adminPass | JEfj5rsetQJa |
| config_drive | |
| created | 2018-06-07T13:04:35Z |
| flavor | m1.small (2) |
| hostId | |
| id | 59f194fd-637d-47b6-bb14-0e40c53fff21 |
| image | stretch-pass (66e544e8-fe4f-41f7-9809-6723e53b5a99) |
| key_name | None |
| name | aborrero-test1 |
| os-extended-volumes:volumes_attached | [] |
| progress | 0 |
| project_id | admin |
| properties | |
| security_groups | [{u'name': u'default'}] |
| status | BUILD |
| updated | 2018-06-07T13:04:35Z |
| user_id | novaadmin |
+--------------------------------------+-----------------------------------------------------+
|
- [ ] instances exist once created
| example |
|---|
root@labtestcontrol2003:~# openstack server list
+--------------------------------------+----------------------+--------+-----------------------------------+
| ID | Name | Status | Networks |
+--------------------------------------+----------------------+--------+-----------------------------------+
| 59f194fd-637d-47b6-bb14-0e40c53fff21 | aborrero-test1 | ACTIVE | flatcloudinstancesb=172.16.128.54 |
| 7cfea89f-f781-466a-a5a7-ea14438380fe | stretch-post-mergev2 | ACTIVE | flatcloudinstancesb=172.16.128.52 |
| fc947630-5b3f-4d45-b58e-b13aed7618b1 | stretch-post-mergev1 | ACTIVE | flatcloudinstancesb=172.16.128.51 |
+--------------------------------------+----------------------+--------+-----------------------------------+
|
- [ ] instances are properly build/scheduled/run
| example |
|---|
root@labtestcontrol2003:~# openstack server show 59f194fd-637d-47b6-bb14-0e40c53fff21
+--------------------------------------+----------------------------------------------------------+
| Field | Value |
+--------------------------------------+----------------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | nova |
| OS-EXT-SRV-ATTR:host | labtestmetal2001 |
| OS-EXT-SRV-ATTR:hypervisor_hostname | labtestmetal2001.codfw.wmnet |
| OS-EXT-SRV-ATTR:instance_name | i-00000038 |
| OS-EXT-STS:power_state | 1 |
| OS-EXT-STS:task_state | None |
| OS-EXT-STS:vm_state | active |
| OS-SRV-USG:launched_at | 2018-06-07T13:04:55.000000 |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | flatcloudinstancesb=172.16.128.54 |
| config_drive | |
| created | 2018-06-07T13:04:35Z |
| flavor | m1.small (2) |
| hostId | b0b32e635c05d9820dd77272fd65d061c81f638cd345ac2d450b7f25 |
| id | 59f194fd-637d-47b6-bb14-0e40c53fff21 |
| image | stretch-pass (66e544e8-fe4f-41f7-9809-6723e53b5a99) |
| key_name | None |
| name | aborrero-test1 |
| os-extended-volumes:volumes_attached | [] |
| progress | 0 |
| project_id | admin |
| properties | |
| security_groups | [{u'name': u'default'}] |
| status | ACTIVE |
| updated | 2018-06-07T13:04:55Z |
| user_id | novaadmin |
+--------------------------------------+----------------------------------------------------------+
|
Keystone
- [ ] there is networking connectivity between clients and keystone endpoints
- [ ] if shared/collapsed keystone, the daemon only runs in one deployment
- [ ] keystone holds endpoints for all regions/origins (and they are enabled)
| example |
|---|
mysql> select s.type, s.extra, e.interface, e.url, e.region_id from endpoint e join service s where e.service_id = s.id order by e.region_id;
+----------+-------------------------------------------------------------------+-----------+--------------------------------------------------------------+-------------+
| type | extra | interface | url | region_id |
+----------+-------------------------------------------------------------------+-----------+--------------------------------------------------------------+-------------+
| image | {"name": "glance", "description": "OpenStack Image Service"} | internal | http://labtestcontrol2001.wikimedia.org:9292 | codfw |
| image | {"name": "glance", "description": "OpenStack Image Service"} | public | http://labtestcontrol2001.wikimedia.org:9292 | codfw |
| image | {"name": "glance", "description": "OpenStack Image Service"} | admin | http://labtestcontrol2001.wikimedia.org:9292 | codfw |
| dns | {"description": "Designate", "name": "designate"} | public | http://labtestservices2001.wikimedia.org:9001 | codfw |
| dns | {"description": "Designate", "name": "designate"} | internal | http://labtestservices2001.wikimedia.org:9001 | codfw |
| dns | {"description": "Designate", "name": "designate"} | admin | http://labtestservices2001.wikimedia.org:9001 | codfw |
| proxy | {"name": "proxy"} | public | http://208.80.155.199:5668/dynamicproxy-api/v1/$(tenant_id)s | codfw |
| proxy | {"name": "proxy"} | internal | http://208.80.155.199:5668/dynamicproxy-api/v1/$(tenant_id)s | codfw |
| proxy | {"name": "proxy"} | admin | http://208.80.155.199:5668/dynamicproxy-api/v1/$(tenant_id)s | codfw |
| identity | {"name": "keystone", "description": "OpenStack Identity Service"} | internal | http://labtestcontrol2003.wikimedia.org:5000/v3 | codfw |
| identity | {"name": "keystone", "description": "OpenStack Identity Service"} | public | http://labtestcontrol2003.wikimedia.org:5000/v3 | codfw |
| identity | {"name": "keystone", "description": "OpenStack Identity Service"} | admin | http://labtestcontrol2003.wikimedia.org:35357/v3 | codfw |
| compute | {"name": "nova", "description": "OpenStack Compute Service"} | public | http://labtestnet2001.codfw.wmnet:8774/v2 | codfw |
| compute | {"name": "nova", "description": "OpenStack Compute Service"} | admin | http://labtestnet2001.codfw.wmnet:8774/v2 | codfw |
| compute | {"name": "nova", "description": "OpenStack Compute Service"} | internal | http://labtestnet2001.codfw.wmnet:8774/v2 | codfw |
| image | {"name": "glance", "description": "OpenStack Image Service"} | admin | http://208.80.153.75:9292 | codfw1dev-r |
| image | {"name": "glance", "description": "OpenStack Image Service"} | public | http://208.80.153.75:9292 | codfw1dev-r |
| image | {"name": "glance", "description": "OpenStack Image Service"} | internal | http://208.80.153.75:9292 | codfw1dev-r |
| network | {"description": "OpenStack Networking", "name": "neutron"} | public | http://208.80.153.75:9696 | codfw1dev-r |
| network | {"description": "OpenStack Networking", "name": "neutron"} | internal | http://208.80.153.75:9696 | codfw1dev-r |
| network | {"description": "OpenStack Networking", "name": "neutron"} | admin | http://208.80.153.75:9696 | codfw1dev-r |
| identity | {"name": "keystone", "description": "OpenStack Identity Service"} | admin | http://208.80.153.75:35357/v3 | codfw1dev-r |
| identity | {"name": "keystone", "description": "OpenStack Identity Service"} | internal | http://208.80.153.75:5000/v3 | codfw1dev-r |
| identity | {"name": "keystone", "description": "OpenStack Identity Service"} | public | http://208.80.153.75:5000/v3 | codfw1dev-r |
| compute | {"name": "nova", "description": "OpenStack Compute Service"} | admin | http://208.80.153.75:8774/v2.1 | codfw1dev-r |
| compute | {"name": "nova", "description": "OpenStack Compute Service"} | public | http://208.80.153.75:8774/v2.1 | codfw1dev-r |
| compute | {"name": "nova", "description": "OpenStack Compute Service"} | internal | http://208.80.153.75:8774/v2.1 | codfw1dev-r |
+----------+-------------------------------------------------------------------+-----------+--------------------------------------------------------------+-------------+
root@cloudcontrol1003:~# openstack endpoint list
+----------------------------------+----------+--------------+--------------+---------+-----------+-----------------------------------------------------------------------+
| ID | Region | Service Name | Service Type | Enabled | Interface | URL |
+----------------------------------+----------+--------------+--------------+---------+-----------+-----------------------------------------------------------------------+
| 03ee231bc6334fd19edb32e9c6fa7465 | eqiad | designate | dns | True | admin | http://labservices1001.wikimedia.org:9001 |
| 0a1eb902933c4652ad41e6450fe436ee | eqiad1-r | neutron | network | True | public | http://cloudcontrol1003.wikimedia.org:9696 |
| 1693cb5c47114161af07338765650cac | eqiad | glance | image | True | internal | http://labcontrol1001.wikimedia.org:9292 |
| 1fe91d5e2ea344a18870a90e3abe310c | eqiad1-r | nova | compute | True | internal | http://cloudcontrol1003.wikimedia.org:8774/v2.1 |
| 26038b5357844ec2816bbd6f06a8ee15 | eqiad | keystone | identity | True | public | http://cloudcontrol1003.wikimedia.org:5000/v3 |
| 28b4f3ada7984ee9aef1a40c38b52417 | eqiad1-r | glance | image | True | admin | http://cloudcontrol1003.wikimedia.org:9292 |
| 30778a2f853843a3ae49a485919910fb | eqiad1-r | neutron | network | True | admin | http://cloudcontrol1003.wikimedia.org:9696 |
| 32cf600161824ed5a46fd850d4bf4e27 | eqiad | proxy | proxy | True | public | http://proxy-eqiad.wmflabs.org:5668/dynamicproxy-api/v1/$(tenant_id)s |
| 4578c49346db479ab6d5b7961af8f60a | eqiad1-r | nova | compute | True | public | http://cloudcontrol1003.wikimedia.org:8774/v2.1 |
| 45f80e2d476b4408b388152e8edc1eac | eqiad | proxy | proxy | True | admin | http://proxy-eqiad.wmflabs.org:5668/dynamicproxy-api/v1/$(tenant_id)s |
| 4641c47238a14c68b45e831f7ec89b24 | eqiad | nova | compute | True | public | http://labnet1001.eqiad.wmnet:8774/v2.1 |
| 4c1a383c90344c51978b6848c22836f9 | eqiad1-r | neutron | network | True | internal | http://cloudcontrol1003.wikimedia.org:9696 |
| 655c239fd6e94e6981358811efd01b4e | eqiad | glance | image | True | admin | http://labcontrol1001.wikimedia.org:9292 |
| 6fcd6be1f49d4d928ffedf44e6df0086 | eqiad | nova | compute | True | internal | http://labnet1001.eqiad.wmnet:8774/v2.1 |
| 73b78e5e22004fb098ec7dca57b0b873 | eqiad | proxy | proxy | True | internal | http://proxy-eqiad.wmflabs.org:5668/dynamicproxy-api/v1/$(tenant_id)s |
| 7c1fb33eb39f4eb19be510555cebd542 | eqiad1-r | keystone | identity | True | admin | http://cloudcontrol1003.wikimedia.org:35357/v3 |
| 989fbfc7878244dab849d1c49051f2ba | eqiad | keystone | identity | True | admin | http://cloudcontrol1003.wikimedia.org:35357/v3 |
| a07a647fbb67452882793377ca9eab52 | eqiad | glance | image | True | public | http://labcontrol1001.wikimedia.org:9292 |
| b2621389830a4b29adb19886b8a28176 | eqiad | designate | dns | True | public | http://labservices1001.wikimedia.org:9001 |
| b966114d88334679b4d32f61c5dcfb31 | eqiad | nova | compute | True | admin | http://labnet1001.eqiad.wmnet:8774/v2.1 |
| be7a84a1af114f94bd1d6cc48b374413 | eqiad1-r | keystone | identity | True | public | http://cloudcontrol1003.wikimedia.org:5000/v3 |
| c71299aff8da47c7a03f3a2184d8b64b | eqiad1-r | glance | image | True | internal | http://cloudcontrol1003.wikimedia.org:9292 |
| ce6257db56114db09ea14e55c62b73cd | eqiad1-r | nova | compute | True | admin | http://cloudcontrol1003.wikimedia.org:8774/v2.1 |
| e0ae0c5907f646fca23b13e73f2eb725 | eqiad | keystone | identity | True | internal | http://cloudcontrol1003.wikimedia.org:5000/v3 |
| e1d0f85948f04bca9fd8d7628703a225 | eqiad | designate | dns | True | internal | http://labservices1001.wikimedia.org:9001 |
| f922afd9417448028ce02734e0420a0b | eqiad1-r | glance | image | True | public | http://cloudcontrol1003.wikimedia.org:9292 |
| fb991347d1d8409c9977ef0883e0917c | eqiad1-r | keystone | identity | True | internal | http://cloudcontrol1003.wikimedia.org:5000/v3 |
+----------------------------------+----------+--------------+--------------+---------+-----------+-----------------------------------------------------------------------+
|
- [ ] keystone has all relevant services registered and enabled
| example |
|---|
root@cloudcontrol1003:~# openstack service list
+----------------------------------+-----------+----------+
| ID | Name | Type |
+----------------------------------+-----------+----------+
| 11fe8a810dde48a38dd6cbc93a2af3fb | keystone | identity |
| 28918e0f872b48f2926fc26fe763f8d6 | neutron | network |
| 41c110a8786a4e4d8ff6247b6ec755dc | proxy | proxy |
| 55d1efd5692846e3ad72c23ed1b368da | glance | image |
| dc67bf4563cc444fbb4525abdda4982a | nova | compute |
| f797f95630be4d008a67eab562e212e3 | designate | dns |
+----------------------------------+-----------+----------+
root@cloudcontrol1003:~# openstack service show 28918e0f872b48f2926fc26fe763f8d6
+---------+----------------------------------+
| Field | Value |
+---------+----------------------------------+
| enabled | True |
| id | 28918e0f872b48f2926fc26fe763f8d6 |
| name | neutron |
| type | network |
+---------+----------------------------------+
|
Glance
- [ ] images can be added (TODO links to docs?)
- [ ] images can be listed by openstack
| example |
|---|
root@labtestcontrol2003:~# openstack image list
+--------------------------------------+--------------+--------+
| ID | Name | Status |
+--------------------------------------+--------------+--------+
| 66e544e8-fe4f-41f7-9809-6723e53b5a99 | stretch-pass | active |
| 741a0fd8-dded-47d9-931b-83a7a79efd20 | jessie-pw | active |
| b82a6ef8-0bec-41da-974c-ee9d37191985 | jessie | active |
+--------------------------------------+--------------+--------+
|
See also
- Main bootstrapping documents: Portal:Cloud_VPS/Admin/Bootstrap
- Documentation about the different deployments: Portal:Cloud_VPS/Admin/Deployments