Jump to content

Portal:Cloud VPS/Admin/Deployment confidence checklist

From Wikitech

This page contains a deployment confidence checklist for Cloud VPS deployments.

Is meant to be a simple list of commands and things to check to validate that a given deployment is functioning in the most basics aspects, such as networking, instance lifecyle, projects lifecyle, etc.

General networking & neutron

  • [ ] you can jump by SSH from your PC to all servers in the deployment (control, services, net, virts, etc.)
  • [ ] neutron services are loaded and running, in networking nodes, control server and in virts nodes
  • [ ] all the neutron agents are alive
  • [ ] there are nets registered in neutron
  • [ ] there are subnets registered in neutron
  • [ ] there are routers registered in neutron (at least the main one)
  • [] there are 2 HA ports for the main router
  • [] the main neutron router is in HA, living in one node
  • [ ] there are ports registered in neutron
  • [ ] neutron namespaces are in place in the networking nodes
  • [ ] linux bridges are in place in the networking nodes
  • [ ] IP addressing and routing is in place in the qrouter netns in the networking nodes
  • [ ] iptables rules are in place in the qrouter netns in the networking nodes
  • [ ] the routing_source_ip setting is correctly installed as iptables rule
  • [ ] the dmz_cidr setting is correctly installed as iptables rules
  • [ ] there is ping/ssh connectivity between the neutron qrouter netns and instances in a given network (no NAT involved)
  • [ ] there is NAT connectivity from instances to outside (routing_source_ip)
  • [ ] there is NAT connectivity from the outside to instances (floating_ip allocation)

Nova & APIs

  • [ ] all nova services are running in the control nodes
  • [ ] nova services are registered in openstack, and reportedly running
  • [ ] API endpoints exist
  • [ ] hypervisors are in place
  • [ ] hypervisors are running all the required nova services
  • [ ] instances can be created
  • [ ] instances exist once created
  • [ ] instances are properly build/scheduled/run

Keystone

  • [ ] there is networking connectivity between clients and keystone endpoints
  • [ ] if shared/collapsed keystone, the daemon only runs in one deployment
  • [ ] keystone holds endpoints for all regions/origins (and they are enabled)
  • [ ] keystone has all relevant services registered and enabled

Glance

  • [ ] images can be added (TODO links to docs?)
  • [ ] images can be listed by openstack

See also