This section describes how to install and configure the Data Protection service for Ubuntu 14.04 (LTS) and Ubuntu 16.04 (LTS).
Before you install and configure Data Protection service, you must create a database, service credentials, and API endpoints. Data Protection service also requires additional information in the Identity service.
To create the database, complete these steps:
Use the database access client to connect to the database
server as the root
user:
$ mysql -u root -p
Create the karbor
database:
CREATE DATABASE karbor;
Grant proper access to the karbor
database:
GRANT ALL PRIVILEGES ON karbor.* TO 'karbor'@'localhost' IDENTIFIED BY 'KARBOR_DBPASS';
GRANT ALL PRIVILEGES ON karbor.* TO 'karbor'@'%' IDENTIFIED BY 'KARBOR_DBPASS';
Replace KARBOR_DBPASS
with a suitable password.
Exit the database access client.
Source the admin
credentials to gain access to
admin-only CLI commands:
$ . admin-openrc
To create the service credentials, complete these steps:
Create the karbor
user:
$ openstack user create --domain default --password-prompt karbor
User Password:
Repeat User Password:
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | e0353a670a9e496da891347c589539e9 |
| enabled | True |
| id | ca2e175b851943349be29a328cc5e360 |
| name | karbor |
+-----------+----------------------------------+
Add the admin
role to the karbor
user:
$ openstack role add --project service --user karbor admin
Note
This command provides no output.
Create the karbor
service entities:
$ openstack service create --name karbor --description "Application Data Protection Service" data-protect
+-------------+-------------------------------------+
| Field | Value |
+-------------+-------------------------------------+
| description | Application Data Protection Service |
| enabled | True |
| id | 727841c6f5df4773baa4e8a5ae7d72eb |
| name | karbor |
| type | data-protect |
+-------------+-------------------------------------+
Create the Data Protection service API endpoints:
$ openstack endpoint create --region RegionOne data-protect public http://controller:8799/v1/%\(project_id\)s
+--------------+------------------------------------------+
| Field | Value |
+--------------+------------------------------------------+
| enabled | True |
| id | 3f4dab34624e4be7b000265f25049609 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 727841c6f5df4773baa4e8a5ae7d72eb |
| service_name | karbor |
| service_type | data-protect |
| url | http://controller:8799/v1/%(project_id)s |
+--------------+------------------------------------------+
$ openstack endpoint create --region RegionOne data-protect internal http://controller:8799/v1/%\(project_id\)s
+--------------+------------------------------------------+
| Field | Value |
+--------------+------------------------------------------+
| enabled | True |
| id | 3f4dab34624e4be7b000265f25049609 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 727841c6f5df4773baa4e8a5ae7d72eb |
| service_name | karbor |
| service_type | data-protect |
| url | http://controller:8799/v1/%(project_id)s |
+--------------+------------------------------------------+
$ openstack endpoint create --region RegionOne data-protect admin http://controller:8799/v1/%\(project_id\)s
+--------------+------------------------------------------+
| Field | Value |
+--------------+------------------------------------------+
| enabled | True |
| id | 3f4dab34624e4be7b000265f25049609 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 727841c6f5df4773baa4e8a5ae7d72eb |
| service_name | karbor |
| service_type | data-protect |
| url | http://controller:8799/v1/%(project_id)s |
+--------------+------------------------------------------+
Install the packages:
# pip install karbor
Edit the /etc/karbor/karbor.conf
file and complete the following
actions:
In the [database]
section, configure database access:
[database]
...
connection = mysql+pymysql://karbor:KARBOR_DBPASS@controller/karbor
Replace KARBOR_DBPASS
with the password you chose for the
Data Protection database.
In the [DEFAULT]
section,
configure RabbitMQ
message queue access:
[DEFAULT]
...
transport_url = rabbit://openstack:RABBIT_PASS@controller:5672
Replace RABBIT_PASS
with the password you chose for the
openstack
account in RabbitMQ
.
In the [keystone_authtoken]
, [trustee]
,
[clients_keystone]
, and [karbor_client]
sections,
configure Identity service access:
[keystone_authtoken]
...
www_authenticate_uri = http://keystone1.example.com/identity
auth_url = http://controller/identity_admin
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = karbor
password = KARBOR_PASS
[trustee]
...
auth_type = password
auth_url = http://controller/identity_admin
username = karbor
password = KARBOR_PASS
user_domain_name = default
[clients_keystone]
...
auth_uri = http://controller/identity_admin
[karbor_client]
...
version = 1
service_type = data-protect
service_name = karbor
Replace KARBOR_PASS
with the password you chose for the
karbor
user in the Identity service.
Populate the Data Protection database:
# su -s /bin/sh -c "karbor-manage db sync" karbor
Note
Ignore any deprecation messages in this output.
Restart the Data Protection services:
# service karbor-api restart
# service karbor-operationengine restart
# service karbor-protection restart
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.