Rackspace Private Cloud v9.0 Software Release Notes
Transcription
Rackspace Private Cloud v9.0 Software Release Notes
rackspace.com/cloud/private Rackspace Private Cloud v9.0 Software Release Notes February 18, 2015 RPC v9.0.6 Rackspace Private Cloud v9.0 Software Release Notes RPC v9.0.6 (2015-02-18) Copyright © 2014 Rackspace All rights reserved. This document describes new features and known and resolved issues in Rackspace Private Cloud v9 releases. ii Rackspace Private Cloud v9.0 Software Release Notes February 18, 2015 RPC v9.0.6 Table of Contents 1. Preface ........................................................................................................................ 1 1.1. About Rackspace Private Cloud Software .......................................................... 1 1.2. Rackspace Private Cloud configuration .............................................................. 1 1.3. Rackspace Private Cloud support ...................................................................... 1 2. What's new in Rackspace Private Cloud v9.0 Software ................................................. 3 2.1. Operating system ............................................................................................. 3 2.2. Ansible ............................................................................................................. 3 2.3. Linux containers ............................................................................................... 3 2.4. Networking ...................................................................................................... 3 2.5. Database architecture ....................................................................................... 4 2.6. Logging ............................................................................................................ 4 2.7. Changes in v9.0.4 to v9.0.6 ............................................................................... 4 2.8. Changes in v9.0.3 ............................................................................................. 4 2.9. Changes in v9.0.2 ............................................................................................. 5 2.10. Changes in v9.0.1 ........................................................................................... 6 3. Installation .................................................................................................................. 8 4. Upgrading ................................................................................................................... 9 4.1. Prerequisites ..................................................................................................... 9 4.1.1. Upgrading to v9.0.6 ............................................................................... 9 4.2. Performing the upgrade ................................................................................. 10 4.3. Verifying the upgrade .................................................................................... 10 5. Reference architecture .............................................................................................. 12 6. Support ..................................................................................................................... 14 7. Known Issues ............................................................................................................ 15 8. Additional resources .................................................................................................. 17 8.1. Document Change History .............................................................................. 17 iii Rackspace Private Cloud v9.0 Software Release Notes February 18, 2015 RPC v9.0.6 1. Preface Rackspace Private Cloud Software has been developed by Rackspace as a way to quickly install an OpenStack private cloud, configured as recommended by Rackspace OpenStack specialists. 1.1. About Rackspace Private Cloud Software Rackspace Private Cloud Software uses Ansible to create an OpenStack cluster on Ubuntu Linux. The installation process provides a familiar approach for Linux system administrators, and the environment can be updated easily without downloading and installing a new ISO. 1.2. Rackspace Private Cloud configuration Rackspace Private Cloud Software uses Ansible and Linux Containers (LXC) to install and manage OpenStack Icehouse with the following services: • Identity (keystone) • Image Service (glance) • Compute (nova) • Networking (neutron) • Block Storage (cinder) • Orchestration (heat) • Dashboard (horizon) RPC also provides the following infrastructure, monitoring, and logging services to support OpenStack: • Galera with MariaDB • RabbitMQ • Memcached • Rsyslog • Logstash • Elasticsearch with Kibana 1.3. Rackspace Private Cloud support Rackspace offers 365x24x7 support for Rackspace Private Cloud Software. If you are interested in purchasing Escalation Support or Core Support for your cloud, or taking advantage of our training offerings, contact us at: <[email protected]>. 1 Rackspace Private Cloud v9.0 Software Release Notes February 18, 2015 RPC v9.0.6 You can also visit the RPC community forums. The forum is open to all RPC users and is moderated and maintained by Rackspace personnel and OpenStack specialists: https://community.rackspace.com/products/f/45 For more information about Rackspace Private Cloud, please visit the Rackspace Private Cloud pages: • Software and Reference Architecture • Support • Resources For any other information regarding Rackspace Private Cloud Software, refer to the Rackspace Private Cloud release notes. 2 Rackspace Private Cloud v9.0 Software Release Notes February 18, 2015 RPC v9.0.6 2. What's new in Rackspace Private Cloud v9.0 Software Rackspace Private Cloud (RPC) version 9.0 Software uses Linux Containers (LXC) managed with Ansible as the core technology. Configured by Rackspace experts, Rackspace uses this technology to deploy an OpenStack private cloud. This section lists the new features in RPC version 9. 2.1. Operating system RPC Software supports Ubuntu 14.04 exclusively. Ubuntu 14.04 provides: • Compatibility with Linux containers, VXLAN, and Linux Bridge. • The ability to use VXLAN for Neutron overlay networks. 2.2. Ansible RPC installation is automated with Ansible playbooks. Ansible is an open source IT automation framework that provides multi-node software deployment, ad hoc task execution, and configuration management. Ansible has a proven track record at Rackspace and it includes a large, well-supported library of modules. Installing RPC with Ansible provides a consistent experience across installations. Ansible playbooks are written in YAML, which makes them easy to develop, use, and troubleshoot. Ansible facilitates deploying and configuring hosts, containers, and nodes, and it enables components and configurations to be easily upgraded. In addition, Ansible is light weight, requiring only SSH and Python. There are no other clients or agents required. 2.3. Linux containers OpenStack services are installed into individual Linux containers (LXC), which provide isolation of each service and greater operational efficiency, and make it easier to upgrade your private cloud as each new version is released. Containers allow RPC to separate host management from OpenStack management and enable management of individual OpenStack components and configuration files. Containers are lightweight and resource friendly, provide comprehensive process and resource isolation, run multiple versions of an operating system on a single server, and are rapidly and easily deployed. With this technology, Rackspace creates a standard set of containers and associates those containers to a specific OpenStack release. 2.4. Networking To simplify networking, RPC uses the Neutron Linux Bridge agent. The agent lets RPC isolate OpenStack networking (Neutron) and compute (Nova) components into separate con3 Rackspace Private Cloud v9.0 Software Release Notes February 18, 2015 RPC v9.0.6 tainers. With Linux Bridge, Neutron can create bridges, namespaces, veth pairs, tunnel interfaces, and tagged sub-interfaces, which are fully encapsulated in its containers. Containers using Linux Bridge also offer scalability and the ability to work around the Icehouse restriction of one external network per L3 agent. On the container hosts, you can use a simple network configuration that consists of as many standard Linux bridges as you have provider networks that you want to expose to OpenStack. 2.5. Database architecture To improve performance and affordability, RPC uses MariaDB plus Galera. MariaDB is an easy to configure, open source database that is highly compatible with MySQL. Galera is a set of libraries that enable a true multi-master cluster based on synchronous replication. Writes on each node are synchronized simultaneously. Galera clusters work with MariaDB or other databases compatible with MySQL. Galera clusters are easily scalable and have no maximum size or node limit. Restrictions on the number of nodes are based only on the capabilities of the load balancer, the amount of bandwidth available, and space in the physical cabinet. Rackspace has improved the service components. The messaging and database services are installed in clusters. A logging server helps you identify and fix errors. These improvements help make your cloud more efficient and stable. 2.6. Logging RPC uses the ELK stack (Elasticsearch, Logstash, and Kibana) for data analytics, logging, and data visualization. Elasticsearch is a powerful, distributed search and analytics engine. Logstash parses logs into standard JSON format for readability and ease of processing. Kibana's simple and highly configurable interactive dashboard gives you near real-time insight to identify possible problems, spot trends, and maximize business value. 2.7. Changes in v9.0.4 to v9.0.6 Rackspace Private Cloud v9.0.6 Software uses open source Ansible playbooks (now available at github.com/stackforge/os-ansible-deployment) to deploy OpenStack. • For changes in version 9.0.6, see openstack-ansible v9.0.6. • Because of a change in source repositories, the best way to find changes in versions 9.0.4 and 9.0.5 is to refer to the comparison at openstack-ansible 9.0.3...9.0.5. • For changes tagged in version 9.0.4, see openstack-ansible v9.0.4. 2.8. Changes in v9.0.3 The following changes have been made in Rackspace Private Cloud v9.0.3 Software. The related GitHub issue number is listed when available. • Recursive chown of /usr/local/lib/python2.7/dist-packages to wwwdata:www-data has been removed. (Issue #367) 4 Rackspace Private Cloud v9.0 Software Release Notes February 18, 2015 RPC v9.0.6 • Alarms have been created for discovered devices. (Issue #430) • An issue with Galera startup errors has been resolved by increasing the Galera startup timeout. (Issue #411 and Issue #413) • A local socket is used for MySQL client connection. (Issue #411 and Issue #413) • A MySQL root password can now be used to shutdown MySQL. (Issue #412) 2.9. Changes in v9.0.2 The following changes have been made in Rackspace Private Cloud v9.0.2 Software. The related GitHub issue number is listed when available. • Delay time and retries for LXC cache download have been increased. (Issue #449) • /etc/cinder/cinder.conf has been updated with a cinder availability zone variable. (Issue #458) • An empty authorized_keys file has been created to resolve an issue with compute nodes failing to build the file. (Issue #478) • A misspelling of limit_container_types in the rpc_user_config.yml file has been fixed. (Issue #480) • The {{ansible_fqdn}} variable was added to the mass_local.yml for service checks on a physical host. (Issue #452) • The OS file limit for MariaDB Galera container has been increased. (Issue #410) • The mysql_max_connections variable was added to rpc_deployment/roles/ galera_config/templates/my.cnf to configure Galera and MySQL. (Issue #429) • SSH timeout in rpc_deployment/ansible.cfg has been increased to resolve intermittent SSH failures to containers. (Issue #358) • Pip installation and wheel building processes have been improved. (Issue #443) • An lxc-system-manage script has been created to manage LXC hosts. (Issue #434) • A misspelling in the rpc_deployment/roles/kibana/templates/Next-GenRPC.json, which caused Kibana dashboard to not load, has been resolved. (Issue #438) • A state file has been created for each log file to resolve an issue with rsyslog. (Issue #205) • The release version was changed to match the branch. (Issue #421) • A error with MaaS alarm creation for customers without a cloud account has been resolved. (Issue #402) • A Galera alarm has been added. (Issue #403) • An issue with the spice-html5 package not being installed by the nova-spice-console playbook has been resolved. (Issue #347) 5 Rackspace Private Cloud v9.0 Software Release Notes February 18, 2015 RPC v9.0.6 • An issue with Neutron HA cron jobs affecting other cron jobs has been resolved. (Issue #383 and Issue #378) 2.10. Changes in v9.0.1 The following changes have been made in Rackspace Private Cloud v9.0.1 Software. The related GitHub issue number is listed when available. OpenStack Compute • Errors were generated if the nova_virt_type variable in the user_variables.yml file was not set. This has been resolved by specifying KVM as the default hypervisor in the virt_type variable. (Issue #242) • Added filters to the nova scheduler to prevent overloading the host. (Issue #156) OpenStack Image Service • Replaced rackspace_cloudfiles_tenant_id with rackspace_cloud_tenant_id in the user_variables.yml file. (Issue #281) OpenStack Block Storage • Previously, cinder could not use a storage network. This has been resolved by setting iSCSI options in the cinder.conf file. (Issue #328) • The Cinder API would not start up when running the OpenStack playbook for the first time. This issue has been resolved. (Issue #261) OpenStack dashboard • Previously, online compression of CSS and JS files would result in a 404 error message. This issue has been fixed. (Issue #176) Rackspace Private Cloud monitoring • Previously, an existing monitoring token was used before running MaaS-related playbooks. This has changed to creating a token for each entity and configuring the maasagent to use the token. (Issue #263) • Running the monitoring playbook generated an error about a missing pip dependency. This issue has been resolved. (Issue #252) Other issues • An issue with Heat and Horizon logs not propagating to the logging server has been resolved. (Issue #130) • Tempest will now download a bootable CirrOS image package. (Issue #333) • An issue has been resolved with the HAProxy timeout displaying in milliseconds instead of seconds if the hap_timeout_client and hap_timeout_server variables are not set in the haproxy_config.yml file. (Issue #320) 6 Rackspace Private Cloud v9.0 Software Release Notes February 18, 2015 RPC v9.0.6 • LXC cloning operations reported a failure error if a new container already exists. This issue has been resolved. (Issue #312) • URL links to OpenStack repositories are changed to improve deployment performance and reliability. (Issue #188) • White space errors in command lines have been resolved. (Issue #192) • Tempest has been added to validate RPC deployment. (Issue #227) • A Tempest users section to the rpc_deployment/roles/tempest_resources/ tasks/main.yml file has been added. (Issue #253) • The occurrence of deadlocks in a MariaDB Galera cluster has been minimized. (Issue #290) • A misspelling of the irqbalance template has been fixed. (Issue #199) • An issue with hint messages being listed for a high traffic cluster has been resolved. (Issue #161) • The default hypervisor has been changed to KVM. (Issue #147) • The Galera xtrabackup cron job was incorrectly written and would fail. This issue has been fixed. 7 Rackspace Private Cloud v9.0 Software Release Notes February 18, 2015 RPC v9.0.6 3. Installation The Rackspace Private Cloud v9.0 Software installation has been automated with Ansible playbooks. For detailed installation instructions, see the Rackspace Private Cloud Installation Guide. 8 Rackspace Private Cloud v9.0 Software Release Notes February 18, 2015 RPC v9.0.6 4. Upgrading This chapter describes the process for upgrading an environment between minor releases, and patch releases. The upgrade process interrupts cloud management including APIs and the dashboard. However, cloud instances and services such as networking and storage should continue to operate normally. Inform users of the potential impacts of the upgrade process. 4.1. Prerequisites 1. Perform a full backup of the environment including the source repository. 2. Clone the version 9.0.x repository into the /opt directory: # cd /opt # git clone -b 9.0.6 https://github.com/stackforge/os-ansible-deployment. git 3. Review the new configuration files in the /opt/os-ansible-deployment/etc/ rpc_deploy directory. Compare them with the existing configuration files in the / etc/rpc_deploy directory and with the Release Notes to determine new features, improvements, and changes. 4. For typical deployments, update the existing rpc_user_config.yml and user_variables.yml files in the /etc/rpc_deploy directory and copy the new rpc_environment.yml file into the /etc/rpc_deploy directory. Note New features might require defining additional passwords in the user_environment.yml file. 4.1.1. Upgrading to v9.0.6 For a patch release upgrade to v9.0.6, delete all alarms (not checks) that are associated with RabbitMQ or Galera plugins using the Cloud Control Panel or API. For example, on each node this will include: • rabbitmq_disk_free_alarm_status--nodename • rabbitmq_mem_alarm_status--nodename • wsrep_local_state--nodename • wsrep_cluster_size--nodename Note This step is not required when upgrading future patch releases from v9.0.6. 9 Rackspace Private Cloud v9.0 Software Release Notes February 18, 2015 RPC v9.0.6 4.2. Performing the upgrade 1. Navigate to the /opt/os-ansible-deployment/rpc_deployment directory. 2. Run the host setup playbook, which runs a series of sub-playbooks: $ ansible-playbook -e @/etc/rpc_deploy/user_variables.yml \ playbooks/setup/host-setup.yml Confirm satisfactory completion with zero items unreachable or failed: PLAY RECAP ******************************************************************** ... deployment_host : ok=18 changed=11 unreachable=0 failed=0 3. Run the infrastructure setup playbook, which runs a series of sub-playbooks: $ ansible-playbook -e @/etc/rpc_deploy/user_variables.yml \ playbooks/infrastructure/infrastructure-setup.yml Confirm satisfactory completion with zero items unreachable or failed: PLAY RECAP ******************************************************************** ... deployment_host : ok=27 changed=0 unreachable=0 failed=0 4. Run the OpenStack setup playbook, which runs a series of sub-playbooks: $ ansible-playbook -e @/etc/rpc_deploy/user_variables.yml \ playbooks/openstack/openstack-setup.yml Confirm satisfactory completion with zero items unreachable or failed: PLAY RECAP ******************************************************************** ... deployment_host : ok=27 changed=0 unreachable=0 failed=0 5. (Optional) If adding Object Storage to the environment, see the Object Storage Deployment Guide. 4.3. Verifying the upgrade Procedure 4.1. Verifying the API 1. Access the utility container. 10 Rackspace Private Cloud v9.0 Software Release Notes February 18, 2015 2. Source the admin tenant credentials. 3. Run an OpenStack command that uses one or more APIs. For example: RPC v9.0.6 $ keystone user-list +----------------------------------+----------+---------+-------+ | id | name | enabled | email | +----------------------------------+----------+---------+-------+ | 090c1023d0184a6e8a70e26a5722710d | admin | True | | | 239e04cd3f7d49929c7ead506d118e40 | cinder | True | | | e1543f70e56041679c013612bccfd4ee | cinderv2 | True | | | bdd2df09640e47888f819057c8e80f04 | demo | True | | | 453dc7932df64cc58e36bf0ac4f64d14 | ec2 | True | | | 257da50c5cfb4b7c9ca8334bc096f344 | glance | True | | | 6e0bc047206f4f5585f7b700a8ed6e94 | heat | True | | | 187ee2e32eec4293a3fa243fa21f6dd9 | keystone | True | | | dddaca4b39194dc4bcefd0bae542c60a | neutron | True | | | f1c232f9d53c4adabb54101ccefaefce | nova | True | | | fdfbda23668c4980990708c697384050 | novav3 | True | | | 744069c771d84f1891314388c1f23686 | s3 | True | | | 4e7fdfda8d14477f902eefc8731a7fdb | swift | True | | +----------------------------------+----------+---------+-------+ Procedure 4.2. Verifying the dashboard • Using a web browser, access the dashboard and verify operation of cloud objects. 11 Rackspace Private Cloud v9.0 Software Release Notes February 18, 2015 RPC v9.0.6 5. Reference architecture The Rackspace Private Cloud (RPC) software and reference architecture deliver a stable and scalable production-ready private cloud powered by OpenStack. RPC is designed and built by the experts who co-founded OpenStack and run one of the world’s largest OpenStack-powered clouds. RPC v10 software is built on the Juno release of OpenStack. For more information, see www.rackspace.com/cloud/private/openstack/. The RPC reference architecture is a recommended set of software and infrastructure components designed to provide the scalability, stability, and high availability you need to support enterprise production workloads. Additionally, every RPC customer has access to our team of architecture advisors who provide workload-specific guidance for planning, designing, and architecting a private cloud environment to help meet your unique needs. RPC v9 Software is composed of OpenStack services, automation, and tooling. Services are grouped into logical layers, each providing key aspects of the overall solution. The following are the layers and their contents: • Rackspace Fanatical Support and training • Operations tooling layer • Ansible • Capacity planning • Cloud monitoring (MaaS) • Presentation Layer - Dashboard (horizon) • Orchestration layer (heat) • Heat-API • Heat-API-CFN • Heat-Engine • Heat templates • CloudFormation (CFN) template • Infrastructure as a service layer • Block Storage (cinder) • Compute (nova) • Identity (keystone) • Image Service (glance) • Networking (neutron) 12 Rackspace Private Cloud v9.0 Software Release Notes February 18, 2015 • Deployment automation layer • Ansible • LXC • OpenStack source • Infrastructure database • MariaDB • Galera • Infrastructure message queue • RabbitMQ • RabbitMQ clustering 13 RPC v9.0.6 Rackspace Private Cloud v9.0 Software Release Notes February 18, 2015 RPC v9.0.6 6. Support Rackspace provides support for the OpenStack software layer 24x7x365, no matter where you run your cloud. Deploy in your own data center, or host it with us, and we'll quickly provision, maintain, and scale your infrastructure for you. Whether you need us to fully monitor and manage your private cloud or just respond to support requests, we can help. RPC is backed by a team of OpenStack experts, a response time SLA, and an OpenStack API uptime guarantee. Rackspace worked with NASA to launch OpenStack, so we know it better than anyone else. We are a top contributor to OpenStack development, so you'll benefit from our deep expertise even as OpenStack evolves. For more information, see www.rackspace.com/cloud/private/openstack/support/. Because RPC v9 is significantly improved from older versions, there is no direct upgrade path. However, Rackspace has developed a full transition plan to get you upgraded to the new architecture, and will continue to support your existing installation for up to twelve months. Speak to your Rackspace Account Manager to get a personalized transition plan for your environment. Included in this transition plan are scaling services independently (for example, RabbitMQ) and encrypting all API calls with SSL termination at a physical load balancer. Depending on your transition plan, support is across Rackspace and customer data centers. 14 Rackspace Private Cloud v9.0 Software Release Notes February 18, 2015 RPC v9.0.6 7. Known Issues The following issues have been identified in Rackspace Private Cloud v9. File injection best practice When file injection is needed, Rackspace recommends enabling config-drive so that cloud-init can copy files to an instance. When performed manually, set the --config-drive attribute to true in the nova boot command, as in the following example. $ nova boot --config_drive=true --file /root/ openrc=/root/openrc \ --flavor 1 --image cirros-image You can also set an override attribute in your environment that enforces the use of config-drive at all times. "nova": { "config": "force_config_drive": true } } Nova ignores block storage device names When attaching a volume, nova ignores the specified block storage device and instead places the volume in the next sequential device. This is a known OpenStack bug. More information is available in the reports for OpenStack bug 108830 and RHEL bug 693372. OpenStack security vulnerabilities There are potential security vulnerabilities in certain OpenStack components and third party tools such as OpenSSL. For more information, see the following links: • https://wiki.openstack.org/wiki/OSSN/OSSN-0039 • https://wiki.openstack.org/wiki/OSSN/OSSN-0025 • https://wiki.openstack.org/wiki/Security_Notes#Published_Security_Notes Broken Nova instance when performing a live migration An issue with libvirt whereby a Nova instance will be broken when a live migration is performed using a configuration drive with a read-only device, such as a CDROM. For more information, see OpenStack Nova bug 1246201. Data corruption with qemu-img command The qemu-img command intermittently creates corrupted output images, when the input image is not yet fully synchronised to disk. For more information, refer to OpenStack Nova bug 1368815 and the tracking page for OpenStack Nova bug 1368815. 15 Rackspace Private Cloud v9.0 Software Release Notes February 18, 2015 RPC v9.0.6 Live migration with attached Cinder volumes is slow and corrupts data When an instance with attached Cinder volumes is block migrated, the Cinder volumes are also block migrated. If they exist on shared storage, they will be copied over the network to themselves. This causes migration to be slow, de-sparses a sparse volume, and could potentially cause data corruption. For more information, see OpenStack Nova bug 1398999. Eventlet library breaks nova-manage Eventlet library causes libvirt to stop working in Nova. For more information, see OpenStack bug 1419453. 16 Rackspace Private Cloud v9.0 Software Release Notes February 18, 2015 RPC v9.0.6 8. Additional resources These additional resources are designed help you learn more about the Rackspace Private Cloud Software and OpenStack. • If you are an advanced user and are comfortable with APIs, the OpenStack API documentation is available in the OpenStack API Documentation library. • OpenStack API Quick Start • Programming OpenStack Compute API • OpenStack Compute Developer Guide • Rackspace Private Cloud Knowledge Center • OpenStack Manuals • OpenStack API Reference • OpenStack - Nova Developer Documentation • OpenStack - Glance Developer Documentation • OpenStack - Keystone Developer Documentation • OpenStack - Horizon Developer Documentation • OpenStack - Cinder Developer Documentation 8.1. Document Change History This version replaces and obsoletes all previous versions. The most recent set of changes are listed in the following table: Revision Date Summary of Changes September 25, 2014 • Rackspace Private Cloud v9 Software General Availability release August 28, 2014 • Rackspace Private Cloud v9 Software Limited Availability release October 31, 2014 • Rackspace Private Cloud v9.0.1 Software release November 7, 2014 • Rackspace Private Cloud v9.0.2 Software release November 26, 2014 • Rackspace Private Cloud v9.0.3 Software release December 5, 2015 • Rackspace Private Cloud v9.0.4 Software release January 7, 2015 • Rackspace Private Cloud v9.0.5 Software release January 30, 2015 • Rackspace Private Cloud v9.0.6 Software release 17