Installing on Kolla Ussuri

This page lists all steps required to deploy TrilioVault components on Kolla-ansible deployed OpenStack cloud.

1] Plan for Deployment

1.1] Select backup target type

Backup target storage is used to store backup images taken by TrilioVault and details needed for configuration:

Following backup target types are supported by TrilioVault. Select one of them and get it ready before proceeding to the next step.

a) NFS

Need NFS share path

b) Amazon S3

- S3 Access Key - Secret Key - Region - Bucket name

c) Other S3 compatible storage (Like, Ceph based S3)

- S3 Access Key - Secret Key - Region - Endpoint URL (Valid for S3 other than Amazon S3) - Bucket name

2] Clone TrilioVault Deployment Scripts

Clone triliovault-cfg-scripts GitHub repository on Kolla ansible server at '/root' or any other directory of your preference. Afterwards, copy TrilioVault Ansible role into Kolla-ansible roles directory

git clone -b stable/4.1 https://github.com/trilioData/triliovault-cfg-scripts.git
cd triliovault-cfg-scripts/kolla-ansible/
# For Centos and Ubuntu
cp -R ansible/roles/triliovault /usr/local/share/kolla-ansible/ansible/roles/

3] Hook TrilioVault deployment scripts to Kolla-ansible deploy scripts

3.1] Add TrilioVault global variables to globals.yml

## For Centos and Ubuntu
- Take backup of globals.yml
cp /etc/kolla/globals.yml /opt/
- Append TrilioVault global variables to globals.yml
cat ansible/triliovault_globals.yml >> /etc/kolla/globals.yml

3.2] Add TrilioVault passwords to kolla passwords.yaml

Append triliovault_passwords.yml to /etc/kolla/passwords.yml. Passwords are empty. Set these passwords manually in the /etc/kolla/passwords.yml.

## For Centos and Ubuntu
- Take backup of passwords.yml
cp /etc/kolla/passwords.yml /opt/
- Append TrilioVault global variables to passwords.yml
cat ansible/triliovault_passwords.yml >> /etc/kolla/passwords.yml
- Edit '/etc/kolla/passwords.yml', go to end of the file and set trilio passwords.

3.3] Append TrilioVault site.yml content to kolla ansible’s site.yml

# For Centos and Ubuntu
- Take backup of site.yml
cp /usr/local/share/kolla-ansible/ansible/site.yml /opt/
- Append TrilioVault code to site.yml
cat ansible/triliovault_site.yml >> /usr/local/share/kolla-ansible/ansible/site.yml

3.4] Append triliovault_inventory.txt to your cloud’s kolla-ansible inventory file.

For example:
If your inventory file name path '/root/multinode' then use following command.
cat ansible/triliovault_inventory.txt >> /root/multinode

4] Edit globals.yml to set TrilioVault parameters

Edit /etc/kolla/globals.yml file to fill TrilioVault backup target and build details. You will find the TrilioVault related parameters at the end of globals.yml file. Details like TrilioVault build version, backup target type, backup target details, etc need to be filled out.

Following is the list of parameters that the user needs to edit.

TrilioVault 4.1 GA Tag is: 4.1.94-Ussuri

Parameter

Defaults/choices

comments

triliovault_tag

TrilioVault GA BUILD VERSION

tag looks like: <TrilioVault Version>-<Openstack Release>

Example: 4.1.94-Ussuri

horizon_image_full

Keep Default

By default will the TrilioVault Horizon container not get deployed.

Uncomment this parameter to deploy TrilioVault Horizon container instead of Openstack Horizon container.

triliovault_docker_username

triliovault_docker_password

triliovault_docker_registry

Default value: docker.io

Edit this value if a different container registry for TrilioVault containers is to be used. Containers need to be pulled from docker.io and pushed to chosen registry first.

triliovault_backup_target

  • nfs

  • amazon_s3

  • ceph_s3

nfs if the backup target is NFS

amazon_s3 if the backup target is Amazon S3

ceph_s3 if the backup target type is S3 but not amazon S3.

triliovault_nfs_shares

<NFS-IP/FQDN>:/<NFS path>

NFS share path example: ‘192.168.122.101:/nfs/tvault’

triliovault_nfs_options

'nolock,soft,timeo=180, intr,lookupcache=none'

These parameter set NFS mount options. Keep default values, unless a special requirement exists.

triliovault_s3_access_key

S3 Access Key

Valid for amazon_s3 and ceph_s3

triliovault_s3_secret_key

S3 Secret Key

Valid for amazon_s3 and ceph_s3

triliovault_s3_region_name

  • Default value: us-east-1

  • S3 Region name

Valid for amazon_s3 and ceph_s3

If s3 storage doesn't have region parameter keep default

triliovault_s3_bucket_name

S3 Bucket name

Valid for amazon_s3 and ceph_s3

triliovault_s3_endpoint_url

S3 Endpoint URL

Valid for ceph_s3 only

triliovault_s3_ssl_enabled

  • True

  • False

Valid for ceph_s3 only

Set true for SSL enabled S3 endpoint URL

triliovault_s3_ssl_cert_file_name

s3-cert.pem

Valid for ceph_s3 only with SSL enabled and self signed certificates

OR issued by a private authority. In this case, copy the ceph s3 ca chain file to/etc/kolla/config/triliovault/

directory on ansible server. Create this directory if it does not exist already.

triliovault_copy_ceph_s3_ssl_cert

  • True

  • False

Valid for ceph_s3 only

Set to True when: SSL enabled with self-signed certificates or issued by a private authority.

In the case of a different registry than docker hub, TrilioVault containers need to be pulled from docker.io and pushed to preferred registries.

Following are the triliovault container image URLs. Replace kolla_base_distro and triliovault_tag variables with their values.

1. docker.io/trilio/{{ kolla_base_distro }}-binary-trilio-datamover-api:{{ triliovault_tag}}
2. docker.io/trilio/{{ kolla_base_distro }}-binary-trilio-datamover:{{ triliovault_tag}}
3. docker.io/trilio/{{ kolla_base_distro }}-binary-trilio-horizon-plugin:{{ triliovault_tag}}
###EXAMPLE BASED ON 4.1 GA AND UBUNTU BASE DISTRO
docker.io/trilio/ubuntu-binary-trilio-datamover-api:4.1.94-ussuri
docker.io/trilio/ubuntu-binary-trilio-datamover:4.1.94-ussuri
docker.io/trilio/ubuntu-binary-trilio-horizon-plugin:4.1.94-ussuri

5] Enable TrilioVault Snapshot mount feature

To enable TrilioVault's Snapshot mount feature it is necessary to make the TrilioVault Backup target available to the nova-compute and nova-libvirt containers.

Edit /usr/local/share/kolla-ansible/ansible/roles/nova-cell/defaults/main.yml and find nova_libvirt_default_volumes variable. Append the TrilioVault mount bind /var/trilio:/var/trilio:shared to the list of already existing volumes.

For a default Kolla installation, will the variable look as follows afterward:

nova_libvirt_default_volumes:
- "{{ node_config_directory }}/nova-libvirt/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_os_family == 'Debian' else '' }}"
- "/lib/modules:/lib/modules:ro"
- "/run/:/run/:shared"
- "/dev:/dev"
- "/sys/fs/cgroup:/sys/fs/cgroup"
- "kolla_logs:/var/log/kolla/"
- "libvirtd:/var/lib/libvirt"
- "{{ nova_instance_datadir_volume }}:/var/lib/nova/"
- "{% if enable_shared_var_lib_nova_mnt | bool %}/var/lib/nova/mnt:/var/lib/nova/mnt:shared{% endif %}"
- "nova_libvirt_qemu:/etc/libvirt/qemu"
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/nova' if nova_dev_mode | bool else '' }
- "/var/trilio:/var/trilio:shared"

Next, find the variable nova_compute_default_volumes in the same file and append the mount bind /var/trilio:/var/trilio:shared to the list.

After the change will the variable look for a default Kolla installation as follows:

nova_compute_default_volumes:
- "{{ node_config_directory }}/nova-compute/:{{ container_config_directory }}/:ro"
- "/etc/localtime:/etc/localtime:ro"
- "{{ '/etc/timezone:/etc/timezone:ro' if ansible_os_family == 'Debian' else '' }}"
- "/lib/modules:/lib/modules:ro"
- "/run:/run:shared"
- "/dev:/dev"
- "kolla_logs:/var/log/kolla/"
- "{% if enable_iscsid | bool %}iscsi_info:/etc/iscsi{% endif %}"
- "libvirtd:/var/lib/libvirt"
- "{{ nova_instance_datadir_volume }}:/var/lib/nova/"
- "{% if enable_shared_var_lib_nova_mnt | bool %}/var/lib/nova/mnt:/var/lib/nova/mnt:shared{% endif %}"
- "{{ kolla_dev_repos_directory ~ '/nova/nova:/var/lib/kolla/venv/lib/python' ~ distro_python_version ~ '/site-packages/nova' if nova_dev_mode | bool else '' }}"
- "/var/trilio:/var/trilio:shared"

6] Pull TrilioVault container images

Pull the TrilioVault container images from the dockerhub based on the existing inventory file. In the example is the inventory file named multinode.

kolla-ansible -i multinode pull --tags triliovault

7] Deploy TrilioVault

All that is left, is to run the deploy command using the existing inventory file. In the example is the inventory file named 'multinode'.

This is just an example command. You need to use your cloud deploy command.

kolla-ansible -i multinode deploy

8] Verify TrilioVault deployment

Verify on the nodes that are supposed to run the TrilioVault containers, that those are available and healthy.

[[email protected] ~]# docker ps | grep triliovault_datamover_api
f00781997bc3 trilio/centos-binary-trilio-datamover-api:4.1.6-ussuri "dumb-init --single-…" 2 minutes ago Up 2 minutes triliovault_datamover_api
[[email protected] ~]# docker ps | grep triliovault_datamover
84831db5d215 trilio/centos-binary-trilio-datamover:4.1.6-ussuri "dumb-init --single-…" 5 minutes ago Up 4 minutes triliovault_datamover
[[email protected] ~]# docker ps | grep horizon
f3647e0fff27 trilio/centos-binary-trilio-horizon-plugin:4.1.6-ussuri "dumb-init --single-…" 8 minutes ago Up 8 minutes horizon

9] Troubleshooting Tips

9.1 ] Check TrilioVault containers and their startup logs

To see all TriloVault containers running on a specific node use the docker ps command.

docker ps -a | grep trilio

To check the startup logs use the docker logs <container name> command.

docker logs trilio_datamover_api
docker logs trilio_datamover

9.2] TrilioVault Horizon tabs are not visible in Openstack

Verify that the TrilioVault Appliance is configured. The Horizon tabs are only shown, when a configured TrilioVault appliance is available.

Verify that the TrilioVault horizon container is installed and in a running state.

docker ps | grep horizon

9.3] TrilioVault Service logs

  • TrilioVault datamover api service logs on datamover api node

/var/log/kolla/triliovault-datamover-api/dmapi.log
  • TrilioVault datamover service logs on datamover node

/var/log/kolla/triliovault-datamover/tvault-contego.log

10. Change the nova user id on the TrilioVault Nodes

Note: This step needs to be done on TrilioVault Appliance node. Not on OpenStack node.

Pre-requisite: You should have already launched TrilioVault appliance VM

In Kolla openstack distribution, 'nova' user id on nova-compute docker container is set to '42436'. The 'nova' user id on the TrilioVault nodes need to be set the same. Do the following steps on all TrilioVault nodes:

  1. Download the shell script that will change the user id

  2. Assign executable permissions

  3. Execute the script

  4. Verify that 'nova' user and group id has changed to '42436'

  5. After this step, you can proceed to 'Configuring Triliovault' section.

## Download the shell script
$ curl -O https://raw.githubusercontent.com/trilioData/triliovault-cfg-scripts/master/common/nova_userid.sh
## Assign executable permissions
$ chmod +x nova_userid.sh
## Execute the shell script to change 'nova' user and group id to '42436'
$ ./nova_userid.sh
## Ignore any errors and verify that 'nova' user and group id has changed to '42436'
$ id nova
uid=42436(nova) gid=42436(nova) groups=42436(nova),990(libvirt),36(kvm)