# Trilio Installation on RHOSO The [Red Hat OpenStack Services on OpenShift 18.0](https://docs.redhat.com/en/documentation/red_hat_openstack_services_on_openshift/18.0) is the supported and recommended method to deploy and maintain any RHOSO installation. Trilio is integrating natively into the RHOSO.\ Manual deployment methods are not supported for RHOSO. ## 1. Prepare for deployment Refer to the link [Resources](/openstack/about-trilio-for-openstack/artifacts.md) to get release specific values of the placeholders, viz **`Container URLs`**, **`trilio_branch`**, **`RHOSO Version`** and **`CONTAINER-TAG-VERSION`** in this document as per the OpenStack environment: ### 1.1] Pre-requisites * Podman tool should be available on the **bastion host**. * All commands must be executed from the **bastion host** where RHOSO OpenStack was installed. * Install the **ruamel.yaml** package using the following command: `pip3 install ruamel.yaml` ### 1.2] Clone triliovault-cfg-scripts repository The following steps are to be done on the `bastion` node on an already installed RHOSO environment. The following command clones the triliovault-cfg-scripts github repository. ``` git clone -b {{ trilio_branch }} https://github.com/trilioData/triliovault-cfg-scripts.git cd triliovault-cfg-scripts/redhat-director-scripts/rhosp18/ctlplane-scripts/ ``` ### 1.3] Create namespace for Trilio control plane services ``` oc create namespace trilio-openstack ``` ### 1.4] Create the trilio-openstack-secret in the trilio-openstack namespace. In this secret we keep passwords and s3 keys in base64 encoded form. In this `trilio-openstack-secret.yaml` file you need to fill the base64 encoded strings for container registry password, s3-keys and other passwords. If you want to use s3 as backup storage then you need to provide s3 access keys and secret keys for all the s3 buckets in base64 encoded format. If you dont want to use s3 as backup storage, you need to remove all s3 key parameters from this secret file. To get base64 encoded string please use following linux command ``` echo -n "" | base64 ``` If you want to using old db approach you can remove the `DbRootPassword` parameter | Parameter | Description | | ------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | DbRootPassword |

- User needs to set this value as per their choice, but it must be Base64 encoded.
- If user wants to use old DB approch please remove this parameter, This parameter is only needed for new DB approach. Please refer to section 2.2 for details on database approaches

| | DmapiDatabasePassword | User needs to set this value as per their choice, but it must be Base64 encoded. | | DmapiKeystonePassword | User needs to set this value as per their choice, but it must be Base64 encoded. | | DmapiRabbitPassword | User needs to set this value as per their choice, but it must be Base64 encoded. | | WlmDatabasePassword | User needs to set this value as per their choice, but it must be Base64 encoded. | | WlmKeystonePassword | User needs to set this value as per their choice, but it must be Base64 encoded. | | WlmRabbitPassword | User needs to set this value as per their choice, but it must be Base64 encoded. | | ContainerRegistryPassword | User need to set this right value but it must be Base64 encoded. | | BT1\_S3\_s3\_access\_key | Parameter name should be in `_s3_secret_key` format. User need to encode the actual value with base64 encoding and set it here. If you dont want to use s3 as backup storage, you need to remove this access key parameter from secret file. | | BT1\_S3\_s3\_secret\_key | Parameter name should be in `_s3_secret_key` format. User need to encode the actual value with base64 encoding and set it here. If you dont want to use s3 as backup storage, you need to remove this access key parameter from secret file. | ``` cd triliovault-cfg-scripts/redhat-director-scripts/rhosp18/ctlplane-scripts/ vi trilio-openstack-secret.yaml oc apply -f trilio-openstack-secret.yaml -n trilio-openstack ``` ### 1.5] Create image pull secret Following script creates image pull secret for Trilio container images. User need to pass image registry url and authentication user name of that registry. This script reads registry user password from `trilio-openstack-secret` secret. By default Trilio container images are available in RedHat connect registry, it's url is `registry.connect.redhat.com`. User needs to provide this registry url and it's user name to the script. If user wants to use a different registry to keep the Trilio container images, then user need to pull Trilio images from `registry.connect.redhat.com` and push them to user's registry. In this case user need to provide it's registry url and user name to following command. ``` cd triliovault-cfg-scripts/redhat-director-scripts/rhosp18/ctlplane-scripts/ chmod +x create-image-pull-secret.sh ./create-image-pull-secret.sh Note: Use the following URLs for Trilio image registries, as needed. Default RedHat registry url for Trilio images: registry.connect.redhat.com ``` ## 2] Install Trilio Control Plane Services ### 2.1] Install Operator - tvo-operator You can install the Trilio for OpenStack Operator using either of the following methods: *** #### Method 1: Install Using local shell Script 1. Please get value of parameter **`TVO_OPERATOR_CONTAINER_IMAGE_URL`** from [this release artifact documentation](/openstack/about-trilio-for-openstack/artifacts.md). This is Trilio for OpenStack Operator container image tag. 2. Run the following commands: ``` cd triliovault-cfg-scripts/redhat-director-scripts/rhosp18/ctlplane-scripts chmod +x install_operator.sh ./install_operator.sh Example:- Redhat_registry_tvo_operator_conatiner_image_Url:- ./install_operator.sh registry.connect.redhat.com/trilio/trilio-openstack-operator-rhoso:6.1.0-rhoso18.0 ``` *** #### Method 2: Install Using Operator Hub (OpenShift Console) 1. Log in to the OpenShift Console using the admin user. 2. Create a namespace named `tvo-operator-system`. 3. Switch to the `tvo-operator-system` namespace. 4. Navigate to **Operator Hub**. 5. Search for **"Trilio for OpenStack"** in the search box. 6. Select the **"Trilio for OpenStack"** operator and click on it. 7. Choose a channel and select the latest available operator version in [Resources](/openstack/about-trilio-for-openstack/artifacts.md) 8. Click on **Install** button. 9. Select the default install mode for all namespaces. 10. Choose **Automatic** as the update strategy. 11. Click **Install** button and wait a few minutes until the status shows **"Operator Installed"** message on the screen. *** > Note: You can use either method based on your deployment preference. Script-based installation is recommended for automated or CLI-driven environments. * Verify the tvo operator pod got created ``` oc get pods -A | grep tvo-operator ``` * Verify that operator CRD is installed ``` oc get crds | grep tvo ``` ### 2.2] Edit tvo-operator-inputs.yaml file This file named `tvo-operator-inputs.yaml` is used to create CR of kind `TVOControlPlane`. This CR is responsible to deploy Trilio control plane services. Run the script below to fill in some of the details automatically in tvo-operator-inputs.yaml. ``` cd triliovault-cfg-scripts/redhat-director-scripts/rhosp18/ctlplane-scripts chmod +x set_operator_inputs.py ./set_operator_inputs.py ``` Above script automatically fills in some details like Trilio image tags, memcached\_servers, keystone, database, and rabbitmq. User need to manually fill in backup target details in the file `tvo-operator-inputs.yaml`. Review the file `tvo-operator-inputs.yaml` and make sure all the details are correct. If there is any change required, you can edit this file. Above script only takes default parameters during script execution. ``` vi tvo-operator-inputs.yaml ``` Operator parameter details from file `tvo-operator-inputs.yaml` that user need to edit: **Note:** Trilio supports two database deployment approaches, depending on the deployment model: 1. **OpenStack Galera (Old Database approach)** * Trilio uses the already deployed Galera from 'OpenStack' namespace to create necessary databases. * Please refer following configuration parameters to use old database approach. User need to set this parameters in `tvo-operator-inputs.yaml` file. ``` database: common: use_trilio_galera: false root_user_name: "root" host: "openstack.openstack.svc" port: 3306 ``` 2. **Trilio Galera (New Database approach)** * Trilio deploys fresh Galera cluster in 'trilio-openstack' namespace and uses it to create necessary databases. * Please refer following configuration parameters to use new database approach. User need to set this parameters in `tvo-operator-inputs.yaml` file. ``` database: common: use_trilio_galera: true root_user_name: "root" host: "trilio-galera-cluster.trilio-openstack.svc" port: 3306 ``` | Parameter | Description | Edit Mode | | | ------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------- | | images | Please refer to [Resources](/openstack/about-trilio-for-openstack/artifacts.md) | Automated | | | common |

- trustee\_role should be creator,member if barbican is enabled. Otherwise trustee\_role should be member. Any openstack user that wants to create backup jobs and take backups needs this role in respective openstack project.
- memcached\_servers value should be fetched using command oc -n openstack get memcached -o jsonpath='{.items\[*].status.serverList\[*]}' | tr ' ' ','
- metallb\_address\_pool: Do not change (Review rabbitmq.common.metallb\_address\_pool parameter value. You can use control plane network pool as well. Any address pool will work as long as it has at least one free IP address available) using command: oc get ipaddresspool
-n metallb-system

| Automated | | triliovault\_backup\_targets |

- User need to choose which backup targets(Where backups taken by TVO will get stored) to use for this TVO deployment.
- User can use multiple backup targets of type ‘NFS' or 'S3’ type like NFS share, Amazon S3 bucket, Ceph S3 bucket etc.
- For Amazon S3 backup target s3\_type: ‘amazon\_s3’
- For Amazon S3, s3\_endpoint\_url value will be empty string. Internally we pick it correctly.
- For Amazon s3 s3\_self\_signed\_cert is always 'false'.
- For all other S3 backup targets s3\_type: 'other\_s3'
- For Ceph S3 s3\_self\_signed\_cert is always 'true'.
- For Ceph S3, provide the CA certificate content in the 's3\_ssl\_ca\_cert' field.

| Manual | | | openstack |

- 'namespace': Namespace named in which openstack control plane services are installed.
- 'osp\_secret\_name': OpenStack secret name which holds all the admin passwords for openstack services.

| Automated | | | keystone.common |

- 'keystone\_interface' set it to any of the value \[’internal', 'public']. This interface will be used for communication between TVO and OpenStack services.
- 'service\_project\_name': This is project name where all services are registered.
- ‘service\_project\_domain\_name': service project’s domain name
- 'admin\_role\_name': Admin role name
- 'cloud\_admin\_user\_name': OpenStack cloud admin user name
- 'cloud\_admin\_project\_name': Cloud admin project name
- 'auth\_url': Keystone auth url of respective interface provided in keystone\_interface parameter.
- ‘auth\_uri': Just append '/v3’ to auth\_url
- 'keystone\_auth\_protocol': https or http Auth protocol of keystone endpoint url of provided keystone\_interface
- 'keystone\_auth\_host': Full host name from keystone auth\_url

| Automated | | | keystone.commom.is\_self\_signed\_ssl\_cert | True/False, Whether the TLS certs used by keystone endpoint url mentioned in auth\_url parameter uses self signed certs or not | Manual | | |

keystone.datamover\_api and
keystone.wlm\_api

|

For both components datamover\_api and wlm\_api we have same set of parameters.
- ‘user': This is openstack user that is used by service datamover\_api. Please don’t change this one.
- ‘service\_name': Don’t need to change
- 'service\_type': Don’t need to change
- 'service\_desc': Don’t need to change
- ‘internal\_endpoint': Trilio service internal endpoint. Please refer other openstack service endpoints and set this one accordingly.
- ‘public\_endpoint': User just need to set replace parameter 'PUBLIC\_ENDPOINT\_DOMAIN’ here. Please refer other openstack services public endpoint url.
- ‘public\_auth\_host': FQDN mentioned in parameter 'public\_endpoint’

| Automated | | | database.common `use_trilio_galera` |

- For new approach, separate galera cluster for Trilio, set this to 'true'.
- For old approach, using openstack’s galera, set this to 'false'.

| Manual | | | database.common |

- 'root\_user\_name': Do not change. Keep this as it is. Don’t need to change unless you know that root username is changed.
- 'Database port': Do not change

| Manual | | | database.common `host` |

- If user wants to use old DB install approach, set this value to:
openstack.openstack.svc
- If user wants to use new DB installation approach, set this value to:
trilio-galera-cluster.
trilio-openstack.svc

| Manual | | | database.datamover\_api and database.wlm\_api |

- 'user': Do not change
- 'database': Do not change

| Automated | | | rabbitmq.common |

- 'host': Do not change
- 'port': Do not change
- 'driver': Do not change
- ‘ssl': If SSL/TLS is enabled on rabbitmq, set this to true other wise set it to false. This is boolean parameter.
- 'namespace': Do not change
- Review ‘rabbitmq.cluster.resources' parameters and adjust as per the need in tvo-operator-inputs.yaml. Default values are sufficient and don’t need to change until you explicitly face any issue.

| Automated | | | rabbitmq.datamover\_api and rabbitmq.wlm\_api |

- 'user': Do not change this.
- 'vhost': Do not change this

| Automated | | | pod(optional) | These parameters sets additional networks on pods. Please refer to [step 5 of this documentation](#advanced-config). | Manual | | | pod.replicas | These parameters sets number of replicas for Trilio components. Default values are standard. Unless needed you don’t need to change it. Please note that number of replicas for triliovault\_wlm\_cron pod should always be set to 1. | Automated | | ### 2.3] Set correct labels to Kubernetes nodes. Trilio control plane services will be deployed on OpenShift nodes having label `trilio-control-plane=enabled` . It is recommended to use three Kubernetes nodes for Trilio control plane services. Please use following commands to assign correct labels to nodes. Get list of OpenShift nodes ``` oc get nodes ``` Assign ‘trilio-control-plane=enabled' label to any three nodes of your choice where you want to deploy TVO control plane services. ``` oc label nodes trilio-control-plane=enabled oc label nodes trilio-control-plane=enabled oc label nodes trilio-control-plane=enabled ``` Verify list of nodes having 'trilio-control-plane=enabled' label ``` oc get nodes -l trilio-control-plane=enabled ``` ### 2.4] Create TLS certificate secrets Following script creates TLS certificates for Trilio services and defines secrets having these certs. Edit `'$PUBLIC_ENDPOINT_DOMAIN'` parameter in utils/certicate.yaml file and set it to correct value. Refer openstack keystone service public endpoint. ``` cd triliovault-cfg-scripts/redhat-director-scripts/rhosp18/ctlplane-scripts/ vi certificate.yaml ``` Create certificates and secrets ``` cd triliovault-cfg-scripts/redhat-director-scripts/rhosp18/ctlplane-scripts/ ./create_cert_secrets.sh ``` You can verify if these cert secrets are created in 'trilio-openstack' namespace. ``` oc -n trilio-openstack describe secret cert-triliovault-datamover-public-svc oc -n trilio-openstack describe secret cert-triliovault-datamover-internal-svc oc -n trilio-openstack describe secret cert-triliovault-wlm-public-svc oc -n trilio-openstack describe secret cert-triliovault-wlm-internal-svc oc -n trilio-openstack describe secret cert-trilio-rabbitmq-cluster oc -n trilio-openstack describe secret cert-trilio-galera-cluster ``` ### 2.5] Run deploy command ``` cd triliovault-cfg-scripts/redhat-director-scripts/rhosp18/ctlplane-scripts/ ./deploy_tvo_control_plane.sh ``` ### 2.6] Check logs ``` oc get pods -A | grep tvo-operator oc -n logs -f ``` ### 2.7] Check deployment status ``` oc -n trilio-openstack get tvocontrolplane oc describe tvocontrolplane -n trilio-openstack ``` ### 2.8] Verify successful deployment of T4O control plane services. ``` [root@localhost ctlplane-scripts]# oc -n trilio-openstack get pods NAME READY STATUS RESTARTS AGE job-triliovault-datamover-api-db-init-7jcdd 0/1 Completed 0 2m40s job-triliovault-datamover-api-keystone-init-kzp2b 0/1 Completed 0 3m12s job-triliovault-datamover-api-rabbitmq-init-96967 0/1 Completed 0 3m job-triliovault-wlm-cloud-trust-v5f6z 0/1 Completed 0 2m22s job-triliovault-wlm-db-init-hgsmq 0/1 Completed 0 2m35s job-triliovault-wlm-keystone-init-98jmw 0/1 Completed 0 2m56s job-triliovault-wlm-rabbitmq-init-696s9 0/1 Completed 0 2m44s trilio-galera-cluster-galera-0 1/1 Running 0 3m56s trilio-galera-cluster-galera-1 1/1 Running 0 3m56s trilio-galera-cluster-galera-2 1/1 Running 0 3m56s trilio-galera-wait-job-zjlcb 0/1 Completed 0 3m56s trilio-rabbitmq-cluster-server-0 1/1 Running 0 5m trilio-rabbitmq-cluster-server-1 1/1 Running 0 5m trilio-rabbitmq-cluster-server-2 1/1 Running 0 5m triliovault-datamover-api-6df7bc9d9d-7rd44 1/1 Running 0 2m22s triliovault-datamover-api-6df7bc9d9d-ftd98 1/1 Running 0 2m22s triliovault-datamover-api-6df7bc9d9d-nrn4j 1/1 Running 0 2m22s triliovault-object-store-bt1-s3-cvm54 1/1 Running 0 2m23s triliovault-object-store-bt1-s3-j5lb6 1/1 Running 0 2m23s triliovault-object-store-bt1-s3-r6rkr 1/1 Running 0 2m23s triliovault-object-store-bt2-s3-25ltf 1/1 Running 0 2m22s triliovault-object-store-bt2-s3-52hmb 1/1 Running 0 2m22s triliovault-object-store-bt2-s3-krnlx 1/1 Running 0 2m22s triliovault-wlm-api-54fbf49c9d-fw7ww 1/1 Running 0 2m22s triliovault-wlm-api-54fbf49c9d-m97sw 1/1 Running 0 2m22s triliovault-wlm-api-54fbf49c9d-xssws 1/1 Running 0 2m22s triliovault-wlm-cron-5fd56b8685-zq65m 1/1 Running 0 2m22s triliovault-wlm-scheduler-78d9f77499-gbfxn 1/1 Running 0 2m22s triliovault-wlm-scheduler-78d9f77499-k77ct 1/1 Running 0 2m22s triliovault-wlm-scheduler-78d9f77499-lg224 1/1 Running 0 2m22s triliovault-wlm-workloads-579f587f64-g7jtb 1/1 Running 0 2m22s triliovault-wlm-workloads-579f587f64-ktf9n 1/1 Running 0 2m22s triliovault-wlm-workloads-579f587f64-tmv52 1/1 Running 0 2m22s [root@localhost ctlplane-scripts]# ``` Verify if wlm cloud trust created successfully ``` oc -n trilio-openstack logs ``` ## 3] Install Trilio Data Plane Services Set context to ‘openstack' namespace. All the trilio data plane resources will be created in 'openstack’ namespace. ``` oc config set-context --current --namespace=openstack ``` ### 3.1] Create the trilio-openstack-secret in the openstack namespace. This secret is needed for the Trilio data plane. ``` cd triliovault-cfg-scripts/redhat-director-scripts/rhosp18/dataplane-scripts/ oc -n openstack apply -f ../ctlplane-scripts/trilio-openstack-secret.yaml ``` ### 3.2] User need to review below parameters fill all input parameters needed for Trilio data plane services in following cm-trilio-datamover.yaml file. Run the script below to fill in some of the details automatically in cm-trilio-datamover.yaml. ``` cd triliovault-cfg-scripts/redhat-director-scripts/rhosp18/dataplane-scripts/ chmod +x set_data_plane_inputs.py ./set_data_plane_inputs.py ``` Above script automatically fills in some details like rabbit\_host, rabbit\_ssl, database\_host, database\_port, triliovault\_backup\_targets. User need to manually fill in `trilio-container-image-tags` for datamover and wlm images, `trilio_container_registry_username`, `trilio_container_registry_password` and `trilio_container_registry_url` in the file cm-trilio-datamover.yaml. Review the file `cm-trilio-datamover.yaml` and make sure all the details are correct. If there is any change required, you can edit this file. | Parameter | Description | Edit Mode | | ------------------------------------------------------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------- | | rabbit\_host, rabbit\_port, rabbit\_ssl | User does not need to change these parameters | Semi-automated | | database\_host, database\_port | User does not need to change these parameters | Automated | | cinder\_backend\_ceph, libvirt\_images\_rbd\_ceph\_conf, ceph\_cinder\_user and oslomsg\_rpc\_use\_ssl | User does not need to change these parameters | Manual | | images | Please refer to [Resources](/openstack/about-trilio-for-openstack/artifacts.md) | Manual | | trilio\_container\_registry\_username, trilio\_container\_registry\_url | User needs to update the following fileds with using either Docker or the Redhat registry details, as per the requirement. | Manual | | triliovault\_backup\_targets |

- User need to choose which backup targets(Where backups taken by TVO will get stored) to use for this TVO deployment.
- User can use multiple backup targets of type ‘NFS' or 'S3’ type like NFS share, Amazon S3 bucket, Ceph S3 bucket etc.
- For Amazon S3 backup target s3\_type: ‘amazon\_s3’
- For all other S3 backup targets s3\_type: 'other\_s3'
- For Amazon S3, s3\_endpoint\_url value will be empty string. Internally we pick it correctly.
- For Amazon s3 s3\_self\_signed\_cert is always 'false'

- Note:- Please provide the same BTT details that are used in the tvo-operator-inputs.yaml file

| Semi-automated | Create config map having all input parameters for Trilio data plane services deployment. ``` cd triliovault-cfg-scripts/redhat-director-scripts/rhosp18/dataplane-scripts/ vi cm-trilio-datamover.yaml ``` ### 3.3] Create cm-trilio-datamover config map ``` ## Create config map oc -n openstack apply -f cm-trilio-datamover.yaml ``` ### 3.4] Edit file ‘trilio-datamover-service.yaml' and set correct tag for container image 'openStackAnsibleEERunnerImage ``` vi trilio-datamover-service.yaml ``` ### 3.5] Following script creates CRD “OpenStackDataPlaneService“ resource for Trilio ``` oc -n openstack apply -f trilio-datamover-service.yaml ``` ### 3.6] Trigger Deployment of Trilio data plane services In this step we will trigger the ansible scripts execution to deploy Trilio data plane components. Get Data Plane NodeSet names using following command ``` oc -n openstack get OpenStackDataPlaneNodeSet ``` Edit two things in following file * Set Unique ‘name' for every ansible execution for ‘OpenStackDataPlaneDeployment’ * Set correct name for 'nodeSets’ parameter. Take nodeSet name from previous step. ``` vi trilio-data-plane-deployment.yaml ``` To check list of deployment names alreday used, please use following command ``` ## To check list of deployment names alreday used, please use following command oc -n openstack get OpenStackDataPlaneDeployment ``` Trigger Trilio Data plane deployment execution ``` ## Trigger deployment oc -n openstack apply -f trilio-data-plane-deployment.yaml ``` ### 3.7] Check deployment logs. Edit parameter name : \, use name from above steps. ``` oc -n openstack get pod -l openstackdataplanedeployment= oc -n openstack logs -f ``` If it fails or completes and you want to run it again, you need to change the name of CR resource ‘OpenStackDataPlaneDeployment' to something new and unique in following template 'trilio-data-plane-deployment.yaml' and create it again using oc create command. ### 3.8] Verify deployment completed well Login to one of the compute node and check trilio compute service containers. ``` podman ps | grep trilio ``` ## 4] Install Trilio Horizon Plugin Pre-requisite: You should have created image pull secret for Trilio container images. 1. Get the openstackversion CR ``` [kni@localhost ~]$ oc get openstackversion -n openstack NAME TARGET VERSION AVAILABLE VERSION DEPLOYED VERSION openstack-controlplane 18.0.2-20240923.2 18.0.2-20240923.2 18.0.2-20240923.2 ``` 2. Edit the openstackversion CR resource/object and change horizonImage undercustomContainerImages Set 'horizonImage:' to Trilio Horizon Plugin container image url as shown below. ``` oc edit openstackversion -n openstack ``` For example: if resource name is 'openstack-controlplane' ``` oc edit openstackversion openstack-controlplane -n openstack ``` ``` apiVersion: core.openstack.org/v1beta1 kind: OpenStackVersion metadata: name: openstack-controlplane spec: customContainerImages: horizonImage: docker.io/trilio/trilio-horizon-plugin: [...] ``` 3. Save changes and exit. \[Use escape + Colon + wq like linux vi editor.] 4. Verify if changes are done correctly using below command. ``` oc describe openstackversion -n openstack ``` 5. Increase HAproxy route timeout Run the following command to set the route timeout to **180 seconds**: ``` oc annotate route horizon -n openstack haproxy.router.openshift.io/timeout=180s --overwrite ``` This annotation configures the HAProxy router to allow backend requests up to the specified timeout duration. **Verify the HAproxy route timeout** Confirm that the timeout annotation has been applied successfully: ``` oc get route horizon -n openstack -o yaml | grep timeout ``` You should see an output similar to: ``` haproxy.router.openshift.io/timeout: 180s ``` 6. You can access the OpenStack horizon using your same URL and login using same credentials. This openstack horizon will have Trilio UI components as well by verifying using the UI horizon. ### 5] Advanced configurations (Optional) #### 5.1] Attaching Additional Networks to Trilio Pods Trilio pods can attach additional networks using the `networks` parameter in `tvo-operator-inputs.yaml`. This enables Trilio components to connect to custom or isolated networks. *** #### 5.2] Copy NetworkAttachmentDefinition (NAD) to `trilio-openstack` If a network exists in the **`openstack`** namespace, it must be copied to **`trilio-openstack`**. Example: copying the **`storage`** network. *** * **Export NAD from `openstack`** ``` oc get network-attachment-definition storage -n openstack -o yaml > storage-nad.yaml ``` * **Remove namespace-specific metadata** ``` sed -i '/ namespace:/d' storage-nad.yaml sed -i '/ resourceVersion:/d' storage-nad.yaml sed -i '/ uid:/d' storage-nad.yaml sed -i '/ creationTimestamp:/d' storage-nad.yaml ``` * **Apply NAD in `trilio-openstack`** ``` oc apply -f storage-nad.yaml -n trilio-openstack ``` * **Verify NADs** ``` oc get network-attachment-definition -n trilio-openstack ``` * **Example output:** ``` NAME AGE storage 2m5s ``` *** #### 5.3] Configure networks in `tvo-operator-inputs.yaml` in [step 2.2](#edit-operator-inputs) Each Trilio pod includes a `networks` field where you can specify additional networks. ``` pod: triliovault_wlm_api: networks: "" debug_mode: false triliovault_wlm_scheduler: networks: "" debug_mode: false triliovault_wlm_cron: networks: "" debug_mode: false triliovault_wlm_workloads: networks: "" debug_mode: false triliovault_object_store: networks: "" debug_mode: false triliovault_datamover_api: networks: "" debug_mode: false ``` *** #### 5.4] Specify networks for each pod Provide a **comma-separated list** of network names. These networks **must exist** in the `trilio-openstack` namespace. Example: ``` pod: triliovault_wlm_api: networks: "storage,tenant" ``` This attaches the **`storage`** and **`tenant`** networks to the `triliovault_wlm_api` pod. *** **Note:** * All networks listed in `networks` **must exist as NADs** in `trilio-openstack`. * If a network exists in another namespace, export and recreate it in `trilio-openstack`. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.trilio.io/openstack/deployment/installing-on-rhosp/trilio_installation_on_rhoso.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.