Prepare the cluster deployment model

Prepare the cluster deployment model

Before you deploy Tenant Telemetry on an existing MCP cluster, prepare your cluster deployment model by making the corresponding changes in your Git project repository.

To prepare the deployment model:

  1. Open your Git project repository.

  2. Set up the aggregation metrics storage for Gnocchi:

    • For the Ceph back end, define the Ceph users and pools:

      1. In the classes/cluster/<cluster_name>/ceph/setup.yml file, add the pools:

        parameters:
          ceph:
            setup:
              pool:
                telemetry_pool:
                  pg_num: 512
                  pgp_num: 512
                  type: replicated
                  application: rgw
        #          crush_rule: sata
        
      2. In the classes/cluster/<cluster_name>/openstack/init.yml file, specify the Telemetry user and pool:

        parameters:
         _param:
           gnocchi_storage_user: gnocchi_user
           gnocchi_storage_pool: telemetry_pool
        
      3. In the classes/cluster/<cluster_name>/ceph/common.yml file, define the Telemetry user permissions:

        parameters:
          ceph:
            common:
              keyring:
                gnocchi:
                  name: ${_param:gnocchi_storage_user}
                  caps:
                    mon: "allow r"
                    osd: "allow rwx pool=telemetry_pool"
        
    • For the file back end with GlusterFS, define the GlusterFS volume in the classes/cluster/<cluster_name>/infra/glusterfs.yml file:

      classes:
      - system.glusterfs.server.volume.gnocchi
      

      Note

      Mirantis recommends creating a separate LVM for the Gnocchi GlusterFS volume. The LVM must contain a file system with a large number of inodes. Four million of inodes allow keeping the metrics of 1000 Gnocchi resources with a medium Gnocchi archive policy for two days maximum.

  3. In the classes/cluster/<cluster_name>/infra/config/init.yml file, add the class with Telemetry nodes definition:

    classes:
    - system.reclass.storage.system.openstack_telemetry_cluster
    
  4. In the classes/cluster/<cluster_name>/infra/config/nodes.yml file, add the Telemetry node parameters:

    parameters:
      salt:
        reclass:
          storage:
            node:
              openstack_telemetry_node01:
                params:
                  linux_system_codename: xenial
                  deploy_address: ${_param:openstack_telemetry_node01_deploy_address}
                  redis_cluster_role: 'master'
                  ceilometer_create_gnocchi_resources: true
              openstack_telemetry_node02:
                params:
                  linux_system_codename: xenial
                  deploy_address: ${_param:openstack_telemetry_node02_deploy_address}
                  redis_cluster_role: 'slave'
              openstack_telemetry_node03:
                params:
                  linux_system_codename: xenial
                  deploy_address: ${_param:openstack_telemetry_node03_deploy_address}
                  redis_cluster_role: 'slave'
    
  5. In the classes/cluster/<cluster_name>/infra/kvm.yml file, add the Telemetry VM definition:

    classes:
    - system.salt.control.cluster.openstack_telemetry_cluster
    parameters:
      salt:
        control:
          cluster:
            internal:
              node:
                mdb01:
                  image: ${_param:salt_control_xenial_image}
                mdb02:
                  image: ${_param:salt_control_xenial_image}
                mdb03:
                  image: ${_param:salt_control_xenial_image}
        virt:
          nic:
      ##Telemetry
            mdb:
              eth1:
                bridge: br-mgm
              eth0:
                bridge: br-ctl
    
  6. Define the Panko, Gnocchi, Ceilometer, and Aodh secrets in classes/cluster/<cluster_name>/infra/secrets.yml:

    parameters:
      _param:
        mysql_gnocchi_password_generated: <GNOCCHI MYSQL SECRET>
        mysql_panko_password_generated: <PANKO MYSQL SECRET>
        mysql_aodh_password_generated: <AODH MYSQL SECRET>
        keystone_gnocchi_password_generated: <GNOCCHI KEYSTONE SECRET>
        keystone_panko_password_generated: <PANKO KEYSTONE SECRET>
        keystone_aodh_password_generated: <AODH KEYSTONE SECRET>
        keystone_ceilometer_password_generated: <CEILOMETER KEYSTONE SECRET>
        openstack_telemetry_redis_password_generated: <TELEMETRY REDIS SECRET>
        aodh_memcache_secret_key_generated: <AODH MEMCACHE SECRET>
        ceilometer_memcache_secret_key_generated: <CEILOMETER MEMCACHE SECRET>
        panko_memcache_secret_key_generated: <PANKO MEMCACHE SECRET>
        gnocchi_memcache_secret_key_generated: <GNOCCHI MEMCACHE SECRET>
        tenant_telemetry_keepalived_vip_password: <TENANT TELEMETRY KEEPALIVED SECRET>
    
  7. In the classes/cluster/<cluster_name>/openstack/init.yml file, define the global parameters and linux:network:host:

    parameters:
      _param:
        aodh_service_host: ${_param:openstack_telemetry_address}
        ceilometer_service_host: ${_param:openstack_telemetry_address}
        panko_service_host: ${_param:openstack_telemetry_address}
        gnocchi_service_host: ${_param:openstack_telemetry_address}
        # For Queens openstack set gnocchi version to 4.2, for Pike to 4.0
        gnocchi_version: 4.2
        panko_version: ${_param:openstack_version}
        mysql_gnocchi_password: ${_param:mysql_gnocchi_password_generated}
        mysql_panko_password: ${_param:mysql_panko_password_generated}
        mysql_aodh_password: ${_param:mysql_aodh_password_generated}
        keystone_gnocchi_password: ${_param:keystone_gnocchi_password_generated}
        keystone_panko_password: ${_param:keystone_panko_password_generated}
        keystone_aodh_password: ${_param:keystone_aodh_password_generated}
        keystone_ceilometer_password: ${_param:keystone_ceilometer_password_generated}
        ceilometer_agent_default_polling_interval: 15
        ceilometer_agent_default_polling_meters:
        - "*"
        openstack_telemetry_redis_password: ${_param:openstack_telemetry_redis_password_generated}
        aodh_memcache_secret_key: ${_param:aodh_memcache_secret_key_generated}
        ceilometer_memcache_secret_key: ${_param:ceilometer_memcache_secret_key_generated}
        panko_memcache_secret_key: ${_param:panko_memcache_secret_key_generated}
        gnocchi_memcache_secret_key: ${_param:gnocchi_memcache_secret_key_generated}
    
        # openstack telemetry
        openstack_telemetry_address: 172.30.121.65
        openstack_telemetry_node01_deploy_address: 10.160.252.66
        openstack_telemetry_node02_deploy_address: 10.160.252.67
        openstack_telemetry_node03_deploy_address: 10.160.252.68
        openstack_telemetry_node01_address: 172.30.121.66
        openstack_telemetry_node02_address: 172.30.121.67
        openstack_telemetry_node03_address: 172.30.121.68
    
    
        openstack_telemetry_hostname: mdb
        openstack_telemetry_node01_hostname: mdb01
        openstack_telemetry_node02_hostname: mdb02
        openstack_telemetry_node03_hostname: mdb03
    
      linux:
        network:
          host:
            mdb:
              address: ${_param:openstack_telemetry_address}
              names:
              - ${_param:openstack_telemetry_hostname}
              - ${_param:openstack_telemetry_hostname}.${_param:cluster_domain}
            mdb01:
              address: ${_param:openstack_telemetry_node01_address}
              names:
              - ${_param:openstack_telemetry_node01_hostname}
              - ${_param:openstack_telemetry_node01_hostname}.${_param:cluster_domain}
            mdb02:
              address: ${_param:openstack_telemetry_node02_address}
              names:
              - ${_param:openstack_telemetry_node02_hostname}
              - ${_param:openstack_telemetry_node02_hostname}.${_param:cluster_domain}
            mdb03:
              address: ${_param:openstack_telemetry_node03_address}
              names:
              - ${_param:openstack_telemetry_node03_hostname}
              - ${_param:openstack_telemetry_node03_hostname}.${_param:cluster_domain}
    
  8. Add endpoints:

    1. In the classes/cluster/<cluster_name>/openstack/control/init.yml file, verify that the Panko, Gnocchi, and Aodh endpoints are present:

      classes:
      - system.keystone.client.service.panko
      - system.keystone.client.service.aodh
      - system.keystone.client.service.gnocchi
      - system.keystone.client.service.ceilometer
      
      parameters:
        _param:
          aodh_service_protocol: ${_param:cluster_internal_protocol}
          gnocchi_service_protocol: ${_param:cluster_internal_protocol}
          panko_service_protocol: ${_param:cluster_internal_protocol}
      
    2. In the classes/cluster/<cluster_name>/openstack/proxy.yml file, add the Gnocchi, Aodh, and Panko public endpoints:

      classes:
      - system.nginx.server.proxy.openstack.gnocchi
      - system.nginx.server.proxy.openstack.aodh
      - system.nginx.server.proxy.openstack.panko
      
    3. If HTTPS is enabled on the OpenStack internal endpoints, add the following parameters to classes/cluster/<cluster_name>/openstack/proxy.yml:

      parameters:
        _param:
          nginx_proxy_openstack_aodh_protocol: 'https'
          nginx_proxy_openstack_panko_protocol: 'https'
          nginx_proxy_openstack_gnocchi_protocol: 'https'
      
  9. In the classes/cluster/<cluster_name>/openstack/database/master.yml file, verify that the classes for the Panko, Gnocchi, Aodh databases are present:

    classes:
    - system.galera.server.database.panko
    - system.galera.server.database.aodh
    - system.galera.server.database.gnocchi
    
  10. Change the configuration of the OpenStack controller nodes:

    1. In the classes/cluster/<cluster_name>/openstack/control.yml file, add the Panko client package to test the OpenStack event CLI command. Additionally, verify that the file includes the ceilometer.client class.

      classes:
      #- system.ceilometer.server.backend.influxdb
      #- system.heka.ceilometer_collector.single
      #- system.aodh.server.cluster
      #- system.ceilometer.server.cluster
      - system.keystone.server.notification.messagingv2
      - system.glance.control.notification.messagingv2
      - system.nova.control.notification.messagingv2
      - system.neutron.control.notification.messagingv2
      - system.ceilometer.client.nova_control
      - system.cinder.control.notification.messagingv2
      - system.cinder.volume.notification.messagingv2
      - system.heat.server.notification.messagingv2
      
      parameters:
        linux:
          system:
            package:
              python-pankoclient:
      
    2. In the classes/cluster/<cluster_name>/openstack/control/init.yml file, add the following classes:

      classes:
      - system.gnocchi.client
      - system.gnocchi.client.v1.archive_policy.default
      
    3. In the classes/cluster/<cluster_name>/stacklight/telemetry.yml file, remove InfluxDB from the mdb* node definition:

      classes:
      #- system.haproxy.proxy.listen.stacklight.influxdb_relay
      #- system.influxdb.relay.cluster
      #- system.influxdb.server.single
      #- system.influxdb.database.ceilometer
      
  11. Change the configuration of compute nodes:

    1. Open the classes/cluster/<cluster_name>/openstack/compute/init.yml file for editing.

    2. Verify that ceilometer.agent classes are present on the compute nodes:

      classes:
      - system.ceilometer.agent.telemetry.cluster
      - system.ceilometer.agent.polling.default
      - system.nova.compute.notification.messagingv2
      
    3. If SSL in libvirt is enabled, set the following parameter:

      parameters:
        _param:
          ceilometer_agent_ssl_enabled: True
      
  12. In the classes/cluster/<cluster_name>/openstack/networking/telemetry.yml file, define the networking schema for the mdb VMs:

    # Networking template for Telemetry nodes
    parameters:
      linux:
        network:
          interface:
            ens2: ${_param:linux_deploy_interface}
            ens3: ${_param:linux_single_interface}
    
  13. Define the Telemetry node YAML file:

    1. Open the classes/cluster/<cluster_name>/openstack/telemetry.yml file for editing.

    2. Specify the classes and parameters depending on the aggregation metrics storage:

      • For Ceph, specify:

        classes:
        - system.ceph.common.cluster
        - system.gnocchi.common.storage.ceph
        - cluster.<cluster_name>.ceph.common
        parameters:
          _param:
            gnocchi_storage_ceph_pool: ${_param:gnocchi_storage_pool}
            gnocchi_storage_ceph_user: ${_param:gnocchi_storage_user}
        
      • For the file back end with GlusterFS, specify:

        classes:
        -  system.linux.system.repo.mcp.apt_mirantis.glusterfs
        -  system.glusterfs.client.cluster
        -  system.glusterfs.client.volume.gnocchi
        parameters:
          _param:
            gnocchi_glusterfs_service_host: ${_param:glusterfs_service_host}
        
    3. Specify the following classes and parameters:

      classes:
       - system.keepalived.cluster.instance.openstack_telemetry_vip
       - system.memcached.server.single
       - system.apache.server.single
       - system.apache.server.site.aodh
       - system.apache.server.site.gnocchi
       - system.apache.server.site.panko
       - service.redis.server.single
       - system.gnocchi.common.cluster
       - system.gnocchi.server.cluster
       - system.gnocchi.common.storage.incoming.redis
       - system.gnocchi.common.coordination.redis
       - system.ceilometer.server.telemetry.cluster
       - system.ceilometer.server.coordination.redis
       - system.aodh.server.cluster
       - system.aodh.server.coordination.redis
       - system.panko.server.cluster
       - system.ceilometer.server.backend.gnocchi
       - cluster.<cluster_name>.infra
       - cluster.<cluster_name>.openstack.networking.telemetry
      parameters:
        _param:
          cluster_vip_address: ${_param:openstack_telemetry_address}
          keepalived_vip_interface: ens3
          keepalived_vip_address: ${_param:cluster_vip_address}
          keepalived_vip_password: ${_param:tenant_telemetry_keepalived_vip_password}
          cluster_local_address: ${_param:single_address}
          cluster_node01_hostname: ${_param:openstack_telemetry_node01_hostname}
          cluster_node01_address: ${_param:openstack_telemetry_node01_address}
          cluster_node02_hostname: ${_param:openstack_telemetry_node02_hostname}
          cluster_node02_address: ${_param:openstack_telemetry_node02_address}
          cluster_node03_hostname: ${_param:openstack_telemetry_node03_hostname}
          cluster_node03_address: ${_param:openstack_telemetry_node03_address}
          redis_sentinel_node01_address: ${_param:openstack_telemetry_node01_address}
          redis_sentinel_node02_address: ${_param:openstack_telemetry_node02_address}
          redis_sentinel_node03_address: ${_param:openstack_telemetry_node03_address}
          # Redis doesn't support multi-user authentication so, any username can be used in url
          openstack_telemetry_redis_url: redis://openstack:${_param:openstack_telemetry_redis_password}@${_param:redis_sentinel_node01_address}:26379?db=0&sentinel=master_1&sentinel_fallback=${_param:redis_sentinel_node02_address}:26379&sentinel_fallback=${_param:redis_sentinel_node03_address}:26379
          gnocchi_coordination_url: ${_param:openstack_telemetry_redis_url}
          gnocchi_storage_incoming_redis_url: ${_param:openstack_telemetry_redis_url}
          haproxy_https_check_options:
          - httpchk GET /
          - httpclose
          - tcplog
          haproxy_panko_api_check_params: check-ssl verify none
          haproxy_gnocchi_api_check_params: check-ssl verify none
          haproxy_aodh-api_check_params: check inter 10s fastinter 2s downinter 3s rise 3 fall 3 check-ssl verify none
          apache_ssl:
            enabled: true
            authority: "${_param:salt_minion_ca_authority}"
            key_file: ${_param:openstack_api_cert_key_file}
            cert_file: ${_param:openstack_api_cert_cert_file}
            chain_file: ${_param:openstack_api_cert_all_file}
        redis:
          server:
            version: 5.0
            bind:
              address: ${_param:single_address}
          cluster:
            enabled: True
            mode: sentinel
            role: ${_param:redis_cluster_role}
            quorum: 2
            master:
              host: ${_param:cluster_node01_address}
              port: 6379
            sentinel:
              address: ${_param:single_address}
        apache:
          server:
            modules:
              - wsgi
        gnocchi:
          common:
            database:
              host: ${_param:openstack_database_address}
              ssl:
                enabled: true
          server:
            identity:
              protocol: ${_param:cluster_internal_protocol}
            pkgs:
            # TODO: move python-memcache installation to formula
            - gnocchi-api
            - gnocchi-metricd
            - python-memcache
        panko:
          server:
            identity:
              protocol: ${_param:cluster_internal_protocol}
            database:
              ssl:
                enabled: true
        aodh:
          server:
            coordination_backend:
              url: ${_param:openstack_telemetry_redis_url}
            identity:
              host: ${_param:openstack_control_address}
        ceilometer:
          server:
            coordination_backend:
              url: ${_param:openstack_telemetry_redis_url}
            identity:
              host: ${_param:openstack_control_address}
        haproxy:
          proxy:
            listen:
              panko_api:
                type: None
                options: ${_param:haproxy_https_check_options}
              gnocchi_api:
                type: None
                options: ${_param:haproxy_https_check_options}
              aodh-api:
                type: None
                options: ${_param:haproxy_https_check_options}
      

Once done, proceed to Deploy Tenant Telemetry.