5:59 a.m.
Matt Kassawara <mkassawara(a)gmail.com> wrote:
Ihar,
I think distribution packages should bundle upstream source without
alteration to maximize flexibility for authors of deployment tools (or
simple instructions) that choose to use packages. In other words,
distribution packages should include few if any decisions on how to
deploy services. Instead, leave those decisions to authors of deployment
tools including organizations that produce distribution packages. For
example, decisions on how to deploy OpenStack using RDO packages should
reside in products like Packstack and RHEL-OSP. In the meantime, content
in /usr/share/$service directories impacts the following portions in the
installation guide:
You mix things here. RDO *is* a product, and *is* successfully used by
companies without paying for RHEL-OSP subscription. Manual installation is
still a supported way to deploy RDO, so anything that makes deployer life
easier (like reasonable defaults) is beneficial.
Below, I will comment on neutron only and will leave other components to
respective team members.
1) http://docs.openstack.org/draft/install-guide-rdo/keystone-verify.html
- The keystone-paste.ini file should reside in the /etc/keystone
directory.
2) http://docs.openstack.org/draft/install-guide-rdo/glance.html - The
glance-api-dist.conf and glance-registry-dist.conf files contain defunct
options in the [keystone_authtoken] section. Also, the *-paste.ini files
should reside in the /etc/glance directory.
3) http://docs.openstack.org/draft/install-guide-rdo/nova.html - The
nova-dist.conf file contains defunct options in the [keystone_authtoken]
section, assumes use of nova-network, and contains several opinions about
libvirt configuration.
4) http://docs.openstack.org/draft/install-guide-rdo/neutron.html - The
neutron-dist.conf file specifies a notification driver regardless of a
consumer (e.g., ceilometer) and disables nova-neutron interaction. Also,
the *-paste.ini file should reside in the /etc/neutron directory.
I agree nova-neutron notifications should not be disabled (I merged a patch
for that yesterday: https://review.gerrithub.io/#/c/251171/)
For notification driver, I am not sure I follow. The assumption is that
DHCP agent is a common piece of neutron setup that is widely used, and
since it relies on RPC notifications, we enable it by default. Do you
believe it’s better to make everyone using refarch neutron to define it for
themselves?
For *-paste.ini file, I believe the RDO assumption is that there is no
reason to modify it, hence it’s not available for user modifications. Can
you show me the exact place where installation guide became more complex
due to -paste.ini file located under /usr/share?
5) http://docs.openstack.org/draft/install-guide-rdo/cinder.html -
The
cinder-dist.conf file contains defunct options in the
[keystone_authtoken] section. Interestingly, the *-paste.ini files
correctly reside in the /etc/cinder directory.
6) http://docs.openstack.org/draft/install-guide-rdo/swift.html -
Interestingly, no /usr/share/swift directory exists. However, the
configuration files in /etc/swift are considerably out of date and easier
to overwrite from upstream source than attempt to fix via procedure.
7) http://docs.openstack.org/draft/install-guide-rdo/heat.html - The
heat-dist.conf file contains defunct options in the [keystone_authtoken]
section, contains a defunct database connection option (belongs in
[database]), and enables a defunct message queue (Qpid). Also, the
*-paste.ini file should reside in the /etc/heat directory.
I haven't looked at the ceilometer packages recently, but I suspect they
involve similar issues.
Matt
On Mon, Nov 2, 2015 at 4:34 AM, Ihar Hrachyshka <ihrachys(a)redhat.com>
wrote:
> On 21 Oct 2015, at 15:32, Matt Kassawara <mkassawara(a)gmail.com> wrote:
>
> I think packages available for standalone installation (i.e., without a
deployment tool) should include complete upstream configuration files in
standard locations without modification. In the case of *-dist.conf files
with RDO packages, they seldom receive updates leading to deprecation
warnings and sometimes override useful upstream default values. For
example, most if not all services default to keystone for authentication
(auth_strategy), yet the RDO neutron packages revert authentication to
"noauth" in the *-dist.conf file. In another example, the RDO keystone
package only includes the keystone-paste.ini file as
/usr/share/keystone/keystone-dist-paste.ini rather than using the
standard location and name which leads to confusion, particularly for new
users. The installation guide contains quite a few extra steps and
option-value pairs that work around the existence and contents of
*-dist.conf files... additions that unnecessarily increase complexity for
our audience of new users.
Can you provide links to the guide pages that are complicated by the
existence of -dist.conf files?
I agree that some values may not be optimal (f.e. auth_strategy indeed
should not be overridden; I sent a patch [1] to remove it from
-dist.conf); but in principle, there should be a way for distributions to
change defaults, and it should not be expected that all distributions
ship identical configuration files.
[1]: https://review.gerrithub.io/#/c/251170/
Ihar