rackspace.com/cloud/private
Rackspace Private Cloud v9.0
Software Release Notes
February 18, 2015
RPC v9.0.6
Rackspace Private Cloud v9.0 Software Release Notes
RPC v9.0.6 (2015-02-18)
Copyright © 2014 Rackspace All rights reserved.
This document describes new features and known and resolved issues in Rackspace Private Cloud v9 releases.
ii
Rackspace Private Cloud v9.0
Software Release Notes
February 18, 2015
RPC v9.0.6
Table of Contents
1. Preface ........................................................................................................................ 1
1.1. About Rackspace Private Cloud Software .......................................................... 1
1.2. Rackspace Private Cloud configuration .............................................................. 1
1.3. Rackspace Private Cloud support ...................................................................... 1
2. What's new in Rackspace Private Cloud v9.0 Software ................................................. 3
2.1. Operating system ............................................................................................. 3
2.2. Ansible ............................................................................................................. 3
2.3. Linux containers ............................................................................................... 3
2.4. Networking ...................................................................................................... 3
2.5. Database architecture ....................................................................................... 4
2.6. Logging ............................................................................................................ 4
2.7. Changes in v9.0.4 to v9.0.6 ............................................................................... 4
2.8. Changes in v9.0.3 ............................................................................................. 4
2.9. Changes in v9.0.2 ............................................................................................. 5
2.10. Changes in v9.0.1 ........................................................................................... 6
3. Installation .................................................................................................................. 8
4. Upgrading ................................................................................................................... 9
4.1. Prerequisites ..................................................................................................... 9
4.1.1. Upgrading to v9.0.6 ............................................................................... 9
4.2. Performing the upgrade ................................................................................. 10
4.3. Verifying the upgrade .................................................................................... 10
5. Reference architecture .............................................................................................. 12
6. Support ..................................................................................................................... 14
7. Known Issues ............................................................................................................ 15
8. Additional resources .................................................................................................. 17
8.1. Document Change History .............................................................................. 17
iii
Rackspace Private Cloud v9.0
Software Release Notes
February 18, 2015
RPC v9.0.6
1. Preface
Rackspace Private Cloud Software has been developed by Rackspace as a way to quickly
install an OpenStack private cloud, configured as recommended by Rackspace OpenStack
specialists.
1.1. About Rackspace Private Cloud Software
Rackspace Private Cloud Software uses Ansible to create an OpenStack cluster on Ubuntu
Linux. The installation process provides a familiar approach for Linux system administrators,
and the environment can be updated easily without downloading and installing a new ISO.
1.2. Rackspace Private Cloud configuration
Rackspace Private Cloud Software uses Ansible and Linux Containers (LXC) to install and
manage OpenStack Icehouse with the following services:
• Identity (keystone)
• Image Service (glance)
• Compute (nova)
• Networking (neutron)
• Block Storage (cinder)
• Orchestration (heat)
• Dashboard (horizon)
RPC also provides the following infrastructure, monitoring, and logging services to support
OpenStack:
• Galera with MariaDB
• RabbitMQ
• Memcached
• Rsyslog
• Logstash
• Elasticsearch with Kibana
1.3. Rackspace Private Cloud support
Rackspace offers 365x24x7 support for Rackspace Private Cloud Software. If you are interested in purchasing Escalation Support or Core Support for your cloud, or taking advantage
of our training offerings, contact us at: <[email protected]>.
1
Rackspace Private Cloud v9.0
Software Release Notes
February 18, 2015
RPC v9.0.6
You can also visit the RPC community forums. The forum is open to all RPC users and is
moderated and maintained by Rackspace personnel and OpenStack specialists:
https://community.rackspace.com/products/f/45
For more information about Rackspace Private Cloud, please visit the Rackspace Private
Cloud pages:
• Software and Reference Architecture
• Support
• Resources
For any other information regarding Rackspace Private Cloud Software, refer to the
Rackspace Private Cloud release notes.
2
Rackspace Private Cloud v9.0
Software Release Notes
February 18, 2015
RPC v9.0.6
2. What's new in Rackspace Private Cloud
v9.0 Software
Rackspace Private Cloud (RPC) version 9.0 Software uses Linux Containers (LXC) managed
with Ansible as the core technology. Configured by Rackspace experts, Rackspace uses this
technology to deploy an OpenStack private cloud. This section lists the new features in RPC
version 9.
2.1. Operating system
RPC Software supports Ubuntu 14.04 exclusively. Ubuntu 14.04 provides:
• Compatibility with Linux containers, VXLAN, and Linux Bridge.
• The ability to use VXLAN for Neutron overlay networks.
2.2. Ansible
RPC installation is automated with Ansible playbooks. Ansible is an open source IT automation framework that provides multi-node software deployment, ad hoc task execution, and
configuration management. Ansible has a proven track record at Rackspace and it includes
a large, well-supported library of modules.
Installing RPC with Ansible provides a consistent experience across installations. Ansible
playbooks are written in YAML, which makes them easy to develop, use, and troubleshoot.
Ansible facilitates deploying and configuring hosts, containers, and nodes, and it enables
components and configurations to be easily upgraded. In addition, Ansible is light weight,
requiring only SSH and Python. There are no other clients or agents required.
2.3. Linux containers
OpenStack services are installed into individual Linux containers (LXC), which provide isolation of each service and greater operational efficiency, and make it easier to upgrade your
private cloud as each new version is released. Containers allow RPC to separate host management from OpenStack management and enable management of individual OpenStack
components and configuration files.
Containers are lightweight and resource friendly, provide comprehensive process and resource isolation, run multiple versions of an operating system on a single server, and are
rapidly and easily deployed. With this technology, Rackspace creates a standard set of containers and associates those containers to a specific OpenStack release.
2.4. Networking
To simplify networking, RPC uses the Neutron Linux Bridge agent. The agent lets RPC isolate OpenStack networking (Neutron) and compute (Nova) components into separate con3
Rackspace Private Cloud v9.0
Software Release Notes
February 18, 2015
RPC v9.0.6
tainers. With Linux Bridge, Neutron can create bridges, namespaces, veth pairs, tunnel interfaces, and tagged sub-interfaces, which are fully encapsulated in its containers.
Containers using Linux Bridge also offer scalability and the ability to work around the Icehouse restriction of one external network per L3 agent. On the container hosts, you can
use a simple network configuration that consists of as many standard Linux bridges as you
have provider networks that you want to expose to OpenStack.
2.5. Database architecture
To improve performance and affordability, RPC uses MariaDB plus Galera. MariaDB is an
easy to configure, open source database that is highly compatible with MySQL. Galera is
a set of libraries that enable a true multi-master cluster based on synchronous replication.
Writes on each node are synchronized simultaneously. Galera clusters work with MariaDB
or other databases compatible with MySQL.
Galera clusters are easily scalable and have no maximum size or node limit. Restrictions on
the number of nodes are based only on the capabilities of the load balancer, the amount of
bandwidth available, and space in the physical cabinet.
Rackspace has improved the service components. The messaging and database services are
installed in clusters. A logging server helps you identify and fix errors. These improvements
help make your cloud more efficient and stable.
2.6. Logging
RPC uses the ELK stack (Elasticsearch, Logstash, and Kibana) for data analytics, logging,
and data visualization. Elasticsearch is a powerful, distributed search and analytics engine.
Logstash parses logs into standard JSON format for readability and ease of processing.
Kibana's simple and highly configurable interactive dashboard gives you near real-time insight to identify possible problems, spot trends, and maximize business value.
2.7. Changes in v9.0.4 to v9.0.6
Rackspace Private Cloud v9.0.6 Software uses open source Ansible playbooks (now available at github.com/stackforge/os-ansible-deployment) to deploy OpenStack.
• For changes in version 9.0.6, see openstack-ansible v9.0.6.
• Because of a change in source repositories, the best way to find changes in versions 9.0.4
and 9.0.5 is to refer to the comparison at openstack-ansible 9.0.3...9.0.5.
• For changes tagged in version 9.0.4, see openstack-ansible v9.0.4.
2.8. Changes in v9.0.3
The following changes have been made in Rackspace Private Cloud v9.0.3 Software. The related GitHub issue number is listed when available.
• Recursive chown of /usr/local/lib/python2.7/dist-packages to wwwdata:www-data has been removed. (Issue #367)
4
Rackspace Private Cloud v9.0
Software Release Notes
February 18, 2015
RPC v9.0.6
• Alarms have been created for discovered devices. (Issue #430)
• An issue with Galera startup errors has been resolved by increasing the Galera startup
timeout. (Issue #411 and Issue #413)
• A local socket is used for MySQL client connection. (Issue #411 and Issue #413)
• A MySQL root password can now be used to shutdown MySQL. (Issue #412)
2.9. Changes in v9.0.2
The following changes have been made in Rackspace Private Cloud v9.0.2 Software. The related GitHub issue number is listed when available.
• Delay time and retries for LXC cache download have been increased. (Issue #449)
• /etc/cinder/cinder.conf has been updated with a cinder availability zone variable. (Issue #458)
• An empty authorized_keys file has been created to resolve an issue with compute
nodes failing to build the file. (Issue #478)
• A misspelling of limit_container_types in the rpc_user_config.yml file has
been fixed. (Issue #480)
• The {{ansible_fqdn}} variable was added to the mass_local.yml for service
checks on a physical host. (Issue #452)
• The OS file limit for MariaDB Galera container has been increased. (Issue #410)
• The mysql_max_connections variable was added to rpc_deployment/roles/
galera_config/templates/my.cnf to configure Galera and MySQL. (Issue #429)
• SSH timeout in rpc_deployment/ansible.cfg has been increased to resolve intermittent SSH failures to containers. (Issue #358)
• Pip installation and wheel building processes have been improved. (Issue #443)
• An lxc-system-manage script has been created to manage LXC hosts. (Issue #434)
• A misspelling in the rpc_deployment/roles/kibana/templates/Next-GenRPC.json, which caused Kibana dashboard to not load, has been resolved. (Issue #438)
• A state file has been created for each log file to resolve an issue with rsyslog. (Issue #205)
• The release version was changed to match the branch. (Issue #421)
• A error with MaaS alarm creation for customers without a cloud account has been resolved. (Issue #402)
• A Galera alarm has been added. (Issue #403)
• An issue with the spice-html5 package not being installed by the nova-spice-console playbook has been resolved. (Issue #347)
5
Rackspace Private Cloud v9.0
Software Release Notes
February 18, 2015
RPC v9.0.6
• An issue with Neutron HA cron jobs affecting other cron jobs has been resolved. (Issue
#383 and Issue #378)
2.10. Changes in v9.0.1
The following changes have been made in Rackspace Private Cloud v9.0.1 Software. The related GitHub issue number is listed when available.
OpenStack Compute
• Errors were generated if the nova_virt_type variable in the user_variables.yml
file was not set. This has been resolved by specifying KVM as the default hypervisor in the
virt_type variable. (Issue #242)
• Added filters to the nova scheduler to prevent overloading the host. (Issue #156)
OpenStack Image Service
• Replaced rackspace_cloudfiles_tenant_id with
rackspace_cloud_tenant_id in the user_variables.yml file. (Issue #281)
OpenStack Block Storage
• Previously, cinder could not use a storage network. This has been resolved by setting iSCSI options in the cinder.conf file. (Issue #328)
• The Cinder API would not start up when running the OpenStack playbook for the first
time. This issue has been resolved. (Issue #261)
OpenStack dashboard
• Previously, online compression of CSS and JS files would result in a 404 error message.
This issue has been fixed. (Issue #176)
Rackspace Private Cloud monitoring
• Previously, an existing monitoring token was used before running MaaS-related playbooks. This has changed to creating a token for each entity and configuring the maasagent to use the token. (Issue #263)
• Running the monitoring playbook generated an error about a missing pip dependency.
This issue has been resolved. (Issue #252)
Other issues
• An issue with Heat and Horizon logs not propagating to the logging server has been resolved. (Issue #130)
• Tempest will now download a bootable CirrOS image package. (Issue #333)
• An issue has been resolved with the HAProxy timeout displaying in milliseconds instead
of seconds if the hap_timeout_client and hap_timeout_server variables are not
set in the haproxy_config.yml file. (Issue #320)
6
Rackspace Private Cloud v9.0
Software Release Notes
February 18, 2015
RPC v9.0.6
• LXC cloning operations reported a failure error if a new container already exists. This issue has been resolved. (Issue #312)
• URL links to OpenStack repositories are changed to improve deployment performance
and reliability. (Issue #188)
• White space errors in command lines have been resolved. (Issue #192)
• Tempest has been added to validate RPC deployment. (Issue #227)
• A Tempest users section to the rpc_deployment/roles/tempest_resources/
tasks/main.yml file has been added. (Issue #253)
• The occurrence of deadlocks in a MariaDB Galera cluster has been minimized. (Issue
#290)
• A misspelling of the irqbalance template has been fixed. (Issue #199)
• An issue with hint messages being listed for a high traffic cluster has been resolved. (Issue
#161)
• The default hypervisor has been changed to KVM. (Issue #147)
• The Galera xtrabackup cron job was incorrectly written and would fail. This issue has
been fixed.
7
Rackspace Private Cloud v9.0
Software Release Notes
February 18, 2015
RPC v9.0.6
3. Installation
The Rackspace Private Cloud v9.0 Software installation has been automated with Ansible
playbooks. For detailed installation instructions, see the Rackspace Private Cloud Installation Guide.
8
Rackspace Private Cloud v9.0
Software Release Notes
February 18, 2015
RPC v9.0.6
4. Upgrading
This chapter describes the process for upgrading an environment between minor releases,
and patch releases.
The upgrade process interrupts cloud management including APIs and the dashboard.
However, cloud instances and services such as networking and storage should continue to
operate normally. Inform users of the potential impacts of the upgrade process.
4.1. Prerequisites
1.
Perform a full backup of the environment including the source repository.
2.
Clone the version 9.0.x repository into the /opt directory:
# cd /opt
# git clone -b 9.0.6 https://github.com/stackforge/os-ansible-deployment.
git
3.
Review the new configuration files in the /opt/os-ansible-deployment/etc/
rpc_deploy directory. Compare them with the existing configuration files in the /
etc/rpc_deploy directory and with the Release Notes to determine new features,
improvements, and changes.
4.
For typical deployments, update the existing rpc_user_config.yml and
user_variables.yml files in the /etc/rpc_deploy directory and copy the new
rpc_environment.yml file into the /etc/rpc_deploy directory.
Note
New features might require defining additional passwords in the
user_environment.yml file.
4.1.1. Upgrading to v9.0.6
For a patch release upgrade to v9.0.6, delete all alarms (not checks) that are associated
with RabbitMQ or Galera plugins using the Cloud Control Panel or API. For example, on
each node this will include:
• rabbitmq_disk_free_alarm_status--nodename
• rabbitmq_mem_alarm_status--nodename
• wsrep_local_state--nodename
• wsrep_cluster_size--nodename
Note
This step is not required when upgrading future patch releases from v9.0.6.
9
Rackspace Private Cloud v9.0
Software Release Notes
February 18, 2015
RPC v9.0.6
4.2. Performing the upgrade
1.
Navigate to the /opt/os-ansible-deployment/rpc_deployment directory.
2.
Run the host setup playbook, which runs a series of sub-playbooks:
$ ansible-playbook -e @/etc/rpc_deploy/user_variables.yml \
playbooks/setup/host-setup.yml
Confirm satisfactory completion with zero items unreachable or failed:
PLAY RECAP
********************************************************************
...
deployment_host
: ok=18
changed=11
unreachable=0
failed=0
3.
Run the infrastructure setup playbook, which runs a series of sub-playbooks:
$ ansible-playbook -e @/etc/rpc_deploy/user_variables.yml \
playbooks/infrastructure/infrastructure-setup.yml
Confirm satisfactory completion with zero items unreachable or failed:
PLAY RECAP
********************************************************************
...
deployment_host
: ok=27
changed=0
unreachable=0
failed=0
4.
Run the OpenStack setup playbook, which runs a series of sub-playbooks:
$ ansible-playbook -e @/etc/rpc_deploy/user_variables.yml \
playbooks/openstack/openstack-setup.yml
Confirm satisfactory completion with zero items unreachable or failed:
PLAY RECAP
********************************************************************
...
deployment_host
: ok=27
changed=0
unreachable=0
failed=0
5.
(Optional) If adding Object Storage to the environment, see the Object Storage Deployment Guide.
4.3. Verifying the upgrade
Procedure 4.1. Verifying the API
1.
Access the utility container.
10
Rackspace Private Cloud v9.0
Software Release Notes
February 18, 2015
2.
Source the admin tenant credentials.
3.
Run an OpenStack command that uses one or more APIs. For example:
RPC v9.0.6
$ keystone user-list
+----------------------------------+----------+---------+-------+
|
id
|
name
| enabled | email |
+----------------------------------+----------+---------+-------+
| 090c1023d0184a6e8a70e26a5722710d | admin
|
True |
|
| 239e04cd3f7d49929c7ead506d118e40 | cinder |
True |
|
| e1543f70e56041679c013612bccfd4ee | cinderv2 |
True |
|
| bdd2df09640e47888f819057c8e80f04 |
demo
|
True |
|
| 453dc7932df64cc58e36bf0ac4f64d14 |
ec2
|
True |
|
| 257da50c5cfb4b7c9ca8334bc096f344 | glance |
True |
|
| 6e0bc047206f4f5585f7b700a8ed6e94 |
heat
|
True |
|
| 187ee2e32eec4293a3fa243fa21f6dd9 | keystone |
True |
|
| dddaca4b39194dc4bcefd0bae542c60a | neutron |
True |
|
| f1c232f9d53c4adabb54101ccefaefce |
nova
|
True |
|
| fdfbda23668c4980990708c697384050 | novav3 |
True |
|
| 744069c771d84f1891314388c1f23686 |
s3
|
True |
|
| 4e7fdfda8d14477f902eefc8731a7fdb | swift
|
True |
|
+----------------------------------+----------+---------+-------+
Procedure 4.2. Verifying the dashboard
•
Using a web browser, access the dashboard and verify operation of cloud objects.
11
Rackspace Private Cloud v9.0
Software Release Notes
February 18, 2015
RPC v9.0.6
5. Reference architecture
The Rackspace Private Cloud (RPC) software and reference architecture deliver a stable
and scalable production-ready private cloud powered by OpenStack. RPC is designed and
built by the experts who co-founded OpenStack and run one of the world’s largest OpenStack-powered clouds. RPC v10 software is built on the Juno release of OpenStack. For
more information, see www.rackspace.com/cloud/private/openstack/.
The RPC reference architecture is a recommended set of software and infrastructure components designed to provide the scalability, stability, and high availability you need to support enterprise production workloads. Additionally, every RPC customer has access to our
team of architecture advisors who provide workload-specific guidance for planning, designing, and architecting a private cloud environment to help meet your unique needs.
RPC v9 Software is composed of OpenStack services, automation, and tooling. Services are
grouped into logical layers, each providing key aspects of the overall solution. The following are the layers and their contents:
• Rackspace Fanatical Support and training
• Operations tooling layer
• Ansible
• Capacity planning
• Cloud monitoring (MaaS)
• Presentation Layer - Dashboard (horizon)
• Orchestration layer (heat)
• Heat-API
• Heat-API-CFN
• Heat-Engine
• Heat templates
• CloudFormation (CFN) template
• Infrastructure as a service layer
• Block Storage (cinder)
• Compute (nova)
• Identity (keystone)
• Image Service (glance)
• Networking (neutron)
12
Rackspace Private Cloud v9.0
Software Release Notes
February 18, 2015
• Deployment automation layer
• Ansible
• LXC
• OpenStack source
• Infrastructure database
• MariaDB
• Galera
• Infrastructure message queue
• RabbitMQ
• RabbitMQ clustering
13
RPC v9.0.6
Rackspace Private Cloud v9.0
Software Release Notes
February 18, 2015
RPC v9.0.6
6. Support
Rackspace provides support for the OpenStack software layer 24x7x365, no matter where
you run your cloud. Deploy in your own data center, or host it with us, and we'll quickly
provision, maintain, and scale your infrastructure for you. Whether you need us to fully
monitor and manage your private cloud or just respond to support requests, we can help.
RPC is backed by a team of OpenStack experts, a response time SLA, and an OpenStack
API uptime guarantee. Rackspace worked with NASA to launch OpenStack, so we know
it better than anyone else. We are a top contributor to OpenStack development, so you'll
benefit from our deep expertise even as OpenStack evolves. For more information, see
www.rackspace.com/cloud/private/openstack/support/.
Because RPC v9 is significantly improved from older versions, there is no direct upgrade
path. However, Rackspace has developed a full transition plan to get you upgraded to the
new architecture, and will continue to support your existing installation for up to twelve
months. Speak to your Rackspace Account Manager to get a personalized transition plan
for your environment. Included in this transition plan are scaling services independently (for
example, RabbitMQ) and encrypting all API calls with SSL termination at a physical load balancer. Depending on your transition plan, support is across Rackspace and customer data
centers.
14
Rackspace Private Cloud v9.0
Software Release Notes
February 18, 2015
RPC v9.0.6
7. Known Issues
The following issues have been identified in Rackspace Private Cloud v9.
File injection best practice
When file injection is needed, Rackspace recommends
enabling config-drive so that cloud-init can
copy files to an instance. When performed manually,
set the --config-drive attribute to true in the nova
boot command, as in the following example.
$ nova boot --config_drive=true --file /root/
openrc=/root/openrc \
--flavor 1 --image cirros-image
You can also set an override attribute in your environment that enforces the use of config-drive at all
times.
"nova": {
"config":
"force_config_drive": true
}
}
Nova ignores block storage device names
When attaching a volume, nova ignores the specified
block storage device and instead places the volume in
the next sequential device. This is a known OpenStack
bug. More information is available in the reports for
OpenStack bug 108830 and RHEL bug 693372.
OpenStack security vulnerabilities
There are potential security vulnerabilities in certain
OpenStack components and third party tools such as
OpenSSL. For more information, see the following links:
• https://wiki.openstack.org/wiki/OSSN/OSSN-0039
• https://wiki.openstack.org/wiki/OSSN/OSSN-0025
• https://wiki.openstack.org/wiki/Security_Notes#Published_Security_Notes
Broken Nova instance when performing a live migration
An issue with libvirt whereby a Nova instance will be
broken when a live migration is performed using a configuration drive with a read-only device, such as a CDROM. For more information, see OpenStack Nova bug
1246201.
Data corruption with qemu-img
command
The qemu-img command intermittently creates corrupted output images, when the input image is not yet fully synchronised to disk. For more information, refer to
OpenStack Nova bug 1368815 and the tracking page
for OpenStack Nova bug 1368815.
15
Rackspace Private Cloud v9.0
Software Release Notes
February 18, 2015
RPC v9.0.6
Live migration with attached
Cinder volumes is slow and corrupts data
When an instance with attached Cinder volumes is block
migrated, the Cinder volumes are also block migrated.
If they exist on shared storage, they will be copied over
the network to themselves. This causes migration to be
slow, de-sparses a sparse volume, and could potentially
cause data corruption. For more information, see OpenStack Nova bug 1398999.
Eventlet library breaks nova-manage
Eventlet library causes libvirt to stop working in Nova.
For more information, see OpenStack bug 1419453.
16
Rackspace Private Cloud v9.0
Software Release Notes
February 18, 2015
RPC v9.0.6
8. Additional resources
These additional resources are designed help you learn more about the Rackspace Private
Cloud Software and OpenStack.
• If you are an advanced user and are comfortable with APIs, the OpenStack API documentation is available in the OpenStack API Documentation library.
• OpenStack API Quick Start
• Programming OpenStack Compute API
• OpenStack Compute Developer Guide
• Rackspace Private Cloud Knowledge Center
• OpenStack Manuals
• OpenStack API Reference
• OpenStack - Nova Developer Documentation
• OpenStack - Glance Developer Documentation
• OpenStack - Keystone Developer Documentation
• OpenStack - Horizon Developer Documentation
• OpenStack - Cinder Developer Documentation
8.1. Document Change History
This version replaces and obsoletes all previous versions. The most recent set of changes are
listed in the following table:
Revision Date
Summary of Changes
September 25, 2014
• Rackspace Private Cloud v9 Software General Availability release
August 28, 2014
• Rackspace Private Cloud v9 Software Limited Availability release
October 31, 2014
• Rackspace Private Cloud v9.0.1 Software release
November 7, 2014
• Rackspace Private Cloud v9.0.2 Software release
November 26, 2014
• Rackspace Private Cloud v9.0.3 Software release
December 5, 2015
• Rackspace Private Cloud v9.0.4 Software release
January 7, 2015
• Rackspace Private Cloud v9.0.5 Software release
January 30, 2015
• Rackspace Private Cloud v9.0.6 Software release
17