Trove Multi-Tenancy

Lingxian Kong anlin.kong at gmail.com
Fri Feb 5 10:08:10 UTC 2021


There are several config options you can change to support this model:

[DEFAULT]
remote_nova_client = trove.common.clients.nova_client
remote_neutron_client = trove.common.clients.neutron_client
remote_cinder_client = trove.common.clients.cinder_client
remote_glance_client = trove.common.clients.glance_client

*However, those configs are extremely not recommended and not maintained
any more in Trove, *which means, function may broken in this case.

The reasons are many folds. Apart from the security reason, one important
thing is, Trove is a database as a service, what the cloud user is getting
from Trove are the access to the database and some management APIs for
database operations, rather than a purely Nova VM that has a database
installed and can be accessed by the cloud user. If you prefer this model,
why not just create Nova VM on your own and manually install database
software so you have more control of that?

---
Lingxian Kong
Senior Cloud Engineer (Catalyst Cloud)
Trove PTL (OpenStack)
OpenStack Cloud Provider Co-Lead (Kubernetes)


On Fri, Feb 5, 2021 at 6:52 PM Ammad Syed <syedammad83 at gmail.com> wrote:

> Hello Kong,
>
> I am using latest victoria release and trove 14.0.
>
> Yes you are right, this is exactly happening. All the nova instances are
> in trove user service project. From my admin user i am only able to list
> database instances.
>
> Is it possible that all nova instances should also deploy in any tenant
> project i.e if i am deploying database instance from admin user having
> adminproject and default domain the nova instance should be in adminproject
> rather then trove service project.
>
> Ammad
> Sent from my iPhone
>
> On Feb 5, 2021, at 1:49 AM, Lingxian Kong <anlin.kong at gmail.com> wrote:
>
> 
> Hi Syed,
>
> What's the trove version you've deployed?
>
> From your configuration, once a trove instance is created, a nova server
> is created in the "service" project, as trove user, you can only show the
> trove instance.
>
> ---
> Lingxian Kong
> Senior Cloud Engineer (Catalyst Cloud)
> Trove PTL (OpenStack)
> OpenStack Cloud Provider Co-Lead (Kubernetes)
>
>
> On Fri, Feb 5, 2021 at 12:40 AM Ammad Syed <syedammad83 at gmail.com> wrote:
>
>> Hi,
>>
>> I have deployed trove and database instance deployment is successful. But
>> the problem is all the database servers are being created in service
>> account i.e openstack instance list shows the database instances in admin
>> user but when I check openstack server list the database instance won't
>> show up here, its visible in trove service account.
>>
>> Can you please advise how the servers will be visible in admin account ?
>> I want to enable multi-tenancy.
>>
>> Below is the configuration
>>
>> [DEFAULT]
>> log_dir = /var/log/trove
>> # RabbitMQ connection info
>> transport_url = rabbit://openstack:password@controller
>> control_exchange = trove
>> trove_api_workers = 5
>> network_driver = trove.network.neutron.NeutronDriver
>> taskmanager_manager = trove.taskmanager.manager.Manager
>> default_datastore = mysql
>> cinder_volume_type = database_storage
>> reboot_time_out = 300
>> usage_timeout = 900
>> agent_call_high_timeout = 1200
>>
>> nova_keypair = trove-key
>>
>> debug = true
>> trace = true
>>
>> # MariaDB connection info
>> [database]
>> connection = mysql+pymysql://trove:password@mariadb01/trove
>>
>> [mariadb]
>> tcp_ports = 3306,4444,4567,4568
>>
>> [mysql]
>> tcp_ports = 3306
>>
>> [postgresql]
>> tcp_ports = 5432
>>
>> [redis]
>> tcp_ports = 6379,16379
>>
>> # Keystone auth info
>> [keystone_authtoken]
>> www_authenticate_uri = http://controller:5000
>> auth_url = http://controller:5000
>> memcached_servers = controller:11211
>> auth_type = password
>> project_domain_name = default
>> user_domain_name = default
>> project_name = service
>> username = trove
>> password = servicepassword
>>
>> [service_credentials]
>> auth_url = http://controller:5000
>> region_name = RegionOne
>> project_domain_name = default
>> user_domain_name = default
>> project_name = service
>> username = trove
>> password = servicepassword
>>
>> --
>> Regards,
>>
>>
>> Syed Ammad Ali
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20210205/e31e32a8/attachment.html>


More information about the openstack-discuss mailing list