Open Stack

Hi Lingxian,

You are right, the user has access to the database instance and that is
what a user expects from Database as a Service. I was thinking as a cloud
operator keeping in view the billing perspective, we usually do billing in
terms of nova instance. Here we need to change our approach.

Ammad Ali

On Fri, Feb 5, 2021 at 3:08 PM Lingxian Kong <anlin.kong at gmail.com> wrote:

> There are several config options you can change to support this model:
>
> [DEFAULT]
> remote_nova_client = trove.common.clients.nova_client
> remote_neutron_client = trove.common.clients.neutron_client
> remote_cinder_client = trove.common.clients.cinder_client
> remote_glance_client = trove.common.clients.glance_client
>
> *However, those configs are extremely not recommended and not maintained
> any more in Trove, *which means, function may broken in this case.
>
> The reasons are many folds. Apart from the security reason, one important
> thing is, Trove is a database as a service, what the cloud user is getting
> from Trove are the access to the database and some management APIs for
> database operations, rather than a purely Nova VM that has a database
> installed and can be accessed by the cloud user. If you prefer this model,
> why not just create Nova VM on your own and manually install database
> software so you have more control of that?
>
> ---
> Lingxian Kong
> Senior Cloud Engineer (Catalyst Cloud)
> Trove PTL (OpenStack)
> OpenStack Cloud Provider Co-Lead (Kubernetes)
>
>
> On Fri, Feb 5, 2021 at 6:52 PM Ammad Syed <syedammad83 at gmail.com> wrote:
>
>> Hello Kong,
>>
>> I am using latest victoria release and trove 14.0.
>>
>> Yes you are right, this is exactly happening. All the nova instances are
>> in trove user service project. From my admin user i am only able to list
>> database instances.
>>
>> Is it possible that all nova instances should also deploy in any tenant
>> project i.e if i am deploying database instance from admin user having
>> adminproject and default domain the nova instance should be in adminproject
>> rather then trove service project.
>>
>> Ammad
>> Sent from my iPhone
>>
>> On Feb 5, 2021, at 1:49 AM, Lingxian Kong <anlin.kong at gmail.com> wrote:
>>
>> 
>> Hi Syed,
>>
>> What's the trove version you've deployed?
>>
>> From your configuration, once a trove instance is created, a nova server
>> is created in the "service" project, as trove user, you can only show the
>> trove instance.
>>
>> ---
>> Lingxian Kong
>> Senior Cloud Engineer (Catalyst Cloud)
>> Trove PTL (OpenStack)
>> OpenStack Cloud Provider Co-Lead (Kubernetes)
>>
>>
>> On Fri, Feb 5, 2021 at 12:40 AM Ammad Syed <syedammad83 at gmail.com> wrote:
>>
>>> Hi,
>>>
>>> I have deployed trove and database instance deployment is successful.
>>> But the problem is all the database servers are being created in service
>>> account i.e openstack instance list shows the database instances in admin
>>> user but when I check openstack server list the database instance won't
>>> show up here, its visible in trove service account.
>>>
>>> Can you please advise how the servers will be visible in admin account ?
>>> I want to enable multi-tenancy.
>>>
>>> Below is the configuration
>>>
>>> [DEFAULT]
>>> log_dir = /var/log/trove
>>> # RabbitMQ connection info
>>> transport_url = rabbit://openstack:password@controller
>>> control_exchange = trove
>>> trove_api_workers = 5
>>> network_driver = trove.network.neutron.NeutronDriver
>>> taskmanager_manager = trove.taskmanager.manager.Manager
>>> default_datastore = mysql
>>> cinder_volume_type = database_storage
>>> reboot_time_out = 300
>>> usage_timeout = 900
>>> agent_call_high_timeout = 1200
>>>
>>> nova_keypair = trove-key
>>>
>>> debug = true
>>> trace = true
>>>
>>> # MariaDB connection info
>>> [database]
>>> connection = mysql+pymysql://trove:password@mariadb01/trove
>>>
>>> [mariadb]
>>> tcp_ports = 3306,4444,4567,4568
>>>
>>> [mysql]
>>> tcp_ports = 3306
>>>
>>> [postgresql]
>>> tcp_ports = 5432
>>>
>>> [redis]
>>> tcp_ports = 6379,16379
>>>
>>> # Keystone auth info
>>> [keystone_authtoken]
>>> www_authenticate_uri = http://controller:5000
>>> auth_url = http://controller:5000
>>> memcached_servers = controller:11211
>>> auth_type = password
>>> project_domain_name = default
>>> user_domain_name = default
>>> project_name = service
>>> username = trove
>>> password = servicepassword
>>>
>>> [service_credentials]
>>> auth_url = http://controller:5000
>>> region_name = RegionOne
>>> project_domain_name = default
>>> user_domain_name = default
>>> project_name = service
>>> username = trove
>>> password = servicepassword
>>>
>>> --
>>> Regards,
>>>
>>>
>>> Syed Ammad Ali
>>>
>>

-- 
Regards,


Syed Ammad Ali
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20210208/187c3b61/attachment.html>