Trove Multi-Tenancy
Lingxian Kong
anlin.kong at gmail.com
Mon Feb 8 09:59:53 UTC 2021
In Trove's case, I would suggest to consider the flavor/volume of the
instance and floating IP if instance is public.
---
Lingxian Kong
Senior Cloud Engineer (Catalyst Cloud)
Trove PTL (OpenStack)
OpenStack Cloud Provider Co-Lead (Kubernetes)
On Mon, Feb 8, 2021 at 5:51 PM Ammad Syed <syedammad83 at gmail.com> wrote:
> Hi Lingxian,
>
> You are right, the user has access to the database instance and that is
> what a user expects from Database as a Service. I was thinking as a cloud
> operator keeping in view the billing perspective, we usually do billing in
> terms of nova instance. Here we need to change our approach.
>
> Ammad Ali
>
> On Fri, Feb 5, 2021 at 3:08 PM Lingxian Kong <anlin.kong at gmail.com> wrote:
>
>> There are several config options you can change to support this model:
>>
>> [DEFAULT]
>> remote_nova_client = trove.common.clients.nova_client
>> remote_neutron_client = trove.common.clients.neutron_client
>> remote_cinder_client = trove.common.clients.cinder_client
>> remote_glance_client = trove.common.clients.glance_client
>>
>> *However, those configs are extremely not recommended and not maintained
>> any more in Trove, *which means, function may broken in this case.
>>
>> The reasons are many folds. Apart from the security reason, one important
>> thing is, Trove is a database as a service, what the cloud user is getting
>> from Trove are the access to the database and some management APIs for
>> database operations, rather than a purely Nova VM that has a database
>> installed and can be accessed by the cloud user. If you prefer this model,
>> why not just create Nova VM on your own and manually install database
>> software so you have more control of that?
>>
>> ---
>> Lingxian Kong
>> Senior Cloud Engineer (Catalyst Cloud)
>> Trove PTL (OpenStack)
>> OpenStack Cloud Provider Co-Lead (Kubernetes)
>>
>>
>> On Fri, Feb 5, 2021 at 6:52 PM Ammad Syed <syedammad83 at gmail.com> wrote:
>>
>>> Hello Kong,
>>>
>>> I am using latest victoria release and trove 14.0.
>>>
>>> Yes you are right, this is exactly happening. All the nova instances are
>>> in trove user service project. From my admin user i am only able to list
>>> database instances.
>>>
>>> Is it possible that all nova instances should also deploy in any tenant
>>> project i.e if i am deploying database instance from admin user having
>>> adminproject and default domain the nova instance should be in adminproject
>>> rather then trove service project.
>>>
>>> Ammad
>>> Sent from my iPhone
>>>
>>> On Feb 5, 2021, at 1:49 AM, Lingxian Kong <anlin.kong at gmail.com> wrote:
>>>
>>>
>>> Hi Syed,
>>>
>>> What's the trove version you've deployed?
>>>
>>> From your configuration, once a trove instance is created, a nova server
>>> is created in the "service" project, as trove user, you can only show the
>>> trove instance.
>>>
>>> ---
>>> Lingxian Kong
>>> Senior Cloud Engineer (Catalyst Cloud)
>>> Trove PTL (OpenStack)
>>> OpenStack Cloud Provider Co-Lead (Kubernetes)
>>>
>>>
>>> On Fri, Feb 5, 2021 at 12:40 AM Ammad Syed <syedammad83 at gmail.com>
>>> wrote:
>>>
>>>> Hi,
>>>>
>>>> I have deployed trove and database instance deployment is successful.
>>>> But the problem is all the database servers are being created in service
>>>> account i.e openstack instance list shows the database instances in admin
>>>> user but when I check openstack server list the database instance won't
>>>> show up here, its visible in trove service account.
>>>>
>>>> Can you please advise how the servers will be visible in admin account
>>>> ? I want to enable multi-tenancy.
>>>>
>>>> Below is the configuration
>>>>
>>>> [DEFAULT]
>>>> log_dir = /var/log/trove
>>>> # RabbitMQ connection info
>>>> transport_url = rabbit://openstack:password@controller
>>>> control_exchange = trove
>>>> trove_api_workers = 5
>>>> network_driver = trove.network.neutron.NeutronDriver
>>>> taskmanager_manager = trove.taskmanager.manager.Manager
>>>> default_datastore = mysql
>>>> cinder_volume_type = database_storage
>>>> reboot_time_out = 300
>>>> usage_timeout = 900
>>>> agent_call_high_timeout = 1200
>>>>
>>>> nova_keypair = trove-key
>>>>
>>>> debug = true
>>>> trace = true
>>>>
>>>> # MariaDB connection info
>>>> [database]
>>>> connection = mysql+pymysql://trove:password@mariadb01/trove
>>>>
>>>> [mariadb]
>>>> tcp_ports = 3306,4444,4567,4568
>>>>
>>>> [mysql]
>>>> tcp_ports = 3306
>>>>
>>>> [postgresql]
>>>> tcp_ports = 5432
>>>>
>>>> [redis]
>>>> tcp_ports = 6379,16379
>>>>
>>>> # Keystone auth info
>>>> [keystone_authtoken]
>>>> www_authenticate_uri = http://controller:5000
>>>> auth_url = http://controller:5000
>>>> memcached_servers = controller:11211
>>>> auth_type = password
>>>> project_domain_name = default
>>>> user_domain_name = default
>>>> project_name = service
>>>> username = trove
>>>> password = servicepassword
>>>>
>>>> [service_credentials]
>>>> auth_url = http://controller:5000
>>>> region_name = RegionOne
>>>> project_domain_name = default
>>>> user_domain_name = default
>>>> project_name = service
>>>> username = trove
>>>> password = servicepassword
>>>>
>>>> --
>>>> Regards,
>>>>
>>>>
>>>> Syed Ammad Ali
>>>>
>>>
>
> --
> Regards,
>
>
> Syed Ammad Ali
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20210208/b9e3f53c/attachment.html>
More information about the openstack-discuss
mailing list