Install and configure for Ubuntu

This section describes how to install and configure the Data Protection service for Ubuntu 14.04 (LTS) and Ubuntu 16.04 (LTS).

Prerequisites

Before you install and configure Data Protection service, you must create a database, service credentials, and API endpoints. Data Protection service also requires additional information in the Identity service.

  1. To create the database, complete these steps:

    • Use the database access client to connect to the database server as the root user:

      $ mysql -u root -p
      
    • Create the karbor database:

      CREATE DATABASE karbor;
      
    • Grant proper access to the karbor database:

      GRANT ALL PRIVILEGES ON karbor.* TO 'karbor'@'localhost' IDENTIFIED BY 'KARBOR_DBPASS';
      GRANT ALL PRIVILEGES ON karbor.* TO 'karbor'@'%' IDENTIFIED BY 'KARBOR_DBPASS';
      

      Replace KARBOR_DBPASS with a suitable password.

    • Exit the database access client.

  2. Source the admin credentials to gain access to admin-only CLI commands:

    $ . admin-openrc
    
  3. To create the service credentials, complete these steps:

    • Create the karbor user:

      $ openstack user create --domain default --password-prompt karbor
      User Password:
      Repeat User Password:
      +-----------+----------------------------------+
      | Field     | Value                            |
      +-----------+----------------------------------+
      | domain_id | e0353a670a9e496da891347c589539e9 |
      | enabled   | True                             |
      | id        | ca2e175b851943349be29a328cc5e360 |
      | name      | karbor                           |
      +-----------+----------------------------------+
      
    • Add the admin role to the karbor user:

      $ openstack role add --project service --user karbor admin
      

      Note

      This command provides no output.

    • Create the karbor service entities:

      $ openstack service create --name karbor --description "Application Data Protection Service" data-protect
      +-------------+-------------------------------------+
      | Field       | Value                               |
      +-------------+-------------------------------------+
      | description | Application Data Protection Service |
      | enabled     | True                                |
      | id          | 727841c6f5df4773baa4e8a5ae7d72eb    |
      | name        | karbor                              |
      | type        | data-protect                        |
      +-------------+-------------------------------------+
      
  4. Create the Data Protection service API endpoints:

    $ openstack endpoint create --region RegionOne data-protect public http://controller:8799/v1/%\(project_id\)s
    +--------------+------------------------------------------+
    | Field        | Value                                    |
    +--------------+------------------------------------------+
    | enabled      | True                                     |
    | id           | 3f4dab34624e4be7b000265f25049609         |
    | interface    | public                                   |
    | region       | RegionOne                                |
    | region_id    | RegionOne                                |
    | service_id   | 727841c6f5df4773baa4e8a5ae7d72eb         |
    | service_name | karbor                                   |
    | service_type | data-protect                             |
    | url          | http://controller:8799/v1/%(project_id)s |
    +--------------+------------------------------------------+
    
    $ openstack endpoint create --region RegionOne data-protect internal http://controller:8799/v1/%\(project_id\)s
    +--------------+------------------------------------------+
    | Field        | Value                                    |
    +--------------+------------------------------------------+
    | enabled      | True                                     |
    | id           | 3f4dab34624e4be7b000265f25049609         |
    | interface    | internal                                 |
    | region       | RegionOne                                |
    | region_id    | RegionOne                                |
    | service_id   | 727841c6f5df4773baa4e8a5ae7d72eb         |
    | service_name | karbor                                   |
    | service_type | data-protect                             |
    | url          | http://controller:8799/v1/%(project_id)s |
    +--------------+------------------------------------------+
    
    $ openstack endpoint create --region RegionOne data-protect admin http://controller:8799/v1/%\(project_id\)s
    +--------------+------------------------------------------+
    | Field        | Value                                    |
    +--------------+------------------------------------------+
    | enabled      | True                                     |
    | id           | 3f4dab34624e4be7b000265f25049609         |
    | interface    | admin                                    |
    | region       | RegionOne                                |
    | region_id    | RegionOne                                |
    | service_id   | 727841c6f5df4773baa4e8a5ae7d72eb         |
    | service_name | karbor                                   |
    | service_type | data-protect                             |
    | url          | http://controller:8799/v1/%(project_id)s |
    +--------------+------------------------------------------+
    

Install and configure components

  1. Install the packages:

    # pip install karbor
    
  1. Edit the /etc/karbor/karbor.conf file and complete the following actions:

    • In the [database] section, configure database access:

      [database]
      ...
      connection = mysql+pymysql://karbor:KARBOR_DBPASS@controller/karbor
      

      Replace KARBOR_DBPASS with the password you chose for the Data Protection database.

    • In the [DEFAULT] section, configure RabbitMQ message queue access:

      [DEFAULT]
      ...
      transport_url = rabbit://openstack:RABBIT_PASS@controller:5672
      

      Replace RABBIT_PASS with the password you chose for the openstack account in RabbitMQ.

    • In the [keystone_authtoken], [trustee], [clients_keystone], and [karbor_client] sections, configure Identity service access:

      [keystone_authtoken]
      ...
      www_authenticate_uri = http://keystone1.example.com/identity
      auth_url = http://controller/identity_admin
      auth_type = password
      project_domain_name = default
      user_domain_name = default
      project_name = service
      username = karbor
      password = KARBOR_PASS
      
      [trustee]
      ...
      auth_type = password
      auth_url = http://controller/identity_admin
      username = karbor
      password = KARBOR_PASS
      user_domain_name = default
      
      [clients_keystone]
      ...
      auth_uri = http://controller/identity_admin
      
      [karbor_client]
      ...
      version = 1
      service_type = data-protect
      service_name = karbor
      

      Replace KARBOR_PASS with the password you chose for the karbor user in the Identity service.

  2. Populate the Data Protection database:

    # su -s /bin/sh -c "karbor-manage db sync" karbor
    

    Note

    Ignore any deprecation messages in this output.

Finalize installation

  1. Restart the Data Protection services:

    # service karbor-api restart
    # service karbor-operationengine restart
    # service karbor-protection restart