github.com/chasestarr/deis@v1.13.5-0.20170519182049-1d9e59fbdbfc/docs/managing_deis/running-deis-without-ceph.rst (about) 1 :title: Running Deis without Ceph 2 :description: Configuring the cluster to remove Ceph from the control plane. 3 4 .. _running-deis-without-ceph: 5 6 Running Deis without Ceph 7 ========================= 8 9 .. include:: ../_includes/_ceph-dependency-description.rst 10 11 This guide is intended to assist users who are interested in removing the Ceph 12 dependency of the Deis control plane. 13 14 .. note:: 15 16 This guide was adapted from content graciously provided by Deis community member 17 `Arne-Christian Blystad`_. 18 19 Requirements 20 ------------ 21 22 External services are required to replace the internal store components: 23 24 * S3-compatible blob store (like `Amazon S3`_) 25 * PostgreSQL database (like `Amazon RDS`_) 26 * Log drain service with syslog log format compatibility (like `Papertrail`_) 27 28 Understanding component changes 29 ------------------------------- 30 31 Either directly or indirectly, all components in the :ref:`control-plane` 32 require Ceph (:ref:`store`). Some components require changes to accommodate 33 the removal of Ceph. The necessary changes are described below. 34 35 Logger 36 ^^^^^^ 37 38 The :ref:`logspout` component attaches to Docker containers on each host and 39 listens for log events from platform components and running applications. It 40 ships these to the :ref:`logger` component. By default, the logger writes the 41 logs to a distributed Ceph filesystem. These logs can then be fetched by the 42 :ref:`controller` component via HTTP. 43 44 In a Ceph-less cluster, the Logger component should be configured, instead, to 45 use in-memory log storage. Optionally, a drain may also be configured to forward 46 logs to an external log service (such as Papertrail) for longer-term archival. 47 48 Database 49 ^^^^^^^^ 50 51 The :ref:`database` runs PostgreSQL and uses the Ceph S3 API (provided by 52 ``deis-store-gateway``) to store PostgreSQL backups and WAL logs. 53 Should the host running database fail, the database component will fail over to 54 a new host, start up, and replay backups and WAL logs to recover to its 55 previous state. 56 57 We will not be using the database component in the Ceph-less cluster, and will 58 instead rely on an external database. 59 60 When provisioning the database, it is strongly recommended to use an `m3.medium` 61 instance or greater. 62 63 Registry 64 ^^^^^^^^ 65 66 The :ref:`registry` component is an instance of the offical Docker registry, and 67 is used to store application releases. The registry supports any S3 store, so 68 a Ceph-less cluster will simply reconfigure registry to use another store (typically 69 Amazon S3 itself). 70 71 Builder 72 ^^^^^^^ 73 74 The :ref:`builder` component is responsible for building applications deployed 75 to Deis via the ``git push`` workflow. It pushes to registry to store releases, 76 so it will require no changes. 77 78 Store 79 ^^^^^ 80 81 The :ref:`store` components implement Ceph itself. In a Ceph-less cluster, we 82 will skip the installation and starting of these components. 83 84 Deploying the cluster 85 --------------------- 86 87 This guide assumes a typical deployment on AWS by following the :ref:`deis_on_aws` 88 guide. 89 90 Deploy an AWS cluster 91 ^^^^^^^^^^^^^^^^^^^^^ 92 93 Follow the :ref:`deis_on_aws` installation documentation through the "Configure 94 DNS" portion. 95 96 Configure logger 97 ^^^^^^^^^^^^^^^^ 98 99 The :ref:`logger` component should be configured to use in-memory storage. Optionally 100 it may also be configured to drain logs to an external service for longer-term 101 archival. 102 103 .. code-block:: console 104 105 $ STORAGE_ADAPTER=memory 106 $ DRAIN=udp://logs.somewhere.com:12345 # Supported protocols are udp and tcp; for backwards compatibility, "syslog" is an alias for udp 107 $ deisctl config logs set storageAdapterType=${STORAGE_ADAPTER} drain=${DRAIN} 108 109 Configure registry 110 ^^^^^^^^^^^^^^^^^^ 111 112 The :ref:`registry` component won't start until it's configured with a store. 113 114 S3 store configuration sample: 115 116 .. code-block:: console 117 118 $ BUCKET=MYS3BUCKET 119 $ AWS_S3_REGION=some-aws-region #(e.g., us-west-1) 120 $ deisctl config registry set s3bucket=${BUCKET} \ 121 s3region=${AWS_S3_REGION} \ 122 s3path=/ \ 123 s3encrypt=false \ 124 s3secure=false 125 126 Due to `issue 4568`_, you'll also need to run the following to ensure confd will template out the 127 registry's configuration: 128 129 .. code-block:: console 130 131 $ deisctl config store set gateway=' ' 132 133 By default, the registry will try to authenticate to S3 using the instance role. 134 If your cluster is not running on EC2, you can supply hard coded API access and 135 secret key: 136 137 .. code-block:: console 138 139 $ deisctl config registry set s3accessKey=your-access-key \ 140 s3secretKey=your-secret-key 141 142 For reference, here's example of a policy you could attach to the role/user used by 143 the registry: 144 145 .. code-block:: javascript 146 147 { 148 "Statement": [ 149 { 150 "Resource": [ 151 "arn:aws:s3:::MYBUCKET" 152 ], 153 "Action": [ 154 "s3:ListBucket", 155 "s3:GetBucketLocation" 156 ], 157 "Effect": "Allow" 158 }, 159 { 160 "Resource": [ 161 "arn:aws:s3:::MYBUCKET/*" 162 ], 163 "Action": [ 164 "s3:GetObject", 165 "s3:PutObject", 166 "s3:DeleteObject" 167 ], 168 "Effect": "Allow" 169 } 170 ], 171 "Version": "2012-10-17" 172 } 173 174 Openstack-swift support requires `Swift3`_ middleware to be installed. Here is a sample configuration: 175 176 .. code-block:: console 177 178 $ SWIFT_CONTAINER=mycontainer 179 $ SWIFT_USER=system:root 180 $ SWIFT_SECRET_KEY=testpass 181 $ deisctl config registry set bucketName=${SWIFT_CONTAINER} 182 $ deisctl config store set gateway/accessKey=${SWIFT_USER} \ 183 gateway/secretKey=${SWIFT_SECRET_KEY} \ 184 gateway/host=10.1.50.1 \ 185 gateway/port=8080 186 187 Configure database settings 188 ^^^^^^^^^^^^^^^^^^^^^^^^^^^ 189 190 Since we won't be running the :ref:`database`, we need to configure these settings 191 so the controller knows where to connect. 192 193 .. code-block:: console 194 195 $ HOST=something.rds.amazonaws.com 196 $ DB_USER=deis 197 $ DB_PASS=somethingsomething 198 $ DATABASE=deis 199 $ deisctl config database set engine=postgresql_psycopg2 \ 200 host=${HOST} \ 201 port=5432 \ 202 name=${DATABASE} \ 203 user=${DB_USER} \ 204 password=${DB_PASS} 205 206 Deploy the platform 207 ^^^^^^^^^^^^^^^^^^^ 208 209 The typical :ref:`install_deis_platform` documentation can be followed, with 210 one caveat: since we won't be deploying many of the typical Deis components, we cannot 211 use ``deisctl install platform`` or ``deisctl start platform`` -- instead, we 212 use ``deisctl install stateless-platform`` and ``deisctl start stateless-platform``. 213 214 These commands tell ``deisctl`` to skip the components that we don't need to use. 215 216 Confirm installation 217 ^^^^^^^^^^^^^^^^^^^^ 218 219 That's it! Deis is now running without Ceph. Issue a ``deisctl list`` to confirm 220 that the services are started, and see :ref:`using_deis` to start using the cluster. 221 222 Upgrading Deis 223 -------------- 224 225 When following the :ref:`upgrading-deis` documentation, be sure to use 226 ``stateless-platform`` instead of ``platform``. 227 228 .. _`Amazon RDS`: http://aws.amazon.com/rds/ 229 .. _`Amazon S3`: http://aws.amazon.com/s3/ 230 .. _`Arne-Christian Blystad`: https://github.com/blystad 231 .. _`issue 4568`: https://github.com/deis/deis/issues/4568 232 .. _`Papertrail`: https://papertrailapp.com/ 233 .. _`Swift3`: https://github.com/openstack/swift3