Red Hat Summit Red Hat SummitSupportKonsoleEntwicklerDemo startenKontakt

Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.

11.2. Configure the Data Processing Service

To configure the Data Processing service (Sahara), you must complete the following tasks:
  • Configure the Data Processing service database connection.
  • Configure the Data Processing API service to authenticate with the Identity service.
  • Configure the firewall to allow service traffic for the Data Processing service (through port 8386).

11.2.1. Create the Data Processing Service Database
Link kopieren

Create the database and database user used by the Data Processing API service. The database connection string used by the Data Processing service is defined in the /etc/sahara/sahara.conf file. It must be updated to point to a valid database server before starting the Data Processing API service (openstack-sahara-api).

Procedure 11.1. Creating and Configuring a Database for the Data Processing API Service

  1. Connect to the database service: 
    # mysql -u root -p
    Copy to Clipboard Toggle word wrap
  2. Create the sahara database: 
    mysql> CREATE DATABASE sahara;
    Copy to Clipboard Toggle word wrap
  3. Create a sahara database user and grant the user access to the sahara database: 
    mysql> GRANT ALL ON sahara.* TO 'sahara'@'%' IDENTIFIED BY 'PASSWORD';
mysql> GRANT ALL ON sahara.* TO 'sahara'@'localhost' IDENTIFIED BY 'PASSWORD';
    Copy to Clipboard Toggle word wrap
    Replace PASSWORD with a secure password that will be used to authenticate with the database server as this user.
  4. Exit the mysql client: 
    mysql> quit
    Copy to Clipboard Toggle word wrap
  5. Set the value of the sql_connection configuration key: 
    # openstack-config --set /etc/sahara/sahara.conf \
    database connection mysql://sahara:PASSWORD@IP/sahara
    Copy to Clipboard Toggle word wrap
    Replace the following values:
    • Replace PASS with the password of the database user.
    • Replace IP with the IP address or host name of the server hosting the database service.
  6. Configure the schema of the sahara database: 
    # sahara-db-manage --config-file /etc/sahara/sahara.conf upgrade head
    Copy to Clipboard Toggle word wrap

Important

The IP address or host name specified in the connection configuration key must match the IP address or host name to which the Data Processing service database user was granted access when creating the Data Processing service database. Moreover, if the database is hosted locally and you granted permissions to 'localhost' when creating the Data Processing service database, you must enter 'localhost'.

11.2.2. Create the Data Processing Service Identity Records
Link kopieren

Create and configure Identity service records required by the Data Processing service. These entries assist other OpenStack services attempting to locate and access the functionality provided by the Data Processing service.
This procedure assumes that you have already created an administrative user account and a services tenant. For more information, see:
Perform this procedure on the Identity service server, or on any machine onto which you have copied the keystonerc_admin file and on which the keystone command-line utility is installed.

Procedure 11.2. Creating Identity Records for the Data Processing Service

  1. Set up the shell to access keystone as the administrative user: 
    # source ~/keystonerc_admin
    Copy to Clipboard Toggle word wrap
  2. Create the sahara user: 
    [(keystone_admin)]# keystone user-create --name sahara --pass PASSWORD
    Copy to Clipboard Toggle word wrap
    Replace PASSWORD with a password that will be used by the Data Processing service when authenticating with the Identity service.
  3. Link the sahara user and the admin role together within the context of the services tenant: 
    [(keystone_admin)]# keystone user-role-add --user sahara --role admin --tenant services
    Copy to Clipboard Toggle word wrap
  4. Create the sahara service entry: 
    [(keystone_admin)]# keystone service-create --name sahara \
--type data-processing \
--description "OpenStack Data Processing"
    Copy to Clipboard Toggle word wrap
  5. Create the sahara endpoint entry: 
    [(keystone_admin)]# keystone endpoint-create \
   --service sahara \
   --publicurl 'http://SAHARA_HOST:8386/v1.1/%(tenant_id)s' \
   --adminurl 'http://SAHARA_HOST:8386/v1.1/%(tenant_id)s' \
   --internalurl 'http://SAHARA_HOST:8386/v1.1/%(tenant_id)s' \
   --region 'RegionOne'
    Copy to Clipboard Toggle word wrap
    Replace SAHARA_HOST with the IP address or fully qualified domain name of the server hosting the Data Processing service.

    Note

    By default, the endpoint is created in the default region, RegionOne. This is a case-sensitive value. To specify a different region when creating an endpoint, use the --region argument to provide it.
    See Section 3.6.1, “Service Regions” for more information.

11.2.3. Configure Data Processing Service Authentication
Link kopieren

Configure the Data Processing API service (openstack-sahara-api) to use the Identity service for authentication. All steps in this procedure must be performed on the server hosting the Data Processing API service, while logged in as the root user.

Procedure 11.3. Configuring the Data Processing API Service to Authenticate through the Identity Service

  1. Set the Identity service host that the Data Processing API service must use: 
    # openstack-config --set /etc/sahara/sahara.conf \
   keystone_authtoken auth_uri http://IP:5000/v2.0/
# openstack-config --set /etc/sahara/sahara.conf \
   keystone_authtoken identity_uri http://IP:35357
    Copy to Clipboard Toggle word wrap
    Replace IP with the IP address of the server hosting the Identity service.
  2. Set the Data Processing API service to authenticate as the correct tenant: 
    # openstack-config --set /etc/sahara/sahara.conf \
   keystone_authtoken admin_tenant_name services
    Copy to Clipboard Toggle word wrap
    Replace services with the name of the tenant created for the use of the Data Processing service. Examples in this guide use services.
  3. Set the Data Processing API service to authenticate using the sahara administrative user account: 
    # openstack-config --set /etc/sahara/sahara.conf \
   keystone_authtoken admin_user sahara
    Copy to Clipboard Toggle word wrap
  4. Set the Data Processing API service to use the correct sahara administrative user account password: 
    # openstack-config --set /etc/sahara/sahara.conf \
   keystone_authtoken admin_password PASSWORD
    Copy to Clipboard Toggle word wrap
    Replace PASSWORD with the password set when the sahara user was created.
The Data Processing service receives connections on port 8386. The firewall on the service node must be configured to allow network traffic on this port. All steps in this procedure must be performed on the server hosting the Data Processing service, while logged in as the root user.

Procedure 11.4. Configuring the Firewall to Allow Data Processing Service Traffic

  1. Open the /etc/sysconfig/iptables file in a text editor.
  2. Add an INPUT rule allowing TCP traffic on port 8386. The new rule must appear before any INPUT rules that REJECT traffic: 
    -A INPUT -p tcp -m multiport --dports 8386 -j ACCEPT
    Copy to Clipboard Toggle word wrap
  3. Save the changes to the /etc/sysconfig/iptables file.
  4. Restart the iptables service to ensure that the change takes effect: 
    # systemctl restart iptables.service
    Copy to Clipboard Toggle word wrap
Nach oben
Red Hat logoGithubredditYoutubeTwitter

Lernen

Testen, kaufen und verkaufen

Communitys

Über Red Hat Dokumentation

Wir helfen Red Hat Benutzern, mit unseren Produkten und Diensten innovativ zu sein und ihre Ziele zu erreichen – mit Inhalten, denen sie vertrauen können. Entdecken Sie unsere neuesten Updates.

Mehr Inklusion in Open Source

Red Hat hat sich verpflichtet, problematische Sprache in unserem Code, unserer Dokumentation und unseren Web-Eigenschaften zu ersetzen. Weitere Einzelheiten finden Sie in Red Hat Blog.

Über Red Hat

Wir liefern gehärtete Lösungen, die es Unternehmen leichter machen, plattform- und umgebungsübergreifend zu arbeiten, vom zentralen Rechenzentrum bis zum Netzwerkrand.

Theme

© 2025 Red Hat