Skip to content
This repository has been archived by the owner on Mar 14, 2019. It is now read-only.

Production set up guide

Jump to bottom
Enrique García Navalón edited this page Jun 8, 2015 · 16 revisions

Production Set Up

This section covers how to set up the IdM for production, covering topics like email sending, reCAPTCHA support or how to serve static and media files. Some topics, for example HTTPS, are beyond the scope of this documentation and only some pointers to related documentation are provided as a starting point.

MySQL

If you have installed the IdM using the automated tools the back-end (Keystone) will be configured to use a SQLite database. This is NOT recommended for production, we strongly advise to switch to a production-ready SQL database. This guide covers how to configure MySQL but any other database compatible with SQLAlchemy would probably work too.

Install MySQL

sudo apt-get install mysql-server

Edit keystone/etc/keystone/keystone.conf and change the [sql] section.

[sql]  
# The SQLAlchemy connection string used to connect to the database  
connection = mysql://keystone:KEYSTONE_DBPASS@controller/keystone

Use the password that you set previously to log in as root. Create a keystone database user:

# mysql -u root -p  
mysql> CREATE DATABASE keystone;  
mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'KEYSTONE_DBPASS';     
mysql> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'KEYSTONE_DBPASS';

You need to create the database tables and populate them with the initial data. Run the following fabric tasks (remember to activate the virtual environment)

fab localhost keystone.database_create
fab localhost keystone.populate

You can find aditional help for setting up Keystone + MySQL here

Web Server (Apache + mod_wsgi)

The web server used by the tools is a development server that should NOT be used for a production setting. There are several servers and configurations to serve a Django (Python) web application but only Apache + mod_wsgi will be covered here. Take a look at the oficial Django documentation for other options available and further information on this topic.

Install apache and mod_wsgi

sudo apt-get install apache2 libapache2-mod-wsgi

Configure Apache. The details on how to correctly configure Apache or set up HTTPS are beyond te scope this document, check the Django documentation for a starting point. Make sure that the following elements are present:

WSGIPassAuthorization On  
WSGIScriptAlias / [PATH_TO_HORIZON]/horizon/openstack_dashboard/wsgi/django.wsgi

If you want to serve your static and media files from Apache itself, also make sure to create the Alias

Alias /media/ /root/horizon/media/
Alias /static/ /root/horizon/static/
Alias /assets/ /root/horizon/static/fiware/

Now, go to the folder you have installed Horizon and run

sudo tools/with_venv.sh python manage.py collectstatic

Edit the local_settings.py file and set

DEBUG = True
ALLOWED_HOSTS = [
    'your.domain.com',
    'another.domain.es'
]

reCAPTCHA

You can find how to set up the reCAPTCHA field for user registration in the front-end wiki

Clone this wiki locally