Scribd
Upload
26 views11 pages

OpenStack Pike Volet 15

Uploaded by

IRIE

The document describes the steps to install and configure the OpenStack Orchestration service Heat on the control node. This includes installing packages, creating users and roles in Keystone, and creating service endpoints.

Copyright:

© All Rights Reserved
Download as PDF, TXT or read online from Scribd
Download as pdf or txt

OpenStack Pike Volet 15

Uploaded by

IRIE
26 views11 pages
The document describes the steps to install and configure the OpenStack Orchestration service Heat on the control node. This includes installing packages, creating users and roles in Keystone, and creating service endpoints.

Original Description:

Installation et configuration de Openstack version 15

Copyright

© © All Rights Reserved

Available Formats

PDF, TXT or read online from Scribd

Did you find this document useful?

Is this content inappropriate?

The document describes the steps to install and configure the OpenStack Orchestration service Heat on the control node. This includes installing packages, creating users and roles in Keystone, and creating service endpoints.

Copyright:

© All Rights Reserved
Download as PDF, TXT or read online from Scribd
Download as pdf or txt
26 views11 pages

OpenStack Pike Volet 15

Uploaded by

IRIE
The document describes the steps to install and configure the OpenStack Orchestration service Heat on the control node. This includes installing packages, creating users and roles in Keystone, and creating service endpoints.

Copyright:

© All Rights Reserved
Download as PDF, TXT or read online from Scribd
Download as pdf or txt
You are on page 1/ 11

OpenStack Pike

2017/09/03

Travaux de synthèse : Taylor VOLI

Volet 15
2

OpenStack Pike : Configure Heat#1 (Control Node)


2017/09/07

Install OpenStack Orchestration Service (Heat).


This example is based on the emvironment like follows.
------------+---------------------------+--------------------------
-+------------
| |
|
eth0|10.0.0.30 eth0|10.0.0.50
eth0|10.0.0.51
+-----------+-----------+ +-----------+-----------+ +----------
-+-----------+
| [ Control Node ] | | [ Network Node ] | | [
Compute Node ] |
| | | | |
|
| MariaDB RabbitMQ | | Open vSwitch | |
Libvirt |
| Memcached httpd | | L2 Agent | | Nova
Compute |
| Keystone Glance | | L3 Agent | | Open
vSwitch |
| Nova API | | Metadata Agent | | L2
Agent |
| Neutron Server | | Cinder-Volume | |
|
| Metadata Agent | | Heat API API-CFN | |
|
| Cinder API | | Heat Engine | |
|
+-----------------------+ +-----------------------+ +----------
-------------+

[1] Install packages on Control Node.


# install from Pike, EPEL

[root@dlp ~(keystone)]#
yum --enablerepo=centos-openstack-pike,epel -y install openstack-heat-common
[2] Add users and so on for Heat services in Keystone on the Control Node.
# add Heat user

[root@dlp ~(keystone)]#
openstack user create --domain default --project service --password servicepassword heat

+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| default_project_id | c9ab6e9feb4d444c8f637fcfe7a67305 |

2
3

| domain_id | default |
| enabled | True |
| id | 9ddb7ce4e5b643319e5482c40ddf12c5 |
| name | heat |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+

# add Heat user to admin role

[root@dlp ~(keystone)]#
openstack role add --project service --user heat admin
# create a role for Heat

[root@dlp ~(keystone)]#
openstack role create heat_stack_owner

+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | None |
| id | 19a9693c2ed845ac81396fd2c142604f |
| name | heat_stack_owner |
+-----------+----------------------------------+

[root@dlp ~(keystone)]#
openstack role create heat_stack_user

+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | None |
| id | dea9ebaa41a245d0a5a6bcef0aaa1eac |
| name | heat_stack_user |
+-----------+----------------------------------+

# add admin user to heat_stack_owner role

[root@dlp ~(keystone)]#
openstack role add --project admin --user admin heat_stack_owner
# create service entry for Heat

[root@dlp ~(keystone)]#
openstack service create --name heat --description "Openstack Orchestration" orchestration

+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Openstack Orchestration |
| enabled | True |
| id | 191e9222c5b94ddb90c887b3ea396a98 |

3
4

| name | heat |
| type | orchestration |
+-------------+----------------------------------+

[root@dlp ~(keystone)]#
openstack service create --name heat-cfn --description "Openstack Orchestration"
cloudformation

+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Openstack Orchestration |
| enabled | True |
| id | 6bc2497d7020448aa07de924b5cb5273 |
| name | heat-cfn |
| type | cloudformation |
+-------------+----------------------------------+

# define Heat API server's IP address

[root@dlp ~(keystone)]#
heat_api=10.0.0.50
# create endpoint entry for orchestration (public)

[root@dlp ~(keystone)]#
openstack endpoint create --region RegionOne orchestration public
http://$heat_api:8004/v1/%\(tenant_id\)s

+--------------+----------------------------------------+
| Field | Value |
+--------------+----------------------------------------+
| enabled | True |
| id | 63f285d207a2470dab12899999f7f0b0 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 191e9222c5b94ddb90c887b3ea396a98 |
| service_name | heat |
| service_type | orchestration |
| url | http://10.0.0.50:8004/v1/%(tenant_id)s |
+--------------+----------------------------------------+

# create endpoint entry for orchestration (internal)

[root@dlp ~(keystone)]#
openstack endpoint create --region RegionOne orchestration internal
http://$heat_api:8004/v1/%\(tenant_id\)s

+--------------+----------------------------------------+
| Field | Value |
+--------------+----------------------------------------+

4
5

| enabled | True |
| id | 5206ba971a4842ba971806b0058b1695 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 191e9222c5b94ddb90c887b3ea396a98 |
| service_name | heat |
| service_type | orchestration |
| url | http://10.0.0.50:8004/v1/%(tenant_id)s |
+--------------+----------------------------------------+

# create endpoint entry for orchestration (admin)

[root@dlp ~(keystone)]#
openstack endpoint create --region RegionOne orchestration admin
http://$heat_api:8004/v1/%\(tenant_id\)s

+--------------+----------------------------------------+
| Field | Value |
+--------------+----------------------------------------+
| enabled | True |
| id | 976c83d5d7f1494e84768ce124f170d6 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 191e9222c5b94ddb90c887b3ea396a98 |
| service_name | heat |
| service_type | orchestration |
| url | http://10.0.0.50:8004/v1/%(tenant_id)s |
+--------------+----------------------------------------+

# create endpoint entry for cloudformation (public)

[root@dlp ~(keystone)]#
openstack endpoint create --region RegionOne cloudformation public http://$heat_api:8000/v1

+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 493c29d85bd84399b9baa627b08dcc2f |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 6bc2497d7020448aa07de924b5cb5273 |
| service_name | heat-cfn |
| service_type | cloudformation |
| url | http://10.0.0.50:8000/v1 |
+--------------+----------------------------------+

# create endpoint entry for cloudformation (internal)

5
6

[root@dlp ~(keystone)]#
openstack endpoint create --region RegionOne cloudformation internal http://$heat_api:8000/v1

+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | d59331dcdfc54f53a278691ef126a012 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 6bc2497d7020448aa07de924b5cb5273 |
| service_name | heat-cfn |
| service_type | cloudformation |
| url | http://10.0.0.50:8000/v1 |
+--------------+----------------------------------+

# create endpoint entry for cloudformation (admin)

[root@dlp ~(keystone)]#
openstack endpoint create --region RegionOne cloudformation admin http://$heat_api:8000/v1

+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 5fce1311d5c54ff3aa5bdbd05900d28d |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 6bc2497d7020448aa07de924b5cb5273 |
| service_name | heat-cfn |
| service_type | cloudformation |
| url | http://10.0.0.50:8000/v1 |
+--------------+----------------------------------+

# create Heat domain

[root@dlp ~(keystone)]#
openstack domain create --description "Stack projects and users" heat

+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Stack projects and users |
| enabled | True |
| id | 99bf2f4e79bc42e08e0385681e158fd0 |
| name | heat |
+-------------+----------------------------------+

# create [heat_domain_admin] user

6
7

[root@dlp ~(keystone)]#
openstack user create --domain heat --password servicepassword heat_domain_admin

+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | 99bf2f4e79bc42e08e0385681e158fd0 |
| enabled | True |
| id | 426c5ff63bf344a6ac3cad83231c36d1 |
| name | heat_domain_admin |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+

# add [heat_domain_admin] user to admin role

[root@dlp ~(keystone)]#
openstack role add --domain heat --user heat_domain_admin admin
[3] Create a database for Heat to MariaDB.
[root@dlp ~(keystone)]#
mysql -u root -p

Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 51
Server version: 10.1.20-MariaDB MariaDB Server

Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]>
create database heat;

Query OK, 1 row affected (0.00 sec)


MariaDB [(none)]>
grant all privileges on heat.* to heat@'localhost' identified by 'password';

Query OK, 0 rows affected (0.00 sec)


MariaDB [(none)]>
grant all privileges on heat.* to heat@'%' identified by 'password';

Query OK, 0 rows affected (0.00 sec)


MariaDB [(none)]>
flush privileges;

Query OK, 0 rows affected (0.00 sec)


MariaDB [(none)]>

7
8

exit

Bye

8
9

OpenStack Pike : Configure Heat#2 (Network Node)


2017/09/07

Install OpenStack Orchestration Service (Heat).


This example is based on the emvironment like follows.
------------+---------------------------+--------------------------
-+------------
| |
|
eth0|10.0.0.30 eth0|10.0.0.50
eth0|10.0.0.51
+-----------+-----------+ +-----------+-----------+ +----------
-+-----------+
| [ Control Node ] | | [ Network Node ] | | [
Compute Node ] |
| | | | |
|
| MariaDB RabbitMQ | | Open vSwitch | |
Libvirt |
| Memcached httpd | | L2 Agent | | Nova
Compute |
| Keystone Glance | | L3 Agent | | Open
vSwitch |
| Nova API | | Metadata Agent | | L2
Agent |
| Neutron Server | | Cinder-Volume | |
|
| Metadata Agent | | Heat API API-CFN | |
|
| Cinder API | | Heat Engine | |
|
+-----------------------+ +-----------------------+ +----------
-------------+

[1] Install Heat services on Network Node.


# install from Pike, EPEL

[root@network ~]#
yum --enablerepo=centos-openstack-pike,epel -y install openstack-heat-api openstack-heat-api-
cfn openstack-heat-engine python-heatclient
[2] Configure Heat.
[root@network ~]#
mv /etc/heat/heat.conf /etc/heat/heat.conf.org

[root@network ~]#
vi /etc/heat/heat.conf
# create new

9
10

[DEFAULT]
deferred_auth_method = trusts
trusts_delegated_roles = heat_stack_owner
# Heat installed server
heat_metadata_server_url = http://10.0.0.50:8000
heat_waitcondition_server_url = http://10.0.0.50:8000/v1/waitcondition
heat_watch_server_url = http://10.0.0.50:8003
heat_stack_user_role = heat_stack_user
# Heat domain name
stack_user_domain_name = heat
# Heat domain admin name
stack_domain_admin = heat_domain_admin
# Heat domain admin's password
stack_domain_admin_password = servicepassword
# RabbitMQ connection info
transport_url = rabbit://openstack:[email protected]

# MariaDB connection info


[database]
connection = mysql+pymysql://heat:[email protected]/heat

# Keystone auth info


[clients_keystone]
auth_uri = http://10.0.0.30:35357

# Keystone auth info


[ec2authtoken]
auth_uri = http://10.0.0.30:5000

[heat_api]
bind_host = 0.0.0.0
bind_port = 8004

[heat_api_cfn]
bind_host = 0.0.0.0
bind_port = 8000

# Keystone auth info


[keystone_authtoken]
auth_uri = http://10.0.0.30:5000
auth_url = http://10.0.0.30:35357
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = heat
password = servicepassword

[trustee]
auth_plugin = password
auth_url = http://10.0.0.30:35357
username = heat
password = servicepassword
user_domain_name = default

10
11

[root@network ~]#
chgrp heat /etc/heat/heat.conf

[root@network ~]#
chmod 640 /etc/heat/heat.conf

[root@network ~]#
su -s /bin/bash heat -c "heat-manage db_sync"

[root@network ~]#
systemctl start openstack-heat-api openstack-heat-api-cfn openstack-heat-engine

[root@network ~]#
systemctl enable openstack-heat-api openstack-heat-api-cfn openstack-heat-engine

[3] If Firewalld is running, allow service ports.


[root@network ~]#
firewall-cmd --add-port={8000/tcp,8004/tcp} --permanent

success
[root@network ~]#
firewall-cmd --reload

success

11

You might also like