http://www.fiware.orghttp://lab.fiware.orgFollow @FIWARE on Twitter

Federating new FIWARE Lab nodesFernando LópezTelefonica I+D

Contact email

fernando.lopezaguilar@telefonica.com

@flopezaguilar

Table of content

Starting point.

Check the installation of an OpenStack instance.

Request admin user and OpenStack service users.

Where and What you need to change.

2

STARTING POINTFIWARE Lab

3

Starting points

FIWARE Lab Nodes Handbook, (https://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/FIWARE_Lab_Nodes_Handbook)

Detailed information about:• requirements, • process for joining, • tools for operating a node,• operating and maintaining a node.

3

Starting points: Contact persons

Federated Keystone service: Álvaro Alonso aalonsog@dit.upm.es

FI-Health service: Fernando López fernando.lopezaguilar@telefonica.com

Infographics service: Silvio Cretti silvio.cretti@create-net.org

Monitoring service: Fernando López fernando.lopezaguilar@telefonica.com

FIWARE Images distribution: Fernando López

fernando.lopezaguilar@telefonica.com

Jira: Manuel Escriche Vicente manuel.escrichevicente@telefonica.com

4

Starting points: Installing FIWARE Lab node

Installing FIWARE Lab node (https://

forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/Installing_FIWARE_Lab_Node

).

• Manual installation.

• Using Mirantis FUEL tool.

• Using FIWARE Deploy tool.

5

Starting points: OpenStack log locations

6

Starting points: Default configuration files

Glance

• Files can be located in /etc/glance directory.

• glance-api.conf and glance-registry.conf

• Detailed information:

› http://docs.openstack.org/kilo/config-reference/content/section_glance-api.conf.html

› http://docs.openstack.org/kilo/config-reference/content/section_glance-registry.conf.html

87

Starting points: Default configuration files

Nova

• nova.conf contains compute configuration options

• Can be found in /etc/nova directory.

• One per each compute node.

• Detailed information:

› http://docs.openstack.org/kilo/config-reference/content/compute-nova-conf.html

› http://

docs.openstack.org/kilo/config-reference/content/list-of-compute-config-options.html#config_table_nova_common

99

Starting points: Default configuration files

Neutron

• metadata_agent.ini for the Metadata Agent component.

• neutron.conf, neutron configuration file

• Detailed information:

› http://docs.openstack.org/kilo/config-reference/content/networking-options-metadata.html

› http://docs.openstack.org/kilo/config-reference/content/networking-options-nova.html

› http://docs.openstack.org/kilo/config-reference/content/networking-options-auth_token.html

1010

Starting points: Default configuration files

Cinder

• Block storage service.

• cinder.conf Installed in /etc/cinder by default.

• Detailed information:

› http://docs.openstack.org/kilo/config-reference/content/section_cinder.conf.html

1111

Starting points: Default configuration files

Ceilometer

• Telemetry service in OpenStack.

• ceilometer.conf can be found in /etc/ceilometer/ directory.

• Detailed information:

› http://docs.openstack.org/kilo/config-reference/content/section_ceilometer.conf.html

1212

CHECK THE INSTALLATION OF AN OPENSTACK INSTANCE.

FIWARE Lab

13

Check the installation of an OpenStack instance

https://

forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/Testing_FIWARE_Lab_Node_locally

First step, check the status of OpenStack services, following the command line

tools.

Second step, check the functionalities offered through the OpenStack API.

1414

Check the installation of an OpenStack instance:First step Check the different nova services (from controller node).

• $ nova service-list

Check the different neutron agent (from controller node).• $ neutron agent-list

Check the different cinder component (from controller node).• $ cinder service-list

If you have installed HA services (corosync/pacemaker)• $ crm status

1515

Check the installation of an OpenStack instance:Second step This procedure try to check the OpenStack services through their APIs.

External person access to your local OpenStack Horizon service and make

some tests.

• Provide user/password and the local OpenStack Horizon endpoint.

Check network convention and access to the VM created.

Give the green light to start the federation.

1616

REQUEST ADMIN USER AND OPENSTACK SERVICE USERS

FIWARE Lab

17

Request admin user and OpenStack service users Send the service endpoints to Federation Keystone owner (Álvaro Alonso).

Decide the name of the node (Region Name).

• Usually following the name of the city where the node is installed.

• It will be the name that we use in the cloud portal and different tools.

• e.g. Trento, Volos, Lannion, …

• https://cloud.lab.fiware.org/

1818

Request admin user and OpenStack service users Request the user and password of your local services to Álvaro.

• It will be used to configure the Federation Keystone connectivity.

› Nova

› Cinder

› Ceilometer

› Neutron

› Glance

1919

Request admin user and OpenStack service users Request the admin user.

• It will be used to access your node from the administrative purpose.

• Used with the FIWARE Ops tools (FI-Health, Calendar, …)

• Usually it is defined like admin-<region name>, e.g. admin-lannion

2020

WHERE AND WHAT YOU NEED TO CHANGE

FIWARE Lab

21

Where and What you need to change

We have

• Federated Keystone

We need

• A new OpenStack installation: A new region to be federated.

22

Where and What you need to change

Works to be done:

• On Federated Keystone:

› Services endpoints must be provided for the new region.

› New service users must be provided.

• On OpenStack side (new region)

› Change Keystone endpoints everywhere.

› Change Keystone credentials everywhere.

23

Where and What you need to change

We give you details of the configuration taking into account that you have an

OpenStack Kilo version.

This is not going to be an exhaustive explanation, we assume that you have

enough knowledge to work with OpenStack.

24

Where and What you need to change

Keystone administrator provides users and passwords and the Nova user

tenant ID:

• Glance: GLUSER, GLPWD

• Nova: NVUSER; NVPWD, NOVA_TENANT_ID

• Neutron: NTUSER, NTPWD

• Cinder: CDUSER, CDPWD

• Ceilometer: CLUSER, CLPWD

IMPORTANT, it is mandatory that you have those data from Keystone

administrator (Álvaro Alonso).

25

Check the installation of an OpenStack instance

26

There are several keystone endpoints and things we could do to increase the

performance.

Prevent DNS Lookups:

• http://cloud.lab.fiware.org could be changed by http://130.206.84.8

Use HTTPS instead of HTTP:

• http://cloud.lab.fiware.org:4730 can be changed by https://cloud.lab.fiware.org:5000

• http://cloud.lab.fiware.org:4731 can be changed by https://cloud.lab.fiware.org:35357

To achieve HTTPS and prevent DNS lookups (need to configure insecure https

queries to be ok, … bad solution )

• http://cloud.lab.fiware.org could somehow be changed by https://130.206.84.8

Check the installation of an OpenStack instance: Glance

27

We need and admin_user, admin_password: (GLUSER, GLPWD)

Files to change: glance-api.conf, glance-registry.conf

[keystone_authtoken]

identity_uri = http://cloud.lab.fiware.org:4731

admin_tenant_name = service

admin_user = GLUSER

admin_password = GLPWD

auth_uri = http://cloud.lab.fiware.org:4730/v2.0

[paste_deploy]

flavor = keystone

28

Check the installation of an OpenStack instance: Nova

We need and Nova’s and Neutron’s users and passwords: (NVUSER, NVPWD,

NTUSER, NTPWD).

Files to change: nova.conf (every one both in controllers and computes nodes)

[keystone_authtoken]

auth_url = http://cloud.lab.fiware.org:4731

auth_uri = http://cloud.lab.fiware.org:4730

project_domain_id = default

user_domain_id = default

auth_plugin = password

project_name = service

username = NVUSER

password = NVPWD

29

Check the installation of an OpenStack instance: Nova

### Same nova.conf as in the previous slide

[neutron]

url = http://<whatever>:9696

auth_strategy = keystone

admin_auth_url = http://cloud.lab.fiware.org:4731/v2.0

admin_tenant_name = service

admin_username = NTUSER

admin_password = NTPWD

service_metadata_proxy = True

metadata_proxy_shared_secret = very_difficult_secret_key

30

Check the installation of an OpenStack instance: Neutron

We need and Nova’s and Neutron’s users and passwords and nova Tenant ID.

• NVUSER, NVPWD, NTUSER, NTPWD, NOVA_TENANT_ID

Files to change: neutron.conf (everywhere when we have it)

[keystone_authtoken]

auth_url = http://cloud.lab.fiware.org:4731

auth_uri = http://cloud.lab.fiware.org:4730

project_domain_id = default

user_domain_id = default

auth_plugin = password

project_name = service

username = NTUSER

password = NTPWD

31

Check the installation of an OpenStack instance: Neutron

#### Comes from the previous slide

[nova]

auth_url = http://cloud.lab.fiware.org:4731

project_domain_id = default

user_domain_id = default

auth_plugin = password

project_name = service

username = NVUSER

password = NVPWD

admin_tenant_id = NOVA_TENANT_ID

32

Check the installation of an OpenStack instance: Neutron

Files to change: metadata_agent.ini (every metadata_agent.ini).[DEFAULT]auth_url = http://cloud.lab.fiware.org:4731auth_uri = http://cloud.lab.fiware.org:4730auth_region = YOUR_REGION_NAMEproject_domain_id = defaultuser_domain_id = defaultauth_plugin = passwordproject_name = serviceusername = NTUSERpassword = NTPWD

33

Check the installation of an OpenStack instance: Cinder

We need and Cinders’s users and passwords: (CDUSER, CDPWD)

Files to change: cinder.conf (every file that we could have)

[keystone_authtoken]

auth_url = http://cloud.lab.fiware.org:4731

auth_uri = http://cloud.lab.fiware.org:4730

project_domain_id = default

user_domain_id = default

auth_plugin = password

project_name = service

username = CDUSER

password = CDPWD

34

Check the installation of an OpenStack instance: Ceilometer

We need and Ceilometer’s users and passwords: (CLUSER, CLPWD)

Files to change: ceilometer.conf --- Every ceilometer.conf

[keystone_authtoken]

auth_url = http://cloud.lab.fiware.org:4731

auth_uri = http://cloud.lab.fiware.org:4730

project_domain_id = default

user_domain_id = default

auth_plugin = password

project_name = service

username = CLUSER

password = CLPWD

REFERENCESFIWARE FOUNDATION

35

References

FIWARE Lab Cloud portal: https://cloud.lab.fiware.org

FIWARE Lab Account portal: https://account.lab.fiware.org/idm/

FIWARE Lab Nodes Handbook: https://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/FIWARE_Lab_Nodes_Handbook

Sanity Check: https://fi-health.lab.fiware.org/

Infographics portal: http://infographic.lab.fiware.org/

36

http://fiware.org

http://lab.fiware.org

Follow @Fiware on Twitter !

Thanks!