Storage

Storage Pools

Images:

What is an image?

From https://docs.openstack.org/horizon/latest/user/manage-images.html:

 

“A virtual machine image, referred to in this document simply as an image, is a single file that contains a virtual disk that has a bootable operating system installed on it. Images are used to create virtual machine instances within the cloud.”

 

The creation of images is beyond the scope of these instructions, however when such documents are made they will be posted here:

Image Creation

When selecting which image to use, note the postfix “-gt”.  These images have been vetted and are fully supported by the admins

To view available images:

(cmd)How to view images available

(gui)How to view images available

 

Volumes

What is a volume?

From https://docs.openstack.org/cinder/rocky/cli/cli-manage-volumes.html:

 

“A volume is a detachable block storage device, similar to a USB hard drive. You can attach a volume to only one instance.”

We have multiple storage back ends.  To find out what you have access to and how to use them go here:

Volume Types

Backups

Openstack Client Access

Configure Openstack API client

To configure the Openstack client, go to the

API Access

page and click **View Credentials**.

This will provide the information needed for the scripts.

Shell Script

#!/usr/bin/env bash
## 1) change the variables in the following section to match your information
## 2) dot source this script to configure the openstack client
## 3) run ‘openstack token issue’ to verify it is working
#### VARIABLES ####
USERNAME=”username”
PROJECT_ID=”project_id”
PROJECT_NAME=”project_name”
AUTH_URL=https://coe-openstack.vapor.gatech.edu:13000/v3
###################
export OS_AUTH_URL=$AUTH_URL
# With the addition of Keystone we have standardized on the term **project**
# as the entity that owns the resources.
export OS_PROJECT_ID=$PROJECT_ID
export OS_PROJECT_NAME=$PROJECT_NAME
export OS_USER_DOMAIN_NAME=”AD”
if [ -z “$OS_USER_DOMAIN_NAME” ]; then unset OS_USER_DOMAIN_NAME; fi
## unset v2.0 items in case set
unset OS_TENANT_ID
unset OS_TENANT_NAME
## In addition to the owning entity (tenant), OpenStack stores the entity
## performing the action as the **user**.
export OS_USERNAME=$USERNAME
## With Keystone you pass the keystone password.
echo “Please enter your OpenStack Password for project $OS_PROJECT_NAME as user $OS_USERNAME: “
read -sr OS_PASSWORD_INPUT
export OS_PASSWORD=$OS_PASSWORD_INPUT
## If your configuration has multiple regions, we set that information here.
## OS_REGION_NAME is optional and only valid in certain environments.
export OS_REGION_NAME=”regionOne”
## Don’t leave a blank variable, unset it if it was empty
if [ -z “$OS_REGION_NAME” ]; then unset OS_REGION_NAME; fi
export OS_INTERFACE=public
export OS_IDENTITY_API_VERSION=3
export OS_AUTH_TYPE=password
unset OS_TOKEN
export OS_TOKEN=`openstack token issue –os-username $OS_USERNAME –os-password $OS_PASSWORD –os-user-domain-name $OS_USER_DOMAIN_NAME -f value -c id`
export OS_AUTH_TYPE=token
unset OS_PASSWORD
unset OS_USERNAME
unset OS_USER_DOMAIN_NAME

 

PowerShell

## 1) change the variables in the following section to match your information
## 2) dot source this script to configure the openstack client
## 3) run ‘openstack token issue’ to verify it is working
#### VARIABLES ####
$ENV:OS_USERNAME = “username”
$ENV:OS_PROJECT_ID = ‘project_id’
$ENV:OS_PROJECT_NAME = “project_name”
$ENV:OS_AUTH_URL = ‘https://coe-openstack.vapor.gatech.edu:13000/v3’
###################
$ENV:OS_USER_DOMAIN_NAME = “AD”
$ENV:OS_REGION_NAME = “regionOne”
$ENV:OS_INTERFACE = “public”
$ENV:OS_IDENTITY_API_VERSION = 3
$password_input = Read-Host -Prompt “Please enter your OpenStack Password for project $ENV:OS_PROJECT_NAME as user $ENV:OS_USERNAME” -AsSecureString
$ENV:OS_PASSWORD = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($password_input))
$ENV:OS_AUTH_TYPE = “password”
Remove-Item “ENV:OS_TOKEN” -Force -ErrorAction SilentlyContinue
$ENV:OS_TOKEN = & openstack token issue –os-username $ENV:OS_USERNAME –os-password $ENV:OS_PASSWORD –os-user-domain-name $ENV:OS_USER_DOMAIN_NAME -f value -c id
$ENV:OS_AUTH_TYPE = “token”
## Remove variables
Remove-Item “ENV:OS_PASSWORD”
Remove-Item “ENV:OS_USERNAME”
Remove-Item “ENV:OS_USER_DOMAIN_NAME”

Networks

First thing, all instances in Openstack have access to the external network (internet) by default.  Giving the external network (internet) access to your instances is where the complexity lies.

 

Choose between two types of access:

 

Self Service

  • As its name suggests, this network requires the least amount of admin involvement for provisioning.  Useful for quick deployments. By itself, your instance will have access to the internet but will not be accessible from the outside. The only way to access will be through the console.
  • The only way to gain access from the outside is with a floating IP.

 

Provider

  • The provider network relies on an external network from openstack.
      • Openstack controls only two facts about the interface:
        1. The MAC of the interface
        2. The security groups of the interface
    • This requires the admin to provision a mac address and ip to a DHCP server
      • So if you do not have access to the DHCP server on the subnet the provider is on you won’t be able to get the instance online automatically.
      • However, if you have console access, you can get to the instance once its booted, log into the console and configure the network interface with the static ip of the provider port.  You’ll need to know the IP, subnet and gateway along with the DNS addresses since DHCP won’t be there to provide it.
    • The network requires significant involvement from the admin and thus needs to be planned ahead of time in order to be efficient in any deployment.

Admin:

 

How can I tell the difference between a Self Service and Provider Network?

 

Usually,  you can tell by the name of the network in Openstack

 

Self Service:

Anything that “ends” with a “-net” is a self service network

Provider:

Anything that starts with “Vlan”  or “VLAN” is a provider network.

If you have any questions about which is a provider or which is a self service just ask!

 

GT:

Self Service:

If your instance only uses the self service there is not much you have to deal with on the GT side.

However, if you have to attach a floating ip to it,

  • you will need to work with GT  DNS (gtipam.dns.gatech.edu) or your local DNS to associate the floating ip with a DNS record.
  • Will also need to work with GT Firewall (fw.noc.gatech.edu) to clear access ports as well as work with security groups in openstack.

Provider:

You will need to work with DNS and Firewalls as if you are on a self service network with a floating ip already attached.

Scale Cluster

This is a minimum set of steps to get a Compute host added to Openstack:

  • MAC?
      • This MAC needs PXE enabled
  • IP Address:
    • French:
      • Internal API: 172.31.18.0/24
      • Tenant: 172.31.19.0/24
      • BMC: 172.31.23.0/24
    • Groseclose:
      • Internal API: 172.31.70.0/24
      • Tenant: 172.31.69.0/24
      • BMC: 172.31.71.0/24
  • Hostname? DNS? BMC?
  • Serial Console Settings:
    • Serial Port Number
    • Baud Rate
    • Data Bits
    • Parity
    • Stop Bits
  • Switch?
    • Ip Address/Room/Port numbers
    • The port the pxe enabled interface is connected to.