Presentation is loading. Please wait.

Presentation is loading. Please wait.

EXperimental Infrastructures for the Future Internet www.fi-xifi.eu Training Session “Service Integration” Álvaro Alonso Joaquín Salvachúa UPM-DIT.

Similar presentations


Presentation on theme: "EXperimental Infrastructures for the Future Internet www.fi-xifi.eu Training Session “Service Integration” Álvaro Alonso Joaquín Salvachúa UPM-DIT."— Presentation transcript:

1 eXperimental Infrastructures for the Future Internet www.fi-xifi.eu Training Session “Service Integration” Álvaro Alonso Joaquín Salvachúa UPM-DIT

2 Objectives Understand Federation architecture Components installation overview –Keyrock IdM –Keystone-proxy –Cloud Portal Federate a new node –Installing Openstack Services –Configuring Openstack Services –Adding the node to the Federation

3 www.fi-xifi.eu FEDERATION ARCHITECTURE Training Session “Service Integration”

4 Architecture Proxy Keystone Cloud Server OS Service IdM Cloud Portal OS Service Region1 Region2 Region3

5 Step 1. Service Catalogue Proxy Keystone Cloud Server OS Service IdM Cloud Portal getCatalogue Service catalogue OS Service Region1 Region2 Region3

6 Step 2. Getting an access token Proxy Keystone Cloud Server OS Service IdM Cloud Portal OS Service Region1 Region2 Region3 1 redirect 2 access-code 3 request access-token 4 access-token 5 request orgs 6 orgs

7 Step 3. Getting OS token Proxy Keystone Cloud Server IdM Cloud Portal access-token + tenant OS token OS Service Region1 Region2 Region3

8 Step 4. Using an OS service Proxy Keystone Cloud Server Keystone Middleware OS Service IdM Cloud Portal 11 Request + token 12 token 15 OK + user info + tenant 8, 13 access- token 9, 14 user info

9 www.fi-xifi.eu COMPONENTS INSTALLATION OVERVIEW Training Session “Service Integration”

10 Keyrock IdM Github repository –https://github.com/ging/fi-ware-idmhttps://github.com/ging/fi-ware-idm Installation Guide: –https://github.com/ging/fi-ware-idm/wiki/Installation- guidehttps://github.com/ging/fi-ware-idm/wiki/Installation- guide Training demo host: –http://130.206.82.198:3000/

11 Keystone-proxy (1) Github repository –https://github.com/ging/fi-ware-keystone-proxyhttps://github.com/ging/fi-ware-keystone-proxy Installation Guide: –https://github.com/ging/fi-ware-keystone- proxy/blob/master/README.mdhttps://github.com/ging/fi-ware-keystone- proxy/blob/master/README.md Training demo host: –http://130.206.82.198:4730/

12 Keystone-proxy (2) Register cloud as an IdM Application Config.js var config = {}; config.adminUsers = {"user": {password: "pass", isAdmin: "false"}}; config.accountServer = '130.206.82.198'; // OAUTH Cloud credentials in the Account server config.client_id = ‘'; config.client_secret = ‘’'; //Mysql db config: config.db = { host : 'localhost', user : 'root', password : '1234', database : 'keystone_proxy' };............

13 Keystone-proxy (3) Config.js …. config.serviceCatalog = [ {"endpoints": [ {"adminURL": "http://localhost:8774/v2/$(tenant_id)s", "region": "RegionOne", "internalURL": "http://localhost:8774/v2/$(tenant_id)s", "publicURL": "http://localhost:8774/v2/$(tenant_id)s"} ], "endpoints_links": [], "type": "compute", "name": "nova" }, …..

14 Cloud Portal (1) Github repository –https://github.com/ging/fi-ware-cloud-portal Installation Guide: –https://github.com/ging/fi-ware-cloud- portal/blob/master/README.mdhttps://github.com/ging/fi-ware-cloud- portal/blob/master/README.md Training demo host: –http://130.206.82.198

15 Cloud Portal (2) Config.js config.oauth = { account_server: http://130.206.82.198:3000'', client_id: '', client_secret: '', callbackURL: 'http://130.206.82.198/login' }; config.keystone = { host: '130.206.82.198', port: 4730, admin_host: '130.206.82.198', admin_port: 4731, username: ’cloud', password: ’cloud', tenantId: '12345678901234567890123456789012' };

16 Summary Proxy Keystone Cloud Server IdM Cloud Portal

17 Summary Proxy Keystone Cloud Server IdM Cloud Portal OS Service Region1 Region2 Region3

18 www.fi-xifi.eu FEDERATE A NEW NODE Training Session “Service Integration”

19 Installing OS Services Using a virtual machine: –Install virtual box :: https://www.virtualbox.org/wiki/Downloads –Install Vagrant :: http://www.vagrantup.com/downloads.html This allow installation into virtual machines via scripts (Chef recipes).

20 OpenStack (DevStack) I mkdir devstack_vagrant cd devstack_vagrant vagrant box add precise32 http://files.vagrantup.com/precise32.box vagrant init precise32 Edit Vagrantfile and change: – vb.customize ["modifyvm", :id, "--memory", "2048"] – config.vm.network :forwarded_port, guest: 8774, host: 8774 – config.vm.network :forwarded_port, guest: 9292, host: 9292 – config.vm.network :forwarded_port, guest: 8776, host: 8776 Vagrant up && vagrant ssh

21 OpenStack (DevStack) II sudo apt-get update && sudo apt-get -y install git vim-gtk libxml2-dev libxslt1-dev libpq-dev python-pip libsqlite3-dev && sudo apt-get -y build-dep python- mysqldb && sudo pip install git-review tox && git clone git://git.openstack.org/openstack-dev/devstack && cd devstack git checkout -b havana origin/stable/havana./stack.sh

22 Amazon version Ask for it if you need it….

23 Configuring OS Services Kesytone Cloud Server Keystone Middleware OS Service Cloud Portal 11 Request + token 12 token 15 OK + user info + tenant

24 Configuring OS Services Kesytone Cloud Server Keystone Middleware OS Service Cloud Portal 11 Request + token 12 token 15 OK + user info + tenant

25 Configuring OS Services Proxy Keystone Cloud Server Keystone Middleware OS Service IdM Cloud Portal 11 Request + token 12 token 15 OK + user info + tenant 8, 13 access- token 9, 14 user info

26 Note Official Fi-lab IP for keystone-Proxy is : –130.206.82.10 We will NOT use it for today training. TODAY keystone-proxy is : 130.206.82.198 YOU must change on all next slides.

27 Nova /etc/nova/nova.conf... quantum_admin_auth_url=http://130.206.82.10:4731/v2.0http://130.206.82.10:4731/v2.0 quantum_admin_password=quantum... keystone_ec2_url=http://130.206.82.10:4730/v2.0/ec2tokenshttp://130.206.82.10:4730/v2.0/ec2tokens... [keystone_authtoken] auth_port=4731 admin_password=nova admin_user=nova... auth_host=130.206.82.10 quantum_region_name=[YOUR_REGION_NAME]

28 Quantum (1) /etc/quantum/dhcp_agent.ini... admin_user=quantum... admin_password=quantum... auth_url=http://130.206.82.10:4731/v2.0http://130.206.82.10:4731/v2.0 admin_tenant_name=services

29 Quantum (2) /etc/quantum/metadata_agent.ini... auth_url = http://130.206.82.10:4731/v2.0http://130.206.82.10:4731/v2.0 auth_region = [HERE YOUR REGION'S NAME] admin_tenant_name = services admin_user = quantum admin_password = quantum...

30 Quantum (3) /etc/quantum/quantum.conf... [keystone_authtoken] auth_host = 130.206.82.10 auth_port = 4731 auth_protocol = http admin_tenant_name = services admin_user = quantum admin_password = quantum signing_dir = /var/lib/quantum/keystone-signing auth_url=http://130.206.82.10:4731/v2.0http://130.206.82.10:4731/v2.0

31 Quantum (4) /etc/quantum/l3_agent.ini... admin_user=quantum admin_tenant_name=services admin_password=quantum... auth_url=http://130.206.82.10:4731/v2.0http://130.206.82.10:4731/v2.0

32 Quantum (5) /etc/quantum/api-paste.ini... [filter:authtoken] paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory auth_host=130.206.82.10 admin_password=quantum auth_url=http://130.206.82.10:4731/v2.0http://130.206.82.10:4731/v2.0 admin_tenant_name=services admin_user=quantum auth_port=4731

33 Glance (1) /etc/glance/glance-api.conf... swift_store_auth_address=http://130.206.82.10:4730/v2.0/http://130.206.82.10:4730/v2.0/... swift_store_user=services:glance... auth_port=4731 auth_host=130.206.82.10 admin_password=glance admin_tenant_name=services auth_protocol=http auth_uri=http://130.206.82.10:4731http://130.206.82.10:4731 admin_user=glance

34 Glance (2) /etc/glance/glance-registry.conf [keystone_authtoken] signing_dir=/tmp/keystone-signing-glance auth_host=130.206.82.10 admin_password=glance auth_port=4731 signing_dirname=/tmp/keystone-signing-glance auth_protocol=http admin_tenant_name=services admin_user=glance

35 Glance (3) /etc/glance/glance-cache.conf admin_user=glance... admin_tenant_name=services... admin_password=glance... auth_url=http://130.206.82.10:4731http://130.206.82.10:4731

36 Glance (4) /etc/glance/glance.conf filesystem_store_datadir=/var/lib/glance/images/ swift_store_region=[YOUR_REGION_NAME]

37 Cinder /etc/cinder/cinder.conf... admin_password=cinder auth_port=4731 auth_host=130.206.82.10 admin_tenant_name=services auth_protocol=http admin_user=cinder...

38 Swift /etc/swift/proxy-server.conf... [filter:s3token] paste.filter_factory = keystone.middleware.s3_token:filter_factory auth_port = 4731 auth_protocol = http auth_host = 130.206.82.10... [filter:keystone] use = egg:swift#keystoneauth operator_roles = admin, SwiftOperator, member is_admin = true cache = swift.cache... [filter:authtoken] paste.filter_factory = keystone.middleware.auth_token:filter_factory auth_host = 130.206.82.10 auth_port = 4731 auth_protocol = http auth_uri = http://130.206.82.10:4731http://130.206.82.10:4731 admin_tenant_name = services admin_user = swift admin_password = swift

39 Adding the node to Federation Keystone-proxy config.js …. config.serviceCatalog = [ {"endpoints": [ {"adminURL": "http://endopoint/v2/$(tenant_id)s", "region": "RegionOne", "internalURL": "http:/endpoint/v2/$(tenant_id)s", "publicURL": "http:/endpoint/v2/$(tenant_id)s"} ], "endpoints_links": [], "type": "compute", "name": "nova" }, …..

40 eXperimental Infrastructures for the Future Internet www.fi-xifi.eu Thanks! Álvaro Alonso Joaquín Salvachúa UPM-DIT


Download ppt "EXperimental Infrastructures for the Future Internet www.fi-xifi.eu Training Session “Service Integration” Álvaro Alonso Joaquín Salvachúa UPM-DIT."

Similar presentations


Ads by Google