Download presentation
Presentation is loading. Please wait.
Published byIsaac Stevens Modified over 8 years ago
1
eXperimental Infrastructures for the Future Internet www.fi-xifi.eu Training Session “Service Integration” Álvaro Alonso Joaquín Salvachúa UPM-DIT
2
Objectives Understand Federation architecture Components installation overview –Keyrock IdM –Keystone-proxy –Cloud Portal Federate a new node –Installing Openstack Services –Configuring Openstack Services –Adding the node to the Federation
3
www.fi-xifi.eu FEDERATION ARCHITECTURE Training Session “Service Integration”
4
Architecture Proxy Keystone Cloud Server OS Service IdM Cloud Portal OS Service Region1 Region2 Region3
5
Step 1. Service Catalogue Proxy Keystone Cloud Server OS Service IdM Cloud Portal getCatalogue Service catalogue OS Service Region1 Region2 Region3
6
Step 2. Getting an access token Proxy Keystone Cloud Server OS Service IdM Cloud Portal OS Service Region1 Region2 Region3 1 redirect 2 access-code 3 request access-token 4 access-token 5 request orgs 6 orgs
7
Step 3. Getting OS token Proxy Keystone Cloud Server IdM Cloud Portal access-token + tenant OS token OS Service Region1 Region2 Region3
8
Step 4. Using an OS service Proxy Keystone Cloud Server Keystone Middleware OS Service IdM Cloud Portal 11 Request + token 12 token 15 OK + user info + tenant 8, 13 access- token 9, 14 user info
9
www.fi-xifi.eu COMPONENTS INSTALLATION OVERVIEW Training Session “Service Integration”
10
Keyrock IdM Github repository –https://github.com/ging/fi-ware-idmhttps://github.com/ging/fi-ware-idm Installation Guide: –https://github.com/ging/fi-ware-idm/wiki/Installation- guidehttps://github.com/ging/fi-ware-idm/wiki/Installation- guide Training demo host: –http://130.206.82.198:3000/
11
Keystone-proxy (1) Github repository –https://github.com/ging/fi-ware-keystone-proxyhttps://github.com/ging/fi-ware-keystone-proxy Installation Guide: –https://github.com/ging/fi-ware-keystone- proxy/blob/master/README.mdhttps://github.com/ging/fi-ware-keystone- proxy/blob/master/README.md Training demo host: –http://130.206.82.198:4730/
12
Keystone-proxy (2) Register cloud as an IdM Application Config.js var config = {}; config.adminUsers = {"user": {password: "pass", isAdmin: "false"}}; config.accountServer = '130.206.82.198'; // OAUTH Cloud credentials in the Account server config.client_id = ‘'; config.client_secret = ‘’'; //Mysql db config: config.db = { host : 'localhost', user : 'root', password : '1234', database : 'keystone_proxy' };............
13
Keystone-proxy (3) Config.js …. config.serviceCatalog = [ {"endpoints": [ {"adminURL": "http://localhost:8774/v2/$(tenant_id)s", "region": "RegionOne", "internalURL": "http://localhost:8774/v2/$(tenant_id)s", "publicURL": "http://localhost:8774/v2/$(tenant_id)s"} ], "endpoints_links": [], "type": "compute", "name": "nova" }, …..
14
Cloud Portal (1) Github repository –https://github.com/ging/fi-ware-cloud-portal Installation Guide: –https://github.com/ging/fi-ware-cloud- portal/blob/master/README.mdhttps://github.com/ging/fi-ware-cloud- portal/blob/master/README.md Training demo host: –http://130.206.82.198
15
Cloud Portal (2) Config.js config.oauth = { account_server: http://130.206.82.198:3000'', client_id: '', client_secret: '', callbackURL: 'http://130.206.82.198/login' }; config.keystone = { host: '130.206.82.198', port: 4730, admin_host: '130.206.82.198', admin_port: 4731, username: ’cloud', password: ’cloud', tenantId: '12345678901234567890123456789012' };
16
Summary Proxy Keystone Cloud Server IdM Cloud Portal
17
Summary Proxy Keystone Cloud Server IdM Cloud Portal OS Service Region1 Region2 Region3
18
www.fi-xifi.eu FEDERATE A NEW NODE Training Session “Service Integration”
19
Installing OS Services Using a virtual machine: –Install virtual box :: https://www.virtualbox.org/wiki/Downloads –Install Vagrant :: http://www.vagrantup.com/downloads.html This allow installation into virtual machines via scripts (Chef recipes).
20
OpenStack (DevStack) I mkdir devstack_vagrant cd devstack_vagrant vagrant box add precise32 http://files.vagrantup.com/precise32.box vagrant init precise32 Edit Vagrantfile and change: – vb.customize ["modifyvm", :id, "--memory", "2048"] – config.vm.network :forwarded_port, guest: 8774, host: 8774 – config.vm.network :forwarded_port, guest: 9292, host: 9292 – config.vm.network :forwarded_port, guest: 8776, host: 8776 Vagrant up && vagrant ssh
21
OpenStack (DevStack) II sudo apt-get update && sudo apt-get -y install git vim-gtk libxml2-dev libxslt1-dev libpq-dev python-pip libsqlite3-dev && sudo apt-get -y build-dep python- mysqldb && sudo pip install git-review tox && git clone git://git.openstack.org/openstack-dev/devstack && cd devstack git checkout -b havana origin/stable/havana./stack.sh
22
Amazon version Ask for it if you need it….
23
Configuring OS Services Kesytone Cloud Server Keystone Middleware OS Service Cloud Portal 11 Request + token 12 token 15 OK + user info + tenant
24
Configuring OS Services Kesytone Cloud Server Keystone Middleware OS Service Cloud Portal 11 Request + token 12 token 15 OK + user info + tenant
25
Configuring OS Services Proxy Keystone Cloud Server Keystone Middleware OS Service IdM Cloud Portal 11 Request + token 12 token 15 OK + user info + tenant 8, 13 access- token 9, 14 user info
26
Note Official Fi-lab IP for keystone-Proxy is : –130.206.82.10 We will NOT use it for today training. TODAY keystone-proxy is : 130.206.82.198 YOU must change on all next slides.
27
Nova /etc/nova/nova.conf... quantum_admin_auth_url=http://130.206.82.10:4731/v2.0http://130.206.82.10:4731/v2.0 quantum_admin_password=quantum... keystone_ec2_url=http://130.206.82.10:4730/v2.0/ec2tokenshttp://130.206.82.10:4730/v2.0/ec2tokens... [keystone_authtoken] auth_port=4731 admin_password=nova admin_user=nova... auth_host=130.206.82.10 quantum_region_name=[YOUR_REGION_NAME]
28
Quantum (1) /etc/quantum/dhcp_agent.ini... admin_user=quantum... admin_password=quantum... auth_url=http://130.206.82.10:4731/v2.0http://130.206.82.10:4731/v2.0 admin_tenant_name=services
29
Quantum (2) /etc/quantum/metadata_agent.ini... auth_url = http://130.206.82.10:4731/v2.0http://130.206.82.10:4731/v2.0 auth_region = [HERE YOUR REGION'S NAME] admin_tenant_name = services admin_user = quantum admin_password = quantum...
30
Quantum (3) /etc/quantum/quantum.conf... [keystone_authtoken] auth_host = 130.206.82.10 auth_port = 4731 auth_protocol = http admin_tenant_name = services admin_user = quantum admin_password = quantum signing_dir = /var/lib/quantum/keystone-signing auth_url=http://130.206.82.10:4731/v2.0http://130.206.82.10:4731/v2.0
31
Quantum (4) /etc/quantum/l3_agent.ini... admin_user=quantum admin_tenant_name=services admin_password=quantum... auth_url=http://130.206.82.10:4731/v2.0http://130.206.82.10:4731/v2.0
32
Quantum (5) /etc/quantum/api-paste.ini... [filter:authtoken] paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory auth_host=130.206.82.10 admin_password=quantum auth_url=http://130.206.82.10:4731/v2.0http://130.206.82.10:4731/v2.0 admin_tenant_name=services admin_user=quantum auth_port=4731
33
Glance (1) /etc/glance/glance-api.conf... swift_store_auth_address=http://130.206.82.10:4730/v2.0/http://130.206.82.10:4730/v2.0/... swift_store_user=services:glance... auth_port=4731 auth_host=130.206.82.10 admin_password=glance admin_tenant_name=services auth_protocol=http auth_uri=http://130.206.82.10:4731http://130.206.82.10:4731 admin_user=glance
34
Glance (2) /etc/glance/glance-registry.conf [keystone_authtoken] signing_dir=/tmp/keystone-signing-glance auth_host=130.206.82.10 admin_password=glance auth_port=4731 signing_dirname=/tmp/keystone-signing-glance auth_protocol=http admin_tenant_name=services admin_user=glance
35
Glance (3) /etc/glance/glance-cache.conf admin_user=glance... admin_tenant_name=services... admin_password=glance... auth_url=http://130.206.82.10:4731http://130.206.82.10:4731
36
Glance (4) /etc/glance/glance.conf filesystem_store_datadir=/var/lib/glance/images/ swift_store_region=[YOUR_REGION_NAME]
37
Cinder /etc/cinder/cinder.conf... admin_password=cinder auth_port=4731 auth_host=130.206.82.10 admin_tenant_name=services auth_protocol=http admin_user=cinder...
38
Swift /etc/swift/proxy-server.conf... [filter:s3token] paste.filter_factory = keystone.middleware.s3_token:filter_factory auth_port = 4731 auth_protocol = http auth_host = 130.206.82.10... [filter:keystone] use = egg:swift#keystoneauth operator_roles = admin, SwiftOperator, member is_admin = true cache = swift.cache... [filter:authtoken] paste.filter_factory = keystone.middleware.auth_token:filter_factory auth_host = 130.206.82.10 auth_port = 4731 auth_protocol = http auth_uri = http://130.206.82.10:4731http://130.206.82.10:4731 admin_tenant_name = services admin_user = swift admin_password = swift
39
Adding the node to Federation Keystone-proxy config.js …. config.serviceCatalog = [ {"endpoints": [ {"adminURL": "http://endopoint/v2/$(tenant_id)s", "region": "RegionOne", "internalURL": "http:/endpoint/v2/$(tenant_id)s", "publicURL": "http:/endpoint/v2/$(tenant_id)s"} ], "endpoints_links": [], "type": "compute", "name": "nova" }, …..
40
eXperimental Infrastructures for the Future Internet www.fi-xifi.eu Thanks! Álvaro Alonso Joaquín Salvachúa UPM-DIT
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.