Book Image

OpenStack Orchestration

By : Adnan Ahmed Siddiqui
Book Image

OpenStack Orchestration

By: Adnan Ahmed Siddiqui

Overview of this book

This book is focused on setting up and using one of the most important services in OpenStack orchestration, Heat. First, the book introduces you to the orchestration service for OpenStack to help you understand the uses of the templating mechanism, complex control groups of cloud resources, and huge-potential and multiple-use cases. We then move on to the topology and orchestration specification for cloud applications and standards, before introducing the most popular IaaS cloud framework, Heat. You will get to grips with the standards used in Heat, overview and roadmap, architecture and CLI, heat API, heat engine, CloudWatch API, scaling principles, JeOS and installation and configuration of Heat. We wrap up by giving you some insights into troubleshooting for OpenStack. With easy-to-follow, step-by-step instructions and supporting images, you will be able to manage OpenStack operations by implementing the orchestration services of Heat.
Table of Contents (14 chapters)
OpenStack Orchestration
About the Author
About the Reviewers
Stack Group of Connected Cloud Resources

The authorization model configuration

Heat used to support the password-based authorization until the kilo version of OpenStack was released. Using the kilo version of OpenStack, the following changes can be made to enable trusts-based authorization in the Heat configuration file:

  • The default setting in heat.conf:

  • To be replaced for enabling trusts-based authentication:

  • The following parameters need to be set to specify trustor roles:

    trusts_delegated_roles =

As mentioned earlier, all available roles for the trustor will be assigned to the trustee if no specific roles are mentioned in the heat.conf file.