Book Image

OpenStack Essentials - Second Edition

By : Dan Radez
Book Image

OpenStack Essentials - Second Edition

By: Dan Radez

Overview of this book

OpenStack is a widely popular platform for cloud computing. Applications that are built for this platform are resilient to failure and convenient to scale. This book, an update to our extremely popular OpenStack Essentials (published in May 2015) will help you master not only the essential bits, but will also examine the new features of the latest OpenStack release - Mitaka; showcasing how to put them to work straight away. This book begins with the installation and demonstration of the architecture. This book will tech you the core 8 topics of OpenStack. They are Keystone for Identity Management, Glance for Image management, Neutron for network management, Nova for instance management, Cinder for Block storage, Swift for Object storage, Ceilometer for Telemetry and Heat for Orchestration. Further more you will learn about launching and configuring Docker containers and also about scaling them horizontally. You will also learn about monitoring and Troubleshooting OpenStack.

Related Content you might be interested in

Current Title:

Small book image
OpenStack Essentials - Second Edition
Dan Radez
Aug, 2016 | 182 pages
No titles found
Table of Contents (20 chapters)
OpenStack Essentials Second Edition
OpenStack Essentials Second Edition
Credits
Credits
About the Author
About the Author
About the Reviewer
About the Reviewer
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
RDO Installation
RDO Installation
OpenStack architecture
Dashboard
Keystone
Glance
Neutron
Nova
Cinder
Swift
Ceilometer
Heat
OpenStack installation
Installing RDO using Packstack
Installing RDO using Triple-O
Connecting to your Overcloud
Summary
2
Identity Management
Identity Management
Services and endpoints
Interacting with Keystone in the dashboard
Endpoints in the dashboard
Summary
3
Image Management
Image Management
Glance as a registry of images
Using the web interface
Building an image
Summary
4
Network Management
Network Management
Networking and Neutron
Open vSwitch configuration
Creating a network
Web interface management
External network access
Web interface external network setup
Summary
5
Instance Management
Instance Management
Managing flavors
Managing key pairs
Launching an instance
Managing floating IP addresses
Managing security groups
Communicating with the instance
Launching an instance using the web interface
Summary
6
Block Storage
Block Storage
Use case
Creating and using block storage
Attaching the block storage to an instance
Managing Cinder volumes in the web interface
Backing storage
Ceph setup
Summary
7
Object Storage
Object Storage
Use case
Architecture of a Swift cluster
Creating and using object storage
Object file management in the web interface
Using object storage on an instance
Ring files
Summary
8
Telemetry
Telemetry
Understanding the data store
Definitions of Ceilometer's configuration terms
Graphing the data
Summary
9
Orchestration
Orchestration
About orchestration
Writing templates
The Heat Orchestration Template format
Launching a stack
Autoscaling instances with Heat
LBaaS setup
Web interface
Summary
10
Docker
Docker
Containers
OpenStack integration
Nova compute configuration
Glance configuration
Launching a Docker instance
Summary
11
Scaling Horizontally
Scaling Horizontally
Scaling compute nodes
Installing more control nodes
Load-balancing control services
High availability
Highly available database and message bus
Summary
12
Monitoring
Monitoring
Monitoring defined
Installing Nagios
Monitoring methods
Non-OpenStack service checks
Monitoring control services
Monitoring network services
Monitoring compute services
Summary
13
Troubleshooting
Troubleshooting
The OpenStack debug command-line option
Tailing the server logs
Troubleshooting Keystone and authentication
Troubleshooting Glance image management
Troubleshooting Neutron networking
Troubleshooting Nova launching instances
Troubleshooting post-boot metadata
Troubleshooting console access
Troubleshooting Cinder block storage
Troubleshooting Swift object storage
Troubleshooting Ceilometer Telemetry
Troubleshooting Heat orchestration
Getting more help
Summary
Index
Index

Keystone

Keystone is the identity management component. The first thing that needs to happen while connecting to an OpenStack deployment is authentication. In its most basic installation, Keystone will manage tenants, users, and roles and be a catalog of services and endpoints for all the components in the running cluster.

Everything in OpenStack must exist in a tenant. A tenant is simply a grouping of objects. Users, instances, and networks are examples of objects. They cannot exist outside of a tenant. Another name for a tenant is a project. On the command line, the term tenant is used. In the web interface, the term project is used.

Users must be granted a role in a tenant. It's important to understand this relationship between the user and a tenant via a role. In Chapter 2, Identity Management, we will look at how to create the user and tenant and how to associate the user with a role in a tenant. For now, understand that a user cannot log in to the cluster unless they are a member of a tenant. Even the administrator has a tenant. Even the users the OpenStack components use to communicate with each other have to be members of a tenant to be able to authenticate.

Keystone also keeps a catalog of services and endpoints of each of the OpenStack components in the cluster. This is advantageous because all of the components have different API endpoints. By registering them all with Keystone, an end user only needs to know the address of the Keystone server to interact with the cluster. When a call is made to connect to a component other than Keystone, the call will first have to be authenticated, so Keystone will be contacted regardless.

Within the communication to Keystone, the client also asks Keystone for the address of the component the user intended to connect to. This makes managing the endpoints easier. If all the endpoints were distributed to the end users, then it would be a complex process to distribute a change in one of the endpoints to all of the end users. By keeping the catalog of services and endpoints in Keystone, a change is easily distributed to end users as new requests are made to connect to the components.

By default, Keystone uses username/password authentication to request a token and the acquired tokens for subsequent requests. All the components in the cluster can use the token to verify the user and the user's access. Keystone can also be integrated into other common authentication systems instead of relying on the username and password authentication provided by Keystone. In Chapter 2, Identity Management, each of these resources will be explored. We'll walk through creating a user and a tenant and look at the service catalog.

Previous Section
End of Section 4
Next Section