OpenStack Ocata : Configure Heat#1 (Control Node)

Install OpenStack Orchestration Service (Heat). This example is based on the emvironment like follows. ------------+--------------------------------+--------------------------------+------------ | | | eth0|10.0.0.30 eth0|10.0.0.50 eth0|10.0.0.51 +-----------+-----------+ +-----------+-----------+ +-----------+-----------+ | [ Control Node ] | | [ Network Node ] | | [ Compute Node ] | | | | | | | | MariaDB RabbitMQ | | Open vSwitch | | Libvirt | | Memcached httpd | | L2,L3,Metadata Agent | | Nova Compute | | Keystone Glance | | Heat API API-CFN | | Open vSwitch | | Nova API | | Heat Engine | | L2 Agent | | Neutron Server | | | | | +-----------------------+ +-----------------------+ +-----------------------+

[1]	Install packages on Control Node.

# install from Ocata, EPEL [root@dlp ~(keystone)]#  yum --enablerepo=centos-openstack-ocata,epel -y install openstack-heat-common

[2]	Add users and so on for Heat services in Keystone on the Control Node.

# add Heat user [root@dlp ~(keystone)]#  openstack user create --domain default --project service --password servicepassword heat  +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | default_project_id | 18ba3488fac4462dbdc5689109386c36 | | domain_id | default | | enabled | True | | id | 580df167c6fd4bd5a24f35d99f375d08 | | name | heat | | options | {} | | password_expires_at | None | +---------------------+----------------------------------+ # add Heat user to admin role [root@dlp ~(keystone)]#  openstack role add --project service --user heat admin # create a role for Heat [root@dlp ~(keystone)]#  openstack role create heat_stack_owner  +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | None | | id | e64400378b30483eb97f8599cbd3b29b | | name | heat_stack_owner | +-----------+----------------------------------+ [root@dlp ~(keystone)]#  openstack role create heat_stack_user  +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | None | | id | 4a6757d7d64746de9f300efc42d68264 | | name | heat_stack_user | +-----------+----------------------------------+ # add admin user to heat_stack_owner role [root@dlp ~(keystone)]#  openstack role add --project admin --user admin heat_stack_owner # create service entry for Heat [root@dlp ~(keystone)]#  openstack service create --name heat --description "Openstack Orchestration" orchestration  +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Openstack Orchestration | | enabled | True | | id | 3b448f30665d46aca9e480362ba4246d | | name | heat | | type | orchestration | +-------------+----------------------------------+ [root@dlp ~(keystone)]#  openstack service create --name heat-cfn --description "Openstack Orchestration" cloudformation  +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Openstack Orchestration | | enabled | True | | id | a4427fb918ea46a893682890b1a4fe8c | | name | heat-cfn | | type | cloudformation | +-------------+----------------------------------+ # define Heat API server's IP [root@dlp ~(keystone)]#  heat_api=10.0.0.50 # create endpoint entry for orchestration (public) [root@dlp ~(keystone)]#  openstack endpoint create --region RegionOne orchestration public http://$heat_api:8004/v1/%\(tenant_id\)s  +--------------+----------------------------------------+ | Field | Value | +--------------+----------------------------------------+ | enabled | True | | id | 9043e183e05c4684ae97459b475714cb | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | 3b448f30665d46aca9e480362ba4246d | | service_name | heat | | service_type | orchestration | | url | http://10.0.0.50:8004/v1/%(tenant_id)s | +--------------+----------------------------------------+ # create endpoint entry for orchestration (internal) [root@dlp ~(keystone)]#  openstack endpoint create --region RegionOne orchestration internal http://$heat_api:8004/v1/%\(tenant_id\)s  +--------------+----------------------------------------+ | Field | Value | +--------------+----------------------------------------+ | enabled | True | | id | 9b5b8eeb9b1e4c74ad47446a62fac794 | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | 3b448f30665d46aca9e480362ba4246d | | service_name | heat | | service_type | orchestration | | url | http://10.0.0.50:8004/v1/%(tenant_id)s | +--------------+----------------------------------------+ # create endpoint entry for orchestration (admin) [root@dlp ~(keystone)]#  openstack endpoint create --region RegionOne orchestration admin http://$heat_api:8004/v1/%\(tenant_id\)s  +--------------+----------------------------------------+ | Field | Value | +--------------+----------------------------------------+ | enabled | True | | id | 1daed803e2d148eba240eb41467b0838 | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | 3b448f30665d46aca9e480362ba4246d | | service_name | heat | | service_type | orchestration | | url | http://10.0.0.50:8004/v1/%(tenant_id)s | +--------------+----------------------------------------+ # create endpoint entry for cloudformation (public) [root@dlp ~(keystone)]#  openstack endpoint create --region RegionOne cloudformation public http://$heat_api:8000/v1  +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 0c9665539f6c4ffdaab2eddff0f209bc | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | a4427fb918ea46a893682890b1a4fe8c | | service_name | heat-cfn | | service_type | cloudformation | | url | http://10.0.0.50:8000/v1 | +--------------+----------------------------------+ # create endpoint entry for cloudformation (internal) [root@dlp ~(keystone)]#  openstack endpoint create --region RegionOne cloudformation internal http://$heat_api:8000/v1  +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 92a0cb590c574672b956385ada4157d1 | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | a4427fb918ea46a893682890b1a4fe8c | | service_name | heat-cfn | | service_type | cloudformation | | url | http://10.0.0.50:8000/v1 | +--------------+----------------------------------+ # create endpoint entry for cloudformation (admin) [root@dlp ~(keystone)]#  openstack endpoint create --region RegionOne cloudformation admin http://$heat_api:8000/v1  +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | e09282cc4928477aa7ea7e2dc8de991d | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | a4427fb918ea46a893682890b1a4fe8c | | service_name | heat-cfn | | service_type | cloudformation | | url | http://10.0.0.50:8000/v1 | +--------------+----------------------------------+ # create Heat domain [root@dlp ~(keystone)]#  openstack domain create --description "Stack projects and users" heat  +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Stack projects and users | | enabled | True | | id | a409e9f8003544b39b6576e0a53e6d76 | | name | heat | +-------------+----------------------------------+ # create "heat_domain_admin" user [root@dlp ~(keystone)]#  openstack user create --domain heat --password servicepassword heat_domain_admin  +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | domain_id | a409e9f8003544b39b6576e0a53e6d76 | | enabled | True | | id | 843689e4984e49e2a42d5ec04d0ac5e7 | | name | heat_domain_admin | | options | {} | | password_expires_at | None | +---------------------+----------------------------------+ # add "heat_domain_admin" user to admin role [root@dlp ~(keystone)]#  openstack role add --domain heat --user heat_domain_admin admin

[3]	Create a database for Heat to MariaDB.

[root@dlp ~(keystone)]#  mysql -u root -p  Enter password: Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 42 Server version: 10.1.20-MariaDB MariaDB Server Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]>  create database heat;  Query OK, 1 row affected (0.00 sec) MariaDB [(none)]>  grant all privileges on heat.* to heat@'localhost' identified by 'password';  Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]>  grant all privileges on heat.* to heat@'%' identified by 'password';  Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]>  flush privileges;  Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]>  exit  Bye