QuickStart Guide for CloudForms with Red Hat OpenStack Platform
Getting started with CloudForms on Red Hat OpenStack Platform
Abstract
Chapter 1. Introduction to Red Hat CloudForms
Red Hat CloudForms delivers the insight, control, and automation that enterprises need to address the challenges of managing virtual environments. This technology enables enterprises with existing virtual infrastructures to improve visibility and control, and those starting virtualization deployments to build and operate a well-managed virtual infrastructure.
Red Hat CloudForms provides the following feature sets:
- Insight: Discovery, Monitoring, Utilization, Performance, Reporting, Analytic, Chargeback, and Trending.
- Control: Security, Compliance, Alerting, and Policy-Based Resource, and Configuration Enforcement.
- Automate: IT Process, Task and Event, Provisioning, and Workload Management and Orchestration.
- Integrate: Systems Management, Tools and Processes, Event Consoles, Configuration Management Database (CMDB), Role-based Administration (RBA), and Web Services.
1.1. Architecture
The diagram below describes the capabilities of Red Hat CloudForms. Its features are designed to work together to provide robust management and maintenance of your virtual infrastructure.
The architecture comprises the following components:
- The Red Hat CloudForms appliance (appliance) which is supplied as a secure, high-performance, preconfigured virtual machine. It provides support for HTTPS communications.
- The Red Hat CloudForms Server (Server) resides on the appliance. It is the software layer that communicates between the SmartProxy and the Virtual Management Database. It includes support for HTTPS communications.
- The Virtual Management Database (VMDB) resides either on the appliance or another computer accessible to the appliance. It is the definitive source of intelligence collected about your Virtual Infrastructure. It also holds status information regarding appliance tasks.
- The Red Hat CloudForms Console (Console) is the Web interface used to view and control the Server and appliance. It is consumed through Web 2.0 mash-ups and web services (WS Management) interfaces.
- The SmartProxy can reside on the appliance or on an ESX Server. If not embedded in the Server, the SmartProxy can be deployed from the appliance. A SmartProxy agent must configured in each storage location, and must be visible to the appliance. The SmartProxy acts on behalf of the appliance communicating with it over HTTPS on standard port 443.
1.2. Requirements
To use Red Hat CloudForms, certain virtual hardware, database, and browser requirements must be met in your environment.
1.2.1. Virtual Hardware Requirements
The Red Hat CloudForms appliance requires the following virtual hardware at minimum:
- 4 VCPUs
- 12 GB RAM
- 44 GB HDD + optional database disk
1.2.2. Database Requirements
Red Hat recommends allocating the virtual machine disk fully at the time of creation. Three main factors affect the size of your database over time:
- Virtual Machine Count: the most important factor in the calculation of virtual machine database (VMDB) size over time.
- Host Count: the number of hosts associated with the provider.
- Storage Count: the number of individual storage elements as seen from the perspective of the provider or host. It is not the total number of virtual disks for all virtual machines.
Use the following table as a guideline to calculate minimum requirements for your database:
When enabling capacity and utilization for metrics gathering over a period of time, it is recommended that the VMDB size scale accordingly. Evaluate the number of instances in your provider inventory and storage duration requirements to plan for increased VMDB sizing requirements.
Use the following information to plan for your increased VMDB needs when working with metrics gathering:
- Realtime metrics data are stored for 4 hours.
- Rollup metrics data are stored for 6 months.
Example:
Minute | Hour | Day | |
OpenStack Provider Instance | 3 Realtime Metrics | 181 (3 records * 60 minutes = 180 Realtime Metrics + 1 hourly Rollup Metric) | 4,345 (3 records * 60 minutes * 24 hours =4320 Realtime Metrics + 1 daily Rollup Metric) |
- Metrics data storage times can be configured by editing the Advanced Settings.
1.2.3. Browser Requirements
To use Red Hat CloudForms, the following browser requirements must be met:
One of the following web browsers:
- Mozilla Firefox for versions supported under Mozilla’s Extended Support Release (ESR)
- Internet Explorer 10 or higher
- Google Chrome for Business
- A monitor with minimum resolution of 1280x1024.
Due to browser limitations, Red Hat supports logging in to only one tab for each multi-tabbed browser. Console settings are saved for the active tab only. For the same reason, Red Hat CloudForms does not guarantee that the browser’s Back button will produce the desired results. Red Hat recommends using the breadcrumbs provided in the Console.
1.2.4. Additional Requirements
Additionally, the following must be configured to use Red Hat CloudForms:
- The Red Hat CloudForms appliance must already be installed and activated in your enterprise environment.
- The SmartProxy must have visibility into the virtual machines and cloud instances that you want to control.
- For more information, see SmartProxies in the CloudForms General Configuration guide.
1.3. Terminology
The following terms are used throughout the documentation. Review them before proceeding.
- Account Role
- The level of access a user has to different parts and functions of the Red Hat CloudForms console. There are a variety of Account Roles, which can be assigned to users to restrict or allow access to parts of the console and virtual infrastructure.
- Action
- An execution that is performed after a condition is evaluated.
- Alert
- Red Hat CloudForms alerts notify administrators and monitoring systems of critical configuration changes and threshold limits in the virtual environment. The notification can take the form of either an email or an SNMP trap.
- Analysis Profile
- A customized scan of hosts, virtual machines, or instances. You can collect information from categories, files, event logs, and registry entries.
- Cloud
- A pool of on-demand and highly available computing resources. The usage of these resources are scaled depending on the user requirements and metered for cost.
- Red Hat CloudForms Appliance
- A virtual machine where the virtual management database (VMDB) and Red Hat CloudForms reside.
- Red Hat CloudForms Console
- A web-based interface into the Red Hat CloudForms appliance.
- Red Hat CloudForms Role
- A designation assigned to a Red Hat CloudForms server that defines what a Red Hat CloudForms server can do.
- Red Hat CloudForms Server
- The application that runs on the Red Hat CloudForms appliance and communicates with the SmartProxy and the VMDB.
- Cluster
- Hosts that are grouped together to provide high availability and load balancing.
- Condition
- A control policy test triggered by an event, which determines a subsequent action.
- Discovery
- Process run by the Red Hat CloudForms server which finds virtual machine and cloud providers.
- Drift
- The comparison of a virtual machine, instance, host, cluster to itself at different points in time.
- Event
- A trigger to check a condition.
- Event Monitor
- Software on the Red Hat CloudForms appliance which monitors external providers for events and sends them to the Red Hat CloudForms server.
- Host
- A computer running a hypervisor, capable of hosting and monitoring virtual machines. Supported hypervisors include RHV-H, VMware ESX hosts, Windows Hyper-V hosts.
- Instance/Cloud Instance
- A on-demand virtual machine based upon a predefined image and uses a scalable set of hardware resources such as CPU, memory, networking interfaces.
- Managed/Registered VM
- A virtual machine that is connected to a host and exists in the VMDB. Also, a template that is connected to a provider and exists in the VMDB. Note that templates cannot be connected to a host.
- Managed/Unregistered VM
- A virtual machine or template that resides on a repository or is no longer connected to a provider or host and exists in the VMDB. A virtual machine that was previously considered registered may become unregistered if the virtual machine was removed from provider inventory.
- Provider
- An external management system that CloudForms integrates in order to collect data and perform operations.
- Policy
- A combination of an event, a condition, and an action used to manage a virtual machine.
- Policy Profile
- A set of policies.
- Refresh
- A process run by the Red Hat CloudForms server which checks for relationships of the provider or host to other resources, such as storage locations, repositories, virtual machines, or instances. It also checks the power states of those resources.
- Regions
- A region is the collection of zones that share the same database for reporting and charting. A master region may be added to synchronize multiple VMDBs into one VMDB for higher-level reporting, providing a "single pane of glass" view.
- Resource
- A host, provider, instance, virtual machine, repository, or datastore.
- Resource Pool
- A group of virtual machines across which CPU and memory resources are allocated.
- Repository
- A place on a datastore resource which contains virtual machines.
- SmartProxy
- The SmartProxy is a software agent that acts on behalf of the Red Hat CloudForms appliance to perform actions on hosts, providers, storage and virtual machines.
- The SmartProxy can be configured to reside on the Red Hat CloudForms appliance or on an ESX server version. The SmartProxy can be deployed from the Red Hat CloudForms appliance, and provides visibility to the VMFS storage. Each storage location must have a SmartProxy with visibility to it. The SmartProxy acts on behalf of the Red Hat CloudForms appliance. If the SmartProxy is not embedded in the Red Hat CloudForms server, it communicates with the Red Hat CloudForms appliance over HTTPS on standard port 443.
- SmartState Analysis
- Process run by the SmartProxy which collects the details of a virtual machine or instance. Such details include accounts, drivers, network information, hardware, and security patches. This process is also run by the Red Hat CloudForms server on hosts and clusters. The data is stored in the VMDB.
- SmartTags
- Descriptors that allow you to create a customized, searchable index for the resources in your clouds and infrastructure.
- Storage Location
- A device, such as a VMware datastore, where digital information resides that is connected to a resource.
- Tags
- Descriptive terms defined by a Red Hat CloudForms user or the system used to categorize a resource.
- Template
- A template is a copy of a preconfigured virtual machine, designed to capture installed software and software configurations, as well as the hardware configuration, of the original virtual machine.
- Unmanaged Virtual Machine
- Files discovered on a datastore that do not have a virtual machine associated with them in the VMDB. These files may be registered to a provider that the Red Hat CloudForms server does not have configuration information on. Possible causes may be that the provider has not been discovered or that the provider has been discovered, but no security credentials have been provided.
- Virtual Machine
- A software implementation of a system that functions similar to a physical machine. Virtual machines utilize the hardware infrastructure of a physical host, or a set of physical hosts, to provide a scalable and on-demand method of system provisioning.
- Virtual Management Database (VMDB)
- Database used by the Red Hat CloudForms appliance to store information about your resources, users, and anything else required to manage your virtual enterprise.
- Virtual Thumbnail
- An image in the web interface representing a resource, such as a provider or a virtual machine, showing the resource’s properties at a glance. Each virtual thumbnail is divided into quadrants, which provide information about the resource, such as its software and power state.
- Worker Appliance
- A CloudForms appliance dedicated to a role other than user interface or database.
- Zones
- Red Hat CloudForms Infrastructure can be organized into zones to configure failover and to isolate traffic. Zones can be created based on your environment. Zones can be based on geographic location, network location, or function. When first started, new servers are put into the default zone.
1.4. Getting Support
If you experience difficulty with a procedure described in this documentation, visit the Red Hat Customer Portal at http://access.redhat.com. Through the Customer Portal, you can:
- search or browse through a knowledgebase of technical support articles about Red Hat products
- submit a support case to Red Hat Global Support Services (GSS)
- access other product documentation
Red Hat also hosts a large number of electronic mailing lists for discussion of Red Hat software and technology. You can find a list of publicly available mailing lists at https://www.redhat.com/mailman/listinfo. Click on the name of any mailing list to subscribe to that list or to access the list archives.
Chapter 2. Key Red Hat CloudForms Features for OpenStack Cloud Providers
Red Hat CloudForms provides several interface features specific to OpenStack cloud providers:
- The CloudForms Topology widget (Chapter 7, Using the Topology Widget) provides an interactive visualization of the OpenStack cloud.
- CloudForms provides a user interface for managing OpenStack storage resources (Chapter 10, Managing Storage).
- Custom buttons, which allows you to provide automation for specific actions to OpenStack tenants (Appendix C, Creating Custom Buttons for Cloud Tenants).
When adding an OpenStack cloud provider, you can also:
- Enable tenant mapping. This creates a one-to-one association between tenants in CloudForms and OpenStack.
- Connect to OpenStack through the Keystone V3 API. This API enables multiple OpenStack identity domains. Domains are high-level containers for projects, users, and groups. Users of different domains can be represented in different authentication back ends.
For information about tenant mapping and the Keystone V3 API, see Chapter 5, Adding an OpenStack Cloud Provider.
Chapter 3. Installing and Configuring Red Hat CloudForms
Red Hat CloudForms can be installed on a number of virtualization platforms, such as VMware vSphere, and Red Hat Enterprise Virtualization. This chapter describes how to install and configure Red Hat CloudForms on Red Hat OpenStack Platform.
3.1. Obtaining and Installing the Red Hat CloudForms Appliance
First, download the appliance from the Red Hat Customer Portal:
- Go to access.redhat.com and log in to the Red Hat Customer Portal using your customer account details.
- Click Downloads in the menu bar.
- Click A-Z to sort the product downloads alphabetically.
- Click Red Hat CloudForms to access the product download page. The latest version of each download displays by default.
- From the list of installers and images under Product Software, choose OpenStack Virtual Appliance option with the latest version and click Download Now.
Afterwards, upload or install the appliance image as a virtual machine or instance on a supported virtualization environment or cloud provider. See the Installation and Upgrade section for information on different supported Red Hat CloudForms deployment methods.
Whichever deployment method you choose, ensure that Red Hat CloudForms is configured with connectivity to the OpenStack management network.
See Uploading the Appliance on OpenStack for instructions on deploying Red Hat CloudForms as an instance on the overcloud.
3.2. Configuring Red Hat CloudForms
After deploying the appliance, log in with the root password smartvm
. If you deployed the appliance as a virtual machine, you can log in through virsh
:
[root@kvm-host ~]# virsh console my-cfme Connected to domain my-cfme ... Welcome to the CFME Virtual Appliance. You can browse to http://localhost.localdomain/ Red Hat Enterprise Linux Server 7.2 (Maipo) Kernel 3.10.0-327.36.1.el7.x86_64 on an x86_64 localhost login: root Password: Last login: Thu Oct 13 23:03:53 on tty2 Welcome to the Appliance Console For a menu, please type: appliance_console [root@localhost ~]#
3.3. Configuring General Appliance Settings
After logging in, you can use the following menu items for advanced configuration of the appliance:
- Use Set DHCP Network Configuration to use DHCP to obtain the IP address and network configuration for your Red Hat CloudForms appliance. The appliance is initially configured as a DHCP client with bridged networking.
- Use Set Static Network Configuration if you have a specific IP address and network settings you need to use for the Red Hat CloudForms appliance.
- Use Test Network Configuration to check that name resolution is working correctly.
Use Set Hostname to specify a hostname for the Red Hat CloudForms appliance.
ImportantA valid fully qualified hostname for the Red Hat CloudForms appliance is required for SmartState analysis to work correctly,
- Use Set Timezone to configure the time zone for the Red Hat CloudForms appliance.
- Use Set Date and Time to configure the date and time for the Red Hat CloudForms appliance.
- Use Restore Database from Backup to restore the Virtual Management Database (VMDB) from a previous backup.
- Use Setup Database Region to create regions for VMDB replication.
- Use Configure Database to configure the VMDB. Use this option to configure the database for the appliance after installing and running it for the first time.
- Use Configure Database Replication to configure a primary or standby server for VMDB replication.
- Use Configure Database Maintenance to configure the VMDB maintenance schedule.
- Use Configure Application Database Failover Monitor to start or stop VMDB failover monitoring.
-
Use Extend Temporary Storage to add temporary storage to the appliance. The appliance formats an unpartitioned disk attached to the appliance host and mounts it at
/var/www/miq_tmp
. The appliance uses this temporary storage directory to perform certain image download functions. - Use Configure External Authentication (httpd) to configure authentication through an IPA server.
- Use Generate Custom Encryption Key to regenerate the encryption key used to encode plain text password.
-
Use Harden Appliance Using SCAP Configuration to apply Security Content Automation Protocol (SCAP) standards to the appliance. You can view these SCAP rules in the
/var/www/miq/lib/appliance_console/config/scap_rules.yml
file. - Use Stop EVM Server Processes to stop all server processes. You may need to do this to perform maintenance.
- Use Start EVM Server Processes to start the server. You may need to do this after performing maintenance.
- Use Restart Appliance to restart the Red Hat CloudForms appliance. You can either restart the appliance and clear the logs or just restart the appliance.
- Use Shut Down Appliance to power down the appliance and exit all processes.
- Use Summary Information to go back to the network summary screen for the Red Hat CloudForms appliance.
- Use Quit to leave the Red Hat CloudForms appliance console.
3.4. Configuring a Database for Red Hat CloudForms
Red Hat CloudForms supports the use of an internal or external database. The following instructions are suitable for configuring an internal database. For instructions on how to configure an external database instead, see Configuring an External Database.
Before installing an internal database, add a disk to the infrastructure hosting your appliance. See the documentation specific to your infrastructure for instructions for adding a disk. As a storage disk usually cannot be added while a virtual machine is running, Red Hat recommends adding the disk before starting the appliance. Red Hat CloudForms only supports installing of an internal VMDB on blank disks; installation will fail if the disks are not blank.
- Start the appliance and open a terminal console.
-
Enter the
appliance_console
command. The Red Hat CloudForms appliance summary screen displays. - Press Enter to manually configure settings.
- Select 5) Configure Database from the menu.
You are prompted to create or fetch an encryption key.
- If this is the first Red Hat CloudForms appliance, choose 1) Create key.
If this is not the first Red Hat CloudForms appliance, choose 2) Fetch key from remote machine to fetch the key from the first appliance. For worker and multi-region setups, use this option to copy key from another appliance.
NoteAll CloudForms appliances in a multi-region deployment must use the same key.
- Choose 1) Create Internal Database for the database location.
Choose a disk for the database. This can be either a disk you attached previously, or a partition on the current disk.
ImportantRed Hat recommends using a separate disk for the database.
If there is an unpartitioned disk attached to the virtual machine, the dialog will show options similar to the following:
1) /dev/vdb: 20480 2) Don't partition the disk
-
Enter 1 to choose
/dev/vdb
for the database location. This option creates a logical volume using this device and mounts the volume to the appliance in a location appropriate for storing the database. The default location is/var/opt/rh/rh-postgresql95/lib/pgsql
, which can be found in the environment variable$APPLIANCE_PG_MOUNT_POINT
. - Enter 2 to continue without partitioning the disk. A second prompt will confirm this choice. Selecting this option results in using the root filesystem for the data directory (not advised in most cases).
-
Enter 1 to choose
Enter Y or N for Should this appliance run as a standalone database server?
- Select Y to configure the appliance as a database-only appliance. As a result, the appliance is configured as a basic PostgreSQL server, without a user interface.
- Select N to configure the appliance with the full administrative user interface.
When prompted, enter a unique number to create a new region.
ImportantCreating a new region destroys any existing data on the chosen database.
- Create and confirm a password for the database.
Red Hat CloudForms then configures the internal database. This takes a few minutes. After the database is created and initialized, you can log in to CloudForms.
3.5. Configuring General Red Hat CloudForms Settings
After configuring the general settings for the appliance and creating a database for it, you can now launch Red Hat CloudForms. To do this, use the Start EVM Server Processes option from the appliance console (Section 3.3, “Configuring General Appliance Settings”). Once you launch Red Hat CloudForms, note the Hostname and IP Address displayed on the appliance console screen.
Open the Red Hat CloudForms web-based user interface by accessing either Hostname and IP Address on a web browser. At the login screen, use the following credentials:
- Username: admin
- Password: smartvm
You can also change the password of the admin account from the login screen. To do so, click the Update Password link.
You can access and configure most Red Hat CloudForms settings through the Configuration menu. You can access this menu through Administrator | EVM > Configuration.
The options under the Configuration menu allow you to configure global options for your Red Hat CloudForms environment, view diagnostic information, and view analytics on the servers in the environment. The menu displays the Red Hat CloudForms environment at the enterprise, zone, and server levels.
There are four main areas:
Settings
This menu allows you to configure global settings for your Red Hat CloudForms infrastructure. You can also create analysis profiles and schedules for these profiles.
Access Control
This menu contains options for configuring users, groups, roles, and tenants.
Diagnostics
This menu displays the status of your servers and their roles and provides access to logs.
Database
specify the location of your Virtual Machine Database (VMDB) and its login credentials.
3.6. Registering Your Appliance
Before you can access and apply package updates, you must register and subscribe the Red Hat CloudForms appliance to either Red Hat Content Delivery Network (CDN) or to a Red Hat Satellite server.
You need the following to register your appliance:
- Your Red Hat account login or Red Hat Network Satellite login
- A Red Hat subscription that covers your product
To register your appliance with Red Hat Subscription Management or Red Hat Satellite 6, first configure the region with your registration details. These settings will apply to all appliances in this region.
To configure registration for a region:
-
Log in to the appliance as the
admin
user. - From the settings menu, select Configuration.
- Select Region in the accordion menu and click the Red Hat Updates tab.
- Click Edit Registration.
Configure registration details for the Red Hat CloudForms appliance using one of two available options:
To register with Red Hat Subscription Management:
- In Register to, select Red Hat Subscription Management.
-
Enter the Red Hat Subscription Management Address. The default is
subscription.rhn.redhat.com
. -
Enter the Repository Name(s). The default is
cf-me-5.8-for-rhel-7-rpms rhel-server-rhscl-7-rpms
, which are the Red Hat CloudForms repository and the Red Hat Software Collections repository. - To use a HTTP proxy, select Use HTTP Proxy and enter your proxy details.
- Enter your Red Hat account information and click Validate.
- After your credentials are validated, click Save.
To register with Red Hat Satellite 6:
- In Register to, select Red Hat Satellite 6.
-
Enter the Red Hat Satellite 6 Address. The default is
subscription.rhn.redhat.com
. -
Enter the Repository Name(s). The default is
cf-me-5.8-for-rhel-7-rpms rhel-server-rhscl-7-rpms
, which are the Red Hat CloudForms repository and the Red Hat Software Collections repository. - To use a HTTP proxy, select Use HTTP Proxy and enter your proxy details.
- Enter your Red Hat Satellite account information and click Validate.
- After your credentials are validated, click Save.
Your appliance now appears in the Appliance Updates list as Not registered
.
To register your appliance:
- Select the appliance from the Appliance Updates list.
- Click Register to subscribe the appliance and attach subscriptions.
Registering and attaching subscriptions takes a few minutes. The subscription process is complete when the appliance reports that it is Subscribed
under Update Status, and Registered
under Last Message.
You can now apply updates to your appliance.
To update your appliances, see Updating Red Hat CloudForms in Migrating to Red Hat CloudForms 4.5.
3.7. Configuring CloudForms Metrics for SmartState Analysis
You can also configure CloudForms to perform a SmartState Analysis. This type of analysis collects details such as accounts, drivers, network information, hardware, and security patches on assets managed by the OpenStack provider. Enabling SmartState Analysis involves two steps:
These steps are required to allow CloudForms to collect metrics from OpenStack and use them to perform a SmartState analysis. You can choose different servers to perform either function; the following sections assume that you will.
3.7.1. Configuring CloudForms Capacity and Utilization
For metrics collection to work properly, you also need to configure Red Hat CloudForms to allow for all three Capacity & Utilization server roles, which are available from the settings menu under → → . For more information on capacity and utilization collection, see Assigning the Capacity and Utilization Server Roles in the Deployment Planning Guide.
To enable these server roles:
- From the settings menu, select Configuration, then select the server to configure from → in the accordion menu on the left.
Navigate to the Server Roles list in the → section. From there, set the required capacity and utilization roles to ON, namely:
- Capacity & Utilization Coordinator
- Capacity & Utilization Data Collector
- Capacity & Utilization Data Processor
- Click Save.
Data collection is enabled immediately. However, the first collection begins 5 minutes after the server is started, and every 10 minutes after that. Therefore, the longest the collection takes after enabling the Capacity & Utilization Collector role is 10 minutes. The first collection from a particular provider may take a few minutes since Red Hat CloudForms is gathering data points going one month back in time.
For more information, see Capacity and Utilization Collection from the Deployment Planning Guide.
3.7.2. Enabling SmartState Analysis
After enabling the required server roles, enable SmartState analysis. See Smart State Analysis Support from the Support Matrix and Running a SmartState Analysis in Managing Providers for more information.
Enabling SmartState analysis is similar to Section 3.7.1, “Configuring CloudForms Capacity and Utilization”, in that the procedure also involves enabling server roles on a specific server. To do so:
- From the settings menu, select Configuration.
- Select the server to configure from → in the left pane of the appliance.
Navigate to the Server Roles list in the → section. From there, set the appropriate SmartState roles to ON. Namely:
- SmartProxy
- SmartState Analysis
- Click Save.
Chapter 4. Adding an OpenStack Infrastructure Provider
After initial installation and creation of a Red Hat CloudForms environment, add an OpenStack infrastructure provider to the appliance. Red Hat CloudForms supports operating with the OpenStack admin
tenant. When creating an OpenStack infrastructure provider in Red Hat CloudForms, select the OpenStack infrastructure provider’s admin
user because it is the default administrator of the OpenStack admin
tenant. When using the admin
credentials, a user in Red Hat CloudForms provisions into the admin
tenant, and sees images, networks, and instances that are associated with the admin
tenant.
- You can set whether Red Hat CloudForms should use the Telemetry service or Advanced Message Queueing Protocol (AMQP) for event monitoring. If you choose Telemetry, you should first configure the ceilometer service on the undercloud to store events. See Section 4.1, “Configuring the Undercloud to Store Events” for instructions. For more information, see OpenStack Telemetry (ceilometer) in the Red Hat OpenStack Platform Architecture Guide.
- To authenticate the provider using a self-signed Certificate Authority (CA), configure the CloudForms appliance to trust the certificate using the steps in Appendix A, Using a Self-Signed CA Certificate before adding the provider.
- Navigate to → → .
-
Click
(Configuration), then click
(Add a New Infrastructure Provider).
- Enter the Name of the provider to add. The Name is how the device is labeled in the console.
- Select OpenStack Platform Director from the Type list.
Select the API Version of your OpenStack provider’s Keystone service from the list. The default is
Keystone v2
.Note- With Keystone API v3, domains are used to determine administrative boundaries of service entities in OpenStack. Domains allow you to group users together for various purposes, such as setting domain-specific configuration or security options. For more information, see OpenStack Identity (keystone) in the Red Hat OpenStack Platform Architecture Guide.
- The provider you are creating will be able to see projects for the given domain only. To see projects for other domains, add it as another cloud provider. For more information on domain management in OpenStack, see Domain Management in the Red Hat OpenStack Platform Users and Identity Management Guide.
Select the appropriate Zone for the provider. By default, the zone is set to default.
NoteFor more information, see the definition of host aggregates and availability zones in OpenStack Compute (nova) in the Red Hat OpenStack Platform Architecture Guide.
In the Default tab, under Endpoints, configure the host and authentication details of your OpenStack provider:
Select a Security Protocol method to specify how to authenticate the provider:
- SSL without validation: Authenticate the provider insecurely using SSL.
- SSL: Authenticate the provider securely using a trusted Certificate Authority. Select this option if the provider has a valid SSL certificate and it is signed by a trusted Certificate Authority. No further configuration is required for this option. This is the recommended authentication method.
- Non-SSL: Connect to the provider insecurely using only HTTP protocol, without SSL.
- Enter the Host Name or IP address(IPv4 or IPv6) of the provider. If your provider is an undercloud, use its hostname (see Setting the Hostname for the System in Red Hat OpenStack Platform Director Installation and Usage for more details)
- In API Port, set the public port used by the OpenStack Keystone service. By default, OpenStack uses port 5000 for non-SSL security protocol. For SSL, API port is 13000 by default.
- Select the appropriate Security Protocol used for authenticating with your OpenStack provider.
- In the Username field, enter the name of an OpenStack user with privileged access (for example, admin). Then, provide its corresponding password in the Password and Confirm Password fields.
- Click Validate to confirm Red Hat CloudForms can connect to the OpenStack provider.
Next, configure how Red Hat CloudForms should receive events from the OpenStack provider. Click the Events tab in the Endpoints section to start.
- To use the Telemetry service of the OpenStack provider, select Ceilometer. Before you do so, the provider must first be configured accordingly. See Section 4.1, “Configuring the Undercloud to Store Events” for details.
If you prefer to use the AMQP Messaging bus instead, select AMQP. When you do: In Hostname (or IPv4 or IPv6 address) (of the Events tab, under Endpoints), enter the public IP or fully qualified domain name of the AMQP host.
- In the API Port, set the public port used by AMQP. By default, OpenStack uses port 5672 for this.
- In the Username field, enter the name of an OpenStack user with privileged access (for example, admin). Then, provide its corresponding password in the Password and Confirm Password fields.
- Click Validate to confirm the credentials.
You can also configure SSH access to all hosts managed by the OpenStack infrastructure provider. To do so, click on the RSA key pair tab in the Endpoints section.
- From there, enter the Username of an account with privileged access.
- If you selected SSL in Endpoints > Default > Security Protocol earlier, use the Browse button to find and set a private key.
- Click Add after configuring the infrastructure provider.
Red Hat CloudForms requires that the adminURL
endpoint for all OpenStack services be on a non-private network. Accordingly, assign the adminURL endpoint an IP address of something other than 192.168.x.x
. The adminURL
endpoint must be accessible to the Red Hat CloudForms appliance that is responsible for collecting inventory and gathering metrics from the OpenStack environment. Additionally, all the Keystone endpoints must be accessible, otherwise refresh will fail.
4.1. Configuring the Undercloud to Store Events
To allow Red Hat CloudForms to receive events from a Red Hat OpenStack Platform environment, you must configure the notification_driver option for the Compute service and Orchestration service in that environment. To do so, edit undercloud.conf, and set store_events to true before installing the undercloud. See Installing the Undercloud and Configuring the Director in Red Hat OpenStack Platform Director Installation and Usage for related details.
Chapter 5. Adding an OpenStack Cloud Provider
Red Hat CloudForms supports operating with the OpenStack admin
tenant. When creating an OpenStack provider in Red Hat CloudForms, select the OpenStack provider’s admin
user because it is the default administrator of the OpenStack admin
tenant. When using the admin
credentials, a user in Red Hat CloudForms provisions into the admin
tenant, and sees images, networks, and instances that are associated with the admin
tenant.
In OpenStack, you must add admin
as a member of all tenants that users want to access and use in CloudForms. See Tenancy in the Deployment Planning Guide for more details on tenancy in CloudForms.
When adding an OpenStack cloud or infrastructure provider, you can enable tenant mapping in CloudForms to map any existing tenants from that provider. This means CloudForms will create new cloud tenants to match each existing OpenStack tenant; each new cloud tenant and its corresponding OpenStack tenant will have identical resources assignments, with the exception of quotas. Tenant quotas are not synchronized between CloudForms and OpenStack, and are available for reporting purposes only. You can manage quotas in CloudForms but this will not affect the quotas created in OpenStack.
During a provider refresh, CloudForms will also check for any changes to the tenant list in OpenStack. CloudForms will create new cloud tenants to match any new tenants, and delete any cloud tenants whose corresponding OpenStack tenants no longer exist. CloudForms will also replicate any changes to OpenStack tenants to their corresponding cloud tenants.
You can set whether Red Hat CloudForms should use the Telemetry service or Advanced Message Queueing Protocol (AMQP) for event monitoring. If you choose Telemetry, you should first configure the ceilometer service on the overcloud to store events. See Section 5.1, “Configuring the Overcloud to Store Events” for instructions.
For more information, see OpenStack Telemetry (ceilometer) in the Red Hat OpenStack Platform Architecture Guide.
To authenticate the provider using a self-signed Certificate Authority (CA), configure the CloudForms appliance to trust the certificate using the steps in Appendix A, Using a Self-Signed CA Certificate before adding the provider.
- Navigate to → → .
-
Click
(Configuration), then click
(Add a New Cloud Provider).
- Enter a Name for the provider.
- From the Type list, select OpenStack.
Select the appropriate API Version from the list. The default is
Keystone v2
.If you select
Keystone v3
, enter theKeystone V3 Domain ID
that Red Hat CloudForms should use. This is the domain of the user account you will be specifying later in the Default tab. If domains are not configured in the provider, enter default.Note- With Keystone API v3, domains are used to determine administrative boundaries of service entities in OpenStack. Domains allow you to group users together for various purposes, such as setting domain-specific configuration or security options. For more information, see OpenStack Identity (keystone) in the Red Hat OpenStack Platform Architecture Guide.
- The provider you are creating will be able to see projects for the given domain only. To see projects for other domains, add it as another cloud provider. For more information on domain management in OpenStack, see Domain Management in the Red Hat OpenStack Platform Users and Identity Management Guide.
- Enter a region number in Region.
- By default, tenant mapping is disabled. To enable it, set Tenant Mapping Enabled to Yes.
Select the appropriate Zone for the provider. If you do not specify a zone, it is set to
default
.NoteFor more information, see the definition of host aggregates and availability zones in OpenStack Compute (nova) in the Red Hat OpenStack Platform Architecture Guide.
In the Default tab, under Endpoints, configure the host and authentication details of your OpenStack provider:
Select a Security Protocol method to specify how to authenticate the provider:
- SSL without validation: Authenticate the provider insecurely using SSL.
- SSL: Authenticate the provider securely using a trusted Certificate Authority. Select this option if the provider has a valid SSL certificate and it is signed by a trusted Certificate Authority. No further configuration is required for this option. This is the recommended authentication method.
- Non-SSL: Connect to the provider insecurely using only HTTP protocol, without SSL.
In Hostname (or IPv4 or IPv6 address), enter the public IP or fully qualified domain name of the OpenStack Keystone service.
NoteThe hostname required here is also the OS_AUTH_URL value in the ~/overcloudrc file generated by the director (see Accessing the Overcloud in Red Hat OpenStack Platform Director Installation and Usage), or the ~/keystonerc_admin file generated by Packstack (see Evaluating OpenStack: Single-Node Deployment).
- In API Port, set the public port used by the OpenStack Keystone service. By default, OpenStack uses port 5000 for non-SSL security protocol. For SSL, API port is 13000 by default.
- Select the appropriate Security Protocol used for authenticating with your OpenStack provider.
In the Username field, enter the name of a user in the OpenStack environment.
ImportantIn environments that use Keystone v3 authentication, the user must have the admin role for the relevant domain.
- In the Password and Confirm Password fields, enter the password for the user.
- Click Validate to confirm Red Hat CloudForms can connect to the OpenStack provider.
Next, configure how Red Hat CloudForms should receive events from the OpenStack provider. Click the Events tab in the Endpoints section to start.
- To use the Telemetry service of the OpenStack provider, select Ceilometer. Before you do so, the provider must first be configured accordingly. See Section 5.1, “Configuring the Overcloud to Store Events” for details.
If you prefer to use the AMQP Messaging bus instead, select AMQP. When you do: In Hostname (or IPv4 or IPv6 address) (of the Events tab, under Endpoints), enter the public IP or fully qualified domain name of the AMQP host.
- In the API Port, set the public port used by AMQP. By default, OpenStack uses port 5672 for this.
- In the Username field, enter the name of an OpenStack user with privileged access (for example, admin). Then, provide its corresponding password in the Password and Confirm Password fields.
- Click Validate to confirm the credentials.
- Click Add after configuring the cloud provider.
-
To collect inventory and metrics from an OpenStack environment, the Red Hat CloudForms appliance requires that the adminURL endpoint for the OpenStack environment be on a non-private network. Hence, the OpenStack adminURL endpoint should be assigned an IP address other than
192.168.x.x
. Additionally, all the Keystone endpoints must be accessible, otherwise refresh will fail. - Collecting capacity and utilization data from an OpenStack cloud provider requires selecting the Collect for All Clusters option under Configuration, in the settings menu. For information, see Capacity and Utilization Collections in the General Configuration Guide.
5.1. Configuring the Overcloud to Store Events
By default, the Telemetry service does not store events emitted by other services in a Red Hat OpenStack Platform environment. The following procedure outlines how to enable the Telemetry service on your OpenStack cloud provider to store such events. This ensures that events are exposed to Red Hat CloudForms when a Red Hat OpenStack Platform environment is added as a cloud provider.
- Log in to the undercloud host.
Create an environment file called ceilometer.yaml, and add the following contents:
parameter_defaults: CeilometerStoreEvents: true
- Please see the below NOTE.
If your OpenStack cloud provider was not deployed through the undercloud, you can also set this manually. To do so:
- Log in to your Controller node.
Edit /etc/ceilometer/ceilometer.conf, and specify the following option:
store_events = True
Passing the newly created environment file to the overcloud deployment is environment specific and requires executing commands in particular order depending on use of variables. For further information please see Director Installation and Usage in the Red Hat OpenStack Platform documentation.
Chapter 6. Performing a SmartState Analysis
Red Hat CloudForms can analyze a cloud Instance or infrastructure host to collect metadata such as user accounts, applications, software patches, and other internal information. This key CloudForms feature is called SmartState Analysis. SmartState analysis can be initiated manually or automatically using Control Policies.
To manually initiate SmartState analysis on an instance:
- Navigate to → → .
- Click on an instance in the All Instances by Provider nsection.
-
Click
(Configuration), and then
(Perform SmartState Analysis). A pop-up window will appear to confirm the action.
- Click OK. The SmartState analysis will be initiated for the selected instance.
To manually initiate SmartState analysis on an Infrastructure host:
- Navigate to → → .
- Select a node in the Nodes section.
-
Click
(Configuration), and then
(Perform SmartState Analysis). A pop-up window will appear to confirm the action.
- Click OK. The SmartState analysis will be initiated for the selected node.
Chapter 7. Using the Topology Widget
The Topology widget is an interactive topology graph, showing the status and relationships between the different resources and entities of the OpenStack providers that Red Hat CloudForms has access to.
- The topology graph includes instances, nodes, and other cloud resources within the overall OpenStack cloud provider environment.
- Each entity in the graph displays a color indication of its status.
- Hovering over any individual graph element will display a summary of details for the individual element.
- Double-click the entities in the graph to navigate to their summary pages.
- It is possible to drag elements to reposition the graph.
- Click the legend at the top of the graph to show or hide entities.
- Click Display Names on the right-hand side of the page to show or hide entity names.
To view an OpenStack provider through the Topology widget:
- Navigate to → → .
- Click the desired OpenStack cloud provider for viewing the provider summary.
- On the provider summary page, click Topology in the Overview box on the right-hand side of the page.
Chapter 8. Managing Policies
Policies are used to manage your virtual environment. There are two types of policies available: compliance and control. Compliance policies are used to harden your virtual infrastructure, making sure that your security requirements are adhered to. Control policies are used to check for a specific condition and perform an action based on the outcome. For example:
- Prevent virtual machines from running without an administrator account.
- Prevent virtual machines from starting if certain patches are not applied.
- Configure the behavior of a production virtual machine to only start if it is running on a production host.
- Force a SmartState Analysis when a host is added or removed from a cluster.
CloudForms policies are associated with cloud instances using virtual machine analysis profiles. These are the steps required to create a custom virtual machine analysis profile, and assigning it to a cloud instance for use with SmartState analysis, via a control policy.
For more detailed information about CloudForms policies, see Assigning a Custom Analysis Profile to a Virtual Machine and Policies and Profiles Guide.
The following subsections demonstrate how to create host compliance and instance control policies.
8.1. Creating a Host Compliance Policy
The following procedure describes how to create a compliance policy that checks whether firewalls are enabled on infrastructure provider nodes. Nodes with disabled firewalls are marked non-compliant.
- Navigate to → .
- Expand the Policies accordion, and click Compliance Policies.
- Select Host Compliance Policies.
-
Click
(Configuration),
(Add a New Host/Node Compliance Policy).
Type in a Description for the policy.
- Uncheck Active if you do not want this policy processed even when assigned to a resource.
Add Host / Node.Firewall Rules : Active CONTAINS "true" to the scope of the policy . To do so:
- In drop-down below the Scope section, choose Field. When you do, a new drop-down will appear below it; from there, select Host/Node.Firewall.Rules: Active.
- A new drop-down will appear; from there, select true.
-
Click
(Commit expression element changes) to add the scope.
- In the Notes area, add a detailed explanation of the policy.
- Click Add. The policy will be added and listed under Host Compliance Policies in the Policies accordion.
Next, create a policy profile and assign this new compliance policy to it:
- Navigate to → .
-
Click on the Policy Profiles accordion, then click
(Configuration), then
(Add a New Policy Profile).
In the Basic Information area, type in a unique description for the policy profile.
From Available Policies in the Policy Selection area select all the policies you need to apply to this policy profile. Use the
Ctrl
key to select multiple policies.Click
to add the Policies.
- Add to the Notes area if required.
- Click Add.
At this point, you can now add the new policy profile to the infrastructure provider hosts:
- Navigate to → → , verify the provider you need to assign the policy profiles to.
-
Click
(Policy), and then click
(Manage Policies).
- From the Select Policy Profiles area, you can click on the triangle next to a desired policy profile to expand it and see its member policies.
- Check the policy profiles you require to apply to the provider. It turns blue to show its assignment state has changed.
- Click Save.
8.2. Creating a Virtual Machine Control Policy
The process of creating a control policy is similar to that of a compliance policy. A control policy is driven by events after certain conditions are met. The following control policy will start a SmartState analysis on an instance every 24 hours:
- Navigate to → .
- Expand the Policies accordion, and click Control Policies.
- Select Vm Control Policies.
-
Click
(Configuration), then
(Add a New VM and Instance Control Policy).
- Enter a Description. This will be the name given to your VM control policy.
- Uncheck Active if you do not want this policy processed even when assigned to a resource.
Add VM and Instance : Last Analysis Time IS "Yesterday" to the scope of the policy. To do so:
- In drop-down below the Scope section, choose Field. When you do, a new drop-down will appear below it; from there, select VM and Instance : Last Analysis Time.
- A new drop-down will appear; from there, select true.
-
Click
(Commit expression element changes) to add the scope.
- Click Add. The policy is added and listed under Vm Control Policies in the Policies accordion.
You can now associate events, conditions, and actions to this control policy. To do so:
- Navigate to → .
- Click the Policies accordion, and select the control policy you just created.
-
Click
(Configuration),
(Edit this Policy’s Condition assignments).
- In the VM Operation section, select VM Power On.
- Click Save. The VM Power On event should appear under your policy.
You can now associate an action to the VM Power On event. To do so:
- Select the VM Power On event.
-
Click
(Configuration), then
(Edit Actions for this Policy Event).
- In the Order of Actions if ALL Conditions are True section, select Generate Log Message and Initiate SmartState Analysis for VM.
- Click Save.
Next, create a policy profile and assign this new control policy to it:
- Navigate to → .
-
Click on the Policy Profiles accordion, then click
(Configuration), then
(Add a New Policy Profile).
-
Enter
Most Recent SmartState
in the Description field. - In the Policy Selection area, choose the control policy you created earlier. This should have VM and Instance Control in its name. Add this policy to the Profile Policies box.
- Click Add.
At this point, you should now be able to add the policy profile to the cloud providers.
- Navigate to → → .
- Select the overcloud you added in Chapter 5, Adding an OpenStack Cloud Provider.
-
Click
(Policy), then
(Manage Policies).
- Under Select Policy Profiles, select Most Recent SmartState.
- Click Save.
Chapter 9. Managing Instances
Cloud instance provisioning goes through three phases:
- Request: This includes ownership information, tags, virtual hardware requirements, the operating system, and any customization required. See Provisioning Requests from the Provisioning Virtual Machines and Hosts guide for more details.
- Approval: Provisioning requests are then approved or denied. This phase can happen automatically or manually. See Provisioning Request Approval Methods from the Provisioning Virtual Machines and Hosts guide for more details.
- Provision: Approved provisioning requests are executed. See Working with Provisioning Requests from the Provisioning Virtual Machines and Hosts guide for more details.
9.1. Provisioning an OpenStack Instance from an Image
- Navigate to → → .
-
Click
(Lifecycle), then click
(Provision Instances).
- Select an OpenStack image from the list presented. These images must be available on your OpenStack provider.
- Click Continue.
On the Request tab, enter information about this provisioning request. In Request Information, type in at least a first and last name and an email address. This email is used to send the requester status emails during the provisioning process for items such as auto-approval, quota, provision complete, retirement, request pending approval, and request denied. The other information is optional. If the Red Hat CloudForms Server is configured to use LDAP, you can use the Look Up button to populate the other fields based on the email address.
NoteParameters with a * next to the label are required to submit the provisioning request. To change the required parameters, see Appendix B, Customizing Provisioning Dialogs.
- Click the Purpose tab to select the appropriate tags for the provisioned instance.
Click the Catalog tab for basic instance options.
- To change the image to use as a basis for the instance, select it from the list of images.
- Select the Number of Instances to provision.
- Type a Instance Name and Instance Description.
- Click the Environment tab to select the instance’s Tenant, Availabilty Zones, Cloud Network, Security Groups, and Public IP Address. If no specific Tenant is required, select the Choose Automatically checkbox.
Click the Properties tab to set provider options such as flavors and security settings.
- Select a flavor from the Instance Type list.
- Select a Guest Access Key Pair for access to the instance. For more information about key pairs, see Appendix D, Managing Keypairs.
Click the Volumes tab to provision any volumes with the instance. Volumes are useful for augmenting ephemeral storage of instances with persistent, general-purpose block storage:
- Fill in the Volume Name and Size (gigabytes) fields.
- If you want the volume to be deleted once the instance terminates (thereby making it non-persistent), check Delete on Instance Terminate.
To provision and add multiple volumes to the instance, click Add Volume. Doing so will add new fields you can fill in.
For more information about persistent storage in OpenStack, see the Red Hat OpenStack Platform Storage Guide.
Click the Customize tab to set additional instance options.
- Under Credentials, enter a Root Password for the root user access to the instance.
- Enter a IP Address Information for the instance. Leave as DHCP for automatic IP assignment from the provider.
- Enter any DNS information for the instance if necessary.
- Select a Customize Template for additional instance configuration. Select from the Cloud-Init scripts stored on your appliance.
Click the Schedule tab to set the provisioning and retirement date and time.
- In Schedule Info, choose whether the provisioning begins upon approval, or at a specific time. If you select Schedule, you will be prompted to enter a date and time.
- In Lifespan, select whether to power on the instances after they are created, and whether to set a retirement date. If you select a retirement period, you will be prompted for when to receive a retirement warning.
- Click Submit.
The provisioning request is sent for approval. For the provisioning to begin, a user with the admin, approver, or super admin account role must approve the request. The admin and super admin roles can also edit, delete, and deny the requests. You will be able to see all provisioning requests where you are either the requester or the approver.
After submission, the appliance assigns each provision request a Request ID. If an error occurs during the approval or provisioning process, use this ID to locate the request in the appliance logs. The Request ID consists of the region associated with the request followed by the request number. As regions define a range of one trillion database IDs, this number can be several digits long.
Request ID Format
Request 99 in region 123 results in Request ID 123000000000099.
Chapter 10. Managing Storage
Two types of storage managers are currently available to Red Hat CloudForms: OpenStack Block Storage (openstack-cinder
) and OpenStack Object Storage (openstack-swift
). OpenStack Block Storage provisions and manages block storage, whereas OpenStack Object Storage manages object storage within the cloud. These storage managers are discovered automatically by Red Hat CloudForms after adding an OpenStack cloud provider.
For more information, see Storage Managers from the Managing Providers guide.
10.1. Managing Block Storage
The OpenStack Block Storage service (openstack-cinder
) provides and manages persistent block storage resources that OpenStack infrastructure instances can consume. CloudForms provides an interface for managing these resources (volumes, volume backups, and volume snapshots).
To create a volume:
After creating a volume, only the volume name can be edited.
- Navigate to → → .
-
Click
(Configuration), then click
(Add a new Cloud Volume).
- Select the OpenStack Block Storage manager from the Storage Manager list.
- Enter a Volume Name.
- Enter the size of the volume in gigabytes (GB).
- Under Placement, select the cloud tenant to attach it to.
- Click Add.
The volume appears in the list of volumes after it has been provisioned.
To attach a volume to an instance (for example, one created through Section 9.1, “Provisioning an OpenStack Instance from an Image”):
- Navigate to → → .
- Select the volume to attach.
-
Click
(Configuration), then click
(Attach selected Cloud Volume to an Instance) to open the Attach Cloud Volume screen.
- Select an instance from the list.
- Optionally, enter a Device Mountpoint.
- Click Attach.
To view a timeline of storage manager events:
- Navigate to → .
- Select your OpenStack Cinder manager to go to the Cinder manager’s summary page.
-
Click
(Monitoring), and then
(Timelines) to view the events timeline for the manager.
A timeline of either management events or policy events can be viewed.
- To view management events, select Management Events.
- Specify the type of event to view.
- Specify the timeline for the events to view.
- Click Apply.
To view policy events, select Policy Events.
- Specify if you want to view successful events, failed events, or both.
- Specify the timeline for the events to view.
- Click Apply.
To back up a volume:
- Navigate to → → .
- Click the volume you want to back up to open the volume’s summary page.
-
Click
(Configuration), then click
(Create a Backup of this Cloud Volume).
- Enter a name for the backup in Backup Name.
(Optional) Select Incremental? to take an incremental backup of the volume instead of a full backup.
NoteYou can take an incremental backup of a volume if you have at least one existing full backup of the volume. An incremental volume saves resources by capturing only changes made to the volume since its last backup. See Create an Incremental Volume Backup in the Storage Guide for more information.
- Click Save.
View a volume’s backups by clicking Cloud Volume Backups on the volume’s summary page.
See Back Up and Restore a Volume in the Storage Guide for more information about backups.
To take a volume snapshot:
- Navigate to → → .
- Click the volume to snapshot to open the volume’s summary page.
-
Click
(Configuration), then click
(Create a Snapshot of this Cloud Volume).
- Enter a name for the snapshot in Snapshot Name.
- Click Save.
Click Cloud Volume Snapshots on the summary page of a volume to view the snapshots for that volume.
See Create, Use, or Delete Volume Snapshots in the Storage Guide for more information about snapshots.
For more information about available options for block storage resources in CloudForms, see OpenStack Block Storage Managers (from the Managing Providers guide).
10.2. Managing Object Storage
The OpenStack Object Storage (openstack-swift
) service provides cloud object storage. The object store summary page shows details including the object store’s size, parent cloud, storage manager, cloud tenant, and the number of cloud objects on the object store.
To view the summary page of an object store:
- Navigate to → to display a list of object store containers.
- Click a container to open a summary page for that object store container.
- Click Cloud Objects to view a list of object stores in the object store container.
- Click an object store from the list to view the object store’s summary page.
Chapter 11. Catalogs and Services
In Section 9.1, “Provisioning an OpenStack Instance from an Image”, you provisioned instance manually by entering values in provisioning dialogs such as name, size, image, CPUs, etc. Catalogs are used to create groups of instances for provisioning. CloudForms enables users to provision instances via a single Order button.
Creating a service catalog involves:
- Creating a Service Dialog. This is a UI interface element that allows users to interact with the service (for example, a drop-down list).
- Creating a Catalog Item for each instance that will be part of the service.
- Creating a method for the Service Dialog. This method defines what each option means to each individual cloud instances for the service. This method is called from a service provisioning instance in the Automate model.
For more information about catalogs and services, see Catalogs and Services from the Provisioning Virtual Machines and Hosts guide.
11.1. Creating a Service Dialog
When provisioning a service, input will be needed from the requester. Service Dialogs are used to take input from the user. This input is connected to a method in the Automate model that defines how user input is translated into the provision request. Before creating a Service Dialog, be sure to plan what items you need the user to input.
- Navigate to → .
- Click the Service Dialogs accordion.
-
Click
(Configuration), and then
(Add a new Dialog).
In Dialog Information, enter a Label and Description. Check the boxes for the buttons you want available at the bottom of the dialog form. The description will appear as hover text.
As you enter the Label of the dialog, it should appear in the Dialog pane on the left.
-
Click
(Add), then
(Add a New Tab to this Dialog).
Enter a Label and Description for this tab.
As you enter the Label of the tab, it should appear in the Dialog pane on the left under the dialog you are creating.
-
Click
(Add), then
(Add a New Box to this Tab).
Enter a Label and Description for this box.
As you enter the Label of the box, it should appear in the Dialog pane on the left under the tab you are creating.
-
Click
Add an element to this box. Elements are controls that accept input.
-
Click
(Add), then
(Add a New Element to this Box).
Enter a Label, Name, and Description for this element.
ImportantName must use only alphanumeric characters and underscores without spaces. It is also used to retrieve the value of this element in the method used with the dialog and must start with dialog_service_type
Select a Type for an element type. All Type options have a Required and Default Value field. Check Required or set Required to true if the element is required to proceed. You can also specify a default value. The rest of the options presented are based on which type of element you select.
Element Types Additional Info Check Box
Check Default Value if you want this check box checked by default.
Date Control
Use Date Control to create a field where users can select a date. If you want users to be able to select a date and time, use the Date/Time Control option.
Date/Time Control
Use Date/Time Control to create a field where users can select a date and time. Only one Date Control or Date/Time Control element can be present in a dialog.
Drop Down Dynamic List
Use Drop Down Dynamic List if you want the list options to be created using automate methods. Use Entry Point (NS/Cls/Inst) to select an automate instance. Check Show Refresh Button to allow users to refresh the list options manually.
Radio Button
This element type serves the same purpose as Drop Down List but displays options using radio buttons.
Tag Control
Select a Category of tags you want assigned to the virtual machines associated with this service dialog. Check Single Select if only one tag can be selected.
Text Area Box
Provides text area for users to enter some text. You can also leave a message to users by typing in the Default Value field or leave it as blank.
Text Box
This element type serves the same purpose as Text Area Box with the option to check Protected so the text is shown as asterisks (*), instead of plain text.
-
Click
- Continue adding the dialog items you need. You can switch between dialogs, tabs, boxes, and elements by selecting their respective labels from the Dialog pane on the left.
- Click Add. Your dialog should appear in the Service Dialogs accordion.
11.2. Creating a Catalog
A catalog is a way to organize or categorize catalog items and bundles. Before you can associate a catalog item into a catalog, create an empty catalog first:
- Navigate to → .
- Click the Catalogs accordion.
-
Click
(Configuration), and then
(Add a New Catalog).
- Enter a Name and Description, leaving everything else blank.
- Click Add.
11.2.1. Creating a Catalog Item
- Navigate to → .
- Click the Catalog Items accordion.
-
Click
(Configuration), and then
(Add a New Catalog Item).
- Select OpenStack from the Catalog Item Type drop-down.
In the Basic Info subtab:
- Type a Name/Description.
Check Display in Catalog to edit Catalog, Dialog, and Entry Point(NS/Cls/Inst) options.
- Provisioning Entry Point (Domain/NS/Cls/Inst) requires you to select an Automate instance to run upon provisioning. Navigate to ManageIQ/Service/Provisioning/State‐ Machines/ServiceProvision_Template/CatalogItemInitialization and click Apply.
Retirement Entry Point (Domain/NS/Cls/Inst) requires you to select an Automate instance to run upon retirement. Navigate to ManageIQ/Service/Provisioning/State‐ Machines/ServiceProvision_Template/CatalogItemTermination and click Apply.
NoteThe entry point must be a State Machine since the Provisioning Entry Point list is filtered to only show State Machine class instances. No other entry points will be available from the Provisioning Entry Point field.
You can only choose from the catalogs and dialogs you have already created. If you haven’t done so, leave the values blank and edit later.
- In the Details subtab, write a Long Description for the catalog item.
- In the Request Info subtab, select provisioning options that apply to the provider chosen.
- Click Add.
11.2.2. Ordering a Catalog Item
- Navigate to → .
- Click the Service Catalogs accordion, and select the service to provision.
- Click Order.
Chapter 12. Reports
Red Hat CloudForms provides a large group of default reports organized into categories. Each category has its own set of subfolders. These reports have been constructed to help you view the most commonly requested and significant data.
The categories of predefined reports available on Red Hat CloudForms are:
- Configuration Management: hardware, application, network, service, user account, operating system, and snapshot information for all of your items.
- Migration Readiness: information related to items required to migrate a virtual machine.
Operations: free space on registered and unregistered virtual machines, power states for virtual machines, and SmartState analysis status.
This category also provides reports relating to the operation of Red Hat CloudForms, such as user IDs and snapshots taken by Red Hat CloudForms.
- VM Sprawl: usage information and disk waste.
- Relationships: virtual machine, folder, and cluster relationships.
- Events: operations and configuration management events.
Performance by Asset Type: performance of your virtual infrastructure.
You must be capturing capacity and utilization data to get this information.
Running Processes: information on processes running on a virtual machine.
You must have domain credentials entered for the zone to collect the information for these reports, and the virtual machine must have been analyzed at least once.
- Trending: projections of datastore capacity, along with host CPU and memory use.
- Tenants: quotas report aggregated by each tenant that shows quota name, total quota, in use, allocated, and available. The report currently lists all tenants and there is no nesting information available by parent and child tenants.
- Provisioning: provisioning activity based on the approver, datastore, requester, and virtual machine.
For more detailed information on managing reports, see Monitoring, Alerts, and Reporting.
12.1. Generating a Single Report
- Navigate to →
- Click the Reports accordion and select the report you want to view.
-
Click
(Queue).
The report generation is placed on the queue and its status shows in the reports page.
-
Click
(Reload current display) to update the status.
- When a report has finished generating, click on its row to view it.
12.2. Scheduling a Report
You can view historical data by creating reports on a scheduled basis. In addition, scheduled reports can be emailed directly to users:
- Navigate to →
- Click the Reports accordion and select the report you want to view.
-
Click
(Configuration), then Add a new Schedule.
- Fill in the Basic Information section.
- Configure the Report Selection.
- Configure the report’s schedule and frequency in the Timer section.
- Click Save.
12.3. Viewing Reports
Once you have created a schedule for a report, you can view it at any time after the first scheduled time has occurred.
- Navigate to → .
- Click the Saved Reports accordion or the Reports accordion.
- Click on the instance of the report you want to view.
Chapter 13. Chargeback
The chargeback feature allows you to calculate monetary virtual machine charges based on owner or company tag. To use this feature you must be collecting capacity and utilization data. For information on server control settings and capacity & utilization collection settings, see Section 3.7.1, “Configuring CloudForms Capacity and Utilization”.
13.1. Creating Chargeback Rates
Red Hat CloudForms allows you to create your own set of computing and storage costs to use for billing.
Chargeback rates can be configured at a single rate or in tiers, where one rate is assigned to one usage range, and another rate is assigned to a different usage range. You can also assign fixed and variable rates per tier if desired.
- Navigate to → .
- Click the Rates accordion and select Compute to create a CPU chargeback rate.
-
Click
(Configuration) and
(Add a new Chargeback Rate).
- Type in a Description for the chargeback rate.
Select Currency and fill in the Rate Details.
- Click Add.
13.2. Assigning Chargeback Rates
After assigning a chargeback rate, assign it to a cloud provider.
- Navigate to → .
- Click the Assignments accordion, and click either Compute or Storage.
- In the Basic Info area, select Selected Cloud/Infrastrcture Providers.
- Select the chargeback rate you created in Section 13.1, “Creating Chargeback Rates”.
- Click Save.
13.3. Creating a Chargeback Report
Red Hat CloudForms allows you to create chargeback reports to monitor costs you charged.
- Navigate to → .
- Click the Reports accordion.
-
Click
(Configuration),
(Add a new Report).
On the Columns tab, fill out the Basic Report Info area.
- Type a unique name in Menu Name for how you want the report described in the menu list.
- Type the Title to display on the report.
Add fields in the Configure Report Columns area.
- From the Base the report on list, select Chargebacks.
-
Select the fields to include in the report from the Available Fields list, then click
(Move selected fields down). In addition to the fields, you can also select any tags that you have created and assigned.
-
Change the order of the fields in the report by clicking
(Move selected fields up) or
(Move selected fields down)].
Click the Formatting tab to set the size of paper for a PDF and column header format.
- From the PDF Output area, select the page size from the Page Size list.
- From Specify Column Headers and Formats, type the text to display for each field. For each numeric field, you can also set the numeric format.
Click the Filter tab to set filters for the data displayed in the report.
- From Chargeback Filters, select how you want the costs to show, the tag category, the tag, and how you want the items grouped.
- From Chargeback Interval, select the time interval. You must have a full interval worth of data in order to select an option other than Partial in the Daily Ending With list.
- Click the Preview tab, and then Load to see what the report will look like.
- When you are satisfied that you have the report that you want, click Add to create the new report.
The new report is created. To make the report accessible from the Report menu, you must add it to a report menu.
Appendix A. Using a Self-Signed CA Certificate
Adding a self-signed Certificate Authority (CA) certificate for SSL authentication requires additional configuration on OpenStack Platform and Microsoft System Center Virtual Machine Manager (SCVMM) providers.
This procedure is not required for OpenShift Container Platform, Red Hat Virtualization, or middleware manager providers, which have the option to select SSL trusting custom CA as a Security Protocol in the user interface. These steps are needed only for providers without this option in the user interface.
Before adding the provider, configure the following:
-
Copy your provider’s CA certificate in PEM format to
/etc/pki/ca-trust/source/anchors/
on your CloudForms appliance. Update the trust settings on the appliance:
# update-ca-trust
Restart the EVM processes on the server:
# rake evm:restart
The CA certificate is added to the appliance, and you can add the provider to CloudForms.
Appendix B. Customizing Provisioning Dialogs
The default set of provisioning dialogs shows all possible options. However, Red Hat CloudForms also provides the ability to customize which tabs and fields are shown. You can decide what fields are required to submit the provisioning request or set default values.
For each type of provisioning, there is a dialog that can be created to adjust what options are presented. While samples are provided containing all possible fields for provisioning, you can remove what fields are shown but cannot add new fields or tabs.
Edit the dialogs to:
- Hide or show provisioning tabs.
- Hide or show fields. If you hide an attribute, the default will be used, unless you specify otherwise.
- Set default values for a field.
- Specify if a field is required to submit the request.
- Create custom dialogs for specific users.
Appendix C. Creating Custom Buttons for Cloud Tenants
CloudForms also allows you to create custom buttons for cloud tenants. This is useful for providing shortcuts to functionalities and features frequently used by specific tenants.
This capability is made possible through the Automate model. See Understanding the Automate Model from the Scripting Actions in CloudForms guide for more details.
The following subsections summarize the two main steps for creating a custom button for cloud tenants.
C.1. Creating a Custom Button Group
A button group is a label for a collection of buttons under an object type. To create a button group:
- Navigate to → .
- Click the Buttons accordion.
From the Object Types tree, select the type of object you want to create the button group for.
NoteWhen creating a button group for OpenStack tenants, select Cloud Tenant as your object type.
-
Click
(Configuration),
(Add a new Button Group).
- Type in a Button Group Text and Button Group Hover Text, and select the Button Group Image you want to use.
- If custom buttons have already been created, assign them to the button group. If not, see Section C.2, “Creating a Custom Button” to create custom buttons.
- Click Add.
The button group will show in the Cloud Tenant object type. When it does, create a custom button for any tenant within the OpenStack Cloud (see Section C.2, “Creating a Custom Button”).
C.2. Creating a Custom Button
- Navigate to → .
- Click the Buttons accordion.
From the Object Types tree, select the type of object you want to create the button for.
NoteWhen creating a button for OpenStack tenants, select Cloud Tenant as your object type.
- Click Unassigned Buttons.
Click
(Configuration), then
(Add a new Button).
NoteIf
(Add a new Button) is not available, that means you have not created a button group for that object. To continue, create a button group first. See Section C.1, “Creating a Custom Button Group”
- In Action, type in a Button Text and Button Hover Text, and select the Button Image you want to use.
- Select a Dialog if applicable.
-
In Object Details, select Request from the
/System/Process/
dropdown. By default, the message iscreate
. Do not change it. -
Type in a Request name for the
/System/Process/Request
instance. -
Type in the
Attribute/Value Pairs
fields if applicable. - Under Visibility, select which Account Roles you want to have access to this button.
- Click Add when you have confirmed that the button accomplishes the task you want.
The button will show in the object type you added the button to. See Invoking Automate from the Scripting Actions in CloudForms guide for more in-depth coverage.
Appendix D. Managing Keypairs
Key pairs allow you to manage SSH access between a user and provisioned instance. For more information about key pairs in OpenStack, see Manage Key Pairs in the Instances and Images Guide.
To manage key pairs, navigate to
→ → . From there, you can view a list of available key pairs. Click on a key pair to view its details.To create a new key pair:
- Navigate to → → .
-
Click
(Configuration),
(Add a new Key Pair).
- Enter a Name for the key pair.
- If you want to use a public key, copy its contents into the Public Key (optional) field.
- Select which cloud provider on which to create the key pair. The key pair will then be available for use by instances in that provider.
- Click Add.