Chapter 3. Create and Download the GCS Credentials File
The Block Storage service needs your Google credentials in order to access and use Google Cloud for backups. You can provide these credentials to Block Storage by creating a service account key:
- Log in to the Google developer console (http://console.developers.google.com) using your Google account.
Click the
Credentialstab. From there, selectService account keyfrom theCreate credentialsdropdown.
In the next screen (
Create service account key), select the service account that the Block Storage service should use from theService accountdropdown:
In the same screen, select
JSONfrom theKey typesection and clickCreate.The browser will then download the key to its default download location:
Open the file, and note the value of the
project_idparameter:{ "type": "service_account", "project_id": "cloud-backup-1370", ...The /etc/cinder/Cloud-Backup.json key will be used later in Chapter 4, Create the Environment File (in particular, the value of
project_idand the absolute path to the file).Copy the key file to /etc/cinder/ on any Controller node. From there, change the user, group, and permissions of the key file to match that of /etc/cinder/cinder.conf. This will ensure that the Block Storage service can use it:
# cp Cloud-Backup.json /etc/cinder/ # chown cinder:cinder /etc/cinder/Cloud-Backup.json # chmod 0600 /etc/cinder/Cloud-Backup.json
Copy the key file to the same location on each Controller node (namely, to /etc/cinder/Cloud-Backup.json). Use
rsync -ato ensure that the permissions and ownership settings are preserved:# rsync -a /etc/cinder/Cloud-Backup.json root@CONTROLLERHOST:/etc/cinder/Replace CONTROLLERHOST with the hostname of a target Controller.
