OpenStack HA: Part 01: Accounts
Here is a writeup on what I did to implement HA within OpenStack Icehouse. I’m currently working on revamping / automating the entire process for Kilo – but that will be a while from now.
We’ll walk through the entire process, from Keystone to Trove to Heat. In each case, you’ll have failover for each node.
In this article we cover accounts. Use this table as a template for the accounts that you will find you need. It’s critical to keep this documented but in a secure location.
| Function | Account | Password |
| CentOS console | root | Strong admin password |
| MySQL OpenStack | osroot | Strong admin password |
| MySQL OpenStack | haproxy | [no password] |
| MySQL OpenStack | keystone | [OPENSTACK_ADMIN_PASSWORD] |
| OpenStack Keystone | [SHARED_SECRET] | [OPENSTACK_ADMIN_TOKEN] |
| OpenStack Accounts | [ADMIN_PASSWORD] | Strong admin password |
| OpenStack Accounts | [SERVICE_PASSWORD] [SERVICE_PASSWORD_URI] |
[OPENSTACK_ADMIN_PASSWORD]; URI form is the same but URI-encoded |
| OpenStack Accounts | [DEMO_PASSWORD] | [OPENSTACK_SERVICE_PASSWORD] |
| OpenStack Region | [YOUR_REGION] | Not really a user name, but documented here. This is the default region. |
| OpenStack Swift Storage with CHAP | lvosswift100 | lvosswift100 |
| OpenStack Swift Storage with CHAP | lvosswift200 | lvosswift200 |
| OpenStack Ceph Storage with CHAP | lvoscephx100 | lvoscephx100 |
| OpenStack Ceph Storage with CHAP | lvoscephx200 | lvoscephx200 |
| OpenStack Ceph Storage with CHAP | lvoscephx300 | lvoscephx300 |
OpenStack Swift/etc/swift/swift.conf |
swift_hash_path_suffix | lvosswift-path-suffix |
| Ceph nodes admin user (inter-node communication) | ceph-admin | Strong admin password |
- Root accounts will use strong admin password.
- OpenStack accounts will use [SERVICE_PASSWORD].
- All OpenStack user IDs follow the module name (e.g. keystone, cinder, nova, neutron, glance, etc.)
- All password usage will be clearly documented for future maintenance.
Once you have this down, plan your networking and DNS. We’ll cover that in the next installment.
Team-oriented systems mentor with deep knowledge of numerous software methodologies, technologies, languages, and operating systems. Excited about turning emerging technology into working production-ready systems. Focused on moving software teams to a higher level of world-class application development. Specialties:Software analysis and development...Product management through the entire lifecycle...Discrete product integration specialist!
Leave a Reply