OpenStack HA: Part 01: Accounts

Here is a writeup on what I did to implement HA within OpenStack Icehouse. I’m currently working on revamping / automating the entire process for Kilo – but that will be a while from now.

We’ll walk through the entire process, from Keystone to Trove to Heat. In each case, you’ll have failover for each node.

In this article we cover accounts. Use this table as a template for the accounts that you will find you need. It’s critical to keep this documented but in a secure location.

Function Account Password
CentOS console root Strong admin password
MySQL OpenStack osroot Strong admin password
MySQL OpenStack haproxy [no password]
OpenStack Accounts [ADMIN_PASSWORD] Strong admin password
OpenStack Accounts [SERVICE_PASSWORD]
[OPENSTACK_ADMIN_PASSWORD]; URI form is the same but URI-encoded
OpenStack Region [YOUR_REGION] Not really a user name, but documented here. This is the default region.
OpenStack Swift Storage with CHAP lvosswift100 lvosswift100
OpenStack Swift Storage with CHAP lvosswift200 lvosswift200
OpenStack Ceph Storage with CHAP lvoscephx100 lvoscephx100
OpenStack Ceph Storage with CHAP lvoscephx200 lvoscephx200
OpenStack Ceph Storage with CHAP lvoscephx300 lvoscephx300
OpenStack Swift
swift_hash_path_suffix lvosswift-path-suffix
Ceph nodes admin user (inter-node communication) ceph-admin Strong admin password
  • Root accounts will use strong admin password.
  • OpenStack accounts will use [SERVICE_PASSWORD].
  • All OpenStack user IDs follow the module name (e.g. keystone, cinder, nova, neutron, glance, etc.)
  • All password usage will be clearly documented for future maintenance.

Once you have this down, plan your networking and DNS. We’ll cover that in the next installment.

Team-oriented systems mentor with deep knowledge of numerous software methodologies, technologies, languages, and operating systems. Excited about turning emerging technology into working production-ready systems. Focused on moving software teams to a higher level of world-class application development. Specialties:Software analysis and development...Product management through the entire lifecycle...Discrete product integration specialist!

Leave a Reply

Your email address will not be published. Required fields are marked *