Checking OpenStack prerequisites
Ensure that your OpenStack environment meets the software prerequisites for your IBM® Cloud Orchestrator installation. You can either install IBM Cloud Manager with OpenStack that is part of the IBM Cloud Orchestrator product or you can install an OpenStack distribution of another vendor (Bring your own OpenStack). You can connect IBM Cloud Orchestrator only to a single OpenStack instance (one-to-one mapping).
Prerequisites for IBM Cloud Manager with OpenStack
IBM Cloud Manager with OpenStack V4.3 Fix Pack 12 or later
For information about IBM Cloud Manager with OpenStack prerequisites, see the IBM Cloud Manager with OpenStack documentation.
- Shared Keystone
service.
The IBM Cloud Manager with OpenStack installation uses a single Keystone service. In a multi-region installation, the Keystone service must run on the OpenStack Controller of the first region that is installed. OpenStack's Identity Federation is not supported by IBM Cloud Orchestrator.
For more information about how to configure IBM Cloud Manager with OpenStack Controllers with multi-region support with Shared Keystone, refer to Deploying multi-region support.
If some components of the IBM Cloud Orchestrator are deployed in public data center or cloud (on public network), enable HTTPS and VPN connection between IBM Cloud Orchestrator and OpenStack. For more information, see https://www.ibm.com/support/knowledgecenter/en/SST55W_4.3.0/liaca/liaca_hybrid_hybrid_cloud.html.
- Fresh installation.
The IBM Cloud Manager with OpenStack installation is a fresh installation. No users, projects, or domains are defined other than those that are created during the basic OpenStack installation.
- One Heat engine per region.
The IBM Cloud Manager with OpenStack installation must use one Heat engine per region. Configuring Heat with multi-region support is not supported by IBM Cloud Orchestrator.
- Use the OpenStack capabilities through the
IBM Cloud
Orchestrator interface.
A parallel usage of the IBM Cloud Manager with OpenStack installation through IBM Cloud Orchestrator and standard OpenStack is not supported. If an IBM Cloud Manager with OpenStack installation is configured to be used by IBM Cloud Orchestrator, all user activities must be done through the IBM Cloud Orchestrator interface, and not through the OpenStack interfaces. The OpenStack Self-Service interface must be only used as described in the IBM Cloud Orchestrator documentation.
- One OpenStack region per hypervisor
type.
Each region must have only one hypervisor type. IBM Cloud Orchestrator does not support the usage of multiple types of hypervisor within a region.
- Customized simple token setup.
The IBM Cloud Manager with OpenStack distribution provides the simple token enhancement that is required and used by IBM Cloud Orchestrator. For more information about how to set up the simple token, see Customizing passwords and secrets and Data bags in the IBM Cloud Manager with OpenStack documentation.
- Do not install the self-service user interface extension of IBM Cloud Manager with OpenStack.
The self-service user interface extension of IBM Cloud Manager with OpenStack does not work with IBM Cloud Orchestrator and it must not be installed. If it is installed, see Uninstalling the self-service user interface on Linux to uninstall it.
- IBM Cloud Orchestrator Server supports only IPv4 address type. Do not use IPv6 address type in IBM Cloud Manager with OpenStack.
- Hyper-V
- KVM
- PowerKVM
- PowerVC
- VMware
- z/VM®
- If the OpenStack finds that a virtual machine
does not have the expected host, then it deletes the virtual machine because it assumes that the
virtual machine is already evacuated. To prevent such a deletion by the OpenStack, set the
destroy_after_evacuate=False. For deployed regions, include the following
information in the [workarounds] section of the Nova configuration
files:
If the [workarounds] section is not available, create the section and add the entry.[workarounds] destroy_after_evacuate=FalseIn VMware hypervisor, when you run multiple Nova compute services that are configured to address the same server cluster, you must disable the automatic removal of the provisioned virtual machines.
A Nova config file exists for every Nova compute service so ensure that you update this entry in all the config files. If you start a new OpenStack Nova service or restart an existing service without adding this entry in the config file, then all previously deployed virtual machines get automatically deleted.
If you must consider additional configuration values, see Configuring Nova settings for virtual machines section of IBM Cloud Manager with OpenStack Knowledge Center.
- To support deployment to the hypervisors in an IBM Cloud Manager with OpenStack environment, you must set the
force_config_drive parameter to always by running one of the
following procedures:
- On the IBM Cloud Manager with OpenStack deployment server, for each
OpenStack server where the compute service is
running, update the environment file by running the following command:
and set the force_config_drive value to always. This is the recommended procedure to make the change persistent. For more information, see Updating a deployed topology.knife environment edit <your-environment-name> - Set the following option in the [DEFAULT] section of the Nova configuration
file in the /etc/nova directory on the OpenStack server where the compute service is
running:
and restart the compute service. The Nova configuration file might be overwritten during IBM Cloud Manager with OpenStack environment maintenance. If you want to make the change persistent, do not use this procedure.force_config_drive=always
- On the IBM Cloud Manager with OpenStack deployment server, for each
OpenStack server where the compute service is
running, update the environment file by running the following command:
- To support VMware hypervisors in an IBM Cloud Manager with OpenStack
environment, set the following option in the [vmware] section in the VMware Nova
configuration file in the /etc/nova directory on the VMware OpenStack Controller (the file name is customized from the cluster
name as, for example, nova-vcenter-Cluster.conf):
and restart the compute service.customization_enabled = false - If you install fix packs for IBM Cloud Manager with OpenStack or you do other maintenance work that updates the topology through knife, the configuration that was done for IBM Cloud Orchestrator might be overwritten. Rerun the ICM_config_ico.sh configuration script as described in Configuring IBM Cloud Manager with OpenStack for IBM Cloud Orchestrator.
- If you add a region to IBM Cloud Manager with OpenStack after it was configured for IBM Cloud Orchestrator, the new region is not correctly set up to work with SmartCloud Cost Management. Rerun the ico_configure.sh configuration script as described in Automated configuration to collect data from the new region.
Prerequisites for an OpenStack environment of a different vendor
For general OpenStack requirements, see the documentation for your chosen OpenStack product.
- OpenStack
Kilo or OpenStack
Mitaka or OpenStack
Ocata, or OpenStack
Queens release.
OpenStack Kilo or Mitaka or Ocata, or OpenStack Queens release is installed. Refer to the documentation of your OpenStack product.
- Shared Keystone service.
The OpenStack installation uses a single Keystone service. Federation is not supported. For more information, see your OpenStack documentation.
- Fresh installation.
The OpenStack installation is a fresh installation. No users, projects, or domains are defined other than those that are created during the basic OpenStack installation.
- RefStack compliance.
The OpenStack installation must be RefStack compliant.
- One Heat engine per region.
The OpenStack installation must use one Heat engine per region. Configuring Heat with multi-region support is not supported by IBM Cloud Orchestrator.
- Use OpenStack capabilities through the
IBM Cloud
Orchestrator interface.
A parallel usage of the OpenStack installation through IBM Cloud Orchestrator and standard OpenStack is not supported. If an OpenStack installation is configured to be used by IBM Cloud Orchestrator, all user activities must be done through the IBM Cloud Orchestrator interface, and not through the OpenStack interfaces. The OpenStack interfaces must be used only as described in the IBM Cloud Orchestrator documentation.
- The OpenStack nodes must support to receive HTTP or HTTPS calls based on OpenStack setting. IBM Cloud Orchestrator communicates with OpenStack Keystone through HTTP or HTTPS calls based on OpenStack settings. Make sure that your OpenStack nodes (firewall, OpenStack configuration, and so forth) are able to receive HTTP or HTTPS calls based on OpenStack settings.
- IBM Cloud Orchestrator Server supports only IPv4 address type. Do not use IPv6 address type in OpenStack.
- Shared Keystone service
In multi-region installation, the Keystone must be run on the OpenStack Controller of the first region that is installed. The OpenStack's Identity Federation is not supported by IBM Cloud Orchestrator. It also does not support multiple types of hypervisor within a region.
You must configure your OpenStack distribution by following the procedure that is described in Configuring an OpenStack distribution of another vendor.
Depending on the database backend, OpenStack might be case-sensitive.
- You cannot reconfigure IBM Cloud Orchestrator back to OpenStack Kilo.
- The migration of IBM Cloud Orchestrator for OpenStack data to OpenStack Mitaka or OpenStack Ocata is not supported. You must create data again in OpenStack Mitaka or Ocata.
- The migration of Public Cloud Gateway data to OpenStack Mitaka or OpenStack Ocata is not supported. You must create data again in OpenStack Mitaka or OpenStack Ocata.