d6fb867888
Removed duplicate abbrev definitions Signed-off-by: Rafael Jardim <rafaeljordao.jardim@windriver.com> Change-Id: I7910d9f54e158250004abd7e17a4e119f8064252 Signed-off-by: Ron Stone <ronald.stone@windriver.com>
6.5 KiB
Update the Domain Name
Containerized OpenStack services in are deployed behind an ingress controller (nginx) that listens, by default, on either port 80 (HTTP) or port 443 (HTTPS).
The ingress controller routes packets to the specific OpenStack service, such as the Cinder service, or the Neutron service, by parsing the in the packet. For example, neutron.openstack.svc.cluster.local is for the Neutron service, cinder‐api.openstack.svc.cluster.local is for the Cinder service.
This routing requires that access to OpenStack REST APIs (directly or via remote OpenStack ) must be via a . You cannot access OpenStack REST APIs using an IP address.
(such as cinder‐api.openstack.svc.cluster.local) must be in a server that is publicly accessible.
Note
It is possible to wild‐card a set of to the same IP address in a server configuration so that you don't need to update the server every time an OpenStack service is added. Check your particular server for details on how to wild-card a set of .
In a “real” deployment, that is, not a lab scenario, you cannot use
the default openstack.svc.cluster.local domain name externally.
You must set a unique domain name for your system. Use the system
service‐parameter-add command to configure and set the OpenStack
domain name:
You must have an external Server for which you have authority to add new domain name to IP address mappings (e.g. A, AAAA or CNAME records).
The server must be added to your list.
Your server must have A, AAAA or CNAME records for the following domain names, representing the corresponding openstack services, defined as the Floating IP address. Refer to the configuration manual for the particular server you are using on how to make these updates for the domain you are using for the system.
Note
recommends that you not define domain names for services you are not using.
# define A record for general domain for system <my--domain> IN A 10.10.10.10
# define alias for general domain for horizon dashboard REST API URL horizon.<my--domain> IN CNAME <my--domain>.<my-company>.com.
# define alias for general domain for keystone identity service REST API URLs keystone.<my--domain> IN CNAME <my--domain>.<my-company>.com. keystone-api.<my--domain> IN CNAME <my--domain>.<my-company>.com.
# define alias for general domain for neutron networking REST API URL neutron.<my--domain> IN CNAME <my--domain>.<my-company>.com.
# define alias for general domain for nova compute provisioning REST API URLs nova.<my--domain> IN CNAME <my--domain>.<my-company>.com. placement.<my--domain> IN CNAME <my--domain>.<my-company>.com. rest-api.<my--domain> IN CNAME <my--domain>.<my-company>.com.
# define no vnc procy alias for VM console access through Horizon REST API URL novncproxy.<my--domain> IN CNAME <my--domain>.<my-company>.com.
# define alias for general domain for barbican secure storage REST API URL barbican.<my--domain> IN CNAME <my--domain>.<my-company>.com.
# define alias for general domain for glance VM management REST API URL glance.<my--domain> IN CNAME <my--domain>.<my-company>.com.
# define alias for general domain for cinder block storage REST API URL cinder.<my--domain> IN CNAME <my--domain>.<my-company>.com. cinder2.<my--domain> IN CNAME <my--domain>.<my-company>.com. cinder3.<my--domain> IN CNAME <my--domain>.<my-company>.com.
# define alias for general domain for heat orchestration REST API URLs heat.<my--domain> IN CNAME <my--domain>.<my-company>.com. cloudformation.<my--domain> IN CNAME my--domain.<my-company>.com.
# define alias for general domain for starlingx REST API URLs # ( for fault, patching, service management, system and VIM ) fm.<my--domain> IN CNAME <my--domain>.<my-company>.com. patching.<my--domain> IN CNAME <my--domain>.<my-company>.com. smapi.<my--domain> IN CNAME <my--domain>.<my-company>.com. sysinv.<my--domain> IN CNAME <my--domain>.<my-company>.com. vim.<my--domain> IN CNAME <my--domain>.<my-company>.com.
Source the environment.
$ source /etc/platform/openrc ~(keystone_admin)$To set a unique domain name, use the
system service‐parameter-addcommand.The command has the following syntax.
system service-parameter-add openstack helm endpoint_domain=<domain_name><domain_name> should be a fully qualified domain name that you own, such that you can configure the Server that owns <domain_name> with the OpenStack service names underneath the domain.
Apply the wr-openstack application.
For example:
~(keystone_admin)$ system application-apply wr-openstack
The helm charts of all OpenStack services are updated and restarted. For example cinder‐api.openstack.svc.cluster.local would be changed to cinder‐api.my--domain.mycompany.com, and so on for all OpenStack services.
Note
OpenStack Horizon is also changed to listen on horizon.my--domain.mycompany.com:80 (instead of the initial oam‐floating‐ip:31000), for example, horizon.my-wr-domain.mycompany.com:80.