Home

The Orchestration service deploy

The Orchestration service can be installed on the controller node or a dedicated node. We choose the following configuration (see figure) :

• node node05 - Heat API and client
• controller node (node01) - Heat database

Install the Orchestration service

The following commands are to be executed on the node node05 (the "orchestration node"):

1. Install the Orchestration module:

    # apt-get install heat-api heat-api-cfn heat-engine
   

2. In the configuration file, specify the location of the database where the Orchestration service stores data. These examples use a MySQL database with a heat user on the controller node. Replace $HEAT_DBPASS with the password for the database user:

   Edit /etc/heat/heat.conf and modify the [database] section:

    [database]
    # The SQLAlchemy connection string used to connect to the database
    connection = mysql://heat:$HEAT_DBPASS@$MYSQL_IP/heat
   

3. By default, the Ubuntu packages create an SQLite database. Delete the heat.sqlite file that was created in the /var/lib/heat/ directory so that it does not get used by mistake:

    # rm /var/lib/heat/heat.sqlite
   

Commands on the controller node:

1. Use the password that you set previously to log in as root and create a heat database user:

    $ mysql -u root -p
    mysql> CREATE DATABASE heat;
    mysql> GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'localhost' IDENTIFIED BY '$HEAT_DBPASS';
    mysql> GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'%' IDENTIFIED BY '$HEAT_DBPASS';
   

Commands on the node node05:

1. Create the heat service tables:

    # su -s /bin/sh -c "heat-manage db_sync" heat
   

   [Note] Note Ignore Deprecation/Warning messages/errors.

2. The Ubuntu packages do not correctly set up logging. Edit the /etc/heat/heat.conf file and change the [DEFAULT] section:

    [DEFAULT]
    ...
    # Print more verbose output (set logging level to INFO instead
    # of default WARNING level). (boolean value)
    verbose = True
    ...
    # (Optional) The base directory used for relative --log-file
    # paths (string value)
    log_dir=/var/log/heat
   

3. Configure the Orchestration Service to use the RabbitMQ message broker. Edit /etc/heat/heat.conf and modify the [DEFAULT] section:

    rabbit_host = controller
    rabbit_password = $RABBIT_PASS
   

Commands on the controller node:

1. Create a heat user that the Orchestration service can use to authenticate with the Identity Service. Use the service tenant and give the user the admin role (replace $HEAT_EMAIL with the email address you want to associate to the heat user/service):

    $ keystone user-create --name=heat --pass=$HEAT_PASS --email=$HEAT_EMAIL
    $ keystone user-role-add --user=heat --tenant=service --role=admin
   

2. Register the Heat and CloudFormation APIs with the Identity Service so that other OpenStack services can locate these APIs. Register the services and specify the endpoints:

    $ keystone service-create --name=heat --type=orchestration --description="Orchestration"
    $ keystone endpoint-create --service-id=$(keystone service-list | awk '/ orchestration / {print $2}') --publicurl=http://$HEAT_PUBLIC_IP:8004/v1/%\(tenant_id\)s --internalurl=http://$heat:8004/v1/%\(tenant_id\)s --adminurl=http://$heat:8004/v1/%\(tenant_id\)s
    $ keystone service-create --name=heat-cfn --type=cloudformation --description="Orchestration CloudFormation"
    $ keystone endpoint-create --service-id=$(keystone service-list | awk '/ cloudformation / {print $2}') --publicurl=http://$HEAT_PUBLIC_IP:8000/v1 --internalurl=http://$heat:8000/v1 --adminurl=http://$heat:8000/v1
   

where * HEAT_PUBLIC_IP=public IP address of the host running heat processes (i.e. node05 in our example) * heat=private IP address of the host running heat processes (i.e. node05 in our example)

3. Create the heat_stack_user role. This role is used as the default role for users created by the Orchestration module. Run the following command to create the heat_stack_user role:

    $ keystone role-create --name heat_stack_user
   

Commands on the node05 node:

1. Edit the /etc/heat/heat.conf file to change the [keystone_authtoken] and [ec2authtoken] sections to add credentials to the Orchestration Service:

    [keystone_authtoken]
    auth_host = controller
    auth_port = 35357
    auth_protocol = http
    auth_uri = http://$CONTROLLER_PUBLIC_IP:5000/v2.0
    admin_tenant_name = service
    admin_user = heat
    admin_password = $HEAT_PASS
   
    [ec2authtoken]
    auth_uri = http://$CONTROLLER_PUBLIC_IP:5000/v2.0
   

2. Configure the metadata and waitcondition servers' URLs. Edit the /etc/heat/heat.conf file and modify the following options in the [DEFAULT] section:

    [DEFAULT]
    ...
    # URL of the Heat metadata server. (string value)
    heat_metadata_server_url = http://$HEAT_PUBLIC_IP:8000
   
    # URL of the Heat waitcondition server. (string value)
    heat_waitcondition_server_url = http://$HEAT_PUBLIC_IP:8000/v1/waitcondition
   

   [Note] Note The example uses the IP address of the heat host ($HEAT_PUBLIC_IP) instead of the hostname since our example architecture does not include a DNS setup. Make sure that the instances can resolve the heat hostname if you choose to use it in the URLs.

3. Restart the service with its new settings:

    # service heat-api restart
    # service heat-api-cfn restart
    # service heat-engine restart
   

Verify the Orchestration service installation

1. To verify that the Orchestration service is installed and configured correctly, make sure that your credentials are set up correctly in the admin-openrc.sh file. Source the file, as follows:

    $ source admin-openrc.sh
   

   The Orchestration Module uses templates to describe stacks. To learn about the template languages, see the Template Guide in the Heat developer documentation.

2. Create a test template in the test-stack.template file with the following content:

    heat_template_version: 2013-05-23
   
    description: Test Template
   
    parameters:
      ImageID:
        type: string
        description: Image use to boot a server
      NetID:
        type: string
        description: Network ID for the server
   
    resources:
      server1:
        type: OS::Nova::Server
        properties:
          name: "Test server"
          image: { get_param: ImageID }
          flavor: "m1.small"
          networks:
          - network: { get_param: NetID }
   
    outputs:
      server1_private_ip:
        description: IP address of the server in the private network
        value: { get_attr: [ server1, first_address ] }
   

3. Use the heat stack-create command to create a stack from this template:

    $ NET_ID=$(nova net-list | awk '/ <subnet_name> / { print $2 }')
    $ heat stack-create -f test-stack.template -P "ImageID=cirros-0.3.2-x86_64;NetID=$NET_ID" testStack
   

+--------------------------------------+------------+--------------------+----------------------+ | id | stack_name | stack_status | creation_time | +--------------------------------------+------------+--------------------+----------------------+ | 477d96b4-d547-4069-938d-32ee990834af | testStack | CREATE_IN_PROGRESS | 2014-04-06T15:11:01Z | +--------------------------------------+------------+--------------------+----------------------+ ``` 4. Verify that the stack was created successfully with the heat stack-list command:

    $ heat stack-list
```

+--------------------------------------+------------+-----------------+----------------------+ | id | stack_name | stack_status | creation_time | +--------------------------------------+------------+-----------------+----------------------+ | 477d96b4-d547-4069-938d-32ee990834af | testStack | CREATE_COMPLETE | 2014-04-06T15:11:01Z | +--------------------------------------+------------+-----------------+----------------------+ ```

The Orchestration service usage

1. To create a stack, or template, from an existing file, run the following command:

    $ heat stack-create mystack --template-file=/PATH_TO_HEAT_TEMPLATES/vm.template --parameters="image_id=<image_id>;shared_net_id=<subnet_id>;key_name=<keypair_name>;vm_name=test"
   

   The --parameters values that you specify depend on the parameters that are defined in the template. If a website hosts the template file, you can specify the URL with the --template-url parameter instead of the --template-file parameter. The command returns the following output:

+--------------------------------------+---------------+--------------------+----------------------+ | id | stack_name | stack_status | creation_time | +--------------------------------------+---------------+--------------------+----------------------+ | 4c712026-dcd5-4664-90b8-0915494c1332 | mystack | CREATE_IN_PROGRESS | 2014-04-03T23:22:08Z | +--------------------------------------+---------------+--------------------+----------------------+ ``` 2. You can also use the stack-create command to validate a template file without creating a stack from it or use the template-validate command. To do so, run the following command:

    $ heat template-validate --template-file=/PATH_TO_HEAT_TEMPLATES/vm.template --parameters="image_id=<image_id>;shared_net_id=<subnet_id>;key_name=<keypair_name>"

If validation fails, the response returns an error message. Get information about stacks.

3. To explore the state and history of a particular stack, you can run a number of commands. To see which stacks are visible to the current user, run the following command:

    $ heat stack-list
   

+--------------------------------------+---------------+-----------------+----------------------+ | id | stack_name | stack_status | creation_time | +--------------------------------------+---------------+-----------------+----------------------+ | 4c712026-dcd5-4664-90b8-0915494c1332 | mystack | CREATE_COMPLETE | 2014-04-03T23:22:08Z | | 7edc7480-bda5-4e1c-9d5d-f567d3b6a050 | my-otherstack | CREATE_FAILED | 2014-04-03T23:28:20Z | +--------------------------------------+---------------+-----------------+----------------------+ ```

4. To show the details of a stack, run the following command:

    $ heat stack-show mystack
   

+----------------------+------------------------------------------------------------------------------------------------------------------------------+ | Property | Value | +----------------------+------------------------------------------------------------------------------------------------------------------------------+ | capabilities | [] | | creation_time | 2014-06-04T11:45:57Z | | description | Simple template to deploy a single compute instance | | disable_rollback | True | | id | 6cc7fe03-da34-4161-ba0d-58d6a00e4d55 | | links | http://90.147.102.110:8004/v1/51ab4dfca5b14f74baa60ee361e27f9f/stacks/prova/6cc7fe03-da34-4161-ba0d-58d6a00e4d55 | | notification_topics | [] | | outputs | [] | | parameters | { | | | "vm_name": "heat-prova", | | | "instance_type": "m1.small", | | | "shared_net_id": "d92aba0f-1d6e-4259-8ec7-6ebe498c755c", | | | "key_name": "my-key", | | | "AWS::StackName": "mystack", | | | "image_id": "1f31c802-ece1-42b5-ba10-3d109f1e5c96", | | | "AWS::StackId": "arn:openstack:heat::51ab4dfca5b14f74baa60ee361e27f9f:stacks/prova/6cc7fe03-da34-4161-ba0d-58d6a00e4d55", | | | "AWS::Region": "ap-southeast-1" | | | } | | stack_name | mystack | | stack_status | CREATE_COMPLETE | | stack_status_reason | Stack create completed successfully | | template_description | Simple template to deploy a single compute instance | | timeout_mins | 60 | | updated_time | 2014-06-04T11:46:47Z | +----------------------+------------------------------------------------------------------------------------------------------------------------------+ ``` 5. A stack consists of a collection of resources. To list the resources and their status, run the following command:

    $ heat resource-list mystack
```

+---------------------+-------------------+-----------------+----------------------+ | logical_resource_id | resource_type | resource_status | updated_time | +---------------------+-------------------+-----------------+----------------------+ | server1_port | OS::Neutron::Port | CREATE_COMPLETE | 2014-06-04T11:45:59Z | | my_instance | OS::Nova::Server | CREATE_COMPLETE | 2014-06-04T11:46:47Z | +---------------------+-------------------+-----------------+----------------------+ ``` 6. To show the details for the specified resource in a stack, run the following command:

    $ heat resource-show mystack my_instance
```

+------------------------+----------------------------------------------------------------------------------------------------------------------------------------+ | Property | Value | +------------------------+----------------------------------------------------------------------------------------------------------------------------------------+ | description | | | links | http://90.147.102.110:8004/v1/51ab4dfca5b14f74baa60ee361e27f9f/stacks/prova/6cc7fe03-da34-4161-ba0d-58d6a00e4d55/resources/my_instance | | | http://90.147.102.110:8004/v1/51ab4dfca5b14f74baa60ee361e27f9f/stacks/prova/6cc7fe03-da34-4161-ba0d-58d6a00e4d55 | | logical_resource_id | my_instance | | physical_resource_id | 90a60044-0114-4e23-99b2-40b980f24e16 | | required_by | | | resource_name | my_instance | | resource_status | CREATE_COMPLETE | | resource_status_reason | state changed | | resource_type | OS::Nova::Server | | updated_time | 2014-06-04T11:46:47Z | +------------------------+----------------------------------------------------------------------------------------------------------------------------------------+ ```

7. A series of events is generated during the life-cycle of a stack. To display life-cycle events, run:

    $ heat event-list mystack
   

+---------------------+------+------------------------+--------------------+----------------------+ | logical_resource_id | id | resource_status_reason | resource_status | event_time | +---------------------+------+------------------------+--------------------+----------------------+ | server1_port | 2276 | state changed | CREATE_IN_PROGRESS | 2014-06-04T11:45:57Z | | server1_port | 2277 | state changed | CREATE_COMPLETE | 2014-06-04T11:45:59Z | | my_instance | 2278 | state changed | CREATE_IN_PROGRESS | 2014-06-04T11:46:00Z | | my_instance | 2279 | state changed | CREATE_COMPLETE | 2014-06-04T11:46:47Z | +---------------------+------+------------------------+--------------------+----------------------+ ``` 8. To show the details for a particular event, run the following command:

    $ heat event-show mystack server1_port 2276
```

+------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------+ | Property | Value | +------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------+ | event_time | 2014-06-04T11:45:57Z | | id | 2276 | | links | http://90.147.102.110:8004/v1/51ab4dfca5b14f74baa60ee361e27f9f/stacks/prova/6cc7fe03-da34-4161-ba0d-58d6a00e4d55/resources/server1_port/events/2276 | | | http://90.147.102.110:8004/v1/51ab4dfca5b14f74baa60ee361e27f9f/stacks/prova/6cc7fe03-da34-4161-ba0d-58d6a00e4d55/resources/server1_port | | | http://90.147.102.110:8004/v1/51ab4dfca5b14f74baa60ee361e27f9f/stacks/prova/6cc7fe03-da34-4161-ba0d-58d6a00e4d55 | | logical_resource_id | server1_port | | physical_resource_id | None | | resource_name | server1_port | | resource_properties | { | | | "name": null, | | | "admin_state_up": true, | | | "network_id": "d92aba0f-1d6e-4259-8ec7-6ebe498c755c", | | | "value_specs": {}, | | | "mac_address": null, | | | "fixed_ips": null, | | | "security_groups": null, | | | "device_id": null | | | } | | resource_status | CREATE_IN_PROGRESS | | resource_status_reason | state changed | | resource_type | OS::Neutron::Port | +------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------+ ```