OpenStack

Simple Helion Stackato deployments can be done using the OpenStack Horizon interface. If your system does not have Horizon enabled, if you need to configure options not available in Horizon, or if you want to script VM operations, you should use the following command-line tools:

  • glance: Used to import a Helion Stackato VM image into the OpenStack Image Service. Different installation options are available:
  • nova: Used to launch instances, configure security groups, and attach storage. It can be installed via:
    • pypm: pypm install python-novaclient
    • pip: pip install python-novaclient
    • source
    • Linux packages: for example, sudo apt-get install python-novaclient
  • cinder: Used for managing block storage. It can be installed via:
    • pypm: pypm install python-cinderclient
    • pip: pip install python-cinderclient
    • source
    • Linux packages: for example, sudo apt-get install python-cinderclient

To use these tools, set the environment variables for your OpenStack credentials. Download the openrc.sh file from User Settings > OpenStack API, click Download RC file and then source the settings with the following command:

source openrc.sh

Alternatively, set the variables manually as per the OpenStack CLI documentation.

The following instructions use glance 2.0.0, nova 2.17.0, and cinder 1.6.0. If you are using older versions of these clients (e.g. to work older Open Stack versions) consult the CLI help for usage information, as some options may have changed.

Import Helion Stackato VM

If you have not already done so, download the KVM image of the Helion Stackato Micro Cloud VM.

Unzip the image in a convenient local directory, then use glance to create an image in OpenStack. For example, the following command imports a qcow2 image of Helion Stackato to OpenStack and makes it publicly available:

glance image-create --name="Stackato-3.6.2" --visibility public \\
  --container-format=bare --disk-format=qcow2 \\
  --file stackato-v|version|-release.qcow2

Adding a keypair

To launch instances on OpenStack you will need a keypair consisting of a private and public key. See Creation of Key Pairs in the OpenStack documentation for details.

You can use the existing ssh public key from your local system by running the following command:

nova keypair-add --pub-key ~/.ssh/id_rsa.pub stackato-admin

Security Groups

Before launching a Helion Stackato VM instance, you will need to either create a security group which exposes only the necessary network ports, or use/modify an existing group with the properties described below.

If you are running a single-instance Helion Stackato Micro Cloud, you can create a simple security group which exposes the following three ports to the public (CIDR 0.0.0.0/0):

  • HTTP (port 80)
  • HTTPS (port 443)
  • SSH (port 22)

All internal communication between Helion Stackato processes on other ports pass through localhost in this configuration. See Helion Stackato port requirements for details on port usage in Stackato.

When creating a cluster you must limit most ports for externally-exposed nodes (such as Router or Load Balancer) and allow communication on all ports between nodes internal to the cluster (such as the Primary node, Controller, DEA, and data service nodes).

For example, you could create two groups:

  • stackato-ext exposes only the HTTP, HTTPS, and SSH ports
  • stackato-int exposes all TCP and UDP ports only to members of the stackato-int and stackato-ext groups (no ports are exposed to the public)

Adding Groups and Rules with python-novaclient

To create the stackato-ext security group described above using nova:

nova secgroup-create stackato-ext "Helion Stackato front end nodes"
nova secgroup-add-rule stackato-ext tcp 22 22 0.0.0.0/0
nova secgroup-add-rule stackato-ext tcp 80 80 0.0.0.0/0
nova secgroup-add-rule stackato-ext tcp 443 443 0.0.0.0/0

To create the stackato-int group:

nova secgroup-create stackato-int "stackato auxiliary nodes"

Run the secgroup-add-group-rule command rather than secgroup-add-rule for creating rules applying to a group rather than a CIDR range:

nova secgroup-add-group-rule stackato-int stackato-int tcp 1 65535
nova secgroup-add-group-rule stackato-int stackato-int udp 1 65535
nova secgroup-add-group-rule stackato-int stackato-ext tcp 1 65535
nova secgroup-add-group-rule stackato-int stackato-ext udp 1 65535

Once the stackato-int group is created, additional rules can be added to stackato-ext to allow the two groups to communicate:

nova secgroup-add-group-rule stackato-ext stackato-ext tcp 1 65535
nova secgroup-add-group-rule stackato-ext stackato-ext udp 1 65535
nova secgroup-add-group-rule stackato-ext stackato-int tcp 1 65535
nova secgroup-add-group-rule stackato-ext stackato-int udp 1 65535

Booting a Helion Stackato VM

Find the Helion Stackato VM image using nova image-list or the Horizon interface. In the above example, the name 'Stackato-3.6.2' appears in the list.

Use nova flavor-list to see a list of available instance sizes and configurations and choose a flavor that provides 3GB of RAM or greater. Make note of the flavor ID.

To boot a single Helion Stackato VM for use as a Micro Cloud, use the nova boot command. For example:

nova boot microcloud --image Stackato-3.6.2 --flavor m1.medium \\
  --key_name stackato-admin --security_groups stackato-ext

If you have multiple networks enabled, specify the one in which you want to boot the instance using the --nic net-id=<network id> option.

Cluster Setup

Setting up a Helion Stackato cluster on OpenStack is very similar to the process on any other infrastructure. Boot instances using the method above, and follow the instructions and guidelines in the Cluster Setup guide.

Configuring Block Storage

Stackato nodes hosting data services, the filesystem service, or the controller roles should always have certain key directories backed with block storage in Open Stack. Use the cinder client to create these volumes. For example:

cinder create --name stackato-droplets 100 # GB

Use nova to attach them. For example:

nova volume-attach <ID of server> <ID of volume created above> /dev/vdc

See the Using Persistent Storage section for instructions on how to mount the filesystems and relocate key data to them. See also the Multiple Controllers section for instructions specific to sharing a filesystem between Cloud Controller nodes.