docs/doc/source/deploy_install_guides/r6_release/openstack/install.rst

Install StarlingX OpenStack

These instructions assume that you have completed the following OpenStack-specific configuration tasks that are required by the underlying StarlingX Kubernetes platform:

• All nodes have been labeled appropriately for their OpenStack role(s).
• The vSwitch type has been configured.
• The nova-local volume group has been configured on any node's host, if running the compute function.

Install application manifest and helm-charts

1. Modify the size of the docker_lv filesystem. By default, the size of the docker_lv filesystem is 30G, which is not enough for -openstack installation. Use the host-fs-modify CLI to increase the filesystem size.

   The syntax is:

   system host-fs-modify <hostname or id> <fs name=size>

   Where:

   • hostname or id is the location where the file system will be added.
   • fs name is the file system name.
   • size is an integer indicating the file system size in Gigabytes.

   For example:

   system host-fs-modify controller-0 docker=60

2. Get the latest StarlingX OpenStack application (-openstack) manifest and helm charts. Use one of the following options:

   • Private StarlingX build. See Build-stx-openstack-app for details.

   • Public download from CENGN StarlingX mirror.

     After you select a release, helm charts are located in centos/outputs/helm-charts.

3. Load the -openstack application's package into StarlingX. The tarball package contains -openstack's manifest and -openstack's set of helm charts. For example:

   system application-upload -openstack-<version>-centos-stable-versioned.tgz

   This will:

   • Load the manifest and helm charts.
   • Internally manage helm chart override values for each chart.
   • Automatically generate system helm chart overrides for each chart based on the current state of the underlying StarlingX Kubernetes platform and the recommended StarlingX configuration of OpenStack services.

4. OPTIONAL: In order to enable secure HTTPS connectivity for OpenStack REST APIs and OpenStack Horizon, install an HTTPS Certificate for OpenStack.

   1. Obtain an Intermediate or Root CA-signed certificate and key from a trusted Intermediate or Root CA. The OpenStack certificate should be created with a wildcard SAN, e.g.

      X509v3 extensions:
      X509v3 Subject Alternative Name:
      DNS:*.my-wro.my-company.com

   2. Put the PEM encoded versions of the openstack certificate and key in a single file (e.g. openstack-cert-key.pem), and put the certificate of the Root CA in a separate file (e.g. openstack-ca-cert.pem), and copy the files to the controller host.

   3. Install/update this certificate as the OpenStack REST API / Horizon certificate:

      ~(keystone_admin)]$ system certificate-install -m ssl_ca openstack-ca-cert.pem
      ~(keystone_admin)]$ system certificate-install -m openstack_ca openstack-ca-cert.pem
      ~(keystone_admin)]$ system certificate-install -m openstack openstack-cert-key.pem

      The above command will make the appropriate overrides to the OpenStack Helm Charts to enable HTTPS on the OpenStack Services REST API endpoints.

5. OPTIONAL: Configure the domain name.

   For details, see update-the-domain-name.

6. Apply the -openstack application in order to bring StarlingX OpenStack into service. If your environment is preconfigured with a proxy server, then make sure HTTPS proxy is set before applying -openstack.

   system application-apply -openstack

   Note

   To set the HTTPS proxy at bootstrap time, refer to Ansible Bootstrap Configurations.

   To set the HTTPS proxy after installation, refer to Docker Proxy Configuration.

7. Wait for the activation of -openstack to complete.

   This can take 5-10 minutes depending on the performance of your host machine.

   Monitor progress with the command:

   watch -n 5 system application-list

Next steps

Your OpenStack cloud is now up and running.

See access for details on how to access StarlingX OpenStack.