openstack-manuals/doc/install-guide/source/horizon-install.rst

Install and configure

This section describes how to install and configure the dashboard on the controller node.

The only core service required by the dashboard is the Identity service. You can use the dashboard in combination with other services, such as Image service, Compute, and Networking. You can also use the dashboard in environments with stand-alone services such as Object Storage.

Note

This section assumes proper installation, configuration, and operation of the Identity service using the Apache HTTP server and Memcached service as described in the Install and configure the Identity service <keystone-install> section.

Install and configure components

obs

1. Install the packages:

   # zypper install openstack-dashboard

rdo

1. Install the packages:

   # yum install openstack-dashboard

ubuntu

1. Install the packages:

   # apt install openstack-dashboard

debian

1. Install the packages:

   # apt install openstack-dashboard-apache

2. Respond to prompts for web server configuration.

   Note

   The automatic configuration process generates a self-signed SSL certificate. Consider obtaining an official certificate for production environments.

   Note

   There are two modes of installation. One using /horizon as the URL, keeping your default vhost and only adding an Alias directive: this is the default. The other mode will remove the default Apache vhost and install the dashboard on the webroot. It was the only available option before the Liberty release. If you prefer to set the Apache configuration manually, install the openstack-dashboard package instead of openstack-dashboard-apache.

obs

2. Configure the web server:

   # cp /etc/apache2/conf.d/openstack-dashboard.conf.sample \
     /etc/apache2/conf.d/openstack-dashboard.conf
   # a2enmod rewrite

3. Edit the /srv/www/openstack-dashboard/openstack_dashboard/local/local_settings.py file and complete the following actions:

   • Configure the dashboard to use OpenStack services on the controller node:

     OPENSTACK_HOST = "controller"

   • Allow your hosts to access the dashboard:

     ALLOWED_HOSTS = ['one.example.com', 'two.example.com']

     Note

     ALLOWED_HOSTS can also be ['*'] to accept all hosts. This may be useful for development work, but is potentially insecure and should not be used in production. See Django documentation for further information.

   • Configure the memcached session storage service:

     SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
     
     CACHES = {
         'default': {
              'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
              'LOCATION': 'controller:11211',
         }
     }

     Note

     Comment out any other session storage configuration.

   • Enable the Identity API version 3:

     OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST

   • Enable support for domains:

     OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True

   • Configure API versions:

     OPENSTACK_API_VERSIONS = {
         "identity": 3,
         "image": 2,
         "volume": 2,
     }

   • Configure Default as the default domain for users that you create via the dashboard:

     OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"

   • Configure user as the default role for users that you create via the dashboard:

     OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"

   • If you chose networking option 1, disable support for layer-3 networking services:

     OPENSTACK_NEUTRON_NETWORK = {
         ...
         'enable_router': False,
         'enable_quotas': False,
         'enable_distributed_router': False,
         'enable_ha_router': False,
         'enable_lb': False,
         'enable_firewall': False,
         'enable_vpn': False,
         'enable_fip_topology_check': False,
     }

   • Optionally, configure the time zone:

     TIME_ZONE = "TIME_ZONE"

     Replace TIME_ZONE with an appropriate time zone identifier. For more information, see the list of time zones.

rdo

2. Edit the /etc/openstack-dashboard/local_settings file and complete the following actions:

   • Configure the dashboard to use OpenStack services on the controller node:

     OPENSTACK_HOST = "controller"

   • Allow your hosts to access the dashboard:

     ALLOWED_HOSTS = ['one.example.com', 'two.example.com']

     Note

     ALLOWED_HOSTS can also be ['*'] to accept all hosts. This may be useful for development work, but is potentially insecure and should not be used in production. See https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts for further information.

   • Configure the memcached session storage service:

     SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
     
     CACHES = {
         'default': {
              'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
              'LOCATION': 'controller:11211',
         }
     }

     Note

     Comment out any other session storage configuration.

   • Enable the Identity API version 3:

     OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST

   • Enable support for domains:

     OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True

   • Configure API versions:

     OPENSTACK_API_VERSIONS = {
         "identity": 3,
         "image": 2,
         "volume": 2,
     }

   • Configure Default as the default domain for users that you create via the dashboard:

     OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"

   • Configure user as the default role for users that you create via the dashboard:

     OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"

   • If you chose networking option 1, disable support for layer-3 networking services:

     OPENSTACK_NEUTRON_NETWORK = {
         ...
         'enable_router': False,
         'enable_quotas': False,
         'enable_distributed_router': False,
         'enable_ha_router': False,
         'enable_lb': False,
         'enable_firewall': False,
         'enable_vpn': False,
         'enable_fip_topology_check': False,
     }

   • Optionally, configure the time zone:

     TIME_ZONE = "TIME_ZONE"

     Replace TIME_ZONE with an appropriate time zone identifier. For more information, see the list of time zones.

ubuntu or debian

2. Edit the /etc/openstack-dashboard/local_settings.py file and complete the following actions:

   • Configure the dashboard to use OpenStack services on the controller node:

     OPENSTACK_HOST = "controller"

   • In the Dashboard configuration section, allow your hosts to access Dashboard:

     ALLOWED_HOSTS = ['one.example.com', 'two.example.com']

     Note

     • Do not edit the ALLOWED_HOSTS parameter under the Ubuntu configuration section.
     • ALLOWED_HOSTS can also be ['*'] to accept all hosts. This may be useful for development work, but is potentially insecure and should not be used in production. See the Django documentation for further information.

   • Configure the memcached session storage service:

     SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
     
     CACHES = {
         'default': {
              'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
              'LOCATION': 'controller:11211',
         }
     }

     Note

     Comment out any other session storage configuration.

   • Enable the Identity API version 3:

     OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST

   • Enable support for domains:

     OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True

   • Configure API versions:

     OPENSTACK_API_VERSIONS = {
         "identity": 3,
         "image": 2,
         "volume": 2,
     }

   • Configure Default as the default domain for users that you create via the dashboard:

     OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"

   • Configure user as the default role for users that you create via the dashboard:

     OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"

   • If you chose networking option 1, disable support for layer-3 networking services:

     OPENSTACK_NEUTRON_NETWORK = {
         ...
         'enable_router': False,
         'enable_quotas': False,
         'enable_ipv6': False,
         'enable_distributed_router': False,
         'enable_ha_router': False,
         'enable_lb': False,
         'enable_firewall': False,
         'enable_vpn': False,
         'enable_fip_topology_check': False,
     }

   • Optionally, configure the time zone:

     TIME_ZONE = "TIME_ZONE"

     Replace TIME_ZONE with an appropriate time zone identifier. For more information, see the list of time zones.

Finalize installation

ubuntu or debian

• Reload the web server configuration:

  # service apache2 reload

obs

• Restart the web server and session storage service:

  # systemctl restart apache2.service memcached.service

  Note

  The systemctl restart command starts each service if not currently running.

rdo

• Restart the web server and session storage service:

  # systemctl restart httpd.service memcached.service

  Note

  The systemctl restart command starts each service if not currently running.