docs/doc/source/security/openstack/configure-remote-clis-and-clients.rst

Configure Remote CLIs

The command lines can be accessed from remote computers running Linux, MacOS, and Windows.

This functionality is made available using a docker image for connecting to the remotely. This docker image is pulled as required by configuration scripts.

You must have Docker installed on the remote systems you connect from. For more information on installing Docker, see https://docs.docker.com/install/. For Windows remote workstations, Docker is only supported on Windows 10.

For Windows remote workstations, you must run the following commands from a Cygwin terminal. See https://www.cygwin.com/ for more information about the Cygwin project.

For Windows remote workstations, you must also have winpty installed. Download the latest release tarball for Cygwin from https://github.com/rprichard/winpty/releases. After downloading the tarball, extract it to any location and change the Windows <PATH> variable to include its bin folder from the extracted winpty folder.

For access to remote CLI, it is required to set the DNS in the cluster using the system service-parameter-add openstack helm endpoint_domain=domain_name command and reapply OpenStack using the system application-apply -openstack command.

The following procedure shows how to configure the Container-backed Remote for OpenStack remote access.

1. Copy the remote client tarball file from to the remote workstation, and extract its content.

   • The tarball is available from the area on .
   • You can extract the tarball's contents anywhere on your workstation system.

   $ cd $HOME $ tar xvf -remote-clients-<version>.tgz

2. Download the user/tenant openrc file from the to the remote workstation.

   Note

   If the system has HTTPS certificate enabled, use the following steps:

   1. Download the certificate file (ca-bundle.trust.crt) from the /etc/pki/tls/certs/ directory on the system, and copy the file to your remote workstation to the same directory as the admin-openrc.sh file.

   2. Update the admin-openrc.sh file with the following:

      export OS_CACERT=ca-bundle.trust.crt

   1. Log in to interface as the user and tenant that you want to configure remote access for.

      In this example, we use the 'admin' user in the 'admin' tenant.

   2. Navigate to Project > API Access > Download Openstack RCfile.

   3. Select Openstack RC file.

      The file admin-openrc.sh downloads.

      Note

      For a Distributed Cloud system, navigate to Project > Central Cloud Regions > RegionOne > and download the Openstack RC file.

3. On the remote workstation, configure the OpenStack client access.

   1. Change to the location of the extracted tarball.

      $ cd $HOME/-remote-clients-<version>/

   2. Create a working directory that will be mounted by the container implementing the remote .

      $ mkdir -p $HOME/remote_cli_wd

   3. Run the configure_client.sh script to install and configure the OpenStack CLIs/Clients.

      starlingx

      $ ./configure_client.sh -t openstack -r admin-openrc.sh -w  $HOME/remote_cli_wd -a <wind-river-registry-url>/docker.io/starlingx/wr-openstackclients:<tag>

      partner

      If you specify repositories that require authentication, as shown above, you must remember to perform a docker login to that repository before using remote for the first time.

      The options for configure_client.sh are:

      -t

      The type of client configuration. The options are platform (for and clients) and OpenStack (for application and clients).

      The default value is platform.

      -r

      The user/tenant RC file to use for 'openstack' commands.

      The default value is admin-openrc.sh.

      -o

      The remote /workstation RC file generated by this script.

      This RC file needs to be sourced in the shell, to setup required environment variables and aliases, before running any remote commands.

      For the platform client setup, the default is remote_client_platform.sh. For the OpenStack application client setup, the default is remote_client_openstack.sh.

      -w

      The working directory that will be mounted by the container implementing the remote . When using the remote , any files passed as arguments to the remote commands need to be in this directory in order for the container to access the files. The default value is the directory from which the configure_client.sh command was run.

      -p

      Override the container image for the platform and clients.

      By default, the platform and clients container image is pulled from docker.io/starlingx/stx-platformclients.

      If you specify repositories that require authentication, you must first perform a docker login to that repository before using remote .

      -a

      Override the OpenStack application image.

      By default, the OpenStack and clients container image is pulled from docker.io/starlingx/stx-openstackclients.

      The configure-client.sh command will generate a remote_client_openstack.sh RC file. This RC file needs to be sourced in the shell to set up required environment variables and aliases before any remote commands can be run.

   4. Copy the file remote_client_openstack.sh to $HOME/remote_cli_wd

After configuring the container-backed remote /clients, the remote can be used in any shell after sourcing the generated remote /client RC file. This RC file sets up the required environment variables and aliases for the remote commands.

Note

Consider adding this command to your .login or shell rc file, such that your shells will automatically be initialized with the environment variables and aliases for the remote commands.

See Use Container-backed Remote CLIs and Clients <config-and-management-using-container-backed-remote-clis-and-clients> for details.