x
/
microstack
Code Issues Proposed changes
OpenStack in a snap!
248 Commits 4 Branches 0 Tags 60 MiB
Python 43.8%
Jinja 36.7%
SCSS 10.5%
Shell 9%
Go to file
Corey Bryant eae1b81ec6 Add TLS OpenStack API endpoints 
A new config.tls.generate-cert option is added that defaults to true.
When true, a self-signed certificate will be generated and OpenStack
API endpoints will be configured to use TLS with that self-signed
certificate. The following config options are added:

snap get microstack config.tls.generate-self-signed
snap get microstack config.tls.cacert-path
snap get microstack config.tls.cert-path
snap get microstack config.tls.key-path

Users can provide their own certificate by setting generate-cert to
false and storing their own certificates/key at the paths specified
by cacert-path, cert-path, and key-path. 'snap set' can also be used
to change the cert/key file names.

If using clustering, the certificates/key will be copied from the
control node to the compute nodes. The config for cacert-path,
cert-path, and key-path will be set to the same values as on the
control node.

Other notable changes:
* The existing generate_selfsigned() function is modified to change
  the subject alternative name to be made up of the hostname and
  optionally an IP. The controller hostname and IP are used when
  generating the certificate for self-signed TLS endpoints. The
  hostname is now used instead of 'microstack.run' when generating
  the clustering certificate.
* This change also aligns logging for nginx and corresponding sites
  and moves all nginx sites to {snap_common}/etc/nginx/sites-enabled.

Change-Id: Iceea3127822404a3275fcf8a221cbedc4b52c217
 		2021-05-07 15:02:20 -04:00
checks Added Filebeat, NRPE and Telegraf to Microstack 2020-02-11 14:33:26 +00:00
patches Use focal/core20/Ussuri/OVN & enable confinement 2020-09-25 13:20:12 +00:00
snap/hooks Add TLS OpenStack API endpoints 2021-05-07 15:02:20 -04:00
snap-overlay Add TLS OpenStack API endpoints 2021-05-07 15:02:20 -04:00
snap-wrappers Skip hostname checks and drop IP-based ACLs 2020-11-09 13:30:41 +03:00
tests Add TLS OpenStack API endpoints 2021-05-07 15:02:20 -04:00
tools Add TLS OpenStack API endpoints 2021-05-07 15:02:20 -04:00
.gitignore Strict confinement (devmode) 2020-03-05 09:31:15 +00:00
.gitreview Added automated testing via tox and zuul. 2019-07-24 08:04:38 +01:00
.zuul.yaml Migrate functional testing to third-parth CI 2021-01-15 14:08:02 +03:00
CONTRIBUTING.md Updated "Building MicroStack" section of CONTRIBUTING.md 2019-11-14 17:36:25 +00:00
DEMO.md Add TLS OpenStack API endpoints 2021-05-07 15:02:20 -04:00
README.md Add command to README for retrieving admin password 2020-12-03 16:44:31 +00:00
filebeat.pgp.key Added Filebeat, NRPE and Telegraf to Microstack 2020-02-11 14:33:26 +00:00
osci.yaml Move volume tests to experimental pipeline 2021-04-08 14:28:52 -07:00
snapcraft.yaml Get OpenStack tarballs from opendev.org 2021-05-07 14:40:13 -04:00
telegraf.pgp.key Added Filebeat, NRPE and Telegraf to Microstack 2020-02-11 14:33:26 +00:00
test-requirements.txt Rework the test framework & the clustering test 2021-01-15 15:58:03 +03:00
tox.ini Move volume tests to experimental pipeline 2021-04-08 14:28:52 -07:00

README.md

MicroStack

Snap Status

MicroStack is a single-machine, snap-deployed OpenStack cloud.

Common purposes include:

  • Development and testing of OpenStack workloads
  • Continuous integration (CI)
  • IoT and appliances
  • Edge clouds (experimental)
  • Introducing new users to OpenStack

Currently provided OpenStack services are: Nova, Keystone, Glance, Horizon, and Neutron.

MicroStack is frequently updated to provide the latest stable updates of the most recent OpenStack release.

Requirements: You will need at least 2 CPUs, 8 GiB of memory, and 100 GiB of disk space.

See the full MicroStack documentation.

Installation

At this time you can install from the --beta or --edge snap channels:

sudo snap install microstack --classic --beta

The edge channel is moving toward a strictly confined snap. At this time, it must be installed in devmode:

sudo snap install microstack --devmode --edge

Initialisation

Initialisation will set up databases, networks, flavors, an SSH keypair, a CirrOS image, and open ICMP/SSH security groups:

sudo microstack.init --auto

OpenStack client

The OpenStack client is bundled as microstack.openstack. For example:

microstack.openstack network list
microstack.openstack flavor list
microstack.openstack keypair list
microstack.openstack image list
microstack.openstack security group rule list

Creating an instance

To create an instance (called "awesome") based on the CirrOS image:

microstack.launch cirros --name awesome

SSH to an instance

The launch output will show you how to connect to the instance. For the CirrOS image, the user account is 'cirros'.

ssh -i ~/.ssh/id_microstack cirros@<ip-address>

Horizon

The launch output will also provide information for the Horizon dashboard. The username is 'admin' and the password can be obtained in this way:

sudo snap get microstack config.credentials.keystone-password

Removing MicroStack

To remove MicroStack, run:

sudo microstack.remove --auto

This will clean up the Open vSwitch bridge device and uninstall MicroStack. If you remove MicroStack with the snap remove command instead, don't worry -- the Open vSwitch bridge will disappear the next time that you reboot your system.

Note that you can pass any arguments that you'd pass to the snap remove command to microstack.remove. To purge the snap, for example, run:

sudo microstack.remove --auto --purge

LMA stack

Filebeat, Telegraf and NRPE are bundled as the snap systemd services.

Customising and contributing

To customise services and settings, look in the .d directories under /var/snap/microstack/common/etc. You can add services with your package manager, or take a look at CONTRIBUTING.md and make a code based argument for adding a service to the default list.

Reporting a bug

Please report bugs to the MicroStack project on Launchpad.