This chapter will show you how to setup a different region in the OpenStack for your backup users.
If you are new to OpenStack, you should check with their documentation on general setup available at http://docs.openstack.org/
If you already have a running OpenStack, you can follow our steps to setup the different region for users.
Here are the OpenStack version used in the following examples:
Here are the values used in the following examples:
Note: The value of the Keystone admin token can be found in the variable name "admin_token" defined inside the keystone configuration file at /etc/keystone/keystone.conf .
Please setup the following variables in bash profile before you setup a tenant (project), user, roles and storage quota etc.
Step 1: Add the environment variable in the .bash_profile
Example (/root/.bash_profile)---------------------------------------------------------------------------------------------------- : : Trimmed : : export OS_USERNAME=admin export OS_PASSWORD=admin export OS_TENANT_NAME=mybackup export OS_AUTH_URL=http://10.7.54.7:5000/v2.0 export OS_SERVICE_ENDPOINT=http://10.7.54.7:35357/v2.0 export OS_SERVICE_TOKEN=7b05dab9722d44e7b9a82dc0d1ff74ea : : Trimmed : : ----------------------------------------------------------------------------------------------------
Please login again for profile to take effect.
Note: The value of the OS_SERVICE_TOKEN can be found in the variable name "admin_token" defined inside the keystone configuration file at /etc/keystone/keystone.conf .
If you have a second OpenStack storage which you want to mount on your current OpenStack, you can setup a second region on your current OpenStack.
Assume the IP of the second region OpenStack is 10.7.54.8 . You need to find out the swift service id and map the second region on your current OpenStack according to the below instruction.
To list swift service id by keystone service list command:
Usage: keystone service-list
Example---------------------------------------------------------------------------------------------------- [root@os ~]# keystone service-list WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored). +----------------------------------+------------+--------------+--------------------------------+ | id | name | type | description | +----------------------------------+------------+--------------+--------------------------------+ | 5f805cc7df2a43eb90db6fe11ed682f6 | ceilometer | metering | Openstack Metering Service | | 3134116675a8420a88ef01cdcb0c8728 | cinder | volume | Cinder Service | | b703b91737954d01a2d180f6c3d575ba | cinder_v2 | volumev2 | Cinder Service v2 | | cc787cf0258e46d6a342e1502e7bf6be | glance | image | Openstack Image Service | | b3af7d0a95d34aa7883629df7a7f7f56 | keystone | identity | OpenStack Identity Service | | 10f1a022ada246138aba5834e3622a91 | neutron | network | Neutron Networking Service | | 218b5356d65e4d8382297f72d65c8bbb | nova | compute | Openstack Compute Service | | a809ad43f380400cb55ff2520bb27ab0 | nova_ec2 | ec2 | EC2 Service | | 8b517bd82d4345c895384f9596a29880 | swift | object-store | Openstack Object-Store Service | | 11882e74696547b0ba1e4d276074ae37 | swift_s3 | s3 | Openstack S3 Service | +----------------------------------+------------+--------------+--------------------------------+ [root@os ~]# ----------------------------------------------------------------------------------------------------
To add the second region (RegionTwo) to the 'swift' keystone service
Usage: keystone endpoint-create --region <endpint-region> --service-id=<swift service-id> --publicurl <public-url> --adminurl <admin URL> --internalurl <internal-url>
Example---------------------------------------------------------------------------------------------------- [root@os ~]# keystone endpoint-create --region RegionTwo --service-id=8b517bd82d4345c895384f9596a29880 --publicurl 'http://10.7.54.8:8080/v1/AUTH_%(tenant_id)s' --adminurl 'http://10.7.54.8:8080/v1' --internalurl 'http://10.7.54 .8:8080/v1/AUTH_%(tenant_id)s' +-------------+---------------------------------------------+ | Property | Value | +-------------+---------------------------------------------+ | adminurl | http://10.7.54.8:8080/v1 | | id | 40c018c7ff934bc4b3d8c0ce8c78d8db | | internalurl | http://10.7.54.8:8080/v1/AUTH_%(tenant_id)s | | publicurl | http://10.7.54.8:8080/v1/AUTH_%(tenant_id)s | | region | RegionTwo | | service_id | 8b517bd82d4345c895384f9596a29880 | +-------------+---------------------------------------------+ [root@os ~]# ----------------------------------------------------------------------------------------------------