Skip to end of metadata
Go to start of metadata

Introduction

In the Yoda release of CoprHD, there is a new feature called ‘Storage Orchestration For OpenStack’ (SOFO). OpenStack is open source software designed to build public and private clouds. CoprHD is an open source software-defined-storage (SDS) controller designed to bring cloud-like benefits to enterprise storage management. Benefits include automatic provisioning, a self-service portal, policy-based storage profile definitions, and single pane of glass for management of multi-vendor storage systems. 

In OpenStack, there is a project called ‘Cinder” that is used to provision and manage block storage. It has a defined set of standard REST APIs for enterprise storage management. The implementation is done using Python, like any other service in OpenStack. SOFO is a “First-Of-a-Kind’ Java implementation of these REST APIs. By providing the SOFO implementation, CoprHD enables multiple choices for managing storage in OpenStack deployments

This guide is an attempt to provide all the information that is required to deploy CoprHD to manage block storage in an OpenStack ecosystem.

Support Matrix

CoprHDOpenStack
Yoda ( 3.0 )Kilo ( 2015.1)

 

Prerequisites

  • CoprHD Yoda installed and running with valid license.
  • OpenStack Kilo installed and running.
  • List of storage systems to be managed by CoprHD along with their access details (IP address, Administrator username, Administrator password).
  • For all-in-one node deployment of OpenStack, access details of the node, which is discovered as a compute host in CoprHD.
  • For multi node deployment of OpenStack, access details of the compute node, which is discovered as a compute host in CoprHD.
  • For iSCSI connection, initiator details of the compute node of OpenStack.
  • For FC connection,
    • Compute node of OpenStack should have SAN connectivity with storage systems which are being used.
    • Fabric Manager details like IP Address, Administrator username and password, used to discover it in CoprHD. This is required to discover SAN networking between OpenStack compute host and storage systems.

Supported Operations

The following operations are supported:

Operations related to Volumes:

  • Create/Delete/Attach/Detach/List/Show/Expand/Rename/Clone volume.
  • Update the volume state.
  • Create volume from snapshot.

Operations related to Snapshots:

  • Create/Delete/Update/List/Show/Rename snapshot and Update the snapshot state.

Operations related to tenant:

  • List quota usage for a tenant.
  • Lists quotas for a tenant.
  • List default quotas for a tenant.
  • Delete/Update quotas for a tenant.

Operations related to QOS:

  • List/Show QOS.

Other Operations:

  • List volume types.
  • List availability-zone.
  • List Extra specs.
  • List all services.

Configuration

OpenStack

We need to do the following on OpenStack:

  1. Register CoprHD as a Block Storage Service Provider in Keystone.
  2. Enable Horizon to use Cinder V2.

Register CoprHD as a Block Storage Service Provider in Keystone

Automatic Registration

To automatically register CoprHD as Block storage service provider in Keystone, navigate to the Keystone Authentication Provider screen as Security → Authentication Providers → Add screen and select the checkbox, "Automatic Registration and Tenant Mapping." This adds the CoprHD instance with its virtual IP into the OpenStack Keystone service.


In addition to registering CoprHD into Keystone, this action also imports tenants and projects from Keystone into CoprHD.


Manual Registration

We recommend using the automatic registration capability in the previous step to register CoprHD as a Block storage service provider in Keystone. However, if you choose to do manual registration instead, follow these steps:

  • List openstack services using the command #openstack service list



  • Note the service ID from the above table corresponding to cinder and cinderv2. In this example it is 0e0ba32fe23b47f4ba42c9dec0d03e6d and 28e62d6a87204c33993a650f716fd1f7
  • List the keystone endpoints using the command #openstack endpoint list


  • Make a note of cinder and cinderv2 endpoint ids. In this example, they are 9f5b7c8c8ae54350a9a254de0d3e0756 and 003065bc3a1643479ddc6d47f75c4541
  • Delete these endpoint using the command #openstack endpoint delete <endpoint-id>




  • Create the CoprHD as cinder and cinderv2 endpoint using the command #openstack endpoint create


Enable Horizon to use Cinder V2

Openstack UI points to Cinder V1. Make it point to V2 using these steps:

  • open local_settings.py on openstack.(Example : /opt/stack/horizon/openstack_dashboard/local/local_settings.py )
  • Uncomment following lines in the file:

OPENSTACK_API_VERSIONS = {
"data_processing": 1.1,
"identity": 3,
"volume": 2
}

  • Restart the apache service

sudo service apache2 stop

sudo service apache2 start


CoprHD

  • Add OpenStack Keystone as an authentication provider.
  • Discover these physical assets: Storage systems, fabric manager/s and compute host (OpenStack compute host).
  • Create virtual entities: Virtual Array and Virtual Storage Pool.
  • Map OpenStack tenants into CoprHD.
  • Create projects and tag them with OpenStack tenant ids.

Access CoprHD in HTTP mode

After the installation of the CoprHD is completed, security needs to be turned off for port 8776 in /etc/nginx/nginx.conf. Then restart the nginx services. This is not a recommended option for production use. Use it only for Proof of Concept (POC) and testing deployments.

Notice that the ssl is "off" for the server block which listens on 8776.

Restart the nginx service using the command #/etc/init.d/nginx restart

Access CoprHD in HTTPS mode

On the OpenStack node, do the following. (These steps are for the Ubuntu operating system.)

  1. Download the certificate. openssl s_client -connect http:<CoprHD-IP>:8776 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > <CoprHD-IP>.crt
  2. Copy the certificate to /usr/share/ca-certificates
  3. Edit certificate configuration to include the new certificate @ /etc/ca-certificates.conf
  4. Update the configuration by running the command “update-ca-certificates --fresh”

After doing this, a CoprHD endpoint in Keystone needs to be created using https protocol.

 

Access Keystone in HTTPS mode

To set-up the Keystone in HTTPS mode, please refer the OpenStack Keystone documentation. To get the HTTPS mode working for Keystone with CoprHD, Keystone certificates needs to be downloaded and added to CoprHD's trust-store.

Tenants Mapping and Project Tagging

Automatic

Steps outlined in the "Manual" section are automated and can be executed as follows.

Navigate to Keystone Authentication Provider screen as Security → Authentication Providers → Add screen. Selecting the checkbox, "Automatic Registration and Tenant Mapping," 

  • Imports all tenants which are present in OpenStack into CoprHD.
  • Import all projects which are present in OpenStack into CoprHD.
  • Tags Tenants/Projects with appropriate Tenant/Project IDs to create a logical mapping.

Manual

  1. Log in to OpenStack Horizon console and make a note of all tenants (name and id) which need to be mapped or created in CoprHD.


  2. Log in to CoprHD and go to the Tenants tab.
  3. Create Tenants and Projects for each of the tenants noted in step 1.
    • Go to Tenants → Add → Select Keystone Authentication Provided → Add User Mapping Rule →  Add Attribute. Enter "tenant_id" as key and value as the id noted in step 1
    • Go to Projects → Select the Tenant Created→ Add. Provide the same name as the tenant name → Save
    • Using ViPR CLI, tag the project with the tenant_id, for example, #viprcli project tag add <tenant_id> name <project_name> -tn <tenant_name>

 

 

  • No labels