Chapter 2. Cloud Providers

A cloud provider is a service that manages cloud resources. The Providers page displays all discovered or added cloud providers.

2.1. Adding OpenStack Providers

CloudForms Management Engine supports operating with the OpenStack admin tenant. When creating an OpenStack provider in CloudForms Management Engine, select the OpenStack provider’s admin user because it is the default administrator of the OpenStack admin tenant. When using the admin credentials, a user in CloudForms Management Engine provisions into the admin tenant, and sees images, networks, and instances that are associated with the admin tenant.

  1. Navigate to CloudsProviders.
  2. Click 1847 (Configuration), then click 1848 (Add a New Cloud Provider).
  3. Enter a Name for the provider.
  4. From the Type drop down menu select OpenStack.

  5. Enter the Host Name (or IPv4 or IPv6 address) of the provider.

    Important

    The Host Name must use a unique fully qualified domain name.

  6. Enter the API Port of your Keystone service. The default port is 5000.

    Important

    If the Keystone service is configured to use SSL, you must enter the SSL port for Keystone.

  7. Select the appropriate API Version from the list. The default is Keystone v2.
  8. Select the appropriate Zone for the provider. By default, the zone is set to default.

  9. In the Credentials area, under Default, provide the login credentials required for the Keystone user:

    Important

    To enable discovery of OpenStack cloud providers, ensure that the iptables for the OpenStack host providing Keystone services allows port 5000 access to all hosts on the same network.

    • Enter the user name in the Username field.
    • Enter the user password in the Password field.
    • Confirm the user password in the Confirm Password field.
    • Click Validate to confirm CloudForms Management Engine can connect to the OpenStack Infrastructure instance.

  10. If AMQP credentials were changed during the OpenStack provider install, use the AMQP tab of the Credentials area to provide the login credentials required for the Advanced Message Queuing Protocol messaging service on your OpenStack Nova component:

    • Enter the administrative user name in the Username field.
    • Enter the user password in the Password field.
    • Confirm the user password in the Confirm Password field.
    • Click Validate to confirm CloudForms Management Engine can connect to the messaging service.
  11. Click Add.
Note

In order to collect inventory and metrics from an OpenStack environment, the CloudForms Management Engine Appliance requires that the adminURL endpoint for the OpenStack environment should be on a non-private network. Hence, the OpenStack adminURL endpoint should be assigned an IP address other than 192.168.x.x. Additionally, all the Keystone endpoints must be accessible, otherwise refresh will fail.

2.1.1. Configuring Red Hat CloudForms to Receive Events

To allow Red Hat CloudForms to receive events from a Red Hat OpenStack Platform environment, you must configure the notification_driver option for the Compute service and Orchestration service in that environment.

  1. Edit /etc/heat/heat.conf, and specify the following options: 

    notification_driver=glance.openstack.common.notifier.rpc_notifier
notification_topics=notifications

  2. Edit /etc/nova/nova.conf, and specify the following options: 

    notification_driver=messaging
notification_topics=notifications

  3. Restart the Compute service and Orchestration services: 

    # systemctl restart openstack-heat-api.service \
  openstack-heat-api-cfn.service \
  openstack-heat-engine.service \
  openstack-heat-api-cloudwatch.service
# systemctl restart openstack-nova-compute.service

2.1.2. Configuring the Telemetry Service to Store Events

By default, the Telemetry service does not store events emitted by other services in a Red Hat OpenStack Platform environment. The following procedure outlines how to enable the Telemetry service to store such events so that they are exposed to Red Hat CloudForms when a Red Hat OpenStack Platform environment is added as an infrastructure provider.

  1. On the director node, edit undercloud.conf, and set store_events to true.

  2. Create an environment file called ceilometer.yaml, and add the following contents: 

    parameter_defaults:
  CeilometerStoreEvents: true

  3. Add the environment file to the overcloud deploy command: 

    # openstack overcloud deploy --templates -e ~/ceilometer.yaml

2.2. Adding Azure Providers

CloudForms Management Engine now supports Microsoft Azure providers.

Important

Before Red Hat CloudForms can be authenticated to Microsoft Azure, a series of prerequisite steps must be followed on the Azure portal; see Create Active Directory application and service principal account using the Azure portal. The link describes how to configure the Azure Active Directory (AAD), create the application your organization is developing, and also how to obtain the Tenant ID, Client ID and Client Key to add the application that will allow you to connect the Azure instance as a provider to CloudForms. In the above link, it is important to note that during Assign Application to Role, in step 3, select the Contributor role and not the Reader role. Also, note that all of these steps currently can be performed using either the Azure Resource Manager or Service Manager (Classic) mode.

After a service principal account (instance of an application in a directory) has been created using the Azure portal, the following three pieces of information will be available within the Azure Active Directory (AAD) module:

  • Tenant ID
  • Client ID
  • Client Key

You can now use the following procedure to implement the above items in CloudForms for adding an Azure cloud provider.

To Add an Azure Cloud Provider:

Note

When adding an Azure cloud provider, select a region from a list of possible regions; one provider will be created for the selected region. You can discover a set of Azure providers across all regions.

  1. Navigate to CloudsProviders.
  2. Click 1847 (Configuration), then click 1848 (Add a New Cloud Provider).
  3. Enter a Name for the provider.
  4. From the Type list, select Azure.
  5. Select a region from the Region list.
  6. Enter Tenant ID.
  7. Enter Zone.
  8. In the Credentials section, enter the Client ID and Client Key; click Validate.
  9. Click Add.

2.3. Discovering Azure Providers

CloudForms Management Engine provides the ability to discover a set of Microsoft Azure providers across all regions.

  1. Navigate to CloudsProviders.
  2. Click Configuration (Configuration), then click Discover Cloud Providers (Discover Cloud Providers).
  3. Select Azure from the Discover Type list.
  4. In the Credentials section, enter the Client ID, Client Key, and Azure Tenant ID.
  5. Click Start.

2.4. Adding Amazon EC2 Providers

After initial installation and creation of a CloudForms Management Engine environment, add an Amazon EC2 cloud provider by following this procedure:

  1. Navigate to CloudsProviders.
  2. Click 1847 (Configuration), then click 1848 (Add a New Cloud Provider).
  3. Enter a Name for the provider.
  4. From the Type list select Amazon EC2.
  5. Select an Amazon Region.
  6. Select the appropriate Zone if you have more than one available.
  7. Generate an Access Key in the Security Credentials of your Amazon AWS account. The Access Key ID acts as your User ID, and your Secret Access Key acts as your Password.
  8. Click Validate to validate the credentials.
  9. Click Add.

2.5. Discovering Amazon EC2 Cloud Providers

CloudForms Management Engine provides the ability to discover cloud providers associated with a particular set of Amazon EC2 account details.

  1. Navigate to CloudsProviders.
  2. Click Configuration (Configuration), then click Discover Cloud Providers (Discover Cloud Providers).
  3. Select Amazon EC2 from the Discover Type list.
  4. Enter your Amazon EC2 User ID and Password. Reenter your password in the Verify Password field.
  5. Click Start.

2.6. Enabling AWS Config Notifications

Amazon’s AWS Config notifies subscribers of changes in a region through its Simple Notification Service (SNS). Red Hat CloudForms subscribes to the SNS service for AWS Config deltas and converts the deltas into Red Hat CloudForms events.

  1. Enable the AWS Config service in the AWS Management Console. See the AWS Config Developer Guide for more information.
  2. Create a new Amazon SNS topic named AWSConfig_topic. CloudForms automatically connects to this topic.
  3. (Optional) Configure the frequency of delta creation in the AWS Management Console.

You can assign Red Hat CloudForms policies to the AWS events listed below. The appliance performs a provider refresh on all these events except for AWS_EC2_Instance_UPDATE. See the Defining Policies and Profiles guide, for more information on working with CloudForms policies.

EventPoliciesRefresh

AWS_EC2_Instance_CREATE

src_vm

vm_create

ems

AWS_EC2_Instance_UPDATE

N/A

ems

AWS_EC2_Instance_running

src_vm

vm_start

ems

AWS_EC2_Instance_stopped

src_vm

vm_power_off

ems

AWS_EC2_Instance_shutting-down

src_vm

vm_power_off

ems

2.7. Refreshing Cloud Providers

Refresh a cloud provider to find other resources related to it. Ensure the chosen cloud providers have the correct credentials before refreshing.

  1. Navigate to CloudsProviders.
  2. Select the checkboxes for the cloud providers to refresh.
  3. Click Configuration (Configuration), and then Refresh Relationships and Power States (Refresh Relationships and Power States).
  4. Click OK.

2.8. Tagging Cloud Providers

Apply tags to all cloud providers to categorize them together at the same time. Before assigning tags, create them using instructions in the General Configuration guide.

  1. Navigate to CloudsProviders.
  2. Select the checkboxes for the Cloud Providers to tag.
  3. Click Policy (Policy), and then Edit Tags (Edit Tags).

  4. Select a customer tag to assign from the first list.

    2219
  5. Select a value to assign from the second list.
  6. Click Save.

2.9. Removing Cloud Providers

A cloud provider might require removal from the VMDB if it is no longer in use.

  1. Navigate to CloudsProviders.
  2. Check the cloud providers to remove.
  3. Click Configuration (Configuration), and then Remove Cloud Providers from the VMDB (Remove Cloud Providers from the VMDB).
  4. Click OK.

2.10. Editing a Cloud Provider

Edit information about a provider such as the name, IP address, and login credentials.

Note

The Type value is unchangeable.

To use a different cloud provider, create a new one.

  1. Navigate to CloudsProviders.
  2. Click the cloud provider to edit.
  3. Click Configuration (Configuration), and then Edit Selected Cloud Provider (Edit Selected Cloud Provider).
  4. Edit the Basic Information. This varies depending on the Type of provider.

  5. Fill out the Credentials by typing in a Username, Password, and a verification of this password (Confirm Password).

    • If selecting Amazon EC2, generate an Access Key in the Security Credentials of your Amazon AWS account. The Access Key ID acts as your User ID, and your Secret Access Key acts as your Password.
    • If selecting OpenStack, use the Keystone User ID and Password for your login credentials.
  6. If editing an OpenStack provider, use the AMQP subtab to provide credentials required for the Advanced Message Queuing Protocol service on your OpenStack Nova component.
  7. Click Validate and wait for notification of successful validation.
  8. Click Save.

2.11. Viewing a Cloud Provider’s Timeline

View the timeline of events for instances registered to a cloud provider.

  1. Navigate to CloudsProviders.
  2. Click the desired cloud provider for viewing the timeline.
  3. Click Monitoring (Monitoring), and then Timelines (Timelines).

  4. From Options, customize the period of time to display and the types of events to see.

    • Use Show to select regular Management Events or Policy Events.
    • Use the Type list to select hourly or daily data points.
    • Use Date to type the date for the timeline to display.
    • If you select to view a daily timeline, use Show to set how many days back to go. The maximum history is 31 days.
    • The three Event Groups list allow you to select different groups of events to display. Each has its own color.
    • From the Level list, select a Summary event, or a Detail list of events.