Chapter 4. Setting up an authentication method for RHOSP
The high availability fence agents and resource agents support three authentication methods for communicating with RHOSP:
Authentication with a
- Authentication with an OpenRC environment script
Authentication with a
usernameand password through Pacemaker
After determining the authentication method to use for the cluster, specify the appropriate authentication parameters when creating a fencing or cluster resource.
4.1. Authenticating with RHOSP by using a
The procedures in this document that use a a
clouds.yaml file for authentication use the
clouds.yaml file shown in this procedure. Those procedures specify
ha-example for the
cloud= parameter, as defined in this file.
On each node that will be part of your cluster, create a
clouds.yamlfile, as in the following example. For information about creating a
clouds.yamlfile, see Users and Identity Management Guide.
$ cat .config/openstack/clouds.yaml clouds: ha-example: auth: auth_url: https://<ip_address>:13000/ project_name: rainbow username: unicorns password: <password> user_domain_name: Default project_domain_name: Default <. . . additional options . . .> region_name: regionOne verify: False
Test whether authentication is successful and you have access to the RHOSP API with the following basic RHOSP command, substituting the name of the cloud you specified in the
clouds.yamlfile you created for
ha-example. If this command does not display a server list, contact your RHOSP administrator.
$ openstack --os-cloud=ha-example server list
- Specify the cloud parameter when creating a cluster resource or a fencing resource.
4.2. Authenticating with RHOSP by using an OpenRC environment script
To use an OpenRC environment script to authenticate with RHOSP, perform the following steps.
- On each node that will be part of your cluster, configure an OpenRC environment script. For information about creating an OpenRC environment script, see Set environment variables using the OpenStack RC file.
Test whether authentication is successful and you have access to the RHOSP API with the following basic RHOSP command. If this command does not display a server list, contact your RHOSP administrator.
$ openstack server list
openrcparameter when creating a cluster resource or a fencing resource.
4.3. Authenticating with RHOSP by means of a
username and password
To authenticate with RHOSP by means of a
username and password, specify the
auth_url parameters for a cluster resource or a fencing resource when you create the resource. Additional authentication parameters may be required, depending on the RHOSP configuration. The RHOSP administrator provides the authentication parameters to use.