Red Hat Training

A Red Hat training course is available for Red Hat OpenStack Platform

13.3. Configure the Telemetry Alarming Service

You must configure the Telemetry Alarming service before you start the individual daemons.

13.3.1. Configure the Telemetry Alarming Service Database Connection

The database connection URL used by the Telemetry Alarming service is defined in the /etc/aodh/aodh.conf file. Set the URL by running the following command:
# openstack-config --set /etc/aodh/aodh.conf \
database connection mysql+pymysql://aodh:AODH_PASSWORD@IP/aodh
Replace AODH_PASSWORD with your Telemetry Alarming service password and IP with the IP address or host name of the server hosting the database service.

13.3.2. Create the Telemetry Alarming Service Identity Records

Create and configure Identity service records required by the Telemetry Alarming service. These entries assist other OpenStack services attempting to locate and access the functionality provided by the Telemetry Alarming service.

Procedure 13.2. Creating Identity Records for the Telemetry Alarming Service

  1. Set up the shell to access the Identity service as the administrative user:
    # source ~/keystonerc_admin
  2. Create the aodh user:
    [(keystone_admin)]# openstack user create --password AODH_PASSWORD aodh
    +----------+----------------------------------+
    | Field    | Value                            |
    +----------+----------------------------------+
    | email    | None                             |
    | enabled  | True                             |
    | id       | f55915b5ca2d451d8b4109251976a4bc |
    | name     | aodh                             |
    | username | aodh                             |
    +----------+----------------------------------+
    Replace AODH_PASSWORD with your Telemetry Alarming service password.
  3. Add the aodh user to the services project, as a member of the admin role:
    [(keystone_admin)]# openstack role add --project services --user aodh admin
    +-----------+----------------------------------+
    | Field     | Value                            |
    +-----------+----------------------------------+
    | domain_id | None                             |
    | id        | 63aa6177a61b44aca25dd88a917353bc |
    | name      | admin                            |
    +-----------+----------------------------------+
  4. Create the aodh service entity:
    [(keystone_admin)]# openstack service create --name aodh \
    --description "Telemetry Alarming Service" \
    alarming
    +-------------+----------------------------------+
    | Field       | Value                            |
    +-------------+----------------------------------+
    | description | Telemetry Alarming Service       |
    | enabled     | True                             |
    | id          | 67bb52266ae84c1f88877bbb4bf5d587 |
    | name        | aodh                             |
    | type        | alarming                         |
    +-------------+----------------------------------+
  5. Create the Telemetry Alarming service endpoint:
    [(keystone_admin)]# openstack endpoint create \
    --publicurl "http://IP:8042" \
    --adminurl "http://IP:8042" \
    --internalurl "http://IP:8042" \
    --region RegionOne \
    alarming
    +--------------+----------------------------------+
    | Field        | Value                            |
    +--------------+----------------------------------+
    | adminurl     | http://IP:8042                   |
    | id           | ac2735777336400baa38e2d408d26392 |
    | internalurl  | http://IP:8042                   |
    | publicurl    | http://IP:8042                   |
    | region       | RegionOne                        |
    | service_id   | 67bb52266ae84c1f88877bbb4bf5d587 |
    | service_name | aodh                             |
    | service_type | alarming                         |
    +--------------+----------------------------------+
    Replace IP with the IP address or host name of the Telemetry Alarming server.

13.3.3. Configure the Firewall to Allow Telemetry Alarming Service Traffic

The Telemetry Alarming service receives connections on port 8042. The firewall on the service node must be configured to allow network traffic on this port. All steps in this procedure must be performed on the server hosting the Telemetry Alarming service, while logged in as the root user.

Procedure 13.3. Configuring the Firewall to Allow Telemetry Alarming Service Traffic

  1. Open the /etc/sysconfig/iptables file in a text editor.
  2. Add an INPUT rule allowing TCP traffic on port 8042. The new rule must appear before any INPUT rules that REJECT traffic:
    -A INPUT -p tcp -m multiport --dports 8042 -j ACCEPT
  3. Save the changes to the /etc/sysconfig/iptables file.
  4. Restart the iptables service to ensure that the change takes effect:
    # systemctl restart iptables.service

13.3.4. Configure Telemetry Alarming Service Authentication

Configure the Telemetry Alarming service to use the Identity service for authentication. All steps in this procedure must be performed on each server hosting Telemetry Alarming services, while logged in as the root user.

Procedure 13.4. Configuring the Telemetry Alarming Service to Authenticate Through the Identity Service

  1. Configure service credentials:
    # openstack-config --set /etc/aodh/aodh.conf \
    service_credentials auth_type password
    # openstack-config --set /etc/aodh/aodh.conf \
    service_credentials auth_url = http://CONTROLLER:5000/v3
    # openstack-config --set /etc/aodh/aodh.conf \
    service_credentials interface internalURL
    # openstack-config --set /etc/aodh/aodh.conf \
    service_credentials password AODH_PASSWORD
    # openstack-config --set /etc/aodh/aodh.conf \
    service_credentials project_domain_name default
    # openstack-config --set /etc/aodh/aodh.conf \
    service_credentials project_name service
    # openstack-config --set /etc/aodh/aodh.conf \
    service_credentials region_name RegionOne
    # openstack-config --set /etc/aodh/aodh.conf \
    service_credentials user_domain_name default
    # openstack-config --set /etc/aodh/aodh.conf \
    service_credentials username aodh
    Replace CONTROLLER with the host name or IP address of your Identity server and AODH_PASSWORD with your Telemetry Alarming service password.
  2. Configure access to the Identity service:
    # openstack-config --set /etc/aodh/aodh.conf \
    DEFAULT auth_strategy keystone
    # openstack-config --set /etc/aodh/aodh.conf \
    keystone_authtoken auth_type password
    # openstack-config --set /etc/aodh/aodh.conf \
    keystone_authtoken auth_uri http://CONTROLLER:5000
    # openstack-config --set /etc/aodh/aodh.conf \
    keystone_authtoken auth_url http://CONTROLLER:35357
    # openstack-config --set /etc/aodh/aodh.conf \
    keystone_authtoken memcached_servers CONTROLLER:11211
    # openstack-config --set /etc/aodh/aodh.conf \
    keystone_authtoken password AODH_PASSWORD
    # openstack-config --set /etc/aodh/aodh.conf \
    keystone_authtoken project_domain_name default
    # openstack-config --set /etc/aodh/aodh.conf \
    keystone_authtoken project_name service
    # openstack-config --set /etc/aodh/aodh.conf \
    keystone_authtoken user_domain_name default
    # openstack-config --set /etc/aodh/aodh.conf \
    keystone_authtoken username aodh
    Again, replace CONTROLLER with the host name or IP address of your Identity server and AODH_PASSWORD with your Telemetry Alarming service password.

13.3.5. Configure RabbitMQ Message Broker Settings for the Telemetry Alarming Service

Configure access to the RabbitMQ message queue:
# openstack-config --set /etc/aodh/aodh.conf \
DEFAULT rpc_backend rabbit
# openstack-config --set /etc/aodh/aodh.conf \
oslo_messaging_rabbit rabbit_host CONTROLLER
# openstack-config --set /etc/aodh/aodh.conf \
oslo_messaging_rabbit rabbit_userid USER
# openstack-config --set /etc/aodh/aodh.conf \
oslo_messaging_rabbit rabbit_password RABBITMQ_PASSWORD
Replace CONTROLLER with the host name or IP address of your RabbitMQ broker, USER with your RabbitMQ user ID, and RABBITMQ_PASSWORD with your RabbitMQ password.