Red Hat OpenStack Certification Workflow Guide

Red Hat Software Certification 2024

For Use with Red Hat OpenStack 17

Red Hat Customer Content Services

Abstract

This document provides an overview of the certification workflow for Software Certification partners who want to offer their own applications, management applications or plug-in(driver) software for use with Red Hat OpenStack Platform in a jointly supported customer environment.
Version 9.0 and 8.80 updated May 28, 2024.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code and documentation. We are beginning with these four terms: master, slave, blacklist, and whitelist. Due to the enormity of this endeavor, these changes will be gradually implemented over upcoming releases. For more details on making our language more inclusive, see our CTO Chris Wright’s message.

Chapter 1. Introduction to Red Hat OpenStack certification program

Use this guide to certify your hardware, software, and applications relying on OpenStack services or APIs.

1.1. The Red Hat certification program overview

The Red Hat certification program ensures the compatibility of your hardware, software, and cloud products on the OpenStack Platform. The program has three main elements:

  • Test suite: Comprises tests for hardware or software applications undergoing certification.
  • Red Hat Certification Ecosystem: Helps to explore and find certified products including hardware, software, cloud, and service providers.
  • Support: A joint support relationship between you and Red Hat.

This table summarizes the basic differences between a product listing and components:

Product listingComponent (Project)

Includes detailed information about your product.

The individual containers, operators, helm charts, and infrastructure services that you test, certify, and then add to the product listing.

Products are composed of one or more components.

Components are added to a product listing.

You add components to a product for proceeding with certification.

A component can be used in multiple products by adding it to each product listing.

A product can not be published without certified components.

Certified components are published as part of a product listing.

1.2. Certification workflow

Follow these high-level steps to certify your hardware, software, and cloud products:

Note

Red Hat recommends that you are a Red Hat Certified Engineer or hold equivalent experience before starting the certification process.

Task Summary

The certification workflow includes three primary stages -

1.2.1. Certification onboarding

Perform the steps outlined for certification onboarding:

  1. Join the Red Hat Connect for Technology Partner Program.
  2. Agree to the program terms and conditions.
  3. Create your product listing by selecting your desired product category. You can select from the available product categories:

    1. Containerized Application
    2. Standalone Application
    3. OpenStack Infrastructure
  4. Complete your company profile.
  5. Add components to the product listing.
  6. Certify components for your product listing.

1.2.2. Certification testing

Follow these high-level steps to run a certification test:

  • Log in to the Red Hat Certification portal.
  • Download the test plan.
  • Configure the system under test (SUT) for running the tests.
  • Download the test plan to our SUT.
  • Run the certification tests on your system.
  • Review and upload the test results to the certification portal.

1.2.3. Publishing the certified application

When you complete all the certification checks successfully, you can submit the test results to Red Hat. Upon successful validation, you can publish your product on the Red Hat Ecosystem Catalog.

Additional resources

1.3. Getting support and giving feedback

For any questions related to the Red Hat certification toolset, certification process, or procedure described in this documentation, refer to the KB Articles, Red Hat Customer Portal, and Red Hat Partner Connect.

You can also open a support case to get support or submit feedback.

To open a support case see, How do I open and manage a support case on the Customer Portal?

Questions During Certification

If you have any questions or responses about a specific certification, record them in the Comments section of the Dialog Tab of the certification entry.

Warning

Issues that can block a certification and might require resolution must be resolved through your Engineering Partner Manager or other engineering engagements.

Chapter 2. Onboarding certification partners

Use the Red Hat Customer Portal to create a new account if you are a new partner, or use your existing Red Hat account if you are a current partner to onboard with Red Hat for certifying your products.

2.1. Onboarding existing certification partners

As an existing partner you could be:

  • A member of the one-to-many EPM program who has some degree of representation on the EPM team, but does not have any assistance with OpenStack certification.

    OR

  • A member fully managed by the EPM team in the traditional manner with a dedicated EPM team member who is assigned to manage the partner, including questions about OpenStack certification requests.

Prerequisites

You have an existing Red Hat account.

Procedure

  1. Access Red Hat Customer Portal and click Log in.
  2. Enter your Red Hat login or email address and click Next.

    Then, use either of the following options:

    1. Log in with company single sign-on
    2. Log in with Red Hat account
  3. From the menu bar on the header, click your avatar to view the account details.

    1. If an account number is associated with your account, then contact the certification team to proceed with the certification process.
    2. If an account number is not associated with your account, then first contact the Red Hat global customer service team to raise a request for creating a new account number.

      After you get an account number, contact the certification team to proceed with the certification process.

2.2. Onboarding new certification partners

Creating a new Red Hat account is the first step in onboarding new certification partners.

  1. Access Red Hat Customer Portal and click Register.
  2. Enter the following details to create a new Red Hat account:

    1. Select Corporate in the Account Type field.

      If you have created a Corporate type account and require an account number, contact the Red Hat global customer service team.

Note

Ensure that you create a company account and not a personal account. The account created during this step is also used to sign in to the Red Hat Ecosystem Catalog when working with certification requests.

  1. Choose a Red Hat login and password.
Important

If your login ID is associated with multiple accounts, then do not use your contact email as the login ID as this can cause issues during login. Also, you cannot change your login ID once created.

  1. Enter your Personal information and Company information.
  2. Click Create My Account.

    A new Red Hat account is created.

  1. Contact your Ecosystem Partner Management (EPM) representative, if available. Else contact the certification team to proceed with the certification process.

2.3. Exploring the Partner landing page

After logging in to Red Hat Partner Connect, the partner landing page opens. This page serves as a centralized hub, offering access to various partner services and capabilities that enable you to start working on opportunities.

The Partner landing page offers the following services:

  • Certified technology portal
  • Deal registrations
  • Red Hat Partner Training Portal
  • Access to our library of marketing, sales & technical content
  • Help and support
  • Email preference center
  • Partner subscriptions
  • User account

As part of the Red Hat partnership, partners receive access to various Red Hat systems and services that enable them to create shared value with Red Hat for our joint customers.

Select the Certified technology portal tile to begin your product certification journey. The personalized Certified Technology partner dashboard opens.

Chapter 3. Create a product

The product listing provides marketing and technical information, showcasing your product’s features and advantages to potential customers. It lays the foundation for adding all necessary components to your product for certification.

Prerequisites

Verify the functionality of your product on the target Red Hat platform, in addition to the specific certification testing requirements. If running your product on the targeted Red Hat platform results in a substandard experience then you must resolve the issues before certification.

Procedure

Red Hat recommends completing all optional fields in the listing tabs for a comprehensive product listing. More information helps mutual customers make informed choices.

Red Hat encourages collaboration with your product manager, marketing representative, or other product experts when entering information for your product listing.

Fields marked with an asterisk (*) are mandatory.

Procedure

  1. Log in to the Red Hat Partner Connect Portal.
  2. Go to the Certified technology portal tab and click Visit the portal.
  3. On the header bar, click Product management.
  4. From the Listing and certification tab click Manage products.
  5. From the My Products page, click Create Product.

    A Create New Product dialog opens.

  6. Enter the Product name.
  7. From the What kind of product would you like to certify? drop-down, select the required product category and click Create product. For example, select OpenStack Infrastructure for creating an OpenStack platform based product listing.

    A new page with your Product name opens. It comprises the following tabs:

  8. After providing the product listing details, click Save before moving to the next section.

3.1. Overview

This tab consists of a series of tasks that you must complete to publish your product:

3.1.1. Complete product listing details

  1. To complete your product listing details, click Start.

    The Product Information tab opens.

  2. Enter all the essential product details and click Save.

3.1.2. Complete company profile information

  1. To complete your company profile information, click Start. After entering all the details, click Submit.
  2. To modify the existing details, click Review. The Account Details page opens.
  3. Review and modify the Company profile information and click Submit.

3.1.3. Add at least one product component

  1. Click Start. You are redirected to the Components tab.

    To add a new or existing product component, click Add component.

  2. For adding a new component,

    1. In the Component Name text box, enter the component name.
    2. For What kind of standalone component are you creating? select OpenStack Infrastructure for certifying a plugin or driver that uses your own container images on Red Hat OpenStack Platform.
    3. Click Next.
    4. Are your product’s containers already a part of the Red Hat OpenStack Platform distribution? Your product must use container images provided by Red Hat as part of the RHOSP native distribution.

      1. If you have not customized the container images, select Yes. Your container images are already certified, and you need to certify your product only.
      2. If you have customized the container images with, for example, additional software, select No. You will need to certify your container images as well as your product.
    5. From the Services drop-down menu, select the function of your product:

      1. Neutron (Networking)
      2. Cinder (Block Storage)
      3. Manila (File Storage)
    6. Click Add Component.
    7. For the Red Hat OpenStack Version, version 17 is enabled by default.
  3. For adding an existing component, from the Add Component dialog, select Existing Component.

    1. From the Available components list, search and select the components that you wish to certify and click the forward arrow. The selected components are added to the Chosen components list.
    2. Click Attach existing component.

3.1.4. Certify components for your listing

  1. To certify the components for your listing, click Start. If you have existing product components, you can view the list of Attached Components and their details:

    1. Name
    2. Certification
    3. Security
    4. Type
    5. Created
    6. Click more options to archive or remove the components
  2. Select the components for certification.

After completing all the above tasks you will see a green tick mark corresponding to all the options.

The Overview tab also provides the following information:

  1. Product contacts - Provides Product marketing and Technical contact information.

    1. Click Add contacts to product to provide the contact information
    2. Click Edit to update the information.
  2. Components in product - Provides the list of the components attached to the product along with their last updated information.

    1. Click Add components to product to add new or existing components to your product.
    2. Click Edit components to update the existing component information.

After publishing the product listing, you can view your Product Readiness Score and Ways to raise your score on the Overview tab.

3.2. Product Information

Through this tab you can provide all the essential information about your product. The product details are published along with your product on the Red Hat Ecosystem catalog.

General tab:

Provide basic details of the product, including product name and description.

  1. Enter the Product Name.
  2. Optional: Upload the Product Logo according to the defined guidelines.
  3. Enter a Brief description and a Long description.
  4. Click Save.

Features & Benefits tab:

Provide important features of your product.

  1. Optional: Enter the Title and Description.
  2. Optional: To add additional features for your product, click + Add new feature.
  3. Click Save.

Quick start & Config tab:

Add links to any quick start guide or configuration document to help customers deploy and start using your product.

  1. Optional: Enter Quick start & configuration instructions.
  2. Click Save.
  3. Select Hide default instructions check box, if you don’t want to display them.

Linked resources tab:

Add links to supporting documentation to help our customers use your product. The information is mapped to and is displayed in the Documentation section on the product’s catalog page.

Note

It is mandatory to add a minimum of three resources. Red Hat encourages you to add more resources, if available.

  1. Select the Type drop-down menu, and enter the Title and Description of the resource.
  2. Enter the Resource URL.
  3. Optional: To add additional resources for your product, click + Add new Resource.
  4. Click Save.

FAQs tab:

Add frequently asked questions and answers of the product’s purpose, operation, installation, or other attribute details. You can include common customer queries about your product and services.

  1. Enter Question and Answer.
  2. Optional: To add additional FAQs for your product, click + Add new FAQ.
  3. Click Save.

Support tab:

This tab lets you provide contact information of your Support team.

  1. Enter the Support description, Support web site, Support phone number, and Support email address.
  2. Click Save.

Contacts tab:

Provide contact information of your marketing and technical team.

  1. Enter the Marketing contact email address and Technical contact email address.
  2. Optional: To add additional contacts, click + Add another.
  3. Click Save.

Legal tab:

Provide the product related license and policy information.

  1. Enter the License Agreement URL for the product and Privacy Policy URL.
  2. Click Save.

SEO tab:

Use this tab to improve the discoverability of your product for our mutual customers, enhancing visibility both within the Red Hat Ecosystem Catalog search and on internet search engines. Providing a higher number of search aliases (key and value pairs) will increase the discoverability of your product.

  1. Select the Product Category.
  2. Enter the Key and Value to set up Search aliases.
  3. Click Save.
  4. Optional: To add additional key-value pair, click + Add new key-value pair.
Note

Add at least one Search alias for your product. Red Hat encourages you to add more aliases, if available.

3.3. Components

Use this tab to add components to your product listing. Through this tab you can also view a list of attached components linked to your Product Listing.

Alternatively, to attach a component to the Product Listing, you can complete the Add at least one product component option available on the Overview tab of a product listing.

  1. To add a new or existing product component, click Add component.
  2. For adding a new component, in the Component Name text box, enter the component name.

    1. For What kind of standalone component are you creating? select OpenStack Infrastructure for certifying a plugin or driver that uses your own container images on Red Hat OpenStack Platform.
    2. Click Next.
    3. Are your product’s containers already a part of the Red Hat OpenStack Platform distribution? Your product must use container images provided by Red Hat as part of the RHOSP native distribution.

      1. If you have not customized the container images, select Yes. Your container images are already certified, and you need to certify your product only.
      2. If you have customized the container images with, for example, additional software, select No. You will need to certify your container images as well as your product.
    4. From the Services drop-down menu, select the function of your product:

      1. Neutron (Networking)
      2. Cinder (Block Storage)
      3. Manila (File Storage)

        1. Click Add Component.
    5. For the Red Hat OpenStack Version, version 17 is enabled by default.
  3. For adding an existing component, from the Add Component dialog, select Existing Component.

    1. From the Available components list, search and select the components that you wish to certify and click the forward arrow. The selected components are added to the Chosen components list.
    2. Click Attach existing component.
Note

You can add the same component to multiple products listings. All attached components must be published before the product listing can be published.

After attaching components, you can view the list of Attached Components and their details:

  1. Name
  2. Certification
  3. Security
  4. Type
  5. Created
  6. Click more options to archive or remove the attached components

Alternatively, to search for specific components, type the component’s name in the Search by component Name text box.

3.4. Support

The Red Hat Partner Acceleration Desk (PAD) is a Products and Technologies level partner help desk service that allows the current and prospective partners a central location to ask non-technical questions pertaining to Red Hat offerings, partner programs, product certification, engagement process, and so on.

You can also contact the Red Hat Partner Acceleration Desk for any technical questions you may have regarding the Certification. Technical help requests will be redirected to the Certification Operations team.

Through the Partner Subscriptions program, Red Hat offers free, not-for-resale software subscriptions that you can use to validate your product on the target Red Hat platform. To request access to the program, follow the instructions on the Partner Subscriptions site.

  1. To request support, click Open a support case. See PAD - How to open & manage PAD cases, to open a PAD ticket.
  2. To view the list of existing support cases, click View support cases.

3.5. Removing a product

After creating a product listing if you wish to remove it, go to the Overview tab and click Delete.

A published product must first be unpublished before it can be deleted. Red Hat retains information related to deleted products even after you delete the product.

Chapter 4. Adding certification components

4.1. For OpenStack Infrastructure Containerized applications

After creating the new product listing, add the certification components for the newly created product listing.

You can configure the following options for the newly added components:

Note

The component configurations differ for different product categories.

To configure the options, go to the Components tab and click on any of the existing components.

4.1.1. Images

The Images tab provides the test results for the container images that you submit by using the preflight tool. You have to configure preflight and push your container images to view the test results.

When your testing is complete you can see two categories of images:

  • Manifest Digests - denotes container images that are available for multiple architectures.
  • Standalone Container Images - denotes container images that are available only for a single architecture.

This page provides the following details of your container images:

  • Specific image ID or the SHA ID
  • Image Tag(s)
  • Certification - Certified or Not certified, pass or fail status based on the checks performed. Click on it for more details.
  • Architecture - specific architecture of your image, if applicable.
  • Security - check for any vulnerabilities, if any.
  • Health Index - Container Health Index is a measure of the oldest and most severe security updates available for a container image. 'A' is more up-to-date than 'F'. See Container Health Index grades as used inside the Red Hat Container Catalog for more details.
  • Created - the day on which you submitted the certification.
  • Click the Actions menu to perform the following tasks:

    • Delete Image - click this option to delete your container image when your image is unpublished.
    • Sync Tags - when you have altered your image tag, use this option to synchronize the container image information available on both Red Hat Partner Connect and Red Hat Container catalog.
    • View in Catalog - When your container image is published, click this option to view the published container image on the Red Hat Ecosystem Container catalog.
  • Click Publish, to publish your certified container images.

4.1.2. Certification

The Certification tab provides detailed information about the Export control questionnaire and all the certification tests performed for the attached container images.

  • Export Control Questionnaire

    The Export control questionnaire contains a series of questions through which the Red Hat legal team evaluates the export compliance by third-party vendors. Partner’s legal representative must review and answer the questions. Red Hat takes approximately five business days to evaluate the responses and based on the responses Red Hat approves partner or declines partner or defers decision or requests more information.

    1. Click Start questionnaire, to enter all the legal information about your product.
    2. Click Review to modify the existing details.
Note

If you are using a version of Universal Base Image (UBI) to build your container image, you can host your image in a private repository. This allows you to skip the Export Compliance questionnaire. This form is required only if you are hosting your images on the Red Hat Container Catalog.

  • Validate the functionality of your product on this Red Hat OpenStack release

    Validate the functionality of your product on this Red Hat OpenStack release by using the Certification tab. You can perform the following functions:

    • Run the Red Hat Certification Tool locally.
    • Download the test plan.
    • Share the test results with the Red Hat certification team.
    • Interact with the certification team, if required.

      To validate the functionality of your product perform the following steps:

      • If you are a new partner, click Request a partner subscription. When your request is approved, you get active subscriptions added to your account.
      • When you have active partner subscriptions, then click Start certification and then click Go to Red Hat certification tool.

        A new certification case gets created on the Red Hat Certification portal, and you are redirected to the appropriate certification portal page.

        The certification team will contact you to start the certification testing process, and will follow up with you in case of a problem. After successful verification, a green check mark is displayed with the validate complete message.

        To review the validated product details, click Review.

  • Submit your container image for verification

    • Run the certification suite on your container image. See Running the certification test suite.
    • Upload the test results.

      You can later see the test results on the Images tab.

    • Publish the container image certification on the Red Hat catalog.
Note

This step certifies your container only. Use the Certifications tab to certify the functionality.

4.1.3. Security

The security tab provides the health status of the attached product components. Red Hat uses a Health Index to identify security risks with your components that Red Hat provides through the Red Hat Ecosystem Catalog.

The Health Index is a measure of the oldest and most severe security updates available for a container image. An image with a grade of 'A' is more up-to-date than one with a grade of 'F. For more information, see Container Health Index grades as used inside the Red Hat Container Catalog.

This tab provides the health index of your images which includes the following details:

  • Image ID
  • Health index

4.1.4. Repository information

You can configure the registry and repository details by using the Repository information tab.

Enter the required details in the following fields:

Field nameDescription

Container registry namespace

Registry name set when the container was created. This field becomes non-editable when the container gets published.

Outbound repository name

Repository name that you have selected or the name obtained from your private registry in which your image is hosted, for example, ubi-minimal.

Repository summary

Repository summary obtained from the container image.

Repository description

Repository description obtained from the container image.

Instructions for users to get your company’s image on the Red Hat Container catalog

Provide specific instructions that you want users to follow when they get your container image. This field is applicable only for container images.

After configuring all the mandatory fields click Save.

Note

All the fields marked with an asterisk * are required and must be completed before you can proceed with container certification.

4.1.5. Component details

Configure the product component details by using this tab.

Enter the required details in the following fields:

Field nameDescription

Image Type

Select the respective image type for your product component.

  • Standalone image - Select this type if you want your image to be deployed either by your product or by users.
  • Component image - Select this type if you want your image to be deployed by your product and not by users.

Application categories

Select the respective application type of your software product.

Host level access

Select between the two options:

  • Unprivileged - If your container is isolated from the host.

    or

  • Privileged - If your container requires special host-level privileges.
Note

If your product’s functionality requires root access, you must select the privileged option, before running the preflight tool. This setting is subject to Red Hat review.

Release Category

Select between the two options:

  • Generally Available - When you select this option, the application is generally available and supported.

    or

  • Beta - When you select this option, the application is available as a pre-release candidate.

Project name

Name of the project for internal purposes.

Auto-publish

When you enable this option, the container image gets automatically published on the Red Hat Container catalog, after passing all the certification tests.

Red Hat OpenStack platform

It denotes the version of the OpenStack platform on which you are certifying your containerized application.

Note

This field is non-editable and is applicable only for containerized applications on OpenStack platform.

4.1.6. Contact information for containerized applications

Note

Providing information for this tab is optional.

In the Contact Information tab, enter the primary technical contact details of your product component.

  1. Optional: In the Technical contact email address field, enter the email address of the image maintainer.
  2. Optional: To add additional contacts for your component, click + Add new contact.
  3. Click Save.

4.1.7. Associated products

The Associated Product tab provides the list of products that are associated with your product component along with the following information:

  • Product Name
  • Type
  • Visibility - Published or Not Published
  • Last Activity - number of days before you ran the test

To add products to your component, perform the following:

  • If you want to find a product by its name, enter the product name in the Search by name text box and click the search icon.
  • If you are not sure of the product name, click Find a product. From the Add product dialog, select the required product from the Available products list box and click the forward arrow. The selected product is added to the Chosen products list box. Click Update attached products. Added products are listed in the Associated product list.
Note

All the fields marked with an asterisk * are required and must be completed before you can proceed with the certification.

4.2. For OpenStack Infrastructure Non-containerized applications

After creating the new product listing, add the certification components for the newly created product listing. You can configure the following options for the newly added components:

Note

The component configurations differ for different product categories.

To configure the component options, go to the Components tab and click on any of the existing components.

4.2.1. Certification for non-containers

Validate the functionality of your product on this Red Hat OpenStack release

Validate the functionality of your product on this Red Hat OpenStack release by using the Certification tab. You can perform the following functions:

This feature allows you to perform the following functions:

  1. Run the Red Hat Certification Tool locally
  2. Download the test plan
  3. Share the test results with the Red Hat certification team
  4. Interact with the certification team, if required.

To validate the functionality of your product, perform the following steps:

  1. If you are a new partner, click Request a partner subscription. When your request is approved, you get active subscriptions added to your account.
  2. When you have active partner subscriptions, then click Start certification.
  3. Click Go to Red Hat certification tool.

A new certification case gets created on the Red Hat Certification portal, and you are redirected to the appropriate component portal page.

The certification team will contact you to start the certification testing process and will follow up with you in case of a problem. After successful verification, a green check mark is displayed with the validate complete message.

To review the validated product details, click Review.

4.2.2. Component Details

Enter the required project details in the following fields:

  1. Project name - Enter the project name. This name is not published and is only for internal use.
  2. Red Hat OpenStack Version - Specifies the Red Hat OpenStack version on which you certify your non-containerized application component.

4.2.3. Contact Information for non containers

Note

Providing information for this tab is optional.

In the Contact Information tab, enter the primary technical contact details of your product component.

  1. Optional: In the Technical contact email address field, enter the email address of the image maintainer.
  2. Optional: To add additional contacts for your component, click + Add new contact.
  3. Click Save.

4.2.4. Associated products for non containers

The Associated Product tab provides the list of products that are associated with your product component along with the following information:

  • Product Name
  • Type
  • Visibility - Published or Not Published
  • Last Activity - number of days before you ran the test

To add products to your component, perform the following:

  • If you want to find a product by its name, enter the product name in the Search by name text box and click the search icon.
  • If you are not sure of the product name, click Find a product. From the Add product dialog, select the required product from the Available products list box and click the forward arrow. The selected product is added to the Chosen products list box. Click Update attached products. Added products are listed in the Associated product list.
Note

All the fields marked with an asterisk * are required and must be completed before you can proceed with the certification.

Chapter 5. Setting up the test environment

The first step towards certifying your product is setting up the environment where you can run the tests.

The test environment consists of three systems:

  • Test host: A workstation, referred to as the test host, is used as a medium for accessing the Controller and Compute nodes. The tests are only initiated on this system but are run on the two nodes.
  • Controller: The tests designed for the specific plugin undergoing certification are run on the Controller node.
  • Compute: Remaining certification-related tests are run on the Compute node. In multi-host, information is provided to the Compute node for test execution.

5.1. Setting up the test host

The test host is used only to initiate a test run on the Controller and Compute node, display the progress of the tests, and present the final result file after gathering results from both nodes.

Prerequisites

  • You have installed RHEL 8 or 9 on the system.
  • You have enabled access to the Controller and Compute nodes from the test host.
  • You have installed Cockpit on the system.

Procedure

  1. Use your RHN credentials to register your system using Red Hat Subscription Management:

    # subscription-manager register
  2. Display the list of available subscriptions for your system:

    # subscription-manager list --available*
  3. Search for the subscription that provides the Red Hat Certification (for RHEL Server) repository and make a note of the subscription and its Pool ID.
  4. Attach the subscription to your system:

    # subscription-manager attach --pool=<pool_ID>

    Replace the pool_ID with the Pool ID of the subscription.

Note

You don’t have to attach the subscription to your system, if you enable the option Simple content access for Red Hat Subscription Management. For more details, see How do I enable Simple Content Access for Red Hat Subscription Management?

  1. Subscribe to the Red Hat Certification channel:

    • On RHEL 8:

      # subscription-manager repos --enable=cert-1-for-rhel-8-<HOSTTYPE>-rpms

      Replace HOSTTYPE with the system architecture. To find out the system architecture, run

      uname -m

      Example:

      # subscription-manager repos --enable=cert-1-for-rhel-8-x86_64-rpms
    • On RHEL 9:

      # subscription-manager repos --enable=cert-1-for-rhel-9-<HOSTTYPE>-rpms

      Replace HOSTTYPE with the system architecture. To find out the system architecture, run

      uname -m

      Example:

      # subscription-manager repos --enable=cert-1-for-rhel-9-x86_64-rpms
  2. Install the certification and Cockpit RPMs.

    # yum install redhat-certification-cockpit
    • Only on RHEL 9

      # yum install redhat-certification
  3. Generate a new SSH key pair on the test host, if it is not already present.

    # ssh-keygen
  4. View and copy the public key to enter it later during the set up of Controller and Compute node to allow secure and passwordless communication between the test host and each node. Replace <user> with your user name.

    # cat /<user>/.ssh/id_rsa.pub

    Example: # cat /root/.ssh/id_rsa.pub

5.2. Setting up the Controller and Compute nodes

Separate tests are run on the two nodes based on the defined role of each node in the test plan.

Note

Repeat the following process for setting up each node.

Prerequisites

  • You have installed RHOSP on the system based on the supported RHEL version, as applicable.

    The corresponding supported versions are as follows:

    RHOSP versionSupported RHEL version

    16.0

    8.1

    16.1

    8.2

    16.2

    8.4

    17.0

    9.0

    17.1

    9.2

  • You have installed and enabled Cockpit on both nodes.
Note

You have installed the plugin that needs certification.

This is applicable only to the Controller node.

Procedure

  1. Use your RHN credentials to register your system using Red Hat Subscription Management:

    # subscription-manager register
  2. Display the list of available subscriptions for your system:

    # subscription-manager list --available*

    Search for the subscription that provides the Red Hat Certification (for RHEL Server) repository and make a note of the subscription and its Pool ID.

  3. Attach the subscription to your system:

    # subscription-manager attach --pool=<pool_ID>

    Replace the pool_ID with the Pool ID of the subscription.

  4. Subscribe to the Red Hat Certification channel:

    • On RHEL 8:

      # subscription-manager repos --enable=cert-1-for-rhel-8-<HOSTTYPE>-rpms

      Replace HOSTTYPE with the system architecture. To find out the system architecture, run

      uname -m

      Example:

      # subscription-manager repos --enable=cert-1-for-rhel-8-x86_64-rpms
    • On RHEL 9:

      # subscription-manager repos --enable=cert-1-for-rhel-9-<HOSTTYPE>-rpms

      Replace HOSTTYPE with the system architecture. To find out the system architecture, run

      uname -m

      Example:

      # subscription-manager repos --enable=cert-1-for-rhel-9-x86_64-rpms
  5. Install the certification RPM.

    # yum install redhat-certification
  6. Install OpenStack test suite package:

    # yum install redhat-certification-openstack
  7. Open the authorized keys file in the Controller and Compute node and paste the public key of the test host that you copied earlier, and then save the file. This will allow secure and passwordless communication between the test host and each node.

    Replace <user> with your user name.

    # vi /<user>/.ssh/authorized_keys

    Example:

    # vi /root/.ssh/authorized_keys

Additional resources

Setting up passwordless SSH

Chapter 6. Downloading the test plan from Red Hat Certification Portal

Note

You must download the test plan to the test host.

Procedure

  1. Log in to Red Hat Certification portal.
  2. Search for the case number related to your product certification, and copy it.
  3. Click Cases → enter the product case number.
  4. Optional: Click Test Plans.

    The test plan displays a list of components that will be tested during the test run.

  5. Click Download Test Plan.

Next steps

If you plan to use Cockpit to run the tests, see Configuring the systems and running tests by using Cockpit

Otherwise, if you plan to use CLI to run the tests, see Configuring the systems and running tests by using CLI.

Chapter 7. Configuring the systems and running tests using Cockpit

To run the certification tests using Cockpit, you must first set up the Cockpit, add systems, upload the test plan to Cockpit.

7.1. Setting up the Cockpit server

Cockpit is a RHEL tool that lets you change the configuration of your systems as well as monitor their resources from a user-friendly web-based interface.

The Cockpit uses RHCert CLI locally and through SSH to other hosts.

Note
  • You must set up Cockpit on the same system as the test host.
  • Ensure that the Cockpit can access both the Controller and Compute nodes.

For more information on installing and configuring Cockpit, see Getting Started using the RHEL web console on RHEL 8, Getting Started using the RHEL web console on RHEL 9 and Introducing Cockpit.

Prerequisites

  • You have installed the Cockpit plugin on the test host.
  • You have enabled the Cockpit service.

Procedure

  1. Log in to the test host.
  2. Install the Cockpit RPM provided by the Red Hat Certification team.

    # yum install redhat-certification-cockpit

You must run Cockpit on port 9090.

Verification

  1. Log in to the Cockpit web application in your browser, http://<Cockpit_system_IP>:9090/ and verify the addition of ToolsRed Hat Certification tab on the left panel.

7.2. Adding the test systems to Cockpit

Adding the test host, Controller, and Compute nodes to Cockpit establishes a connection between the test host and each node.

Note

Repeat the following process for adding each node.

Prerequisites

  • You have the IP address of the test host, Controller, and Compute nodes.

Procedure

  1. Enter http://<Cockpit_system_IP>:9090/ in your browser to launch the Cockpit web application.
  2. Enter the username and password, and then click Login.
  3. Click the down-arrow on the logged-in cockpit user name→Add new host.

    The dialog box displays.

  4. In the Host field, enter the IP address or hostname of the system.
  5. In the User name field, enter from one of the three applicable accounts:

    Note
    • Enter “tripleo-admin” if you use RHOSP 17.1 or later.
    • Enter “heat-admin” if you use RHOSP 17 or earlier.
    • Enter “root” if you have configured root as the ssh user for Controller and Compute nodes.
  6. Click Accept key and connect.
  7. Optional: Select the predefined color or select a new color of your choice for the host added.
  8. Click Add.

Verification

On the left panel, click ToolsRed Hat Certification.
Verify that the system you just added displays under the Hosts section on the right.

7.3. Getting authorization on the Red Hat SSO network

Procedure

  1. Enter http://<Cockpit_system_IP>:9090/ in your browser’s address bar to launch the Cockpit web application.
  2. Enter the username and password, and then click Login.
  3. Select Tools → Red Hat Certification in the left panel.
  4. On the Cockpit homepage, click Authorize, to establish connectivity with the Red Hat system.

    The Log in to your Red Hat account page displays.

  5. Enter your credentials and click Next.

    The Grant access to rhcert-cwe page displays.

  6. Click Grant access. A confirmation message displays a successful device login. You are now connected to the Cockpit web application.

7.4. Downloading test plans in Cockpit from Red Hat certification portal

For Non-authorized or limited access users:

For authorized users:

Procedure

  1. Enter http://<Cockpit_system_IP>:9090/ in your browser’s address bar to launch the Cockpit web application.
  2. Enter the username and password, and then click Login.
  3. Select Tools → Red Hat Certification in the left panel.
  4. Click the Test Plans tab. A list of Recent Certification Support Cases will appear.
  5. Click Download Test Plan. A message displays confirming the successful addition of the test plan.
  6. The downloaded test plan will be listed under the File Name of the Test Plan Files section.

7.5. Using the test plan to provision the Controller and Compute nodes for testing

Provisioning the Controller and Compute nodes through the test host performs several operations, such as installing the required packages on the two nodes based on the certification type and creating a final test plan to run. The final test plan is generated based on the test roles defined for each node and has a list of common tests taken from both the test plan provided by Red Hat and tests generated on discovering the system requirements.

For instance, required OpenStack packages will be installed if the test plan is designed for certifying an OpenStack plugin.

Procedure

  1. Enter http://<Cockpit_system_IP>:9090/ in your browser address bar to launch the Cockpit web application.
  2. Enter the username and password, and then click Login.
  3. Select ToolsRed Hat Certification in the left navigation panel.
  4. Click the Hosts tab to see the list of systems added.
  5. Click the Test Plans tab and click Upload.

    1. In the Upload Test Plan dialog box, click Upload, and then select the new test plan .xml file saved on the test host.
    2. Click Upload to Host.

      A successful upload message displays along with the file uploaded. Optionally, if you want to reuse the previously uploaded test plan, then select it again to reupload.

      Note

      During the certification process, if you receive a redesigned test plan for the ongoing product certification, then you can upload it following the previous step. However, you must run rhcert-clean all in the Terminal tab before proceeding.

  6. Click Provision beside the test plan you want to use.

    1. In the Role field, enter the IP address of the Controller node, and from the Host drop-down menu, select Controller.
    2. In the Role field, enter the IP address of the Compute node, and from the Host drop-down menu, select Compute.
    3. In the Provisioning Host field, enter the IP address of the test host.
    4. Select the Run with sudo check box.
    5. Click Provision.

      The terminal is displayed.

7.6. Running the certification tests using Cockpit

Note

The tests run in the foreground on the Controller node, they are interactive and will prompt you for inputs, whereas the tests run in the background on the Compute node and are non-interactive.

Prerequisites

  • You have prepared the Controller and Compute nodes

Procedure

  1. Enter http://<Cockpit_system_IP>:9090/ in your browser address bar to launch the Cockpit web application.
  2. Enter the username and password, and click Login.
  3. Select ToolsRed Hat Certification in the left panel.
  4. Click the Hosts tab and click on the host on which you want to run the tests, then click the Terminal tab.
  5. Click Run.

    The rhcert-run command will appear and run on the Terminal window.

    When prompted, choose whether to run each test by typing yes or no.

    You can also run particular tests from the list by typing select.

7.7. Reviewing and downloading the test results file

Procedure

  1. Enter http://<Cockpit_system_IP>:9090/ in your browser address bar to launch the Cockpit web application.
  2. Enter the username and password, and then click Login.
  3. Select ToolsRed Hat Certification in the left panel.
  4. Click the Result Files tab to view the test results generated.

    1. Optional: Click Preview to view the results of each test.
    2. Click Download beside the result files.

      By default, the result file is saved as /var/rhcert/save/rhcert-multi-openstack-<certification ID>-<timestamp>.xml.

7.8. Submitting the test results from Cockpit to the Red Hat Certification Portal

Procedure

  1. Enter http://<Cockpit_system_IP>:9090/ in your browser’s address bar to launch the Cockpit web application.
  2. Enter the username and password, and then click Login.
  3. Select Tools → Red Hat Certification in the left panel.
  4. Click the Result Files tab and select the case number from the displayed list.

    1. For the authorized users click Submit. A message displays confirming the successful upload of the test result file.
    2. For non-authorized users see, Uploading the results file of the executed test plan to Red Hat Certification portal.

The test result file of the executed test plan will be uploaded to the Red Hat Certification portal.

7.9. Uploading the test results file to Red Hat Certification portal

Prerequisites

  • You have downloaded the test results file from the test host.

Procedure

  1. Log in to Red Hat Certification portal.
  2. On the homepage, enter the product case number in the search bar.

    Select the case number from the list that is displayed.

  3. On the Summary tab, under the Files section, click Upload.

Next steps

Red Hat will review the results file you submitted and suggest the next steps. For more information, visit Red Hat Certification portal.

Chapter 8. Configuring the systems and running tests using RHCert CLI Tool

Cockpit is the preferred method to configure systems and run tests. However, RHCert CLI will be continued as an alternative for performing the same tasks.

8.1. Using the test plan to provision the Controller and Compute nodes for testing

Provisioning the Controller and Compute nodes through the test host performs several operations, such as installing the required packages on the two nodes based on the certification type and creating a final test plan to run. The final test plan is generated based on the test roles defined for each node and has a list of common tests taken from both the test plan provided by Red Hat and tests generated on discovering the system requirements.

For instance, required OpenStack packages will be installed if the test plan is designed for certifying an OpenStack plugin.

Prerequisites

  • You have the IP address of both the Controller and Compute nodes.
  • You have downloaded the test plan to the test host.

Procedure

  1. Log into the test host using CLI.
  2. Provision the Controller and Compute nodes from the test host.

    # rhcert-provision <path_to_test_plan_document> --host controller:<IP address of the controller> --host compute:<IP address of the compute>

    Replace <path_to_test_plan_document> with the test plan file saved on the test host.

    Example:

    # rhcert-provision rhosp_test_plan.xml --host controller:192.168.24.23 --host compute:192.168.24.32

    In addition to starting the Controller and Compute nodes and sending the test plan to both the nodes where the tests actually run, the command also establishes communication between the test host and each node.

  3. Select the RHOSP administrator account when prompted.

    Note
    • Enter “tripleo-admin” if you use RHOSP 17.1 or later.
    • Enter “heat-admin” if you use RHOSP 17 or earlier.
    • Enter “root” if you have configured root as the ssh user for Controller and Compute nodes.
  4. Select None for “What is this host’s role” when prompted.

    Tests applicable for each node will be displayed.

8.2. Running the certification tests using CLI

Note

The tests run in the foreground on the Controller node, they are interactive and will prompt you for inputs, whereas the tests run in the background on the Compute node and are non-interactive.

Procedure

  1. Run tests

    # rhcert-run --host controller:<_IP address of the controller_> --host compute:<_IP address of the compute_>

    Example:

    # rhcert-run --host controller:192.168.24.23 --host compute:192.168.24.32
  2. Select the RHOSP administrator account when prompted.

    Note
    • Enter “tripleo-admin” if you use RHOSP 17.1 or later.
    • Enter “heat-admin” if you use RHOSP 17 or earlier.
    • Enter “root” if you have configured root as the ssh user for Controller and Compute nodes.
  3. When prompted, choose whether to run each test by typing yes or no.

    You can also run particular tests from the list by typing select.

    Separate test results from each node are transferred to the test host, where they are merged into a single result file.

    By default, the result file is saved as /var/rhcert/save/rhcert-multi-openstack-<certification ID>-<timestamp>.xml.

Chapter 9. Running certification tests for OpenStack certification

Run certification tests on the OpenStack deployment under test based on the type of OpenStack application undergoing certification.

9.1. Running certification tests for products implementing OpenStack APIs

If the OpenStack application undergoing certification implements OpenStack APIs, complete the following steps on the test server to run certification tests on the OpenStack deployment under test or test client.

This category includes OpenStack plugins and drivers which implement OpenStack APIs for Networking, Block Storage, and File Share services.

Additional resources

9.1.1. Running tempest_config test

The tempest_config test automatically generates a tempest.conf file at run time. If you need to change the default configurations of the test, replace tempest.conf with a new file at the same location.

Although the updated configuration can address any known tempest issues, note that tempest still needs to fulfill certification testing requirements.

Prerequisites

  • You have subscribed the application under test to the OpenStack product repositories to allow tempest to get installed.
  • You have OpenStack administrator login privileges and credentials.

Procedure

The test is interactive. It checks for the presence of the tempest.conf file at location /etc/redhat-certification/openstack. If the file exists, you will receive a prompt asking if you want to replace it and enter the details manually. If you choose no, the test will use the keystone credentials from the existing file and proceed. However, if you choose yes, or if the tempest.conf file is not present in the location you will be prompted to provide the following details:

  1. In the keystone auth url field, enter the URL to allow the test access the OpenStack platform service endpoints.
  2. Enter the OpenStack administrator username and password.
  3. Update the tempest.conf file to enable all the flags applicable for the plugins that you are certifying.
  4. Click Submit.

Additional resources

  • If you face any tempest issues unrelated to the certification testing, use the following links to raise bugs:

9.2. Running certification tests for products consuming OpenStack APIs

Red Hat considers the following as products or applications consuming OpenStack APIs:

  • Products that facilitate deploying an OpenStack environment.
  • Products that complement the cloud infrastructure with additional functionality, such as configuration, scaling, and management.
  • Applications for OpenStack management and monitoring.
  • Applications that are OpenStack-enabled, such as virtual network functions (VNFs).

If the OpenStack application that you are certifying consumes OpenStack APIs, perform the following steps:

Procedure

  1. Review the policy information described in the Red Hat OpenStack Certification Policy Guide.
  2. Run the certification tests as described in the Setting up the test server section.

9.3. Running trusted container test

Procedure

  1. Navigate to the rhcert tool home page and select the trusted container test.
  2. Click on the Run Selected.
  3. Perform the following actions when the test prompts you:

    1. Provide the reason why you configured non-Red Hat containers on the host under test.
    2. Select the checkboxes of the containers you want to run the test on.

9.4. Running the OpenStack director test and the supportability tests

Procedure

  1. On the Red Hat Certification home page, click the Server settings tab.
  2. In the Register a System field, enter the hostname or IP address of the overcloud node where you installed the application under test. Then, click Add.
  3. Click the existing product entry from the Red Hat Certification home page. Then, click the relevant certification entry from the Certifications page.

    The Progress page opens and displays the tests available. It also displays the status of the previous runs, if any.

  4. Click Testing to open the Testing tab.
  5. On the Testing tab, click Select Test Systems.
  6. On the Select Host page, select the hostname of the overcloud node where you installed the application-under-test. Then, click Test to return to the Testing tab.

    The rhcert tool now creates a certification test plan for the application-under-test.

    When the test plan is ready, the status column displays "Finished test run". The Continue Testing button also appears.

  7. Click Continue Testing.
  8. Select interactive next to the openstack/supportable checkbox and then click Run Selected.

Certification tests are run on the application-under-test. The status of the certification test run is displayed on the Testing Page under the relevant hostname.

The tool now runs the certification tests. You can find the status of the test run on the Testing tab under the relevant hostname.

After the test run completes, the test logs from the openstack/supportable tests are stored in the same log file as for the openstack/director test on the test server.

9.5. Additional Resources

Chapter 10. Publishing on the catalog

After submitting your test results through the Red Hat certification portal, your application is scanned for vulnerabilities. When the scanning is completed, you can publish your product on the Red Hat Ecosystem Catalog.

A RHOSP infrastructure certification is generated if you have performed the following:

  • You ran the required tests successfully.
  • Red Hat reviewed the testing configuration report, and found it was valid and appropriate for the certification.

Perform the following steps to publish your product on the catalog:

Procedure

  1. Navigate to your Product listing page.
  2. Click Publish.

Your certified application is now published on the Red Hat Ecosystem Catalog.

Legal Notice

Copyright © 2024 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.