8.6. Connecting to OpenStack Command-Line InterfaceΒΆ
For managing the compute cluster, you can also use the OpenStack command-line client, which is automatically installed along with the Acronis Cyber Infrastructure.
To connect to and be able to use the OpenStack CLI, do the following:
Locate the node with the management role in the admin panel. On the INFRASTRUCTURE > Nodes screen, the management node has the icon
. For example:
Access the management node via SSH and log in as the service user. For example:
# ssh node001.vstoragedomain # su - vstoradmin
Generate the admin OpenRC script that sets environment variables:
# kolla-ansible post-deploy
The command will create the
/etc/kolla/admin-openrc.shbash script:export OS_PROJECT_DOMAIN_NAME=Default export OS_USER_DOMAIN_NAME=Default export OS_PROJECT_NAME=admin export OS_USERNAME=vstorage-service-user export OS_PASSWORD=<password> export OS_AUTH_URL=https://<MN_IP_address>:5000/v3 export OS_IDENTITY_API_VERSION=3 export OS_AUTH_TYPE=password export OS_INSECURE=true export PYTHONWARNINGS="ignore:Unverified HTTPS request is being made" export NOVACLIENT_INSECURE=true export NEUTRONCLIENT_INSECURE=true export CINDERCLIENT_INSECURE=true export OS_PLACEMENT_API_VERSION=1.22
By default, the script is created to authorize in the
adminproject under thevstorage-service-useruser for managing the compute cluster with administrative privileges.To perform administrative actions, run this script:
Important
You need to run the script each session.
# source /etc/kolla/admin-openrc.sh
If you want to work in another project under another user, you need to make changes to the admin-openrc.sh script. For example, to authorize in the myproject project under the myuser user within the mydomain domain, do the following:
Copy the script to the chosen directory with a new name. For example:
# cp /etc/kolla/admin-openrc.sh /root/myscript.sh
Open the copied script for editing and change the first five variables as follows:
export OS_PROJECT_DOMAIN_NAME=mydomain export OS_USER_DOMAIN_NAME=mydomain export OS_PROJECT_NAME=myproject export OS_USERNAME=myuser export OS_PASSWORD=<myuser_password>
Leave other variables as is and save your changes.
Run the modified script:
Important
You need to run the script each session.
# source /root/myscript.sh
Now you can work in the project you have authorized in by executing OpenStack commands with the --insecure option. For example:
# openstack --insecure server list
+--------------------------+------+--------+------------------------+-------+--------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------+------+--------+------------------------+-------+--------+
| 32b0f95d-477f-46b5-<...> | vm1 | ACTIVE | private=192.168.128.87 | | tiny |
+--------------------------+------+--------+------------------------+-------+--------+
To learn how to secure OpenStack API traffic, refer to Securing OpenStack API Traffic with SSL.