8.6. Connecting to OpenStack command-line interface¶

For managing the compute cluster, you can also use the OpenStack command-line client, which is automatically installed along with the Acronis Cyber Infrastructure.

To connect to and be able to use the OpenStack CLI, do the following:

1. Locate the node with the management role in the admin panel. Open the Infrastructure > Nodes screen. The management node runs the Admin panel service.

2. Access the management node via SSH and log in as the service user. For example:

   # ssh node001.vstoragedomain
   # su - vstoradmin
   

3. Generate the admin OpenRC script that sets environment variables:

   # kolla-ansible post-deploy
   

   The command will create the /etc/kolla/admin-openrc.sh bash script:

   export OS_PROJECT_DOMAIN_NAME=Default
   export OS_USER_DOMAIN_NAME=Default
   export OS_PROJECT_NAME=admin
   export OS_USERNAME=vstorage-service-user
   export OS_PASSWORD=<password>
   export OS_AUTH_URL=https://<MN_IP_address>:5000/v3
   export OS_IDENTITY_API_VERSION=3
   export OS_AUTH_TYPE=password
   export OS_INSECURE=true
   export PYTHONWARNINGS="ignore:Unverified HTTPS request is being made"
   export NOVACLIENT_INSECURE=true
   export NEUTRONCLIENT_INSECURE=true
   export CINDERCLIENT_INSECURE=true
   export OS_PLACEMENT_API_VERSION=1.22
   

   By default, the script is created to authorize in the admin project under the vstorage-service-user user for managing the compute cluster with administrative privileges.

4. To perform administrative actions, run this script:

   Important

   You need to run the script each session.

   # source /etc/kolla/admin-openrc.sh
   

If you want to work in another project under another user, you need to make changes to the admin-openrc.sh script. For example, to authorize in the myproject project under the myuser user within the mydomain domain, do the following:

1. Copy the script to the chosen directory with a new name. For example:

   # cp /etc/kolla/admin-openrc.sh /root/myscript.sh
   

2. Open the copied script for editing and change the first five variables as follows:

   export OS_PROJECT_DOMAIN_NAME=mydomain
   export OS_USER_DOMAIN_NAME=mydomain
   export OS_PROJECT_NAME=myproject
   export OS_USERNAME=myuser
   export OS_PASSWORD=<myuser_password>
   

   Leave other variables as is and save your changes.

3. Run the modified script:

   Important

   You need to run the script each session.

   # source /root/myscript.sh
   

Now you can work in the project you have authorized in by executing OpenStack commands with the --insecure option. For example:

# openstack --insecure server list
+--------------------------+------+--------+------------------------+-------+--------+
| ID                       | Name | Status | Networks               | Image | Flavor |
+--------------------------+------+--------+------------------------+-------+--------+
| 32b0f95d-477f-46b5-<...> | vm1  | ACTIVE | private=192.168.128.87 |       | tiny   |
+--------------------------+------+--------+------------------------+-------+--------+

To learn how to secure OpenStack API traffic, refer to Securing OpenStack API traffic with SSL.