Managing multiple OpenStack accounts
This topic provides information about managing multiple OpenStack accounts (public or private cloud accounts). To enable the OpenStack public or private cloud services using the OpenStack Provider, you must first add the public or private account credentials. You can add multiple OpenStack user accounts and edit or delete an existing user account.
To add account credentials
- From the BMC Cloud Lifecycle Management Administration Console, click the vertical Workspaces menu on the left side of the window and select Providers.
- On the Providers page, select the OpenStackProvider provider type and click Manage Multiple Accounts .
The Manage Multiple OpenStack User Account page with the Existing OpenStack Credentials section is displayed.
Click Add New Account Credentials and supply the required server and user information in the Add OpenStack Account Credentials section:
Unique prefix to identify the Definitive Media Library (DML) entries and Logical Data Centers.
A user account is a unique combination of a Keystone Server IP and an OpenStack user account. You can create multiple accounts on the same Keystone Server IP or Host that have different OpenStack User Details (administrator user or a member user).
Keystone Server IP/Host Name
Unique IP of the Keystone Server or Host.
For the public cloud (CloudWatt) you must specify the Keystone Server IP/Host Name obtained from the Authentication URL (Identity service endpoint) value here. To get this value, in the CloudWatt Console, click the API Access link. This displays the following figure with the Authentication URL details:
Keystone Server Protocol
Https or Http protocol
Default value: Http
Keystone Server Public Port
Public port of the Keystone Server of this account.
Default value: 80 (for Http) and 443 (for Https)
OpenStack supported API version.
Default value: v2.0
Install Certificate Type of certificate installation.
You can install User certificate (personal or self-signed) or CA certificate (signed by certificate authority) X.509 file. You can choose to install the certificate file only if you have selected the Keystone Server Protocol as Https to enable the certificate mode of authentication.
TRUE - Installs the X.509 certificate file in the \lib\security folder of your Java Runtime Environment. (Default value)
FALSE - Does not install any certificate.
Keystore Password Password to open the certificate file.
You can specify the password only if you have selected the Keystone Server Protocol as Https to enable the certificate mode of authentication. Default value: changeit
Allow Unsigned Certificate Unsigned certificate usage
TRUE is the default value and enables use of personal or self-signed certificates.
FALSE disables the use of unsigned certificates.
OpenStack administrator or member user name.
An administrative user has the administrative privileges on all the Projects in OpenStack and can manage all the Projects resources from BMC Cloud Lifecycle Management.
But a member user must have sufficient privileges on its Project(s) in OpenStack to manage the associated Project(s) resources from BMC Cloud Lifecycle Management.
Password that corresponds to the specified OpenStack administrator or member user name.
- Click Add.
A notification appears indicating that the account details are saved.
The newly-added account details appear in the Existing OpenStack Credentials list.
After the account is created, OpenStack Snapshots and Images are auto-onboarded as DML entries in BMC Cloud Lifecycle Management application.
For the custom Glance images, ensure that you must connect to the OpenStack server and set a property name os_name in the Glance image (as shown in figure below) by running the following command:
glance image-update <IMAGE-UUID> --property os_name=<OS_NAME>
To edit account credentials
- In the Manage Multiple OpenStack User Account page, select the existing user credential that you want to edit.
- Click Edit User Credentials .
- In the Edit OpenStack Account Credentials section, update the appropriate user credential details:
- Click Update to save the edited user credential information.
To delete account credentials
In the Manage Multiple Openstack User Account page, select the existing OpenStack user credential that you want to delete.
Ensure that you do not have any onboarded resources that correspond to the user credential you intend to delete.
- Click Delete User Credentials .
In the confirmation dialog box, click Yes to confirm the deletion.
NoteThe https certificates that are installed in Java TrustStore are not removed, when you delete the account or deregister an OpenStack Provider instance. You must delete these certificates manually.
Where to go from here
To configure OpenStack resources, see Configuring resources for the OpenStack Provider services.