OpenStack

Overview


OpenStack is used for creating and managing cloud computing platforms for public and private clouds. Our integration includes multiple automation and provisioning methods. You can use it to deploy VPS Hosting, Cloud hosting (virtual Datacenters) or DIY Cloud and VPS packages.

Activating the module


  1. If the module is included in your HostBill edition you can download it from your client portal.
  2. If the module is not included in your HostBill edition you can purchase it from our marketplace and then download it from the client area.
  3. Once you download the module extract it in the main HostBill directory.
  4. Go to Settings → Modules → Hosting Modules, find and activate OpenStack module.

Connecting HostBill with OpenStack


  1. Proceed to Settings → Apps → Add new App
  2. From the Applications list select OpenStack
  3. On the Add New App page:
    • Enter a Name that identifies this connection
    • Enter a Hostname or an IP Address
    • Enter your Username
    • Enter the Password for your username
    • Enter the Port used by Identity API
    • Enter the Admin project name
    • Enter the Domain name
    • Check Secure if your Openstack API  works over HTTPS
    • Select Interface type for API Connections, OpenStack can advertise different endpoint URLs based on interface type, you need to select the type that can be accessed from hostbill server.
    • Check Override endpoint hostname if you want to replace the hostname for each endpoint returned in API catalog with the one used for Identity API connection.
    • Check Domain scope for identity If your Openstack deployment enforces that action on Identity API should use domain scoped tokens.
    • Select Default Console type
    • Enter Console URL if you want to use a non-standard one, leave it empty otherwise.
    • Enter Horizon URL if you do not want to use the one generated from IP address/hostname, leave it empty otherwise.

      4. Verify entered credentials by clicking Test Connection to check if HostBill can connect.
      5. Save Changes

Configuring Openstack Category / Order page


Proceed to Settings → Products & Services and Add new Orderpage

  • From "Order Type" Select Openstack
  • Pick the order page, and save changes
  • Add new Product

Important

Make sure that your order page is set to use Openstack as order type, otherwise, the client area won't use VM/Cloud management templates.

Setting Cloud Package


  1. Under Connect with App Select Openstack Module
  2. Select the app connection configured in the previous steps
  3. Select Cloud Hosting from Provisioning Tab
  4. Setup package Resource limits:
    • Select Memory Limit and unit for Openstack Project.
    • Provide vCPU Count limit  for Openstack Project.
    • Enter Max Instances limit for Openstack Project.
    • Select Available Flavors that clients will be able to use when deploying new VM.
  5. Setup package Images / Snapshots limits:
    • Enable Set template pricing if you want to limit OS selection in the client area. This creates a form component where you can remove, rename and set template pricing.
  6. Setup package Storage limits:
    • Select the Boot Storage Type
      • EphemeralDisks size is determined by the selected flavor or image. Managed by Compute (Nova). 
      • Volume - Boot disk size is specified in the product or by the user. Managed by block storage (Cinder).
    • Define Volume Types limits
      • Set project limits for each volume type. Use -1 for no limit.
    • Set Max volumes limit
    • Set Max volume size limit
    • Set Max snapshots limit
    • Set Snapshot size limit
    • Select Project Storage limit
      • Automatic - Module will use the lowest possible value based on selected storage types and VPS boot volume size.
      • Minimum - Define the minimum value for storage limit in the Openstack project. This limit will be used if storage types and VPS boot volume size is lower than the provided value. Client area limits for Volume Types will still apply.
      • Unlimited -  No limit in openstack. Client area limits for Volume Types will still apply.
    • Select Project Snapshots - Maximum count of volume snapshots in the project.
      • Automatic - module will use the lowest possible value based on product settings.
      • Minimum - define minimum value for volume snapshot quota in openstack project. This limit will be used if the quota calculated by the module for instance snapshots is lower than this value.
      • Unlimited - no limit in openstack
  7. Setup package Network limits:
    • Enter the Number of Public / Floating IPs that client can use
    • Select Floating IPs pool, if you use Availability Zones make sure to select pools that can be accessed by each of the selected zones.
    • Select External Networkif you use Availability Zones make sure to select networks that can be accessed by each of the selected zones.
    • Select default Security Group
    • Check Neutron Support if you want to provision a private network with the service
      • Enter Private Network CIDR Provide the address and mask to be used when creating the client network, default: 192.168.2.0/24
      • Enter Private Network DNS Provide a comma-separated list of DNS, ie: 8.8.8.8,8.8.4.4
      • Set Networks - Project network limit, at least one is required for account creation to work. Use -1 for no limit.
      • Set Ports - Project ports limit, this also includes network and router interfaces. Use -1 for no limit.
      • Set Routers - Project routers limit, at least one is required for account creation to work. Use -1 for no limit.
      • Set Subnets - Project subnets limit, at least one is required for account creation to work. Use -1 for no limit.
  8. Setup Misc options
    • Check One Login to use only one set of credentials (one user) for each new client project
    • Check Server Metadata to pass HostBill form component as server metadata to openstack when creating & upgrading/downgrading.
    • Select Server Auth to define the allowed authentication method for new servers.
      • For Single VPS account if Root password & SSH keys or SSH Key option is selected,  before his server will be provisioned the client will have to go through an additional step in the client area to select an authentication method if no SSH Key is provided during the order.
    • Check SSH Key to allow the client to provide an ssh key during the order.
    • Check Password Reset to Disable root password reset if your hypervisor or templates do not support it
    • Define Default User dataConfiguration information or scripts to use upon server creation
      • You can use smarty variables like {$password}, {$image} (openstack image details), {$service}, {$forms} and {$client} in your scripts.
    • Select VHI Placement if you are using Virtuozzo Hybrid Infrastructure 
  9. Save changes


For more generic product configuration details including price, automation, emails settings refer to Product Configuration article.

Setting VPS Hosting Package


  1. Under Connect with App Select Openstack Module
  2. Select the app connection configured in the previous steps
  3. Select Single VPS from Provisioning Tab
  4. Setup package Resource limits:
    • Pick a Flavor size for the customer VM.
    • Select a User Role used for the service project. The selected role should allow the user to manage project resources. For VHI Deployments use project_admin, on other deployments member should work fine.
    • From Availability Zone select the zones that can be used for provisioning. If no option is selected it will use default values in Openstack.
  5. Setup package Images / Snapshots limits:
    • From OS Template list pick what template customer VM should be created with.
  6. Setup package Storage limits
    • Select the Boot Storage Type
      • EphemeralDisks size is determined by the selected flavor or image. Managed by Compute (Nova). 
      • Volume - Boot disk size is specified in the product or by the user. Managed by block storage (Cinder).
    • Select Boot Volume Type (Only for Volume storage type)
    • Enter Boot Volume Size (Only for Volume storage type)
    • Define Volume Types limits
      • Set additional disks size in GB
    • Set Max volumes limit
    • Set Max volume size limit
    • Set Max snapshots limit
    • Set Snapshot size limit
    • Select Project Storage limit
      • Automatic - Module will use the lowest possible value based on selected storage types and VPS boot volume size.
      • Minimum - Define the minimum value for storage limit in the Openstack project. This limit will be used if storage types and VPS boot volume size is lower than the provided value. Client area limits for Volume Types will still apply.
      • Unlimited -  No limit in openstack. Client area limits for Volume Types will still apply.
    • Select Project Snapshots - Maximum count of volume snapshots in the project.
      • Automatic - module will use the lowest possible value based on product settings.
      • Minimum - define minimum value for volume snapshot quota in openstack project. This limit will be used if the quota calculated by the module for instance snapshots is lower than this value.
      • Unlimited - no limit in openstack
  7. Setup package Network limits:
    • Enter the Number of Public / Floating IPs that client can use
    • Select Floating IPs pool, if you use Availability Zones make sure to select pools that can be accessed by each of the selected zones.
    • Select External Networkif you use Availability Zones make sure to select networks that can be accessed by each of the selected zones.
    • Select default Security Group
    • Check Neutron Support if you want to provision a private network with the service
      • Enter Private Network CIDR Provide the address and mask to be used when creating the client network, default: 192.168.2.0/24
      • Enter Private Network DNS Provide a comma-separated list of DNS, ie: 8.8.8.8,8.8.4.4
      • Set Networks - Project network limit, at least one is required for account creation to work. Use -1 for no limit.
      • Set Ports - Project ports limit, this also includes network and router interfaces. Use -1 for no limit.
      • Set Routers - Project routers limit, at least one is required for account creation to work. Use -1 for no limit.
      • Set Subnets - Project subnets limit, at least one is required for account creation to work. Use -1 for no limit.
  8. Setup Misc options
    • Check One Login to use only one set of credentials (one user) for each new client project
    • Check Server Metadata to pass HostBill form component as server metadata to openstack when creating & upgrading/downgrading.
    • Select Server Auth to define the allowed authentication method for new servers.
      • For Single VPS account if Root password & SSH keys or SSH Key option is selected,  before his server will be provisioned the client will have to go through an additional step in the client area to select an authentication method if no SSH Key is provided during the order.
    • Check SSH Key to allow the client to provide an ssh key during the order.
    • Check Password Reset to Disable root password reset if your hypervisor or templates do not support it
    • Define Default User dataConfiguration information or scripts to use upon server creation
      • You can use smarty variables like {$password}, {$image} (openstack image details), {$service}, {$forms} and {$client} in your scripts.
    • Select VHI Placement if you are using Virtuozzo Hybrid Infrastructure 
  9. Save changes


For more generic product configuration details including price, automation, emails settings refer to Product Configuration article.


Configuring Client Functions   


In Products & Services → Your Order Page → Your Product → Client Functions you can control what features customers will have access to in the client portal, by clicking Enable/Disable next to the given option.
Use Edit button to adjust function appearance in the client portal.

For OpenStack you can enable the following client functions dedicated to this module:

  1. API Access - show OpenStack API access credentials - for cloud packages only.
  2. Adding interfaces - allow clients to add new network interfaces.
  3. Allow VM rebuild - allow rebuilding of Virtual Machines.
  4. Allow hard rebooting VMs - allow hard rebooting VMs.
  5. Allow rebooting VMs - allow rebooting VMs.
  6. Allow rescue mode - allow entering and disabling Rescue mode for VM.
  7. HTML Console - allow access to VM console.
  8. Image based volumes - allow creating volumes from Images.
  9. Network configuration - allow access to network configuration section.
  10. SSH Keys management - allow SSK Key management.
  11. Security groups - allow access to security groups configuration section - cloud packages only.
  12. Servers resize - allow for resizing instances.
  13. VM Power Control - allow VM start/stop.
  14. Virtual Machine logs - allow access to virtual machine logs.
  15. Snapshot Management - allow the client to manage snapshot
  16. Reverse DNS - allows clients to adjust reverse DNS entries - requires IPAM plugin

As well as a number of standard client functions, such as 

  1. Change Billing Cycle
  2. Change Label
  3. Change Ownership
  4. Edit Forms
  5. Graphs
  6. Login Details
  7. Manual Service Renew
  8. New Direct Link
  9. Related Services
  10. Service Auto Renewal

How to access instances through SSH using root password?


This module supports two ways of settings up SSH access with password authentication: through root password injection and cloud-init scripts.

You can read more on how to enable password injection for different hypervisors here: http://docs.openstack.org/admin-guide/compute-admin-password-injection.html

To use cloud-init script, you will need to enter it in your product configuration, under "Misc" tab.

It allows you to use "$password" variable that will be replaced with the actual root password when a new VM is created.


User Data Scripts


It is possible to use smart templates for user data script, you can access $service, $client, $forms and $password variables to customize your script.

Please refer to this list to find out the proper variable names - Available Email / Mobile Notifications Variables

You can access form components values through $forms variable, this guide illustrates how to find proper variable names - Forms: Accessing Forms elements in email templates

cloud-config
#cloud-config
hostname: {$service.domain}
users:
  - name: {$forms.username.value}    
    gecos: {$client.firstname} {$client.lastname}    
    passwd: "{$password|mkpasswd:sha512:null:10000}"
    sudo: ALL=(ALL) ALL
    shell: /bin/bash
    lock_passwd: false

ssh_pwauth: true
package_update: true
runcmd:
  - {$forms.recipe.variable_id}
  - restart ssh
output: {literal}{all: '| tee -a /var/log/cloud-init-output.log'}{/literal}

The user data script is processed by the smarty template engine. If your script includes curly bracers (`{` or `}`) that are not part of a variable or function you will need to encapsulate it in `{literal} ... {/literal}` statement. 

mkpasswd

You can use `mkpasswd` variable modifier to generate password hash. It output can be modified with additional parameters {$var|mkpasswd[:$method[:$salt[:$rounds]]]]}.

  • $method - des, md5,  blowfishsha256 or sha512, default is sha512.
  • $salt - variable or a string to be used as salt, use `null` to generate salt automatically.
  • $rounds - number of iterations for sha256 and sha512, cost for blowfish.

For example to generate a sha512 hash, with random salt and 10000 rounds use: {$password|mkpasswd:sha512:null:10000}

Solving connection problems


Problem: Connection timed out 

Solution: Make sure that HostBill server is able to connect to your Openstack server.  After authentication Openstack returns with list of available api endpoints, HostBill will test those endpoints using admin api interface (adminURL). Make sure that url provided in error message is accessible from your server.

Problem:  Admin API interface is not available for some services (eg. compute, network)

Solution: Rename includes/modules/Hosting/openstack/endpoints.php.example to endpoints.php, you can edit that file to select which url type will be used for each service.

Problem: Test connection returns: 500 Internal Server Error. Test did not completed, check your error logs for more information.

Solution: There was an error while testing connection status, check Extras → System Logs → Error logs for more information.