Installing Apcera on OpenStack

This section provides instructions for installing Apcera on OpenStack Liberty.

• OpenStack Cluster Description
• Installation Prerequisites
• Installation Steps

OpenStack Cluster Description

The example cluster installed on OpenStack as described here makes use of the following resources:

• 20 virtual machine hosts with NFS persistence, remote package store, and 3 IMs that can be expanded to 10.
• 3 subnets
• 7 floating IP addresses (static IPs)
• 4 security groups
• 10 volumes (in addition to host root disks)

Optional expansions include:

• Add auditlog-secondary on subnet 2.
• Add http router on subnet 2, subnet 3.
• Given IM count is 1 per subnet; can increase IM count across each subnet (such as 3, 3, 4 for a total of 10 IMs).

The associated OpenStack installation files deploy an Apcera Platform cluster (relase 2.6.0 or later) with the following components:

See also

• List and description of Apcera cluster components.
• Sizing considerations for a minimum production deployment on OpenStack.
• Required Ports.

Installation Prerequisites

1. Install and configure OpenStack Liberty, or access your hosted OpenStack Liberty installation.

   The Apcera Platform installation files and instructions for OpenStack support the Liberty release.

   Refer to OpenStack configuration tasks as necessary throughout these instructions.

2. In OpenStack create the following machine flavors:

   Type	CPUs	RAM	Root Disk
   apcera.small	2	2 GB	12 GB
   apcera.medium	2	4 GB	12 GB
   apcera.large	4	8 GB	12 GB
   apcera.IM	16	32 GB	12 GB

3. Obtain the Apcera images and upload them to OpenStack.

   Download the Orchestrator and Base Apcera images.

   Upload both images to OpenStack.

4. Create DNS records.

   You will need to create at least two DNS records that map the cluster base_domain and Zabbix monitoring host to the public IP addresses for the HTTP router and for the Zabbix server. These records are populated after the hosts are created in OpenStack (described below), but you may want to register the domain and create the records now so you can populate them after the resources are provisioned.

5. Create security keys and certificates.

   You will need to provide an SSL key and certs chain to use HTTPS for the router.

   You will need to provide a public ssh-cert string:x for remote access to cluster hosts using SSH.

6. Install Terraform.

   Apcera supports Terraform version 0.8.8 for installing Apcera on OpenStack Liberty.

   To install Terraform, download v0.8.8, extract the contents of the ZIP file to a known directory and add it to your PATH.

   To verify Terraform installation run the following command:

    terraform version
   

Installation Steps

1. Download the Apcera installation files for OpenStack and unzip them to a local directory.

2. CD to the working directory where you extracted the installation files.

3. Add your SSL key and cert chain for the HTTP router to the /CERTS directory.

   For example:

    /CERTS/your-cluster.key
    /CERTS/your-cluster.crt
    /CERTS/yourCA.pem
   

4. Populate terraform.tfvars with your OpenStack credentials and other values.

   Replace all values as described below:

    openstack_auth_url     = "Get from RC OS_AUTH_URL="
    openstack_user_name    = "Get from RC OS_USERNAME="
    openstack_password     = "Enter the OpenStack password for your project"
    openstack_tenant_name  = "Get from RC OS_TENANT_NAME="
    openstack_region       = "region-you-are-using"
   

   To get these values, download the RC file. See also populating OpenStack values.

5. Populate main.tf.

   The main.tf Terraform file configures OpenStack resources.

   Update main.tf as follows (sections are commented "TODO" in the file):

   Lines	Action
   24, 25	Add the UUIDs for the Base and Orchestrator images that you uploaded to OpenStack.
   99, 115, 125	Bump up number of IMs per subnet as needed (for example: 3, 3, 4).
   117	Add auditlog-secondary as needed.
   118, 126	Bump number of HTTP routers (2 or 3) as needed.

   By default main.tf reads the required Terraform files from the local /terraform-modules directory.

6. Populate cluster.conf.erb.

   The cluster.conf.erb file is used to generate the cluster configuration file (cluster.conf).

   Update cluster.conf.erb as follows:

   Lines	Action
   10 - 18	Update all values to match your cluster details.
   343 - 346	Add public SSH key for cluster host access via Orchestrator.
   357 - 359	Configure basic auth user credentials and cluster admins.
   381 - 406	Update the Zabbix passwords as necessary, or you can use the defaults.

   When it is time to update your cluster, you should modify cluster.conf.erb and regenerate cluster.conf as described below, rather than editing cluster.conf directly.

7. Run Terraform.

   Issue the following Terraform commands:

    terraform get
   
    terraform plan --module-depth=-1
   

   Plan should add 57 resources, including host vms, security groups, floating IPs, non-root disks (volumes), and subnets.

    terraform apply
   

   If you receive errors indicating certain assets cannot be created, run the apply command again. OpenStack may have timing issues where it is trying to use a resource whose creation is not done (even if OpenStack reports that it is created).

8. Create or update DNS records.

   DNS records are required for the HTTP router and monitoring host using the external (public) IP addresses for these hosts.

   DNS Entry	Description
   base_domain	Public IP address of the http router, or list of IPs if multiple (get value from terraform output router-external-address)
   *.base_domain	CNAME record to base_domain (alias or pointer, such as *.example.cluster.com)
   monitoring-host	Public IP address (cannot be under base_domain entry) (get value from terraform output monitoring-external-address

   For multiple routers, create a DNS record for each external IP address.

9. Generate cluster.conf.

    erb cluster.conf.erb > cluster.conf
   

10. Upload cluster.conf to Orchestrator.

    Run the following command to get the Orchestrator IP address:

    terraform output orchestrator-external-address
    

    Securely copy cluster.conf to Orchestrator. For example:

    scp cluster.conf orchestrator@147.47.247.74:~
    

    Credentials: user orchestrator, password orchestrator.

11. Connect to Orchestrator.

    Connect to Orchestrator remotely using SSH. For example:

    ssh orchestrator@147.47.247.74
    

    Credentials: user orchestrator, password orchestrator.

    Successful connection is indcated by the login prompt orchestrator@vm:~$.

12. Update and initialize Orchestrator.

    Orchestrator version 1.0.0 is required to deploy Apcera version 2.6.

    To update Orchestrator:

    sudo apt-get update
    
    sudo apt-get install orchestrator-cli
    
    y
    

    To verify Orchestrator update:

    orchestrator-cli version
    

    To initialize Orchestrator (required on initial deployment only):

    orchestrator-cli init
    

13. Deploy the cluster.

    Deploy the latest promoted release of the Apcera Platform.

    Perform a dry run to verify the syntax of cluster.conf:

    orchestrator-cli deploy -c cluster.conf --update-latest-release --dry
    

    Deploy the cluster:

    orchestrator-cli deploy -c cluster.conf --update-latest-release
    

    Successful deployment is indicated by the message "Done with cluster updates."

    If deployment fails, run orchestrator-cli deploy again.

    If necessary troubleshoot the deployment.

14. Reboot the cluster.

    Because there is a new kernel, full cluster reboot is required.

    orchestrator-cli reboot -c cluster.conf
    

15. Verify and bootstrap the deployment.

    Complete post-installation tasks, including:

    • Log in to the web console.
    • Download and install APC.
    • Target the cluster and log in using APC.
    • Install Apcera packages.