Openstack is becoming a widely used on-premise infrastructure orchestration platform. It has a wide array of contributors and enterprise sponsorships. There are several variations on Openstack as well. Morpheus supports integration with all the various platform offerings and ranges in support all the way back to Openstack Icehouse. It leverages the APIs and provides full functionality as a self service portal in front of Openstack.
- Virtual Machine Provisioning
- Backups / Snapshots
- Security Group Management
- Disk Mode support Local/Image (via Ceph)
- Floating IP Assignment support
- Brownfield VM management and Migration
- Lifecycle Management and Resize
- Docker Host management / configuration
On top of all these features, Morpheus also adds additional features to Openstack that do not exist out of the box to make it easier to manage in multitenant environments as well as hybrid cloud environments:
- Image to QCOW2 Image Conversion
- QCOW2 to RAW Image Conversion
- Multitenancy resource allocation
- Virtual Image management (Blueprints)
- Auto-scaling and recovery
To allow Morpheus to list Hypervisor Hosts, ensure the Openstack user used for the Cloud Integration has sufficient privileges for
/etc/nova/policy.json in Openstack.
Adding an Openstack cloud to Morpheus is one of the simpler cloud integrations to get started with. First go to the
Infrastructure -> Clouds section and click add cloud. From here there are several options including Metapod, Helion, and general Openstack. Any of these options will actually work and for the most part the branded Openstack options are represented to make it clearer to the user as to the capabilities of Morpheus .
- Internal name for the Cloud in Morpheus
- Short code used for api and variables (Optional)
- Can be used to specify the location of the Cloud or add a description. (Optional)
- Determines Tenant visibility for the Cloud.
- Private: Access to the Cloud is limited to the assigned Tenant (Master Tenant by default)
- Public: Access to the Cloud can be configured for Tenants in their Tenant Role permissions.
- Assigned Tenant when VISIBILITY is set to Private.
- When unchecked, the cloud will not sync and is not accessible for provisioning actions.
- IDENTITY API URL
- v2.0 or v3 Identity endpoint.
- DOMAIN ID
- For Default domains, Default can be used. For other domain the Domain ID must be entered, not the Domain Name.
- Target project
- Service Username
- Service user password
- OS VERSION
- Select Openstack Version.
- IMAGE FORMAT
- Select QCOW2, RAW or VMDK Image Type
- LB TYPE
- Select LB Type for Openstack LB syncing and creation
- Inventory Existing Instances
- Select for Morpheus to discover and sync existing VM’s
- Enable Hypervisor Console
- Hypervisor console support for openstack currently only supports novnc. Be sure the novnc proxy is configured properly in your openstack environment. When disabled Morpheus will use ssh and rdp for console conneciton (vm/host credentials required)
The user id used to connect to a project only needs to be a member (‘_member_’) of the project rather then an Admin. Admin will work but it exposes some additonal items to the project the Openstack Admin typically does not want portal users to see.
Most of the information in the dialog can be acquired from the Openstack dashboard. under
Project -> Access & Security -> API Access. The API Url that is needed is the one tied to Identity. The Domain and Project inputs typically correlate to the multitenant domain setup within Openstack (sometimes just left at default) as well as the project name given to instances. Morpheus allows multiple integrations to the same Openstack cluster to be scoped to domains and projects as needed.
The remaining options help Morpheus determine what api capabilities exist in the selected Openstack environment. Hence the need for the Openstack version and image format. If a newer Openstack cluster is being used then exists in the dropdown, simply select the most recent version in the dropdown and this should function sufficiently until the new version is added.
Some Openstack environments do not support QCOW2 and force RAW image formats (like metapod). This is due to some network overhead in Ceph created by using QCOW2. Morpheus keeps 2 copies of Openstack image templates for this exact purpose.
Saving this cloud integration should perform a verification step and close upon successful completion.
Morpheus provides several features regarding pulling in existing virtual machines and servers in an environment. Most cloud options contain a checkbox titled ‘Inventory Existing Instances’. When this option is selected, all VMs found within the specified scope of the cloud integration will be scanned periodically and Virtual Machines will be synced into Morpheus.
By default these virtual machines are considered ‘unmanaged’ and do not appear in the
Provisioning -> Instances area but rather
Infrastructure -> Hosts -> Virtual Machines. However, a few features are provided with regards to unmanaged instances. They can be assigned to various accounts if using a multitenant master account, however it may be best suited to instead assign the ‘Resource Pool’ to an account and optionally move all servers with regards to that pool (more on this later).
A server can also be made into a managed server. During this process remote access is requested and an agent install is performed on the guest operating system. This allows for guest operations regarding log acquisition and stats. If the agent install fails, a server will still be marked as managed and an Instance will be created in Provisioning, however certain features will not function. This includes stats collection and logs.
All Cloud data is resynchronized on a 5 minute interval. This includes Datastores, Resource Pools, Networks, Blueprints, and Virtual Machines.
There are a few advanced features when it comes to provisioning on top of Openstack. Most of these present themselves in the provisioning wizard. They include OS Volume Type (Local or Volume). This basically dictates wether the main OS disk is copied and run off the hypervisor or remotely mounted as a volume via Glacier. Some openstack setups only configure hypervisors with minimal local disks so Volume type is needed.
Another option during provisioning is “Assign Floating IP”. This option does exactly what it says and is similar to the feature on the Openstack instances dashboard itself. It should be noted that this will attempt to acquire a floating IP from the project and if out of capacity will attempt to increase capacity to the project if the cloud credentials provided have sufficient administrative privileges to do so.
So far this document has covered how to add the Openstack cloud integration and has enabled users the ability to provision virtual machine based instances via the Add Instance catalog in Provisioning. Another great feature provided by Morpheus out of the box is the ability to use Docker containers and even support multiple containers per Docker host. To do this a Docker Host must first be provisioned into Openstack (multiple are needed when dealing with horizontal scaling scenarios).
To provision a Docker Host simply navigate to the Cloud detail page or
Infrastructure->Hosts section. From there click the +CONTAINER HOST button to add a Openstack Docker Host. This host will show up in the Hosts tab. Morpheus views a Docker host just like any other Hypervisor with the caveat being that it is used for running containerized images instead of virtualized ones.
Once a Docker Host is successfully provisioned a green checkmark will appear to the right of the host marking it as available for use. In the event of a failure click into the relevant host that failed and an error explaining the failure will be displayed in red at the top.
Some common error scenarios include network connectivity. For a Docker Host to function properly, it must be able to resolve the Morpheus appliance url which can be configured in
Admin -> Settings. If it is unable to resolve and negotiate with the appliance than the agent installation will fail and provisioning instructions will not be able to be issued to the host.