Difference between Openstack as Cloud provider vs Infrastructure provider


#1

Version: Botvinnik

I started to play with ManageIQ later last week, and I realized that there are two options for Openstack. Either can be added as a Cloud Provider or as an Infrastructure provider.

I first went the route of the Cloud provider and now I can see the number of VMs under the user, but not the quantity of the hypervisors and the utilization rations for them.

I then tried to add it as a Infrastructure provider, but entering the same IP was screaming with an error.

Looking at this post: Viewing available infrastructure resources in cloud provider - OpenStack it seems like I need to enter the TripleO credentials and IP to configure it. Now, my undercloud keystone is available through a private VLAN that is just used to manage the Openstack Servers. Do I need to give ManageIQ a NIC in that VLAN? I’d rather not.

Thanks,
IB


#2

@blomquisg Can you help out with this one?


#3

@ibravo yes, if you want to manage your Undercloud with ManageIQ, it has to be able to speak to it.


#4

@ibravo An alternative would be to use a routable address space for the provisioning network so you’re able to reach it from an outside network.


#5

@mcornea @Ladas

I can hear your points, and they make sense with regards to connectivity. Does ManageIQ needs to communicate with all the undercloud servers or just with the undercloud host itself? It might be easier to poke a hole in that machine, that has connectivity to the outside network, rather than making it for all the undercloud nodes.

When I deployed TripleO (or RDO Manager to be more precise), I made sure that the networks were completely isolated, and now I’m feeling that I am circunventing that security to allow ManageIQ talk with it.

I have another idea, what about creating a provider network in OpenStack (where MIQ is hosted) that has access to the provider network? I would be able to limit to this tenant only.

There was a change that I needed to do to Botwink that is already in Capablanca where it is using the Public IPs of the nodes rather than the private endpoints for Openstack, as these were considered off-limits. That’s why I was hoping for a magical solution.

IB


#6

@ibravo You need to be able to talk to public undercloud API to get refresh and C&U metrics.

For Smartstate Analysis, you will need to be able to reach each Overcloud Node. Now, SmartState analysis connects to every Overcloud node via SSH and gets detailed info (like state of services or configurations). In next release there should be hopefully some API to get this detailed info, as another optional driver. Whole SSA is optional though, but it gives you very detailed info, e.g comparing of configurations and installed packages in time in drift state.

The Director provider in ManageIQ is suppose to manage whole Overcloud (so similar to Tuskar-UI before), so it needs access to that. Deploying it on it’s own network with access to provider network would make sense I guess.


#7

I had the same issue so I deployed a worker appliance in the undercloud, parallel to the director instance. I added a second NIC that connects to the private network. I put the undercloud infrastructure provider and this appliance in their own zone. Seems to be working so far.