Install and configure the dashboard

Before you can install and configure the dashboard, meet the following system requirements:

Dashboard system requirements:

OpenStack Compute installation. The cloud operator must set up an OpenStack Compute installation and enable the Identity Service for user and project management.
User: Note the URLs of the Identity Service and Compute endpoints.
Identity Service user with sudo privileges. Because Apache does not serve content from a root user, the cloud operator must set up an Identity Service user with sudo privileges.
User: Note the credentials of this user.
git. Install git by running the following command:
```
$ sudo apt-get install git-core
```
Python 2.6 or 2.7. The Python version must support Django. These instructions were tested with Ubuntu 10.10.
The Python version should run on any system, including Mac OS X.
The installation prerequisites might differ by platform.

For more information about how to deploy the dashboard, see Deploying Horizon.

Procedure 15.1. To install the dashboard:

Install the dashboard on the node that can contact the Identity Service as root:

# apt-get install -y memcached libapache2-mod-wsgi openstack-dashboard

# yum install -y memcached python-memcached mod_wsgi openstack-dashboard

Modify the value of CACHES['default']['LOCATION'] in /etc/openstack-dashboard/local_settings.py/etc/openstack-dashboard/local_settings to match the ones set in /etc/memcached.conf/etc/sysconfig/memcached.conf.

Open /etc/openstack-dashboard/local_settings.py/etc/openstack-dashboard/local_settings and look for this line:

CACHES = {
	'default': {
		'BACKEND' : 'django.core.cache.backends.memcached.MemcachedCache',
		'LOCATION' : '127.0.0.1:11211'
	}
}

Notes

	Notes
The address and port must match the ones set in `/etc/memcached.conf/etc/sysconfig/memcached`. If you change the memcached settings, you must restart the Apache web server for the changes to take effect. You can use options other than memcached option for session storage. Set the session back-end through the `SESSION_ENGINE` option. To change the timezone, use the dashboard or edit the `/etc/openstack-dashboard/local_settings/etc/openstack-dashboard/local_settings.py` file. Change the following parameter: `TIME_ZONE = "UTC"`

The address and port must match the ones set in /etc/memcached.conf/etc/sysconfig/memcached.
If you change the memcached settings, you must restart the Apache web server for the changes to take effect.
You can use options other than memcached option for session storage. Set the session back-end through the SESSION_ENGINE option.
To change the timezone, use the dashboard or edit the /etc/openstack-dashboard/local_settings/etc/openstack-dashboard/local_settings.py file.
Change the following parameter: TIME_ZONE = "UTC"

Make sure that the web browser on your local machine supports HTML5.

Enable cookies and JavaScript.

	Note
To use the VNC client with the dashboard, the browser must support HTML5 Canvas and HTML5 WebSockets. For details about browsers that support noVNC, see https://github.com/kanaka/noVNC/blob/master/README.md, and https://github.com/kanaka/noVNC/wiki/Browser-support, respectively.

Note

To use the VNC client with the dashboard, the browser must support HTML5 Canvas and HTML5 WebSockets.

For details about browsers that support noVNC, see https://github.com/kanaka/noVNC/blob/master/README.md, and https://github.com/kanaka/noVNC/wiki/Browser-support, respectively.

You can configure the dashboard for a simple HTTP deployment or a secured HTTPS deployment. While the standard installation uses a non-encrypted HTTP channel, you can enable SSL support for the dashboard.
To configure the dashboard for HTTP, proceed to Procedure 15.2, “To configure the dashboard for HTTP”.
To configure the dashboard for HTTPS, proceed to Procedure 15.3, “To configure the dashboard for HTTPS”.

Procedure 15.2. To configure the dashboard for HTTP

Specify the host for your OpenStack Identity Service endpoint in the /etc/openstack-dashboard/local_settings.py file with the OPENSTACK_HOST setting.

The following example shows this setting:

import os

from django.utils.translation import ugettext_lazy as _

DEBUG = False
TEMPLATE_DEBUG = DEBUG
PROD = True
USE_SSL = False

SITE_BRANDING = 'OpenStack Dashboard'

# Ubuntu-specific: Enables an extra panel in the 'Settings' section
# that easily generates a Juju environments.yaml for download,
# preconfigured with endpoints and credentials required for bootstrap
# and service deployment.
ENABLE_JUJU_PANEL = True

# Note: You should change this value
SECRET_KEY = 'elj1IWiLoWHgryYxFT6j7cM5fGOOxWY0'

# Specify a regular expression to validate user passwords.
# HORIZON_CONFIG = {
#     "password_validator": {
#         "regex": '.*',
#         "help_text": _("Your password does not meet the requirements.")
#     }
# }

LOCAL_PATH = os.path.dirname(os.path.abspath(__file__))

CACHES = {
	'default': {
		'BACKEND' : 'django.core.cache.backends.memcached.MemcachedCache',
		'LOCATION' : '127.0.0.1:11211'
	}
}

# Send email to the console by default
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
# Or send them to /dev/null
#EMAIL_BACKEND = 'django.core.mail.backends.dummy.EmailBackend'

# Configure these for your outgoing email host
# EMAIL_HOST = 'smtp.my-company.com'
# EMAIL_PORT = 25
# EMAIL_HOST_USER = 'djangomail'
# EMAIL_HOST_PASSWORD = 'top-secret!'

# For multiple regions uncomment this configuration, and add (endpoint, title).
# AVAILABLE_REGIONS = [
#     ('http://cluster1.example.com:5000/v2.0', 'cluster1'),
#     ('http://cluster2.example.com:5000/v2.0', 'cluster2'),
# ]

OPENSTACK_HOST = "127.0.0.1"
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v2.0" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member"

# The OPENSTACK_KEYSTONE_BACKEND settings can be used to identify the
# capabilities of the auth backend for Keystone.
# If Keystone has been configured to use LDAP as the auth backend then set
# can_edit_user to False and name to 'ldap'.
#
# TODO(tres): Remove these once Keystone has an API to identify auth backend.
OPENSTACK_KEYSTONE_BACKEND = {
    'name': 'native',
    'can_edit_user': True
}

# OPENSTACK_ENDPOINT_TYPE specifies the endpoint type to use for the endpoints
# in the Keystone service catalog. Use this setting when Horizon is running
# external to the OpenStack environment. The default is 'internalURL'.
#OPENSTACK_ENDPOINT_TYPE = "publicURL"

# The number of Swift containers and objects to display on a single page before
# providing a paging element (a "more" link) to paginate results.
API_RESULT_LIMIT = 1000

# If you have external monitoring links, eg:
# EXTERNAL_MONITORING = [
#     ['Nagios','http://foo.com'],
#     ['Ganglia','http://bar.com'],
# ]

LOGGING = {
        'version': 1,
        # When set to True this will disable all logging except
        # for loggers specified in this configuration dictionary. Note that
        # if nothing is specified here and disable_existing_loggers is True,
        # django.db.backends will still log unless it is disabled explicitly.
        'disable_existing_loggers': False,
        'handlers': {
            'null': {
                'level': 'DEBUG',
                'class': 'django.utils.log.NullHandler',
                },
            'console': {
                # Set the level to "DEBUG" for verbose output logging.
                'level': 'INFO',
                'class': 'logging.StreamHandler',
                },
            },
        'loggers': {
            # Logging from django.db.backends is VERY verbose, send to null
            # by default.
            'django.db.backends': {
                'handlers': ['null'],
                'propagate': False,
                },
            'horizon': {
                'handlers': ['console'],
                'propagate': False,
            },
            'novaclient': {
                'handlers': ['console'],
                'propagate': False,
            },
            'keystoneclient': {
                'handlers': ['console'],
                'propagate': False,
            },
            'nose.plugins.manager': {
                'handlers': ['console'],
                'propagate': False,
            }
        }
}

The HORIZON_CONFIG dictionary contains all the settings for the dashboard. Whether or not a service is in the dashboard depends on the Service Catalog configuration in the Identity Service. For the full listing, see Horizon Settings and Configuration.

Point your browser to the public IP address for your instance. For example:
http://192.168.206.130
After you connect to the dashboard through the URL, a login page appears.
Enter the credentials for any user that you created with the OpenStack Identity Service.
For example, enter admin for the user name and secrete for the password.

Procedure 15.3. To configure the dashboard for HTTPS

The following example uses the domain, http://openstack.example.com. Use a domain that fits your current set up.

In/etc/openstack-dashboard/local_settings.py, update the following parameter:
```
USE_SSL = True
```
Edit /etc/apache2/ports.conf and add the following line:
```
NameVirtualHost *:443
```

Edit /etc/apache2/conf.d/openstack-dashboard.conf. Change the contents of the file to match the Example 15.2, “openstack-dashboard.conf - after editing”.

Example 15.1. openstack-dashboard.conf - before editing

WSGIScriptAlias / /usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi
WSGIDaemonProcess horizon user=www-data group=www-data processes=3 threads=10
Alias /static /usr/share/openstack-dashboard/openstack_dashboard/static/
<Directory /usr/share/openstack-dashboard/openstack_dashboard/wsgi>
Order allow,deny
Allow from all
</Directory>

Example 15.2. openstack-dashboard.conf - after editing

<VirtualHost *:80>
ServerName openstack.example.com
RedirectPermanent / https://openstack.example.com
</VirtualHost>
<VirtualHost *:443>
ServerName openstack.example.com

SSLEngine On
SSLCertificateFile /etc/apache2/SSL/openstack.example.com.crt
SSLCACertificateFile /etc/apache2/SSL/openstack.example.com.crt
SSLCertificateKeyFile /etc/apache2/SSL/openstack.example.com.key
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown

WSGIScriptAlias / /usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi
WSGIDaemonProcess horizon user=www-data group=www-data processes=3 threads=10
Alias /static /usr/share/openstack-dashboard/openstack_dashboard/static/
<Directory /usr/share/openstack-dashboard/openstack_dashboard/wsgi>
Order allow,deny
Allow from all
</Directory>
</VirtualHost>

In this configuration, Apache listens on the port 443 and redirects all the hits to the HTTPS protocol for all the non-secured requests. In the secured section, the private key, public key, and certificate to use are defined.

Restart Apache and memcached:
```
# service apache2 restart
# service memcached restart
```
If you call the HTTP version of the dashboard through your browser, you are redirected to the HTTPS page.
Point your browser to the public IP address for your instance. For example:
https://192.168.206.130
After you connect to the dashboard through the URL, a login page appears.
Enter the credentials for any user that you created with the OpenStack Identity Service.
For example, enter admin for the user name and secrete for the password.

Procedure 15.4. To adjust the dimensions of the VNC window in the Dashboard

The size of the window image used for VNC is hard-coded in a Django HTML template. To alter the hard-coded values, edit the _detail_vnc.html template file.

Edit /usr/share/pyshared/horizon/dashboards/nova/instances/templates/instances/_detail_vnc.html.

Modify the width and height parameters, as follows:

<iframe src="{{ vnc_url }}" width="720" height="430"></iframe>

Log a bug against this page

Legal notices