Install the Orchestration module on the controller node:
# apt-get install heat-api heat-api-cfn heat-engine
In the configuration file, specify the location of the database where the Orchestration service stores data. These examples use a MySQL database with a
heat
user on the controller node. ReplaceHEAT_DBPASS
with the password for the database user:Edit
/etc/heat/heat.conf
and modify the[database]
section:[database] # The SQLAlchemy connection string used to connect to the database connection = mysql://heat:
HEAT_DBPASS
@controller
/heatBy default, the Ubuntu packages create an SQLite database. Delete the
heat.sqlite
file that was created in the/var/lib/heat/
directory so that it does not get used by mistake:# rm /var/lib/heat/heat.sqlite
Use the password that you set previously to log in as
root
and create aheat
database user:$ mysql -u root -p mysql> CREATE DATABASE heat; mysql> GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'localhost' \ IDENTIFIED BY '
HEAT_DBPASS
'; mysql> GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'%' \ IDENTIFIED BY 'HEAT_DBPASS
';Create the heat service tables:
# su -s /bin/sh -c "heat-manage db_sync" heat
Note Ignore DeprecationWarning errors.
The Ubuntu packages do not correctly set up logging. Edit the
/etc/heat/heat.conf
file and change the[DEFAULT]
section:[DEFAULT] ... # Print more verbose output (set logging level to INFO instead # of default WARNING level). (boolean value) verbose = True ... # (Optional) The base directory used for relative --log-file # paths (string value) log_dir=/var/log/heat
Configure the Orchestration Service to use the RabbitMQ message broker.
Edit
/etc/heat/heat.conf
and modify the[DEFAULT]
section:rabbit_host =
controller
rabbit_password =RABBIT_PASS
Create a
heat
user that the Orchestration service can use to authenticate with the Identity Service. Use theservice
tenant and give the user theadmin
role:$ keystone user-create --name=heat --pass=
HEAT_PASS
\ --email=[email protected]
$ keystone user-role-add --user=heat --tenant=service --role=adminEdit the
/etc/heat/heat.conf
file to change the[keystone_authtoken]
and[ec2authtoken]
sections to add credentials to the Orchestration Service:[keystone_authtoken] auth_host =
controller
auth_port = 35357 auth_protocol = http auth_uri = http://controller
:5000/v2.0 admin_tenant_name = service admin_user = heat admin_password =HEAT_PASS
[ec2authtoken] auth_uri = http://controller
:5000/v2.0Register the Heat and CloudFormation APIs with the Identity Service so that other OpenStack services can locate these APIs. Register the services and specify the endpoints:
$ keystone service-create --name=heat --type=orchestration \ --description="Orchestration" $ keystone endpoint-create \ --service-id=$(keystone service-list | awk '/ orchestration / {print $2}') \ --publicurl=http://
controller
:8004/v1/%\(tenant_id\)s \ --internalurl=http://controller
:8004/v1/%\(tenant_id\)s \ --adminurl=http://controller
:8004/v1/%\(tenant_id\)s $ keystone service-create --name=heat-cfn --type=cloudformation \ --description="Orchestration CloudFormation" $ keystone endpoint-create \ --service-id=$(keystone service-list | awk '/ cloudformation / {print $2}') \ --publicurl=http://controller
:8000/v1 \ --internalurl=http://controller
:8000/v1 \ --adminurl=http://controller
:8000/v1Restart the service with its new settings:
# service heat-api restart # service heat-api-cfn restart # service heat-engine restart