IBM® Cloud
Manager with OpenStack features
an easy to use self-service user interface for performing cloud operations, IBM Cloud
Manager - Self Service.
Deploying a cloud environment with IBM Cloud
Manager - Self Service is
optional. After you deploy your cloud environment, you can add IBM Cloud
Manager - Self Service.
About this task
Use the following procedure to add the self-service user
interface to a deployed topology.
Procedure
- Log in to the deployment system as the root user.
This
is the system where IBM Cloud
Manager with OpenStack was
installed.
- Update the following JSON attribute in your environment
file your-environment-name.json. If you have
a multi-region cloud environment, then you must update the attribute
in the environment file for each region.
ibm-sce.service.enabled: true
For the
HA controller +n compute topology,
set the following attributes:
- ibm-sce.host.ipaddress: Set this attribute
to the IP address of your primary HA controller node (that is, the
HA controller node that is tagged as “ibm-os-deploy-ha-primary” in
your topology). The IBM Cloud
Manager - Self Service back-end
service will be installed on this node. Run the knife node
show command against each HA controller node in your topology
to find the node that is tagged as “ibm-os-deploy-ha-primary”.
- ibm-sce.self-service.bind_interface: Set
this attribute to 127.0.0.1. The deployment process
automatically configures the bind address for the IBM Cloud
Manager - Self Service user
interface based on your HA controller nodes.
This attribute configures the self-service user interface
for use with OpenStack.
- Choose a node in your environment on which to deploy IBM Cloud
Manager - Self Service.
Typically, the self-service interface is co-located with the single
controller node or is installed on a stand-alone node. Append the
ibm-sce-node
role
to this node in your topology file your-topology-name.json.
If you have a multi-region cloud environment, only one self-service
interface is installed to manage the multiple regions. This step is
not applicable for the HA controller +n compute topology.
For example, in a minimal topology file, you would append
role[ibm-sce-node]
to
the run list for the node:
"runlist":[
"role[ibm-os-allinone-kvm]",
"role[ibm-sce-node]"
]
- Update your cloud environment to add the self-service user
interface. If you have a multi-region cloud environment, then you
must complete these steps for each region, starting with the region
that contains the shared OpenStack Keystone
server.
- Upload the updated environment file.
$ knife environment from file your-environment-name.json
- Update the topology.
$ knife os manage update topology your-topology-name.json
Note: When you enable
IBM Cloud
Manager - Self Service,
the following configuration changes are made:
- Modified OpenStack policy
files are installed instead of the default OpenStack policy
files. The policy files that are modified for IBM Cloud
Manager - Self Service ensure
that the user role security model is consistent between what the self-service
user interface allows and OpenStack. For
more information, see Overview
of project membership roles.
- IBM Cloud
Manager - Self Service users,
roles and projects are pushed into the OpenStack Keystone
identity service. For more information, see Project management with OpenStack and User management with OpenStack.
- The OpenStack cloud
connection is configured in IBM Cloud
Manager - Self Service.
- After the update is complete, IBM Cloud
Manager - Self Service is
available at
https://node.fqdn.com:8080/login.html
,
where node.fqdn.com is the fully qualified domain
name for the node on which you deployed IBM Cloud
Manager - Self Service. For the HA controller +n compute topology,
where node.fqdn.com is the cloud virtual IP address. You
can log in using your current cloud administrator (admin) user.
Results
Your existing cloud resources are synchronized with the self-service
user interface and you can start to use IBM Cloud
Manager - Self Service.
For more information about IBM Cloud
Manager - Self Service,
see Managing with (User access).