Deploying the on-premises region
Use either the command-line interface or IBM® Cloud Manager - Deployer to deploy an on-premises region.
About this task
To deploy your on-premises cloud by using the command-line interface, complete the following steps.
Note: If you want to deploy
your on-premises cloud by using the IBM Cloud
Manager - Deployer, skip
the following steps. For instructions, see Deploying the cloud environment using the IBM Cloud Manager - Deployer user interface. The instructions in
the user interface guide you through the deployment process.
Procedure
Results
admin-on-prem
user
with the password that you customized.When you log in to the IBM Cloud
Manager - Dashboard using
your
admin-on-prem
user, Horizon considers
that user to be an administrator and displays the Admin tab
in the left navigation pane when you are in RegionTwo (the
on-premises region). When you select RegionOne (the IBM Cloud
OpenStack Services region), you
no longer have access to administrator functions and the Admin tab
goes away. This can cause a couple of problems:- If you are on the Admin tab in RegionTwo and then select RegionOne you are logged out with an error message that you do not have permission to /admin. To recover, select the home page link and you are directed to the main Projects page for RegionOne.
- Since Horizon still
considers you to be an administrator when you are in RegionOne,
if you select the Identity tab from the navigation
pane, Horizon uses
the Identity Service's adminURL endpoint rather
than the public endpoint. For RegionOne, IBM Cloud
OpenStack Services uses an internal 172.xx.xx.xx address
for the adminURL that your environment will not have
access to. To work around this problem, you can create a DNAT rule
on your gateway or your on-premises OpenStack controller
to map the 172.xx.xx.xx address to 192.168.101.10.
To find the adminURL on your on-premises OpenStack controller,
run the following action:
The output gives you a list of the service endpoints and you can find the RegionOne identity service adminURL endpoint. It starts with 172.- . ./openrc - OS_AUTH_URL=https://192.168.101.10:5000/v3 openstack --os-identity-api-version 3 endpoint list
Use that address to create the DNAT rule.
After you deploy the on-premises region, you need to configure the region for functions such as networking and security. For information about post-deployment tasks, see Managing IBM Cloud Manager with OpenStack as an Administrator.
If you want to deploy the same image in both regions, you must create the image in both regions by using the glance command-line interface or the dashboard. For more information, see Copying OpenStack Glance images.