Stratus strongly recommends the following OpenStack compute node configuration to ensure the correct operation for evacuations and migrations. If this configuration is not implemented, evacuations and migrations may fail.
To configure OpenStack for proper evacuation and migration:
https://lists.launchpad.net/openstack/msg24036.html
https://ask.openstack.org/en/question/10335/ssh-resize/
https://macnugget.org/projects/publickeys/
ssh-keygen -t rsa
Enter the file in which to save the key:
/root/.ssh/id_rsa
Your public key is saved in /root/.ssh/id_rsa.pub.
The key fingerprint is 55:45:fc:1f:2d:9b:f5:69:6d:03:5d:ef:2b:50:e8:11 root@<server_name>.<domain>.com
The key's randomart image is:
Enable the Nova user for login using the command: usermod -s /bin/bash nova
Create the folder required by SSH, and move the private key from step 1 into the folder using the following commands:
mkdir -p /var/lib/nova/.ssh
cp /root/.ssh/id_rsa /var/lib/nova/.ssh
cat /root/.ssh/id_rsa.pub >> /var/lib/nova/.ssh/authorized_keys
Add these to /var/lib/nova/.ssh/config
Host *
StrictHostKeyChecking no
UserKnownHostsFile=/dev/null
cd /var/lib/nova/.ssh
chown nova *
chgrp nova *
Repeat steps 2 and 3 on each compute node.
All nodes share the same key pair; do not generate a new one for the other compute nodes. Instead, copy the key for the compute node on which it was created in step 1. For example:
(copy keys from compute-1 to compute-2) .. scp from compute-2
scp root@compute-1:/root/.ssh/id_rsa* /root/.ssh
Verify that the key is working properly, using the following commands:
su nova
Example: ssh nova@compute-1 // you will log in to the node-another without a password
Make sure that all libvirt user IDs and group IDs match across all nodes:
id -u qemu
id -g qemu
id -g nova
Only on compute nodes that will run the KVM hypervisor, edit /etc/libvirt/qemu.conf; uncomment and change these values:
dynamic_ownership=0
user=root
group=root
Product Support and Downloads
|
About Stratus
|
Product Documentation (PDF Format)
|
About Help
|