Chapter 14: OpenStack Deployment

Home Prev	InCenter 2.2.5 On-Premises Administration Guide	Next

InCenter can be deployed in an OpenStack environment that uses KVM on Intel x86_64 as nova compute nodes. This section covers InCenter deployment and describes the steps required with the Horizon implementation of the OpenStack dashboard.

It is assumed that OpenStack has already been installed in a Linux environment and that the Horizon dashboard is also available.

OpenStack Prerequisites

To install InCenter with Horizon, the following is required:

A Clavister InCenter image should be imported into OpenStack.
An OpenStack flavor should exist that provides the same resources that are required for a standard InCenter installation. These resources are described in Chapter 2, Installation .

Setup Steps

The following steps are required for setup:

A. Create a Security Group.

B. Deploy an instance of InCenter.

These steps will now be described in detail.

A. Create a Security Group

A Security Group needs to be created. This can be done through Horizon but here it is done with the OpenStack Neutron utility using the following steps:

Define the security group:

root@controller:~# neutron security-group-create
		-description 'my security group'
		netguard -security-group

Add the rule:

root@controller:~# neutron security-group-rule-create
		-direction ingress
		-remote_ip_prefix 0.0.0.0/0
		netguard-security-group

Verify that the group exists:

root@controller:~# neutron security-group-list

B. Deploy an instance of InCenter

Before launching a new InCenter instance, a disk volume should be created from the imported image so it has permanency. This is done in Horizon with the following steps:

Select Volumes under the Compute tab.
Select Create Volume.
Select the imported InCenter image as the Volume Source and press Create Volume.
Now, the instance of InCenter can be started by pressing Launch Instance under the Instances tab.
Select a suitable Name and Flavor and choose Boot from volume as the Boot Source.
Under the Access & Security tab, select the previously created security group called netguard-security-group.
Select which networks to use under Networking.

For access to Clavister Next Generation Firewall instances in Openstack, the InCenter instance should be assigned the same security group as that used for the management network for the firewall instances and the interface IP address should reside on the same network.
Press Launch.

	Note: SSH keys are copied from the host
	When InCenter starts up in an OpenStack environment, any SSH keys added for the administrator user on the host machine will be added automatically to the admin user in InCenter as well. This means that logging in using SSH to both the host machine and InCenter can be done with the same keys immediately after startup.