OpenStack provider configuration
The OpenStack provider supports native Nova and Swift api usage, as an
alternative to using the EC2 provider and the AWS compatibility apis.
Because OpenStack allows considerable flexibility to deployers in what
components are used and how they are set up, the configuration options Juju
needs varies across different clouds.
- A secret that will be generated for you when config is created.
- Name of a Swift container unique to the environment for metadata and
charm storage. Also generated when config is created.
- Optionally defines where to install juju from.
- Machine image id as given by nova image-list for juju to use when
creating instances. As there is currently no standard image service
across different OpenStack deployments, this must always be supplied.
- Flavor name as given by nova flavor-list for juju to use when
creating instances. Setting constraints will serve the same purpose.
- Declares the Ubuntu series of the machine image. For instance, this
should be precise for an Ubuntu 12.04 image.
Method used to authenticate with identity service.
- Standard authentication with Keystone, requires username,
password and project-name to be given.
- Supported by HP cloud, uses access-key and secret-key
as well as project-name and authorized-keys.
- Old way of authenticating directly with Nova, uses username
and access-key only.
- Rackspace specific method similar to userpass.
If possible, the mode will be determined from the form of the identity
service url given as auth-url, otherwise it must be explictly
- Boolean whether to assign a floating ip for each instance. As Juju
expects a public address for all machines, this is required unless the
deployment uses the auto_assign_floating_ip=True configuration.
Credentials can either be specified in environments.yaml as well or
exported as environment variables. Both the new style OS_ and old style
NOVA_ prefixes are accepted where they overlap, only the new forms are
documented below if they are otherwise the same.
Not all the following values have to be specified, depending on the
- The identity service endpoint, used to obtain a description of the
other services the OpenStack deployment provides and a token for
authenticating with them. Can instead set one of OS_AUTH_URL or
- Account username, or set OS_USERNAME.
- Account password, or set OS_PASSWORD.
- Name of a project, also sometimes referred to as a tenant, associated
with your user. Some deployments give both a name and a numeric id,
the name is what is expected here. Can instead set OS_TENANT_NAME.
- Name of the region to use, if the deployment has multiple regions. Can
also be set as OS_REGION_NAME.
- The public access key of the account, or set NOVA_API_KEY.
- The secret access key of the account. Will be the same as is used with
the EC2 compatibility interface, can be set as EC2_SECRET_KEY.
OpenStack S3 Provider
For deployments that do not include Swift, there is also an alternative
provider that can use the S3 compability layer of nova-objectstore instead.
However, due to security shortcomings, this should generally not be used.
- The S3 endpoint, or set S3_URL.
- The access key for the OpenStack/AWS compatibility layer. In typical
configurations this will be a combination of the project name or id
and the normal access key. Alternatively set EC2_ACCESS_KEY.