Skip to content

Deploy Blazar

OpenStack Blazar is the resource reservation service in OpenStack. It enables tenants and operators to reserve resources (such as compute hosts) for a timeframe, supporting capacity planning and guaranteed availability use cases. This document outlines the deployment of OpenStack Blazar using Genestack.

Create secrets

Information about the secrets used

Manual secret generation is only required if you haven't run the create-secrets.sh script located in /opt/genestack/bin.

Example secret generation 
kubectl --namespace openstack \
        create secret generic blazar-rabbitmq-password \
        --type Opaque \
        --from-literal=username="blazar" \
        --from-literal=password="$(< /dev/urandom tr -dc _A-Za-z0-9 | head -c${1:-64};echo;)"
kubectl --namespace openstack \
        create secret generic blazar-db-password \
        --type Opaque \
        --from-literal=password="$(< /dev/urandom tr -dc _A-Za-z0-9 | head -c${1:-32};echo;)"
kubectl --namespace openstack \
        create secret generic blazar-admin \
        --type Opaque \
        --from-literal=password="$(< /dev/urandom tr -dc _A-Za-z0-9 | head -c${1:-32};echo;)"

Define policy configuration

Information about the default policy rules used

The default RabbitMQ policy sets quorum queues target group size to 3 for the blazar vhost. This can be changed in base-kustomize/blazar/base/policies.yaml.

Default RabbitMQ policy 
apiVersion: rabbitmq.com/v1beta1
kind: Policy
metadata:
  name: blazar-quorum-three-replicas
  namespace: openstack
spec:
  name: blazar-quorum-three-replicas
  vhost: "blazar"
  pattern: ".*"
  applyTo: queues
  definition:
    target-group-size: 3
  priority: 0
  rabbitmqClusterReference:
    name: rabbitmq

Run the package deployment

Run the Blazar deployment Script /opt/genestack/bin/install-blazar.sh

#!/bin/bash

#GLOBAL_OVERRIDES_DIR="/etc/genestack/helm-configs/global_overrides"
GLOBAL_OVERRIDES="/etc/genestack/helm-configs/global_overrides/endpoints.yaml"
SERVICE_CONFIG_DIR="/etc/genestack/helm-configs/blazar"
BASE_OVERRIDES="/opt/genestack/base-helm-configs/blazar/blazar-helm-overrides.yaml"

HELM_CMD="helm upgrade --install blazar openstack-helm/blazar \
    --namespace=openstack \
    --timeout 120m"

HELM_CMD+=" -f ${BASE_OVERRIDES} -f ${GLOBAL_OVERRIDES=}"

# Append YAML files from the directories
#for dir in "$GLOBAL_OVERRIDES_DIR" "$SERVICE_CONFIG_DIR"; do
for dir in "$SERVICE_CONFIG_DIR"; do
    if compgen -G "${dir}/*.yaml" > /dev/null; then
        for yaml_file in "${dir}"/*.yaml; do
            HELM_CMD+=" -f ${yaml_file}"
        done
    fi
done

HELM_CMD+=" --set endpoints.identity.auth.admin.password=\"$(kubectl --namespace openstack get secret keystone-admin -o jsonpath='{.data.password}' | base64 -d)\""
HELM_CMD+=" --set endpoints.identity.auth.blazar.password=\"$(kubectl --namespace openstack get secret blazar-admin -o jsonpath='{.data.password}' | base64 -d)\""
HELM_CMD+=" --set endpoints.identity.auth.service.password=\"$(kubectl --namespace openstack get secret blazar-keystone-service-password -o jsonpath='{.data.password}' | base64 -d)\""
HELM_CMD+=" --set endpoints.identity.auth.test.password=\"$(kubectl --namespace openstack get secret blazar-keystone-test-password -o jsonpath='{.data.password}' | base64 -d)\""
HELM_CMD+=" --set endpoints.oslo_db.auth.admin.password=\"$(kubectl --namespace openstack get secret mariadb -o jsonpath='{.data.root-password}' | base64 -d)\""
HELM_CMD+=" --set endpoints.oslo_db.auth.blazar.password=\"$(kubectl --namespace openstack get secret blazar-db-password -o jsonpath='{.data.password}' | base64 -d)\""
HELM_CMD+=" --set endpoints.oslo_messaging.auth.admin.password=\"$(kubectl --namespace openstack get secret rabbitmq-default-user -o jsonpath='{.data.password}' | base64 -d)\""
HELM_CMD+=" --set endpoints.oslo_messaging.auth.blazar.password=\"$(kubectl --namespace openstack get secret blazar-rabbitmq-password -o jsonpath='{.data.password}' | base64 -d)\""
HELM_CMD+=" --set endpoints.oslo_cache.auth.memcache_secret_key=\"$(kubectl --namespace openstack get secret os-memcached -o jsonpath='{.data.memcache_secret_key}' | base64 -d)\""
HELM_CMD+=" --set conf.blazar.keystone_authtoken.memcache_secret_key=\"$(kubectl --namespace openstack get secret os-memcached -o jsonpath='{.data.memcache_secret_key}' | base64 -d)\""
#HELM_CMD+=" --set conf.blazar.physical_host_plugin.blazar_password=\"$(kubectl --namespace openstack get secret blazar-keystone-service-password -o jsonpath='{.data.password}' | base64 -d)\""


HELM_CMD+=" --post-renderer /etc/genestack/kustomize/kustomize.sh"
HELM_CMD+=" --post-renderer-args blazar/overlay"

helm repo add openstack-helm https://tarballs.opendev.org/openstack/openstack-helm
helm repo update

HELM_CMD+=" $@"

echo "Executing Helm command:"
echo "${HELM_CMD}"
eval "${HELM_CMD}"

Tip

You may need to provide custom values to configure your OpenStack services. For a simple single region or lab deployment you can supply an additional overrides flag using the example found at base-helm-configs/aio-example-openstack-overrides.yaml.

Validate functionality

kubectl --namespace openstack exec -ti openstack-admin-client -- blazar host-list