Connecting engines to Keystone servers#

If you have an engine that is configured to work with the blueprint design server, you can connect it to a Keystone server for a new cloud.

• You must have an engine that is configured to work with the blueprint design server. See Installing the engine.
• You must have an OpenStack Keystone server.

These steps configure an engine to accept connections to a new cloud.

1. On the engine, open Heat configuration file.

   By default, this file is in the location /etc/heat/heat.conf .

2. In this file, find the allowed_auth_uris property in both the auth_password and, if applicable, the ec2authtoken sections.

   This property is a comma-separated list of Keystone servers that the engine can contact.

3. Add the complete URL to the Keystone server to each allowed_auth_uris property.

   For example, if the engine connects to clouds at cloud1.example.com and cloud2.example.com, the property might look like the following example:

   allowed_auth_uris=http://cloud1.example.com:5000/v2.0,http://cloud2.example.com:5002/v2

4. Save and close the file.

5. Restart the engine:

   In version 6.2.1.1 or later, run the following command:

   systemctl restart openstack-heat-engine.service

   In versions before 6.2.1.1, run the following command:

   service openstack-heat-engine restart

6. Restart the Heat API:

   In version 6.2.1.1 or later, run the following command:

   systemctl start openstack-heat-api.service

   In versions before 6.2.1.1, run the following command:

   service openstack-heat-api restart