Home

Awesome

Cloud Plugin for ColdFront

The cloud plugin allows resource allocations to be requested and provisioned in OpenStack and OpenShift cloud environments from ColdFront.

Note: OpenShift support requires deploying the openshift-acct-mgt API service.

Terminology

Caution as OpenStack, OpenShift and ColdFront use the same term to mean different things! Those terms will be prefixed by the system they apply to.

ColdFront

OpenStack

OpenShift

Configuration

The plugin registers a helper command to register the appropriate resource types and resource attribute types as described below. The cloud plugin is called automatically for coldfront resources of type OpenStack and OpenShift.

$ coldfront register_cloud_attributes

Multiple coldfront resources of type OpenStack or OpenShift can be created.

Configuring for OpenStack

Authentication for OpenStack is loaded as pairs of environment variables in the form OPENSTACK_{resource_name}_APPLICATION_CREDENTIAL_ID and OPENSTACK_{resource_name}_APPLICATION_CREDENTIAL_SECRET where {resource_name} is the name of the coldfront resource as all uppercase (with spaces and - replaced by _).

Each OpenStack resource must have the following attributes set in coldfront:

Registration of OpenStack coldfront resources can be performed via the UI management dashboard or through the helper command:

$ coldfront add_openstack_resource
usage: coldfront add_openstack_resource [-h] --name NAME --auth-url AUTH_URL [--users-domain USERS_DOMAIN] [--projects-domain PROJECTS_DOMAIN] --idp IDP [--protocol PROTOCOL] [--role ROLE]
                                        [--public-network PUBLIC_NETWORK] [--network-cidr NETWORK_CIDR] [--esi] [--version] [-v {0,1,2,3}] [--settings SETTINGS] [--pythonpath PYTHONPATH] [--traceback]
                                        [--no-color] [--force-color] [--skip-checks]
coldfront add_openstack_resource: error: the following arguments are required: --name, --auth-url, --idp

An Openstack resource can be specified as an ESI resource by setting the --esi command flag. ESI resource allocations will only have quotas for network resources by default.

Configuring for OpenShift

Note: OpenShift support requires deploying the openshift-acct-mgt API service.

Authentication for OpenShift is loaded as pairs of environment variables OPENSHIFT_{resource_name}_USERNAME and OPENSHIFT_{resource_name}_PASSWORD where {resource_name} is the name of the coldfront resource as all uppercase (with spaces and - replaced by _).

Each OpenShift resource must have the following attributes set in coldfront:

Registration of OpenShift coldfront resources can be performed via the UI management dashboard or through the helper command:

$ coldfront add_openshift_resource
usage: coldfront add_openshift_resource [-h] --name NAME --auth-url AUTH_URL [--role ROLE] [--version] [-v {0,1,2,3}] [--settings SETTINGS] [--pythonpath PYTHONPATH] [--traceback]
                                        [--no-color] [--force-color] [--skip-checks]
coldfront add_openshift_resource: error: the following arguments are required: --name, --auth-url

Quotas

The amount of quota to start out a resource allocation after approval, can be specified using an integer field in the resource allocation request form.

ColdFront has a current limitation on being able to display only one integer field, therefore the concept of a unit of computing is introduced to tie multiple resource quotas to a single multiplier.

OpenStack Resource NameQuota Amount x Unit
Instances1
vCPUs2
RAM4096
Volumes1
OpenShift Resource NameQuota Amount x Unit
Limit on CPU2
Limit on RAM (MB)2
Limit on Ephemeral Storage Quota (GB)5

After the resource allocation has been approved, these resulting quota will be stored individually per resource as resource allocation attributes under the following resource allocation attribute types.

By submitting a Resource Allocation Change Request and editing those attributes a PI can request a change in their quota.