This chapter describes how to install Murano components on a separate devbox. We strongly recommend to use a separate host (virtual machine or real host) for Murano devbox as it prevents you from various dependency conflicts.

There is a script to automate Murano installation onto devbox. Create a folder to hold cloned repositories ># mkdir -p /opt/git Clone murano-deployment repository ># cd /opt/git ># git clone git://github.com/stackforge/murano-deployment.git Change directory to murano-deployment and switch to required branch (e.g.master) ># cd /opt/git/murano-deployment ># git checkout -b master origin/master Install prerequisites ># cd /opt/git/murano-deployment/devbox-scripts ># ./murano-git-install.sh prerequisites Configure the following parameters in lab binding configuration file /etc/murano-deployment/lab-binding.rc LAB_HOST - IP or nostname of the lab. Actually, this address/name should point to the host where Keystone is installed. ADMIN_USER - OpenStack admin user ADMIN_PASSWORD - A password for OpenStack admin user RABBITMQ_USER - User to connect to RabbitMQ host RABBITMQ_PASSWORD - Password for that user RABBITMQ_VHOST - vHost which will be used by Murano components. Provides additional layer of isolation from other devboxes. RABBITMQ_HOST - (optional) IP address or hostname of the host where RabbitMQ is installed IF it is not the same host as LAB_HOST points to RABBITMQ_HOST_ALT - (optional) IP address or hostname of the RabbitMQ host to connect from inside the Windows instance. In some cases the addresses like LAB_HOST or RABBITMQ_HOST are inaccessible from instances, and they must use different address. FILE_SHARE_HOST - (optional) IP address or hostname of the host where file share with prerequisites is located IF it is not the same host as LAB_HOST points to. BRANCH_NAME - branch name from which all Murano components will be fetched for installation SSL_ENABLED - Set 'true' if OpenStack is configured with SSL support and 'false' otherwise. SSL_CA_FILE - Path to CA certificate for certificate validation on client side. Install Murano components ># ./murano-git-install.sh install Login to the Dashboard using URL http://<your VM IP>/dashboard or http://<your VM IP>/horizon

This chapter describes manual installation and configuration of Murano services. Note that all Murano modules can be downloaded from our page on launchpad. Murano can be installed in automatic way. Script will install all necessary packages to your system. Find out more about this in Getting Started Guide

Murano supports the following operating systems: Ubuntu 12.04 RHEL/CentOS 6.4 These system packages are required for Murano: Ubuntu gcc python-pip python-dev libxml2-dev libxslt-dev libffi-dev CentOS gcc python-pip python-devel libxml2-devel libxslt-devel libffi-devel All these packages will be installed in murano-installation scripts. In addition to these packages some repositories are required. Please follow the instructions in the appendix to prepare your environment for murano installation.

Murano API provides access to the Murano orchestration engine via API. This chapter describes the procedure of installation and condiguration of Murano API.

Superuser privileges is required to install and configure system packages. Let's switch to root account: Make sure that additional linux repositories are installed. See the appendix for information about preparing a virtual machine for murano installation. Clone Murano API git repository: Stable version one of our releases can be checked by tag: Switch to just created directory and then perform installation Ubuntu CentOS Successful installation ends with message like this: Making sample configuration files at "/etc/murano-api" LOG:> Reloading initctl LOG:> Please, make proper configuration,located at "/etc/murano-api", before starting the "murano-api" daemon! ]]>

Copy and edit configuration files: Configure it according to your environment: [DEFAULT] section sets up logging. [reports] section allows you to set up names for new rabbitMQ queues. In [rabbitmq] section you can set up host configuration where rabbitMQ with just created user and vhost is running. If you consider to use Murano in production it;sbetter to use seperate vhosts in RabbitMQ. To add new vhost and user with administrator rights preform: In [filter:authtoken] configure keystone auth_token. For more information see Auth-Token Middleware with Username and Password Update configuration in /etc/murano-api/murano-api-paste.ini : ... [filter.authtoken] ... # auth_host should point to the host where Keyston servive is installed auth_host = ... # For auth_protocol use 'http' in general and 'https' if Keystone supports SSL. auth_protocol = http # A name for OpenStack admin tenant name ('admin' by default) admin_tenant_name = admin # A name for OpenStack admin user ('admin' by default) admin_user = admin # A pasword for admin user admin_password = ... For more information how to configure SSL take a look at SSL configuration chapter Register murano-api service in Openstack. To do that perform the folowwing commands: You need to be authorized in Openstack to run this commands

Run Murano API service: Ubuntu CentOS

Conductor is a Murano orchestration engine that transforms object model sent by REST API service into a series of Heat and Murano-Agent commands. This chapter describes Conductor for contributors of the project.

Murano Conductor uses OpenStack Heat for new virtual machines creation, therefore Heat should been installed and configured. Some services require the Internet access for virtual machines to successful deployment. The detailed information about Heat configuration is described here. OpenStack Heat require Key Pair for Load Balancer instances. Murano Conductor uses LoadBalancer for IIS Farms and ASP.NET Farms. The default name for Key Pair is "murano-lb-key", you can change this parameter in file Superuser privileges is required to install and configure system packages. Let's switch to root account: Make sure that additional repositories are installed. See the appendix for information about preparing a virtual machine for murano installation. Clone Murano Conductor repository from the github. Stable version one of our releases can be checked out by tag: Switch to just created directory and then perform installation Ubuntu CentOS

Edit configuration file and take a look at inline comments: Change configuration file according to your environment. [DEFAULT]section is responsible for logging. [heat]points where heat is running. [rabbitmq]section points where your rabbitMQ installed and configured.

Run Murano Conductor service: Ubuntu CentOS

Murano Dashboard provides Web UI for Murano Project. This installation is not capable with Horizon installed by devstack

Superuser privileges is required to install and configure system packages. Let's switch to root account: Make sure that additional repositories are installed and your system is updated and upgraded. Please check from with steps in the appendix. If there is no openstack dashboard package in your environment install it now with all dependencies. Deleting an Ubuntu theme is an optional step but recommended. Horizon installed by devstack is not capable for a murano installation. CentOS yum install make gcc memcached python-memcached \ mod_wsgi openstack-dashboard python-netaddr.noarch Ubuntu apt-get install memcached libapache2-mod-wsgi openstack-dashboard dpkg --purge openstack-dashboard-ubuntu-theme Clone Murano Dashboard repository from the github: Stable version one of our releases can be checked out by tag: git checkout 0.2 Switch to just created directory and run installation script Ubuntu CentOS

Murano installation script makes all needed changes in horizon (openstack dashboard) configs. All you have to do is to configure horizon in appropriate way. Set OPENSTACK_HOST in your horizon local settings which located in /etc/openstack-dashboard/local_settings.py.. For more information visit official horizon documentation.

Since all required settings are made Apache service need to be restarted to apply all changes. CentOS # service httpd restart Ubuntu # service apache2 restart Check that "Environments" panel appears at the horizon "Project" tab. To see how to operate with Murano dashboard plugin check out Murano User Guide.

Murano components are able to work with SSL. This chapter will help your to make proper settings with SSL configuration.

SSL for Murano API service can be configured in ssl section in /etc/murano-api/murano-api.conf. Just point to a valid SSL certificate. See the example below: cert_file=PATH: Path to the certificate file the server should use when binding to an SSL-wrapped socket. key_file=PATH: Path to the private key file the server should use when binding to an SSL-wrapped socket. ca_file=PATH: Path to the CA certificate file the server should use to validate client certificates provided during an SSL handshake. This is ignored if cert_file and "key_file" are not set. The use of SSL is automatically started after point to HTTPS protocol instead of HTTP during registration Murano API service in endpoints (Change publicurl argument to start with https://). See here how to register Murano API in Openstack Keystone. SSL for Murano API is implemented like in any other Openstack component. This realization is based on ssl python module so more information about it can be found here.

All Murano components communicate with each other by RabbitMQ. This interaction can be encrypted with SSL. By default all messages in Rabbit MQ are not encrypted. Each RabbitMQ Exchange should be configured separately.

Edit rabbitmq section in /etc/murano-api/murano-api.conf and set ssl option to True to enable SSL. Specify the path to the SSL CA certificate in regular format: /path/to/file without quotes or leave it empty to allow self-signed certificates.

Open /etc/murano-conductor/conductor.conf and configure rabbitmq section in the same way: enable ssl option to True and set CA certificate path or leave it empty to allow self-signed certificates.

By default all Murano Conductor configuration settings apply to Murano Agent. If you want to configure Murano Agent in a different way change the default template. It can be found here:/etc/murano-conductor/data/templates/agent-config/Default.template. Take a look at appSettings section: ]]> Desired parameter should be set directly to the value of the key that you want to change. Quotes are need to be kept. Thus you can change "rabbitmq.ssl" and "rabbitmq.port" values to make Rabbit MQ work with this exchange in a different from Murano-Conductor way.