Installing Ops Manager on OpenStack

Page last updated:

This guide describes how to install Ops Manager on OpenStack with VMware Tanzu Application Service for VMs (TAS for VMs).

Overview

OpenStack is a cloud operating system that controls large pools of compute, storage, and networking resources throughout a datacenter. For guidance on OpenStack service credential management, see Open Stack Security Documents below.

OpenStack Security Documents

These documents provide a general reference for OpenStack service credential management.

Requirements

This section describes the requirements for installing Ops Manager on OpenStack, including general requirements for installing Ops Manager with Ops Manager and TAS for VMs as well as OpenStack requirements.

Note: You can install Ops Manager on OpenStack with the TAS for VMs runtime. The VMware Tanzu Kubernetes Grid Integrated Edition (TKGI) runtime is not supported for OpenStack. For more information about TAS for VMs, see TAS for VMs Concepts. For more information about TKGI, see VMware Tanzu Kubernetes Grid Integrated Edition (TKGI).

General Resource Requirements

For TAS for VMs-specific resource requirements, see TAS for VMs Resource Requirements.

OpenStack Requirements

The following are OpenStack requirements for deploying Ops Manager:

  • Ops Manager is supported on the OpenStack Ocata, Pike, Queens, Rocky, and Stein releases. OpenStack is a collection of inter-operable components and requires general OpenStack expertise to troubleshoot issues that may occur when installing Ops Manager on particular releases and distributions. To verify that your OpenStack platform is compatible with Ops Manager, use the OpenStack Validator tool. To access the OpenStack Validator tool, see CF OpenStack Validator on GitHub.

  • VMware recommends granting complete access to the OpenStack logs to the operator managing the Ops Manager installation process.

  • For OpenStack accounts for Ops Manager, VMware recommends following the principle of least privilege by scoping privileges to the most restrictive permissions possible for a given role.

  • You must have a dedicated OpenStack project, formerly known as an OpenStack tenant.

  • You must have Keystone access to the dedicated OpenStack project, including the following:

    • Auth URL
    • Username and password. The PrimaryProject for the user must be the project you want to use to deploy Ops Manager. For more information, see Manage projects and users in the OpenStack documentation.
    • Project name
    • Region (with multiple availability zones if you require high availability)
    • SSL certificate for your wildcard domain (see below)
  • You must have the ability to do the following in OpenStack:

    • Create and modify VM flavors
    • Enable DHCP if required
    • Create a network and then connect that network with a router to an external network
    • Create an external network with a pool of floating IP addresses
    • Boot VMs directly from image
    • Create two wildcard domains for separate system and app domains
  • The following are resource requirements for the dedicated OpenStack project:

    • 118 GB of RAM
    • 22 available instances
    • 14 small VMs (1 vCPU, 1024 MB of RAM, 10 GB of root disk)
    • 2 high-CPU VMs (2 vCPU, 1024 MB of RAM, 10 GB of root disk)
    • 3 large VMs (4 vCPU, 16384 MB of RAM, 10 GB of root disk)
    • 3 extra-large VMs (8 vCPU, 16 GB of RAM, 160 GB of ephemeral disk)
    • 58 vCPUs
    • 1 TB of storage
    • Nova or Neutron networking with floating IP support

    Note: By default, TAS for VMs deploys the number of VM instances required to run a highly available configuration of Ops Manager. If you are deploying a test or sandbox Ops Manager that does not require HA, then you can scale down the number of instances in your deployment. For information about the number of instances required to run a minimal, non-HA Ops Manager deployment, see Scaling TAS for VMs.

  • The following are requirements for the OpenStack Cinder back end:

    • Ops Manager requires RAW root disk images. The Cinder back end for your OpenStack project must support RAW.
    • VMware recommends that you use a Cinder back end that supports snapshots. This is required for some BOSH functionalities.
    • VMware recommends enabling your Cinder back end to delete block storage asynchronously. If this is not possible, it must be able to delete multiple 20 GB volumes within 300 seconds.
  • The following are requirements for using an Overlay Network with VXLAN or GRE Protocols:

    • If an overlay network is being used with VXLAN or GRE protocols, the MTU of the created VMs must be adjusted to the best practices recommended by the plugin vendor (if any).
    • DHCP must be enabled in the internal network for the MTU to be assigned to the VMs automatically.
    • To adjust your MTU values, see Configure Networking in Configuring TAS for VMs.
    • Failure to configure your overlay network correctly could cause Apps Manager to fail since applications will not be able to connect to the UAA.

      Note: If you are using IPsec, your resource usage will increase by approximately 36 bytes. For details, including information about setting correct MTU values, see Installing IPsec in the IPsec documentation.

Install Ops Manager on OpenStack with TAS for VMs

To install Ops Manager on OpenStack with the TAS for VMs runtime, do the following:

  1. Deploy Ops Manager. See Deploying Ops Manager on OpenStack.

  2. Configure BOSH Director on OpenStack. See Configuring BOSH Director on OpenStack.

Next Steps

After completing the procedures above, configure a runtime.

For information about installing and configuring a runtime, see the following: