Cloud Config options¶
Refer to openstack documentation and OTC Extensions SDK for the source documents.
The recommended way is to use a clouds.yaml file in the
current directory.
Connections to Open Telekom Cloud and OpenStack clouds are defined from environment variables or configuration files.
This makes it possible to use the same configuration methods from different client applications.
Configuring via Environment variables¶
Instead of using a clouds.yaml file, environment variables can be
configured to connect to the Open Telekom Cloud. Create a simple file
like .ostackrc in the home directory and source the file to make
the variables available. On Open Telekom Cloud servers this file
exists on bootup and needs to be changed according to your credentials.
# .ostackrc file
export OS_USERNAME="<USER_NAME>"
export OS_USER_DOMAIN_NAME=<OTC00000000001000000XYZ>
export OS_PASSWORD=<PASSWORD> # optional
export OS_PROJECT_NAME=<eu-de_PROJECT_NAME>
# export OS_TENANT_NAME=eu-de
# export OS_AUTH_URL=https://iam.eu-de.otc.t-systems.com:443/v3
# export NOVA_ENDPOINT_TYPE=publicURL
# export OS_ENDPOINT_TYPE=publicURL
# export CINDER_ENDPOINT_TYPE=publicURL
# export OS_VOLUME_API_VERSION=2
# export OS_IDENTITY_API_VERSION=3
# export OS_IMAGE_API_VERSION=2
Run the source command to make the environment variables available.
$ source .ostackrc
The environment variables are now available for usage.
Configuring via clouds.yaml file¶
To use a configuration file called clouds.yaml in one of the default
locations:
Current Directory
~/.config/openstack/etc/openstack
Alternatively, you can use a User Defined Location. To use a
configuration file in a user defined location set the environment
variable OS_CLIENT_CONFIG_FILE to the absolute path of a file:
export OS_CLIENT_CONFIG_FILE=/path/to/my/config/my-clouds.yaml
A sample clouds.yaml file is listed below to connect with Open Telekom Cloud:
clouds.yaml
clouds:
otc: # self-defined and can be changed to any value
profile: otc
auth:
user_domain_name: 'OTC00000000001000000xxx'
username: '<USER_NAME>'
password: '<PASSWORD>'
# project_name: '<eu-de_project>'
# or project_id: '<123456_PROJECT_ID>'
# or user_domain_id: '<123456_DOMAIN_ID>'
# auth_url: 'https://iam.eu-de.otc.t-systems.com:443/v3'
region_name: eu-de
# interface: 'public'
# identity_api_version: 3 # !Important
# ak: '<AK_VALUE>' # AK/SK pair for access to OBS
# sk: '<SK_VALUE>'
AK/SK values required for access to some services (i.e. OBS) can
be either configured as shown above in the clouds.yaml/secure.yaml,
or they can be automatically retrieved from the S3_ACCESS_KEY_ID
and S3_SECRET_ACCESS_KEY environment variables.
You must specify either a region_name or a project_name. If a
project_name is specified the created token will be scoped within
that project and will not have access to domain resources such as
IAM
or
RMS
services.
Additional projects¶
Additional connections to other Openstack-clouds or -projects can be added to the file as shown below:
clouds.yaml
clouds:
otcfirstproject:
profile: otc
auth:
username: '<USER_NAME>'
password: '<PASSWORD>'
project_name: '<eu-de_project>'
# or project_id: '<123456_PROJECT_ID>'
user_domain_name: 'OTC00000000001000000xxx'
# or user_domain_id: '<123456_DOMAIN_ID>'
# auth_url: 'https://iam.eu-de.otc.t-systems.com:443/v3'
interface: 'public'
identity_api_version: 3 # !Important
ak: '<AK_VALUE>' # AK/SK pair for access to OBS
sk: '<SK_VALUE>'
otcsecondproject:
profile: otc
auth:
username: '<USER_NAME>'
password: '<PASSWORD>'
project_name: '<eu-de_project2>'
# or project_id: '<123456_PROJECT_ID2>'
user_domain_name: 'OTC00000000001000000xxx'
# or user_domain_id: '<123456_DOMAIN_ID2>'
# auth_url: 'https://iam.eu-de.otc.t-systems.com:443/v3'
interface: 'public'
identity_api_version: 3 # !Important
ak: '<AK_VALUE>' # AK/SK pair for access to OBS
sk: '<SK_VALUE>'
Splitting the credentials in clouds.yaml and secure.yaml¶
In some scenarios a split of security credentials from the
configuration file is necessary. The optional file secure.yaml
can be used to store the secret which is left out from clouds.yaml:
clouds.yaml
clouds:
otc:
profile: otc
auth:
username: '<USER_NAME>'
project_name: '<eu-de_project>'
# or project_id: '<123456_PROJECT_ID>'
user_domain_name: 'OTC00000000001000000xxx'
# or user_domain_id: '<123456_DOMAIN_ID>'
auth_url: 'https://iam.eu-de.otc.t-systems.com:443/v3'
interface: 'public'
identity_api_version: 3 # !Important
ak: '<AK_VALUE>' # AK/SK pair for access to OBS
sk: '<SK_VALUE>'
secure.yaml
clouds:
otc:
auth:
password: '<PASSWORD>'