OpenStack

This tutorial will walk you through the steps required to get a single Solace PubSub+ software message broker cloud image instance running in OpenStack and ready for messaging.

Before you begin

It's assumed you have:

  • Access to an OpenStack deployment.

System Requirements

The number of CPUs and system memory required by your message broker depends on the number of client connections you need to support. By default, fresh installations of the message broker allow up to 100 client connections by default.

The following table lists the minimum system resources that are required to support each client connection scaling tier.

Minimum System Resources Required For Connection Scaling Tiers

Client Connections CPUs System Memory (GiB)
up to 100* 2 1
up to 1,000 2 4
up to 10,000 minimum of 4 12
up to 100,000 minimum of 8 28
up to 200,000 minimum of 12 56

*The monitoring node in a high-availability (HA ) group needs only 1 CPU. For production deployments, a minimum of 2 CPUs and 4 GiB of system memory must be provisioned for all messaging nodes.

If you plan to scale your deployment above the 1,000 client connections tier you should note that you're going to need to provision space on a drive to ensure proper functioning of your message broker. The Solace PubSub+ software message broker provides a 30 GB disk partition, which is suitable for proof of concept use for up to 1,000 clients, but is insufficient for client connection tiers above 1,000 and most guaranteed messaging deployments in production environments. For production use, you must provision an additional drive for the message spool, and it's also recommended to provide an additional drive for diagnostics information. For instructions on provisioning additional storage space, see Externalizing the Message Spool & Diagnostics, and for information on other defaults, see Configuration Defaults.

High Availability Considerations

To deploy message brokers in high-availability (HA) redundancy groups, you must set up three separate message broker instances and then configure them as an HA group. For more information on how to configure existing message brokers into an HA group, see HA Group Configuration.

Step 1: Get a Software Message Broker

The first task is to download the Solace PubSub+ software message broker. For OpenStack, it is distributed as a compressed QCOW2.

  • Solace PubSub+ Standard or Solace PubSub+ Enterprise Evaluation Edition: Go to the Downloads page of dev.solace.com. In the OpenStack square select Download and choose either Standard or Enterprise Evaluation Edition. After you read and agree to the license agreement, a compressed QCOW2 file called either solace-pubsub-standard-<version>-cloud.qcow2.tar.gz or solace-pubsub-evaluation-<version>-cloud.qcow2.tar.gz, as appropriate, will be downloaded.
  • Solace PubSub+ Enterprise: If you have purchased Solace PubSub+ Enterprise, Solace will provide information on how to download a QCOW2 package from a secure Solace server. Contact Solace Support at support@solace.com if you require assistance.

Once you have the compressed message broker package, you need to extract it to obtain the desired QCOW2 image. It can be extracted using the tar command. You will be left with a file called solace-pubsub-<edition>-<version>-cloud.qcow2.

Note:   Some OpenStack implementations claim to support direct qcow2.tar.gz file imports; however, Solace strongly recommends importing a decompressed image.

Step 2: Import into OpenStack

Note: Your OpenStack GUI may be slightly different than shown below. The following procedure may need to be adjusted to work in your OpenStack environment.

To import the Solace PubSub+ software message broker into OpenStack and start it with a basic configuration, do the following:

  1. In the OpenStack GUI under Images, click Create Image.
    Create OpenStack Image
  2. Enter details for your message broker image, then click Create Image. Image creation may take several minutes.
  3. Prior to launching an instance base on the newly created image, you should configure a security group to be used by the instance.

    Go to Access & Security and select Create Security Group. When prompted, provide a name and description, then select Create Security Group.The new security group will appear in the list of configured security groups.

    The next step is to assign an appropriate security rule for each port that the message broker uses for a service to enable connectivity to your message broker; Select Manage Rules.

    For information on the default ports the message broker uses, refer to Configuration Defaults. The example below includes rules for all service ports that the message broker may use. Alternatively you may choose to only expose the services required for your application.

    Note  
    • Consult your local security policy before configuring access rules.
    • If you will be using the message broker in an HA redundancy group with other message brokers, you must create security rules for ports 8300, 8301, 8302, and 8741.

    Security Group Rules

  4. To launch the instance, go to Images, and click Launch Instance.
  5. On the Details tab, specify an Instance Name and Flavor; under Instance Boot Source, select Boot from Image; and under Image Name, select the message broker image that was created in the previous section.

    Note:  The message broker will inherit the Instance Name as its hostname.

    OpenStack Instance Details

  6. On the Access & Security tab, select or create a Key Pair, and assign a security group.
    OpenStack Access and Security
  7. On the Networking tab, assign one and only one network interface to the message broker.
    OpenStack Networking Properties
  8. Click the Launch button. The message broker will launch and the OpenStack dashboard will display the running instance. Here you can find the IP address of the instance.
    OpenStack Dashboard
  9. To log into the Linux Host shell, enter the following command:

    ssh -i <auth_key> sysadmin@<public_ip>

Step 3: Access the Solace CLI

You can access the Solace CLI from the console in the Linux host environment. This is done through the Solace Control Utility.

When you first access the Solace CLI, you should do the following:

  • set a password for the admin user, which has access to all CLI commands
  • determine the message broker’s IP address so that you can enable remote access

To access the Solace CLI, do the following:

  1. To enter the Solace CLI from the console in the Linux host environment, enter the following command in the Linux host shell.

    [sysadmin@solace ~]$ solacectl cli

    A CLI banner and prompt appears.

    At the > prompt, you are at the User EXEC level of the Solace CLI command structure.

  2. Within the Solace CLI, enter the following commands to create an admin user named admin:

    solace> enable

    solace# configure

    solace(configure)# create username admin password <password>

    solace(configure/username)# global-access-level admin

  3. To determine the IP address assigned to the message broker, enter the following command:

    solace> show ip vrf management

    The displayed output lists the IP address assigned to the message broker (listed for eth0:1), which can be used to remotely manage it (that is, not from the VM console).

    show ip vrf management command

  4. To remotely access the Solace CLI for the message broker, you can now ssh to port 2222 of the message broker’s IP address and login in as the admin user.
  5. ssh -p 2222 admin@<public_ip>

Tip:  In addition to the admin CLI User, you can create additional CLI and file transfer users through the Solace CLI in the manner described in Management & Shell Users.

Step 4: Review Configuration Defaults

By default, a Solace PubSub+ software message broker starts with a basic configuration that has most common services enabled and ready for use. This basic configuration and the default ports that are used can be modified as required. For details, see Configuration Defaults.

Next Steps

You now have a Solace PubSub+ software message broker cloud image with a basic configuration that is ready for messaging tasks. However, there are additional configuration tasks that you can perform. At this stage, you should do the following:

  1. Review the extra configuration tasks specific to Solace PubSub+ software message broker images presented on the Topics Unique to Cloud & Machine Images page.

    These additional configurations allow you to further customize your message broker to better suit your particular use-case and to make it more suitable for a production deployment.

  2. Configure and manage the message broker’s operations through the Solace CLI in the same manner as you would other message brokers (say, a Solace PubSub+ appliance or Solace PubSub+ software message broker Docker container). For information on how to perform these configuration and management tasks, see the topics in the Configuration category of the Solace customer documentation.