Oracle OpenStack for Oracle Linux uses Ansible to deploy the OpenStack Docker
containers to the target nodes. Ansible requires an SSH login on
the target nodes, and Oracle OpenStack for Oracle Linux uses the
kolla user and SSH keys for this purpose. The
configuration of the kolla user happens
automatically, as follows.
When you prepare target nodes by installing either the
openstack-kolla-preinstall package or the
openstack-kollacli package, the
openstack-kolla-user package is also installed.
This package prepares the kolla user and
performs the following operations on the node:
Create the
kollagroup.The
kollagroup is for the users that run the kollacli command.Create the
dockergroup.The
dockergroup enables non-root users to run docker commands.Create the
kollauser.The user is created as a system user with the home directory set to
/usr/share/kolla. The user is added to thekollaanddockergroups, with thekollagroup as the primary group. No private group is created for the user.Set up sudoers for the
kollauser.Configuration is added either to the
/etc/sudoers.d/kollaor the/etc/sudoersconfiguration file.The configuration enables the
kollauser to run commands, such as ansible and ansible-playbook, asrootwithout prompting for a password.Set up SSH for the
kollauser.The SSH configuration directory (
.ssh) is created in thekollauser's home directory, theauthorized_keysfile is created in the.sshdirectory.
When you install the openstack-kollacli package
on the master node, SSH public and private keys are created for
the kolla user on the master node.
When you run the kollacli host setup command,
as described in Section 4.1, “Setting up Target Nodes”, the public
key is copied from the master node to the kolla
user's authorized_keys file on the target
nodes.