Oracle OpenStack for Oracle Linux uses Ansible to deploy the OpenStack Docker
containers to the target nodes. Ansible requires an SSH login on
the target nodes, and Oracle OpenStack for Oracle Linux uses the
kolla
user and SSH keys for this purpose. The
configuration of the kolla
user happens
automatically, as follows.
When you prepare target nodes by installing either the
openstack-kolla-preinstall
package or the
openstack-kollacli
package, the
openstack-kolla-user
package is also installed.
This package prepares the kolla
user and
performs the following operations on the node:
Create the
kolla
group.The
kolla
group is for the users that run the kollacli command.Create the
docker
group.The
docker
group enables non-root users to run docker commands.Create the
kolla
user.The user is created as a system user with the home directory set to
/usr/share/kolla
. The user is added to thekolla
anddocker
groups, with thekolla
group as the primary group. No private group is created for the user.Set up sudoers for the
kolla
user.Configuration is added either to the
/etc/sudoers.d/kolla
or the/etc/sudoers
configuration file.The configuration enables the
kolla
user to run commands, such as ansible and ansible-playbook, asroot
without prompting for a password.Set up SSH for the
kolla
user.The SSH configuration directory (
.ssh
) is created in thekolla
user's home directory, theauthorized_keys
file is created in the.ssh
directory.
When you install the openstack-kollacli
package
on the master node, SSH public and private keys are created for
the kolla
user on the master node.
When you run the kollacli host setup command,
as described in Section 4.1, “Setting up Target Nodes”, the public
key is copied from the master node to the kolla
user's authorized_keys
file on the target
nodes.