Administration Guide / Manage Regions |
This section describes the necessary configuration properties that need to be addressed.
Property Name | Description |
---|---|
region.region_name | This cloud property identifies the local region. This is required and should be valid for use in a DNS name. |
region.region_configuration | This property is a JSON document that will be the same for all federated regions. |
"Regions":[{...},{...},{...}]
<label> ::= <letter> [ [ <ldh-str> ] <let-dig> ]
"Name":"region-1"
"CertificateFingerprintDigest": "SHA-256"
"CertificateFingerprint": "EC:E7:3D:DF:97:43:00:9E:FC:F0:2C:6D:98:D2:82:EB:AA:04:75:10:E7:C2:F2:6F:31:F1:F1:CA:A1:61:DE:41"
openssl x509 -inform PEM -in /var/lib/eucalyptus/keys/cloud-cert.pem -noout -fingerprint -sha256
openssl s_client -showcerts -connect 10.111.5.32:8773 < /dev/null 2>/dev/null | openssl x509 -noout -fingerprint -sha256
The CertificateFingerprint is mainly for WS-Security, it is often the same as the HTTPS certificate, but might not be (in which case, the second option for configuration will not work, i.e. "openssl s_client"). For more information about WS-Security, go to WS-Security Wikipedia page.
"IdentifierPartitions": [1]
"Services": [ { "Type": "[service type]", "Endpoints": [ "[http/https service endpoint]..." ] }, { "Type": "[service type]", "Endpoints": [ "[http/https service endpoint]..." ] } ]
{ "Type": "[identity|compute]", .... }
[http|https]://<IPv4 Address>:8773/services/[Identity|Compute]/
[http/https]://[identity|compute]<Eucalyptus DNS subdomain>:8773/
Even though the IP address can be used for the endpoint, it is highly recommended to use the Eucalyptus DNS name of the service endpoint. If there are more than one Endpoints defined, the first one will be used. The Endpoints element should be assigned to each service type in the Services array.
{ ..... "Endpoints": [ "[http/https DNS name endpoint or IP Address endpoint]" ] }