Connecting the blueprint design server to Google Cloud Platform#
To connect the blueprint design server to Google Cloud Platform, map the Google Cloud Platform account information to a functional ID. Then, assign that functional ID to a team.
- Create a project in your Google Cloud Platform account. You must enable the Google Compute Engine API for the project and store all of the Compute Engine resources in the project. See Enable and disable APIs.
- Obtain a Heat engine and an OpenStack Keystone server. The engine version must match the version of the Keystone server. In most cases for deploying to non-OpenStack clouds, install a Heat engine and Keystone server through HCL™ Launch. See Installing an engine in silent mode or Installing an engine in interactive mode.
- Create a functional user account on the Keystone server. This user account must be a member of the administrative tenant on the Keystone server. If you use the Keystone server that was supplied with the engine, you can use the default administrative tenant credentials. The Keystone server's default administrative tenant user name is
adminand the default password is
openstack1. Later, you associate the Google Cloud account information with this functional ID. With this account, users can authenticate to Google Cloud.
- Install the blueprint design server. See install_server_bds.md.
- Connect the blueprint design server to the server. See Connecting the blueprint design server to the server.
- Configure an authentication realm for the blueprint design server. You can import users from a variety of sources, including LDAP servers, Keystone identity services, the HCL Launch server, or from the internal authentication realm. See Creating authentication realms for the blueprint designer.
- Ensure that the blueprint design server can connect to the cloud. You can verify the connection path with the curl or telnet commands. For example, make sure that no firewall, proxy, or security settings prevent communication between the blueprint design server and the cloud.
The blueprint design server and engine connect to Google Cloud. For authentication information, the blueprint design server connects to the Keystone identity service and optionally to an LDAP server.
Log in to the blueprint designer as a user with the following System permissions:
- Configure Security
- Manage Users & Groups
Create a connection to the cloud:
Click Settings > Clouds.
Click Add New Connection.
Specify a name for the cloud connection.
In the Type list, select Google Cloud Platform.
To create a cloud project, see Creating cloud projects for the blueprint designer.
Add the cloud project to a team.
Add users to the team and to one or more roles on the team.
These users can come from any authentication realm, including LDAP servers, Keystone identity services, or from the internal authentication realm.
Make sure that the team roles include the appropriate permissions for those users, such as creating and editing blueprints.
You can log in to the blueprint designer as a user from that team. At the top of the page, you can select the Google Cloud cloud connection and region to use. When you edit blueprints, the palette shows resources that are available to your Google Cloud project, and you can provision blueprints to Google Cloud.