Managing the catalog

Last updated 11 January, 2019

About the HPE OneSphere catalog 

From the HPE OneSphere Catalog screen, you can browse, search, and filter the catalog.

Deployments are virtual machine instances or applications that are launched to the public or private cloud from HPE OneSphere using templates or images in the HPE OneSphere catalog. Consumers (project members) have access to all virtual machine deployments within their project. Consumers can log in to the VM console or perform other operations on the virtual machine.

You can deploy virtual machine instances and applications in HPE OneSphere in two ways:

  • From the Catalog screen, by selecting an image or template

  • From the Projects screen, by selecting a project, then Deployments, and deploying an image or template displayed in the Catalog

HPE OneSphere Catalog tabs

The HPE OneSphere Catalog screen contains two tabs:

  • Services tab (default), which displays the services (catalog items) in the HPE OneSphere catalog.

  • Service Groups tab, which is visible to Administrator users only.

    This tab displays the catalog service groups created by users with administrator rights.

HPE OneSphere Catalog categories

There are three categories of catalogs in HPE OneSphere.

  • Catalogs that are included with HPE OneSphere.

    Access to these catalogs is disabled by default. Enable access to the catalogs to make them available to all projects.

  • Catalogs that are automatically imported when you connect to a VMware vCenter environment, KVM environment, or Amazon Web Services account.

    These private catalogs are enabled by default, and are available to members of all projects.

    • VMware templates

      Templates that exist in the shared datastore attached to the cluster you specified in the HPE OneSphere Connect application automatically appear in the catalog when you complete the connection to your VMware environment.

    • KVM images

      Images that exist in the /var/opt/hpe/imagelibrary/data directory on the KVM server you specified in the HPE OneSphere Connect application automatically appear in the catalog when you complete the connection to your KVM environment. Auto discovery of the qcow2 and img images may take about 10 minutes after images are copied to the /var/opt/hpe/imagelibrary/data directory.

    • Amazon Machine Images (AMIs)

      AWS images that you copied to the region that you will make available to HPE OneSphere automatically appear in the catalog after you connect to your AWS account.

  • Optional catalogs that you can register in HPE OneSphere.

    After they are registered, access to these catalogs is disabled by default. Enable access to the catalogs to make them available to all projects.

    See also Docker catalog types.

    • AWS CloudFormation templates

      AWS CloudFormation templates can be a single virtual machine instance (an AWS service) or a combination of virtual machines, container services, and other AWS services (DNS, load balancing, databases, firewalls, and so on) to deploy a full application stack (AWS App Frameworks). For more information, see AWS CloudFormation Documentation and AWS CloudFormation sample templates.

    • AWS Elastic Container Registry (ECR) images

      Amazon Elastic Container Registry (ECR) is a fully-managed Docker container registry that makes it easy for developers to store, manage, and deploy Docker container images. Amazon ECR is integrated with Amazon Elastic Container Service (ECS).

    • Azure Resource Manager (ARM) templates

      ARM templates are JSON files that define the resources that you need to deploy your solution in Microsoft Azure. For more information, see Azure Resource Manager Documentation and Azure Quickstart Templates.

    • Docker Hub Trusted Registry

      Enterprise private Docker registry that is publicly hosted (accessible over the Internet) or on-premises hosted

    • Docker Registry

      Private Docker registry that is publicly hosted or on-premises hosted

    • Kubernetes Apps

      Private Helm charts repository that is publicly hosted or on-premises hosted

    • AWS CloudFormation templates

      AWS CloudFormation templates can be a single virtual machine instance (an AWS service) or a combination of virtual machines, container services, and other AWS services (DNS, load balancing, databases, firewalls, and so on) to deploy a full application stack (AWS App Frameworks). For more information, see AWS CloudFormation Documentation and AWS CloudFormation sample templates.

    • Open Service Broker

      Open Service Broker is a standard API that allows you to deliver services to applications running within cloud native platforms. After registering services offered by third-party OSB brokers into the HPE OneSphere Catalog, you can deploy OSB images into your project.

      See the Open Service Broker specification to create a template and the Open Service Broker API v2.13 for more information.

    • Private Docker Hub

      Private Docker Hub registry that is publicly hosted; images are stored in a Docker Hub account

Catalog service groups

An administrator can control access to catalogs by consumers (project members) in two ways:

HTTPS connections are preferred over HTTP. Most public and private registries (such as Docker Hub, Private Docker Registry, Amazon ECR, and others) are accessible through secure network connections using the HTTPS protocol. However, the Helm Charts repository accepts both HTTP and HTTPS protocols, and HPE OneSphere allows you to choose the desired method of communication. HTTPS provides encrypted communication and verification of server identity, while HTTP does not. Users are advised that using HTTP connections bears a risk of information leakage or tampering.

See also Managing images and templates.

Registering a catalog 

You can register new catalogs in HPE OneSphere. Registered catalogs are in addition to the automatically imported catalogs containing private Amazon Web Services (AWS) EC2 images, VMware templates, KVM images, and the public catalogs included with HPE OneSphere. (The list of catalogs you can register are shown in step 5 in the procedure below.)

By default, catalogs registered in HPE OneSphere are disabled and unavailable to all projects. You can enable access to a registered catalog for all projects, if desired.

To control access to specific catalog items exposed to specified projects, you can create a catalog service group.

After registering a catalog, you can deploy virtual machines and applications from the catalog to your connected public or private cloud. For more information, see:

Prerequisites
Procedure
  1. From the HPE OneSphere main menu, select Settings.
  2. On the Settings screen, select Catalog Registry.
  3. On the Catalog Registry screen, click the plus icon.
  4. Enter a name and the URL for your catalog.
    • If you are registering Azure ARM Templates, enter (for example) https://github.com/Azure/azure-quickstart-templates.

    • If you are registering AWS Elastic Container Registry (ECR) Containers, enter the Repository URL without the repository name.

      For the AWS repository, the AWS console shows the URI and ARN as following. Add the URI, without the repository name mentioned in the Repository URI field. For example:

      • Repository ARN: arn:aws:ecr:us-west-1:675925117157:repository/grafana

      • Repository URI (Incorrect): 675925117157.dkr.ecr.us-west-1.amazonaws.com/grafana

      • Repository URI (Correct): 675925117157.dkr.ecr.us-west-1.amazonaws.com

    • HPE OneSphere supports 175 files in a repository for AWS CloudFormation (CFN) templates. If you add multiple repositories or exceed the limit supported by GitHub requests (which include periodic updates of templates and fetching of repository contents and templates), an error may occur while retrieving the catalog items.

  5. From the drop-down menu, select the Catalog type from the available list.

    See also Docker catalog types.

    Catalogs that an administrator user can register in HPE OneSphere include:

    • AWS CloudFormation (CFN) Templates

    • AWS Elastic Container Registry (ECR) Containers

    • Azure Resource Manager (ARM) Templates

    • Docker Hub Trusted Registry

    • Docker Registry

    • Kubernetes Apps (Helm Charts)

    • Open Service Broker

    • Private Docker Hub

  6. From the drop-down menu, select the Zone into which you will deploy images from the catalog.

    For Docker Registry, selecting a private cloud zone is optional. You do not need to select a zone for AWS ECR Containers and Private Docker Hub.

  7. Enter the login credentials of the selected catalog type.
    • Before registering a GitHub repository containing ARM templates or CFN templates, you will need to acquire a personal access token. See Creating a personal access token for the command line in GitHub help.

    • If you select Docker Registry, entering a user name and password is optional.

    • If you select Open Service Broker, enter the user name and password to connect to the broker using basic authentication.

      NOTE:

      If the broker does not require authentication, you must enter a "dummy" (fake) user name and password.

  8. Click Submit.

A new catalog appears on the HPE OneSphere Catalog screen after about 10 minutes. On average, it takes about one second for each catalog item to be added, so large catalogs (for example, with over 1,000 items) may take 15 to 20 minutes to appear. Updating or removing a catalog takes approximately 30 minutes.

If a new OSB service has been added to or removed from a registered catalog, the new service is reflected in HPE OneSphere after about 30 minutes. You can disable, then re-enable access to the catalog to make the service appear sooner.

Docker catalog types 

HPE OneSphere supports the following Docker container registries. Docker provides the ability to package and run an application in a loosely isolated environment called a container. You can deploy Docker container images to a Kubernetes cluster deployed to Amazon Web Services or VMware vSphere.

Registry type Requires Internet Access? Requires Account? Requires Zone? Notes
Docker Hub Yes No No

Public Docker container registry that is  automatically included in HPE OneSphere; does not need to be registered

Docker Hub Trusted Registry Optional Yes Yes

Enterprise-level private Docker registry that is publicly hosted or on-premises hosted

Docker Registry Optional Optional Optional

Private Docker registry that is publicly hosted or on-premises hosted

Private Docker Hub Yes Yes No

Private Docker Hub registry that is publicly hosted; images are stored in a Docker Hub account

Browsing, filtering, and searching a catalog

Filter or search the catalog to find a specific image or template.

Prerequisites

The administrator:

  • Added a public Amazon Web Service (AWS) provider and imported the AWS image to the catalog, or

  • Added a private (VMware ESXi) provider and connected to the private cloud, or

  • Added a private (KVM) provider and connected to the private cloud

Procedure

  1. From the HPE OneSphere main menu, select Catalog.
  2. Browse the Catalog list by scrolling through the available images and templates.

    Click on a catalog item, then click Detailed Description for more information about the item.

  3. Filter the catalog by clicking the filter  at the top right of the Catalog screen. You can filter by Catalog Type and by Service Type.
  4. When your filter selections are updated, click the icon  at the top right of the Filter screen.
  5. To search for a specific catalog item, click the search window  located on the Catalog screen and type in your search entry.

Enabling and disabling access to a catalog

By default, newly registered catalogs are disabled and unavailable to members of all projects. You can update the catalog to enable access to the catalog for all projects.

Prerequisites

The administrator registered a catalog from the Settings > Catalog Registry screen.

Procedure
  1. From the HPE OneSphere main menu, select Settings.
  2. On the Settings screen, select Catalog Registry.
  3. On the Catalog Registry screen, select the catalog to which you want to restrict access.
  4. Click Update Catalog.
  5. Enable or disable the Expose to All Projects slider button.

Synchronizing Azure ARM or AWS CloudFormation templates 

After you register a catalog of Microsoft Azure Resource Manager (ARM) or Amazon Web Services CloudFormation (CFN) templates in GitHub, you can synchronize HPE OneSphere with the repository. This action updates the Catalog screen so that it contains the latest ARM and CFN catalog items in your registered GitHub repository.

Prerequisites

The administrator:

Procedure
  1. From the HPE OneSphere main menu, select Settings.
  2. On the Settings screen, select Catalog Registry.
  3. Select the Azure ARM or AWS CFN catalog.
  4. Under Actions, click Sync with registry

The Catalog screen is updated immediately after synchronization.

Creating a catalog service group 

Administrators can create a catalog service group that they can associate to specific project(s). This allows the administrator to control the catalog items that consumers can deploy.

Procedure
  1. From the HPE OneSphere main menu, select Catalog.
  2. Click Service Groups.
  3. From the Actions drop-down menu, select Create Service Group.
  4. On the Create Service Group panel, enter a name for the group.
  5. (Optional) Click Expose to Projects, or to expose the group to specific projects later, click Done.
  6. (Optional) If you selected Expose to Projects, do one of the following:
    • Select Expose to all projects, or

    • Select Expose to specific projects, then click Choose project(s) and select a project.

      Click Choose project(s) again to associate another project to the group. Click the trash icon to remove a project before it is associated with the group.

  7. Click Done, or click I Will Do It Later if you want to return to the previous screen without exposing any projects to the catalog service group.

Next step: Add services to a catalog service group

Adding services to a catalog service group 

The administrator can select catalog service items to add to a catalog service group. These services will be visible and can be deployed by consumer members of the project(s) that are associated with the catalog service group.

Prerequisites

The administrator:

Procedure
  1. From the HPE OneSphere main menu, select Catalog.
  2. (Optional) Click Services. (The Services tab is displayed by default when the Catalog screen is first displayed.)
  3. Add the selected service(s) to a group.
    1. Click one or more service items that you want to add to an existing service group.

      The green square border around the service item is highlighted when it is selected.

    2. From the Actions drop-down menu, select Add to Service Group.
    3. (Optional) If you are adding only one service item to a group, click the three dots in the lower right corner of the service, then select Add to Service Group.
  4. From the Add to Service Group panel, click the down arrow next to Group, and select a group to which you want to add the service item(s).

    You can add a service item to one group at a time.

  5. Click Add.

From the Service Groups tab, you can see the number of items added to the group.

Next step: Enable access to a service group from a project, if you did not do so when you created the group.

Enabling and disabling access to a catalog service group 

The administrator can specify the projects that can access the services in a catalog service group. (Access to a service group can also be enabled when the service group is created.)

Procedure
  1. From the HPE OneSphere main menu, select Catalog.
  2. Click Service Groups.
  3. Click the three dots in the lower right corner of the service group for which you want to control access.
  4. Select Expose to Projects.
  5. On the Update projects exposure panel, do one of the following:
    • Select Expose to all projects, or

    • Select Expose to specific Projects, then click Choose project(s) and select a project.

      Click Choose project(s) again to associate another project with the group. Click the trash icon to remove a project from the group before it is associated.

  6. Click Update.

Updating and deleting a catalog service group 

You can update a service group by changing its name and by removing services from the group. To add services to a group, see Adding services to a catalog service group.

Prerequisites

The administrator:

Procedure
  1. From the HPE OneSphere main menu, select Catalog.
  2. Click Service Groups.
  3. Click the three dots in the lower right corner of the service group that you want to update or delete.
  4. To delete the service group, select Delete, then click Yes, Delete Group.
  5. To update the group, select Update Services.
  6. From the Update service group panel:
    1. (Optional) Enter a new name for the service group.
    2. (Optional) Click the X icon to remove services from the service group.
    3. Click Update.
  7. (Optional) Click the trash icon to delete the service group, then click Yes, Delete Group .

Deploying a service from the catalog 

Deploy a service from the HPE OneSphere Catalog screen using the following procedure.

Procedure
  1. From the HPE OneSphere main menu, click Catalog.
  2. Browse or search the catalog and select a catalog item.
  3. On the Deploy panel, enter the required information.
  4. Click Deploy.

    After the application is deployed, you can view the details of the created application in your project.