Connect Fleio to OpenStack


This page only applies for Fleio OpenStack Edition or Fleio Full Edition.

To connect Fleio to your OpenStack installation, go to your staff panel, e.g., http://mydomain/staff, Settings menu group, OpenStack menu option and fill in the field on tabs CREDENTIALS, NOTIFICATIONS, and DEFAULTS.

Below are the steps to obtain the necessary values from your OpenStack cloud. For documentation on Fleio OpenStack settings user interface, see Staff / Settings / OpenStack.

OpenStack credentials

Find the required setting fields by running commands on your OpenStack controller, or by checking at the configuration of each service: Nova, Glance, Neutron, Cinder.



Fleio requires an OpenStack admin user with full access to the entire cloud and to all operations.

See below how to obtain the OpenStack API authentication details for the admin user and fill the values on the OpenStack settings CREDENTIALS tab.

Keystone auth URL

OpenStack provides endpoints for different services. To obtain the Keystone API endpoint URL, connect to your OpenStack controller and run the following command.

openstack endpoint list --service identity -c Interface -c URL
| Interface | URL                          |
| admin     | |
| public    |  |
| internal  |  |

Copy the public interface URL. In the example above, it’s

Administrator username

The OpenStack administrator username is usually admin. You can check this in your openrc or adminrc file:

grep OS_USERNAME openrc
export OS_USERNAME=admin

Administrator password

Retrieve the administrator password from the openrc or adminrc file:

grep OS_PASSWORD openrc
export OS_PASSWORD=OpenStackPassword

In the example above, the admin password is OpenStackPassword.

Administrator project ID

To find the admin project ID, run the following command on your controller:

openstack project list | grep admin
| 986c6adb50f2419c8feb034217ddc6eb | admin                          |

In this case, the admin project ID is 986c6adb50f2419c8feb034217ddc6eb.

Administrator domain ID

In most OpenStack installations the user domain ID is default but it may be different in your case. Run the following command on the controller:

openstack domain list -c ID -c Name
| ID                               | Name    |
| 969ed4676ebd4eb1801f175ad42a91c0 | heat    |
| default                          | Default |

In this example, the default domain ID is default.

OpenStack notifications setup options


Before continuing, make sure you have enabled OpenStack notifications.

Fleio keeps track of OpenStack resources by receiving notifications from OpenStack services like Nova, Glance, Cinder and Neutron. Without notifications, Fleio is unable to display accurate information related to running instances, available volumes, images or networks. Each OpenStack installation has at least one messaging broker. This is usually the RabbitMQ broker, however, ZeroMQ and other brokers are supported.

There are three ways to configure Fleio to receive the OpenStack notifications.

Option A: Fleio connects directly to OpenStack RabbitMQ

This is the simplest deployment method.

Since Fleio connects directly to the OpenStack RabbitMQ, you need to create a RabbitMQ user for Fleio in each region.

For Fleio to connect directly to the internal RabbitMQ server from each OpenStack region, it needs access to the private OpenStack subnet and this may pose a security issue. To overcome this disadvantage, just use RabbitMQ Shovel as described below.

Option B: RabbitMQ Shovel and intermediary RabbitMQ

Install an additional RabbitMQ server, let’s call this “intermediary RabbitMQ”. It may be installed on the same machine with Fleio or, in any case, on a subnet to which Fleio has access.

On each OpenStack RabbitMQ server, configure the RabbitMQ Shovel plugin.

Configure the Shovel plugins to forward notifications to the intermediary RabbitMQ, making sure that you differentiate between regions using a different vhost.

Then configure Fleio NOTIFICATIONS to connect to the intermediary RabbitMQ, pairing each notification URL with its corresponding region.

Option C: fleio-collector and intermediary RabbitMQ


Deprecated since version 2023.09: Fleio collector is deprecated and will be removed in the future. Use Option B: RabbitMQ Shovel and intermediary RabbitMQ instead.

Install an additional RabbitMQ server, let’s call this “intermediary RabbitMQ”. It may be installed on the same machine with Fleio or, in any case, on a subnet to which Fleio has access.

In each OpenStack region, install and configure the Fleio collector. The Fleio collector adds a “region” field to each notification received from OpenStack and forwards it to the intermediary RabbitMQ. All Fleio collectors forward notifications to the same URL/vhost, same exchange, and the same topic on the intermediary RabbitMQ.

Then configure Fleio NOTIFICATIONS to connect to the intermediary RabbitMQ, selecting Multiple regions in the Region field from ADD REGION SETTINGS dialog.

Notification UI fields

Notifications URLs

Fleio needs one or more URLs to be able to connect to the OpenStack messaging queue service (usually RabbitMQ) in order to listen for events from OpenStack services like Nova, Neutron, Glance or Cinder.

For security reasons is better to create a different username. If you already have a username and password please specify a complete URL in this field having the accepted URI format.

As an example, for RabbitMQ, you can enter multiple URLs of the form: rabbit://username:password@rabbitmqHost/

Multiple URLs are usually required if you have multiple messaging queue servers for each service or multiple virtual hosts. Our demo setup has multiple virtual hosts for each service, and we should configure the following URLs in Region notification settings:



If all your OpenStack services are using the same RabbitMQ queue (so, single URL in Fleio settings) or multiple queues (multiple URls needed in your Fleio settings), depends on the OpenStack installation method.

If you are using RabbitMQ messages forwarding you can have just one notification URL.

If you want to create a new user and password (in RabbitMQ) please run the following command on your controller or on your message queue service server.

rabbitmqctl add_user fleio TYPEPASSWORD

We also have to set up permission for username fleio for different hosts that your Nova, Neutron, Glance, Cinder services may be configured.

rabbitmqctl list_vhosts
Listing vhosts ...

rabbitmqctl set_permissions fleio -p /neutron ".*" ".*" ".*" #repeat for every vhost

Notifications topic

The default value for the notifications topic is notifications. Each openstack service sends notifications to this topic.


Deprecated since version 2023.09.1: Fleio collector is deprecated and will be removed in the future.

If we installed the fleio-collector service (usually in a multi-region setup) we should use the topic where the Fleio collectors services send the notifications.

For fleio-collector, fleio is the default topic. We can also enter multiple values separated by a single , character. For example, we can input: notifications, fleio as a valid value.

Notifications exchange

Each OpenStack service uses an exchange. The default value is: cinder,glance,keystone,neutron,nova,openstack,magnum,trove. Multiple exchange names may be filled in, as shown above, separated by a comma (,).

Notifications pool name


Notification pool name must be unique per RabbitMQ vhost. If you have two Fleio installations that use the same pool name, some notifications are be lost.

Fleio can listen for notifications on the notifications topic directly. However, when Ceilometer is installed, Ceilometer also listens on the notifications topic. What this means is that messages will be split between Ceilometer and Fleio. None of the services will receive all the notifications. Specifying a pool name will ensure that all notifications are received by Fleio. In our setup, we will use: fleio-pool.