Choose a technology used for cluster communication. You can select between Multicast (UDP), (sending a message to multiple destinations) or Unicast (UDPU) (sending a message to a single destination). By default multicast is used.

Whenever communication fails between one or more nodes and the rest of the cluster a “cluster partition” occurs. The nodes of a cluster are split in partitions but are still active. They can only communicate with nodes in the same partition and are unaware of the separated nodes. The cluster partition that has the majority of nodes is defined to have “quorum”.

This configuration option defines what to do with the cluster partition(s) that do not have the quorum. See http://www.suse.com/documentation/sle-ha-12/book_sleha/data/sec_ha_config_basics_global.html, section Option no-quorum-policy for details.

The recommended setting is to choose Stop. However, Ignore is enforced for two-node clusters to ensure that the remaining node continues to operate normally in case the other node fails. For clusters using shared resources, choosing freeze may be used to ensure that these resources continue to be available.

“Misbehaving” nodes in a cluster are shut down to prevent it from causing trouble. This mechanism is called STONITH (“Shoot the other node in the head”). STONITH can be configured in a variety of ways, refer to http://www.suse.com/documentation/sle-ha-12/book_sleha/data/cha_ha_fencing.html for details. The following configuration options exist:

With STONITH, Pacemaker clusters with two nodes may sometimes hit an issue known as STONITH deathmatch where each node kills the other one, resulting in both nodes rebooting all the time. Another similar issue in Pacemaker clusters is the fencing loop, where a reboot caused by STONITH will not be enough to fix a node and it will be fenced again and again.

This setting can be used to limit these issues. When set to true, a node that has not been properly shut down or rebooted will not start the services for Pacemaker on boot, and will wait for action from the SUSE OpenStack Cloud operator. When set to false, the services for Pacemaker will always be started on boot. The Automatic value is used to have the most appropriate value automatically picked: it will be true for two-node clusters (to avoid STONITH deathmatches), and false otherwise.

When a node will boot but not start corosync because of this setting, then the node will be displayed with its status set to "Problem" (red bullet) in the Node Dashboard. To make this node usable again, the following steps need to be performed:

Get notified of cluster node failures via e-mail. If set to true, you need to specify which SMTP Server to use, a prefix for the mails' subject and sender and recipient addresses. Note that the SMTP server must be accessible by the cluster nodes.

Set up DRBD for replicated storage on the cluster. This option requires a two-node cluster with a spare hard disk for each node. The disks should have a minimum size of 100 GB. Using DRBD is recommended for making the database and RabbitMQ highly available. For other clusters, set this option to False.

The public name is the host name that will be used instead of the generated public name (see Important: Proposal Name) for the public virtual IP of HAProxy. (This is the case when registering public endpoints, for example). Any name specified here needs to be resolved by a name server placed outside of the SUSE OpenStack Cloud network.

Deploy this role on all nodes that should become member of the cluster except for the one where pacemaker-cluster-founder is deployed.

Deploying this role is optional. If deployed, sets up the Hawk Web interface which lets you monitor the status of the cluster. The Web interface can be accessed via http://IP-ADDRESS:7630. Note that the GUI on SUSE OpenStack Cloud can only be used to monitor the cluster status and not to change its configuration.

hawk-server may be deployed on at least one cluster node. It is recommended to deploy it on all cluster nodes.

Deploy this role on all nodes that should become members of the Compute Nodes cluster. They will run as Pacemaker remote nodes that are controlled by the cluster, but do not affect quorum. Instead of the complete cluster stack, only the pacemaker-remote service will be installed on this nodes.

Name of the default virtual host to be created and used by the RabbitMQ server (default_vhost configuration option in rabbitmq.config).

Port the RabbitMQ server listens on (tcp_listeners configuration option in rabbitmq.config).

RabbitMQ default user (default_user configuration option in rabbitmq.config).

Set the algorithm used by Keystone to generate the tokens. It is strongly recommended to use PKI, since it will reduce network traffic.

Allows to customize the region name that crowbar is going to manage.

Tenant for the users. Do not change the default value of openstack.

User name and password for the regular user and the administrator. Both accounts can be used to log in to the SUSE OpenStack Cloud Dashboard to manage Keystone users and access.

Figure 10.6: The Keystone Barclamp #

When sticking with the default value HTTP, public communication will not be encrypted. Choose HTTPS to use SSL for encryption. See Section 2.3, “SSL Encryption” for background information and Section 9.4.6, “Enabling SSL” for installation instructions. The following additional configuration options will become available when choosing HTTPS:

Choose whether to only use the first available disk or all available disks. “Available disks” are all disks currently not used by the system. Note that one disk (usually /dev/sda) of every block storage node is already used for the operating system and is not available for Ceph.

For data security, stored objects are not only stored once, but redundantly. Specify the number of copies that should be stored for each object with this setting. The number includes the object itself. If you for example want the object plus two copies, specify 3.

Choose whether to encrypt public communication (HTTPS) or not (HTTP). If choosing HTTPS, you need to specify the locations for the certificate key pair files.

Calamari is a Web front-end for managing and analyzing the Ceph cluster. Provide administrator credentials (user name, password, e-mail address) in this section. When Ceph has bee deployed you can log in to Calamari with these credentials. Deploying Calamari is optional—leave these text boxes empty when not deploying Calamari.

The virtual block storage service. Install this role on all dedicated Ceph Storage Nodes (at least three), but not on any other node.

Cluster monitor daemon for the Ceph distributed file system. ceph-mon needs to be installed on three or five Storage Nodes running ceph-osd.

Sets up the Calamari Web interface which lets you manage the Ceph cluster. Deploying it is optional. The Web interface can be accessed via http://IP-ADDRESS/ (where IP-ADDRESS is the address of the machine where ceph-calamari is deployed on). ceph-calamari needs to be installed on a dedicated node—it is not possible to install it on a nodes running other services.

The HTTP REST gateway for Ceph. Install it on a Storage Node running ceph-osd.

Allows to enable public access to containers if set to true.

If set to true, a copy of the current version is archived, each time an object is updated.

Number of zones (see above). If you do not have different independent installations of storage nodes, set the number of zones to 1.

Partition power. The number entered here is used to compute the number of logical partitions to be created in the cluster. The number you enter is used as a power of 2 (2^X).

It is recommended to use a minimum of 100 partitions per disk. To measure the partition power for your setup, do the following: Multiply the number of disks from all Swift nodes with 100 and then round up to the nearest power of two. Keep in mind that the first disk of each node is not used by Swift, but rather for the operating system.

Example: 10 Swift nodes with 5 hard disks each.  Four hard disks on each node are used for Swift, so there is a total of forty disks. Multiplied by 100 gives 4000. The nearest power of two, 4096, equals 2^12. So the partition power that needs to be entered is 12.

Important: Value Cannot be Changed After the Proposal Has Been Deployed

Changing the number of logical partition after Swift has been deployed is not supported. Therefore the value for the partition power should be calculated from the maximum number of partitions this cloud installation is likely going to need at any point in time.

This option sets the number of hours before a logical partition is considered for relocation. 24 is the recommended value.

The number of copies generated for each object. Set this value to 3, the tested and recommended value.

Time (in seconds) after which to start a new replication process.

Shows debugging output in the log files when set to true.

Choose whether to encrypt public communication (HTTPS) or not (HTTP). If choosing HTTPS, you have two choices. You can either Generate (self-signed) certificates or provide the locations for the certificate key pair files. Using self-signed certificates is for testing purposes only and should never be used in production environments!

Provides an S3 compatible API on top of Swift.

Enables to serve container data as a static Web site with an index file and optional file listings. See http://docs.openstack.org/developer/swift/middleware.html#staticweb for details.

This middleware requires to set Allow Public Containers to true.

Enables to create URLs to provide time limited access to objects. See http://docs.openstack.org/developer/swift/middleware.html#tempurl for details.

Enables to upload files to a container via Web form. See http://docs.openstack.org/developer/swift/middleware.html#formpost for details.

Enables the possibility to extract tar files into a swift account and to delete multiple objects or containers with a single request. See http://docs.openstack.org/developer/swift/middleware.html#module-swift.common.middleware.bulk for details.

Allows to interact with the Swift API via Flash, Java and Silverlight from an external network. See http://docs.openstack.org/developer/swift/middleware.html#module-swift.common.middleware.crossdomain for details.

Translates container and account parts of a domain to path parameters that the Swift proxy server understands. Can be used to create short URLs that are easy to remember, for example by rewriting home.tux.example.com/$ROOT/exampleuser;/home/myfile to home.tux.example.com/myfile. See http://docs.openstack.org/developer/swift/middleware.html#module-swift.common.middleware.domain_remap for details.

Ratelimit enables you to throttle resources such as requests per minute to provide denial of service protection. See http://docs.openstack.org/developer/swift/middleware.html#module-swift.common.middleware.ratelimit for details.

The virtual object storage service. Install this role on all dedicated Swift Storage Nodes (at least two), but not on any other node.

Warning: swift-storage Needs Dedicated Machines

Never install the swift-storage service on a node that runs other OpenStack services.

The ring maintains the information about the location of objects, replicas, and devices. It can be compared to an index, that is used by various OpenStack services to look up the physical location of objects. swift-ring-compute must only be installed on a single node; it is recommended to use a Control Node.

The Swift proxy server takes care of routing requests to Swift. Installing a single instance of swift-proxy on a Control Node is recommended. The swift-proxy role can be made highly available by deploying it on a cluster.

Deploying swift-dispersion is optional. The Swift dispersion tools can be used to test the health of the cluster. It creates a heap of dummy objects (using 1% of the total space available). The state of these objects can be queried using the swift-dispersion-report query. swift-dispersion needs to be installed on a Control Node.

Choose whether to use Swift or Ceph (Rados) to store the images. If you have deployed neither of these services, the images can alternatively be stored in an image file on the Control Node (File). If you have deployed Swift or Ceph, it is recommended to use it for Glance as well.

If using VMware as a hypervisor, it is recommended to use it for storing images, too (VMWare). This will make starting VMware instances much faster.

Depending on the storage back-end, there are additional configuration options available:

Choose whether to encrypt public communication (HTTPS) or not (HTTP). If choosing HTTPS, refer to SSL Support: Protocol for configuration details.

Enable and configure image caching in this section. By default, image caching is disabled. Learn more about Glance's caching feature at http://docs.openstack.org/developer/glance/cache.html.

Shows debugging output in the log files when set to true.

Choose whether to only use the First Available disk or All Available disks. “Available disks” are all disks, currently not used by the system. Note that one disk (usually /dev/sda) of every block storage node is already used for the operating system and is not available for Cinder.

Specify a name for the Cinder volume.

IP address and Port of the ECOM server.

For VMAX, the user needs to create an initial setup on the Unisphere for VMAX server first. It needs to contain an initiator group, a storage group and a port group and needs to be put in a masking view. This masking view needs to be specified here.

Login credentials for the ECOM server.

Only thin LUNs are supported by the plugin. Thin pools can be created using Unisphere for VMAX and VNX.

Select the protocol used to connect, either FibreChannel or iSCSI.

IP address and port of the ETERNUS SMI-S Server.

Login credentials for the ETERNUS SMI-S Server.

Storage pool (RAID group) in which the volumes are created. Make sure to have created that RAID group on the server in advance. If a RAID group that does not exist is specified, the RAID group is created by using unused disk drives. The RAID level is automatically determined by the ETERNUS DX Disk storage system.

SUSE OpenStack Cloud can either use “Data ONTAP” in 7-Mode or in Clustered Mode. In 7-Mode vFiler will be configured, in Clustered Mode vServer will be configured. The Storage Protocoll can either be set to iSCSI or NFS. Choose the driver and the protocol your NetApp is licensed for.

The management IP address for the 7-Mode storage controller or the cluster management IP address for the clustered Data ONTAP.

Transport protocol for communicating with the storage controller or clustered Data ONTAP. Supported protocols are HTTP and HTTPS. Choose the protocol your NetApp is licensed for.

The port to use for communication. Port 80 is usually used for HTTP, 443 for HTTPS.

Login credentials.

The vFiler unit to be used for provisioning of OpenStack volumes. This setting is only available in 7-Mode.

Provide a list of comma-separated volumes names to be used for provisioning. This setting is only available when using iSCSI as storage protocol.

Host name of the Virtual Storage Server. This setting is only available in Clustered Mode when using NFS as storage protocol.

Provide a list of NFS Exports from the Virtual Storage Server. Specify one entry per line in the form of host name:/volume/path mount-options. Specifying mount options is optional. This setting is only available when using NFS as storage protocol.

Select true if you have deployed Ceph with SUSE OpenStack Cloud. In case you are using an external Ceph cluster (see Section 9.4.4, “Using an Externally Managed Ceph Cluster” for setup instructions), select false.

This configuration option is only available, if using an external Ceph cluster. Specify the path to the ceph.conf file—the default value (/etc/ceph/ceph.conf) should be fitting if you have followed the setup instructions in Section 9.4.4, “Using an Externally Managed Ceph Cluster”.

This configuration option is only available, if using an external Ceph cluster. If you have had access to the admin keyring file, the path is /etc/ceph/ceph.client.admin.keyring. If you have created your own keyring, use /etc/ceph/ceph.client.cinder.keyring. See Section 9.4.4, “Using an Externally Managed Ceph Cluster” for more information.

Name of the pool used to store the Cinder volumes.

Ceph user name.

Host name or IP address of the vCenter server.

vCenter login credentials.

Provide a comma-separated list of cluster names.

Path to the directory used to store the Cinder volumes.

Absolute path to the vCenter CA certificate.

Default value: false (the CA truststore is used for verification). Set this option to true when using self-signed certificates to disable certificate checks. This setting is for testing purposes only and must not be used in production environments!

Absolute path to the file to be used for block storage.

Maximum size of the volume file. Make sure not to overcommit the size, since it will result in data loss.

Specify a name for the Cinder volume.

The Cinder controller provides the scheduler and the API. Installing cinder-controller on a Control Node is recommended.

The virtual block storage service. It can be installed on a Control Node. However, it is recommended to deploy it on one or more dedicated nodes supplied with sufficient networking capacity, since it will generate a lot of network traffic.

Host name of the Virtual Storage Server.

The name or IP address for the storage controller or the cluster.

The port to use for communication. Port 80 is usually used for HTTP, 443 for HTTPS.

Login credentials.

Transport protocol for communicating with the storage controller or cluster. Supported protocols are HTTP and HTTPS. Choose the protocol your NetApp is licensed for.

The Manila server provides the scheduler and the API. Installing it on a Control Node is recommended.

The shared storage service. It can be installed on a Control Node, but it is recommended to deploy it on one or more dedicated nodes supplied with sufficient disk space and networking capacity, since it will generate a lot of network traffic.

Select which mechanism driver(s) shall be enabled for the ml2 plugin.It is possible to select more than one driver by holding the Ctrl key while clicking. Choices are:

openvswitch.  Supports GRE, VLAN and VLANX networks (to be configured via the Modular Layer 2 type drivers setting).

linuxbridge.  Supports VLANs only. Requires to specify the Maximum Number of VLANs.

cisco_nexus.  Enables Neutron to dynamically adjust the VLAN settings of the ports of an existing Cisco Nexus switch when instances are launched. It also requires openvswitch which will automatically be selected. With Modular Layer 2 type drivers, vlan must be added. This option also requires to specify the Cisco Switch Credentials. See Appendix H, Using Cisco Nexus Switches with Neutron for details.

With the default setup, all intra-Compute Node traffic flows through the network Control Node. The same is true for all traffic from floating IPs. In large deployments the network Control Node can therefore quickly become a bottleneck. When this option is set to true, network agents will be installed on all compute nodes. This will de-centralize the network traffic, since Compute Nodes will be able to directly “talk” to each other. Distributed Virtual Routers (DVR) require the openvswitch driver and will not work with the linuxbridge driver. HyperV Compute Nodes will not be supported—network traffic for these nodes will be routed via the Control Node on which neutron-network is deployed. For details on DVR refer to https://wiki.openstack.org/wiki/Neutron/DVR.

This option is only available when having chosen the openvswitch or the cisco_nexus mechanism drivers. Options are vlan, gre and vxlan. It is possible to select more than one driver by holding the Ctrl key while clicking.

Important: Drivers for HyperV Compute Nodes

HyperV Compute Nodes do not support gre and vxlan. If your environment includes a heterogenous mix of Compute Nodes incluing HyperV nodes, make sure to select vlan. This can be done in addition to the other drivers.

When multiple type drivers are enabled, you need to select the Default Type Driver for Provider Network, that will be used for newly created provider networks. This also includes the nova_fixed network, that will be created when applying the Neutron proposal. When manually creating provider networks with the neutron command, the default can be overwritten with the --provider:network_type type switch. You will also need to set a Default Type Driver for Tenant Network. It is not possible to change this default when manually creating tenant networks with the neutron command. The non-default type driver will only be used as a fallback.

Depending on your choice of the type driver, more configuration options become available.

gre.  Having chosen gre, you also need to specify the start and end of the tunnel ID range.

vlan.  The option vlan requires you to specify the Maximum number of VLANs.

vxlan.  Having chosen vxlan, you also need to specify the start and end of the VNI range.

Login credentials for the VMWare NSX server. The user needs to have administrator permissions on the NSX server.

Enter the IP address and the port number (IP-ADDRESS:PORT) of the controller API endpoint. If the port number is omitted, port 443 will be used. You may also enter multiple API endpoints (comma-separated), provided they all belong to the same controller cluster. When multiple API endpoints are specified, the plugin will load balance requests on the various API endpoints.

The UUIDs for the transport zone and the gateway service can be obtained from the NSX server. They will be used when networks are created.

neutron-server provides the scheduler and the API. It needs to be installed on a Control Node.

This service runs the various agents that manage the network traffic of all the cloud instances. It acts as the DHCP and DNS server and as a gateway for all cloud instances. It is recommend to deploy this role on a dedicated node supplied with sufficient network capacity.

Set the “overcommit ratio” for RAM for instances on the Compute Nodes. A ratio of 1.0 means no overcommitment. Changing this value is not recommended.

Set the “overcommit ratio” for CPUs for instances on the Compute Nodes. A ratio of 1.0 means no overcommitment.

Allows to move KVM and Xen instances to a different Compute Node running the same hypervisor (cross hypervisor migrations are not supported). Useful when a Compute Node needs to be shut down or rebooted for maintenance or when the load of the Compute Node is very high. Instances can be moved while running (Live Migration).

Warning: Libvirt Migration and Security

Enabling the libvirt migration option will open a TCP port on the Compute Nodes that allows access to all instances from all machines in the admin network. Ensure that only authorized machines have access to the admin network when enabling this option.

Sets up a directory /var/lib/nova/instances on the Control Node on which nova-controller is running. This directory is exported via NFS to all compute nodes and will host a copy of the root disk of all Xen instances. This setup is required for live migration of Xen instances (but not for KVM) and is used to provide central handling of instance data. Enabling this option is only recommended if Xen live migration is required—otherwise it should be disabled.

Warning: Do Not Set Up Shared Storage When instances are Running

Setting up shared storage in a SUSE OpenStack Cloud where instances are running will result in connection losses to all running instances. It is strongly recommended to set up shared storage when deploying SUSE OpenStack Cloud. If it needs to be done at a later stage, make sure to shut down all instances prior to the change.

Kernel SamePage Merging (KSM) is a Linux Kernel feature which merges identical memory pages from multiple running processes into one memory region. Enabling it optimizes memory usage on the Compute Nodes when using the KVM hypervisor at the cost of slightly increasing CPU usage.

Setting up VMware support is described in a separate section. See Appendix G, VMware vSphere Installation Instructions.

Choose whether to encrypt public communication (HTTPS) or not (HTTP). If choosing HTTPS,refer to SSL Support: Protocol for configuration details.

Change the default VNC keymap for instances. By default, en-us is used. Enter the value in lowercase, either as a two character code (such as de or jp) or, as a five character code such as de-ch or en-uk, if applicable.

After having started an instance you can display its VNC console in the OpenStack Dashboard (Horizon) via the browser using the noVNC implementation. By default this connection is not encrypted and can potentially be eavesdropped.

Enable encrypted communication for noVNC by choosing HTTPS and providing the locations for the certificate key pair files.

Shows debugging output in the log files when set to true.

Distributing and scheduling the instances is managed by the nova-controller. It also provides networking and messaging services. nova-controller needs to be installed on a Control Node.

Provides the hypervisors (Docker, Hyper-V, KVM, QEMU, VMware vSphere, Xen, and z/VM) and tools needed to manage the instances. Only one hypervisor can be deployed on a single compute node. To use different hypervisors in your cloud, deploy different hypervisors to different Compute Nodes. A nova-compute-* role needs to be installed on every Compute Node. However, not all hypervisors need to be deployed.

Each image that will be made available in SUSE OpenStack Cloud to start an instance is bound to a hypervisor. Each hypervisor can be deployed on multiple Compute Nodes (except for the VMWare vSphere role, see below). In a multi-hypervisor deployment you should make sure to deploy the nova-compute-* roles in a way, that enough compute power is available for each hypervisor.

Note: Re-assigning Hypervisors

Existing nova-compute-* nodes can be changed in a productive SUSE OpenStack Cloud without service interruption. You need to “evacuate” the node, re-assign a new nova-compute role via the Nova barclamp and Apply the change. nova-compute-vmware can only be deployed on a single node.

Important: Deploying Hyper-V

nova-compute-hyperv can only be deployed to Compute Nodes running either Microsoft Hyper-V Server or Windows Server 2012. Being able to set up such Compute Nodes requires to set up a netboot environment for Windows. Refer to Appendix F, Setting up a Netboot Environment for Microsoft* Windows for details.

The default password for Hyper-V Compute Nodes will be “crowbar”.

Important: Deploying VMware vSphere (vmware)

VMware vSphere is not supported “natively” by SUSE OpenStack Cloud—it rather delegates requests to an existing vCenter. It requires preparations at the vCenter and post install adjustments of the Compute Node. See Appendix G, VMware vSphere Installation Instructions for instructions. nova-compute-vmware can only be deployed on a single Compute Node.

Note: Deploying Docker

The ability to use Docker is only included as a technology preview and not supported by SUSE. The following features are known to work:

• Starting and shutting down an instance.

• Resuming a paused instance.

• Taking a snapshot of running instance and starting a new image based on this snapshot.

The following features are known to not work:

• Suspend and resume.

• Attaching Cinder volumes.

If you assign the nova-compute-docker role to a node, it is recommended to use Btrfs for the respective node to enhance the performance. How to specify a file system for a node is described in Section 9.2, “Node Installation”.

Timeout (in minutes) after which a user is been logged out automatically. The default value is set to 4 hours (240 minutes).

Specify a regular expression with which to check the password. The default expression (.{8,}) tests for a minimum length of 8 characters. The string you enter is interpreted as a Python regular expression (see http://docs.python.org/2.7/library/re.html#module-re for a reference).

Error message that will be displayed in case the password validation fails.

Choose whether to encrypt public communication (HTTPS) or not (HTTP). If choosing HTTPS, you have two choices. You can either Generate (self-signed) certificates or provide the locations for the certificate key pair files and,—optionally— the certificate chain file. Using self-signed certificates is for testing purposes only and should never be used in production environments!

Shows debugging output in the log files when set to true.

Specify an interval in seconds after which Ceilometer performs an update of the specified meter.

Set the interval after which to check whether to raise an alarm because a threshold has been exceeded. For performance reasons, do not set a value lower than the default (60s).

Ceilometer collects a huge amount of data, which is written to a database. In a production system it is recommended to use a separate database for Ceilometer rather than the standard database that is also used by the other SUSE OpenStack Cloud services. MongoDB is optimized to write a lot of data. As of SUSE OpenStack Cloud 6, MongoDB is only included as a technology preview and not supported.

Specify how long to keep the data. -1 means that samples are kept in the database forever.

Shows debugging output in the log files when set to true.

The Ceilometer API server role. This role needs to be deployed on a Control Node. Ceilometer collects approximately 200 bytes of data per hour and instance. Unless you have a very huge number of instances, there is no need to install it on a dedicated node.

The polling agent listens to the message bus to collect data. It needs to be deployed on a Control Node. It can be deployed on the same node as ceilometer-server.

The compute agents collect data from the compute nodes. They need to be deployed on all KVM and Xen compute nodes in your cloud (other hypervisors—except for Hyper-V— are currently not supported).

This compute agents collect data from the compute nodes running on Microsoft Windows. It needs need to be deployed on all Hyper-V Compute Nodes in your cloud.

An agent collecting data from the Swift nodes. This role needs to be deployed on the same node as swift-proxy.

When enabled, Trove will use a Cinder volume to store the data.

Increases the amount of information that is written to the log files when set to true.

Shows debugging output in the log files when set to true.

Credentials for a regular user. If the user does not exist, it will be created.

Tenant to be used by Tempest. If it does not exist, it will be created. It is safe to stick with the default value.

Credentials for an admin user. If the user does not exist, it will be created.