Installing OpenStack grizzly


UNDER CONSTRUCTION


OpenStack is composed by :

* keystone
* glance
* cinder
* nova
* neutron
* ceph

For this Proof Of Concept we'll use :

* Ubuntu 10.04 up-to-date !
* keystone
* glance
* cinder
* nova
* nova-network

Have a look at the next schema to understand which infrasructure will be built :

Installing backends and extras

Add ubuntu cloud repo

apt-get install ubuntu-cloud-keyring python-software-properties software-properties-common python-keyring

echo deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/grizzly main >> /etc/apt/sources.list.d/grizzly.list

System update

apt-get update

apt-get upgrade

apt-get dist-upgrade

Networking

Some packages are needed :

apt-get install vlan ifenslave

Add network conf like below :

#For Exposing OpenStack API over the internet
auto eth1
iface eth1 inet static
        address 192.168.100.51
        netmask 255.255.255.0
        gateway 192.168.100.1
        dns-nameservers 8.8.8.8

#Not internet connected(used for OpenStack management)
auto eth0
iface eth0 inet static
        address 10.10.100.51
        netmask 255.255.255.0

Restart network service now :

service networking restart

MySQL & RabbitMQ

Some packages are needed :

apt-get install -y mysql-server python-mysqldb

Let's tune mysql conf file in order to listen over all interfaces :

sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf
service mysql restart

install rabbitmq :

apt-get install -y rabbitmq-server

Extras

Install some other needed packages :

apt-get install -y vlan bridge-utils

Enable IP forwarding :

sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf
sysct -p

Install ntp daemon :

apt-get install -y ntp

Tune ntp.conf :

#Comment the ubuntu NTP servers
sed -i 's/server 0.ubuntu.pool.ntp.org/#server 0.ubuntu.pool.ntp.org/g' /etc/ntp.conf
sed -i 's/server 1.ubuntu.pool.ntp.org/#server 1.ubuntu.pool.ntp.org/g' /etc/ntp.conf
sed -i 's/server 2.ubuntu.pool.ntp.org/#server 2.ubuntu.pool.ntp.org/g' /etc/ntp.conf
sed -i 's/server 3.ubuntu.pool.ntp.org/#server 3.ubuntu.pool.ntp.org/g' /etc/ntp.conf

#Set the compute node to follow up your conroller node
sed -i 's/server ntp.ubuntu.com/server 10.10.10.51/g' /etc/ntp.conf

service ntp restart

KEYSTONE

Host: controller

  • Start by the keystone packages:
apt-get install -y keystone
  • Verifiy keystone service is running :
service keystone status
  • Create Database keystone :
CREATE DATABASE keystone;
GRANT ALL ON keystone.* TO 'keystoneUser'@'%' IDENTIFIED BY 'keystonePass';
quit;
  • Adapt the connection attribute in the /etc/keystone/keystone.conf to the new database:
connection = mysql://keystoneUser:keystonePass@10.10.100.51/keystone
  • Restart the identity service then synchronize the database:
service keystone restart
keystone-manage db_sync
  • Fill up the keystone database :
#Modify the HOST_IP and HOST_IP_EXT variables before executing the scripts

wget https://raw.github.com/mseknibilel/OpenStack-Grizzly-Install-Guide/master/KeystoneScripts/keystone_basic.sh
wget https://raw.github.com/mseknibilel/OpenStack-Grizzly-Install-Guide/master/KeystoneScripts/keystone_endpoints_basic.sh

chmod +x keystone_basic.sh
chmod +x keystone_endpoints_basic.sh

./keystone_basic.sh
./keystone_endpoints_basic.sh
  • Creds crendential file for API access :
vim creds

#Paste the following:
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=admin_pass
export OS_AUTH_URL="http://192.168.100.51:5000/v2.0/"

# Load it:
source creds
  • Test keystone service :
keystone user-list

GLANCE

Host: controller

  • Install glance package :
apt-get install -y glance
  • Check glance services are running
service glance-api status
service glance-registry status
  • Create glance database and user :
CREATE DATABASE glance;
GRANT ALL ON glance.* TO 'glanceUser'@'%' IDENTIFIED BY 'glancePass';
quit;
  • Tune /etc/glance/glance-api-paste.ini :
[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
delay_auth_decision = true
auth_host = 10.10.100.51
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = glance
admin_password = service_pass
  • Tune /etc/glance/glance-registry-paste.ini :
[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
auth_host = 10.10.100.51
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = glance
admin_password = service_pass
  • Tune /etc/glance/glance-api.conf :
sql_connection = mysql://glanceUser:glancePass@10.10.100.51/glance

and

[paste_deploy]
flavor = keystone
  • Tune /etc/glance/glance-registry.conf :
sql_connection = mysql://glanceUser:glancePass@10.10.100.51/glance

and

[paste_deploy]
flavor = keystone
  • Restart the glance-api and glance-registry services :
service glance-api restart
service glance-registry restart
  • Synchronize the glance database :
glance-manage db_sync
  • Restart the services again to take into account the new modifications :
service glance-api restart
service glance-registry restart
  • Test Glance service :
glance image-create --name myFirstImage --is-public true --container-format bare --disk-format qcow2 --location https://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-disk.img

glance image-list

CINDER

Host: controller

  • Install cinder packages :
apt-get install -y cinder-api cinder-scheduler cinder-volume iscsitarget open-iscsi iscsitarget-dkms
  • iscsi start by default :
sed -i 's/false/true/g' /etc/default/iscsitarget
  • Start services :
service iscsitarget start
service open-iscsi start
  • Create database and user :
CREATE DATABASE cinder;
GRANT ALL ON cinder.* TO 'cinderUser'@'%' IDENTIFIED BY 'cinderPass';
quit;
  • /etc/cinder/api-paste.ini :
[filter:authtoken]
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
service_protocol = http
service_host = 192.168.100.51
service_port = 5000
auth_host = 10.10.100.51
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = cinder
admin_password = service_pass
  • /etc/cinder/cinder.conf :
[DEFAULT]
rootwrap_config=/etc/cinder/rootwrap.conf
sql_connection = mysql://cinderUser:cinderPass@10.10.100.51/cinder
api_paste_config = /etc/cinder/api-paste.ini
iscsi_helper=ietadm
volume_name_template = volume-%s
volume_group = cinder-volumes
verbose = True
auth_strategy = keystone
#osapi_volume_listen_port=5900
  • Sync database :
cinder-manage db sync
  • Create your PV, VG and LV :

NOVA

Host: controller

  • Install nova packages :
apt-get install -y nova-api nova-cert novnc nova-consoleauth nova-scheduler nova-novncproxy nova-doc nova-conductor
  • Check that nova services are running :
cd /etc/init.d/; for i in $( ls nova-* ); do service $i status; cd; done
  • Create nova database and user :
CREATE DATABASE nova;
GRANT ALL ON nova.* TO 'novaUser'@'%' IDENTIFIED BY 'novaPass';
quit;
  • Tune /etc/nova/api-paste.ini :
paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
auth_host = 10.10.100.51
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = nova
admin_password = service_pass
signing_dirname = /tmp/keystone-signing-nova
# Workaround for https://bugs.launchpad.net/nova/+bug/1154809
auth_version = v2.0

--- TO BE CONTINUED ---

Comments !