OpenStack

Index

General

OpenStack

  • OpenStack vs AWS
  • Desplegament / Deployment
    • RDO Project
      • PackStack
        • Wiki
        • stackforge/packstack (github)
        • Packstack (Google slides)
        • [Creeu un entorn libvirt / Create a libvirt environment]
        • Install OS on all nodes and:
          • disable NetworkManager:
            • systemctl stop NetworkManager
            • systemctl disable NetworkManager
          • temporarily enable access to internet: PackStack will require access to yum repositories from each node
        • Installation (from controller node)
          • yum update -y
          • yum install -y https://repos.fedorapeople.org/repos/openstack/openstack-kilo/rdo-release-kilo-1.noarch.rpm
          • yum install -y http://rdo.fedorapeople.org/openstack-kilo/rdo-release-kilo.rpm
          • yum install -y openstack-packstack
            • also installs openstack-puppet-modules
        • Run modes
          • All in one node:
            • packstack --allinone
          • Several nodes (answers file):
            • packstack --gen-answer-file packstack-answers.txt
            • if needed, replace own ip address in one nic by ip address in another nic:
              • sed -i 's/192.168.0.12/192.168.2.191/g' packstack-answers.txt
            • edit answers file packstack-answers.txt:
              • Correspondčncia:
                • What are the NIC in Nova config file used for?

                • nova.conf
                  when using:
                  CONFIG_NOVA_COMPUTE_PRIVIF
                  DEFAULT/flat_interface

                  CONFIG_NOVA_NETWORK_PUBIF
                  DEFAULT/public_interface

                  CONFIG_NOVA_NETWORK_PRIVIF
                  DEFAULT/flat_interface
                  nova.network.manager.FlatDHCPManager
                  nova.network.manager.FlatManager
                  DEFAULT/vlan_interface
                  nova.network.manager.VlanManager

              • Exemple:
              • CONFIG_NEUTRON_INSTALL=y
                CONFIG_HEAT_INSTALL=y
                CONFIG_TROVE_INSTALL=y
                #CONFIG_CEILOMETER_INSTALL=n

                CONFIG_CONTROLLER_HOST=
                192.168.2.191
                CONFIG_MARIADB_HOST=192.168.2.191
                CONFIG_KEYSTONE_LDAP_URL=ldap://192.168.2.191
                CONFIG_MONGODB_HOST=192.168.2.191
                CONFIG_REDIS_MASTER_HOST=192.168.2.191


                CONFIG_NOVA_COMPUTE_HOSTS=
                192.168.2.190
                CONFIG_NOVA_COMPUTE_PRIVIF=eth1

                CONFIG_NETWORK_HOSTS=192.168.2.192
                CONFIG_LBAAS_INSTALL=y
                CONFIG_NEUTRON_L2_AGENT=openvswitch
                CONFIG_NEUTRON_OVS_TUNNEL_IF=eth2

                # ML2
                CONFIG_NEUTRON_ML2_TYPE_DRIVERS=
                flat,vlan,gre,vxlan
                CONFIG_NEUTRON_ML2_TENANT_NETWORK_TYPES=gre
                CONFIG_NEUTRON_ML2_MECHANISM_DRIVERS=openvswitch
                CONFIG_NEUTRON_ML2_TUNNEL_ID_RANGES=
                1:1000
                CONFIG_NEUTRON_ML2_FLAT_NETWORKS=external


                CONFIG_STORAGE_HOST=
                192.168.2.193
                CONFIG_CINDER_VOLUMES_SIZE=2G

                CONFIG_SAHARA_HOST=192.168.2.191

                CONFIG_PROVISION_DEMO=n
                #CONFIG_PROVISION_DEMO_FLOATRANGE=172.24.4.224/28
              • EXCLUDE_SERVERS=<serverIP>,<serverIP>,...
              • # still valid?:
                CONFIG_NEUTRON_SERVER_HOST=10.15.0.7
                CONFIG_NEUTRON_L3_HOSTS=10.15.0.7
                CONFIG_NEUTRON_DHCP_HOSTS=10.15.0.7
                CONFIG_NEUTRON_LBAAS_HOSTS=10.15.0.7
                CONFIG_NEUTRON_METADATA_HOSTS=10.15.0.7
                CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE=gre
                CONFIG_NEUTRON_OVS_TUNNEL_RANGES=1000:3000

                CONFIG_NEUTRON_OVS_TUNNEL_IF=eth2

            • packstack --answer-file packstack-answers.txt
          • Interactive mode:
            • packstack
          • Logs
            • /var/tmp/packstack/.../openstack-setup.log
          • Config
            • /etc/{nova, glance, cinder, neutron ...}
          • Post-installation checks:
            • NTP
            • controller node
              • ./keystonerc_admin
              • nova list
              • neutron net-list
            • Fix Horizon:
              • Login page: "Something went wrong!"
                • Bug 1218894 - Horizon: Re login failed after timeout
                • Solució / Solution:
                  • curl -o openstack-dashboard-2015.1.0-6.el7.noarch.rpm http://cbs.centos.org/kojifiles/packages/python-django-horizon/2015.1.0/6.el7/noarch/openstack-dashboard-2015.1.0-6.el7.noarch.rpm
                  • curl -o python-django-horizon-2015.1.0-6.el7.noarch.rpm http://cbs.centos.org/kojifiles/packages/python-django-horizon/2015.1.0/6.el7/noarch/python-django-horizon-2015.1.0-6.el7.noarch.rpm
                  • yum install openstack-dashboard-2015.1.0-6.el7.noarch.rpm python-django-horizon-2015.1.0-6.el7.noarch.rpm
                  • optional:
                    • curl -o openstack-dashboard-theme-2015.1.0-6.el7.noarch.rpm http://cbs.centos.org/kojifiles/packages/python-django-horizon/2015.1.0/6.el7/noarch/openstack-dashboard-theme-2015.1.0-6.el7.noarch.rpm
                    • yum install openstack-dashboard-theme-2015.1.0-6.el7.noarch.rpm
                  • systemctl restart httpd
              • Allow connection from the "API network"
                • /etc/httpd/conf.d/15-horizon_vhost.conf
                  • ServerAlias 192.168.2.191
                    ServerAlias 192.168.0.12
              • Allowed hosts for Django (not needed any more?)
                • sed -i '/^ALLOWED_HOSTS/ s/=.*/= [ "*" ]/' /etc/openstack-dashboard/local_settings
                • service httpd restart
        • Usage (from controller node)
          • Admin user
            • . /root/keystonerc_admin
            • Create a disk image
              • glance image-create --copy-from http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img --is-public true --container-format bare --disk-format qcow2 --name cirros
              • glance image-create --copy-from http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud-1503.qcow2 --is-public true --container-format bare --disk-format qcow2 --name centos7
              • glance image-list
            • Create external network
              • neutron net-create ext-net --router:external
              • neutron net-list
              • neutron subnet-create --disable-dhcp ext-net 172.16.13.0/24
              • neutron subnet-list
              • real external network (To create the external network):
                • neutron net-create ext-net --router:external --provider:physical_network external --provider:network_type flat
                • neutron subnet-create ext-net EXTERNAL_NETWORK_CIDR --name ext-subnet \
                    --allocation-pool start=FLOATING_IP_START,end=FLOATING_IP_END \
                    --disable-dhcp --gateway EXTERNAL_NETWORK_GATEWAY
                • neutron subnet-create ext-net 192.168.0.0/24 --name ext-subnet --allocation-pool start=192.168.0.150,end=192.168.0.200 --disable-dhcp --gateway 192.168.0.1
            • Create a flavor for testing
              • nova flavor-create m1.nano auto 128 1 1
              • nova flavor-list
            • Create a non-admin user: demo
              • keystone tenant-create --name demo
              • keystone tenant-list
              • keystone user-create --name demo --tenant demo --pass demo
              • keystone user-list
              • /root/keystonerc_demo
                • export OS_USERNAME=demo
                  export OS_TENANT_NAME=demo
                  export OS_PASSWORD=demo
                  export OS_AUTH_URL=http://192.168.2.191:35357/v2.0/
                  export PS1='[\u@\h \W(keystone_demo)]\$
                  '
          • Demo user
            • . /root/keystonerc_demo
            • Create an ssh keypair
              • ssh-keygen -t rsa -b 2048 -N '' -f id_rsa_demo
              • nova keypair-add --pub-key id_rsa_demo.pub demo
              • nova keypair-list
            • Create tenant networks
            • Create security rules and add them to default security group (ICMP, SSH allowed by default in created instances)
              • neutron security-group-list
              • neutron security-group-rule-create --protocol icmp default
              • neutron security-group-rule-create --protocol tcp --port-range-min 22 --port-range-max 22 default
              • neutron security-group-show default
            • Booting an instance
            • Access to the instance (tricky)
              • from network node:
                • ip netns
                • ip netns exec qdhcp... ip addr
                • ip netns exec qdhcp... ping 10.0.0.3
                • ip netns exec qdhcp... ssh cirros@10.0.0.3
                  • cirros / cubswin:)
            • Access from external network: Floating IP
              • Allocate a floating ip address from the external network:
                • nova floating-ip-create ext-net
                • nova floating-ip-list
              • Assign it to the new instance:
                • nova add-floating-ip test0 172.16.13.3
              • Problems with network, from an instance:
                • [Errno -1] Package does not match intended download. Suggestion: run yum --enablerepo=updates clean metadata
                  Trying other mirror.
                  • Solution
                    • MTU is too big for GRE tunnel; you should reduce its size on the instance. DHCP server can do it for you:
            • External network connectivity
              • Real world
              • In our demo:
                • ip addr add 172.16.13.1/24 dev br-ex
                • iptables -t nat -I POSTROUTING 1 -s 172.16.13.0/24 -j MASQUERADE
        • Browser access
          •  http://$YOURIP/dashboard
            • admin / <keystonerc_admin>
          • http://<controller-node-address>/nagios
            • nagiosadmin / ...
        • Adding a compute node
        • RDO: Multinode OpenStack using Packstack (YouTube) (slides)
          • packstack ...
        • Neutron with existing external network
        • Creating CentOS and Fedora images ready for Openstack
          • Mageia
            • urpmi virt-manager libguestfs-tools
          • virt-manager
            • New virtual machine
              • network: ftp://ftp.cesca.cat/centos/7/os/x86_64/
              • DVD image: ...iso
              • name: centos7
            • start
              • ip a
              • ifup eth0
              • yum install http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm
              • yum -y update
            • snapshot from physical computer
              • virsh snapshot-create-as centos7 fresh_install "Fresh Centos7 install" --atomic --reuse-external
            • install rdo on virtual machine:
              • yum install -y https://repos.fedorapeople.org/repos/openstack/openstack-kilo/rdo-release-kilo-1.noarch.rpm
            • clone image
              • # virt-sysprep -d centos7
              • clone
            • network:
              • physical
                • Connection details -> Virtual networks
                  • Add: "data", 192.169.100.0/24, Isolated virtual network
              • virtual:
                • Add hardware
                  • Network
                    • Virtual network "data"
                    • Device model: "virtio" (to have "ethX" instead of "ens9")
            • add fixed network entry for controller (from physical computer):
              • sudo virsh net-update data add-last ip-dhcp-host --xml "<host mac='`sudo virsh domiflist centos7-controller|grep data|awk '{print $5}'`' ip='192.168.100.10'/>" --live --config
        • Multi-node Openstack with Neutron with libvirt, netsted kvm, virt-manager and qcow2 images
        • Appendix A. Removing PackStack Deployments
        • Red Hat Enterprise Linux OpenStack Platform. Getting Started Guide
    • DevStack (automatically create an OpenStack infrastructure for development)
      • openstack-dev/devstack (github)
      • FAQ
      • VirtualBox
        • VirtualBox network
          VirtualBox instance network
          OpenStack

          host


          Single Node





          Bridged 192.168.0.x
          • Adapter type: virtio-net
          • Promiscuous mode: allow all



          management network Adapter 1 (eth0):
          • BOOTPROTO=none
            IPADDR0=192.168.0.201
            PREFIX0=24

            DEFROUTE=yes
            GATEWAY0=192.168.0.1
            DNS1=192.168.0.1

            ONBOOT=yes
            USERCTL=no
          external network Adapter 2 (eth1):
          • BOOTPROTO=none

            DEFROUTE=no
            ONBOOT=yes
            USERCTL=no
      • Passos / Steps
        1. su
        2. [adduser stack; password stack]
        3. apt-get install sudo -y || yum install -y sudo
        4. echo "stack ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
        5. disable firewall:
          • sudo service iptables save
            sudo systemctl disable firewalld
            sudo systemctl enable iptables
            sudo systemctl stop firewalld
            sudo systemctl start iptables
        6. (login as stack)
        7. sudo apt-get install git -y || sudo yum install -y git
        8. git clone https://git.openstack.org/openstack-dev/devstack
        9. cd devstack
        10. cp samples/local.conf .
        11. local.conf
          • Q: How do I run a specific OpenStack milestone?
            • [[local|localrc]]
              CINDER_BRANCH=master
              GLANCE_BRANCH=master
              HORIZON_BRANCH=master
              KEYSTONE_BRANCH=master
              KEYSTONECLIENT_BRANCH=master
              NOVA_BRANCH=master
              NOVACLIENT_BRANCH=master
              NEUTRON_BRANCH=master
              SWIFT_BRANCH=master

          • nova network
            • [[local|localrc]]
              FLOATING_RANGE=192.168.0.224/27
              FIXED_RANGE=10.0.0.0/24
              FIXED_NETWORK_SIZE=256
              FLAT_INTERFACE=eth0
          • Neutron
            • Using DevStack with Neutron Networking
              • [[local|localrc]]
                FLOATING_RANGE=192.168.0.224/27
                FIXED_RANGE=10.0.0.0/24
                PUBLIC_NETWORK_GATEWAY=192.168.0.1

                disable_service n-net
                enable_service q-svc
                enable_service q-agt
                enable_service q-dhcp
                enable_service q-meta
                enable_service q-l3

                Q_USE_SECGROUP=True
                ENABLE_TENANT_VLANS=True
                TENANT_VLAN_RANGE=1000:1999
                PHYSICAL_NETWORK=default
                OVS_PHYSICAL_BRIDGE=br-ex

            • Manila
            • Configure Load-Balancer in Kilo
          • Multi-host
        12. ./stack.sh
        13. http://.../
        14. ./unstack.sh
  • Serveis / Services

    • openstack endpoint create

      --publicurl --internalurl --adminurl
      conf file
      keystone http://$CONTROLLER_NAME:5000/v2.0 http://$CONTROLLER_NAME:35357/v2.0 identity
      glance http://$CONTROLLER_NAME:9292 image
      nova http://$CONTROLLER_NAME:8774/v2/%\(tenant_id\)s compute
      neutron http://$CONTROLLER_NAME:9696 network
      cinder
      http://$CONTROLLER_NAME:8776/v2/%\(tenant_id\)s volume


      http://$CONTROLLER_NAME:8776/v2/%\(tenant_id\)s volumev2
      heat
      http://$CONTROLLER_NAME:8004/v1/%\(tenant_id\)s orchestration

      http://$CONTROLLER_NAME:8000/v1 cloudformation
      ceilometer
      http://$CONTROLLER_NAME:8777
      metering

      trove
      http://$CONTROLLER_NAME:8779/v1.0/%\(tenant_id\)s
      database
      designate
      http://$CONTROLLER_NAME:9001
      dns


    • Endpoint
      • admin
        • source admin-openrc.sh
        • openstack endpoint list
        • openstack endpoint show ...
      • request
        • credentials
          • admin-opensrc.sh
            • export OS_USERNAME=admin
              export OS_PASSWORD=...
              export OS_AUTH_URL=http://controller-node:35357/v3
              export OS_TENANT_NAME=admin
          • myuser-opensrc.sh
            • export OS_USERNAME=my_user
              export OS_PASSWORD=...
              export OS_AUTH_URL=http://controller-node:5000/v3
              export OS_TENANT_NAME=my_tenant_name
        • Python
          • Option 1:
            • my_user.sh
              • export OS_PROJECT_DOMAIN_ID=default
                export OS_USER_DOMAIN_ID=default
                export OS_PROJECT_NAME=my_tenant
                export OS_TENANT_NAME=my_tenant
                export OS_USERNAME=my_user
                export OS_PASSWORD=my_password
                export OS_AUTH_URL=http://controller-node:5000/v3

            • utils_keystone.py
              • import logging

                from keystoneclient import session as ks_session
                from keystoneclient.auth.identity import generic

                from designateclient.v1 import Client
                from designateclient.v1.records import Record

                from django.conf import settings

                logger = logging.getLogger(__name__)

                def _get_keystone_session():
                    """
                    Connect to Keystone and get a session.
                    """
                    session = ks_session.Session()
                    auth_args = {
                        'auth_url': os.environ['OS_AUTH_URL'],
                        'domain_id': '',
                        'domain_name': '',
                        'project_id': '',
                        'project_name':
                os.environ['OS_TENANT_NAME'],
                        'project_domain_name': '',
                        'project_domain_id': os.environ['OS_PROJECT_DOMAIN_ID'],
                    }
                    auth_args.update({
                        'username':
                os.environ['OS_USERNAME'],
                        'user_id': '',
                        'password':
                os.environ['OS_PASSWORD'],
                        'user_domain_id': os.environ['OS_USER_DOMAIN_ID'],
                        'user_domain_name': '',
                    })
                    session.auth = generic.Password(**auth_args)
                    session.all_tenants = False
                    session.edit_managed = False

                    return session


                def _get_designate_client():
                    """
                    Get a Designate client
                    """
                   
                    session = _get_keystone_session()
                   
                    region_name=''
                    service_type='dns'
                    all_tenants=False
                    edit_managed=False
                   
                    client = Client(
                                region_name=region_name,
                                service_type=service_type,
                                session=session,
                                all_tenants=all_tenants,
                                edit_managed=edit_managed
                                )
                    return client
                   

                def designate_get_domains():
                    """
                    Get all domains in Designate.
                    """
                    client = _get_designate_client()
                    return client.domains.list()


                def designate_create_a_record(name, data):
                    """
                    Add an A record to the default domain.
                    """
                    try:
                        client = _get_designate_client()
                        domain_id = settings.DESIGNATE['DEFAULT_DOMAIN_ID']
                        # Create a new Record object
                        record_name = "%s.%s" % (name, settings.DESIGNATE['DEFAULT_DOMAIN'])
                        record = Record(name=record_name, type="A", data=data)
                       
                        # Send the Create Record API call
                        record = client.records.create(domain_id, record)
                        logger.debug("[designate_create_a_record] Successfully created A record: %s -> %s" % (record_name, data))
                    except Exception as e:
                        logger.error("[designate_create_a_record] Error: %s" % e)
                        raise e
                   
                def designate_delete_a_record(name):
                    """
                    Remove an A record from the default domain.
                    """
                    try:
                        client = _get_designate_client()
                        domain_id = settings.DESIGNATE['DEFAULT_DOMAIN_ID']
                        # Create a new Record object
                        record_name = "%s.%s" % (name, settings.DESIGNATE['DEFAULT_DOMAIN'])
                       
                        # get the record_id
                        record_id = None
                        records = client.records.list(domain_id)
                        for record in records:
                            logger.debug("[designate_delete_a_record] record: %s"% record)
                            if record_name==record.name:
                                record_id = record.id
                                break
                       
                        # Send the Create Record API call
                        if record_id:
                            record = client.records.delete(domain_id, record_id)
                            logger.debug("[designate_create_a_record] Successfully removed A record: %s" % (record_name))
                        else:
                            raise Exception("Record %s not found"% record_name)
                       
                    except Exception as e:
                        logger.error("[designate_delete_a_record] Error: %s" % e)
                        raise e

          • Option 2:
            • credentials.py
              • #!/usr/bin/env python
                import os

                def get_keystone_creds():
                    d = {}
                    d['username'] = os.environ['OS_USERNAME']
                    d['password'] = os.environ['OS_PASSWORD']
                    d['auth_url'] = os.environ['OS_AUTH_URL']
                    d['tenant_name'] = os.environ['OS_TENANT_NAME']
                    return d

                def get_nova_creds():
                    d = {}
                    d['username'] = os.environ['OS_USERNAME']
                    d['api_key'] = os.environ['OS_PASSWORD']
                    d['auth_url'] = os.environ['OS_AUTH_URL']
                    d['project_id'] = os.environ['OS_TENANT_NAME']
                    return d

            • my_file.py
              • from credentials import get_keystone_creds
                import keystoneclient.v2_0.client as ksclient

                creds = get_keystone_creds()
                keystone = ksclient.Client(**creds)
                designate_endpoint = keystone.service_catalog.url_for(service_type='dns',
                                                                   endpoint_type='publicURL')
          • ...
        • curl
          • curl -X GET http://controller-node:5000 | python -m json.tool
          • curl -X GET http://controller-node:9292 | python -m json.tool
    • Problemes / Problems
      • WARNING: [...] Configuring admin URI using auth fragments. This is deprecated, use 'identity_uri' instead.
      • WARNING keystonemiddleware.auth_token [-] Configuring auth_uri to point to the public identity endpoint is required; clients may not be able to authenticate against an admin endpoint
        • Solució / Solution
    • Identity
      • Keystone
        • Problemes / Problems
          • /var/log/httpd/keystone_wsgi_main_error.log
            • Target WSGI script '/var/www/cgi-bin/keystone/main' cannot be loaded as Python module.
              • raise exception.ConfigFileNotFound(config_file=paste_config_value)
                [...] ConfigFileNotFound: An unexpected error prevented the server from fulfilling your request.
                [...]
                ArgsAlreadyParsedError: arguments already parsed: cannot register CLI option
          • /var/log/httpd/keystone_wsgi_admin_error.log
            • Target WSGI script '/var/www/cgi-bin/keystone/admin' cannot be loaded as Python module.
              • raise exception.ConfigFileNotFound(config_file=paste_config_value)
                [...] ConfigFileNotFound: An unexpected error prevented the server from fulfilling your request.
                [...]
                ArgsAlreadyParsedError: arguments already parsed: cannot register CLI option
    • Compute
      • Nova
        • nova host list
        • nova host-describe ...
        • usage:
          • nova hypervisor-stats
          • nova hypervisor-list
          • nova hypervisor-show 1
          • Problems
            • Nova hypervisor-stats returns wrong data (bug #1326147)
            • Deleted hypervisors are wrongly taken into account
            • Solution
              • Remove Old or Failed Hosts from Openstack
              • from controller node:
                • mysql -u root -p
                  • use nova;
                  • identify the deleted compute node (with id=xx) and delete it:
                    • SELECT id,deleted,deleted_at,vcpus,memory_mb FROM compute_nodes;
                    • DELETE FROM compute_nodes WHERE id=xx;
                  • identify the deleted compute node (with id=yy) and delete it:
                    • SELECT * FROM services;
                    • DELETE FROM services WHERE id=yy;
                • check that all is ok now:
                  • nova hypervisor-stats
    • Dashboard
      • Horizon
        • /usr/share/openstack-dashboard/
    • Database
    • DNS
    • Network
      • Neutron
        • Diagrames / Diagrams
          • ...
        • ...
          ip netns
          ip netns exec q... ip addr

          network
          router
          grep Assigning /var/log/neutron/openvswitch-agent.log

          ovs-vsctl list-ports br-int



          network ID vlan
          qdhcp-0aa9a0c6-72aa-490a-a31a-cc589d22eefb
          13: tapa3892e32-d4
          10.0.0.2/24
          demo-net

          0aa9a0c6-72aa-490a-a31a-cc589d22eefb
          4
          qrouter-4fac1a12-8716-44e1-b379-10cd7577f23a 8: qg-acd45006-c9 83.10.2.180/24 ext-net + floating IPs demo-router
          06d4ec1d-cb19-46cb-a29c-ab1e9c6e7198
          2

          12: qr-964c592d-0e 10.0.0.1/24 demo-net

          qdhcp-cf8ad94e-8b9a-4973-ac53-0f303dac281f
          9: tapf3c8bbd8-4e
          10.0.1.2/24
          user-net

          cf8ad94e-8b9a-4973-ac53-0f303dac281f
          1
          qdhcp-86618f27-5593-4528-8fd2-5fc3e077aa12
          18: tapb480367e-01
          10.254.0.2/28
          manila_service_network

          86618f27-5593-4528-8fd2-5fc3e077aa12
          3
          qrouter-c58720bc-2af7-41ed-a62b-e5060b88d13c
          11: qg-6f8c4e89-f9
          83.10.2.183/24
          83.10.2.187/32
          83.10.2.185/32
          83.10.2.181/32
          83.10.2.189/32
          83.10.2.184/32
          83.10.2.186/32
          ext-net + floating IPs
          user-router



          14: qr-825c2f90-e0
          10.0.1.1/24
          user-net


          19: qr-bd9fc043-65
          10.254.0.1/28
          manila_service_network

        • Info
          • ovs-vsctl show
        • Problemes
          • RDO Networking: Common issues
          • ip netns exec qdhcp-cf8ad94e-8b9a-4973-ac53-0f303dac281f ping 10.0.1.87 -> "Destination Host Unreachable"
            • Solution
              • check that all is correct (specially IP addresses) running in network node:
                • ovs-vsctl show
    • Orchestration
    • Storage
  • Components and nodes where services run (should not be virtualized):


    conf
    logs
    systemctl
    controller
    network
    compute
    common



    ntpd.service
    x
    x
    x




    mariadb.service
    x






    rabbitmq-server.service
    x


    keystone

    /etc/keystone/keystone.conf
    memcached.service
    x





    httpd.service
    x


    glance

    /etc/glance/glance-api.conf
    /etc/glance/glance-registry.conf

    openstack-glance-api.service
    x





    openstack-glance-registry.service
    x


    nova

    /etc/nova/nova.conf

    openstack-nova-api.service
    x


    nova service-list

    openstack-nova-cert.service
    x


    nova service-list

    openstack-nova-consoleauth.service
    x


    nova service-list

    openstack-nova-scheduler.service
    x


    nova service-list

    openstack-nova-conductor.service
    x





    openstack-nova-novncproxy.service
    x





    libvirtd.service


    x
    nova service-list /etc/nova/nova.conf
    openstack-nova-compute.service


    x
    neutron

    /etc/neutron/neutron.conf
    /etc/neutron/plugins/ml2/ml2_conf.ini

    neutron-server.service
    x




    openvswitch.service

    x
    neutron agent-list

    neutron-openvswitch-agent.service

    x
    x
    /etc/neutron/l3_agent.ini
    neutron-l3-agent.service
    x

    /etc/neutron/dhcp_agent.ini
    neutron-dhcp-agent.service
    x

    /etc/neutron/metadata_agent.ini
    neutron-metadata-agent.service
    x




    neutron-ovs-cleanup.service
    x

    dashboard

    /etc/openstack-dashboard/local_settings

    httpd.service
    x





    memcached.service
    x








  • Node
    Notes





    Controller
    Compute
    Network
    Block Storage
    Object Storage









    [1-]
    [2-]


    Networks
    management network


    x
    x
    x
    x
    x


    tunnel network



    x
    x




    storage network



    x

    [x]
    [x]


    external network




    x



    Project / Component base
    customize
    • SQL Database Service
      • MySQL
    • Database Service
    • Cache
      • Memcached
    • Message Queue
      • RabbitMQ
      • Qpid
      • ZeroMQ
    • HAProxy
    • Pacemaker
    • Network Time Service
      • NTP
    • queue
    • SQL database
    • Pacemaker



    Dashboard
    Horizon
    Django
    *
    • httpd





    Compute

    Nova

    *
    • Compute Management
      • API
      • Compute core
      • Networking for VMs
        • ?(nova-network)
      • Console interface
        • nova-consoleauth
        • nova-novncproxy (VNC)
        • nova-spicehtml5proxy (SPICE)
        • nova-xvpnvncproxy (VNC)
        • nova-cert (x509)
      • Image management (Ec2 scenario)
        • nova-objectstore
        • euca2ools
      • CLI clients
        • nova
    • KVM Hypervisor
    • Compute core
      • nova-compute
    • Compute Networking
      • ?(nova-network)



    • CirrOS
    Bare Metal Provisioning
    Ironic








    Storage
    Object storage
    Swift
    Paste
    *
    • [Object Storage Proxy Service]
      • swift-proxy



    • Object Storage Account Service
    • Object Storage Container Service
    • Object Storage Object Service
      • swift-objects

    Block Storage
    Cinder


    • [Block Storage Management]
      • cinder-api
      • cinder-scheduler
      • cinder-volume


    • iSCSI Target Service
    • Block Storage Volume Service
    • cinder-volume


    Shared Filesystems
    Manila








    Networking

    Neutron


    • Networking Management
      • neutron-server
    • Networking ML2 Plug-in
    • Open vSwitch
    • Networking ML2 Plug-in
    • Networking Open vSwitch Agent
      • neutron-openvswitch-agent
    • Open vSwitch
    • Networking MP2 Plug-in
    • Networking Open vSwitch Agent
      • neutron-openvswitch-agent
    • Networking L3 Agent
      • neutron-l3-agent
    • Networking DHCP Agent
      • neutron-dhcp-agent
    • Networking Metadata Agent
      • neutron-metadata-agent



    DNS
    Designate









    Neutron/LBaaS








    Shared services
    Identity service Keystone


    • Identity
      • keystone





    Key management
    Barbican








    Image service Glance


    • Image Service
      • glance-api
      • glance-registry
      • backends
        • file
          • /var/lib/glance/images



    • glance-volume

    Telemetry service Ceilometer


    • [Telemetry Management]
    • [Telemetry Agent(s)]
    • [Telemetry agent]

    • [Telemetry agent]


    Orchestration service Heat

    • [Orchestration]





    TripleO (OpenStack on OpenStack)








    Database service Trove


    • [Data Processing Service]






    Data processing
    Sahara (Hadoop, Spark)









    Message service
    Zaqar









    Marketplace









  • Documentació / Documentation







    • services



      info
      architecture
      hardware / infrastructure
      management
      identity
      image
      compute
      network
      dashboard
      block storage
      object storage
      shared filesystem
      telemetry
      database
      orchestration
      data processing
      DNS
      messaging
      Wiki






      Keystone
      Glance
      Nova
      Neutron
      Horizon
      Cinder
      Swift
      Manila
      Ceilometer
      Trove
      Heat
      Sahara
      Designate
      Zaqar
      Configuration Guides /
      Operations and Administration Guides
      Architecture Design Guide
      *
      2. General purpose
      6. Multi-site
      7. Hybrid
      8. Massive scalable
      9. Specialized cases




      3. Compute focused 5. Network focused (CDN, VoIP...)

      4. Storage focused






      Configuration Reference (config files)

      *


      A. Firewalls and default ports 7. Identity service
      8. Image service
      3. Compute
      9. Networking
      4. Dashboard
      2. Block Storage
      10. Object Storage

      12. Telemetry
      5. Database service
      11. Orchestration
      6. Data processing service


      Cloud Administration Guide
      *
      1. Get started


      1. Get started
      2. Identity management
      1. Get started
      1. Get started
      4. Compute
      1. Get started
      7. Networking
      1. Get started
      3. Dashboard
      1. Get started
      6. Block Storage
       Configure an NFS storage backend


      1. Get started
      5. Object Storage

      1. Get started
      8. Telemetry
      1. Get started
      9. Database
      1. Get started
      10. Orchestration
      1. Get started


      High Availability Guide



















      Networking guide








      x










      Operations Guide
      Architecture
      *
      1. Examples Architectures
      (availability, scalability)
      2. Provisioning and Deployment
      5. Scaling
      3. Designing for Cloud Controllers and Cloud Management


      4. Compute Nodes
      • Overcommit:
        • CPU (cpu_allocation_ratio): 16:1
        • RAM (ram_allocation_ratio): 1.5:1
      7. Network Design

      6. Storage Decisions








      Operations


      14. Backup and Recovery

      9. Managing Projects and Users
      10. User-facing operations: Security groups, Associating Security groups
      10. User-facing operations: Images, Taking snapshots
      10. User-facing operations: Flavors, Instances, Instances in the database
      15. Customization: Nova
      10. User-facing operations: FloatingIPs
      12. Network Troubleshooting
      15. Customization: Horizon
      10. User-facing operations: Block Storage, Attaching Block Storage
      15. Customization: Swift

      13. Logging and monitoring




      Security Guide



















      Virtual Machine Image Guide






      *












      Install guides
      Installation Guide for Red Hat Enterprise Linux 7, CentOS 7, and Fedora 20

      *
      1. Architecture
      2. Basic environment

      3. Add the Identity service
      4. Add the Image service
      5. Add the Compute service
      14. Launch an instance
      6. Add a networking component
      7. Add the dashboard
      8. Add the Block Storage service
      9. Add Object Storage

      11. Add the Telemetry module
      12. Add the Database service (kilo draft)
      10. Add the Orchestration module
      13. Add the Data processing service


      Installation Guide for Ubuntu 14.04 (LTS)



















      Installation Guide for openSUSE 13.1 and SUSE Linux Enterprise Server 11 SP3



















      User Guides
      API Quick Start



















      End User Guide
      1. Dashboard





      Upload and manage images
      Launch and manage instances
      Create and manage networks
      Log in to the dashboard
      Create and manage volumes
      Create and manage object containers


      Create and manage databases
      Launch and manage stacks



      2. Command-line clients (cheat sheet)



      Configure access and security for instances
      Manage images
      Use snapshots to migrate instances
      Launch instances
      Manage instances and hosts (Floating IPs)
      Provide user-data to instances
      Create and manage networks

      Manage volumes
      Manage objects and containers

      Measure cloud resources
      Create and manage databases
      Create and manage stacks



      3. Python SDK




      python-keystoneclient
      Configure access and security for instances
      python-glanceclient
      Manage images
      python-novaclient
      Compute
      python-neutronclient
      Networking


      Assign CORS headers to requests
      Schedule objects for deletion





      python-designateclient
      Python bindings

      4. HOT Guide














      4. HOT Guide


      Admin User Guide
      1. Dashboard

















      2. CLI



      Manage services
      Manage projects, users and roles Manage images
      Manage flavors


      Manage volumes






      How To Create and Manage Domains

      Open source software for application development



















      Command-line Interface Reference



















      Contributor Guides
      Developer
      services




      Keystone
      Barbican (key)
      Glance
      Nova
      Ironic
      Neutron
      Horizon
      Cinder
      Swift
      Manila
      Ceilometer
      Trove
      Heat
      Sahara
      Designate
      Zaqar

      Official CLI (Reference manual)







      8. Networking command-line client (neutron)


      python-swiftclient








      API






      Compute API v2.1 (EXPERIMENTAL)
      Compute API v2 (CURRENT)
      Networking API v2.0 (CURRENT)

      Block Storage API v2


      Telemetry API v2 (CURRENT)



      REST API Documentation


      Source
      Git






      openstack/nova openstack/neutron
      openstack/neutron-lbaas
      openstack/horizon openstack/cinder

      openstack/manila

      openstack/trove

      openstack/designate
      openstack/designate-dashboard


      Issues (bugs)
      Launchpad









      Cinder

      Manila










      architecture
      infrastructure
      management
      identity
      image
      compute
      network
      dashboard
      block storage
      object storage
      shared filesystem
      telemetry
      database
      orchestration
      data processing
      DNS
      messaging



    • list
      create
      retrieve
      update
      delete
      identity






      network


      net
      neutron net-list
      • neutron net-create ext-net --router:external \
        --provider:physical_network external --provider:network_type flat
      • neutron net-create demo-net
      • neutron net-show ext-net
      • neutron net-show demo-net

      • neutron net-delete ext-net
      • neutron net-delete demo-net
      subnet
      neutron subnet-list
      • neutron subnet-create ext-net EXTERNAL_NETWORK_CIDR --name ext-subnet \
          --allocation-pool start=FLOATING_IP_START,end=FLOATING_IP_END \
          --disable-dhcp --gateway EXTERNAL_NETWORK_GATEWAY
      • neutron subnet-create demo-net TENANT_NETWORK_CIDR \
          --name demo-subnet --gateway TENANT_NETWORK_GATEWAY
      • neutron subnet-show ext-subnet
      • neutron subnet-show demo-subnet
      • neutron subnet-update ext-subnet --name="ext-subnet-new"
      • neutron subnet-update ext-subnet --allocation-pool start=195.10.2.180,end=195.10.2.190
      • neutron subnet-delete ext-subnet
      • neutron subnet-delete demo-subnet
      router
      neutron router-list
      • neutron router-create demo-router
      • neutron router-interface-add demo-router demo-subnet
      • neutron router-gateway-set demo-router ext-net
      neutron router-show demo-router

      • neutron router-gateway-clear demo-router
      • neutron router-interface-delete demo-router demo-subnet
      • neutron router-delete demo-router
      image
      nova image-list



      compute


      keypair nova keypair-list
      • ssh-keygen -t rsa -b 2048 -N '' -f ~/.ssh/keys/id_rsa_demo
      • nova keypair-add --pub-key id_rsa_demo.pub demo-key
      • [nova keypair-add demo-key]

      nova keypair-delete demo-key

      flavor nova flavor-list



      security group nova secgroup-list



      instance nova list
      • DEMO_NET_ID=$(nova net-list | awk '/ demo-net / { print $2 }')
      • nova boot --flavor m1.tiny --image cirros-0.3.4-x86_64 --nic net-id=$DEMO_NET_ID \
        --security-group default --key-name demo-key demo-instance1
      nova show demo-instance1
      • nova stop demo-instance1
      • nova delete demo-instance1

    • OpenStack Operations Guide
    • OpenStack Cloud Administration Guide
    • Architecture Design Guide
    • OpenStack Configuration Reference
    • DevStack
    • Development
      • API
      • Using Curl to Interact with a RESTful API
      • Create an OpenStack instance with just Curl
        1. curl -d '{"auth":{"passwordCredentials":{"username": "demo", "password": "demo_password"},"tenantName": "demo"}}' -H "Content-Type: application/json" http://controller:5000/v2.0/tokens | python -m json.tool
        2. alternatively: use a file with credentials
          • credentials.json
            • {
                  "auth": {
                      "passwordCredentials": {
                          "password": "demo_password",
                          "username": "demo"
                      },
                      "tenantName": "demo"
                  }
              }

          • curl -d @credentials.json -H "Content-Type: application/json" http://controller:5000/v2.0/tokens | python -m json.tool > response.json
        3. inspect response.json file and note access.token.id: it will be used as Token_ID in the next step
        4. curl -X GET -H "Accept: application/json" -H "X-Auth-Token: <Token_ID>" http://controller:8774/v2/<Tenant_ID>/flavors | python -m json.tool
    • TaskFlow (github)
    • Jobs
    • Engines
    • Install guides
      • OpenStack Training Guides
      • OpenStack Installation Guide for Red Hat Enterprise Linux, CentOS, and Fedora (Juno) (Kilo)
        1. Architecture
        2. Basic environment (see Figure 7.1, Figure B.1, Figure 6.1) IMPORTANT: VirtualBox does not support nested virtualization; use kvm instead
          • Multi-node Openstack with Neutron with libvirt, netsted kvm, virt-manager and qcow2 images
            • ...
          • libvirt network

            Controller
            Network
            Compute
            Block Storage
            management
            192.168.2.0/24
            management network Adapter 2 (eth1):
            • HWADDR=...

              BOOTPROTO=none
              #
              CONFIG_CONTROLLER_HOST
              IPADDR0=192.168.2.191
              PREFIX0=24

              DEFROUTE=yes
              GATEWAY0=192.168.2.1
              DNS1=192.168.2.1

              ONBOOT=yes
              USERCTL=no
            Adapter 2 (eth1):
            • HWADDR=...

              BOOTPROTO=none
              #
              CONFIG_NETWORK_HOSTS
              IPADDR0=192.168.2.192
              PREFIX0=24

              DEFROUTE=yes
              GATEWAY0=192.168.2.1
              DNS1=192.168.2.1

              ONBOOT=yes
              USERCTL=no
            Adapter 2 (eth1):
            • HWADDR=...

              BOOTPROTO=none
              #
              CONFIG_NOVA_COMPUTE_HOSTS
              IPADDR0=192.168.2.190
              PREFIX0=24

              DEFROUTE=yes
              GATEWAY0=192.168.2.1
              DNS1=192.168.2.1

              ONBOOT=yes
              USERCTL=no
            Adapter 2 (eth1):
            • HWADDR=...

              BOOTPROTO=none
              #
              CONFIG_STORAGE_HOST
              IPADDR0=192.168.2.193
              PREFIX0=24

              DEFROUTE=yes
              GATEWAY0=192.168.2.1
              DNS1=192.168.2.1

              ONBOOT=yes
              USERCTL=no
            tunnel
            192.168.4.0/24 tunnel network / data network
            Adapter 3 (eth2) (CONFIG_NEUTRON_OVS_TUNNEL_IF):
            • HWADDR=...

              BOOTPROTO=none
              IPADDR0=192.168.4.192
              PREFIX0=24

              DEFROUTE=no

              ONBOOT=yes
              USERCTL=no
            Adapter 3 (eth2) (CONFIG_NOVA_COMPUTE_PRIVIF):
            • HWADDR=...

              BOOTPROTO=none
              IPADDR0=192.168.4.190
              PREFIX0=24

              DEFROUTE=no

              ONBOOT=yes
              USERCTL=no

            storage
            192.168.5.0/24 storage network

            Adapter 3 (eth3):
            • HWADDR=...

              BOOTPROTO=none
              IPADDR0=192.168.5.190
              PREFIX0=24

              DEFROUTE=no

              ONBOOT=yes
              USERCTL=no
            Adapter 3 (eth2):
            • HWADDR=...

              BOOTPROTO=none
              IPADDR0=192.168.5.193
              PREFIX0=24

              DEFROUTE=no

              ONBOOT=yes
              USERCTL=no
            default
            192.168.122.0/24
            external network Adapter 1 (eth0):
            • HWADDR=...

              BOOTPROTO=dhcp
              DEFROUTE=yes
              ONBOOT=no
              USERCTL=no
            Adapter 1 (eth0):
            • HWADDR=...

              BOOTPROTO=dhcp
              DEFROUTE=yes
              ONBOOT=no
              USERCTL=no
            (to be disabled after config)
            Adapter 1 (eth0):
            • HWADDR=...

              BOOTPROTO=dhcp
              DEFROUTE=yes
              ONBOOT=no
              USERCTL=no
            (to be disabled after config)
            Adapter 1 (eth0):
            • HWADDR=...

              BOOTPROTO=dhcp
              DEFROUTE=yes
              ONBOOT=no
              USERCTL=no

          • VirtualBox network VirtualBox instance network
            OpenStack


            host


            Controller Node
            Network Node
            Compute Node
            BlockStorage Node
            ObjectStorage Node









            #1 #2
            Host-only network
            vboxnet0
            10.0.0.1
            • Adapter type: virtio-net
            • Promiscuous mode: allow all


            management network Adapter 1 (eth0):
            • HWADDR=...

              BOOTPROTO=none
              IPADDR0=10.0.0.11
              PREFIX0=24

              DEFROUTE=yes
              GATEWAY0=10.0.0.1
              DNS1=10.0.0.1

              ONBOOT=yes
              USERCTL=no

            Adapter 1 (eth0):
            • HWADDR=...

              BOOTPROTO=none
              IPADDR0=10.0.0.21
              PREFIX0=24

              DEFROUTE=yes
              GATEWAY0=10.0.0.1
              DNS1=10.0.0.1

              ONBOOT=yes
              USERCTL=no
            Adapter 1 (eth0):
            • HWADDR=...

              BOOTPROTO=none
              IPADDR0=10.0.0.31
              PREFIX0=24

              DEFROUTE=yes
              GATEWAY0=10.0.0.1
              DNS1=10.0.0.1

              ONBOOT=yes
              USERCTL=no
            Adapter 1 (eth0):
            • HWADDR=...

              BOOTPROTO=none
              IPADDR0=10.0.0.41
              PREFIX0=24

              DEFROUTE=yes
              GATEWAY0=10.0.0.1
              DNS1=10.0.0.1

              ONBOOT=yes
              USERCTL=no
            Adapter 1 (eth0):
            • HWADDR=...

              BOOTPROTO=none
              IPADDR0=10.0.0.51
              PREFIX0=24

              DEFROUTE=yes
              GATEWAY0=10.0.0.1
              DNS1=10.0.0.1

              ONBOOT=yes
              USERCTL=no
            Adapter 1 (eth0):
            • HWADDR=...

              BOOTPROTO=none
              IPADDR0=10.0.0.52
              PREFIX0=24

              DEFROUTE=yes
              GATEWAY0=10.0.0.1
              DNS1=10.0.0.1

              ONBOOT=yes
              USERCTL=no

            vboxnet1 10.0.1.1
            tunnel network / data network

            Adapter 2 (eth1):
            • HWADDR=...

              BOOTPROTO=none
              IPADDR0=10.0.1.21
              PREFIX0=24

              DEFROUTE=no

              ONBOOT=yes
              USERCTL=no
            Adapter 2 (eth1):
            • HWADDR=...

              BOOTPROTO=none
              IPADDR0=10.0.1.31
              PREFIX0=24

              DEFROUTE=no

              ONBOOT=yes
              USERCTL=no




            vboxnet2 10.0.2.1
            storage network



            Adapter 2 (eth1): Adapter 2 (eth1):
            Bridged

            192.168.0.x

            API network Adapter 2 (eth1):
            • HWADDR=...

              BOOTPROTO=dhcp

              DEFROUTE=no
              ONBOOT=yes
              USERCTL=no






            external network
            Adapter 3 (eth2):
            • HWADDR=...

              BOOTPROTO=none

              DEFROUTE=no
              ONBOOT=yes
              USERCTL=no




            NAT
            (should only be active at setup: yum,...;
            check that it is the default gateway: routel)

            (10.0.x.1)
            • Adapter type: virtio-net

            Adapter 3 (eth2):
            • HWADDR=...

              BOOTPROTO=dhcp
              DEFROUTE=yes
              ONBOOT=no
              USERCTL=no

            Adapter 4 (eth3):
            • HWADDR=...

              BOOTPROTO=dhcp
              DEFROUTE=yes
              ONBOOT=no
              USERCTL=no
            Adapter 3 (eth2):
            • HWADDR=...

              BOOTPROTO=dhcp
              DEFROUTE=yes
              ONBOOT=no
              USERCTL=no
            Adapter 2 (eth1):
            • HWADDR=...

              BOOTPROTO=dhcp
              DEFROUTE=yes
              ONBOOT=no
              USERCTL=no
            Adapter 3 (eth2):
            • HWADDR=...

              BOOTPROTO=dhcp
              DEFROUTE=yes
              ONBOOT=no
              USERCTL=no
            Adapter 3 (eth2):
            • HWADDR=...

              BOOTPROTO=dhcp
              DEFROUTE=yes
              ONBOOT=no
              USERCTL=no
          • Network config for CentOS
            • check network interfaces
              • ip a
            • check the route
              • routel
            • set hostname
              • hostnamectl set-hostname my_hostname
            • disable firewall
              • systemctl stop firewalld.service
              • systemctl disable firewalld.service
          • OpenStack packages:
            • yum install yum-plugin-priorities
            • yum install http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm
            • yum install https://repos.fedorapeople.org/repos/openstack/openstack-kilo/rdo-release-kilo-1.noarch.rpm
            • yum upgrade
            • yum install openstack-selinux
          • Database:
            • yum install mariadb mariadb-server MySQL-python
            • mysql_secure_installation
          • Messaging server
            • yum install rabbitmq-server
        3. Add the Identity Service (keystone)
          • API endpoints:

            identity
            image
            compute
            network
            admin
            http://controller:35357/v2.0
            http://controller:9292 http://controller:8774/v2/%\(tenant_id\)s
            http://controller:9696
            internal
            http://controller:5000/v2.0

            public

        4. Add the Image Service (glance)
        5. Add the Compute Service (nova)
        6. Add a networking component
          • Details
          • OpenStack networking (neutron)
            • neutron-server
              • plug-ins
                • FWaaS
                • LBaaS
                • Cisco
                • NEC OpenFlow
                • Open vSwitch
                • Linux bridging
                • Ryu NOS
                • VMWare NSX
              • agents
                • L3
                • DHCP
                • plug-in agent
            • Create initial networks
              • External network (admin)
                • neutron net-create ext-net --router:external True --provider:physical_network external --provider:network_type flat
              • External subnet (admin)
                • neutron subnet-create ext-net --name ext-subnet --allocation-pool start=192.168.100.101,end=192.168.100.200 --disable-dhcp --gateway 192.168.100.1 192.168.100.0/24
              • Tenant network (demo)
                • neutron net-create demo-net
              • Tenat subnet (demo)
                • neutron subnet-create demo-net --name demo-subnet --gateway 192.168.1.1 192.168.1.0/24
              • Router (demo)
                • neutron router-create demo-router
                • neutron router-interface-add demo-router demo-subnet
                • neutron router-gateway-set demo-router ext-net
              • From external network, ping the router:
                • ping 192.168.100.101
          • Legacy networking (nova-network)
        7. Dashboard
        8. Add the Block Storage service
          • VirtualBox: add a second disk
          • CentOS:
            • make partitions on /dev/sdb
              • fdisk /dev/sdb
                • n (new partition)
                • p (primary)
                • (enter) (all size)
                • p (print the partition table)
                • w (write and quit)
            • create filesystem in the new partition
              • mkfs.xfs /dev/sdb1
        9. Add Object Storage
          • VirtualBox: add two more disks
          • CentOS:
            • make partitions on /dev/sdb and /dev/sdc
              • fdisk /dev/sdb
                • n (new partition)
                • p (primary)
                • (enter) (all size)
                • p (print the partition table)
                • w (write and quit)
        10. ...
        11. ...
        12. ...
        13. ...
        14. Launch an instance
          • Launch an instance with OpenStack Neetworking (neutron)
            • source demo-openrc.sh
            • key pair
              • ssh-keygen
              • nova keypair-add --pub-key ~/.ssh/id_rsa.pub demo-key
            • launch instance
              • neutron net-list
              • nova boot --flavor m1.tiny --image cirros-0.3.3-x86_64 --nic net-id=DEMO_NET_ID --security-group default --key-name demo-key demo-instance1
              • nova list
            • access the instance
              • nova get-vnc-console demo-instance1 novnc
                • cirros / cubswin:)
            • access the instance remotely
              • nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
              • nova secgroup-add-rule default tcp 22 22 0.0.0.0/0
              • neutron floatingip-create ext-net
                • 192.168.0.102
              • nova floating-ip-associate demo-instance1 192.168.0.102
            • attach a block storage volume
              • nova volume-list
              • nova volume-attach demo-instance1 VOLUME_ID
        • Installation summary:
          node

          identity (keystone)
          image (glance)
          compute (nova)
          network (neutron)
          network (nova-network)
          block storage (cinder)
          object storage (swift)
          controller-node
          mysql -u root -p CREATE DATABASE keystone;
          GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
            IDENTIFIED BY 'KEYSTONE_DBPASS';
          GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
            IDENTIFIED BY 'KEYSTONE_DBPASS';
          CREATE DATABASE glance;
          GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' \
            IDENTIFIED BY 'GLANCE_DBPASS';
          GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' \
            IDENTIFIED BY 'GLANCE_DBPASS';
          CREATE DATABASE nova;
          GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' \
            IDENTIFIED BY 'NOVA_DBPASS';
          GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' \
            IDENTIFIED BY 'NOVA_DBPASS';
          CREATE DATABASE neutron;
          GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \
          IDENTIFIED BY 'NEUTRON_DBPASS';
          GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \
          IDENTIFIED BY 'NEUTRON_DBPASS';

          CREATE DATABASE cinder;
          GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' \
            IDENTIFIED BY 'CINDER_DBPASS';
          GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' \
            IDENTIFIED BY 'CINDER_DBPASS';

          source admin-openrc.sh
          • export OS_SERVICE_TOKEN=ADMIN_TOKEN
          • export OS_SERVICE_TOKEN=294a4c8a8a475f9b9836
          • export OS_SERVICE_ENDPOINT=http://controller:35357/v2.0






          • keystone tenant-create --name admin --description "Admin Tenant"
          • keystone user-create --name admin --pass ADMIN_PASS --email EMAIL_ADDRESS
          • keystone role-create --name admin
          • keystone user-role-add --user admin --tenant admin --role admin

          • keystone tenant-create --name demo --description "Demo Tenant"
          • keystone user-create --name demo --tenant demo --pass DEMO_PASS --email EMAIL_ADDRESS

          • keystone tenant-create --name service --description "Service Tenant"
          • keystone user-create --name glance --pass GLANCE_PASS
          • keystone user-role-add --user glance --tenant service --role admin

          • keystone user-create --name nova --pass NOVA_PASS
          • keystone user-role-add --user nova --tenant service --role admin

          • keystone user-create --name neutron --pass NEUTRON_PASS
          • keystone user-role-add --user neutron --tenant service --role admin

          • keystone user-create --name cinder --pass CINDER_PASS
          • keystone user-role-add --user cinder --tenant service --role admin
          • keystone user-create --name swift --pass SWIFT_PASS
          • keystone user-role-add --user swift --tenant service --role admin
          • keystone service-create --name keystone --type identity --description "OpenStack Identity"
          • keystone endpoint-create --service-id $(keystone service-list | awk '/ identity / {print $2}')  --publicurl http://controller:5000/v2.0 --internalurl http://controller:5000/v2.0 --adminurl http://controller:35357/v2.0 --region regionOne
          • keystone service-create --name glance --type image --description "OpenStack Image Service"
          • keystone endpoint-create --service-id $(keystone service-list | awk '/ image / {print $2}') --publicurl http://controller:9292 --internalurl http://controller:9292 --adminurl http://controller:9292 --region regionOne
          • keystone service-create --name nova --type compute --description "OpenStack Compute"
          • keystone endpoint-create --service-id $(keystone service-list | awk '/ compute / {print $2}') --publicurl http://controller:8774/v2/%\(tenant_id\)s --internalurl http://controller:8774/v2/%\(tenant_id\)s --adminurl http://controller:8774/v2/%\(tenant_id\)s --region regionOne
          • keystone service-create --name neutron --type network --description "OpenStack Networking"
          • keystone endpoint-create --service-id $(keystone service-list | awk '/ network / {print $2}') --publicurl http://controller:9696 --adminurl http://controller:9696 --internalurl http://controller:9696 --region regionOne

          • keystone service-create --name cinder --type volume --description "OpenStack Block Storage"
          • keystone service-create --name cinderv2 --type volumev2 --description "OpenStack Block Storage"
          • keystone endpoint-create
              --service-id $(keystone service-list | awk '/ volume / {print $2}')
              --publicurl http://controller:8776/v1/%\(tenant_id\)s
              --internalurl http://controller:8776/v1/%\(tenant_id\)s
              --adminurl http://controller:8776/v1/%\(tenant_id\)s  --region regionOne
          • keystone endpoint-create
              --service-id $(keystone service-list | awk '/ volumev2 / {print $2}')
              --publicurl http://controller:8776/v2/%\(tenant_id\)s  --internalurl http://controller:8776/v2/%\(tenant_id\)s  --adminurl http://controller:8776/v2/%\(tenant_id\)s  --region regionOne
          • keystone service-create --name swift --type object-store --description "OpenStack Object Storage"
          • keystone endpoint-create --service-id $(keystone service-list | awk '/ object-store / {print $2}') --publicurl 'http://controller:8080/v1/AUTH_%(tenant_id)s'  --internalurl 'http://controller:8080/v1/AUTH_%(tenant_id)s'  --adminurl http://controller:8080--region regionOne
          yum install
          • yum install openstack-keystone python-keystoneclient
          • yum install openstack-glance python-glanceclient
          yum install openstack-nova-api openstack-nova-cert openstack-nova-conductor \
            openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler \
            python-novaclient
          • yum install openstack-neutron openstack-neutron-ml2 python-neutronclient which

          • yum install openstack-cinder python-cinderclient python-oslo-db
          • yum install openstack-swift-proxy python-swiftclient python-keystone-auth-token python-keystonemiddleware memcached
          /etc/*/*.conf ...
          ...
          ...
          • /etc/neutron/neutron.conf
            • [database]
              ...
              connection = mysql://neutron:NEUTRON_DBPASS@controller/neutron
            • [DEFAULT]
              ...
              rpc_backend = rabbit
              rabbit_host = controller
              rabbit_password = RABBIT_PASS
            • [DEFAULT]
              ...
              auth_strategy = keystone
              [keystone_authtoken]
              ...
              auth_uri = http://controller:5000/v2.0
              identity_uri = http://controller:35357
              admin_tenant_name = service
              admin_user = neutron
              admin_password = NEUTRON_PASS
            • [DEFAULT]
              ...
              core_plugin = ml2
              service_plugins = router
              allow_overlapping_ips = True
            • [DEFAULT]
              ...
              notify_nova_on_port_status_changes = True
              notify_nova_on_port_data_changes = True
              nova_url = http://controller:8774/v2
              nova_admin_auth_url = http://controller:35357/v2.0
              nova_region_name = regionOne
              nova_admin_username = nova
              nova_admin_tenant_id = SERVICE_TENANT_ID
              nova_admin_password = NOVA_PASS
            • [DEFAULT]
              ...
              verbose = True
          • /etc/neutron/plugins/ml2/ml2_conf.ini
            • [ml2]
              ...
              type_drivers = flat,gre
              tenant_network_types = gre
              mechanism_drivers = openvswitch
            • [ml2_type_gre]
              ...
              tunnel_id_ranges = 1:1000
            • [securitygroup]
              ...
              enable_security_group = True
              enable_ipset = True
              firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
          • /etc/nova/nova.conf
            • [DEFAULT]
              ...
              network_api_class = nova.network.neutronv2.api.API
              security_group_api = neutron
              linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
              firewall_driver = nova.virt.firewall.NoopFirewallDriver
            • [neutron]
              ...
              url = http://controller:9696
              auth_strategy = keystone
              admin_auth_url = http://controller:35357/v2.0
              admin_tenant_name = service
              admin_username = neutron
              admin_password = NEUTRON_PASS
            • [neutron]
              ...
              service_metadata_proxy = True
              metadata_proxy_shared_secret = METADATA_SECRET


          • /etc/nova/nova.conf
            • [DEFAULT]
              ...
              network_api_class = nova.network.api.API
              security_group_api = nova
          • /etc/cinder/cinder.conf
            • [database]
              ...
              connection = mysql://cinder:CINDER_DBPASS@controller/cinder
            • [DEFAULT]
              ...
              rpc_backend = rabbit
              rabbit_host = controller
              rabbit_password = RABBIT_PASS
            • [DEFAULT]
              ...
              auth_strategy = keystone
              [keystone_authtoken]
              ...
              auth_uri = http://controller:5000/v2.0
              identity_uri = http://controller:35357
              admin_tenant_name = service
              admin_user = cinder
              admin_password = CINDER_PASS
            • [DEFAULT]
              ...
              my_ip = 10.0.0.11
            • [DEFAULT]
              ...
              verbose = True
          • curl -o /etc/swift/proxy-server.conf https://raw.githubusercontent.com/openstack/swift/stable/juno/etc/proxy-server.conf-sample
          • /etc/swift/proxy-server.conf
            • [DEFAULT]
              ...
              bind_port = 8080
              user = swift
              swift_dir = /etc/swift
            • [pipeline:main]
              pipeline = authtoken cache healthcheck keystoneauth proxy-logging proxy-server
            • [app:proxy-server]
              ...
              allow_account_management = true
              account_autocreate = true
            • [filter:keystoneauth]
              use = egg:swift#keystoneauth
              ...
              operator_roles = admin,_member_
            • [filter:authtoken]
              paste.filter_factory = keystonemiddleware.auth_token:filter_factory
              ...
              auth_uri = http://controller:5000/v2.0
              identity_uri = http://controller:35357
              admin_tenant_name = service
              admin_user = swift
              admin_password = SWIFT_PASS
              delay_auth_decision = true
            • [filter:cache]
              ...
              memcache_servers = 127.0.0.1:11211
          populate db
          su -s /bin/sh -c "keystone-manage db_sync" keystone
          su -s /bin/sh -c "glance-manage db_sync" glance
          su -s /bin/sh -c "nova-manage db sync" nova

          su -s /bin/sh -c "cinder-manage db sync" cinder

          systemctl
          • systemctl enable openstack-keystone.service
          • systemctl start openstack-keystone.service
          • systemctl enable openstack-glance-api.service openstack-glance-registry.service
          • systemctl start openstack-glance-api.service openstack-glance-registry.service
          • systemctl enable openstack-nova-api.service openstack-nova-cert.service   openstack-nova-consoleauth.service openstack-nova-scheduler.service  openstack-nova-conductor.service openstack-nova-novncproxy.service
          • systemctl start openstack-nova-api.service openstack-nova-cert.service  openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service

          • systemctl restart openstack-nova-api.service openstack-nova-scheduler.service   openstack-nova-conductor.service
          • systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service
          • systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service

          initial rings





          • cd /etc/swift
          • swift-ring-builder account.builder create 10 3 1
          • swift-ring-builder account.builder add r1z1-10.0.0.51:6002/sdb1 100
          • swift-ring-builder account.builder add r1z1-10.0.0.51:6002/sdc1 100
          • swift-ring-builder account.builder add r1z1-10.0.0.52:6002/sdb1 100
          • swift-ring-builder account.builder add r1z1-10.0.0.52:6002/sdc1 100
          • swift-ring-builder account.builder
          • swift-ring-builder account.builder rebalance
          • swift-ring-builder container.builder create 10 3 1
          • swift-ring-builder container.builder add r1z1-10.0.0.51:6001/sdb1 100
          • swift-ring-builder container.builder add r1z1-10.0.0.51:6001/sdc1 100
          • swift-ring-builder container.builder add r1z1-10.0.0.52:6001/sdb1 100
          • swift-ring-builder container.builder add r1z1-10.0.0.52:6001/sdc1 100
          • swift-ring-builder container.builder
          • swift-ring-builder container.builder rebalance
          • swift-ring-builder object.builder create 10 3 1
          • swift-ring-builder object.builder add r1z1-10.0.0.51:6000/sdb1 100
          • swift-ring-builder object.builder add r1z1-10.0.0.51:6000/sdc1 100
          • swift-ring-builder object.builder add r1z1-10.0.0.52:6000/sdb1 100
          • swift-ring-builder object.builder add r1z1-10.0.0.52:6000/sdc1 100
          • swift-ring-builder object.builder
          • swift-ring-builder object.builder rebalance
          • scp account.ring.gz root@10.0.0.51:/etc/swift
          • scp account.ring.gz root@10.0.0.52:/etc/swift
          • scp container.ring.gz root@10.0.0.51:/etc/swift
          • scp container.ring.gz root@10.0.0.52:/etc/swift
          • scp object.ring.gz root@10.0.0.51:/etc/swift
          • scp object.ring.gz root@10.0.0.52:/etc/swift

          finalize swift installation






          • curl -o /etc/swift/swift.conf https://raw.githubusercontent.com/openstack/swift/stable/juno/etc/swift.conf-sample
          • /etc/swift/swift.conf
            • [swift-hash]
              ...
              swift_hash_path_suffix = HASH_PATH_PREFIX
              swift_hash_path_prefix = HASH_PATH_SUFFIX
            • [storage-policy:0]
              ...
              name = Policy-0
              default = yes
          • scp swift.conf root@10.0.0.51:/etc/swift
          • scp swift.conf root@10.0.0.52:/etc/swift
          • chown -R swift:swift /etc/swift
          • systemctl enable openstack-swift-proxy.service memcached.service
          • systemctl start openstack-swift-proxy.service memcached.service
          compute-node yum install

          • yum install openstack-nova-compute sysfsutils
          • yum install openstack-neutron-ml2 openstack-neutron-openvswitch



          /etc/*/*.conf


          • /etc/neutron/neutron.conf
            • [database]
            • [DEFAULT]
              ...
              rpc_backend = rabbit
              rabbit_host = controller
              rabbit_password = RABBIT_PASS
            • [DEFAULT]
              ...
              auth_strategy = keystone
              [keystone_authtoken]
              ...
              auth_uri = http://controller:5000/v2.0
              identity_uri = http://controller:35357
              admin_tenant_name = service
              admin_user = neutron
              admin_password = NEUTRON_PASS
            • [DEFAULT]
              ...
              core_plugin = ml2
              service_plugins = router
              allow_overlapping_ips = True
            • [DEFAULT]
              ...
              verbose = True
          • /etc/neutron/plugins/ml2/ml2_conf.ini
            • [ml2]
              ...
              type_drivers = flat,gre
              tenant_network_types = gre
              mechanism_drivers = openvswitch
            • [ml2_type_gre]
              ...
              tunnel_id_ranges = 1:1000
            • [securitygroup]
              ...
              enable_security_group = True
              enable_ipset = True
              firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
            • [ovs]
              ...
              local_ip = INSTANCE_TUNNELS_INTERFACE_IP_ADDRESS
              enable_tunneling = True
            • [agent]
              ...
              tunnel_types = gre
          • /etc/nova/nova.conf
            • [DEFAULT]
              ...
              network_api_class = nova.network.neutronv2.api.API
              security_group_api = neutron
              linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
              firewall_driver = nova.virt.firewall.NoopFirewallDriver
            • [neutron]
              ...
              url = http://controller:9696
              auth_strategy = keystone
              admin_auth_url = http://controller:35357/v2.0
              admin_tenant_name = service
              admin_username = neutron
              admin_password = NEUTRON_PASS



          systemctl

          • systemctl enable libvirtd.service openstack-nova-compute.service
          • systemctl start libvirtd.service openstack-nova-compute.service
          • systemctl enable openvswitch.service
          • systemctl start openvswitch.service



          network-node
          prerequisites



          • /etc/sysctl.conf
            • net.ipv4.ip_forward=1
              net.ipv4.conf.all.rp_filter=0
              net.ipv4.conf.default.rp_filter=0
          • sysctl -p



          yum install



          • yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch



          /etc/*/*.conf


          • /etc/neutron/neutron.conf
            • [database]
            • [DEFAULT]
              ...
              rpc_backend = rabbit
              rabbit_host = controller
              rabbit_password = RABBIT_PASS
            • [DEFAULT]
              ...
              auth_strategy = keystone
              [keystone_authtoken]
              ...
              auth_uri = http://controller:5000/v2.0
              identity_uri = http://controller:35357
              admin_tenant_name = service
              admin_user = neutron
              admin_password = NEUTRON_PASS
            • [DEFAULT]
              ...
              core_plugin = ml2
              service_plugins = router
              allow_overlapping_ips = True
            • [DEFAULT]
              ...
              verbose = True
          • /etc/neutron/plugins/ml2/ml2_conf.ini
            • [ml2]
              ...
              type_drivers = flat,gre
              tenant_network_types = gre
              mechanism_drivers = openvswitch
            • [ml2_type_flat]
              ...
              flat_networks = external
            • [ml2_type_gre]
              ...
              tunnel_id_ranges = 1:1000
            • [securitygroup]
              ...
              enable_security_group = True
              enable_ipset = True
              firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
            • [ovs]
              ...
              local_ip = INSTANCE_TUNNELS_INTERFACE_IP_ADDRESS
              enable_tunneling = True
              bridge_mappings = external:br-ex
            • [agent]
              ...
              tunnel_types = gre
          • /etc/neutron/l3_agent.ini
            • [DEFAULT]
              ...
              interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
              use_namespaces = True
              external_network_bridge = br-ex
              router_delete_namespaces = True
            • [DEFAULT]
              ...
              verbose = True
          • /etc/neutron/dhcp_agent.ini
            • [DEFAULT]
              ...
              interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
              dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
              use_namespaces = True
              dhcp_delete_namespaces = True
            • [DEFAULT]
              ...
              verbose = True
          • /etc/neutron/metadata_agent.ini
            • [DEFAULT]
              ...
              auth_url = http://controller:5000/v2.0
              auth_region = regionOne
              admin_tenant_name = service
              admin_user = neutron
              admin_password = NEUTRON_PASS
            • [DEFAULT]
              ...
              nova_metadata_ip = controller
            • [DEFAULT]
              ...
              metadata_proxy_shared_secret = METADATA_SECRET
            • [DEFAULT]
              ...
              verbose = True



          OVS+conf



          • systemctl enable openvswitch.service
          • systemctl start openvswitch.service
          • ovs-vsctl add-br br-ex
          • ovs-vsctl add-port br-ex INTERFACE_NAME



          block1-node



          LVM





          • systemctl enable lvm2-lvmetad.service
          • systemctl start lvm2-lvmetad.service
          • pvcreate /dev/sdb1
          • vgcreate cinder-volumes /dev/sdb1
          • /etc/lvm/lvm.conf
            • devices {
              ...
              filter = [ "a/sdb/", "r/.*/"]

          yum install




          yum install openstack-cinder targetcli python-oslo-db MySQL-python

          /etc/*/*.conf





          • /etc/cinder/cinder.conf
            • [database]
              ...
              connection = mysql://cinder:CINDER_DBPASS@controller/cinder
            • [DEFAULT]
              ...
              rpc_backend = rabbit
              rabbit_host = controller
              rabbit_password = RABBIT_PASS
            • [DEFAULT]
              ...
              auth_strategy = keystone
              [keystone_authtoken]
              ...
              auth_uri = http://controller:5000/v2.0
              identity_uri = http://controller:35357
              admin_tenant_name = service
              admin_user = cinder
              admin_password = CINDER_PASS
            • [DEFAULT]
              ...
              my_ip = MANAGEMENT_INTERFACE_IP_ADDRESS
            • [DEFAULT]
              ...
              glance_host = controller
            • [DEFAULT]
              ...
              iscsi_helper = lioadm
            • [DEFAULT]
              ...
              verbose = True

          systemctl





          • systemctl enable openstack-cinder-volume.service target.service
          • systemctl start openstack-cinder-volume.service target.service

          object1-node
          object2-node



          prerequisites
          (disc addicional)






          • yum install xfsprogs rsync
          • mkfs.xfs /dev/sdb1
          • mkfs.xfs /dev/sdc1
          • mkdir -p /srv/node/sdb1
          • mkdir -p /srv/node/sdc1
          • /etc/fstab
            • /dev/sdb1 /srv/node/sdb1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 2
              /dev/sdc1 /srv/node/sdc1 xfs noatime,nodiratime,nobarrier,logbufs=8 0 2
          • mount /srv/node/sdb1
          • mount /srv/node/sdc1
          • /etc/rsync.d
            • uid = swift
              gid = swift
              log file = /var/log/rsyncd.log
              pid file = /var/run/rsyncd.pid
              address = MANAGEMENT_INTERFACE_IP_ADDRESS
              [account]
              max connections = 2
              path = /srv/node/
              read only = false
              lock file = /var/lock/account.lock
              [container]
              max connections = 2
              path = /srv/node/
              read only = false
              lock file = /var/lock/container.lock
              [object]
              max connections = 2
              path = /srv/node/
              read only = false
              lock file = /var/lock/object.lock
          • systemctl enable rsyncd.service
          • systemctl start rsyncd.service
          yum install





          • yum install openstack-swift-account openstack-swift-container openstack-swift-object
          conf






          • curl -o /etc/swift/account-server.conf https://raw.githubusercontent.com/openstack/swift/stable/juno/etc/account-server.conf-sample
          • /etc/swift/account-server.conf
            • [DEFAULT]
              ...
              bind_ip = MANAGEMENT_INTERFACE_IP_ADDRESS
              bind_port = 6002
              user = swift
              swift_dir = /etc/swift
              devices = /srv/node
            • [pipeline:main]
              pipeline = healthcheck recon account-server
            • [filter:recon]
              ...
              recon_cache_path = /var/cache/swift
          • curl -o /etc/swift/container-server.conf https://raw.githubusercontent.com/openstack/swift/stable/juno/etc/container-server.conf-sample
          • /etc/swift/container-server.conf
            • [DEFAULT]
              ...
              bind_ip = MANAGEMENT_INTERFACE_IP_ADDRESS
              bind_port = 6001
              user = swift
              swift_dir = /etc/swift
              devices = /srv/node
            • [pipeline:main]
              pipeline = healthcheck recon container-server
            • [filter:recon]
              ...
              recon_cache_path = /var/cache/swift
          • curl -o /etc/swift/object-server.conf https://raw.githubusercontent.com/openstack/swift/stable/juno/etc/object-server.conf-sample
          • /etc/swift/object-server.conf
            • [DEFAULT]
              ...
              bind_ip = MANAGEMENT_INTERFACE_IP_ADDRESS
              bind_port = 6000
              user = swift
              swift_dir = /etc/swift
              devices = /srv/node
            • [pipeline:main]
              pipeline = healthcheck recon object-server
            • [filter:recon]
              ...
              recon_cache_path = /var/cache/swift
          postrequisites






          • chown -R swift:swift /srv/node
          • mkdir -p /var/cache/swift
          • chown -R swift:swift /var/cache/swift
          finalize installation






          • chown -R swift:swift /etc/swift
          • systemctl enable openstack-swift-account.service openstack-swift-account-auditor.service \
              openstack-swift-account-reaper.service openstack-swift-account-replicator.service
          • systemctl start openstack-swift-account.service openstack-swift-account-auditor.service \
              openstack-swift-account-reaper.service openstack-swift-account-replicator.service
          • systemctl enable openstack-swift-container.service openstack-swift-container-auditor.service \
              openstack-swift-container-replicator.service openstack-swift-container-updater.service
          • systemctl start openstack-swift-container.service openstack-swift-container-auditor.service \
              openstack-swift-container-replicator.service openstack-swift-container-updater.service
          • systemctl enable openstack-swift-object.service openstack-swift-object-auditor.service \
              openstack-swift-object-replicator.service openstack-swift-object-updater.service
          • systemctl start openstack-swift-object.service openstack-swift-object-auditor.service \
              openstack-swift-object-replicator.service openstack-swift-object-updater.service


          identity (keystone) image (glance) compute (nova) network (neutron) network (nova-network) block storage (cinder)
          object storage (swift)

      • OpenStack Installation Guide for Ubuntu 14.04
  • Fuel
  • Wiki
  • Related projects
  • Other


Cloud Management Platform

  • ManageIQ
    • VirtualBox
      • curl -O -L http://manageiq.org/download/manageiq-openstack-stable.qc2
      • qemu-img convert -O vdi manageiq-openstack-stable.qc2 manageiq-openstack-stable.vdi

http://www.francescpinyol.cat/openstack.html
Primera versió: / First version: 18.III.2015
Darrera modificació: 26 de gener de 2016 / Last update: 26th Jannuary 2016

Valid HTML 4.01!

Cap a casa / Back home