OpenStack Liberty on Ubuntu 14.04 and Ubuntu 15.10 – Single machine setup – maestropandy

Install Ubuntu with partitioning scheme as per your requirements. Note: Run all the commands as super-user. We assume that the IP of the Single machine is 10.0.0.1.

Configure the repositories and update the packages.

This step is needed only if the OS is Ubuntu 14.04 LTS. You can skip the repository configuration if the OS is Ubuntu 15.10

apt-get update && apt-get -y dist-upgrade
add-apt-repository cloud-archive:liberty
Update the packages.

apt-get update && apt-get -y dist-upgrade
Note: Reboot is needed only if kernel is updated

reboot
Support packages

RaabitMQ server

apt-get install -y rabbitmq-server
Create a new user named ‘openstack’ and set necessary permissions for it.

rabbitmqctl add_user openstack rabbit_pass
rabbitmqctl set_permissions openstack “.*” “.*” “.*”
MariaDB server

Install MariaDB server and related software

apt-get install -y mariadb-server python-pymysql
Create a new file /etc/mysql/conf.d/mysqld_openstack.cnf and edit the following lines as follows

[mysqld]

bind-address = 0.0.0.0
default-storage-engine = innodb
innodb_file_per_table
collation-server = utf8_general_ci
init-connect = ‘SET NAMES utf8’
character-set-server = utf8
Restart MySQL service

service mysql restart
Other Configuration

Edit the following lines in the file /etc/sysctl.conf
net.ipv4.ip_forward=1
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0
Load the values

sysctl -p
Keystone (Identity)

Install keystone

apt-get install -y keystone apache2 libapache2-mod-wsgi memcached python-memcache python-openstackclient
Create mysql database named keystone and add credentials

mysql -u root -p
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@’%’ IDENTIFIED BY ‘keystone_dbpass’;
quit
Edit the file /etc/keystone/keystone.conf and make the following changes

[DEFAULT]

admin_token = ADMIN
[database]

connection = mysql+pymysql://keystone:keystone_dbpass@10.0.0.1/keystone
[memcache]

servers = localhost:11211
[token]

provider = uuid
driver = memcache
[revoke]

driver = sql
And comment the following line

connection = sqlite:////var/lib/keystone/keystone.db
Stop Keystone from automatically starting after reboot

echo “manual” > /etc/init/keystone.override
Sync the database

keystone-manage db_sync
Edit the file /etc/apache2/sites-available/wsgi-keystone.conf and append the following lines

Listen 5000
Listen 35357
<VirtualHost *:5000>
WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-public
WSGIScriptAlias / /usr/bin/keystone-wsgi-public
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
<IfVersion >= 2.4>
ErrorLogFormat “%{cu}t %M”
</IfVersion>
ErrorLog /var/log/apache2/keystone.log
CustomLog /var/log/apache2/keystone_access.log combined
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
</VirtualHost>
<VirtualHost *:35357>
WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-admin
WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
<IfVersion >= 2.4>
ErrorLogFormat “%{cu}t %M”
</IfVersion>
ErrorLog /var/log/apache2/keystone.log
CustomLog /var/log/apache2/keystone_access.log combined
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
</VirtualHost>
Create a soft link for the conf file created just now, in the ‘sites-enabled’ directory

ln -s /etc/apache2/sites-available/wsgi-keystone.conf /etc/apache2/sites-enabled
Export the variable to run initial keystone commands

export OS_TOKEN=ADMIN
export OS_URL=http://10.0.0.1:35357/v3
export OS_IDENTITY_API_VERSION=3
Create admin user, admin tenant, admin role and service tenant. Also add admin user to admin tenant and admin role.

openstack service create –name keystone –description “OpenStack Identity” identity
openstack endpoint create –region RegionOne identity public http://10.0.0.1:5000/v2.0
openstack endpoint create –region RegionOne identity internal http://10.0.0.1:5000/v2.0
openstack endpoint create –region RegionOne identity admin http://10.0.0.1:35357/v2.0
openstack project create –domain default –description “Admin Project” admin
openstack user create –domain default –password-prompt admin
openstack role create admin
openstack role add –project admin –user admin admin
openstack project create –domain default –description “Service Project” service
unset OS_TOKEN OS_URL
Create a file named creds and add the following lines

export OS_PROJECT_DOMAIN_ID=default
export OS_USER_DOMAIN_ID=default
export OS_PROJECT_NAME=admin
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=ADMIN
export OS_AUTH_URL=http://10.0.0.1:35357/v3
export OS_IDENTITY_API_VERSION=3
Source the file

source creds
Test the keysone setup

openstack token issue
Glance (Image Store)

Install Glance

apt-get install -y glance python-glanceclient
Create database and credentials for Glance

mysql -u root -p
CREATE DATABASE glance;
GRANT ALL ON glance.* TO ‘glance’@’%’ IDENTIFIED BY ‘glance_dbpass’;
quit;
Create Keystone entries for glance

openstack user create –password-prompt glance
openstack role add –project service –user glance admin
openstack service create –name glance –description “OpenStack Image service” image
openstack endpoint create –region RegionOne image public http://10.0.0.1:9292
openstack endpoint create –region RegionOne image internal http://10.0.0.1:9292
openstack endpoint create –region RegionOne image admin http://10.0.0.1:9292
Edit /etc/glance/glance-api.conf and edit the following lines

[database]

connection = mysql+pymysql://glance:glance_dbpass@10.0.0.1/glance

[keystone_authtoken]

auth_uri = http://10.0.0.1:5000
auth_url = http://10.0.0.1:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = glance
password = glance_pass

[paste_deploy]

flavor = keystone

[glance_store]

default_store = file
filesystem_store_datadir = /var/lib/glance/images/
Edit /etc/glance/glance-registry.conf and edit the following lines as below

[database]

connection = mysql+pymysql://glance:glance_dbpass@10.0.0.1/glance

[keystone_authtoken]

auth_uri = http://10.0.0.1:5000
auth_url = http://10.0.0.1:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = glance
password = glance_pass

[paste_deploy]

flavor = keystone
Restart Glance services

service glance-api restart
service glance-registry restart
Sync the database

glance-manage db_sync
Download a pre-bundled image for testing

wget http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
glance image-create –name “cirros” –file cirros-0.3.4-x86_64-disk.img –disk-format qcow2 –container-format bare –visibility public –progress
Check the Glance installation using the following command

glance image-list
Nova (Compute)

Install the Nova services

apt-get install -y nova-compute sysfsutils nova-api nova-cert nova-conductor nova-consoleauth nova-novncproxy nova-scheduler python-novaclient nova-console
Create database and credentials for Nova

mysql -u root -p
CREATE DATABASE nova;
GRANT ALL PRIVILEGES ON nova.* TO ‘nova’@’%’ IDENTIFIED BY ‘nova_dbpass’;
quit
Create Keystone entries for Nova

openstack user create –domain default –password-prompt nova
openstack role add –project service –user nova admin
openstack service create –name nova –description “OpenStack Compute” compute
openstack endpoint create –region RegionOne compute public http://10.0.0.1:8774/v2/%\(tenant_id\)s
openstack endpoint create –region RegionOne compute internal http://10.0.0.1:8774/v2/%\(tenant_id\)s
openstack endpoint create –region RegionOne compute admin http://10.0.0.1:8774/v2/%\(tenant_id\)s
Open /etc/nova/nova.conf and edit the file as follows

[DEFAULT]
dhcpbridge_flagfile=/etc/nova/nova.conf
dhcpbridge=/usr/bin/nova-dhcpbridge
logdir=/var/log/nova
state_path=/var/lib/nova
lock_path=/var/lock/nova
force_dhcp_release=True
libvirt_use_virtio_for_bridges=True
verbose=True
ec2_private_dns_show_ip=True
api_paste_config=/etc/nova/api-paste.ini
enabled_apis=ec2,osapi_compute,metadata
rpc_backend = rabbit
auth_strategy = keystone
my_ip = 10.0.0.1
vnc_enabled = True
vncserver_listen = 10.0.0.1
vncserver_proxyclient_address = 10.0.0.1
novncproxy_base_url = http://10.0.0.1:6080/vnc_auto.html
network_api_class = nova.network.neutronv2.api.API
security_group_api = neutron
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver
scheduler_default_filters=AllHostsFilter

[database]
connection = mysql://nova:nova_dbpass@10.0.0.1/nova

[oslo_messaging_rabbit]
rabbit_host = 127.0.0.1
rabbit_userid = openstack
rabbit_password = rabbit_pass

[keystone_authtoken]
auth_uri = http://10.0.0.1:5000
auth_url = http://10.0.0.1:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = nova
password = nova_pass

[glance]
host = 10.0.0.1

[oslo_concurrency]
lock_path = /var/lock/nova

[neutron]
service_metadata_proxy = True
metadata_proxy_shared_secret = openstack

url = http://10.0.0.1:9696
auth_strategy = keystone
admin_auth_url = http://10.0.0.1:35357/v2.0
admin_tenant_name = service
admin_username = neutron
admin_password = neutron_pass
[cinder]
os_region_name = RegionOne
sync the Nova db

nova-manage db sync
Restart all nova services

service nova-api restart; service nova-cert restart; service nova-consoleauth restart; service nova-scheduler restart; service nova-conductor restart; service nova-novncproxy restart; service nova-compute restart; service nova-console restart
Test the Nova installation using the following command

nova-manage service list
The output should be something like this

Binary Host Zone Status State Updated_At
nova-cert ubuntu-OS internal enabled 🙂 2015-10-28 15:32:13
nova-consoleauth ubuntu-OS internal enabled 🙂 2015-10-28 15:32:13
nova-scheduler ubuntu-OS internal enabled 🙂 2015-10-28 15:32:14
nova-conductor ubuntu-OS internal enabled 🙂 2015-10-28 15:32:14
nova-compute ubuntu-OS nova enabled 🙂 2015-10-28 15:32:15
nova-console ubuntu-OS internal enabled 🙂 2015-10-28 15:32:15
Also run the following command to check if nova is able to authenticate with keystone server

nova list
Neutron (Networking)

Install the Neutron services

apt-get install -y neutron-server neutron-plugin-openvswitch neutron-plugin-openvswitch-agent neutron-common neutron-dhcp-agent neutron-l3-agent neutron-metadata-agent openvswitch-switch
Create database and credentials for Neutron

mysql -u root -p
CREATE DATABASE neutron;
GRANT ALL ON neutron.* TO ‘neutron’@’%’ IDENTIFIED BY ‘neutron_dbpass’;
quit;
Create Keystone entries for Neutron

openstack user create –domain default –password-prompt neutron
openstack role add –project service –user neutron admin
openstack service create –name neutron –description “OpenStack Networking” network
openstack endpoint create –region RegionOne network public http://10.0.0.1:9696
openstack endpoint create –region RegionOne network internal http://10.0.0.1:9696
openstack endpoint create –region RegionOne network admin http://10.0.0.1:9696
Edit /etc/neutron/neutron.conf and make the following changes in appropriate sections.

[DEFAULT]

core_plugin = ml2
service_plugins = router
rpc_backend = rabbit
auth_strategy = keystone
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
nova_url = http://10.0.0.1:8774/v2

[keystone_authtoken]
auth_uri = http://10.0.0.1:5000
auth_url = http://10.0.0.1:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = neutron_pass

[database]

connection = mysql+pymysql://neutron:neutron_dbpass@10.0.0.1/neutron

[oslo_messaging_rabbit]

rabbit_host = 10.0.0.1
rabbit_userid = openstack
rabbit_password = rabbit_pass
[nova]

auth_url = http://10.0.0.1:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
region_name = RegionOne
project_name = service
username = nova
password = nova_pass
Open /etc/neutron/plugins/ml2/ml2_conf.ini and make the following changes

[ml2]
type_drivers=flat,vlan
tenant_network_types=vlan,flat
mechanism_drivers=openvswitch
[ml2_type_flat]
flat_networks=External
[ml2_type_vlan]
network_vlan_ranges=Intnet1:100:200
[ml2_type_gre]
[ml2_type_vxlan]
[securitygroup]
firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
enable_security_group=True
[ovs]
bridge_mappings=External:br-ex,Intnet1:br-eth1
We have created two physical networks one as a flat network and the other as a vlan network with vlan ranging from 100 to 200. We have mapped External network to br-ex and Intnet1 to br-eth1. Now Create bridges Note: The naming convention for the ethernet cards may also be like “p4p1”, “em1” from Ubuntu 14.04 LTS. You can use the appropriate interface names below instead of “eth1” and “eth2”.

ovs-vsctl add-br br-int
ovs-vsctl add-br br-eth1
ovs-vsctl add-br br-ex
ovs-vsctl add-port br-eth1 eth1
ovs-vsctl add-port br-ex eth2
According to our set up all traffic belonging to External network will be bridged to eth2 and all traffic of Intnet1 will be bridged to eth1. If you have only one interface(eth0) and would like to use it for all networking then please have a look at https://fosskb.wordpress.com/2014/06/10/managing-openstack-internaldataexternal-network-in-one-interface.

Edit /etc/neutron/metadata_agent.ini to look like this

[DEFAULT]
auth_uri = http://10.0.0.1:5000
auth_url = http://10.0.0.1:35357
auth_region = RegionOne
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = neutron_pass
….
nova_metadata_ip = 127.0.0.1
Edit /etc/neutron/dhcp_agent.ini to look like this

[DEFAULT]
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
use_namespaces = True
dnsmasq_dns_servers = 8.8.8.8
Edit /etc/neutron/l3_agent.ini to look like this

[DEFAULT]
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True
Sync the db

neutron-db-manage –config-file /etc/neutron/neutron.conf –config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade liberty
Restart all Neutron services

service neutron-server restart; service neutron-plugin-openvswitch-agent restart;service neutron-metadata-agent restart; service neutron-dhcp-agent restart; service neutron-l3-agent restart
Check if the services are running. Run the following command

neutron agent-list
The output should be like

+————————————–+——————–+——–+——-+—————-+
| id | agent_type | host | alive | admin_state_up |
+————————————–+——————–+——–+——-+—————-+
| 01a5e70c-324a-4183-9652-6cc0e5c98499 | Metadata agent | ubuntu | 🙂 | True |
| 17b9440b-50eb-48b7-80a8-a5bbabc47805 | DHCP agent | ubuntu | 🙂 | True |
| c30869f2-aaca-4118-829d-a28c63a27aa4 | L3 agent | ubuntu | 🙂 | True |
| f846440e-4ca6-4120-abe1-ffddaf1ab555 | Open vSwitch agent | ubuntu | 🙂 | True |
+————————————–+——————–+——–+——-+—————-+
Users who want to know what happens under the hood can read

How neutron-openvswitch-agent provides L2 connectivity between Instances, DHCP servers and routers
How neutron-l3-agent provides services like routing, natting, floatingIP and security groups
See more of Linux networking capabilities
Cinder (Block storage)

Install Cinder services

apt-get install cinder-api cinder-scheduler cinder-volume lvm2 open-iscsi-utils open-iscsi iscsitarget sysfsutils python-cinderclient
Create database and credentials for Cinder

mysql -u root -p
mysql> CREATE DATABASE cinder;
mysql> GRANT ALL PRIVILEGES ON cinder.* TO ‘cinder’@’%’ IDENTIFIED BY ‘cinder_dbpass’;
mysql> quit;
Create Cinder related keystone entries

openstack user create –domain default –password-prompt cinder
openstack role add –project service –user cinder admin
openstack service create –name cinder –description “OpenStack Block Storage” volume
openstack service create –name cinderv2 –description “OpenStack Block Storage” volumev2
openstack endpoint create –region RegionOne volume public http://10.0.0.1:8776/v1/%\(tenant_id\)s
openstack endpoint create –region RegionOne volume admin http://10.0.0.1:8776/v1/%\(tenant_id\)s
openstack endpoint create –region RegionOne volume internal http://10.0.0.1:8776/v1/%\(tenant_id\)s
openstack endpoint create –region RegionOne volumev2 public http://10.0.0.1:8776/v2/%\(tenant_id\)s
openstack endpoint create –region RegionOne volumev2 admin http://10.0.0.1:8776/v2/%\(tenant_id\)s
openstack endpoint create –region RegionOne volumev2 internal http://10.0.0.1:8776/v2/%\(tenant_id\)s
Edit /etc/cinder/cinder.conf and replace all the lines with the following.

[DEFAULT]
rootwrap_config = /etc/cinder/rootwrap.conf
api_paste_confg = /etc/cinder/api-paste.ini
iscsi_helper = tgtadm
volume_name_template = volume-%s
volume_group = cinder-volumes
verbose = True
auth_strategy = keystone
state_path = /var/lib/cinder
lock_path = /var/lock/cinder
volumes_dir = /var/lib/cinder/volumes
rpc_backend = rabbit
auth_strategy = keystone
my_ip = 10.0.0.1
enabled_backends = lvm
glance_host = 10.0.0.1

[database]
connection = mysql+pymysql://cinder:cinder_dbpass@10.0.0.1/cinder

[oslo_messaging_rabbit]
rabbit_host = 10.0.0.1
rabbit_userid = openstack
rabbit_password = rabbit_pass

[keystone_authtoken]
auth_uri = http://10.0.0.1:5000
auth_url = http://10.0.0.1:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = cinder
password = cinder_pass

[oslo_concurrency]
lock_path = /var/lib/cinder/tmp

[lvm]
volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver
volume_group = cinder-volumes
iscsi_protocol = iscsi
iscsi_helper = tgtadm
Sync the database

cinder-manage db sync
Create physical volume

pvcreate /dev/sdb
Create volume group named “cinder-volumes”

vgcreate cinder-volumes /dev/sdb
Restart all the Cinder services

service cinder-scheduler restart;service cinder-api restart;service cinder-volume restart;service tgt restart
Create a volume to test the setup

cinder create –display-name myVolume 1
List the volume created

+————————————–+———–+——————+———-+——+————-+———-+————-+————————————–+
| ID | Status | Migration Status | Name | Size | Volume Type | Bootable | Multiattach | Attached to |
+————————————–+———–+——————+———-+——+————-+———-+————-+————————————–+
| 535adcde-f206-4377-8875-4354e910a3e0 | available | – | myVolume | 1 | – | false | False | |
+————————————–+———–+——————+———-+——+————-+———-+————-+————————————–+
Horizon (OpenStack Dashboard)

Install OpenStack Web UI using the following command.

apt-get install -y openstack-dashboard
After installing login using the following credentials

URL : http://10.0.0.1/horizon
Username: admin
Password: ADMIN
Use the following link to get started with the first instance on OpenStack.

Procedure to get started with the first instance on OpenStack

About these ads

Share this:
Click to share on Twitter (Opens in new window)3Share on Facebook (Opens in new window)3Click to email (Opens in new window)Click to print (Opens in new window)1Click to share on LinkedIn (Opens in new window)1Click to share on Reddit (Opens in new window)Click to share on Google+ (Opens in new window)Click to share on Tumblr (Opens in new window)Click to share on Pinterest (Opens in new window)Click to share on Pocket (Opens in new window)

Related
OpenStack Juno on Ubuntu 14.04 LTS and 14.10 – Single Machine Setup
In “Cloud”
OpenStack Kilo on Ubuntu 14.04 LTS and 15.04 – Single machine setup
In “Cloud”
OpenStack IceHouse on Ubuntu 14.04 LTS and 12.04 LTS – Single machine setup
In “Cloud”
20/10/2015 · POSTED IN CLOUD, GLANCE, LIBERTY, NEUTRON, OPEN VSWITCH, OPENSTACK, OPENSTACK INSTALLATION GUIDE, UBUNTU, UBUNTU 14.04 · TAGGED OPENSTACK LIBERTY- SINGLE MACHINE INSTALL GUIDE
4 thoughts on “OpenStack Liberty on Ubuntu 14.04 and Ubuntu 15.10 – Single machine setup”

Pedro Stéfano
05/01/2016 AT 12:39 AM
Depois que adaptei esses comando em uma instalação que eu já tenho, não esta aceitando nem a conexão ssh

REPLY
Pedro Stéfano
05/01/2016 AT 12:06 AM
Have any wiki on how to make multi node

REPLY
Felipe
12/11/2015 AT 10:31 PM
Your tuts regarding openstack installation on single server rocks!

I couldn’t however get neutron to work well 😦

Have you any extra configuration to make it work? like interfaces config ?

Regads

REPLY
psichomofo
02/11/2015 AT 9:20 PM
I love Liberty ( Openstack )

REPLY
Leave a Reply
Enter your comment here…
Post navigation
« Installing LEMP stack using CentOS 6
Getting started with first instance on OpenStack »
CREATE A FREE WEBSITE OR BLOG AT WORDPRESS.COM. · THE EDDA THEME.
Follow
Follow “Free and Open Source Software Knowledge Base”

Get every new post delivered to your Inbox.

Join 140 other followers
Enter your email address

SIGN ME UP

Build a website with WordPress.com

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s