Openstack 2013 1

OpenStack 2013.1

Step by StepLuis [email protected]@woorea

Saturday, March 23, 2013

mailto:[email protected]




@woorea

VirtualBox 4.2.10

https://www.virtualbox.org/wiki/Downloads

Vagrant v1.1.2

http://downloads.vagrantup.com

Ubuntu Precise 64bits

http://files.vagrantup.com/precise64.box

Environment




@woorea

Vagrant

$ vagrant init precise64 http://files.vagrantup.com/precise64.box

$ vi Vagrantfile

config.vm.provider :virtualbox do |vbox|

vbox.customize ["modifyvm", :id, "--memory", "2048"]

end

config.vm.network :private_network, ip: "192.168.0.254"

config.vm.network :private_network, ip: "10.0.0.254"

config.vm.network :forwarded_port, guest: 80, host: 8181

$ vagrant up

$ vagrant ssh




OpenStack 2013.1


@woorea

OpenStack Grizzly

# apt-get install vim python-software-properties

# add-apt-repository ppa:openstack-ubuntu-testing/grizzly-trunk-testing

# apt-get update

# apt-get dist-upgrade


@woorea

issues

# init 0

$ vagrant up

...The following SSH command responded with a non-zero exit status.

Vagrant assumes that this means the command failed!

mount -t vboxsf -o uid=`id -u vagrant`,gid=`id -g vagrant` v-root /vagrant


@woorea

solution

$ vagrant ssh

# sudo -i

# apt-get install make

# /etc/init.d/vboxadd setup

# init 0

$ vagrant up

$ vagrant ssh


@woorea

OpenStack Grizzly

# vi /etc/sysctl.conf

net.ipv4.ip_forward=1

# sysctl -p


@woorea

Network Time Protocol

# apt-get install ntp

# vi /etc/ntp.conf

server 127.127.0.1

fudge 127.127.0.1 stratum 10

# service ntp restart


@woorea


# ntpq

ntpq> lpeers

remote refid

================================

tb.mircx.com 131.107.13.100

web1.amdgtechno 209.51.161.238

...

ntpq> exit


@woorea


#iptables -A input -p udp --dport 123 -j ACCEPT

#iptables -A output -p udp --sport 123 -j ACCEPT


@woorea


#/etc/cron.daily/ntpdate

#!/bin/sh

# Current System Time < NTP

ntpdate <my_ntp_server>

# Hardware Clock < Current System Time.

hwclock -w


@woorea

MySQL

# apt-get install mysql-server python-mysqldb

MySQL password : secret0

# vi /etc/mysql/my.cnf

bind-address = 0.0.0.0

# service mysql restart


@woorea

RabbitMQ

# apt-get install rabbitmq-server


Installing Keystone


@woorea

Keystone

# apt-get install keystone

# mysql -u root -psecret0mysql> create database keystone;

mysql> grant all privileges on keystone.* to keystone@"localhost" identified by "secret0";

mysql> exit

# vi /etc/keystone/keystone.conf

connection = mysql://keystone:secret0@localhost/keystone


@woorea

Keystone

# keystone-manage db_sync

# mysql -u keystone -psecret0 keystone

mysql>show tables;

# service keystone restart

+------------------------+| Tables_in_keystone |+------------------------+| credential || domain || ec2_credential || endpoint || group || group_domain_metadata || group_project_metadata || metadata || migrate_version || policy || project || role || service || token || user || user_domain_metadata || user_group_membership || user_project_metadata |+------------------------+


@woorea

~/.profile

# vi ~/.profile

export SERVICE_TOKEN=ADMIN

export OS_TENANT_NAME=admin

export OS_USERNAME=admin

export OS_PASSWORD=secret0

export OS_AUTH_URL=http://192.168.0.254:5000/v2.0/

export SERVICE_ENDPOINT=http://localhost:35357/v2.0/

# . ~/.profile


http://localhost:5000/v2.0/




@woorea

keystone tenant-create

# keystone tenant-create --name admin

+-------------+----------------------------------+| Property | Value |+-------------+----------------------------------+| description | || enabled | True || id | 5c525e40f6a14daa8fb0a4e4989dea95 || name | admin |+-------------+----------------------------------+


@woorea

keystone tenant-create

# keystone tenant-create --name service

+-------------+----------------------------------+| Property | Value |+-------------+----------------------------------+| description | || enabled | True || id | bc3bad45980047608dd8a9ba8af55fc2 || name | service |+-------------+----------------------------------+


@woorea

keystone tenant-list

# keystone tenant-list

+----------------------------------+---------+---------+| id | name | enabled |+----------------------------------+---------+---------+| 5c525e40f6a14daa8fb0a4e4989dea95 | admin | True || bc3bad45980047608dd8a9ba8af55fc2 | service | True |+----------------------------------+---------+---------+


@woorea

keystone role-create

# keystone role-create --name admin

+----------+----------------------------------+| Property | Value |+----------+----------------------------------+| id | caae1042a6cd4cd683ad2f9785bced94 || name | admin |+----------+----------------------------------+


@woorea


# keystone role-create --name Member

+----------+----------------------------------+| Property | Value |+----------+----------------------------------+| id | 3f9970f21139477faa00003fa67010f2 || name | Member |+----------+----------------------------------+


@woorea


# keystone role-list

+----------------------------------+----------+-------+| id | name | extra |+----------------------------------+----------+-------+| 3f9970f21139477faa00003fa67010f2 | Member | {} || caae1042a6cd4cd683ad2f9785bced94 | admin | {} |+----------------------------------+----------+-------+


@woorea

keystone user-create

# keystone user-create --name admin --pass secret0 --email [email protected]

+----------+----------------------------------+| Property | Value |+----------+----------------------------------+| email | [email protected] || enabled | True || id | d370493f461a483ca545617b7dbab448 || name | admin || tenantId | |+----------+----------------------------------+






@woorea

keystone user-list

# keystone user-list

+----------------------------------+---------+---------+----------------+| id | name | enabled | email |+----------------------------------+---------+---------+----------------+| d370493f461a483ca545617b7dbab448 | admin | True | [email protected] |+----------------------------------+---------+---------+----------------+




@woorea

keystone user-role-add

# keystone user-role-add --tenant admin --user admin --role admin

NO OUTPUT!!!


@woorea

keystone service-create

# keystone service-create --name keystone \

--type identity --description "Identity Manager Service"

+-------------+----------------------------------+| Property | Value |+-------------+----------------------------------+| description | Identity Manager Service || id | 4c22b42decfd4ef3b1803f5d62791b1d || name | keystone || type | identity |+-------------+----------------------------------+


@woorea

keystone endpoint-create

# keystone endpoint-create --region madrid \

--service_id 4c22b42decfd4ef3b1803f5d62791b1d \

--publicurl "http://192.168.254:5000/v2.0" \

--adminurl "http://localhost:35357/v2.0" \

--internalurl "http://localhost:5000/v2.0"

+-------------+----------------------------------+| Property | Value |+-------------+----------------------------------+| adminurl | http://localhost:35357/v2.0 || id | 510d919f19404cf2ade064f94662e778 || internalurl | http://localhost:5000/v2.0 | | publicurl | http://192.168.0.254:5000/v2.0 || region | madrid || service_id | 4c22b42decfd4ef3b1803f5d62791b1d |+-------------+----------------------------------+


http://172.16.30.200:5000/v2.0

http://172.16.30.200:5000/v2.0

http://10.211.55.20:35357/v2.0

http://10.211.55.20:35357/v2.0

http://10.211.55.20:5000/v2.0

http://10.211.55.20:5000/v2.0

http://localhost:35357/v2.0




http://127.0.0.1:5000/v2.0

http://127.0.0.1:5000/v2.0

Installing Glance


@woorea

Glance

# apt-get install glance

# mysql -u root -psecret0mysql> create database glance;

mysql> grant all privileges on glance.* to glance@"localhost" identified by "secret0";

mysql> exit


@woorea

Glance

# keystone user-create --name glance --pass secret0 --email [email protected]

# keystone user-role-add --tenant service --user glance --role admin




@woorea

Glance

# keystone service-create --name glance \

--type image --description "Images Registry Service"


--service_id 55cc2e173f8f437cb0f97a9d4e8ac9da \

--publicurl "http://192.168.0.254:9292/v2.0" \

--adminurl "http://localhost:9292/v2.0" \

--internalurl "http://localhost:9292/v2.0"


http://172.16.30.200:5000/v2.0

http://172.16.30.200:5000/v2.0

http://10.211.55.20:35357/v2.0

http://10.211.55.20:35357/v2.0

http://10.211.55.20:5000/v2.0

http://10.211.55.20:5000/v2.0

@woorea

/etc/glance/glance-api.conf

sql_connection = mysql://glance:secret0@localhost/glance

[keystone_authtoken]

auth_host = 127.0.0.1

auth_port = 35357

auth_protocol = http

admin_tenant_name = service

admin_user = glance

admin_password = secret0

[paste_deploy]

flavor = keystone


@woorea

/etc/glance/glance-registry.conf

connection = mysql://glance:secret0@localhost/glance

[keystone_authtoken]

auth_host = 127.0.0.1

auth_port = 35357



admin_user = glance


[paste_deploy]

flavor = keystone


@woorea

Glance

# glance-manage db_sync

# mysql -u glance -psecret0 glance

mysql>show tables;

+------------------+| Tables_in_glance |+------------------+| image_locations || image_members || image_properties || image_tags || images || migrate_version |+------------------+


@woorea

Glance

# service glance-api restart

# service glance-registry restart


@woorea

glance image-create

# wget http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img

# glance image-create --name "cirros64" \

--is-public true \

--container-format bare \

--disk-format qcow2 \

< cirros-0.3.1-x86_64-disk.img


http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img

http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img

@woorea

glance image-create

# glance image-create (cont.)

+------------------+--------------------------------------+| Property | Value |+------------------+--------------------------------------+| checksum | d972013792949d0d3ba628fbe8685bce || container_format | bare || created_at | 2013-03-21T15:07:39 || deleted | False || deleted_at | None || disk_format | qcow2 || id | 1e6faa46-788f-412d-aa22-78660e78cc00 || is_public | True || min_disk | 0 || min_ram | 0 || name | cirros64 || owner | 5c525e40f6a14daa8fb0a4e4989dea95 || protected | False || size | 13147648 || status | active || updated_at | 2013-03-21T15:07:40 |+------------------+--------------------------------------+


@woorea

glance index

# glance index

ID Name Disk Format Container Format Size------------------------------------ ----------- ------------ ----------------- ---------1e6faa46-788f-412d-aa22-78660e78cc00 cirros64 qcow2 bare 13147648


Installing Cinder


@woorea

Cinder

# apt-get install cinder-api \

cinder-scheduler \

cinder-volume \

python-cinderclient


@woorea

Block Device

# dd if=/dev/zero of=~/cinder-volumes bs=1 count=0 seek=2G

# losetup -f ~/cinder-volumes

# losetup -a

/dev/loop0: [fc00]:138680 (/root/cinder-volumes)

# pvcreate /dev/loop0

# vgcreate cinder-volumes /dev/loop0

# pvscan

PV /dev/sda5 VG precise64 lvm2 [79.76 GiB / 0 free]

PV /dev/loop0 VG cinder-volumes lvm2 [2.00 GiB / 2.00 GiB free]

Total: 2 [81.75 GiB] / in use: 2 [81.75 GiB] / in no VG: 0 [0 ]


@woorea

# mysql -u root -psecret0mysql> create database cinder;

mysql> grant all privileges on cinder.* to cinder@"localhost" identified by "secret0";

mysql> exit


@woorea

Cinder

# keystone user-create --name cinder --pass secret0 --email [email protected]

# keystone user-role-add --tenant service --user cinder --role admin




@woorea

Cinder

# keystone service-create --name cinder \

--type volume --description "Volume Service"


--service_id 24580595b4e0438ca9fe165a27d22c0d \

--publicurl "http://192.168.0.254:8776/v1/%(tenant_id)s" \

--adminurl "http://localhost:8776/v1/%(tenant_id)s" \

--internalurl "http://localhost:8776/v1/%(tenant_id)s"


http://172.16.30.200:5000/v2.0

http://172.16.30.200:5000/v2.0

http://10.211.55.20:35357/v2.0

http://10.211.55.20:35357/v2.0

http://10.211.55.20:5000/v2.0

http://10.211.55.20:5000/v2.0

@woorea

/etc/cinder/api-paste.ini

[filter:authtoken]

paste.filter_factory = keystone.middleware.auth_token:filter_factory

auth_host = localhost

auth_port = 35357



admin_user = cinder



@woorea

/etc/cinder/cinder.conf

sql_connection=mysql://cinder:secret0@localhost/cinder


@woorea

Cinder

# cinder-manage db sync

# mysql -u cinder -psecret0 cinder

mysql>show tables;

+-------------------------+| Tables_in_cinder |+-------------------------+| backups || iscsi_targets || migrate_version || migrations || quota_classes || quota_usages || quotas || reservations || services || sm_backend_config || sm_flavors || sm_volume || snapshot_metadata || snapshots || volume_glance_metadata || volume_metadata || volume_type_extra_specs || volume_types || volumes |+-------------------------+


@woorea

Cinder

# service cinder-volume restart

# service cinder-scheduler restart

# service cinder-api restart


@woorea

cinder create

# cinder create --display_name woorea_volume 1+---------------------+--------------------------------------+| Property | Value |+---------------------+--------------------------------------+| attachments | [] || availability_zone | nova || bootable | false || created_at | 2013-03-21T02:42:42.471269 || display_description | None || display_name | test || id | bf928404-877a-408b-b58a-9feb3e3029eb || metadata | {} || size | 1 || snapshot_id | None || source_volid | None || status | creating || volume_type | None |+---------------------+--------------------------------------+


@woorea

cinder list

# cinder list

+--------------------------------------+-----------+---------------+------+-------------+----------+-------------+| ID | Status | Display Name | Size | Volume Type | Bootable | Attached to |+--------------------------------------+-----------+---------------+------+-------------+----------+-------------+| fbffb280-1324-4790-8b7b-4237ca426486 | available | woorea_volume | 1 | None | false | |+--------------------------------------+-----------+---------------+------+-------------+----------+-------------+


Installing Nova


@woorea

Nova

# apt-get install nova-api \

nova-conductor \

nova-compute-qemu \

nova-scheduler \

nova-network


@woorea

Nova

# mysql -u root -psecret0mysql> create database nova;

mysql> grant all privileges on nova.* to nova@"localhost" identified by "secret0";

mysql> exit


@woorea

Nova

# keystone user-create --name nova --pass secret0 --email [email protected]

# keystone user-role-add --tenant service --user nova --role admin




@woorea

Nova

# keystone service-create --name nova \

--type compute --description "Compute Service"


--service_id 5fa2e4c0d2bf4f7ca13ced7bbf1679f3 \

--publicurl "http://192.168.0.254:8774/v2/%(tenant_id)s" \

--adminurl "http://locahost:8774/v2/%(tenant_id)s" \

--internalurl "http://localhost:8774/v2/%(tenant_id)s"


http://172.16.30.200:5000/v2.0

http://172.16.30.200:5000/v2.0

http://172.16.30.200:5000/v2.0

http://172.16.30.200:5000/v2.0

http://172.16.30.200:5000/v2.0

http://172.16.30.200:5000/v2.0

@woorea

/etc/nova/api-paste.ini

[filter:authtoken]

paste.filter_factory = keystone.middleware.auth_token:filter_factory

auth_host = localhost

auth_port = 35357



admin_user = nova


signing_dir = /tmp/keystone-signing-nova


@woorea

/etc/nova/nova.conf

my_ip=127.0.0.1

sql_connection=mysql://nova:secret0@localhost/nova

enabled_apis=osapi_compute,metadata

auth_strategy=keystone

#NETWORKING

public_interface=eth1

vlan_interface=eth2

fixed_range=10.0.0.0/27

network_size=32


@woorea

Nova

# nova-manage db sync

# mysql -u nova -psecret0 nova

mysql>show tables;

+--------------------------------------------+| Tables_in_nova |+--------------------------------------------+| agent_builds || aggregate_hosts || aggregate_metadata || aggregates || block_device_mapping || bw_usage_cache || cells || certificates || compute_node_stats || compute_nodes || console_pools || consoles || dns_domains || fixed_ips || floating_ips || instance_actions || instance_actions_events || instance_faults || instance_id_mappings || instance_info_caches || instance_metadata || instance_system_metadata || ... || task_log || virtual_interfaces || virtual_storage_arrays || volume_id_mappings || volume_metadata || volume_type_extra_specs || volume_types || volume_usage_cache || volumes |+--------------------------------------------+


@woorea

Nova

# service nova-api restart

# service nova-conductor restart

# service nova-scheduler restart

# service nova-network restart

# service nova-compute restart


@woorea

Private Network

# nova-manage network create private 10.0.0.0/27# nova-manage network list

id IPv4 IPv6 start address DNS1 DNS2 VlanID project uuid1 10.0.0.0/27 None 10.0.0.3 8.8.4.4 None 100 5c52... fd23...


@woorea

Nova

# nova-manage service listText

Binary Host Zone Status State Updated_Atnova-scheduler precise64 internal enabled :-) 2013-03-21 15:33:30nova-network precise64 internal enabled :-) 2013-03-21 15:33:30nova-conductor precise64 internal enabled :-) 2013-03-21 15:33:30nova-compute precise64 nova enabled :-) 2013-03-21 15:33:33


@woorea

nova flavor-list

# nova flavor-list

+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+-------------+| ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public | extra_specs |+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+-------------+| 1 | m1.tiny | 512 | 0 | 0 | | 1 | 1.0 | True | {} || 2 | m1.small | 2048 | 20 | 0 | | 1 | 1.0 | True | {} || 3 | m1.medium | 4096 | 40 | 0 | | 2 | 1.0 | True | {} || 4 | m1.large | 8192 | 80 | 0 | | 4 | 1.0 | True | {} || 5 | m1.xlarge | 16384 | 160 | 0 | | 8 | 1.0 | True | {} |+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+-------------+


@woorea

nova image-list

# nova image-list

+--------------------------------------+----------+--------+--------+| ID | Name | Status | Server |+--------------------------------------+----------+--------+--------+| 1e6faa46-788f-412d-aa22-78660e78cc00 | cirros64 | ACTIVE | |+--------------------------------------+----------+--------+--------+


@woorea

nova boot

# nova boot --image cirros64 --flavor m1.tiny --poll my_cirros

Text

+-------------------------------------+--------------------------------------+| Property | Value |+-------------------------------------+--------------------------------------+| OS-EXT-STS:task_state | scheduling || image | cirros64 || OS-EXT-STS:vm_state | building || OS-EXT-SRV-ATTR:instance_name | instance-00000002 || flavor | m1.tiny || id | 64985512-2970-440c-b7db-1da74966e4de || security_groups | [{u'name': u'default'}] || user_id | d370493f461a483ca545617b7dbab448 || OS-DCF:diskConfig | MANUAL || accessIPv4 | || accessIPv6 | || progress | 0 || OS-EXT-STS:power_state | 0 || OS-EXT-AZ:availability_zone | None || config_drive | || status | BUILD || updated | 2013-03-21T15:30:21Z || hostId | || OS-EXT-SRV-ATTR:host | None || key_name | None || name | my_cirros || adminPass | 6AqDXQaZxUHi || tenant_id | 5c525e40f6a14daa8fb0a4e4989dea95 || created | 2013-03-21T15:30:21Z |+-------------------------------------+--------------------------------------+


@woorea

ssh

# ssh [email protected]

Password: cubswin:)




Installing Horizon


@woorea

Horizon

# apt-get install openstack-dashboard


OpenStack Java SDK


@woorea

OpenStack Java SDKOpen Source : Apache 2 License

Apache HttpClient / JAX-RS 2.x / JAX-RS 1.x

OpenStack:

keystone nova

swift glance

ceilometer quantum


BillingStack


@woorea

BillingStackREST API

/merchants /products

/plans /customers

/subscriptions /usage

/invoices /payment-gateways

/transactions /currencies


@woorea

BillingStackOpen Source : Apache 2 Licensed

Polyglota (python / java / groovy)

We are 2 developers

Endre Karlson (python)

Luis Gervaso (java / groovy)

OpenStack Design Summit 2013, Portland


Documents

Openstack 2013 1