Upload
ijazkhan
View
224
Download
3
Embed Size (px)
DESCRIPTION
Radez f 0900 Deploying Rhos on Rhel
Citation preview
DEPLOYING OPENSTACK ON
RED HAT ENTERPRISE LINUX
Dan RadezSr. Software Engineer, Red HatJune 14, 2013
What is OpenStack?
Cloud/Visualization Platform Designed for standard hardware OpenSource
Overview
Lab Workstation
User: lab12
Password: lab12
Applications -> System Tools -> Virt Manager
- RHOS-control-node: 192.168.122.101
- RHOS-compute-node: 192.168.122.102
PackStack: Installation
Red Hat developed OpenStack installer
Deployment options Interactively Answer file Quick Start All-in-one
Features Single-host install Multi-host install RHOS, RDO, EPEL
PackStack: Installation
[root@rhos ~]# ssh 192.168.122.101
[root@control ~]# yum install -y openstack-packstack
[root@control ~]# packstack --use-epel=n --install-hosts 192.168.122.101,192.168.122.102
Install Defaults MySQL Qpid Swift Not Installed Quantum
Packstack: Installation
Exercise: Install OpenStack
file:///home/lab12/slides/index.html
Killing time while PackStack works magic
Relationship between OpenStack services
Killing time while PackStack works magic
Relationship between OpenStack services
Killing time while PackStack works magic
Relationship between OpenStack services
Killing time while PackStack works magic
Relationship between OpenStack services
Killing time while PackStack works magic
Relationship between OpenStack services
Killing time while PackStack works magic
Relationship between OpenStack services
Killing time while PackStack works magic
Relationship between OpenStack services
Killing time while PackStack works magic
Relationship between OpenStack services
Help!
$ keystone help$ keystone help user-create$ glance help$ glance help image-create$ nova help$ nova help boot
Keystone: Identity Management
Keystone: Identity Management
centralized identity service central catalog of services
Multiple forms of authentication User name and password Token-based systems Amazon Web Services style logins
Keystone: Identity Management
Login as admin[root@control ~]$ cat keystonerc_adminexport OS_USERNAME=adminexport OS_TENANT_NAME=adminexport OS_PASSWORD=5ffbe9d2a38d4a48export OS_AUTH_URL=http://192.168.122.101:35357/v2.0/ export PS1="[\u@\h \W(keystone_admin)]$ "
[root@control ~]$ source keystonerc_admin
[root@control ~(keystone_admin)]$
Keystone: Identity Management
Add a User[root@control ~]$ keystone user-create --name radez --pass supersecretpass
id: 849616035d654b9b9a8cc38b10284a52
[root@control ~]$ keystone role-create --name role1
id: 8ab4a27031084100afbafc0f95a47170
[root@control ~]$ keystone tenant-create --name tenant1
Id: 427c01f33fcf4feb930f26dd550a14e0
Keystone: Identity Management
Add a User[root@control ~]$ keystone user-role-add --user-id radez --role-id role1 --tenant-id tenant1
[root@control ~]$ keystone user-list
[root@control ~]$ keystone role-list
[root@control ~]$ keystone tenant-list
[root@control ~]$ keystone user-role-list
[root@control ~]$ keystone endpoint-list
Keystone: Identity Management
Login as radez[root@control ~]$ cp keystonerc_admin user_radezexport OS_USERNAME=radezexport OS_TENANT_NAME=tenant1export OS_PASSWORD=supersecretpassexport OS_AUTH_URL=http://192.168.122.101:35357/v2.0/ export PS1="[\u@\h \W(user_radez)]$ "
[root@control ~]$ source user_radez
[root@control ~(user_radez)]$
[root@control ~]$ source keystonerc_admin
[root@control ~(keystonerc_admin)]$
Keystone: Identity Management
Exercise: Add a user
Glance: Image Management
Glance: Image Management
registry for virtual machine images images used as templates for new servers
[root@control ~]$ glance image-create --name cirros --is-public 1 --disk-format qcow2 --container-format bare --file /mnt/cirros-0.3.0-x86_64-disk.img
id: d3d1f38e-3f2c-4f45-91e1-cb4535f62d10
[root@rhos ~]$ glance image-list
Glance: Image Management
Image Building Oz appliance-creator Native glance builder in the works Manually (launch installer, import before first boot)
Build Notes: Include cloudinit for post boot configuration
Glance: Image Management
Exercise: Add an image
Quantum: Networking
Quantum: Networking
networking as a service built in modular architecture
Features Single or Multiple host deployment virtual network, subnet, and port abstractions Plugin architecture supports many network technologies
Quantum: Networking
http://docs.openstack.org/trunk/openstack-network/admin/content/connectivity.html
Quantum: Networking
Extra Configuration (control node)/etc/quantum/dhcp_agent.ini use_namespaces=True
/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini tenant_network_type=vlan network_vlan_ranges = physnet1:1000:2999 bridge_mappings = physnet1:br-eth1
/etc/quantum/quantum.conf ovs_use_veth = True -log_file
Quantum: Networking
Extra Configuration (control node)/etc/quantum/l3_agent.ini -root_helper? use_namespaces=True
[root@control ~]$ yum install -y nc
[root@control ~]$ chkconfig quantum-ovs-cleanup on
[root@control ~]$ ovs-vsctl add-br br-eth1
[root@control ~]$ ovs-vsctl add-port br-eth1 eth1
[root@control ~]$ sed -i "s|--config-file /usr/share/\$proj/\$proj-dist.conf ||" `grep -l proj-dist /etc/init.d/quantum*`
Quantum: Networking
External Bridge (control node)/etc/sysconfig/network-scripts/ifcfg-eth0 -IPADDR=192.168.122.101 BRIDGE=br-ex
/etc/sysconfig/network-scripts/ifcfg-br-ex ONBOOT=yes
[root@control ~]$ ovs-vsctl add-br br-ex
[root@control ~]$ ovs-vsctl add-port br-ex eth0; reboot
Quantum: Networking
Extra Configuration (compute node)/etc/nova/nova.conf libvirt_vif_driver =
nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver
/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini bridge_mappings = physnet1:br-eth1 -tenant_network_type=local
[root@compute ~]$ ovs-vsctl add-br br-eth1
[root@compute ~]$ ovs-vsctl add-port br-eth1 eth1
https://wiki.openstack.org/wiki/ConfigureOpenvswitch
Quantum: Networking
Restart Services (compute node)[root@compute ~]$ sed -i "s|--config-file /usr/share/\$proj/\$proj-dist.conf ||" `grep -l proj-dist /etc/init.d/quantum*`
[root@compute ~]$ service openstack-nova-compute restart
[root@compute ~]$ service quantum-openvswitch-agent restart
Quantum: Networking
Create networks, subnets and routers[root@control ~]$ quantum net-create int
id: cc6052d8-2a6d-40e7-85ab-b7c8bb5b3a8c
[root@control ~]$ quantum subnet-create int 192.168.32.0/24
id: c6c4ded5-ac0a-4f7c-8f54-9218f2cf8ecc
[root@control ~]$ quantum router-create router1
id: 30f385f0-8f1d-453e-b4ab-26ee6f8e80fe
[root@control ~]$ quantum router-interface-add router1 c6c4ded5-ac0a-4f7c-8f54-9218f2cf8ecc
Quantum: Networking
Create networks, subnets and routers[root@control ~]# keystone tenant-list
4ee4f1d7d5ba46318885dd82520d748f | services
[root@control ~]$ quantum net-create --tenant-id services ext -- --router:external=True
id: 4cbcc3c7-4a40-4101-afca-ca9782ff7f04
[root@control ~]$ quantum subnet-create --tenant-id services ext 192.168.122.0/24 -- --enable_dhcp=False
id: a4ba8c13-2a67-4402-bb0d-7e55f253de44
[root@rhos ~]$ quantum router-gateway-set router1 ext
Quantum: Networking
Find your tenant's security group[root@control ~]$ keystone tenant-list
70784578887b4468adacd92f2f376bc9 | admin
[root@control ~]$ quantum security-group-list
| 049ca2a9-7dc0-417c-9092-640e8a47a585 | default | default |
| adfca10c-e1a3-418a-8f97-224cc92e1626 | default | default |
[root@control ~]$ quantum security-group-show 049ca2a9-7dc0-417c-9092-640e8a47a585
id | 049ca2a9-7dc0-417c-9092-640e8a47a585 tenant_id | 70784578887b4468adacd92f2f376bc9
Quantum: Networking
Clean the security groupsecurity_group_rules | "direction": "ingress"
"id": "74dd70eb-f1c5-4797-978b-3238035b3aef"
"id": "f7087e8b-5f15-494c-997b-c86d258efc62"
[root@control ~]$ quantum security-group-rule-delete 74dd70eb-f1c5-4797-978b-3238035b3aef
[root@control ~]$ quantum security-group-rule-delete f7087e8b-5f15-494c-997b-c86d258efc62
Quantum: Networking
Add new security group rules[root@control ~]$ quantum security-group-rule-create --protocol tcp --port-range-min 22 --port-range-max 22 --remote-ip-prefix 0.0.0.0/0 049ca2a9-7dc0-417c-9092-640e8a47a585
[root@control ~]$ quantum security-group-rule-create --protocol icmp --remote-ip-prefix 0.0.0.0/0 049ca2a9-7dc0-417c-9092-640e8a47a585
Quantum: Networking
Exercise: Network your stack
Nova: Instance Management
Nova: Instance Management
manages virtual machines on nodes provides virtual servers on demand interacts with Keystone, Glance and Horizon
Design Features Designed to scale horizontally Designed for standard hardware
Nova: Instance Management
Boot an instance[root@control ~]$ nova flavor-list
[root@control ~]$ nova keypair-add --pub-key .ssh/id_rsa.pub mykey
[root@control ~]$ nova keypair-list
mykey | 84:6e:28:d3:75:17:ab:25:4d:f3:0d:61:93:55:ee:e2
[root@control ~]$ nova image-list
[root@control ~]$ nova boot --flavor 1 --key_name mykey --image cirros my_instance
[root@control ~]$ nova list
Nova: Instance Management
Associate a floating to an instance[root@control ~]$ quantum floatingip-create ext
id: 2b815236-f5f6-4d48-9860-4abbaec15990
[root@control ~]$ quantum port-list
Id: 1abd07c4-8c7b-4701-92a3-482f69e5a4eeip_address: 192.168.32.2
[root@control ~]$ quantum floatingip-associate 2b815236-f5f6-4d48-9860-4abbaec15990 1abd07c4-8c7b-4701-92a3-482f69e5a4ee
Associated floatingip 2b815236-f5f6-4d48-9860-4abbaec15990
Nova: Instance Management
Communicate with instance[root@control ~]$ ping 192.168.122.3
PING 192.168.122.3 (192.168.122.3) 56(84) bytes of data.64 bytes from 192.168.122.3: icmp_seq=2 ttl=63 time=0.668 ms
[root@control ~]$ ssh [email protected]
The authenticity of host '192.168.122.3 (192.168.122.3)' can't be established.RSA key fingerprint is 38:49:f2:67:80:11:31:84:1f:b1:79:df:5f:e4:e5:f7.Are you sure you want to continue connecting (yes/no)? YesWarning: Permanently added '192.168.122.3' (RSA) to the list of known hosts.
$
Nova: Instance Management
Exercise: Boot an Instance
Cinder: Block Storage
Cinder: Block Storage
manages persistent block storage volumes snapshots can be taken
Create and attach a volume[root@control ~]$ cinder create 1
id: 4d6cbb1f-5873-4357-99c7-8ae0502e6de5
[root@control ~]$ nova volume-attach my_instance \4d6cbb1f-5873-4357-99c7-8ae0502e6de5 auto
Cinder: Block Storage
Mount a volume[root@control ~]$ ssh -i .ssh/id_rsa [email protected]
my_instance$ sudo -i
my_instance# mkfs.ext4 /dev/vdb
my_instance# mkdir -p /mnt/volume
my_instance# mount /dev/vdb /mnt/volume
my_instance# touch /mnt/volume/test.txt
my_instance# umount /mnt/volume
[root@control ~]$ nova volume-detach my_instance \4d6cbb1f-5873-4357-99c7-8ae0502e6de5
Cinder: Block Storage
Exercise: Create, attach and mount a volume
Swift: Object Storage
Swift: Object Storage
Install Swift/root/packstack-answers-20130614-091000.txt
CONFIG_SWIFT_INSTALL=n
[root@control ~]$ packstack --answer-file packstack-answers-20130614-091000.txt
Swift: Object Storage
allows users to store and retrieve files distributed architecture to allow for horizontal scaling provides redundancy as failure-proofing data replication is managed by software
Swift: Object Storage
Upload an object[root@control ~]$ swift stat
[root@control ~]$ swift list
[root@control ~]$ swift upload test packstack-answers.txt
[root@control ~]$ swift list
[root@control ~]$ swift list test
[root@control ~]$ swift upload test /etc/motd
[root@control ~]$ swift list test
Swift: Object Storage
Exercise: Create a container & upload an object
Dashboard: Web Interface
Dashboard: Web Interface
web-based interface for managing OpenStack services modular design for interfacing with other projects includes interface for all core components
Dashboard: Web Interface
Dashboard: Web Interface
Dashboard: Web Interface
Exercise: Explore the Dashboard
http://192.168.122.101/dashboard/
Review
PackStack: Installed OpenStack Keystone: Added a user Glance: Imported an image Quantum: Routed int & ext networks Nova: Launched an instance Cinder: Created and attached a volume Swift: Created a container & uploaded an object Dashboard: Graphical interaction
Review
Resources
Resources https://access.redhat.com/knowledge/docs/en-
US/Red_Hat_OpenStack_Preview/2/html-single/Getting_Started_Guide/index.html
OpenStack.org TryStack.org Puppetlabs.com Djangoproject.com Oz: https://github.com/clalancette/oz/ https://github.com/redhat-openstack/image-building-poc
Slide 1Slide 2Slide 3Slide 4Slide 5Slide 6Slide 7Slide 8Slide 9Slide 10Slide 11Slide 12Slide 13Slide 14Slide 15Slide 16Slide 17Slide 18Slide 19Slide 20Slide 21Slide 22Slide 23Slide 24Slide 25Slide 26Slide 27Slide 28Slide 29Slide 30Slide 31Slide 32Slide 33Slide 34Slide 35Slide 36Slide 37Slide 38Slide 39Slide 40Slide 41Slide 42Slide 43Slide 44Slide 45Slide 46Slide 47Slide 48Slide 49Slide 50Slide 51Slide 52Slide 53Slide 54Slide 55Slide 56Slide 57Slide 58Slide 59Slide 60Slide 61Slide 62Slide 63Slide 64Slide 65