Scribd
Upload
16 views

OpenStack Pike Volet 2

Travaux de synthèse en anglais : - Installation et configuration de Openstack sous CentOS volet 2; - Etc.

Uploaded by

IRIE
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
16 views

OpenStack Pike Volet 2

Travaux de synthèse en anglais : - Installation et configuration de Openstack sous CentOS volet 2; - Etc.

Uploaded by

IRIE
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 16

OpenStack Pike

2017/09/03

Travaux de synthèse : Taylor VOLI

Volet 2
2

OpenStack Pike : Configure Keystone#2


2017/09/03

Add Projects in Keystone.


This example is based on the emvironment like follows.
eth0|10.0.0.30
+-----------+-----------+
| [ Control Node ] |
| |
| MariaDB RabbitMQ |
| Memcached httpd |
| Keystone |
+-----------------------+

Create and Load environment variables file.


[1] The password for [OS_PASSWORD] is the one you set it on bootstrapping keystone.
The URL for [OS_AUTH_URL] is the Keystone server's hostname or IP address.
[root@dlp ~]#
vi ~/keystonerc
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=adminpassword
export OS_AUTH_URL=http://10.0.0.30:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
export PS1='[\u@\h \W(keystone)]\$ '
[root@dlp ~]#
chmod 600 ~/keystonerc

[root@dlp ~]#
source ~/keystonerc

[root@dlp ~(keystone)]#
echo "source ~/keystonerc " >> ~/.bash_profile
[2] Create Projects.
# create service project

[root@dlp ~(keystone)]#
openstack project create --domain default --description "Service Project" service

+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Service Project |

2
3

| domain_id | default |
| enabled | True |
| id | c9ab6e9feb4d444c8f637fcfe7a67305 |
| is_domain | False |
| name | service |
| parent_id | default |
+-------------+----------------------------------+

# confirm settings

[root@dlp ~(keystone)]#
openstack project list

+----------------------------------+---------+
| ID | Name |
+----------------------------------+---------+
| 09158bee8c6441519bf3a3743d936566 | admin |
| c9ab6e9feb4d444c8f637fcfe7a67305 | service |
+----------------------------------+---------+

3
4

OpenStack Pike : Configure Glance


2017/09/03

Install and Configure OpenStack Image Service (Glance).


This example is based on the emvironment like follows.
eth0|10.0.0.30
+-----------+-----------+
| [ Control Node ] |
| |
| MariaDB RabbitMQ |
| Memcached httpd |
| Keystone Glance |
+-----------------------+

[1] Add users and others for Glance in Keystone.


# add glance user (set in service project)

[root@dlp ~(keystone)]#
openstack user create --domain default --project service --password servicepassword glance

+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| default_project_id | c9ab6e9feb4d444c8f637fcfe7a67305 |
| domain_id | default |
| enabled | True |
| id | 40ba972965df476298070661ab6fd89b |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+

# add glance user in admin role

[root@dlp ~(keystone)]#
openstack role add --project service --user glance admin
# add service entry for glance

[root@dlp ~(keystone)]#
openstack service create --name glance --description "OpenStack Image service" image

+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image service |
| enabled | True |
| id | 67eeb34ddaac4ab884e6a13d779ac159 |
| name | glance |
| type | image |

4
5

+-------------+----------------------------------+

# define keystone host

[root@dlp ~(keystone)]#
export controller=10.0.0.30
# add endpoint for glance (public)

[root@dlp ~(keystone)]#
openstack endpoint create --region RegionOne image public http://$controller:9292

+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | bcd18d118e65418ca50a344f9dbc61c3 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 67eeb34ddaac4ab884e6a13d779ac159 |
| service_name | glance |
| service_type | image |
| url | http://10.0.0.30:9292 |
+--------------+----------------------------------+

# add endpoint for glance (internal)

[root@dlp ~(keystone)]#
openstack endpoint create --region RegionOne image internal http://$controller:9292

+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 549d8e551bd64ef4891d08c6f0d13118 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 67eeb34ddaac4ab884e6a13d779ac159 |
| service_name | glance |
| service_type | image |
| url | http://10.0.0.30:9292 |
+--------------+----------------------------------+

# add endpoint for glance (admin)

[root@dlp ~(keystone)]#
openstack endpoint create --region RegionOne image admin http://$controller:9292

+--------------+----------------------------------+
| Field | Value |

5
6

+--------------+----------------------------------+
| enabled | True |
| id | 2972421c017b447d9af6bf150e7530f2 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 67eeb34ddaac4ab884e6a13d779ac159 |
| service_name | glance |
| service_type | image |
| url | http://10.0.0.30:9292 |
+--------------+----------------------------------+
[2] Add a User and Database on MariaDB for Glance.
[root@dlp ~(keystone)]#
mysql -u root -p

Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 18
Server version: 10.1.20-MariaDB MariaDB Server

Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]>
create database glance;

Query OK, 1 row affected (0.00 sec)


MariaDB [(none)]>
grant all privileges on glance.* to glance@'localhost' identified by 'password';

Query OK, 0 rows affected (0.00 sec)


MariaDB [(none)]>
grant all privileges on glance.* to glance@'%' identified by 'password';

Query OK, 0 rows affected (0.00 sec)


MariaDB [(none)]>
flush privileges;

Query OK, 0 rows affected (0.00 sec)


MariaDB [(none)]>
exit

Bye
[3] Install Glance.
# install from Pike, EPEL

[root@dlp ~(keystone)]#

6
7

yum --enablerepo=centos-openstack-pike,epel -y install openstack-glance


[4] Configure Glance.
[root@dlp ~(keystone)]#
mv /etc/glance/glance-api.conf /etc/glance/glance-api.conf.org

[root@dlp ~(keystone)]#
vi /etc/glance/glance-api.conf
# create new

[DEFAULT]
bind_host = 0.0.0.0

[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/

[database]
# MariaDB connection info
connection = mysql+pymysql://glance:[email protected]/glance

# keystone auth info


[keystone_authtoken]
auth_uri = http://10.0.0.30:5000
auth_url = http://10.0.0.30:35357
memcached_servers = 10.0.0.30:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = servicepassword

[paste_deploy]
flavor = keystone

[root@dlp ~(keystone)]#
mv /etc/glance/glance-registry.conf /etc/glance/glance-registry.conf.org

[root@dlp ~(keystone)]#
vi /etc/glance/glance-registry.conf
# create new

[DEFAULT]
bind_host = 0.0.0.0

[database]
# MariaDB connection info
connection = mysql+pymysql://glance:[email protected]/glance

# Keystone auth info

7
8

[keystone_authtoken]
auth_uri = http://10.0.0.30:5000
auth_url = http://10.0.0.30:35357
memcached_servers = 10.0.0.30:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = servicepassword

[paste_deploy]
flavor = keystone

[root@dlp ~(keystone)]#
chmod 640 /etc/glance/glance-api.conf /etc/glance/glance-registry.conf

[root@dlp ~(keystone)]#
chown root:glance /etc/glance/glance-api.conf /etc/glance/glance-registry.conf
[root@dlp ~(keystone)]#
su -s /bin/bash glance -c "glance-manage db_sync"

[root@dlp ~(keystone)]#
systemctl start openstack-glance-api openstack-glance-registry

[root@dlp ~(keystone)]#
systemctl enable openstack-glance-api openstack-glance-registry

[5] If SELinux is enabled, change boolean settings.


[root@dlp ~(keystone)]#
setsebool -P glance_api_can_network on

[6] If Firewalld is running, allow ports for services.


[root@dlp ~(keystone)]#
firewall-cmd --add-port={9191/tcp,9292/tcp} --permanent

success
[root@dlp ~(keystone)]#
firewall-cmd --reload

success

8
9

OpenStack Pike : Add VM Images


2017/09/03

Add Virtual Machine images in Glance.


For example on here, add CentOS 7 virtual machine image.
[1] Create CentOS 7 image on Glance Host.
# create a directory for disk image

[root@dlp ~(keystone)]# mkdir -p /var/kvm/images


# create a disk image

[root@dlp ~(keystone)]# qemu-img create -f qcow2 /var/kvm/images/centos7.img 10G


# install

[root@dlp ~(keystone)]# virt-install \


--name centos7 \
--ram 2048 \
--disk path=/var/kvm/images/centos7.img,format=qcow2 \
--vcpus 2 \
--os-type linux \
--os-variant rhel7 \
--graphics none \
--console pty,target_type=serial \
--location 'http://ftp.iij.ad.jp/pub/linux/centos/7/os/x86_64/' \
--extra-args 'console=ttyS0,115200n8 serial'
Starting install...
# installation starts
After installation, change settings in virtual machine like follows and shutdown it.
* delete or comment out the line [HWADDR] and [UUID] in [/etc/sysconfig/network-
scripts/ifcfg-eth0]
[2]
* set [dhcp] for [BOOTPROTO] in [/etc/sysconfig/network-scripts/ifcfg-eth0]
* install [cloud-init] package and enable [cloud-init] service, and also add a user whose name
is [centos].
[3] Add the virtual image to Glance.
[root@dlp ~(keystone)]# openstack image create "CentOS7" --file /var/kvm/images/centos7.img
--disk-format qcow2 --container-format bare --public

+------------------+------------------------------------------------------+
| Field | Value |
+------------------+------------------------------------------------------+
| checksum | bac19d4ee3533cb79fcd6d9905a5ef02 |
| container_format | bare |
| created_at | 2017-09-04T05:38:19Z |
| disk_format | qcow2 |
| file | /v2/images/68132026-60aa-4afe-8976-398b0482cfd6/file |
| id | 68132026-60aa-4afe-8976-398b0482cfd6 |

9
10

| min_disk | 0 |
| min_ram | 0 |
| name | CentOS7 |
| owner | 09158bee8c6441519bf3a3743d936566 |
| protected | False |
| schema | /v2/schemas/image |
| size | 1378942976 |
| status | active |
| tags | |
| updated_at | 2017-09-04T05:38:25Z |
| virtual_size | None |
| visibility | public |
+------------------+------------------------------------------------------+

[root@dlp ~(keystone)]# openstack image list

+--------------------------------------+---------+--------+
| ID | Name | Status |
+--------------------------------------+---------+--------+
| 68132026-60aa-4afe-8976-398b0482cfd6 | CentOS7 | active |
+--------------------------------------+---------+--------+
[4] By the way, if you got an image from internet, it's OK to simply add it like follows.
[root@dlp ~(keystone)]#
wget http://cloud-images.ubuntu.com/releases/16.04/release/ubuntu-16.04-server-cloudimg-
amd64-disk1.img -P /var/kvm/images
[root@dlp ~(keystone)]#
openstack image create "Ubuntu1604" --file /var/kvm/images/ubuntu-16.04-server-cloudimg-
amd64-disk1.img --disk-format qcow2 --container-format bare --public

+------------------+------------------------------------------------------+
| Field | Value |
+------------------+------------------------------------------------------+
| checksum | fc5ad26274fcc42cfa32d97308613432 |
| container_format | bare |
| created_at | 2017-02-24T01:44:21Z |
| disk_format | qcow2 |
| file | /v2/images/3113fc28-fa1f-4221-909e-a4fc5bdb8d6a/file |
| id | 3113fc28-fa1f-4221-909e-a4fc5bdb8d6a |
| min_disk | 0 |
| min_ram | 0 |
| name | Ubuntu1604 |
| owner | 3424019a88f34894b22058d6e15a8d35 |
| protected | False |
| schema | /v2/schemas/image |
| size | 324141056 |
| status | active |
| tags | |
| updated_at | 2017-02-24T01:44:23Z |
| virtual_size | None |
| visibility | public |
+------------------+------------------------------------------------------+

10
11

OpenStack Pike : Configure Nova#1


2017/09/03

Install and Configure OpenStack Compute Service (Nova).


This example is based on the emvironment like follows.
eth0|10.0.0.30
+-----------+-----------+
| [ Control Node ] |
| |
| MariaDB RabbitMQ |
| Memcached httpd |
| Keystone Glance |
+-----------------------+

[1] Add users and others for Nova in Keystone.


# add nova user (set in service project)

[root@dlp ~(keystone)]#
openstack user create --domain default --project service --password servicepassword nova

+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| default_project_id | c9ab6e9feb4d444c8f637fcfe7a67305 |
| domain_id | default |
| enabled | True |
| id | 4cda5314e8a347b0825e7143f98c9213 |
| name | nova |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+

# add nova user in admin role

[root@dlp ~(keystone)]#
openstack role add --project service --user nova admin
# add placement user (set in service project)

[root@dlp ~(keystone)]#
openstack user create --domain default --project service --password servicepassword placement

+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| default_project_id | c9ab6e9feb4d444c8f637fcfe7a67305 |
| domain_id | default |
| enabled | True |
| id | 9a0f7fe7234749d18dd920bd02ae9aff |
| name | placement |

11
12

| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+

# add placement user in admin role

[root@dlp ~(keystone)]#
openstack role add --project service --user placement admin
# add service entry for nova

[root@dlp ~(keystone)]#
openstack service create --name nova --description "OpenStack Compute service" compute

+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Compute service |
| enabled | True |
| id | b29ba1c32f124b5f815537ec1af15108 |
| name | nova |
| type | compute |
+-------------+----------------------------------+

# add service entry for placement

[root@dlp ~(keystone)]#
openstack service create --name placement --description "OpenStack Compute Placement
service" placement

+-------------+-------------------------------------+
| Field | Value |
+-------------+-------------------------------------+
| description | OpenStack Compute Placement service |
| enabled | True |
| id | d9b2c2dfb45d45eb926a7d48f8995c7b |
| name | placement |
| type | placement |
+-------------+-------------------------------------+

# define keystone host

[root@dlp ~(keystone)]#
export controller=10.0.0.30
# add endpoint for nova (public)

[root@dlp ~(keystone)]#
openstack endpoint create --region RegionOne compute public
http://$controller:8774/v2.1/%\(tenant_id\)s

+--------------+------------------------------------------+

12
13

| Field | Value |
+--------------+------------------------------------------+
| enabled | True |
| id | 388f2a27465e4541b7ee7068412a72d6 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | b29ba1c32f124b5f815537ec1af15108 |
| service_name | nova |
| service_type | compute |
| url | http://10.0.0.30:8774/v2.1/%(tenant_id)s |
+--------------+------------------------------------------+

# add endpoint for nova (internal)

[root@dlp ~(keystone)]#
openstack endpoint create --region RegionOne compute internal
http://$controller:8774/v2.1/%\(tenant_id\)s

+--------------+------------------------------------------+
| Field | Value |
+--------------+------------------------------------------+
| enabled | True |
| id | 8f1b1ceb8df84113812eda157e9b3622 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | b29ba1c32f124b5f815537ec1af15108 |
| service_name | nova |
| service_type | compute |
| url | http://10.0.0.30:8774/v2.1/%(tenant_id)s |
+--------------+------------------------------------------+

# add endpoint for nova (admin)

[root@dlp ~(keystone)]#
openstack endpoint create --region RegionOne compute admin
http://$controller:8774/v2.1/%\(tenant_id\)s

+--------------+------------------------------------------+
| Field | Value |
+--------------+------------------------------------------+
| enabled | True |
| id | f1a6a36bf1314586be033596b06bdd18 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | b29ba1c32f124b5f815537ec1af15108 |
| service_name | nova |
| service_type | compute |
| url | http://10.0.0.30:8774/v2.1/%(tenant_id)s |
+--------------+------------------------------------------+

13
14

# add endpoint for placement (public)

[root@dlp ~(keystone)]#
openstack endpoint create --region RegionOne placement public http://$controller:8778

+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 7bbc5b631aa149ce902839ced72cec0c |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | d9b2c2dfb45d45eb926a7d48f8995c7b |
| service_name | placement |
| service_type | placement |
| url | http://10.0.0.30:8778 |
+--------------+----------------------------------+

# add endpoint for placement (internal)

[root@dlp ~(keystone)]#
openstack endpoint create --region RegionOne placement internal http://$controller:8778

+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | f78911008831478f92d1366e9f80e342 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | d9b2c2dfb45d45eb926a7d48f8995c7b |
| service_name | placement |
| service_type | placement |
| url | http://10.0.0.30:8778 |
+--------------+----------------------------------+

# add endpoint for placement (admin)

[root@dlp ~(keystone)]#
openstack endpoint create --region RegionOne placement admin http://$controller:8778

+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | c6e6719ba03842c1ab6fbacc66e27980 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | d9b2c2dfb45d45eb926a7d48f8995c7b |

14
15

| service_name | placement |
| service_type | placement |
| url | http://10.0.0.30:8778 |
+--------------+----------------------------------+
[2] Add a User and Database on MariaDB for Nova.
[root@dlp ~(keystone)]#
mysql -u root -p

Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 22
Server version: 10.1.20-MariaDB MariaDB Server

Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]>
create database nova;

Query OK, 1 row affected (0.00 sec)


MariaDB [(none)]>
grant all privileges on nova.* to nova@'localhost' identified by 'password';

Query OK, 0 rows affected (0.00 sec)


MariaDB [(none)]>
grant all privileges on nova.* to nova@'%' identified by 'password';

Query OK, 0 rows affected (0.00 sec)


MariaDB [(none)]>
create database nova_api;

Query OK, 1 row affected (0.00 sec)


MariaDB [(none)]>
grant all privileges on nova_api.* to nova@'localhost' identified by 'password';

Query OK, 0 rows affected (0.00 sec)


MariaDB [(none)]>
grant all privileges on nova_api.* to nova@'%' identified by 'password';

Query OK, 0 rows affected (0.00 sec)


MariaDB [(none)]>
create database nova_placement;

Query OK, 1 row affected (0.00 sec)


MariaDB [(none)]>
grant all privileges on nova_placement.* to nova@'localhost' identified by 'password';

15
16

Query OK, 0 rows affected (0.00 sec)


MariaDB [(none)]>
grant all privileges on nova_placement.* to nova@'%' identified by 'password';

Query OK, 0 rows affected (0.00 sec)


MariaDB [(none)]>
create database nova_cell0;

Query OK, 1 row affected (0.00 sec)


MariaDB [(none)]>
grant all privileges on nova_cell0.* to nova@'localhost' identified by 'password';

Query OK, 0 rows affected (0.00 sec)


MariaDB [(none)]>
grant all privileges on nova_cell0.* to nova@'%' identified by 'password';

Query OK, 0 rows affected (0.00 sec)


MariaDB [(none)]>
flush privileges;

Query OK, 0 rows affected (0.00 sec)


MariaDB [(none)]>
exit

Bye

16

You might also like