Installing OpenStack Folsom on Ubuntu

I was finally able to successfully deploy and run OpenStack Folsom on a single physical server for testing. It was a somewhat painful process as so many things can go wrong - there are just so many moving parts. I was lucky enough to attend a two day class on OpenStack that really helped [1].

This post will demonstrate how to go about installing and configuring OpenStack on a single node. At the end you'll be able to setup networking and block storage and create VM's.

Just as a brief overview of OpenStack here are all the parts that I've used [2]:

Object Store (codenamed "Swift") provides object storage. It allows you to store or retrieve files (but not mount directories like a fileserver). In this tutorial I'll not be using it, but I'll write a new one that will only deal with Swift, as it's a beast on it's own.

Image (codenamed "Glance") provides a catalog and repository for virtual disk images. These disk images are mostly commonly used in OpenStack Compute.

Compute (codenamed "Nova") provides virtual servers upon demand - KVM, XEN, LXC, etc.

Identity (codenamed "Keystone") provides authentication and authorization for all the OpenStack services. It also provides a service catalog of services within a particular OpenStack cloud.

Network (codenamed "Quantum") provides "network connectivity as a service" between interface devices managed by other OpenStack services (most likely Nova). The service works by allowing users to create their own networks and then attach interfaces to them. Quantum has a pluggable architecture to support many popular networking vendors and technologies. One example is OpenVSwitch which I'll use in this setup.

Block Storage (codenamed "Cinder") provides persistent block storage to guest VMs. This project was born from code originally in Nova (the nova-volume service). In the Folsom release, both the nova-volume service and the separate volume service are available. I'll use iSCSI over LVM to export a block device.

Dashboard (codenamed "Horizon") provides a modular web-based user interface for all the OpenStack services written in Django. With this web GUI, you can perform some operations on your cloud like launching an instance, assigning IP addresses and setting access controls.

Here's a conceptual diagram for OpenStack Folsom and how all the pieces fit together:

And here's the logical architecture:

For this example deployment I'll be using a single physical Ubuntu 12.04 server with hvm support enabled in the BIOS.

1. Prerequisites

Make sure you have the correct repository from which to download all OpenStack components:

As root run:

When the server comes back online execute (replace MY_IP with your IP address):

Preseed the MySQL install

Install packages and dependencies

Configure MySQL to listen on all interfaces

Synchronize date
>
2. Installing the identity service - Keystone

Create a database for keystone

Configure keystone to use MySQL

Restart keystone service

Verify keystone service successfully restarted

Initialize the database schema

Add the 'keystone admin' credentials to .bashrc

Use the 'keystone admin' credentials

Create new tenants (The services tenant will be used later when configuring services to use keystone)

Create new roles

Create new users

Grant roles to users

List the new tenant, users, roles, and role assigments

Populate the services in the service catalog

List the new services

Populate the endpoints in the service catalog

List the new endpoints

Verify identity service is functioning

Create the 'user' and 'admin' credentials

Use the 'user' credentials

3. Install the image service - Glance


Create glance service user in the services tenant

Grant admin role to glance service user

List the new user and role assigment

Create a database for glance

Configure the glance-api service

Configure the glance-registry service

Restart glance services

Verify glance services successfully restarted

Initialize the database schema. Ignore the deprecation warning.

Download some images

Register a qcow2 image

Verify the images exist in glance

# Examine details of images

4. Install the network service - Quantum

Install dependencies

Install the network service

Install the network service agents

Create a database for quantum

Configure the quantum OVS plugin

Create quantum service user in the services tenant

Grant admin role to quantum service user

List the new user and role assigment

Configure the quantum service to use keystone

Configure the L3 agent to use keystone

Start Open vSwitch

Create the integration and external bridges

Restart the quantum services

Create a network and subnet

List network and subnet

Examine details of network and subnet

To add public connectivity to your VM's perform the following:

Bring up eth1
Attach eth1 to br-ex

As the admin user for Quantum create a provider owned network and subnet and set the MY_PUBLIC_SUBNET_CIDR to your public CIDR

Switch back to the 'user' credentials
Connect the router to the public network

Exmaine details of router

Get instance ID for MyInstance1

Find the port id for instance

Create a floating IP and attach it to instance

5. Install the compute service - Nova


Create nova service user in the services tenant

Grant admin role to nova service user

List the new user and role assigment

Create a database for nova

Configure nova

Disable verbose logging

Configure nova to use keystone

Initialize the nova database

Restart nova services

Verify nova services successfully restarted

Verify nova services are functioning

List images

List flavors

Boot an instance using flavor and image names (if names are unique)

Boot an instance using flavor and image IDs

List instances, notice status of instance

Show details of instance

View console log of instance

Get network namespace (ie, qdhcp-5ab46e23-118a-4cad-9ca8-51d56a5b6b8c)

Ping first instance after status is active

Log into first instance

If you get a 'REMOTE HOST IDENTIFICATION HAS CHANGED' warning from previous command

Ping second instance from first instance

Log into second instance from first instance

Log out of second instance

Log out of first instance

Use virsh to talk directly to libvirt

Delete instances

List instances, notice status of instance

To start a LXC container do the following:

You need to use a raw image:
Now you can start the LXC container with nova:

The instance files and rootfs will be located in /var/lib/nova/instances.
Logs go to /var/log/nova/nova-compute.log.
VNC does not work with LXC, but the console and ssh does.

6. Install the dashboard - Horizon


Configure nova for VNC

Set default role

Restart the nova services

Point your browser to http://$MY_IP/horizon.
The credentials that we've create earlier are myadmin/mypassword.

7. Install the volume service - Cinder


Create cinder service user in the services tenant

Grant admin role to cinder service user

List the new user and role assigment

Create a database for cinder

Configure cinder

Configure cinder-api to use keystone

Initialize the database schema

Configure nova to use cinder

Restart nova-api to disable the nova-volume api (osapi_volume)

Configure tgt

Restart tgt and open-iscsi

Create the volume group

Verify the volume group

Restart the volume services

Create a new volume

Boot an instance to attach volume to

List instances, notice status of instance

List volumes, notice status of volume

Attach volume to instance after instance is active, and volume is available

Log into first instance

If you get a 'REMOTE HOST IDENTIFICATION HAS CHANGED' warning from previous command

Make filesystem on volume

Create a mountpoint

Mount the volume at the mountpoint

Create a file on the volume

Unmount the volume

Log out of instance

Detach volume from instance

List volumes, notice status of volume

Delete instance

 Resources:
[1] http://www.rackspace.com/cloud/private/training/
[2] http://docs.openstack.org/folsom/