Cloud Computing‎ > ‎OpenStack‎ > ‎

One Node Setup














Introduction


The OpenStack setup on one node is demonstrated using devstack in this post.


The Openstack project is hugely popular, gaining more and more ground with developers. It is also pretty damn complicated to set up.


Fortunately, the good folks as Openstack have set up an ‘all-in-one’ configuration allowing you to install all of the Openstack components on one machine using a fairly straightforward script. This project is called Devstack, and you can read more about is here.


The thing to remember is that devstack is really a developer environment, letting Openstack developers quickly check new code on their machine. It is also useful for a quick demo. It is not a production Openstack environement, nor is it means to be one.


Still, setting up devstack on a network machine and using it as a disposable Openstack environment is an appealing concept. For testing alone, this could be really useful.

The general idea was to have a fully functional Openstack Havana, with Neutron networking, up and running on one dedicated hardware box and available on the local network.


CLIs


[stack@localhost devstack]$ cat adminrc

export OS_TENANT_NAME=admin

export OS_USERNAME=admin

export OS_PASSWORD=user123

export OS_AUTH_URL=http://192.168.0.163:35357/v2.0

[stack@localhost devstack]$ source adminrc



[stack@localhost devstack]$ neutron net-list

+--------------------------------------+-------------+-----------------------------------------------------+

| id                                   | name        | subnets                                             |

+--------------------------------------+-------------+-----------------------------------------------------+

| 447f5748-cae6-4323-82ae-efc6ecbedd8e | out-net     | e8ee8606-551b-4806-9221-2722bdb668bb 192.168.0.0/24 |

| 4f737b2e-14ff-45d8-bb80-3ce2b1cdeb1e | public      | 78937db1-216f-4641-bcd3-51115beec741 172.24.4.0/24  |

| 708d22c3-38d0-474b-a6c0-f78e7c3210d2 | new_private | 1c87f1c9-7d44-4e60-872d-558d83771190 16.0.0.0/24    |

+--------------------------------------+-------------+-----------------------------------------------------+

[stack@localhost devstack]$

[stack@localhost devstack]$ neutron router-list

+--------------------------------------+------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------+

| id                                   | name       | external_gateway_info                                                                                                                                                                    | distributed | ha    |

+--------------------------------------+------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------+

| 9fd7e58d-99f0-483d-9f8e-7d3f7049c94b | out_router | {"network_id": "447f5748-cae6-4323-82ae-efc6ecbedd8e", "enable_snat": true, "external_fixed_ips": [{"subnet_id": "e8ee8606-551b-4806-9221-2722bdb668bb", "ip_address": "192.168.0.52"}]} | False       | False |

+--------------------------------------+------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------+-------+

[stack@localhost devstack]$

[stack@localhost devstack]$ ip netns

qrouter-8c8824db-88d6-4ffc-b73e-e48d44878f12

qdhcp-708d22c3-38d0-474b-a6c0-f78e7c3210d2

qrouter-73ec1bfa-4e86-4e14-9d4d-4f861c62c709

qdhcp-0e73da7a-5133-403c-9e80-e38e7da87a5d

qrouter-b602213d-5b25-4c01-b146-2cbcec9dfdc1

qdhcp-996fad63-266d-43c0-acc5-d849c868a6be


Here Router-ID 9fd7e58d-99f0-483d-9f8e-7d3f7049c94b is not present in netns list.

This means router has not come up successfully.



Installation


1. Start with an CentOS\Ubuntu box


Create a CetOS box with high RAM and Disk. This demo is using 16GB RAM and 50 GB disk.


Note: This is hack and needs to be fixed by opening OpenStack ports


Disable FIrewall


systemctl stop firewalld

systemctl disable firewalld


Disable SElinux

setenforce 0

getenforce


2. Setup your Openstack user


Run the following commands on the machine

 

sudo bash


# Make current user sudo passwordless

sudo echo "user ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers


adduser stack

passwd stack

Password : user123

sudo echo "stack ALL=(ALL) NOPASSWD:ALL" | sudo tee -a /etc/sudoers

exit


3. Switch to stack user


 

su stack

cd /home/stack


4. Install git


 

sudo yum install git -y


5. Download the devstack project


git clone https://github.com/openstack-dev/devstack.git
cd devstack


6. Get a dedicated IP range in your network


For devstack VMs to work correctly on your network, you will need a range of IPs they can use. This may require you to actually go talk to your system administrator. Annoying, I know.

Let's reserve 192.168.0.210-192.168.0.240


7. Setup your localrc file


The localrc config is now moved to samples/local.conf in devstack directory with localrc section.

But we will still use the old format to override the local.conf


The localrc file is a configuration file that the devstack script uses. If one does not exit, devstack will use fairly reasonable defaults. That said, you should definitely create your own localrc file if you want to get the most use of your devstack. It also makes it easy ro re-install devstack later on. Don’t forget to make a backup of this file.

Here is the a sample localrc file:


 

vi /home/stack/devstack/localrc

SERVICE_TOKEN=user123

SERVICE_PASSWORD=user123

ADMIN_PASSWORD=user123

LOGFILE=/home/stack/stack.sh.log



disable_service n-net

enable_service q-svc

enable_service q-agt

enable_service q-dhcp

enable_service q-l3

enable_service q-meta

enable_service neutron

# Optional, to enable tempest configuration as part of devstack

enable_service tempest



DATABASE_PASSWORD=user123

RABBIT_PASSWORD=user123


Some things to note about this localrc file:

Not exactly secure passwords – remember, this is not a production set up. You should not be making this environment available on the internet.

The FLAT_INTERFACE value indicates the network interface card that devstack will use for network access. I am assuming ens32 here, but your environment may be a little different. Run ‘ifconfig’ on the CentOSmachine to verify. e.g. FLAT_INTERFACE=eth0

Neutron is enabled and the older nova-network service is disabled.


8. Switch to Kilo branch


 

$ git checkout stable/kilo

Branch stable/kilo set up to track remote branch stable/kilo from origin.

Switched to a new branch 'stable/kilo'


9. Setup the network environment


 

sudo bash

echo 1 > /proc/sys/net/ipv4/ip_forward

echo 1 > /proc/sys/net/ipv4/conf/ens32/proxy_arp

iptables -t nat -A POSTROUTING -o ens32 -j MASQUERADE

exit


These command will make sure that network traffic will be correctly routed in and out of the devstack VMs.

The ip_forward and proxy_arp changes will be reset when the machice reboots. You can make these changes permanent by editing /etc/sysctl.conf and adding the following lines:


 

sudo vi /etc/sysctl.conf and adding the following lines:

net.ipv4.conf.ens32.proxy_arp = 1

net.ipv4.ip_forward = 1


The deployment has two interfaces.

ens32 is kept for openstack

ens34 is kept for management of node using ssh


 

ens32: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500

        inet 192.168.0.163  netmask 255.255.255.0  broadcast 192.168.0.255


ens34: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500

        inet 192.168.0.169  netmask 255.255.255.0  broadcast 192.168.0.255


10. Set environment variable


 

export HOST_IP=192.168.0.163

export GIT_BASE=https://git.openstack.org


11. Run the devstack script


 

./stack.sh


Asked to assign password for internal component - Gave 'user123'


Installation completes


 

This is your host ip: 192.168.0.163

2015-09-14 13:10:39.030 | Skip setting lvm filters for non Ubuntu systems

Horizon is now available at http://192.168.0.163

Keystone is serving at http://192.168.0.163:5000/

The default users are: admin and demo

The password: user123


12. Assign IP to br-ex


sudo ovs-vsctl show

sudo ovs-vsctl add-port br-ex ens32


ifconfig ens32 0.0.0.0

ifconfig br-ex 192.168.0.163


13. Add gateway


sudo route add default gw 192.168.0.254


Configuration


1. Access Dashboard


http://192.168.0.163


2. Create External Network


[stack@localhost devstack]$ neutron net-create out-net  --router:external --provider:physical_network external --provider:network_type flat

Created a new network:

+---------------------------+--------------------------------------+

| Field                     | Value                                |

+---------------------------+--------------------------------------+

| admin_state_up            | True                                 |

| id                        | 21244547-5d3f-4566-8456-e0d52ad77f8b |

| mtu                       | 0                                    |

| name                      | out-net                              |

| provider:network_type     | flat                                 |

| provider:physical_network | external                             |

| provider:segmentation_id  |                                      |

| router:external           | True                                 |

| shared                    | False                                |

| status                    | ACTIVE                               |

| subnets                   |                                      |

| tenant_id                 | 9e8ed8d6295849a2816e68a738f27031     |

+---------------------------+--------------------------------------+


3. Check dashboard, the new network out-net is listed



4. Add subnet to network out-net




5. Add subnet named out. Click Next.


6. Add Allocation Pools to be used for floating IP from out-net

Disable DHCP.

Add DNS Name Servers. This is used for DNS resolution.




7. Click Create




8. The subnet got listed for out-net


9. Use Create Network. Add Private network.



10. Give private network subnet and name




11. Enable DHCP. Leave blank. Create.



12. Go to Routers tab. No router present.

Create Router




13. Choose external network as out-net which was created above.


14. The new router is listed

Click at open_router




15. The below router screen will be displayed

Click Add Interface



16. Add interface details for private subnet




17. New interface for private network is added.

The interface for out network is already present.




18. Go to Access & Security tab

Click at Create Key Pair



19. Give key pair name



20. Go to Instances Tab

Launch Instance



21. Go to Access & Security tab and choose openkey kair pair




22. Go to Details tab and add details of Instance to be created



23. Click Launch VM




24. Add private network for VM




25. Validate from Instances that new VM is getting spawned




26. Move to Right of Window and Associate Floating IP to VM




27. Click at Allocate IP. Choose out-net i.e. external network



28. Click Allocate



29. The VM now shows two IPs



30. Goto Access & Security and Security Groups

This is to allow ICMP and SSH to VM

Click Manage Rules



31. This is the Manage Rules window.

Click Add Rule



32. Add ALL ICMP as Ingress rule



33. Add SSH as rule




34. Thats it

      VM instance is created with floating IP and access to it via Security Rules for ICMP and SSH is set.


      Check the state of router and and its ports from router tab

      It should be accessible without password using key-pair and ping should work. If not please Debug ... 


This is typical error in router as Status of Interfaces is down. Such error needs googling 








References




Check and Open Ports































Comments