Mudanças entre as edições de "OpenStack com Open vSwitch e SDN - Guia de Instalação"
Linha 190: | Linha 190: | ||
| 773499148c564119b5e7e64d0c71bb3d | marcos | True | mmoecke@gmail.com | | | 773499148c564119b5e7e64d0c71bb3d | marcos | True | mmoecke@gmail.com | | ||
| 61d08e2259e6403ba23918d87dea404b | nova | True | rafael@turnes.com.br | | | 61d08e2259e6403ba23918d87dea404b | nova | True | rafael@turnes.com.br | | ||
− | | 853266dae4f2409dbc035b1b6cd928c8 | | + | | 853266dae4f2409dbc035b1b6cd928c8 | neutron | True | rafael@turnes.com.br | |
| 45a33dbb899d4c199e961302796cb1a6 | rafael | True | rafael@turnes.com.br | | | 45a33dbb899d4c199e961302796cb1a6 | rafael | True | rafael@turnes.com.br | | ||
+----------------------------------+---------+---------+--------------------------+ | +----------------------------------+---------+---------+--------------------------+ | ||
Linha 205: | Linha 205: | ||
| ce703fa0839e4ad68b3bf1f7b48558c3 | keystone | identity | OpenStack Identity | | | ce703fa0839e4ad68b3bf1f7b48558c3 | keystone | identity | OpenStack Identity | | ||
| 9a662cef4e8b4e5eb46e8678fd4ff8c8 | nova | compute | OpenStack Compute Service | | | 9a662cef4e8b4e5eb46e8678fd4ff8c8 | nova | compute | OpenStack Compute Service | | ||
− | | 82a32e1fab37445c9388dc9b5634088a | | + | | 82a32e1fab37445c9388dc9b5634088a | neutron | network | OpenStack Networking service | |
+----------------------------------+----------+----------+------------------------------+ | +----------------------------------+----------+----------+------------------------------+ | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Linha 315: | Linha 315: | ||
<code> | <code> | ||
root@penny:~# cinder delete 2da4b600-33f0-4576-b0ff-e3a3e8f95161 | root@penny:~# cinder delete 2da4b600-33f0-4576-b0ff-e3a3e8f95161 | ||
+ | </syntaxhighlight> | ||
+ | ===== Instalando Neutron ===== | ||
+ | |||
+ | <code> | ||
+ | apt-get install -y neutron-server | ||
+ | </syntaxhighlight> | ||
+ | ===== Configurando Neutron ===== | ||
+ | É necessário editar arquivos /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini, /etc/neutron/api-paste.ini e /etc/neutron/neutron.conf de acordo com [[Media:Neutron.zip]] | ||
+ | |||
+ | Reiniciando o serviço Neutron | ||
+ | <code> | ||
+ | service neutron-server restart | ||
</syntaxhighlight> | </syntaxhighlight> |
Edição das 13h53min de 13 de março de 2014
Projeto em andamento com o aluno Rafael Turnes da Silveira.
Instalação
Controlador da nuvem (penny)
Configuração básica
Atualizando o sistema
apt-get update; apt-get upgrade; apt-get dist-upgrade</syntaxhighlight>
Configurando interfaces de rede - /etc/network/interfaces
auto lo
iface lo inet loopback
- OpenStack - Rede de gerenciamento
auto p5p1
iface p5p1 inet static
address 192.168.88.251
netmask 255.255.255.0
- OpenStack - Rede de configuração
auto p5p1:0
iface p5p1:0 inet static
address 192.168.89.251
netmask 255.255.255.0
- OpenStack - IFSC
auto em1
iface em1 inet manual
up ifconfig $IFACE 0.0.0.0 up
up ip link set $IFACE promisc on
up ethtool -s em1 wol g
down ip link set $IFACE promisc off
down ifconfig $IFACE down
auto br-ex
iface br-ex inet static
address 172.18.3.251
netmask 255.255.192.0
gateway 172.18.0.254
dns-nameservers 8.8.8.8 8.8.4.4
</syntaxhighlight>
Instalando e configurando NTP server
sudo apt-get install -y ntp
sed -i 's/server ntp.ubuntu.com/server ntp.ubuntu.com\nserver 127.127.1.0\nfudge 127.127.1.0 stratum 10/g' /etc/ntp.conf
service ntp restart
</syntaxhighlight>
Instalando e configurando MySQL
Instalando pacotes.
Durante a instalação será pedido para inserir uma senha de root.
sudo apt-get install -y python-mysqldb mysql-server</syntaxhighlight>
Mudando bind-address e aplicando a nova configuração
sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf
service mysql restart
</syntaxhighlight>
Criando banco de dados
mysql -u root -p <<EOF
CREATE DATABASE nova;
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '<password>';
CREATE DATABASE cinder;
GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY '<password>';
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '<password>';
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '<password>';
CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '<password>';
FLUSH PRIVILEGES;
EOF
</syntaxhighlight>
Instalando servidor de fila de mensagem
sudo apt-get install rabbitmq-server
rabbitmqctl change_password guest NovaSenha
</syntaxhighlight>
OpenStack Identity Service (codenome Keystone)
Instalando Keystone
sudo apt-get install -y keystone python-keystone python-keystoneclient
sudo rm /var/lib/keystone/keystone.db
</syntaxhighlight>
Configurando Keystone
Editar os arquivos /etc/keystone/keystone.conf de acordo com Media:Keystone.zip
Aplicando a nova configuração
service keystone restart
keystone-manage db_sync
</syntaxhighlight>
Criando tenants, usuários, roles, serviços e endpoints
O código abaixo é um script retirado do site http://docs.openstack.org/ e adaptado.
- !/bin/bash
- Modify these variables as needed
ADMIN_PASSWORD=${ADMIN_PASSWORD:-<Password>}
SERVICE_PASSWORD=${SERVICE_PASSWORD:-<Password>}
- DEMO_PASSWORD=${DEMO_PASSWORD:-$ADMIN_PASSWORD}
export OS_SERVICE_TOKEN="<tokenstring>"
export OS_SERVICE_ENDPOINT="http://localhost:35357/v2.0"
SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service}
MYSQL_USER=keystone
MYSQL_DATABASE=keystone
MYSQL_HOST=localhost
MYSQL_PASSWORD=password
KEYSTONE_REGION=IFSC-SJ-01
KEYSTONE_HOST_EXT=172.18.3.251
KEYSTONE_HOST_INT=192.168.88.251
- Shortcut function to get a newly generated ID
function get_field() {
while read data; do
if [ "$1" -lt 0 ]; then
field="(\$(NF$1))"
else
field="\$$(($1 + 1))"
fi
echo "$data" | awk -F'[ \t]*\\|[ \t]*' "{print $field}"
done
}
- Tenants
ADMIN_TENANT=$(keystone tenant-create --name=admin | grep " id " | get_field 2)
- DEMO_TENANT=$(keystone tenant-create --name=demo | grep " id " | get_field 2)
SERVICE_TENANT=$(keystone tenant-create --name=$SERVICE_TENANT_NAME | grep " id " | get_field 2)
- Users
ADMIN_USER=$(keystone user-create --name=admin --pass="$ADMIN_PASSWORD" --email=rafael@turnes.com.br | grep " id " | get_field 2)
- DEMO_USER=$(keystone user-create --name=demo --pass="$DEMO_PASSWORD" --email=demo@domain.com --tenant-id=$DEMO_TENANT | grep " id " | get_field 2)
NOVA_USER=$(keystone user-create --name=nova --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=rafael@turnes.com.br | grep " id " | get_field 2)
GLANCE_USER=$(keystone user-create --name=glance --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=rafael@turnes.com.br | grep " id " | get_field 2)
NEUTRON_USER=$(keystone user-create --name=neutron --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=rafael@turnes.com.br | grep " id " | get_field 2)
CINDER_USER=$(keystone user-create --name=cinder --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=rafael@turnes.com.br | grep " id " | get_field 2)
- Roles
ADMIN_ROLE=$(keystone role-create --name=admin | grep " id " | get_field 2)
MEMBER_ROLE=$(keystone role-create --name=Member | grep " id " | get_field 2)
- Add Roles to Users in Tenants
keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id $ADMIN_TENANT
keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $NOVA_USER --role-id $ADMIN_ROLE
keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $GLANCE_USER --role-id $ADMIN_ROLE
keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $NEUTRON_USER --role-id $ADMIN_ROLE
keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $CINDER_USER --role-id $ADMIN_ROLE
- keystone user-role-add --tenant-id $DEMO_TENANT --user-id $DEMO_USER --role-id $MEMBER_ROLE
- Create services
COMPUTE_SERVICE=$(keystone service-create --name nova --type compute --description 'OpenStack Compute Service' | grep " id " | get_field 2)
VOLUME_SERVICE=$(keystone service-create --name cinder --type volume --description 'OpenStack Volume Service' | grep " id " | get_field 2)
IMAGE_SERVICE=$(keystone service-create --name glance --type image --description 'OpenStack Image Service' | grep " id " | get_field 2)
IDENTITY_SERVICE=$(keystone service-create --name keystone --type identity --description 'OpenStack Identity' | grep " id " | get_field 2)
EC2_SERVICE=$(keystone service-create --name ec2 --type ec2 --description 'OpenStack EC2 service' | grep " id " | get_field 2)
NETWORK_SERVICE=$(keystone service-create --name neutron --type network --description 'OpenStack Networking service' | grep " id " | get_field 2)
- Create endpoints
keystone endpoint-create --region $KEYSTONE_REGION --service-id $COMPUTE_SERVICE --publicurl 'http://'"$KEYSTONE_HOST_EXT"':8774/v2/$(tenant_id)s' --adminurl 'http://'"$KEYSTONE_HOST_INT"':8774/v2/$(tenant_id)s' --internalurl 'http://'"$KEYSTONE_HOST_INT"':8774/v2/$(tenant_id)s'
keystone endpoint-create --region $KEYSTONE_REGION --service-id $VOLUME_SERVICE --publicurl 'http://'"$KEYSTONE_HOST_EXT"':8776/v1/$(tenant_id)s' --adminurl 'http://'"$KEYSTONE_HOST_INT"':8776/v1/$(tenant_id)s' --internalurl 'http://'"$KEYSTONE_HOST_INT"':8776/v1/$(tenant_id)s'
keystone endpoint-create --region $KEYSTONE_REGION --service-id $IMAGE_SERVICE --publicurl 'http://'"$KEYSTONE_HOST_EXT"':9292' --adminurl 'http://'"$KEYSTONE_HOST_INT"':9292' --internalurl 'http://'"$KEYSTONE_HOST_INT"':9292'
keystone endpoint-create --region $KEYSTONE_REGION --service-id $IDENTITY_SERVICE --publicurl 'http://'"$KEYSTONE_HOST_EXT"':5000/v2.0' --adminurl 'http://'"$KEYSTONE_HOST_INT"':35357/v2.0' --internalurl 'http://'"$KEYSTONE_HOST_INT"':5000/v2.0'
keystone endpoint-create --region $KEYSTONE_REGION --service-id $EC2_SERVICE --publicurl 'http://'"$KEYSTONE_HOST_EXT"':8773/services/Cloud' --adminurl 'http://'"$KEYSTONE_HOST_INT"':8773/services/Admin' --internalurl 'http://'"$KEYSTONE_HOST_INT"':8773/services/Cloud'
keystone endpoint-create --region $KEYSTONE_REGION --service-id $NETWORK_SERVICE --publicurl 'http://'"$KEYSTONE_HOST_EXT"':9696/' --adminurl 'http://'"$KEYSTONE_HOST_INT"':9696/' --internalurl 'http://'"$KEYSTONE_HOST_INT"':9696/'
</syntaxhighlight>
Testando Keystone
Criando um arquivo de credênciais
vim os.cred </syntaxhighlight>
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=<senhaAdministrador>
export OS_AUTH_URL="http://192.168.88.251:5000/v2.0/"
export OS_REGION_NAME=IFSC-SJ-01
</syntaxhighlight>
source os.cred </syntaxhighlight>
Listando usuários
root@penny:~# keystone user-list
+----------------------------------+---------+---------+--------------------------+
| id | name | enabled | email |
+----------------------------------+---------+---------+--------------------------+
| 0bcadb16258d4552839b9c776c89ff64 | admin | True | rafael@turnes.com.br |
| 23fd34f439484b73a6eea9913ac580ad | cinder | True | rafael@turnes.com.br |
| 54ac7e04ab2540ed9ef428ed11b8fbcd | ederson | True | boidacarapreta@gmail.com |
| 27d928bfefb84c0baefc0b13bcdd362a | glance | True | rafael@turnes.com.br |
| 773499148c564119b5e7e64d0c71bb3d | marcos | True | mmoecke@gmail.com |
| 61d08e2259e6403ba23918d87dea404b | nova | True | rafael@turnes.com.br |
| 853266dae4f2409dbc035b1b6cd928c8 | neutron | True | rafael@turnes.com.br |
| 45a33dbb899d4c199e961302796cb1a6 | rafael | True | rafael@turnes.com.br |
+----------------------------------+---------+---------+--------------------------+
</syntaxhighlight>
Listando serviços
root@penny:~# keystone service-list
+----------------------------------+----------+----------+------------------------------+
| id | name | type | description |
+----------------------------------+----------+----------+------------------------------+
| c3350aeba89d47f88a1d6761cd74256b | cinder | volume | OpenStack Volume Service |
| f451c35c697a45b5b5e6a5bbe280d434 | ec2 | ec2 | OpenStack EC2 service |
| 4d467a606ff44050a9d8a687e1311831 | glance | image | OpenStack Image Service |
| ce703fa0839e4ad68b3bf1f7b48558c3 | keystone | identity | OpenStack Identity |
| 9a662cef4e8b4e5eb46e8678fd4ff8c8 | nova | compute | OpenStack Compute Service |
| 82a32e1fab37445c9388dc9b5634088a | neutron | network | OpenStack Networking service |
+----------------------------------+----------+----------+------------------------------+
</syntaxhighlight>
Listando roles
root@penny:~# keystone role-list
+----------------------------------+----------+
| id | name |
+----------------------------------+----------+
| 746be8d87850406f8eb39aa4b5e55fa3 | Member |
| 9fe2ff9ee4384b1894a90878d3e92bab | _member_ |
| acaf9716ce20467a9b82578bf4baf534 | admin |
+----------------------------------+----------+
</syntaxhighlight>
Listando tenants
root@penny:~# keystone tenant-list
+----------------------------------+---------+---------+
| id | name | enabled |
+----------------------------------+---------+---------+
| f6dc2f9266f14b848b6e577b7024854a | IFSC | True |
| 4aaa0eb1b84d4405af0384a59053ac45 | admin | True |
| 68082d94500045c19e9bd40dd0b1cc7f | service | True |
+----------------------------------+---------+---------+
</syntaxhighlight>
OpenStack Imagine Service (codenome Glance)
Instalando Glance
apt-get -y install glance
</syntaxhighlight>
Configurando Glance
É necessário editar arquivos /etc/glance/glance-api.conf e /etc/glance/glance-registry.conf de acordo com Media:Glance.zip
rm /var/lib/glance/glance.sqlite
service glance-api restart && service glance-registry restart
glance-manage db_sync
</syntaxhighlight>
Testando Glance
Enviando uma imagem
mkdir /tmp/images
cd /tmp/images/
wget "http://uec-images.ubuntu.com/saucy/current/saucy-server-cloudimg-amd64-disk1.img"
glance image-create --is-public true --disk-format qcow2 --container-format bare --name "Ubuntu Server 13.10" < saucy-server-cloudimg-amd64-disk1.img
</syntaxhighlight>
Listando imagens
root@penny:~# glance image-list
+--------------------------------------+---------------------+-------------+------------------+-----------+--------+
| ID | Name | Disk Format | Container Format | Size | Status |
+--------------------------------------+---------------------+-------------+------------------+-----------+--------+
| 5b9b1a48-fdd0-4c72-8ab5-0ac073072b39 | Ubuntu Server 13.04 | qcow2 | bare | 236519424 | active |
+--------------------------------------+---------------------+-------------+------------------+-----------+--------+
</syntaxhighlight>
OpenStack Block Storage service (codenome Cinder)
Instalando Cinder
apt-get install -y cinder-api cinder-scheduler cinder-volume iscsitarget open-iscsi iscsitarget-dkms python-cinderclient linux-headers-`uname -r`
</syntaxhighlight>
Configurando Cinder
Pré-configuração
sed -i 's/false/true/g' /etc/default/iscsitarget
service iscsitarget start
service open-iscsi start
pvcreate /dev/sda5
vgcreate cinder-volumes /dev/sda5
</syntaxhighlight>
Editando arquivos de configuração
Editar os arquivos /etc/cinder/cinder.conf e /etc/cinder/api-paste.ini de acordo com Media:Cinder.zip
Aplicando a nova configuração
cinder-manage db sync
service cinder-api restart ; service cinder-scheduler restart; service cinder-volume restart
</syntaxhighlight>
Testando Cinder
Criando volume
root@penny:~# cinder create --display-description "Primeiro Volume" 1
+---------------------+--------------------------------------+
| Property | Value |
+---------------------+--------------------------------------+
| attachments | [] |
| availability_zone | nova |
| bootable | false |
| created_at | 2013-10-21T20:41:58.711368 |
| display_description | Primeiro Volume |
| display_name | None |
| id | be57581f-70eb-4f9a-8884-57ae14d6bc60 |
| metadata | {} |
| size | 1 |
| snapshot_id | None |
| source_volid | None |
| status | creating |
| volume_type | None |
+---------------------+--------------------------------------+
</syntaxhighlight>
Listando volume
root@penny:~# cinder list
</syntaxhighlight>
Deletando volume
root@penny:~# cinder delete 2da4b600-33f0-4576-b0ff-e3a3e8f95161
</syntaxhighlight>
Instalando Neutron
apt-get install -y neutron-server
</syntaxhighlight>
Configurando Neutron
É necessário editar arquivos /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini, /etc/neutron/api-paste.ini e /etc/neutron/neutron.conf de acordo com Media:Neutron.zip
Reiniciando o serviço Neutron
service neutron-server restart
</syntaxhighlight>