Mudanças entre as edições de "OpenStack com Open vSwitch e SDN - Guia de Instalação"

Edição das 14h25min de 13 de março de 2014

Projeto em andamento com o aluno Rafael Turnes da Silveira.

Instalação

Controlador da nuvem (penny)

Configuração básica

Atualizando o sistema

apt-get update; apt-get upgrade; apt-get dist-upgrade</syntaxhighlight>

Configurando interfaces de rede - /etc/network/interfaces


auto lo
iface lo inet loopback

OpenStack - Rede de gerenciamento

auto p5p1
iface p5p1 inet static

       address 192.168.88.251
       netmask 255.255.255.0

OpenStack - Rede de configuração

auto p5p1:0
iface p5p1:0 inet static

       address 192.168.89.251
       netmask 255.255.255.0

OpenStack - IFSC

auto em1
iface em1 inet manual

       up ifconfig $IFACE 0.0.0.0 up
       up ip link set $IFACE promisc on
       up ethtool -s em1 wol g
       down ip link set $IFACE promisc off
       down ifconfig $IFACE down

auto br-ex
iface br-ex inet static

      address 172.18.3.251
      netmask 255.255.192.0
      gateway 172.18.0.254
      dns-nameservers 8.8.8.8 8.8.4.4

</syntaxhighlight>

Instalando e configurando NTP server


sudo apt-get install -y ntp
sed -i 's/server ntp.ubuntu.com/server ntp.ubuntu.com\nserver 127.127.1.0\nfudge 127.127.1.0 stratum 10/g' /etc/ntp.conf
service ntp restart
</syntaxhighlight>

Instalando e configurando MySQLInstalando pacotes.

Durante a instalação será pedido para inserir uma senha de root. 
sudo apt-get install -y python-mysqldb mysql-server</syntaxhighlight>

Mudando bind-address e aplicando a nova configuração

sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf 
service mysql restart 
</syntaxhighlight>

Criando banco de dados


mysql -u root -p <<EOF
CREATE DATABASE nova;
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '<password>';
CREATE DATABASE cinder;
GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY '<password>';
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '<password>';
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '<password>';
CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '<password>';
FLUSH PRIVILEGES;
EOF
</syntaxhighlight>

Instalando servidor de fila de mensagem


sudo apt-get install rabbitmq-server
rabbitmqctl change_password guest NovaSenha
</syntaxhighlight>

OpenStack Identity Service (codenome Keystone)Instalando Keystone


sudo apt-get install -y keystone python-keystone python-keystoneclient
sudo rm /var/lib/keystone/keystone.db
</syntaxhighlight>

Configurando Keystone

Editar os arquivos /etc/keystone/keystone.conf de acordo com Media:Keystone.zip

Aplicando a nova configuração


cd /etc/init.d/; for i in $( ls keystone-* ); do sudo service $i restart; done
keystone-manage db_sync
</syntaxhighlight>

Criando tenants, usuários, roles, serviços e endpoints

O código abaixo é um script retirado do site http://docs.openstack.org/ e adaptado.

!/bin/bashModify these variables as needed

ADMIN_PASSWORD=${ADMIN_PASSWORD:-<Password>}
SERVICE_PASSWORD=${SERVICE_PASSWORD:-<Password>}

DEMO_PASSWORD=${DEMO_PASSWORD:-$ADMIN_PASSWORD}

export OS_SERVICE_TOKEN="<tokenstring>"
export OS_SERVICE_ENDPOINT="http://localhost:35357/v2.0"
SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service}

MYSQL_USER=keystone
MYSQL_DATABASE=keystone
MYSQL_HOST=localhost
MYSQL_PASSWORD=password

KEYSTONE_REGION=IFSC-SJ-01
KEYSTONE_HOST_EXT=172.18.3.251
KEYSTONE_HOST_INT=192.168.88.251

Shortcut function to get a newly generated ID

function get_field() {

   while read data; do
       if [ "$1" -lt 0 ]; then
           field="(\$(NF$1))"
       else
           field="\$$(($1 + 1))"
       fi
       echo "$data" | awk -F'[ \t]*\\|[ \t]*' "{print $field}"
   done

Tenants

ADMIN_TENANT=$(keystone tenant-create --name=admin | grep " id " | get_field 2)

DEMO_TENANT=$(keystone tenant-create --name=demo | grep " id " | get_field 2)

SERVICE_TENANT=$(keystone tenant-create --name=$SERVICE_TENANT_NAME | grep " id " | get_field 2)

Users

ADMIN_USER=$(keystone user-create --name=admin --pass="$ADMIN_PASSWORD" --email=rafael@turnes.com.br | grep " id " | get_field 2)

DEMO_USER=$(keystone user-create --name=demo --pass="$DEMO_PASSWORD" --email=demo@domain.com --tenant-id=$DEMO_TENANT | grep " id " | get_field 2)

NOVA_USER=$(keystone user-create --name=nova --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=rafael@turnes.com.br | grep " id " | get_field 2)
GLANCE_USER=$(keystone user-create --name=glance --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=rafael@turnes.com.br | grep " id " | get_field 2)
NEUTRON_USER=$(keystone user-create --name=neutron --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=rafael@turnes.com.br | grep " id " | get_field 2)
CINDER_USER=$(keystone user-create --name=cinder --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=rafael@turnes.com.br | grep " id " | get_field 2)

Roles

ADMIN_ROLE=$(keystone role-create --name=admin | grep " id " | get_field 2)
MEMBER_ROLE=$(keystone role-create --name=Member | grep " id " | get_field 2)

Add Roles to Users in Tenants

keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id $ADMIN_TENANT
keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $NOVA_USER --role-id $ADMIN_ROLE
keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $GLANCE_USER --role-id $ADMIN_ROLE
keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $NEUTRON_USER --role-id $ADMIN_ROLE
keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $CINDER_USER --role-id $ADMIN_ROLE

keystone user-role-add --tenant-id $DEMO_TENANT --user-id $DEMO_USER --role-id $MEMBER_ROLECreate services

COMPUTE_SERVICE=$(keystone service-create --name nova --type compute --description 'OpenStack Compute Service' | grep " id " | get_field 2)
VOLUME_SERVICE=$(keystone service-create --name cinder --type volume --description 'OpenStack Volume Service' | grep " id " | get_field 2)
IMAGE_SERVICE=$(keystone service-create --name glance --type image --description 'OpenStack Image Service' | grep " id " | get_field 2)
IDENTITY_SERVICE=$(keystone service-create --name keystone --type identity --description 'OpenStack Identity' | grep " id " | get_field 2)
EC2_SERVICE=$(keystone service-create --name ec2 --type ec2 --description 'OpenStack EC2 service' | grep " id " | get_field 2)
NETWORK_SERVICE=$(keystone service-create --name neutron --type network --description 'OpenStack Networking service' | grep " id " | get_field 2)

Create endpoints

keystone endpoint-create --region $KEYSTONE_REGION --service-id $COMPUTE_SERVICE --publicurl 'http://'"$KEYSTONE_HOST_EXT"':8774/v2/$(tenant_id)s' --adminurl 'http://'"$KEYSTONE_HOST_INT"':8774/v2/$(tenant_id)s' --internalurl 'http://'"$KEYSTONE_HOST_INT"':8774/v2/$(tenant_id)s'
keystone endpoint-create --region $KEYSTONE_REGION --service-id $VOLUME_SERVICE --publicurl 'http://'"$KEYSTONE_HOST_EXT"':8776/v1/$(tenant_id)s' --adminurl 'http://'"$KEYSTONE_HOST_INT"':8776/v1/$(tenant_id)s' --internalurl 'http://'"$KEYSTONE_HOST_INT"':8776/v1/$(tenant_id)s'
keystone endpoint-create --region $KEYSTONE_REGION --service-id $IMAGE_SERVICE --publicurl 'http://'"$KEYSTONE_HOST_EXT"':9292' --adminurl 'http://'"$KEYSTONE_HOST_INT"':9292' --internalurl 'http://'"$KEYSTONE_HOST_INT"':9292'
keystone endpoint-create --region $KEYSTONE_REGION --service-id $IDENTITY_SERVICE --publicurl 'http://'"$KEYSTONE_HOST_EXT"':5000/v2.0' --adminurl 'http://'"$KEYSTONE_HOST_INT"':35357/v2.0' --internalurl 'http://'"$KEYSTONE_HOST_INT"':5000/v2.0'
keystone endpoint-create --region $KEYSTONE_REGION --service-id $EC2_SERVICE --publicurl 'http://'"$KEYSTONE_HOST_EXT"':8773/services/Cloud' --adminurl 'http://'"$KEYSTONE_HOST_INT"':8773/services/Admin' --internalurl 'http://'"$KEYSTONE_HOST_INT"':8773/services/Cloud'
keystone endpoint-create --region $KEYSTONE_REGION --service-id $NETWORK_SERVICE --publicurl 'http://'"$KEYSTONE_HOST_EXT"':9696/' --adminurl 'http://'"$KEYSTONE_HOST_INT"':9696/' --internalurl 'http://'"$KEYSTONE_HOST_INT"':9696/'
</syntaxhighlight>

Testando KeystoneCriando um arquivo de credênciais

 vim os.cred </syntaxhighlight>

export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=<senhaAdministrador>
export OS_AUTH_URL="http://192.168.88.251:5000/v2.0/"
export OS_REGION_NAME=IFSC-SJ-01
</syntaxhighlight>
 source os.cred </syntaxhighlight>

Listando usuários


root@penny:~# keystone user-list
+----------------------------------+---------+---------+--------------------------+
|                id                |   name  | enabled |          email           |
+----------------------------------+---------+---------+--------------------------+
| 0bcadb16258d4552839b9c776c89ff64 |  admin  |   True  |   rafael@turnes.com.br   |
| 23fd34f439484b73a6eea9913ac580ad |  cinder |   True  |   rafael@turnes.com.br   |
| 54ac7e04ab2540ed9ef428ed11b8fbcd | ederson |   True  | boidacarapreta@gmail.com |
| 27d928bfefb84c0baefc0b13bcdd362a |  glance |   True  |   rafael@turnes.com.br   |
| 773499148c564119b5e7e64d0c71bb3d |  marcos |   True  |    mmoecke@gmail.com     |
| 61d08e2259e6403ba23918d87dea404b |   nova  |   True  |   rafael@turnes.com.br   |
| 853266dae4f2409dbc035b1b6cd928c8 | neutron |   True  |   rafael@turnes.com.br   |
| 45a33dbb899d4c199e961302796cb1a6 |  rafael |   True  |   rafael@turnes.com.br   |
+----------------------------------+---------+---------+--------------------------+
</syntaxhighlight>

Listando serviços


root@penny:~# keystone service-list
+----------------------------------+----------+----------+------------------------------+
|                id                |   name   |   type   |         description          |
+----------------------------------+----------+----------+------------------------------+
| c3350aeba89d47f88a1d6761cd74256b |  cinder  |  volume  |   OpenStack Volume Service   |
| f451c35c697a45b5b5e6a5bbe280d434 |   ec2    |   ec2    |    OpenStack EC2 service     |
| 4d467a606ff44050a9d8a687e1311831 |  glance  |  image   |   OpenStack Image Service    |
| ce703fa0839e4ad68b3bf1f7b48558c3 | keystone | identity |      OpenStack Identity      |
| 9a662cef4e8b4e5eb46e8678fd4ff8c8 |   nova   | compute  |  OpenStack Compute Service   |
| 82a32e1fab37445c9388dc9b5634088a | neutron | network  | OpenStack Networking service |
+----------------------------------+----------+----------+------------------------------+
</syntaxhighlight>

Listando roles


root@penny:~# keystone role-list
+----------------------------------+----------+
|                id                |   name   |
+----------------------------------+----------+
| 746be8d87850406f8eb39aa4b5e55fa3 |  Member  |
| 9fe2ff9ee4384b1894a90878d3e92bab | _member_ |
| acaf9716ce20467a9b82578bf4baf534 |  admin   |
+----------------------------------+----------+
</syntaxhighlight>

Listando tenants


root@penny:~# keystone  tenant-list
+----------------------------------+---------+---------+
|                id                |   name  | enabled |
+----------------------------------+---------+---------+
| f6dc2f9266f14b848b6e577b7024854a |   IFSC  |   True  |
| 4aaa0eb1b84d4405af0384a59053ac45 |  admin  |   True  |
| 68082d94500045c19e9bd40dd0b1cc7f | service |   True  |
+----------------------------------+---------+---------+
</syntaxhighlight>

OpenStack Imagine Service (codenome Glance)Instalando Glance


apt-get -y install glance
</syntaxhighlight>

Configurando Glance

É necessário editar arquivos /etc/glance/glance-api.conf e /etc/glance/glance-registry.conf de acordo com Media:Glance.zip

rm /var/lib/glance/glance.sqlite
service glance-api restart && service glance-registry restart
glance-manage db_sync
</syntaxhighlight>

Testando GlanceEnviando uma imagem


mkdir /tmp/images
cd /tmp/images/
wget "http://uec-images.ubuntu.com/saucy/current/saucy-server-cloudimg-amd64-disk1.img"
glance image-create --is-public true --disk-format qcow2 --container-format bare --name "Ubuntu Server 13.10" < saucy-server-cloudimg-amd64-disk1.img
</syntaxhighlight>

Listando imagens


root@penny:~# glance image-list
+--------------------------------------+---------------------+-------------+------------------+-----------+--------+
| ID                                   | Name                | Disk Format | Container Format | Size      | Status |
+--------------------------------------+---------------------+-------------+------------------+-----------+--------+
| 5b9b1a48-fdd0-4c72-8ab5-0ac073072b39 | Ubuntu Server 13.04 | qcow2       | bare             | 236519424 | active |
+--------------------------------------+---------------------+-------------+------------------+-----------+--------+
</syntaxhighlight>

OpenStack Block Storage service (codenome Cinder)Instalando Cinder


apt-get install -y cinder-api cinder-scheduler cinder-volume iscsitarget open-iscsi iscsitarget-dkms python-cinderclient linux-headers-`uname -r`
</syntaxhighlight>

Configurando CinderPré-configuração


sed -i 's/false/true/g' /etc/default/iscsitarget
service iscsitarget start
service open-iscsi start
pvcreate /dev/sda5
vgcreate cinder-volumes /dev/sda5
</syntaxhighlight>

Editando arquivos de configuração

Editar os arquivos /etc/cinder/cinder.conf e /etc/cinder/api-paste.ini de acordo com Media:Cinder.zip

Aplicando a nova configuração


cinder-manage db sync
cd /etc/init.d/; for i in $( ls cinder-* ); do sudo service $i restart; done
</syntaxhighlight>

Testando CinderCriando volume


root@penny:~# cinder create --display-description "Primeiro Volume" 1
+---------------------+--------------------------------------+
|       Property      |                Value                 |
+---------------------+--------------------------------------+
|     attachments     |                  []                  |
|  availability_zone  |                 nova                 |
|       bootable      |                false                 |
|      created_at     |      2013-10-21T20:41:58.711368      |
| display_description |           Primeiro Volume            |
|     display_name    |                 None                 |
|          id         | be57581f-70eb-4f9a-8884-57ae14d6bc60 |
|       metadata      |                  {}                  |
|         size        |                  1                   |
|     snapshot_id     |                 None                 |
|     source_volid    |                 None                 |
|        status       |               creating               |
|     volume_type     |                 None                 |
+---------------------+--------------------------------------+
</syntaxhighlight>

Listando volume


root@penny:~# cinder list
</syntaxhighlight>

Deletando volume


root@penny:~# cinder delete 2da4b600-33f0-4576-b0ff-e3a3e8f95161
</syntaxhighlight>

OpenStack Networking Service (codenome Neutron)Instalando Neutron


apt-get install -y neutron-server
</syntaxhighlight>

Configuração do sistema

Adiconar no arquivo /etc/sysctl.conf

net.ipv4.ip_forward=1
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0
</syntaxhighlight>
Aplicar a configuração

sysctl -p
service networking restart
</syntaxhighlight>

Configurando Neutron

É necessário editar arquivos /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini, /etc/neutron/api-paste.ini e /etc/neutron/neutron.conf de acordo com Media:Neutron.zip

Aplicando a nova configuração


cd /etc/init.d/; for i in $( ls neutron-* ); do sudo service $i restart; done
</syntaxhighlight>

OpenStack Compute Service (codenome Nova)Instalando Nova


apt-get install nova-novncproxy novnc nova-api nova-ajax-console-proxy nova-cert nova-conductor nova-consoleauth nova-doc nova-scheduler python-novaclient
</syntaxhighlight>

Configurando Nova

É necessário editar arquivos /etc/nova/api-paste.ini e /etc/nova/nova.conf. Media:Nova.zip

Aplicando a nova configuração


nova-manage db sync
cd /etc/init.d/; for i in $( ls nova-* ); do sudo service $i restart; done
</syntaxhighlight>

Verificando o serviço Nova


nova-manage service list
</syntaxhighlight>

Mudanças entre as edições de "OpenStack com Open vSwitch e SDN - Guia de Instalação"

Edição das 14h25min de 13 de março de 2014

Instalação

Controlador da nuvem (penny)

Configuração básica

Atualizando o sistema

Configurando interfaces de rede - /etc/network/interfaces

Instalando e configurando NTP server

Instalando e configurando MySQL

Instalando pacotes.

Mudando bind-address e aplicando a nova configuração

Criando banco de dados

Instalando servidor de fila de mensagem

OpenStack Identity Service (codenome Keystone)

Instalando Keystone

Configurando Keystone

Aplicando a nova configuração

Criando tenants, usuários, roles, serviços e endpoints

Testando Keystone

Criando um arquivo de credênciais

Listando usuários

Listando serviços

Listando roles

Listando tenants

OpenStack Imagine Service (codenome Glance)

Instalando Glance

Configurando Glance

Testando Glance

Enviando uma imagem

Listando imagens

OpenStack Block Storage service (codenome Cinder)

Instalando Cinder

Configurando Cinder

Pré-configuração

Editando arquivos de configuração

Aplicando a nova configuração

Testando Cinder

Criando volume

Listando volume

Deletando volume

OpenStack Networking Service (codenome Neutron)

Instalando Neutron

Configuração do sistema

Configurando Neutron

Aplicando a nova configuração

OpenStack Compute Service (codenome Nova)

Instalando Nova

Configurando Nova

Aplicando a nova configuração

Verificando o serviço Nova

Menu de navegação

Pesquisa