radez f 0900 deploying rhos on rhel

DEPLOYING OPENSTACK ON

RED HAT ENTERPRISE LINUX

Dan RadezSr. Software Engineer, Red HatJune 14, 2013

What is OpenStack?

Cloud/Visualization Platform Designed for standard hardware OpenSource

Overview

Lab Workstation

User: lab12

Password: lab12

Applications -> System Tools -> Virt Manager

- RHOS-control-node: 192.168.122.101

- RHOS-compute-node: 192.168.122.102

PackStack: Installation

Red Hat developed OpenStack installer

Deployment options Interactively Answer file Quick Start All-in-one

Features Single-host install Multi-host install RHOS, RDO, EPEL

PackStack: Installation

[root@rhos ~]# ssh 192.168.122.101

[root@control ~]# yum install -y openstack-packstack

[root@control ~]# packstack --use-epel=n --install-hosts 192.168.122.101,192.168.122.102

Install Defaults MySQL Qpid Swift Not Installed Quantum

Packstack: Installation

Exercise: Install OpenStack

file:///home/lab12/slides/index.html

Killing time while PackStack works magic

Relationship between OpenStack services

Help!

$ keystone help$ keystone help user-create$ glance help$ glance help image-create$ nova help$ nova help boot

Keystone: Identity Management


centralized identity service central catalog of services

Multiple forms of authentication User name and password Token-based systems Amazon Web Services style logins


Login as admin[root@control ~]$ cat keystonerc_adminexport OS_USERNAME=adminexport OS_TENANT_NAME=adminexport OS_PASSWORD=5ffbe9d2a38d4a48export OS_AUTH_URL=http://192.168.122.101:35357/v2.0/ export PS1="[\u@\h \W(keystone_admin)]$ "

[root@control ~]$ source keystonerc_admin

[root@control ~(keystone_admin)]$


Add a User[root@control ~]$ keystone user-create --name radez --pass supersecretpass

id: 849616035d654b9b9a8cc38b10284a52

[root@control ~]$ keystone role-create --name role1

id: 8ab4a27031084100afbafc0f95a47170

[root@control ~]$ keystone tenant-create --name tenant1

Id: 427c01f33fcf4feb930f26dd550a14e0


Add a User[root@control ~]$ keystone user-role-add --user-id radez --role-id role1 --tenant-id tenant1

[root@control ~]$ keystone user-list

[root@control ~]$ keystone role-list

[root@control ~]$ keystone tenant-list

[root@control ~]$ keystone user-role-list

[root@control ~]$ keystone endpoint-list


Login as radez[root@control ~]$ cp keystonerc_admin user_radezexport OS_USERNAME=radezexport OS_TENANT_NAME=tenant1export OS_PASSWORD=supersecretpassexport OS_AUTH_URL=http://192.168.122.101:35357/v2.0/ export PS1="[\u@\h \W(user_radez)]$ "

[root@control ~]$ source user_radez

[root@control ~(user_radez)]$

[root@control ~]$ source keystonerc_admin

[root@control ~(keystonerc_admin)]$


Exercise: Add a user

Glance: Image Management


registry for virtual machine images images used as templates for new servers

[root@control ~]$ glance image-create --name cirros --is-public 1 --disk-format qcow2 --container-format bare --file /mnt/cirros-0.3.0-x86_64-disk.img

id: d3d1f38e-3f2c-4f45-91e1-cb4535f62d10

[root@rhos ~]$ glance image-list


Image Building Oz appliance-creator Native glance builder in the works Manually (launch installer, import before first boot)

Build Notes: Include cloudinit for post boot configuration


Exercise: Add an image

Quantum: Networking

Quantum: Networking

networking as a service built in modular architecture

Features Single or Multiple host deployment virtual network, subnet, and port abstractions Plugin architecture supports many network technologies

Quantum: Networking

http://docs.openstack.org/trunk/openstack-network/admin/content/connectivity.html

Quantum: Networking

Extra Configuration (control node)/etc/quantum/dhcp_agent.ini use_namespaces=True

/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini tenant_network_type=vlan network_vlan_ranges = physnet1:1000:2999 bridge_mappings = physnet1:br-eth1

/etc/quantum/quantum.conf ovs_use_veth = True -log_file

Quantum: Networking

Extra Configuration (control node)/etc/quantum/l3_agent.ini -root_helper? use_namespaces=True

[root@control ~]$ yum install -y nc

[root@control ~]$ chkconfig quantum-ovs-cleanup on

[root@control ~]$ ovs-vsctl add-br br-eth1

[root@control ~]$ ovs-vsctl add-port br-eth1 eth1

[root@control ~]$ sed -i "s|--config-file /usr/share/\$proj/\$proj-dist.conf ||" `grep -l proj-dist /etc/init.d/quantum*`

Quantum: Networking

External Bridge (control node)/etc/sysconfig/network-scripts/ifcfg-eth0 -IPADDR=192.168.122.101 BRIDGE=br-ex

/etc/sysconfig/network-scripts/ifcfg-br-ex ONBOOT=yes

[root@control ~]$ ovs-vsctl add-br br-ex

[root@control ~]$ ovs-vsctl add-port br-ex eth0; reboot

Quantum: Networking

Extra Configuration (compute node)/etc/nova/nova.conf libvirt_vif_driver =

nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver

/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini bridge_mappings = physnet1:br-eth1 -tenant_network_type=local

[root@compute ~]$ ovs-vsctl add-br br-eth1

[root@compute ~]$ ovs-vsctl add-port br-eth1 eth1

https://wiki.openstack.org/wiki/ConfigureOpenvswitch

Quantum: Networking

Restart Services (compute node)[root@compute ~]$ sed -i "s|--config-file /usr/share/\$proj/\$proj-dist.conf ||" `grep -l proj-dist /etc/init.d/quantum*`

[root@compute ~]$ service openstack-nova-compute restart

[root@compute ~]$ service quantum-openvswitch-agent restart

Quantum: Networking

Create networks, subnets and routers[root@control ~]$ quantum net-create int

id: cc6052d8-2a6d-40e7-85ab-b7c8bb5b3a8c

[root@control ~]$ quantum subnet-create int 192.168.32.0/24

id: c6c4ded5-ac0a-4f7c-8f54-9218f2cf8ecc

[root@control ~]$ quantum router-create router1

id: 30f385f0-8f1d-453e-b4ab-26ee6f8e80fe

[root@control ~]$ quantum router-interface-add router1 c6c4ded5-ac0a-4f7c-8f54-9218f2cf8ecc

Quantum: Networking

Create networks, subnets and routers[root@control ~]# keystone tenant-list

4ee4f1d7d5ba46318885dd82520d748f | services

[root@control ~]$ quantum net-create --tenant-id services ext -- --router:external=True

id: 4cbcc3c7-4a40-4101-afca-ca9782ff7f04

[root@control ~]$ quantum subnet-create --tenant-id services ext 192.168.122.0/24 -- --enable_dhcp=False

id: a4ba8c13-2a67-4402-bb0d-7e55f253de44

[root@rhos ~]$ quantum router-gateway-set router1 ext

Quantum: Networking

Clean the security groupsecurity_group_rules | "direction": "ingress"

"id": "74dd70eb-f1c5-4797-978b-3238035b3aef"

"id": "f7087e8b-5f15-494c-997b-c86d258efc62"

[root@control ~]$ quantum security-group-rule-delete 74dd70eb-f1c5-4797-978b-3238035b3aef

[root@control ~]$ quantum security-group-rule-delete f7087e8b-5f15-494c-997b-c86d258efc62

Quantum: Networking

Add new security group rules[root@control ~]$ quantum security-group-rule-create --protocol tcp --port-range-min 22 --port-range-max 22 --remote-ip-prefix 0.0.0.0/0 049ca2a9-7dc0-417c-9092-640e8a47a585

[root@control ~]$ quantum security-group-rule-create --protocol icmp --remote-ip-prefix 0.0.0.0/0 049ca2a9-7dc0-417c-9092-640e8a47a585

Quantum: Networking

Exercise: Network your stack

Nova: Instance Management


manages virtual machines on nodes provides virtual servers on demand interacts with Keystone, Glance and Horizon

Design Features Designed to scale horizontally Designed for standard hardware


Boot an instance[root@control ~]$ nova flavor-list

[root@control ~]$ nova keypair-add --pub-key .ssh/id_rsa.pub mykey

[root@control ~]$ nova keypair-list

mykey | 84:6e:28:d3:75:17:ab:25:4d:f3:0d:61:93:55:ee:e2

[root@control ~]$ nova image-list

[root@control ~]$ nova boot --flavor 1 --key_name mykey --image cirros my_instance

[root@control ~]$ nova list


Associate a floating to an instance[root@control ~]$ quantum floatingip-create ext

id: 2b815236-f5f6-4d48-9860-4abbaec15990

[root@control ~]$ quantum port-list

Id: 1abd07c4-8c7b-4701-92a3-482f69e5a4eeip_address: 192.168.32.2

[root@control ~]$ quantum floatingip-associate 2b815236-f5f6-4d48-9860-4abbaec15990 1abd07c4-8c7b-4701-92a3-482f69e5a4ee

Associated floatingip 2b815236-f5f6-4d48-9860-4abbaec15990


Communicate with instance[root@control ~]$ ping 192.168.122.3

PING 192.168.122.3 (192.168.122.3) 56(84) bytes of data.64 bytes from 192.168.122.3: icmp_seq=2 ttl=63 time=0.668 ms

[root@control ~]$ ssh [email protected]

The authenticity of host '192.168.122.3 (192.168.122.3)' can't be established.RSA key fingerprint is 38:49:f2:67:80:11:31:84:1f:b1:79:df:5f:e4:e5:f7.Are you sure you want to continue connecting (yes/no)? YesWarning: Permanently added '192.168.122.3' (RSA) to the list of known hosts.

$


Exercise: Boot an Instance

Cinder: Block Storage


manages persistent block storage volumes snapshots can be taken

Create and attach a volume[root@control ~]$ cinder create 1

id: 4d6cbb1f-5873-4357-99c7-8ae0502e6de5

[root@control ~]$ nova volume-attach my_instance \4d6cbb1f-5873-4357-99c7-8ae0502e6de5 auto


Mount a volume[root@control ~]$ ssh -i .ssh/id_rsa [email protected]

my_instance$ sudo -i

my_instance# mkfs.ext4 /dev/vdb

my_instance# mkdir -p /mnt/volume

my_instance# mount /dev/vdb /mnt/volume

my_instance# touch /mnt/volume/test.txt

my_instance# umount /mnt/volume

[root@control ~]$ nova volume-detach my_instance \4d6cbb1f-5873-4357-99c7-8ae0502e6de5


Exercise: Create, attach and mount a volume

Swift: Object Storage


Install Swift/root/packstack-answers-20130614-091000.txt

CONFIG_SWIFT_INSTALL=n

[root@control ~]$ packstack --answer-file packstack-answers-20130614-091000.txt


allows users to store and retrieve files distributed architecture to allow for horizontal scaling provides redundancy as failure-proofing data replication is managed by software


Upload an object[root@control ~]$ swift stat

[root@control ~]$ swift list

[root@control ~]$ swift upload test packstack-answers.txt

[root@control ~]$ swift list

[root@control ~]$ swift list test

[root@control ~]$ swift upload test /etc/motd

[root@control ~]$ swift list test


Exercise: Create a container & upload an object

Dashboard: Web Interface


web-based interface for managing OpenStack services modular design for interfacing with other projects includes interface for all core components


Exercise: Explore the Dashboard

http://192.168.122.101/dashboard/

Review

PackStack: Installed OpenStack Keystone: Added a user Glance: Imported an image Quantum: Routed int & ext networks Nova: Launched an instance Cinder: Created and attached a volume Swift: Created a container & uploaded an object Dashboard: Graphical interaction

Review

Resources

Resources https://access.redhat.com/knowledge/docs/en-

US/Red_Hat_OpenStack_Preview/2/html-single/Getting_Started_Guide/index.html

OpenStack.org TryStack.org Puppetlabs.com Djangoproject.com Oz: https://github.com/clalancette/oz/ https://github.com/redhat-openstack/image-building-poc

Slide 1Slide 2Slide 3Slide 4Slide 5Slide 6Slide 7Slide 8Slide 9Slide 10Slide 11Slide 12Slide 13Slide 14Slide 15Slide 16Slide 17Slide 18Slide 19Slide 20Slide 21Slide 22Slide 23Slide 24Slide 25Slide 26Slide 27Slide 28Slide 29Slide 30Slide 31Slide 32Slide 33Slide 34Slide 35Slide 36Slide 37Slide 38Slide 39Slide 40Slide 41Slide 42Slide 43Slide 44Slide 45Slide 46Slide 47Slide 48Slide 49Slide 50Slide 51Slide 52Slide 53Slide 54Slide 55Slide 56Slide 57Slide 58Slide 59Slide 60Slide 61Slide 62Slide 63Slide 64Slide 65

radez f 0900 deploying rhos on rhel

Documents