OpenStack Essex Install on 12.04
Dated Content, Please see the Following
Update: My latest installation Tutorial for OpenStack Folsom. It’s too tough to try and keep up with debugging installers myself so I am just using DevStack in that tutorial. Thanks!
OpenStack Folsom Quantum DevStack Installation Tutorial
Many hours, days, nights and poor defenseless VMs were destroyed in preparing this how-to. There are some great scripts out there but for most engineers and architects we need to tear it apart look at the guts and put it back together. You are in luck. There are a lot of moving parts on the current OpenStack Essex release, so be prepared to drop MySql tables and rebuild. There is a troubleshooting post following this one to refer to as problems arise.
The OpenStack core components we are installing in this demo are Nova, Glance, Keystone and Dashboard. This will be the standard build for future design scenarios. This is killer software out of the box for data center orchestration built on top of killer modules.
Updated and verified July 12, 2012. Difference from the video is using a database for Keystone.
Figure 1. Two NICs on a host. Note* If you have one NIC you can use a vNIC i.e. eth0 & eth0:1
Prerequisites
The KVM requires an x86 machine with either Intel VT or AMD w/AMD-V support. Anything fairly new will have that support in the processor. There are a few older HW builds that support hardware assisted virtualization by enabling it in the bios. Pretty much Googling your machine for hardware virtualization will let you know. Qemu can be run on non VT HW but the machines will probably get brutalized by a few host VMs. When you are setting up the vSwitch either have an out of band or be on it physically. Be careful when you are adding multiple interfaces to bridges since you can spin up a bridging loop pretty quickly unless you have STP on. I recommend a test/dev network or mom’s basement network. If not BPDUguard is your friend 🙂 This is done on a fresh install of 64-bit Ubuntu 12.04 (Precise).
The starting Nic interface config looks like this in /etc/network/interfaces.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
; html-script: false ]auto lo iface lo inet loopback #Frontend auto eth0 iface eth0 inet static address 192.168.1.6 <--- Your Public interface goes here netmask 255.255.255.0 network 192.168.1.0 broadcast 192.168.1.255 dns-nameservers 8.8.8.8 gateway 192.168.1.1 #Backend auto eth1 iface eth1 inet manual up ifconfig eth1 up |
/*Updates
$apt-get update
$apt-get dist-upgrade
/*If not FQDN
$nano /etc/hosts
127.0.0.1 localhost
127.0.1.1 openstack1
apt-get install ntp
/*Edit the NTP config to survive an Internet/Network outage:
$nano /etc/ntp.conf
server ntp.ubuntu.com iburst
server 127.127.1.0
fudge 127.127.1.0 stratum 10
/*Restart the service
$service ntp restart
/*More packages
$apt-get install tgt
$apt-get install open-iscsi open-iscsi-utils
$apt-get install bridge-utils
/*Restart Networking
$/etc/init.d/networking restart
$apt-get install rabbitmq-server memcached python-memcache
$apt-get install kvm libvirt-bin
$apt-get install -y mysql-server python-mysqldb
/* Log into MySQL
$mysql -u root -p
/*Create the Nova database with a password ‘openstack’
|
1 2 3 4 5 6 7 8 9 10 11 |
; html-script: false ]mysql -u root -popenstack -e 'CREATE DATABASE nova;' mysql -u root -popenstack -e "GRANT ALL ON nova.* TO 'nova'@'%' IDENTIFIED BY 'openstack';" mysql -u root -popenstack -e "GRANT ALL ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'openstack';" mysql -u root -popenstack -e 'CREATE DATABASE keystone;' mysql -u root -popenstack -e "GRANT ALL ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'openstack';" mysql -u root -popenstack -e "GRANT ALL ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'openstack';" mysql -u root -popenstack -e 'CREATE DATABASE glance;' mysql -u root -popenstack -e "GRANT ALL ON glance.* TO 'glance'@'%' IDENTIFIED BY 'openstack';" mysql -u root -popenstack -e "GRANT ALL ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'openstack';" |
/*Edit my.cnf
$nano /etc/mysql/my.cnf
/*from
bind-address = 127.0.0.1
/*to
bind-address = 0.0.0.0
$/etc/init.d/mysql restart
Keystone Identity Management
/*More packages
$apt-get install keystone python-keystone python-keystoneclient
/*Edit keystone.conf
$nano /etc/keystone/keystone.conf
/* Change ‘admin_token’ FROM
#bind_host = 0.0.0.0
public_port = 5000
admin_port = 35357
admin_token = ADMIN
/*TO
#bind_host = 0.0.0.0
public_port = 5000
admin_port = 35357
admin_token = openstack
/*Also in Keystone.conf change the catalog values. If you dont change this you will get endpoint errors.
/*Change the catalog values FROM:
[catalog]
driver = keystone.catalog.backends.sql.Catalog
TO:
[catalog]
# driver = keystone.catalog.backends.sql.Catalog
driver = keystone.catalog.backends.templated.TemplatedCatalog
template_file = /etc/keystone/default_catalog.templates
Change from mysqlite to MySQL.
#connection = sqlite:////var/lib/keystone/keystone.db
TO:
[sql]
connection = mysql://keystone:openstack@localhost:3306/keystone
Delete the sqlite db – sudo rm /var/lib/keystone/keystone.db
/*Restart the Keystone service
$service keystone restart
/* Download and edit keystone-data.sh to have the proper password and token.
/*Download the script to populate Keystone. It parses out IDs and adds them to the account and role creation (originally Devstack/RackBuilders I beleive so ty to them). here
|
1 2 3 4 5 6 7 |
; html-script: false ]ADMIN_PASSWORD=${ADMIN_PASSWORD:-openstack} SERVICE_PASSWORD=${SERVICE_PASSWORD:-$ADMIN_PASSWORD} export SERVICE_TOKEN="openstack" export SERVICE_ENDPOINT="http://localhost:35357/v2.0" SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service} |
/*Save and run the keytone.sh script. Thanks to devstack for the script.
$chmod +x keystone.sh
$./keystone.sh
$chmod +x endpoints.sh
/* Restart and Sync Keystone
$/etc/init.d/keystone restart
$keystone-manage db_synch
Verify Users the following. If you get any errors make sure you have proper variables from a few steps back with the ‘export’ command.
$keystone user-list
Installing Glance Image Management
$apt-get install glance glance-api glance-client glance-common glance-registry python-glance
/* Go ahead and add these to the end of /root/.bashrc or at the least paste into your terminal.
|
1 2 3 4 5 6 7 8 |
; html-script: false ]export SERVICE_TOKEN=openstack export OS_TENANT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD=openstack export OS_AUTH_URL=http://localhost:5000/v2.0/ export SERVICE_ENDPOINT=http://localhost:35357/v2.0 |
/*Then refresh the shell. You can also use source novarc but keep it simple to start.
$bash
We are going to change the following files
/etc/glance/glance-registry-paste.ini (privileges)
/etc/glance/glance-api-paste.ini (privileges)
/etc/glance/glance-registry.conf (sql connection and flavor)
/etc/glance/glance-api.conf (flavor)
$rm /var/lib/glance/glance.sqlite
/*Change the values to match below at the bottom of glance-registry-paste.ini
$/etc/glance/glance-registry-paste.ini
admin_tenant_name = admin
admin_user = admin
admin_password = openstack
/*Change the values to match below at the bottom of glance-api-paste.ini
$nano /etc/glance/glance-api-paste.ini
admin_tenant_name = admin
admin_user = admin
admin_password = openstack
/*Adjust mysql with privileges
$nano /etc/glance/glance-registry.conf
Replace sql_connection = sqlite:////var/lib/glance/glance.sqlite
sql_connection = mysql://glance:openstack@localhost/glance
/*Add this to the bottom of the file
[paste_deploy]
flavor = keystone
/*Add flavors to /etc/glance/glance-api.conf at the bottom
$nano /etc/glance/glance-api.conf
[paste_deploy]
flavor = keystone
/* Restart for funzys
$/etc/init.d/glance-api restart
$/etc/init.d/glance-registry restart
/* Version control fix for 12.04
$glance-manage version_control 0
/*If you get errors on the following db_sync verify your variable by typing ‘export’.
/*Sync Glance with MySQL.
$glance-manage db_sync
/* FYI The glance-registry process will complain and abend until you apply version control and synch.
$/etc/init.d/glance-api restart
$/etc/init.d/glance-registry restart
Continue with part2
Hi Brent,
Thanks for this excellent post. I am having an issue with the keystone.sh script, it is returning errors like:
No handlers could be found for logger “keystoneclient.client”
Conflict occurred attempting to store tenant. (IntegrityError) column name is not unique u’INSERT INTO tenant (id, name, extra) VALUES (?, ?, ?)’ (‘f78d9d764eaf4dfe9a9f37a1231015f6′, u’admin’, ‘{“enabled”: true, “description”: null}’) (HTTP 409)
The HTTP Conflict error is odd so I have connected to the mysql instance which is running and can see the databases for nova and glance are created but contain no data – no tables, entries, etc. Any ideas why the script is not running correctly? Any help is greatly appreciated.
Thanks,
Simon
think I found my issue Brent, not 100% but started from scratch again and may not have set the mysql admin password to ‘openstack’, working through it now anyway, thanks again for the great article.
Hey Simon, Sorry I didn’t get back to you in time. I tell you the passwords were the root of about %50 of my problems until I reinstalled a million times lol. If time permits let me know what part wasn’t clear. It’s hard once I get going to tell if its just gibberish or clear especially when the coffee starts running out. lol. Thanks for the feedback on the problem!
Hey Brent,
I experienced a similar problem like Simon when I used your guide to install openstack.
I then used the devstack script to install openstack but even after that my openstack databases were left empty. Slowly getting desperate I browsed the openstack documentations and executed the command “keystone-manage db_sync” on the server and after that the tables appeared out of nowhere.
I don’t know whether devstack or db_synch did the trick but I though I’d share it on here anyway 🙂
Cheers,
Nicolas
Thanks Nicholas, I just changed it a couple of days ago to use a keystone table in mysql instead of sqlite. Thanks for the feedback! I am so short on time I just cobble together what works on an install from Googling errors that people like you are kind enough to share along with watching the IRC chat and dont have the time to vet it. Some good folks behind this, it needs to get a wee bit simpler. Take care!
[Re-posted here in case you don’t see the one on Part 2 :)]
Hi Brent,
Like you I have had numerous problems getting OpenStack installed and stable, and I was really glad to find this walk through. One problem is, I believe, in my nova.conf. I copied yours and edited for my local network, but left all the 172.31.x.x addresses as they were. When I try to boot an instance, the compute log shows that there is a password error.
Now, in your nova.conf you have the sql connection referring to a user novadbadmin, password openstack. I can’t see where (if anywhere) you created that user/database in the script. I see nova/nova being created. Any guidance would be much appreciated.
Thanks
Dave
Hi Dave you are right. Apologies for the slow reply. I will change that. the mysql calls will be the same username as what is added into MySQL.
hi brent,
I want ask something about mysql & keystone installation.
1.for mysql, why script in video tutorial was different in this post ?
2. for keystone installation , in part “$chmod +x endpoints.sh” would you give an script example? because I can’t find any link refer to that script.
thank you
Adhi
after downloading your keystone.sh_txt by wget commnad on ubuntu server and modifying according to your detailed instructions i get the message “no handlers could be found for logger keystoneclient.client” and after that dozens of lines of errors are brought up my screen. can you help me plz?
thnx
Hello I had the same issue with “no handlers could be found for logger keystoneclient.client”
I checked the /etc/keystone/keystone.conf file and my admin_TOKEN was incorrect. Hope this helps
Thanks for sharing that Paul!