Ajeet Raina I am a Docker Captain, ARM Innovator & Docker Bangalore Community Leader. I am a maintainer of Collabnix blogging site. I work for Redis and a primary maintainer of https://developer.redis.com. I run Collabnix Community Slack with over 6500+ audience . We have built a popular projects like Docker Labs, KubeLabs, KubeTools and DockerTools. You can follow me on Twitter(@ajeetsraina) & GitHub(@ajeetraina)

Setting up OpenStack Juno with 1 controller and compute node

6 min read

Here is a helpful script which just setup 1 OpenStack Juno controller and 1 compute node in an easy way:

File: controller-node-setup

#!/bin/bash

#get the configuration info
source config

#install ntp
yum -y install ntp
systemctl enable ntpd.service
systemctl start ntpd.service

#openstack repos
yum -y install yum-plugin-priorities
yum -y install http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-2.noarch.rpm
yum -y install http://rdo.fedorapeople.org/openstack-juno/rdo-release-juno.rpm
yum -y upgrade
#yum -y install openstack-selinux

#loosen things up
systemctl stop firewalld.service
systemctl disable firewalld.service
sed -i ‘s/enforcing/disabled/g’ /etc/selinux/config
echo 0 > /sys/fs/selinux/enforce

#install database server
yum -y install mariadb mariadb-server MySQL-python

#edit /etc/my.cnf
sed -i.bak “10i\\
bind-address = $CONTROLLER_IP\n\
default-storage-engine = innodb\n\
innodb_file_per_table\n\
collation-server = utf8_general_ci\n\
init-connect = ‘SET NAMES utf8’\n\
character-set-server = utf8\n\
” /etc/my.cnf

#start database server
systemctl enable mariadb.service
systemctl start mariadb.service

echo ‘now run through the mysql_secure_installation’
mysql_secure_installation

#create databases
echo ‘Enter the new MySQL root password’
mysql -u root -p <&1 | grep -q token_flush) || \
echo ‘@hourly /usr/bin/keystone-manage token_flush >/var/log/keystone/keystone-tokenflush.log 2>&1’ \
>> /var/spool/cron/keystone

#create users and tenants
export OS_SERVICE_TOKEN=$ADMIN_TOKEN
export OS_SERVICE_ENDPOINT=http://$CONTROLLER_IP:35357/v2.0
keystone tenant-create –name admin –description “Admin Tenant”
keystone user-create –name admin –pass $ADMIN_PWD
keystone role-create –name admin
keystone user-role-add –tenant admin –user admin –role admin
keystone role-create –name _member_
keystone user-role-add –tenant admin –user admin –role _member_
keystone tenant-create –name demo –description “Demo Tenant”
keystone user-create –name demo –pass password
keystone user-role-add –tenant demo –user demo –role _member_
keystone tenant-create –name service –description “Service Tenant”
keystone service-create –name keystone –type identity \
–description “OpenStack Identity”
keystone endpoint-create \
–service-id $(keystone service-list | awk ‘/ identity / {print $2}’) \
–publicurl http://$CONTROLLER_IP:5000/v2.0 \
–internalurl http://$CONTROLLER_IP:5000/v2.0 \
–adminurl http://$CONTROLLER_IP:35357/v2.0 \
–region regionOne
unset OS_SERVICE_TOKEN OS_SERVICE_ENDPOINT

#create credentials file
echo “export OS_TENANT_NAME=admin” > creds
echo “export OS_USERNAME=admin” >> creds
echo “export OS_PASSWORD=$ADMIN_PWD” >> creds
echo “export OS_AUTH_URL=http://$CONTROLLER_IP:35357/v2.0” >> creds
source creds

#create keystone entries for glance
keystone user-create –name glance –pass $SERVICE_PWD
keystone user-role-add –user glance –tenant service –role admin
keystone service-create –name glance –type image \
–description “OpenStack Image Service”
keystone endpoint-create \
–service-id $(keystone service-list | awk ‘/ image / {print $2}’) \
–publicurl http://$CONTROLLER_IP:9292 \
–internalurl http://$CONTROLLER_IP:9292 \
–adminurl http://$CONTROLLER_IP:9292 \
–region regionOne

#install glance
yum -y install openstack-glance python-glanceclient

#edit /etc/glance/glance-api.conf
sed -i.bak “/\[database\]/a \
connection = mysql://glance:$SERVICE_PWD@$CONTROLLER_IP/glance” /etc/glance/glance-api.conf

sed -i “/\[keystone_authtoken\]/a \
auth_uri = http://$CONTROLLER_IP:5000/v2.0\n\
identity_uri = http://$CONTROLLER_IP:35357\n\
admin_tenant_name = service\n\
admin_user = glance\n\
admin_password = $SERVICE_PWD” /etc/glance/glance-api.conf

sed -i “/\[paste_deploy\]/a \
flavor = keystone” /etc/glance/glance-api.conf

sed -i “/\[glance_store\]/a \
default_store = file\n\
filesystem_store_datadir = /var/lib/glance/images/” /etc/glance/glance-api.conf

#edit /etc/glance/glance-registry.conf
sed -i.bak “/\[database\]/a \
connection = mysql://glance:$SERVICE_PWD@$CONTROLLER_IP/glance” /etc/glance/glance-registry.conf

sed -i “/\[keystone_authtoken\]/a \
auth_uri = http://$CONTROLLER_IP:5000/v2.0\n\
identity_uri = http://$CONTROLLER_IP:35357\n\
admin_tenant_name = service\n\
admin_user = glance\n\
admin_password = $SERVICE_PWD” /etc/glance/glance-registry.conf

sed -i “/\[paste_deploy\]/a \
flavor = keystone” /etc/glance/glance-registry.conf

#start glance
su -s /bin/sh -c “glance-manage db_sync” glance
systemctl enable openstack-glance-api.service openstack-glance-registry.service
systemctl start openstack-glance-api.service openstack-glance-registry.service

#upload the cirros image to glance
yum -y install wget
wget http://cdn.download.cirros-cloud.net/0.3.3/cirros-0.3.3-x86_64-disk.img
glance image-create –name “cirros-0.3.3-x86_64” –file cirros-0.3.3-x86_64-disk.img \
–disk-format qcow2 –container-format bare –is-public True –progress

#create the keystone entries for nova
keystone user-create –name nova –pass $SERVICE_PWD
keystone user-role-add –user nova –tenant service –role admin
keystone service-create –name nova –type compute \
–description “OpenStack Compute”
keystone endpoint-create \
–service-id $(keystone service-list | awk ‘/ compute / {print $2}’) \
–publicurl http://$CONTROLLER_IP:8774/v2/%\(tenant_id\)s \
–internalurl http://$CONTROLLER_IP:8774/v2/%\(tenant_id\)s \
–adminurl http://$CONTROLLER_IP:8774/v2/%\(tenant_id\)s \
–region regionOne

#install the nova controller components
yum -y install openstack-nova-api openstack-nova-cert openstack-nova-conductor \
openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler \
python-novaclient

#edit /etc/nova/nova.conf
sed -i.bak “/\[database\]/a \
connection = mysql://nova:$SERVICE_PWD@$CONTROLLER_IP/nova” /etc/nova/nova.conf

sed -i “/\[DEFAULT\]/a \
rpc_backend = rabbit\n\
rabbit_host = $CONTROLLER_IP\n\
auth_strategy = keystone\n\
my_ip = $CONTROLLER_IP\n\
vncserver_listen = $CONTROLLER_IP\n\
vncserver_proxyclient_address = $CONTROLLER_IP\n\
network_api_class = nova.network.api.API\n\
security_group_api = nova” /etc/nova/nova.conf

sed -i “/\[keystone_authtoken\]/i \
[database]\nconnection = mysql://nova:Service123@$CONTROLLER_IP/nova” /etc/nova/nova.conf

sed -i “/\[keystone_authtoken\]/a \
auth_uri = http://$CONTROLLER_IP:5000/v2.0\n\
identity_uri = http://$CONTROLLER_IP:35357\n\
admin_tenant_name = service\n\
admin_user = nova\n\
admin_password = $SERVICE_PWD” /etc/nova/nova.conf

sed -i “/\[glance\]/a host = $CONTROLLER_IP” /etc/nova/nova.conf

#start nova
su -s /bin/sh -c “nova-manage db sync” nova

systemctl enable openstack-nova-api.service openstack-nova-cert.service \
openstack-nova-consoleauth.service openstack-nova-scheduler.service \
openstack-nova-conductor.service openstack-nova-novncproxy.service
systemctl start openstack-nova-api.service openstack-nova-cert.service \
openstack-nova-consoleauth.service openstack-nova-scheduler.service \
openstack-nova-conductor.service openstack-nova-novncproxy.service

#install dashboard
yum -y install openstack-dashboard httpd mod_wsgi memcached python-memcached

#edit /etc/openstack-dashboard/local_settings
sed -i.bak “s/ALLOWED_HOSTS = \[‘horizon.example.com’, ‘localhost’\]/ALLOWED_HOSTS = [‘*’]/” /etc/openstack-dashboard/local_settings
sed -i ‘s/OPENSTACK_HOST = “127.0.0.1”/OPENSTACK_HOST = “‘”$CONTROLLER_IP”‘”/’ /etc/openstack-dashboard/local_settings

#start dashboard
setsebool -P httpd_can_network_connect on
chown -R apache:apache /usr/share/openstack-dashboard/static
systemctl enable httpd.service memcached.service
systemctl start httpd.service memcached.service

#create keystone entries for cinder
keystone user-create –name cinder –pass $SERVICE_PWD
keystone user-role-add –user cinder –tenant service –role admin
keystone service-create –name cinder –type volume \
–description “OpenStack Block Storage”
keystone service-create –name cinderv2 –type volumev2 \
–description “OpenStack Block Storage”
keystone endpoint-create \
–service-id $(keystone service-list | awk ‘/ volume / {print $2}’) \
–publicurl http://$CONTROLLER_IP:8776/v1/%\(tenant_id\)s \
–internalurl http://$CONTROLLER_IP:8776/v1/%\(tenant_id\)s \
–adminurl http://$CONTROLLER_IP:8776/v1/%\(tenant_id\)s \
–region regionOne
keystone endpoint-create \
–service-id $(keystone service-list | awk ‘/ volumev2 / {print $2}’) \
–publicurl http://$CONTROLLER_IP:8776/v2/%\(tenant_id\)s \
–internalurl http://$CONTROLLER_IP:8776/v2/%\(tenant_id\)s \
–adminurl http://$CONTROLLER_IP:8776/v2/%\(tenant_id\)s \
–region regionOne

#install cinder controller
yum -y install openstack-cinder python-cinderclient python-oslo-db

#edit /etc/cinder/cinder.conf
sed -i.bak “/\[database\]/a connection = mysql://cinder:$SERVICE_PWD@$CONTROLLER_IP/cinder” /etc/cinder/cinder.conf

sed -i “/\[DEFAULT\]/a \
rpc_backend = rabbit\n\
rabbit_host = $CONTROLLER_IP\n\
auth_strategy = keystone\n\
my_ip = $CONTROLLER_IP” /etc/cinder/cinder.conf

sed -i “/\[keystone_authtoken\]/a \
auth_uri = http://$CONTROLLER_IP:5000/v2.0\n\
identity_uri = http://$CONTROLLER_IP:35357\n\
admin_tenant_name = service\n\
admin_user = cinder\n\
admin_password = $SERVICE_PWD” /etc/cinder/cinder.conf

#start cinder controller
su -s /bin/sh -c “cinder-manage db sync” cinder
systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service
systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service

Below is the script which setup the compute node.

#!/bin/bash
export http_proxy=http://moxy.us.dell.com:3128
export https_proxy=http://moxy.us.dell.com:3128
export ftp_proxy=http://moxy.us.dell.com:3128
source config

#install ntp
yum -y install ntp
systemctl enable ntpd.service
systemctl start ntpd.service

#openstack repos
yum -y install yum-plugin-priorities
yum -y install http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-2.noarch.rpm
yum -y install http://rdo.fedorapeople.org/openstack-juno/rdo-release-juno.rpm
yum -y upgrade
#yum -y install openstack-selinux

#loosen things up
systemctl stop firewalld.service
systemctl disable firewalld.service
sed -i ‘s/enforcing/disabled/g’ /etc/selinux/config
echo 0 > /sys/fs/selinux/enforce

#get name of 2nd NIC
for i in $(ls /sys/class/net); do
if [ “$(cat /sys/class/net/$i/ifindex)” == ‘3’ ]; then
NIC=$i
MY_MAC=$(cat /sys/class/net/$i/address)
echo “$i ($MY_MAC)”
fi
done

#nova compute
yum -y install openstack-nova-compute sysfsutils libvirt-daemon-config-nwfilter

sed -i.bak “/\[DEFAULT\]/a \
rpc_backend = rabbit\n\
rabbit_host = $CONTROLLER_IP\n\
auth_strategy = keystone\n\
my_ip = $THISHOST_IP\n\
vnc_enabled = True\n\
vncserver_listen = 0.0.0.0\n\
vncserver_proxyclient_address = $THISHOST_IP\n\
novncproxy_base_url = http://$CONTROLLER_IP:6080/vnc_auto.html” /etc/nova/nova.conf

sed -i “/\[keystone_authtoken\]/a \
auth_uri = http://$CONTROLLER_IP:5000/v2.0\n\
identity_uri = http://$CONTROLLER_IP:35357\n\
admin_tenant_name = service\n\
admin_user = nova\n\
admin_password = $SERVICE_PWD” /etc/nova/nova.conf

sed -i “/\[glance\]/a host = $CONTROLLER_IP” /etc/nova/nova.conf

#if compute node is virtual – change virt_type to qemu
if [ $(egrep -c ‘(vmx|svm)’ /proc/cpuinfo) == “0” ]; then
sed -i ‘/\[libvirt\]/a virt_type = qemu’ /etc/nova/nova.conf
fi

systemctl enable libvirtd.service openstack-nova-compute.service
systemctl start libvirtd.service
systemctl start openstack-nova-compute.service

yum -y install openstack-nova-network openstack-nova-api

sed -i “/\[DEFAULT\]/a \
network_api_class = nova.network.api.API\n\
security_group_api = nova\n\
firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver\n\
network_manager = nova.network.manager.FlatDHCPManager\n\
network_size = 254\n\
allow_same_net_traffic = True\n\
multi_host = True\n\
send_arp_for_ha = True\n\
share_dhcp_address = True\n\
force_dhcp_release = True\n\
flat_network_bridge = br100\n\
flat_interface = $NIC\n\
public_interface = $NIC” /etc/nova/nova.conf

systemctl enable openstack-nova-network.service openstack-nova-metadata-api.service
systemctl start openstack-nova-network.service openstack-nova-metadata-api.service

#cinder storage node
pvcreate /dev/sdb
vgcreate cinder-volumes /dev/sdb

yum -y install openstack-cinder targetcli python-oslo-db MySQL-python

sed -i.bak “/\[database\]/a connection = mysql://cinder:$SERVICE_PWD@$CONTROLLER_IP/cinder” /etc/cinder/cinder.conf
sed -i ‘0,/\[DEFAULT\]/s//\[DEFAULT\]\
rpc_backend = rabbit\
rabbit_host = ‘”$CONTROLLER_IP”‘\
auth_strategy = keystone\
my_ip = ‘”$THISHOST_IP”‘\
iscsi_helper = lioadm/’ /etc/cinder/cinder.conf
sed -i “/\[keystone_authtoken\]/a \
auth_uri = http://$CONTROLLER_IP:5000/v2.0\n\
identity_uri = http://$CONTROLLER_IP:35357\n\
admin_tenant_name = service\n\
admin_user = cinder\n\
admin_password = $SERVICE_PWD” /etc/cinder/cinder.conf

systemctl enable openstack-cinder-volume.service target.service
systemctl start openstack-cinder-volume.service target.service

echo ‘export OS_TENANT_NAME=admin’ > creds
echo ‘export OS_USERNAME=admin’ >> creds
echo ‘export OS_PASSWORD='”$ADMIN_PWD” >> creds
echo ‘export OS_AUTH_URL=http://'”$CONTROLLER_IP”‘:35357/v2.0’ >> creds
source creds

Have Queries? Join https://launchpass.com/collabnix

Ajeet Raina I am a Docker Captain, ARM Innovator & Docker Bangalore Community Leader. I am a maintainer of Collabnix blogging site. I work for Redis and a primary maintainer of https://developer.redis.com. I run Collabnix Community Slack with over 6500+ audience . We have built a popular projects like Docker Labs, KubeLabs, KubeTools and DockerTools. You can follow me on Twitter(@ajeetsraina) & GitHub(@ajeetraina)

What is a Dockerfile – A Step-By-Step Guide

A Dockerfile is a text file which contains a series of commands or instructions. These instructions are executed in the order in which they...
Ajeet Raina
21 min read

Docker Desktop for Linux,  Docker Extensions and more with…

Docker Desktop 4.8.2 is now available for download for Mac, Windows and Linux. Here are the major highlights: Docker Desktop for various Linux distributions made available for the first...
Ajeet Raina
1 min read

One Reply to “Setting up OpenStack Juno with 1 controller and compute…”

Leave a Reply