Ajeet Raina Docker Captain, ARM Innovator & Docker Bangalore Community Leader.

Setting up OpenStack Juno with 1 controller and compute node

6 min read

Here is a helpful script which just setup 1 OpenStack Juno controller and 1 compute node in an easy way:

File: controller-node-setup

#!/bin/bash

#get the configuration info
source config

#install ntp
yum -y install ntp
systemctl enable ntpd.service
systemctl start ntpd.service

#openstack repos
yum -y install yum-plugin-priorities
yum -y install http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-2.noarch.rpm
yum -y install http://rdo.fedorapeople.org/openstack-juno/rdo-release-juno.rpm
yum -y upgrade
#yum -y install openstack-selinux

#loosen things up
systemctl stop firewalld.service
systemctl disable firewalld.service
sed -i ‘s/enforcing/disabled/g’ /etc/selinux/config
echo 0 > /sys/fs/selinux/enforce

#install database server
yum -y install mariadb mariadb-server MySQL-python

#edit /etc/my.cnf
sed -i.bak “10i\\
bind-address = $CONTROLLER_IP\n\
default-storage-engine = innodb\n\
innodb_file_per_table\n\
collation-server = utf8_general_ci\n\
init-connect = ‘SET NAMES utf8’\n\
character-set-server = utf8\n\
” /etc/my.cnf

#start database server
systemctl enable mariadb.service
systemctl start mariadb.service

echo ‘now run through the mysql_secure_installation’
mysql_secure_installation

#create databases
echo ‘Enter the new MySQL root password’
mysql -u root -p <&1 | grep -q token_flush) || \
echo ‘@hourly /usr/bin/keystone-manage token_flush >/var/log/keystone/keystone-tokenflush.log 2>&1’ \
>> /var/spool/cron/keystone

#create users and tenants
export OS_SERVICE_TOKEN=$ADMIN_TOKEN
export OS_SERVICE_ENDPOINT=http://$CONTROLLER_IP:35357/v2.0
keystone tenant-create –name admin –description “Admin Tenant”
keystone user-create –name admin –pass $ADMIN_PWD
keystone role-create –name admin
keystone user-role-add –tenant admin –user admin –role admin
keystone role-create –name _member_
keystone user-role-add –tenant admin –user admin –role _member_
keystone tenant-create –name demo –description “Demo Tenant”
keystone user-create –name demo –pass password
keystone user-role-add –tenant demo –user demo –role _member_
keystone tenant-create –name service –description “Service Tenant”
keystone service-create –name keystone –type identity \
–description “OpenStack Identity”
keystone endpoint-create \
–service-id $(keystone service-list | awk ‘/ identity / {print $2}’) \
–publicurl http://$CONTROLLER_IP:5000/v2.0 \
–internalurl http://$CONTROLLER_IP:5000/v2.0 \
–adminurl http://$CONTROLLER_IP:35357/v2.0 \
–region regionOne
unset OS_SERVICE_TOKEN OS_SERVICE_ENDPOINT

#create credentials file
echo “export OS_TENANT_NAME=admin” > creds
echo “export OS_USERNAME=admin” >> creds
echo “export OS_PASSWORD=$ADMIN_PWD” >> creds
echo “export OS_AUTH_URL=http://$CONTROLLER_IP:35357/v2.0” >> creds
source creds

#create keystone entries for glance
keystone user-create –name glance –pass $SERVICE_PWD
keystone user-role-add –user glance –tenant service –role admin
keystone service-create –name glance –type image \
–description “OpenStack Image Service”
keystone endpoint-create \
–service-id $(keystone service-list | awk ‘/ image / {print $2}’) \
–publicurl http://$CONTROLLER_IP:9292 \
–internalurl http://$CONTROLLER_IP:9292 \
–adminurl http://$CONTROLLER_IP:9292 \
–region regionOne

#install glance
yum -y install openstack-glance python-glanceclient

#edit /etc/glance/glance-api.conf
sed -i.bak “/\[database\]/a \
connection = mysql://glance:$SERVICE_PWD@$CONTROLLER_IP/glance” /etc/glance/glance-api.conf

sed -i “/\[keystone_authtoken\]/a \
auth_uri = http://$CONTROLLER_IP:5000/v2.0\n\
identity_uri = http://$CONTROLLER_IP:35357\n\
admin_tenant_name = service\n\
admin_user = glance\n\
admin_password = $SERVICE_PWD” /etc/glance/glance-api.conf

sed -i “/\[paste_deploy\]/a \
flavor = keystone” /etc/glance/glance-api.conf

sed -i “/\[glance_store\]/a \
default_store = file\n\
filesystem_store_datadir = /var/lib/glance/images/” /etc/glance/glance-api.conf

#edit /etc/glance/glance-registry.conf
sed -i.bak “/\[database\]/a \
connection = mysql://glance:$SERVICE_PWD@$CONTROLLER_IP/glance” /etc/glance/glance-registry.conf

sed -i “/\[keystone_authtoken\]/a \
auth_uri = http://$CONTROLLER_IP:5000/v2.0\n\
identity_uri = http://$CONTROLLER_IP:35357\n\
admin_tenant_name = service\n\
admin_user = glance\n\
admin_password = $SERVICE_PWD” /etc/glance/glance-registry.conf

sed -i “/\[paste_deploy\]/a \
flavor = keystone” /etc/glance/glance-registry.conf

#start glance
su -s /bin/sh -c “glance-manage db_sync” glance
systemctl enable openstack-glance-api.service openstack-glance-registry.service
systemctl start openstack-glance-api.service openstack-glance-registry.service

#upload the cirros image to glance
yum -y install wget
wget http://cdn.download.cirros-cloud.net/0.3.3/cirros-0.3.3-x86_64-disk.img
glance image-create –name “cirros-0.3.3-x86_64” –file cirros-0.3.3-x86_64-disk.img \
–disk-format qcow2 –container-format bare –is-public True –progress

#create the keystone entries for nova
keystone user-create –name nova –pass $SERVICE_PWD
keystone user-role-add –user nova –tenant service –role admin
keystone service-create –name nova –type compute \
–description “OpenStack Compute”
keystone endpoint-create \
–service-id $(keystone service-list | awk ‘/ compute / {print $2}’) \
–publicurl http://$CONTROLLER_IP:8774/v2/%\(tenant_id\)s \
–internalurl http://$CONTROLLER_IP:8774/v2/%\(tenant_id\)s \
–adminurl http://$CONTROLLER_IP:8774/v2/%\(tenant_id\)s \
–region regionOne

#install the nova controller components
yum -y install openstack-nova-api openstack-nova-cert openstack-nova-conductor \
openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler \
python-novaclient

#edit /etc/nova/nova.conf
sed -i.bak “/\[database\]/a \
connection = mysql://nova:$SERVICE_PWD@$CONTROLLER_IP/nova” /etc/nova/nova.conf

sed -i “/\[DEFAULT\]/a \
rpc_backend = rabbit\n\
rabbit_host = $CONTROLLER_IP\n\
auth_strategy = keystone\n\
my_ip = $CONTROLLER_IP\n\
vncserver_listen = $CONTROLLER_IP\n\
vncserver_proxyclient_address = $CONTROLLER_IP\n\
network_api_class = nova.network.api.API\n\
security_group_api = nova” /etc/nova/nova.conf

sed -i “/\[keystone_authtoken\]/i \
[database]\nconnection = mysql://nova:Service123@$CONTROLLER_IP/nova” /etc/nova/nova.conf

sed -i “/\[keystone_authtoken\]/a \
auth_uri = http://$CONTROLLER_IP:5000/v2.0\n\
identity_uri = http://$CONTROLLER_IP:35357\n\
admin_tenant_name = service\n\
admin_user = nova\n\
admin_password = $SERVICE_PWD” /etc/nova/nova.conf

sed -i “/\[glance\]/a host = $CONTROLLER_IP” /etc/nova/nova.conf

#start nova
su -s /bin/sh -c “nova-manage db sync” nova

systemctl enable openstack-nova-api.service openstack-nova-cert.service \
openstack-nova-consoleauth.service openstack-nova-scheduler.service \
openstack-nova-conductor.service openstack-nova-novncproxy.service
systemctl start openstack-nova-api.service openstack-nova-cert.service \
openstack-nova-consoleauth.service openstack-nova-scheduler.service \
openstack-nova-conductor.service openstack-nova-novncproxy.service

#install dashboard
yum -y install openstack-dashboard httpd mod_wsgi memcached python-memcached

#edit /etc/openstack-dashboard/local_settings
sed -i.bak “s/ALLOWED_HOSTS = \[‘horizon.example.com’, ‘localhost’\]/ALLOWED_HOSTS = [‘*’]/” /etc/openstack-dashboard/local_settings
sed -i ‘s/OPENSTACK_HOST = “127.0.0.1”/OPENSTACK_HOST = “‘”$CONTROLLER_IP”‘”/’ /etc/openstack-dashboard/local_settings

#start dashboard
setsebool -P httpd_can_network_connect on
chown -R apache:apache /usr/share/openstack-dashboard/static
systemctl enable httpd.service memcached.service
systemctl start httpd.service memcached.service

#create keystone entries for cinder
keystone user-create –name cinder –pass $SERVICE_PWD
keystone user-role-add –user cinder –tenant service –role admin
keystone service-create –name cinder –type volume \
–description “OpenStack Block Storage”
keystone service-create –name cinderv2 –type volumev2 \
–description “OpenStack Block Storage”
keystone endpoint-create \
–service-id $(keystone service-list | awk ‘/ volume / {print $2}’) \
–publicurl http://$CONTROLLER_IP:8776/v1/%\(tenant_id\)s \
–internalurl http://$CONTROLLER_IP:8776/v1/%\(tenant_id\)s \
–adminurl http://$CONTROLLER_IP:8776/v1/%\(tenant_id\)s \
–region regionOne
keystone endpoint-create \
–service-id $(keystone service-list | awk ‘/ volumev2 / {print $2}’) \
–publicurl http://$CONTROLLER_IP:8776/v2/%\(tenant_id\)s \
–internalurl http://$CONTROLLER_IP:8776/v2/%\(tenant_id\)s \
–adminurl http://$CONTROLLER_IP:8776/v2/%\(tenant_id\)s \
–region regionOne

#install cinder controller
yum -y install openstack-cinder python-cinderclient python-oslo-db

#edit /etc/cinder/cinder.conf
sed -i.bak “/\[database\]/a connection = mysql://cinder:$SERVICE_PWD@$CONTROLLER_IP/cinder” /etc/cinder/cinder.conf

sed -i “/\[DEFAULT\]/a \
rpc_backend = rabbit\n\
rabbit_host = $CONTROLLER_IP\n\
auth_strategy = keystone\n\
my_ip = $CONTROLLER_IP” /etc/cinder/cinder.conf

sed -i “/\[keystone_authtoken\]/a \
auth_uri = http://$CONTROLLER_IP:5000/v2.0\n\
identity_uri = http://$CONTROLLER_IP:35357\n\
admin_tenant_name = service\n\
admin_user = cinder\n\
admin_password = $SERVICE_PWD” /etc/cinder/cinder.conf

#start cinder controller
su -s /bin/sh -c “cinder-manage db sync” cinder
systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service
systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service

Below is the script which setup the compute node.

#!/bin/bash
export http_proxy=http://moxy.us.dell.com:3128
export https_proxy=http://moxy.us.dell.com:3128
export ftp_proxy=http://moxy.us.dell.com:3128
source config

#install ntp
yum -y install ntp
systemctl enable ntpd.service
systemctl start ntpd.service

#openstack repos
yum -y install yum-plugin-priorities
yum -y install http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-2.noarch.rpm
yum -y install http://rdo.fedorapeople.org/openstack-juno/rdo-release-juno.rpm
yum -y upgrade
#yum -y install openstack-selinux

#loosen things up
systemctl stop firewalld.service
systemctl disable firewalld.service
sed -i ‘s/enforcing/disabled/g’ /etc/selinux/config
echo 0 > /sys/fs/selinux/enforce

#get name of 2nd NIC
for i in $(ls /sys/class/net); do
if [ “$(cat /sys/class/net/$i/ifindex)” == ‘3’ ]; then
NIC=$i
MY_MAC=$(cat /sys/class/net/$i/address)
echo “$i ($MY_MAC)”
fi
done

#nova compute
yum -y install openstack-nova-compute sysfsutils libvirt-daemon-config-nwfilter

sed -i.bak “/\[DEFAULT\]/a \
rpc_backend = rabbit\n\
rabbit_host = $CONTROLLER_IP\n\
auth_strategy = keystone\n\
my_ip = $THISHOST_IP\n\
vnc_enabled = True\n\
vncserver_listen = 0.0.0.0\n\
vncserver_proxyclient_address = $THISHOST_IP\n\
novncproxy_base_url = http://$CONTROLLER_IP:6080/vnc_auto.html” /etc/nova/nova.conf

sed -i “/\[keystone_authtoken\]/a \
auth_uri = http://$CONTROLLER_IP:5000/v2.0\n\
identity_uri = http://$CONTROLLER_IP:35357\n\
admin_tenant_name = service\n\
admin_user = nova\n\
admin_password = $SERVICE_PWD” /etc/nova/nova.conf

sed -i “/\[glance\]/a host = $CONTROLLER_IP” /etc/nova/nova.conf

#if compute node is virtual – change virt_type to qemu
if [ $(egrep -c ‘(vmx|svm)’ /proc/cpuinfo) == “0” ]; then
sed -i ‘/\[libvirt\]/a virt_type = qemu’ /etc/nova/nova.conf
fi

systemctl enable libvirtd.service openstack-nova-compute.service
systemctl start libvirtd.service
systemctl start openstack-nova-compute.service

yum -y install openstack-nova-network openstack-nova-api

sed -i “/\[DEFAULT\]/a \
network_api_class = nova.network.api.API\n\
security_group_api = nova\n\
firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver\n\
network_manager = nova.network.manager.FlatDHCPManager\n\
network_size = 254\n\
allow_same_net_traffic = True\n\
multi_host = True\n\
send_arp_for_ha = True\n\
share_dhcp_address = True\n\
force_dhcp_release = True\n\
flat_network_bridge = br100\n\
flat_interface = $NIC\n\
public_interface = $NIC” /etc/nova/nova.conf

systemctl enable openstack-nova-network.service openstack-nova-metadata-api.service
systemctl start openstack-nova-network.service openstack-nova-metadata-api.service

#cinder storage node
pvcreate /dev/sdb
vgcreate cinder-volumes /dev/sdb

yum -y install openstack-cinder targetcli python-oslo-db MySQL-python

sed -i.bak “/\[database\]/a connection = mysql://cinder:$SERVICE_PWD@$CONTROLLER_IP/cinder” /etc/cinder/cinder.conf
sed -i ‘0,/\[DEFAULT\]/s//\[DEFAULT\]\
rpc_backend = rabbit\
rabbit_host = ‘”$CONTROLLER_IP”‘\
auth_strategy = keystone\
my_ip = ‘”$THISHOST_IP”‘\
iscsi_helper = lioadm/’ /etc/cinder/cinder.conf
sed -i “/\[keystone_authtoken\]/a \
auth_uri = http://$CONTROLLER_IP:5000/v2.0\n\
identity_uri = http://$CONTROLLER_IP:35357\n\
admin_tenant_name = service\n\
admin_user = cinder\n\
admin_password = $SERVICE_PWD” /etc/cinder/cinder.conf

systemctl enable openstack-cinder-volume.service target.service
systemctl start openstack-cinder-volume.service target.service

echo ‘export OS_TENANT_NAME=admin’ > creds
echo ‘export OS_USERNAME=admin’ >> creds
echo ‘export OS_PASSWORD='”$ADMIN_PWD” >> creds
echo ‘export OS_AUTH_URL=http://'”$CONTROLLER_IP”‘:35357/v2.0’ >> creds
source creds

Have Queries? Join https://launchpass.com/collabnix

Ajeet Raina Docker Captain, ARM Innovator & Docker Bangalore Community Leader.

47 Replies to “Setting up OpenStack Juno with 1 controller and compute…”

  1. Very great post. I just stumbled upon your blog and wished to say that I’ve really enjoyed surfing around your weblog posts. In any case I will be subscribing to your feed and I’m hoping you write once more soon!

  2. I am no longer certain where you’re getting your info, however great topic. I must spend some time finding out more or figuring out more. Thank you for excellent information I was in search of this information for my mission.

  3. I love your blog.. very nice colors & theme. Did you create this website yourself? Plz reply back as I’m looking to create my own blog and would like to know wheere u got this from. thanks

  4. I have been surfing online more than 3 hours as of late, yet I never discovered any attention-grabbing article like yours. It is pretty worth sufficient for me. In my view, if all web owners and bloggers made excellent content material as you probably did, the web might be much more helpful than ever before.

  5. Nice read, I just passed this onto a colleague who was doing a little research on that. And he just bought me lunch as I found it for him smile Thus let me rephrase that: Thank you for lunch! “The guy with the biggest stomach will be the first to take off his shirt at a baseball game.” by Glenn Dickey.

  6. There are certainly loads of details like that to take into consideration. That may be a nice point to deliver up. I offer the ideas above as basic inspiration however clearly there are questions like the one you bring up the place crucial factor shall be working in trustworthy good faith. I don?t know if finest practices have emerged round things like that, however I’m certain that your job is clearly recognized as a fair game. Each boys and girls feel the influence of only a moment’s pleasure, for the rest of their lives.

  7. I like this blog so much, bookmarked. “Respect for the fragility and importance of an individual life is still the mark of an educated man.” by Norman Cousins.

  8. I’m still learning from you, as I’m making my way to the top as well. I definitely love reading everything that is posted on your blog.Keep the information coming. I liked it!

  9. Hi there very cool blog!! Man .. Excellent .. Superb .. I’ll bookmark your site and take the feeds also…I am glad to seek out a lot of helpful info right here within the post, we’d like develop more strategies in this regard, thanks for sharing. . . . . .

  10. hi!,I love your writing so so much! share we keep up a correspondence more approximately your post on AOL? I need a specialist in this space to unravel my problem. May be that’s you! Taking a look ahead to peer you.

  11. After study a few of the blog posts on your website now, and I truly like your way of blogging. I bookmarked it to my bookmark website list and will be checking back soon. Pls check out my web site as well and let me know what you think.

  12. I was very pleased to find this web-site.I wanted to thanks for your time for this wonderful read!! I definitely enjoying every little bit of it and I have you bookmarked to check out new stuff you blog post.

  13. I’ve been surfing online more than 3 hours today, yet I never found any interesting article like yours. It is pretty worth enough for me. Personally, if all webmasters and bloggers made good content as you did, the web will be much more useful than ever before.

  14. I would like to thnkx for the efforts you’ve put in writing this website. I’m hoping the same high-grade blog post from you in the upcoming also. In fact your creative writing skills has encouraged me to get my own site now. Actually the blogging is spreading its wings fast. Your write up is a good example of it.

  15. Definitely believe that which you stated. Your favorite justification appeared to be on the net the simplest thing to be aware of. I say to you, I certainly get irked while people consider worries that they just do not know about. You managed to hit the nail upon the top as well as defined out the whole thing without having side-effects , people can take a signal. Will likely be back to get more. Thanks

  16. Thank you a lot for sharing this with all people you actually realize what you’re talking approximately! Bookmarked. Kindly also discuss with my web site =). We may have a link alternate contract among us!

  17. Hi there! Would you mind if I share your blog with my myspace group? There’s a lot of folks that I think would really enjoy your content. Please let me know. Thank you

  18. I don’t even know how I ended up here, but I thought this post was great. I do not know who you are but definitely you’re going to a famous blogger if you are not already 😉 Cheers!

  19. obviously like your web site however you have to check the spelling on quite a few of your posts. Many of them are rife with spelling issues and I find it very troublesome to tell the reality on the other hand I¦ll definitely come again again.

  20. Hi, Neat post. There is an issue with your website in internet explorer, would check this… IE still is the market chief and a good component to other people will pass over your magnificent writing due to this problem.

Leave a Reply

Your email address will not be published.