====== Openstack HAVANA Installation and Configuration ======
Authors: Eric Frizziero (INFN Padova), Lisa Zangrando (INFN Padova)
==== Description ====
This guide provides the step-by-step installation and configuration procedure of Openstack HAVANA in //allinone// mode.
In particular the setup requires just a physical host (i.e. gilda-11.pd.infn.it) having two physical network cards (eth0 and eth1).
The "eth0" (ip: 193.206.210.223) is used for accessing the external network while the "eth1" (ip: 192.168.132.122) is used for accessing the internal network.
The Openstack framework is installed in a SL6 environment by using the packstack tool with the specific (i.e. local) network type to allocate tenant networks.
==== Prerequisites ====
* OS: SL6
* EthernetCard: eth0, eth1
==== Installation of repositories ====
rpm -Uvh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
yum install -y http://rdo.fedorapeople.org/rdo-release.rpm
yum clean all; yum update
==== Disable the yum-autoupdate ====
rpm -e --nodeps yum-autoupdate-2-5.2.noarch
==== RPMs installation ====
yum install -y openvswitch.x86_64
yum install -y openstack-neutron-openvswitch.noarch
yum install -y openstack-packstack
reboot
==== Host Network configuration ====
=== Configure the ethernet card "eth0" ===
cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0"
TYPE=OVSPort
DEVICETYPE=ovs
OVS_BRIDGE=br-ex
ONBOOT=yes
#PROMISC="yes" if VLAN is used
=== Create the bridge "br-ex" ===
cat /etc/sysconfig/network-scripts/ifcfg-br-ex
DEVICE="br-ex"
DEVICETYPE="ovs"
TYPE="OVSBridge"
BOOTPROTO="static"
DNS1="192.84.143.16"
GATEWAY="193.206.210.254"
IPADDR="193.206.210.223"
NETMASK="255.255.255.0"
ONBOOT="yes"
=== Configure the ethernet card "eth1" ===
cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE="eth1"
HWADDR="00:25:90:73:BB:51"
TYPE=OVSPort
DEVICETYPE=ovs
OVS_BRIDGE=br-int
ONBOOT="yes"
#VLAN="yes" if VLAN is used
=== Create the bridge "br-int" ===
cat /etc/sysconfig/network-scripts/ifcfg-br-int
DEVICE="br-int"
DEVICETYPE="ovs"
TYPE="OVSBridge"
BOOTPROTO="static"
IPADDR="192.168.132.122"
NETMASK="255.255.255.0"
ONBOOT="yes"
=== Network restart ===
chkconfig network on
/etc/init.d/network restart
=== Network configuration example ===
After restarting the network the configuration should be as the following:
ifconfig
br-ex Link encap:Ethernet HWaddr 00:25:90:73:BB:50
inet addr:193.206.210.223 Bcast:193.206.210.255 Mask:255.255.255.0
inet6 addr: fe80::246c:ddff:feca:d32e/64 Scope:Link
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:2977 errors:0 dropped:0 overruns:0 frame:0
TX packets:79 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:521469 (509.2 KiB) TX bytes:8969 (8.7 KiB)
br-int Link encap:Ethernet HWaddr 00:25:90:73:BB:51
inet addr:192.168.132.122 Bcast:192.168.132.255 Mask:255.255.255.0
inet6 addr: fe80::b0c5:15ff:fe75:3c0/64 Scope:Link
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:222 errors:0 dropped:0 overruns:0 frame:0
TX packets:14 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:29276 (28.5 KiB) TX bytes:804 (804.0 b)
eth0 Link encap:Ethernet HWaddr 00:25:90:73:BB:50
inet6 addr: fe80::225:90ff:fe73:bb50/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2997 errors:0 dropped:0 overruns:0 frame:0
TX packets:68 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:521885 (509.6 KiB) TX bytes:8435 (8.2 KiB)
Memory:feb60000-feb80000
eth1 Link encap:Ethernet HWaddr 00:25:90:73:BB:51
inet6 addr: fe80::225:90ff:fe73:bb51/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:253 errors:0 dropped:0 overruns:0 frame:0
TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:31166 (30.4 KiB) TX bytes:538 (538.0 b)
Memory:febe0000-fec00000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1 errors:0 dropped:0 overruns:0 frame:0
TX packets:1 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:93 (93.0 b) TX bytes:93 (93.0 b)
virbr0 Link encap:Ethernet HWaddr 52:54:00:04:02:7D
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
ovs-vsctl show
f917351b-1027-4acf-b771-9ed93ee52f26
Bridge br-int
Port br-int
Interface br-int
type: internal
Port "eth1"
Interface "eth1"
Bridge br-ex
Port br-ex
Interface br-ex
type: internal
Port "eth0"
Interface "eth0"
ovs_version: "1.11.0"
==== Openstack installation ====
This is the packstack-answers-file.txt used: {{:progetti:cloud-areapd:packstack-answers-file.txt|}}
packstack --answer-file=packstack-answers-file.txt
Note: used the property //CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE=local// in packstack-answers-file.txt
==== Openstack configuration ====
The services nova-api and the nova-metadata-api are both using the same port, 8775. Thus, the services are 'competing' for the port and one of them will not work (see: [[https://bugzilla.redhat.com/show_bug.cgi?id=1017058]])
It is necessary to execute the following steps (see:[[ http://openstack.redhat.com/forum/discussion/comment/913]]):
Edit /etc/nova/nova.conf to remove "metadata" from "enabled_apis" variable so it should be:
enabled_apis=ec2,osapi_compute
Restart the nova-api and nova-metadata-api services:
service openstack-nova-api restart
service openstack-nova-metadata-api restart
chkconfig openstack-nova-metadata-api on #auto start nova-metadata-api on boot
If you tried to start openstack-nova-metadata-api before editing nova.conf you may need to do:
rm -f /var/lock/subsys/openstack-nova-metadata-api
rm -f /var/run/nova/nova-metadata-api.pid
service openstack-nova-metadata-api restart
=== dhcp_agent.ini configuration ===
Edit /etc/neutron/dhcp_agent.ini and set the following properties:
enable_isolated_metadata = True
enable_metadata_network = True
Restart Neutron services
service neutron-dhcp-agent restart
service neutron-openvswitch-agent restart
=== ovs_neutron_plugin.ini configuration ===
This step is needed only if the packstack property //CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE=vlan// is used.
Edit /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini and set the following properties:
network_vlan_ranges = physnet1
bridge_mappings = physnet1:br-ex
Restart Neutron services
service neutron-dhcp-agent restart
service neutron-openvswitch-agent restart
=== Neutron network configuration ===
source keystonerc_admin
== Create the net "int-net" ==
neutron net-create int-net --provider:network_type local
Created a new network:
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| id | a3cbe3f5-a4a7-4dc8-86c9-493f0e6491b3 |
| name | int-net |
| provider:network_type | local |
| provider:physical_network | |
| provider:segmentation_id | |
| shared | False |
| status | ACTIVE |
| subnets | |
| tenant_id | cb49095ce6e24c5cbe00d2687d808b8d |
+---------------------------+--------------------------------------+
== Create the subnet "int-subnet" ==
neutron subnet-create int-net 192.168.252.0/24 --gateway 192.168.252.1 --name int-subnet --dns-nameserver 192.84.143.16 --allocation-pool start=192.168.252.2,end=192.168.252.254
Created a new subnet:
+------------------+------------------------------------------------------+
| Field | Value |
+------------------+------------------------------------------------------+
| allocation_pools | {"start": "192.168.252.2", "end": "192.168.252.254"} |
| cidr | 192.168.252.0/24 |
| dns_nameservers | 192.84.143.16 |
| enable_dhcp | True |
| gateway_ip | 192.168.252.1 |
| host_routes | |
| id | dde26418-aec8-4984-b623-8e5e182655e5 |
| ip_version | 4 |
| name | int-subnet |
| network_id | a3cbe3f5-a4a7-4dc8-86c9-493f0e6491b3 |
| tenant_id | cb49095ce6e24c5cbe00d2687d808b8d |
+------------------+------------------------------------------------------+
== Create the net "ext-net" ==
neutron net-create ext-net --provider:network_type local --router:external true
Created a new network:
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| id | f8976c9c-9e27-49c0-ab8c-5ba32dfea47d |
| name | ext-net |
| provider:network_type | local |
| provider:physical_network | |
| provider:segmentation_id | |
| router:external | True |
| shared | False |
| status | ACTIVE |
| subnets | |
| tenant_id | cb49095ce6e24c5cbe00d2687d808b8d |
+---------------------------+--------------------------------------+
== Create the subnet "ex-subnet" ==
neutron subnet-create ext-net 193.206.210.0/24 --gateway 193.206.210.254 --disable-dhcp --name ex-subnet --dns-nameserver 192.84.143.16 --allocation-pool start=193.206.210.165,end=193.206.210.165
Created a new subnet:
+------------------+--------------------------------------------------------+
| Field | Value |
+------------------+--------------------------------------------------------+
| allocation_pools | {"start": "193.206.210.165", "end": "193.206.210.165"} |
| cidr | 193.206.210.0/24 |
| dns_nameservers | 192.84.143.16 |
| enable_dhcp | False |
| gateway_ip | 193.206.210.254 |
| host_routes | |
| id | fddd7673-51ea-45b4-b712-26e9023abdcb |
| ip_version | 4 |
| name | ex-subnet |
| network_id | f8976c9c-9e27-49c0-ab8c-5ba32dfea47d |
| tenant_id | cb49095ce6e24c5cbe00d2687d808b8d |
+------------------+--------------------------------------------------------+
== Create and configure the Neutron router "ext-to-int" ==
neutron router-create ext-to-int
Created a new router:
+-----------------------+--------------------------------------+
| Field | Value |
+-----------------------+--------------------------------------+
| admin_state_up | True |
| external_gateway_info | |
| id | 5fc0c9bc-3544-4423-897d-a9777ccc96f3 |
| name | ext-to-int |
| status | ACTIVE |
| tenant_id | cb49095ce6e24c5cbe00d2687d808b8d |
+-----------------------+--------------------------------------+
neutron router-gateway-set ext-to-int ext-net
Set gateway for router ext-to-int
neutron router-interface-add ext-to-int int-subnet
Added interface 3f4baee8-f21e-4d89-91bb-d522c2e0d5e0 to router ext-to-int.
== Enable ping and SSH for VMs ==
Add the following security groups for enabling ping and SSH for VMs.
nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| icmp | -1 | -1 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
nova secgroup-add-rule default tcp 22 22 0.0.0.0/0
+-------------+-----------+---------+-----------+--------------+
| IP Protocol | From Port | To Port | IP Range | Source Group |
+-------------+-----------+---------+-----------+--------------+
| tcp | 22 | 22 | 0.0.0.0/0 | |
+-------------+-----------+---------+-----------+--------------+
== Set the static routing ==
sudo route add -net 192.168.252.0 netmask 255.255.255.0 gw 193.206.210.165