Differences

This shows you the differences between two versions of the page.

--- progetti:cloud-areapd:openstack_havana_installation [2014/01/09 14:09] – frizzier@infn.it
+++ progetti:cloud-areapd:openstack_havana_installation [2014/01/17 10:10] (current) – frizzier@infn.it
@@ Line 1: / Line 1: @@
+====== Openstack HAVANA Installation and Configuration ======
+Authors: Eric Frizziero (INFN Padova), Lisa Zangrando (INFN Padova)
+==== Description ====
+This guide provides the step-by-step installation and configuration procedure of Openstack HAVANA in //allinone// mode.
+In particular the setup requires just a physical host (i.e. gilda-11.pd.infn.it) having two physical network cards (eth0 and eth1).
+The "eth0" (ip: 193.206.210.223) is used for accessing the external network while the "eth1" (ip: 192.168.132.122) is used for accessing  the internal network.
+The Openstack framework is installed in a SL6 environment by using the packstack tool with the specific (i.e. local) network type to allocate tenant networks.
+==== Prerequisites ====
+   * OS: SL6
+   * EthernetCard: eth0, eth1
+==== Installation of repositories ====
+<code bash>
+rpm -Uvh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
+yum install -y http://rdo.fedorapeople.org/rdo-release.rpm
+yum clean all; yum update
+</code>
+==== Disable the yum-autoupdate ====
+<code bash>
+rpm -e --nodeps yum-autoupdate-2-5.2.noarch
+</code>
+==== RPMs installation ====
+<code bash>
+yum install -y openvswitch.x86_64
+yum install -y openstack-neutron-openvswitch.noarch
+yum install -y openstack-packstack
+reboot
+</code>
+==== Host Network configuration ====
+=== Configure the ethernet card "eth0" ===
+<code bash>
+cat /etc/sysconfig/network-scripts/ifcfg-eth0
+DEVICE="eth0"
+TYPE=OVSPort
+DEVICETYPE=ovs
+OVS_BRIDGE=br-ex
+ONBOOT=yes
+#PROMISC="yes" if VLAN is used
+</code>
+=== Create the bridge "br-ex" ===
+<code bash>
+cat /etc/sysconfig/network-scripts/ifcfg-br-ex
+DEVICE="br-ex"
+DEVICETYPE="ovs"
+TYPE="OVSBridge"
+BOOTPROTO="static"
+DNS1="192.84.143.16"
+GATEWAY="193.206.210.254"
+IPADDR="193.206.210.223"
+NETMASK="255.255.255.0"
+ONBOOT="yes"
+</code>
+=== Configure the ethernet card "eth1" ===
+<code bash>
+cat /etc/sysconfig/network-scripts/ifcfg-eth1
+DEVICE="eth1"
+HWADDR="00:25:90:73:BB:51"
+TYPE=OVSPort
+DEVICETYPE=ovs
+OVS_BRIDGE=br-int
+ONBOOT="yes"
+#VLAN="yes" if VLAN is used
+</code>
+=== Create the bridge "br-int" ===
+<code bash>
+cat /etc/sysconfig/network-scripts/ifcfg-br-int
+DEVICE="br-int"
+DEVICETYPE="ovs"
+TYPE="OVSBridge"
+BOOTPROTO="static"
+IPADDR="192.168.132.122"
+NETMASK="255.255.255.0"
+ONBOOT="yes"
+</code>
+=== Network restart ===
+<code bash>
+chkconfig network on
+/etc/init.d/network restart
+</code>
+=== Network configuration example ===
+After restarting the network the configuration should be as the following:
+<code bash>
+ifconfig
+br-ex     Link encap:Ethernet  HWaddr 00:25:90:73:BB:50
+          inet addr:193.206.210.223  Bcast:193.206.210.255  Mask:255.255.255.0
+          inet6 addr: fe80::246c:ddff:feca:d32e/64 Scope:Link
+          UP BROADCAST RUNNING  MTU:1500  Metric:1
+          RX packets:2977 errors:0 dropped:0 overruns:0 frame:0
+          TX packets:79 errors:0 dropped:0 overruns:0 carrier:0
+          collisions:0 txqueuelen:0
+          RX bytes:521469 (509.2 KiB)  TX bytes:8969 (8.7 KiB)
+br-int    Link encap:Ethernet  HWaddr 00:25:90:73:BB:51
+          inet addr:192.168.132.122  Bcast:192.168.132.255  Mask:255.255.255.0
+          inet6 addr: fe80::b0c5:15ff:fe75:3c0/64 Scope:Link
+          UP BROADCAST RUNNING  MTU:1500  Metric:1
+          RX packets:222 errors:0 dropped:0 overruns:0 frame:0
+          TX packets:14 errors:0 dropped:0 overruns:0 carrier:0
+          collisions:0 txqueuelen:0
+          RX bytes:29276 (28.5 KiB)  TX bytes:804 (804.0 b)
+eth0      Link encap:Ethernet  HWaddr 00:25:90:73:BB:50
+          inet6 addr: fe80::225:90ff:fe73:bb50/64 Scope:Link
+          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
+          RX packets:2997 errors:0 dropped:0 overruns:0 frame:0
+          TX packets:68 errors:0 dropped:0 overruns:0 carrier:0
+          collisions:0 txqueuelen:1000
+          RX bytes:521885 (509.6 KiB)  TX bytes:8435 (8.2 KiB)
+          Memory:feb60000-feb80000
+eth1      Link encap:Ethernet  HWaddr 00:25:90:73:BB:51
+          inet6 addr: fe80::225:90ff:fe73:bb51/64 Scope:Link
+          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
+          RX packets:253 errors:0 dropped:0 overruns:0 frame:0
+          TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
+          collisions:0 txqueuelen:1000
+          RX bytes:31166 (30.4 KiB)  TX bytes:538 (538.0 b)
+          Memory:febe0000-fec00000
+lo        Link encap:Local Loopback
+          inet addr:127.0.0.1  Mask:255.0.0.0
+          inet6 addr: ::1/128 Scope:Host
+          UP LOOPBACK RUNNING  MTU:16436  Metric:1
+          RX packets:1 errors:0 dropped:0 overruns:0 frame:0
+          TX packets:1 errors:0 dropped:0 overruns:0 carrier:0
+          collisions:0 txqueuelen:0
+          RX bytes:93 (93.0 b)  TX bytes:93 (93.0 b)
+virbr0    Link encap:Ethernet  HWaddr 52:54:00:04:02:7D
+          inet addr:192.168.122.1  Bcast:192.168.122.255  Mask:255.255.255.0
+          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
+          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
+          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
+          collisions:0 txqueuelen:0
+          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
+</code>
+<code bash>
+ovs-vsctl show
+f917351b-1027-4acf-b771-9ed93ee52f26
+    Bridge br-int
+        Port br-int
+            Interface br-int
+                type: internal
+        Port "eth1"
+            Interface "eth1"
+    Bridge br-ex
+        Port br-ex
+            Interface br-ex
+                type: internal
+        Port "eth0"
+            Interface "eth0"
+    ovs_version: "1.11.0"
+</code>
+==== Openstack installation ====
+This is the packstack-answers-file.txt used: {{:progetti:cloud-areapd:packstack-answers-file.txt|}}
+<code bash>
+packstack --answer-file=packstack-answers-file.txt
+</code>
+Note: used the property //CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE=local// in packstack-answers-file.txt
+==== Openstack configuration ====
+The services nova-api and the nova-metadata-api are both using the same port, 8775. Thus, the services are 'competing' for the port and one of them will not work (see: [[https://bugzilla.redhat.com/show_bug.cgi?id=1017058]])
+It is necessary to execute the following steps (see:[[ http://openstack.redhat.com/forum/discussion/comment/913]]):
+Edit /etc/nova/nova.conf to remove "metadata" from "enabled_apis" variable so it should be:
+<code bash>
+enabled_apis=ec2,osapi_compute
+</code>
+Restart the nova-api and nova-metadata-api services:
+<code bash>
+service openstack-nova-api restart
+service openstack-nova-metadata-api restart
+chkconfig openstack-nova-metadata-api on #auto start nova-metadata-api on boot
+</code>
+If you tried to start openstack-nova-metadata-api before editing nova.conf you may need to do:
+<code bash>
+rm -f /var/lock/subsys/openstack-nova-metadata-api
+rm -f /var/run/nova/nova-metadata-api.pid
+service openstack-nova-metadata-api restart
+</code>
+=== dhcp_agent.ini configuration ===
+Edit /etc/neutron/dhcp_agent.ini and set the following properties:
+<code bash>
+enable_isolated_metadata = True
+enable_metadata_network = True
+</code>
+Restart Neutron services
+<code bash>
+service neutron-dhcp-agent restart
+service neutron-openvswitch-agent restart
+</code>
+=== ovs_neutron_plugin.ini configuration ===
+This step is needed only if the packstack property //CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE=vlan// is used.
+Edit /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini and set the following properties:
+<code bash>
+network_vlan_ranges = physnet1
+bridge_mappings = physnet1:br-ex
+</code>
+Restart Neutron services
+<code bash>
+service neutron-dhcp-agent restart
+service neutron-openvswitch-agent restart
+</code>
+=== Neutron network configuration ===
+<code bash>
+source keystonerc_admin
+</code>
+== Create the net "int-net" ==
+<code bash>
+neutron net-create int-net --provider:network_type local
+Created a new network:
++---------------------------+--------------------------------------+
+| Field                     | Value                                |
++---------------------------+--------------------------------------+
+| admin_state_up            | True                                 |
+| id                        | a3cbe3f5-a4a7-4dc8-86c9-493f0e6491b3 |
+| name                      | int-net                              |
+| provider:network_type     | local                                |
+| provider:physical_network |                                      |
+| provider:segmentation_id  |                                      |
+| shared                    | False                                |
+| status                    | ACTIVE                               |
+| subnets                   |                                      |
+| tenant_id                 | cb49095ce6e24c5cbe00d2687d808b8d     |
++---------------------------+--------------------------------------+
+</code>
+== Create the subnet "int-subnet" ==
+<code bash>
+neutron subnet-create int-net 192.168.252.0/24 --gateway 192.168.252.1 --name int-subnet --dns-nameserver 192.84.143.16 --allocation-pool start=192.168.252.2,end=192.168.252.254
+Created a new subnet:
++------------------+------------------------------------------------------+
+| Field            | Value                                                |
++------------------+------------------------------------------------------+
+| allocation_pools | {"start": "192.168.252.2", "end": "192.168.252.254"} |
+| cidr             | 192.168.252.0/24                                     |
+| dns_nameservers  | 192.84.143.16                                        |
+| enable_dhcp      | True                                                 |
+| gateway_ip       | 192.168.252.1                                        |
+| host_routes      |                                                      |
+| id               | dde26418-aec8-4984-b623-8e5e182655e5                 |
+| ip_version       | 4                                                    |
+| name             | int-subnet                                           |
+| network_id       | a3cbe3f5-a4a7-4dc8-86c9-493f0e6491b3                 |
+| tenant_id        | cb49095ce6e24c5cbe00d2687d808b8d                     |
++------------------+------------------------------------------------------+
+</code>
+== Create the net "ext-net" ==
+<code bash>
+neutron net-create ext-net --provider:network_type local --router:external true
+Created a new network:
++---------------------------+--------------------------------------+
+| Field                     | Value                                |
++---------------------------+--------------------------------------+
+| admin_state_up            | True                                 |
+| id                        | f8976c9c-9e27-49c0-ab8c-5ba32dfea47d |
+| name                      | ext-net                              |
+| provider:network_type     | local                                |
+| provider:physical_network |                                      |
+| provider:segmentation_id  |                                      |
+| router:external           | True                                 |
+| shared                    | False                                |
+| status                    | ACTIVE                               |
+| subnets                   |                                      |
+| tenant_id                 | cb49095ce6e24c5cbe00d2687d808b8d     |
++---------------------------+--------------------------------------+
+</code>
+== Create the subnet "ex-subnet" ==
+<code bash>
+neutron subnet-create ext-net 193.206.210.0/24 --gateway 193.206.210.254 --disable-dhcp --name ex-subnet --dns-nameserver 192.84.143.16 --allocation-pool start=193.206.210.165,end=193.206.210.165
+Created a new subnet:
++------------------+--------------------------------------------------------+
+| Field            | Value                                                  |
++------------------+--------------------------------------------------------+
+| allocation_pools | {"start": "193.206.210.165", "end": "193.206.210.165"} |
+| cidr             | 193.206.210.0/24                                       |
+| dns_nameservers  | 192.84.143.16                                          |
+| enable_dhcp      | False                                                  |
+| gateway_ip       | 193.206.210.254                                        |
+| host_routes      |                                                        |
+| id               | fddd7673-51ea-45b4-b712-26e9023abdcb                   |
+| ip_version       | 4                                                      |
+| name             | ex-subnet                                              |
+| network_id       | f8976c9c-9e27-49c0-ab8c-5ba32dfea47d                   |
+| tenant_id        | cb49095ce6e24c5cbe00d2687d808b8d                       |
++------------------+--------------------------------------------------------+
+</code>
+== Create and configure the Neutron router "ext-to-int" ==
+<code bash>
+neutron router-create ext-to-int
+Created a new router:
++-----------------------+--------------------------------------+
+| Field                 | Value                                |
++-----------------------+--------------------------------------+
+| admin_state_up        | True                                 |
+| external_gateway_info |                                      |
+| id                    | 5fc0c9bc-3544-4423-897d-a9777ccc96f3 |
+| name                  | ext-to-int                           |
+| status                | ACTIVE                               |
+| tenant_id             | cb49095ce6e24c5cbe00d2687d808b8d     |
++-----------------------+--------------------------------------+
+neutron router-gateway-set ext-to-int ext-net
+Set gateway for router ext-to-int
+neutron router-interface-add ext-to-int int-subnet
+Added interface 3f4baee8-f21e-4d89-91bb-d522c2e0d5e0 to router ext-to-int.
+</code>
+== Enable ping and SSH for VMs ==
+Add the following security groups for enabling ping and SSH for VMs.
+<code bash>
+nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0
++-------------+-----------+---------+-----------+--------------+
+| IP Protocol | From Port | To Port | IP Range  | Source Group |
++-------------+-----------+---------+-----------+--------------+
+| icmp        | -1        | -1      | 0.0.0.0/0 |              |
++-------------+-----------+---------+-----------+--------------+
+nova secgroup-add-rule default tcp 22 22 0.0.0.0/0
++-------------+-----------+---------+-----------+--------------+
+| IP Protocol | From Port | To Port | IP Range  | Source Group |
++-------------+-----------+---------+-----------+--------------+
+| tcp         | 22        | 22      | 0.0.0.0/0 |              |
++-------------+-----------+---------+-----------+--------------+
+</code>
+== Set the static routing ==
+<code bash>
+sudo route add -net 192.168.252.0 netmask 255.255.255.0 gw 193.206.210.165
+</code>