You are on page 1of 74

OpenStack 2013.

Step by Step
Luis Gervaso
luis@woorea.es
@woorea
Saturday, March 23, 2013

Environment
VirtualBox 4.2.10
https://www.virtualbox.org/wiki/Downloads
Vagrant v1.1.2
http://downloads.vagrantup.com
Ubuntu Precise 64bits
http://files.vagrantup.com/precise64.box

@woorea
Saturday, March 23, 2013

Vagrant
$ vagrant init precise64 http://files.vagrantup.com/precise64.box
$ vi Vagrantfile
config.vm.provider :virtualbox do |vbox|
vbox.customize ["modifyvm", :id, "--memory", "2048"]
end
config.vm.network :private_network, ip: "192.168.0.254"
config.vm.network :private_network, ip: "10.0.0.254"
config.vm.network :forwarded_port, guest: 80, host: 8181
$ vagrant up
$ vagrant ssh
@woorea
Saturday, March 23, 2013

OpenStack 2013.1

Saturday, March 23, 2013

OpenStack Grizzly

# apt-get install vim python-software-properties


# add-apt-repository ppa:openstack-ubuntu-testing/grizzly-trunk-testing
# apt-get update
# apt-get dist-upgrade

@woorea
Saturday, March 23, 2013

issues
# init 0
$ vagrant up
...
The following SSH command responded with a non-zero exit status.
Vagrant assumes that this means the command failed!

mount -t vboxsf -o uid=`id -u vagrant`,gid=`id -g vagrant` v-root /vagrant

@woorea
Saturday, March 23, 2013

solution
$ vagrant ssh
# sudo -i
# apt-get install make
# /etc/init.d/vboxadd setup
# init 0
$ vagrant up
$ vagrant ssh
@woorea
Saturday, March 23, 2013

OpenStack Grizzly

# vi /etc/sysctl.conf
net.ipv4.ip_forward=1
# sysctl -p

@woorea
Saturday, March 23, 2013

Network Time Protocol


# apt-get install ntp
# vi /etc/ntp.conf

server 127.127.0.1
fudge 127.127.0.1 stratum 10

# service ntp restart


@woorea
Saturday, March 23, 2013

Network Time Protocol


# ntpq
ntpq> lpeers
remote

refid

================================
tb.mircx.com

131.107.13.100

web1.amdgtechno 209.51.161.238
...
ntpq> exit
@woorea
Saturday, March 23, 2013

Network Time Protocol

#iptables -A input -p udp --dport 123 -j ACCEPT


#iptables -A output -p udp --sport 123 -j ACCEPT

@woorea
Saturday, March 23, 2013

Network Time Protocol


#/etc/cron.daily/ntpdate

#!/bin/sh
# Current System Time < NTP
ntpdate <my_ntp_server>
# Hardware Clock < Current System Time.
hwclock -w
@woorea
Saturday, March 23, 2013

MySQL

# apt-get install mysql-server python-mysqldb


MySQL password : secret0
# vi /etc/mysql/my.cnf
bind-address = 0.0.0.0
# service mysql restart

@woorea
Saturday, March 23, 2013

RabbitMQ

# apt-get install rabbitmq-server

@woorea
Saturday, March 23, 2013

Installing Keystone

Saturday, March 23, 2013

Keystone
# apt-get install keystone
# mysql -u root -psecret0
mysql> create database keystone;
mysql> grant all privileges on keystone.* to keystone@"localhost" identified by "secret0";
mysql> exit

# vi /etc/keystone/keystone.conf
connection = mysql://keystone:secret0@localhost/keystone

@woorea
Saturday, March 23, 2013

Keystone

# keystone-manage db_sync
# mysql -u keystone -psecret0 keystone
mysql>show tables;
# service keystone restart

+------------------------+
| Tables_in_keystone
|
+------------------------+
| credential
|
| domain
|
| ec2_credential
|
| endpoint
|
| group
|
| group_domain_metadata |
| group_project_metadata |
| metadata
|
| migrate_version
|
| policy
|
| project
|
| role
|
| service
|
| token
|
| user
|
| user_domain_metadata
|
| user_group_membership |
| user_project_metadata |
+------------------------+
@woorea

Saturday, March 23, 2013

~/.profile
# vi ~/.profile
export SERVICE_TOKEN=ADMIN
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=secret0
export OS_AUTH_URL=http://192.168.0.254:5000/v2.0/
export SERVICE_ENDPOINT=http://localhost:35357/v2.0/
# . ~/.profile
@woorea
Saturday, March 23, 2013

keystone tenant-create

# keystone tenant-create --name admin

+-------------+----------------------------------+
|
Property |
Value
|
+-------------+----------------------------------+
| description |
|
|
enabled
|
True
|
|
id
| 5c525e40f6a14daa8fb0a4e4989dea95 |
|
name
|
admin
|
+-------------+----------------------------------+

@woorea
Saturday, March 23, 2013

keystone tenant-create

# keystone tenant-create --name service

+-------------+----------------------------------+
|
Property |
Value
|
+-------------+----------------------------------+
| description |
|
|
enabled
|
True
|
|
id
| bc3bad45980047608dd8a9ba8af55fc2 |
|
name
|
service
|
+-------------+----------------------------------+

@woorea
Saturday, March 23, 2013

keystone tenant-list

# keystone tenant-list

+----------------------------------+---------+---------+
|
id
|
name | enabled |
+----------------------------------+---------+---------+
| 5c525e40f6a14daa8fb0a4e4989dea95 | admin |
True |
| bc3bad45980047608dd8a9ba8af55fc2 | service |
True |
+----------------------------------+---------+---------+

@woorea
Saturday, March 23, 2013

keystone role-create

# keystone role-create --name admin

+----------+----------------------------------+
| Property |
Value
|
+----------+----------------------------------+
|
id
| caae1042a6cd4cd683ad2f9785bced94 |
|
name
|
admin
|
+----------+----------------------------------+

@woorea
Saturday, March 23, 2013

keystone role-create

# keystone role-create --name Member

+----------+----------------------------------+
| Property |
Value
|
+----------+----------------------------------+
|
id
| 3f9970f21139477faa00003fa67010f2 |
|
name
|
Member
|
+----------+----------------------------------+

@woorea
Saturday, March 23, 2013

keystone role-create

# keystone role-list

+----------------------------------+----------+-------+
| id
| name
| extra |
+----------------------------------+----------+-------+
| 3f9970f21139477faa00003fa67010f2 | Member
| {}
|
| caae1042a6cd4cd683ad2f9785bced94 | admin
| {}
|
+----------------------------------+----------+-------+

@woorea
Saturday, March 23, 2013

keystone user-create

# keystone user-create --name admin --pass secret0 --email luis@woorea.es

+----------+----------------------------------+
| Property |
Value
|
+----------+----------------------------------+
| email
|
luis@woorea.es
|
| enabled |
True
|
|
id
| d370493f461a483ca545617b7dbab448 |
|
name
|
admin
|
| tenantId |
|
+----------+----------------------------------+

@woorea
Saturday, March 23, 2013

keystone user-list

# keystone user-list

+----------------------------------+---------+---------+----------------+
|
id
|
name | enabled |
email
|
+----------------------------------+---------+---------+----------------+
| d370493f461a483ca545617b7dbab448 | admin |
True | luis@woorea.es |
+----------------------------------+---------+---------+----------------+

@woorea
Saturday, March 23, 2013

keystone user-role-add

# keystone user-role-add --tenant admin --user admin --role admin

NO OUTPUT!!!

@woorea
Saturday, March 23, 2013

keystone service-create

# keystone service-create --name keystone \


--type identity --description "Identity Manager Service"

+-------------+----------------------------------+
|
Property |
Value
|
+-------------+----------------------------------+
| description |
Identity Manager Service
|
|
id
| 4c22b42decfd4ef3b1803f5d62791b1d |
|
name
|
keystone
|
|
type
|
identity
|
+-------------+----------------------------------+

@woorea
Saturday, March 23, 2013

keystone endpoint-create
# keystone endpoint-create --region madrid \
--service_id 4c22b42decfd4ef3b1803f5d62791b1d \
--publicurl "http://192.168.254:5000/v2.0" \
--adminurl "http://localhost:35357/v2.0" \
--internalurl "http://localhost:5000/v2.0"
+-------------+----------------------------------+
|
Property |
Value
|
+-------------+----------------------------------+
|
adminurl |
http://localhost:35357/v2.0
|
|
id
| 510d919f19404cf2ade064f94662e778 |
| internalurl |
http://localhost:5000/v2.0
|
| publicurl |
http://192.168.0.254:5000/v2.0 |
|
region
|
madrid
|
| service_id | 4c22b42decfd4ef3b1803f5d62791b1d |
+-------------+----------------------------------+
@woorea
Saturday, March 23, 2013

Installing Glance

Saturday, March 23, 2013

Glance

# apt-get install glance


# mysql -u root -psecret0
mysql> create database glance;
mysql> grant all privileges on glance.* to glance@"localhost" identified by "secret0";
mysql> exit

@woorea
Saturday, March 23, 2013

Glance

# keystone user-create --name glance --pass secret0 --email luis@woorea.es


# keystone user-role-add --tenant service --user glance --role admin

@woorea
Saturday, March 23, 2013

Glance
# keystone service-create --name glance \
--type image --description "Images Registry Service"
# keystone endpoint-create --region madrid \
--service_id 55cc2e173f8f437cb0f97a9d4e8ac9da \
--publicurl "http://192.168.0.254:9292/v2.0" \
--adminurl "http://localhost:9292/v2.0" \
--internalurl "http://localhost:9292/v2.0"

@woorea
Saturday, March 23, 2013

/etc/glance/glance-api.conf
sql_connection = mysql://glance:secret0@localhost/glance
[keystone_authtoken]
auth_host = 127.0.0.1
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = glance
admin_password = secret0
[paste_deploy]
flavor = keystone
@woorea
Saturday, March 23, 2013

/etc/glance/glance-registry.conf
connection = mysql://glance:secret0@localhost/glance
[keystone_authtoken]
auth_host = 127.0.0.1
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = glance
admin_password = secret0
[paste_deploy]
flavor = keystone
@woorea
Saturday, March 23, 2013

Glance

# glance-manage db_sync
# mysql -u glance -psecret0 glance
mysql>show tables;

+------------------+
| Tables_in_glance |
+------------------+
| image_locations |
| image_members
|
| image_properties |
| image_tags
|
| images
|
| migrate_version |
+------------------+

@woorea
Saturday, March 23, 2013

Glance

# service glance-api restart


# service glance-registry restart

@woorea
Saturday, March 23, 2013

glance image-create

# wget http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img
# glance image-create --name "cirros64" \
--is-public true \
--container-format bare \
--disk-format qcow2 \
< cirros-0.3.1-x86_64-disk.img

@woorea
Saturday, March 23, 2013

glance image-create
# glance image-create (cont.)
+------------------+--------------------------------------+
| Property
| Value
|
+------------------+--------------------------------------+
| checksum
| d972013792949d0d3ba628fbe8685bce
|
| container_format | bare
|
| created_at
| 2013-03-21T15:07:39
|
| deleted
| False
|
| deleted_at
| None
|
| disk_format
| qcow2
|
| id
| 1e6faa46-788f-412d-aa22-78660e78cc00 |
| is_public
| True
|
| min_disk
| 0
|
| min_ram
| 0
|
| name
| cirros64
|
| owner
| 5c525e40f6a14daa8fb0a4e4989dea95
|
| protected
| False
|
| size
| 13147648
|
| status
| active
|
| updated_at
| 2013-03-21T15:07:40
|
+------------------+--------------------------------------+
@woorea
Saturday, March 23, 2013

glance index

# glance index
ID
Name
Disk Format Container Format Size
------------------------------------ ----------- ------------ ----------------- --------1e6faa46-788f-412d-aa22-78660e78cc00 cirros64
qcow2
bare
13147648

@woorea
Saturday, March 23, 2013

Installing Cinder

Saturday, March 23, 2013

Cinder

# apt-get install cinder-api \


cinder-scheduler \
cinder-volume \
python-cinderclient

@woorea
Saturday, March 23, 2013

Block Device
# dd if=/dev/zero of=~/cinder-volumes bs=1 count=0 seek=2G
# losetup -f ~/cinder-volumes
# losetup -a
/dev/loop0: [fc00]:138680 (/root/cinder-volumes)
# pvcreate /dev/loop0
# vgcreate cinder-volumes /dev/loop0
# pvscan
PV /dev/sda5

VG precise64

lvm2 [79.76 GiB / 0

free]

PV /dev/loop0 VG cinder-volumes lvm2 [2.00 GiB / 2.00 GiB free]


Total: 2 [81.75 GiB] / in use: 2 [81.75 GiB] / in no VG: 0 [0 ]
@woorea
Saturday, March 23, 2013

# mysql -u root -psecret0


mysql> create database cinder;
mysql> grant all privileges on cinder.* to cinder@"localhost" identified by "secret0";
mysql> exit

@woorea
Saturday, March 23, 2013

Cinder

# keystone user-create --name cinder --pass secret0 --email luis@woorea.es


# keystone user-role-add --tenant service --user cinder --role admin

@woorea
Saturday, March 23, 2013

Cinder
# keystone service-create --name cinder \
--type volume --description "Volume Service"
# keystone endpoint-create --region madrid \
--service_id 24580595b4e0438ca9fe165a27d22c0d \
--publicurl "http://192.168.0.254:8776/v1/%(tenant_id)s" \
--adminurl "http://localhost:8776/v1/%(tenant_id)s" \
--internalurl "http://localhost:8776/v1/%(tenant_id)s"

@woorea
Saturday, March 23, 2013

/etc/cinder/api-paste.ini

[filter:authtoken]
paste.filter_factory = keystone.middleware.auth_token:filter_factory
auth_host = localhost
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = cinder
admin_password = secret0

@woorea
Saturday, March 23, 2013

/etc/cinder/cinder.conf

sql_connection=mysql://cinder:secret0@localhost/cinder

@woorea
Saturday, March 23, 2013

Cinder

# cinder-manage db sync
# mysql -u cinder -psecret0 cinder
mysql>show tables;

+-------------------------+
| Tables_in_cinder
|
+-------------------------+
| backups
|
| iscsi_targets
|
| migrate_version
|
| migrations
|
| quota_classes
|
| quota_usages
|
| quotas
|
| reservations
|
| services
|
| sm_backend_config
|
| sm_flavors
|
| sm_volume
|
| snapshot_metadata
|
| snapshots
|
| volume_glance_metadata |
| volume_metadata
|
| volume_type_extra_specs |
| volume_types
|
| volumes
|
+-------------------------+

@woorea
Saturday, March 23, 2013

Cinder

# service cinder-volume restart


# service cinder-scheduler restart
# service cinder-api restart

@woorea
Saturday, March 23, 2013

cinder create

# cinder create --display_name woorea_volume 1


+---------------------+--------------------------------------+
|
Property
|
Value
|
+---------------------+--------------------------------------+
|
attachments
|
[]
|
| availability_zone |
nova
|
|
bootable
|
false
|
|
created_at
|
2013-03-21T02:42:42.471269
|
| display_description |
None
|
|
display_name
|
test
|
|
id
| bf928404-877a-408b-b58a-9feb3e3029eb |
|
metadata
|
{}
|
|
size
|
1
|
|
snapshot_id
|
None
|
|
source_volid
|
None
|
|
status
|
creating
|
|
volume_type
|
None
|
+---------------------+--------------------------------------+

@woorea
Saturday, March 23, 2013

cinder list

# cinder list

+--------------------------------------+-----------+---------------+------+-------------+----------+-------------+
|
ID
|
Status | Display Name | Size | Volume Type | Bootable | Attached to |
+--------------------------------------+-----------+---------------+------+-------------+----------+-------------+
| fbffb280-1324-4790-8b7b-4237ca426486 | available | woorea_volume | 1
|
None
| false
|
|
+--------------------------------------+-----------+---------------+------+-------------+----------+-------------+

@woorea
Saturday, March 23, 2013

Installing Nova

Saturday, March 23, 2013

Nova

# apt-get install nova-api \


nova-conductor \
nova-compute-qemu \
nova-scheduler \
nova-network

@woorea
Saturday, March 23, 2013

Nova

# mysql -u root -psecret0


mysql> create database nova;
mysql> grant all privileges on nova.* to nova@"localhost" identified by "secret0";
mysql> exit

@woorea
Saturday, March 23, 2013

Nova

# keystone user-create --name nova --pass secret0 --email luis@woorea.es


# keystone user-role-add --tenant service --user nova --role admin

@woorea
Saturday, March 23, 2013

Nova
# keystone service-create --name nova \
--type compute --description "Compute Service"
# keystone endpoint-create --region madrid \
--service_id 5fa2e4c0d2bf4f7ca13ced7bbf1679f3 \
--publicurl "http://192.168.0.254:8774/v2/%(tenant_id)s" \
--adminurl "http://locahost:8774/v2/%(tenant_id)s" \
--internalurl "http://localhost:8774/v2/%(tenant_id)s"

@woorea
Saturday, March 23, 2013

/etc/nova/api-paste.ini
[filter:authtoken]
paste.filter_factory = keystone.middleware.auth_token:filter_factory
auth_host = localhost
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = nova
admin_password = secret0
signing_dir = /tmp/keystone-signing-nova

@woorea
Saturday, March 23, 2013

/etc/nova/nova.conf
my_ip=127.0.0.1
sql_connection=mysql://nova:secret0@localhost/nova
enabled_apis=osapi_compute,metadata
auth_strategy=keystone
#NETWORKING
public_interface=eth1
vlan_interface=eth2
fixed_range=10.0.0.0/27
network_size=32

@woorea
Saturday, March 23, 2013

Nova

# nova-manage db sync
# mysql -u nova -psecret0 nova
mysql>show tables;

+--------------------------------------------+
| Tables_in_nova
|
+--------------------------------------------+
| agent_builds
|
| aggregate_hosts
|
| aggregate_metadata
|
| aggregates
|
| block_device_mapping
|
| bw_usage_cache
|
| cells
|
| certificates
|
| compute_node_stats
|
| compute_nodes
|
| console_pools
|
| consoles
|
| dns_domains
|
| fixed_ips
|
| floating_ips
|
| instance_actions
|
| instance_actions_events
|
| instance_faults
|
| instance_id_mappings
|
| instance_info_caches
|
| instance_metadata
|
| instance_system_metadata
|
| ...
|
| task_log
|
| virtual_interfaces
|
| virtual_storage_arrays
|
| volume_id_mappings
|
| volume_metadata
|
| volume_type_extra_specs
|
| volume_types
|
| volume_usage_cache
|
| volumes
|
+--------------------------------------------+

@woorea
Saturday, March 23, 2013

Nova

# service nova-api restart


# service nova-conductor restart
# service nova-scheduler restart
# service nova-network restart
# service nova-compute restart

@woorea
Saturday, March 23, 2013

Private Network

nova-manage network create private 10.0.0.0/27

# nova-manage network list

id
1

IPv4
10.0.0.0/27

IPv6
None

start address
10.0.0.3

DNS1
8.8.4.4

DNS2
None

VlanID
100

project
5c52...

uuid
fd23...

@woorea
Saturday, March 23, 2013

Nova

# nova-manage service list


Binary
nova-scheduler
nova-network
nova-conductor
nova-compute

Host
precise64
precise64
precise64
precise64

Text
Zone
internal
internal
internal
nova

Status
enabled
enabled
enabled
enabled

State
:-)
:-)
:-)
:-)

Updated_At
2013-03-21
2013-03-21
2013-03-21
2013-03-21

15:33:30
15:33:30
15:33:30
15:33:33

@woorea
Saturday, March 23, 2013

nova flavor-list

# nova flavor-list
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+-------------+
| ID | Name
| Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public | extra_specs |
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+-------------+
| 1 | m1.tiny
| 512
| 0
| 0
|
| 1
| 1.0
| True
| {}
|
| 2 | m1.small | 2048
| 20
| 0
|
| 1
| 1.0
| True
| {}
|
| 3 | m1.medium | 4096
| 40
| 0
|
| 2
| 1.0
| True
| {}
|
| 4 | m1.large | 8192
| 80
| 0
|
| 4
| 1.0
| True
| {}
|
| 5 | m1.xlarge | 16384
| 160 | 0
|
| 8
| 1.0
| True
| {}
|
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+-------------+

@woorea
Saturday, March 23, 2013

nova image-list

# nova image-list

+--------------------------------------+----------+--------+--------+
| ID
| Name
| Status | Server |
+--------------------------------------+----------+--------+--------+
| 1e6faa46-788f-412d-aa22-78660e78cc00 | cirros64 | ACTIVE |
|
+--------------------------------------+----------+--------+--------+

@woorea
Saturday, March 23, 2013

nova boot
# nova boot --image cirros64 --flavor m1.tiny --poll my_cirros
+-------------------------------------+--------------------------------------+
| Property
| Value
|
+-------------------------------------+--------------------------------------+
| OS-EXT-STS:task_state
| scheduling
|
| image
| cirros64
|
| OS-EXT-STS:vm_state
| building
|
| OS-EXT-SRV-ATTR:instance_name
| instance-00000002
|
| flavor
| m1.tiny
|
| id
| 64985512-2970-440c-b7db-1da74966e4de |
| security_groups
| [{u'name': u'default'}]
|
| user_id
| d370493f461a483ca545617b7dbab448
|
| OS-DCF:diskConfig
| MANUAL
|
| accessIPv4
|
|
| accessIPv6
|
|
| progress
| 0
|
| OS-EXT-STS:power_state
| 0
|
| OS-EXT-AZ:availability_zone
| None
|
| config_drive
|
|
| status
| BUILD
|
| updated
| 2013-03-21T15:30:21Z
|
| hostId
|
|
| OS-EXT-SRV-ATTR:host
| None
|
| key_name
| None
|
| name
| my_cirros
|
| adminPass
| 6AqDXQaZxUHi
|
| tenant_id
| 5c525e40f6a14daa8fb0a4e4989dea95
|
| created
| 2013-03-21T15:30:21Z
|
+-------------------------------------+--------------------------------------+

Text

@woorea
Saturday, March 23, 2013

ssh

# ssh cirros@10.0.0.3
Password: cubswin:)

@woorea
Saturday, March 23, 2013

Installing Horizon

Saturday, March 23, 2013

Horizon

# apt-get install openstack-dashboard

@woorea
Saturday, March 23, 2013

OpenStack Java SDK

Saturday, March 23, 2013

OpenStack Java SDK


Open Source : Apache 2 License
Apache HttpClient / JAX-RS 2.x / JAX-RS 1.x
OpenStack:
keystone

nova

swift

glance

ceilometer

quantum

@woorea
Saturday, March 23, 2013

BillingStack

Saturday, March 23, 2013

BillingStack
REST API
/merchants

/products

/plans

/customers

/subscriptions

/usage

/invoices

/payment-gateways

/transactions

/currencies

@woorea
Saturday, March 23, 2013

BillingStack
Open Source : Apache 2 Licensed
Polyglota (python / java / groovy)
We are 2 developers
Endre Karlson (python)
Luis Gervaso (java / groovy)
OpenStack Design Summit 2013, Portland

@woorea
Saturday, March 23, 2013