############################## # Openstack Installation on Os- {Redhat,Fedora,Centos} ############################## # Redhat subscription-manager repos --enable rhel-7-server-optional-rpms subscription-manager repos --enable rhel-7-server-extras-rpms yum update all systemctl stop NetworkManager systemctl disable NetworkManager systemctl restart network # Common installation steps sudo yum install -y https://rdoproject.org/repos/rdo-release.rpm sudo yum install -y openstack-packstack packstack --allinone packstack --gen-answer-file=answerfile.txt packstack --answer-file=answerfile.txt ## Ubuntu Manual Installation touch /etc/apt/sources.list.d/ubuntu-cloud-archive-juno-trusty.list cat >> /etc/apt/sources.list.d/ubuntu-cloud-archive-juno-trusty.list <<HERE deb http://ubuntu-cloud.archive.canonical.com/ubuntu trusty-updates/juno main HERE apt-get update apt-get install ubuntu-cloud-keyring && apt-get install python-software-properties && apt-get update && apt-get dist-upgrade apt-get install ntp -y && service ntp restart && apt-get install vlan bridge-utils -y && apt-get install mariadb-server python-mysqldb -y apt-get install rabbitmq-server -y apt-get install openswitch mysql -u root -p <<EOF CREATE DATABASE nova; GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'password'; CREATE DATABASE cinder; GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY 'password'; CREATE DATABASE glance; GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'password'; CREATE DATABASE neutron; GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'password'; CREATE DATABASE keystone; GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'password'; FLUSH PRIVILEGES; connection = mysql://keystone:password@0.0.0.0/keystone connection = mysql://glance:password@0.0.0.0/glance connection = mysql://nova:password@0.0.0.0/nova connection = mysql://cinder:password@0.0.0.0/cinder connection = mysql://neutron:password@0.0.0.0/neutron export OS_SERVICE_TOKEN=ADMIN export OS_SERVICE_ENDPOINT=http://10.138.86.144:35357/v2.0 export OS_USERNAME=admin export OS_PASSWORD=ADMIN export OS_TENANT_NAME=admin export OS_AUTH_URL=http://10.138.86.144:35357/v2.0 keystone tenant-create --name=admin --description="Admin Tenant" && keystone tenant-create --name=service --description="Service Tenant" && keystone user-create --name=admin --pass=ADMIN --email=admin@example.com && keystone role-create --name=admin && keystone user-role-add --user=admin --tenant=admin --role=admin && keystone service-create --name=keystone --type=identity --description="Keystone Identity Service" && keystone endpoint-create --service=keystone --publicurl=http://10.138.86.144:5000/v2.0 --internalurl=http://10.138.86.144:5000/v2.0 --adminurl=http://10.138.86.144:35357/v2.0 keystone user-create --name=glance --pass=password --email=glance@example.com && keystone user-role-add --user=glance --tenant=service --role=admin && keystone service-create --name=glance --type=image --description="Glance Image Service" && keystone endpoint-create --service=glance --publicurl=http://10.138.86.144:9292 --internalurl=http://10.138.86.144:9292 --adminurl=http://10.138.86.144:9292 keystone user-create --name=nova --pass=password --email=nova@example.com && keystone user-role-add --user=nova --tenant=service --role=admin && keystone service-create --name=nova --type=compute --description="OpenStack Compute" && keystone endpoint-create --service=nova --publicurl=http://10.138.86.144:8774/v2/%\(tenant_id\)s --internalurl=http://10.138.86.144:8774/v2/%\(tenant_id\)s --adminurl=http://10.138.86.144:8774/v2/%\(tenant_id\)s keystone user-create --name=neutron --pass=password --email=neutron@example.com && keystone service-create --name=neutron --type=network --description="OpenStack Networking" && keystone user-role-add --user=neutron --tenant=service --role=admin && keystone endpoint-create --service=neutron --publicurl http://10.138.86.144:9696 --adminurl http://10.138.86.144:9696 --internalurl http://10.138.86.144:9696 keystone user-create --name=cinder --pass=password --email=cinder@example.com && keystone user-role-add --user=cinder --tenant=service --role=admin && keystone service-create --name=cinder --type=volume --description="OpenStack Block Storage" && keystone endpoint-create --service=cinder --publicurl=http://10.138.86.144:8776/v1/%\(tenant_id\)s --internalurl=http://10.138.86.144:8776/v1/%\(tenant_id\)s --adminurl=http://10.138.86.144:8776/v1/%\(tenant_id\)s && keystone service-create --name=cinderv2 --type=volumev2 --description="OpenStack Block Storage v2" auth_uri = http://10.138.86.144:5000/v2.0 identity_uri = http://10.138.86.144:35357 admin_tenant_name = service admin_user = neutron admin_password = password signing_dir = $state_path/keystone-signing ### Network configuration in Ubuntu Bind eth2 to the external bridge ovs-vsctl add-port br-ex eth2 # Enable external network access under nested Open vSwitch ifconfig br-ex promisc up Update the external bridge configuration vim /etc/network/interfaces # Modify the corresponding configuration auto eth2 iface eth2 inet manual up ifconfig $IFACE 0.0.0.0 up up ip link set $IFACE promisc on down ip link set $IFACE promisc off down ifconfig $IFACE down auto br-ex iface br-ex inet static address {put_eth2_ip_here} netmask 255.255.255.0 up ip link set $IFACE promisc on down ip link set $IFACE promisc off Restart the network service /etc/init.d/networking restart ### Neutron Configuration #Clearing the default router settings neutron router-gateway-clear router1 neutron subnet-delete public_subnet neutron router-interface-delete router1 private_subnet neutron subnet-delete private_subnet neutron net-delete private neutron router-delete router1 #First private subnet neutron router-create router1 neutron net-create private neutron subnet-create --name private_subnet private 192.168.100.0/24 --allocation-pool start=192.168.100.204,end=192.168.100.254 --dns-nameservers list=true 8.8.8.8 4.2.2.2 neutron router-interface-add router1 private_subnet neutron net-create public --router:external=True neutron subnet-create public 10.138.86.128/26 --name public_subnet --enable_dhcp=False --allocation-pool start=10.138.86.134,end=10.138.86.143 --gateway=10.138.86.129 --dns-nameservers list=true 8.8.8.8 4.2.2.2 neutron router-gateway-set router1 public ### Neutron Commands neutron net-external-list neutron router-list How to Login to a instance ip netns exec qrouter-67aca2e9-ed29-4516-93e8-b56a7580e259 ssh -i cloud.key core@$instance_ip How to Ping to a instance ip netns exec qrouter-3c0d40eb-12df-4a28-a37d-e9b80dc43507 ping -c 2 $instance_ip In normal operation, a network interface is in non-promiscuous mode, which means that when the interface receives a frame that is not directly addressed to it or is not a broadcast frame, then the interface drops that frame. In order to serve in a bridge, the physical network interface must be placed in promiscuous mode Open vSwitch patch ports are used to connect Open vSwitch bridges to each other, while Linux veth cables are used to connect Open vSwitch bridges to Linux bridges, or Linux bridges to other Linux bridges. For an Ethernet frame to travel from the virtual machine instance out through the physical server interface, it will pass through nine devices inside the host: • Tap interface: tapXXXX • Linux bridge: qbrYYYY • Veth pair: qvbYYYY, qvoYYYY • OVS integration bridge: br-int • OVS patch ports: int-br-ethX, phy-br-ethX • OVS provider bridge: br-ethX • Physical interface: ethX