Jump to: navigation, search

Difference between revisions of "User:Vitola"

(Replaced content with " Alex Sandro de Lacerda Vitola http://br.linkedin.com/in/vitola http://www.vitola.net.br")
Line 1: Line 1:
OpenStack - Folsom - Single Node
 
  
Folsom Proj01 Single Node
+
Alex Sandro de Lacerda Vitola
 
+
http://br.linkedin.com/in/vitola
= Ambiente =
+
http://www.vitola.net.br
Dell Vostro 200
 
Intel(R) Core(TM)2 Duo CPU    E6550  @ 2.33GHz
 
= Pacotes adicionais =
 
apt-get install bridge-utils vlan
 
= configuração de repositório =
 
apt-get install ubuntu-cloud-keyring
 
echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/folsom main" \
 
> /etc/apt/sources.list.d/cloud-archive.list
 
= Atualizar os pacotes =
 
apt-get update ; apt-get upgrade ; apt-get dist-upgrade
 
= Configurar o arquivo /etc/hosts =
 
192.168.0.100 folsom-proj01 folsom-proj01.vitola.net.br
 
= Habilitar o ip_forward =
 
echo 1 > /proc/sys/net/ipv4/ip_forward
 
sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/g' /etc/sysctl.conf
 
= Instalar o ntp =
 
apt-get install ntp
 
service ntp restart
 
= Configurar a interface de rede =
 
auto br100
 
iface br100 inet static
 
      address 192.168.0.100
 
      netmask 255.255.255.0
 
      gateway 192.168.0.1
 
      dns-nameservers 8.8.8.8 8.8.4.4
 
      bridge_ports eth0
 
      bridge_stp off
 
      bridge_maxwait 0
 
      bridge_fd 0
 
= Criar a bridge =
 
brctl addbr br100; service networking restart
 
brctl show
 
bridge name bridge id STP enabled interfaces
 
br100 8000.52540044858a no eth0
 
= Instalação do mysql =
 
apt-get install mysql-server python-mysqldb
 
sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf
 
service mysql restart
 
 
 
mysql -u root -p
 
 
 
    use mysql;
 
    delete from user where user <> 'root';
 
    delete from user where host <> 'localhost';
 
    update user set host = '%' where user ='root';
 
    CREATE DATABASE keystone;
 
    CREATE DATABASE glance;
 
    CREATE DATABASE nova;
 
    CREATE DATABASE cinder;
 
    DROP DATABASE test;
 
 
 
    GRANT ALL ON keystone.* TO 'keystoneUser'@'%' IDENTIFIED BY 'keystonePass';
 
    GRANT ALL ON glance.* TO 'glanceUser'@'%' IDENTIFIED BY 'glancePass';
 
    GRANT ALL ON nova.* TO 'novaUser'@'%' IDENTIFIED BY 'novaPass';
 
    GRANT ALL ON cinder.* TO 'cinderUser'@'%' IDENTIFIED BY 'cinderPass';
 
    flush privileges;
 
= Instalação do rabbitmq =
 
apt-get install rabbitmq-server
 
= Instalação do keystone =
 
apt-get install keystone
 
= Configurar o arquivo /etc/keystone/keystone.conf =
 
  [sql]
 
  connection = mysql://keystoneUser:keystonePass@folsom-proj01.vitola.net.br/keystone
 
= Reiniciar o serviço e criar as tabelas no banco =
 
service keystone restart
 
keystone-manage db_sync
 
= Criar os scripts de configuração dos usuários, permissões e endpoint =
 
 
 
keystone_basic.sh
 
https://raw.github.com/vitola/folsom-proj01/master/scripts/keystone_basic.sh
 
 
 
# Modified by Bilel Msekni / Institut Telecom
 
#
 
# Support: openstack@lists.launchpad.net
 
# License: Apache Software License (ASL) 2.0
 
#
 
 
HOST_IP=folsom-proj01.vitola.net.br
 
ADMIN_PASSWORD=${ADMIN_PASSWORD:-admin_pass}
 
SERVICE_PASSWORD=${SERVICE_PASSWORD:-service_pass}
 
export SERVICE_TOKEN="ADMIN"
 
export SERVICE_ENDPOINT="http://${HOST_IP}:35357/v2.0"
 
SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service}
 
 
get_id () {
 
    echo `$@ | awk '/ id / { print $4 }'`
 
}
 
 
# Tenants
 
ADMIN_TENANT=$(get_id keystone tenant-create --name=admin)
 
SERVICE_TENANT=$(get_id keystone tenant-create --name=$SERVICE_TENANT_NAME)
 
 
# Users
 
ADMIN_USER=$(get_id keystone user-create --name=admin --pass="$ADMIN_PASSWORD" --email=admin@vitola.net.br)
 
 
# Roles
 
ADMIN_ROLE=$(get_id keystone role-create --name=admin)
 
KEYSTONEADMIN_ROLE=$(get_id keystone role-create --name=KeystoneAdmin)
 
KEYSTONESERVICE_ROLE=$(get_id keystone role-create --name=KeystoneServiceAdmin)
 
 
# Add Roles to Users in Tenants
 
keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id $ADMIN_TENANT
 
keystone user-role-add --user-id $ADMIN_USER --role-id $KEYSTONEADMIN_ROLE --tenant-id $ADMIN_TENANT
 
keystone user-role-add --user-id $ADMIN_USER --role-id $KEYSTONESERVICE_ROLE --tenant-id $ADMIN_TENANT
 
 
# The Member role is used by Horizon and Swift
 
MEMBER_ROLE=$(get_id keystone role-create --name=Member)
 
 
# Configure service users/roles
 
NOVA_USER=$(get_id keystone user-create --name=nova --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=nova@vitola.net.br)
 
keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $NOVA_USER --role-id $ADMIN_ROLE
 
 
GLANCE_USER=$(get_id keystone user-create --name=glance --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=glance@vitola.net.br)
 
keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $GLANCE_USER --role-id $ADMIN_ROLE
 
 
CINDER_USER=$(get_id keystone user-create --name=cinder --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=cinder@vitola.net.br)
 
keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $CINDER_USER --role-id $ADMIN_ROLE
 
 
 
keystone_endpoints_basic.sh
 
https://raw.github.com/vitola/folsom-proj01/master/scripts/keystone_endpoints_basic.sh
 
 
 
#!/bin/sh
 
#
 
# Keystone basic Endpoints
 
# Mainly inspired by https://github.com/openstack/keystone/blob/master/tools/sample_data.sh
 
# Modified by Bilel Msekni / Institut Telecom
 
#
 
# Support: openstack@lists.launchpad.net
 
# License: Apache Software License (ASL) 2.0
 
#
 
 
# Host address
 
HOST_IP=folsom-proj01.vitola.net.br
 
EXT_HOST_IP=folsom-proj01.vitola.net.br
 
 
# MySQL definitions
 
MYSQL_USER=keystoneUser
 
MYSQL_DATABASE=keystone
 
MYSQL_HOST=$HOST_IP
 
MYSQL_PASSWORD=keystonePass
 
 
# Keystone definitions
 
KEYSTONE_REGION=F1
 
export SERVICE_TOKEN=ADMIN
 
export SERVICE_ENDPOINT="http://${HOST_IP}:35357/v2.0"
 
 
while getopts "u:D:p:m:K:R:E:T:vh" opt; do
 
  case $opt in
 
    u)
 
      MYSQL_USER=$OPTARG
 
      ;;
 
    D)
 
      MYSQL_DATABASE=$OPTARG
 
      ;;
 
    p)
 
      MYSQL_PASSWORD=$OPTARG
 
      ;;
 
    m)
 
      MYSQL_HOST=$OPTARG
 
      ;;
 
    K)
 
      MASTER=$OPTARG
 
      ;;
 
    R)
 
      KEYSTONE_REGION=$OPTARG
 
      ;;
 
    E)
 
      export SERVICE_ENDPOINT=$OPTARG
 
      ;;
 
    T)
 
      export SERVICE_TOKEN=$OPTARG
 
      ;;
 
    v)
 
      set -x
 
      ;;
 
    h)
 
      cat <<EOF
 
Usage: $0 [-m mysql_hostname] [-u mysql_username] [-D mysql_database] [-p mysql_password]
 
        [-K keystone_master ] [ -R keystone_region ] [ -E keystone_endpoint_url ]
 
        [ -T keystone_token ]
 
 
Add -v for verbose mode, -h to display this message.
 
EOF
 
      exit 0
 
      ;;
 
    \?)
 
      echo "Unknown option -$OPTARG" >&2
 
      exit 1
 
      ;;
 
    :)
 
      echo "Option -$OPTARG requires an argument" >&2
 
      exit 1
 
      ;;
 
  esac
 
done 
 
 
 
if [ -z "$KEYSTONE_REGION" ]; then
 
  echo "Keystone region not set. Please set with -R option or set KEYSTONE_REGION variable." >&2
 
  missing_args="true"
 
fi
 
 
 
if [ -z "$SERVICE_TOKEN" ]; then
 
  echo "Keystone service token not set. Please set with -T option or set SERVICE_TOKEN variable." >&2
 
  missing_args="true"
 
fi
 
if [ -z "$SERVICE_ENDPOINT" ]; then
 
  echo "Keystone service endpoint not set. Please set with -E option or set SERVICE_ENDPOINT variable." >&2
 
  missing_args="true"
 
fi
 
if [ -z "$MYSQL_PASSWORD" ]; then
 
  echo "MySQL password not set. Please set with -p option or set MYSQL_PASSWORD variable." >&2
 
  missing_args="true"
 
fi
 
if [ -n "$missing_args" ]; then
 
  exit 1
 
fi
 
 
keystone service-create --name nova --type compute --description 'OpenStack Compute Service'
 
keystone service-create --name cinder --type volume --description 'OpenStack Volume Service'
 
keystone service-create --name glance --type image --description 'OpenStack Image Service'
 
keystone service-create --name keystone --type identity --description 'OpenStack Identity'
 
keystone service-create --name ec2 --type ec2 --description 'OpenStack EC2 service'
 
 
create_endpoint () {
 
  case $1 in
 
    compute)
 
    keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$EXT_HOST_IP"':8774/v2/$(tenant_id)s' --adminurl 'http://'"$HOST_IP"':8774/v2/$(tenant_id)s' --internalurl 'http://'"$HOST_IP"':8774/v2/$(tenant_id)s'
 
    ;;
 
    volume)
 
    keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$EXT_HOST_IP"':8776/v1/$(tenant_id)s' --adminurl 'http://'"$HOST_IP"':8776/v1/$(tenant_id)s' --internalurl 'http://'"$HOST_IP"':8776/v1/$(tenant_id)s'
 
    ;;
 
    image)
 
    keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$EXT_HOST_IP"':9292/v2' --adminurl 'http://'"$HOST_IP"':9292/v2' --internalurl 'http://'"$HOST_IP"':9292/v2'
 
    ;;
 
    identity)
 
    keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$EXT_HOST_IP"':5000/v2.0' --adminurl 'http://'"$HOST_IP"':35357/v2.0' --internalurl 'http://'"$HOST_IP"':5000/v2.0'
 
    ;;
 
    ec2)
 
    keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$EXT_HOST_IP"':8773/services/Cloud' --adminurl 'http://'"$HOST_IP"':8773/services/Admin' --internalurl 'http://'"$HOST_IP"':8773/services/Cloud'
 
    ;;
 
  esac
 
}
 
 
for i in compute volume image object-store identity ec2; do
 
  id=`mysql -h "$MYSQL_HOST" -u "$MYSQL_USER" -p"$MYSQL_PASSWORD" "$MYSQL_DATABASE" -ss -e "SELECT id FROM service WHERE type='"$i"';"` || exit 1
 
  create_endpoint $i $id
 
done
 
 
 
 
 
chmod +x keystone_basic.sh
 
chmod +x keystone_endpoints_basic.sh
 
 
 
./keystone_basic.sh
 
./keystone_endpoints_basic.sh
 
= Dados de acesso ~/.creds  =
 
  export OS_NO_CACHE=1
 
  export OS_TENANT_NAME=admin
 
  export OS_USERNAME=admin
 
  export OS_PASSWORD=admin_pass
 
  export OS_AUTH_URL="http://folsom-proj01.vitola.net.br:5000/v2.0/"
 
= Incluir as informações nas variáveis de ambiente do usuário =
 
source ~/.creds
 
echo " source ~/.creds" >> ~/.bash_profile
 
= Testar o acesso usando o curl =
 
curl http://folsom-proj01.vitola.net.br:35357/v2.0/endpoints -H 'x-auth-token: ADMIN' | python -m json.tool
 
= Instalação do glance =
 
apt-get install glance
 
= Configurar o arquivo /etc/glance/glance-api-paste.ini =
 
  [filter:authtoken]
 
  delay_auth_decision = true
 
  paste.filter_factory = keystone.middleware.auth_token:filter_factory
 
  service_protocol = http
 
  service_host = folsom-proj01.vitola.net.br
 
  service_port = 5000
 
  auth_host = folsom-proj01.vitola.net.br
 
  auth_port = 35357
 
  auth_protocol = http
 
  auth_uri = http://folsom-proj01.vitola.net.br:5000/
 
  admin_tenant_name = service
 
  admin_user = glance
 
  admin_password = service_pass
 
= Configurar o arquivo /etc/glance/glance-registry-paste.ini =
 
[filter:authtoken]
 
  paste.filter_factory = keystone.middleware.auth_token:filter_factory
 
  service_host = folsom-proj01.vitola.net.br
 
  service_port = 5000
 
  auth_host = folsom-proj01.vitola.net.br
 
  auth_port = 35357
 
  auth_protocol = http
 
  auth_uri = http://folsom-proj01.vitola.net.br:5000/
 
  admin_tenant_name = service
 
  admin_user = glance
 
  admin_password = service_pass
 
= Configurar o arquivo /etc/glance/glance-api.conf =
 
  sql_connection = mysql://glanceUser:glancePass@folsom-proj01.vitola.net.br/glance
 
  [keystone_authtoken]
 
  auth_host = folsom-proj01.vitola.net.br
 
  auth_port = 35357
 
  auth_protocol = http
 
  admin_tenant_name = service
 
  admin_user = glance
 
  admin_password = service_pass
 
  [paste_deploy]
 
  flavor = keystone
 
= Configurar o arquivo /etc/glance/glance-registry.conf =
 
  sql_connection = mysql://glanceUser:glancePass@folsom-proj01.vitola.net.br/glance
 
  [keystone_authtoken]
 
  auth_host = folsom-proj01.vitola.net.br
 
  auth_port = 35357
 
  auth_protocol = http
 
  admin_tenant_name = service
 
  admin_user = glance
 
  admin_password = service_pass
 
  [paste_deploy]
 
  flavor = keystone
 
= Reiniciar os serviços e criar as tabelas no banco =
 
cd /etc/init.d/; for i in $(ls glance-*); do service $i restart; done
 
glance-manage db_sync
 
= Inclusão de imagens no glance =
 
Foi feito o download por http do servidor local, mas pode ser feito direto do repositório da distribuição
 
glance image-create \
 
--name="ubuntu-12.04.2-server-amd64.iso" \
 
--public \
 
--container-format=bare \
 
--disk-format=iso \
 
--copy-from="http://folsom-proj01.vitola.net.br/ubuntu-12.04.2-server-amd64.iso"
 
glance image-create \
 
--name="Cirros64Bits" \
 
--public \
 
--container-format bare \
 
--disk-format qcow2 \
 
--copy-from="http://folsom-proj01.vitola.net.br/cirros-0.3.0-x86_64-disk.img"
 
glance image-create \
 
--name="CentOS-6.4-x86_64-minimal.iso" \
 
--public \
 
--container-format bare \
 
--disk-format iso \
 
--copy-from="http://folsom-proj01.vitola.net.br/CentOS-6.4-x86_64-minimal.iso"
 
 
 
As imagens são salvas neste diretório /var/lib/glance/images/
 
 
 
= Instalação do cinder =
 
apt-get install cinder-volume cinder-api cinder-scheduler cinder-volume
 
= Configurar o arquivo /etc/cinder/api-paste.ini =
 
[filter:authtoken]
 
paste.filter_factory = keystone.middleware.auth_token:filter_factory
 
service_protocol = http
 
service_host = folsom-proj01.vitola.net.br
 
service_port = 5000
 
auth_host = folsom-proj01.vitola.net.br
 
auth_port = 35357
 
auth_protocol = http
 
admin_tenant_name = service
 
admin_user = cinder
 
admin_password = service_pass
 
= Configurar o arquivo /etc/cinder/cinder.conf =
 
sql_connection = mysql://cinderUser:cinderPass@folsom-proj01.vitola.net.br/cinder
 
= Configurar a partição LVM =
 
 
 
fdisk /dev/sdc
 
fdisk> n
 
fdisk> p
 
fdisk> 1
 
fdisk> ENTER
 
fdisk> ENTER
 
fdisk> t
 
fdisk> 8e
 
fdisk> w
 
 
 
pvcreate /dev/sdc1
 
vgcreate cinder-volumes /dev/sdc1
 
= Criar as tabelas no banco de dados e reiniciar os serviços =
 
cinder-manage db sync
 
cd /etc/init.d/; for i in $(ls cinder-*); do service $i restart; done
 
= Nova =
 
== Instalação ==
 
apt-get install nova-cert novnc nova-consoleauth nova-scheduler nova-novncproxy nova-network nova-compute-kvm nova-api
 
== Configuração ==
 
=== /etc/nova/api-paste.ini ===
 
[filter:authtoken]
 
paste.filter_factory = keystone.middleware.auth_token:filter_factory
 
auth_host = folsom-proj01
 
auth_port = 35357
 
auth_protocol = http
 
admin_tenant_name = service
 
admin_user = nova
 
admin_password = service_pass
 
signing_dir = /tmp/keystone-signing-nova
 
=== /etc/nova/nova.conf ===
 
[DEFAULT]
 
dhcpbridge_flagfile=/etc/nova/nova.conf
 
dhcpbridge=/usr/bin/nova-dhcpbridge
 
logdir=/var/log/nova
 
state_path=/var/lib/nova
 
lock_path=/var/lock/nova
 
force_dhcp_release=True
 
iscsi_helper=tgtadm
 
libvirt_use_virtio_for_bridges=True
 
connection_type=libvirt
 
root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf
 
verbose=True
 
ec2_private_dns_show_ip=True
 
api_paste_config=/etc/nova/api-paste.ini
 
volumes_path=/var/lib/nova/volumes
 
 
scheduler_driver=nova.scheduler.simple.SimpleScheduler
 
s3_host=192.168.0.100
 
ec2_host=192.168.0.100
 
ec2_dmz_host=192.168.0.100
 
rabbit_host=192.168.0.100
 
cc_host=192.168.0.100
 
metadata_host=192.168.0.100
 
metadata_listen=0.0.0.0
 
nova_url=http://folsom-proj01.vitola.net.br:8774/v1.1/
 
sql_connection=mysql://novaUser:novaPass@folsom-proj01.vitola.net.br/nova
 
ec2_url=http://folsom-proj01.vitola.net.br:8773/services/Cloud
 
rootwrap_config=/etc/nova/rootwrap.conf
 
 
log-config=/etc/nova/logging.conf
 
verbose = True
 
debug = True
 
use_syslog = False
 
syslog_log_facility = LOG_LOCAL0
 
 
 
# Auth
 
use_deprecated_auth=false
 
auth_strategy=keystone
 
keystone_ec2_url=http://folsom-proj01.vitola.net.br:5000/v2.0/ec2tokens
 
 
# Imaging service
 
glance_api_servers=folsom-proj01.vitola.net.br:9292
 
image_service=nova.image.glance.GlanceImageService
 
 
# Vnc configuration
 
novnc_enabled=true
 
novncproxy_base_url=http://folsom-proj01.vitola.net.br:6080/vnc_auto.html
 
novncproxy_port=6080
 
vncserver_proxyclient_address=folsom-proj01.vitola.net.br
 
vncserver_listen=0.0.0.0
 
 
 
# NETWORK
 
network_manager=nova.network.manager.FlatDHCPManager
 
force_dhcp_release=True
 
dhcpbridge_flagfile=/etc/nova/nova.conf
 
#firewall_driver=nova.virt.firewall.IptablesFirewallDriver
 
my_ip=192.168.0.100
 
public_interface=br100
 
vlan_interface=eth1
 
flat_network_bridge=br100
 
flat_interface=eth1
 
flat_injected=True
 
fixed_range=192.168.100.0/24
 
compute_driver=libvirt.LibvirtDriver
 
 
# Cinder #
 
volume_api_class=nova.volume.cinder.API
 
osapi_volume_listen_port=5900
 
=== /etc/nova/nova-compute.conf ===
 
[DEFAULT]
 
libvirt_type=kvm
 
==  Criar as tabelas no banco de dados e reiniciar os serviços ==
 
nova-manage db sync
 
cd /etc/init.d/; for i in $(ls nova-*); do service $i restart; done
 

Revision as of 04:47, 3 August 2013

Alex Sandro de Lacerda Vitola http://br.linkedin.com/in/vitola http://www.vitola.net.br

Retrieved from "https://wiki.openstack.org/w/index.php?title=User:Vitola&oldid=27449"