More Related Content Similar to Openstack 2013 1 Similar to Openstack 2013 1 (20) Openstack 2013 11. OpenStack 2013.1
Step by Step
Luis Gervaso
luis@woorea.es
@woorea
Saturday, March 23, 2013
2. Environment
VirtualBox 4.2.10
https://www.virtualbox.org/wiki/Downloads
Vagrant v1.1.2
http://downloads.vagrantup.com
Ubuntu Precise 64bits
http://files.vagrantup.com/precise64.box
@woorea
Saturday, March 23, 2013
3. Vagrant
$ vagrant init precise64 http://files.vagrantup.com/precise64.box
$ vi Vagrantfile
config.vm.provider :virtualbox do |vbox|
vbox.customize ["modifyvm", :id, "--memory", "2048"]
end
config.vm.network :private_network, ip: "192.168.0.254"
config.vm.network :private_network, ip: "10.0.0.254"
config.vm.network :forwarded_port, guest: 80, host: 8181
$ vagrant up
$ vagrant ssh
@woorea
Saturday, March 23, 2013
5. OpenStack Grizzly
# apt-get install vim python-software-properties
# add-apt-repository ppa:openstack-ubuntu-testing/grizzly-trunk-testing
# apt-get update
# apt-get dist-upgrade
@woorea
Saturday, March 23, 2013
6. issues
# init 0
$ vagrant up
...
The following SSH command responded with a non-zero exit status.
Vagrant assumes that this means the command failed!
mount -t vboxsf -o uid=`id -u vagrant`,gid=`id -g vagrant` v-root /vagrant
@woorea
Saturday, March 23, 2013
7. solution
$ vagrant ssh
# sudo -i
# apt-get install make
# /etc/init.d/vboxadd setup
# init 0
$ vagrant up
$ vagrant ssh
@woorea
Saturday, March 23, 2013
8. OpenStack Grizzly
# vi /etc/sysctl.conf
net.ipv4.ip_forward=1
# sysctl -p
@woorea
Saturday, March 23, 2013
9. Network Time Protocol
# apt-get install ntp
# vi /etc/ntp.conf
server 127.127.0.1
fudge 127.127.0.1 stratum 10
# service ntp restart
@woorea
Saturday, March 23, 2013
10. Network Time Protocol
# ntpq
ntpq> lpeers
remote refid
================================
tb.mircx.com 131.107.13.100
web1.amdgtechno 209.51.161.238
...
ntpq> exit
@woorea
Saturday, March 23, 2013
11. Network Time Protocol
#iptables -A input -p udp --dport 123 -j ACCEPT
#iptables -A output -p udp --sport 123 -j ACCEPT
@woorea
Saturday, March 23, 2013
12. Network Time Protocol
#/etc/cron.daily/ntpdate
#!/bin/sh
# Current System Time < NTP
ntpdate <my_ntp_server>
# Hardware Clock < Current System Time.
hwclock -w
@woorea
Saturday, March 23, 2013
13. MySQL
# apt-get install mysql-server python-mysqldb
MySQL password : secret0
# vi /etc/mysql/my.cnf
bind-address = 0.0.0.0
# service mysql restart
@woorea
Saturday, March 23, 2013
14. RabbitMQ
# apt-get install rabbitmq-server
@woorea
Saturday, March 23, 2013
16. Keystone
# apt-get install keystone
# mysql -u root -psecret0
mysql> create database keystone;
mysql> grant all privileges on keystone.* to keystone@"localhost" identified by "secret0";
mysql> exit
# vi /etc/keystone/keystone.conf
connection = mysql://keystone:secret0@localhost/keystone
@woorea
Saturday, March 23, 2013
17. Keystone
+------------------------+
| Tables_in_keystone |
+------------------------+
| credential |
# keystone-manage db_sync | domain
| ec2_credential
|
|
| endpoint |
# mysql -u keystone -psecret0 keystone | group
| group_domain_metadata |
|
| group_project_metadata |
| metadata |
mysql>show tables; | migrate_version |
| policy |
| project |
# service keystone restart | role |
| service |
| token |
| user |
| user_domain_metadata |
| user_group_membership |
| user_project_metadata |
+------------------------+
@woorea
Saturday, March 23, 2013
18. ~/.profile
# vi ~/.profile
export SERVICE_TOKEN=ADMIN
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=secret0
export OS_AUTH_URL=http://192.168.0.254:5000/v2.0/
export SERVICE_ENDPOINT=http://localhost:35357/v2.0/
# . ~/.profile
@woorea
Saturday, March 23, 2013
19. keystone tenant-create
# keystone tenant-create --name admin
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | |
| enabled | True |
| id | 5c525e40f6a14daa8fb0a4e4989dea95 |
| name | admin |
+-------------+----------------------------------+
@woorea
Saturday, March 23, 2013
20. keystone tenant-create
# keystone tenant-create --name service
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | |
| enabled | True |
| id | bc3bad45980047608dd8a9ba8af55fc2 |
| name | service |
+-------------+----------------------------------+
@woorea
Saturday, March 23, 2013
21. keystone tenant-list
# keystone tenant-list
+----------------------------------+---------+---------+
| id | name | enabled |
+----------------------------------+---------+---------+
| 5c525e40f6a14daa8fb0a4e4989dea95 | admin | True |
| bc3bad45980047608dd8a9ba8af55fc2 | service | True |
+----------------------------------+---------+---------+
@woorea
Saturday, March 23, 2013
22. keystone role-create
# keystone role-create --name admin
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| id | caae1042a6cd4cd683ad2f9785bced94 |
| name | admin |
+----------+----------------------------------+
@woorea
Saturday, March 23, 2013
23. keystone role-create
# keystone role-create --name Member
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| id | 3f9970f21139477faa00003fa67010f2 |
| name | Member |
+----------+----------------------------------+
@woorea
Saturday, March 23, 2013
24. keystone role-create
# keystone role-list
+----------------------------------+----------+-------+
| id | name | extra |
+----------------------------------+----------+-------+
| 3f9970f21139477faa00003fa67010f2 | Member | {} |
| caae1042a6cd4cd683ad2f9785bced94 | admin | {} |
+----------------------------------+----------+-------+
@woorea
Saturday, March 23, 2013
25. keystone user-create
# keystone user-create --name admin --pass secret0 --email luis@woorea.es
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | luis@woorea.es |
| enabled | True |
| id | d370493f461a483ca545617b7dbab448 |
| name | admin |
| tenantId | |
+----------+----------------------------------+
@woorea
Saturday, March 23, 2013
26. keystone user-list
# keystone user-list
+----------------------------------+---------+---------+----------------+
| id | name | enabled | email |
+----------------------------------+---------+---------+----------------+
| d370493f461a483ca545617b7dbab448 | admin | True | luis@woorea.es |
+----------------------------------+---------+---------+----------------+
@woorea
Saturday, March 23, 2013
27. keystone user-role-add
# keystone user-role-add --tenant admin --user admin --role admin
NO OUTPUT!!!
@woorea
Saturday, March 23, 2013
28. keystone service-create
# keystone service-create --name keystone
--type identity --description "Identity Manager Service"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | Identity Manager Service |
| id | 4c22b42decfd4ef3b1803f5d62791b1d |
| name | keystone |
| type | identity |
+-------------+----------------------------------+
@woorea
Saturday, March 23, 2013
29. keystone endpoint-create
# keystone endpoint-create --region madrid
--service_id 4c22b42decfd4ef3b1803f5d62791b1d
--publicurl "http://192.168.254:5000/v2.0"
--adminurl "http://localhost:35357/v2.0"
--internalurl "http://localhost:5000/v2.0"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| adminurl | http://localhost:35357/v2.0 |
| id | 510d919f19404cf2ade064f94662e778 |
| internalurl | http://localhost:5000/v2.0 |
| publicurl | http://192.168.0.254:5000/v2.0 |
| region | madrid |
| service_id | 4c22b42decfd4ef3b1803f5d62791b1d |
+-------------+----------------------------------+
@woorea
Saturday, March 23, 2013
31. Glance
# apt-get install glance
# mysql -u root -psecret0
mysql> create database glance;
mysql> grant all privileges on glance.* to glance@"localhost" identified by "secret0";
mysql> exit
@woorea
Saturday, March 23, 2013
32. Glance
# keystone user-create --name glance --pass secret0 --email luis@woorea.es
# keystone user-role-add --tenant service --user glance --role admin
@woorea
Saturday, March 23, 2013
33. Glance
# keystone service-create --name glance
--type image --description "Images Registry Service"
# keystone endpoint-create --region madrid
--service_id 55cc2e173f8f437cb0f97a9d4e8ac9da
--publicurl "http://192.168.0.254:9292/v2.0"
--adminurl "http://localhost:9292/v2.0"
--internalurl "http://localhost:9292/v2.0"
@woorea
Saturday, March 23, 2013
34. /etc/glance/glance-api.conf
sql_connection = mysql://glance:secret0@localhost/glance
[keystone_authtoken]
auth_host = 127.0.0.1
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = glance
admin_password = secret0
[paste_deploy]
flavor = keystone
@woorea
Saturday, March 23, 2013
35. /etc/glance/glance-registry.conf
connection = mysql://glance:secret0@localhost/glance
[keystone_authtoken]
auth_host = 127.0.0.1
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = glance
admin_password = secret0
[paste_deploy]
flavor = keystone
@woorea
Saturday, March 23, 2013
36. Glance
# glance-manage db_sync +------------------+
| Tables_in_glance |
+------------------+
# mysql -u glance -psecret0 glance | image_locations |
| image_members |
| image_properties |
mysql>show tables; | image_tags
| images
|
|
| migrate_version |
+------------------+
@woorea
Saturday, March 23, 2013
37. Glance
# service glance-api restart
# service glance-registry restart
@woorea
Saturday, March 23, 2013
38. glance image-create
# wget http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img
# glance image-create --name "cirros64"
--is-public true
--container-format bare
--disk-format qcow2
< cirros-0.3.1-x86_64-disk.img
@woorea
Saturday, March 23, 2013
39. glance image-create
# glance image-create (cont.)
+------------------+--------------------------------------+
| Property | Value |
+------------------+--------------------------------------+
| checksum | d972013792949d0d3ba628fbe8685bce |
| container_format | bare |
| created_at | 2013-03-21T15:07:39 |
| deleted | False |
| deleted_at | None |
| disk_format | qcow2 |
| id | 1e6faa46-788f-412d-aa22-78660e78cc00 |
| is_public | True |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros64 |
| owner | 5c525e40f6a14daa8fb0a4e4989dea95 |
| protected | False |
| size | 13147648 |
| status | active |
| updated_at | 2013-03-21T15:07:40 |
+------------------+--------------------------------------+
@woorea
Saturday, March 23, 2013
40. glance index
# glance index
ID Name Disk Format Container Format Size
------------------------------------ ----------- ------------ ----------------- ---------
1e6faa46-788f-412d-aa22-78660e78cc00 cirros64 qcow2 bare 13147648
@woorea
Saturday, March 23, 2013
42. Cinder
# apt-get install cinder-api
cinder-scheduler
cinder-volume
python-cinderclient
@woorea
Saturday, March 23, 2013
43. Block Device
# dd if=/dev/zero of=~/cinder-volumes bs=1 count=0 seek=2G
# losetup -f ~/cinder-volumes
# losetup -a
/dev/loop0: [fc00]:138680 (/root/cinder-volumes)
# pvcreate /dev/loop0
# vgcreate cinder-volumes /dev/loop0
# pvscan
PV /dev/sda5 VG precise64 lvm2 [79.76 GiB / 0 free]
PV /dev/loop0 VG cinder-volumes lvm2 [2.00 GiB / 2.00 GiB free]
Total: 2 [81.75 GiB] / in use: 2 [81.75 GiB] / in no VG: 0 [0 ]
@woorea
Saturday, March 23, 2013
44. # mysql -u root -psecret0
mysql> create database cinder;
mysql> grant all privileges on cinder.* to cinder@"localhost" identified by "secret0";
mysql> exit
@woorea
Saturday, March 23, 2013
45. Cinder
# keystone user-create --name cinder --pass secret0 --email luis@woorea.es
# keystone user-role-add --tenant service --user cinder --role admin
@woorea
Saturday, March 23, 2013
46. Cinder
# keystone service-create --name cinder
--type volume --description "Volume Service"
# keystone endpoint-create --region madrid
--service_id 24580595b4e0438ca9fe165a27d22c0d
--publicurl "http://192.168.0.254:8776/v1/%(tenant_id)s"
--adminurl "http://localhost:8776/v1/%(tenant_id)s"
--internalurl "http://localhost:8776/v1/%(tenant_id)s"
@woorea
Saturday, March 23, 2013
47. /etc/cinder/api-paste.ini
[filter:authtoken]
paste.filter_factory = keystone.middleware.auth_token:filter_factory
auth_host = localhost
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = cinder
admin_password = secret0
@woorea
Saturday, March 23, 2013
48. /etc/cinder/cinder.conf
sql_connection=mysql://cinder:secret0@localhost/cinder
@woorea
Saturday, March 23, 2013
49. Cinder
+-------------------------+
| Tables_in_cinder |
+-------------------------+
| backups |
| iscsi_targets |
# cinder-manage db sync | migrate_version |
| migrations |
| quota_classes |
# mysql -u cinder -psecret0 cinder | quota_usages
| quotas
|
|
| reservations |
mysql>show tables; | services
| sm_backend_config
|
|
| sm_flavors |
| sm_volume |
| snapshot_metadata |
| snapshots |
| volume_glance_metadata |
| volume_metadata |
| volume_type_extra_specs |
| volume_types |
| volumes |
+-------------------------+
@woorea
Saturday, March 23, 2013
50. Cinder
# service cinder-volume restart
# service cinder-scheduler restart
# service cinder-api restart
@woorea
Saturday, March 23, 2013
51. cinder create
# cinder create --display_name woorea_volume 1
+---------------------+--------------------------------------+
| Property | Value |
+---------------------+--------------------------------------+
| attachments | [] |
| availability_zone | nova |
| bootable | false |
| created_at | 2013-03-21T02:42:42.471269 |
| display_description | None |
| display_name | test |
| id | bf928404-877a-408b-b58a-9feb3e3029eb |
| metadata | {} |
| size | 1 |
| snapshot_id | None |
| source_volid | None |
| status | creating |
| volume_type | None |
+---------------------+--------------------------------------+
@woorea
Saturday, March 23, 2013
52. cinder list
# cinder list
+--------------------------------------+-----------+---------------+------+-------------+----------+-------------+
| ID | Status | Display Name | Size | Volume Type | Bootable | Attached to |
+--------------------------------------+-----------+---------------+------+-------------+----------+-------------+
| fbffb280-1324-4790-8b7b-4237ca426486 | available | woorea_volume | 1 | None | false | |
+--------------------------------------+-----------+---------------+------+-------------+----------+-------------+
@woorea
Saturday, March 23, 2013
54. Nova
# apt-get install nova-api
nova-conductor
nova-compute-qemu
nova-scheduler
nova-network
@woorea
Saturday, March 23, 2013
55. Nova
# mysql -u root -psecret0
mysql> create database nova;
mysql> grant all privileges on nova.* to nova@"localhost" identified by "secret0";
mysql> exit
@woorea
Saturday, March 23, 2013
56. Nova
# keystone user-create --name nova --pass secret0 --email luis@woorea.es
# keystone user-role-add --tenant service --user nova --role admin
@woorea
Saturday, March 23, 2013
57. Nova
# keystone service-create --name nova
--type compute --description "Compute Service"
# keystone endpoint-create --region madrid
--service_id 5fa2e4c0d2bf4f7ca13ced7bbf1679f3
--publicurl "http://192.168.0.254:8774/v2/%(tenant_id)s"
--adminurl "http://locahost:8774/v2/%(tenant_id)s"
--internalurl "http://localhost:8774/v2/%(tenant_id)s"
@woorea
Saturday, March 23, 2013
58. /etc/nova/api-paste.ini
[filter:authtoken]
paste.filter_factory = keystone.middleware.auth_token:filter_factory
auth_host = localhost
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = nova
admin_password = secret0
signing_dir = /tmp/keystone-signing-nova
@woorea
Saturday, March 23, 2013
59. /etc/nova/nova.conf
my_ip=127.0.0.1
sql_connection=mysql://nova:secret0@localhost/nova
enabled_apis=osapi_compute,metadata
auth_strategy=keystone
#NETWORKING
public_interface=eth1
vlan_interface=eth2
fixed_range=10.0.0.0/27
network_size=32
@woorea
Saturday, March 23, 2013
60. Nova
+--------------------------------------------+
| Tables_in_nova |
+--------------------------------------------+
# nova-manage db sync | agent_builds
| aggregate_hosts
| aggregate_metadata
|
|
|
| aggregates |
| block_device_mapping |
# mysql -u nova -psecret0 nova
| bw_usage_cache |
| cells |
| certificates |
| compute_node_stats |
| compute_nodes |
| console_pools |
mysql>show tables;
| consoles |
| dns_domains |
| fixed_ips |
| floating_ips |
| instance_actions |
| instance_actions_events |
| instance_faults |
| instance_id_mappings |
| instance_info_caches |
| instance_metadata |
| instance_system_metadata |
| ... |
| task_log |
| virtual_interfaces |
| virtual_storage_arrays |
| volume_id_mappings |
| volume_metadata |
| volume_type_extra_specs |
| volume_types |
| volume_usage_cache |
| volumes |
+--------------------------------------------+
@woorea
Saturday, March 23, 2013
61. Nova
# service nova-api restart
# service nova-conductor restart
# service nova-scheduler restart
# service nova-network restart
# service nova-compute restart
@woorea
Saturday, March 23, 2013
62. Private Network
# nova-manage network create private 10.0.0.0/27
# nova-manage network list
id IPv4 IPv6 start address DNS1 DNS2 VlanID project uuid
1 10.0.0.0/27 None 10.0.0.3 8.8.4.4 None 100 5c52... fd23...
@woorea
Saturday, March 23, 2013
63. Nova
# nova-manage service list
Text
Binary Host Zone Status State Updated_At
nova-scheduler precise64 internal enabled :-) 2013-03-21 15:33:30
nova-network precise64 internal enabled :-) 2013-03-21 15:33:30
nova-conductor precise64 internal enabled :-) 2013-03-21 15:33:30
nova-compute precise64 nova enabled :-) 2013-03-21 15:33:33
@woorea
Saturday, March 23, 2013
64. nova flavor-list
# nova flavor-list
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+-------------+
| ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public | extra_specs |
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+-------------+
| 1 | m1.tiny | 512 | 0 | 0 | | 1 | 1.0 | True | {} |
| 2 | m1.small | 2048 | 20 | 0 | | 1 | 1.0 | True | {} |
| 3 | m1.medium | 4096 | 40 | 0 | | 2 | 1.0 | True | {} |
| 4 | m1.large | 8192 | 80 | 0 | | 4 | 1.0 | True | {} |
| 5 | m1.xlarge | 16384 | 160 | 0 | | 8 | 1.0 | True | {} |
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+-------------+
@woorea
Saturday, March 23, 2013
65. nova image-list
# nova image-list
+--------------------------------------+----------+--------+--------+
| ID | Name | Status | Server |
+--------------------------------------+----------+--------+--------+
| 1e6faa46-788f-412d-aa22-78660e78cc00 | cirros64 | ACTIVE | |
+--------------------------------------+----------+--------+--------+
@woorea
Saturday, March 23, 2013
66. nova boot
# nova boot --image cirros64 --flavor m1.tiny --poll my_cirros
+-------------------------------------+--------------------------------------+
| Property | Value |
+-------------------------------------+--------------------------------------+
| OS-EXT-STS:task_state | scheduling |
| image | cirros64 |
| OS-EXT-STS:vm_state | building |
| OS-EXT-SRV-ATTR:instance_name | instance-00000002 |
| flavor | m1.tiny |
Text
| id | 64985512-2970-440c-b7db-1da74966e4de |
| security_groups | [{u'name': u'default'}] |
| user_id | d370493f461a483ca545617b7dbab448 |
| OS-DCF:diskConfig | MANUAL |
| accessIPv4 | |
| accessIPv6 | |
| progress | 0 |
| OS-EXT-STS:power_state | 0 |
| OS-EXT-AZ:availability_zone | None |
| config_drive | |
| status | BUILD |
| updated | 2013-03-21T15:30:21Z |
| hostId | |
| OS-EXT-SRV-ATTR:host | None |
| key_name | None |
| name | my_cirros |
| adminPass | 6AqDXQaZxUHi |
| tenant_id | 5c525e40f6a14daa8fb0a4e4989dea95 |
| created | 2013-03-21T15:30:21Z |
+-------------------------------------+--------------------------------------+
@woorea
Saturday, March 23, 2013
67. ssh
# ssh cirros@10.0.0.3
Password: cubswin:)
@woorea
Saturday, March 23, 2013
69. Horizon
# apt-get install openstack-dashboard
@woorea
Saturday, March 23, 2013
71. OpenStack Java SDK
Open Source : Apache 2 License
Apache HttpClient / JAX-RS 2.x / JAX-RS 1.x
OpenStack:
keystone nova
swift glance
ceilometer quantum
@woorea
Saturday, March 23, 2013
73. BillingStack
REST API
/merchants /products
/plans /customers
/subscriptions /usage
/invoices /payment-gateways
/transactions /currencies
@woorea
Saturday, March 23, 2013
74. BillingStack
Open Source : Apache 2 Licensed
Polyglota (python / java / groovy)
We are 2 developers
Endre Karlson (python)
Luis Gervaso (java / groovy)
OpenStack Design Summit 2013, Portland
@woorea
Saturday, March 23, 2013