Rolling up your sleeves for OpenStack: How to install services manually

Step 1: Download VirtualBox

Step 2: Download Ubuntu 16.04

Step 3: Create the host VM

1. Open VirtualBox and create a new virtual machine with the following settings:

   Name, type, version	‘Openstack’, ‘Linux’, ‘Ubuntu (64-bit)’
   Memory size	4096 MB
   Hard disk	Create a virtual hard disk now Disk size: 15 GB File type: Virtualbox Machine Disk (VMDK) Storage on physical disk: Dynamically allocated

2. Launch the VM and select ubuntu-16.04.4-server-amd64.iso as boot disk.
3. Follow the on-screen instructions of Ubuntu installation guide.
4. When you have finished the installation process, log-in to your VM to test your username & password. Then shut-down the VM for the next step.

Step 4: Set up OpenStack networking

1. After selecting your VM, go to Settings > Network
   1. Choose NAT for Adapter 1
   2. Enable Adapter2, Adapter3. You can leave these devices as Not attached; to get better control over them and so that you can better see what's happening, we'll configure them from the command line.
2. Boot your VM and log-in.
3. Check your interfaces by running ifconfig -a:As you can see, the interfaces are not set up yet. Note down the HWaddr of all 3 interfaces; we will use these values in the next few steps.
4. Edit the /etc/network/interfaces file with the following contents:

   auto lo
   iface lo inet loopback
   
   auto eth0
   iface eth0 inet dhcp
   
   auto eth1
   iface eth1 inet static
      address 172.30.1.1
      netmask 255.255.255.0
      pre-up ifconfig eth1 hw ether <HWaddr of eth1>
   
   auto eth2
   iface eth2 inet static
      address 192.168.1.1
      netmask 255.255.255.0
      pre-up ifconfig eth2 hw ether <HWaddr of eth2>

5. Create the /etc/udev/rules.d/70-persistent-net.rules file to rename the existing network interfaces from default VirtualBox names to eth0, eth1, and eth2.

   $ sudo touch /etc/udev/rules.d/70-persistent-net.rules

6. Edit the 70-persistent-net.rules file with the following content to rename your interfaces:

   SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="<HWaddr eth0>", ATTR{dev_id}=="0x0", ATTR{type}=="1", NAME="eth0"
   SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="<HWaddr eth1>", ATTR{dev_id}=="0x0", ATTR{type}=="1", NAME="eth1"
   SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="<HWaddr eth2>", ATTR{dev_id}=="0x0", ATTR{type}=="1", NAME="eth2"

   You can get the HWaddr of network devices from the output of ifconfig -a.
7. Reboot your VM and check your interfaces by again running ifconfig -a:

Step 5: Add the Cloud Archive repo

$ sudo apt-get install software-properties-common
$ sudo add-apt-repository cloud-archive:ocata
$ sudo apt-get update

Step 6: Set the time zone to UTC

$ date
Mon Apr 23 13:31:06 PDT 2018
$ timedatectl set-timezone UTC
Password: # You may need to provide password for the VM user
$ date
Mon Apr 23 20:34:21 UTC 2018

Step 7: Install mysql and rabbitmq

1. Install and configure MySQL. Enter a password when prompted; in our example we will use ‘stack’ for the ‘root’ user password. The python-pymysql package is a Python library that enables OpenStack services to make changes to a MySQL database.

   $ sudo apt-get install -y mysql-server python-pymysql
   New password for the MySQL “root” user:
      stack

2. Edit the MySQL configuration file and set the indicated values. Replace the bind-address with its respective value.

   $ vim /etc/mysql/mysql.conf.d/mysqld.cnf
   [mysqld]
   bind-address = <eth0 ip address> 
   collation-server = utf8_general_ci
   character-set-server = utf8
   init-connect= ‘SET NAMES utf8’

3. Restart the MySQL service to load the changes made to the configuration file.

   $ sudo service mysql restart

   1. Secure your MySQL installation with the following command. Because this is just a test environment, you can skip changing the root password for now. Read through the rest of the prompts carefully and select yes for everything else.

      $ sudo mysql_secure_installation
      . . .
      All done!

4. Let’s install RabbitMQ, the message queue service that OpenStack services use to coordinate with one another.

   $ sudo apt-get install -y rabbitmq-server

5. Set a password for the guest account. We like bunny for the password, but you can choose what you would like. (You will frequently reference this password later on in OpenStack configuration files.)

   $ sudo rabbitmqctl change_password guest bunny

6. Allow configuration, write, and read access for the guest user:

   $ sudo rabbitmqctl set_permissions guest ".*" ".*" ".*"

7. By default, the guest user can only connect over the loopback interface. Let’s enable connection over other interfaces (such as eth0). Create a new file, /etc/rabbitmq/rabbitmq.config, and set the following content:

   [{rabbit, [{loopback_users, []}]}].

8. Restart the RabbitMQ service:

   $ sudo service rabbitmq-server restart

Step 8: Deploy the first OpenStack component

1. Create a Keystone database by logging in to MySQL using the root user with its password and running through the provided SQL commands:

   $ sudo mysql -u root -p
   mysql> create database keystone;
   mysql> create user ‘keystoneUser’@’%’ identified by ‘keystonePass’;
   mysql> create user ‘keystoneUser’@’localhost’ identified by ‘keystonePass’
   mysql> grant all on keystone.* to ‘keystoneUser’@’%’ identified by ‘keystonePass’;
   mysql> grant all on keystone.* to ‘keystoneUser’@’localhost’ identified by ‘keystonePass’;
   mysql> flush privileges;
   mysql> exit;

2. You can test database access for the user you just created:

   $ sudo mysql -u keystoneUser -p -e “show databases;”
   Enter password: keystonePass
   +--------------------+
   | Database           |
   +--------------------+
   | information_schema |
   | keystone           |
   +--------------------+

3. Now that the database is set up, let’s install the Keystone package.

   $ sudo apt-get install -y keystone

4. You will need to know the IP addresses of the interfaces you created for your VM. List the interfaces and note the IP’s -- these addresses are unique to your environment for the specified networks.

   $ ip addr
   eth0: … inet 10.0.2.15       # <mgmt IP>
   eth1: … inet 172.30.1.1      # <ext IP>
   eth2: … inet 192.168.1.1     # <pvt IP>

5. Open the Keystone configuration file and make the following changes. Remember the keystoneUser and keystonePass you setup using MySQL commands? This is where you tell Keystone how to connect to the database.

   $ sudo vim /etc/keystone/keystone.conf
   [database]
   connection = mysql+pymysql://keystoneUser:keystonePass@<mgmt IP>/keystone

6. Use the keystone-manage utility to populate the Keystone database:

   $ sudo keystone-manage db_sync

7. Use the keystone-manage utility to initialize the Fernet key repositories:

   $ sudo keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
   $ sudo keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

8. Lastly, use the keystone-manage utility to bootstrap the identity service. Note the admin password we chose here. For your environment you can use a password you feel comfortable with for the admin user:

   $ sudo keystone-manage bootstrap --bootstrap-password admin \
       --bootstrap-admin-url http://<mgmt IP>:35357/v3/ \
       --bootstrap-internal-url http://<mgmt IP>:5000/v3/ \
       --bootstrap-public-url http://<ext IP>:5000/v3/ \
       --bootstrap-region-id RegionOne

9. Check out the database tables that have been created by the keystone-manage utility:

   $ sudo mysql -u keystoneUser -p -e “show databases;”
   ...

10. By default, Keystone uses the Apache HTTP server with mod_wsgi to serve requests on ports 5000 and 35357. We need to make one more small change in the Apache configuration, but everything else will be managed by Keystone. First, figure out your VM’s hostname by running the hostname command. Then open the Apache configuration file and insert the ServerName key at the end of the file, providing your hostname as the value:

    $ hostname
    mylab
    $ sudo vim /etc/apache2/apache2.conf
    ServerName mylab
    $ sudo service apache2 restart

11. Great job! Keystone is now ready to be used.

Step 9: Use the OpenStack client

1. Install the OpenStack command line client. This client allows you to send queries to OpenStack program API’s in a convenient openstack command. For more information on its usage, you can run openstack help after installation:

   $ sudo apt-get install -y python-openstackclient

2. First you need to set environment variables for authentication with Keystone. After you set these once, the rest of the commands will be authenticated using these values as long as you are still in the uninterrupted terminal session. Make sure to replace the OS_PASSWORD with your own password if you changed the admin password during the keystone bootstrap process. Make sure you also insert the management network's IP address.

   $ export OS_USERNAME=admin
   $ export OS_PASSWORD=admin
   $ export OS_PROJECT_NAME=admin
   $ export OS_AUTH_URL=http://<mgmt IP>:35357/v3
   $ export OS_USER_DOMAIN_NAME=Default
   $ export OS_PROJECT_DOMAIN_NAME=Default
   $ export OS_IDENTITY_API_VERSION=3

3. Try out the Identity service OpenStack commands. If any of these commands return an error, check the keystone logs located at /var/log/apache2/ for some hints

   $ openstack user list
   $ openstack project list
   $ openstack role list