1. [Cloud] Openstack - Caracal 구축 개요
2. [Cloud] Openstack - 1-1. Controller Node (Preprocess, Environment, Keystone, Glance) ←
3. [Cloud] Openstack - 1-2. Controller Node (Placement, Nova, Neutron)
4. [Cloud] Openstack - 1-3. Controller Node (Cinder, Swift)
5. [Cloud] Openstack - 1-4. Controller Node (Horizon)
6. [Cloud] Openstack - 2. Compute Node
7. [Cloud] Openstack - 3. Block Node
8. [Cloud] Openstack - 4. Horizon Dashboard Console 개선
Preprocess
vi /etc/hosts
127.0.0.1 localhost
#127.0.1.1 controller-virtual-machine
192.168.2.10 controller
192.168.2.20 compute1
192.168.2.10 compute2
192.168.2.30 compute3
192.168.2.30 block
192.168.2.30 swiftNetwork Setting
- NetworkManager 내리기
sudo /etc/init.d/network-manager stop
sudo update-rc.d -f NetworkManager remove- netplan 설정
vi /etc/netplan/01-network-manager-all.yaml# Let NetworkManager manage all devices on this system
network:
ethernets:
ens33:
addresses:
- 192.168.2.10/24
nameservers:
addresses: [8.8.8.8,8.8.4.4]
routes:
- to: default
via: 192.168.2.1
ens34:
dhcp4: false
version: 2netplan apply
Environment
Environment — Installation Guide documentation
Environment This section explains how to configure the controller node and one compute node using the example architecture. Although most environments include Identity, Image service, Compute, at least one networking service, and the Dashboard, the Object
docs.openstack.org
NTP
- Install the packages
apt install chrony- vi /etc/chrony/chrony.conf
server time.bora.net iburst
server ntp2.kornet.net iburst
server 1.kr.pool.ntp.org iburst
allow 192.168.2.0/24- Restart the NTP service
service chrony restartOpenstack packages for Ubuntu
- Openstack 2024.1 caracal for Ubuntu 22.04 LTS
add-apt-repository cloud-archive:caracal- Client Installation
apt install python3-openstackclientSQL database
- Install the packages
apt install mariadb-server python3-pymysql- /etc/mysql/mariadb.conf.d/99-openstack.cnf
[mysqld]
bind-address = 192.168.2.10
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8- Restart the database service
service mysql restartMessage queue
- Install the package
apt install rabbitmq-server- Add the openstack user
rabbitmqctl add_user openstack RABBIT_PASS
Creating user "openstack" ...- Permit configuration, write, and read access for the openstack user
rabbitmqctl set_permissions openstack ".*" ".*" ".*"
Setting permissions for user "openstack" in vhost "/" ...Memcached
- Install the packages
apt install memcached python3-memcache- vi /etc/memcached.conf
-l 192.168.2.10- Restart the Memcached service
service memcached restartEtcd
- Install the etcd package
apt install etcd- vi /etc/default/etcd
ETCD_NAME="controller"
ETCD_DATA_DIR="/var/lib/etcd"
ETCD_INITIAL_CLUSTER_STATE="new"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"
ETCD_INITIAL_CLUSTER="controller=http://192.168.2.10:2380"
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://192.168.2.10:2380"
ETCD_ADVERTISE_CLIENT_URLS="http://192.168.2.10:2379"
ETCD_LISTEN_PEER_URLS="http://0.0.0.0:2380"
ETCD_LISTEN_CLIENT_URLS="http://192.168.2.10:2379"- Enable and restart the etcd service
systemctl enable etcd
systemctl restart etcd
Keystone (Identity)
Keystone Installation Tutorial for Ubuntu — keystone 24.0.1.dev17 documentation
This guide will walk through an installation by using packages available through Canonical’s Ubuntu Cloud archive repository for Ubuntu 16.04 (LTS). Explanations of configuration options and sample configuration files are included. Warning This guide is
docs.openstack.org
Prerequisites
- Run the following command to install the packages
apt install keystone- vi /etc/keystone/keystone.conf
[database]
# ...
connection = mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone
[token]
# ...
provider = fernet- Populate the Identity service database
su -s /bin/sh -c "keystone-manage db_sync" keystone- Initialize Fernet key repositories
Initialize Fernet key repositories- Bootstrap the Identity service
keystone-manage bootstrap --bootstrap-password ADMIN_PASS \
--bootstrap-admin-url http://controller:5000/v3/ \
--bootstrap-internal-url http://controller:5000/v3/ \
--bootstrap-public-url http://controller:5000/v3/ \
--bootstrap-region-id RegionOneConfigure the Apache HTTP server
- vi /etc/apache2/apache2.conf
ServerName controllerFinalize the installation
- Restart the Apache service
service apache2 restart- Configure the administrative account by setting the proper environmental variables
export OS_USERNAME=admin
export OS_PASSWORD=ADMIN_PASS
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3Verify operation
- Unset the temporary OS_AUTH_URL and OS_PASSWORD environment variable
unset OS_AUTH_URL OS_PASSWORD- As the admin user, request an authentication token
openstack --os-auth-url http://controller:5000/v3 \
--os-project-domain-name Default --os-user-domain-name Default \
--os-project-name admin --os-username admin token issue
Password: ADMIN_PASS
+------------+-----------------------------------------------------------------+
| Field | Value |
+------------+-----------------------------------------------------------------+
| expires | 2016-02-12T20:14:07.056119Z |
| id | gAAAAABWvi7_B8kKQD9wdXac8MoZiQldmjEO643d-e_j-XXq9AmIegIbA7UHGPv |
| | atnN21qtOMjCFWX7BReJEQnVOAj3nclRQgAYRsfSU_MrsuWb4EDtnjU7HEpoBb4 |
| | o6ozsA_NmFWEpLeKy0uNn_WeKbAhYygrsmQGA49dclHVnz-OMVLiyM9ws |
| project_id | 343d245e850143a096806dfaefa9afdc |
| user_id | ac3377633149401296f6c0d92d79dc16 |
+------------+-----------------------------------------------------------------+*서비스 프로젝트 생성
openstack project create --domain default --description "Service Project" service
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | Service Project |
| domain_id | default |
| enabled | True |
| id | cb5edfabf25748029ab7e14ecd8c9b33 |
| is_domain | False |
| name | service |
| options | {} |
| parent_id | default |
| tags | [] |
+-------------+----------------------------------+Create Openstack client environment scripts
vi admin-openrcexport OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=ADMIN_PASS
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2- 부팅 시 자동 실행
# 부팅시 자동 실행
vi /root/.bashrc#...
. /home/controller/Desktop/admin-openrc. admin-openrc
openstack token issue
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| expires | 2024-03-27T12:38:54+0000 |
| id | gAAAAABmBAVOwJoCJhznfmSLrdtKhVVrZRmEA9iDZF46D4OpGFYmKxbYvJbcVcQNW8wSsurYA3j2_aY50fKGsxcSbzYH6zJFICqlAGqx0XExt4U5mHDkRVLSke7A7w_jEcvLdqA1x8YVoA99GWmdp6uSIQrzJYh3s9J1zSwDSweC6GfNAzhinmU |
| project_id | defd63bc05e04bbe873dae459677109d |
| user_id | 5ea0e7cbb2f748e8a542c4c4e64b1950 |
+------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
Glance (Image)
Install and configure (Ubuntu) — glance 27.1.1.dev7 documentation
Install and configure (Ubuntu) This section describes how to install and configure the Image service, code-named glance, on the controller node. For simplicity, this configuration stores images on the local file system. Prerequisites Before you install and
docs.openstack.org
Prerequisites
mysql
MariaDB [(none)]> CREATE DATABASE glance;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'GLANCE_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'GLANCE_DBPASS';- Create the glance user
openstack user create --domain default --password-prompt glance
User Password: GLANCE_PASS
Repeat User Password: GLANCE_PASS
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 3f4e777c4062483ab8d9edd7dff829df |
| name | glance |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+- Add the admin role to the glance user and service project
openstack role add --project service --user glance admin- Create the glance service entity
openstack service create --name glance --description "OpenStack Image" image
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Image |
| enabled | True |
| id | 8c2c7f1b9b5049ea9e63757b5533e6d2 |
| name | glance |
| type | image |
+-------------+----------------------------------+- Create the Image service API endpoints
openstack endpoint create --region RegionOne image public http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 340be3625e9b4239a6415d034e98aace |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 8c2c7f1b9b5049ea9e63757b5533e6d2 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
openstack endpoint create --region RegionOne image internal http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | a6e4b153c2ae4c919eccfdbb7dceb5d2 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 8c2c7f1b9b5049ea9e63757b5533e6d2 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+
openstack endpoint create --region RegionOne image admin http://controller:9292
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 0c37ed58103f4300a84ff125a539032d |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 8c2c7f1b9b5049ea9e63757b5533e6d2 |
| service_name | glance |
| service_type | image |
| url | http://controller:9292 |
+--------------+----------------------------------+Image service API endpoins 중에 'openstack endpoint create --region RegionOne image public http://controller:9292' 명령어를 입력했을 때, 나오는 id는 꼭 기억하길 바란다. *여기서는 340be3625e9b4239a6415d034e98aace 이다.
Install and configure components
- Install the packages
apt install glance- vi /etc/glance/glance-api.conf
[database]
# ...
connection = mysql+pymysql://glance:GLANCE_DBPASS@controller/glance
[keystone_authtoken]
# ...
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = GLANCE_PASS
[paste_deploy]
# ...
flavor = keystone
[glance_store]
# ...
default_backend = fs
[fs]
filesystem_store_datadir = /var/lib/glance/images/
[oslo_limit]
auth_url = http://controller:5000
auth_type = password
user_domain_id = default
username = glance
system_scope = all
password = GLANCE_PASS
endpoint_id = 340be3625e9b4239a6415d034e98aace
region_name = RegionOne아까 위에서 기억했던 endpoint id를 [oslo_limit]의 endpoint_id에 입력하면 된다.
- Populate the Image service database
su -s /bin/sh -c "glance-manage db_sync" glanceFinalize installation
- Restart the Image services
service glance-api restartVerify operation
- Download the source image
wget http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img- Upload the image to the Image service using the QCOW2 disk format, bare container format, and public visibility so all projects can access it
glance image-create --name "cirros" \
--file cirros-0.4.0-x86_64-disk.img \
--disk-format qcow2 --container-format bare \
--visibility=public
+------------------+------------------------------------------------------+
| Field | Value |
+------------------+------------------------------------------------------+
| checksum | 133eae9fb1c98f45894a4e60d8736619 |
| container_format | bare |
| created_at | 2015-03-26T16:52:10Z |
| disk_format | qcow2 |
| file | /v2/images/cc5c6982-4910-471e-b864-1098015901b5/file |
| id | cc5c6982-4910-471e-b864-1098015901b5 |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros |
| owner | ae7a98326b9c455588edd2656d723b9d |
| protected | False |
| schema | /v2/schemas/image |
| size | 13200896 |
| status | active |
| tags | |
| updated_at | 2015-03-26T16:52:10Z |
| virtual_size | None |
| visibility | public |
+------------------+------------------------------------------------------+- Confirm upload of the image and validate attributes
glance image-list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| 38047887-61a7-41ea-9b49-27987d5e8bb9 | cirros | active |
+--------------------------------------+--------+--------+
