One of the most important features I find with people using DevStack is that they want to be able to SSH into their Virtual Machines Instances easily. In this blog we will show you how to create a VirtualBox DevStack host running Ubuntu 16.04 and have a DevStack install with Networking out of the box.
We are building a system for learning and development and NOT production. The course and demonstrations use VirtualBox to host the DevStack system although there is no reason why you can’t use a physical host. We have assigned the Ubuntu 16.04 VM:
40GB Root partition
A single CPU
1 NIC connected to NAT network and 1 Connected to Host Only
Ensure Ubuntu 16.04 Server is installed using LVM, a guided LVM install is fine. New logical volumes will be created during the install for the volume service, Cinder.
Preparing to for the DevStack Install with Networking
Before we are ready to install OpenStack using the DevStack installer we need to make some changes to our system.We begin by ensuring we have package that will be required by DevStack:
$ sudo apt-get install -y python-systemd
We can then move onto creating a user account that DevStack can use. This is, typically, a user called stack who may use sudo to all commands without a password:
$ sudo useradd -s /bin/bash -d /opt/stack -m stack $ echo “stack ALL=(ALL) NOPASSWD: ALL” | sudo tee /etc/sudoers.d/stack
Note: We cannot use a simple redirection > to populate the sudoers file as, even using sudo, the redirection falls back to the primary user (Real UID). Using sudo and tee overcomes this problem. Please take care that the text is correct as any incorrect syntax in the sudoers files will cause sudo to fail for any user.
With the user account created we can now switch to the stack account. This will also take us through to the HOME directory that we have configured, /opt/stack:
$ sudo su - stack $ pwd $ id $ sudo -l
The final command lists privileges granted to the user via sudo. More permissions will be added by the installation specific to DevStack, however, we need this to get started!
The last task in the preparation of installing DevStack is to clone the GIT repository which houses the installation scripts. We will use the master (default) branch and will get the latest version of OpenStack. Though, it is possible to clone earlier releases, the installation routine becomes more complex. Still working as the stack user within their HOME directory we run the following command. The program git may have to be installed depending on your choices during the build of your server
stack@devstack $ sudo apt-get install -y git stack@devstack $ cd ~ stack@devstack $ git clone https://git.openstack.org/openstack-dev/devstack
This process will download the installation scripts, but should not take long. The subdirectory devstack will be created in /var/stack, our HOME directory.
Create the Answer File
We will create the new answer file /opt/stack/devstack/local.conf:
[[local|localrc]] ADMIN_PASSWORD=Password1 DATABASE_PASSWORD=$ADMIN_PASSWORD RABBIT_PASSWORD=$ADMIN_PASSWORD SERVICE_PASSWORD=$ADMIN_PASSWORD HOST_IP=192.168.56.13 enable_service s-proxy s-object s-container s-account SWIFT_REPLICAS=1 SWIFT_HASH=66a3d6b56c1f479c8b4e70ab5c2000f5 enable_service h-eng h-api h-api-cfn h-api-cw enable_plugin heat git://git.openstack.org/openstack/heat FLOATING_RANGE=192.168.56.224/27 FLAT_INTERFACE=enp0s8
Mainly, we are setting variables that will be sourced by the installation script. The variables are in upper case. There are also some functions that we use and these are in lower case.
The first variables are straight forward enough. Being a demonstration system we are not too careful on the password. This password will be used for the MySQL server root account, the Rabbit Message Queue server, and the service accounts created in OpenStack. On your systems consider the password carefully that you use.
The HOST_IP lets the installer know which address is to be used. This is especially important when more than one interface is on the system, but is always a good idea.
The default install will add in the main OpenStack services, (Nova, Neutron, Cinder, Glance, Horizon, Keystone). For the COA exam we also need Swift, the Object Store and HEAT the orchestration engine.
The FLOATING_RANGE should match your host-only network range in VirtualBox or your physical network. This should represent addresses that are not in use, hence we use the last addresses of the class C network. The FLAT_INTERFACE represents the NIC that is used to connect to that network.
We are left now with the simple matter of starting the install and planning for about 20 minutes, (or 1379 seconds on my lab system), surfing the net whist we wait for it to complete. From the devstack directory:
A successful completion should present you with a summary screen rather than a failed install which will present an error. An abbreviated version of the summary screen is shown below:
This is your host IP address: 192.168.56.13 This is your host IPv6 address: ::1 Horizon is now available at http://192.168.56.13/dashboard Keystone is serving at http://192.168.56.13/identity/ The default users are: admin and demo The password: Password1 .... 2017-11-05 17:51:47.329 | stack.sh completed in 1379 seconds
Launch an Instance from the CLI
One advantage of using the CLI is that it is easier to document the steps needed to complete a task rather than trying to do the same in the GUI. We can also create more accurate results as we can assure we are doing the exact task required. We can launch instances from the GUI or from the CLI. As a quick test to see the system is working we will use the CLI. There is a lot to cover here, almost the complete COA course can be covered in the next few steps. The aim is a quick run through, rather than a full explanation at this stage. We assume that we are still sourcing the openrc file from above. We will see that the answer file has indeed provided a DevStack install with Networking.
1. Adjust the security group with rules to allow pings and SSH
stack@devstack:~$ openstack security group rule create --proto icmp default stack@devstack:~$ openstack security group rule create --proto tcp --dst-port 22 default
2. When we launch an instance we need to clone an image, attach it to a network and use a hardware template (flavor) to size the instance. We can list the options we have using the following commands:
stack@devstack:~$ openstack flavor list stack@devstack:~$ openstack network list stack@devstack:~$ openstack image list
We will also need a security group but we already know that we have the default group to use. So I have not listed the security groups.
3. When it comes to the image we can use the image name as the argument, however, as the version is inbuilt into the name it may change as well as being complex. To extract just the name :
stack@devstack:~$ openstack image list | grep -F cirros | cut -f3 -d ‘|’
4. We want the VM to attach to the private network. We need the Network ID not the Network name. To extract the ID, we can use a simmilar approach:
stack@devstack:~$ openstack network list | grep private | cut -f2 -d ‘|’ | tr -d ‘ ‘
5. We can now create the VM instance, we name the instance vm in this case:
stack@devstack:~$ openstack server create --flavor m1.tiny \ --image $(openstack image list | grep cirros | cut -f3 -d ‘|’) \ --nic net-id=$(openstack network list | grep private | cut -f2 -d ‘|’ | tr -d ‘ ‘) \ --security-group default vm
6. We can leave the process to run for a few seconds and then check the progress:
stack@devstack:~$ openstack server list
7. To connect to the command line of the instance we can use VNC from a browser. Ti extract the URL:
stack@devstack:~$ openstack console url show vm
8. It is also possible to connect to the instance. It is on a private network but we can use NAT to connect to it by assigning it an address on the public network. Record the IP Address issued from the following command:
stack@devstack:~$ openstack floating ip create public
9. We can now assign this address to the instance:
stack@devstack:~$ openstack server add floating ip vm 192.168.56.229 #<IP>
10. We should now be able to ping the instance on the public IP and SSH to it from the DevStack host directly:
stack@devstack:~$ ping <IP> stack@devstack:~$ ssh cirros@<IP> #Password is cubswin:)
11. When we are finished we can remove the instance
stack@devstack:~$ openstack server delete vm
The video follows: